From b925a1b6b9b6178352e0b0c0be63950ef37c6464 Mon Sep 17 00:00:00 2001
From: Wytze van der Raay <wytze@cacert.org>
Date: Thu, 17 Jan 2013 15:00:35 +0000
Subject: [PATCH] Fix for https://bugs.cacert.org/view.php?id=1097 "Special
 characters which have no HTML-entities are not properly escaped"

---
 locale/escape_special_chars.php | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/locale/escape_special_chars.php b/locale/escape_special_chars.php
index 32de390..0f494f1 100644
--- a/locale/escape_special_chars.php
+++ b/locale/escape_special_chars.php
@@ -41,6 +41,9 @@ function is_msgid($line) {
 	return substr_compare($line, MSGID, 0, MSGID_LEN) === 0;
 }
 
+
+////////////// Main //////////////
+
 // Skip the metadata (first msgid/msgstr pair)
 while (!feof(STDIN)) {
 	$line = fgets(STDIN);
@@ -65,7 +68,13 @@ while (!feof(STDIN)) {
 	}
 	
 	if ($msgstr) {
+		// Escape everything that has a special HTML entity such as
+		// &gt; or &auml; except quote characters
 		$line = htmlentities($line, ENT_NOQUOTES, "UTF-8");
+		
+		// Escape everything else -> all characters that don't have a special
+		// HTML entity but are outside the ASCII range
+		$line = mb_convert_encoding($line, "HTML-ENTITIES", "UTF-8");
 	}
 	echo $line;
 }