moriyoshi Thu Oct 2 02:57:22 2003 EDT
Added files:
/php-src/ext/standard/tests/strings bug25707.phpt
Modified files:
/php-src/ext/standard html.c
Log:
Fixed bug #25707 (html_entity_decode over-decodes <)
Index: php-src/ext/standard/html.c
diff -u php-src/ext/standard/html.c:1.86 php-src/ext/standard/html.c:1.87
--- php-src/ext/standard/html.c:1.86 Tue Jun 10 16:03:37 2003
+++ php-src/ext/standard/html.c Thu Oct 2 02:57:21 2003
@@ -18,7 +18,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: html.c,v 1.86 2003/06/10 20:03:37 imajes Exp $ */
+/* $Id: html.c,v 1.87 2003/10/02 06:57:21 moriyoshi Exp $ */
/*
* HTML entity resources:
@@ -417,7 +417,6 @@
int entitylen;
int flags;
} basic_entities[] = {
- { '&', "&", 5, 0 },
{ '"', """, 6, ENT_HTML_QUOTE_DOUBLE },
{ '\'', "'", 6, ENT_HTML_QUOTE_SINGLE },
{ '\'', "'", 5, ENT_HTML_QUOTE_SINGLE },
@@ -917,54 +916,69 @@
ret = replaced;
}
- /* replace numeric entities */
+ /* replace numeric entities & "&" */
lim = ret + retlen;
- for (p = ret, q = ret; p < lim; p++) {
+ for (p = ret, q = ret; p < lim;) {
int code;
- if (p < lim - 1 && p[0] == '&' && p[1] == '#') {
- code = strtol(p + 2, &next, 10);
- if (next != NULL && *next == ';') {
- switch (charset) {
- case cs_utf_8:
- q += php_utf32_utf8(q, code);
- break;
+ if (p[0] == '&') {
+ if (p + 2 < lim) {
+ if (p[1] == '#') {
+ code = strtol(p + 2, &next, 10);
+ if (next != NULL && *next == ';') {
+ switch (charset) {
+ case cs_utf_8:
+ q += php_utf32_utf8(q,
code);
+ break;
- case cs_8859_1:
- case cs_8859_5:
- case cs_8859_15:
- if (0xa0 <= code && code <= 0xff) {
- *(q++) = code;
- }
- break;
+ case cs_8859_1:
+ case cs_8859_5:
+ case cs_8859_15:
+ if (0xa0 <= code &&
code <= 0xff) {
+ *(q++) = code;
+ }
+ break;
- case cs_cp1252:
- case cs_cp1251:
- case cs_cp866:
- if (0x80 <= code && code <= 0xff) {
- *(q++) = code;
- }
- break;
+ case cs_cp1252:
+ case cs_cp1251:
+ case cs_cp866:
+ if (0x80 <= code &&
code <= 0xff) {
+ *(q++) = code;
+ }
+ break;
- case cs_big5:
- case cs_gb2312:
- case cs_big5hkscs:
- case cs_sjis:
- case cs_eucjp:
- if (code <= 0x7f) {
- *(q++) = code;
- }
- break;
+ case cs_big5:
+ case cs_gb2312:
+ case cs_big5hkscs:
+ case cs_sjis:
+ case cs_eucjp:
+ if (code <= 0x7f) {
+ *(q++) = code;
+ }
+ break;
- default:
- break;
+ default:
+ break;
+ }
+ p = next + 1;
+ } else {
+ *(q++) = *(p++);
+ *(q++) = *(p++);
+ }
+ } else if (p + 4 < lim &&
+ p[1] == 'a' && p[2] == 'm'
&&p[3] == 'p' &&
+ p[4] == ';') {
+ *(q++) = '&';
+ p += 5;
+ } else {
+ *(q++) = *(p++);
+ *(q++) = *(p++);
}
- p = next;
} else {
- *(q++) = *p;
+ *(q++) = *(p++);
}
} else {
- *(q++) = *p;
+ *(q++) = *(p++);
}
}
*q = '\0';
Index: php-src/ext/standard/tests/strings/bug25707.phpt
+++ php-src/ext/standard/tests/strings/bug25707.phpt
--TEST--
Bug #25707 (html_entity_decode over-decodes &lt;)
--FILE--
<?php
var_dump(html_entity_decode("&lt;", ENT_COMPAT, 'ISO-8859-1'));
var_dump(html_entity_decode("&#38;", ENT_COMPAT, 'ISO-8859-1'));
var_dump(html_entity_decode("&#38;lt;", ENT_COMPAT, 'ISO-8859-1'));
?>
--EXPECT--
string(4) "<"
string(5) "&"
string(8) "&lt;"
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
