Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Phalcon\Tag::escapeHtmlAttr() to properly escape HTML attributes #917

Merged
merged 3 commits into from Jul 25, 2013
Merged

Phalcon\Tag::escapeHtmlAttr() to properly escape HTML attributes #917

Changes from 1 commit
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
533d450
Fix #903
sjinks Jul 25, 2013
9c7483f
Fix 'pointer targets differ in signedness' warning
sjinks Jul 25, 2013
e12bfdd
Fix bug in phalcon_escape_multi() introduced in 1ce094c60dd4a4ef674cb…
sjinks Jul 25, 2013
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Fix bug in phalcon_escape_multi() introduced in 1ce094c
  • Loading branch information
@sjinks
sjinks committed Jul 25, 2013
commit e12bfdda72c77212953dd18b54ceff5b8a04a737
4 changes: 2 additions & 2 deletions ext/kernel/filter.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -257,13 +257,13 @@ void phalcon_escape_multi(zval *return_value, zval *param, const char *escape_ch
/**
* Alphanumeric characters are not escaped
*/
if (isalnum(value)) {
if (value < 256 && isalnum(value)) {
smart_str_appendc(&escaped_str, (unsigned char) value);
continue;
}

/**
* Chararters in the whitelist are leave as they are
* Chararters in the whitelist are left as they are
*/
if (use_whitelist) {
switch (value) {
Expand Down