- FIX: Silenced compact() in e107Test::testInitCore()
- FIX: Null check in e_db_pdo::makeTableDef()
- FIX: Null check in e_db_mysql::makeTableDef()
- FIX: userlogin::login() had this warning on line 148:
"continue" targeting switch is equivalent to "break". Did you mean to use "continue 2"?
- FIX: e107::getTemplate() could be run without the necessary plugin LANs
- FIX: e107Test::testGetInstance() included e107_config.php too many times
- FIX: Empty check in e107Test::testGetTemplate()
Fixes: #4054
This is a better fix for #4054. HTML code injection can no longer occur in URLs generated by
e107::url() thanks to htmlspecialchars(). The previous implementation only addressed:
& => &
Now, quotation marks and alligator brackets are also escaped, so:
<a href=""></html>"></a>
is now rendered as:
<a href=""></html>"></a>
- FIX: e107::url() now puts "&" in the query string instead of "&" for compliance with the older,
looser definition of ambiguous ampersands in the HTML specification.
Fixes: #4054
- FIX: Typo in comment
- FIX: Clear the core/e107/addons/e_url registry (cache) because if a plugin is installed after that
cache is initialized, the cache is not updated anymore. The plugin's e_url is therefore not
loaded, so SEF URLs won't be generated for that plugin until the cache is regenerated.
- NEW: Test for #4054
- FIX: e_pluginTest::testGetFields() expects the initial condition of the "forum" plugin to be
uninstalled.
