[wp-trac] [WordPress Trac] #37913: Switch/case string comparison is case-sensitive
WordPress Trac
noreply at wordpress.org
Thu Sep 1 20:08:45 UTC 2016
#37913: Switch/case string comparison is case-sensitive
--------------------------+-----------------------------
Reporter: mangeshp | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: General | Version: 4.6
Severity: normal | Keywords:
Focuses: |
--------------------------+-----------------------------
Switch/case string comparison is case-sensitive. It's better not to assume
that whatever data we will receive in a function argument will be in the
same case as we will be checking in condition.
Take a look at this snippet from file `wp-includes/ID3/getid3.lib.php` :
{{{
switch ($charset) {
case '1251':
case '1252':
case '866':
case '932':
case '936':
case '950':
case 'BIG5':
case 'BIG5-HKSCS':
case 'cp1251':
case 'cp1252':
case 'cp866':
case 'EUC-JP':
case 'EUCJP':
case 'GB2312':
case 'ibm866':
case 'ISO-8859-1':
case 'ISO-8859-15':
case 'ISO8859-1':
case 'ISO8859-15':
case 'KOI8-R':
case 'koi8-ru':
case 'koi8r':
case 'Shift_JIS':
case 'SJIS':
case 'win-1251':
case 'Windows-1251':
case 'Windows-1252':
$HTMLstring = htmlentities($string, ENT_COMPAT, $charset);
break;
case 'UTF-8':
$strlen = strlen($string);
for ($i = 0; $i < $strlen; $i++) {
$char_ord_val = ord($string{$i});
$charval = 0;
if ($char_ord_val < 0x80) {
$charval = $char_ord_val;
} elseif ((($char_ord_val & 0xF0) >> 4) == 0x0F
&& $i+3 < $strlen) {
$charval = (($char_ord_val & 0x07) <<
18);
$charval += ((ord($string{++$i}) & 0x3F)
<< 12);
$charval += ((ord($string{++$i}) & 0x3F)
<< 6);
$charval += (ord($string{++$i}) & 0x3F);
} elseif ((($char_ord_val & 0xE0) >> 5) == 0x07
&& $i+2 < $strlen) {
$charval = (($char_ord_val & 0x0F) <<
12);
$charval += ((ord($string{++$i}) & 0x3F)
<< 6);
$charval += (ord($string{++$i}) & 0x3F);
} elseif ((($char_ord_val & 0xC0) >> 6) == 0x03
&& $i+1 < $strlen) {
$charval = (($char_ord_val & 0x1F) << 6);
$charval += (ord($string{++$i}) & 0x3F);
}
if (($charval >= 32) && ($charval <= 127)) {
$HTMLstring .=
htmlentities(chr($charval));
} else {
$HTMLstring .= '&#'.$charval.';';
}
}
break;
case 'UTF-16LE':
for ($i = 0; $i < strlen($string); $i += 2) {
$charval = self::LittleEndian2Int(substr($string,
$i, 2));
if (($charval >= 32) && ($charval <= 127)) {
$HTMLstring .= chr($charval);
} else {
$HTMLstring .= '&#'.$charval.';';
}
}
break;
case 'UTF-16BE':
for ($i = 0; $i < strlen($string); $i += 2) {
$charval = self::BigEndian2Int(substr($string, $i,
2));
if (($charval >= 32) && ($charval <= 127)) {
$HTMLstring .= chr($charval);
} else {
$HTMLstring .= '&#'.$charval.';';
}
}
break;
}}}
Which could have been like this :
{{{
switch (strtolower($charset)) {
case '1251':
case '1252':
case '866':
case '932':
case '936':
case '950':
case 'big5':
case 'big5-hkscs':
case 'cp1251':
case 'cp1252':
case 'cp866':
case 'euc-jp':
case 'eucjp':
case 'gb2312':
case 'ibm866':
case 'iso-8859-1':
case 'iso-8859-15':
case 'iso8859-1':
case 'iso8859-15':
case 'koi8-r':
case 'koi8-ru':
case 'koi8r':
case 'shift_jis':
case 'sjis':
case 'win-1251':
case 'windows-1251':
case 'windows-1252':
$HTMLstring = htmlentities($string, ENT_COMPAT, $charset);
break;
case 'utf-8':
$strlen = strlen($string);
for ($i = 0; $i < $strlen; $i++) {
$char_ord_val = ord($string{$i});
$charval = 0;
if ($char_ord_val < 0x80) {
$charval = $char_ord_val;
} elseif ((($char_ord_val & 0xF0) >> 4) == 0x0F
&& $i+3 < $strlen) {
$charval = (($char_ord_val & 0x07) <<
18);
$charval += ((ord($string{++$i}) & 0x3F)
<< 12);
$charval += ((ord($string{++$i}) & 0x3F)
<< 6);
$charval += (ord($string{++$i}) & 0x3F);
} elseif ((($char_ord_val & 0xE0) >> 5) == 0x07
&& $i+2 < $strlen) {
$charval = (($char_ord_val & 0x0F) <<
12);
$charval += ((ord($string{++$i}) & 0x3F)
<< 6);
$charval += (ord($string{++$i}) & 0x3F);
} elseif ((($char_ord_val & 0xC0) >> 6) == 0x03
&& $i+1 < $strlen) {
$charval = (($char_ord_val & 0x1F) << 6);
$charval += (ord($string{++$i}) & 0x3F);
}
if (($charval >= 32) && ($charval <= 127)) {
$HTMLstring .=
htmlentities(chr($charval));
} else {
$HTMLstring .= '&#'.$charval.';';
}
}
break;
case 'utf-16le':
for ($i = 0; $i < strlen($string); $i += 2) {
$charval = self::LittleEndian2Int(substr($string,
$i, 2));
if (($charval >= 32) && ($charval <= 127)) {
$HTMLstring .= chr($charval);
} else {
$HTMLstring .= '&#'.$charval.';';
}
}
break;
case 'utf-16be':
for ($i = 0; $i < strlen($string); $i += 2) {
$charval = self::BigEndian2Int(substr($string, $i,
2));
if (($charval >= 32) && ($charval <= 127)) {
$HTMLstring .= chr($charval);
} else {
$HTMLstring .= '&#'.$charval.';';
}
}
break;
}}}
--
Ticket URL: <https://core.trac.wordpress.org/ticket/37913>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list