Bug #61354 [Com]: htmlentities and htmlspecialchars doesn't respect the default_charset

[x dot bazilio at gmail dot com]

Edit report at https://bugs.php.net/bug.php?id=61354&edit=1

 ID:                 61354
 Comment by:         x dot bazilio at gmail dot com
 Reported by:        hufeng1987 at gmail dot com
 Summary:            htmlentities and htmlspecialchars doesn't respect
                     the default_charset
 Status:             Not a bug
 Type:               Bug
 Package:            Strings related
 Operating System:   Linux/Windows/
 PHP Version:        5.4.0
 Block user comment: N
 Private report:     N

 New Comment:

Please, fix it.
It is so simple to provide default params. Wy should we put NULL and empty 
string? Where is security problem to not put NULL and empty string if they are 
will be default values of that params?


Previous Comments:
------------------------------------------------------------------------
[2013-01-05 04:40:26] ras...@php.net

Code that is currently likely to be insecure, yes. We only make changes like 
this 
when we are forced to for security reasons.

------------------------------------------------------------------------
[2013-01-05 04:26:39] hufeng1987 at gmail dot com

you made one step, but kill the php programmer.

do you know how much more code need to rewrite and check?

if your change broken user programm, it's your lost, not the user's lost.

------------------------------------------------------------------------
[2013-01-05 04:20:02] ras...@php.net

You will need to update your code to be compatible with PHP 5.4 either by 
explicitly providing the charset, or by passing in "" to pick up the default 
one. 
Anything short of that is a security issue. Code that didn't do this in PHP 5.3 
is potentially insecure depending on which charset is being used, so no, 
nothing 
will be fixed here. We will not revert to 5.3 behaviour.

------------------------------------------------------------------------
[2013-01-05 03:55:08] hufeng1987 at gmail dot com

Please fix it as soon as possible.

------------------------------------------------------------------------
[2013-01-05 03:53:35] leaflet at leafok dot com

I am facing the same problem.

After upgrading to PHP 5.4.10 in the product environment, all the GB2312 
encoding data on the page became blank. This badly influenced the whole site.

It is undoubtedly a backward compatible issue. Wish it could be resolved soon.

------------------------------------------------------------------------


The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at

    https://bugs.php.net/bug.php?id=61354


-- 
Edit this bug report at https://bugs.php.net/bug.php?id=61354&edit=1