mirror/processwire
1
0
Fork 0
mirror of https://github.com/processwire/processwire.git synced 2025-08-08 07:47:00 +02:00
Code Issues Releases Wiki Activity

Fix issue processwire/processwire-issues#1467

Browse Source
This commit is contained in:
Ryan Cramer
2021-11-19 11:43:49 -05:00
parent b8172c6605
commit 8e1608ac6f
5 changed files with 19 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
wire/core/Modules.php
View File

@@ -4343,7 +4343,7 @@ class Modules extends WireArray {
if($isModule && $namespace) { if($isModule && $namespace) {
$actualNamespace = $this->getModuleNamespace($moduleName); $actualNamespace = $this->getModuleNamespace($moduleName);
if(trim($namespace, '\\') != trim($actualNamespace, '\\')) { if(trim("$namespace", '\\') != trim("$actualNamespace", '\\')) {
$isModule = false; $isModule = false;
} }
} }

13
wire/core/PagesSortfields.php
View File

@@ -94,6 +94,7 @@ class PagesSortfields extends Wire {
public function decode($sortfield, $default = 'sort') { public function decode($sortfield, $default = 'sort') {
$reverse = false; $reverse = false;
$sortfield = (string) $sortfield;
if(substr($sortfield, 0, 1) == '-') { if(substr($sortfield, 0, 1) == '-') {
$sortfield = substr($sortfield, 1); $sortfield = substr($sortfield, 1);
@@ -101,13 +102,15 @@ class PagesSortfields extends Wire {
} }
if(ctype_digit("$sortfield") || !Fields::isNativeName($sortfield)) { if(ctype_digit("$sortfield") || !Fields::isNativeName($sortfield)) {
$field = $this->wire('fields')->get($sortfield); $field = $this->wire()->fields->get(ctype_digit($sortfield) ? (int) $sortfield : $sortfield);
if($field) $sortfield = $field->name; $sortfield = $field ? $field->name : '';
else $sortfield = '';
} }
if(!$sortfield) $sortfield = $default; if(!$sortfield) {
else if($reverse) $sortfield = "-$sortfield"; $sortfield = $default;
} else if($reverse) {
$sortfield = "-$sortfield";
}
return $sortfield; return $sortfield;
} }

6
wire/core/Sanitizer.php
View File

@@ -372,12 +372,12 @@ class Sanitizer extends Wire {
if($needsWork) { if($needsWork) {
$value = str_replace(array("'", '"'), '', $value); // blank out any quotes $value = str_replace(array("'", '"'), '', $value); // blank out any quotes
$_value = $value; $_value = $value;
$filters = FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH | FILTER_FLAG_NO_ENCODE_QUOTES; $filters = FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH | FILTER_FLAG_STRIP_BACKTICK;
$value = filter_var($value, FILTER_SANITIZE_STRING, $filters); $value = filter_var($value, FILTER_UNSAFE_RAW, $filters);
if(!strlen($value)) { if(!strlen($value)) {
// if above filter blanked out the string, try with brackets already replaced // if above filter blanked out the string, try with brackets already replaced
$value = str_replace(array('<', '>', '«', '»', '', ''), $replacementChar, $_value); $value = str_replace(array('<', '>', '«', '»', '', ''), $replacementChar, $_value);
$value = filter_var($value, FILTER_SANITIZE_STRING, $filters); $value = filter_var($value, FILTER_UNSAFE_RAW, $filters);
} }
$hyphenPos = strpos($extras, '-'); $hyphenPos = strpos($extras, '-');
if($hyphenPos !== false && $hyphenPos !== 0) { if($hyphenPos !== false && $hyphenPos !== 0) {

1
wire/core/Selectors.php
View File

@@ -1476,6 +1476,7 @@ class Selectors extends WireArray {
static $digits = '_0123456789'; static $digits = '_0123456789';
$has = false; $has = false;
$str = (string) $str;
foreach(self::$selectorTypes as $operator => $unused) { foreach(self::$selectorTypes as $operator => $unused) {

6
wire/core/WireArray.php
View File

@@ -575,7 +575,7 @@ class WireArray extends Wire implements \IteratorAggregate, \ArrayAccess, \Count
if(isset($this->data[$key])) return $this->data[$key]; if(isset($this->data[$key])) return $this->data[$key];
// check if key contains something other than numbers, letters, underscores, hyphens // check if key contains something other than numbers, letters, underscores, hyphens
if(!ctype_alnum("$key") && !ctype_alnum(strtr("$key", '-_', 'ab'))) { if(is_string($key) && !ctype_alnum($key) && !ctype_alnum(strtr($key, '-_', 'ab'))) {
// check if key contains a selector // check if key contains a selector
if(Selectors::stringHasSelector($key)) { if(Selectors::stringHasSelector($key)) {
@@ -607,13 +607,13 @@ class WireArray extends Wire implements \IteratorAggregate, \ArrayAccess, \Count
} }
return $match; return $match;
} }
}
// if the WireArray uses numeric keys, then it's okay to // if the WireArray uses numeric keys, then it's okay to
// match a 'name' field if the provided key is a string // match a 'name' field if the provided key is a string
if(is_string($key) && $this->usesNumericKeys()) { if($this->usesNumericKeys()) {
$match = $this->getItemThatMatches('name', $key); $match = $this->getItemThatMatches('name', $key);
} }
}
return $match; return $match;
} }