php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #7961 get_html_translation_table()
Submitted: 2000-11-24 05:27 UTC Modified: 2000-11-24 11:19 UTC
From: jon at viventus dot no Assigned:
Status: Closed Package: Unknown/Other Function
PHP Version: 4.0.3pl1 OS: Linux RedHat 6.2
Private report: No CVE-ID: None
 [2000-11-24 05:27 UTC] jon at viventus dot no
get_html_translation_table() is supposed to return an array representing the translation table used in htmlspecialchars() and htmlentities(). It doesn't. There is at least one inconsistency between the supposed translation table and the real translation performed by the two functions: The translation table gives ''' as the value to the key '&'. When using the functions, '&' is translated to '&'.

This is especially bad since the Ascii code 039 represents the single quote ('), not the ampersand.

Demonstrating code:

<?
	echo "Special chars:\n\n";
	print_r(get_html_translation_table(HTML_SPECIAL_CHARS));
	echo "\n\n\nEntities:\n\n";
	print_r(get_html_translation_table(HTML_ENTITIES));
	echo "\n\n\nUsing htmlspecialchars():\n\n";
	echo "[&] => " . htmlspecialchars('&');
	echo "\n\n\nUsing htmlentities():\n\n";
	echo "[&] => " . htmlentities('&');
?>

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2000-11-24 11:19 UTC] waldschrott@php.net
fixed in CVS
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Fri Mar 29 11:01:29 2024 UTC