summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAndrey Andreev <narf@bofh.bg>2012-10-27 02:02:38 +0200
committerAndrey Andreev <narf@bofh.bg>2012-10-27 02:02:38 +0200
commitca20d8445312e49e1e974c5ed8cf04400929e615 (patch)
tree0888d05fbe3546ca059d9ecf4e5b2d5931068227
parentb8f9a15a156a74f788c04b463304cf310ce8ba80 (diff)
Fix #50
-rwxr-xr-xsystem/libraries/Session/drivers/Session_cookie.php5
-rw-r--r--user_guide_src/source/changelog.rst1
2 files changed, 2 insertions, 4 deletions
diff --git a/system/libraries/Session/drivers/Session_cookie.php b/system/libraries/Session/drivers/Session_cookie.php
index 8617aec2d..2f1bf3531 100755
--- a/system/libraries/Session/drivers/Session_cookie.php
+++ b/system/libraries/Session/drivers/Session_cookie.php
@@ -223,9 +223,6 @@ class CI_Session_cookie extends CI_Session_driver {
show_error('In order to use the Cookie Session driver you are required to set an encryption key in your config file.');
}
- // Load the string helper so we can use the strip_slashes() function
- $this->CI->load->helper('string');
-
// Do we need encryption? If so, load the encryption class
if ($this->sess_encrypt_cookie === TRUE)
{
@@ -755,7 +752,7 @@ class CI_Session_cookie extends CI_Session_driver {
*/
protected function _unserialize($data)
{
- $data = @unserialize(strip_slashes(trim($data)));
+ $data = @unserialize(trim($data));
if (is_array($data))
{
diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst
index 5b24dc276..59a3a1ff3 100644
--- a/user_guide_src/source/changelog.rst
+++ b/user_guide_src/source/changelog.rst
@@ -391,6 +391,7 @@ Bug fixes for 3.0
- Fixed a bug (#1624) - :doc:`Form Validation Library <libraries/form_validation>` rule **matches** didn't property handle array field names.
- Fixed a bug (#1630) - :doc:`Form Helper <helpers/form_helper>` function ``set_value()`` didn't escape HTML entities.
- Fixed a bug (#142) - :doc:`Form Helper <helpers/form_helper>` function ``form_dropdown()`` didn't escape HTML entities in option values.
+- Fixed a bug (#50) - :doc:`Session Library <libraries/sessions>` unnecessarily stripped slashed from serialized data, making it impossible to read objects in a namespace.
Version 2.1.3
=============