From: Gustavo André dos Santos Lopes Date: Sun, 24 Oct 2010 16:21:15 +0000 (+0000) Subject: - Added to UPGRADING(.INTERNALS) information about the changes on html.c. X-Git-Tag: php-5.4.0alpha1~191^2~770 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=3f804701b50e73eb50e43aaca4644695844f1625;p=php - Added to UPGRADING(.INTERNALS) information about the changes on html.c. - Added to UPGRADING information about the new class Transliteral, the new parameter in dns_get_record and the fact that call_user_func_array no longer allows call-time pass-by-reference. --- diff --git a/UPGRADING b/UPGRADING index a39cd6fb47..048eb5a5f7 100755 --- a/UPGRADING +++ b/UPGRADING @@ -92,6 +92,48 @@ UPGRADE NOTES - PHP X.Y - array_combine now returns array() instead of FALSE when two empty arrays are provided as parameters. +- Added an extra parameter to dns_get_record(), which allows requesting DNS + records by numeric type and makes the result include only the raw data of + the response. +- call_user_func_array no longer allows call-time pass by reference. +- htmlentities/htmlspecialchars are stricter in the code units they accept for + the asian encodings. For Big5-HKSCS, the octets 0x80 and 0xFF are rejected. + For GB2312/EUC-CN, the octets 0x8E, 0x8F, 0xA0 and 0xFF are rejected. For + SJIS, the octets 0x80, 0xA0, 0xFD, 0xFE and 0xFF are rejected, except maybe + after a valid starting byte. For EUC-JP, the octets 0xA0 and 0xFF are + rejected. +- htmlentities now emits an E_STRICT warning when used with asian characters, + as in that case htmlentities has (and already had before this version) the + same functionality as htmlspecialchars. +- htmlentities no longer numerically encodes high characters for single-byte + encodings (except when there's actually a corresponding named entity). This + behavior was not documented and was inconsistent with that for "UTF-8". +- html_entity_decode/htmlspecialchars_decode behave more consistently, now + decoding entities in malformed strings such as "&&" or "&#&". +- htmlentities/htmlspecialchars/html_entity_decode/htmlspecialchars_decode: + Added the flags ENT_HTML401, ENT_XML1, ENT_XHTML, and ENT_HTML5. The + behavior of these functions including, but not limited to, the characters + that are encoded and the entities that are decoded depend on the document + type that is specified by those flags. +- htmlentities/htmlspecialchars with !$double_encode do more strict checks on + the validity of the entities. Numerical entities are checked for a valid + range (0 to 0x10FFFF); if the flag ENT_DISALLOWED is given, the validity of + such numerical entity in the target document type is also checked. Named + entitities are checked for necessary existence in the target document type + instead of only checking whether they were constituted by alphanumeric + characters. +- The flag ENT_DISALLOWED was addded. In addition to the behavior described in + the item before, it also makes htmlentities/htmlspecialchars substitute + characters that appear literally in the argument string and which are not + allowed in the target document type with U+FFFD (UTF-8) or �. +- The flag ENT_SUBSTITUTE was added. This flag makes invalid multibyte + sequences be replaced by U+FFFD (UTF-8) or &#FFFD; by htmlspecialchars and + htmlentities. It is an alternative to the default behavior, which just + returns an empty string and to ENT_IGNORE, which is a security risk. The + behavior follows the recommendations of Unicode Technical Report #36. +- htmlspecialchars_decode/html_entity_decode now decode ' if the document + type is ENT_XML1, ENT_XHTML, or ENT_HTML5. + =================================== 4. Changes made to existing methods @@ -235,11 +277,20 @@ UPGRADE NOTES - PHP X.Y - JSON_PRETTY_PRINT - JSON_UNESCAPED_SLASHES + - ENT_SUBSTITUTE + - ENT_ALLOWED + - ENT_HTML401 + - ENT_XML1 + - ENT_XHTML + - ENT_HTML5 g. New classes - Reflection: - ReflectionZendExtension + + - Intl: + - Transliterator h. New methods diff --git a/UPGRADING.INTERNALS b/UPGRADING.INTERNALS index a4e3c83b9c..ababca9e45 100644 --- a/UPGRADING.INTERNALS +++ b/UPGRADING.INTERNALS @@ -103,4 +103,14 @@ Use emalloc, emalloc_rel, efree or efree_rel instead. . php_idate PHPAPI php_idate(char format, time_t ts, int localtime TSRMLS_DC) - Call: int ret = php_idate(format, ts, localtime TSRMLS_CC) \ No newline at end of file + Call: int ret = php_idate(format, ts, localtime TSRMLS_CC) + +. php_escape_html_entities + (size_t parameters were ints, previous "quote_style" (now flags) has expanded meaning) + PHPAPI char *php_escape_html_entities(unsigned char *old, size_t oldlen, size_t *newlen, int all, int flags, char *hint_charset TSRMLS_DC); + +. php_escape_html_entities_ex + PHPAPI char *php_escape_html_entities_ex(unsigned char *old, size_t oldlen, size_t *newlen, int all, int flags, char *hint_charset, zend_bool double_encode TSRMLS_DC); + +. php_unescape_html_entities + PHPAPI char *php_unescape_html_entities(unsigned char *old, size_t oldlen, size_t *newlen, int all, int flags, char *hint_charset TSRMLS_DC);