Skip to content
This repository
Browse code

Fixes #1184 - added elgg_format_url() for handling ampersands in urls

git-svn-id: http://code.elgg.org/elgg/trunk@5603 36083f99-b078-4883-b0ff-0f9b5a30f544
  • Loading branch information...
commit 119bdcadae3fccb26ead25796bf8a352e314efd7 1 parent dec5ccf
Cash Costello authored April 03, 2010
1  CHANGES.txt
@@ -6,6 +6,7 @@ Version 1.8.0
6 6
  Generic API changes:
7 7
   * Added elgg_instanceof().
8 8
   * Added remove_subtype() and update_subtype().
  9
+  * Added elgg_format_url()
9 10
 
10 11
  UI/UX API changes:
11 12
   * Added elgg_push_breadcrumb(), elgg_pop_breadcrumb(), and elgg_get_breadcrumbs().
13  engine/lib/elgglib.php
@@ -2599,6 +2599,17 @@ public function countObjects($subtype = "");
2599 2599
 }
2600 2600
 
2601 2601
 /**
  2602
+ * Handles formatting of ampersands in urls
  2603
+ * 
  2604
+ * @param string $url
  2605
+ * @return string
  2606
+ * @since 1.8
  2607
+ */
  2608
+function elgg_format_url($url) {
  2609
+	return preg_replace('/&(?!amp;)/', '&', $url);
  2610
+}
  2611
+
  2612
+/**
2602 2613
  * Rebuilds a parsed (partial) URL
2603 2614
  *
2604 2615
  * @param array $parts Associative array of URL components like parse_url() returns
@@ -2615,7 +2626,7 @@ function elgg_http_build_url(array $parts) {
2615 2626
 
2616 2627
 	$string = $scheme . $host . $port . $path . $query;
2617 2628
 
2618  
-	return $string;
  2629
+	return elgg_format_url($string);
2619 2630
 }
2620 2631
 
2621 2632
 
3  views/default/admin/plugins.php
@@ -15,7 +15,8 @@
15 15
 
16 16
 // Page Header elements
17 17
 $title = elgg_view_title(elgg_echo('admin:plugins'));
18  
-$buttons = "<a class='action_button' href=\"{$CONFIG->url}action/admin/plugins/enableall?__elgg_token=$token&__elgg_ts=$ts\">".elgg_echo('enableall')."</a>  <a class='action_button disabled' href=\"{$CONFIG->url}action/admin/plugins/disableall?__elgg_token=$token&__elgg_ts=$ts\">".elgg_echo('disableall')."</a> ";
  18
+$buttons = "<a class='action_button' href=\"{$CONFIG->url}action/admin/plugins/enableall?__elgg_token=$token&amp;__elgg_ts=$ts\">".elgg_echo('enableall')."</a>";
  19
+$buttons .= "<a class='action_button disabled' href=\"{$CONFIG->url}action/admin/plugins/disableall?__elgg_token=$token&amp;__elgg_ts=$ts\">".elgg_echo('disableall')."</a> ";
19 20
 
20 21
 // construct page header
21 22
 ?>
35  views/default/admin/plugins_opt/plugin.php
@@ -30,26 +30,37 @@
30 30
 	<div class="admin_plugin_reorder">
31 31
 <?php
32 32
 			if ($vars['order'] > 10) {
  33
+				$top_url = "{$vars['url']}action/admin/plugins/reorder?plugin={$plugin}&order=1&__elgg_token=$token&__elgg_ts=$ts";
  34
+				$order = $vars['order'] - 11;
  35
+				$up_url = "{$vars['url']}action/admin/plugins/reorder?plugin={$plugin}&order=$order&__elgg_token=$token&__elgg_ts=$ts";
33 36
 ?>
34  
-			<a href="<?php echo $vars['url']; ?>action/admin/plugins/reorder?plugin=<?php echo $plugin; ?>&order=1&__elgg_token=<?php echo $token; ?>&__elgg_ts=<?php echo $ts; ?>"><?php echo elgg_echo("top"); ?></a>
35  
-			<a href="<?php echo $vars['url']; ?>action/admin/plugins/reorder?plugin=<?php echo $plugin; ?>&order=<?php echo $vars['order'] - 11; ?>&__elgg_token=<?php echo $token; ?>&__elgg_ts=<?php echo $ts; ?>"><?php echo elgg_echo("up"); ?></a>
  37
+			<a href="<?php echo elgg_format_url($top_url); ?>"><?php echo elgg_echo("top"); ?></a>
  38
+			<a href="<?php echo elgg_format_url($up_url); ?>"><?php echo elgg_echo("up"); ?></a>
36 39
 <?php
37 40
 			}
38 41
 		?>
39 42
 		<?php
40 43
 			if ($vars['order'] < $vars['maxorder']) {
  44
+				$order =  $vars['order'] + 11;
  45
+				$down_url = "{$vars['url']}action/admin/plugins/reorder?plugin={$plugin}&order=$order&__elgg_token=$token&__elgg_ts=$ts";
  46
+				$order = $vars['maxorder'] + 11;
  47
+				$bottom_url = "{$vars['url']}action/admin/plugins/reorder?plugin={$plugin}&order=$order&__elgg_token=$token&__elgg_ts=$ts";
41 48
 ?>
42  
-			<a href="<?php echo $vars['url']; ?>action/admin/plugins/reorder?plugin=<?php echo $plugin; ?>&order=<?php echo $vars['order'] + 11; ?>&__elgg_token=<?php echo $token; ?>&__elgg_ts=<?php echo $ts; ?>"><?php echo elgg_echo("down"); ?></a>
43  
-			<a href="<?php echo $vars['url']; ?>action/admin/plugins/reorder?plugin=<?php echo $plugin; ?>&order=<?php echo $vars['maxorder'] + 11; ?>&__elgg_token=<?php echo $token; ?>&__elgg_ts=<?php echo $ts; ?>"><?php echo elgg_echo("bottom"); ?></a>
  49
+			<a href="<?php echo elgg_format_url($down_url); ?>"><?php echo elgg_echo("down"); ?></a>
  50
+			<a href="<?php echo elgg_format_url($bottom_url); ?>"><?php echo elgg_echo("bottom"); ?></a>
44 51
 <?php
45 52
 			}
46 53
 		?>
47 54
 	</div><div class="clearfloat"></div>
48 55
 	<div class="admin_plugin_enable_disable">
49  
-		<?php if ($active) { ?>
50  
-			<a class="cancel_button" href="<?php echo $vars['url']; ?>action/admin/plugins/disable?plugin=<?php echo $plugin; ?>&__elgg_token=<?php echo $token; ?>&__elgg_ts=<?php echo $ts; ?>"><?php echo elgg_echo("disable"); ?></a>
51  
-		<?php } else { ?>
52  
-			<a class="submit_button" href="<?php echo $vars['url']; ?>action/admin/plugins/enable?plugin=<?php echo $plugin; ?>&__elgg_token=<?php echo $token; ?>&__elgg_ts=<?php echo $ts; ?>"><?php echo elgg_echo("enable"); ?></a>
  56
+		<?php if ($active) {
  57
+			$url = "{$vars['url']}action/admin/plugins/disable?plugin=$plugin&__elgg_token=$token&__elgg_ts=$ts";
  58
+		?>
  59
+			<a class="cancel_button" href="<?php echo elgg_format_url($url); ?>"><?php echo elgg_echo("disable"); ?></a>
  60
+		<?php } else { 
  61
+			$url = "{$vars['url']}action/admin/plugins/enable?plugin=$plugin&__elgg_token=$token&__elgg_ts=$ts";
  62
+		?>
  63
+			<a class="submit_button" href="<?php echo elgg_format_url($url); ?>"><?php echo elgg_echo("enable"); ?></a>
53 64
 		<?php } ?>
54 65
 	</div>
55 66
 
@@ -90,10 +101,10 @@
90 101
 			?>
91 102
 		</div>
92 103
 		<?php } ?>
93  
-		<div><?php echo elgg_echo('admin:plugins:label:version') . ": ". $manifest['version'] ?></div>
94  
-		<div><?php echo elgg_echo('admin:plugins:label:author') . ": ". $manifest['author'] ?></div>
95  
-		<div><?php echo elgg_echo('admin:plugins:label:copyright') . ": ". $manifest['copyright'] ?></div>
96  
-		<div><?php echo elgg_echo('admin:plugins:label:licence') . ": ". $manifest['licence'] . $manifest['license'] ?></div>
  104
+		<div><?php echo elgg_echo('admin:plugins:label:version') . ": ". htmlspecialchars($manifest['version']) ?></div>
  105
+		<div><?php echo elgg_echo('admin:plugins:label:author') . ": ". htmlspecialchars($manifest['author']) ?></div>
  106
+		<div><?php echo elgg_echo('admin:plugins:label:copyright') . ": ". htmlspecialchars($manifest['copyright']) ?></div>
  107
+		<div><?php echo elgg_echo('admin:plugins:label:licence') . ": ". htmlspecialchars($manifest['licence'] . $manifest['license']) ?></div>
97 108
 		<div><?php echo elgg_echo('admin:plugins:label:website') . ": "; ?><a href="<?php echo $manifest['website']; ?>"><?php echo $manifest['website']; ?></a></div>
98 109
 	<?php } ?>
99 110
 

0 notes on commit 119bdca

Please sign in to comment.
Something went wrong with that request. Please try again.