| Line 246... |
Line 246... |
| 246 |
if ($params) |
246 |
if ($params) |
| 247 |
{ |
247 |
{ |
| 248 |
$arr = $_GET + $_POST; |
248 |
$arr = $_GET + $_POST; |
| 249 |
# XXX: the point of HTTP POST is that URIs have a set size limit, so POST |
249 |
# XXX: the point of HTTP POST is that URIs have a set size limit, so POST |
| 250 |
# data is typically too large to bother with; why include it? |
250 |
# data is typically too large to bother with; why include it? |
| 251 |
$url .= '?'.http_build_query($arr); |
251 |
$url .= '?'.htmlentities(http_build_query($arr)); |
| 252 |
} |
252 |
} |
| 253 |
|
253 |
|
| 254 |
return $url; |
254 |
return $url; |
| 255 |
} |
255 |
} |
| 256 |
|
256 |
|