Permalink
Browse files

No commit message

  • Loading branch information...
qiang.xue
qiang.xue committed Jan 27, 2012
1 parent 6027064 commit 208ec0590dcfcc6818f0ca643b7ba38a4e7e179e
Showing with 4 additions and 2 deletions.
  1. +2 โˆ’0 CHANGELOG
  2. +1 โˆ’1 framework/validators/CExistValidator.php
  3. +1 โˆ’1 framework/validators/CUniqueValidator.php
View
@@ -17,9 +17,11 @@ Version 1.1.10 work in progress
- Enh #3112: Fixed the exception error display on ajax calls when YII_DEBUG is true (mdomba)
- Enh #3121: Added more rules for proper pluralization to the pluralize() method in CCodeModel and CConsoleCommand (mdomba)
- Enh: Added CActiveForm::validateTabular() to simplify ajax validation for tabular input (mdomba)
+- Chg: HTML-encoded input values for exist and unique validators (Qiang)
- Chg: Upgraded JQuery UI to 1.8.17 (mdomba)
- Chg: Upgraded HTMLPurifier to v4.4.0 (Sam Dark)
+
Version 1.1.9 January 1, 2012
-----------------------------
- Bug: Removed unnecessary COciCommandBuilder::createInsertCommand quotes (Sam Dark)
@@ -85,7 +85,7 @@ protected function validateAttribute($object,$attribute)
if(!$finder->exists($criteria))
{
$message=$this->message!==null?$this->message:Yii::t('yii','{attribute} "{value}" is invalid.');
- $this->addError($object,$attribute,$message,array('{value}'=>$value));
+ $this->addError($object,$attribute,$message,array('{value}'=>CHtml::encode($value)));
}
}
}
@@ -122,7 +122,7 @@ protected function validateAttribute($object,$attribute)
if($exists)
{
$message=$this->message!==null?$this->message:Yii::t('yii','{attribute} "{value}" has already been taken.');
- $this->addError($object,$attribute,$message,array('{value}'=>$value));
+ $this->addError($object,$attribute,$message,array('{value}'=>CHtml::encode($value)));
}
}
}

0 comments on commit 208ec05

Please sign in to comment.