diff --git a/core/lib/Drupal/Core/Field/Plugin/Field/FieldWidget/OptionsSelectWidget.php b/core/lib/Drupal/Core/Field/Plugin/Field/FieldWidget/OptionsSelectWidget.php index 5b227e27dea62d13f942a42bb1e7a469856640a0..a5b68afce01a23dbab1cd9c88300b631210044bc 100644 --- a/core/lib/Drupal/Core/Field/Plugin/Field/FieldWidget/OptionsSelectWidget.php +++ b/core/lib/Drupal/Core/Field/Plugin/Field/FieldWidget/OptionsSelectWidget.php @@ -7,6 +7,7 @@ namespace Drupal\Core\Field\Plugin\Field\FieldWidget; +use Drupal\Component\Utility\String; use Drupal\Core\Field\FieldItemListInterface; use Drupal\Core\Form\FormStateInterface; @@ -48,7 +49,7 @@ public function formElement(FieldItemListInterface $items, $delta, array $elemen */ protected function sanitizeLabel(&$label) { // Select form inputs allow unencoded HTML entities, but no HTML tags. - $label = decode_entities(strip_tags($label)); + $label = String::decodeEntities(strip_tags($label)); } /** diff --git a/core/lib/Drupal/Core/Mail/MailFormatHelper.php b/core/lib/Drupal/Core/Mail/MailFormatHelper.php index 3f180ccf434b71e70de1c1a38673bc221a77cc74..b11a31b87f507f19730019a1aa74cd7f99e75939 100644 --- a/core/lib/Drupal/Core/Mail/MailFormatHelper.php +++ b/core/lib/Drupal/Core/Mail/MailFormatHelper.php @@ -8,6 +8,7 @@ namespace Drupal\Core\Mail; use Drupal\Component\Utility\Html; +use Drupal\Component\Utility\String; use Drupal\Component\Utility\Xss; use Drupal\Core\Site\Settings; @@ -262,7 +263,7 @@ public static function htmlToText($string, $allowed_tags = NULL) { else { // Convert inline HTML text to plain text; not removing line-breaks or // white-space, since that breaks newlines when sanitizing plain-text. - $value = trim(decode_entities($value)); + $value = trim(String::decodeEntities($value)); if (drupal_strlen($value)) { $chunk = $value; } diff --git a/core/modules/contextual/src/Plugin/views/field/ContextualLinks.php b/core/modules/contextual/src/Plugin/views/field/ContextualLinks.php index b0affe8bdb8bb8887410a49aa1aff320ef022d40..684e4b7e13d8a2d1a1ecba138eda4326acfd8b1d 100644 --- a/core/modules/contextual/src/Plugin/views/field/ContextualLinks.php +++ b/core/modules/contextual/src/Plugin/views/field/ContextualLinks.php @@ -8,6 +8,7 @@ namespace Drupal\contextual\Plugin\views\field; use Drupal\Component\Serialization\Json; +use Drupal\Component\Utility\String; use Drupal\Component\Utility\UrlHelper; use Drupal\Core\Form\FormStateInterface; use Drupal\views\Plugin\views\field\FieldPluginBase; @@ -98,7 +99,7 @@ public function render(ResultRow $values) { if (!empty($title) && !empty($path)) { // Make sure that tokens are replaced for this paths as well. $tokens = $this->getRenderTokens(array()); - $path = strip_tags(decode_entities(strtr($path, $tokens))); + $path = strip_tags(String::decodeEntities(strtr($path, $tokens))); $links[$field] = array( 'href' => $path, diff --git a/core/modules/entity_reference/src/EntityReferenceAutocomplete.php b/core/modules/entity_reference/src/EntityReferenceAutocomplete.php index 2eeeee7f5c843b46de911a8521804583e5c24d54..ffc9995a423c59d849aaaff67de5ca42ada3dc45 100644 --- a/core/modules/entity_reference/src/EntityReferenceAutocomplete.php +++ b/core/modules/entity_reference/src/EntityReferenceAutocomplete.php @@ -7,6 +7,7 @@ namespace Drupal\entity_reference; +use Drupal\Component\Utility\String; use Drupal\Component\Utility\Tags; use Drupal\Core\Entity\EntityManagerInterface; use Drupal\Core\Field\FieldDefinitionInterface; @@ -98,7 +99,7 @@ public function getMatches(FieldDefinitionInterface $field_definition, $entity_t $key = "$label ($entity_id)"; // Strip things like starting/trailing white spaces, line breaks and // tags. - $key = preg_replace('/\s\s+/', ' ', str_replace("\n", '', trim(decode_entities(strip_tags($key))))); + $key = preg_replace('/\s\s+/', ' ', str_replace("\n", '', trim(String::decodeEntities(strip_tags($key))))); // Names containing commas or quotes must be wrapped in quotes. $key = Tags::encode($key); $matches[] = array('value' => $prefix . $key, 'label' => $label); diff --git a/core/modules/filter/filter.module b/core/modules/filter/filter.module index bf121b4b3e3e77f099ebb86354f189392c34bc50..7af67322e9e4d25451eb81f11a8a83e65716e55c 100644 --- a/core/modules/filter/filter.module +++ b/core/modules/filter/filter.module @@ -612,7 +612,7 @@ function _filter_url_parse_full_links($match) { // The $i:th parenthesis in the regexp contains the URL. $i = 1; - $match[$i] = decode_entities($match[$i]); + $match[$i] = String::decodeEntities($match[$i]); $caption = String::checkPlain(_filter_url_trim($match[$i])); $match[$i] = String::checkPlain($match[$i]); return '' . $caption . ''; @@ -627,7 +627,7 @@ function _filter_url_parse_email_links($match) { // The $i:th parenthesis in the regexp contains the URL. $i = 0; - $match[$i] = decode_entities($match[$i]); + $match[$i] = String::decodeEntities($match[$i]); $caption = String::checkPlain(_filter_url_trim($match[$i])); $match[$i] = String::checkPlain($match[$i]); return '' . $caption . ''; @@ -642,7 +642,7 @@ function _filter_url_parse_partial_links($match) { // The $i:th parenthesis in the regexp contains the URL. $i = 1; - $match[$i] = decode_entities($match[$i]); + $match[$i] = String::decodeEntities($match[$i]); $caption = String::checkPlain(_filter_url_trim($match[$i])); $match[$i] = String::checkPlain($match[$i]); return '' . $caption . ''; diff --git a/core/modules/filter/src/Tests/FilterUnitTest.php b/core/modules/filter/src/Tests/FilterUnitTest.php index faf7e27670426a8e448f06ea6f41d6883d961f8d..00977ab56c6191c8f5d4572cb461169640279026 100644 --- a/core/modules/filter/src/Tests/FilterUnitTest.php +++ b/core/modules/filter/src/Tests/FilterUnitTest.php @@ -1016,7 +1016,7 @@ function testHtmlCorrectorFilter() { * TRUE on pass, FALSE on fail. */ function assertNormalized($haystack, $needle, $message = '', $group = 'Other') { - return $this->assertTrue(strpos(strtolower(decode_entities($haystack)), $needle) !== FALSE, $message, $group); + return $this->assertTrue(strpos(strtolower(String::decodeEntities($haystack)), $needle) !== FALSE, $message, $group); } /** @@ -1040,6 +1040,6 @@ function assertNormalized($haystack, $needle, $message = '', $group = 'Other') { * TRUE on pass, FALSE on fail. */ function assertNoNormalized($haystack, $needle, $message = '', $group = 'Other') { - return $this->assertTrue(strpos(strtolower(decode_entities($haystack)), $needle) === FALSE, $message, $group); + return $this->assertTrue(strpos(strtolower(String::decodeEntities($haystack)), $needle) === FALSE, $message, $group); } } diff --git a/core/modules/locale/locale.module b/core/modules/locale/locale.module index 846ee88a2722a42e339edc5b2c38669d1689d847..623a658843635720ffdf414c6a09c9eef71c54c6 100644 --- a/core/modules/locale/locale.module +++ b/core/modules/locale/locale.module @@ -11,6 +11,7 @@ */ use Drupal\Component\Serialization\Json; +use Drupal\Component\Utility\String; use Drupal\Component\Utility\UrlHelper; use Drupal\Component\Utility\Xss; use Drupal\Core\Url; @@ -960,7 +961,7 @@ function locale_translation_use_remote_source() { * layout issues (div) or a possible attack vector (img). */ function locale_string_is_safe($string) { - return decode_entities($string) == decode_entities(Xss::filter($string, array('a', 'abbr', 'acronym', 'address', 'b', 'bdo', 'big', 'blockquote', 'br', 'caption', 'cite', 'code', 'col', 'colgroup', 'dd', 'del', 'dfn', 'dl', 'dt', 'em', 'h1', 'h2', 'h3', 'h4', 'h5', 'h6', 'hr', 'i', 'ins', 'kbd', 'li', 'ol', 'p', 'pre', 'q', 'samp', 'small', 'span', 'strong', 'sub', 'sup', 'table', 'tbody', 'td', 'tfoot', 'th', 'thead', 'tr', 'tt', 'ul', 'var'))); + return String::decodeEntities($string) == String::decodeEntities(Xss::filter($string, array('a', 'abbr', 'acronym', 'address', 'b', 'bdo', 'big', 'blockquote', 'br', 'caption', 'cite', 'code', 'col', 'colgroup', 'dd', 'del', 'dfn', 'dl', 'dt', 'em', 'h1', 'h2', 'h3', 'h4', 'h5', 'h6', 'hr', 'i', 'ins', 'kbd', 'li', 'ol', 'p', 'pre', 'q', 'samp', 'small', 'span', 'strong', 'sub', 'sup', 'table', 'tbody', 'td', 'tfoot', 'th', 'thead', 'tr', 'tt', 'ul', 'var'))); } /** diff --git a/core/modules/search/search.module b/core/modules/search/search.module index 91afbc1ae1c6a88b82d5efc00153823525522c80..b0191ead2e9ab7bfb04c890e58df11c8bf80ea2f 100644 --- a/core/modules/search/search.module +++ b/core/modules/search/search.module @@ -241,7 +241,7 @@ function search_update_totals() { */ function search_simplify($text, $langcode = NULL) { // Decode entities to UTF-8 - $text = decode_entities($text); + $text = String::decodeEntities($text); // Lowercase $text = drupal_strtolower($text); @@ -582,7 +582,7 @@ function search_excerpt($keys, $text, $langcode = NULL) { // Prepare text by stripping HTML tags and decoding HTML entities. $text = strip_tags(str_replace(array('<', '>'), array(' <', '> '), $text)); - $text = decode_entities($text); + $text = String::decodeEntities($text); $text_length = strlen($text); // Make a list of unique keywords that are actually found in the text, diff --git a/core/modules/search/src/Tests/SearchPageTextTest.php b/core/modules/search/src/Tests/SearchPageTextTest.php index ede9e4caaec85371a58e8adadfc569617633d144..5cb48651a91dc79d04ee31eddd7bd4fe1f9c2ea1 100644 --- a/core/modules/search/src/Tests/SearchPageTextTest.php +++ b/core/modules/search/src/Tests/SearchPageTextTest.php @@ -7,6 +7,7 @@ namespace Drupal\search\Tests; +use Drupal\Component\Utility\String; use Drupal\Component\Utility\Unicode; /** @@ -58,7 +59,7 @@ function testSearchText() { $edit['keys'] = $search_terms; $this->drupalPostForm('search/node', $edit, t('Search')); $actual_title = (string) current($this->xpath('//title')); - $this->assertEqual($actual_title, decode_entities(t($title_source, array('@keywords' => Unicode::truncate($search_terms, 60, TRUE, TRUE)))), 'Search page title is correct'); + $this->assertEqual($actual_title, String::decodeEntities(t($title_source, array('@keywords' => Unicode::truncate($search_terms, 60, TRUE, TRUE)))), 'Search page title is correct'); $edit['keys'] = $this->searching_user->getUsername(); $this->drupalPostForm('search/user', $edit, t('Search')); diff --git a/core/modules/simpletest/src/WebTestBase.php b/core/modules/simpletest/src/WebTestBase.php index fcc6b97ca94fc00468bf05abc8525cb7561f9ee2..730f84fb4570dc7e19c88cadf0788c086d2212d0 100644 --- a/core/modules/simpletest/src/WebTestBase.php +++ b/core/modules/simpletest/src/WebTestBase.php @@ -2043,7 +2043,7 @@ protected function checkForMetaRefresh() { // Parse the content attribute of the meta tag for the format: // "[delay]: URL=[page_to_redirect_to]". if (preg_match('/\d+;\s*URL=(?.*)/i', $refresh[0]['content'], $match)) { - return $this->drupalGet($this->getAbsoluteUrl(decode_entities($match['url']))); + return $this->drupalGet($this->getAbsoluteUrl(String::decodeEntities($match['url']))); } } } diff --git a/core/modules/views/src/Plugin/views/display/DisplayPluginBase.php b/core/modules/views/src/Plugin/views/display/DisplayPluginBase.php index d8ff7ae32d0079add4e9e816c7ba6559ec934f00..de9cac6f9dd922521c39825b8c543611592e6624 100644 --- a/core/modules/views/src/Plugin/views/display/DisplayPluginBase.php +++ b/core/modules/views/src/Plugin/views/display/DisplayPluginBase.php @@ -1060,7 +1060,7 @@ public function getArgumentsTokens() { // Use strip tags as there should never be HTML in the path. // However, we need to preserve special characters like " that // were removed by String::checkPlain(). - $tokens["!$count"] = isset($this->view->args[$count - 1]) ? strip_tags(decode_entities($this->view->args[$count - 1])) : ''; + $tokens["!$count"] = isset($this->view->args[$count - 1]) ? strip_tags(String::decodeEntities($this->view->args[$count - 1])) : ''; } return $tokens; diff --git a/core/modules/views/src/Plugin/views/field/FieldPluginBase.php b/core/modules/views/src/Plugin/views/field/FieldPluginBase.php index 486ef5af718063ac2f46e45d76487ec501bbb099..6dc4337e54a856ed8c0498ca050947a4aff8d96b 100644 --- a/core/modules/views/src/Plugin/views/field/FieldPluginBase.php +++ b/core/modules/views/src/Plugin/views/field/FieldPluginBase.php @@ -1276,7 +1276,7 @@ public function renderText($alter) { $more_link_text = $this->options['alter']['more_link_text'] ? $this->options['alter']['more_link_text'] : $this->t('more'); $more_link_text = strtr(Xss::filterAdmin($more_link_text), $tokens); $more_link_path = $this->options['alter']['more_link_path']; - $more_link_path = strip_tags(decode_entities(strtr($more_link_path, $tokens))); + $more_link_path = strip_tags(String::decodeEntities(strtr($more_link_path, $tokens))); // Make sure that paths which were run through _url() work as well. $base_path = base_path(); @@ -1354,7 +1354,7 @@ protected function renderAsLink($alter, $text, $tokens) { // Use strip tags as there should never be HTML in the path. // However, we need to preserve special characters like " that // were removed by String::checkPlain(). - $path = strip_tags(decode_entities(strtr($path, $tokens))); + $path = strip_tags(String::decodeEntities(strtr($path, $tokens))); if (!empty($alter['path_case']) && $alter['path_case'] != 'none') { $path = $this->caseTransform($path, $this->options['alter']['path_case']); @@ -1426,7 +1426,7 @@ protected function renderAsLink($alter, $text, $tokens) { $alt = strtr($alter['alt'], $tokens); // Set the title attribute of the link only if it improves accessibility if ($alt && $alt != $text) { - $options['attributes']['title'] = decode_entities($alt); + $options['attributes']['title'] = String::decodeEntities($alt); } $class = strtr($alter['link_class'], $tokens); @@ -1514,7 +1514,7 @@ public function getRenderTokens($item) { // Use strip tags as there should never be HTML in the path. // However, we need to preserve special characters like " that // were removed by String::checkPlain(). - $tokens['!' . $count] = isset($this->view->args[$count - 1]) ? strip_tags(decode_entities($this->view->args[$count - 1])) : ''; + $tokens['!' . $count] = isset($this->view->args[$count - 1]) ? strip_tags(String::decodeEntities($this->view->args[$count - 1])) : ''; } // Get flattened set of tokens for any array depth in query parameters. @@ -1596,7 +1596,7 @@ protected function getTokenValuesRecursive(array $array, array $parent_keys = ar else { // Create a token key based on array element structure. $token_string = !empty($parent_keys) ? implode('_', $parent_keys) . '_' . $param : $param; - $tokens['%' . $token_string] = strip_tags(decode_entities($val)); + $tokens['%' . $token_string] = strip_tags(String::decodeEntities($val)); } } diff --git a/core/modules/views/src/Plugin/views/field/Links.php b/core/modules/views/src/Plugin/views/field/Links.php index 591266437d39e642d2cf4e3aa308acba413bde23..3438447b9d21b5612fef93ff0cd1a49cc1f0ec82 100644 --- a/core/modules/views/src/Plugin/views/field/Links.php +++ b/core/modules/views/src/Plugin/views/field/Links.php @@ -7,6 +7,7 @@ namespace Drupal\views\Plugin\views\field; +use Drupal\Component\Utility\String; use Drupal\Core\Form\FormStateInterface; use Drupal\Core\Url as UrlObject; @@ -77,7 +78,7 @@ protected function getLinks() { } // Make sure that tokens are replaced for this paths as well. $tokens = $this->getRenderTokens(array()); - $path = strip_tags(decode_entities(strtr($path, $tokens))); + $path = strip_tags(String::decodeEntities(strtr($path, $tokens))); $links[$field] = array( 'url' => UrlObject::fromUri('base://' . $path), diff --git a/core/modules/views/src/Plugin/views/filter/FilterPluginBase.php b/core/modules/views/src/Plugin/views/filter/FilterPluginBase.php index 11ec8b0f51de579fa56c60a7bc77bc8f9b1aa678..33664691bbd16d57eca3ed0b51ff0e418209f7a3 100644 --- a/core/modules/views/src/Plugin/views/filter/FilterPluginBase.php +++ b/core/modules/views/src/Plugin/views/filter/FilterPluginBase.php @@ -1187,7 +1187,7 @@ protected function prepareFilterSelectOptions(&$options) { else { // Cast the label to a string since it can be an object. // @see \Drupal\Core\StringTranslation\TranslationWrapper - $options[$value] = strip_tags(decode_entities((string) $label)); + $options[$value] = strip_tags(UtilityString::decodeEntities((string) $label)); } } } diff --git a/core/modules/views/src/Tests/Handler/FieldWebTest.php b/core/modules/views/src/Tests/Handler/FieldWebTest.php index 6b764222ec0c00246c54464f386cca89f22a8541..cd11a52a240591990d03315d98a2436d252c51ec 100644 --- a/core/modules/views/src/Tests/Handler/FieldWebTest.php +++ b/core/modules/views/src/Tests/Handler/FieldWebTest.php @@ -8,6 +8,7 @@ namespace Drupal\views\Tests\Handler; use Drupal\Component\Utility\Unicode; +use Drupal\Component\Utility\String; use Drupal\Component\Utility\UrlHelper; use Drupal\views\Views; @@ -226,14 +227,14 @@ public function testAlterUrl() { $expected_result = \Drupal::url('entity.node.canonical', ['node' => '123'], ['query' => ['foo' => 'bar', 'bar' => 'baz'], 'absolute' => $absolute]); $alter['path'] = 'node/123?foo=bar&bar=baz'; $result = $id_field->theme($row); - $this->assertSubString(decode_entities($result), decode_entities($expected_result)); + $this->assertSubString(String::decodeEntities($result), String::decodeEntities($expected_result)); // @todo The route-based URL generator strips out NULL attributes. // $expected_result = \Drupal::url('entity.node.canonical', ['node' => '123'], ['query' => ['foo' => NULL], 'fragment' => 'bar', 'absolute' => $absolute]); $expected_result = \Drupal::urlGenerator()->generateFromPath('node/123', array('query' => array('foo' => NULL), 'fragment' => 'bar', 'absolute' => $absolute)); $alter['path'] = 'node/123?foo#bar'; $result = $id_field->theme($row); - $this->assertSubString(decode_entities($result), decode_entities($expected_result)); + $this->assertSubString(String::decodeEntities($result), String::decodeEntities($expected_result)); $expected_result = \Drupal::url('', [], ['absolute' => $absolute]); $alter['path'] = ''; diff --git a/core/modules/views/src/ViewExecutable.php b/core/modules/views/src/ViewExecutable.php index c5eda99e4cd866d121be14e0e8e728f8cd557381..8e5084c14a958d7b94b1a048e2fc1b90b952698d 100644 --- a/core/modules/views/src/ViewExecutable.php +++ b/core/modules/views/src/ViewExecutable.php @@ -7,6 +7,7 @@ namespace Drupal\views; +use Drupal\Component\Utility\String; use Drupal\Core\DependencyInjection\DependencySerializationTrait; use Drupal\Core\Form\FormState; use Drupal\Core\Session\AccountInterface; @@ -947,7 +948,7 @@ protected function _buildArguments() { // Add this argument's substitution $substitutions['%' . ($position + 1)] = $arg_title; - $substitutions['!' . ($position + 1)] = strip_tags(decode_entities($arg)); + $substitutions['!' . ($position + 1)] = strip_tags(String::decodeEntities($arg)); // Test to see if we should use this argument's title if (!empty($argument->options['title_enable']) && !empty($argument->options['title'])) { diff --git a/core/modules/views/views.theme.inc b/core/modules/views/views.theme.inc index ac6999ffb955650138de85c68206e59022aa4110..d4fb797d86b1aa191ac5bdc24f3431a9e1bb318c 100644 --- a/core/modules/views/views.theme.inc +++ b/core/modules/views/views.theme.inc @@ -865,7 +865,7 @@ function template_preprocess_views_view_rss(&$variables) { // The RSS 2.0 "spec" doesn't indicate HTML can be used in the description. // We strip all HTML tags, but need to prevent double encoding from properly // escaped source data (such as & becoming &amp;). - $variables['description'] = String::checkPlain(decode_entities(strip_tags($style->getDescription()))); + $variables['description'] = String::checkPlain(String::decodeEntities(strip_tags($style->getDescription()))); if ($view->display_handler->getOption('sitename_title')) { $title = $config->get('name');