Make the debugger tolerate latin-1 characters in all fields, not just method payload

diff --git a/debugger/action.php b/debugger/action.php
index 7bb07f5..c818429 100644 (file)
--- a/debugger/action.php
+++ b/debugger/action.php
@@ -239,7 +239,7 @@ if ($action) {
 
     // Before calling execute, echo out brief description of action taken + date and time ???
     // this gives good user feedback for long-running methods...
-    echo '<h2>' . htmlspecialchars($actionname) . ' on server ' . htmlspecialchars($server) . " ...</h2>\n";
+    echo '<h2>' . htmlspecialchars($actionname, ENT_COMPAT, $inputcharset) . ' on server ' . htmlspecialchars($server, ENT_COMPAT, $inputcharset) . " ...</h2>\n";
     flush();
 
     $response = null;
@@ -265,14 +265,14 @@ if ($action) {
     if ($response) {
         if ($response->faultCode()) {
             // call failed! echo out error msg!
-            //echo '<h2>'.htmlspecialchars($actionname).' on server '.htmlspecialchars($server).'</h2>';
+            //echo '<h2>'.htmlspecialchars($actionname, ENT_COMPAT, $inputcharset).' on server '.htmlspecialchars($server, ENT_COMPAT, $inputcharset).'</h2>';
             echo "<h3>$protoName call FAILED!</h3>\n";
-            echo "<p>Fault code: [" . htmlspecialchars($response->faultCode()) .
-                "] Reason: '" . htmlspecialchars($response->faultString()) . "'</p>\n";
+            echo "<p>Fault code: [" . htmlspecialchars($response->faultCode(), ENT_COMPAT, \PhpXmlRpc\PhpXmlRpc::$xmlrpc_internalencoding) .
+                "] Reason: '" . htmlspecialchars($response->faultString(), ENT_COMPAT, \PhpXmlRpc\PhpXmlRpc::$xmlrpc_internalencoding) . "'</p>\n";
             echo(strftime("%d/%b/%Y:%H:%M:%S\n"));
         } else {
             // call succeeded: parse results
-            //echo '<h2>'.htmlspecialchars($actionname).' on server '.htmlspecialchars($server).'</h2>';
+            //echo '<h2>'.htmlspecialchars($actionname, ENT_COMPAT, $inputcharset).' on server '.htmlspecialchars($server, ENT_COMPAT, $inputcharset).'</h2>';
             printf("<h3>%s call(s) OK (%.2f secs.)</h3>\n", $protoName, $time);
             echo(strftime("%d/%b/%Y:%H:%M:%S\n"));
 
@@ -291,27 +291,27 @@ if ($action) {
                             } else {
                                 $class = ' class="evenrow"';
                             }
-                            echo("<tr><td$class>" . htmlspecialchars($rec->scalarval()) . "</td><td$class><form action=\"controller.php\" method=\"get\" target=\"frmcontroller\">" .
-                                "<input type=\"hidden\" name=\"host\" value=\"" . htmlspecialchars($host) . "\" />" .
-                                "<input type=\"hidden\" name=\"port\" value=\"" . htmlspecialchars($port) . "\" />" .
-                                "<input type=\"hidden\" name=\"path\" value=\"" . htmlspecialchars($path) . "\" />" .
-                                "<input type=\"hidden\" name=\"id\" value=\"" . htmlspecialchars($id) . "\" />" .
+                            echo("<tr><td$class>" . htmlspecialchars($rec->scalarval(), ENT_COMPAT, \PhpXmlRpc\PhpXmlRpc::$xmlrpc_internalencoding) . "</td><td$class><form action=\"controller.php\" method=\"get\" target=\"frmcontroller\">" .
+                                "<input type=\"hidden\" name=\"host\" value=\"" . htmlspecialchars($host, ENT_COMPAT, $inputcharset) . "\" />" .
+                                "<input type=\"hidden\" name=\"port\" value=\"" . htmlspecialchars($port, ENT_COMPAT, $inputcharset) . "\" />" .
+                                "<input type=\"hidden\" name=\"path\" value=\"" . htmlspecialchars($path, ENT_COMPAT, $inputcharset) . "\" />" .
+                                "<input type=\"hidden\" name=\"id\" value=\"" . htmlspecialchars($id, ENT_COMPAT, $inputcharset) . "\" />" .
                                 "<input type=\"hidden\" name=\"debug\" value=\"$debug\" />" .
-                                "<input type=\"hidden\" name=\"username\" value=\"" . htmlspecialchars($username) . "\" />" .
-                                "<input type=\"hidden\" name=\"password\" value=\"" . htmlspecialchars($password) . "\" />" .
+                                "<input type=\"hidden\" name=\"username\" value=\"" . htmlspecialchars($username, ENT_COMPAT, $inputcharset) . "\" />" .
+                                "<input type=\"hidden\" name=\"password\" value=\"" . htmlspecialchars($password, ENT_COMPAT, $inputcharset) . "\" />" .
                                 "<input type=\"hidden\" name=\"authtype\" value=\"$authtype\" />" .
                                 "<input type=\"hidden\" name=\"verifyhost\" value=\"$verifyhost\" />" .
                                 "<input type=\"hidden\" name=\"verifypeer\" value=\"$verifypeer\" />" .
-                                "<input type=\"hidden\" name=\"cainfo\" value=\"" . htmlspecialchars($cainfo) . "\" />" .
-                                "<input type=\"hidden\" name=\"proxy\" value=\"" . htmlspecialchars($proxy) . "\" />" .
-                                "<input type=\"hidden\" name=\"proxyuser\" value=\"" . htmlspecialchars($proxyuser) . "\" />" .
-                                "<input type=\"hidden\" name=\"proxypwd\" value=\"" . htmlspecialchars($proxypwd) . "\" />" .
+                                "<input type=\"hidden\" name=\"cainfo\" value=\"" . htmlspecialchars($cainfo, ENT_COMPAT, $inputcharset) . "\" />" .
+                                "<input type=\"hidden\" name=\"proxy\" value=\"" . htmlspecialchars($proxy, ENT_COMPAT, $inputcharset) . "\" />" .
+                                "<input type=\"hidden\" name=\"proxyuser\" value=\"" . htmlspecialchars($proxyuser, ENT_COMPAT, $inputcharset) . "\" />" .
+                                "<input type=\"hidden\" name=\"proxypwd\" value=\"" . htmlspecialchars($proxypwd, ENT_COMPAT, $inputcharset) . "\" />" .
                                 "<input type=\"hidden\" name=\"responsecompression\" value=\"$responsecompression\" />" .
                                 "<input type=\"hidden\" name=\"requestcompression\" value=\"$requestcompression\" />" .
-                                "<input type=\"hidden\" name=\"clientcookies\" value=\"" . htmlspecialchars($clientcookies) . "\" />" .
+                                "<input type=\"hidden\" name=\"clientcookies\" value=\"" . htmlspecialchars($clientcookies, ENT_COMPAT, $inputcharset) . "\" />" .
                                 "<input type=\"hidden\" name=\"protocol\" value=\"$protocol\" />" .
-                                "<input type=\"hidden\" name=\"timeout\" value=\"" . htmlspecialchars($timeout) . "\" />" .
-                                "<input type=\"hidden\" name=\"method\" value=\"" . $rec->scalarval() . "\" />" .
+                                "<input type=\"hidden\" name=\"timeout\" value=\"" . htmlspecialchars($timeout, ENT_COMPAT, $inputcharset) . "\" />" .
+                                "<input type=\"hidden\" name=\"method\" value=\"" . htmlspecialchars($rec->scalarval(), ENT_COMPAT, \PhpXmlRpc\PhpXmlRpc::$xmlrpc_internalencoding) . "\" />" .
                                 "<input type=\"hidden\" name=\"wstype\" value=\"$wstype\" />" .
                                 "<input type=\"hidden\" name=\"action\" value=\"describe\" />" .
                                 "<input type=\"hidden\" name=\"run\" value=\"now\" />" .
@@ -341,8 +341,8 @@ if ($action) {
                     $r2 = $resp[1]->value();
 
                     echo "<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\">\n";
-                    echo "<thead>\n<tr><th>Method</th><th>" . htmlspecialchars($method) . "</th><th>&nbsp;</th><th>&nbsp;</th></tr>\n</thead>\n<tbody>\n";
-                    $desc = htmlspecialchars($r1->scalarval());
+                    echo "<thead>\n<tr><th>Method</th><th>" . htmlspecialchars($method, ENT_COMPAT, $inputcharset) . "</th><th>&nbsp;</th><th>&nbsp;</th></tr>\n</thead>\n<tbody>\n";
+                    $desc = htmlspecialchars($r1->scalarval(), ENT_COMPAT, \PhpXmlRpc\PhpXmlRpc::$xmlrpc_internalencoding);
                     if ($desc == "") {
                         $desc = "-";
                     }
@@ -362,13 +362,16 @@ if ($action) {
                             $x = $r2->arraymem($i);
                             if ($x->kindOf() == "array") {
                                 $ret = $x->arraymem(0);
-                                echo "<code>OUT:&nbsp;" . htmlspecialchars($ret->scalarval()) . "<br />IN: (";
+                                echo "<code>OUT:&nbsp;" . htmlspecialchars($ret->scalarval(), ENT_COMPAT, \PhpXmlRpc\PhpXmlRpc::$xmlrpc_internalencoding) . "<br />IN: (";
                                 if ($x->arraysize() > 1) {
                                     for ($k = 1; $k < $x->arraysize(); $k++) {
                                         $y = $x->arraymem($k);
-                                        echo $y->scalarval();
+                                        echo htmlspecialchars($y->scalarval(), ENT_COMPAT, \PhpXmlRpc\PhpXmlRpc::$xmlrpc_internalencoding);
                                         if ($wstype != 1) {
-                                            $payload = $payload . '<param><value><' . htmlspecialchars($y->scalarval()) . '></' . htmlspecialchars($y->scalarval()) . "></value></param>\n";
+                                            $payload = $payload . '<param><value><' .
+                                                htmlspecialchars($y->scalarval(), ENT_COMPAT, \PhpXmlRpc\PhpXmlRpc::$xmlrpc_internalencoding) .
+                                                '></' . htmlspecialchars($y->scalarval(), ENT_COMPAT, \PhpXmlRpc\PhpXmlRpc::$xmlrpc_internalencoding) .
+                                                "></value></param>\n";
                                         }
                                         $alt_payload .= $y->scalarval();
                                         if ($k < $x->arraysize() - 1) {
@@ -385,28 +388,28 @@ if ($action) {
                             // button to test this method
                             //$payload="<methodCall>\n<methodName>$method</methodName>\n<params>\n$payload</params>\n</methodCall>";
                             echo "<td$class><form action=\"controller.php\" target=\"frmcontroller\" method=\"get\">" .
-                                "<input type=\"hidden\" name=\"host\" value=\"" . htmlspecialchars($host) . "\" />" .
-                                "<input type=\"hidden\" name=\"port\" value=\"" . htmlspecialchars($port) . "\" />" .
-                                "<input type=\"hidden\" name=\"path\" value=\"" . htmlspecialchars($path) . "\" />" .
-                                "<input type=\"hidden\" name=\"id\" value=\"" . htmlspecialchars($id) . "\" />" .
+                                "<input type=\"hidden\" name=\"host\" value=\"" . htmlspecialchars($host, ENT_COMPAT, $inputcharset) . "\" />" .
+                                "<input type=\"hidden\" name=\"port\" value=\"" . htmlspecialchars($port, ENT_COMPAT, $inputcharset) . "\" />" .
+                                "<input type=\"hidden\" name=\"path\" value=\"" . htmlspecialchars($path, ENT_COMPAT, $inputcharset) . "\" />" .
+                                "<input type=\"hidden\" name=\"id\" value=\"" . htmlspecialchars($id, ENT_COMPAT, $inputcharset) . "\" />" .
                                 "<input type=\"hidden\" name=\"debug\" value=\"$debug\" />" .
-                                "<input type=\"hidden\" name=\"username\" value=\"" . htmlspecialchars($username) . "\" />" .
-                                "<input type=\"hidden\" name=\"password\" value=\"" . htmlspecialchars($password) . "\" />" .
+                                "<input type=\"hidden\" name=\"username\" value=\"" . htmlspecialchars($username, ENT_COMPAT, $inputcharset) . "\" />" .
+                                "<input type=\"hidden\" name=\"password\" value=\"" . htmlspecialchars($password, ENT_COMPAT, $inputcharset) . "\" />" .
                                 "<input type=\"hidden\" name=\"authtype\" value=\"$authtype\" />" .
                                 "<input type=\"hidden\" name=\"verifyhost\" value=\"$verifyhost\" />" .
                                 "<input type=\"hidden\" name=\"verifypeer\" value=\"$verifypeer\" />" .
-                                "<input type=\"hidden\" name=\"cainfo\" value=\"" . htmlspecialchars($cainfo) . "\" />" .
-                                "<input type=\"hidden\" name=\"proxy\" value=\"" . htmlspecialchars($proxy) . "\" />" .
-                                "<input type=\"hidden\" name=\"proxyuser\" value=\"" . htmlspecialchars($proxyuser) . "\" />" .
-                                "<input type=\"hidden\" name=\"proxypwd\" value=\"" . htmlspecialchars($proxypwd) . "\" />" .
+                                "<input type=\"hidden\" name=\"cainfo\" value=\"" . htmlspecialchars($cainfo, ENT_COMPAT, $inputcharset) . "\" />" .
+                                "<input type=\"hidden\" name=\"proxy\" value=\"" . htmlspecialchars($proxy, ENT_COMPAT, $inputcharset) . "\" />" .
+                                "<input type=\"hidden\" name=\"proxyuser\" value=\"" . htmlspecialchars($proxyuser, ENT_COMPAT, $inputcharset) . "\" />" .
+                                "<input type=\"hidden\" name=\"proxypwd\" value=\"" . htmlspecialchars($proxypwd, ENT_COMPAT, $inputcharset) . "\" />" .
                                 "<input type=\"hidden\" name=\"responsecompression\" value=\"$responsecompression\" />" .
                                 "<input type=\"hidden\" name=\"requestcompression\" value=\"$requestcompression\" />" .
-                                "<input type=\"hidden\" name=\"clientcookies\" value=\"" . htmlspecialchars($clientcookies) . "\" />" .
+                                "<input type=\"hidden\" name=\"clientcookies\" value=\"" . htmlspecialchars($clientcookies, ENT_COMPAT, $inputcharset) . "\" />" .
                                 "<input type=\"hidden\" name=\"protocol\" value=\"$protocol\" />" .
-                                "<input type=\"hidden\" name=\"timeout\" value=\"" . htmlspecialchars($timeout) . "\" />" .
-                                "<input type=\"hidden\" name=\"method\" value=\"" . htmlspecialchars($method) . "\" />" .
-                                "<input type=\"hidden\" name=\"methodpayload\" value=\"" . htmlspecialchars($payload) . "\" />" .
-                                "<input type=\"hidden\" name=\"altmethodpayload\" value=\"" . htmlspecialchars($alt_payload) . "\" />" .
+                                "<input type=\"hidden\" name=\"timeout\" value=\"" . htmlspecialchars($timeout, ENT_COMPAT, $inputcharset) . "\" />" .
+                                "<input type=\"hidden\" name=\"method\" value=\"" . htmlspecialchars($method, ENT_COMPAT, $inputcharset) . "\" />" .
+                                "<input type=\"hidden\" name=\"methodpayload\" value=\"" . htmlspecialchars($payload, ENT_COMPAT, $inputcharset) . "\" />" .
+                                "<input type=\"hidden\" name=\"altmethodpayload\" value=\"" . htmlspecialchars($alt_payload, ENT_COMPAT, $inputcharset) . "\" />" .
                                 "<input type=\"hidden\" name=\"wstype\" value=\"$wstype\" />" .
                                 "<input type=\"hidden\" name=\"action\" value=\"execute\" />";
                             if ($wstype != 1) {
@@ -415,29 +418,29 @@ if ($action) {
                             echo "</form></td>\n";
 
                             echo "<td$class><form action=\"controller.php\" target=\"frmcontroller\" method=\"get\">" .
-                                "<input type=\"hidden\" name=\"host\" value=\"" . htmlspecialchars($host) . "\" />" .
-                                "<input type=\"hidden\" name=\"port\" value=\"" . htmlspecialchars($port) . "\" />" .
-                                "<input type=\"hidden\" name=\"path\" value=\"" . htmlspecialchars($path) . "\" />" .
-                                "<input type=\"hidden\" name=\"id\" value=\"" . htmlspecialchars($id) . "\" />" .
+                                "<input type=\"hidden\" name=\"host\" value=\"" . htmlspecialchars($host, ENT_COMPAT, $inputcharset) . "\" />" .
+                                "<input type=\"hidden\" name=\"port\" value=\"" . htmlspecialchars($port, ENT_COMPAT, $inputcharset) . "\" />" .
+                                "<input type=\"hidden\" name=\"path\" value=\"" . htmlspecialchars($path, ENT_COMPAT, $inputcharset) . "\" />" .
+                                "<input type=\"hidden\" name=\"id\" value=\"" . htmlspecialchars($id, ENT_COMPAT, $inputcharset) . "\" />" .
                                 "<input type=\"hidden\" name=\"debug\" value=\"$debug\" />" .
-                                "<input type=\"hidden\" name=\"username\" value=\"" . htmlspecialchars($username) . "\" />" .
-                                "<input type=\"hidden\" name=\"password\" value=\"" . htmlspecialchars($password) . "\" />" .
+                                "<input type=\"hidden\" name=\"username\" value=\"" . htmlspecialchars($username, ENT_COMPAT, $inputcharset) . "\" />" .
+                                "<input type=\"hidden\" name=\"password\" value=\"" . htmlspecialchars($password, ENT_COMPAT, $inputcharset) . "\" />" .
                                 "<input type=\"hidden\" name=\"authtype\" value=\"$authtype\" />" .
                                 "<input type=\"hidden\" name=\"verifyhost\" value=\"$verifyhost\" />" .
                                 "<input type=\"hidden\" name=\"verifypeer\" value=\"$verifypeer\" />" .
-                                "<input type=\"hidden\" name=\"cainfo\" value=\"" . htmlspecialchars($cainfo) . "\" />" .
-                                "<input type=\"hidden\" name=\"proxy\" value=\"" . htmlspecialchars($proxy) . "\" />" .
-                                "<input type=\"hidden\" name=\"proxyuser\" value=\"" . htmlspecialchars($proxyuser) . "\" />" .
-                                "<input type=\"hidden\" name=\"proxypwd\" value=\"" . htmlspecialchars($proxypwd) . "\" />" .
+                                "<input type=\"hidden\" name=\"cainfo\" value=\"" . htmlspecialchars($cainfo, ENT_COMPAT, $inputcharset) . "\" />" .
+                                "<input type=\"hidden\" name=\"proxy\" value=\"" . htmlspecialchars($proxy, ENT_COMPAT, $inputcharset) . "\" />" .
+                                "<input type=\"hidden\" name=\"proxyuser\" value=\"" . htmlspecialchars($proxyuser, ENT_COMPAT, $inputcharset) . "\" />" .
+                                "<input type=\"hidden\" name=\"proxypwd\" value=\"" . htmlspecialchars($proxypwd, ENT_COMPAT, $inputcharset) . "\" />" .
                                 "<input type=\"hidden\" name=\"responsecompression\" value=\"$responsecompression\" />" .
                                 "<input type=\"hidden\" name=\"requestcompression\" value=\"$requestcompression\" />" .
-                                "<input type=\"hidden\" name=\"clientcookies\" value=\"" . htmlspecialchars($clientcookies) . "\" />" .
+                                "<input type=\"hidden\" name=\"clientcookies\" value=\"" . htmlspecialchars($clientcookies, ENT_COMPAT, $inputcharset) . "\" />" .
                                 "<input type=\"hidden\" name=\"protocol\" value=\"$protocol\" />" .
-                                "<input type=\"hidden\" name=\"timeout\" value=\"" . htmlspecialchars($timeout) . "\" />" .
-                                "<input type=\"hidden\" name=\"method\" value=\"" . htmlspecialchars($method) . "\" />" .
+                                "<input type=\"hidden\" name=\"timeout\" value=\"" . htmlspecialchars($timeout, ENT_COMPAT, $inputcharset) . "\" />" .
+                                "<input type=\"hidden\" name=\"method\" value=\"" . htmlspecialchars($method, ENT_COMPAT, $inputcharset) . "\" />" .
                                 "<input type=\"hidden\" name=\"methodsig\" value=\"" . $i . "\" />" .
-                                "<input type=\"hidden\" name=\"methodpayload\" value=\"" . htmlspecialchars($payload) . "\" />" .
-                                "<input type=\"hidden\" name=\"altmethodpayload\" value=\"" . htmlspecialchars($alt_payload) . "\" />" .
+                                "<input type=\"hidden\" name=\"methodpayload\" value=\"" . htmlspecialchars($payload, ENT_COMPAT, $inputcharset) . "\" />" .
+                                "<input type=\"hidden\" name=\"altmethodpayload\" value=\"" . htmlspecialchars($alt_payload, ENT_COMPAT, $inputcharset) . "\" />" .
                                 "<input type=\"hidden\" name=\"wstype\" value=\"$wstype\" />" .
                                 "<input type=\"hidden\" name=\"run\" value=\"now\" />" .
                                 "<input type=\"hidden\" name=\"action\" value=\"wrap\" />" .

diff --git a/debugger/controller.php b/debugger/controller.php
index 6051f92..e58d2a4 100644 (file)
--- a/debugger/controller.php
+++ b/debugger/controller.php
@@ -12,6 +12,9 @@
  * @todo add http no-cache headers
  **/
 
+// make sure we set the correct charset type for output, so that we can display all characters
+//header('Content-Type: text/html; charset=utf-8');
+
 include __DIR__ . '/common.php';
 if ($action == '') {
     $action = 'list';
@@ -235,12 +238,12 @@ $editorlibs = '../../phpjsrpc/lib/';
         <tr>
             <td><h2>Target server</h2></td>
             <td class="labelcell">Address:</td>
-            <td><input type="text" name="host" value="<?php echo htmlspecialchars($host); ?>"/></td>
+            <td><input type="text" name="host" value="<?php echo htmlspecialchars($host, ENT_COMPAT, $inputcharset); ?>"/></td>
             <td class="labelcell">Port:</td>
-            <td><input type="text" name="port" value="<?php echo htmlspecialchars($port); ?>" size="5" maxlength="5"/>
+            <td><input type="text" name="port" value="<?php echo htmlspecialchars($port, ENT_COMPAT, $inputcharset); ?>" size="5" maxlength="5"/>
             </td>
             <td class="labelcell">Path:</td>
-            <td><input type="text" name="path" value="<?php echo htmlspecialchars($path); ?>"/></td>
+            <td><input type="text" name="path" value="<?php echo htmlspecialchars($path, ENT_COMPAT, $inputcharset); ?>"/></td>
         </tr>
     </table>
 
@@ -253,18 +256,18 @@ $editorlibs = '../../phpjsrpc/lib/';
             <td>Generate stub for method call<input type="radio" name="action" value="wrap"<?php if ($action == 'wrap') { echo ' checked="checked"'; } ?> onclick="switchaction();"/></td>
         </tr>
     </table>
-    <input type="hidden" name="methodsig" value="<?php echo htmlspecialchars($methodsig); ?>"/>
+    <input type="hidden" name="methodsig" value="<?php echo htmlspecialchars($methodsig, ENT_COMPAT, $inputcharset); ?>"/>
 
     <table id="methodblock">
         <tr>
             <td><h2>Method</h2></td>
             <td class="labelcell">Name:</td>
-            <td><input type="text" name="method" value="<?php echo htmlspecialchars($method); ?>"/></td>
+            <td><input type="text" name="method" value="<?php echo htmlspecialchars($method, ENT_COMPAT, $inputcharset); ?>"/></td>
             <td class="labelcell">Payload:<br/>
                 <div id="methodpayloadbtn"></div>
             </td>
-            <td><textarea id="methodpayload" name="methodpayload" rows="1" cols="40"><?php echo htmlspecialchars($payload); ?></textarea></td>
-            <td class="labelcell" id="idcell">Msg id: <input type="text" name="id" size="3" value="<?php echo htmlspecialchars($id); ?>"/></td>
+            <td><textarea id="methodpayload" name="methodpayload" rows="1" cols="40"><?php echo htmlspecialchars($payload, ENT_COMPAT, $inputcharset); ?></textarea></td>
+            <td class="labelcell" id="idcell">Msg id: <input type="text" name="id" size="3" value="<?php echo htmlspecialchars($id, ENT_COMPAT, $inputcharset); ?>"/></td>
             <td><input type="hidden" name="wstype" value="<?php echo $wstype; ?>"/>
                 <input type="submit" value="Execute" onclick="return verifyserver();"/></td>
         </tr>
@@ -292,9 +295,9 @@ $editorlibs = '../../phpjsrpc/lib/';
         <tr>
             <td class="labelcell">AUTH:</td>
             <td class="labelcell">Username:</td>
-            <td><input type="text" name="username" value="<?php echo htmlspecialchars($username); ?>"/></td>
+            <td><input type="text" name="username" value="<?php echo htmlspecialchars($username, ENT_COMPAT, $inputcharset); ?>"/></td>
             <td class="labelcell">Pwd:</td>
-            <td><input type="password" name="password" value="<?php echo htmlspecialchars($password); ?>"/></td>
+            <td><input type="password" name="password" value="<?php echo htmlspecialchars($password, ENT_COMPAT, $inputcharset); ?>"/></td>
             <td class="labelcell">Type</td>
             <td><select name="authtype">
                     <option value="1"<?php if ($authtype == 1) { echo ' selected="selected"'; } ?>>Basic</option>
@@ -314,16 +317,16 @@ $editorlibs = '../../phpjsrpc/lib/';
             <td class="labelcell">Verify Cert:</td>
             <td><input type="checkbox" value="1" name="verifypeer" onclick="swicthcainfo();"<?php if ($verifypeer) { echo ' checked="checked"'; } ?> /></td>
             <td class="labelcell">CA Cert file:</td>
-            <td><input type="text" name="cainfo" value="<?php echo htmlspecialchars($cainfo); ?>"/></td>
+            <td><input type="text" name="cainfo" value="<?php echo htmlspecialchars($cainfo, ENT_COMPAT, $inputcharset); ?>"/></td>
         </tr>
         <tr>
             <td class="labelcell">PROXY:</td>
             <td class="labelcell">Server:</td>
-            <td><input type="text" name="proxy" value="<?php echo htmlspecialchars($proxy); ?>"/></td>
+            <td><input type="text" name="proxy" value="<?php echo htmlspecialchars($proxy, ENT_COMPAT, $inputcharset); ?>"/></td>
             <td class="labelcell">Proxy user:</td>
-            <td><input type="text" name="proxyuser" value="<?php echo htmlspecialchars($proxyuser); ?>"/></td>
+            <td><input type="text" name="proxyuser" value="<?php echo htmlspecialchars($proxyuser, ENT_COMPAT, $inputcharset); ?>"/></td>
             <td class="labelcell">Proxy pwd:</td>
-            <td><input type="password" name="proxypwd" value="<?php echo htmlspecialchars($proxypwd); ?>"/></td>
+            <td><input type="password" name="proxypwd" value="<?php echo htmlspecialchars($proxypwd, ENT_COMPAT, $inputcharset); ?>"/></td>
         </tr>
         <tr>
             <td class="labelcell">COMPRESSION:</td>
@@ -344,7 +347,7 @@ $editorlibs = '../../phpjsrpc/lib/';
         </tr>
         <tr>
             <td class="labelcell">COOKIES:</td>
-            <td colspan="4" class="labelcell"><input type="text" name="clientcookies" size="80" value="<?php echo htmlspecialchars($clientcookies); ?>"/></td>
+            <td colspan="4" class="labelcell"><input type="text" name="clientcookies" size="80" value="<?php echo htmlspecialchars($clientcookies, ENT_COMPAT, $inputcharset); ?>"/></td>
             <td colspan="2">Format: 'cookie1=value1, cookie2=value2'</td>
         </tr>
     </table>