php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #7961 get_html_translation_table()
Submitted: 2000-11-24 05:27 UTC Modified: 2000-11-24 11:19 UTC
From: jon at viventus dot no Assigned:
Status: Closed Package: Unknown/Other Function
PHP Version: 4.0.3pl1 OS: Linux RedHat 6.2
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: jon at viventus dot no
New email:
PHP Version: OS:

 

 [2000-11-24 05:27 UTC] jon at viventus dot no 
get_html_translation_table() is supposed to return an array representing the translation table used in htmlspecialchars() and htmlentities(). It doesn't. There is at least one inconsistency between the supposed translation table and the real translation performed by the two functions: The translation table gives ''' as the value to the key '&'. When using the functions, '&' is translated to '&'.

This is especially bad since the Ascii code 039 represents the single quote ('), not the ampersand.

Demonstrating code:

<?
	echo "Special chars:\n\n";
	print_r(get_html_translation_table(HTML_SPECIAL_CHARS));
	echo "\n\n\nEntities:\n\n";
	print_r(get_html_translation_table(HTML_ENTITIES));
	echo "\n\n\nUsing htmlspecialchars():\n\n";
	echo "[&] => " . htmlspecialchars('&');
	echo "\n\n\nUsing htmlentities():\n\n";
	echo "[&] => " . htmlentities('&');
?>

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2000-11-24 11:19 UTC] waldschrott@php.net 
fixed in CVS
 
PHP Copyright © 2001-2023 The PHP Group
All rights reserved. 		Last updated: Mon Dec 04 12:01:27 2023 UTC