%s
Index: kernel/processors/main_processor.php
===================================================================
--- kernel/processors/main_processor.php (revision 15588)
+++ kernel/processors/main_processor.php (working copy)
@@ -304,7 +304,7 @@
$ret = ($ret === false && isset($params['no_null'])) ? '' : $ret;
if (getArrayValue($params, 'special') || getArrayValue($params, 'htmlchars')) {
- $ret = htmlspecialchars($ret);
+ $ret = htmlspecialchars($ret, null, CHARSET);
}
if (getArrayValue($params, 'urlencode')) {
@@ -610,7 +610,7 @@
}
if ( isset($params['escape']) && $params['escape'] ) {
- $translation = htmlspecialchars($translation, ENT_QUOTES);
+ $translation = htmlspecialchars($translation, ENT_QUOTES, CHARSET);
$translation = addslashes($translation);
}
Index: kernel/processors/tag_processor.php
===================================================================
--- kernel/processors/tag_processor.php (revision 15437)
+++ kernel/processors/tag_processor.php (working copy)
@@ -202,7 +202,7 @@
function PostProcess($ret, $flag_values)
{
if ($flag_values['html_escape']) {
- $ret = htmlspecialchars($ret);
+ $ret = htmlspecialchars($ret, null, CHARSET);
}
if ($flag_values['js_escape']) {
$ret = addslashes($ret);
@@ -329,7 +329,7 @@
{
// echo " prefix : $prefix
";
if (!isset($this->Prefixes[$prefix]))
- $this->Application->ApplicationDie ("Filepath and ClassName for prefix $prefix not defined while processing ".htmlspecialchars($tag->GetFullTag())."!");
+ $this->Application->ApplicationDie ("Filepath and ClassName for prefix $prefix not defined while processing ".htmlspecialchars($tag->GetFullTag(), null, CHARSET)."!");
include_once($this->Prefixes[$prefix]['path']);
$ClassName = $this->Prefixes[$prefix]['class'];
$a_processor = new $ClassName($prefix);
Index: kernel/utility/debugger.php
===================================================================
--- kernel/utility/debugger.php (revision 15597)
+++ kernel/utility/debugger.php (working copy)
@@ -1147,7 +1147,7 @@
$value = 'no value';
}
else {
- $value = htmlspecialchars($this->print_r($value, true));
+ $value = htmlspecialchars($this->print_r($value, true), null, 'UTF-8');
}
echo '
' . $prefix . ' | ' . $key . ' | ' . $value . ' |
';
Index: kernel/utility/http_query.php
===================================================================
--- kernel/utility/http_query.php (revision 15569)
+++ kernel/utility/http_query.php (working copy)
@@ -633,7 +633,7 @@
}
if (!$this->Application->isAdmin) {
- $value = htmlspecialchars($value);
+ $value = htmlspecialchars($value, null, CHARSET);
}
$array[$key] = $value;
Index: units/categories/categories_tag_processor.php
===================================================================
--- units/categories/categories_tag_processor.php (revision 15531)
+++ units/categories/categories_tag_processor.php (working copy)
@@ -1691,7 +1691,7 @@
{
$phrase = $this->Application->Phrase($title, false, true);
- return $tabs . 'a_toolbar.AddButton( new ToolBarButton("' . $name . '", "' . htmlspecialchars($phrase) . '") );';
+ return $tabs . 'a_toolbar.AddButton( new ToolBarButton("' . $name . '", "' . htmlspecialchars($phrase, null, CHARSET) . '") );';
}
function _getThemeFileId()
Index: units/configuration/configuration_event_handler.php
===================================================================
--- units/configuration/configuration_event_handler.php (revision 15590)
+++ units/configuration/configuration_event_handler.php (working copy)
@@ -529,7 +529,7 @@
$suggestion_module = in_array('In-Portal', $suggestion_modules) ? 'In-Portal' : implode(', ', $suggestion_modules);
$suggestion_title = $suggestion_value . ' ' . $of_label . ' ' . $suggestion_module . '';
- echo '- ' . htmlspecialchars($suggestion_title) . '
';
+ echo '- ' . htmlspecialchars($suggestion_title, null, CHARSET) . '
';
}
echo '';
Index: units/email_events/email_events_event_handler.php
===================================================================
--- units/email_events/email_events_event_handler.php (revision 15542)
+++ units/email_events/email_events_event_handler.php (working copy)
@@ -550,7 +550,7 @@
echo '';
foreach ($data as $item) {
- echo '- ' . htmlspecialchars($item) . '
';
+ echo '- ' . htmlspecialchars($item, null, CHARSET) . '
';
}
echo '';
Index: units/fck/fck_eh.php
===================================================================
--- units/fck/fck_eh.php (revision 15445)
+++ units/fck/fck_eh.php (working copy)
@@ -96,7 +96,7 @@
$title = $title . ' (' . $page_path . ')';
$real_url = $this->Application->HREF($template, '_FRONT_END_', array('pass' => 'm'), 'index.php');
- $res .= '' . "\n";
+ $res .= '' . "\n";
}
$res.= "";
Index: units/helpers/controls/minput_helper.php
===================================================================
--- units/helpers/controls/minput_helper.php (revision 15437)
+++ units/helpers/controls/minput_helper.php (working copy)
@@ -40,7 +40,7 @@
if (!in_array($field_name, $use_fields)) {
continue;
}
- $xml .= '' . htmlspecialchars($field_value) . '';
+ $xml .= '' . htmlspecialchars($field_value, null, CHARSET) . '';
}
$xml .= '';
}
Index: units/helpers/deployment_helper.php
===================================================================
--- units/helpers/deployment_helper.php (revision 15588)
+++ units/helpers/deployment_helper.php (working copy)
@@ -422,7 +422,7 @@
}
elseif ( $sql ) {
$this->toLog($sql . ' ... ', false);
- echo mb_substr(trim(preg_replace('/(\n|\t| )+/is', ' ', ($this->isCommandLine ? $sql : htmlspecialchars($sql)))), 0, self::SQL_TRIM_LENGTH) . ' ... ';
+ echo mb_substr(trim(preg_replace('/(\n|\t| )+/is', ' ', ($this->isCommandLine ? $sql : htmlspecialchars($sql, null, CHARSET)))), 0, self::SQL_TRIM_LENGTH) . ' ... ';
$this->Conn->Query($sql);
@@ -563,7 +563,7 @@
$html_color = $html_color_map[$color][$bold ? 'bold' : 'normal'];
- return '' . htmlspecialchars($text) . '';
+ return '' . htmlspecialchars($text, null, CHARSET) . '';
}
/**
@@ -579,7 +579,7 @@
return "\033[1m" . $text . "\033[0m";
}
- return '' . htmlspecialchars($text) . '';
+ return '' . htmlspecialchars($text, null, CHARSET) . '';
}
/**
@@ -611,7 +611,7 @@
private function out($text, $new_line = false)
{
if ( !$this->isCommandLine ) {
- $text = htmlspecialchars($text);
+ $text = htmlspecialchars($text, null, CHARSET);
}
echo $text . ($new_line ? PHP_EOL : '');
Index: units/helpers/language_import_helper.php
===================================================================
--- units/helpers/language_import_helper.php (revision 15588)
+++ units/helpers/language_import_helper.php (working copy)
@@ -318,7 +318,7 @@
$ret .= "\t" . 'OriginalAttributes as $name => $value) {
- $att_contents[] = $name.'="'.htmlspecialchars($value).'"';
+ $att_contents[] = $name.'="'.htmlspecialchars($value, null, CHARSET).'"';
}
$xml .= implode(' ', $att_contents);
}
Index: units/images/image_tag_processor.php
===================================================================
--- units/images/image_tag_processor.php (revision 15437)
+++ units/images/image_tag_processor.php (working copy)
@@ -40,7 +40,7 @@
$block_params['img_path'] = $image_url;
$image_dimensions = $this->ImageSize($block_params);
$block_params['img_size'] = $image_dimensions ? $image_dimensions : ' width="' . $block_params['DefaultWidth'] . '"';
- $block_params['alt'] = $object->GetField('AltName') ? $object->GetField('AltName') : htmlspecialchars($this->getItemTitle($parent_item));
+ $block_params['alt'] = $object->GetField('AltName') ? $object->GetField('AltName') : htmlspecialchars($this->getItemTitle($parent_item), null, CHARSET);
$block_params['align'] = array_key_exists('align', $block_params) ? $block_params['align'] : 'left';
}
@@ -447,7 +447,7 @@
$params['img_path'] = $image_url;
$image_dimensions = $this->ImageSize($params);
$params['img_size'] = $image_dimensions ? $image_dimensions : ' width="' . $params['DefaultWidth'] . '"';
- $params['alt'] = htmlspecialchars($object->GetField('AltName')); // really used ?
+ $params['alt'] = htmlspecialchars($object->GetField('AltName'), null, CHARSET); // really used ?
$params['name'] = $this->SelectParam($params, 'block,render_as');
$params['align'] = array_key_exists('align', $params) ? $params['align'] : 'left';
$params['no_editing'] = 1;
Index: units/logs/change_logs/changes_formatter.php
===================================================================
--- units/logs/change_logs/changes_formatter.php (revision 15515)
+++ units/logs/change_logs/changes_formatter.php (working copy)
@@ -79,6 +79,6 @@
$data = substr($data, 0, 50) . ' ...';
}
- return htmlspecialchars($data);
+ return htmlspecialchars($data, null, CHARSET);
}
}
\ No newline at end of file