diff options
| -rw-r--r-- | app/Controllers/authController.php | 4 | ||||
| -rw-r--r-- | app/Controllers/configureController.php | 2 | ||||
| -rw-r--r-- | lib/Minz/Request.php | 24 |
3 files changed, 15 insertions, 15 deletions
diff --git a/app/Controllers/authController.php b/app/Controllers/authController.php index e97f09bc2..ed021505d 100644 --- a/app/Controllers/authController.php +++ b/app/Controllers/authController.php @@ -187,8 +187,8 @@ class FreshRSS_auth_Controller extends FreshRSS_ActionController { Minz_Request::forward(['c' => 'auth', 'a' => 'login'], false); } } elseif (FreshRSS_Context::systemConf()->unsafe_autologin_enabled) { - $username = Minz_Request::paramString('u', specialchars: true); - $password = Minz_Request::paramString('p', specialchars: true); + $username = Minz_Request::paramString('u', plaintext: true); + $password = Minz_Request::paramString('p', plaintext: true); Minz_Request::_param('p'); if ($username === '') { diff --git a/app/Controllers/configureController.php b/app/Controllers/configureController.php index 612129b8a..cc31430b0 100644 --- a/app/Controllers/configureController.php +++ b/app/Controllers/configureController.php @@ -202,7 +202,7 @@ class FreshRSS_configure_Controller extends FreshRSS_ActionController { $this->view->list_keys = SHORTCUT_KEYS; if (Minz_Request::isPost()) { - $shortcuts = Minz_Request::paramArray('shortcuts', specialchars: true); + $shortcuts = Minz_Request::paramArray('shortcuts', plaintext: true); if (Minz_Request::paramBoolean('load_default_shortcuts')) { $default = Minz_Configuration::load(FRESHRSS_PATH . '/config-user.default.php'); $shortcuts = $default['shortcuts']; diff --git a/lib/Minz/Request.php b/lib/Minz/Request.php index 542741d4a..13a4f6841 100644 --- a/lib/Minz/Request.php +++ b/lib/Minz/Request.php @@ -62,26 +62,26 @@ class Minz_Request { } /** - * @param bool $specialchars `true` to return special characters, `false` (default) to XML-encode them + * @param bool $plaintext `true` to return special characters without any escaping (unsafe), `false` (default) to XML-encode them * @return array<string|int,string|array<string,string|int|bool>> */ - public static function paramArray(string $key, bool $specialchars = false): array { + public static function paramArray(string $key, bool $plaintext = false): array { if (empty(self::$params[$key]) || !is_array(self::$params[$key])) { return []; } - return $specialchars ? self::$params[$key] : Minz_Helper::htmlspecialchars_utf8(self::$params[$key]); + return $plaintext ? self::$params[$key] : Minz_Helper::htmlspecialchars_utf8(self::$params[$key]); } /** - * @param bool $specialchars `true` to return special characters, `false` (default) to XML-encode them + * @param bool $plaintext `true` to return special characters without any escaping (unsafe), `false` (default) to XML-encode them * @return array<string> */ - public static function paramArrayString(string $key, bool $specialchars = false): array { + public static function paramArrayString(string $key, bool $plaintext = false): array { if (empty(self::$params[$key]) || !is_array(self::$params[$key])) { return []; } $result = array_filter(self::$params[$key], 'is_string'); - return $specialchars ? $result : Minz_Helper::htmlspecialchars_utf8($result); + return $plaintext ? $result : Minz_Helper::htmlspecialchars_utf8($result); } public static function paramTernary(string $key): ?bool { @@ -113,14 +113,14 @@ class Minz_Request { } /** - * @param bool $specialchars `true` to return special characters, `false` (default) to XML-encode them + * @param bool $plaintext `true` to return special characters without any escaping (unsafe), `false` (default) to XML-encode them */ - public static function paramStringNull(string $key, bool $specialchars = false): ?string { + public static function paramStringNull(string $key, bool $plaintext = false): ?string { if (isset(self::$params[$key])) { $s = self::$params[$key]; if (is_string($s)) { $s = trim($s); - return $specialchars ? $s : htmlspecialchars($s, ENT_COMPAT, 'UTF-8'); + return $plaintext ? $s : htmlspecialchars($s, ENT_COMPAT, 'UTF-8'); } if (is_int($s) || is_bool($s)) { return (string)$s; @@ -130,10 +130,10 @@ class Minz_Request { } /** - * @param bool $specialchars `true` to return special characters, `false` (default) to XML-encode them + * @param bool $plaintext `true` to return special characters without any escaping (unsafe), `false` (default) to XML-encode them */ - public static function paramString(string $key, bool $specialchars = false): string { - return self::paramStringNull($key, $specialchars) ?? ''; + public static function paramString(string $key, bool $plaintext = false): string { + return self::paramStringNull($key, $plaintext) ?? ''; } /** |