Fixes issue locutusjs#206: Double encoding bug

Rafal Kukawski · Rafal Kukawski · commit f37253fc0c0b · 2015-01-12T09:36:21.000+01:00
diff --git a/functions/strings/htmlentities.js b/functions/strings/htmlentities.js
@@ -1,23 +1,24 @@
 function htmlentities(string, quote_style, charset, double_encode) {
-  //  discuss at: http://phpjs.org/functions/htmlentities/
+  // discuss at: http://phpjs.org/functions/htmlentities/
   // original by: Kevin van Zonneveld (http://kevin.vanzonneveld.net)
-  //  revised by: Kevin van Zonneveld (http://kevin.vanzonneveld.net)
-  //  revised by: Kevin van Zonneveld (http://kevin.vanzonneveld.net)
+  // revised by: Kevin van Zonneveld (http://kevin.vanzonneveld.net)
+  // revised by: Kevin van Zonneveld (http://kevin.vanzonneveld.net)
   // improved by: nobbler
   // improved by: Jack
   // improved by: Rafał Kukawski (http://blog.kukawski.pl)
   // improved by: Dj (http://phpjs.org/functions/htmlentities:425#comment_134018)
   // bugfixed by: Onno Marsman
   // bugfixed by: Brett Zamir (http://brett-zamir.me)
-  //    input by: Ratheous
-  //  depends on: get_html_translation_table
-  //   example 1: htmlentities('Kevin & van Zonneveld');
-  //   returns 1: 'Kevin &amp; van Zonneveld'
-  //   example 2: htmlentities("foo'bar","ENT_QUOTES");
-  //   returns 2: 'foo&#039;bar'
-
+  // input by: Ratheous
+  // depends on: get_html_translation_table
+  // note: function is compatible with PHP 5.2 and older
+  // example 1: htmlentities('Kevin & van Zonneveld');
+  // returns 1: 'Kevin &amp; van Zonneveld'
+  // example 2: htmlentities("foo'bar","ENT_QUOTES");
+  // returns 2: 'foo&#039;bar'
   var hash_map = this.get_html_translation_table('HTML_ENTITIES', quote_style),
-    symbol = '';
+      symbol = '';
+
   string = string == null ? '' : string + '';
 
   if (!hash_map) {
@@ -28,25 +29,21 @@ function htmlentities(string, quote_style, charset, double_encode) {
     hash_map["'"] = '&#039;';
   }
 
-  if ( !! double_encode || double_encode == null) {
-    for (symbol in hash_map) {
-      if (hash_map.hasOwnProperty(symbol)) {
-        string = string.split(symbol)
-          .join(hash_map[symbol]);
-      }
-    }
-  } else {
-    string = string.replace(/([\s\S]*?)(&(?:#\d+|#x[\da-f]+|[a-zA-Z][\da-z]*);|$)/g, function (ignore, text, entity) {
-      for (symbol in hash_map) {
-        if (hash_map.hasOwnProperty(symbol)) {
-          text = text.split(symbol)
-            .join(hash_map[symbol]);
-        }
-      }
+  double_encode = double_encode == null || !!double_encode;
 
-      return text + entity;
-    });
-  }
+  var regex = new RegExp("&(?:#\\d+|#x[\\da-f]+|[a-zA-Z][\\da-z]*);|[" +
+                Object.keys(hash_map)
+                  .join("")
+                  // replace regexp special chars
+                  .replace(/([()[\]{}\-.*+?^$|\/\\])/g, "\\$1")
+                + "]",
+              "g");
+
+  return string.replace(regex, function (ent) {
+    if (ent.length > 1) {
+      return double_encode ? hash_map["&"] + ent.substr(1) : ent;
+    }
 
-  return string;
-}
+    return hash_map[ent];
+  });
+}
