Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

remove needless line of code

as pointed out by maurymmarques, in pull request 126
  • Loading branch information...
commit 26aeb1155063f9e4169dc5820d18fe159c066989 1 parent 694819c
@AD7six AD7six authored
Showing with 0 additions and 2 deletions.
  1. +0 −2  lib/Cake/Utility/Sanitize.php
View
2  lib/Cake/Utility/Sanitize.php
@@ -243,8 +243,6 @@ public static function clean($data, $options = array()) {
$data = str_replace("\r", "", $data);
}
- $data = str_replace("'", "'", str_replace("!", "!", $data));
@josegonzalez Collaborator

I know this is going to notify all the committers, but why was this line needed in the first place?

@AD7six Collaborator
AD7six added a note

Multiple choice

  • I doubt it ever was needed.
  • It was trying to replace {looks like '} with {'} but they are infact the same charcode
  • some malicious attempt to write code that looks a bit like a pair of bums
@markstory Owner

I think in the far distant past ! allowed you to bypass sql escaping, but that died long ago.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
-
if ($options['unicode']) {
$data = preg_replace("/&#([0-9]+);/s", "&#\\1;", $data);
}
@josegonzalez

I know this is going to notify all the committers, but why was this line needed in the first place?

@AD7six

Multiple choice

  • I doubt it ever was needed.
  • It was trying to replace {looks like '} with {'} but they are infact the same charcode
  • some malicious attempt to write code that looks a bit like a pair of bums
@markstory

I think in the far distant past ! allowed you to bypass sql escaping, but that died long ago.

Please sign in to comment.
Something went wrong with that request. Please try again.