More explicit UTF-8

More explicit UTF-8 in PDO MySQL, html_entity_decode, htmlentities, and
htmlspecialchars (less important)

app/models/Feed.php

@@ -216,7 +216,7 @@ class Feed extends Model {
 		foreach ($feed->get_items () as $item) {
 			$title = $item->get_title ();
 			$title = preg_replace('#<a(.+)>(.+)</a>#', '\\2', $title);
-			$title = htmlentities($title);
+			$title = htmlentities($title, ENT_NOQUOTES, 'UTF-8');
 			$author = $item->get_author ();
 			$link = $item->get_permalink ();
 			$date = strtotime ($item->get_date ());

lib/SimplePie/SimplePie/Misc.php

@@ -138,7 +138,7 @@ class SimplePie_Misc
 		foreach ($element['attribs'] as $key => $value)
 		{
 			$key = strtolower($key);
-			$full .= " $key=\"" . htmlspecialchars($value['data']) . '"';
+			$full .= " $key=\"" . htmlspecialchars($value['data'], ENT_COMPAT, 'UTF-8') . '"';
 		}
 		if ($element['self_closing'])
 		{

lib/lib_phpQuery.php

@@ -3365,7 +3365,7 @@ class phpQueryObject
 	 */
 	public function text($text = null, $callback1 = null, $callback2 = null, $callback3 = null) {
 		if (isset($text))
-			return $this->html(htmlspecialchars($text));
+			return $this->html(htmlspecialchars($text), ENT_NOQUOTES, 'UTF-8');
 		$args = func_get_args();
 		$args = array_slice($args, 1);
 		$return = '';

lib/minz/Request.php

@@ -35,9 +35,9 @@ class Request {
 			if(is_object($p) || $specialchars) {
 				return $p;
 			} elseif(is_array($p)) {
-				return array_map('htmlspecialchars', $p);
+				return array_map('htmlspecialchars', $p, ENT_NOQUOTES, 'UTF-8');
 			} else {
-				return htmlspecialchars($p);
+				return htmlspecialchars($p, ENT_NOQUOTES, 'UTF-8');
 			}
 		} else {
 			return $default;

lib/minz/dao/Model_pdo.php

@@ -22,23 +22,29 @@ class Model_pdo {
 	 */
 	public function __construct () {
 		$db = Configuration::dataBase ();
+		$driver_options = null;
 
 		try {
 			$type = $db['type'];
 			if($type == 'mysql') {
 				$string = $type
 				        . ':host=' . $db['host']
-				        . ';dbname=' . $db['base'];
+				        . ';dbname=' . $db['base']
+				        . ';charset=utf8';
+				$driver_options = array(
+					PDO::MYSQL_ATTR_INIT_COMMAND => 'SET NAMES utf8'
+					);
 			} elseif($type == 'sqlite') {
 				$string = $type
 				        . ':/' . PUBLIC_PATH
-				        . '/data/' . $db['base'] . '.sqlite';
+				        . '/data/' . $db['base'] . '.sqlite';	//TODO: DEBUG UTF-8 http://www.siteduzero.com/forum/sujet/sqlite-connexion-utf-8-18797
 			}
 
 			$this->bd = new PDO (
 				$string,
 				$db['user'],
-				$db['password']
+				$db['password'],
+				$driver_options
 			);
 
 			$this->prefix = $db['prefix'];

public/install.php

@@ -309,8 +309,12 @@ function checkBD () {
 
 	try {
 		$str = '';
+		$driver_options = null;
 		if($_SESSION['bd_type'] == 'mysql') {
 			$str = 'mysql:host=' . $_SESSION['bd_host'] . ';dbname=' . $_SESSION['bd_name'];
+			$driver_options = array(
+				PDO::MYSQL_ATTR_INIT_COMMAND => 'SET NAMES utf8'
+				);
 		} elseif($_SESSION['bd_type'] == 'sqlite') {
 			$str = 'sqlite:' . PUBLIC_PATH
 			     . '/data/' . $_SESSION['bd_name'] . '.sqlite';
@@ -318,7 +322,8 @@ function checkBD () {
 
 		$c = new PDO ($str,
 			      $_SESSION['bd_user'],
-			      $_SESSION['bd_pass']);
+			      $_SESSION['bd_pass'],
+			      $driver_options);
 
 		$sql = sprintf (SQL_REQ_CAT, $_SESSION['bd_prefix']);
 		$res = $c->query ($sql);