Editing a Drupal page for someone. Using Unfiltered HTML, Drupal is backslash escaping quotation marks that I'm using in image tags. What gives?

1
votes

I know nothing about Drupal, but I'm helping someone out with editing a Drupal page they're working on for a conference.

One of the things I did for them was auto-generate a table based on some pictures and data scraped from a CSV file I was provided. A typical row in the table looks something like this:

<tr>
    <td>
        <img src="http://external.host/pics/pic.jpg" height="100" style="height:100;" />
    </td>
    <td>
        <h3>Name</h3><p>Organization<br />Country of Origin</p>
    </td>
</tr>

The problem is, even using completely unfiltered HTML (the configuration for the content type has absolutely nothing checked off), after saving the table, Drupal is escaping all of the quote inside the image tag.

This breaks the tag, and I get a bunch of broken images.

What am I missing?

Edit: Drupal 7

6
drupal
I don't have an answer, but I've worked on dozens of Drupal sites and I've never seen this happen, until a few minutes ago on a site that I've been maintaining for about 4 years. Now I can't enter any quotation mark without it being escaped. It's not in the filters - I checked. I'm wondering if it's a MySQL setup change at the host. Normally, this should be absolutely fine to do in Drupal. - user1362069
This is also my suspicion; it's probably a PHP sanitization thing before the content gets stuck in the database. I can't find a workaround though. - Doug Stephen
Interesting that Duaine had this start today too. I'm definitely thinking the same way you are - something in the back end. I'm going to contact the host provider and ask, as it's unworkable for me in the long term. - user1362069

6 Answers

3
votes

The fix for me was to turn off magic quotes in php.ini, thinking something changed on the hosting side as this setting has been on for the last 3 years. magic_quotes_gpc = Off

1
votes

Same problem here and turning magic_quotes_gpc helped, but I needed to do it in the php.ini file, setting it off in the .htaccess, as Drupal does by default, does not necessarily help, depending on the PHP configuration.

See http://drupal.org/node/1437998 for more info.

0
votes

Are your views showing nodes or fields? If nodes, are you referring to the teaser or the full node?

Views with Fields do not retain the same formatting or HTML/CSS structure as full content (nodes). Your view can return a list of content or teasers which will display the same as the content page. Otherwise, you will need write CSS specific to the fields views that you create.

ANSWER EDITED

0
votes

I cannot definitively state why this is happening, but as Maya stated and my initial suspicion was leaning, this is most likely the result of some sort of backend database entry sanitization.

I was, however, able to find a workaround. Simply use unquoted attributes. Although it is not considered good practice, and it's certainly ugly to read, it's the only thing I was able to do to keep Drupal from escaping the quotes with backslashes and breaking my markup.

0
votes

had the exact same problem -- just started today. I finally had to update the node in the database just to get it updated.

0
votes

I think the question is a little unclear. Where did you put the info of the CSV file. In a separate table? Inside the body field of a node? Also, how did you import the data? And more importantly how and where are you printing that data?

Anyways, You could just create a new table and print the information in the tpl of the file. Or, you could install the php field format and print it yourself directly from php.