-
Notifications
You must be signed in to change notification settings - Fork 820
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Gridfield export of summary fields incorrectly escapes various characters, breaks CSV format #10657
Comments
Thanks for raising the issue, @axllent. If you had time, could you create a PR with the suggested fix from/against the |
axllent
added a commit
to axllent/silverstripe-framework
that referenced
this issue
Jan 26, 2023
Gridfield export of summary fields incorrectly escapes `'`and `"`, breaks CSV format. See silverstripe#10657
Awesome, I have just done so @michalkleiner! |
Just putting this here for reference as I suspect it'll get overlooked as it's labeled as |
GuySartorelli
changed the title
Gridfield export of summary fields incorrectly escapes ' and ", breaks CSV format
Gridfield export of summary fields incorrectly escapes various characters, breaks CSV format
Oct 9, 2023
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Affected Version
Silverstripe framework 4.12.2 (including previous versions)
Description
When exporting data via the Gridfield export, any column data defined in the
$summary_fields
is incorrectly escaped in the CSV.Steps to Reproduce
'
or"
in their first nameAll
'
characters are converted to'
, and"
is converted to"
, and in the case where a single word including a single"
(no spaces) actually breaks the exported data structure. If however the exported data is not included in the$summary_fields
it appears not to be affected by this bug. This is not limited to just the Security section, but all Gridfields.As an example, I have two Members in my test database, the first has the FirstName
Default 'Admin
, and the secondtest"
:I can provide a working patch which would change https://github.com/silverstripe/silverstripe-framework/blob/4.12.2/src/Forms/GridField/GridFieldExportButton.php#L246-L248 to something like
which fixes the issue, resulting in:
... however I feel that's more of a band aid. Unfortunately what happens under the hood within the Gridfield components is a somewhat a maze, so I'm not sure of the best approach to fixing this bug.
Your thoughts and suggestions please.
UPDATE
This happens with a combination of the
GridFieldDataColumns
component and fields being insummary_fields
. Specifically, the html is escaped usingnl2br()
andConvert::raw2xml()
inGridFieldDataColumns::castValue()
and therefore affects more than just quotes (e.g.<
,>
,&
,\n
will all be affected).See #10659 (review) for more information.
PRs
The text was updated successfully, but these errors were encountered: