Edit report at http://bugs.php.net/bug.php?id=52213&edit=1
ID: 52213
Comment by: tomas at matfyz dot cz
Reported by: tomas at matfyz dot cz
Summary: htmlspecialchars() encodes & and — in a
wrong way
Status: Bogus
Type: Bug
Package: *General Issues
Operating System: Linux niobe 2.6.25-gentoo-r8 #1
PHP Version: 5.2.13
New Comment:
So why it is not the default? This is problem with many PHP functions:
that the expected behaviour is not the default one (it is contra
intuitive).
Or, if not a default value, at least there should be a red box warning
in the documentation!
Previous Comments:
------------------------------------------------------------------------
[2010-06-30 17:57:50] [email protected]
That's what the double-encode parameter is for. Set it to false and it
won't
double-encode.
------------------------------------------------------------------------
[2010-06-30 17:54:45] tomas at matfyz dot cz
Description:
------------
The function htmlspecialchars() encodes the & character even if it is
part of some html entity like & or — .
The workaround is also difficult because the function doesn't allow to
disable replacing of the & symbol (I believe it should).
PHP version
Test script:
---------------
echo htmlspecialchars("&");
echo htmlspecialchars("—");
Expected result:
----------------
&
—
Actual result:
--------------
&
—
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/bug.php?id=52213&edit=1
