scottmac Tue Jul 15 14:44:46 2008 UTC Added files: /php-src/ext/standard/tests/strings strip_tags_variation11.phpt
Modified files: /php-src/ext/standard string.c Log: Fix bug when < is used within attribute. http://cvs.php.net/viewvc.cgi/php-src/ext/standard/string.c?r1=1.675&r2=1.676&diff_format=u Index: php-src/ext/standard/string.c diff -u php-src/ext/standard/string.c:1.675 php-src/ext/standard/string.c:1.676 --- php-src/ext/standard/string.c:1.675 Fri Jul 11 12:43:06 2008 +++ php-src/ext/standard/string.c Tue Jul 15 14:44:46 2008 @@ -18,7 +18,7 @@ +----------------------------------------------------------------------+ */ -/* $Id: string.c,v 1.675 2008/07/11 12:43:06 felipe Exp $ */ +/* $Id: string.c,v 1.676 2008/07/15 14:44:46 scottmac Exp $ */ /* Synced with php 3.0 revision 1.193 1999-06-16 [ssb] */ @@ -6696,6 +6696,9 @@ case '\0': break; case '<': + if (in_q) { + break; + } if (isspace(*(p + 1)) && !allow_tag_spaces) { goto reg_char; } http://cvs.php.net/viewvc.cgi/php-src/ext/standard/tests/strings/strip_tags_variation11.phpt?view=markup&rev=1.1 Index: php-src/ext/standard/tests/strings/strip_tags_variation11.phpt +++ php-src/ext/standard/tests/strings/strip_tags_variation11.phpt --TEST-- Test strip_tags() function : obscure values within attributes --INI-- short_open_tag = on --FILE-- <?php echo "*** Testing strip_tags() : obscure functionality ***\n"; // array of arguments $string_array = array ( 'hello <img title="<"> world', 'hello <img title=">"> world', 'hello <img title=">_<"> world', "hello <img title='>_<'> world" ); // Calling strip_tags() with default arguments // loop through the $string_array to test strip_tags on various inputs $iteration = 1; foreach($string_array as $string) { echo "-- Iteration $iteration --\n"; var_dump( strip_tags($string) ); $iteration++; } echo "Done"; ?> --EXPECTF-- *** Testing strip_tags() : obscure functionality *** -- Iteration 1 -- unicode(12) "hello world" -- Iteration 2 -- unicode(12) "hello world" -- Iteration 3 -- unicode(12) "hello world" -- Iteration 4 -- unicode(12) "hello world" Done -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php