Fixed #718: Generating the current route without additional arguments…

… results in unescaped single quotes and square brackets, potentially incorrectly replaced argument separator
agavi · Feb 27, 2008 · 3edb69d · 3edb69d
1 parent 360dbc9
commit 3edb69d
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 1 deletion.
diff --git a/CHANGELOG b/CHANGELOG
@@ -15,6 +15,7 @@ CHG: dist.htaccess in code templates should have RewriteEngine On (#678) (David)
 CHG: Bumped and fixed copyright years (#664) (David)
 CHG: Update timezone database to 2007k (#660) (David)
 
+FIX: Generating the current route without additional arguments results in unescaped single quotes and square brackets, potentially incorrectly replaced argument separator (#718) (David)
 FIX: Generating the current route with additional or changed arguments allows code injections (#717) (David)
 FIX: Unsetting a user parameter that in a routing callback's onGenerate() was passed to gen() produces strange behavior (#714) (David)
 FIX: Setting a user parameter that was undefined in a routing callback's onGenerate() has no effect if a default is defined (#713) (David)

diff --git a/src/routing/AgaviWebRouting.class.php b/src/routing/AgaviWebRouting.class.php
@@ -277,7 +277,7 @@ public function gen($route, array $params = array(), $options = array())
 
 		if($route === null && empty($params)) {
 			$retval = $req->getRequestUri();
-			$retval = str_replace('&', $aso, $retval);
+			$retval = str_replace(array('[', ']', '\'', ini_get('arg_separator.input')), array('%5B', '%5D', '%27', $aso), $retval);
 		} else {
 			if(defined('SID') && SID !== '' && $options['use_trans_sid'] === true) {
 				$params = array_merge($params, array(session_name() => session_id()));