Summary


Solving the problem is simply updating form.php at line 2079:

//$node = $source->addChild($new->getName(), trim($new));
$node = $source->addChild($new->getName(), htmlspecialchars(trim($new)));
Opened On:
2 Mar 2014, 4:28 by James Shaver
Closed On:
5 Jul 2014, 13:26
Status:
Unable to Confirm

Filed Under

  • Apache 2.2.x
  • CMS Libraries
  • Firefox Other
  • MySQL 5.1.x
  • No Platform Implications
  • PHP 5.3.x

Responses

Posted on 3 Mar 2014, 8:48 by Denise McLaurin

But you wouldn't have a single ampersand character in your XML doc as that is an illegal character.  So this is a non-issue.
Posted on 3 Mar 2014, 10:59 by James Shaver

The ticket form stripped my actual list of any code, so it didn't show that I actually submitted '&':

 

<field
    name="country"
    type="list"
    default=""
    label="PLG_USER_PROFILE_FIELD_COUNTRY_LABEL"
    description="PLG_USER_PROFILE_FIELD_COUNTRY_DESC">
    <option value="US">United States</option>
    <option value="AG">Antigua &amp; Barbuda</option>
</field>
Posted on 9 May 2014, 17:15 by James Shaver

Updated to Joomla! 3.3, and this issue has resurfaced.

Solving the problem is simply updating form.php at the new line 2119:

//$node = $source->addChild($new->getName(), trim($new));
$node = $source->addChild($new->getName(), htmlspecialchars(trim($new)));
Posted on 5 Jul 2014, 13:26 by Valentin Despa

Thank you for your report. I have not been able to confirm this issue in 3.3.1. I am marking this as "Unable to confirm". If the problem still persists, please get back with more details on how to replicate this.

Anyway, consider using language files. It should keep you out of problems.

The issue can always be re-opened if further information is provided as requested.
Posted on 25 Sep 2014, 2:25 by James Shaver

Updated to Joomla! 3.3.4, and this issue has resurfaced.

I took your advise, and using language files has taken care of the issue.  However, I disagree that this should be the preferred method.  Feel free to review my profile.xml, and let me know if I'm missing anything in the country list.
Posted on 25 Sep 2014, 3:37 by Brian Teeman

NOTE: JoomlaCode is no longer our source for tracking issues or feature requests.  Please use the NEW improved Joomla! Issue Tracker .