php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Return to Bug #52204
Patch bug52204 revision 2010-10-26 19:26 UTC by kalle@php.net

Patch bug52204 for Website problem Bug #52204

Patch version 2010-10-26 19:26 UTC

Return to Bug #52204 | Download this patch
Patch Revisions:

Developer: kalle@php.net

Index: cal.php
===================================================================
--- cal.php	(revision 304919)
+++ cal.php	(working copy)
@@ -30,13 +30,13 @@
 if ($id) {
     // Try to load event by ID and display header and info for that event
     if ($event = load_event($id)) {
-        site_header("Event: " . stripslashes(htmlentities($event['sdesc'], ENT_QUOTES, 'UTF-8')));
+        site_header("Event: " . stripslashes(htmlentities($event['sdesc'], ENT_QUOTES | ENT_IGNORE, 'UTF-8')));
         display_event($event, 0);
         $begun = TRUE;
     }
     // Unable to find event, put this to the error messages' list
     else {
-        $errors[] = "There is no event for specified id ('".htmlentities($id, ENT_QUOTES, 'UTF-8')."')";
+        $errors[] = "There is no event for specified id ('".htmlentities($id, ENT_QUOTES | ENT_IGNORE, 'UTF-8')."')";
     }
 }
 
@@ -68,14 +68,14 @@
     
     // Wrong date specified
     else {
-        $errors[] = "The specified date (".htmlentities("$cy/$cm/$cd", ENT_QUOTES, 'UTF-8').") was not valid.";
+        $errors[] = "The specified date (".htmlentities("$cy/$cm/$cd", ENT_QUOTES | ENT_IGNORE, 'UTF-8').") was not valid.";
         unset($cm); unset($cd); unset($cy);
     }
 }
 
 // Check if month and year is valid
 if ($cm && $cy && !checkdate($cm,1,$cy)) {
-    $errors[] = "The specified year and month (".htmlentities("$cy, $cm", ENT_QUOTES, 'UTF-8').") are not valid.";
+    $errors[] = "The specified year and month (".htmlentities("$cy, $cm", ENT_QUOTES | ENT_IGNORE, 'UTF-8').") are not valid.";
     unset($cm); unset($cy);
 }
 
@@ -221,7 +221,7 @@
                  ($COUNTRY == $event['country'] ? "<strong>" : ""),
                  '<a class="cat' . $event['category'] . '" href="/cal.php',
                  "?id=$event[id]&amp;cm=$cm&amp;cy=$cy", '">',
-                 stripslashes(htmlentities($event['sdesc'], ENT_QUOTES, 'UTF-8')),
+                 stripslashes(htmlentities($event['sdesc'], ENT_QUOTES | ENT_IGNORE, 'UTF-8')),
                  '</a>',
                  ($COUNTRY == $event['country'] ? "</strong>" : ""),
                  '</div>';
Index: include/layout.inc
===================================================================
--- include/layout.inc	(revision 304919)
+++ include/layout.inc	(working copy)
@@ -60,7 +60,7 @@
 
 // Stats pages still need this
 function commonHeader($title) { site_header($title); }
-
+ | ENT_IGNORE
 function site_header($title = '', $config = array())
 {
     global $EXPL_LANG, $SIDEBAR_DATA, $RSIDEBAR_DATA, $PAGE_COLUMNS, $PGI;
@@ -467,9 +467,9 @@
 //
 function make_popup_link ($url, $linktext=false, $target=false, $windowprops="", $extras=false) {
     return sprintf("<a href=\"%s\" target=\"%s\" onclick=\"window.open('%s','%s','%s');return false;\"%s>%s</a>",
-        htmlspecialchars($url, ENT_QUOTES),
+        htmlspecialchars($url, ENT_QUOTES | ENT_IGNORE),
         ($target ? $target : "_new"),
-        htmlspecialchars($url, ENT_QUOTES),
+        htmlspecialchars($url, ENT_QUOTES | ENT_IGNORE),
         ($target ? $target : "_new"),
                 $windowprops,
         ($extras ? ' '.$extras : ''),
@@ -615,9 +615,9 @@
     }
 
     // Print link in case we have one
-    if ($event['url']) { echo '<a href="', htmlentities($event['url'], ENT_QUOTES, 'UTF-8'),'" class="url">'; }
+    if ($event['url']) { echo '<a href="', htmlentities($event['url'], ENT_QUOTES | ENT_IGNORE, 'UTF-8'),'" class="url">'; }
     // Print event description
-    echo "<b class='summary'>", stripslashes(htmlentities($event['sdesc'], ENT_QUOTES, 'UTF-8')), "</b>";
+    echo "<b class='summary'>", stripslashes(htmlentities($event['sdesc'], ENT_QUOTES | ENT_IGNORE, 'UTF-8')), "</b>";
     // End link
     if ($event['url']) { echo "</a>"; }
 
@@ -659,8 +659,8 @@
     // If we have an URL, print it out
     if ($event['url']) {
         echo '<br /><br /><b>URL:</b> ',
-             '<a href="', htmlentities($event['url'], ENT_QUOTES, 'UTF-8'), '">',
-             htmlentities($event['url'], ENT_QUOTES, 'UTF-8'), '</a>';
+             '<a href="', htmlentities($event['url'], ENT_QUOTES | ENT_IGNORE, 'UTF-8'), '">',
+             htmlentities($event['url'], ENT_QUOTES | ENT_IGNORE, 'UTF-8'), '</a>';
     }
 ?>
  </td></tr>
Index: include/prepend.inc
===================================================================
--- include/prepend.inc	(revision 304919)
+++ include/prepend.inc	(working copy)
@@ -15,6 +15,13 @@
     date_default_timezone_set("UTC");
 }
 
+// As of PHP 5.3.0 multibyte sequence errors are no longer 
+// silent. Prior to that version this bitfield does not exist
+// so define it to prevent notices on older versions
+if (!defined("ENT_IGNORE")) {
+    define("ENT_IGNORE", 0);
+}
+
 // Prevent cross site scripting problems
 unset($RSIDEBAR_DATA);
 unset($SIDEBAR_DATA);
Index: my.php
===================================================================
--- my.php	(revision 304919)
+++ my.php	(working copy)
@@ -117,10 +117,10 @@
     $langpref,
     
     "Last seen language" =>
-    (isset($_COOKIE['LAST_LANG']) ? htmlentities($_COOKIE['LAST_LANG'], ENT_QUOTES) : "None"),
+    (isset($_COOKIE['LAST_LANG']) ? htmlentities($_COOKIE['LAST_LANG'], ENT_QUOTES | ENT_IGNORE, 'UTF-8') : "None"),
     
     "Your Accept-Language browser setting" =>
-    (isset($_SERVER['HTTP_ACCEPT_LANGUAGE']) ? htmlentities($_SERVER['HTTP_ACCEPT_LANGUAGE'], ENT_QUOTES) : "None"),
+    (isset($_SERVER['HTTP_ACCEPT_LANGUAGE']) ? htmlentities($_SERVER['HTTP_ACCEPT_LANGUAGE'], ENT_QUOTES | ENT_IGNORE, 'UTF-8') : "None"),
     
     "The mirror's default language" =>
     default_language(),
Index: source.php
===================================================================
--- source.php	(revision 304919)
+++ source.php	(working copy)
@@ -41,7 +41,7 @@
     exit;
 }
 
-echo "<h1>Source of: " . htmlentities($_GET['url']) . "</h1>"; 
+echo "<h1>Source of: " . htmlentities($_GET['url'], ENT_IGNORE, 'UTF-8') . "</h1>"; 
 
 // Get dirname of the specified URL part
 $dir = dirname($_GET['url']);
Index: submit-event.php
===================================================================
--- submit-event.php	(revision 304919)
+++ submit-event.php	(working copy)
@@ -178,8 +178,8 @@
   <th class="subr">Start Date</th>
   <td>
    <select name="smonth"><option></option><?php display_options($months, $_POST['smonth'])?></select>
-   <input type="text" name="sday" size="2" maxlength="2" value="<?php echo htmlentities($_POST['sday'], ENT_QUOTES, 'UTF-8')?>" />
-   <input type="text" name="syear" size="4" maxlength="4" value="<?php echo $_POST['syear'] ? htmlentities($_POST['syear'], ENT_QUOTES, 'UTF-8') : date("Y")?>" />
+   <input type="text" name="sday" size="2" maxlength="2" value="<?php echo htmlentities($_POST['sday'], ENT_QUOTES | ENT_IGNORE, 'UTF-8')?>" />
+   <input type="text" name="syear" size="4" maxlength="4" value="<?php echo $_POST['syear'] ? htmlentities($_POST['syear'], ENT_QUOTES | ENT_IGNORE, 'UTF-8') : date("Y")?>" />
    <input type="radio" id="single" name="type" value="single"<?php if ($_POST['type'] == 'single' || !$_POST['type']) echo ' checked="checked"';?> />
    <label for="single">One day (no end-date required)</label>
   </td>
@@ -188,8 +188,8 @@
   <th class="subr">End Date</th>
   <td>
    <select name="emonth"><option></option><?php display_options($months, $_POST['emonth'])?></select>
-   <input type="text" name="eday" size="2" maxlength="2" value="<?php echo htmlentities($_POST['eday'], ENT_QUOTES, 'UTF-8')?>" />
-   <input type="text" name="eyear" size="4" maxlength="4" value="<?php echo $_POST['eyear'] ? htmlentities($_POST['eyear'], ENT_QUOTES, 'UTF-8') : date("Y")?>" />
+   <input type="text" name="eday" size="2" maxlength="2" value="<?php echo htmlentities($_POST['eday'], ENT_QUOTES | ENT_IGNORE, 'UTF-8')?>" />
+   <input type="text" name="eyear" size="4" maxlength="4" value="<?php echo $_POST['eyear'] ? htmlentities($_POST['eyear'], ENT_QUOTES | ENT_IGNORE, 'UTF-8') : date("Y")?>" />
    <input type="radio" id="multi" name="type" value="multi"<?php if ($_POST['type'] == 'multi') echo ' checked="checked"';?> />
    <label for="multi">Multi-day event</label>
   </td>
@@ -205,11 +205,11 @@
  </tr>
  <tr>
   <th class="subr">Short Description</th>
-  <td><input type="text" name="sdesc" class="max" value="<?php echo htmlentities($_POST['sdesc'], ENT_QUOTES, 'UTF-8')?>" size="32" maxlength="32" /></td>
+  <td><input type="text" name="sdesc" class="max" value="<?php echo htmlentities($_POST['sdesc'], ENT_QUOTES | ENT_IGNORE, 'UTF-8')?>" size="32" maxlength="32" /></td>
  </tr>
  <tr>
   <th class="subr">URL</th>
-  <td><input type="text" name="url" size="40" maxlength="128" class="max" value="<?php echo htmlentities($_POST['url'], ENT_QUOTES, 'UTF-8')?>" /></td>
+  <td><input type="text" name="url" size="40" maxlength="128" class="max" value="<?php echo htmlentities($_POST['url'], ENT_QUOTES | ENT_IGNORE, 'UTF-8')?>" /></td>
  </tr>
  <tr>
   <th class="subr">Country</th>
@@ -234,13 +234,13 @@
  <tr>
   <th class="subr">Email</th>
   <td>
-   <input type="text" name="email" size="40" maxlength="128" class="max" value="<?php echo htmlentities($_POST['email'], ENT_QUOTES, 'UTF-8')?>" /><br />
+   <input type="text" name="email" size="40" maxlength="128" class="max" value="<?php echo htmlentities($_POST['email'], ENT_QUOTES | ENT_IGNORE, 'UTF-8')?>" /><br />
    <small>This email address is only used to contact you about the listing, it will not displayed along with the listing.</small>
   </td>
  </tr>
  <tr>
   <th class="subr">Long Description</th>
-  <td><textarea name="ldesc" cols="60" rows="10" wrap="virtual" class="max"><?php echo htmlentities($_POST['ldesc'], ENT_QUOTES, 'UTF-8');?></textarea></td>
+  <td><textarea name="ldesc" cols="60" rows="10" wrap="virtual" class="max"><?php echo htmlentities($_POST['ldesc'], ENT_QUOTES | ENT_IGNORE, 'UTF-8');?></textarea></td>
  </tr>
  <tr>
   <th colspan="2">
@@ -265,7 +265,7 @@
     foreach ($options as $k => $v) {
         echo '<option value="', $k, '"',
              ($k == $current ? ' selected="selected"' : ''),
-             '>', htmlentities($v, ENT_QUOTES, 'UTF-8'), "</option>\n";
+             '>', htmlentities($v, ENT_QUOTES | ENT_IGNORE, 'UTF-8'), "</option>\n";
     }
 }
 
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Fri Dec 27 04:01:29 2024 UTC