mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-07-30 21:40:43 +02:00
Code Issues Releases Wiki Activity

[ticket/16690] Fix htmlspecialchars and htmlspecialchars_decode default flag

Browse Source 
PHPBB3-16690
This commit is contained in:
rxu
2021-01-20 00:01:20 +07:00
parent ddf5de8349
commit 2fd4dbb685
73 changed files with 206 additions and 206 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
phpBB/install/convert/controller/convertor.php
View File

@@ -506,7 +506,7 @@ class convertor
{
/** @var \phpbb\db\driver\driver_interface $src_db */
$src_db = new $src_dbms();
$src_db->sql_connect($src_dbhost, $src_dbuser, htmlspecialchars_decode($src_dbpasswd), $src_dbname, $src_dbport, false, true);
$src_db->sql_connect($src_dbhost, $src_dbuser, htmlspecialchars_decode($src_dbpasswd, ENT_COMPAT), $src_dbname, $src_dbport, false, true);
$same_db = false;
}
else

8
phpBB/install/convert/convertor.php
View File

@@ -132,7 +132,7 @@ class convertor
$dbms = $convert->src_dbms;
/** @var \phpbb\db\driver\driver $src_db */
$src_db = new $dbms();
$src_db->sql_connect($convert->src_dbhost, $convert->src_dbuser, htmlspecialchars_decode($convert->src_dbpasswd), $convert->src_dbname, $convert->src_dbport, false, true);
$src_db->sql_connect($convert->src_dbhost, $convert->src_dbuser, htmlspecialchars_decode($convert->src_dbpasswd, ENT_COMPAT), $convert->src_dbname, $convert->src_dbport, false, true);
$same_db = false;
}
else
@@ -763,7 +763,7 @@ class convertor
{
if (!$db->sql_query($insert_query . $waiting_sql))
{
$this->db_error($user->lang['DB_ERR_INSERT'], htmlspecialchars($insert_query . $waiting_sql) . '<br /><br />' . htmlspecialchars(print_r($db->_sql_error(), true)), __LINE__, __FILE__, true);
$this->db_error($user->lang['DB_ERR_INSERT'], htmlspecialchars($insert_query . $waiting_sql, ENT_COMPAT) . '<br /><br />' . htmlspecialchars(print_r($db->_sql_error(), true), ENT_COMPAT), __LINE__, __FILE__, true);
}
}
@@ -782,7 +782,7 @@ class convertor
if (!$db->sql_query($insert_sql))
{
$this->db_error($user->lang['DB_ERR_INSERT'], htmlspecialchars($insert_sql) . '<br /><br />' . htmlspecialchars(print_r($db->_sql_error(), true)), __LINE__, __FILE__, true);
$this->db_error($user->lang['DB_ERR_INSERT'], htmlspecialchars($insert_sql, ENT_COMPAT) . '<br /><br />' . htmlspecialchars(print_r($db->_sql_error(), true), ENT_COMPAT), __LINE__, __FILE__, true);
}
$db->sql_return_on_error(false);
@@ -817,7 +817,7 @@ class convertor
foreach ($waiting_rows as $waiting_sql)
{
$db->sql_query($insert_query . $waiting_sql);
$this->db_error($user->lang['DB_ERR_INSERT'], htmlspecialchars($insert_query . $waiting_sql) . '<br /><br />' . htmlspecialchars(print_r($db->_sql_error(), true)), __LINE__, __FILE__, true);
$this->db_error($user->lang['DB_ERR_INSERT'], htmlspecialchars($insert_query . $waiting_sql, ENT_COMPAT) . '<br /><br />' . htmlspecialchars(print_r($db->_sql_error(), true), ENT_COMPAT), __LINE__, __FILE__, true);
}
$db->sql_return_on_error(false);