summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAndrey Andreev <narf@bofh.bg>2012-06-15 22:44:48 +0200
committerAndrey Andreev <narf@bofh.bg>2012-06-15 22:44:48 +0200
commit58ae971ba248cf3e32a139088c3833c9735028de (patch)
tree14e68e4a7d82567f310edb4d527000d586b08769
parentd1a075d7807ad8177ecb4235dfe16ffe2041f860 (diff)
Fix issue #167
-rw-r--r--system/core/URI.php2
-rw-r--r--user_guide_src/source/changelog.rst1
2 files changed, 2 insertions, 1 deletions
diff --git a/system/core/URI.php b/system/core/URI.php
index a997525ee..208d311a5 100644
--- a/system/core/URI.php
+++ b/system/core/URI.php
@@ -278,7 +278,7 @@ class CI_URI {
{
// preg_quote() in PHP 5.3 escapes -, so the str_replace() and addition of - to preg_quote() is to maintain backwards
// compatibility as many are unaware of how characters in the permitted_uri_chars will be parsed as a regex pattern
- if ( ! preg_match('|^['.str_replace(array('\\-', '\-'), '-', preg_quote($this->config->item('permitted_uri_chars'), '-')).']+$|i', $str))
+ if ( ! preg_match('|^['.str_replace(array('\\-', '\-'), '-', preg_quote($this->config->item('permitted_uri_chars'), '-')).']+$|i', urldecode($str)))
{
show_error('The URI you submitted has disallowed characters.', 400);
}
diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst
index 589cd0046..3e5bc8fcb 100644
--- a/user_guide_src/source/changelog.rst
+++ b/user_guide_src/source/changelog.rst
@@ -275,6 +275,7 @@ Bug fixes for 3.0
- Fixed a bug (#10) - :doc:`URI Library <libraries/uri>` internal method _detect_uri() failed with paths containing a colon.
- Fixed a bug (#1387) - :doc:`Query Builder <database/query_builder>`'s from() method didn't escape table aliases.
- Fixed a bug (#520) - :doc:`Date Helper <helpers/date_helper>` function nice_date() failed when the optional second parameter is not passed.
+- Fixed a bug (#167) - ``$config['permitted_uri_chars']`` didn't affect URL-encoded characters.
Version 2.1.1
=============