Skip to content

Commit

Permalink
remove needless line of code
Browse files Browse the repository at this point in the history 
as pointed out by maurymmarques, in pull request 126
  • Loading branch information
@AD7six
AD7six committed Jun 22, 2011
1 parent 694819c commit 26aeb11
Showing 1 changed file with 0 additions and 2 deletions.
2 changes: 0 additions & 2 deletions lib/Cake/Utility/Sanitize.php
View file
Expand Up @@ -243,8 +243,6 @@ public static function clean($data, $options = array()) {
$data = str_replace("\r", "", $data);
}

$data = str_replace("'", "'", str_replace("!", "!", $data));

This comment has been minimized.

Sign in to view

Copy link
@josegonzalez

josegonzalez Jun 22, 2011

Member

I know this is going to notify all the committers, but why was this line needed in the first place?

This comment has been minimized.

Sign in to view

Copy link
@AD7six

AD7six Jun 22, 2011

Author Member

Multiple choice

  • I doubt it ever was needed.
  • It was trying to replace {looks like '} with {'} but they are infact the same charcode
  • some malicious attempt to write code that looks a bit like a pair of bums

This comment has been minimized.

Sign in to view

Copy link
@markstory

markstory Jun 22, 2011

Member

I think in the far distant past ! allowed you to bypass sql escaping, but that died long ago.

if ($options['unicode']) {
$data = preg_replace("/&#([0-9]+);/s", "&#\\1;", $data);
}
Expand Down

0 comments on commit 26aeb11

Please sign in to comment.