[wp-hackers] wp_specialchars() and HTML Entities
Robert Deaton
false.hopes at gmail.com
Mon May 9 02:59:11 GMT 2005
I believe double-encoding means that even if characters had already been
converted, it converted certain characters again (IE ö).
I think that editing the characters not as their htmlspecialchars()
counterpart is the intended behavior, that way people who use languages
other than English regularly aren't editing htmlspecialchars() encoded
strings. They are reencoded and stored in the database as the
htmlspecialchars() counterparts.
On 5/8/05, Brad Fults <bfults at gmail.com> wrote:
>
> Hi,
>
> I need clarification on the intention of wp_specialchars(). On the first
> line of the function (/wp-includes/functions-formatting.php:99), there is
> a comment:
>
> // Like htmlspecialchars except don't double-encode HTML entities
>
> I'm not quite sure what "double-encoding" entails, and why it's
> undesirable.
>
> I recently ran into a problem when I enter a person's name in the Link
> Editor that contains a special character such as ö as such: "Björn".
> When I save the entry, it's saved to the database correctly, but upon
> editing again, the link name gets passed through wp_specialchars() and it
> disregards the character entity, giving me the literal "Björn". I think this
> is pretty obviously undesirable behavior--a user wants to edit exactly what
> he inputted, not some converted version.
>
> So my question is: what is the case where htmlspecialchars() [or
> htmlentities()] was overkill? What is this double-encoding and why is it
> bad? I'd like to come to a solution that prevents cases like the one I've
> experienced.
>
> Thanks.
>
> --
> Brad Fults
> NeatBox
> _______________________________________________
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-hackers
>
>
>
--
--Robert Deaton
http://somethingunpredictable.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://comox.textdrive.com/pipermail/wp-hackers/attachments/20050509/6afdb9e6/attachment.html
More information about the wp-hackers
mailing list