|
Revision tags: php-5.2.16, php-5.2.15, php-5.3.4, php-5.2.15RC2, php-5.3.4RC2, php-5.3.4RC1, php-5.2.15RC1, PHP_5_2_15RC1 |
|
| #
e69b1ff2 |
| 27-Oct-2010 |
Gustavo André dos Santos Lopes |
- Fixed bug #49687 (utf8_decode vulnerabilities and deficiencies in the number
of reported malformed sequences). (Gustavo)
#Made a public interface for get_next_char/utf-8 in trunk to use i
- Fixed bug #49687 (utf8_decode vulnerabilities and deficiencies in the number
of reported malformed sequences). (Gustavo)
#Made a public interface for get_next_char/utf-8 in trunk to use in utf8_decode.
#In PHP 5.3, trunk's get_next_char was copied to xml.c because 5.3's
#get_next_char is different and is not prepared to recover appropriately from
#errors.
show more ...
|
| #
91727cb8 |
| 24-Oct-2010 |
Gustavo André dos Santos Lopes |
- Completed rewrite of html.c. Except for determine_charset, almost nothing
remains.
- Fixed bug on determine_charset that was preventing correct detection in
combination with interna
- Completed rewrite of html.c. Except for determine_charset, almost nothing
remains.
- Fixed bug on determine_charset that was preventing correct detection in
combination with internal mbstring encoding "none", "pass" or "auto".
- Added profiles for entity encode/decode for HTMl 4.01, XHTML 1.0, XML 1.0
and HTML 5. Added the constants ENT_HTML401, ENT_XML1, ENT_XHTML and
ENT_HTML5.
- htmlentities()/htmlspecialchars(), when told not to double encode, verify
the correctness of the existenting entities more thoroughly.
It is checked whether the numerical entity represents a valid unicode code
point (number is between 0 and 0x10FFFF). If using the flag ENT_DISALLOWED,
it is also checked whether that numerical entity is valid in selected
document. In HTML 4.01, all the numerical entities that represent a Unicode
code point (< U+10FFFFFF) are valid, but that's not the case with other
document types. If the entity is not valid, & is encoded to &.
For named entities, the check is also more thorough. While before the only
check would be to determine if the entity was constituted by alphanumeric
characters, now it is checked whether that entity is necessarily defined for
the target document type. Otherwise, & is encoded to &.
- For html_entity_decode(), only valid numerical and named entities (as defined
above for htmlentities()/htmlspecialchars() + !double_encode) are decoded.
But there is in this case one additional check. Entities that represent
non-SGML or otherwise invalid characters are not decoded. Note that, in
HTML5, U+000D is a valid literal character, but the entity 
 is not
valid and is therefore not decoded.
- The hash tables lazily created for decoding in html_entity_decode() that were
added recently were substituted by static hash tables. Instead of 1 hash
table per encoding, there's only one hash table per document type defined in
terms of unicode code points. This means that for charsets other than UTF-8
and ISO-8859-1, a conversion to unicode code points is necessary before
decoding.
- On the encoding side, the ad hoc ranges of entities of the translation
tables, which mapped (in general) non-unicode code points to HTML entities
were replaced by three-stage tables for HTML 4 and HTML 5. This mapping
tables are defined only in terms of unicode code points, so a conversion
is necessary for charsets other than UTF-8 and ISO-8859-1. Even so, the
multi-stage table is much faster than the previous method, by a factor
of 5; the conversion to unicode is a small penalty because it's just a
simple table lookup.
XML 1.0/htmlspecialchars() uses a simple table instead of a three-stage
table.
- Added the flag ENT_SUBSTITUTE, which makes htmlentities()/htmlspecialchars()
replace the invalid multibyte sequences with U+FFFD (UTF-8) or &#FFFD;
(other encodings).
- Added the flag ENT_DISALLOWED. Implements FR #52860. Characters that cannot
appear literally are replaced by U+FFFD (UTF-8) or &#FFFD; (otherwise).
An alternative implementation would be to encode those characters into
numerical entities, but that would only work in HTML 4.01 due to limitations
on the values of numerical entities in other document types. See also the
effects on htmlentities()/htmlspecialchars() with !double_encode above.
show more ...
|
|
Revision tags: oci8-1.4.3, php-5.2.14, php-5.3.3, php-5.3.3RC3, php-5.2.14RC3, php-5.3.3RC2, php-5.2.14RC2, php-5.3.3RC1, php-5.2.14RC1, php-5.3.2, php-5.2.13, php-5.3.2RC3, php-5.3.2RC2, php-5.2.13RC2, php-5.2.13RC1 |
|
| #
9ba1e816 |
| 03-Jan-2010 |
Sebastian Bergmann |
sed -i "s#1997-2009#1997-2010#g" **/*.c **/*.h **/*.php |
|
Revision tags: php-5.3.2RC1, php-5.2.12, php-5.2.12RC4, php-5.2.12RC3, php-5.2.12RC2, php-5.3.1, php-5.3.1RC4, php-5.2.12RC1, php-5.3.1RC3, php-5.3.1RC2, oci8-1.4.0, php-5.2.11, php-5.2.11RC3, php-5.3.1RC1, php-5.2.11RC2, php-5.2.11RC1, php-5.3.0, php-5.3.0RC4, php-5.2.10, php-5.2.10RC2, php-5.3.0RC3, php-5.2.10RC1, php-5.3.0RC2, php-5.3.0RC1, RELEASE_1_3_5, php-5.2.9, php-5.2.9RC3, php-5.2.9RC2, php-5.2.9RC1, php-5.3.0beta1 |
|
| #
08659c2d |
| 31-Dec-2008 |
Sebastian Bergmann |
MFH: Bump copyright year, 3 of 3. |
|
Revision tags: NEWS, php-5.2.8, BEFORE_HEAD_NS_CHANGES_MERGE, php-5.3.0alpha3, php-5.3.0alpha2, php-5.2.7, php-5.2.7RC5 |
|
| #
18794add |
| 26-Nov-2008 |
Arnaud Le Blanc |
MFH: Added ENT_IGNORE as a compatibility flag for htmlentities() and
htmlspecialchars() to skip multibyte sequences intead of returning an
empty string (as iconv's //IGNORE). These functions
MFH: Added ENT_IGNORE as a compatibility flag for htmlentities() and
htmlspecialchars() to skip multibyte sequences intead of returning an
empty string (as iconv's //IGNORE). These functions will still never
return an invalid or incomplete multibyte sequence.
Fixes #43896
show more ...
|
|
Revision tags: php-5.2.7RC4, BEFORE_HEAD_NS_CHANGE, BEFORE_NS_RULES_CHANGE, php-5.2.7RC3, php-5.2.7RC2, php-5.2.7RC1, php-4.4.9, php-5.3.0alpha1, php-4.4.9RC1, BEFORE_NEW_PARAMETER_PARSE, RELEASE_1_2_5, RELEASE_2_0_0b1, php-5.2.6, RELEASE_1_0_2, php-5.2.6RC5, php-5.2.6RC4, php-5.2.6RC3, RELEASE_2_0_0a2, RELEASE_2_0_0a1, php-5.2.6RC2, php-5.2.6RC1, RELEASE_1_3_1, php-4.4.8 |
|
| #
d1dded87 |
| 31-Dec-2007 |
Sebastian Bergmann |
MFH: Bump copyright year, 2 of 2. |
|
Revision tags: php-4.4.8RC1, RELEASE_1_2_3, php-5.2.5, php-5.2.5RC2, php-5.2.5RC1, BEFORE_IMPORT_OF_MYSQLND_IN_5_3, RELEASE_1_2_2, RELEASE_1_2_4, RELEASE_1_2_1, php-5.2.4, RELEASE_1_5, php-5.2.4RC3, php-5.2.4RC2, php-5.2.4RC1, BEFORE_REAL_IMPORT_OF_MYSQLND, BEFORE_IMPORT_OF_MYSQLND, php-5.2.3, RELEASE_1_4, php-5.2.3RC1 |
|
| #
c98cbb60 |
| 22-May-2007 |
Ilia Alshanetsky |
[DOC] Added a 4th parameter flag to htmlspecialchars() and htmlentities()
that makes the function not encode existing html entities. The feature is
disabled by default and can be activated by
[DOC] Added a 4th parameter flag to htmlspecialchars() and htmlentities()
that makes the function not encode existing html entities. The feature is
disabled by default and can be activated by passing FALSE as the 4th param
show more ...
|
|
Revision tags: RELEASE_1_2_0, php-4.4.7, php-5.2.2, php-5.2.2RC2, RELEASE_1_1_0, php-4.4.7RC1, php-5.2.2RC1, RELEASE_1_0_1, php-4.4.6, php-4.4.6RC1, php-4.4.5, php-5.2.1, RELEASE_1_0_0RC1, php-4.4.5RC2, php-5.2.1RC4, php-5.2.1RC3, php-4.4.5RC1, php-5.2.1RC2 |
|
| #
4223aa4d |
| 01-Jan-2007 |
Sebastian Bergmann |
MFH: Bump year. |
|
Revision tags: php-5.2.1RC1 |
|
| #
aaf12012 |
| 28-Nov-2006 |
Antony Dovgal |
add php_unescape_html_entities() proto to the header
(fixes #39665) |
|
Revision tags: php-5.2.0, php-5.2.0RC6, php-5.2.0RC5, php-5.2.0RC4, php-5.2.0RC3, php-5.1.6, php-5.2.0RC2, php-5.1.5, php-4.4.4, php-4.4.4RC1, php-5.1.5RC1, php-4.4.3, php-5.2.0RC1, php-4.4.3RC2, BEFORE_NEW_OUTPUT_API, php-4.4.3RC1, php-5.1.4, RELEASE_1_0_3, php-5.1.3, php-5.1.2, RELEASE_1_3, php-5.1.3RC3, php-5.1.3RC2, php-5.1.3RC1, RELEASE_1_2, RELEASE_0_9_4, RELEASE_1_0_4, php-4.4.2, php-5.1.2RC2, php-4.4.2RC2 |
|
| #
5bd93221 |
| 01-Jan-2006 |
foobar |
bump year and license version |
|
Revision tags: php-5.1.2RC1, RELEASE_1_1_1, RELEASE_1_1, RELEASE_1_0, RELEASE_2_0_2, php-5.1.1, php-5.1.0, php-4.4.2RC1, RELEASE_0_9_3, php-5.1.0RC6, php-5.1.0RC5, RELEASE_2_0_1, RELEASE_1_0RC2, php-4.4.1, php-5.1.0RC4, RELEASE_0_9_2, RELEASE_0_9_1, php-5.1.0RC3, php-5.1.0RC2, php-4.4.1RC1, RELEASE_0_9_0, RELEASE_1_0RC1, PRE_NEW_OCI8_EXTENSION, php-5.1.0RC2_PRE, php-5.0.5, php-5.0.5RC2, php-5.0.5RC1, php-5.1.0RC1, BEFORE_UNICODE_MERGE, RELEASE_2_0_0 |
|
| #
23e671a5 |
| 03-Aug-2005 |
foobar |
- Bumber up year |
|
Revision tags: RELEASE_0_9, php-5.1.0b3, php-4.4.0, php-4.4.0RC2, php-5.1.0b2, php-4.4.0RC1, php-5.1.0b1, php-5.0.1b1, RELEASE_0_3, php-5.0.4, php-4.3.11, php-5.0.4RC2, php-4.3.11RC2, php-5.0.4RC1, php-4.3.11RC1 |
|
| #
975ff6f5 |
| 07-Mar-2005 |
Ilia Alshanetsky |
Added htmlspecialchars_decode() function for fast conversion from
htmlspecialchars() generated entities back to characters. |
|
Revision tags: RELEASE_0_2_4, RELEASE_0_2_3, RELEASE_0_2_2, RELEASE_0_2_1, RELEASE_0_2, php-5.0.3, php-4.3.10, SQLITE_4_3_20041227, php-5.0.3RC2, php-4.3.10RC2, php-5.0.3RC1, php-4.3.10RC1, PRE_NEW_VM_GEN_PATCH, php-5.0.2, php-4.3.9, php-5.0.2RC1, php-4.3.9RC3, PRE_ZEND_VM_DISPATCH_PATCH, php-4.3.9RC2, php-5.0.1, php-5.0.1RC2, php-4.3.9RC1, php-5.0.1RC1, RELEASE_0_1, php-5.0.0RC4, php-5.0.0, php-4.3.8, php-5.0.0RC3, php-5.0.0RC3RC2, php-4.3.7, php-5.0.0RC3RC1, php-4.3.7RC1, RELEASE_0_1_1, php-5.0.0RC2, php-5.0.0RC2RC2, php-4.3.6, php-5.0.0RC2RC1, php-4.3.6RC3, php-4.3.6RC2, php-4.3.6RC1, php-4.3.5, php-4.3.5RC4, php-5.0.0RC1, php-5.0.0RC1RC2, php-5.0.0RC1RC1, RELEASE_0_2_0, php-4.3.5RC3, php-5.0.0b4, php-5.0.0b4RC1, php-4.3.5RC2, RELEASE_1_3b6, php_ibase_before_split, php-4.3.5RC1 |
|
| #
ccfc46b0 |
| 08-Jan-2004 |
foobar |
- Happy new year and PHP 5 for rest of the files too..
# Should the LICENSE and Zend/LICENSE dates be updated too? |
|
Revision tags: php-5.0.0b3, php-5.0.0b3RC2, php-5.0.0b3RC1, php-4.3.4, php-4.3.4RC3, php-5.0.0b2, RELEASE_2_0_0RC1, php-5.0.0b2RC1, php-4.3.4RC2, RELEASE_1_3b3, BEFORE_HANDLERS_RESHUFFLE, RELEASE_1_3b2, php-4.3.4RC1, RELEASE_0_7, php-4.3.3, php-4.3.3RC4, RELEASE_0_5_3, php-4.3.3RC3, RELEASE_0_5_2, RELEASE_1_2b5, BEFORE_ARG_INFO, php-4.3.3RC2, php-5.0.0b1, php-4.3.3RC1 |
|
| #
f68c7ff2 |
| 10-Jun-2003 |
James Cox |
updating license information in the headers. |
|
Revision tags: BEFORE_FD_REAPPLY, php-4.3.2, php-4.3.2RC4, BEFORE_FD_REVERT, php-4.3.2RC3, RELEASE_0_9b, SPL_ALPHA, php-4.3.2RC2, RELEASE_0_6, RELEASE_0_5, init, php-4.3.2RC1, php-4.3.1, PHP_5_0_dev_before_13561_fix, PHP_4_3_before_13561_fix |
|
| #
b506f5c8 |
| 31-Dec-2002 |
Sebastian Bergmann |
Bump year. |
|
Revision tags: php-4.3.0, php-4.3.0RC4, RELEASE_1_0b3, php-4.3.0RC3, php-4.3.0RC2, RELEASE_1_0b2, BEFORE_RENAMING, php-4.3.0RC1, php-4.3.0pre2, RELEASE_1_0b1, php-4.3.0pre1, MODERN_SYMMETRIC_SESSION_BEHAVIOUR_20021003 |
|
| #
b5d4b549 |
| 26-Sep-2002 |
Sebastian Bergmann |
Fix ZTS build. |
|
Revision tags: RELEASE_0_91, php-4.3.0dev_zend2_alpha3, php-4.2.3, php-4.2.3RC2, php-4.2.3RC1, dev, php-4.2.2, INITIAL_IMPORT_SOURCEFORGE, xmlrpc_epi_0_51_merge_pt, php-4.3.0dev_zend2_alpha2, php-4.3.0dev, php5_5_0, RELEASE_0_90, php-4.3.0dev_zend2_alpha1, BEFORE_OBJECTS_STORE, SAFEGUARD_3_0_BETA1_RC1_26062002, RELEASE_0_11, NEW_UI_API_BP, RELEASE_0_10, RELEASE_0_4, php-4.3.0dev-ZendEngine2, php-4.3.0dev-ZendEngine2-Preview1, php-4.2.1, php-4.2.1RC2, php-4.2.1RC1, php-4.2.0, php-4.2.0RC4, php-4.2.0RC3, php-4.2.0RC2, php-4.2.0RC1 |
|
| #
a184f5d1 |
| 16-Mar-2002 |
Wez Furlong |
* formatting, plus remove some old fopen wrappers |
| #
0f65280c |
| 15-Mar-2002 |
Wez Furlong |
New PHP streams... |
|
Revision tags: help |
|
| #
90613d22 |
| 28-Feb-2002 |
Sebastian Bergmann |
Maintain headers. |
|
Revision tags: php-4.1.2, BEFORE_NEW_OBJECT_MODEL, PRE_ISSET_PATCH, php-4.1.1, PRE_FUNC_RETURNS_OBJECT_PATCH, ChangeLog |
|
| #
38933514 |
| 11-Dec-2001 |
Sebastian Bergmann |
Update headers. |
|
Revision tags: php-4.1.0, php-4.1.0RC5, php-4.1.0RC4, php-4.1.0RC3, php-4.1.0RC2, POST_PARAMETER_PARSING_API, PRE_PARAMETER_PARSING_API, php-4.1.0RC1, php4, php-4.0.7RC3, POST_SUBST_Z_MACROS, PRE_SUBST_Z_MACROS, php-4.0.7RC2, php-4.0.7RC1, BEFORE_EXP_MERGE, PRE_METHOD_DEREFERENCE_PATCH, BEFORE_PARAM_PARSING_CHANGE, PRE_ENGINE2_SPLIT, PRE_TSRM_MERGE_PATCH, PRE_GRANULAR_GARBAGE_FIX, php-4.0.6, php-4.0.6RC4, php-4.0.6RC3, php-4.0.6RC2 |
|
| #
d38cba86 |
| 28-May-2001 |
Wez Furlong |
Added charset awareness to htmlentities() and htmlspecialchars(); use an
optional third parameter to specify the charset; otherwise tries to determine
it from the LC_CTYPE locale setting. |
|
Revision tags: php-4.0.6RC1, php-4.0.5, php-4.0.5RC8 |
|
| #
07a5e3fb |
| 25-Apr-2001 |
Andrei Zmievski |
* Made ENT_* defines availabe to other functions.
* The key/variable names in WDDX are now html escaped to not break XML.
@- Fixed WDDX serialization to HTML-escape key/variable names so as n
* Made ENT_* defines availabe to other functions.
* The key/variable names in WDDX are now html escaped to not break XML.
@- Fixed WDDX serialization to HTML-escape key/variable names so as not to
@ break the XML packet. (Andrei)
show more ...
|
|
Revision tags: php-4.0.5RC7, php-4.0.5RC6, php-4.0.5RC5, php-4.0.5RC4, php-4.0.5RC3, php-4.0.5RC2, php-4.0.5RC1 |
|
| #
eb6ba01d |
| 26-Feb-2001 |
Andi Gutmans |
- Fix copyright notices with 2001 |
|
Revision tags: php-4.0.4pl1, php-4.0.4pl1RC2, php-4.0.4pl1RC1, php-4.0.4REL, php-4.0.4RC6, php-4.0.4RC5, php-4.0.4RC4, php-4.0.4RC3, php-4.0.3, php-4.0.3RC2, php-4.0.3RC1 |
|
| #
d23ad61d |
| 12-Sep-2000 |
Rasmus Lerdorf |
Clean up htmlspecialchars/htmlentities inconsistencies.
@Clean up htmlspecialchars/htmlentities inconsistencies. (Rasmus) |
|
Revision tags: php-4.0.2, PRE_LIBMYSQL_REVERT, php-4.0.2RC1, PRE_FILE_COMPILE_API_CHANGE |
|
| #
83513d95 |
| 24-Jul-2000 |
David Croft |
Changed lots of PHP 3 licence headers to PHP 4, mainly in .h files.
Added a few RCS $Id$ tags.
# Note: I have avoided changing any .h files if the corresponding .c file
# had not alr
Changed lots of PHP 3 licence headers to PHP 4, mainly in .h files.
Added a few RCS $Id$ tags.
# Note: I have avoided changing any .h files if the corresponding .c file
# had not already been changed as I am not sure if there are any legal
# issues here. So some extensions still have PHP 3 headers.
show more ...
|
