? 603420-16-specialchars.patch ? export/603420-16-specialchars.patch Index: export/views_bonus_export.theme.inc =================================================================== RCS file: /cvs/drupal-contrib/contributions/modules/views_bonus/export/views_bonus_export.theme.inc,v retrieving revision 1.7 diff -u -p -r1.7 views_bonus_export.theme.inc --- export/views_bonus_export.theme.inc 6 Apr 2010 00:00:34 -0000 1.7 +++ export/views_bonus_export.theme.inc 9 Apr 2010 18:04:59 -0000 @@ -67,14 +67,25 @@ function template_preprocess_views_bonus foreach ($vars['themed_rows'] as $num => $row) { foreach ($row as $field => $content) { - // Prevent double encoding of the ampersand. Look for the entities produced by check_plain(). - $content = preg_replace('/&(?!(amp|quot|#039|lt|gt);)/', '&', $content); - // Convert < and > to HTML entities. - $content = str_replace( - array('<', '>'), - array('<', '>'), - $content); - $vars['themed_rows'][$num][$field] = $content; + // The fourth argument to htmlspecialchars was added in PHP 5.2.3. + if (version_compare(PHP_VERSION, '5.2.3') >= 0) { + // Convert & < and > characters but not quotes. Special characters may have been converted + // already to HTML entities by e.g. check_plain(), so we need the fourth argument to prevent + // double encoding. + $vars['themed_rows'][$num][$field] = htmlspecialchars($content, ENT_NOQUOTES, 'ISO-8859-1', FALSE); + } + // Workaround for previous versions of PHP. + // TODO: remove this workaround when upgrading to D7. + else { + // Prevent double encoding of the ampersand. Look for the entities produced by check_plain(). + $content = preg_replace('/&(?!(amp|quot|#039|lt|gt);)/', '&', $content); + // Convert < and > to HTML entities. + $content = str_replace( + array('<', '>'), + array('<', '>'), + $content); + $vars['themed_rows'][$num][$field] = $content; + } } } }