diff options
| author | David King <imkingdavid@gmail.com> | 2012-11-18 15:58:47 -0500 |
|---|---|---|
| committer | David King <imkingdavid@gmail.com> | 2012-11-18 15:58:47 -0500 |
| commit | e2bf66d0658ae7d7bb253083b73d5769c117746a (patch) | |
| tree | baa3b0acb61bfa81f30dd0159964fe9a764c2302 | |
| parent | 0f4f81b0966e29b5aaae5bf94e46260474ec0cb2 (diff) | |
| download | forums-e2bf66d0658ae7d7bb253083b73d5769c117746a.tar forums-e2bf66d0658ae7d7bb253083b73d5769c117746a.tar.gz forums-e2bf66d0658ae7d7bb253083b73d5769c117746a.tar.bz2 forums-e2bf66d0658ae7d7bb253083b73d5769c117746a.tar.xz forums-e2bf66d0658ae7d7bb253083b73d5769c117746a.zip | |
[feature/controller] Add documentation about input being HTML-escaped
PHPBB3-10864
| -rw-r--r-- | phpBB/includes/functions.php | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 820d96c9aa..cdc05ca649 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -5436,6 +5436,9 @@ function phpbb_to_numeric($input) /** * Create a Symfony Request object from a given URI and phpbb_request object * +* Note that everything passed into the Request object has already been HTML +* escaped by the phpbb_request object. +* * @param string $uri Request URI * @param phpbb_request $request Request object * @return Request A Symfony Request object |