Please describe the issue you're having
If you accept the answer, please mark the topic as [SOLVED] by clicking the tick.

Moderators: RussH, cptr13

Forum rules: Just please remember to play nicely once you walk through the door. You can disagree with us, or any other commenters in this forum, but respect our space and keep your comments directed to the topic at hand.

I've just installed OpenCATS on my debian server.

Works great, with mostly one exception : when I fill the job description with ckedit and save it, the description then shows the HTML code. And the online application shows the same HTML code.

So let's say in ckedit I write : "This is a job desc" in bold, the description section of the job order will actually show :
<p><strong>This is a job desc</strong></p> and the same on the online application. Looking at the HTML source page of the online application, here is what I find :

&lt;p&gt;&lt;strong&gt;This is a job desc&lt;/strong&gt;&lt;/p&gt;

So looks like the description has been HTML encoded with htmlentities.

What am I doing wrong? Any help appreciated, thanks!
Update on my previous post :
- I've installed v0.9.7.2 on WIndows to see whether i could reproduce the problem there too or if the issue was from my configuration on debian : same problem on Windows too
- I've downgraded to v0.9.6 and then the problem is gone

So it looks to me that latest version has introduced that problem. As there's been several security fixes likely involving php htmlentities / htmlspecialchar, that might the "culprit".
Hey there - thanks for reporting this - the release did indeed add in changes here. It shouldn't be difficult to find the culprit. I'll get that amended.. and will share the fix here.
Great news - please please let me know any other issues you face.. there's been quite a few commits just to lock down security so want to ensure it's all functional.
Hi Aleks, sorry - you've installed the latest release but would prefer the packages in Master? as I think 0.9.7-2 doesn't have the fix, only in Master.

Three options;
1. check the commits since the version 0.9.7-2 was packaged and add them in yourself (aren't that many, eminently doable)
2. download Master and extract it over your existing installation, it will overwrite. Make sure you rename config.php beforehand so it's preserved. Probably best option.
3. I get around to a new release that works for everyone. I'll get there, have been slightly hectic in my day job for the past few months.
Thanks Russ
Well, I tried everything except to overwrite all with Master, as it will delete everything I've done already, so I'm avoiding it for now.
I am not a senior dev. but as what I know is that CKeditor (vendor) which is using for adding text styles and headings, etc., has also a Source (button) but it's a switch for removing all formatting, and even after removing entire "ckeditor" folder from the server, still final "description" section of the job orders page posting it as html text (with codes, without line brakes, posting text in a single line, all merged), so I think that here is a catch.

Another thing I've tried, without good results at the end, was modifying the config file of the ckeditor, so I added this:

CKEDITOR.editorConfig = function( config ) {
// Define changes to default configuration here. For example:
// config.language = 'fr';
// config.uiColor = '#AADC6E';

config.specialChars = [
'!', '&quot;', '#', '$', '%', '&amp;', "'", '(', ')', '*', '+', '-', '.', '/',
'0', '1', '2', '3', '4', '5', '6', '7', '8', '9', ':', ';'];

and also this

CKEDITOR.config.basicEntities = false;
CKEDITOR.config.entities = false;
CKEDITOR.config.entities_greek = false;
CKEDITOR.config.entities_latin = false;
CKEDITOR.config.htmlEncodeOutput = false;
CKEDITOR.config.entities_processNumerical = false;

Results on the editor were perfect, but after clicking Save button, all codes come back.

So, final problem is actually with the SAVE button, the actions that happens after that button are the problem (probably pre-defined Add or Edit templates for job orders).
That is my humble opinion :)

Thanks for sharing the investigation!

Thanks, I am just not that good dev. :? I'm unde[…]

After you run a search, report, or pivot, click th[…]

I would like to add a couple of fields to the Jo[…]