fix(field): avoid html entitization of accented chars

btry · btry · commit a973f7b9c410 · 2017-11-15T09:51:15.000+01:00
diff --git a/inc/fields/checkboxesfield.class.php b/inc/fields/checkboxesfield.class.php
@@ -109,12 +109,10 @@ public function prepareQuestionInputForSave($input) {
             return [];
          } else {
             $input['values'] = $this->trimValue($input['values']);
-            $input['values'] = addslashes($input['values']);
          }
       }
       if (isset($input['default_values'])) {
          $input['default_values'] = $this->trimValue($input['default_values']);
-         $input['default_values'] = addslashes($input['default_values']);
       }
       return $input;
    }
diff --git a/inc/fields/multiselectfield.class.php b/inc/fields/multiselectfield.class.php
@@ -37,7 +37,7 @@ public function displayField($canEdit = true) {
       } else {
          $answer = $this->getAnswer();
          echo '<div class="form_field">';
-         echo empty($answer) ? '' : implode('<br />', json_decode($answer));
+         echo empty($answer) ? '' : implode('<br />', $answer);
          echo '</div>';
       }
    }
@@ -64,7 +64,7 @@ public function getAnswer() {
             $return[] = $value;
          }
       }
-      return json_encode($return);
+      return $return;
    }
 
    public static function getName() {
diff --git a/inc/fields/radiosfield.class.php b/inc/fields/radiosfield.class.php
@@ -57,13 +57,11 @@ public function prepareQuestionInputForSave($input) {
          } else {
             // trim values
             $input['values'] = $this->trimValue($input['values']);
-            $input['values'] = addslashes($input['values']);
          }
       }
       if (isset($input['default_values'])) {
          // trim values
          $input['default_values'] = $this->trimValue($input['default_values']);
-         $input['default_values'] = addslashes($input['default_values']);
       }
       return $input;
    }
diff --git a/inc/fields/selectfield.class.php b/inc/fields/selectfield.class.php
@@ -63,13 +63,11 @@ public function prepareQuestionInputForSave($input) {
          } else {
             // trim values
             $input['values'] = $this->trimValue($input['values']);
-            $input['values'] = addslashes($input['values']);
          }
       }
       if (isset($input['default_values'])) {
          // trim values
          $input['default_values'] = $this->trimValue($input['default_values']);
-         $input['default_values'] = addslashes($input['default_values']);
       }
       return $input;
    }
diff --git a/inc/question.class.php b/inc/question.class.php
@@ -352,10 +352,19 @@ public function prepareInputForUpdate($input) {
       }
 
       // Decode (if already encoded) and encode strings to avoid problems with quotes
+      // The if() {} structures here will grow until the call to plugin_formcreator_encode
+      // becomes obsolete
       foreach ($input as $key => $value) {
          if ($input['fieldtype'] != 'dropdown'
-             || $input['fieldtype'] != 'dropdown' && $key != 'values') {
-            $input[$key] = plugin_formcreator_encode($value);
+             || $input['fieldtype'] != 'dropdown' && $key != 'values' && $key != 'default_values') {
+            if (!($input['fieldtype'] == 'select' && ($key == 'values' || $key == 'default_values'))
+                && !($input['fieldtype'] == 'checkboxes' && ($key == 'values' || $key == 'default_values'))
+                && !($input['fieldtype'] == 'radios' && ($key == 'values' || $key == 'default_values'))
+                && !($input['fieldtype'] == 'multiselect' && ($key == 'values' || $key == 'default_values'))) {
+               $input[$key] = plugin_formcreator_encode($value);
+            } else {
+               $input[$key] = str_replace('\r\n', "\r\n", $input[$key]);
+            }
          }
       }
 
diff --git a/tests/0005_Unit/CheckboxesFieldTest.php b/tests/0005_Unit/CheckboxesFieldTest.php
@@ -1,5 +1,5 @@
 <?php
-class CheckboxFieldTest extends SuperAdminTestCase {
+class CheckboxesFieldTest extends SuperAdminTestCase {
 
    public function provider() {
 
@@ -138,4 +138,45 @@ public function testFieldIsValid($fields, $data, $expectedValue, $expectedValidi
       $isValid = $fieldInstance->isValid($values);
       $this->assertEquals($expectedValidity, $isValid);
    }
+
+   public function testPrepareInputForSave() {
+      $fields = array(
+         'fieldtype'       => 'checkboxes',
+         'name'            => 'question',
+         'required'        => '0',
+         'default_values'  => "1\r\n2\r\n3\r\n5\r\n6",
+         'values'          => "1\r\n2\r\n3\r\n4\r\n5\r\n6",
+         'order'           => '1',
+         'show_rule'       => 'always',
+         'range_min'       => 3,
+         'range_max'       => 4,
+      );
+      $fieldInstance = new PluginFormcreatorCheckboxesField($fields);
+
+      // Test a value is mandatory
+      $input = [
+         'values'          => "",
+         'name'            => 'foo',
+      ];
+      $out = $fieldInstance->prepareQuestionInputForSave($input);
+      $this->assertEquals(0, count($out));
+
+      // Test accented chars are kept
+      $input = [
+         'values'          => "éè\r\nsomething else",
+         'default_values'  => "éè",
+      ];
+      $out = $fieldInstance->prepareQuestionInputForSave($input);
+      $this->assertEquals("éè\r\nsomething else", $out['values']);
+      $this->assertEquals("éè", $out['default_values']);
+
+      // Test values are trimmed
+      $input = [
+         'values'          => ' something \r\n  something else  ',
+         'default_values'  => " something      ",
+      ];
+      $out = $fieldInstance->prepareQuestionInputForSave($input);
+      $this->assertEquals('something\r\nsomething else', $out['values']);
+      $this->assertEquals("something", $out['default_values']);
+   }
 }
diff --git a/tests/0005_Unit/MultiselectFieldTest.php b/tests/0005_Unit/MultiselectFieldTest.php
@@ -130,4 +130,44 @@ public function testFieldIsValid($fields, $data, $expectedValue, $expectedValidi
       $this->assertEquals($expectedValidity, $isValid);
    }
 
+   public function testPrepareInputForSave() {
+      $fields = array(
+         'fieldtype'       => 'multiselect',
+         'name'            => 'question',
+         'required'        => '0',
+         'default_values'  => "1\r\n2\r\n3\r\n5\r\n6",
+         'values'          => "1\r\n2\r\n3\r\n4\r\n5\r\n6",
+         'order'           => '1',
+         'show_rule'       => 'always',
+         'range_min'       => 3,
+         'range_max'       => 4,
+      );
+      $fieldInstance = new PluginFormcreatorMultiselectField($fields);
+
+      // Test a value is mandatory
+      $input = [
+         'values'          => "",
+         'name'            => 'foo',
+      ];
+      $out = $fieldInstance->prepareQuestionInputForSave($input);
+      $this->assertEquals(0, count($out));
+
+      // Test accented chars are kept
+      $input = [
+         'values'          => "éè\r\nsomething else",
+         'default_values'  => "éè",
+      ];
+      $out = $fieldInstance->prepareQuestionInputForSave($input);
+      $this->assertEquals("éè\r\nsomething else", $out['values']);
+      $this->assertEquals("éè", $out['default_values']);
+
+      // Test values are trimmed
+      $input = [
+         'values'          => ' something \r\n  something else  ',
+         'default_values'  => " something      ",
+      ];
+      $out = $fieldInstance->prepareQuestionInputForSave($input);
+      $this->assertEquals('something\r\nsomething else', $out['values']);
+      $this->assertEquals("something", $out['default_values']);
+   }
 }
diff --git a/tests/0005_Unit/RadiosFieldTest.php b/tests/0005_Unit/RadiosFieldTest.php
@@ -0,0 +1,43 @@
+<?php
+class RadiossFieldTest extends SuperAdminTestCase {
+   public function testPrepareInputForSave() {
+      $fields = array(
+         'fieldtype'       => 'radios',
+         'name'            => 'question',
+         'required'        => '0',
+         'default_values'  => "1\r\n2\r\n3\r\n5\r\n6",
+         'values'          => "1\r\n2\r\n3\r\n4\r\n5\r\n6",
+         'order'           => '1',
+         'show_rule'       => 'always',
+         'range_min'       => 3,
+         'range_max'       => 4,
+      );
+      $fieldInstance = new PluginFormcreatorRadiosField($fields);
+
+      // Test a value is mandatory
+      $input = [
+         'values'          => "",
+         'name'            => 'foo',
+      ];
+      $out = $fieldInstance->prepareQuestionInputForSave($input);
+      $this->assertEquals(0, count($out));
+
+      // Test accented chars are kept
+      $input = [
+         'values'          => "éè\r\nsomething else",
+         'default_values'  => "éè",
+      ];
+      $out = $fieldInstance->prepareQuestionInputForSave($input);
+      $this->assertEquals("éè\r\nsomething else", $out['values']);
+      $this->assertEquals("éè", $out['default_values']);
+
+      // Test values are trimmed
+      $input = [
+         'values'          => ' something \r\n  something else  ',
+         'default_values'  => " something      ",
+      ];
+      $out = $fieldInstance->prepareQuestionInputForSave($input);
+      $this->assertEquals('something\r\nsomething else', $out['values']);
+      $this->assertEquals("something", $out['default_values']);
+   }
+}
diff --git a/tests/0005_Unit/SelectFieldTest.php b/tests/0005_Unit/SelectFieldTest.php
@@ -120,4 +120,44 @@ public function testFieldIsValid($fields, $data, $expectedValue, $expectedValidi
       $this->assertEquals($expectedValidity, $isValid);
    }
 
+   public function testPrepareInputForSave() {
+      $fields = array(
+         'fieldtype'       => 'select',
+         'name'            => 'question',
+         'required'        => '0',
+         'default_values'  => "1\r\n2\r\n3\r\n5\r\n6",
+         'values'          => "1\r\n2\r\n3\r\n4\r\n5\r\n6",
+         'order'           => '1',
+         'show_rule'       => 'always',
+         'range_min'       => 3,
+         'range_max'       => 4,
+      );
+      $fieldInstance = new PluginFormcreatorSelectField($fields);
+
+      // Test a value is mandatory
+      $input = [
+         'values'          => "",
+         'name'            => 'foo',
+      ];
+      $out = $fieldInstance->prepareQuestionInputForSave($input);
+      $this->assertEquals(0, count($out));
+
+      // Test accented chars are kept
+      $input = [
+         'values'          => "éè\r\nsomething else",
+         'default_values'  => "éè",
+      ];
+      $out = $fieldInstance->prepareQuestionInputForSave($input);
+      $this->assertEquals("éè\r\nsomething else", $out['values']);
+      $this->assertEquals("éè", $out['default_values']);
+
+      // Test values are trimmed
+      $input = [
+         'values'          => ' something \r\n  something else  ',
+         'default_values'  => " something      ",
+      ];
+      $out = $fieldInstance->prepareQuestionInputForSave($input);
+      $this->assertEquals('something\r\nsomething else', $out['values']);
+      $this->assertEquals("something", $out['default_values']);
+   }
 }

Original file line number	Diff line number	Diff line change
`@@ -109,12 +109,10 @@ public function prepareQuestionInputForSave($input) {`
`109`	`109`	`return [];`
`110`	`110`	`} else {`
`111`	`111`	`$input['values'] = $this->trimValue($input['values']);`
`112`		`- $input['values'] = addslashes($input['values']);`
`113`	`112`	`}`
`114`	`113`	`}`
`115`	`114`	`if (isset($input['default_values'])) {`
`116`	`115`	`$input['default_values'] = $this->trimValue($input['default_values']);`
`117`		`- $input['default_values'] = addslashes($input['default_values']);`
`118`	`116`	`}`
`119`	`117`	`return $input;`
`120`	`118`	`}`
Original file line number	Diff line number	Diff line change
`@@ -37,7 +37,7 @@ public function displayField($canEdit = true) {`
`37`	`37`	`} else {`
`38`	`38`	`$answer = $this->getAnswer();`
`39`	`39`	`echo '<div class="form_field">';`
`40`		`- echo empty($answer) ? '' : implode('<br />', json_decode($answer));`
	`40`	`+ echo empty($answer) ? '' : implode('<br />', $answer);`
`41`	`41`	`echo '</div>';`
`42`	`42`	`}`
`43`	`43`	`}`
`@@ -64,7 +64,7 @@ public function getAnswer() {`
`64`	`64`	`$return[] = $value;`
`65`	`65`	`}`
`66`	`66`	`}`
`67`		`- return json_encode($return);`
	`67`	`+ return $return;`
`68`	`68`	`}`
`69`	`69`
`70`	`70`	`public static function getName() {`
Original file line number	Diff line number	Diff line change
`@@ -57,13 +57,11 @@ public function prepareQuestionInputForSave($input) {`
`57`	`57`	`} else {`
`58`	`58`	`// trim values`
`59`	`59`	`$input['values'] = $this->trimValue($input['values']);`
`60`		`- $input['values'] = addslashes($input['values']);`
`61`	`60`	`}`
`62`	`61`	`}`
`63`	`62`	`if (isset($input['default_values'])) {`
`64`	`63`	`// trim values`
`65`	`64`	`$input['default_values'] = $this->trimValue($input['default_values']);`
`66`		`- $input['default_values'] = addslashes($input['default_values']);`
`67`	`65`	`}`
`68`	`66`	`return $input;`
`69`	`67`	`}`
Original file line number	Diff line number	Diff line change
`@@ -63,13 +63,11 @@ public function prepareQuestionInputForSave($input) {`
`63`	`63`	`} else {`
`64`	`64`	`// trim values`
`65`	`65`	`$input['values'] = $this->trimValue($input['values']);`
`66`		`- $input['values'] = addslashes($input['values']);`
`67`	`66`	`}`
`68`	`67`	`}`
`69`	`68`	`if (isset($input['default_values'])) {`
`70`	`69`	`// trim values`
`71`	`70`	`$input['default_values'] = $this->trimValue($input['default_values']);`
`72`		`- $input['default_values'] = addslashes($input['default_values']);`
`73`	`71`	`}`
`74`	`72`	`return $input;`
`75`	`73`	`}`