dashes in the route #1296
Description
Hi.
As I understood from this explanation the dashes are used for Camel case controller name. It is okay.
But in the current implementation of this algorithm I see the problems in the situation when these dashes are not expected. But could be passed by site visitor.
For example.
I have LearnController.php. I call it through of course this url:
site.com?r=learn
Let's look at the next user cases:
1)
site.com/?r=le-arn
In the UNIX I think it will try to find LeArnController.php file and fails. So it is okay. (It works on Windows though, but I think it is not important, is it?).
2)
site.com/?r=learn-
site.com/?r=-learn
It will be looking for LearnController.php, finds it and gives control to this controller. But this controller would have the real id (learn-) so it would not be able to find the assosiated view files. There will be a php error.
- The same reason for not found view file error will be in the situation with LearnSeoController.php and request like this:
site.com/?r=learn----seo
So my suggestion is the next. In this code, replace this line:
$className = str_replace(' ', '', ucwords(str_replace('-', ' ', $id))) . 'Controller';with these:
$cn = ucwords(str_replace('-', ' ', $id));
if (($cn !== trim($cn)) || (strpos($cn, ' ') !== false)) return false;
$className = str_replace(' ', '', $cn) . 'Controller';