Robert Sidlauskas
on 2010-07-10 11:23:14
Hi its good.
<a href='http://filesharepoit.com'>Filesharepoint.com</a>
Jerry
on 2010-04-27 19:07:58
Very nice - I think I will use your modification as its much tidier.
Don't forget the 'g' attribute on the last pattern.
Rafa? Kukawski
on 2010-04-27 17:27:48
Sorry for the double comment, but now the code should be more readable
function htmlspecialchars_decode(input, quote_style) {
var c = {
'&': '&',
'<': '<',
'>': '>',
'"': '"',
''': '\''
};
return ('' + input).replace(
quote_style === 'ENT_QUOTES' ? /&|<|>|"|'/g :
quote_style === 'ENT_NOQUOTES' ? /&|<|>/g :
/&|<|>|"/,
function (a) {
return c[a];
}
);
}
Rafa? Kukawski
on 2010-04-27 17:19:59
@Jerry: very short and clean solution. I just managed to replace the 3 .replace calls with just one, by choosing the regexp with a conditional expression.
function htmlspecialchars_decode(input, quote_style){
var c = {
'&': '&',
'<': '<',
'>': '>',
'"': '"',
''': '\''
};
return ('' + input).replace(quote_style === 'ENT_QUOTES' ? /&|<|>|"|'/g : quote_style === 'ENT_NOQUOTES' ? /&|<|>/g : /&|<|>|"/, function(a){return c[a]; });
}
The performance of both solutions should be comparable.
And I added casting of the input to string.
Jerry
on 2010-04-27 07:20:39
Here is my simple implementation of htmlspecialchars_decode.
I use just one replace and I have not come across a situation where an html entity is double-decoded. Comments are welcome
function(a,b){
var c={
'&':'&',
'<':'<',
'>':'>',
'"':'"',
''':'\''
};
if(b==='ENT_QUOTES'){
return a.replace(/&|<|>|"|'/g,function(a){return c[a];});
}
else if(b==='ENT_NOQUOTES'){
return a.replace(/&|<|>/g,function(a){return c[a];});
}
else{
return a.replace(/&|<|>|"/g,function(a){return c[a];});
}
}
Brett Zamir
on 2010-02-13 04:39:10
See my comment under htmlspecialchars()
hacksmw
on 2010-02-11 08:47:27
htmlspecialchars_decode function in PHP doesn't work recursive.
but this function is too recursive.
so "&#9787;" will not be converted by this function as "☻"
however, it will be converted as "☻"
on the other hand,
the function in php will convert it as "☻"
Brett Zamir
on 2009-11-25 12:47:32
@Mailfaker: Thanks. I've completely redone the two htmlspecialchars functions in Git, also to handle flags and arguments: http://github.com/kvz/phpjs/commit/881de8748cf986d025ecfad5f448fbbb8ba7710e . Btw, using replace was much faster for me (and easier) than using split and join.
Mailfaker
on 2009-11-25 01:05:38
Hi everyone,
this code wasn't working for me. I have done some changes and now it runs.
The problem is that, for decoding, hash_map table must be read in descending order. Or simply, you can do so:
function htmlspecialchars_decode (string) {
tmp_str = string.toString();
tmp_str = tmp_str.split('"').join('"');
tmp_str = tmp_str.split('<').join('<');
tmp_str = tmp_str.split('>').join('>');
tmp_str = tmp_str.split('&').join('&');
return tmp_str;
}
Kevin van Zonneveld
on 2009-08-16 15:38:06
@ Liviu Mirea: I added your example as a testcase, but I was unable to reproduce the problem.
What version & browser are you using?
Liviu Mirea
on 2009-08-10 01:31:30
I'm sorry but the messaging system seems to be messed up and I can't post my message. What I'm trying to say is that the above function is incorrect. If you try to decode "& amp; quot;" (remove spaces) it will output a double quotation mark instead of "& quot;" (remove spaces). Hope this message will be properly posted. :/
Liviu Mirea
on 2009-08-10 01:26:14
Erm, ignore my message below, the caracters are messed up.
Here:
htmlspecialchars_decode(' &quot; ');
In PHP it returns:
"
The Javascript function above returns: "
Basically, it first decodes "&"
to "&"
, thus resulting """
. It further decodes the string to a double quotation mark when it shouldn't.
Liviu Mirea
on 2009-08-10 01:22:57
htmlspecialchars_decode(' &quot; ');
In PHP it returns: "
The Javascript function above returns: "
Basically, it first decodes "&" to "&", thus resulting """. Afterward, it decodes """ but it shouldn't.
Kevin van Zonneveld
on 2008-09-29 12:31:25
@ ReverseSyntax & Onno Marsman: Wow that was ugly. Sorry everyone. Fixed.
Onno Marsman
on 2008-09-25 14:10:12
There is a serious parse error in this function
string = string.replace(/&gt;/g '>');
should be (added a comma):
string = string.replace(/&gt;/g, '>');
ReverseSyntax
on 2008-09-25 06:57:11
There is an error in the htmlspecialchars_decode(),
There a single quote around the regex for all params values in replace() except for > the only one that works. this is in the php.min.js
Kevin van Zonneveld
on 2008-09-21 21:40:22
<?php
echo html_entity_decode("&#56;")."\n";
?>
returns 8.
This behavior is not documented in the PHP manual though, do you know what table is used here?
Trevor
on 2008-09-17 19:55:32
Issue: Doesn't decode all html escaped characters, such as &#56;
Kevin van Zonneveld
on 2008-07-27 13:50:57
@ Bob Palin: Thank you for noticing. It is possible to declare global constants in javascript, but that would increase the number of dependencies throughout this project.
We have deliberately chosen to implement this a bit different from the original PHP documentation to allow for more functions to be included separately.
Bob Palin
on 2008-07-27 01:50:45
The function description says that 'quote_style' is an int and list constants, in fact the argument is a string as shown in the code and example.
Mateusz "loonquawl" Zalega (http://loonquawl.yoyo.
on 2008-05-31 23:05:17
No problem :)
There's another bug in this function. First argument of called function string.replace() is a string object '/&amp;/g'. It won't work, unless it's a regular expression object (should be /&amp;/g - without the apostrophes).
Here's the correct code:
string = string.toString();
// Always encode
string = string.replace(/&amp;/g, '&');
string = string.replace(/&lt;/g, '<');
string = string.replace(/&gt;/g, '>');
// Encode depending on quote_style
if (quote_style == 'ENT_QUOTES') {
string = string.replace(/&quot;/g, '"');
string = string.replace(/&#039;/g, '\'');
} else if (quote_style != 'ENT_NOQUOTES') {
// All other cases (ENT_COMPAT, default, but not ENT_NOQUOTES)
string = string.replace(/&quot;/g, '"');
}
return string;
This is explained here:
http://developer.mozilla.org/en/docs/Core_JavaScript_1.5_Reference:Global_Objects:String:replace
http://developer.mozilla.org/en/docs/Core_JavaScript_1.5_Reference:Objects:RegExp
Btw. Most people involved in php2js project have their full names in credits. So, my name's Mateusz Zalega. Just saying :)
Kevin van Zonneveld
on 2008-05-31 14:31:41
@ loonquawl: Guess it should ;) thank you!
loonquawl
on 2008-05-31 10:49:39
Shouldn't it be
string = string.replace(/&/g, '&');
string = string.replace(/</g, '<');
string = string.replace(/>/g, '>');
rather than
string.replace('/&/g', '&');
string.replace('/</g', '<');
string.replace(/>/g, '>')
?
Function (string object).replace() doesn't modify the string. It returns a new (replaced) string object.