php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #45485 strip_tags and <?XML tag
Submitted: 2008-07-11 11:12 UTC Modified: 2008-07-11 12:16 UTC
From: jlim at natsoft dot com Assigned: felipe (profile)
Status: Closed Package: Strings related
PHP Version: 5.2.6 OS: Windows
Private report: No CVE-ID: None
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If this is not your bug, you can add a comment by following this link.
If this is your bug, but you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: jlim at natsoft dot com
New email:
PHP Version: OS:

 

 [2008-07-11 11:12 UTC] jlim at natsoft dot com
Description:
------------
This is related to bug #12860. The HTML tags are not stripped properly because of <?XML.

Bugfix #12860 fixes the problem of strip_tags parsing <?xml but not <?XML

I don't have control over the HTML I am stripping because it is from MS-Outlook generated HTML (ugh).

Regards, John Lim

Reproduce code:
---------------
<?php

# DOES NOT WORK
$s =<<< EOD
This text is shown <?XML:NAMESPACE PREFIX = ST1 /><b>This Text disappears</b>
EOD;

$s = strip_tags($s);
echo htmlspecialchars($s),"<hr>";


# WORKS

$s =<<< EOD
This text is shown <?xml:NAMESPACE PREFIX = ST1 /><b>This Text disappears</b>
EOD;

$s = strip_tags($s);
echo htmlspecialchars($s),"<br>";
?>

Expected result:
----------------
This text is shown This Text disappears
------
This text is shown This Text disappears

Actual result:
--------------
This text is shown 
------
This text is shown This Text disappears

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2008-07-11 12:16 UTC] felipe@php.net
This bug has been fixed in CVS.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
 
Thank you for the report, and for helping us make PHP better.


 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Fri Mar 29 09:01:28 2024 UTC