The behavior of 'htmlspecialchars' has changed in PHP 5.4.
The default value of 3rd parameter $encoding is UTF-8.
Almost all EUC_JP characters are handled as invalid UTF-8
sequence and that cause empty output.
http://docs.php.net/manual/en/function.htmlspecialchars.php
The solution used in 'htmlsc' is setting $encoding explicitly.
foreach($pages as $file=>$page) {
$r_page = rawurlencode($page);
- $s_page = htmlspecialchars($page, ENT_QUOTES);
+ $s_page = htmlsc($page, ENT_QUOTES);
$passage = get_pg_passage($page);
$str = ' <li><a href="' . $href . $r_page . '">' .
$s_page . '</a>' . $passage;
if ($withfilename) {
- $s_file = htmlspecialchars($file);
+ $s_file = htmlsc($file);
$str .= "\n" . ' <ul><li>' . $s_file . '</li></ul>' .
"\n" . ' ';
}
foreach ($pages as $page) $params["page_$page"] = 0;
if (empty($pages)) {
- return str_replace('$1', htmlspecialchars($prefix), $_ls2_err_nopages);
+ return str_replace('$1', htmlsc($prefix), $_ls2_err_nopages);
} else {
$params['result'] = $params['saved'] = array();
foreach ($pages as $page)
list($ltime, $stime, $count, $url, $enable) = $arr;
// ÈóASCII¥¥ã¥é¥¯¥¿(¤À¤±)¤òURL¥¨¥ó¥³¡¼¥É¤·¤Æ¤ª¤¯ BugTrack/440
- $e_url = htmlspecialchars(preg_replace('/([" \x80-\xff]+)/e', 'rawurlencode("$1")', $url));
- $s_url = htmlspecialchars(mb_convert_encoding(rawurldecode($url), SOURCE_ENCODING, 'auto'));
+ $e_url = htmlsc(preg_replace('/([" \x80-\xff]+)/e', 'rawurlencode("$1")', $url));
+ $s_url = htmlsc(mb_convert_encoding(rawurldecode($url), SOURCE_ENCODING, 'auto'));
$lpass = get_passage($ltime, FALSE); // ºÇ½ª¹¹¿·Æü»þ¤«¤é¤Î·Ð²á»þ´Ö
$spass = get_passage($stime, FALSE); // ½é²óÅÐÏ¿Æü»þ¤«¤é¤Î·Ð²á»þ´Ö
// BGCOLOR(#88ff88)
$matches = array();
foreach ($pconfig_color as $x)
- $color[$x[0]] = htmlspecialchars(
+ $color[$x[0]] = htmlsc(
preg_match('/BGCOLOR\(([^)]+)\)/si', $x[1], $matches) ?
$matches[1] : $x[1]);
}
$config = new Config('plugin/tracker/'.$config_name);
if (!$config->read())
{
- return "<p>config file '".htmlspecialchars($config_name)."' not found.</p>";
+ return "<p>config file '".htmlsc($config_name)."' not found.</p>";
}
$config->config_name = $config_name;
$source = $config->page.'/page';
if (!$config->read())
{
- return "config file '".htmlspecialchars($config_name)."' not found.";
+ return "config file '".htmlsc($config_name)."' not found.";
}
$config->config_name = $config_name;
function get_tag()
{
- $s_name = htmlspecialchars($this->name);
+ $s_name = htmlsc($this->name);
$retval = '';
$id = 0;
foreach ($this->config->get($this->name) as $option)
continue;
}
$data = join('',file($sdir.$file));
- $comment = array('file'=>htmlspecialchars($sdir.$file),'rev'=>'','date'=>'');
+ $comment = array('file'=>htmlsc($sdir.$file),'rev'=>'','date'=>'');
if (preg_match('/\$'.'Id: (.+),v (\d+\.\d+) (\d{4}\/\d{2}\/\d{2} \d{2}:\d{2}:\d{2})/',$data,$matches))
{
-// $comment['file'] = htmlspecialchars($sdir.$matches[1]);
- $comment['rev'] = htmlspecialchars($matches[2]);
- $comment['date'] = htmlspecialchars($matches[3]);
+// $comment['file'] = htmlsc($sdir.$matches[1]);
+ $comment['rev'] = htmlsc($matches[2]);
+ $comment['date'] = htmlsc($matches[3]);
}
$comments[$sdir.$file] = $comment;
}