mirror of
https://github.com/silverstripe/silverstripe-framework
synced 2024-10-22 14:05:37 +02:00
BUGFIX Fixed usage of htmlentities() and html_entity_decode() to be UTF8 compatible by default
This commit is contained in:
Ingo Schommer
parent
2667fc6ef0
commit
da909a0214
@ -571,7 +571,7 @@ class SSViewer {
|
||||
echo "<h2>Template: $cacheFile</h2>";
|
||||
echo "<pre>";
|
||||
foreach($lines as $num => $line) {
|
||||
echo str_pad($num+1,5) . htmlentities($line);
|
||||
echo str_pad($num+1,5) . htmlentities($line, ENT_COMPAT, 'UTF-8');
|
||||
}
|
||||
echo "</pre>";
|
||||
}
|
||||
@ -686,7 +686,7 @@ class SSViewer_FromString extends SSViewer {
|
||||
echo "<h2>Template: $tmpFile</h2>";
|
||||
echo "<pre>";
|
||||
foreach($lines as $num => $line) {
|
||||
echo str_pad($num+1,5) . htmlentities($line);
|
||||
echo str_pad($num+1,5) . htmlentities($line, ENT_COMPAT, 'UTF-8');
|
||||
}
|
||||
echo "</pre>";
|
||||
}
|
||||
|
||||
@ -753,7 +753,7 @@ class MySQLDatabase extends SS_Database {
|
||||
public function searchEngine($classesToSearch, $keywords, $start, $pageLength, $sortBy = "Relevance DESC", $extraFilter = "", $booleanSearch = false, $alternativeFileFilter = "", $invertedMatch = false) {
|
||||
$fileFilter = '';
|
||||
$keywords = Convert::raw2sql($keywords);
|
||||
$htmlEntityKeywords = htmlentities($keywords,ENT_NOQUOTES);
|
||||
$htmlEntityKeywords = htmlentities($keywords, ENT_NOQUOTES, 'UTF-8');
|
||||
|
||||
$extraFilters = array('SiteTree' => '', 'File' => '');
|
||||
|
||||
@ -889,7 +889,7 @@ class MySQLDatabase extends SS_Database {
|
||||
$fieldNames = '"' . implode('", "', $fields) . '"';
|
||||
|
||||
$SQL_keywords = Convert::raw2sql($keywords);
|
||||
$SQL_htmlEntityKeywords = Convert::raw2sql(htmlentities($keywords));
|
||||
$SQL_htmlEntityKeywords = Convert::raw2sql(htmlentities($keywords, ENT_NOQUOTES, 'UTF-8'));
|
||||
|
||||
return "(MATCH ($fieldNames) AGAINST ('$SQL_keywords' $boolean) + MATCH ($fieldNames) AGAINST ('$SQL_htmlEntityKeywords' $boolean))";
|
||||
}
|
||||
|
||||
@ -125,7 +125,7 @@ class SS_Backtrace {
|
||||
} else {
|
||||
$name = self::full_func_name($item,true);
|
||||
}
|
||||
$result .= "<li><b>" . htmlentities($name) . "</b>\n<br />\n";
|
||||
$result .= "<li><b>" . htmlentities($name, ENT_COMPAT, 'UTF-8') . "</b>\n<br />\n";
|
||||
$result .= isset($item['line']) ? "Line $item[line] of " : '';
|
||||
$result .= isset($item['file']) ? htmlentities(basename($item['file'])) : '';
|
||||
$result .= "</li>\n";
|
||||
|
||||
@ -184,7 +184,7 @@ class CodeViewer extends Controller {
|
||||
$comment = preg_replace('/^\/\*/','',$token[1]);
|
||||
$comment = preg_replace('/\*\/$/','',$comment);
|
||||
$comment = preg_replace('/(^|\n)[\t ]*\* */m',"\n",$comment);
|
||||
$comment = htmlentities($comment);
|
||||
$comment = htmlentities($comment, ENT_COMPAT, 'UTF-8');
|
||||
$comment = str_replace("\n\n", "</p><p>", $comment);
|
||||
return "<p>$comment</p>";
|
||||
}
|
||||
@ -203,7 +203,7 @@ class CodeViewer extends Controller {
|
||||
}
|
||||
}
|
||||
|
||||
$parsed['pretty'] = "<p>" . str_replace("\n\n", "</p><p>", htmlentities($comment)). "</p>";
|
||||
$parsed['pretty'] = "<p>" . str_replace("\n\n", "</p><p>", htmlentities($comment, ENT_COMPAT, 'UTF-8')). "</p>";
|
||||
return $parsed;
|
||||
}
|
||||
|
||||
@ -252,7 +252,11 @@ class CodeViewer extends Controller {
|
||||
* Render the given token as HTML
|
||||
*/
|
||||
function renderToken($token) {
|
||||
$tokenContent = htmlentities(is_array($token) ? $token[1] : $token);
|
||||
$tokenContent = htmlentities(
|
||||
is_array($token) ? $token[1] : $token,
|
||||
ENT_COMPAT,
|
||||
'UTF-8'
|
||||
);
|
||||
$tokenName = is_array($token) ? token_name($token[0]) : 'T_PUNCTUATION';
|
||||
|
||||
switch($tokenName) {
|
||||
|
||||
@ -426,7 +426,7 @@ class Debug {
|
||||
echo '<pre>';
|
||||
$offset++;
|
||||
foreach($lines as $line) {
|
||||
$line = htmlentities($line);
|
||||
$line = htmlentities($line, ENT_COMPAT, 'UTF-8');
|
||||
if ($offset == $errline) {
|
||||
echo "<span>$offset</span> <span class=\"error\">$line</span>";
|
||||
} else {
|
||||
|
||||
@ -73,7 +73,12 @@ class DebugView extends Object {
|
||||
* Render HTML header for development views
|
||||
*/
|
||||
public function writeHeader() {
|
||||
echo '<!DOCTYPE html><html><head><title>' . htmlentities($_SERVER['REQUEST_METHOD'] . ' ' . $_SERVER['REQUEST_URI']) . '</title>';
|
||||
$url = htmlentities(
|
||||
$_SERVER['REQUEST_METHOD'] . ' ' . $_SERVER['REQUEST_URI'],
|
||||
ENT_COMPAT,
|
||||
'UTF-8'
|
||||
);
|
||||
echo '<!DOCTYPE html><html><head><title>' . $url . '</title>';
|
||||
echo '<style type="text/css">';
|
||||
echo 'body { background-color:#eee; margin:0; padding:0; font-family:Helvetica,Arial,sans-serif; }';
|
||||
echo '.info { border-bottom:1px dotted #333; background-color:#ccdef3; margin:0; padding:6px 12px; }';
|
||||
@ -138,7 +143,7 @@ class DebugView extends Object {
|
||||
echo '<div class="trace"><h3>Source</h3>';
|
||||
echo '<pre>';
|
||||
foreach($lines as $offset => $line) {
|
||||
$line = htmlentities($line);
|
||||
$line = htmlentities($line, ENT_COMPAT, 'UTF-8');
|
||||
if ($offset == $errline) {
|
||||
echo "<span>$offset</span> <span class=\"error\">$line</span>";
|
||||
} else {
|
||||
|
||||
@ -282,7 +282,7 @@ class SapphireTestReporter implements PHPUnit_Framework_TestListener {
|
||||
($test['status'] == 1) ? $passCount++ : $failCount++;
|
||||
if ($test['status'] != 1) {
|
||||
echo "<div class=\"failure\"><span>⊗ ". $this->testNameToPhrase($test['name']) ."</span><br>";
|
||||
echo "<pre>".htmlentities($test['message'])."</pre><br>";
|
||||
echo "<pre>".htmlentities($test['message'], ENT_COMPAT, 'UTF-8')."</pre><br>";
|
||||
echo SS_Backtrace::get_rendered_backtrace($test['trace']);
|
||||
echo "</div>";
|
||||
}
|
||||
|
||||
@ -145,7 +145,11 @@ class TestViewer extends Controller {
|
||||
* Render the given token as HTML
|
||||
*/
|
||||
function renderToken($token) {
|
||||
$tokenContent = htmlentities(is_array($token) ? $token[1] : $token);
|
||||
$tokenContent = htmlentities(
|
||||
is_array($token) ? $token[1] : $token,
|
||||
ENT_COMPAT,
|
||||
'UTF-8'
|
||||
);
|
||||
$tokenName = is_array($token) ? token_name($token[0]) : 'T_PUNCTUATION';
|
||||
|
||||
switch($tokenName) {
|
||||
|
||||
@ -182,7 +182,7 @@ class PermissionCheckboxSetField extends FormField {
|
||||
$itemID = $this->id() . '_' . ereg_replace('[^a-zA-Z0-9]+', '', $code);
|
||||
$checked = $disabled = $inheritMessage = '';
|
||||
$checked = (isset($uninheritedCodes[$code]) || isset($inheritedCodes[$code])) ? ' checked="checked"' : '';
|
||||
$title = $permission['help'] ? 'title="' . htmlentities($permission['help']) . '" ' : '';
|
||||
$title = $permission['help'] ? 'title="' . htmlentities($permission['help'], ENT_COMPAT, 'UTF-8') . '" ' : '';
|
||||
|
||||
if (isset($inheritedCodes[$code])) {
|
||||
// disable inherited codes, as any saving logic would be too complicate to express in this interface
|
||||
|
||||
Loading…
Reference in New Issue
Block a user