summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorxue <>2006-05-03 18:40:21 +0000
committerxue <>2006-05-03 18:40:21 +0000
commit641826266aff9d816c8e61569be5ec9d67f7cc89 (patch)
tree43b5526271174fe2ab9ce537461e1646c59212c4
parent4c2920064d561701016476b91ce28813e2368270 (diff)
Fixed#151 - added sanity check GET parameters in constructUrl()
-rw-r--r--HISTORY1
-rw-r--r--demos/quickstart/protected/application.xml1
-rw-r--r--framework/Web/THttpRequest.php14
3 files changed, 12 insertions, 4 deletions
diff --git a/HISTORY b/HISTORY
index 1dd2648b..211a10fd 100644
--- a/HISTORY
+++ b/HISTORY
@@ -2,6 +2,7 @@ Version 3.0.1 June 1, 2006
==========================
CHG: Ticket#153 - TAssetManager now ignores .svn directories (Qiang)
CHG: Ticket#154 - HTML comments are now parsed as regular template strings (Qiang)
+ENH: Ticket#151 - added sanity check GET parameters in constructUrl() (Qiang)
ENH: added sanity check to calling event handlers (Qiang)
Version 3.0.0 May 1, 2006
diff --git a/demos/quickstart/protected/application.xml b/demos/quickstart/protected/application.xml
index cd6dd01e..18eed91e 100644
--- a/demos/quickstart/protected/application.xml
+++ b/demos/quickstart/protected/application.xml
@@ -10,6 +10,7 @@
<route class="TFileLogRoute" />
</module>
-->
+ <module class="THttpRequest" UrlFormat="Path" />
</modules>
<paths>
<using namespace="Application.controls.*" />
diff --git a/framework/Web/THttpRequest.php b/framework/Web/THttpRequest.php
index 71237fa1..9b06076e 100644
--- a/framework/Web/THttpRequest.php
+++ b/framework/Web/THttpRequest.php
@@ -460,9 +460,12 @@ class THttpRequest extends TApplicationComponent implements IteratorAggregate,Ar
{
$name=urlencode($name.'[]');
foreach($value as $v)
- $url.=$amp.$name.'='.$v;
+ {
+ if(($v=trim($v))!=='')
+ $url.=$amp.$name.'='.$v;
+ }
}
- else
+ else if(($value=trim($value))!=='')
$url.=$amp.urlencode($name).'='.urlencode($value);
}
}
@@ -473,9 +476,12 @@ class THttpRequest extends TApplicationComponent implements IteratorAggregate,Ar
if(is_array($value))
{
foreach($value as $v)
- $url.=$amp.$name.'[]='.$v;
+ {
+ if(($v=trim($v))!=='')
+ $url.=$amp.$name.'[]='.$v;
+ }
}
- else
+ else if(($value=trim($value))!=='')
$url.=$amp.$name.'='.$value;
}
}