Edit report at http://bugs.php.net/bug.php?id=25927&edit=1
ID: 25927
Updated by: cataphr...@php.net
Reported by: acm at tweakers dot net
Summary: get_html_translation_table calls the ' ' instead
of '
-Status: Bogus
+Status: Re-Opened
Type: Bug
Package: Unknown/Other Function
Operating System: Linux
PHP Version: 4.3.3
-Assigned To:
+Assigned To: cataphract
Block user comment: N
Previous Comments:
------------------------------------------------------------------------
[2003-11-20 14:00:06] mike-php at emerge2 dot com
Does the same in Windows PHP 4.3.4.
------------------------------------------------------------------------
[2003-10-21 05:14:42] acm at tweakers dot net
Well, maybe so.
But I was refering to a function that tries to undo the changes of
htmlspecialchars/htmlentities.
If htmlspecialchars changes ' to ' and you want to depend on
get_html_translation_table to undo all changes, you expect it to return
' = ' instead of ' = ', since that's the change
htmlspecialchars/htmlentities did aswell.
It didn't change it to '
If you really wanted to create a perfect entity-decoder, you'd indeed
have to cope with all those &*; entities, including all the
&#[0-9]{2,3};-like entities.
But for the simple "undo the htmlspecialchars"-like function that is not
necessary.
And again, get_html_translation_table returns "how the
htmlspecialchars/entities functions do it", not "all possible
translations" or "just a valid version, maybe not what our own functions
do", doesn't it? :)
To explain what I mean:
if you do
echo html_entity_decode(htmlspecialchars("'", ENT_QUOTES));
you get ' back.
If you do:
function my_entity_decoder($string)
{
$trans = array_flip(get_html_translation_table(ENT_HTML_SPECIALCHARS,
ENT_QUOTES));
$original = strtr($encoded, $trans);
}
echo my_entity_decoder(htmlspecialchars("'", ENT_QUOTES));
Where you trust the get_html_translation_table-function to return enough
information to output ' again...
But if it all doesn't matter to you guys, why do the two change at all?
Why does the htmlspecialchars change it to ' why the
get_html_translation_table claims it changes it to ' ??
------------------------------------------------------------------------
[2003-10-20 21:51:42] moriyo...@php.net
Not quite. When you have to write your own html_entity_decode(), you
should cope with any forms of the numeric entity including hexadecimal
style. It's not as simple as the snippet in the manual page.
------------------------------------------------------------------------
[2003-10-20 19:04:17] acm at tweakers dot net
Well, it's cute that both are valid, but that's not the point...
get_html_translation_table is supposed to return "how php's functions
translate it", not "any way which is valid".
And in that way, it _fails_ to do so.
Since the function html_entity_decode is only available as of php-4.3.0,
anyone who has a similar function (based on the php-example on the
documentpage!), finds it broken because of this.
In that sense it is, imho, a bug.
Quoting you're own documentation:
"get_html_translation_table -- Returns the translation table used by
htmlspecialchars() and htmlentities()"
------------------------------------------------------------------------
[2003-10-20 18:55:32] il...@php.net
Thank you for taking the time to write to us, but this is not
a bug. Please double-check the documentation available at
http://www.php.net/manual/ and the instructions on how to report
a bug at http://bugs.php.net/how-to-report.php
Both ' and ' are valid.
------------------------------------------------------------------------
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/bug.php?id=25927
--
Edit this bug report at http://bugs.php.net/bug.php?id=25927&edit=1
