php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #7961 get_html_translation_table()
Submitted: 2000-11-24 05:27 UTC Modified: 2000-11-24 11:19 UTC
From: jon at viventus dot no Assigned:
Status: Closed Package: Unknown/Other Function
PHP Version: 4.0.3pl1 OS: Linux RedHat 6.2
Private report: No CVE-ID: None
 [2000-11-24 05:27 UTC] jon at viventus dot no
get_html_translation_table() is supposed to return an array representing the translation table used in htmlspecialchars() and htmlentities(). It doesn't. There is at least one inconsistency between the supposed translation table and the real translation performed by the two functions: The translation table gives ''' as the value to the key '&'. When using the functions, '&' is translated to '&'.

This is especially bad since the Ascii code 039 represents the single quote ('), not the ampersand.

Demonstrating code:

<?
	echo "Special chars:\n\n";
	print_r(get_html_translation_table(HTML_SPECIAL_CHARS));
	echo "\n\n\nEntities:\n\n";
	print_r(get_html_translation_table(HTML_ENTITIES));
	echo "\n\n\nUsing htmlspecialchars():\n\n";
	echo "[&] => " . htmlspecialchars('&');
	echo "\n\n\nUsing htmlentities():\n\n";
	echo "[&] => " . htmlentities('&');
?>

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2000-11-24 11:19 UTC] waldschrott@php.net
fixed in CVS
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Mon Dec 30 14:01:28 2024 UTC