summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--system/libraries/Profiler.php4
-rw-r--r--user_guide/changelog.html4
2 files changed, 5 insertions, 3 deletions
diff --git a/system/libraries/Profiler.php b/system/libraries/Profiler.php
index ffd664a88..6b1d5ea71 100644
--- a/system/libraries/Profiler.php
+++ b/system/libraries/Profiler.php
@@ -123,7 +123,7 @@ class CI_Profiler {
foreach ($this->CI->db->queries as $val)
{
$output .= '<div style="padding:3px;margin:12px 0 12px 0;background-color:#ddd;color:#000">';
- $output .= $val;
+ $output .= htmlspecialchars($val, ENT_QUOTES);
$output .= "</div>\n";
}
}
@@ -166,7 +166,7 @@ class CI_Profiler {
}
// $output .= "<tr><td width='50%' style='color:#000;background-color:#ddd;'>&#36;_POST[".$key."]&nbsp;&nbsp;</td><td width='50%' style='color:#009900;font-weight:normal;background-color:#ddd;'>".htmlspecialchars(stripslashes($val))."</td></tr>\n";
- $output .= "<tr><td width='50%' style='color:#000;background-color:#ddd;'>".$_POST[$key]." </td><td width='50%' style='color:#009900;font-weight:normal;background-color:#ddd;'>";
+ $output .= "<tr><td width='50%' style='color:#000;background-color:#ddd;'>&#36;_POST[".$key."]&nbsp;&nbsp; </td><td width='50%' style='color:#009900;font-weight:normal;background-color:#ddd;'>";
if (is_array($val))
{
$output .= "<pre>" . htmlspecialchars(stripslashes(print_r($val, true))) . "</pre>";
diff --git a/user_guide/changelog.html b/user_guide/changelog.html
index 5435864d4..eb57d487e 100644
--- a/user_guide/changelog.html
+++ b/user_guide/changelog.html
@@ -69,7 +69,7 @@ Change Log
<li>Added array to string into the profiler </li>
<li>Added some additional mime types in application/config/mimes.php</li>
<li>Added filename_security() method to Input library</li>
- <li>Added some additional arguements to the <a href="./helpers/inflector_helper.html">Inflection helper</a> singular() to compensate for words ending in "s". Also added a force parameter to pluralize()</li>
+ <li>Added some additional arguments to the <a href="./helpers/inflector_helper.html">Inflection helper</a> singular() to compensate for words ending in "s". Also added a force parameter to pluralize()</li>
<li>Fixed MSSQL insert_id().</li>
<li>Fixed a logic error in the DB trans_status() function. It was incorrectly returning TRUE on failure and FALSE on success.</li>
<li>Fixed a bug that was allowing multiple load attempts on extended classes.</li>
@@ -80,6 +80,8 @@ Change Log
<li>Fixed a bug in the <a href="./libraries/zip.html">Zip library</a>, providing PC Zip file compatibility with Mac OS X</li>
<li>Fixed a bug in router that was ignoring the scaffolding route for optimization </li>
<li>Fixed an IP validation bug.</li>
+ <li>Fixed a bug in display of POST keys in the Profiler output</li>
+ <li>Fixed a bug in display of queries with characters that would be interpreted as HTML in the Profiler output</li>
<li>Fixed various doc typos. </li>
<li>Docs now validate to XHTML 1 transitional</li>
<li>Fixed a bug where one could unset certain PHP superglobals by setting them via GET or POST data</li>