The %-placeholder already check_plains content by default, so there is no need to explicitly check_plain() the value in commerce_price_field_validate() (doing so will cause double-escaping).

$errors[$field['field_name']][$langcode][$delta][] = array(
  'error' => 'price_numeric', 
  'message' => t('%name: you must enter a numeric value for the price.', array('%name' => check_plain($instance['label']))),
);
CommentFileSizeAuthor
redundant-check-plain-price-validation.patch745 bytesmr.baileys

Comments

rszrama’s picture

rszrama commented
Status: Needs review » Fixed

Indeed! This appears to be the only place in the code where this mistake occurs, but feel free to post another patch if you turn more up. Committed. : )

Status: Fixed » Closed (fixed)

Automatically closed -- issue fixed for 2 weeks with no activity.