diff options
| author | Tristan Darricau <github@nicofuma.fr> | 2014-11-07 11:10:03 +0100 |
|---|---|---|
| committer | Tristan Darricau <github@nicofuma.fr> | 2014-11-07 11:10:03 +0100 |
| commit | a1b58d05d158ff7afd789c1b27821e17198f8d58 (patch) | |
| tree | 41c5955e720b462173e78fed5c18c18057e0b62b /phpBB/phpbb/session.php | |
| parent | 0e772afb9db640e54e84cfccaddcf74f3edbb3fb (diff) | |
| parent | f432193e0789f0182741d1b4a38a8c4cd86dfba4 (diff) | |
| download | forums-a1b58d05d158ff7afd789c1b27821e17198f8d58.tar forums-a1b58d05d158ff7afd789c1b27821e17198f8d58.tar.gz forums-a1b58d05d158ff7afd789c1b27821e17198f8d58.tar.bz2 forums-a1b58d05d158ff7afd789c1b27821e17198f8d58.tar.xz forums-a1b58d05d158ff7afd789c1b27821e17198f8d58.zip | |
Merge pull request #3107 from marc1706/ticket/13280
[ticket/13280] Properly format the current page and add sanitizer to tests
* marc1706/ticket/13280:
[ticket/13280] Remove unneeded str_replace in build_url()
[ticket/13280] Only run sanitizer for server superglobal and modify tests
[ticket/13280] Seperate server sanitizer call and add comment
[ticket/13280] Add additional sanitizer for ampersands in server superglobal
[ticket/13280] Correctly format user page for build_url()
[ticket/13280] Properly format the current page and add sanitizer to tests
Diffstat (limited to 'phpBB/phpbb/session.php')
| -rw-r--r-- | phpBB/phpbb/session.php | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/phpBB/phpbb/session.php b/phpBB/phpbb/session.php index 14b4c63207..a06ff9c594 100644 --- a/phpBB/phpbb/session.php +++ b/phpBB/phpbb/session.php @@ -43,7 +43,7 @@ class session // First of all, get the request uri... $script_name = $symfony_request->getScriptName(); - $args = explode('&', $symfony_request->getQueryString()); + $args = explode('&', $symfony_request->getQueryString()); // If we are unable to get the script name we use REQUEST_URI as a failover and note it within the page array for easier support... if (!$script_name) @@ -61,8 +61,8 @@ class session // Since some browser do not encode correctly we need to do this with some "special" characters... // " -> %22, ' => %27, < -> %3C, > -> %3E - $find = array('"', "'", '<', '>'); - $replace = array('%22', '%27', '%3C', '%3E'); + $find = array('"', "'", '<', '>', '"', '<', '>'); + $replace = array('%22', '%27', '%3C', '%3E', '%22', '%3C', '%3E'); foreach ($args as $key => $argument) { |