From b833247ce597ec26159b46c8dfbea7f1e265950b Mon Sep 17 00:00:00 2001
From: Ciro Mattia Gonano <ciromattia@gmail.com>
Date: Mon, 29 Jul 2013 11:51:43 +0200
Subject: Merge r3299

---
 framework/3rdParty/SafeHtml/TSafeHtmlParser.php | 17 +++++++++++++++--
 1 file changed, 15 insertions(+), 2 deletions(-)

(limited to 'framework')

diff --git a/framework/3rdParty/SafeHtml/TSafeHtmlParser.php b/framework/3rdParty/SafeHtml/TSafeHtmlParser.php
index 119988d7..f26c0ae1 100644
--- a/framework/3rdParty/SafeHtml/TSafeHtmlParser.php
+++ b/framework/3rdParty/SafeHtml/TSafeHtmlParser.php
@@ -364,8 +364,21 @@ class TSafeHtmlParser
                    }
                 }
 
-                $tempval = preg_replace('/&#(\d+);?/me', "chr('\\1')", $value); //"'
-                $tempval = preg_replace('/&#x([0-9a-f]+);?/mei', "chr(hexdec('\\1'))", $tempval);
+				$tempval = preg_replace_callback(
+						'/&#(\d+);?/m',
+						function ($matches) {
+							return chr($matches[0]);
+						},
+						$value
+					); //"'
+
+				$tempval = preg_replace_callback(
+						'/&#x([0-9a-f]+);?/mi',
+						function ($matches) {
+							return chr(hexdec($matches[0]));
+						},
+						$tempval
+					);
 
                 if ((in_array($name, $this->protocolAttributes)) &&
                     (strpos($tempval, ':') !== false))
-- 
cgit v1.2.3