Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-62307

Special characters not decoded in feedback edition

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 3.1.9, 3.4.2, 3.5.1, 3.5.5, 3.6.3
    • Fix Version/s: 3.5.6, 3.6.4
    • Component/s: Feedback
    • Labels:
    • Testing Instructions:
      Hide
      1. Log in as an admin or a teacher in a course.
      2. Create a feedback activity in a course.
      3. Under "Question and submission settings", set the following values:
        Record user names User's name will be logged and shown with answers
        Allow multiple submissions Yes
      4. Add a short text answer question.
      5. As a student, fill in the feedback (adding, at least, the following characters: ' &  " < and >) and submit.
      6. Go back to the course.
      7. As a student, click the "Answer the questions" button again, to edit your responses.
      8. Confirm - Special characters appear properly.
      Show
      Log in as an admin or a teacher in a course. Create a feedback activity in a course. Under " Question and submission settings ", set the following values: Record user names User's name will be logged and shown with answers Allow multiple submissions Yes Add a short text answer question. As a student, fill in the feedback (adding, at least, the following characters: ' &  " < and >) and submit. Go back to the course. As a student, click the "Answer the questions" button again, to edit your responses. Confirm  - Special characters appear properly.
    • Difficulty:
      Easy
    • Affected Branches:
      MOODLE_31_STABLE, MOODLE_34_STABLE, MOODLE_35_STABLE, MOODLE_36_STABLE
    • Fixed Branches:
      MOODLE_35_STABLE, MOODLE_36_STABLE
    • Pull 3.5 Branch:
      MDL-62307_MOODLE_35_STABLE
    • Pull 3.6 Branch:
      MDL-62307_MOODLE_36_STABLE
    • Pull Master Branch:
      MDL-62307_master

      Description

      The special characters (quotes, amps) are not HTML decoded, when they are displayed as initial values in a feedback form.

      Steps te reproduce:

      • Create a course
      • Insert a feedback module, and configure it to record "User's name will be logged and shown with answers" and "Allow multiple submissions".
      • As a student, fill in the feedback (adding ' & ) and submit
      • Go back to the course
      • As student, click the "Answer the questions" button again, to edit your responses.
      • => You see html encoded characters

       

      Here's a suggested fix:

      /mod/feedback/classes/complete_form.php:319

      $this->_form->setDefault($element->getName(), htmlspecialchars_decode($tmpvalue, ENT_QUOTES));
      

      Affects versions 3.4.2 and 3.1.9 for sure. Probably affects other versions (not tested).

        Attachments

          Activity

            People

            • Votes:
              1 Vote for this issue
              Watchers:
              6 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:
                Fix Release Date:
                13/May/19

                Time Tracking

                Estimated:
                Original Estimate - Not Specified
                Not Specified
                Remaining:
                Remaining Estimate - 0 minutes
                0m
                Logged:
                Time Spent - 3 hours
                3h