#14268 closed defect (bug) (fixed)
Comments editor HTML tag
Reported by: |
|
Owned by: |
|
---|---|---|---|
Milestone: | 4.6 | Priority: | normal |
Severity: | normal | Version: | 3.0 |
Component: | Text Changes | Keywords: | |
Focuses: | Cc: |
Description
With a vanilla (2.8.4 -> 3.0) installation, if you go and edit the comment from Mr Wordpress, you will see that in the editor you can find the HTML code of the apostrophe for "post's".
Hi, this is a comment.<br />To delete a comment, just log in and view the post's comments. There you will have the option to edit or delete them.
The problem comes with a production env with European languages where comments are full of accented letters that make the reading almost impossible.
Attachments (1)
Change History (10)
#3
@
15 years ago
- Milestone changed from Awaiting Review to 3.1
Turns out the content is escaped twice: first in get_comment_to_edit() and then again in wp_htmledit_pre().
In esc_html_comment_form.php I had to use $wpdb directly because the cached version returned from get_comment() is the escaped one. This should definitely be fixed.
#5
@
15 years ago
- Keywords needs-patch added
- Milestone changed from 3.1 to Future Release
No easy fix for this, unfortunately. Punting.
#6
@
12 years ago
- Component changed from General to Text Changes
What we should actually do is remove the entity from upgrade.php, and let texturize do the work. Otherwise, what's happening when editing the comment appears to be proper, as this *is* what's in the DB.
This would be a case for using esc_html() instead of esc_textarea(). See #15454