Opened 8 years ago
Closed 8 years ago
#37913 closed defect (bug) (wontfix)
Switch/case string comparison is case-sensitive
Reported by: | mangeshp | Owned by: | |
---|---|---|---|
Milestone: | Priority: | normal | |
Severity: | normal | Version: | 4.6 |
Component: | External Libraries | Keywords: | has-patch |
Focuses: | Cc: |
Description
Switch/case string comparison is case-sensitive. It's better not to assume that whatever data we will receive in a function argument will be in the same case as we will be checking in condition.
Take a look at this snippet from file wp-includes/ID3/getid3.lib.php
:
switch ($charset) { case '1251': case '1252': case '866': case '932': case '936': case '950': case 'BIG5': case 'BIG5-HKSCS': case 'cp1251': case 'cp1252': case 'cp866': case 'EUC-JP': case 'EUCJP': case 'GB2312': case 'ibm866': case 'ISO-8859-1': case 'ISO-8859-15': case 'ISO8859-1': case 'ISO8859-15': case 'KOI8-R': case 'koi8-ru': case 'koi8r': case 'Shift_JIS': case 'SJIS': case 'win-1251': case 'Windows-1251': case 'Windows-1252': $HTMLstring = htmlentities($string, ENT_COMPAT, $charset); break; case 'UTF-8': $strlen = strlen($string); for ($i = 0; $i < $strlen; $i++) { $char_ord_val = ord($string{$i}); $charval = 0; if ($char_ord_val < 0x80) { $charval = $char_ord_val; } elseif ((($char_ord_val & 0xF0) >> 4) == 0x0F && $i+3 < $strlen) { $charval = (($char_ord_val & 0x07) << 18); $charval += ((ord($string{++$i}) & 0x3F) << 12); $charval += ((ord($string{++$i}) & 0x3F) << 6); $charval += (ord($string{++$i}) & 0x3F); } elseif ((($char_ord_val & 0xE0) >> 5) == 0x07 && $i+2 < $strlen) { $charval = (($char_ord_val & 0x0F) << 12); $charval += ((ord($string{++$i}) & 0x3F) << 6); $charval += (ord($string{++$i}) & 0x3F); } elseif ((($char_ord_val & 0xC0) >> 6) == 0x03 && $i+1 < $strlen) { $charval = (($char_ord_val & 0x1F) << 6); $charval += (ord($string{++$i}) & 0x3F); } if (($charval >= 32) && ($charval <= 127)) { $HTMLstring .= htmlentities(chr($charval)); } else { $HTMLstring .= '&#'.$charval.';'; } } break; case 'UTF-16LE': for ($i = 0; $i < strlen($string); $i += 2) { $charval = self::LittleEndian2Int(substr($string, $i, 2)); if (($charval >= 32) && ($charval <= 127)) { $HTMLstring .= chr($charval); } else { $HTMLstring .= '&#'.$charval.';'; } } break; case 'UTF-16BE': for ($i = 0; $i < strlen($string); $i += 2) { $charval = self::BigEndian2Int(substr($string, $i, 2)); if (($charval >= 32) && ($charval <= 127)) { $HTMLstring .= chr($charval); } else { $HTMLstring .= '&#'.$charval.';'; } } break;
Which could have been like this :
switch (strtolower($charset)) { case '1251': case '1252': case '866': case '932': case '936': case '950': case 'big5': case 'big5-hkscs': case 'cp1251': case 'cp1252': case 'cp866': case 'euc-jp': case 'eucjp': case 'gb2312': case 'ibm866': case 'iso-8859-1': case 'iso-8859-15': case 'iso8859-1': case 'iso8859-15': case 'koi8-r': case 'koi8-ru': case 'koi8r': case 'shift_jis': case 'sjis': case 'win-1251': case 'windows-1251': case 'windows-1252': $HTMLstring = htmlentities($string, ENT_COMPAT, $charset); break; case 'utf-8': $strlen = strlen($string); for ($i = 0; $i < $strlen; $i++) { $char_ord_val = ord($string{$i}); $charval = 0; if ($char_ord_val < 0x80) { $charval = $char_ord_val; } elseif ((($char_ord_val & 0xF0) >> 4) == 0x0F && $i+3 < $strlen) { $charval = (($char_ord_val & 0x07) << 18); $charval += ((ord($string{++$i}) & 0x3F) << 12); $charval += ((ord($string{++$i}) & 0x3F) << 6); $charval += (ord($string{++$i}) & 0x3F); } elseif ((($char_ord_val & 0xE0) >> 5) == 0x07 && $i+2 < $strlen) { $charval = (($char_ord_val & 0x0F) << 12); $charval += ((ord($string{++$i}) & 0x3F) << 6); $charval += (ord($string{++$i}) & 0x3F); } elseif ((($char_ord_val & 0xC0) >> 6) == 0x03 && $i+1 < $strlen) { $charval = (($char_ord_val & 0x1F) << 6); $charval += (ord($string{++$i}) & 0x3F); } if (($charval >= 32) && ($charval <= 127)) { $HTMLstring .= htmlentities(chr($charval)); } else { $HTMLstring .= '&#'.$charval.';'; } } break; case 'utf-16le': for ($i = 0; $i < strlen($string); $i += 2) { $charval = self::LittleEndian2Int(substr($string, $i, 2)); if (($charval >= 32) && ($charval <= 127)) { $HTMLstring .= chr($charval); } else { $HTMLstring .= '&#'.$charval.';'; } } break; case 'utf-16be': for ($i = 0; $i < strlen($string); $i += 2) { $charval = self::BigEndian2Int(substr($string, $i, 2)); if (($charval >= 32) && ($charval <= 127)) { $HTMLstring .= chr($charval); } else { $HTMLstring .= '&#'.$charval.';'; } } break;
Attachments (1)
Change History (3)
Note: See
TracTickets for help on using
tickets.
@mangeshp, thanks for the report!
getID3() is an external library, please submit the patch upstream: http://www.getid3.org/.
If we update it in the future, the fix would probably be included, there is no need to have an extra Trac ticket for that.