[feature/controller] Add documentation about input being HTML-escaped

PHPBB3-10864
author: David King <imkingdavid@gmail.com> 2012-11-18 15:58:47 -0500
committer: David King <imkingdavid@gmail.com> 2012-11-18 15:58:47 -0500
commit: e2bf66d0658ae7d7bb253083b73d5769c117746a (patch)
tree: baa3b0acb61bfa81f30dd0159964fe9a764c2302 /phpBB/includes
parent: 0f4f81b0966e29b5aaae5bf94e46260474ec0cb2 (diff)
download: forums-e2bf66d0658ae7d7bb253083b73d5769c117746a.tar
forums-e2bf66d0658ae7d7bb253083b73d5769c117746a.tar.gz
forums-e2bf66d0658ae7d7bb253083b73d5769c117746a.tar.bz2
forums-e2bf66d0658ae7d7bb253083b73d5769c117746a.tar.xz
forums-e2bf66d0658ae7d7bb253083b73d5769c117746a.zip
1 files changed, 3 insertions, 0 deletions
diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php
index 820d96c9aa..cdc05ca649 100644
--- a/phpBB/includes/functions.php
+++ b/phpBB/includes/functions.php
@@ -5436,6 +5436,9 @@ function phpbb_to_numeric($input)
 /**
 * Create a Symfony Request object from a given URI and phpbb_request object
 *
+* Note that everything passed into the Request object has already been HTML
+* escaped by the phpbb_request object.
+*
 * @param string $uri Request URI
 * @param phpbb_request $request Request object
 * @return Request A Symfony Request object
author	David King <imkingdavid@gmail.com>	2012-11-18 15:58:47 -0500
committer	David King <imkingdavid@gmail.com>	2012-11-18 15:58:47 -0500
commit	e2bf66d0658ae7d7bb253083b73d5769c117746a (patch)
tree	baa3b0acb61bfa81f30dd0159964fe9a764c2302 /phpBB/includes
parent	0f4f81b0966e29b5aaae5bf94e46260474ec0cb2 (diff)
download	forums-e2bf66d0658ae7d7bb253083b73d5769c117746a.tar forums-e2bf66d0658ae7d7bb253083b73d5769c117746a.tar.gz forums-e2bf66d0658ae7d7bb253083b73d5769c117746a.tar.bz2 forums-e2bf66d0658ae7d7bb253083b73d5769c117746a.tar.xz forums-e2bf66d0658ae7d7bb253083b73d5769c117746a.zip