Development

#1827: symfony-1.0.7-htmlentities-patch

You must first sign up to be able to contribute.

Ticket #1827: symfony-1.0.7-htmlentities-patch

File symfony-1.0.7-htmlentities-patch, 3.4 kB (added by Pavel.Treutner, 1 year ago)
Line 
1 diff -Naur symfony/config/sfViewConfigHandler.class.php symfony-fixed/config/sfViewConfigHandler.class.php
2 --- symfony/config/sfViewConfigHandler.class.php    2007-09-07 13:34:06.000000000 +0200
3 +++ symfony-fixed/config/sfViewConfigHandler.class.php  2007-09-19 11:36:30.000000000 +0200
4 @@ -226,7 +226,7 @@
5  
6      foreach ($this->mergeConfigValue('metas', $viewName) as $name => $content)
7      {
8 -      $data[] = sprintf("  \$response->addMeta('%s', '%s', false, false);", $name, str_replace('\'', '\\\'', preg_replace('/&(?=\w+;)/', '&', htmlentities($content, ENT_QUOTES, sfConfig::get('sf_charset')))));
9 +      $data[] = sprintf("  \$response->addMeta('%s', '%s', false, false);", $name, str_replace('\'', '\\\'', preg_replace('/&(?=\w+;)/', '&', htmlspecialchars($content, ENT_QUOTES, sfConfig::get('sf_charset')))));
10      }
11  
12      return implode("\n", $data)."\n";
13 diff -Naur symfony/controller/sfWebController.class.php symfony-fixed/controller/sfWebController.class.php
14 --- symfony/controller/sfWebController.class.php    2007-09-07 13:34:06.000000000 +0200
15 +++ symfony-fixed/controller/sfWebController.class.php  2007-09-19 11:37:02.000000000 +0200
16 @@ -216,7 +216,7 @@
17      $response->clearHttpHeaders();
18      $response->setStatusCode($statusCode);
19      $response->setHttpHeader('Location', $url);
20 -    $response->setContent(sprintf('<html><head><meta http-equiv="refresh" content="%d;url=%s"/></head></html>', $delay, htmlentities($url, ENT_QUOTES, sfConfig::get('sf_charset'))));
21 +    $response->setContent(sprintf('<html><head><meta http-equiv="refresh" content="%d;url=%s"/></head></html>', $delay, htmlspecialchars($url, ENT_QUOTES, sfConfig::get('sf_charset'))));
22  
23      if (!sfConfig::get('sf_test'))
24      {
25 diff -Naur symfony/debug/sfWebDebug.class.php symfony-fixed/debug/sfWebDebug.class.php
26 --- symfony/debug/sfWebDebug.class.php  2007-09-07 13:34:05.000000000 +0200
27 +++ symfony-fixed/debug/sfWebDebug.class.php    2007-09-19 11:43:22.000000000 +0200
28 @@ -135,7 +135,7 @@
29      }
30  
31      // escape HTML
32 -    $log_line = htmlentities($log_line, ENT_QUOTES, sfConfig::get('sf_charset'));
33 +    $log_line = htmlspecialchars($log_line, ENT_QUOTES, sfConfig::get('sf_charset'));
34  
35      // replace constants value with constant name
36      $log_line = str_replace(array_keys($constants), array_values($constants), $log_line);
37 @@ -397,7 +397,7 @@
38      $id = ucfirst(strtolower($id));
39      $content = '
40      <h2>'.$id.' <a href="#" onclick="sfWebDebugToggle(\'sfWebDebug'.$id.'\'); return false;">'.image_tag(sfConfig::get('sf_web_debug_web_dir').'/images/toggle.gif').'</a></h2>
41 -    <div id="sfWebDebug'.$id.'" style="display: none"><pre>'.htmlentities(@sfYaml::Dump($values), ENT_QUOTES, sfConfig::get('sf_charset')).'</pre></div>
42 +    <div id="sfWebDebug'.$id.'" style="display: none"><pre>'.htmlspecialchars(@sfYaml::Dump($values), ENT_QUOTES, sfConfig::get('sf_charset')).'</pre></div>
43      ';
44  
45      return $content;
46 diff -Naur symfony/response/sfWebResponse.class.php symfony-fixed/response/sfWebResponse.class.php
47 --- symfony/response/sfWebResponse.class.php    2007-09-07 13:34:06.000000000 +0200
48 +++ symfony-fixed/response/sfWebResponse.class.php  2007-09-19 11:35:50.000000000 +0200
49 @@ -472,7 +472,7 @@
50  
51      if ($escape)
52      {
53 -      $value = htmlentities($value, ENT_QUOTES, sfConfig::get('sf_charset'));
54 +      $value = htmlspecialchars($value, ENT_QUOTES, sfConfig::get('sf_charset'));
55      }
56  
57      if ($replace || !$this->getParameter($key, null, 'helper/asset/auto/meta'))