From 9b2f42748c37ad06dcc0c74047629528e4bfdc39 Mon Sep 17 00:00:00 2001 From: lionel-rowe Date: Tue, 5 Apr 2022 05:54:33 +0100 Subject: [PATCH] [ticket/16981] Fix HTML-encoded emojis in email subject line PHPBB3-16981 --- phpBB/includes/acp/acp_bbcodes.php | 2 +- phpBB/includes/acp/acp_board.php | 4 ++-- phpBB/includes/acp/acp_email.php | 4 ++-- phpBB/includes/acp/acp_help_phpbb.php | 2 +- phpBB/includes/acp/acp_inactive.php | 4 ++-- phpBB/includes/acp/acp_logs.php | 2 +- phpBB/includes/acp/acp_ranks.php | 2 +- phpBB/includes/acp/acp_users.php | 6 ++--- phpBB/includes/functions_compatibility.php | 4 ++-- phpBB/includes/functions_content.php | 8 +++---- phpBB/includes/functions_download.php | 6 ++--- phpBB/includes/functions_messenger.php | 14 +++++------ phpBB/includes/functions_user.php | 4 ++-- phpBB/includes/mcp/mcp_logs.php | 2 +- phpBB/includes/mcp/mcp_notes.php | 2 +- phpBB/includes/message_parser.php | 4 ++-- .../includes/questionnaire/questionnaire.php | 4 ++-- phpBB/includes/ucp/ucp_activate.php | 2 +- phpBB/includes/ucp/ucp_profile.php | 2 +- phpBB/includes/ucp/ucp_register.php | 6 ++--- phpBB/includes/ucp/ucp_resend.php | 6 ++--- phpBB/memberlist.php | 14 +++++------ phpBB/phpbb/auth/provider/apache.php | 10 ++++---- phpBB/phpbb/auth/provider/ldap.php | 24 +++++++++---------- phpBB/phpbb/console/command/user/activate.php | 2 +- phpBB/phpbb/console/command/user/add.php | 6 ++--- .../helper/iohandler/ajax_iohandler.php | 2 +- .../helper/iohandler/iohandler_base.php | 2 +- .../install_finish/task/notify_user.php | 4 ++-- .../obtain_data/task/obtain_server_data.php | 6 ++--- .../task/obtain_update_ftp_data.php | 2 +- phpBB/phpbb/message/message.php | 8 +++---- phpBB/phpbb/message/topic_form.php | 2 +- .../notification/type/admin_activate_user.php | 2 +- .../notification/type/disapprove_post.php | 2 +- .../notification/type/disapprove_topic.php | 2 +- phpBB/phpbb/notification/type/forum.php | 8 +++---- .../phpbb/notification/type/group_request.php | 4 ++-- phpBB/phpbb/notification/type/pm.php | 4 ++-- phpBB/phpbb/notification/type/post.php | 6 ++--- phpBB/phpbb/notification/type/quote.php | 2 +- phpBB/phpbb/notification/type/report_pm.php | 6 ++--- .../notification/type/report_pm_closed.php | 6 ++--- phpBB/phpbb/notification/type/report_post.php | 4 ++-- .../notification/type/report_post_closed.php | 8 +++---- phpBB/phpbb/notification/type/topic.php | 6 ++--- phpBB/phpbb/plupload/plupload.php | 2 +- phpBB/phpbb/search/fulltext_mysql.php | 4 ++-- phpBB/phpbb/search/fulltext_native.php | 2 +- phpBB/phpbb/search/fulltext_postgres.php | 2 +- phpBB/phpbb/session.php | 6 ++--- phpBB/phpbb/textformatter/data_access.php | 2 +- phpBB/phpbb/ucp/controller/reset_password.php | 2 +- phpBB/search.php | 8 +++---- tests/email/email_parsing_test.php | 8 +++---- 55 files changed, 134 insertions(+), 134 deletions(-) diff --git a/phpBB/includes/acp/acp_bbcodes.php b/phpBB/includes/acp/acp_bbcodes.php index c85d429142..2220d5cbaa 100644 --- a/phpBB/includes/acp/acp_bbcodes.php +++ b/phpBB/includes/acp/acp_bbcodes.php @@ -86,7 +86,7 @@ class acp_bbcodes $display_on_posting = $request->variable('display_on_posting', 0); $bbcode_match = $request->variable('bbcode_match', ''); - $bbcode_tpl = htmlspecialchars_decode($request->variable('bbcode_tpl', '', true), ENT_COMPAT); + $bbcode_tpl = html_entity_decode($request->variable('bbcode_tpl', '', true), ENT_COMPAT); $bbcode_helpline = $request->variable('bbcode_helpline', '', true); break; } diff --git a/phpBB/includes/acp/acp_board.php b/phpBB/includes/acp/acp_board.php index 02530b5986..bfc2c0b97f 100644 --- a/phpBB/includes/acp/acp_board.php +++ b/phpBB/includes/acp/acp_board.php @@ -720,8 +720,8 @@ class acp_board $messenger->set_addresses($user->data); $messenger->anti_abuse_headers($config, $user); $messenger->assign_vars(array( - 'USERNAME' => htmlspecialchars_decode($user->data['username'], ENT_COMPAT), - 'MESSAGE' => htmlspecialchars_decode($request->variable('send_test_email_text', '', true), ENT_COMPAT), + 'USERNAME' => html_entity_decode($user->data['username'], ENT_COMPAT), + 'MESSAGE' => html_entity_decode($request->variable('send_test_email_text', '', true), ENT_COMPAT), )); $messenger->send(NOTIFY_EMAIL); diff --git a/phpBB/includes/acp/acp_email.php b/phpBB/includes/acp/acp_email.php index 720d58a078..3fba4917ec 100644 --- a/phpBB/includes/acp/acp_email.php +++ b/phpBB/includes/acp/acp_email.php @@ -205,7 +205,7 @@ class acp_email $email_template = 'admin_send_email'; $template_data = array( 'CONTACT_EMAIL' => phpbb_get_board_contact($config, $phpEx), - 'MESSAGE' => htmlspecialchars_decode($message, ENT_COMPAT), + 'MESSAGE' => html_entity_decode($message, ENT_COMPAT), ); $generate_log_entry = true; @@ -252,7 +252,7 @@ class acp_email $messenger->anti_abuse_headers($config, $user); - $messenger->subject(htmlspecialchars_decode($subject, ENT_COMPAT)); + $messenger->subject(html_entity_decode($subject, ENT_COMPAT)); $messenger->set_mail_priority($priority); $messenger->assign_vars($template_data); diff --git a/phpBB/includes/acp/acp_help_phpbb.php b/phpBB/includes/acp/acp_help_phpbb.php index 4a1d965146..835e486f78 100644 --- a/phpBB/includes/acp/acp_help_phpbb.php +++ b/phpBB/includes/acp/acp_help_phpbb.php @@ -90,7 +90,7 @@ class acp_help_phpbb if (!empty($response)) { - $decoded_response = json_decode(htmlspecialchars_decode($response, ENT_COMPAT), true); + $decoded_response = json_decode(html_entity_decode($response, ENT_COMPAT), true); if ($decoded_response && isset($decoded_response['status']) && $decoded_response['status'] == 'ok') { diff --git a/phpBB/includes/acp/acp_inactive.php b/phpBB/includes/acp/acp_inactive.php index 1ecd3c15b9..7b4536f755 100644 --- a/phpBB/includes/acp/acp_inactive.php +++ b/phpBB/includes/acp/acp_inactive.php @@ -130,7 +130,7 @@ class acp_inactive $messenger->anti_abuse_headers($config, $user); $messenger->assign_vars(array( - 'USERNAME' => htmlspecialchars_decode($row['username'], ENT_COMPAT)) + 'USERNAME' => html_entity_decode($row['username'], ENT_COMPAT)) ); $messenger->send(NOTIFY_EMAIL); @@ -224,7 +224,7 @@ class acp_inactive $messenger->anti_abuse_headers($config, $user); $messenger->assign_vars(array( - 'USERNAME' => htmlspecialchars_decode($row['username'], ENT_COMPAT), + 'USERNAME' => html_entity_decode($row['username'], ENT_COMPAT), 'REGISTER_DATE' => $user->format_date($row['user_regdate'], false, true), 'U_ACTIVATE' => generate_board_url() . "/ucp.$phpEx?mode=activate&u=" . $row['user_id'] . '&k=' . $row['user_actkey']) ); diff --git a/phpBB/includes/acp/acp_logs.php b/phpBB/includes/acp/acp_logs.php index b98cd64f49..f85c24af09 100644 --- a/phpBB/includes/acp/acp_logs.php +++ b/phpBB/includes/acp/acp_logs.php @@ -108,7 +108,7 @@ class acp_logs $sql_sort = $sort_by_sql[$sort_key] . ' ' . (($sort_dir == 'd') ? 'DESC' : 'ASC'); $keywords = $request->variable('keywords', '', true); - $keywords_param = !empty($keywords) ? '&keywords=' . urlencode(htmlspecialchars_decode($keywords, ENT_COMPAT)) : ''; + $keywords_param = !empty($keywords) ? '&keywords=' . urlencode(html_entity_decode($keywords, ENT_COMPAT)) : ''; $l_title = $user->lang['ACP_' . strtoupper($mode) . '_LOGS']; $l_title_explain = $user->lang['ACP_' . strtoupper($mode) . '_LOGS_EXPLAIN']; diff --git a/phpBB/includes/acp/acp_ranks.php b/phpBB/includes/acp/acp_ranks.php index c904e0cdf5..51b4f006a5 100644 --- a/phpBB/includes/acp/acp_ranks.php +++ b/phpBB/includes/acp/acp_ranks.php @@ -70,7 +70,7 @@ class acp_ranks 'rank_title' => $rank_title, 'rank_special' => $special_rank, 'rank_min' => $min_posts, - 'rank_image' => htmlspecialchars_decode($rank_image, ENT_COMPAT) + 'rank_image' => html_entity_decode($rank_image, ENT_COMPAT) ); /** diff --git a/phpBB/includes/acp/acp_users.php b/phpBB/includes/acp/acp_users.php index be1e902079..c65162eaf2 100644 --- a/phpBB/includes/acp/acp_users.php +++ b/phpBB/includes/acp/acp_users.php @@ -402,8 +402,8 @@ class acp_users $messenger->anti_abuse_headers($config, $user); $messenger->assign_vars(array( - 'WELCOME_MSG' => htmlspecialchars_decode(sprintf($user->lang['WELCOME_SUBJECT'], $config['sitename']), ENT_COMPAT), - 'USERNAME' => htmlspecialchars_decode($user_row['username'], ENT_COMPAT), + 'WELCOME_MSG' => html_entity_decode(sprintf($user->lang['WELCOME_SUBJECT'], $config['sitename']), ENT_COMPAT), + 'USERNAME' => html_entity_decode($user_row['username'], ENT_COMPAT), 'U_ACTIVATE' => "$server_url/ucp.$phpEx?mode=activate&u={$user_row['user_id']}&k=$user_actkey") ); @@ -466,7 +466,7 @@ class acp_users $messenger->anti_abuse_headers($config, $user); $messenger->assign_vars(array( - 'USERNAME' => htmlspecialchars_decode($user_row['username'], ENT_COMPAT)) + 'USERNAME' => html_entity_decode($user_row['username'], ENT_COMPAT)) ); $messenger->send(NOTIFY_EMAIL); diff --git a/phpBB/includes/functions_compatibility.php b/phpBB/includes/functions_compatibility.php index 431e967107..7cf4409801 100644 --- a/phpBB/includes/functions_compatibility.php +++ b/phpBB/includes/functions_compatibility.php @@ -759,7 +759,7 @@ function phpbb_http_login($param) { if ($request->is_set($k, \phpbb\request\request_interface::SERVER)) { - $username = htmlspecialchars_decode($request->server($k), ENT_COMPAT); + $username = html_entity_decode($request->server($k), ENT_COMPAT); break; } } @@ -769,7 +769,7 @@ function phpbb_http_login($param) { if ($request->is_set($k, \phpbb\request\request_interface::SERVER)) { - $password = htmlspecialchars_decode($request->server($k), ENT_COMPAT); + $password = html_entity_decode($request->server($k), ENT_COMPAT); break; } } diff --git a/phpBB/includes/functions_content.php b/phpBB/includes/functions_content.php index e93916db58..a73f074f42 100644 --- a/phpBB/includes/functions_content.php +++ b/phpBB/includes/functions_content.php @@ -803,8 +803,8 @@ function make_clickable_callback($type, $whitespace, $url, $relative_url, $class $orig_url = $url; $orig_relative = $relative_url; $append = ''; - $url = htmlspecialchars_decode($url, ENT_COMPAT); - $relative_url = htmlspecialchars_decode($relative_url, ENT_COMPAT); + $url = html_entity_decode($url, ENT_COMPAT); + $relative_url = html_entity_decode($relative_url, ENT_COMPAT); // make sure no HTML entities were matched $chars = array('<', '>', '"'); @@ -1456,7 +1456,7 @@ function truncate_string($string, $max_length = 60, $max_store_length = 255, $al $string = substr($string, 4); } - $_chars = utf8_str_split(htmlspecialchars_decode($string, ENT_COMPAT)); + $_chars = utf8_str_split(html_entity_decode($string, ENT_COMPAT)); $chars = array_map('utf8_htmlspecialchars', $_chars); // Now check the length ;) @@ -1471,7 +1471,7 @@ function truncate_string($string, $max_length = 60, $max_store_length = 255, $al if (utf8_strlen($string) > $max_store_length) { // let's split again, we do not want half-baked strings where entities are split - $_chars = utf8_str_split(htmlspecialchars_decode($string, ENT_COMPAT)); + $_chars = utf8_str_split(html_entity_decode($string, ENT_COMPAT)); $chars = array_map('utf8_htmlspecialchars', $_chars); do diff --git a/phpBB/includes/functions_download.php b/phpBB/includes/functions_download.php index f0aef9eac3..78b56fc755 100644 --- a/phpBB/includes/functions_download.php +++ b/phpBB/includes/functions_download.php @@ -208,7 +208,7 @@ function send_file_to_browser($attachment, $upload_dir, $category) if (empty($user->browser) || ((strpos(strtolower($user->browser), 'msie') !== false) && !phpbb_is_greater_ie_version($user->browser, 7))) { - header('Content-Disposition: attachment; ' . header_filename(htmlspecialchars_decode($attachment['real_filename'], ENT_COMPAT))); + header('Content-Disposition: attachment; ' . header_filename(html_entity_decode($attachment['real_filename'], ENT_COMPAT))); if (empty($user->browser) || (strpos(strtolower($user->browser), 'msie 6.0') !== false)) { header('Expires: ' . gmdate('D, d M Y H:i:s', time()) . ' GMT'); @@ -216,7 +216,7 @@ function send_file_to_browser($attachment, $upload_dir, $category) } else { - header('Content-Disposition: ' . ((strpos($attachment['mimetype'], 'image') === 0) ? 'inline' : 'attachment') . '; ' . header_filename(htmlspecialchars_decode($attachment['real_filename'], ENT_COMPAT))); + header('Content-Disposition: ' . ((strpos($attachment['mimetype'], 'image') === 0) ? 'inline' : 'attachment') . '; ' . header_filename(html_entity_decode($attachment['real_filename'], ENT_COMPAT))); if (phpbb_is_greater_ie_version($user->browser, 7) && (strpos($attachment['mimetype'], 'image') !== 0)) { header('X-Download-Options: noopen'); @@ -327,7 +327,7 @@ function download_allowed() return true; } - $url = htmlspecialchars_decode($request->header('Referer'), ENT_COMPAT); + $url = html_entity_decode($request->header('Referer'), ENT_COMPAT); if (!$url) { diff --git a/phpBB/includes/functions_messenger.php b/phpBB/includes/functions_messenger.php index eafbb01cf9..770223100b 100644 --- a/phpBB/includes/functions_messenger.php +++ b/phpBB/includes/functions_messenger.php @@ -320,8 +320,8 @@ class messenger // We add some standard variables we always use, no need to specify them always $this->assign_vars(array( 'U_BOARD' => generate_board_url(), - 'EMAIL_SIG' => str_replace('
', "\n", "-- \n" . htmlspecialchars_decode($config['board_email_sig'], ENT_COMPAT)), - 'SITENAME' => htmlspecialchars_decode($config['sitename'], ENT_COMPAT), + 'EMAIL_SIG' => str_replace('
', "\n", "-- \n" . html_entity_decode($config['board_email_sig'], ENT_COMPAT)), + 'SITENAME' => html_entity_decode($config['sitename'], ENT_COMPAT), )); $subject = $this->subject; @@ -427,7 +427,7 @@ class messenger $user->session_begin(); } - $calling_page = htmlspecialchars_decode($request->server('PHP_SELF'), ENT_COMPAT); + $calling_page = html_entity_decode($request->server('PHP_SELF'), ENT_COMPAT); switch ($type) { @@ -557,7 +557,7 @@ class messenger $use_queue = true; } - $contact_name = htmlspecialchars_decode($config['board_contact_name'], ENT_COMPAT); + $contact_name = html_entity_decode($config['board_contact_name'], ENT_COMPAT); $board_contact = (($contact_name !== '') ? '"' . mail_encode($contact_name) . '" ' : '') . '<' . $config['board_contact'] . '>'; $break = false; @@ -691,7 +691,7 @@ class messenger if (!$use_queue) { include_once($phpbb_root_path . 'includes/functions_jabber.' . $phpEx); - $this->jabber = new jabber($config['jab_host'], $config['jab_port'], $config['jab_username'], htmlspecialchars_decode($config['jab_password'], ENT_COMPAT), $config['jab_use_ssl'], $config['jab_verify_peer'], $config['jab_verify_peer_name'], $config['jab_allow_self_signed']); + $this->jabber = new jabber($config['jab_host'], $config['jab_port'], $config['jab_username'], html_entity_decode($config['jab_password'], ENT_COMPAT), $config['jab_use_ssl'], $config['jab_verify_peer'], $config['jab_verify_peer_name'], $config['jab_allow_self_signed']); if (!$this->jabber->connect()) { @@ -891,7 +891,7 @@ class queue } include_once($phpbb_root_path . 'includes/functions_jabber.' . $phpEx); - $this->jabber = new jabber($config['jab_host'], $config['jab_port'], $config['jab_username'], htmlspecialchars_decode($config['jab_password'], ENT_COMPAT), $config['jab_use_ssl'], $config['jab_verify_peer'], $config['jab_verify_peer_name'], $config['jab_allow_self_signed']); + $this->jabber = new jabber($config['jab_host'], $config['jab_port'], $config['jab_username'], html_entity_decode($config['jab_password'], ENT_COMPAT), $config['jab_use_ssl'], $config['jab_verify_peer'], $config['jab_verify_peer_name'], $config['jab_allow_self_signed']); if (!$this->jabber->connect()) { @@ -1208,7 +1208,7 @@ function smtpmail($addresses, $subject, $message, &$err_msg, $headers = false) } // Let me in. This function handles the complete authentication process - if ($err_msg = $smtp->log_into_server($config['smtp_host'], $config['smtp_username'], htmlspecialchars_decode($config['smtp_password'], ENT_COMPAT), $config['smtp_auth_method'])) + if ($err_msg = $smtp->log_into_server($config['smtp_host'], $config['smtp_username'], html_entity_decode($config['smtp_password'], ENT_COMPAT), $config['smtp_auth_method'])) { $smtp->close_session($err_msg); return false; diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php index 8cfad36773..0110034016 100644 --- a/phpBB/includes/functions_user.php +++ b/phpBB/includes/functions_user.php @@ -1575,11 +1575,11 @@ function validate_string($string, $optional = false, $min = 0, $max = 0) return false; } - if ($min && utf8_strlen(htmlspecialchars_decode($string, ENT_COMPAT)) < $min) + if ($min && utf8_strlen(html_entity_decode($string, ENT_COMPAT)) < $min) { return 'TOO_SHORT'; } - else if ($max && utf8_strlen(htmlspecialchars_decode($string, ENT_COMPAT)) > $max) + else if ($max && utf8_strlen(html_entity_decode($string, ENT_COMPAT)) > $max) { return 'TOO_LONG'; } diff --git a/phpBB/includes/mcp/mcp_logs.php b/phpBB/includes/mcp/mcp_logs.php index 1c5be1213d..de62489ea3 100644 --- a/phpBB/includes/mcp/mcp_logs.php +++ b/phpBB/includes/mcp/mcp_logs.php @@ -179,7 +179,7 @@ class mcp_logs $sql_sort = $sort_by_sql[$sort_key] . ' ' . (($sort_dir == 'd') ? 'DESC' : 'ASC'); $keywords = $request->variable('keywords', '', true); - $keywords_param = !empty($keywords) ? '&keywords=' . urlencode(htmlspecialchars_decode($keywords, ENT_COMPAT)) : ''; + $keywords_param = !empty($keywords) ? '&keywords=' . urlencode(html_entity_decode($keywords, ENT_COMPAT)) : ''; // Grab log data $log_data = array(); diff --git a/phpBB/includes/mcp/mcp_notes.php b/phpBB/includes/mcp/mcp_notes.php index 47dc97cc8b..acbe481b79 100644 --- a/phpBB/includes/mcp/mcp_notes.php +++ b/phpBB/includes/mcp/mcp_notes.php @@ -206,7 +206,7 @@ class mcp_notes $sql_sort = $sort_by_sql[$sk] . ' ' . (($sd == 'd') ? 'DESC' : 'ASC'); $keywords = $request->variable('keywords', '', true); - $keywords_param = !empty($keywords) ? '&keywords=' . urlencode(htmlspecialchars_decode($keywords, ENT_COMPAT)) : ''; + $keywords_param = !empty($keywords) ? '&keywords=' . urlencode(html_entity_decode($keywords, ENT_COMPAT)) : ''; $log_data = array(); $log_count = 0; diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index c463179227..91c50cfe5a 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -506,7 +506,7 @@ class bbcode_firstpass extends bbcode } // Because highlight_string is specialcharing the text (but we already did this before), we have to reverse this in order to get correct results - $code = htmlspecialchars_decode($code, ENT_COMPAT); + $code = html_entity_decode($code, ENT_COMPAT); $code = highlight_string($code, true); $str_from = array('', '', '','[', ']', '.', ':'); @@ -1247,7 +1247,7 @@ class parse_message extends bbcode_firstpass )); // Parse this message - $this->message = $parser->parse(htmlspecialchars_decode($this->message, ENT_QUOTES)); + $this->message = $parser->parse(html_entity_decode($this->message, ENT_QUOTES)); // Remove quotes that are nested too deep if ($config['max_quote_depth'] > 0) diff --git a/phpBB/includes/questionnaire/questionnaire.php b/phpBB/includes/questionnaire/questionnaire.php index 35962b1adc..a8a95bd130 100644 --- a/phpBB/includes/questionnaire/questionnaire.php +++ b/phpBB/includes/questionnaire/questionnaire.php @@ -150,11 +150,11 @@ class phpbb_questionnaire_system_data_provider // Start discovering the IPV4 server address, if available // Try apache, IIS, fall back to 0.0.0.0 - $server_address = htmlspecialchars_decode($request->server('SERVER_ADDR', $request->server('LOCAL_ADDR', '0.0.0.0')), ENT_COMPAT); + $server_address = html_entity_decode($request->server('SERVER_ADDR', $request->server('LOCAL_ADDR', '0.0.0.0')), ENT_COMPAT); return array( 'os' => PHP_OS, - 'httpd' => htmlspecialchars_decode($request->server('SERVER_SOFTWARE'), ENT_COMPAT), + 'httpd' => html_entity_decode($request->server('SERVER_SOFTWARE'), ENT_COMPAT), // we don't want the real IP address (for privacy policy reasons) but only // a network address to see whether your installation is running on a private or public network. 'private_ip' => $this->is_private_ip($server_address), diff --git a/phpBB/includes/ucp/ucp_activate.php b/phpBB/includes/ucp/ucp_activate.php index 98093aeeaa..da25425e3a 100644 --- a/phpBB/includes/ucp/ucp_activate.php +++ b/phpBB/includes/ucp/ucp_activate.php @@ -142,7 +142,7 @@ class ucp_activate $messenger->anti_abuse_headers($config, $user); $messenger->assign_vars(array( - 'USERNAME' => htmlspecialchars_decode($user_row['username'], ENT_COMPAT)) + 'USERNAME' => html_entity_decode($user_row['username'], ENT_COMPAT)) ); $messenger->send($user_row['user_notify_type']); diff --git a/phpBB/includes/ucp/ucp_profile.php b/phpBB/includes/ucp/ucp_profile.php index 229f3fc06a..313abef868 100644 --- a/phpBB/includes/ucp/ucp_profile.php +++ b/phpBB/includes/ucp/ucp_profile.php @@ -186,7 +186,7 @@ class ucp_profile $messenger->anti_abuse_headers($config, $user); $messenger->assign_vars(array( - 'USERNAME' => htmlspecialchars_decode($data['username'], ENT_COMPAT), + 'USERNAME' => html_entity_decode($data['username'], ENT_COMPAT), 'U_ACTIVATE' => "$server_url/ucp.$phpEx?mode=activate&u={$user->data['user_id']}&k=$user_actkey") ); diff --git a/phpBB/includes/ucp/ucp_register.php b/phpBB/includes/ucp/ucp_register.php index 1ef761eaab..79840c929c 100644 --- a/phpBB/includes/ucp/ucp_register.php +++ b/phpBB/includes/ucp/ucp_register.php @@ -468,9 +468,9 @@ class ucp_register $messenger->anti_abuse_headers($config, $user); $messenger->assign_vars(array( - 'WELCOME_MSG' => htmlspecialchars_decode(sprintf($user->lang['WELCOME_SUBJECT'], $config['sitename']), ENT_COMPAT), - 'USERNAME' => htmlspecialchars_decode($data['username'], ENT_COMPAT), - 'PASSWORD' => htmlspecialchars_decode($data['new_password'], ENT_COMPAT), + 'WELCOME_MSG' => html_entity_decode(sprintf($user->lang['WELCOME_SUBJECT'], $config['sitename']), ENT_COMPAT), + 'USERNAME' => html_entity_decode($data['username'], ENT_COMPAT), + 'PASSWORD' => html_entity_decode($data['new_password'], ENT_COMPAT), 'U_ACTIVATE' => "$server_url/ucp.$phpEx?mode=activate&u=$user_id&k=$user_actkey") ); diff --git a/phpBB/includes/ucp/ucp_resend.php b/phpBB/includes/ucp/ucp_resend.php index a3f9868145..7f952af6c3 100644 --- a/phpBB/includes/ucp/ucp_resend.php +++ b/phpBB/includes/ucp/ucp_resend.php @@ -99,8 +99,8 @@ class ucp_resend $messenger->anti_abuse_headers($config, $user); $messenger->assign_vars(array( - 'WELCOME_MSG' => htmlspecialchars_decode(sprintf($user->lang['WELCOME_SUBJECT'], $config['sitename']), ENT_COMPAT), - 'USERNAME' => htmlspecialchars_decode($user_row['username'], ENT_COMPAT), + 'WELCOME_MSG' => html_entity_decode(sprintf($user->lang['WELCOME_SUBJECT'], $config['sitename']), ENT_COMPAT), + 'USERNAME' => html_entity_decode($user_row['username'], ENT_COMPAT), 'U_ACTIVATE' => generate_board_url() . "/ucp.$phpEx?mode=activate&u={$user_row['user_id']}&k={$user_row['user_actkey']}") ); @@ -134,7 +134,7 @@ class ucp_resend $messenger->anti_abuse_headers($config, $user); $messenger->assign_vars(array( - 'USERNAME' => htmlspecialchars_decode($user_row['username'], ENT_COMPAT), + 'USERNAME' => html_entity_decode($user_row['username'], ENT_COMPAT), 'U_USER_DETAILS' => generate_board_url() . "/memberlist.$phpEx?mode=viewprofile&u={$user_row['user_id']}", 'U_ACTIVATE' => generate_board_url() . "/ucp.$phpEx?mode=activate&u={$user_row['user_id']}&k={$user_row['user_actkey']}") ); diff --git a/phpBB/memberlist.php b/phpBB/memberlist.php index 1acd502d4d..8ee7a4325f 100644 --- a/phpBB/memberlist.php +++ b/phpBB/memberlist.php @@ -442,16 +442,16 @@ switch ($mode) $messenger = new messenger(false); $messenger->template('profile_send_im', $row['user_lang']); - $messenger->subject(htmlspecialchars_decode($subject, ENT_COMPAT)); + $messenger->subject(html_entity_decode($subject, ENT_COMPAT)); $messenger->replyto($user->data['user_email']); $messenger->set_addresses($row); $messenger->assign_vars(array( 'BOARD_CONTACT' => phpbb_get_board_contact($config, $phpEx), - 'FROM_USERNAME' => htmlspecialchars_decode($user->data['username'], ENT_COMPAT), - 'TO_USERNAME' => htmlspecialchars_decode($row['username'], ENT_COMPAT), - 'MESSAGE' => htmlspecialchars_decode($message, ENT_COMPAT)) + 'FROM_USERNAME' => html_entity_decode($user->data['username'], ENT_COMPAT), + 'TO_USERNAME' => html_entity_decode($row['username'], ENT_COMPAT), + 'MESSAGE' => html_entity_decode($message, ENT_COMPAT)) ); $messenger->send(NOTIFY_IM); @@ -804,8 +804,8 @@ switch ($mode) 'S_USER_NOTES' => ($user_notes_enabled) ? true : false, 'S_WARN_USER' => ($warn_user_enabled) ? true : false, 'S_ZEBRA' => ($user->data['user_id'] != $user_id && $user->data['is_registered'] && $zebra_enabled) ? true : false, - 'U_ADD_FRIEND' => (!$friend && !$foe && $friends_enabled) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=zebra&add=' . urlencode(htmlspecialchars_decode($member['username'], ENT_COMPAT))) : '', - 'U_ADD_FOE' => (!$friend && !$foe && $foes_enabled) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=zebra&mode=foes&add=' . urlencode(htmlspecialchars_decode($member['username'], ENT_COMPAT))) : '', + 'U_ADD_FRIEND' => (!$friend && !$foe && $friends_enabled) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=zebra&add=' . urlencode(html_entity_decode($member['username'], ENT_COMPAT))) : '', + 'U_ADD_FOE' => (!$friend && !$foe && $foes_enabled) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=zebra&mode=foes&add=' . urlencode(html_entity_decode($member['username'], ENT_COMPAT))) : '', 'U_REMOVE_FRIEND' => ($friend && $friends_enabled) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=zebra&remove=1&usernames[]=' . $user_id) : '', 'U_REMOVE_FOE' => ($foe && $foes_enabled) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=zebra&remove=1&mode=foes&usernames[]=' . $user_id) : '', @@ -987,7 +987,7 @@ switch ($mode) { $user_list[] = [ 'user_id' => (int) $row['user_id'], - 'result' => htmlspecialchars_decode($row['username']), + 'result' => html_entity_decode($row['username']), 'username_full' => get_username_string('full', $row['user_id'], $row['username'], $row['user_colour']), 'display' => get_username_string('no_profile', $row['user_id'], $row['username'], $row['user_colour']), ]; diff --git a/phpBB/phpbb/auth/provider/apache.php b/phpBB/phpbb/auth/provider/apache.php index a13e2d9484..4da0ec8637 100644 --- a/phpBB/phpbb/auth/provider/apache.php +++ b/phpBB/phpbb/auth/provider/apache.php @@ -73,7 +73,7 @@ class apache extends base */ public function init() { - if (!$this->request->is_set('PHP_AUTH_USER', request_interface::SERVER) || $this->user->data['username'] !== htmlspecialchars_decode($this->request->server('PHP_AUTH_USER'), ENT_COMPAT)) + if (!$this->request->is_set('PHP_AUTH_USER', request_interface::SERVER) || $this->user->data['username'] !== html_entity_decode($this->request->server('PHP_AUTH_USER'), ENT_COMPAT)) { return $this->language->lang('APACHE_SETUP_BEFORE_USE'); } @@ -113,8 +113,8 @@ class apache extends base ); } - $php_auth_user = htmlspecialchars_decode($this->request->server('PHP_AUTH_USER'), ENT_COMPAT); - $php_auth_pw = htmlspecialchars_decode($this->request->server('PHP_AUTH_PW'), ENT_COMPAT); + $php_auth_user = html_entity_decode($this->request->server('PHP_AUTH_USER'), ENT_COMPAT); + $php_auth_pw = html_entity_decode($this->request->server('PHP_AUTH_PW'), ENT_COMPAT); if (!empty($php_auth_user) && !empty($php_auth_pw)) { @@ -180,8 +180,8 @@ class apache extends base return array(); } - $php_auth_user = htmlspecialchars_decode($this->request->server('PHP_AUTH_USER'), ENT_COMPAT); - $php_auth_pw = htmlspecialchars_decode($this->request->server('PHP_AUTH_PW'), ENT_COMPAT); + $php_auth_user = html_entity_decode($this->request->server('PHP_AUTH_USER'), ENT_COMPAT); + $php_auth_pw = html_entity_decode($this->request->server('PHP_AUTH_PW'), ENT_COMPAT); if (!empty($php_auth_user) && !empty($php_auth_pw)) { diff --git a/phpBB/phpbb/auth/provider/ldap.php b/phpBB/phpbb/auth/provider/ldap.php index 4945d6ca53..9daad9e5f6 100644 --- a/phpBB/phpbb/auth/provider/ldap.php +++ b/phpBB/phpbb/auth/provider/ldap.php @@ -83,7 +83,7 @@ class ldap extends base if ($this->config['ldap_user'] || $this->config['ldap_password']) { - if (!@ldap_bind($ldap, htmlspecialchars_decode($this->config['ldap_user'], ENT_COMPAT), htmlspecialchars_decode($this->config['ldap_password'], ENT_COMPAT))) + if (!@ldap_bind($ldap, html_entity_decode($this->config['ldap_user'], ENT_COMPAT), html_entity_decode($this->config['ldap_password'], ENT_COMPAT))) { return $this->language->lang('LDAP_INCORRECT_USER_PASSWORD'); } @@ -92,11 +92,11 @@ class ldap extends base // ldap_connect only checks whether the specified server is valid, so the connection might still fail $search = @ldap_search( $ldap, - htmlspecialchars_decode($this->config['ldap_base_dn'], ENT_COMPAT), + html_entity_decode($this->config['ldap_base_dn'], ENT_COMPAT), $this->ldap_user_filter($this->user->data['username']), (empty($this->config['ldap_email'])) ? - array(htmlspecialchars_decode($this->config['ldap_uid'], ENT_COMPAT)) : - array(htmlspecialchars_decode($this->config['ldap_uid'], ENT_COMPAT), htmlspecialchars_decode($this->config['ldap_email'], ENT_COMPAT)), + array(html_entity_decode($this->config['ldap_uid'], ENT_COMPAT)) : + array(html_entity_decode($this->config['ldap_uid'], ENT_COMPAT), html_entity_decode($this->config['ldap_email'], ENT_COMPAT)), 0, 1 ); @@ -115,7 +115,7 @@ class ldap extends base return $this->language->lang('LDAP_NO_IDENTITY', $this->user->data['username']); } - if (!empty($this->config['ldap_email']) && !isset($result[0][htmlspecialchars_decode($this->config['ldap_email'])])) + if (!empty($this->config['ldap_email']) && !isset($result[0][html_entity_decode($this->config['ldap_email'])])) { return $this->language->lang('LDAP_NO_EMAIL'); } @@ -180,7 +180,7 @@ class ldap extends base if ($this->config['ldap_user'] || $this->config['ldap_password']) { - if (!@ldap_bind($ldap, htmlspecialchars_decode($this->config['ldap_user'], ENT_COMPAT), htmlspecialchars_decode($this->config['ldap_password'], ENT_COMPAT))) + if (!@ldap_bind($ldap, html_entity_decode($this->config['ldap_user'], ENT_COMPAT), html_entity_decode($this->config['ldap_password'], ENT_COMPAT))) { return array( 'status' => LOGIN_ERROR_EXTERNAL_AUTH, @@ -192,11 +192,11 @@ class ldap extends base $search = @ldap_search( $ldap, - htmlspecialchars_decode($this->config['ldap_base_dn'], ENT_COMPAT), + html_entity_decode($this->config['ldap_base_dn'], ENT_COMPAT), $this->ldap_user_filter($username), (empty($this->config['ldap_email'])) ? - array(htmlspecialchars_decode($this->config['ldap_uid'], ENT_COMPAT)) : - array(htmlspecialchars_decode($this->config['ldap_uid'], ENT_COMPAT), htmlspecialchars_decode($this->config['ldap_email'], ENT_COMPAT)), + array(html_entity_decode($this->config['ldap_uid'], ENT_COMPAT)) : + array(html_entity_decode($this->config['ldap_uid'], ENT_COMPAT), html_entity_decode($this->config['ldap_email'], ENT_COMPAT)), 0, 1 ); @@ -205,7 +205,7 @@ class ldap extends base if (is_array($ldap_result) && count($ldap_result) > 1) { - if (@ldap_bind($ldap, $ldap_result[0]['dn'], htmlspecialchars_decode($password, ENT_COMPAT))) + if (@ldap_bind($ldap, $ldap_result[0]['dn'], html_entity_decode($password, ENT_COMPAT))) { @ldap_close($ldap); @@ -257,7 +257,7 @@ class ldap extends base $ldap_user_row = array( 'username' => $username, 'user_password' => '', - 'user_email' => (!empty($this->config['ldap_email'])) ? utf8_htmlspecialchars($ldap_result[0][htmlspecialchars_decode($this->config['ldap_email'], ENT_COMPAT)][0]) : '', + 'user_email' => (!empty($this->config['ldap_email'])) ? utf8_htmlspecialchars($ldap_result[0][html_entity_decode($this->config['ldap_email'], ENT_COMPAT)][0]) : '', 'group_id' => (int) $row['group_id'], 'user_type' => USER_NORMAL, 'user_ip' => $this->user->ip, @@ -337,7 +337,7 @@ class ldap extends base */ private function ldap_user_filter($username) { - $filter = '(' . $this->config['ldap_uid'] . '=' . $this->ldap_escape(htmlspecialchars_decode($username, ENT_COMPAT)) . ')'; + $filter = '(' . $this->config['ldap_uid'] . '=' . $this->ldap_escape(html_entity_decode($username, ENT_COMPAT)) . ')'; if ($this->config['ldap_user_filter']) { $_filter = ($this->config['ldap_user_filter'][0] == '(' && substr($this->config['ldap_user_filter'], -1) == ')') ? $this->config['ldap_user_filter'] : "({$this->config['ldap_user_filter']})"; diff --git a/phpBB/phpbb/console/command/user/activate.php b/phpBB/phpbb/console/command/user/activate.php index 6dab26e7b0..bf70086fb5 100644 --- a/phpBB/phpbb/console/command/user/activate.php +++ b/phpBB/phpbb/console/command/user/activate.php @@ -209,7 +209,7 @@ class activate extends command $messenger->set_addresses($user_row); $messenger->anti_abuse_headers($this->config, $this->user); $messenger->assign_vars(array( - 'USERNAME' => htmlspecialchars_decode($user_row['username'], ENT_COMPAT)) + 'USERNAME' => html_entity_decode($user_row['username'], ENT_COMPAT)) ); $messenger->send(NOTIFY_EMAIL); diff --git a/phpBB/phpbb/console/command/user/add.php b/phpBB/phpbb/console/command/user/add.php index 10eb8c60ea..40f866c176 100644 --- a/phpBB/phpbb/console/command/user/add.php +++ b/phpBB/phpbb/console/command/user/add.php @@ -312,9 +312,9 @@ class add extends command $messenger->to($this->data['email'], $this->data['username']); $messenger->anti_abuse_headers($this->config, $this->user); $messenger->assign_vars(array( - 'WELCOME_MSG' => htmlspecialchars_decode($this->language->lang('WELCOME_SUBJECT', $this->config['sitename']), ENT_COMPAT), - 'USERNAME' => htmlspecialchars_decode($this->data['username'], ENT_COMPAT), - 'PASSWORD' => htmlspecialchars_decode($this->data['new_password'], ENT_COMPAT), + 'WELCOME_MSG' => html_entity_decode($this->language->lang('WELCOME_SUBJECT', $this->config['sitename']), ENT_COMPAT), + 'USERNAME' => html_entity_decode($this->data['username'], ENT_COMPAT), + 'PASSWORD' => html_entity_decode($this->data['new_password'], ENT_COMPAT), 'U_ACTIVATE' => generate_board_url() . "/ucp.{$this->php_ext}?mode=activate&u=$user_id&k=$user_actkey") ); diff --git a/phpBB/phpbb/install/helper/iohandler/ajax_iohandler.php b/phpBB/phpbb/install/helper/iohandler/ajax_iohandler.php index f4fb364c55..c235b8557a 100644 --- a/phpBB/phpbb/install/helper/iohandler/ajax_iohandler.php +++ b/phpBB/phpbb/install/helper/iohandler/ajax_iohandler.php @@ -418,7 +418,7 @@ class ajax_iohandler extends iohandler_base if ($msg !== null) { - $link_properties['msg'] = htmlspecialchars_decode($this->language->lang($msg), ENT_COMPAT); + $link_properties['msg'] = html_entity_decode($this->language->lang($msg), ENT_COMPAT); } $this->download[] = $link_properties; diff --git a/phpBB/phpbb/install/helper/iohandler/iohandler_base.php b/phpBB/phpbb/install/helper/iohandler/iohandler_base.php index 2a29fd3300..71b1a12f48 100644 --- a/phpBB/phpbb/install/helper/iohandler/iohandler_base.php +++ b/phpBB/phpbb/install/helper/iohandler/iohandler_base.php @@ -108,7 +108,7 @@ abstract class iohandler_base implements iohandler_interface { if (!is_array($error_title) && strpos($error_title, '
') !== false) { - $error_title = strip_tags(htmlspecialchars_decode($error_title, ENT_COMPAT)); + $error_title = strip_tags(html_entity_decode($error_title, ENT_COMPAT)); } $this->errors[] = $this->translate_message($error_title, $error_description); } diff --git a/phpBB/phpbb/install/module/install_finish/task/notify_user.php b/phpBB/phpbb/install/module/install_finish/task/notify_user.php index 8cc9efc38e..ee11152013 100644 --- a/phpBB/phpbb/install/module/install_finish/task/notify_user.php +++ b/phpBB/phpbb/install/module/install_finish/task/notify_user.php @@ -120,8 +120,8 @@ class notify_user extends \phpbb\install\task_base $messenger->to($this->config['board_email'], $this->install_config->get('admin_name')); $messenger->anti_abuse_headers($this->config, $this->user); $messenger->assign_vars(array( - 'USERNAME' => htmlspecialchars_decode($this->install_config->get('admin_name'), ENT_COMPAT), - 'PASSWORD' => htmlspecialchars_decode($this->install_config->get('admin_passwd'), ENT_COMPAT)) + 'USERNAME' => html_entity_decode($this->install_config->get('admin_name'), ENT_COMPAT), + 'PASSWORD' => html_entity_decode($this->install_config->get('admin_passwd'), ENT_COMPAT)) ); $messenger->send(NOTIFY_EMAIL); } diff --git a/phpBB/phpbb/install/module/obtain_data/task/obtain_server_data.php b/phpBB/phpbb/install/module/obtain_data/task/obtain_server_data.php index 6b5a14c117..002bd9b331 100644 --- a/phpBB/phpbb/install/module/obtain_data/task/obtain_server_data.php +++ b/phpBB/phpbb/install/module/obtain_data/task/obtain_server_data.php @@ -54,7 +54,7 @@ class obtain_server_data extends \phpbb\install\task_base implements \phpbb\inst $server_port = $this->io_handler->get_server_variable('SERVER_PORT', 0); // HTTP_HOST is having the correct browser url in most cases... - $server_name = strtolower(htmlspecialchars_decode($this->io_handler->get_header_variable( + $server_name = strtolower(html_entity_decode($this->io_handler->get_header_variable( 'Host', $this->io_handler->get_server_variable('SERVER_NAME') ), ENT_COMPAT)); @@ -65,11 +65,11 @@ class obtain_server_data extends \phpbb\install\task_base implements \phpbb\inst $server_name = substr($server_name, 0, strpos($server_name, ':')); } - $script_path = htmlspecialchars_decode($this->io_handler->get_server_variable('PHP_SELF'), ENT_COMPAT); + $script_path = html_entity_decode($this->io_handler->get_server_variable('PHP_SELF'), ENT_COMPAT); if (!$script_path) { - $script_path = htmlspecialchars_decode($this->io_handler->get_server_variable('REQUEST_URI'), ENT_COMPAT); + $script_path = html_entity_decode($this->io_handler->get_server_variable('REQUEST_URI'), ENT_COMPAT); } $script_path = str_replace(array('\\', '//'), '/', $script_path); diff --git a/phpBB/phpbb/install/module/obtain_data/task/obtain_update_ftp_data.php b/phpBB/phpbb/install/module/obtain_data/task/obtain_update_ftp_data.php index 0bf625d898..f271f318fe 100644 --- a/phpBB/phpbb/install/module/obtain_data/task/obtain_update_ftp_data.php +++ b/phpBB/phpbb/install/module/obtain_data/task/obtain_update_ftp_data.php @@ -87,7 +87,7 @@ class obtain_update_ftp_data extends task_base $ftp_host = $this->iohandler->get_input('ftp_host', '', true); $ftp_user = $this->iohandler->get_input('ftp_user', '', true); - $ftp_pass = htmlspecialchars_decode($this->iohandler->get_input('ftp_pass', '', true), ENT_COMPAT); + $ftp_pass = html_entity_decode($this->iohandler->get_input('ftp_pass', '', true), ENT_COMPAT); $ftp_path = $this->iohandler->get_input('ftp_path', '', true); $ftp_port = $this->iohandler->get_input('ftp_port', 21); $ftp_time = $this->iohandler->get_input('ftp_timeout', 10); diff --git a/phpBB/phpbb/message/message.php b/phpBB/phpbb/message/message.php index f00cfbd322..45f4a61bd4 100644 --- a/phpBB/phpbb/message/message.php +++ b/phpBB/phpbb/message/message.php @@ -262,13 +262,13 @@ class message $messenger->headers('X-AntiAbuse: Username - ' . $this->sender_username); } - $messenger->subject(htmlspecialchars_decode($this->subject, ENT_COMPAT)); + $messenger->subject(html_entity_decode($this->subject, ENT_COMPAT)); $messenger->assign_vars(array( 'BOARD_CONTACT' => $contact, - 'TO_USERNAME' => htmlspecialchars_decode($recipient['to_name'], ENT_COMPAT), - 'FROM_USERNAME' => htmlspecialchars_decode($this->sender_name, ENT_COMPAT), - 'MESSAGE' => htmlspecialchars_decode($this->body, ENT_COMPAT)) + 'TO_USERNAME' => html_entity_decode($recipient['to_name'], ENT_COMPAT), + 'FROM_USERNAME' => html_entity_decode($this->sender_name, ENT_COMPAT), + 'MESSAGE' => html_entity_decode($this->body, ENT_COMPAT)) ); if (count($this->template_vars)) diff --git a/phpBB/phpbb/message/topic_form.php b/phpBB/phpbb/message/topic_form.php index 42d893deb3..8dc6e6a2e5 100644 --- a/phpBB/phpbb/message/topic_form.php +++ b/phpBB/phpbb/message/topic_form.php @@ -122,7 +122,7 @@ class topic_form extends form $this->message->set_template('email_notify'); $this->message->set_template_vars(array( - 'TOPIC_NAME' => htmlspecialchars_decode($this->topic_row['topic_title'], ENT_COMPAT), + 'TOPIC_NAME' => html_entity_decode($this->topic_row['topic_title'], ENT_COMPAT), 'U_TOPIC' => generate_board_url() . '/viewtopic.' . $this->phpEx . '?t=' . $this->topic_id, )); $this->message->set_body($this->body); diff --git a/phpBB/phpbb/notification/type/admin_activate_user.php b/phpBB/phpbb/notification/type/admin_activate_user.php index 7b407ce92d..7df90fda45 100644 --- a/phpBB/phpbb/notification/type/admin_activate_user.php +++ b/phpBB/phpbb/notification/type/admin_activate_user.php @@ -150,7 +150,7 @@ class admin_activate_user extends \phpbb\notification\type\base $username = $this->user_loader->get_username($this->item_id, 'username'); return array( - 'USERNAME' => htmlspecialchars_decode($username, ENT_COMPAT), + 'USERNAME' => html_entity_decode($username, ENT_COMPAT), 'U_USER_DETAILS' => "{$board_url}/memberlist.{$this->php_ext}?mode=viewprofile&u={$this->item_id}", 'U_ACTIVATE' => "{$board_url}/ucp.{$this->php_ext}?mode=activate&u={$this->item_id}&k={$this->get_data('user_actkey')}", ); diff --git a/phpBB/phpbb/notification/type/disapprove_post.php b/phpBB/phpbb/notification/type/disapprove_post.php index 2d2f7997b5..d96d42f3cf 100644 --- a/phpBB/phpbb/notification/type/disapprove_post.php +++ b/phpBB/phpbb/notification/type/disapprove_post.php @@ -120,7 +120,7 @@ class disapprove_post extends \phpbb\notification\type\approve_post public function get_email_template_variables() { return array_merge(parent::get_email_template_variables(), array( - 'REASON' => htmlspecialchars_decode($this->get_data('disapprove_reason'), ENT_COMPAT), + 'REASON' => html_entity_decode($this->get_data('disapprove_reason'), ENT_COMPAT), )); } diff --git a/phpBB/phpbb/notification/type/disapprove_topic.php b/phpBB/phpbb/notification/type/disapprove_topic.php index 01d611238b..f212681c4c 100644 --- a/phpBB/phpbb/notification/type/disapprove_topic.php +++ b/phpBB/phpbb/notification/type/disapprove_topic.php @@ -120,7 +120,7 @@ class disapprove_topic extends \phpbb\notification\type\approve_topic public function get_email_template_variables() { return array_merge(parent::get_email_template_variables(), array( - 'REASON' => htmlspecialchars_decode($this->get_data('disapprove_reason'), ENT_COMPAT), + 'REASON' => html_entity_decode($this->get_data('disapprove_reason'), ENT_COMPAT), )); } diff --git a/phpBB/phpbb/notification/type/forum.php b/phpBB/phpbb/notification/type/forum.php index a490881e48..e8268f71fe 100644 --- a/phpBB/phpbb/notification/type/forum.php +++ b/phpBB/phpbb/notification/type/forum.php @@ -130,10 +130,10 @@ class forum extends \phpbb\notification\type\post } return [ - 'AUTHOR_NAME' => htmlspecialchars_decode($username, ENT_COMPAT), - 'FORUM_NAME' => htmlspecialchars_decode(censor_text($this->get_data('forum_name')), ENT_COMPAT), - 'POST_SUBJECT' => htmlspecialchars_decode(censor_text($this->get_data('post_subject')), ENT_COMPAT), - 'TOPIC_TITLE' => htmlspecialchars_decode(censor_text($this->get_data('topic_title')), ENT_COMPAT), + 'AUTHOR_NAME' => html_entity_decode($username, ENT_COMPAT), + 'FORUM_NAME' => html_entity_decode(censor_text($this->get_data('forum_name')), ENT_COMPAT), + 'POST_SUBJECT' => html_entity_decode(censor_text($this->get_data('post_subject')), ENT_COMPAT), + 'TOPIC_TITLE' => html_entity_decode(censor_text($this->get_data('topic_title')), ENT_COMPAT), 'U_VIEW_POST' => generate_board_url() . "/viewtopic.{$this->php_ext}?p={$this->item_id}#p{$this->item_id}", 'U_NEWEST_POST' => generate_board_url() . "/viewtopic.{$this->php_ext}?f={$this->get_data('forum_id')}&t={$this->item_parent_id}&e=1&view=unread#unread", diff --git a/phpBB/phpbb/notification/type/group_request.php b/phpBB/phpbb/notification/type/group_request.php index ce5231f9d1..2f9c6a48a1 100644 --- a/phpBB/phpbb/notification/type/group_request.php +++ b/phpBB/phpbb/notification/type/group_request.php @@ -133,8 +133,8 @@ class group_request extends \phpbb\notification\type\base $user_data = $this->user_loader->get_user($this->item_id); return array( - 'GROUP_NAME' => htmlspecialchars_decode($this->get_data('group_name'), ENT_COMPAT), - 'REQUEST_USERNAME' => htmlspecialchars_decode($user_data['username'], ENT_COMPAT), + 'GROUP_NAME' => html_entity_decode($this->get_data('group_name'), ENT_COMPAT), + 'REQUEST_USERNAME' => html_entity_decode($user_data['username'], ENT_COMPAT), 'U_PENDING' => generate_board_url() . "/ucp.{$this->php_ext}?i=groups&mode=manage&action=list&g={$this->item_parent_id}", 'U_GROUP' => generate_board_url() . "/memberlist.{$this->php_ext}?mode=group&g={$this->item_parent_id}", diff --git a/phpBB/phpbb/notification/type/pm.php b/phpBB/phpbb/notification/type/pm.php index 20b206e70b..e7f8f10c7b 100644 --- a/phpBB/phpbb/notification/type/pm.php +++ b/phpBB/phpbb/notification/type/pm.php @@ -164,8 +164,8 @@ class pm extends \phpbb\notification\type\base $user_data = $this->user_loader->get_user($this->get_data('from_user_id')); return array( - 'AUTHOR_NAME' => htmlspecialchars_decode($user_data['username'], ENT_COMPAT), - 'SUBJECT' => htmlspecialchars_decode(censor_text($this->get_data('message_subject')), ENT_COMPAT), + 'AUTHOR_NAME' => html_entity_decode($user_data['username'], ENT_COMPAT), + 'SUBJECT' => html_entity_decode(censor_text($this->get_data('message_subject')), ENT_COMPAT), 'U_VIEW_MESSAGE' => generate_board_url() . '/ucp.' . $this->php_ext . "?i=pm&mode=view&p={$this->item_id}", ); diff --git a/phpBB/phpbb/notification/type/post.php b/phpBB/phpbb/notification/type/post.php index c07047dc67..06132f597b 100644 --- a/phpBB/phpbb/notification/type/post.php +++ b/phpBB/phpbb/notification/type/post.php @@ -262,9 +262,9 @@ class post extends \phpbb\notification\type\base } return array( - 'AUTHOR_NAME' => htmlspecialchars_decode($username, ENT_COMPAT), - 'POST_SUBJECT' => htmlspecialchars_decode(censor_text($this->get_data('post_subject')), ENT_COMPAT), - 'TOPIC_TITLE' => htmlspecialchars_decode(censor_text($this->get_data('topic_title')), ENT_COMPAT), + 'AUTHOR_NAME' => html_entity_decode($username, ENT_COMPAT), + 'POST_SUBJECT' => html_entity_decode(censor_text($this->get_data('post_subject')), ENT_COMPAT), + 'TOPIC_TITLE' => html_entity_decode(censor_text($this->get_data('topic_title')), ENT_COMPAT), 'U_VIEW_POST' => generate_board_url() . "/viewtopic.{$this->php_ext}?p={$this->item_id}#p{$this->item_id}", 'U_NEWEST_POST' => generate_board_url() . "/viewtopic.{$this->php_ext}?t={$this->item_parent_id}&e=1&view=unread#unread", diff --git a/phpBB/phpbb/notification/type/quote.php b/phpBB/phpbb/notification/type/quote.php index 826d40e6da..a2f15ee394 100644 --- a/phpBB/phpbb/notification/type/quote.php +++ b/phpBB/phpbb/notification/type/quote.php @@ -168,7 +168,7 @@ class quote extends \phpbb\notification\type\post $user_data = $this->user_loader->get_user($this->get_data('poster_id')); return array_merge(parent::get_email_template_variables(), array( - 'AUTHOR_NAME' => htmlspecialchars_decode($user_data['username'], ENT_COMPAT), + 'AUTHOR_NAME' => html_entity_decode($user_data['username'], ENT_COMPAT), )); } diff --git a/phpBB/phpbb/notification/type/report_pm.php b/phpBB/phpbb/notification/type/report_pm.php index 0fd2654cb1..7e90882812 100644 --- a/phpBB/phpbb/notification/type/report_pm.php +++ b/phpBB/phpbb/notification/type/report_pm.php @@ -143,11 +143,11 @@ class report_pm extends \phpbb\notification\type\pm $user_data = $this->user_loader->get_user($this->get_data('from_user_id')); return [ - 'AUTHOR_NAME' => htmlspecialchars_decode($user_data['username'], ENT_COMPAT), - 'SUBJECT' => htmlspecialchars_decode(censor_text($this->get_data('message_subject')), ENT_COMPAT), + 'AUTHOR_NAME' => html_entity_decode($user_data['username'], ENT_COMPAT), + 'SUBJECT' => html_entity_decode(censor_text($this->get_data('message_subject')), ENT_COMPAT), /** @deprecated 3.2.6-RC1 (to be removed in 4.0.0) use {SUBJECT} instead in report_pm.txt */ - 'TOPIC_TITLE' => htmlspecialchars_decode(censor_text($this->get_data('message_subject')), ENT_COMPAT), + 'TOPIC_TITLE' => html_entity_decode(censor_text($this->get_data('message_subject')), ENT_COMPAT), 'U_VIEW_REPORT' => generate_board_url() . "/mcp.{$this->php_ext}?r={$this->item_parent_id}&i=pm_reports&mode=pm_report_details", ]; diff --git a/phpBB/phpbb/notification/type/report_pm_closed.php b/phpBB/phpbb/notification/type/report_pm_closed.php index 4738d6792f..c65254746a 100644 --- a/phpBB/phpbb/notification/type/report_pm_closed.php +++ b/phpBB/phpbb/notification/type/report_pm_closed.php @@ -104,9 +104,9 @@ class report_pm_closed extends \phpbb\notification\type\pm $closer_username = $this->user_loader->get_username($this->get_data('closer_id'), 'username'); return [ - 'AUTHOR_NAME' => htmlspecialchars_decode($sender_username, ENT_COMPAT), - 'CLOSER_NAME' => htmlspecialchars_decode($closer_username, ENT_COMPAT), - 'SUBJECT' => htmlspecialchars_decode(censor_text($this->get_data('message_subject')), ENT_COMPAT), + 'AUTHOR_NAME' => html_entity_decode($sender_username, ENT_COMPAT), + 'CLOSER_NAME' => html_entity_decode($closer_username, ENT_COMPAT), + 'SUBJECT' => html_entity_decode(censor_text($this->get_data('message_subject')), ENT_COMPAT), 'U_VIEW_MESSAGE'=> generate_board_url() . "/ucp.{$this->php_ext}?i=pm&mode=view&p={$this->item_id}", ]; diff --git a/phpBB/phpbb/notification/type/report_post.php b/phpBB/phpbb/notification/type/report_post.php index 84c4ad8ac9..ffc982dbab 100644 --- a/phpBB/phpbb/notification/type/report_post.php +++ b/phpBB/phpbb/notification/type/report_post.php @@ -110,8 +110,8 @@ class report_post extends \phpbb\notification\type\post_in_queue $board_url = generate_board_url(); return array( - 'POST_SUBJECT' => htmlspecialchars_decode(censor_text($this->get_data('post_subject')), ENT_COMPAT), - 'TOPIC_TITLE' => htmlspecialchars_decode(censor_text($this->get_data('topic_title')), ENT_COMPAT), + 'POST_SUBJECT' => html_entity_decode(censor_text($this->get_data('post_subject')), ENT_COMPAT), + 'TOPIC_TITLE' => html_entity_decode(censor_text($this->get_data('topic_title')), ENT_COMPAT), 'U_VIEW_REPORT' => "{$board_url}/mcp.{$this->php_ext}?p={$this->item_id}&i=reports&mode=report_details#reports", 'U_VIEW_POST' => "{$board_url}/viewtopic.{$this->php_ext}?p={$this->item_id}#p{$this->item_id}", diff --git a/phpBB/phpbb/notification/type/report_post_closed.php b/phpBB/phpbb/notification/type/report_post_closed.php index 5358846344..4162dac22a 100644 --- a/phpBB/phpbb/notification/type/report_post_closed.php +++ b/phpBB/phpbb/notification/type/report_post_closed.php @@ -111,10 +111,10 @@ class report_post_closed extends \phpbb\notification\type\post $closer_username = $this->user_loader->get_username($this->get_data('closer_id'), 'username'); return [ - 'AUTHOR_NAME' => htmlspecialchars_decode($post_username, ENT_COMPAT), - 'CLOSER_NAME' => htmlspecialchars_decode($closer_username, ENT_COMPAT), - 'POST_SUBJECT' => htmlspecialchars_decode(censor_text($this->get_data('post_subject')), ENT_COMPAT), - 'TOPIC_TITLE' => htmlspecialchars_decode(censor_text($this->get_data('topic_title')), ENT_COMPAT), + 'AUTHOR_NAME' => html_entity_decode($post_username, ENT_COMPAT), + 'CLOSER_NAME' => html_entity_decode($closer_username, ENT_COMPAT), + 'POST_SUBJECT' => html_entity_decode(censor_text($this->get_data('post_subject')), ENT_COMPAT), + 'TOPIC_TITLE' => html_entity_decode(censor_text($this->get_data('topic_title')), ENT_COMPAT), 'U_VIEW_POST' => generate_board_url() . "/viewtopic.{$this->php_ext}?p={$this->item_id}#p{$this->item_id}", ]; diff --git a/phpBB/phpbb/notification/type/topic.php b/phpBB/phpbb/notification/type/topic.php index e3ab948a77..ca819f9177 100644 --- a/phpBB/phpbb/notification/type/topic.php +++ b/phpBB/phpbb/notification/type/topic.php @@ -217,9 +217,9 @@ class topic extends \phpbb\notification\type\base } return array( - 'AUTHOR_NAME' => htmlspecialchars_decode($username, ENT_COMPAT), - 'FORUM_NAME' => htmlspecialchars_decode($this->get_data('forum_name'), ENT_COMPAT), - 'TOPIC_TITLE' => htmlspecialchars_decode(censor_text($this->get_data('topic_title')), ENT_COMPAT), + 'AUTHOR_NAME' => html_entity_decode($username, ENT_COMPAT), + 'FORUM_NAME' => html_entity_decode($this->get_data('forum_name'), ENT_COMPAT), + 'TOPIC_TITLE' => html_entity_decode(censor_text($this->get_data('topic_title')), ENT_COMPAT), 'U_TOPIC' => "{$board_url}/viewtopic.{$this->php_ext}?t={$this->item_id}", 'U_VIEW_TOPIC' => "{$board_url}/viewtopic.{$this->php_ext}?t={$this->item_id}", diff --git a/phpBB/phpbb/plupload/plupload.php b/phpBB/phpbb/plupload/plupload.php index f0b36abb40..ea8cfef5d0 100644 --- a/phpBB/phpbb/plupload/plupload.php +++ b/phpBB/phpbb/plupload/plupload.php @@ -163,7 +163,7 @@ class plupload 'S_PLUPLOAD' => true, 'FILTERS' => $filters, 'CHUNK_SIZE' => $chunk_size, - 'S_PLUPLOAD_URL' => htmlspecialchars_decode($s_action, ENT_COMPAT), + 'S_PLUPLOAD_URL' => html_entity_decode($s_action, ENT_COMPAT), 'MAX_ATTACHMENTS' => $max_files, 'ATTACH_ORDER' => ($this->config['display_order']) ? 'asc' : 'desc', 'L_TOO_MANY_ATTACHMENTS' => $this->user->lang('TOO_MANY_ATTACHMENTS', $max_files), diff --git a/phpBB/phpbb/search/fulltext_mysql.php b/phpBB/phpbb/search/fulltext_mysql.php index c280f095ef..7b4c92e67b 100644 --- a/phpBB/phpbb/search/fulltext_mysql.php +++ b/phpBB/phpbb/search/fulltext_mysql.php @@ -232,7 +232,7 @@ class fulltext_mysql extends \phpbb\search\base } // Filter out as above - $split_keywords = preg_replace("#[\n\r\t]+#", ' ', trim(htmlspecialchars_decode($keywords, ENT_COMPAT))); + $split_keywords = preg_replace("#[\n\r\t]+#", ' ', trim(html_entity_decode($keywords, ENT_COMPAT))); // Split words $split_keywords = preg_replace('#([^\p{L}\p{N}\'*"()])#u', '$1$1', str_replace('\'\'', '\' \'', trim($split_keywords))); @@ -597,7 +597,7 @@ class fulltext_mysql extends \phpbb\search\base $sql = "SELECT $sql_select FROM $sql_from$sql_sort_table" . POSTS_TABLE . " p - WHERE MATCH ($sql_match) AGAINST ('" . $this->db->sql_escape(htmlspecialchars_decode($this->search_query, ENT_COMPAT)) . "' IN BOOLEAN MODE) + WHERE MATCH ($sql_match) AGAINST ('" . $this->db->sql_escape(html_entity_decode($this->search_query, ENT_COMPAT)) . "' IN BOOLEAN MODE) $sql_where_options ORDER BY $sql_sort"; $this->db->sql_return_on_error(true); diff --git a/phpBB/phpbb/search/fulltext_native.php b/phpBB/phpbb/search/fulltext_native.php index 689d2a8f40..5deee98785 100644 --- a/phpBB/phpbb/search/fulltext_native.php +++ b/phpBB/phpbb/search/fulltext_native.php @@ -1824,7 +1824,7 @@ class fulltext_native extends \phpbb\search\base /** * Replace HTML entities and NCRs */ - $text = htmlspecialchars_decode(utf8_decode_ncr($text), ENT_QUOTES); + $text = html_entity_decode(utf8_decode_ncr($text), ENT_QUOTES); /** * Normalize to NFC diff --git a/phpBB/phpbb/search/fulltext_postgres.php b/phpBB/phpbb/search/fulltext_postgres.php index a0bb6242ec..4588636388 100644 --- a/phpBB/phpbb/search/fulltext_postgres.php +++ b/phpBB/phpbb/search/fulltext_postgres.php @@ -204,7 +204,7 @@ class fulltext_postgres extends \phpbb\search\base } // Filter out as above - $split_keywords = preg_replace("#[\"\n\r\t]+#", ' ', trim(htmlspecialchars_decode($keywords, ENT_COMPAT))); + $split_keywords = preg_replace("#[\"\n\r\t]+#", ' ', trim(html_entity_decode($keywords, ENT_COMPAT))); // Split words $split_keywords = preg_replace('#([^\p{L}\p{N}\'*"()])#u', '$1$1', str_replace('\'\'', '\' \'', trim($split_keywords))); diff --git a/phpBB/phpbb/session.php b/phpBB/phpbb/session.php index 869b214fcc..8e3815efd2 100644 --- a/phpBB/phpbb/session.php +++ b/phpBB/phpbb/session.php @@ -49,7 +49,7 @@ class session // If we are unable to get the script name we use REQUEST_URI as a failover and note it within the page array for easier support... if (!$script_name) { - $script_name = htmlspecialchars_decode($request->server('REQUEST_URI'), ENT_COMPAT); + $script_name = html_entity_decode($request->server('REQUEST_URI'), ENT_COMPAT); $script_name = (($pos = strpos($script_name, '?')) !== false) ? substr($script_name, 0, $pos) : $script_name; $page_array['failover'] = 1; } @@ -166,7 +166,7 @@ class session global $config, $request; // Get hostname - $host = htmlspecialchars_decode($request->header('Host', $request->server('SERVER_NAME')), ENT_COMPAT); + $host = html_entity_decode($request->header('Host', $request->server('SERVER_NAME')), ENT_COMPAT); // Should be a string and lowered $host = (string) strtolower($host); @@ -289,7 +289,7 @@ class session // Why no forwarded_for et al? Well, too easily spoofed. With the results of my recent requests // it's pretty clear that in the majority of cases you'll at least be left with a proxy/cache ip. - $ip = htmlspecialchars_decode($request->server('REMOTE_ADDR'), ENT_COMPAT); + $ip = html_entity_decode($request->server('REMOTE_ADDR'), ENT_COMPAT); $ip = preg_replace('# {2,}#', ' ', str_replace(',', ' ', $ip)); /** diff --git a/phpBB/phpbb/textformatter/data_access.php b/phpBB/phpbb/textformatter/data_access.php index 27ce778904..dd9a96e725 100644 --- a/phpBB/phpbb/textformatter/data_access.php +++ b/phpBB/phpbb/textformatter/data_access.php @@ -227,7 +227,7 @@ class data_access { foreach ($columns as $column) { - $row[$column] = htmlspecialchars_decode($row[$column], ENT_COMPAT); + $row[$column] = html_entity_decode($row[$column], ENT_COMPAT); } } diff --git a/phpBB/phpbb/ucp/controller/reset_password.php b/phpBB/phpbb/ucp/controller/reset_password.php index 61606df3b0..9919100a6c 100644 --- a/phpBB/phpbb/ucp/controller/reset_password.php +++ b/phpBB/phpbb/ucp/controller/reset_password.php @@ -265,7 +265,7 @@ class reset_password $messenger->anti_abuse_headers($this->config, $this->user); $messenger->assign_vars([ - 'USERNAME' => htmlspecialchars_decode($user_row['username'], ENT_COMPAT), + 'USERNAME' => html_entity_decode($user_row['username'], ENT_COMPAT), 'U_RESET_PASSWORD' => generate_board_url(true) . $this->helper->route('phpbb_ucp_reset_password_controller', [ 'u' => $user_row['user_id'], 'token' => $reset_token, diff --git a/phpBB/search.php b/phpBB/search.php index eb18bcc60b..cd2d65a482 100644 --- a/phpBB/search.php +++ b/phpBB/search.php @@ -678,16 +678,16 @@ if ($keywords || $author || $author_id || $search_id || $submit) $hilit = phpbb_clean_search_string(str_replace(array('+', '-', '|', '(', ')', '"'), ' ', $keywords)); $hilit = str_replace(' ', '|', $hilit); - $u_hilit = urlencode(htmlspecialchars_decode(str_replace('|', ' ', $hilit), ENT_COMPAT)); + $u_hilit = urlencode(html_entity_decode(str_replace('|', ' ', $hilit), ENT_COMPAT)); $u_show_results = '&sr=' . $show_results; $u_search_forum = implode('&fid%5B%5D=', $search_forum); $u_search = append_sid("{$phpbb_root_path}search.$phpEx", $u_sort_param . $u_show_results); $u_search .= ($search_id) ? '&search_id=' . $search_id : ''; - $u_search .= ($u_hilit) ? '&keywords=' . urlencode(htmlspecialchars_decode($keywords, ENT_COMPAT)) : ''; + $u_search .= ($u_hilit) ? '&keywords=' . urlencode(html_entity_decode($keywords, ENT_COMPAT)) : ''; $u_search .= ($search_terms != 'all') ? '&terms=' . $search_terms : ''; $u_search .= ($topic_id) ? '&t=' . $topic_id : ''; - $u_search .= ($author) ? '&author=' . urlencode(htmlspecialchars_decode($author, ENT_COMPAT)) : ''; + $u_search .= ($author) ? '&author=' . urlencode(html_entity_decode($author, ENT_COMPAT)) : ''; $u_search .= ($author_id) ? '&author_id=' . $author_id : ''; $u_search .= ($u_search_forum) ? '&fid%5B%5D=' . $u_search_forum : ''; $u_search .= (!$search_child) ? '&sc=0' : ''; @@ -1564,7 +1564,7 @@ if ($auth->acl_get('a_search')) 'KEYWORDS' => $keywords, 'TIME' => $user->format_date($row['search_time']), - 'U_KEYWORDS' => append_sid("{$phpbb_root_path}search.$phpEx", 'keywords=' . urlencode(htmlspecialchars_decode($keywords, ENT_COMPAT))) + 'U_KEYWORDS' => append_sid("{$phpbb_root_path}search.$phpEx", 'keywords=' . urlencode(html_entity_decode($keywords, ENT_COMPAT))) )); } $db->sql_freeresult($result); diff --git a/tests/email/email_parsing_test.php b/tests/email/email_parsing_test.php index 8bbfd51b0b..a812f88fba 100644 --- a/tests/email/email_parsing_test.php +++ b/tests/email/email_parsing_test.php @@ -123,8 +123,8 @@ class phpbb_email_parsing_test extends phpbb_test_case $this->messenger->set_addresses($user->data); $this->messenger->assign_vars(array( - 'EMAIL_SIG' => str_replace('
', "\n", "-- \n" . htmlspecialchars_decode($config['board_email_sig'], ENT_COMPAT)), - 'SITENAME' => htmlspecialchars_decode($config['sitename'], ENT_COMPAT), + 'EMAIL_SIG' => str_replace('
', "\n", "-- \n" . html_entity_decode($config['board_email_sig'], ENT_COMPAT)), + 'SITENAME' => html_entity_decode($config['sitename'], ENT_COMPAT), 'AUTHOR_NAME' => $author_name, 'FORUM_NAME' => $forum_name, @@ -143,8 +143,8 @@ class phpbb_email_parsing_test extends phpbb_test_case $this->assertStringContainsString($forum_name, $msg); $this->assertStringContainsString($topic_title, $msg); $this->assertStringContainsString($username, $msg); - $this->assertStringContainsString(htmlspecialchars_decode($config['sitename'], ENT_COMPAT), $msg); - $this->assertStringContainsString(str_replace('
', "\n", "-- \n" . htmlspecialchars_decode($config['board_email_sig'], ENT_COMPAT)), $msg); + $this->assertStringContainsString(html_entity_decode($config['sitename'], ENT_COMPAT), $msg); + $this->assertStringContainsString(str_replace('
', "\n", "-- \n" . html_entity_decode($config['board_email_sig'], ENT_COMPAT)), $msg); $this->assertStringNotContainsString('EMAIL_SIG', $msg); $this->assertStringNotContainsString('U_STOP_WATCHING_FORUM', $msg); }