aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorcash <cash@36083f99-b078-4883-b0ff-0f9b5a30f544>2010-04-03 18:14:42 +0000
committercash <cash@36083f99-b078-4883-b0ff-0f9b5a30f544>2010-04-03 18:14:42 +0000
commit119bdcadae3fccb26ead25796bf8a352e314efd7 (patch)
tree06f33861d87c25e4fafdbb99df4b0d56248f3836
parentdec5ccf4df668d8c55272fded36bdbd95ea5c7a2 (diff)
downloadelgg-119bdcadae3fccb26ead25796bf8a352e314efd7.tar.gz
elgg-119bdcadae3fccb26ead25796bf8a352e314efd7.tar.bz2
Fixes #1184 - added elgg_format_url() for handling ampersands in urls
git-svn-id: http://code.elgg.org/elgg/trunk@5603 36083f99-b078-4883-b0ff-0f9b5a30f544
-rw-r--r--CHANGES.txt1
-rw-r--r--engine/lib/elgglib.php13
-rw-r--r--views/default/admin/plugins.php3
-rw-r--r--views/default/admin/plugins_opt/plugin.php35
4 files changed, 38 insertions, 14 deletions
diff --git a/CHANGES.txt b/CHANGES.txt
index 074aa6c62..ed844f018 100644
--- a/CHANGES.txt
+++ b/CHANGES.txt
@@ -6,6 +6,7 @@ Version 1.8.0
Generic API changes:
* Added elgg_instanceof().
* Added remove_subtype() and update_subtype().
+ * Added elgg_format_url()
UI/UX API changes:
* Added elgg_push_breadcrumb(), elgg_pop_breadcrumb(), and elgg_get_breadcrumbs().
diff --git a/engine/lib/elgglib.php b/engine/lib/elgglib.php
index 04e04fbbc..f106e4ded 100644
--- a/engine/lib/elgglib.php
+++ b/engine/lib/elgglib.php
@@ -2599,6 +2599,17 @@ interface Friendable {
}
/**
+ * Handles formatting of ampersands in urls
+ *
+ * @param string $url
+ * @return string
+ * @since 1.8
+ */
+function elgg_format_url($url) {
+ return preg_replace('/&(?!amp;)/', '&amp;', $url);
+}
+
+/**
* Rebuilds a parsed (partial) URL
*
* @param array $parts Associative array of URL components like parse_url() returns
@@ -2615,7 +2626,7 @@ function elgg_http_build_url(array $parts) {
$string = $scheme . $host . $port . $path . $query;
- return $string;
+ return elgg_format_url($string);
}
diff --git a/views/default/admin/plugins.php b/views/default/admin/plugins.php
index 465b019f6..4388e7a3c 100644
--- a/views/default/admin/plugins.php
+++ b/views/default/admin/plugins.php
@@ -15,7 +15,8 @@ $token = generate_action_token($ts);
// Page Header elements
$title = elgg_view_title(elgg_echo('admin:plugins'));
-$buttons = "<a class='action_button' href=\"{$CONFIG->url}action/admin/plugins/enableall?__elgg_token=$token&__elgg_ts=$ts\">".elgg_echo('enableall')."</a> <a class='action_button disabled' href=\"{$CONFIG->url}action/admin/plugins/disableall?__elgg_token=$token&__elgg_ts=$ts\">".elgg_echo('disableall')."</a> ";
+$buttons = "<a class='action_button' href=\"{$CONFIG->url}action/admin/plugins/enableall?__elgg_token=$token&amp;__elgg_ts=$ts\">".elgg_echo('enableall')."</a>";
+$buttons .= "<a class='action_button disabled' href=\"{$CONFIG->url}action/admin/plugins/disableall?__elgg_token=$token&amp;__elgg_ts=$ts\">".elgg_echo('disableall')."</a> ";
// construct page header
?>
diff --git a/views/default/admin/plugins_opt/plugin.php b/views/default/admin/plugins_opt/plugin.php
index 0150e76d8..6184580d8 100644
--- a/views/default/admin/plugins_opt/plugin.php
+++ b/views/default/admin/plugins_opt/plugin.php
@@ -30,26 +30,37 @@ $token = generate_action_token($ts);
<div class="admin_plugin_reorder">
<?php
if ($vars['order'] > 10) {
+ $top_url = "{$vars['url']}action/admin/plugins/reorder?plugin={$plugin}&order=1&__elgg_token=$token&__elgg_ts=$ts";
+ $order = $vars['order'] - 11;
+ $up_url = "{$vars['url']}action/admin/plugins/reorder?plugin={$plugin}&order=$order&__elgg_token=$token&__elgg_ts=$ts";
?>
- <a href="<?php echo $vars['url']; ?>action/admin/plugins/reorder?plugin=<?php echo $plugin; ?>&order=1&__elgg_token=<?php echo $token; ?>&__elgg_ts=<?php echo $ts; ?>"><?php echo elgg_echo("top"); ?></a>
- <a href="<?php echo $vars['url']; ?>action/admin/plugins/reorder?plugin=<?php echo $plugin; ?>&order=<?php echo $vars['order'] - 11; ?>&__elgg_token=<?php echo $token; ?>&__elgg_ts=<?php echo $ts; ?>"><?php echo elgg_echo("up"); ?></a>
+ <a href="<?php echo elgg_format_url($top_url); ?>"><?php echo elgg_echo("top"); ?></a>
+ <a href="<?php echo elgg_format_url($up_url); ?>"><?php echo elgg_echo("up"); ?></a>
<?php
}
?>
<?php
if ($vars['order'] < $vars['maxorder']) {
+ $order = $vars['order'] + 11;
+ $down_url = "{$vars['url']}action/admin/plugins/reorder?plugin={$plugin}&order=$order&__elgg_token=$token&__elgg_ts=$ts";
+ $order = $vars['maxorder'] + 11;
+ $bottom_url = "{$vars['url']}action/admin/plugins/reorder?plugin={$plugin}&order=$order&__elgg_token=$token&__elgg_ts=$ts";
?>
- <a href="<?php echo $vars['url']; ?>action/admin/plugins/reorder?plugin=<?php echo $plugin; ?>&order=<?php echo $vars['order'] + 11; ?>&__elgg_token=<?php echo $token; ?>&__elgg_ts=<?php echo $ts; ?>"><?php echo elgg_echo("down"); ?></a>
- <a href="<?php echo $vars['url']; ?>action/admin/plugins/reorder?plugin=<?php echo $plugin; ?>&order=<?php echo $vars['maxorder'] + 11; ?>&__elgg_token=<?php echo $token; ?>&__elgg_ts=<?php echo $ts; ?>"><?php echo elgg_echo("bottom"); ?></a>
+ <a href="<?php echo elgg_format_url($down_url); ?>"><?php echo elgg_echo("down"); ?></a>
+ <a href="<?php echo elgg_format_url($bottom_url); ?>"><?php echo elgg_echo("bottom"); ?></a>
<?php
}
?>
</div><div class="clearfloat"></div>
<div class="admin_plugin_enable_disable">
- <?php if ($active) { ?>
- <a class="cancel_button" href="<?php echo $vars['url']; ?>action/admin/plugins/disable?plugin=<?php echo $plugin; ?>&__elgg_token=<?php echo $token; ?>&__elgg_ts=<?php echo $ts; ?>"><?php echo elgg_echo("disable"); ?></a>
- <?php } else { ?>
- <a class="submit_button" href="<?php echo $vars['url']; ?>action/admin/plugins/enable?plugin=<?php echo $plugin; ?>&__elgg_token=<?php echo $token; ?>&__elgg_ts=<?php echo $ts; ?>"><?php echo elgg_echo("enable"); ?></a>
+ <?php if ($active) {
+ $url = "{$vars['url']}action/admin/plugins/disable?plugin=$plugin&__elgg_token=$token&__elgg_ts=$ts";
+ ?>
+ <a class="cancel_button" href="<?php echo elgg_format_url($url); ?>"><?php echo elgg_echo("disable"); ?></a>
+ <?php } else {
+ $url = "{$vars['url']}action/admin/plugins/enable?plugin=$plugin&__elgg_token=$token&__elgg_ts=$ts";
+ ?>
+ <a class="submit_button" href="<?php echo elgg_format_url($url); ?>"><?php echo elgg_echo("enable"); ?></a>
<?php } ?>
</div>
@@ -90,10 +101,10 @@ $token = generate_action_token($ts);
?>
</div>
<?php } ?>
- <div><?php echo elgg_echo('admin:plugins:label:version') . ": ". $manifest['version'] ?></div>
- <div><?php echo elgg_echo('admin:plugins:label:author') . ": ". $manifest['author'] ?></div>
- <div><?php echo elgg_echo('admin:plugins:label:copyright') . ": ". $manifest['copyright'] ?></div>
- <div><?php echo elgg_echo('admin:plugins:label:licence') . ": ". $manifest['licence'] . $manifest['license'] ?></div>
+ <div><?php echo elgg_echo('admin:plugins:label:version') . ": ". htmlspecialchars($manifest['version']) ?></div>
+ <div><?php echo elgg_echo('admin:plugins:label:author') . ": ". htmlspecialchars($manifest['author']) ?></div>
+ <div><?php echo elgg_echo('admin:plugins:label:copyright') . ": ". htmlspecialchars($manifest['copyright']) ?></div>
+ <div><?php echo elgg_echo('admin:plugins:label:licence') . ": ". htmlspecialchars($manifest['licence'] . $manifest['license']) ?></div>
<div><?php echo elgg_echo('admin:plugins:label:website') . ": "; ?><a href="<?php echo $manifest['website']; ?>"><?php echo $manifest['website']; ?></a></div>
<?php } ?>