Merge pull request #12516 from inietov/fixes/quotes_in_custom_field_custom_regex

Fixed #12252 Quotes in Custom Field regex are being HTML-escaped

app/Http/Controllers/CustomFieldsController.php

@@ -109,9 +109,9 @@ class CustomFieldsController extends Controller
 
 
         if ($request->filled('custom_format')) {
-            $field->format = e($request->get('custom_format'));
+            $field->format = $request->get('custom_format');
         } else {
-            $field->format = e($request->get('format'));
+            $field->format = $request->get('format');
         }
 
         if ($field->save()) {

database/migrations/2023_02_12_224353_fix_unescaped_customfields_format.php

@@ -0,0 +1,33 @@
+<?php
+
+use Illuminate\Database\Migrations\Migration;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Support\Facades\Schema;
+use App\Models\CustomField;
+
+class FixUnescapedCustomfieldsFormat extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        $customfields = CustomField::where('format', 'LIKE', '%&%')->get();
+
+        foreach($customfields as $customfield){
+            $customfield->update(['format' => html_entity_decode($customfield->format)]);
+        }
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        //
+    }
+}