Thanks for any pointers you may be able to offer.
I use a php script to build a summary table of a users payments.
It is stored in a textarea, using: $result = GFAPI::update_entry_field( $entry_id, ‘47’, $registrantPaymentSummaryTable);
However when send an email with the tag merged, I get this:
How can I prevent the HTML being sanitized? i.e. having < converted to $lt;
Thanks for your help!
Richard
FYI this is what I see when looking at the form entry in view mode:
When I view an entry I see this:
And when I edit it I see:
And finally, in the log file:
Hey @user5b4f1b8702a506.9,
Escaping any HTML saved in a user input field is expected, and is to prevent security problems. But you could try to store the HTML you generate in a Paragraph Text field with the “Use the Rich Text Editor” option enabled, and the field visibility set to Administrative. That may work.
Thanks a lot for thinking about this.
I just got a response from support.
Storing the HTML in a field like that will not work, because Gravity Forms will encode anything that looks like HTML before saving the entry. You can use a merge tag modifier ‘decode’ to decode those special characters. See the documentation here:
add_filter(
'gform_merge_tag_filter'
,
function
(
$value
,
$merge_tag
,
$modifier
,
$field
,
$raw_value
,
$format
) {
if
(
$merge_tag
!=
'all_fields'
&&
$modifier
==
'decode'
) {
$value
= htmlspecialchars_decode(
$value
);
}
return
$value
;
}, 10, 6 );
You would use that in your notification like this to output the tables that are stored in entry field like this:
{:47:decode}
I’ve just put that filter in functions.php and added :decode and it works as promised.
2 Likes