From 641826266aff9d816c8e61569be5ec9d67f7cc89 Mon Sep 17 00:00:00 2001
From: xue <>
Date: Wed, 3 May 2006 18:40:21 +0000
Subject: Fixed#151 - added sanity check GET parameters in constructUrl()
---
HISTORY | 1 +
demos/quickstart/protected/application.xml | 1 +
framework/Web/THttpRequest.php | 14 ++++++++++----
3 files changed, 12 insertions(+), 4 deletions(-)
diff --git a/HISTORY b/HISTORY
index 1dd2648b..211a10fd 100644
--- a/HISTORY
+++ b/HISTORY
@@ -2,6 +2,7 @@ Version 3.0.1 June 1, 2006
==========================
CHG: Ticket#153 - TAssetManager now ignores .svn directories (Qiang)
CHG: Ticket#154 - HTML comments are now parsed as regular template strings (Qiang)
+ENH: Ticket#151 - added sanity check GET parameters in constructUrl() (Qiang)
ENH: added sanity check to calling event handlers (Qiang)
Version 3.0.0 May 1, 2006
diff --git a/demos/quickstart/protected/application.xml b/demos/quickstart/protected/application.xml
index cd6dd01e..18eed91e 100644
--- a/demos/quickstart/protected/application.xml
+++ b/demos/quickstart/protected/application.xml
@@ -10,6 +10,7 @@
-->
+
diff --git a/framework/Web/THttpRequest.php b/framework/Web/THttpRequest.php
index 71237fa1..9b06076e 100644
--- a/framework/Web/THttpRequest.php
+++ b/framework/Web/THttpRequest.php
@@ -460,9 +460,12 @@ class THttpRequest extends TApplicationComponent implements IteratorAggregate,Ar
{
$name=urlencode($name.'[]');
foreach($value as $v)
- $url.=$amp.$name.'='.$v;
+ {
+ if(($v=trim($v))!=='')
+ $url.=$amp.$name.'='.$v;
+ }
}
- else
+ else if(($value=trim($value))!=='')
$url.=$amp.urlencode($name).'='.urlencode($value);
}
}
@@ -473,9 +476,12 @@ class THttpRequest extends TApplicationComponent implements IteratorAggregate,Ar
if(is_array($value))
{
foreach($value as $v)
- $url.=$amp.$name.'[]='.$v;
+ {
+ if(($v=trim($v))!=='')
+ $url.=$amp.$name.'[]='.$v;
+ }
}
- else
+ else if(($value=trim($value))!=='')
$url.=$amp.$name.'='.$value;
}
}
--
cgit v1.2.3