problem on phalcon's sanitize

Question

problem on phalcon's sanitize

hander Jul '14

Created Jul '14	Last Reply Jul '14	Replies 1	Views 928	Votes 0

hander 2.0k

Jul '14

Faced with a problem on phalcon's sanitize data function

sanitize("Мар'яна", 'string');

produces Мар'яна

but in php5.5 htmlspecialchars

htmlspecialchars("Мар'яна", ENT_QUOTES)

produces Мар'яна

some more description on a problem in older php versions https://ua2.php.net/manual/ru/function.htmlspecialchars-decode.php#82133

Is this a bug or how do I get same result with phalcon sanitize as with htmlspecialchars?

Phalcon
98.9k

Accepted
answer

edited Jul '14
Jul '14

Not a bug definitely, sanitize("value", "string"); does not use htmlspecialchars it uses filter_var($value, FILTER_SANITIZE_STRING) which have a different behavior:

hander · Answer 1 · 2014-07-30T23:35:15-07:00

1. var_dump(filter_var("'", FILTER_SANITIZE_STRING));
2. var_dump(htmlspecialchars("'", ENT_QUOTES));
3. var_dump(htmlspecialchars_decode("&#39;", ENT_QUOTES));
4. var_dump(htmlspecialchars_decode("&#039;", ENT_QUOTES));

1. string(5) "&#39;"
2. string(6) "&#039;"
3. string(5) "'"
4. string(6) "'"

two char codes for one " ' " symbol not as obvious fo me as it is