1) These changes need to go to the respective Framework repos. No file in
the libraries/vendor directory should be manually edited.

2) Even if the string methods are bugged, they can't just be removed in
full until a major version bump. With that said proof they're bugged would
be helpful to justifying their deprecations. The auto convert behavior can
be problematic, but IMO that doesn't justify removing the string methods.

On Thursday, April 14, 2016, Demis Palma ツ notifications@github.com wrote:

An attempt to further manipulate the encoded json returned by the PHP
function json_encode(), leads to a corrupted json notation.
During the opposite process, trying to recreate the Object from the
corrupted data, json_decode() fails and returns an object that is not valid.

The test below uses menu item or module parameters, but note that this
problem actually affects all the JRegistry objects.
Summary of Changes

1. Fixed JRegistry UTF8 crash
2. Removed bugged, useless, and no longer used unicode_to_utf converters

Testing Instructions

1. Ensure to have Multibyte String PHP Extension (mb_string). This bug only affects systems with mb_strings features.
2. Create a new menu item, no matter its type. I chose "Featured Articles".
3. Fill out menu item parameters at will, for example "Page Heading" and "Show Page Heading" under "Page Dispay" tab.
4. Click Save, to ensure that the data is being saved. Not essential to reproduce the problem, but useful to see the effect of the crash.

[image: parameters]
https://cloud.githubusercontent.com/assets/1609992/14548020/1ed5864a-02ab-11e6-9723-dd085a5ffa07.png

1. Fill out any text field with a string that could be interpreted as an unicode character. For example, put \u20ac that represents the Euro sign €. British people can put \u00a3 (Pound sign £), if they prefer. [image: ]

[image: unicode]
https://cloud.githubusercontent.com/assets/1609992/14548031/35daa582-02ab-11e6-8c68-97d292ce0dba.png

1. Save again.
2. All the parameters in the menu item have been wiped out.

[image: flushed]
https://cloud.githubusercontent.com/assets/1609992/14548038/3eb09a90-02ab-11e6-9dca-31740ca7f84e.png
Discussion

1. The methods unicode_to_utf8() and unicode_to_utf16() are clearly bugged
2. Even if they worked well, they would replace the string \u00a3 with £, but this replacement should not be applied at all. If the user entered \u00a3 in a text input, he expects to find the same string after save. What about entering "\u00a3 represents £ sign" as Browser Page Title? It would not be possible with the automatic replacement.
3. Inconsistent behaviour: Even if they worked well, they would be applied to the Parameters only. The Menu Item Title currently accepts strings like \u00a3 without applying this kind of replacement.

---

You can view, comment on, or merge this pull request online at:

#9922
Commit Summary

• Fixed JRegistry UTF8 crash
• Removed bugged, useless, and no longer used unicode_to_utf converters

File Changes

• M libraries/vendor/joomla/registry/src/Format/Json.php https://github.com/joomla/joomla-cms/pull/9922/files#diff-0 (2)
• M libraries/vendor/joomla/string/src/StringHelper.php https://github.com/joomla/joomla-cms/pull/9922/files#diff-1 (52)

Patch Links:

• https://github.com/joomla/joomla-cms/pull/9922.patch
• https://github.com/joomla/joomla-cms/pull/9922.diff

—
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub
#9922

Closed for reasons stated above by @mbabker please submit to the framework repos