From: slunta at msn dot com Operating system: Irrelevant PHP version: Irrelevant PHP Bug Type: Unknown/Other Function Bug description: htmlentities() glitch
Description: ------------ There is an htmlentities glitch. If you have a message in a textarea box, and you use </textarea>, it allows html after that to be parsed on a message preview screen if there is one. Reproduce code: --------------- $input=htmlentities($input); Expected result: ---------------- I can't really give you a code without giving out my entire message screen, let's just say that with this textarea box I'm typing in right now, if I decide to type in </textarea>, and then something like <marquee>glitch</marquee>, the <marquee> would be parsed at the bottom of the screen. My expected result is to not have this happen. Actual result: -------------- Of course, the actual result is allowing html after the </textarea> to be parsed. If someone used </textarea> <!#cmd.execute="[database query]"> Then it would allow a db query to execute on servers if asp is mixed with php code. This is a dangerous problem, and needs a fix. All I'm saying is that htmlentities() needs to be allowed to block </textarea> for things like message previews. -- Edit bug report at http://bugs.php.net/?id=27914&edit=1 -- Try a CVS snapshot (php4): http://bugs.php.net/fix.php?id=27914&r=trysnapshot4 Try a CVS snapshot (php5): http://bugs.php.net/fix.php?id=27914&r=trysnapshot5 Fixed in CVS: http://bugs.php.net/fix.php?id=27914&r=fixedcvs Fixed in release: http://bugs.php.net/fix.php?id=27914&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=27914&r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=27914&r=needscript Try newer version: http://bugs.php.net/fix.php?id=27914&r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=27914&r=support Expected behavior: http://bugs.php.net/fix.php?id=27914&r=notwrong Not enough info: http://bugs.php.net/fix.php?id=27914&r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=27914&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=27914&r=globals PHP 3 support discontinued: http://bugs.php.net/fix.php?id=27914&r=php3 Daylight Savings: http://bugs.php.net/fix.php?id=27914&r=dst IIS Stability: http://bugs.php.net/fix.php?id=27914&r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=27914&r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=27914&r=float
