diff options
| author | Nathan Kinkade <nkinkade@nkinka.de> | 2010-01-19 16:34:34 +0000 |
|---|---|---|
| committer | Nathan Kinkade <nkinkade@nkinka.de> | 2010-01-19 16:34:34 +0000 |
| commit | e47505081f2c1017a68f763e1170b44fddd1e722 (patch) | |
| tree | eb511a8d9bae266ed6cf86f789f270642af93e90 /modules/gallery/helpers/MY_url.php | |
| parent | 0a67b836a9b5021c91b9c327d3693991c3248dfc (diff) | |
| parent | 9384f987bb96d0d39787ff9d3d16a70c01cd76e0 (diff) | |
Merge branch 'master' of git://github.com/gallery/gallery3
Diffstat (limited to 'modules/gallery/helpers/MY_url.php')
| -rw-r--r-- | modules/gallery/helpers/MY_url.php | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/modules/gallery/helpers/MY_url.php b/modules/gallery/helpers/MY_url.php index 74284951..8a7909b6 100644 --- a/modules/gallery/helpers/MY_url.php +++ b/modules/gallery/helpers/MY_url.php @@ -89,4 +89,18 @@ class url extends url_Core { static function abs_current($qs=false) { return self::abs_site(url::current($qs)); } + + /** + * Just like url::merge except that it escapes any XSS in the path. + */ + static function merge($params) { + return htmlspecialchars(parent::merge($params)); + } + + /** + * Just like url::current except that it escapes any XSS in the path. + */ + static function current($qs=false, $suffix=false) { + return htmlspecialchars(parent::current($qs, $suffix)); + } } |