Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Drupal 7 htmlspecialchars expects parameter 1 to be string

Posted on 2013-12-04
5
Medium Priority
?
2,512 Views
Last Modified: 2014-01-14
We're using Drupal 7.14.

We get "Warning: htmlspecialchars() expects parameter 1 to be string, array given in check_plain() (line 1572 of /usr/local/www/.../.../includes/bootstrap.inc)." when we access the "Views" pages that has "exposed filters" in the filter criteria. I think this warning fires when there're multiple exposed filters...  

We cannot upgrade Drupal version yet as a solution.

Views version is 7.x-3.7

# php -v
PHP 5.3.5 with Suhosin-Patch (cli) (built: Jan 17 2011 16:31:18)
Copyright (c) 1997-2009 The PHP Group
Zend Engine v2.3.0, Copyright (c) 1998-2010 Zend Technologies

Thanks in advance.
0
Comment
Question by:sbayrak
  • 3
  • 2
5 Comments
 
LVL 60

Expert Comment

by:Julian Hansen
ID: 39697554
This is appears to be a minor problem with Drupal that appears to be addressed in later vesions.

This article proposes a solution for getting around the warning by editing the bootstrap.inc file and modifying the check_plain function.

http://info4admins.com/warning-htmlspecialchars-expects-parameter-1-be-string-array-given-includesbootstrap-inc-line/

You might want to check this out as an interim solution. Source from above link included below for reference
function check_plain($text) {
static $php525;

if (!isset($php525)) {
$php525 = version_compare(PHP_VERSION, ’5.2.5', ‘>=’);
}
// We duplicate the preg_match() to validate strings as UTF-8 from
// drupal_validate_utf8() here. This avoids the overhead of an additional
// function call, since check_plain() may be called hundreds of times during
// a request. For PHP 5.2.5+, this check for valid UTF-8 should be handled
// internally by PHP in htmlspecialchars().
// @see http://www.php.net/releases/5_2_5.php
// @todo remove this when support for either IE6 or PHP < 5.2.5 is dropped.

if ($php525) {
//Org: return htmlspecialchars($text, ENT_QUOTES, ‘UTF-8');
//Fix:
return (preg_match(‘/^./us’, (string) $text) == 1) ? htmlspecialchars((string) $text, ENT_QUOTES, ‘UTF-8') : ”;

}
return (preg_match(‘/^./us’, $text) == 1) ? htmlspecialchars($text, ENT_QUOTES, ‘UTF-8') : ”;
}

Open in new window

0
 
LVL 1

Author Comment

by:sbayrak
ID: 39697887
I think this workaround was planned for the versions older than mine. We use Drupal 7.14 at the moment. So there're differences at that part of the bootstrap.inc code. But even so this doesn't mean that it won't work for our version.

Here's what goes on at line 1572 in my version. Only three lines;

function check_plain($text) {
  return htmlspecialchars($text, ENT_QUOTES, 'UTF-8');       
}

Open in new window


I'm not a PHP expert but I replaced the relevant line similar as your workarround suggests. I'm testing it on the beta site now and I will test it for a while. Do you think that it will work as such?

function check_plain($text) {
// return htmlspecialchars($text, ENT_QUOTES, 'UTF-8');      
  return (preg_match('/^./us', (string) $text) == 1) ? htmlspecialchars((string) $text, ENT_QUOTES, 'UTF-8') : '';           
}

Open in new window


Thanks.
0
 
LVL 60

Accepted Solution

by:
Julian Hansen earned 1500 total points
ID: 39697934
If you look at the code posted the code commented out as

// Orig

Contains the line you have in yours - and is the same as mine - which is version 7.22

The code changes recommended will be fine for your version.

With regards to your question - I think you should include the other bits as well which basically setup a condition for the version of PHP you are using. Here is a stripped down version of the recommended change
function check_plain($text) 
{
  static $php525;

  if (!isset($php525)) {
    $php525 = version_compare(PHP_VERSION, '5.2.5', '>=');
  }

  if ($php525) {
    return (preg_match('/^./us', (string) $text) == 1) ? htmlspecialchars((string) $text, ENT_QUOTES, 'UTF-8') : '';
  }
  return (preg_match('/^./us', $text) == 1) ? htmlspecialchars($text, ENT_QUOTES, 'UTF-8') : ";
}

Open in new window

0
 
LVL 1

Author Comment

by:sbayrak
ID: 39699359
I see. My version is unnecessarily creative. I think I was prejudiced when I saw php525 as variables.

Now I'm testing your version as;

function check_plain($text) {
// Orig: return htmlspecialchars($text, ENT_QUOTES, 'UTF-8');
  static $php525;
  if (!isset($php525)) {
    $php525 = version_compare(PHP_VERSION, '5.2.5', '>=');
  }
  if ($php525) {
    return (preg_match('/^./us', (string) $text) == 1) ? htmlspecialchars((string) $text, ENT_QUOTES, 'UTF-8') : '';
  }  
  return (preg_match('/^./us', $text) == 1) ? htmlspecialchars($text, ENT_QUOTES, 'UTF-8') : '';
} 

Open in new window

0
 
LVL 60

Expert Comment

by:Julian Hansen
ID: 39778608
Thanks for the poings - however could you provide more information as to why you assigned a B grade to this question?

Please refer to this article for more information http://support.experts-exchange.com/customer/portal/articles/481419
0

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Since I am currently running into this issue right now as I type this, I though I would share my experiences with moving a ModX Revolution site from one server to another.  It is not an easy task, but can be accomplished rather easily. The first …
Many old projects have bad code, but the budget doesn't exist to rewrite the codebase. You can update this code to be safer by introducing contemporary input validation, sanitation, and safer database queries.
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.
Suggested Courses

927 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question