Bug in pagination.php Breaks Paging if a request has GET parameters

0

There is a bug in pagination.php that causes pagination to be broken if there are additional GET parameters in a URL. The bug is online 13:

    $request_uri .= esc_url($key) . '=' . esc_url($val) . '&';

The esc_url adds http:// to every key and value effectively making the url on each of the paging links worthless. For now, I've removed the esc_url function calls to enable our site to work correctly as I'm not sure which function is best suited to sanitize these values.

Anyway we could get a fix for this in the next release?

asked Aug 7 '11 at 2:50

sclough

1

add comment
enter at least 15 characters
most votes oldest newest

5 Answers

0

@Sc0tt: I think you want to use urlencode() here, and then esc_url($request_uri).

answered Aug 8 '11 at 2:19

chris.pilko

889

add comment
enter at least 15 characters
0

@sclough,

Does the following code fix the bug?

$request_uri .= $key . '=' . urlencode($val) . '&';

answered Aug 8 '11 at 12:10

Masino Sinaga

41

add comment
enter at least 15 characters
0

Reverting to the old code should fix this:

$request_uri .= "$key=$val&";

See the diff.

answered Aug 8 '11 at 1:25

chris.pilko

889

add comment
enter at least 15 characters
0

I have essentially reverted to the old code. Can that change be made permanent to fix the bug in future Pods releases? If there needs to be an escape here I'm pretty sure urlencode is what the author of the change intended.

answered Aug 9 '11 at 2:04

sclough

1

add comment
enter at least 15 characters
0

Fixed in 1.10.5, sorry guys - I was switching to using WP escape functions and I assumed esc_url handled non-urls too.

answered Aug 9 '11 at 2:33

sc0ttkclark

2936

add comment
enter at least 15 characters