diff options
| author | Thomas Steur <thomas.steur@gmail.com> | 2016-01-12 00:15:16 +0300 |
|---|---|---|
| committer | Thomas Steur <thomas.steur@gmail.com> | 2016-01-12 00:41:20 +0300 |
| commit | 0e65aee4cb1a5d2fdd46312b6a5da7d315b0399e (patch) | |
| tree | d22d8d9f2bca0316fa22d7daac5dadefb943416e /plugins/API/API.php | |
| parent | fa5dcaec1eccd9bc3a8f28879e416cafb687c662 (diff) | |
make sure > can be used in segments when using bulk requests
Diffstat (limited to 'plugins/API/API.php')
| -rw-r--r-- | plugins/API/API.php | 17 |
1 files changed, 16 insertions, 1 deletions
diff --git a/plugins/API/API.php b/plugins/API/API.php index 2f609b5e8b..bb287f9b7a 100644 --- a/plugins/API/API.php +++ b/plugins/API/API.php @@ -11,6 +11,7 @@ namespace Piwik\Plugins\API; use Piwik\API\Proxy; use Piwik\API\Request; use Piwik\Columns\Dimension; +use Piwik\Common; use Piwik\Config; use Piwik\Container\StaticContainer; use Piwik\DataTable; @@ -484,7 +485,21 @@ class API extends \Piwik\Plugin\API $result = array(); foreach ($urls as $url) { - $req = new Request($url . '&format=php&serialize=0'); + $params = Request::getRequestArrayFromString($url . '&format=php&serialize=0'); + + if (isset($params['urls']) && $params['urls'] == $urls) { + // by default 'urls' is added to $params as Request::getRequestArrayFromString adds all $_GET/$_POST + // default parameters + unset($params['urls']); + } + + if (!empty($params['segment']) && strpos($url, 'segment=') > -1) { + // only unsanitize input when segment is actually present in URL, not when it was used from + // $defaultRequest in Request::getRequestArrayFromString from $_GET/$_POST + $params['segment'] = urlencode(Common::unsanitizeInputValue($params['segment'])); + } + + $req = new Request($params); $result[] = $req->process(); } return $result; |