From 453c3e8b00adc483c993d362fb024896071a3c35 Mon Sep 17 00:00:00 2001
From: Fabien Potencier <fabien.potencier@gmail.com>
Date: Tue, 30 Aug 2011 07:35:55 +0200
Subject: [PATCH] added better support for encoding problems when escaping a string (available as of PHP 5.4)

From the PHP CHANGELOG:

The flag ENT_SUBSTITUTE makes invalid multibyte sequences be replaced by
U+FFFD (UTF-8) or &#FFFD; by htmlspecialchars and htmlentities. It is an
alternative to the default behavior, which just returns an empty string and to
ENT_IGNORE, which is a security risk. The behavior follows the recommendations
of Unicode Technical Report #36.
---
 CHANGELOG                   |    1 +
 lib/Twig/Extension/Core.php |    6 +++++-
 2 files changed, 6 insertions(+), 1 deletions(-)

diff --git a/CHANGELOG b/CHANGELOG
index 1162cfa..829d765 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,5 +1,6 @@
 * 1.2.0
 
+ * added better support for encoding problems when escaping a string (available as of PHP 5.4)
  * added a way to ignore a missing template when using the "include" tag ({% include "foo" ignore missing %})
  * added support for an array of templates to the "include" and "extends" tags ({% include ['foo', 'bar'] %})
  * added support for bitwise operators in expressions
diff --git a/lib/Twig/Extension/Core.php b/lib/Twig/Extension/Core.php
index e5ec316..f41e860 100644
--- a/lib/Twig/Extension/Core.php
+++ b/lib/Twig/Extension/Core.php
@@ -1,5 +1,9 @@
 <?php
 
+if (!defined('ENT_SUBSTITUTE')) {
+    define('ENT_SUBSTITUTE', 8);
+}
+
 /*
  * This file is part of Twig.
  *
@@ -504,7 +508,7 @@ function twig_escape_filter(Twig_Environment $env, $string, $type = 'html', $cha
             return $string;
 
         case 'html':
-            return htmlspecialchars($string, ENT_QUOTES, $charset);
+            return htmlspecialchars($string, ENT_QUOTES | ENT_SUBSTITUTE, $charset);
 
         default:
             throw new Twig_Error_Runtime(sprintf('Invalid escape type "%s".', $type));
-- 
1.7.2.5