From 0de207a9726a2b8390dabb12096c8d21b4ee09ca Mon Sep 17 00:00:00 2001
From: Christian Schneider
Date: Fri, 5 Jun 2009 16:25:24 +0000
Subject: Properly handle single quotes in URL in U()

---
 it_html.class | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'it_html.class')

diff --git a/it_html.class b/it_html.class
index b526bcf..9216615 100644
--- a/it_html.class
+++ b/it_html.class
@@ -437,7 +437,7 @@ function u(/* ... */)
 		$base = $_SERVER['PHP_SELF'];
 
 	$base = preg_replace('|\0|', '', $base);
-	$base = preg_replace('|[^\w.+!*(),:?@&=/~$-]|e', 'urlencode("$0")', $base);
+	$base = preg_replace('|[^\w.+!*(),:?@&=/~$-]|e', 'urlencode(stripslashes("$0"))', $base);	# Single quotes are escaped with slash by preg_replace, remove it for urlencode
 	$base = preg_replace('|^(\w+:)?//[^/]*$|', '$0/', $base);	# Add slash if absolute url without a path, e.g. http://gna.ch
 	$queryparams = it_url::params($params);
 	$separator = strpos($base, "?") === false ? "?" : "&";
-- 
cgit v1.2.3