Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Fixes #1184 - added elgg_format_url() for handling ampersands in urls

git-svn-id: http://code.elgg.org/elgg/trunk@5603 36083f99-b078-4883-b0ff-0f9b5a30f544
  • Loading branch information...
commit 119bdcadae3fccb26ead25796bf8a352e314efd7 1 parent dec5ccf
@cash cash authored
View
1  CHANGES.txt
@@ -6,6 +6,7 @@ Version 1.8.0
Generic API changes:
* Added elgg_instanceof().
* Added remove_subtype() and update_subtype().
+ * Added elgg_format_url()
UI/UX API changes:
* Added elgg_push_breadcrumb(), elgg_pop_breadcrumb(), and elgg_get_breadcrumbs().
View
13 engine/lib/elgglib.php
@@ -2599,6 +2599,17 @@ public function countObjects($subtype = "");
}
/**
+ * Handles formatting of ampersands in urls
+ *
+ * @param string $url
+ * @return string
+ * @since 1.8
+ */
+function elgg_format_url($url) {
+ return preg_replace('/&(?!amp;)/', '&', $url);
+}
+
+/**
* Rebuilds a parsed (partial) URL
*
* @param array $parts Associative array of URL components like parse_url() returns
@@ -2615,7 +2626,7 @@ function elgg_http_build_url(array $parts) {
$string = $scheme . $host . $port . $path . $query;
- return $string;
+ return elgg_format_url($string);
}
View
3  views/default/admin/plugins.php
@@ -15,7 +15,8 @@
// Page Header elements
$title = elgg_view_title(elgg_echo('admin:plugins'));
-$buttons = "<a class='action_button' href=\"{$CONFIG->url}action/admin/plugins/enableall?__elgg_token=$token&__elgg_ts=$ts\">".elgg_echo('enableall')."</a> <a class='action_button disabled' href=\"{$CONFIG->url}action/admin/plugins/disableall?__elgg_token=$token&__elgg_ts=$ts\">".elgg_echo('disableall')."</a> ";
+$buttons = "<a class='action_button' href=\"{$CONFIG->url}action/admin/plugins/enableall?__elgg_token=$token&amp;__elgg_ts=$ts\">".elgg_echo('enableall')."</a>";
+$buttons .= "<a class='action_button disabled' href=\"{$CONFIG->url}action/admin/plugins/disableall?__elgg_token=$token&amp;__elgg_ts=$ts\">".elgg_echo('disableall')."</a> ";
// construct page header
?>
View
35 views/default/admin/plugins_opt/plugin.php
@@ -30,26 +30,37 @@
<div class="admin_plugin_reorder">
<?php
if ($vars['order'] > 10) {
+ $top_url = "{$vars['url']}action/admin/plugins/reorder?plugin={$plugin}&order=1&__elgg_token=$token&__elgg_ts=$ts";
+ $order = $vars['order'] - 11;
+ $up_url = "{$vars['url']}action/admin/plugins/reorder?plugin={$plugin}&order=$order&__elgg_token=$token&__elgg_ts=$ts";
?>
- <a href="<?php echo $vars['url']; ?>action/admin/plugins/reorder?plugin=<?php echo $plugin; ?>&order=1&__elgg_token=<?php echo $token; ?>&__elgg_ts=<?php echo $ts; ?>"><?php echo elgg_echo("top"); ?></a>
- <a href="<?php echo $vars['url']; ?>action/admin/plugins/reorder?plugin=<?php echo $plugin; ?>&order=<?php echo $vars['order'] - 11; ?>&__elgg_token=<?php echo $token; ?>&__elgg_ts=<?php echo $ts; ?>"><?php echo elgg_echo("up"); ?></a>
+ <a href="<?php echo elgg_format_url($top_url); ?>"><?php echo elgg_echo("top"); ?></a>
+ <a href="<?php echo elgg_format_url($up_url); ?>"><?php echo elgg_echo("up"); ?></a>
<?php
}
?>
<?php
if ($vars['order'] < $vars['maxorder']) {
+ $order = $vars['order'] + 11;
+ $down_url = "{$vars['url']}action/admin/plugins/reorder?plugin={$plugin}&order=$order&__elgg_token=$token&__elgg_ts=$ts";
+ $order = $vars['maxorder'] + 11;
+ $bottom_url = "{$vars['url']}action/admin/plugins/reorder?plugin={$plugin}&order=$order&__elgg_token=$token&__elgg_ts=$ts";
?>
- <a href="<?php echo $vars['url']; ?>action/admin/plugins/reorder?plugin=<?php echo $plugin; ?>&order=<?php echo $vars['order'] + 11; ?>&__elgg_token=<?php echo $token; ?>&__elgg_ts=<?php echo $ts; ?>"><?php echo elgg_echo("down"); ?></a>
- <a href="<?php echo $vars['url']; ?>action/admin/plugins/reorder?plugin=<?php echo $plugin; ?>&order=<?php echo $vars['maxorder'] + 11; ?>&__elgg_token=<?php echo $token; ?>&__elgg_ts=<?php echo $ts; ?>"><?php echo elgg_echo("bottom"); ?></a>
+ <a href="<?php echo elgg_format_url($down_url); ?>"><?php echo elgg_echo("down"); ?></a>
+ <a href="<?php echo elgg_format_url($bottom_url); ?>"><?php echo elgg_echo("bottom"); ?></a>
<?php
}
?>
</div><div class="clearfloat"></div>
<div class="admin_plugin_enable_disable">
- <?php if ($active) { ?>
- <a class="cancel_button" href="<?php echo $vars['url']; ?>action/admin/plugins/disable?plugin=<?php echo $plugin; ?>&__elgg_token=<?php echo $token; ?>&__elgg_ts=<?php echo $ts; ?>"><?php echo elgg_echo("disable"); ?></a>
- <?php } else { ?>
- <a class="submit_button" href="<?php echo $vars['url']; ?>action/admin/plugins/enable?plugin=<?php echo $plugin; ?>&__elgg_token=<?php echo $token; ?>&__elgg_ts=<?php echo $ts; ?>"><?php echo elgg_echo("enable"); ?></a>
+ <?php if ($active) {
+ $url = "{$vars['url']}action/admin/plugins/disable?plugin=$plugin&__elgg_token=$token&__elgg_ts=$ts";
+ ?>
+ <a class="cancel_button" href="<?php echo elgg_format_url($url); ?>"><?php echo elgg_echo("disable"); ?></a>
+ <?php } else {
+ $url = "{$vars['url']}action/admin/plugins/enable?plugin=$plugin&__elgg_token=$token&__elgg_ts=$ts";
+ ?>
+ <a class="submit_button" href="<?php echo elgg_format_url($url); ?>"><?php echo elgg_echo("enable"); ?></a>
<?php } ?>
</div>
@@ -90,10 +101,10 @@
?>
</div>
<?php } ?>
- <div><?php echo elgg_echo('admin:plugins:label:version') . ": ". $manifest['version'] ?></div>
- <div><?php echo elgg_echo('admin:plugins:label:author') . ": ". $manifest['author'] ?></div>
- <div><?php echo elgg_echo('admin:plugins:label:copyright') . ": ". $manifest['copyright'] ?></div>
- <div><?php echo elgg_echo('admin:plugins:label:licence') . ": ". $manifest['licence'] . $manifest['license'] ?></div>
+ <div><?php echo elgg_echo('admin:plugins:label:version') . ": ". htmlspecialchars($manifest['version']) ?></div>
+ <div><?php echo elgg_echo('admin:plugins:label:author') . ": ". htmlspecialchars($manifest['author']) ?></div>
+ <div><?php echo elgg_echo('admin:plugins:label:copyright') . ": ". htmlspecialchars($manifest['copyright']) ?></div>
+ <div><?php echo elgg_echo('admin:plugins:label:licence') . ": ". htmlspecialchars($manifest['licence'] . $manifest['license']) ?></div>
<div><?php echo elgg_echo('admin:plugins:label:website') . ": "; ?><a href="<?php echo $manifest['website']; ?>"><?php echo $manifest['website']; ?></a></div>
<?php } ?>
Please sign in to comment.
Something went wrong with that request. Please try again.