tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-10-22 12:05:37 +00:00
Code Issues Projects Releases Wiki Activity

raw2att accepts array, but sprintf doesn't

Browse Source 
it's not very likely to happen (it did in my case :-) ) but if the value is an array, sprintf will fail (because raw2att accepts array, but sprintf doesn't). i suggest to json encode any array data to ensure it's safely included in the html. Or we should throw proper exceptions to make sure invalid values do not result in a php error.
This commit is contained in:
Thomas Portelange 2018-09-27 12:12:59 +02:00 committed by GitHub
parent 89df5515ae
commit fdd5acff5d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/Forms/FormField.php
View File

@ -730,7 +730,11 @@ class FormField extends RequestHandler
if ($value === true) {
$parts[] = sprintf('%s="%s"', $name, $name);
} else {
$parts[] = sprintf('%s="%s"', $name, Convert::raw2att($value));
$strValue = Convert::raw2att($value);
if (!is_string($strValue)) {
$strValue = json_encode($strValue);
}
$parts[] = sprintf('%s="%s"', $name, $strValue);
}
}