diff options
| author | Derek Jones <derek.jones@ellislab.com> | 2007-07-11 23:59:12 +0200 |
|---|---|---|
| committer | Derek Jones <derek.jones@ellislab.com> | 2007-07-11 23:59:12 +0200 |
| commit | 1f2fd2d5db0ff9e91388cec079a9ff58392ab654 (patch) | |
| tree | d64ffe5491f0c1314938e72b9c52e73f8755a892 | |
| parent | 9687c493de92eb71a91ed89723abd4ede977bb3d (diff) | |
adding type casting of $title argument in URL helper functions to a string. A numeric 0 sent to these functions would evaluate if ($title == '') as TRUE, and type casting seems the more appropriate fix than simply using $title === '', since we're expecting and treating $title as a string.
| -rw-r--r-- | system/helpers/url_helper.php | 8 | ||||
| -rw-r--r-- | user_guide/changelog.html | 1 |
2 files changed, 9 insertions, 0 deletions
diff --git a/system/helpers/url_helper.php b/system/helpers/url_helper.php index c05bc2088..01cd3458d 100644 --- a/system/helpers/url_helper.php +++ b/system/helpers/url_helper.php @@ -90,6 +90,8 @@ function index_page() */
function anchor($uri = '', $title = '', $attributes = '')
{
+ $title = (string) $title;
+
if ( ! is_array($uri))
{
$site_url = ( ! preg_match('!^\w+://!i', $uri)) ? site_url($uri) : $uri;
@@ -132,6 +134,8 @@ function anchor($uri = '', $title = '', $attributes = '') */
function anchor_popup($uri = '', $title = '', $attributes = FALSE)
{
+ $title = (string) $title;
+
$site_url = ( ! preg_match('!^\w+://!i', $uri)) ? site_url($uri) : $uri;
if ($title == '')
@@ -170,6 +174,8 @@ function anchor_popup($uri = '', $title = '', $attributes = FALSE) */
function mailto($email, $title = '', $attributes = '')
{
+ $title = (string) $title;
+
if ($title == "")
{
$title = $email;
@@ -195,6 +201,8 @@ function mailto($email, $title = '', $attributes = '') */
function safe_mailto($email, $title = '', $attributes = '')
{
+ $title = (string) $title;
+
if ($title == "")
{
$title = $email;
diff --git a/user_guide/changelog.html b/user_guide/changelog.html index eb57d487e..67baae43e 100644 --- a/user_guide/changelog.html +++ b/user_guide/changelog.html @@ -89,6 +89,7 @@ Change Log <li>Modified the Router so that when Query Strings are Enabled, the controller trigger and function trigger values are sanitized for filename include security.</li>
<li>Modified the is_image() method in the Upload library to take into account Windows IE 6/7 eccentricities when dealing with MIMEs</li>
<li>Modified XSS Cleaning routine to be more performance friendly and compatible with PHP 5.2's new PCRE backtrack and recursion limits.</li>
+ <li>Modified the URL Helper to type cast the $title as a string in case a numeric value is supplied</li>
<li>Deprecated the use if <kbd>is_numeric()</kbd> in various places since it allows periods. Due to compatibility problems with <kbd>ctype_digit()</kbd>, making it unreliable in some installations, the following regular expression was used instead: <kbd>preg_match("/[^0-9]/", $n)</kbd></li>
<li>Deprecated: APPVER has been deprecated and replaced with CI_VERSION for clarity. </li>
</ul>
|