Fixed
Details
Priority
MinorAssignee
AlexAlexReporter
AlexAlexDeveloper
AlexAlexChange Log Message
Fixes charset encoding problem from htmlspecialchars functionPatch Instructions
Patches must be submitted through Phabricator.
To submit patch via Command Line use Patches Workflow (via Arcanist) tutorial.
To submit patch via Web Interface use Patches Workflow (via Web Interface) tutorial.
External issue ID
1423External issue URL
Story Points
1Fix versions
Affects versions
Details
Details
Priority
MinorAssignee
Alex
AlexReporter
Alex
AlexDeveloper
Alex
AlexChange Log Message
Fixes charset encoding problem from htmlspecialchars function
Patch Instructions
Patches must be submitted through Phabricator.
To submit patch via Command Line use Patches Workflow (via Arcanist) tutorial.
To submit patch via Web Interface use Patches Workflow (via Web Interface) tutorial.
External issue ID
1423
External issue URL
Story Points
1
Fix versions
Affects versions
Created November 2, 2012 at 11:50 AM
Updated December 29, 2024 at 11:29 PM
Resolved November 2, 2012 at 2:18 PM
I didn't new before, but function "htmlspecialchars" not only escapes text to be safe for usage inside a HTML/XML, but also converts it's encoding to ISO-8859-1 (PHP 5.3.x and below).
As a result any UTF-8 encoded string will be encoded into ISO-8859-1 (after escaping) and all special symbols (e.g. resulted from pasting text from Microsoft Word) would have incorrect encoding, when presented back to user who has UTF-8 encoding on a page.
In PHP 5.4 and up default charset for this function is UTF-8.
As a fix I propose to pass CHARSET constant's value explicitly in each call of htmlspecialchars function across all In-Portal and it's modules.