Mercurial Mercurial > repos > enano-1.1 / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Fixed: sanitation loop on ampersands in encodeAttribute() (this was MediaWiki's fault)
authorDan
Sat, 01 Dec 2007 02:39:49 -0500
changeset 309 a1ccf990db6b
parent 308 e49604416b5a
child 310 199b9708f4a2
child 311 a007145a0ff6
Fixed: sanitation loop on ampersands in encodeAttribute() (this was MediaWiki's fault)
includes/wikiengine/Tables.php file | annotate | diff | comparison | revisions 
--- a/includes/wikiengine/Tables.php	Sat Dec 01 00:35:42 2007 -0500
+++ b/includes/wikiengine/Tables.php	Sat Dec 01 02:39:49 2007 -0500
@@ -277,6 +277,13 @@
 	 * @return HTML-encoded text fragment
 	 */
 	function encodeAttribute( $text ) {
+    
+    // In Enano 1.0.3, added this cheapo hack to keep ampersands
+    // from being double-sanitized. Thanks to markybob from #deluge.
+    $encValue = strtr( $text, array(
+      '&' => '&'
+    ) );
+    
 		$encValue = htmlspecialchars( $text );
 		
 		// Whitespace is normalized during attribute decoding,
Enano CMS (1.1.x)