summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAndrey Andreev <narf@bofh.bg>2011-12-22 12:21:08 +0100
committerAndrey Andreev <narf@bofh.bg>2011-12-22 12:21:08 +0100
commit17779d6163aa3a2b0544a45f7159717c95a23c2f (patch)
tree656cd8a93b4b6e0a33c23c7d2c16b9109ddd2934
parentbb2488305194e50881df0971bf4f33f30d974d36 (diff)
Cast to float instead of using preg_replace() for sanitizing numbers
-rw-r--r--system/libraries/Cart.php9
1 files changed, 5 insertions, 4 deletions
diff --git a/system/libraries/Cart.php b/system/libraries/Cart.php
index b2cc2081e..01a0cb8ce 100644
--- a/system/libraries/Cart.php
+++ b/system/libraries/Cart.php
@@ -160,7 +160,7 @@ class CI_Cart {
// --------------------------------------------------------------------
// Prep the quantity. It can only be a number. Duh... also trim any leading zeros
- $items['qty'] = ltrim(trim(preg_replace('/([^0-9])/i', '', $items['qty'])), '0');
+ $items['qty'] = (float) $items['qty'];
// If the quantity is zero or blank there's nothing for us to do
if ( ! is_numeric($items['qty']) OR $items['qty'] == 0)
@@ -192,7 +192,7 @@ class CI_Cart {
// --------------------------------------------------------------------
// Prep the price. Remove leading zeros and anything that isn't a number or decimal point.
- $items['price'] = lrtrim(trim(preg_replace('/([^0-9\.])/i', '', $items['price'])), '0');
+ $items['price'] = (float) $items['price'];
// Is the price a valid number?
if ( ! is_numeric($items['price']))
@@ -321,7 +321,7 @@ class CI_Cart {
}
// Prep the quantity
- $items['qty'] = preg_replace('/([^0-9])/i', '', $items['qty']);
+ $items['qty'] = (float) $items['qty'];
// Is the quantity a number?
if ( ! is_numeric($items['qty']))
@@ -388,6 +388,7 @@ class CI_Cart {
// Let's pass it to the Session class so it can be stored
$this->CI->session->set_userdata(array('cart_contents' => $this->_cart_contents));
+ // Woot!
return TRUE;
}
@@ -508,7 +509,7 @@ class CI_Cart {
}
// Remove anything that isn't a number or decimal point.
- $n = trim(preg_replace('/([^0-9\.])/i', '', $n));
+ $n = (float) $n;
return number_format($n, 2, '.', ',');
}