diff options
author | Andrey Andreev <narf@bofh.bg> | 2012-10-27 02:02:38 +0200 |
---|---|---|
committer | Andrey Andreev <narf@bofh.bg> | 2012-10-27 02:02:38 +0200 |
commit | ca20d8445312e49e1e974c5ed8cf04400929e615 (patch) | |
tree | 0888d05fbe3546ca059d9ecf4e5b2d5931068227 | |
parent | b8f9a15a156a74f788c04b463304cf310ce8ba80 (diff) |
Fix #50
-rwxr-xr-x | system/libraries/Session/drivers/Session_cookie.php | 5 | ||||
-rw-r--r-- | user_guide_src/source/changelog.rst | 1 |
2 files changed, 2 insertions, 4 deletions
diff --git a/system/libraries/Session/drivers/Session_cookie.php b/system/libraries/Session/drivers/Session_cookie.php index 8617aec2d..2f1bf3531 100755 --- a/system/libraries/Session/drivers/Session_cookie.php +++ b/system/libraries/Session/drivers/Session_cookie.php @@ -223,9 +223,6 @@ class CI_Session_cookie extends CI_Session_driver { show_error('In order to use the Cookie Session driver you are required to set an encryption key in your config file.'); } - // Load the string helper so we can use the strip_slashes() function - $this->CI->load->helper('string'); - // Do we need encryption? If so, load the encryption class if ($this->sess_encrypt_cookie === TRUE) { @@ -755,7 +752,7 @@ class CI_Session_cookie extends CI_Session_driver { */ protected function _unserialize($data) { - $data = @unserialize(strip_slashes(trim($data))); + $data = @unserialize(trim($data)); if (is_array($data)) { diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index 5b24dc276..59a3a1ff3 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -391,6 +391,7 @@ Bug fixes for 3.0 - Fixed a bug (#1624) - :doc:`Form Validation Library <libraries/form_validation>` rule **matches** didn't property handle array field names. - Fixed a bug (#1630) - :doc:`Form Helper <helpers/form_helper>` function ``set_value()`` didn't escape HTML entities. - Fixed a bug (#142) - :doc:`Form Helper <helpers/form_helper>` function ``form_dropdown()`` didn't escape HTML entities in option values. +- Fixed a bug (#50) - :doc:`Session Library <libraries/sessions>` unnecessarily stripped slashed from serialized data, making it impossible to read objects in a namespace. Version 2.1.3 ============= |