From 55808e11c987b72b6c2d364d4f17e11dfbbebc71 Mon Sep 17 00:00:00 2001 From: Igor Wiedler Date: Sun, 19 Sep 2010 15:31:00 +0200 Subject: [PATCH] [feature/request-class] Prevent recursive_set_var from applying htmlspecialchars twice PHPBB3-9716 --- phpBB/includes/request/type_cast_helper.php | 2 +- tests/request/type_cast_helper.php | 21 +++++++++++++++++++++ 2 files changed, 22 insertions(+), 1 deletion(-) diff --git a/phpBB/includes/request/type_cast_helper.php b/phpBB/includes/request/type_cast_helper.php index c39bbebe01..29855a9804 100644 --- a/phpBB/includes/request/type_cast_helper.php +++ b/phpBB/includes/request/type_cast_helper.php @@ -176,7 +176,7 @@ class phpbb_request_type_cast_helper implements phpbb_request_type_cast_helper_i $this->set_var($k, $k, $key_type, $multibyte, $multibyte); $this->recursive_set_var($v, $default_value, $multibyte); - $this->set_var($var[$k], $v, $value_type, $multibyte); + $var[$k] = $v; } } } diff --git a/tests/request/type_cast_helper.php b/tests/request/type_cast_helper.php index 51687c186d..291b414fd3 100644 --- a/tests/request/type_cast_helper.php +++ b/tests/request/type_cast_helper.php @@ -9,6 +9,7 @@ */ require_once 'test_framework/framework.php'; +require_once '../phpBB/includes/utf/utf_tools.php'; require_once '../phpBB/includes/request/type_cast_helper_interface.php'; require_once '../phpBB/includes/request/type_cast_helper.php'; @@ -30,4 +31,24 @@ class phpbb_type_cast_helper_test extends phpbb_test_case $this->assertEquals($expected, $data); } + + public function test_simple_recursive_set_var() + { + $data = 'eviL<3'; + $expected = 'eviL<3'; + + $this->type_cast_helper->recursive_set_var($data, '', true); + + $this->assertEquals($expected, $data); + } + + public function test_nested_recursive_set_var() + { + $data = array('eviL<3'); + $expected = array('eviL<3'); + + $this->type_cast_helper->recursive_set_var($data, array(0 => ''), true); + + $this->assertEquals($expected, $data); + } }