Hi,

Username is encoded twice in theming function because l() also processes link text through check_plain():

function theme_twitter_username_formatter_twitter_username_link($vars) {
  $twitter_username = check_plain($vars['element']['twitter_username']);
  return l("@" . $twitter_username, 'http://twitter.com/' . $twitter_username);
}

Code should be changed to:

function theme_twitter_username_formatter_twitter_username_link($vars) {
  $twitter_username = $vars['element']['twitter_username'];
  return l("@" . $twitter_username, 'http://twitter.com/' . $twitter_username);
}

Regards,

Martin

Comments

mduvergey created an issue. See original summary.

  • opi committed 33d3e91 on 7.x-1.x 
    Issue #2886027: Username is encoded twice in theming function
opi’s picture

opi
Primary language French
commented
Status: Active » Fixed

Thanks, commited !

mduvergey’s picture

mduvergey commented
Version: 7.x-1.5 » 7.x-1.6
Status: Fixed » Active

Hi,

The fix include the following code in function theme_twitter_username_formatter_twitter_username_follow_button():

$follow_button = array(
    '#theme' => 'link',
    '#text' => "@" . $twitter_username,
    '#path' => 'https://twitter.com/' . check_plain($twitter_username),
    '#options' => array(
      'attributes' => array(
        'class' => array('twitter-follow-button'),
        'data-lang' => $language->language,
        'data-show-count' => $vars['settings']['data_show_count'],
        'data-show-screen-name' => $vars['settings']['data_show_screen_name'],
        'data-dnt' => $vars['settings']['data_dnt'],
        'data-width' => $vars['settings']['data_width'],
        'data-align' => $vars['settings']['data_align'],
        'data-size' => $vars['settings']['data_size'],
      ),
      'html' => FALSE,
    ),
    '#attached' => array(
      'js' => array(
        $follow_button_js => array(
          'type' => 'inline',
          'scope' => 'footer',
        ),
      ),
    ),
  );

The problem is function theme_link() also applies check_plain() to #path (html key of #options is set to FALSE).

So it looks like double encoding is happening again.

Regards,

Martin

  • opi committed ef5dff3 on 7.x-1.x 
    Issue #2886027: Username is encoded twice in theming function
opi’s picture

opi
Primary language French
commented

So it looks like double encoding is happening again.

damn ! Fixed and commited, this time I'll wait before creating a new release ! Thanks