CustomPress text box doesn't like html with double-quotes

I created a custom field that is a text box. It is to be used for a hyperlink.

If I use double-quotes (“”:wink:, it breaks.

If I use single-quotes (‘ ‘:wink:, it works fine.

I’m not sure if this is an issue with CustomPress or Directory, but the custom field is tied to a Directory Listing CPT.

Here’s a screenshot of the issue:

  • aecnu
    • WP Unicorn

    Greetings Clifford,

    Thank you for bringing this significant issue to our attention.

    Actually though it has been discussed in other tickets, this was not how the text entry was ever intended to be used if I remember correctly.

    However, I will certainly report this interesting find to the lead developer @arnold for his comments on this issue since he is certainly the reigning authority on this plugin and subject.

    Though this may take a bit longer then a normal ticket, I will try to get him in here asap.

    Cheers, Joe

  • Arnold
    • El Macho WP

    It’s generally not a good thing to allow just any text in an input field coming from outside because that how people embed XSS attacks on your site. Your text there could be javascript that you don’t want someone else to run on your site.

    It’s better to take the base string and wrap it with the html so you have control. The example Joe gives above is a typical way of handling it.

  • aecnu
    • WP Unicorn

    Greetings Clifford,

    We have not heard back from you as to the status of this issue.

    If you are still having an issue please let us know so that we may try to get you fixed up as soon as possible by choosing to check mark this ticket as unresolved below and posting any new errors or symptoms you are noticing.

    This action will also bring your ticket up front back in plain view again within the ticket system.

    Thank you for being a WPMU Dev Community Member!

    Cheers, Joe

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.