David A. Windham
david
/
laravel
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Merge pull request #1806 from Gargron/patch-1

Fix for double escaping of queries in the profiler
Taylor Otwell 12 years ago
parent
60ad02ad01 944d98d16e
commit
7244405868
1 changed files with 2 additions and 2 deletions
Unified View Show Diff Stats
  1. 2 2
      laravel/profiling/profiler.php

+ 2 - 2
laravel/profiling/profiler.php
View File 

@@ -146,9 +146,9 @@ class Profiler {
 
 		foreach ($bindings as $binding)
 
 		foreach ($bindings as $binding)
 
 		{
 
 		{
 
 			$binding = Database::escape($binding);
 
 			$binding = Database::escape($binding);
 
-
 
+			
 			$sql = preg_replace('/\?/', $binding, $sql, 1);
 
 			$sql = preg_replace('/\?/', $binding, $sql, 1);
 
-			$sql = htmlspecialchars($sql);
 
+			$sql = htmlspecialchars($sql, ENT_QUOTES, 'UTF-8', false);
 
 		}
 
 		}
 
 
 
 		static::$data['queries'][] = array($sql, $time);
 
 		static::$data['queries'][] = array($sql, $time);