| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283 |
- --TEST--
- htmlentities() / htmlspecialchars() ENT_DISALLOWED with entities and no double encode
- --FILE--
- <?php
- $tests = array(
- "�", //C0
- "",
- "	",
- "
",
- "",
- "",
- "
", //note that HTML5 is unique in that it forbids this entity, but allows a literal U+0D
- "",
- "",
- " ", //allowed always
- "", //DEL
- "€", //C1
- "Ÿ",
- " ", //allowed always
- "퟿", //surrogates
- "�",
- "�",
- "", //allowed always
- "", //nonchar
- "",
- "﷏", //allowed always
- "", //nonchar
- "",
- "ﷰ", //allowed always
- "", //nonchar
- "",
- "�", //bad reference
- );
- function test($flag, $flag2=ENT_DISALLOWED, $charset="UTF-8") {
- global $tests;
- $i = -1;
- error_reporting(-1 & ~E_STRICT);
- foreach ($tests as $test) {
- $i++;
- $a = htmlentities($test, $flag | $flag2, $charset, FALSE);
- $b = htmlspecialchars($test, $flag | $flag2, $charset, FALSE);
-
- if ($a == $b)
- echo sprintf("%s\t%s", $test, $a==$test?"NOT CHANGED":"CHANGED"), "\n";
- else
- echo sprintf("%s\tCHANGED (%s, %s)", $test, $a, $b), "\n";
- }
- error_reporting(-1);
- }
- echo "*** Testing HTML 4.01 ***\n";
- test(ENT_HTML401);
- echo "\n*** Testing XHTML 1.0 ***\n";
- test(ENT_XHTML);
- echo "\n*** Testing HTML 5 ***\n";
- test(ENT_HTML5);
- echo "\n*** Testing XML 1.0 ***\n";
- test(ENT_XML1);
- echo "\n*** Testing 5 without the flag ***\n";
- test(ENT_HTML5, 0);
- echo "\n*** Testing HTML 5 with another single-byte encoding ***\n";
- test(ENT_HTML5, ENT_DISALLOWED, "Windows-1251");
- echo "\n*** Testing HTML 5 with another multibyte-byte encoding ***\n";
- test(ENT_HTML5, ENT_DISALLOWED, "SJIS");
- ?>
- --EXPECT--
- *** Testing HTML 4.01 ***
- � NOT CHANGED
-  NOT CHANGED
- 	 NOT CHANGED
- 
 NOT CHANGED
-  NOT CHANGED
-  NOT CHANGED
- 
 NOT CHANGED
-  NOT CHANGED
-  NOT CHANGED
-   NOT CHANGED
-  NOT CHANGED
- € NOT CHANGED
- Ÿ NOT CHANGED
-   NOT CHANGED
- ퟿ NOT CHANGED
- � NOT CHANGED
- � NOT CHANGED
-  NOT CHANGED
-  NOT CHANGED
-  NOT CHANGED
- ﷏ NOT CHANGED
-  NOT CHANGED
-  NOT CHANGED
- ﷰ NOT CHANGED
-  NOT CHANGED
-  NOT CHANGED
- � CHANGED
- *** Testing XHTML 1.0 ***
- � CHANGED
-  CHANGED
- 	 NOT CHANGED
- 
 NOT CHANGED
-  CHANGED
-  CHANGED
- 
 NOT CHANGED
-  CHANGED
-  CHANGED
-   NOT CHANGED
-  NOT CHANGED
- € NOT CHANGED
- Ÿ NOT CHANGED
-   NOT CHANGED
- ퟿ NOT CHANGED
- � CHANGED
- � CHANGED
-  NOT CHANGED
-  CHANGED
-  CHANGED
- ﷏ NOT CHANGED
-  NOT CHANGED
-  NOT CHANGED
- ﷰ NOT CHANGED
-  NOT CHANGED
-  NOT CHANGED
- � CHANGED
- *** Testing HTML 5 ***
- � CHANGED (&#0;, &#0;)
-  CHANGED (&#1;, &#1;)
- 	 NOT CHANGED
- 
 NOT CHANGED
-  CHANGED (&#x0B;, &#x0B;)
-  NOT CHANGED
- 
 CHANGED (&#x0D;, &#x0D;)
-  CHANGED (&#x0E;, &#x0E;)
-  CHANGED (&#x1F;, &#x1F;)
-   NOT CHANGED
-  CHANGED (&#x7F;, &#x7F;)
- € CHANGED (&#x80;, &#x80;)
- Ÿ CHANGED (&#x9F;, &#x9F;)
-   NOT CHANGED
- ퟿ NOT CHANGED
- � NOT CHANGED
- � NOT CHANGED
-  NOT CHANGED
-  CHANGED (&#xFFFE;, &#xFFFE;)
-  CHANGED (&#xFFFF;, &#xFFFF;)
- ﷏ NOT CHANGED
-  CHANGED (&#xFDD0;, &#xFDD0;)
-  CHANGED (&#xFDEF;, &#xFDEF;)
- ﷰ NOT CHANGED
-  CHANGED (&#x2FFFE;, &#x2FFFE;)
-  CHANGED (&#x2FFFF;, &#x2FFFF;)
- � CHANGED (&#x110000;, &#x110000;)
- *** Testing XML 1.0 ***
- � CHANGED
-  CHANGED
- 	 NOT CHANGED
- 
 NOT CHANGED
-  CHANGED
-  CHANGED
- 
 NOT CHANGED
-  CHANGED
-  CHANGED
-   NOT CHANGED
-  NOT CHANGED
- € NOT CHANGED
- Ÿ NOT CHANGED
-   NOT CHANGED
- ퟿ NOT CHANGED
- � CHANGED
- � CHANGED
-  NOT CHANGED
-  CHANGED
-  CHANGED
- ﷏ NOT CHANGED
-  NOT CHANGED
-  NOT CHANGED
- ﷰ NOT CHANGED
-  NOT CHANGED
-  NOT CHANGED
- � CHANGED
- *** Testing 5 without the flag ***
- � NOT CHANGED
-  NOT CHANGED
- 	 NOT CHANGED
- 
 NOT CHANGED
-  NOT CHANGED
-  NOT CHANGED
- 
 NOT CHANGED
-  NOT CHANGED
-  NOT CHANGED
-   NOT CHANGED
-  NOT CHANGED
- € NOT CHANGED
- Ÿ NOT CHANGED
-   NOT CHANGED
- ퟿ NOT CHANGED
- � NOT CHANGED
- � NOT CHANGED
-  NOT CHANGED
-  NOT CHANGED
-  NOT CHANGED
- ﷏ NOT CHANGED
-  NOT CHANGED
-  NOT CHANGED
- ﷰ NOT CHANGED
-  NOT CHANGED
-  NOT CHANGED
- � CHANGED (&#x110000;, &#x110000;)
- *** Testing HTML 5 with another single-byte encoding ***
- � CHANGED (&#0;, &#0;)
-  CHANGED (&#1;, &#1;)
- 	 NOT CHANGED
- 
 NOT CHANGED
-  CHANGED (&#x0B;, &#x0B;)
-  NOT CHANGED
- 
 CHANGED (&#x0D;, &#x0D;)
-  CHANGED (&#x0E;, &#x0E;)
-  CHANGED (&#x1F;, &#x1F;)
-   NOT CHANGED
-  CHANGED (&#x7F;, &#x7F;)
- € CHANGED (&#x80;, &#x80;)
- Ÿ CHANGED (&#x9F;, &#x9F;)
-   NOT CHANGED
- ퟿ NOT CHANGED
- � NOT CHANGED
- � NOT CHANGED
-  NOT CHANGED
-  CHANGED (&#xFFFE;, &#xFFFE;)
-  CHANGED (&#xFFFF;, &#xFFFF;)
- ﷏ NOT CHANGED
-  CHANGED (&#xFDD0;, &#xFDD0;)
-  CHANGED (&#xFDEF;, &#xFDEF;)
- ﷰ NOT CHANGED
-  CHANGED (&#x2FFFE;, &#x2FFFE;)
-  CHANGED (&#x2FFFF;, &#x2FFFF;)
- � CHANGED (&#x110000;, &#x110000;)
- *** Testing HTML 5 with another multibyte-byte encoding ***
- � CHANGED
-  CHANGED
- 	 NOT CHANGED
- 
 NOT CHANGED
-  CHANGED
-  NOT CHANGED
- 
 CHANGED
-  CHANGED
-  CHANGED
-   NOT CHANGED
-  CHANGED
- € CHANGED
- Ÿ CHANGED
-   NOT CHANGED
- ퟿ NOT CHANGED
- � NOT CHANGED
- � NOT CHANGED
-  NOT CHANGED
-  CHANGED
-  CHANGED
- ﷏ NOT CHANGED
-  CHANGED
-  CHANGED
- ﷰ NOT CHANGED
-  CHANGED
-  CHANGED
- � CHANGED
|
