summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDerek Jones <derek.jones@ellislab.com>2010-04-23 18:22:40 +0200
committerDerek Jones <derek.jones@ellislab.com>2010-04-23 18:22:40 +0200
commit5640a7158559f4521911444b50798a6a9536f38b (patch)
treedd25f6ed7be7afa635c067f4b2feda59c37f990d
parent68c685ec6ed077e0ba4e5628963ef3183bb0a4fa (diff)
ensured the security lib was loaded in a few calls to xss_clean() in other libraries. Fixes #35
-rw-r--r--system/libraries/Form_validation.php7
-rw-r--r--system/libraries/Upload.php7
-rw-r--r--system/libraries/Xmlrpc.php10
3 files changed, 22 insertions, 2 deletions
diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php
index bb70f0f7f..73cb6b853 100644
--- a/system/libraries/Form_validation.php
+++ b/system/libraries/Form_validation.php
@@ -1254,7 +1254,12 @@ class CI_Form_validation {
*/
function xss_clean($str)
{
- return $this->CI->input->xss_clean($str);
+ if ( ! is_object($this->CI->security))
+ {
+ $this->CI->load('security');
+ }
+
+ return $this->CI->security->xss_clean($str);
}
// --------------------------------------------------------------------
diff --git a/system/libraries/Upload.php b/system/libraries/Upload.php
index 3227c3747..d7cf236f8 100644
--- a/system/libraries/Upload.php
+++ b/system/libraries/Upload.php
@@ -854,7 +854,12 @@ class CI_Upload {
}
$CI =& get_instance();
-
+
+ if ( ! is_object($CI->security))
+ {
+ $CI->load('security');
+ }
+
return $CI->security->xss_clean($data, TRUE);
}
diff --git a/system/libraries/Xmlrpc.php b/system/libraries/Xmlrpc.php
index e2b149b73..ee65398ec 100644
--- a/system/libraries/Xmlrpc.php
+++ b/system/libraries/Xmlrpc.php
@@ -505,6 +505,11 @@ class XML_RPC_Response
{
$CI =& get_instance();
+ if ($this->xss_clean && ! is_object($CI->security))
+ {
+ $CI->load('security');
+ }
+
if ($array !== FALSE && is_array($array))
{
while (list($key) = each($array))
@@ -1119,6 +1124,11 @@ class XML_RPC_Message extends CI_Xmlrpc
{
$CI =& get_instance();
+ if ($this->xss_clean && ! is_object($CI->security))
+ {
+ $CI->load('security');
+ }
+
if ($array !== FALSE && is_array($array))
{
while (list($key) = each($array))