diff options
author | Phil Sturgeon <email@philsturgeon.co.uk> | 2012-05-17 15:46:28 +0200 |
---|---|---|
committer | Phil Sturgeon <email@philsturgeon.co.uk> | 2012-05-17 15:46:28 +0200 |
commit | 918eaef728eaf49387083b39add7106e029fcfb4 (patch) | |
tree | bd7ae7ad33977cf04cd44a735ccc1465ab7b4ffc /system/helpers | |
parent | 0199f68db46d375af2d4cb831c679d3040601f25 (diff) | |
parent | 324ef078dda5a3596444152ba49dd591a61adba6 (diff) |
Merge branch 'release/2.1.1'
Diffstat (limited to 'system/helpers')
-rw-r--r-- | system/helpers/form_helper.php | 2 | ||||
-rw-r--r-- | system/helpers/url_helper.php | 36 |
2 files changed, 17 insertions, 21 deletions
diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index d9305c00b..8733ae053 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -65,7 +65,7 @@ if ( ! function_exists('form_open')) $form .= '>'; // Add CSRF field if enabled, but leave it out for GET requests and requests to external websites - if ($CI->config->item('csrf_protection') === TRUE AND ! (strpos($action, $CI->config->site_url()) === FALSE OR strpos($form, 'method="get"'))) + if ($CI->config->item('csrf_protection') === TRUE AND ! (strpos($action, $CI->config->base_url()) === FALSE OR strpos($form, 'method="get"'))) { $hidden[$CI->security->get_csrf_token_name()] = $CI->security->get_csrf_hash(); } diff --git a/system/helpers/url_helper.php b/system/helpers/url_helper.php index 9f4b85248..f1e8c6ac6 100644 --- a/system/helpers/url_helper.php +++ b/system/helpers/url_helper.php @@ -466,39 +466,35 @@ if ( ! function_exists('prep_url')) * Create URL Title * * Takes a "title" string as input and creates a - * human-friendly URL string with either a dash - * or an underscore as the word separator. + * human-friendly URL string with a "separator" string + * as the word separator. * * @access public * @param string the string - * @param string the separator: dash, or underscore + * @param string the separator * @return string */ if ( ! function_exists('url_title')) { - function url_title($str, $separator = 'dash', $lowercase = FALSE) + function url_title($str, $separator = '-', $lowercase = FALSE) { - if ($separator == 'dash') + if ($separator == 'dash') { - $search = '_'; - $replace = '-'; + $separator = '-'; } - else + else if ($separator == 'underscore') { - $search = '-'; - $replace = '_'; + $separator = '_'; } + + $q_separator = preg_quote($separator); $trans = array( - '&\#\d+?;' => '', - '&\S+?;' => '', - '\s+' => $replace, - '[^a-z0-9\-\._]' => '', - $replace.'+' => $replace, - $replace.'$' => $replace, - '^'.$replace => $replace, - '\.+$' => '' - ); + '&.+?;' => '', + '[^a-z0-9 _-]' => '', + '\s+' => $separator, + '('.$q_separator.')+' => $separator + ); $str = strip_tags($str); @@ -512,7 +508,7 @@ if ( ! function_exists('url_title')) $str = strtolower($str); } - return trim(stripslashes($str)); + return trim($str, $separator); } } |