diff options
| author | Andrey Andreev <narf@devilix.net> | 2015-10-30 10:47:35 +0100 |
|---|---|---|
| committer | Andrey Andreev <narf@devilix.net> | 2015-10-30 10:47:35 +0100 |
| commit | d2ea460f138fd1f9a527c9b0ece7cce369fd430b (patch) | |
| tree | b65894caf8cd3f1d944342d0dc4bd1e7d533e730 | |
| parent | b2d2535cc0326acea4722f7be9819cf58fd155da (diff) | |
Fix #3201
| -rw-r--r-- | system/core/Common.php | 7 | ||||
| -rw-r--r-- | tests/codeigniter/core/Common_test.php | 5 | ||||
| -rw-r--r-- | user_guide_src/source/changelog.rst | 1 |
3 files changed, 12 insertions, 1 deletions
diff --git a/system/core/Common.php b/system/core/Common.php index ad3ca9f93..3ab98cf6d 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -752,7 +752,12 @@ if ( ! function_exists('html_escape')) if (is_array($var)) { - return array_map('html_escape', $var, array_fill(0, count($var), $double_encode)); + foreach (array_keys($var) as $key) + { + $var[$key] = html_escape($var[$key], $double_encode); + } + + return $var; } return htmlspecialchars($var, ENT_QUOTES, config_item('charset'), $double_encode); diff --git a/tests/codeigniter/core/Common_test.php b/tests/codeigniter/core/Common_test.php index 999b49cb3..81a185eaf 100644 --- a/tests/codeigniter/core/Common_test.php +++ b/tests/codeigniter/core/Common_test.php @@ -47,6 +47,11 @@ class Common_test extends CI_TestCase { html_escape('Here is a string containing "quoted" text.'), 'Here is a string containing "quoted" text.' ); + + $this->assertEquals( + html_escape(array('associative' => 'and', array('multi' => 'dimentional'))), + array('associative' => 'and', array('multi' => 'dimentional')) + ); } }
\ No newline at end of file diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index b1caf9b56..8aaf0bfc4 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -21,6 +21,7 @@ Bug fixes for 3.0.3 - Fixed a bug (#4171) - :doc:`Database Transactions <database/transactions>` didn't work with nesting in methods ``trans_begin()``, ``trans_commit()``, ``trans_rollback()``. - Fixed a bug where :doc:`Database Transaction <database/transactions>` methods ``trans_begin()``, ``trans_commit()``, ``trans_rollback()`` ignored failures. - Fixed a bug where all :doc:`Database Transaction <database/transactions>` methods returned TRUE while transactions are actually disabled. +- Fixed a bug (#3201) - :doc:`Common function <general/common_functions>` :php:func:`html_escape()` modified keys of its array inputs. Version 3.0.2 ============= |