Use UTF-8 encoding, when html-escaping with "htmlspecialchars" function

Components

Labels

Description

I didn't new before, but function "htmlspecialchars" not only escapes text to be safe for usage inside a HTML/XML, but also converts it's encoding to ISO-8859-1 (PHP 5.3.x and below).
As a result any UTF-8 encoded string will be encoded into ISO-8859-1 (after escaping) and all special symbols (e.g. resulted from pasting text from Microsoft Word) would have incorrect encoding, when presented back to user who has UTF-8 encoding on a page.

In PHP 5.4 and up default charset for this function is UTF-8.

As a fix I propose to pass CHARSET constant's value explicitly in each call of htmlspecialchars function across all In-Portal and it's modules.

Context Information

None

Additional information (do not use)

None

Attachments

2

Activity

Show:

Alex July 20, 2015 at 11:15 AM

Closing issues from released versions.

Alex November 2, 2012 at 2:18 PM

Fix committed to [b]5.2.x branch/b. Commit Message:

Fixes #0001423: Function "htmlspecialchars" breaks down UTF-8 encoding

Alex November 2, 2012 at 2:15 PM

Will test all together later.

Fixed

Details

Priority

Assignee

Reporter

Developer

Change Log Message

Patch Instructions

Patches must be submitted through Phabricator.

External issue ID

External issue URL

Story Points

Fix versions

Affects versions

Created November 2, 2012 at 11:50 AM
Updated December 29, 2024 at 11:29 PM
Resolved November 2, 2012 at 2:18 PM