htmlspecialchars() expects parameter 1 :ERROR

Error reports PHP Warning:  htmlspecialchars() expects parameter 1 to be string, array given in /home/xxxxxxxx/public_html/xxxxxxxxx/inc/utils.inc.php on line 247

I thought it was just my site until i google it and lots of other sites have it.

http://www.boonex.us/search.php?search_result_mode=ext&DateOfBirth%5B0%5D=26&DateOfBirth%5B1%5D=65&Sex%5B0%5D=female&res_per_page=20&page=8

http://mundoliberal.es/d/search.php?LookingFor%5B0%5D=male&Sex%5B0%5D=male&DateOfBirth%5B0%5D=20&DateOfBirth%5B1%5D=34&res_per_page=10&page=10

http://chatizens.com/search.php?search_result_mode=ext&LookingFor%5B0%5D=male&Sex%5B0%5D=male&DateOfBirth%5B0%5D=19&DateOfBirth%5B1%5D=65&res_per_page=10&page=40

This is the function in inc/utils.inc.php

function htmlspecialchars_adv( $string ) {
    return htmlspecialchars($string, ENT_COMPAT, 'UTF-8');
    
    /*
 $patterns = array( "/(?!&#\d{2,};)&/m", "/>/m", "/</m", "/\"/m", "/'/m" );
 $replaces = array( "&amp;", "&gt;", "&lt;", "&quot;", "&#039;" );
 return preg_replace( $patterns, $replaces, $string );
 */
}

Where is the function for htmlspecialchars?

The search seems to be working. Just tired of deleting the error_log everyday.

Thanks in advanced if anyone can fix this.

When filling out the form normally that error does not occur.

All of those links you provided have values passed to the search.php script that are not normal. If you pass those same values to any dolphin site, it will produce that warning. Perhaps web crawlers are doing it or someone is attempting to do some kind of injection via the url by passing invalid values.

In anycase, it's a bug. The script is not properly cleaning up the url.

But you can get rid of the warning.

Change the function you mentioned and add what i have marked in green.

function htmlspecialchars_adv( $string ) {
return htmlspecialchars((string)$string, ENT_COMPAT, 'UTF-8');

That will force php to treat it as a string. This should be considered a temporary solution until boonex provides a fix.

Thank you, Deano

No more error_log for that one.