diff options
author | Andrey Andreev <narf@bofh.bg> | 2011-12-22 12:21:08 +0100 |
---|---|---|
committer | Andrey Andreev <narf@bofh.bg> | 2011-12-22 12:21:08 +0100 |
commit | 17779d6163aa3a2b0544a45f7159717c95a23c2f (patch) | |
tree | 656cd8a93b4b6e0a33c23c7d2c16b9109ddd2934 /system/libraries/Cart.php | |
parent | bb2488305194e50881df0971bf4f33f30d974d36 (diff) |
Cast to float instead of using preg_replace() for sanitizing numbers
Diffstat (limited to 'system/libraries/Cart.php')
-rw-r--r-- | system/libraries/Cart.php | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/system/libraries/Cart.php b/system/libraries/Cart.php index b2cc2081e..01a0cb8ce 100644 --- a/system/libraries/Cart.php +++ b/system/libraries/Cart.php @@ -160,7 +160,7 @@ class CI_Cart { // -------------------------------------------------------------------- // Prep the quantity. It can only be a number. Duh... also trim any leading zeros - $items['qty'] = ltrim(trim(preg_replace('/([^0-9])/i', '', $items['qty'])), '0'); + $items['qty'] = (float) $items['qty']; // If the quantity is zero or blank there's nothing for us to do if ( ! is_numeric($items['qty']) OR $items['qty'] == 0) @@ -192,7 +192,7 @@ class CI_Cart { // -------------------------------------------------------------------- // Prep the price. Remove leading zeros and anything that isn't a number or decimal point. - $items['price'] = lrtrim(trim(preg_replace('/([^0-9\.])/i', '', $items['price'])), '0'); + $items['price'] = (float) $items['price']; // Is the price a valid number? if ( ! is_numeric($items['price'])) @@ -321,7 +321,7 @@ class CI_Cart { } // Prep the quantity - $items['qty'] = preg_replace('/([^0-9])/i', '', $items['qty']); + $items['qty'] = (float) $items['qty']; // Is the quantity a number? if ( ! is_numeric($items['qty'])) @@ -388,6 +388,7 @@ class CI_Cart { // Let's pass it to the Session class so it can be stored $this->CI->session->set_userdata(array('cart_contents' => $this->_cart_contents)); + // Woot! return TRUE; } @@ -508,7 +509,7 @@ class CI_Cart { } // Remove anything that isn't a number or decimal point. - $n = trim(preg_replace('/([^0-9\.])/i', '', $n)); + $n = (float) $n; return number_format($n, 2, '.', ','); } |