Skip to content

Commit

Permalink
Merge pull request symphonycms#1551 from designermonkey/params-cdata
Browse files Browse the repository at this point in the history 
Altered querystring CDATA wrapping until just before processing. RE symphonycms#1480
  • Loading branch information
@brendo
brendo committed Nov 14, 2012
2 parents 9b117cf + 30db8d2 commit 977f9e2
Show file tree
Hide file tree
Showing 2 changed files with 23 additions and 2 deletions.
11 changes: 9 additions & 2 deletions symphony/lib/toolkit/class.frontendpage.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -233,8 +233,14 @@ public function generate($page) {
*/
Symphony::ExtensionManager()->notifyMembers('FrontendPreRenderHeaders', '/frontend/');

$backup_param = $this->_param;

$this->_param['current-query-string'] = General::wrapInCDATA($this->_param['current-query-string']);

$output = parent::generate();

$this->_param = $backup_param;

/**
* Immediately after generating the page. Provided with string containing page source
* @delegate FrontendOutputPostGenerate
Expand Down Expand Up @@ -344,7 +350,7 @@ private function __buildPage(){
'current-page-id' => $page['id'],
'current-path' => ($current_path == '') ? '/' : $current_path,
'parent-path' => '/' . $page['path'],
'current-query-string' => '<![CDATA[' . self::sanitizeParameter($querystring) . ']]>',
'current-query-string' => self::sanitizeParameter($querystring),
'current-url' => URL . $current_path,
'upload-limit' => min($upload_size_php, $upload_size_sym),
'symphony-version' => Symphony::Configuration()->get('version', 'symphony'),
Expand Down Expand Up @@ -481,7 +487,7 @@ private function __buildPage(){
$param->setValue(General::sanitize($value[0]));
}
else if($key == 'current-query-string') {
$param->setValue($value);
$param->setValue(General::wrapInCDATA($value));
}
else {
$param->setValue(General::sanitize($value));
Expand Down Expand Up @@ -1000,3 +1006,4 @@ public static function resolvePageFileLocation($path, $handle) {
}

}

14 changes: 14 additions & 0 deletions symphony/lib/toolkit/class.general.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1327,4 +1327,18 @@ public static function ensureType(array $params){

}
}

/**
* Wrap a value in CDATA tags for XSL output of non encoded data
*
* @since Symphony 2.3.2
* @param string @value
* The string to wrap in CDATA
* @return string
* The wrapped string
*/
public static function wrapInCDATA($value) {
return '<![CDATA[' . $value . ']]>';
}

}

0 comments on commit 977f9e2

Please sign in to comment.