Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-74853

Audit uses of htmlspecialchars and friends which now use a different default quote encoding

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Minor Minor
    • 4.1
    • 4.0.1, 4.1
    • General

      Change in PHP8.1 (see https://github.com/php/php-src/blob/PHP-8.1/UPGRADING )

      htmlspecialchars(), htmlentities(), htmlspecialchars_decode(),
      		 
          html_entity_decode() and get_html_translation_table() now use
      		 
          ENT_QUOTES | ENT_SUBSTITUTE rather than ENT_COMPAT by default. This means
      		 
          that ' is escaped to ' while previously it was left alone.

      One instance of this, which was causing unit test failures in wiki, was reported and fixed in MDL-73435. This issue deals with addressing the other cases - which aren't captured by unit tests and may need to manually discovered on a case by case basis.

        1. htmlentities_report.csv
          28 kB

            marina Marina Glancy
            jaked Jake Dallimore
            Eloy Lafuente (stronk7) Eloy Lafuente (stronk7)
            Ilya Tregubov Ilya Tregubov
            CiBoT CiBoT
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

              Created:
              Updated:
              Resolved:

                Estimated:
                Original Estimate - Not Specified
                Not Specified
                Remaining:
                Remaining Estimate - 0 minutes
                0m
                Logged:
                Time Spent - 3 hours
                3h

                  Error rendering 'clockify-timesheets-time-tracking-reports:timer-sidebar'. Please contact your Jira administrators.