projects / fa-stable.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: ca4b0e0)
Workaround for segfaults in some buggy php encoding library versions.
authorJanusz Dobrowolski <janusz@frontaccounting.eu>
Mon, 6 Nov 2017 11:21:25 +0000 (12:21 +0100)
committerJanusz Dobrowolski <janusz@frontaccounting.eu>
Thu, 9 Nov 2017 12:29:00 +0000 (13:29 +0100)
includes/db/connect_db_mysqli.inc patch | blob | history
includes/page/header.inc patch | blob | history
includes/ui/ui_input.inc patch | blob | history
inventory/manage/item_units.php patch | blob | history

diff --git a/includes/db/connect_db_mysqli.inc b/includes/db/connect_db_mysqli.inc
index 48b57402df0d1e68696f2273112d69f358cac9f9..a70e5926b12f839fcc6263d4ab50208f514241fc 100644 (file)
--- a/includes/db/connect_db_mysqli.inc
+++ b/includes/db/connect_db_mysqli.inc
@@ -135,8 +135,8 @@ function db_num_fields($result)
 function db_escape($value = "", $nullify = false)
 {
        global $db;
-       
-       $value = @html_entity_decode($value, ENT_QUOTES, $_SESSION['language']->encoding);
+
+       $value = @html_entity_decode($value, ENT_QUOTES, $_SESSION['language']->encoding=='iso-8859-2' ? 'ISO-8859-1' : $_SESSION['language']->encoding);
        $value = html_specials_encode($value);
 
        //reset default if second parameter is skipped
diff --git a/includes/page/header.inc b/includes/page/header.inc
index ec80dc160973052d407325a37d60e7e951cc453c..7777dae422e66241483f09f5f2800e6160442949 100644 (file)
--- a/includes/page/header.inc
+++ b/includes/page/header.inc
@@ -40,9 +40,10 @@ function help_url($context=null)
        if ($clean)
                $help_page_url = access_string($help_page_url, true);
 
-       return htmlspecialchars($SysPrefs->help_base_url
+       return html_specials_encode(
+               $SysPrefs->help_base_url
                .urlencode(strtr(ucwords($help_page_url), array(' '=>'', '/'=>'', '&'=>'And')))
-               .'&ctxhelp=1&lang='.$country, ENT_QUOTES);
+               .'&ctxhelp=1&lang='.$country);
 }
 
 function send_css($css = '')
diff --git a/includes/ui/ui_input.inc b/includes/ui/ui_input.inc
index 448bd8f408eb264a1cbfdb60829a8e8451efdaca..054af15e98ee463c3587ab87b11e4908de4089f1 100644 (file)
--- a/includes/ui/ui_input.inc
+++ b/includes/ui/ui_input.inc
@@ -304,7 +304,7 @@ function button($name, $value, $title=false, $icon=false,  $aspect='')
                if ($value == _("Delete")) // Helper during implementation
                        $icon = ICON_DELETE;
                return "<button type='submit' class='editbutton' name='"
-                       .htmlentities(strtr($name, array('.'=>'=2E', '='=>'=3D',// ' '=>'=20','['=>'=5B'
+                       .html_specials_encode(strtr($name, array('.'=>'=2E', '='=>'=3D',// ' '=>'=20','['=>'=5B'
                        )))
                        ."' value='1'" . ($title ? " title='$title'":" title='$value'")
                        . ($aspect ? " aspect='$aspect'" : '')
diff --git a/inventory/manage/item_units.php b/inventory/manage/item_units.php
index c9bc699ea2b91ba90de7f10e44cfb2fe67ed73b3..af46ad54f35e7384abf849e328d86e02f4dfa980 100644 (file)
--- a/inventory/manage/item_units.php
+++ b/inventory/manage/item_units.php
@@ -105,7 +105,7 @@ while ($myrow = db_fetch($result))
        label_cell($myrow["abbr"]);
        label_cell($myrow["name"]);
        label_cell(($myrow["decimals"]==-1?_("User Quantity Decimals"):$myrow["decimals"]));
-       $id = htmlentities($myrow["abbr"]);
+       $id = html_specials_encode($myrow["abbr"]);
        inactive_control_cell($id, $myrow["inactive"], 'item_units', 'abbr');
        edit_button_cell("Edit".$id, _("Edit"));
        delete_button_cell("Delete".$id, _("Delete"));
FrontAccounting stable branch