summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAlex Pott2014-11-02 22:19:56 (GMT)
committerAlex Pott2014-11-02 22:19:56 (GMT)
commit32913b0f12f6cd37adc534af2ae6ae14b29e4b05 (patch)
tree67a661467db3b387d8911cd56d1b01c77f9baf30
parentdda70f71123810785222341a14a496e615726c70 (diff)
Issue #2361789 by rpayanm, jamesdixon, javivf: Remove usage of decode_entities().
-rw-r--r--core/lib/Drupal/Core/Field/Plugin/Field/FieldWidget/OptionsSelectWidget.php3
-rw-r--r--core/lib/Drupal/Core/Mail/MailFormatHelper.php3
-rw-r--r--core/modules/contextual/src/Plugin/views/field/ContextualLinks.php3
-rw-r--r--core/modules/entity_reference/src/EntityReferenceAutocomplete.php3
-rw-r--r--core/modules/filter/filter.module6
-rw-r--r--core/modules/filter/src/Tests/FilterUnitTest.php4
-rw-r--r--core/modules/locale/locale.module3
-rw-r--r--core/modules/search/search.module4
-rw-r--r--core/modules/search/src/Tests/SearchPageTextTest.php3
-rw-r--r--core/modules/simpletest/src/WebTestBase.php2
-rw-r--r--core/modules/views/src/Plugin/views/display/DisplayPluginBase.php2
-rw-r--r--core/modules/views/src/Plugin/views/field/FieldPluginBase.php10
-rw-r--r--core/modules/views/src/Plugin/views/field/Links.php3
-rw-r--r--core/modules/views/src/Plugin/views/filter/FilterPluginBase.php2
-rw-r--r--core/modules/views/src/Tests/Handler/FieldWebTest.php5
-rw-r--r--core/modules/views/src/ViewExecutable.php3
-rw-r--r--core/modules/views/views.theme.inc2
17 files changed, 35 insertions, 26 deletions
diff --git a/core/lib/Drupal/Core/Field/Plugin/Field/FieldWidget/OptionsSelectWidget.php b/core/lib/Drupal/Core/Field/Plugin/Field/FieldWidget/OptionsSelectWidget.php
index 5b227e2..a5b68af 100644
--- a/core/lib/Drupal/Core/Field/Plugin/Field/FieldWidget/OptionsSelectWidget.php
+++ b/core/lib/Drupal/Core/Field/Plugin/Field/FieldWidget/OptionsSelectWidget.php
@@ -7,6 +7,7 @@
namespace Drupal\Core\Field\Plugin\Field\FieldWidget;
+use Drupal\Component\Utility\String;
use Drupal\Core\Field\FieldItemListInterface;
use Drupal\Core\Form\FormStateInterface;
@@ -48,7 +49,7 @@ class OptionsSelectWidget extends OptionsWidgetBase {
*/
protected function sanitizeLabel(&$label) {
// Select form inputs allow unencoded HTML entities, but no HTML tags.
- $label = decode_entities(strip_tags($label));
+ $label = String::decodeEntities(strip_tags($label));
}
/**
diff --git a/core/lib/Drupal/Core/Mail/MailFormatHelper.php b/core/lib/Drupal/Core/Mail/MailFormatHelper.php
index 3f180cc..b11a31b 100644
--- a/core/lib/Drupal/Core/Mail/MailFormatHelper.php
+++ b/core/lib/Drupal/Core/Mail/MailFormatHelper.php
@@ -8,6 +8,7 @@
namespace Drupal\Core\Mail;
use Drupal\Component\Utility\Html;
+use Drupal\Component\Utility\String;
use Drupal\Component\Utility\Xss;
use Drupal\Core\Site\Settings;
@@ -262,7 +263,7 @@ class MailFormatHelper {
else {
// Convert inline HTML text to plain text; not removing line-breaks or
// white-space, since that breaks newlines when sanitizing plain-text.
- $value = trim(decode_entities($value));
+ $value = trim(String::decodeEntities($value));
if (drupal_strlen($value)) {
$chunk = $value;
}
diff --git a/core/modules/contextual/src/Plugin/views/field/ContextualLinks.php b/core/modules/contextual/src/Plugin/views/field/ContextualLinks.php
index b0affe8..684e4b7 100644
--- a/core/modules/contextual/src/Plugin/views/field/ContextualLinks.php
+++ b/core/modules/contextual/src/Plugin/views/field/ContextualLinks.php
@@ -8,6 +8,7 @@
namespace Drupal\contextual\Plugin\views\field;
use Drupal\Component\Serialization\Json;
+use Drupal\Component\Utility\String;
use Drupal\Component\Utility\UrlHelper;
use Drupal\Core\Form\FormStateInterface;
use Drupal\views\Plugin\views\field\FieldPluginBase;
@@ -98,7 +99,7 @@ class ContextualLinks extends FieldPluginBase {
if (!empty($title) && !empty($path)) {
// Make sure that tokens are replaced for this paths as well.
$tokens = $this->getRenderTokens(array());
- $path = strip_tags(decode_entities(strtr($path, $tokens)));
+ $path = strip_tags(String::decodeEntities(strtr($path, $tokens)));
$links[$field] = array(
'href' => $path,
diff --git a/core/modules/entity_reference/src/EntityReferenceAutocomplete.php b/core/modules/entity_reference/src/EntityReferenceAutocomplete.php
index 2eeeee7..ffc9995 100644
--- a/core/modules/entity_reference/src/EntityReferenceAutocomplete.php
+++ b/core/modules/entity_reference/src/EntityReferenceAutocomplete.php
@@ -7,6 +7,7 @@
namespace Drupal\entity_reference;
+use Drupal\Component\Utility\String;
use Drupal\Component\Utility\Tags;
use Drupal\Core\Entity\EntityManagerInterface;
use Drupal\Core\Field\FieldDefinitionInterface;
@@ -98,7 +99,7 @@ class EntityReferenceAutocomplete {
$key = "$label ($entity_id)";
// Strip things like starting/trailing white spaces, line breaks and
// tags.
- $key = preg_replace('/\s\s+/', ' ', str_replace("\n", '', trim(decode_entities(strip_tags($key)))));
+ $key = preg_replace('/\s\s+/', ' ', str_replace("\n", '', trim(String::decodeEntities(strip_tags($key)))));
// Names containing commas or quotes must be wrapped in quotes.
$key = Tags::encode($key);
$matches[] = array('value' => $prefix . $key, 'label' => $label);
diff --git a/core/modules/filter/filter.module b/core/modules/filter/filter.module
index bf121b4..7af6732 100644
--- a/core/modules/filter/filter.module
+++ b/core/modules/filter/filter.module
@@ -612,7 +612,7 @@ function _filter_url_parse_full_links($match) {
// The $i:th parenthesis in the regexp contains the URL.
$i = 1;
- $match[$i] = decode_entities($match[$i]);
+ $match[$i] = String::decodeEntities($match[$i]);
$caption = String::checkPlain(_filter_url_trim($match[$i]));
$match[$i] = String::checkPlain($match[$i]);
return '<a href="' . $match[$i] . '">' . $caption . '</a>';
@@ -627,7 +627,7 @@ function _filter_url_parse_email_links($match) {
// The $i:th parenthesis in the regexp contains the URL.
$i = 0;
- $match[$i] = decode_entities($match[$i]);
+ $match[$i] = String::decodeEntities($match[$i]);
$caption = String::checkPlain(_filter_url_trim($match[$i]));
$match[$i] = String::checkPlain($match[$i]);
return '<a href="mailto:' . $match[$i] . '">' . $caption . '</a>';
@@ -642,7 +642,7 @@ function _filter_url_parse_partial_links($match) {
// The $i:th parenthesis in the regexp contains the URL.
$i = 1;
- $match[$i] = decode_entities($match[$i]);
+ $match[$i] = String::decodeEntities($match[$i]);
$caption = String::checkPlain(_filter_url_trim($match[$i]));
$match[$i] = String::checkPlain($match[$i]);
return '<a href="http://' . $match[$i] . '">' . $caption . '</a>';
diff --git a/core/modules/filter/src/Tests/FilterUnitTest.php b/core/modules/filter/src/Tests/FilterUnitTest.php
index faf7e27..00977ab 100644
--- a/core/modules/filter/src/Tests/FilterUnitTest.php
+++ b/core/modules/filter/src/Tests/FilterUnitTest.php
@@ -1016,7 +1016,7 @@ body {color:red}
* TRUE on pass, FALSE on fail.
*/
function assertNormalized($haystack, $needle, $message = '', $group = 'Other') {
- return $this->assertTrue(strpos(strtolower(decode_entities($haystack)), $needle) !== FALSE, $message, $group);
+ return $this->assertTrue(strpos(strtolower(String::decodeEntities($haystack)), $needle) !== FALSE, $message, $group);
}
/**
@@ -1040,6 +1040,6 @@ body {color:red}
* TRUE on pass, FALSE on fail.
*/
function assertNoNormalized($haystack, $needle, $message = '', $group = 'Other') {
- return $this->assertTrue(strpos(strtolower(decode_entities($haystack)), $needle) === FALSE, $message, $group);
+ return $this->assertTrue(strpos(strtolower(String::decodeEntities($haystack)), $needle) === FALSE, $message, $group);
}
}
diff --git a/core/modules/locale/locale.module b/core/modules/locale/locale.module
index 846ee88..623a658 100644
--- a/core/modules/locale/locale.module
+++ b/core/modules/locale/locale.module
@@ -11,6 +11,7 @@
*/
use Drupal\Component\Serialization\Json;
+use Drupal\Component\Utility\String;
use Drupal\Component\Utility\UrlHelper;
use Drupal\Component\Utility\Xss;
use Drupal\Core\Url;
@@ -960,7 +961,7 @@ function locale_translation_use_remote_source() {
* layout issues (div) or a possible attack vector (img).
*/
function locale_string_is_safe($string) {
- return decode_entities($string) == decode_entities(Xss::filter($string, array('a', 'abbr', 'acronym', 'address', 'b', 'bdo', 'big', 'blockquote', 'br', 'caption', 'cite', 'code', 'col', 'colgroup', 'dd', 'del', 'dfn', 'dl', 'dt', 'em', 'h1', 'h2', 'h3', 'h4', 'h5', 'h6', 'hr', 'i', 'ins', 'kbd', 'li', 'ol', 'p', 'pre', 'q', 'samp', 'small', 'span', 'strong', 'sub', 'sup', 'table', 'tbody', 'td', 'tfoot', 'th', 'thead', 'tr', 'tt', 'ul', 'var')));
+ return String::decodeEntities($string) == String::decodeEntities(Xss::filter($string, array('a', 'abbr', 'acronym', 'address', 'b', 'bdo', 'big', 'blockquote', 'br', 'caption', 'cite', 'code', 'col', 'colgroup', 'dd', 'del', 'dfn', 'dl', 'dt', 'em', 'h1', 'h2', 'h3', 'h4', 'h5', 'h6', 'hr', 'i', 'ins', 'kbd', 'li', 'ol', 'p', 'pre', 'q', 'samp', 'small', 'span', 'strong', 'sub', 'sup', 'table', 'tbody', 'td', 'tfoot', 'th', 'thead', 'tr', 'tt', 'ul', 'var')));
}
/**
diff --git a/core/modules/search/search.module b/core/modules/search/search.module
index 91afbc1..b0191ea 100644
--- a/core/modules/search/search.module
+++ b/core/modules/search/search.module
@@ -241,7 +241,7 @@ function search_update_totals() {
*/
function search_simplify($text, $langcode = NULL) {
// Decode entities to UTF-8
- $text = decode_entities($text);
+ $text = String::decodeEntities($text);
// Lowercase
$text = drupal_strtolower($text);
@@ -582,7 +582,7 @@ function search_excerpt($keys, $text, $langcode = NULL) {
// Prepare text by stripping HTML tags and decoding HTML entities.
$text = strip_tags(str_replace(array('<', '>'), array(' <', '> '), $text));
- $text = decode_entities($text);
+ $text = String::decodeEntities($text);
$text_length = strlen($text);
// Make a list of unique keywords that are actually found in the text,
diff --git a/core/modules/search/src/Tests/SearchPageTextTest.php b/core/modules/search/src/Tests/SearchPageTextTest.php
index ede9e4c..5cb4865 100644
--- a/core/modules/search/src/Tests/SearchPageTextTest.php
+++ b/core/modules/search/src/Tests/SearchPageTextTest.php
@@ -7,6 +7,7 @@
namespace Drupal\search\Tests;
+use Drupal\Component\Utility\String;
use Drupal\Component\Utility\Unicode;
/**
@@ -58,7 +59,7 @@ class SearchPageTextTest extends SearchTestBase {
$edit['keys'] = $search_terms;
$this->drupalPostForm('search/node', $edit, t('Search'));
$actual_title = (string) current($this->xpath('//title'));
- $this->assertEqual($actual_title, decode_entities(t($title_source, array('@keywords' => Unicode::truncate($search_terms, 60, TRUE, TRUE)))), 'Search page title is correct');
+ $this->assertEqual($actual_title, String::decodeEntities(t($title_source, array('@keywords' => Unicode::truncate($search_terms, 60, TRUE, TRUE)))), 'Search page title is correct');
$edit['keys'] = $this->searching_user->getUsername();
$this->drupalPostForm('search/user', $edit, t('Search'));
diff --git a/core/modules/simpletest/src/WebTestBase.php b/core/modules/simpletest/src/WebTestBase.php
index fcc6b97..730f84f 100644
--- a/core/modules/simpletest/src/WebTestBase.php
+++ b/core/modules/simpletest/src/WebTestBase.php
@@ -2043,7 +2043,7 @@ abstract class WebTestBase extends TestBase {
// Parse the content attribute of the meta tag for the format:
// "[delay]: URL=[page_to_redirect_to]".
if (preg_match('/\d+;\s*URL=(?<url>.*)/i', $refresh[0]['content'], $match)) {
- return $this->drupalGet($this->getAbsoluteUrl(decode_entities($match['url'])));
+ return $this->drupalGet($this->getAbsoluteUrl(String::decodeEntities($match['url'])));
}
}
}
diff --git a/core/modules/views/src/Plugin/views/display/DisplayPluginBase.php b/core/modules/views/src/Plugin/views/display/DisplayPluginBase.php
index d8ff7ae..de9cac6 100644
--- a/core/modules/views/src/Plugin/views/display/DisplayPluginBase.php
+++ b/core/modules/views/src/Plugin/views/display/DisplayPluginBase.php
@@ -1060,7 +1060,7 @@ abstract class DisplayPluginBase extends PluginBase {
// Use strip tags as there should never be HTML in the path.
// However, we need to preserve special characters like " that
// were removed by String::checkPlain().
- $tokens["!$count"] = isset($this->view->args[$count - 1]) ? strip_tags(decode_entities($this->view->args[$count - 1])) : '';
+ $tokens["!$count"] = isset($this->view->args[$count - 1]) ? strip_tags(String::decodeEntities($this->view->args[$count - 1])) : '';
}
return $tokens;
diff --git a/core/modules/views/src/Plugin/views/field/FieldPluginBase.php b/core/modules/views/src/Plugin/views/field/FieldPluginBase.php
index 486ef5a..6dc4337 100644
--- a/core/modules/views/src/Plugin/views/field/FieldPluginBase.php
+++ b/core/modules/views/src/Plugin/views/field/FieldPluginBase.php
@@ -1276,7 +1276,7 @@ abstract class FieldPluginBase extends HandlerBase {
$more_link_text = $this->options['alter']['more_link_text'] ? $this->options['alter']['more_link_text'] : $this->t('more');
$more_link_text = strtr(Xss::filterAdmin($more_link_text), $tokens);
$more_link_path = $this->options['alter']['more_link_path'];
- $more_link_path = strip_tags(decode_entities(strtr($more_link_path, $tokens)));
+ $more_link_path = strip_tags(String::decodeEntities(strtr($more_link_path, $tokens)));
// Make sure that paths which were run through _url() work as well.
$base_path = base_path();
@@ -1354,7 +1354,7 @@ abstract class FieldPluginBase extends HandlerBase {
// Use strip tags as there should never be HTML in the path.
// However, we need to preserve special characters like " that
// were removed by String::checkPlain().
- $path = strip_tags(decode_entities(strtr($path, $tokens)));
+ $path = strip_tags(String::decodeEntities(strtr($path, $tokens)));
if (!empty($alter['path_case']) && $alter['path_case'] != 'none') {
$path = $this->caseTransform($path, $this->options['alter']['path_case']);
@@ -1426,7 +1426,7 @@ abstract class FieldPluginBase extends HandlerBase {
$alt = strtr($alter['alt'], $tokens);
// Set the title attribute of the link only if it improves accessibility
if ($alt && $alt != $text) {
- $options['attributes']['title'] = decode_entities($alt);
+ $options['attributes']['title'] = String::decodeEntities($alt);
}
$class = strtr($alter['link_class'], $tokens);
@@ -1514,7 +1514,7 @@ abstract class FieldPluginBase extends HandlerBase {
// Use strip tags as there should never be HTML in the path.
// However, we need to preserve special characters like " that
// were removed by String::checkPlain().
- $tokens['!' . $count] = isset($this->view->args[$count - 1]) ? strip_tags(decode_entities($this->view->args[$count - 1])) : '';
+ $tokens['!' . $count] = isset($this->view->args[$count - 1]) ? strip_tags(String::decodeEntities($this->view->args[$count - 1])) : '';
}
// Get flattened set of tokens for any array depth in query parameters.
@@ -1596,7 +1596,7 @@ abstract class FieldPluginBase extends HandlerBase {
else {
// Create a token key based on array element structure.
$token_string = !empty($parent_keys) ? implode('_', $parent_keys) . '_' . $param : $param;
- $tokens['%' . $token_string] = strip_tags(decode_entities($val));
+ $tokens['%' . $token_string] = strip_tags(String::decodeEntities($val));
}
}
diff --git a/core/modules/views/src/Plugin/views/field/Links.php b/core/modules/views/src/Plugin/views/field/Links.php
index 5912664..3438447 100644
--- a/core/modules/views/src/Plugin/views/field/Links.php
+++ b/core/modules/views/src/Plugin/views/field/Links.php
@@ -7,6 +7,7 @@
namespace Drupal\views\Plugin\views\field;
+use Drupal\Component\Utility\String;
use Drupal\Core\Form\FormStateInterface;
use Drupal\Core\Url as UrlObject;
@@ -77,7 +78,7 @@ abstract class Links extends FieldPluginBase {
}
// Make sure that tokens are replaced for this paths as well.
$tokens = $this->getRenderTokens(array());
- $path = strip_tags(decode_entities(strtr($path, $tokens)));
+ $path = strip_tags(String::decodeEntities(strtr($path, $tokens)));
$links[$field] = array(
'url' => UrlObject::fromUri('base://' . $path),
diff --git a/core/modules/views/src/Plugin/views/filter/FilterPluginBase.php b/core/modules/views/src/Plugin/views/filter/FilterPluginBase.php
index 11ec8b0..3366469 100644
--- a/core/modules/views/src/Plugin/views/filter/FilterPluginBase.php
+++ b/core/modules/views/src/Plugin/views/filter/FilterPluginBase.php
@@ -1187,7 +1187,7 @@ abstract class FilterPluginBase extends HandlerBase implements CacheablePluginIn
else {
// Cast the label to a string since it can be an object.
// @see \Drupal\Core\StringTranslation\TranslationWrapper
- $options[$value] = strip_tags(decode_entities((string) $label));
+ $options[$value] = strip_tags(UtilityString::decodeEntities((string) $label));
}
}
}
diff --git a/core/modules/views/src/Tests/Handler/FieldWebTest.php b/core/modules/views/src/Tests/Handler/FieldWebTest.php
index 6b76422..cd11a52 100644
--- a/core/modules/views/src/Tests/Handler/FieldWebTest.php
+++ b/core/modules/views/src/Tests/Handler/FieldWebTest.php
@@ -8,6 +8,7 @@
namespace Drupal\views\Tests\Handler;
use Drupal\Component\Utility\Unicode;
+use Drupal\Component\Utility\String;
use Drupal\Component\Utility\UrlHelper;
use Drupal\views\Views;
@@ -226,14 +227,14 @@ class FieldWebTest extends HandlerTestBase {
$expected_result = \Drupal::url('entity.node.canonical', ['node' => '123'], ['query' => ['foo' => 'bar', 'bar' => 'baz'], 'absolute' => $absolute]);
$alter['path'] = 'node/123?foo=bar&bar=baz';
$result = $id_field->theme($row);
- $this->assertSubString(decode_entities($result), decode_entities($expected_result));
+ $this->assertSubString(String::decodeEntities($result), String::decodeEntities($expected_result));
// @todo The route-based URL generator strips out NULL attributes.
// $expected_result = \Drupal::url('entity.node.canonical', ['node' => '123'], ['query' => ['foo' => NULL], 'fragment' => 'bar', 'absolute' => $absolute]);
$expected_result = \Drupal::urlGenerator()->generateFromPath('node/123', array('query' => array('foo' => NULL), 'fragment' => 'bar', 'absolute' => $absolute));
$alter['path'] = 'node/123?foo#bar';
$result = $id_field->theme($row);
- $this->assertSubString(decode_entities($result), decode_entities($expected_result));
+ $this->assertSubString(String::decodeEntities($result), String::decodeEntities($expected_result));
$expected_result = \Drupal::url('<front>', [], ['absolute' => $absolute]);
$alter['path'] = '<front>';
diff --git a/core/modules/views/src/ViewExecutable.php b/core/modules/views/src/ViewExecutable.php
index c5eda99..8e5084c 100644
--- a/core/modules/views/src/ViewExecutable.php
+++ b/core/modules/views/src/ViewExecutable.php
@@ -7,6 +7,7 @@
namespace Drupal\views;
+use Drupal\Component\Utility\String;
use Drupal\Core\DependencyInjection\DependencySerializationTrait;
use Drupal\Core\Form\FormState;
use Drupal\Core\Session\AccountInterface;
@@ -947,7 +948,7 @@ class ViewExecutable {
// Add this argument's substitution
$substitutions['%' . ($position + 1)] = $arg_title;
- $substitutions['!' . ($position + 1)] = strip_tags(decode_entities($arg));
+ $substitutions['!' . ($position + 1)] = strip_tags(String::decodeEntities($arg));
// Test to see if we should use this argument's title
if (!empty($argument->options['title_enable']) && !empty($argument->options['title'])) {
diff --git a/core/modules/views/views.theme.inc b/core/modules/views/views.theme.inc
index ac6999f..d4fb797 100644
--- a/core/modules/views/views.theme.inc
+++ b/core/modules/views/views.theme.inc
@@ -865,7 +865,7 @@ function template_preprocess_views_view_rss(&$variables) {
// The RSS 2.0 "spec" doesn't indicate HTML can be used in the description.
// We strip all HTML tags, but need to prevent double encoding from properly
// escaped source data (such as &amp becoming &amp;amp;).
- $variables['description'] = String::checkPlain(decode_entities(strip_tags($style->getDescription())));
+ $variables['description'] = String::checkPlain(String::decodeEntities(strip_tags($style->getDescription())));
if ($view->display_handler->getOption('sitename_title')) {
$title = $config->get('name');