Gitiles
Code Review Sign In
www.giggi.me / code-igniter-v3-giggi / bfa233f559a50ee0674a209fa56f866edc814fd9^! / . / system / core
commitbfa233f559a50ee0674a209fa56f866edc814fd9[log] [tgz]
authorAndrey Andreev <narf@devilix.net>Fri Dec 05 12:00:11 2014 +0200
committerAndrey Andreev <narf@devilix.net>Fri Dec 05 12:00:11 2014 +0200
treedfdf0aa87b31db69c7c6646b8bbfbc743797edcd
parentbc11439c5f7fbbb1ef0257f8083c375eeb9dd79c [diff]
Further changes related to issue #47, PR #3323

 - Removed a test that was created specifically for the 'convert programmatic characters to entities' feature.
 - Changed filter_uri() to accept by reference and to not return anything as its only purpose now is to trigger a show_error() call.
 - Added changelog messages and updated the upgrade instructions.

diff --git a/system/core/Router.php b/system/core/Router.php
index 7f18adb..d86735f 100644
--- a/system/core/Router.php
+++ b/system/core/Router.php

@@ -171,18 +171,21 @@
 			$_d = isset($_GET[$_d]) ? trim($_GET[$_d], " \t\n\r\0\x0B/") : '';
 			if ($_d !== '')
 			{
-				$this->set_directory($this->uri->filter_uri($_d));
+				$this->uri->filter_uri($_d);
+				$this->set_directory($_d);
 			}
 
-			$_c = $this->config->item('controller_trigger');
+			$_c = trim($this->config->item('controller_trigger'));
 			if ( ! empty($_GET[$_c]))
 			{
-				$this->set_class(trim($this->uri->filter_uri(trim($_GET[$_c]))));
+				$this->uri->filter_uri($_GET[$_c]);
+				$this->set_class($_GET[$_c]);
 
-				$_f = $this->config->item('function_trigger');
+				$_f = trim($this->config->item('function_trigger'));
 				if ( ! empty($_GET[$_f]))
 				{
-					$this->set_method(trim($this->uri->filter_uri($_GET[$_f])));
+					$this->uri->filter_uri($_GET[$_f]);
+					$this->set_method($_GET[$_f]);
 				}
 
 				$this->uri->rsegments = array(

diff --git a/system/core/URI.php b/system/core/URI.php
index 067338d..7909101 100644
--- a/system/core/URI.php
+++ b/system/core/URI.php

@@ -173,8 +173,9 @@
 			// Populate the segments array
 			foreach (explode('/', trim($this->uri_string, '/')) as $val)
 			{
+				$val = trim($val);
 				// Filter segments for security
-				$val = trim($this->filter_uri($val));
+				$this->filter_uri($val);
 
 				if ($val !== '')
 				{
@@ -318,16 +319,14 @@
 	 * Filters segments for malicious characters.
 	 *
 	 * @param	string	$str
-	 * @return	string
+	 * @return	void
 	 */
-	public function filter_uri($str)
+	public function filter_uri(&$str)
 	{
 		if ( ! empty($str) && ! empty($this->_permitted_uri_chars) && ! preg_match('/^['.$this->_permitted_uri_chars.']+$/i'.(UTF8_ENABLED ? 'u' : ''), $str))
 		{
 			show_error('The URI you submitted has disallowed characters.', 400);
 		}
-
-		return $str;
 	}
 
 	// --------------------------------------------------------------------