Hi! Some names (like your) already stored in DB in esacaped variant. But some other names not escaped in this DB file, but still escaped after my mail script. May be by mailing list.
With regards, Alexander Moskaliov ir...@irker.net 2012/3/24 Johannes Schlüter <johan...@php.net>: > On Sat, 2012-03-24 at 07:59 +0100, Michael Wallner wrote: >> Looks like the commit/mail script still does some superfluous html >> entitiy encoding: > > No it's not the mail script ;-) > > master.php.net has filter.default=full_special_chars so when storing my > name it is automatically escaped and the escaped form is stored in the > DB. The mail script simply takes it from there. > > I see three ways to fix it: > > * Use special_chars, not full_special_chars a filter, should be > safe enough > * Use html_entity_decode() in the mail script, this feels like a > hack > * Store unescaped data in the DB and escape (everywhere) where it > is used (I don't think we can successfully do that) > > In my opinion the first option is the best. Could anybody with the > needed powers look into that? > > Thanks, > johannes > > > > -- > PHP CVS Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
