Line 589:

<?php
      $options['attributes']['title'] = $alt;
?>

should be replaced by:

<?php
      $options['attributes']['title'] = html_entity_decode($alt, ENT_QUOTES);
?>
CommentFileSizeAuthor
#6 769458-decode-alt-text.patch1.64 KBmerlinofchaos
#5 handlers_views_handler_field_inc_6_x_2_11.patch641 bytesanrikun

Comments

anrikun’s picture

anrikun commented
Status: Active » Needs review
dawehner’s picture

dawehner
Primary language German
commented
Status: Needs review » Needs work

Please provide a patch

merlinofchaos’s picture

merlinofchaos commented

Also reproduction instructions would be valuable so we can confirm both 1) the bug and 2) the fix.

anrikun’s picture

anrikun commented
Title: views_handler_field.inc - Render as link - "alt" parameter is double escaped » Provide a way to use raw values of token too
Category: bug » feature
Status: Needs work » Active

Sorry, this is more complicated than I thought and this is not a bug.

This issue happens when using [tokens] inside the "alt" field.
If the value of the token is already safe (escaped) then it will be escaped once more inside the "alt" value.
So I would need to use the raw value of the token but it isn't provided.
For instance, in addition to the [title] token, the [title-raw] token should be provided too.

Turning this into a feature request.

anrikun’s picture

anrikun commented
Version: 6.x-2.10 » 6.x-2.11
Status: Active » Needs review
StatusFileSize
new handlers_views_handler_field_inc_6_x_2_11.patch641 bytes

Here is a simple patch that applies to 6.x-2.11 to add this feature:
it allows to use the raw values of fields as tokens.
For instance, when you want to display an Alt text avoiding text to be escaped twice, you can now add the -raw suffix to the token name:

Read more about "[title-raw]".

Instead of:

Read more about "[title]".
merlinofchaos’s picture

merlinofchaos commented
Status: Needs review » Fixed
StatusFileSize
new 769458-decode-alt-text.patch1.64 KB

Actually, now that I understand this a little better, I think the first one is more accurate. The only problem was that without an explanation of what was happening, it took some investigation to decipher what you meant.

I was worried about double quotes causing problems, but l() seems to already be safe with these fields so we can safely do the decode where you put it.

Committed to all branches. Actual patch committed attached.

Status: Fixed » Closed (fixed)

Automatically closed -- issue fixed for 2 weeks with no activity.

iamjon’s picture

iamjon commented

marked #946324: &amp and &quot in Alt Field of Replacement patterns as duplicate