Summary:
munge_string_to_url doesn't elliminate all bad characters
Detailed Description:
Lines 1071 and 1072 in lib/misc.functions.php (cmsms v. 1.3.1) look like this:
include(dirname(__FILE__) . '/replacement.php');
$alias = str_replace($toreplace, $replacement, $alias);
They replace certain characters that aren't allowed in URL's with their ASCII
equivalents. However, this mechanism doesn't really take into account all
possible characters (in fact, it only checks a small subset of unicode). For
example, it ignores curly quotes, and if these happen to be used in News titles,
you get an invalid RSS feed in result.
My suggestion is to use iconv() here, like this:
$alias = iconv('UTF-8', 'ASCII//TRANSLIT', $alias);
it effectively replaces all accented latin characters and symbols like curly
quotes and longer dashes with their ASCII equivalents.
However, it seems like iconv() doesn't know how to translit Cyrillic, Greek and,
most probably, other non-latin characters, and it stops processing the string
immediately after first such character occurs. Thus, str_replace and
replacement.php is still probably needed, but it should focus on non-latin
characters.