diff options
| author | Christian Schneider | 2009-06-05 16:25:24 +0000 |
|---|---|---|
| committer | Christian Schneider | 2009-06-05 16:25:24 +0000 |
| commit | 0de207a9726a2b8390dabb12096c8d21b4ee09ca (patch) | |
| tree | bce04f97753c8fa1d098c187d14e190a54dbe6b4 /it_html.class | |
| parent | b7369933d3a0f6f7c6848e352f45e4385a73bfde (diff) | |
| download | itools-0de207a9726a2b8390dabb12096c8d21b4ee09ca.tar.gz itools-0de207a9726a2b8390dabb12096c8d21b4ee09ca.tar.bz2 itools-0de207a9726a2b8390dabb12096c8d21b4ee09ca.zip | |
Properly handle single quotes in URL in U()
Diffstat (limited to 'it_html.class')
| -rw-r--r-- | it_html.class | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/it_html.class b/it_html.class index b526bcf..9216615 100644 --- a/it_html.class +++ b/it_html.class @@ -437,7 +437,7 @@ function u(/* ... */) $base = $_SERVER['PHP_SELF']; $base = preg_replace('|\0|', '', $base); - $base = preg_replace('|[^\w.+!*(),:?@&=/~$-]|e', 'urlencode("$0")', $base); + $base = preg_replace('|[^\w.+!*(),:?@&=/~$-]|e', 'urlencode(stripslashes("$0"))', $base); # Single quotes are escaped with slash by preg_replace, remove it for urlencode $base = preg_replace('|^(\w+:)?//[^/]*$|', '$0/', $base); # Add slash if absolute url without a path, e.g. http://gna.ch $queryparams = it_url::params($params); $separator = strpos($base, "?") === false ? "?" : "&"; |