An attempt to further manipulate the encoded json returned by the PHP function json_encode(), leads to a corrupted json notation.
During the opposite process, trying to recreate the Object from the corrupted data, json_decode() fails and returns an object that is not valid.
The test below uses menu item or module parameters, but note that this problem actually affects all the JRegistry objects.
Summary of Changes
Fixed JRegistry UTF8 crash
Removed bugged, useless, and no longer used unicode_to_utf converters
Testing Instructions
Ensure to have Multibyte String PHP Extension (mb_string). This bug only affects systems with mb_strings features.
Create a new menu item, no matter its type. I chose "Featured Articles".
Fill out menu item parameters at will, for example "Page Heading" and "Show Page Heading".
Click Save, to ensure that the data is being saved. Not essential to reproduce the problem, but useful to see the effect of the crash.
Fill out any text field with a string that could be interpreted as an unicode character. For example, put \u20ac that represents the Euro sign €. British people can put \u00a3 (Pound sign £), if they prefer.
Save again.
All the parameters in the menu item have been wiped out.
Discussion
The methods unicode_to_utf8() and unicode_to_utf16() are clearly bugged
Even if they worked well, they would replace the string \u00a3 with £, but this replacement should not be applied at all. If the user entered \u00a3 in a text input, he expects to find the same string after save. What about entering "\u00a3 represents £ sign" as Browser Page Title? It would not be possible with the automatic replacement.
Inconsistent behaviour: Even if they worked well, they would be applied to the Parameters only. The Menu Item Title currently accepts strings like \u00a3 without applying this kind of replacement.
1) These changes need to go to the respective Framework repos. No file in
the libraries/vendor directory should be manually edited.
2) Even if the string methods are bugged, they can't just be removed in
full until a major version bump. With that said proof they're bugged would
be helpful to justifying their deprecations. The auto convert behavior can
be problematic, but IMO that doesn't justify removing the string methods.
An attempt to further manipulate the encoded json returned by the PHP
function json_encode(), leads to a corrupted json notation.
During the opposite process, trying to recreate the Object from the
corrupted data, json_decode() fails and returns an object that is not valid.
The test below uses menu item or module parameters, but note that this
problem actually affects all the JRegistry objects.
Summary of Changes
Fixed JRegistry UTF8 crash
Removed bugged, useless, and no longer used unicode_to_utf
converters
Testing Instructions
Ensure to have Multibyte String PHP Extension (mb_string). This bug
only affects systems with mb_strings features.
Create a new menu item, no matter its type. I chose "Featured
Articles".
Fill out menu item parameters at will, for example "Page Heading"
and "Show Page Heading" under "Page Dispay" tab.
Click Save, to ensure that the data is being saved. Not essential
to reproduce the problem, but useful to see the effect of the crash.
Fill out any text field with a string that could be interpreted as
an unicode character. For example, put \u20ac that represents the
Euro sign €. British people can put \u00a3 (Pound sign £), if they
prefer. [image: ]
The methods unicode_to_utf8() and unicode_to_utf16() are clearly
bugged
Even if they worked well, they would replace the string \u00a3 with
£, but this replacement should not be applied at all. If the user entered
\u00a3 in a text input, he expects to find the same string after save. What
about entering "\u00a3 represents £ sign" as Browser Page Title? It
would not be possible with the automatic replacement.
Inconsistent behaviour: Even if they worked well, they would be
applied to the Parameters only. The Menu Item Title currently accepts
strings like \u00a3 without applying this kind of replacement.
You can view, comment on, or merge this pull request online at:
1) These changes need to go to the respective Framework repos. No file in
the libraries/vendor directory should be manually edited.
2) Even if the string methods are bugged, they can't just be removed in
full until a major version bump. With that said proof they're bugged would
be helpful to justifying their deprecations. The auto convert behavior can
be problematic, but IMO that doesn't justify removing the string methods.
On Thursday, April 14, 2016, Demis Palma ツ notifications@github.com wrote: