From 8ccd7f0469c4c93f1d8fe4f3776e8b79389740ea Mon Sep 17 00:00:00 2001
From: Wil Mahan <wmahan@users.mediawiki.org>
Date: Tue, 5 Oct 2004 04:13:14 +0000
Subject: [PATCH] Instead of calling htmlspecialchars() on image alt text,
 escape special chars while being careful not to double- escape '&' in
 character entities. Fixes bug 499.

---
 includes/Skin.php | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/includes/Skin.php b/includes/Skin.php
index 3e4af78173..652149aa75 100644
--- a/includes/Skin.php
+++ b/includes/Skin.php
@@ -1774,7 +1774,8 @@ class Skin {
 			$alt = preg_replace( '/\.(.+?)^/', '', $img->getName() );
 		}
 		$alt = preg_replace( '/<[^>]*>/', '', $alt );
-		$alt = htmlspecialchars( $alt );
+		$alt = preg_replace('/&(?!:amp;|#[Xx][0-9A-fa-f]+;|#[0-9]+;|[a-zA-Z0-9]+;)/', '&amp;', $alt);
+		$alt = str_replace( array('<', '>', '"'), array('&lt;', '&gt;', '&quot;'), $alt );
 
 		$u = $nt->escapeLocalURL();
 		if ( $url == '' )
@@ -1802,7 +1803,8 @@ class Skin {
 
 		#$label = htmlspecialchars( $label );
 		$alt = preg_replace( '/<[^>]*>/', '', $label);
-		$alt = htmlspecialchars( $alt );
+		$alt = preg_replace('/&(?!:amp;|#[Xx][0-9A-fa-f]+;|#[0-9]+;|[a-zA-Z0-9]+;)/', '&amp;', $alt);
+		$alt = str_replace( array('<', '>', '"'), array('&lt;', '&gt;', '&quot;'), $alt );
 
 		$width = $height = 0;
 		if ( $img->exists() )
-- 
2.20.1