Revision 1028
Added by Ruud almost 15 years ago
| droplets.php | ||
|---|---|---|
| 19 | 19 |
if (strpos($match,"?")) {
|
| 20 | 20 |
list ($droplet,$params) = explode("?",$match);
|
| 21 | 21 |
if(!empty($params)) {
|
| 22 |
$params = str_replace("&", "&", $params); // replace & to single &
|
|
| 22 |
$params = html_entity_decode($params,ENT_COMPAT,DEFAULT_CHARSET); // make sure we can parse the parameters correctly
|
|
| 23 | 23 |
$paramarray = explode("&",$params); //create array of parms as parm=value
|
| 24 | 24 |
foreach ($paramarray as $paramelement) {
|
| 25 | 25 |
$parameterTemp = explode("=", $paramelement,2);
|
| 26 | 26 |
if (count($parameterTemp) == 2) |
| 27 |
$parameter[$parameterTemp[0]] = $parameterTemp[1];
|
|
| 27 |
$parameter[$parameterTemp[0]] = htmlentities($parameterTemp[1],ENT_COMPAT,DEFAULT_CHARSET); //re-encode the parameter values
|
|
| 28 | 28 |
else |
| 29 |
$parameter['parm'] = $parameterTemp[0];
|
|
| 29 |
$parameter['parm'] = htmlentities($parameterTemp[0],ENT_COMPAT,DEFAULT_CHARSET);
|
|
| 30 | 30 |
} |
| 31 | 31 |
} |
| 32 | 32 |
} else {
|
Also available in: Unified diff
Fixed the wrong handling of htmlentities in Droplet parameter parsing