MantisBT - ATutor
View Issue Details
0003160ATutorLanguagepublic2007-08-20 03:012009-07-21 08:48
IndieRect 
greg 
normalminoralways
closedfixed 
1.5.5 
1.6.3 
SVN
0003160: i18n: htmlentities() to be banned
Usage of htmlentities() in include/html/tests_questions.inc.php breaks strings in some languages.
Replace it with htmlspecialchars(), which appears to perform fine.
http://www.atutor.ca/view/3/5739/1.html [^]
This has been already fixed in 1.5.3, but switched back in 1.5.4 for no apparent reason.
No tags attached.
Issue History
2007-08-20 03:01IndieRectNew Issue
2007-08-20 03:01IndieRectAffects version => 1.5.4, SVN
2007-12-09 07:49gregStatusnew => resolved
2007-12-09 07:49gregFixed in Version => 1.6
2007-12-09 07:49gregResolutionopen => fixed
2007-12-09 07:49gregAssigned To => greg
2007-12-09 07:49gregNote Added: 0002597
2008-08-21 08:59gregStatusresolved => closed
2008-12-19 00:24IndieRectAffects version 1.5.4, SVN => SVN
2008-12-19 00:24IndieRectStatusclosed => feedback
2008-12-19 00:24IndieRectResolutionfixed => reopened
2008-12-19 00:24IndieRectNote Added: 0003447
2009-02-11 10:07harrisNote Added: 0003488
2009-07-01 03:05IndieRectNote Added: 0003670
2009-07-02 05:13gregStatusfeedback => resolved
2009-07-02 05:13gregFixed in Version1.6 => 1.6.3
2009-07-02 05:13gregResolutionreopened => fixed
2009-07-02 05:13gregNote Added: 0003671
2009-07-21 08:48gregStatusresolved => closed

Notes
(0002597)
greg   
2007-12-09 07:49   
should be fixed with switch to UTF-8. htmlentities is no langer required. See line 86
(0003447)
IndieRect   
2008-12-19 00:24   
htmlentities() still used in 1.6.2 and as of 8293 in include/html/tests_questions.inc.php and in several other places.
(0003488)
harris   
2009-02-11 10:07   
The current htmlentities specify the encoding, such as, htmlentities($row[question], ENT_QUOTES, 'UTF-8')

Does it still break the language?
(0003670)
IndieRect   
2009-07-01 03:05   
I just have tested it in 1.6.2, it doesn't break anything now. You can close this issue.
(0003671)
greg   
2009-07-02 05:13   
Apparently fixed