Handle "com_" component name as empty

A component named "com_" (and nothing else after) is an invalid name.
hubzero · Jul 15, 2021 · 256a395 · 256a395
1 parent a2727a9
commit 256a395
Showing 1 changed file with 13 additions and 3 deletions.
diff --git a/core/libraries/Hubzero/Component/Loader.php b/core/libraries/Hubzero/Component/Loader.php
@@ -129,11 +129,21 @@ public function canonical($option)
 		}
 		// do not allow dots in component name to avoid directory traversal issues
 		$option = preg_replace('/[^A-Z0-9_-]/i', '', $option);
-		// prepend com_ to the name if it doesn't start with com_
 		// if option became empty due to the filtering, return an empty string
-		if ((strlen($option) > 0) && (substr($option, 0, strlen('com_')) != 'com_'))
+		if (strlen($option) > 0) 
 		{
-			$option = 'com_' . $option;
+			if (substr($option, 0, strlen('com_')) == 'com_')
+			{
+				// if option is just the prefix, make it empty because it's invalid
+				if ($option == 'com_')
+				{
+					$option = '';
+				}
+				// else it's presumably a good name and return that
+			} else {
+				// prepend com_ to the name if it doesn't start with com_
+				$option = 'com_' . $option;
+			}
 		}
 		return $option;
 	}