もうCI3の時代でニーズも無いとは思うけどメモ書き。
URLに()とか入ると
An Error Was Encountered
The URI you submitted has disallowed characters.
な、エラーが出るんだけどさね。
/system/core/URI.php
を見てみても、
URI.php
function _filter_uri($str)
{
if ($str != '' && $this->config->item('permitted_uri_chars') != '' && $this->config->item('enable_query_strings') == FALSE)
{
// preg_quote() in PHP 5.3 escapes -, so the str_replace() and addition of - to preg_quote() is to maintain backwards
// compatibility as many are unaware of how characters in the permitted_uri_chars will be parsed as a regex pattern
if ( ! preg_match("|^[".str_replace(array('\\-', '\-'), '-', preg_quote($this->config->item('permitted_uri_chars'), '-'))."]+$|i", $str))
{
show_error('The URI you submitted has disallowed characters.', 400);
}
}
// Convert programatic characters to entities
$bad = array('$', '(', ')', '%28', '%29');
$good = array('$', '(', ')', '(', ')');
return str_replace($bad, $good, $str);
}
って書いてあって、\$bad $good とconfig.phpから、()は通って良いんじゃね?って
ずーっと首かしげ状態だったのですが、これCI2の問題だったみたい。
preg_match("|^[".str_replace(array('\\-', '\-'), '-', preg_quote($this->config->item('permitted_uri_chars'), '-'))."]+$|i", $str)
⇓ をUTFマッチ "/xxxxxxx…/u"
preg_match("/|^[".str_replace(array('\\-', '\-'), '-', preg_quote($this->config->item('permitted_uri_chars'), '-'))."]+$|i/u", $str)
な、なんか、モチベーションが下がってきた…。
で、コアコードに書いたらアップグレードで消されると思って
application/core/MY_URI.php に書いたんだけどうまく動かなかったんだよねぇ…。オシマイ
MY_URI.php
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
class MY_URI extends CI_URI {
public function __construct(){
parent::__construct();
}
// ------------------------------------------------------------------------
/**
* Filter segments for malicious characters
* @access private
* @param string
* @return string
*/
if ( ! function_exists('_filter_uri'))
{
function _filter_uri($str)
{
if ($str != '' && $this->config->item('permitted_uri_chars') != '' && $this->config->item('enable_query_strings') == FALSE)
{
// preg_quote() in PHP 5.3 escapes -, so the str_replace() and addition of - to preg_quote() is to maintain backwards
// compatibility as many are unaware of how characters in the permitted_uri_chars will be parsed as a regex pattern
if ( ! preg_match("/|^[".str_replace(array('\\-', '\-'), '-', preg_quote($this->config->item('permitted_uri_chars'), '-'))."]+$|i/u", $str))
{
show_error('The URI you submitted has disallowed characters.', 400);
}
}
// Convert programatic characters to entities
$bad = array('$', '(', ')', '%28', '%29');
$good = array('$', '(', ')', '(', ')');
return str_replace($bad, $good, $str);
}
}
}
∧ ∧ / ̄ ̄ ̄ ̄ ̄ ̄ ̄ ̄ ̄
| ̄ ̄( ゚Д゚) ̄ ̄| < もう寝る!
|\⌒⌒⌒⌒⌒⌒\ \
| \ \  ̄ ̄ ̄ ̄ ̄ ̄ ̄ ̄ ̄
\ |⌒⌒⌒⌒⌒⌒|
\ |_______|