Skip to content

Commit

Permalink
Altered querystring CDATA wrapping until just before processing
Browse files Browse the repository at this point in the history
  • Loading branch information
@designermonkey
designermonkey committed Nov 14, 2012
1 parent 1a1089f commit 9c92663
Showing 1 changed file with 22 additions and 2 deletions.
24 changes: 22 additions & 2 deletions symphony/lib/toolkit/class.frontendpage.php
View file
Expand Up @@ -233,8 +233,14 @@ public function generate($page) {
*/
Symphony::ExtensionManager()->notifyMembers('FrontendPreRenderHeaders', '/frontend/');

$backup_param = $this->_param;

$this->_param['current-query-string'] = $this->wrapParameterInCDATA($this->_param['current-query-string']);

$output = parent::generate();

$this->_param = $backup_param;

/**
* Immediately after generating the page. Provided with string containing page source
* @delegate FrontendOutputPostGenerate
Expand Down Expand Up @@ -344,7 +350,7 @@ private function __buildPage(){
'current-page-id' => $page['id'],
'current-path' => ($current_path == '') ? '/' : $current_path,
'parent-path' => '/' . $page['path'],
'current-query-string' => '<![CDATA[' . self::sanitizeParameter($querystring) . ']]>',
'current-query-string' => self::sanitizeParameter($querystring),
'current-url' => URL . $current_path,
'upload-limit' => min($upload_size_php, $upload_size_sym),
'symphony-version' => Symphony::Configuration()->get('version', 'symphony'),
Expand Down Expand Up @@ -481,7 +487,7 @@ private function __buildPage(){
$param->setValue(General::sanitize($value[0]));
}
else if($key == 'current-query-string') {
$param->setValue($value);
$param->setValue($this->wrapParameterInCDATA($value));
}
else {
$param->setValue(General::sanitize($value));
Expand Down Expand Up @@ -965,6 +971,19 @@ public static function sanitizeParameter($parameter) {
return XMLElement::stripInvalidXMLCharacters(utf8_encode(urldecode($parameter)));
}

/**
* Wrap a value in CDATA tags for XSL output of non encoded data
*
* @since Symphony 2.3.2
* @param string @value
* The string to wrap in CDATA
* @return string
* The wrapped string
*/
public static function wrapParameterInCDATA($parameter) {
return '<![CDATA[' . $parameter . ']]>';
}

/**
* Given a page ID, return it's type from `tbl_pages`
*
Expand Down Expand Up @@ -1000,3 +1019,4 @@ public static function resolvePageFileLocation($path, $handle) {
}

}

0 comments on commit 9c92663

Please sign in to comment.