Release version 1.1.31

marcovtwout · marcovtwout · commit 34bac577947d · 2025-04-10T15:57:47.000+02:00
diff --git a/CHANGELOG b/CHANGELOG
@@ -1,7 +1,7 @@
                    Yii Framework Change Log
                    ========================
 
-Version 1.1.31 under development
+Version 1.1.31 April 10, 2025
 --------------------------------
 
 - Bug #4579: Fix Czech translation for "not equal to" validation message in CCompareValidator (karelvasicek)
diff --git a/framework/YiiBase.php b/framework/YiiBase.php
@@ -87,7 +87,7 @@ class YiiBase
 	 */
 	public static function getVersion()
 	{
-		return '1.1.31-dev';
+		return '1.1.31';
 	}
 
 	/**
diff --git a/framework/yiilite.php b/framework/yiilite.php
@@ -41,7 +41,7 @@ class YiiBase
 	private static $_logger;
 	public static function getVersion()
 	{
-		return '1.1.31-dev';
+		return '1.1.31';
 	}
 	public static function createWebApplication($config=null)
 	{
@@ -1607,7 +1607,7 @@ public function displayError($code,$message,$file,$line)
 		if(YII_DEBUG)
 		{
 			echo "<h1>PHP Error [$code]</h1>\n";
-			echo "<p>$message ($file:$line)</p>\n";
+			echo "<p>".nl2br($this->htmlEncodeInternal($message))." (".$this->htmlEncodeInternal($file).":$line)</p>\n";
 			echo '<pre>';
 			$trace=debug_backtrace();
 			// skip the first 2 stacks as they are always irrelevant
@@ -1631,23 +1631,27 @@ public function displayError($code,$message,$file,$line)
 		else
 		{
 			echo "<h1>PHP Error [$code]</h1>\n";
-			echo "<p>$message</p>\n";
+			echo "<p>".nl2br($this->htmlEncodeInternal($message))."</p>\n";
 		}
 	}
 	public function displayException($exception)
 	{
 		if(YII_DEBUG)
 		{
 			echo '<h1>'.get_class($exception)."</h1>\n";
-			echo '<p>'.$exception->getMessage().' ('.$exception->getFile().':'.$exception->getLine().')</p>';
-			echo '<pre>'.$exception->getTraceAsString().'</pre>';
+			echo '<p>'.nl2br($this->htmlEncodeInternal($exception->getMessage())).' ('.$this->htmlEncodeInternal($exception->getFile()).':'.$exception->getLine().')</p>';
+			echo '<pre>'.$this->htmlEncodeInternal($exception->getTraceAsString()).'</pre>';
 		}
 		else
 		{
 			echo '<h1>'.get_class($exception)."</h1>\n";
-			echo '<p>'.$exception->getMessage().'</p>';
+			echo '<p>'.nl2br($this->htmlEncodeInternal($exception->getMessage())).'</p>';
 		}
 	}
+	private function htmlEncodeInternal($string)
+	{
+		return htmlspecialchars($string, ENT_NOQUOTES | ENT_SUBSTITUTE | ENT_HTML5, 'UTF-8');
+	}
 	protected function initSystemHandlers()
 	{
 		if(YII_ENABLE_EXCEPTION_HANDLER)

Original file line number	Diff line number	Diff line change
`@@ -87,7 +87,7 @@ class YiiBase`
`87`	`87`	`*/`
`88`	`88`	`public static function getVersion()`
`89`	`89`	`{`
`90`		`- return '1.1.31-dev';`
	`90`	`+ return '1.1.31';`
`91`	`91`	`}`
`92`	`92`
`93`	`93`	`/**`
Original file line number	Diff line number	Diff line change
`@@ -41,7 +41,7 @@ class YiiBase`
`41`	`41`	`private static $_logger;`
`42`	`42`	`public static function getVersion()`
`43`	`43`	`{`
`44`		`- return '1.1.31-dev';`
	`44`	`+ return '1.1.31';`
`45`	`45`	`}`
`46`	`46`	`public static function createWebApplication($config=null)`
`47`	`47`	`{`
`@@ -1607,7 +1607,7 @@ public function displayError($code,$message,$file,$line)`
`1607`	`1607`	`if(YII_DEBUG)`
`1608`	`1608`	`{`
`1609`	`1609`	`echo "<h1>PHP Error [$code]</h1>\n";`
`1610`		`- echo "<p>$message ($file:$line)</p>\n";`
	`1610`	`+ echo "<p>".nl2br($this->htmlEncodeInternal($message))." (".$this->htmlEncodeInternal($file).":$line)</p>\n";`
`1611`	`1611`	`echo '<pre>';`
`1612`	`1612`	`$trace=debug_backtrace();`
`1613`	`1613`	`// skip the first 2 stacks as they are always irrelevant`
`@@ -1631,23 +1631,27 @@ public function displayError($code,$message,$file,$line)`
`1631`	`1631`	`else`
`1632`	`1632`	`{`
`1633`	`1633`	`echo "<h1>PHP Error [$code]</h1>\n";`
`1634`		`- echo "<p>$message</p>\n";`
	`1634`	`+ echo "<p>".nl2br($this->htmlEncodeInternal($message))."</p>\n";`
`1635`	`1635`	`}`
`1636`	`1636`	`}`
`1637`	`1637`	`public function displayException($exception)`
`1638`	`1638`	`{`
`1639`	`1639`	`if(YII_DEBUG)`
`1640`	`1640`	`{`
`1641`	`1641`	`echo '<h1>'.get_class($exception)."</h1>\n";`
`1642`		`- echo '<p>'.$exception->getMessage().' ('.$exception->getFile().':'.$exception->getLine().')</p>';`
`1643`		`- echo '<pre>'.$exception->getTraceAsString().'</pre>';`
	`1642`	`+ echo '<p>'.nl2br($this->htmlEncodeInternal($exception->getMessage())).' ('.$this->htmlEncodeInternal($exception->getFile()).':'.$exception->getLine().')</p>';`
	`1643`	`+ echo '<pre>'.$this->htmlEncodeInternal($exception->getTraceAsString()).'</pre>';`
`1644`	`1644`	`}`
`1645`	`1645`	`else`
`1646`	`1646`	`{`
`1647`	`1647`	`echo '<h1>'.get_class($exception)."</h1>\n";`
`1648`		`- echo '<p>'.$exception->getMessage().'</p>';`
	`1648`	`+ echo '<p>'.nl2br($this->htmlEncodeInternal($exception->getMessage())).'</p>';`
`1649`	`1649`	`}`
`1650`	`1650`	`}`
	`1651`	`+ private function htmlEncodeInternal($string)`
	`1652`	`+ {`
	`1653`	`+ return htmlspecialchars($string, ENT_NOQUOTES \| ENT_SUBSTITUTE \| ENT_HTML5, 'UTF-8');`
	`1654`	`+ }`
`1651`	`1655`	`protected function initSystemHandlers()`
`1652`	`1656`	`{`
`1653`	`1657`	`if(YII_ENABLE_EXCEPTION_HANDLER)`