diff --git a/phpBB/includes/acp/acp_bbcodes.php b/phpBB/includes/acp/acp_bbcodes.php
index 7d4f472916..1deff2084b 100644
--- a/phpBB/includes/acp/acp_bbcodes.php
+++ b/phpBB/includes/acp/acp_bbcodes.php
@@ -86,7 +86,7 @@ class acp_bbcodes
$display_on_posting = $request->variable('display_on_posting', 0);
$bbcode_match = $request->variable('bbcode_match', '');
- $bbcode_tpl = htmlspecialchars_decode($request->variable('bbcode_tpl', '', true), ENT_COMPAT);
+ $bbcode_tpl = html_entity_decode($request->variable('bbcode_tpl', '', true), ENT_COMPAT);
$bbcode_helpline = $request->variable('bbcode_helpline', '', true);
break;
}
diff --git a/phpBB/includes/acp/acp_board.php b/phpBB/includes/acp/acp_board.php
index ce702da47a..8c3950d65c 100644
--- a/phpBB/includes/acp/acp_board.php
+++ b/phpBB/includes/acp/acp_board.php
@@ -695,8 +695,8 @@ class acp_board
$messenger->set_addresses($user->data);
$messenger->anti_abuse_headers($config, $user);
$messenger->assign_vars(array(
- 'USERNAME' => htmlspecialchars_decode($user->data['username'], ENT_COMPAT),
- 'MESSAGE' => htmlspecialchars_decode($request->variable('send_test_email_text', '', true), ENT_COMPAT),
+ 'USERNAME' => html_entity_decode($user->data['username'], ENT_COMPAT),
+ 'MESSAGE' => html_entity_decode($request->variable('send_test_email_text', '', true), ENT_COMPAT),
));
$messenger->send(NOTIFY_EMAIL);
diff --git a/phpBB/includes/acp/acp_email.php b/phpBB/includes/acp/acp_email.php
index 720d58a078..3fba4917ec 100644
--- a/phpBB/includes/acp/acp_email.php
+++ b/phpBB/includes/acp/acp_email.php
@@ -205,7 +205,7 @@ class acp_email
$email_template = 'admin_send_email';
$template_data = array(
'CONTACT_EMAIL' => phpbb_get_board_contact($config, $phpEx),
- 'MESSAGE' => htmlspecialchars_decode($message, ENT_COMPAT),
+ 'MESSAGE' => html_entity_decode($message, ENT_COMPAT),
);
$generate_log_entry = true;
@@ -252,7 +252,7 @@ class acp_email
$messenger->anti_abuse_headers($config, $user);
- $messenger->subject(htmlspecialchars_decode($subject, ENT_COMPAT));
+ $messenger->subject(html_entity_decode($subject, ENT_COMPAT));
$messenger->set_mail_priority($priority);
$messenger->assign_vars($template_data);
diff --git a/phpBB/includes/acp/acp_help_phpbb.php b/phpBB/includes/acp/acp_help_phpbb.php
index 4a1d965146..835e486f78 100644
--- a/phpBB/includes/acp/acp_help_phpbb.php
+++ b/phpBB/includes/acp/acp_help_phpbb.php
@@ -90,7 +90,7 @@ class acp_help_phpbb
if (!empty($response))
{
- $decoded_response = json_decode(htmlspecialchars_decode($response, ENT_COMPAT), true);
+ $decoded_response = json_decode(html_entity_decode($response, ENT_COMPAT), true);
if ($decoded_response && isset($decoded_response['status']) && $decoded_response['status'] == 'ok')
{
diff --git a/phpBB/includes/acp/acp_inactive.php b/phpBB/includes/acp/acp_inactive.php
index 1ecd3c15b9..7b4536f755 100644
--- a/phpBB/includes/acp/acp_inactive.php
+++ b/phpBB/includes/acp/acp_inactive.php
@@ -130,7 +130,7 @@ class acp_inactive
$messenger->anti_abuse_headers($config, $user);
$messenger->assign_vars(array(
- 'USERNAME' => htmlspecialchars_decode($row['username'], ENT_COMPAT))
+ 'USERNAME' => html_entity_decode($row['username'], ENT_COMPAT))
);
$messenger->send(NOTIFY_EMAIL);
@@ -224,7 +224,7 @@ class acp_inactive
$messenger->anti_abuse_headers($config, $user);
$messenger->assign_vars(array(
- 'USERNAME' => htmlspecialchars_decode($row['username'], ENT_COMPAT),
+ 'USERNAME' => html_entity_decode($row['username'], ENT_COMPAT),
'REGISTER_DATE' => $user->format_date($row['user_regdate'], false, true),
'U_ACTIVATE' => generate_board_url() . "/ucp.$phpEx?mode=activate&u=" . $row['user_id'] . '&k=' . $row['user_actkey'])
);
diff --git a/phpBB/includes/acp/acp_logs.php b/phpBB/includes/acp/acp_logs.php
index b98cd64f49..f85c24af09 100644
--- a/phpBB/includes/acp/acp_logs.php
+++ b/phpBB/includes/acp/acp_logs.php
@@ -108,7 +108,7 @@ class acp_logs
$sql_sort = $sort_by_sql[$sort_key] . ' ' . (($sort_dir == 'd') ? 'DESC' : 'ASC');
$keywords = $request->variable('keywords', '', true);
- $keywords_param = !empty($keywords) ? '&keywords=' . urlencode(htmlspecialchars_decode($keywords, ENT_COMPAT)) : '';
+ $keywords_param = !empty($keywords) ? '&keywords=' . urlencode(html_entity_decode($keywords, ENT_COMPAT)) : '';
$l_title = $user->lang['ACP_' . strtoupper($mode) . '_LOGS'];
$l_title_explain = $user->lang['ACP_' . strtoupper($mode) . '_LOGS_EXPLAIN'];
diff --git a/phpBB/includes/acp/acp_ranks.php b/phpBB/includes/acp/acp_ranks.php
index c904e0cdf5..51b4f006a5 100644
--- a/phpBB/includes/acp/acp_ranks.php
+++ b/phpBB/includes/acp/acp_ranks.php
@@ -70,7 +70,7 @@ class acp_ranks
'rank_title' => $rank_title,
'rank_special' => $special_rank,
'rank_min' => $min_posts,
- 'rank_image' => htmlspecialchars_decode($rank_image, ENT_COMPAT)
+ 'rank_image' => html_entity_decode($rank_image, ENT_COMPAT)
);
/**
diff --git a/phpBB/includes/acp/acp_users.php b/phpBB/includes/acp/acp_users.php
index 91bd8d7a05..e98cbcaf2e 100644
--- a/phpBB/includes/acp/acp_users.php
+++ b/phpBB/includes/acp/acp_users.php
@@ -408,8 +408,8 @@ class acp_users
$messenger->anti_abuse_headers($config, $user);
$messenger->assign_vars(array(
- 'WELCOME_MSG' => htmlspecialchars_decode(sprintf($user->lang['WELCOME_SUBJECT'], $config['sitename']), ENT_COMPAT),
- 'USERNAME' => htmlspecialchars_decode($user_row['username'], ENT_COMPAT),
+ 'WELCOME_MSG' => html_entity_decode(sprintf($user->lang['WELCOME_SUBJECT'], $config['sitename']), ENT_COMPAT),
+ 'USERNAME' => html_entity_decode($user_row['username'], ENT_COMPAT),
'U_ACTIVATE' => "$server_url/ucp.$phpEx?mode=activate&u={$user_row['user_id']}&k=$user_actkey")
);
@@ -472,7 +472,7 @@ class acp_users
$messenger->anti_abuse_headers($config, $user);
$messenger->assign_vars(array(
- 'USERNAME' => htmlspecialchars_decode($user_row['username'], ENT_COMPAT))
+ 'USERNAME' => html_entity_decode($user_row['username'], ENT_COMPAT))
);
$messenger->send(NOTIFY_EMAIL);
diff --git a/phpBB/includes/functions_compatibility.php b/phpBB/includes/functions_compatibility.php
index 5846559f0f..8f9bac5b82 100644
--- a/phpBB/includes/functions_compatibility.php
+++ b/phpBB/includes/functions_compatibility.php
@@ -723,7 +723,7 @@ function phpbb_http_login($param)
{
if ($request->is_set($k, \phpbb\request\request_interface::SERVER))
{
- $username = htmlspecialchars_decode($request->server($k), ENT_COMPAT);
+ $username = html_entity_decode($request->server($k), ENT_COMPAT);
break;
}
}
@@ -733,7 +733,7 @@ function phpbb_http_login($param)
{
if ($request->is_set($k, \phpbb\request\request_interface::SERVER))
{
- $password = htmlspecialchars_decode($request->server($k), ENT_COMPAT);
+ $password = html_entity_decode($request->server($k), ENT_COMPAT);
break;
}
}
diff --git a/phpBB/includes/functions_content.php b/phpBB/includes/functions_content.php
index 523fd15ea2..f95d092c5b 100644
--- a/phpBB/includes/functions_content.php
+++ b/phpBB/includes/functions_content.php
@@ -804,8 +804,8 @@ function make_clickable_callback($type, $whitespace, $url, $relative_url, $class
$orig_url = $url;
$orig_relative = $relative_url;
$append = '';
- $url = htmlspecialchars_decode($url, ENT_COMPAT);
- $relative_url = htmlspecialchars_decode($relative_url, ENT_COMPAT);
+ $url = html_entity_decode($url, ENT_COMPAT);
+ $relative_url = html_entity_decode($relative_url, ENT_COMPAT);
// make sure no HTML entities were matched
$chars = array('<', '>', '"');
@@ -1478,7 +1478,7 @@ function truncate_string($string, $max_length = 60, $max_store_length = 255, $al
$string = substr($string, 4);
}
- $_chars = utf8_str_split(htmlspecialchars_decode($string, ENT_COMPAT));
+ $_chars = utf8_str_split(html_entity_decode($string, ENT_COMPAT));
$chars = array_map('utf8_htmlspecialchars', $_chars);
// Now check the length ;)
@@ -1493,7 +1493,7 @@ function truncate_string($string, $max_length = 60, $max_store_length = 255, $al
if (utf8_strlen($string) > $max_store_length)
{
// let's split again, we do not want half-baked strings where entities are split
- $_chars = utf8_str_split(htmlspecialchars_decode($string, ENT_COMPAT));
+ $_chars = utf8_str_split(html_entity_decode($string, ENT_COMPAT));
$chars = array_map('utf8_htmlspecialchars', $_chars);
do
diff --git a/phpBB/includes/functions_messenger.php b/phpBB/includes/functions_messenger.php
index 87fd951874..2b24bf0bf5 100644
--- a/phpBB/includes/functions_messenger.php
+++ b/phpBB/includes/functions_messenger.php
@@ -320,8 +320,8 @@ class messenger
// We add some standard variables we always use, no need to specify them always
$this->assign_vars(array(
'U_BOARD' => generate_board_url(),
- 'EMAIL_SIG' => str_replace('
', "\n", "-- \n" . htmlspecialchars_decode($config['board_email_sig'], ENT_COMPAT)),
- 'SITENAME' => htmlspecialchars_decode($config['sitename'], ENT_COMPAT),
+ 'EMAIL_SIG' => str_replace('
', "\n", "-- \n" . html_entity_decode($config['board_email_sig'], ENT_COMPAT)),
+ 'SITENAME' => html_entity_decode($config['sitename'], ENT_COMPAT),
));
$subject = $this->subject;
@@ -427,7 +427,7 @@ class messenger
$user->session_begin();
}
- $calling_page = htmlspecialchars_decode($request->server('PHP_SELF'), ENT_COMPAT);
+ $calling_page = html_entity_decode($request->server('PHP_SELF'), ENT_COMPAT);
switch ($type)
{
@@ -557,7 +557,7 @@ class messenger
$use_queue = true;
}
- $contact_name = htmlspecialchars_decode($config['board_contact_name'], ENT_COMPAT);
+ $contact_name = html_entity_decode($config['board_contact_name'], ENT_COMPAT);
$board_contact = (($contact_name !== '') ? '"' . mail_encode($contact_name) . '" ' : '') . '<' . $config['board_contact'] . '>';
$break = false;
@@ -691,7 +691,7 @@ class messenger
if (!$use_queue)
{
include_once($phpbb_root_path . 'includes/functions_jabber.' . $phpEx);
- $this->jabber = new jabber($config['jab_host'], $config['jab_port'], $config['jab_username'], htmlspecialchars_decode($config['jab_password'], ENT_COMPAT), $config['jab_use_ssl'], $config['jab_verify_peer'], $config['jab_verify_peer_name'], $config['jab_allow_self_signed']);
+ $this->jabber = new jabber($config['jab_host'], $config['jab_port'], $config['jab_username'], html_entity_decode($config['jab_password'], ENT_COMPAT), $config['jab_use_ssl'], $config['jab_verify_peer'], $config['jab_verify_peer_name'], $config['jab_allow_self_signed']);
if (!$this->jabber->connect())
{
@@ -889,7 +889,7 @@ class queue
}
include_once($phpbb_root_path . 'includes/functions_jabber.' . $phpEx);
- $this->jabber = new jabber($config['jab_host'], $config['jab_port'], $config['jab_username'], htmlspecialchars_decode($config['jab_password'], ENT_COMPAT), $config['jab_use_ssl'], $config['jab_verify_peer'], $config['jab_verify_peer_name'], $config['jab_allow_self_signed']);
+ $this->jabber = new jabber($config['jab_host'], $config['jab_port'], $config['jab_username'], html_entity_decode($config['jab_password'], ENT_COMPAT), $config['jab_use_ssl'], $config['jab_verify_peer'], $config['jab_verify_peer_name'], $config['jab_allow_self_signed']);
if (!$this->jabber->connect())
{
@@ -1206,7 +1206,7 @@ function smtpmail($addresses, $subject, $message, &$err_msg, $headers = false)
}
// Let me in. This function handles the complete authentication process
- if ($err_msg = $smtp->log_into_server($config['smtp_host'], $config['smtp_username'], htmlspecialchars_decode($config['smtp_password'], ENT_COMPAT), $config['smtp_auth_method']))
+ if ($err_msg = $smtp->log_into_server($config['smtp_host'], $config['smtp_username'], html_entity_decode($config['smtp_password'], ENT_COMPAT), $config['smtp_auth_method']))
{
$smtp->close_session($err_msg);
return false;
diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php
index 9dd005de47..905a7a8251 100644
--- a/phpBB/includes/functions_user.php
+++ b/phpBB/includes/functions_user.php
@@ -1575,11 +1575,11 @@ function validate_string($string, $optional = false, $min = 0, $max = 0)
return false;
}
- if ($min && utf8_strlen(htmlspecialchars_decode($string, ENT_COMPAT)) < $min)
+ if ($min && utf8_strlen(html_entity_decode($string, ENT_COMPAT)) < $min)
{
return 'TOO_SHORT';
}
- else if ($max && utf8_strlen(htmlspecialchars_decode($string, ENT_COMPAT)) > $max)
+ else if ($max && utf8_strlen(html_entity_decode($string, ENT_COMPAT)) > $max)
{
return 'TOO_LONG';
}
diff --git a/phpBB/includes/mcp/mcp_logs.php b/phpBB/includes/mcp/mcp_logs.php
index 1c5be1213d..de62489ea3 100644
--- a/phpBB/includes/mcp/mcp_logs.php
+++ b/phpBB/includes/mcp/mcp_logs.php
@@ -179,7 +179,7 @@ class mcp_logs
$sql_sort = $sort_by_sql[$sort_key] . ' ' . (($sort_dir == 'd') ? 'DESC' : 'ASC');
$keywords = $request->variable('keywords', '', true);
- $keywords_param = !empty($keywords) ? '&keywords=' . urlencode(htmlspecialchars_decode($keywords, ENT_COMPAT)) : '';
+ $keywords_param = !empty($keywords) ? '&keywords=' . urlencode(html_entity_decode($keywords, ENT_COMPAT)) : '';
// Grab log data
$log_data = array();
diff --git a/phpBB/includes/mcp/mcp_notes.php b/phpBB/includes/mcp/mcp_notes.php
index 5ba6999d2c..8ab2300319 100644
--- a/phpBB/includes/mcp/mcp_notes.php
+++ b/phpBB/includes/mcp/mcp_notes.php
@@ -197,7 +197,7 @@ class mcp_notes
$sql_sort = $sort_by_sql[$sk] . ' ' . (($sd == 'd') ? 'DESC' : 'ASC');
$keywords = $request->variable('keywords', '', true);
- $keywords_param = !empty($keywords) ? '&keywords=' . urlencode(htmlspecialchars_decode($keywords, ENT_COMPAT)) : '';
+ $keywords_param = !empty($keywords) ? '&keywords=' . urlencode(html_entity_decode($keywords, ENT_COMPAT)) : '';
$log_data = array();
$log_count = 0;
diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php
index 2cd9906e87..8257a895c5 100644
--- a/phpBB/includes/message_parser.php
+++ b/phpBB/includes/message_parser.php
@@ -447,7 +447,7 @@ class bbcode_firstpass extends bbcode
}
// Because highlight_string is specialcharing the text (but we already did this before), we have to reverse this in order to get correct results
- $code = htmlspecialchars_decode($code, ENT_COMPAT);
+ $code = html_entity_decode($code, ENT_COMPAT);
$code = highlight_string($code, true);
$str_from = array('', '', '','[', ']', '.', ':');
@@ -1185,7 +1185,7 @@ class parse_message extends bbcode_firstpass
));
// Parse this message
- $this->message = $parser->parse(htmlspecialchars_decode($this->message, ENT_QUOTES));
+ $this->message = $parser->parse(html_entity_decode($this->message, ENT_QUOTES));
// Remove quotes that are nested too deep
if ($config['max_quote_depth'] > 0)
diff --git a/phpBB/includes/questionnaire/questionnaire.php b/phpBB/includes/questionnaire/questionnaire.php
index 6c168f79b7..08fee2e1ae 100644
--- a/phpBB/includes/questionnaire/questionnaire.php
+++ b/phpBB/includes/questionnaire/questionnaire.php
@@ -150,11 +150,11 @@ class phpbb_questionnaire_system_data_provider
// Start discovering the IPV4 server address, if available
// Try apache, IIS, fall back to 0.0.0.0
- $server_address = htmlspecialchars_decode($request->server('SERVER_ADDR', $request->server('LOCAL_ADDR', '0.0.0.0')), ENT_COMPAT);
+ $server_address = html_entity_decode($request->server('SERVER_ADDR', $request->server('LOCAL_ADDR', '0.0.0.0')), ENT_COMPAT);
return array(
'os' => PHP_OS,
- 'httpd' => htmlspecialchars_decode($request->server('SERVER_SOFTWARE'), ENT_COMPAT),
+ 'httpd' => html_entity_decode($request->server('SERVER_SOFTWARE'), ENT_COMPAT),
// we don't want the real IP address (for privacy policy reasons) but only
// a network address to see whether your installation is running on a private or public network.
'private_ip' => $this->is_private_ip($server_address),
diff --git a/phpBB/includes/ucp/ucp_activate.php b/phpBB/includes/ucp/ucp_activate.php
index 98093aeeaa..da25425e3a 100644
--- a/phpBB/includes/ucp/ucp_activate.php
+++ b/phpBB/includes/ucp/ucp_activate.php
@@ -142,7 +142,7 @@ class ucp_activate
$messenger->anti_abuse_headers($config, $user);
$messenger->assign_vars(array(
- 'USERNAME' => htmlspecialchars_decode($user_row['username'], ENT_COMPAT))
+ 'USERNAME' => html_entity_decode($user_row['username'], ENT_COMPAT))
);
$messenger->send($user_row['user_notify_type']);
diff --git a/phpBB/includes/ucp/ucp_profile.php b/phpBB/includes/ucp/ucp_profile.php
index 0f8af52828..6255666c65 100644
--- a/phpBB/includes/ucp/ucp_profile.php
+++ b/phpBB/includes/ucp/ucp_profile.php
@@ -186,7 +186,7 @@ class ucp_profile
$messenger->anti_abuse_headers($config, $user);
$messenger->assign_vars(array(
- 'USERNAME' => htmlspecialchars_decode($data['username'], ENT_COMPAT),
+ 'USERNAME' => html_entity_decode($data['username'], ENT_COMPAT),
'U_ACTIVATE' => "$server_url/ucp.$phpEx?mode=activate&u={$user->data['user_id']}&k=$user_actkey")
);
diff --git a/phpBB/includes/ucp/ucp_register.php b/phpBB/includes/ucp/ucp_register.php
index 50b5610a64..cccc8fd891 100644
--- a/phpBB/includes/ucp/ucp_register.php
+++ b/phpBB/includes/ucp/ucp_register.php
@@ -457,9 +457,9 @@ class ucp_register
$messenger->anti_abuse_headers($config, $user);
$messenger->assign_vars(array(
- 'WELCOME_MSG' => htmlspecialchars_decode(sprintf($user->lang['WELCOME_SUBJECT'], $config['sitename']), ENT_COMPAT),
- 'USERNAME' => htmlspecialchars_decode($data['username'], ENT_COMPAT),
- 'PASSWORD' => htmlspecialchars_decode($data['new_password'], ENT_COMPAT),
+ 'WELCOME_MSG' => html_entity_decode(sprintf($user->lang['WELCOME_SUBJECT'], $config['sitename']), ENT_COMPAT),
+ 'USERNAME' => html_entity_decode($data['username'], ENT_COMPAT),
+ 'PASSWORD' => html_entity_decode($data['new_password'], ENT_COMPAT),
'U_ACTIVATE' => "$server_url/ucp.$phpEx?mode=activate&u=$user_id&k=$user_actkey")
);
diff --git a/phpBB/includes/ucp/ucp_resend.php b/phpBB/includes/ucp/ucp_resend.php
index a3f9868145..7f952af6c3 100644
--- a/phpBB/includes/ucp/ucp_resend.php
+++ b/phpBB/includes/ucp/ucp_resend.php
@@ -99,8 +99,8 @@ class ucp_resend
$messenger->anti_abuse_headers($config, $user);
$messenger->assign_vars(array(
- 'WELCOME_MSG' => htmlspecialchars_decode(sprintf($user->lang['WELCOME_SUBJECT'], $config['sitename']), ENT_COMPAT),
- 'USERNAME' => htmlspecialchars_decode($user_row['username'], ENT_COMPAT),
+ 'WELCOME_MSG' => html_entity_decode(sprintf($user->lang['WELCOME_SUBJECT'], $config['sitename']), ENT_COMPAT),
+ 'USERNAME' => html_entity_decode($user_row['username'], ENT_COMPAT),
'U_ACTIVATE' => generate_board_url() . "/ucp.$phpEx?mode=activate&u={$user_row['user_id']}&k={$user_row['user_actkey']}")
);
@@ -134,7 +134,7 @@ class ucp_resend
$messenger->anti_abuse_headers($config, $user);
$messenger->assign_vars(array(
- 'USERNAME' => htmlspecialchars_decode($user_row['username'], ENT_COMPAT),
+ 'USERNAME' => html_entity_decode($user_row['username'], ENT_COMPAT),
'U_USER_DETAILS' => generate_board_url() . "/memberlist.$phpEx?mode=viewprofile&u={$user_row['user_id']}",
'U_ACTIVATE' => generate_board_url() . "/ucp.$phpEx?mode=activate&u={$user_row['user_id']}&k={$user_row['user_actkey']}")
);
diff --git a/phpBB/memberlist.php b/phpBB/memberlist.php
index 530f73b16e..301ddfa855 100644
--- a/phpBB/memberlist.php
+++ b/phpBB/memberlist.php
@@ -441,16 +441,16 @@ switch ($mode)
$messenger = new messenger(false);
$messenger->template('profile_send_im', $row['user_lang']);
- $messenger->subject(htmlspecialchars_decode($subject, ENT_COMPAT));
+ $messenger->subject(html_entity_decode($subject, ENT_COMPAT));
$messenger->replyto($user->data['user_email']);
$messenger->set_addresses($row);
$messenger->assign_vars(array(
'BOARD_CONTACT' => phpbb_get_board_contact($config, $phpEx),
- 'FROM_USERNAME' => htmlspecialchars_decode($user->data['username'], ENT_COMPAT),
- 'TO_USERNAME' => htmlspecialchars_decode($row['username'], ENT_COMPAT),
- 'MESSAGE' => htmlspecialchars_decode($message, ENT_COMPAT))
+ 'FROM_USERNAME' => html_entity_decode($user->data['username'], ENT_COMPAT),
+ 'TO_USERNAME' => html_entity_decode($row['username'], ENT_COMPAT),
+ 'MESSAGE' => html_entity_decode($message, ENT_COMPAT))
);
$messenger->send(NOTIFY_IM);
@@ -803,8 +803,8 @@ switch ($mode)
'S_USER_NOTES' => ($user_notes_enabled) ? true : false,
'S_WARN_USER' => ($warn_user_enabled) ? true : false,
'S_ZEBRA' => ($user->data['user_id'] != $user_id && $user->data['is_registered'] && $zebra_enabled) ? true : false,
- 'U_ADD_FRIEND' => (!$friend && !$foe && $friends_enabled) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=zebra&add=' . urlencode(htmlspecialchars_decode($member['username'], ENT_COMPAT))) : '',
- 'U_ADD_FOE' => (!$friend && !$foe && $foes_enabled) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=zebra&mode=foes&add=' . urlencode(htmlspecialchars_decode($member['username'], ENT_COMPAT))) : '',
+ 'U_ADD_FRIEND' => (!$friend && !$foe && $friends_enabled) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=zebra&add=' . urlencode(html_entity_decode($member['username'], ENT_COMPAT))) : '',
+ 'U_ADD_FOE' => (!$friend && !$foe && $foes_enabled) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=zebra&mode=foes&add=' . urlencode(html_entity_decode($member['username'], ENT_COMPAT))) : '',
'U_REMOVE_FRIEND' => ($friend && $friends_enabled) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=zebra&remove=1&usernames[]=' . $user_id) : '',
'U_REMOVE_FOE' => ($foe && $foes_enabled) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=zebra&remove=1&mode=foes&usernames[]=' . $user_id) : '',
@@ -986,7 +986,7 @@ switch ($mode)
{
$user_list[] = [
'user_id' => (int) $row['user_id'],
- 'result' => htmlspecialchars_decode($row['username']),
+ 'result' => html_entity_decode($row['username']),
'username_full' => get_username_string('full', $row['user_id'], $row['username'], $row['user_colour']),
'display' => get_username_string('no_profile', $row['user_id'], $row['username'], $row['user_colour']),
];
diff --git a/phpBB/phpbb/auth/provider/apache.php b/phpBB/phpbb/auth/provider/apache.php
index a13e2d9484..4da0ec8637 100644
--- a/phpBB/phpbb/auth/provider/apache.php
+++ b/phpBB/phpbb/auth/provider/apache.php
@@ -73,7 +73,7 @@ class apache extends base
*/
public function init()
{
- if (!$this->request->is_set('PHP_AUTH_USER', request_interface::SERVER) || $this->user->data['username'] !== htmlspecialchars_decode($this->request->server('PHP_AUTH_USER'), ENT_COMPAT))
+ if (!$this->request->is_set('PHP_AUTH_USER', request_interface::SERVER) || $this->user->data['username'] !== html_entity_decode($this->request->server('PHP_AUTH_USER'), ENT_COMPAT))
{
return $this->language->lang('APACHE_SETUP_BEFORE_USE');
}
@@ -113,8 +113,8 @@ class apache extends base
);
}
- $php_auth_user = htmlspecialchars_decode($this->request->server('PHP_AUTH_USER'), ENT_COMPAT);
- $php_auth_pw = htmlspecialchars_decode($this->request->server('PHP_AUTH_PW'), ENT_COMPAT);
+ $php_auth_user = html_entity_decode($this->request->server('PHP_AUTH_USER'), ENT_COMPAT);
+ $php_auth_pw = html_entity_decode($this->request->server('PHP_AUTH_PW'), ENT_COMPAT);
if (!empty($php_auth_user) && !empty($php_auth_pw))
{
@@ -180,8 +180,8 @@ class apache extends base
return array();
}
- $php_auth_user = htmlspecialchars_decode($this->request->server('PHP_AUTH_USER'), ENT_COMPAT);
- $php_auth_pw = htmlspecialchars_decode($this->request->server('PHP_AUTH_PW'), ENT_COMPAT);
+ $php_auth_user = html_entity_decode($this->request->server('PHP_AUTH_USER'), ENT_COMPAT);
+ $php_auth_pw = html_entity_decode($this->request->server('PHP_AUTH_PW'), ENT_COMPAT);
if (!empty($php_auth_user) && !empty($php_auth_pw))
{
diff --git a/phpBB/phpbb/auth/provider/ldap.php b/phpBB/phpbb/auth/provider/ldap.php
index 4945d6ca53..9daad9e5f6 100644
--- a/phpBB/phpbb/auth/provider/ldap.php
+++ b/phpBB/phpbb/auth/provider/ldap.php
@@ -83,7 +83,7 @@ class ldap extends base
if ($this->config['ldap_user'] || $this->config['ldap_password'])
{
- if (!@ldap_bind($ldap, htmlspecialchars_decode($this->config['ldap_user'], ENT_COMPAT), htmlspecialchars_decode($this->config['ldap_password'], ENT_COMPAT)))
+ if (!@ldap_bind($ldap, html_entity_decode($this->config['ldap_user'], ENT_COMPAT), html_entity_decode($this->config['ldap_password'], ENT_COMPAT)))
{
return $this->language->lang('LDAP_INCORRECT_USER_PASSWORD');
}
@@ -92,11 +92,11 @@ class ldap extends base
// ldap_connect only checks whether the specified server is valid, so the connection might still fail
$search = @ldap_search(
$ldap,
- htmlspecialchars_decode($this->config['ldap_base_dn'], ENT_COMPAT),
+ html_entity_decode($this->config['ldap_base_dn'], ENT_COMPAT),
$this->ldap_user_filter($this->user->data['username']),
(empty($this->config['ldap_email'])) ?
- array(htmlspecialchars_decode($this->config['ldap_uid'], ENT_COMPAT)) :
- array(htmlspecialchars_decode($this->config['ldap_uid'], ENT_COMPAT), htmlspecialchars_decode($this->config['ldap_email'], ENT_COMPAT)),
+ array(html_entity_decode($this->config['ldap_uid'], ENT_COMPAT)) :
+ array(html_entity_decode($this->config['ldap_uid'], ENT_COMPAT), html_entity_decode($this->config['ldap_email'], ENT_COMPAT)),
0,
1
);
@@ -115,7 +115,7 @@ class ldap extends base
return $this->language->lang('LDAP_NO_IDENTITY', $this->user->data['username']);
}
- if (!empty($this->config['ldap_email']) && !isset($result[0][htmlspecialchars_decode($this->config['ldap_email'])]))
+ if (!empty($this->config['ldap_email']) && !isset($result[0][html_entity_decode($this->config['ldap_email'])]))
{
return $this->language->lang('LDAP_NO_EMAIL');
}
@@ -180,7 +180,7 @@ class ldap extends base
if ($this->config['ldap_user'] || $this->config['ldap_password'])
{
- if (!@ldap_bind($ldap, htmlspecialchars_decode($this->config['ldap_user'], ENT_COMPAT), htmlspecialchars_decode($this->config['ldap_password'], ENT_COMPAT)))
+ if (!@ldap_bind($ldap, html_entity_decode($this->config['ldap_user'], ENT_COMPAT), html_entity_decode($this->config['ldap_password'], ENT_COMPAT)))
{
return array(
'status' => LOGIN_ERROR_EXTERNAL_AUTH,
@@ -192,11 +192,11 @@ class ldap extends base
$search = @ldap_search(
$ldap,
- htmlspecialchars_decode($this->config['ldap_base_dn'], ENT_COMPAT),
+ html_entity_decode($this->config['ldap_base_dn'], ENT_COMPAT),
$this->ldap_user_filter($username),
(empty($this->config['ldap_email'])) ?
- array(htmlspecialchars_decode($this->config['ldap_uid'], ENT_COMPAT)) :
- array(htmlspecialchars_decode($this->config['ldap_uid'], ENT_COMPAT), htmlspecialchars_decode($this->config['ldap_email'], ENT_COMPAT)),
+ array(html_entity_decode($this->config['ldap_uid'], ENT_COMPAT)) :
+ array(html_entity_decode($this->config['ldap_uid'], ENT_COMPAT), html_entity_decode($this->config['ldap_email'], ENT_COMPAT)),
0,
1
);
@@ -205,7 +205,7 @@ class ldap extends base
if (is_array($ldap_result) && count($ldap_result) > 1)
{
- if (@ldap_bind($ldap, $ldap_result[0]['dn'], htmlspecialchars_decode($password, ENT_COMPAT)))
+ if (@ldap_bind($ldap, $ldap_result[0]['dn'], html_entity_decode($password, ENT_COMPAT)))
{
@ldap_close($ldap);
@@ -257,7 +257,7 @@ class ldap extends base
$ldap_user_row = array(
'username' => $username,
'user_password' => '',
- 'user_email' => (!empty($this->config['ldap_email'])) ? utf8_htmlspecialchars($ldap_result[0][htmlspecialchars_decode($this->config['ldap_email'], ENT_COMPAT)][0]) : '',
+ 'user_email' => (!empty($this->config['ldap_email'])) ? utf8_htmlspecialchars($ldap_result[0][html_entity_decode($this->config['ldap_email'], ENT_COMPAT)][0]) : '',
'group_id' => (int) $row['group_id'],
'user_type' => USER_NORMAL,
'user_ip' => $this->user->ip,
@@ -337,7 +337,7 @@ class ldap extends base
*/
private function ldap_user_filter($username)
{
- $filter = '(' . $this->config['ldap_uid'] . '=' . $this->ldap_escape(htmlspecialchars_decode($username, ENT_COMPAT)) . ')';
+ $filter = '(' . $this->config['ldap_uid'] . '=' . $this->ldap_escape(html_entity_decode($username, ENT_COMPAT)) . ')';
if ($this->config['ldap_user_filter'])
{
$_filter = ($this->config['ldap_user_filter'][0] == '(' && substr($this->config['ldap_user_filter'], -1) == ')') ? $this->config['ldap_user_filter'] : "({$this->config['ldap_user_filter']})";
diff --git a/phpBB/phpbb/console/command/user/activate.php b/phpBB/phpbb/console/command/user/activate.php
index 34fc94447c..35835eed5d 100644
--- a/phpBB/phpbb/console/command/user/activate.php
+++ b/phpBB/phpbb/console/command/user/activate.php
@@ -204,7 +204,7 @@ class activate extends command
$messenger->set_addresses($user_row);
$messenger->anti_abuse_headers($this->config, $this->user);
$messenger->assign_vars(array(
- 'USERNAME' => htmlspecialchars_decode($user_row['username'], ENT_COMPAT))
+ 'USERNAME' => html_entity_decode($user_row['username'], ENT_COMPAT))
);
$messenger->send(NOTIFY_EMAIL);
diff --git a/phpBB/phpbb/console/command/user/add.php b/phpBB/phpbb/console/command/user/add.php
index c846d2158a..fb4ffd5ffb 100644
--- a/phpBB/phpbb/console/command/user/add.php
+++ b/phpBB/phpbb/console/command/user/add.php
@@ -313,9 +313,9 @@ class add extends command
$messenger->to($this->data['email'], $this->data['username']);
$messenger->anti_abuse_headers($this->config, $this->user);
$messenger->assign_vars(array(
- 'WELCOME_MSG' => htmlspecialchars_decode($this->language->lang('WELCOME_SUBJECT', $this->config['sitename']), ENT_COMPAT),
- 'USERNAME' => htmlspecialchars_decode($this->data['username'], ENT_COMPAT),
- 'PASSWORD' => htmlspecialchars_decode($this->data['new_password'], ENT_COMPAT),
+ 'WELCOME_MSG' => html_entity_decode($this->language->lang('WELCOME_SUBJECT', $this->config['sitename']), ENT_COMPAT),
+ 'USERNAME' => html_entity_decode($this->data['username'], ENT_COMPAT),
+ 'PASSWORD' => html_entity_decode($this->data['new_password'], ENT_COMPAT),
'U_ACTIVATE' => generate_board_url() . "/ucp.{$this->php_ext}?mode=activate&u=$user_id&k=$user_actkey")
);
diff --git a/phpBB/phpbb/install/helper/iohandler/ajax_iohandler.php b/phpBB/phpbb/install/helper/iohandler/ajax_iohandler.php
index f4fb364c55..c235b8557a 100644
--- a/phpBB/phpbb/install/helper/iohandler/ajax_iohandler.php
+++ b/phpBB/phpbb/install/helper/iohandler/ajax_iohandler.php
@@ -418,7 +418,7 @@ class ajax_iohandler extends iohandler_base
if ($msg !== null)
{
- $link_properties['msg'] = htmlspecialchars_decode($this->language->lang($msg), ENT_COMPAT);
+ $link_properties['msg'] = html_entity_decode($this->language->lang($msg), ENT_COMPAT);
}
$this->download[] = $link_properties;
diff --git a/phpBB/phpbb/install/helper/iohandler/iohandler_base.php b/phpBB/phpbb/install/helper/iohandler/iohandler_base.php
index 2a29fd3300..71b1a12f48 100644
--- a/phpBB/phpbb/install/helper/iohandler/iohandler_base.php
+++ b/phpBB/phpbb/install/helper/iohandler/iohandler_base.php
@@ -108,7 +108,7 @@ abstract class iohandler_base implements iohandler_interface
{
if (!is_array($error_title) && strpos($error_title, '
') !== false)
{
- $error_title = strip_tags(htmlspecialchars_decode($error_title, ENT_COMPAT));
+ $error_title = strip_tags(html_entity_decode($error_title, ENT_COMPAT));
}
$this->errors[] = $this->translate_message($error_title, $error_description);
}
diff --git a/phpBB/phpbb/install/module/install_finish/task/notify_user.php b/phpBB/phpbb/install/module/install_finish/task/notify_user.php
index bebf35fd7a..6fb7bc2743 100644
--- a/phpBB/phpbb/install/module/install_finish/task/notify_user.php
+++ b/phpBB/phpbb/install/module/install_finish/task/notify_user.php
@@ -114,8 +114,8 @@ class notify_user extends \phpbb\install\task_base
$messenger->to($this->config['board_email'], $this->install_config->get('admin_name'));
$messenger->anti_abuse_headers($this->config, $this->user);
$messenger->assign_vars(array(
- 'USERNAME' => htmlspecialchars_decode($this->install_config->get('admin_name'), ENT_COMPAT),
- 'PASSWORD' => htmlspecialchars_decode($this->install_config->get('admin_passwd'), ENT_COMPAT))
+ 'USERNAME' => html_entity_decode($this->install_config->get('admin_name'), ENT_COMPAT),
+ 'PASSWORD' => html_entity_decode($this->install_config->get('admin_passwd'), ENT_COMPAT))
);
$messenger->send(NOTIFY_EMAIL);
}
diff --git a/phpBB/phpbb/install/module/obtain_data/task/obtain_server_data.php b/phpBB/phpbb/install/module/obtain_data/task/obtain_server_data.php
index 9cf2b45226..39eb12da2f 100644
--- a/phpBB/phpbb/install/module/obtain_data/task/obtain_server_data.php
+++ b/phpBB/phpbb/install/module/obtain_data/task/obtain_server_data.php
@@ -54,7 +54,7 @@ class obtain_server_data extends \phpbb\install\task_base implements \phpbb\inst
$server_port = $this->io_handler->get_server_variable('SERVER_PORT', 0);
// HTTP_HOST is having the correct browser url in most cases...
- $server_name = strtolower(htmlspecialchars_decode($this->io_handler->get_header_variable(
+ $server_name = strtolower(html_entity_decode($this->io_handler->get_header_variable(
'Host',
$this->io_handler->get_server_variable('SERVER_NAME')
), ENT_COMPAT));
@@ -65,11 +65,11 @@ class obtain_server_data extends \phpbb\install\task_base implements \phpbb\inst
$server_name = substr($server_name, 0, strpos($server_name, ':'));
}
- $script_path = htmlspecialchars_decode($this->io_handler->get_server_variable('PHP_SELF'), ENT_COMPAT);
+ $script_path = html_entity_decode($this->io_handler->get_server_variable('PHP_SELF'), ENT_COMPAT);
if (!$script_path)
{
- $script_path = htmlspecialchars_decode($this->io_handler->get_server_variable('REQUEST_URI'), ENT_COMPAT);
+ $script_path = html_entity_decode($this->io_handler->get_server_variable('REQUEST_URI'), ENT_COMPAT);
}
$script_path = str_replace(array('\\', '//'), '/', $script_path);
diff --git a/phpBB/phpbb/install/module/obtain_data/task/obtain_update_ftp_data.php b/phpBB/phpbb/install/module/obtain_data/task/obtain_update_ftp_data.php
index 3d7eaea92a..6f66a1af48 100644
--- a/phpBB/phpbb/install/module/obtain_data/task/obtain_update_ftp_data.php
+++ b/phpBB/phpbb/install/module/obtain_data/task/obtain_update_ftp_data.php
@@ -87,7 +87,7 @@ class obtain_update_ftp_data extends task_base
$ftp_host = $this->iohandler->get_input('ftp_host', '', true);
$ftp_user = $this->iohandler->get_input('ftp_user', '', true);
- $ftp_pass = htmlspecialchars_decode($this->iohandler->get_input('ftp_pass', '', true), ENT_COMPAT);
+ $ftp_pass = html_entity_decode($this->iohandler->get_input('ftp_pass', '', true), ENT_COMPAT);
$ftp_path = $this->iohandler->get_input('ftp_path', '', true);
$ftp_port = $this->iohandler->get_input('ftp_port', 21);
$ftp_time = $this->iohandler->get_input('ftp_timeout', 10);
diff --git a/phpBB/phpbb/message/message.php b/phpBB/phpbb/message/message.php
index e1475bd339..1077d23513 100644
--- a/phpBB/phpbb/message/message.php
+++ b/phpBB/phpbb/message/message.php
@@ -262,13 +262,13 @@ class message
$messenger->headers('X-AntiAbuse: Username - ' . $this->sender_username);
}
- $messenger->subject(htmlspecialchars_decode($this->subject, ENT_COMPAT));
+ $messenger->subject(html_entity_decode($this->subject, ENT_COMPAT));
$messenger->assign_vars(array(
'BOARD_CONTACT' => $contact,
- 'TO_USERNAME' => htmlspecialchars_decode($recipient['to_name'], ENT_COMPAT),
- 'FROM_USERNAME' => htmlspecialchars_decode($this->sender_name, ENT_COMPAT),
- 'MESSAGE' => htmlspecialchars_decode($this->body, ENT_COMPAT))
+ 'TO_USERNAME' => html_entity_decode($recipient['to_name'], ENT_COMPAT),
+ 'FROM_USERNAME' => html_entity_decode($this->sender_name, ENT_COMPAT),
+ 'MESSAGE' => html_entity_decode($this->body, ENT_COMPAT))
);
if (count($this->template_vars))
diff --git a/phpBB/phpbb/message/topic_form.php b/phpBB/phpbb/message/topic_form.php
index 42d893deb3..8dc6e6a2e5 100644
--- a/phpBB/phpbb/message/topic_form.php
+++ b/phpBB/phpbb/message/topic_form.php
@@ -122,7 +122,7 @@ class topic_form extends form
$this->message->set_template('email_notify');
$this->message->set_template_vars(array(
- 'TOPIC_NAME' => htmlspecialchars_decode($this->topic_row['topic_title'], ENT_COMPAT),
+ 'TOPIC_NAME' => html_entity_decode($this->topic_row['topic_title'], ENT_COMPAT),
'U_TOPIC' => generate_board_url() . '/viewtopic.' . $this->phpEx . '?t=' . $this->topic_id,
));
$this->message->set_body($this->body);
diff --git a/phpBB/phpbb/notification/type/admin_activate_user.php b/phpBB/phpbb/notification/type/admin_activate_user.php
index 47eb3889e5..4f3dddba3e 100644
--- a/phpBB/phpbb/notification/type/admin_activate_user.php
+++ b/phpBB/phpbb/notification/type/admin_activate_user.php
@@ -150,7 +150,7 @@ class admin_activate_user extends \phpbb\notification\type\base
$username = $this->user_loader->get_username($this->item_id, 'username');
return array(
- 'USERNAME' => htmlspecialchars_decode($username, ENT_COMPAT),
+ 'USERNAME' => html_entity_decode($username, ENT_COMPAT),
'U_USER_DETAILS' => "{$board_url}/memberlist.{$this->php_ext}?mode=viewprofile&u={$this->item_id}",
'U_ACTIVATE' => "{$board_url}/ucp.{$this->php_ext}?mode=activate&u={$this->item_id}&k={$this->get_data('user_actkey')}",
);
diff --git a/phpBB/phpbb/notification/type/disapprove_post.php b/phpBB/phpbb/notification/type/disapprove_post.php
index 5f4f185695..01a7bb16e8 100644
--- a/phpBB/phpbb/notification/type/disapprove_post.php
+++ b/phpBB/phpbb/notification/type/disapprove_post.php
@@ -120,7 +120,7 @@ class disapprove_post extends \phpbb\notification\type\approve_post
public function get_email_template_variables()
{
return array_merge(parent::get_email_template_variables(), array(
- 'REASON' => htmlspecialchars_decode($this->get_data('disapprove_reason'), ENT_COMPAT),
+ 'REASON' => html_entity_decode($this->get_data('disapprove_reason'), ENT_COMPAT),
));
}
diff --git a/phpBB/phpbb/notification/type/disapprove_topic.php b/phpBB/phpbb/notification/type/disapprove_topic.php
index f7a113f297..2c60a75312 100644
--- a/phpBB/phpbb/notification/type/disapprove_topic.php
+++ b/phpBB/phpbb/notification/type/disapprove_topic.php
@@ -120,7 +120,7 @@ class disapprove_topic extends \phpbb\notification\type\approve_topic
public function get_email_template_variables()
{
return array_merge(parent::get_email_template_variables(), array(
- 'REASON' => htmlspecialchars_decode($this->get_data('disapprove_reason'), ENT_COMPAT),
+ 'REASON' => html_entity_decode($this->get_data('disapprove_reason'), ENT_COMPAT),
));
}
diff --git a/phpBB/phpbb/notification/type/forum.php b/phpBB/phpbb/notification/type/forum.php
index 3e16d15c08..056d78602d 100644
--- a/phpBB/phpbb/notification/type/forum.php
+++ b/phpBB/phpbb/notification/type/forum.php
@@ -130,10 +130,10 @@ class forum extends \phpbb\notification\type\post
}
return [
- 'AUTHOR_NAME' => htmlspecialchars_decode($username, ENT_COMPAT),
- 'FORUM_NAME' => htmlspecialchars_decode(censor_text($this->get_data('forum_name')), ENT_COMPAT),
- 'POST_SUBJECT' => htmlspecialchars_decode(censor_text($this->get_data('post_subject')), ENT_COMPAT),
- 'TOPIC_TITLE' => htmlspecialchars_decode(censor_text($this->get_data('topic_title')), ENT_COMPAT),
+ 'AUTHOR_NAME' => html_entity_decode($username, ENT_COMPAT),
+ 'FORUM_NAME' => html_entity_decode(censor_text($this->get_data('forum_name')), ENT_COMPAT),
+ 'POST_SUBJECT' => html_entity_decode(censor_text($this->get_data('post_subject')), ENT_COMPAT),
+ 'TOPIC_TITLE' => html_entity_decode(censor_text($this->get_data('topic_title')), ENT_COMPAT),
'U_VIEW_POST' => generate_board_url() . "/viewtopic.{$this->php_ext}?p={$this->item_id}#p{$this->item_id}",
'U_NEWEST_POST' => generate_board_url() . "/viewtopic.{$this->php_ext}?t={$this->item_parent_id}&e=1&view=unread#unread",
diff --git a/phpBB/phpbb/notification/type/group_request.php b/phpBB/phpbb/notification/type/group_request.php
index 593af8e384..34462de2e2 100644
--- a/phpBB/phpbb/notification/type/group_request.php
+++ b/phpBB/phpbb/notification/type/group_request.php
@@ -133,8 +133,8 @@ class group_request extends \phpbb\notification\type\base
$user_data = $this->user_loader->get_user($this->item_id);
return array(
- 'GROUP_NAME' => htmlspecialchars_decode($this->get_data('group_name'), ENT_COMPAT),
- 'REQUEST_USERNAME' => htmlspecialchars_decode($user_data['username'], ENT_COMPAT),
+ 'GROUP_NAME' => html_entity_decode($this->get_data('group_name'), ENT_COMPAT),
+ 'REQUEST_USERNAME' => html_entity_decode($user_data['username'], ENT_COMPAT),
'U_PENDING' => generate_board_url() . "/ucp.{$this->php_ext}?i=groups&mode=manage&action=list&g={$this->item_parent_id}",
'U_GROUP' => generate_board_url() . "/memberlist.{$this->php_ext}?mode=group&g={$this->item_parent_id}",
diff --git a/phpBB/phpbb/notification/type/pm.php b/phpBB/phpbb/notification/type/pm.php
index 297126d7b9..d7b458dace 100644
--- a/phpBB/phpbb/notification/type/pm.php
+++ b/phpBB/phpbb/notification/type/pm.php
@@ -164,8 +164,8 @@ class pm extends \phpbb\notification\type\base
$user_data = $this->user_loader->get_user($this->get_data('from_user_id'));
return array(
- 'AUTHOR_NAME' => htmlspecialchars_decode($user_data['username'], ENT_COMPAT),
- 'SUBJECT' => htmlspecialchars_decode(censor_text($this->get_data('message_subject')), ENT_COMPAT),
+ 'AUTHOR_NAME' => html_entity_decode($user_data['username'], ENT_COMPAT),
+ 'SUBJECT' => html_entity_decode(censor_text($this->get_data('message_subject')), ENT_COMPAT),
'U_VIEW_MESSAGE' => generate_board_url() . '/ucp.' . $this->php_ext . "?i=pm&mode=view&p={$this->item_id}",
);
diff --git a/phpBB/phpbb/notification/type/post.php b/phpBB/phpbb/notification/type/post.php
index 69108d225e..db9ab3b9fe 100644
--- a/phpBB/phpbb/notification/type/post.php
+++ b/phpBB/phpbb/notification/type/post.php
@@ -262,9 +262,9 @@ class post extends \phpbb\notification\type\base
}
return array(
- 'AUTHOR_NAME' => htmlspecialchars_decode($username, ENT_COMPAT),
- 'POST_SUBJECT' => htmlspecialchars_decode(censor_text($this->get_data('post_subject')), ENT_COMPAT),
- 'TOPIC_TITLE' => htmlspecialchars_decode(censor_text($this->get_data('topic_title')), ENT_COMPAT),
+ 'AUTHOR_NAME' => html_entity_decode($username, ENT_COMPAT),
+ 'POST_SUBJECT' => html_entity_decode(censor_text($this->get_data('post_subject')), ENT_COMPAT),
+ 'TOPIC_TITLE' => html_entity_decode(censor_text($this->get_data('topic_title')), ENT_COMPAT),
'U_VIEW_POST' => generate_board_url() . "/viewtopic.{$this->php_ext}?p={$this->item_id}#p{$this->item_id}",
'U_NEWEST_POST' => generate_board_url() . "/viewtopic.{$this->php_ext}?t={$this->item_parent_id}&e=1&view=unread#unread",
diff --git a/phpBB/phpbb/notification/type/quote.php b/phpBB/phpbb/notification/type/quote.php
index 9c5ae26a3b..0f18c7b210 100644
--- a/phpBB/phpbb/notification/type/quote.php
+++ b/phpBB/phpbb/notification/type/quote.php
@@ -168,7 +168,7 @@ class quote extends \phpbb\notification\type\post
$user_data = $this->user_loader->get_user($this->get_data('poster_id'));
return array_merge(parent::get_email_template_variables(), array(
- 'AUTHOR_NAME' => htmlspecialchars_decode($user_data['username'], ENT_COMPAT),
+ 'AUTHOR_NAME' => html_entity_decode($user_data['username'], ENT_COMPAT),
));
}
diff --git a/phpBB/phpbb/notification/type/report_pm.php b/phpBB/phpbb/notification/type/report_pm.php
index b525468f82..6b92f12bec 100644
--- a/phpBB/phpbb/notification/type/report_pm.php
+++ b/phpBB/phpbb/notification/type/report_pm.php
@@ -143,11 +143,11 @@ class report_pm extends \phpbb\notification\type\pm
$user_data = $this->user_loader->get_user($this->get_data('from_user_id'));
return [
- 'AUTHOR_NAME' => htmlspecialchars_decode($user_data['username'], ENT_COMPAT),
- 'SUBJECT' => htmlspecialchars_decode(censor_text($this->get_data('message_subject')), ENT_COMPAT),
+ 'AUTHOR_NAME' => html_entity_decode($user_data['username'], ENT_COMPAT),
+ 'SUBJECT' => html_entity_decode(censor_text($this->get_data('message_subject')), ENT_COMPAT),
/** @deprecated 3.2.6-RC1 (to be removed in 4.0.0) use {SUBJECT} instead in report_pm.txt */
- 'TOPIC_TITLE' => htmlspecialchars_decode(censor_text($this->get_data('message_subject')), ENT_COMPAT),
+ 'TOPIC_TITLE' => html_entity_decode(censor_text($this->get_data('message_subject')), ENT_COMPAT),
'U_VIEW_REPORT' => generate_board_url() . "/mcp.{$this->php_ext}?r={$this->item_parent_id}&i=pm_reports&mode=pm_report_details",
];
diff --git a/phpBB/phpbb/notification/type/report_pm_closed.php b/phpBB/phpbb/notification/type/report_pm_closed.php
index 96e0ea8ea2..8afc48ebd9 100644
--- a/phpBB/phpbb/notification/type/report_pm_closed.php
+++ b/phpBB/phpbb/notification/type/report_pm_closed.php
@@ -104,9 +104,9 @@ class report_pm_closed extends \phpbb\notification\type\pm
$closer_username = $this->user_loader->get_username($this->get_data('closer_id'), 'username');
return [
- 'AUTHOR_NAME' => htmlspecialchars_decode($sender_username, ENT_COMPAT),
- 'CLOSER_NAME' => htmlspecialchars_decode($closer_username, ENT_COMPAT),
- 'SUBJECT' => htmlspecialchars_decode(censor_text($this->get_data('message_subject')), ENT_COMPAT),
+ 'AUTHOR_NAME' => html_entity_decode($sender_username, ENT_COMPAT),
+ 'CLOSER_NAME' => html_entity_decode($closer_username, ENT_COMPAT),
+ 'SUBJECT' => html_entity_decode(censor_text($this->get_data('message_subject')), ENT_COMPAT),
'U_VIEW_MESSAGE'=> generate_board_url() . "/ucp.{$this->php_ext}?i=pm&mode=view&p={$this->item_id}",
];
diff --git a/phpBB/phpbb/notification/type/report_post.php b/phpBB/phpbb/notification/type/report_post.php
index 669eb56bb9..ac923cdeab 100644
--- a/phpBB/phpbb/notification/type/report_post.php
+++ b/phpBB/phpbb/notification/type/report_post.php
@@ -110,8 +110,8 @@ class report_post extends \phpbb\notification\type\post_in_queue
$board_url = generate_board_url();
return array(
- 'POST_SUBJECT' => htmlspecialchars_decode(censor_text($this->get_data('post_subject')), ENT_COMPAT),
- 'TOPIC_TITLE' => htmlspecialchars_decode(censor_text($this->get_data('topic_title')), ENT_COMPAT),
+ 'POST_SUBJECT' => html_entity_decode(censor_text($this->get_data('post_subject')), ENT_COMPAT),
+ 'TOPIC_TITLE' => html_entity_decode(censor_text($this->get_data('topic_title')), ENT_COMPAT),
'U_VIEW_REPORT' => "{$board_url}/mcp.{$this->php_ext}?p={$this->item_id}&i=reports&mode=report_details#reports",
'U_VIEW_POST' => "{$board_url}/viewtopic.{$this->php_ext}?p={$this->item_id}#p{$this->item_id}",
diff --git a/phpBB/phpbb/notification/type/report_post_closed.php b/phpBB/phpbb/notification/type/report_post_closed.php
index 9b7e7eefd6..d54ba44fbf 100644
--- a/phpBB/phpbb/notification/type/report_post_closed.php
+++ b/phpBB/phpbb/notification/type/report_post_closed.php
@@ -111,10 +111,10 @@ class report_post_closed extends \phpbb\notification\type\post
$closer_username = $this->user_loader->get_username($this->get_data('closer_id'), 'username');
return [
- 'AUTHOR_NAME' => htmlspecialchars_decode($post_username, ENT_COMPAT),
- 'CLOSER_NAME' => htmlspecialchars_decode($closer_username, ENT_COMPAT),
- 'POST_SUBJECT' => htmlspecialchars_decode(censor_text($this->get_data('post_subject')), ENT_COMPAT),
- 'TOPIC_TITLE' => htmlspecialchars_decode(censor_text($this->get_data('topic_title')), ENT_COMPAT),
+ 'AUTHOR_NAME' => html_entity_decode($post_username, ENT_COMPAT),
+ 'CLOSER_NAME' => html_entity_decode($closer_username, ENT_COMPAT),
+ 'POST_SUBJECT' => html_entity_decode(censor_text($this->get_data('post_subject')), ENT_COMPAT),
+ 'TOPIC_TITLE' => html_entity_decode(censor_text($this->get_data('topic_title')), ENT_COMPAT),
'U_VIEW_POST' => generate_board_url() . "/viewtopic.{$this->php_ext}?p={$this->item_id}#p{$this->item_id}",
];
diff --git a/phpBB/phpbb/notification/type/topic.php b/phpBB/phpbb/notification/type/topic.php
index 5b981e4cb8..541bd4955a 100644
--- a/phpBB/phpbb/notification/type/topic.php
+++ b/phpBB/phpbb/notification/type/topic.php
@@ -217,9 +217,9 @@ class topic extends \phpbb\notification\type\base
}
return array(
- 'AUTHOR_NAME' => htmlspecialchars_decode($username, ENT_COMPAT),
- 'FORUM_NAME' => htmlspecialchars_decode($this->get_data('forum_name'), ENT_COMPAT),
- 'TOPIC_TITLE' => htmlspecialchars_decode(censor_text($this->get_data('topic_title')), ENT_COMPAT),
+ 'AUTHOR_NAME' => html_entity_decode($username, ENT_COMPAT),
+ 'FORUM_NAME' => html_entity_decode($this->get_data('forum_name'), ENT_COMPAT),
+ 'TOPIC_TITLE' => html_entity_decode(censor_text($this->get_data('topic_title')), ENT_COMPAT),
'U_TOPIC' => "{$board_url}/viewtopic.{$this->php_ext}?t={$this->item_id}",
'U_VIEW_TOPIC' => "{$board_url}/viewtopic.{$this->php_ext}?t={$this->item_id}",
diff --git a/phpBB/phpbb/plupload/plupload.php b/phpBB/phpbb/plupload/plupload.php
index f0b36abb40..ea8cfef5d0 100644
--- a/phpBB/phpbb/plupload/plupload.php
+++ b/phpBB/phpbb/plupload/plupload.php
@@ -163,7 +163,7 @@ class plupload
'S_PLUPLOAD' => true,
'FILTERS' => $filters,
'CHUNK_SIZE' => $chunk_size,
- 'S_PLUPLOAD_URL' => htmlspecialchars_decode($s_action, ENT_COMPAT),
+ 'S_PLUPLOAD_URL' => html_entity_decode($s_action, ENT_COMPAT),
'MAX_ATTACHMENTS' => $max_files,
'ATTACH_ORDER' => ($this->config['display_order']) ? 'asc' : 'desc',
'L_TOO_MANY_ATTACHMENTS' => $this->user->lang('TOO_MANY_ATTACHMENTS', $max_files),
diff --git a/phpBB/phpbb/search/backend/fulltext_mysql.php b/phpBB/phpbb/search/backend/fulltext_mysql.php
index 3c630aa89b..3e47cb4668 100644
--- a/phpBB/phpbb/search/backend/fulltext_mysql.php
+++ b/phpBB/phpbb/search/backend/fulltext_mysql.php
@@ -215,7 +215,7 @@ class fulltext_mysql extends base implements search_backend_interface
}
// Filter out as above
- $split_keywords = preg_replace("#[\n\r\t]+#", ' ', trim(htmlspecialchars_decode($keywords, ENT_COMPAT)));
+ $split_keywords = preg_replace("#[\n\r\t]+#", ' ', trim(html_entity_decode($keywords, ENT_COMPAT)));
// Split words
$split_keywords = preg_replace('#([^\p{L}\p{N}\'*"()])#u', '$1$1', str_replace('\'\'', '\' \'', trim($split_keywords)));
@@ -537,7 +537,7 @@ class fulltext_mysql extends base implements search_backend_interface
$sql = "SELECT $sql_select
FROM $sql_from$sql_sort_table" . POSTS_TABLE . " p
- WHERE MATCH ($sql_match) AGAINST ('" . $this->db->sql_escape(htmlspecialchars_decode($this->search_query, ENT_COMPAT)) . "' IN BOOLEAN MODE)
+ WHERE MATCH ($sql_match) AGAINST ('" . $this->db->sql_escape(html_entity_decode($this->search_query, ENT_COMPAT)) . "' IN BOOLEAN MODE)
$sql_where_options
ORDER BY $sql_sort";
$this->db->sql_return_on_error(true);
diff --git a/phpBB/phpbb/search/backend/fulltext_native.php b/phpBB/phpbb/search/backend/fulltext_native.php
index b0a3d2ebd9..a5c9bb8202 100644
--- a/phpBB/phpbb/search/backend/fulltext_native.php
+++ b/phpBB/phpbb/search/backend/fulltext_native.php
@@ -1786,7 +1786,7 @@ class fulltext_native extends base implements search_backend_interface
/**
* Replace HTML entities and NCRs
*/
- $text = htmlspecialchars_decode(utf8_decode_ncr($text), ENT_QUOTES);
+ $text = html_entity_decode(utf8_decode_ncr($text), ENT_QUOTES);
/**
* Normalize to NFC
diff --git a/phpBB/phpbb/search/backend/fulltext_postgres.php b/phpBB/phpbb/search/backend/fulltext_postgres.php
index 20164cac9d..bd2c24224c 100644
--- a/phpBB/phpbb/search/backend/fulltext_postgres.php
+++ b/phpBB/phpbb/search/backend/fulltext_postgres.php
@@ -178,7 +178,7 @@ class fulltext_postgres extends base implements search_backend_interface
}
// Filter out as above
- $split_keywords = preg_replace("#[\"\n\r\t]+#", ' ', trim(htmlspecialchars_decode($keywords, ENT_COMPAT)));
+ $split_keywords = preg_replace("#[\"\n\r\t]+#", ' ', trim(html_entity_decode($keywords, ENT_COMPAT)));
// Split words
$split_keywords = preg_replace('#([^\p{L}\p{N}\'*"()])#u', '$1$1', str_replace('\'\'', '\' \'', trim($split_keywords)));
diff --git a/phpBB/phpbb/session.php b/phpBB/phpbb/session.php
index eb038cc8e5..e89127800d 100644
--- a/phpBB/phpbb/session.php
+++ b/phpBB/phpbb/session.php
@@ -52,7 +52,7 @@ class session
// If we are unable to get the script name we use REQUEST_URI as a failover and note it within the page array for easier support...
if (!$script_name)
{
- $script_name = htmlspecialchars_decode($request->server('REQUEST_URI'), ENT_COMPAT);
+ $script_name = html_entity_decode($request->server('REQUEST_URI'), ENT_COMPAT);
$script_name = (($pos = strpos($script_name, '?')) !== false) ? substr($script_name, 0, $pos) : $script_name;
$page_array['failover'] = 1;
}
@@ -169,7 +169,7 @@ class session
global $config, $request;
// Get hostname
- $host = htmlspecialchars_decode($request->header('Host', $request->server('SERVER_NAME')), ENT_COMPAT);
+ $host = html_entity_decode($request->header('Host', $request->server('SERVER_NAME')), ENT_COMPAT);
// Should be a string and lowered
$host = (string) strtolower($host);
@@ -292,7 +292,7 @@ class session
// Why no forwarded_for et al? Well, too easily spoofed. With the results of my recent requests
// it's pretty clear that in the majority of cases you'll at least be left with a proxy/cache ip.
- $ip = htmlspecialchars_decode($request->server('REMOTE_ADDR'), ENT_COMPAT);
+ $ip = html_entity_decode($request->server('REMOTE_ADDR'), ENT_COMPAT);
$ip = preg_replace('# {2,}#', ' ', str_replace(',', ' ', $ip));
/**
diff --git a/phpBB/phpbb/textformatter/data_access.php b/phpBB/phpbb/textformatter/data_access.php
index 33e6f48d4b..0cecac50a1 100644
--- a/phpBB/phpbb/textformatter/data_access.php
+++ b/phpBB/phpbb/textformatter/data_access.php
@@ -226,7 +226,7 @@ class data_access
{
foreach ($columns as $column)
{
- $row[$column] = htmlspecialchars_decode($row[$column], ENT_COMPAT);
+ $row[$column] = html_entity_decode($row[$column], ENT_COMPAT);
}
}
diff --git a/phpBB/phpbb/ucp/controller/reset_password.php b/phpBB/phpbb/ucp/controller/reset_password.php
index 30d2f1700f..be163e9d87 100644
--- a/phpBB/phpbb/ucp/controller/reset_password.php
+++ b/phpBB/phpbb/ucp/controller/reset_password.php
@@ -265,7 +265,7 @@ class reset_password
$messenger->anti_abuse_headers($this->config, $this->user);
$messenger->assign_vars([
- 'USERNAME' => htmlspecialchars_decode($user_row['username'], ENT_COMPAT),
+ 'USERNAME' => html_entity_decode($user_row['username'], ENT_COMPAT),
'U_RESET_PASSWORD' => generate_board_url(true) . $this->helper->route('phpbb_ucp_reset_password_controller', [
'u' => $user_row['user_id'],
'token' => $reset_token,
diff --git a/phpBB/search.php b/phpBB/search.php
index 2440cfa591..f786964620 100644
--- a/phpBB/search.php
+++ b/phpBB/search.php
@@ -680,16 +680,16 @@ if ($keywords || $author || $author_id || $search_id || $submit)
$hilit = phpbb_clean_search_string(str_replace(array('+', '-', '|', '(', ')', '"'), ' ', $keywords));
$hilit = str_replace(' ', '|', $hilit);
- $u_hilit = urlencode(htmlspecialchars_decode(str_replace('|', ' ', $hilit), ENT_COMPAT));
+ $u_hilit = urlencode(html_entity_decode(str_replace('|', ' ', $hilit), ENT_COMPAT));
$u_show_results = '&sr=' . $show_results;
$u_search_forum = implode('&fid%5B%5D=', $search_forum);
$u_search = append_sid("{$phpbb_root_path}search.$phpEx", $u_sort_param . $u_show_results);
$u_search .= ($search_id) ? '&search_id=' . $search_id : '';
- $u_search .= ($u_hilit) ? '&keywords=' . urlencode(htmlspecialchars_decode($keywords, ENT_COMPAT)) : '';
+ $u_search .= ($u_hilit) ? '&keywords=' . urlencode(html_entity_decode($keywords, ENT_COMPAT)) : '';
$u_search .= ($search_terms != 'all') ? '&terms=' . $search_terms : '';
$u_search .= ($topic_id) ? '&t=' . $topic_id : '';
- $u_search .= ($author) ? '&author=' . urlencode(htmlspecialchars_decode($author, ENT_COMPAT)) : '';
+ $u_search .= ($author) ? '&author=' . urlencode(html_entity_decode($author, ENT_COMPAT)) : '';
$u_search .= ($author_id) ? '&author_id=' . $author_id : '';
$u_search .= ($u_search_forum) ? '&fid%5B%5D=' . $u_search_forum : '';
$u_search .= (!$search_child) ? '&sc=0' : '';
@@ -1571,7 +1571,7 @@ if ($auth->acl_get('a_search'))
'KEYWORDS' => $keywords,
'TIME' => $user->format_date($row['search_time']),
- 'U_KEYWORDS' => append_sid("{$phpbb_root_path}search.$phpEx", 'keywords=' . urlencode(htmlspecialchars_decode($keywords, ENT_COMPAT)))
+ 'U_KEYWORDS' => append_sid("{$phpbb_root_path}search.$phpEx", 'keywords=' . urlencode(html_entity_decode($keywords, ENT_COMPAT)))
));
}
$db->sql_freeresult($result);
diff --git a/tests/email/email_parsing_test.php b/tests/email/email_parsing_test.php
index dff5e70e52..ea623d996f 100644
--- a/tests/email/email_parsing_test.php
+++ b/tests/email/email_parsing_test.php
@@ -122,8 +122,8 @@ class phpbb_email_parsing_test extends phpbb_test_case
$this->messenger->set_addresses($user->data);
$this->messenger->assign_vars(array(
- 'EMAIL_SIG' => str_replace('
', "\n", "-- \n" . htmlspecialchars_decode($config['board_email_sig'], ENT_COMPAT)),
- 'SITENAME' => htmlspecialchars_decode($config['sitename'], ENT_COMPAT),
+ 'EMAIL_SIG' => str_replace('
', "\n", "-- \n" . html_entity_decode($config['board_email_sig'], ENT_COMPAT)),
+ 'SITENAME' => html_entity_decode($config['sitename'], ENT_COMPAT),
'AUTHOR_NAME' => $author_name,
'FORUM_NAME' => $forum_name,
@@ -142,8 +142,8 @@ class phpbb_email_parsing_test extends phpbb_test_case
$this->assertStringContainsString($forum_name, $msg);
$this->assertStringContainsString($topic_title, $msg);
$this->assertStringContainsString($username, $msg);
- $this->assertStringContainsString(htmlspecialchars_decode($config['sitename'], ENT_COMPAT), $msg);
- $this->assertStringContainsString(str_replace('
', "\n", "-- \n" . htmlspecialchars_decode($config['board_email_sig'], ENT_COMPAT)), $msg);
+ $this->assertStringContainsString(html_entity_decode($config['sitename'], ENT_COMPAT), $msg);
+ $this->assertStringContainsString(str_replace('
', "\n", "-- \n" . html_entity_decode($config['board_email_sig'], ENT_COMPAT)), $msg);
$this->assertStringNotContainsString('EMAIL_SIG', $msg);
$this->assertStringNotContainsString('U_STOP_WATCHING_FORUM', $msg);
}