From: Scott A. H. <sah...@sa...> - 2003-01-28 14:24:31
|
> Fix: use htmlspecialchars instead or use htmlentities with correct > charset, an optional third parameter to > htmlentities ( string string [,int quote_style [, string charset]] ) Similar problems arise handling Japanese when htmlentities are used. The following patch - prepared by Masato - illustrates the issue at hand, which I believe is consistent with that which Grisha Mokhin is presenting. --- squirrelmail-1.4.0/functions/mailbox_display.php 2003-01-24 14:33:30.000000000 +0900 +++ squirrelmail-1.4.0-ja/functions/mailbox_display.php 2003-01-24 17:23:17.000000000 +0900 @@ -155,7 +155,7 @@ break; case 2: /* from */ echo html_tag( 'td', - $italic . $bold . $flag . $fontstr . htmlentities($senderName) . + $italic . $bold . $flag . $fontstr . htmlspecialchars($senderName) . $fontstr_end . $flag_end . $bold_end . $italic_end, 'left', $hlt_color ); -- Scott A. Hughes <sah...@sa...> Key fingerprint = 6044 BEB9 73E3 E371 2729 8694 F125 B6E3 458A 3EC9 -- At Tue, 28 Jan 2003 12:46:03 +0300, Grisha Mokhin wrote: > > These problems pertain to the current cvs, HEAD branch. > > 1. 'FROM' field displayed incorrectly. > > Description: > When decoded from 8 bit encoding different from iso-8859-1 (e.g. > koi8-r or windows-1251 for Russian), the sender's name in FROM field > is displayed incorrectly. > > Reason: > sender's name converted into latin1 html entities by the following > snippet of code (from functions/mailbox_display.php), > > function printMessageInfo(... > *** > case 2: /* from */ > echo html_tag( 'td', > $italic . $bold . $flag . $fontstr . htmlentities($senderName) . > $fontstr_end . $flag_end . $bold_end . $italic_end, > 'left', > $hlt_color ); > break; > *** > > htmlentities encodes $senderName into latin1 html entities, even > $senderName is locally in koi8-r or other encoding. > > Fix: use htmlspecialchars instead or use htmlentities with correct > charset, an optional third parameter to > htmlentities ( string string [,int quote_style [, string charset]] ) > > > 2. SUBJECT field displayed incorrectly. > > Description: > When a message is in 8 bit encoding different from local 8 bit > encoding (such as in windows-1251 for Russian, while default local > charset is koi8-r), the SUBJECT field is displayed incorrectly. > > Reason: > SUBJECT is not converted into local charset by the following > snippet of code (from functions/mime.php): > > function decodeHeader(... > *** > if (ucfirst($res[4]) == 'B') { > $replace = base64_decode($res[5]); > } else { > // *** skipped > if ($utfencode) { > $replace = charset_decode($res[3], $replace); > } > } > *** > > When the 'if' condition is true, subject line is decoded from base64 > encoded string. $replace is an 8-bit string in the message charset, > that is in windows-1251, instead of local charset, koi8-r. > > Fix: To make it display properly, it should be recoded into local > charset, so the code should read as follows: > > if (ucfirst($res[4]) == 'B') { > $replace = base64_decode($res[5]); > $replace = charset_decode($res[3], $replace); > } else { > > This function, charset_decode, takes message encoding from $res[3] > and recodes the string into local charset. > > Hope this is just in time before 1.4.0 release. > > Best wishes, > Grisha Mokhin > > Please cc: me in your replies (if any), as I'm not subscribed to > this list yet. -- |