summaryrefslogtreecommitdiffstats
path: root/system/libraries/URI.php
diff options
context:
space:
mode:
Diffstat (limited to 'system/libraries/URI.php')
-rw-r--r--system/libraries/URI.php4
1 files changed, 3 insertions, 1 deletions
diff --git a/system/libraries/URI.php b/system/libraries/URI.php
index efc7a18b3..68b678053 100644
--- a/system/libraries/URI.php
+++ b/system/libraries/URI.php
@@ -186,7 +186,9 @@ class CI_URI {
{
if ($str != '' && $this->config->item('permitted_uri_chars') != '' && $this->config->item('enable_query_strings') == FALSE)
{
- if ( ! preg_match("|^[".preg_quote($this->config->item('permitted_uri_chars'))."]+$|i", $str))
+ // preg_quote() in PHP 5.3 escapes -, so the str_replace() and addition of - to preg_quote() is to maintain backwards
+ // compatibility as many are unaware of how characters in the permitted_uri_chars will be parsed as a regex pattern
+ if ( ! preg_match("|^[".str_replace(array('\\-', '\-'), '-', preg_quote($this->config->item('permitted_uri_chars'), '-'))."]+$|i", $str))
{
show_error('The URI you submitted has disallowed characters.', 400);
}