#25707 [NEW]: html_entity_decode over-decodes "

Tue, 30 Sep 2003 11:54:36 -0700 

From:             Bjorn dot Victor at it dot uu dot se
Operating system: Solaris 8
PHP version:      4.3.3
PHP Bug Type:     Strings related
Bug description:  html_entity_decode over-decodes "

Description:
------------
Symptom:
html_entity_decode(""") returns '"', while the expected value
would be """.  Corresponding (wrong) behaviour for & followed by
"lt;", "gt;" etc.

Another example is html_entity_decode(htmlentities("<")) which returns
"<" rather than "&lt;" as expected.

As a result, html_entity_decode can not be used as the inverse of
htmlentities.

Diagnosis:
The function (php_unescape_html_entities in ext/standard/html.c) replaces
each entity in basic_entities with its corresponding character, but starts
by replacing "&amp;" with "&", the resulting string being "&quot;", which
is then replaced by '"'.

Solution:
php_unescape_html_entities in ext/standard/html.c traverses the
basic_entities from the wrong end; it must replace "&amp;" *last*, not
*first*.

Reproduce code:
---------------
print html_entity_decode("&amp;quot;&amp;lt;&amp;gt;");

Expected result:
----------------
&quot;&lt;&gt;

Actual result:
--------------
"<>

-- 
Edit bug report at http://bugs.php.net/?id=25707&edit=1
-- 
Try a CVS snapshot (php4):  http://bugs.php.net/fix.php?id=25707&r=trysnapshot4
Try a CVS snapshot (php5):  http://bugs.php.net/fix.php?id=25707&r=trysnapshot5
Fixed in CVS:               http://bugs.php.net/fix.php?id=25707&r=fixedcvs
Fixed in release:           http://bugs.php.net/fix.php?id=25707&r=alreadyfixed
Need backtrace:             http://bugs.php.net/fix.php?id=25707&r=needtrace
Try newer version:          http://bugs.php.net/fix.php?id=25707&r=oldversion
Not developer issue:        http://bugs.php.net/fix.php?id=25707&r=support
Expected behavior:          http://bugs.php.net/fix.php?id=25707&r=notwrong
Not enough info:            http://bugs.php.net/fix.php?id=25707&r=notenoughinfo
Submitted twice:            http://bugs.php.net/fix.php?id=25707&r=submittedtwice
register_globals:           http://bugs.php.net/fix.php?id=25707&r=globals
PHP 3 support discontinued: http://bugs.php.net/fix.php?id=25707&r=php3
Daylight Savings:           http://bugs.php.net/fix.php?id=25707&r=dst
IIS Stability:              http://bugs.php.net/fix.php?id=25707&r=isapi
Install GNU Sed:            http://bugs.php.net/fix.php?id=25707&r=gnused
Floating point limitations: http://bugs.php.net/fix.php?id=25707&r=float

Reply via email to