always use charset config item
diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php
index d9305c0..130daee 100644
--- a/system/helpers/form_helper.php
+++ b/system/helpers/form_helper.php
@@ -642,11 +642,8 @@
{
return $str;
}
-
- $str = htmlspecialchars($str);
-
- // In case htmlspecialchars misses these.
- $str = str_replace(array("'", '"'), array("'", """), $str);
+
+ $str = html_escape($str);
if ($field_name != '')
{
diff --git a/system/helpers/typography_helper.php b/system/helpers/typography_helper.php
index 19b4eec..0bb0938 100644
--- a/system/helpers/typography_helper.php
+++ b/system/helpers/typography_helper.php
@@ -82,9 +82,12 @@
*/
if ( ! function_exists('entity_decode'))
{
- function entity_decode($str, $charset='UTF-8')
+ function entity_decode($str, $charset = NULL)
{
global $SEC;
+
+ if (empty($charset)) $charset = config_item('charset');
+
return $SEC->entity_decode($str, $charset);
}
}