Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

✨ PHP 8.1: New PHPCompatibility.ParameterValues.NewHTMLEntitiesFlagsDefault sniff #1419

Merged
merged 1 commit into from
Dec 5, 2022
Merged

✨ PHP 8.1: New PHPCompatibility.ParameterValues.NewHTMLEntitiesFlagsDefault sniff #1419

merged 1 commit into from
Dec 5, 2022

Conversation

jrfnl
Copy link
Member

@jrfnl jrfnl commented Dec 5, 2022
edited

htmlspecialchars(), htmlentities(), htmlspecialchars_decode(),
html_entitity_decode() and get_html_translation_table() now use
ENT_QUOTES | ENT_SUBSTITUTE rather than ENT_COMPAT by default. This means
that ' is escaped to ' while previously it was left alone.
Additionally, malformed UTF-8 will be replaced by a Unicode substitution
character, instead of resulting in an empty string.

Refs:

This new sniff will detect and flag use of these function without explicitly passing the $flags parameter when testVersion includes both PHP < 8.1 as well as PHP 8.1+.

Note: the extra ENT_HTML401 addition is a documentation-only change as the value of the constant is 0, so has no effect on the bitwise value of the flag.

Includes unit tests.
Includes sniff documentation.

Related to #1299

@jrfnl
✨ PHP 8.1: New `PHPCompatibility.ParameterValues.NewHTMLEntitiesFlags…
9eecd5c 
…Default` sniff

> htmlspecialchars(), htmlentities(), htmlspecialchars_decode(),
> html_entitity_decode() and get_html_translation_table() now use
> ENT_QUOTES | ENT_SUBSTITUTE rather than ENT_COMPAT by default. This means
> that ' is escaped to &#39; while previously it was left alone.
> Additionally, malformed UTF-8 will be replaced by a Unicode substitution
> character, instead of resulting in an empty string.

Refs:
* https://github.com/php/php-src/blob/28a1a6be0873a109cb02ba32784bf046b87a02e4/UPGRADING#L149-L154
* php/php-src@50eca61

This new sniff will detect and flag use of these function without explicitly passing the `$flags` parameter when `testVersion` includes both PHP < 8.1 as well as PHP 8.1+.

Note: the extra `ENT_HTML401` addition is a documentation-only change as the value of the constant is `0`, so has no effect on the bitwise value of the flag.

Includes unit tests.
Includes sniff documentation.
@jrfnl jrfnl added this to the 10.0.0 milestone Dec 5, 2022
@jrfnl jrfnl requested a review from wimg December 5, 2022 02:18
@wimg wimg merged commit 483db6f into develop Dec 5, 2022
@wimg wimg deleted the php-8.1/new-htmlentitiesflagdefault-sniff branch December 5, 2022 12:03
@jrfnl jrfnl mentioned this pull request Dec 26, 2022
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@wimg wimg wimg approved these changes

Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
10.0.0
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@jrfnl @wimg