Development

#1827: rev-5940-htmlentities.patch

You must first sign up to be able to contribute.

Ticket #1827: rev-5940-htmlentities.patch

File rev-5940-htmlentities.patch, 3.2 kB (added by Pavel.Treutner, 1 year ago)

new patch against revision 5940

  • lib/controller/sfWebController.class.php

    old new  
    216216    $response->clearHttpHeaders(); 
    217217    $response->setStatusCode($statusCode); 
    218218    $response->setHttpHeader('Location', $url); 
    219     $response->setContent(sprintf('<html><head><meta http-equiv="refresh" content="%d;url=%s"/></head></html>', $delay, htmlentities($url, ENT_QUOTES, sfConfig::get('sf_charset')))); 
     219    $response->setContent(sprintf('<html><head><meta http-equiv="refresh" content="%d;url=%s"/></head></html>', $delay, htmlspecialchars($url, ENT_QUOTES, sfConfig::get('sf_charset')))); 
    220220 
    221221    if (!sfConfig::get('sf_test')) 
    222222    { 

  • lib/debug/sfWebDebug.class.php

    old new  
    135135    } 
    136136 
    137137    // escape HTML 
    138     $log_line = htmlentities($log_line, ENT_QUOTES, sfConfig::get('sf_charset')); 
     138    $log_line = htmlspecialchars($log_line, ENT_QUOTES, sfConfig::get('sf_charset')); 
    139139 
    140140    // replace constants value with constant name 
    141141    $log_line = str_replace(array_keys($constants), array_values($constants), $log_line); 
     
    397397    $id = ucfirst(strtolower($id)); 
    398398    $content = ' 
    399399    <h2>'.$id.' <a href="#" onclick="sfWebDebugToggle(\'sfWebDebug'.$id.'\'); return false;">'.image_tag(sfConfig::get('sf_web_debug_web_dir').'/images/toggle.gif').'</a></h2> 
    400     <div id="sfWebDebug'.$id.'" style="display: none"><pre>'.htmlentities(@sfYaml::Dump($values), ENT_QUOTES, sfConfig::get('sf_charset')).'</pre></div> 
     400    <div id="sfWebDebug'.$id.'" style="display: none"><pre>'.htmlspecialchars(@sfYaml::Dump($values), ENT_QUOTES, sfConfig::get('sf_charset')).'</pre></div> 
    401401    '; 
    402402 
    403403    return $content; 

  • lib/response/sfWebResponse.class.php

    old new  
    472472 
    473473    if ($escape) 
    474474    { 
    475       $value = htmlentities($value, ENT_QUOTES, sfConfig::get('sf_charset')); 
     475      $value = htmlspecialchars($value, ENT_QUOTES, sfConfig::get('sf_charset')); 
    476476    } 
    477477 
    478478    if ($replace || !$this->getParameter($key, null, 'helper/asset/auto/meta')) 

  • lib/config/sfViewConfigHandler.class.php

    old new  
    226226 
    227227    foreach ($this->mergeConfigValue('metas', $viewName) as $name => $content) 
    228228    { 
    229       $data[] = sprintf("  \$response->addMeta('%s', '%s', false, false);", $name, str_replace('\'', '\\\'', preg_replace('/&amp;(?=\w+;)/', '&', htmlentities($content, ENT_QUOTES, sfConfig::get('sf_charset'))))); 
     229      $data[] = sprintf("  \$response->addMeta('%s', '%s', false, false);", $name, str_replace('\'', '\\\'', preg_replace('/&amp;(?=\w+;)/', '&', htmlspecialchars($content, ENT_QUOTES, sfConfig::get('sf_charset'))))); 
    230230    } 
    231231 
    232232    return implode("\n", $data)."\n";