Remove 'allow_get_array', 'standardize_newlines' config settings

5 files changed, 8 insertions, 56 deletions

diff --git a/application/config/config.php b/application/config/config.php
index c088e80c0..535f0f817 100644
--- a/application/config/config.php
+++ b/application/config/config.php
@@ -193,20 +193,6 @@ $config['directory_trigger'] = 'd';
 
 /*
 |--------------------------------------------------------------------------
-| Allow $_GET array
-|--------------------------------------------------------------------------
-|
-| By default CodeIgniter enables access to the $_GET array.  If for some
-| reason you would like to disable it, set 'allow_get_array' to FALSE.
-|
-| WARNING: This feature is DEPRECATED and currently available only
-|          for backwards compatibility purposes!
-|
-*/
-$config['allow_get_array'] = TRUE;
-
-/*
-|--------------------------------------------------------------------------
 | Error Logging Threshold
 |--------------------------------------------------------------------------
 |
@@ -412,20 +398,6 @@ $config['cookie_httponly'] 	= FALSE;
 
 /*
 |--------------------------------------------------------------------------
-| Standardize newlines
-|--------------------------------------------------------------------------
-|
-| Determines whether to standardize newline characters in input data,
-| meaning to replace \r\n, \r, \n occurrences with the PHP_EOL value.
-|
-| WARNING: This feature is DEPRECATED and currently available only
-|          for backwards compatibility purposes!
-|
-*/
-$config['standardize_newlines'] = FALSE;
-
-/*
-|--------------------------------------------------------------------------
 | Global XSS Filtering
 |--------------------------------------------------------------------------
 |
diff --git a/system/core/Input.php b/system/core/Input.php
index ec57cd448..a6be7b517 100644
--- a/system/core/Input.php
+++ b/system/core/Input.php
@@ -58,15 +58,6 @@ class CI_Input {
 	protected $ip_address = FALSE;
 
 	/**
-	 * Allow GET array flag
-	 *
-	 * If set to FALSE, then $_GET will be set to an empty array.
-	 *
-	 * @var	bool
-	 */
-	protected $_allow_get_array = TRUE;
-
-	/**
 	 * Enable XSS flag
 	 *
 	 * Determines whether the XSS filter is always active when
@@ -128,7 +119,6 @@ class CI_Input {
 	 */
 	public function __construct()
 	{
-		$this->_allow_get_array		= (config_item('allow_get_array') === TRUE);
 		$this->_enable_xss		= (config_item('global_xss_filtering') === TRUE);
 		$this->_enable_csrf		= (config_item('csrf_protection') === TRUE);
 
@@ -149,13 +139,6 @@ class CI_Input {
 			$this->security->csrf_verify();
 		}
 
-		if ( ! empty($_POST) && config_item('standardize_newlines') === TRUE)
-		{
-			array_walk_recursive($_POST, function(&$value) {
-				$value = preg_replace('/(?:\r\n|[\r\n])/', PHP_EOL, $value);
-			});
-		}
-
 		log_message('info', 'Input Class Initialized');
 	}
 
@@ -598,11 +581,7 @@ class CI_Input {
 	protected function _sanitize_globals()
 	{
 		// Is $_GET data allowed? If not we'll set the $_GET to an empty array
-		if ($this->_allow_get_array === FALSE)
-		{
-			$_GET = array();
-		}
-		elseif (is_array($_GET))
+		if (is_array($_GET))
 		{
 			foreach ($_GET as $key => $val)
 			{
diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst
index 7e2d4a9ca..a0f91a148 100644
--- a/user_guide_src/source/changelog.rst
+++ b/user_guide_src/source/changelog.rst
@@ -10,6 +10,8 @@ Release Date: Not Released
 -  Core
 
    -  Changed :doc:`URI Library <libraries/uri>` to ignore the ``$config['url_suffix']``, ``$config['permitted_uri_chars']`` configuration settings for CLI requests.
+   -  Removed previously deprecated ``$config['allow_get_array']``.
+   -  Removed previously deprecated ``$config['standardize_newlines']``.
    -  Removed previously deprecated :doc:`Input Library <libraries/input>` method ``is_cli_request()`` (use :php:func:`is_cli()` instead).
    -  Removed previously deprecated :doc:`Routing Class <general/routing>` methods ``fetch_directory()``, ``fetch_class()`` and ``fetch_method()`` (use the respective class properties instead).
    -  Removed previously deprecated :doc:`Config Library <libraries/config>` method ``system_url()`` (encourages insecure practices).
diff --git a/user_guide_src/source/installation/upgrade_320.rst b/user_guide_src/source/installation/upgrade_320.rst
index b587470f2..6501f40db 100644
--- a/user_guide_src/source/installation/upgrade_320.rst
+++ b/user_guide_src/source/installation/upgrade_320.rst
@@ -128,8 +128,11 @@ HTML 5 formatting.
 Step 7: Remove usage of previously deprecated functionalities
 =============================================================
 
-The following is a list of functionalities deprecated in CodeIgniter
-version 3.0.x, that have been removed in 3.2.0:
+The following is a list of functionalities deprecated in previous
+CodeIgniter versions that have been removed in 3.2.0:
+
+- ``$config['allow_get_array']`` (use ``$_GET = array();`` instead)
+- ``$config['standardize_newlines']``
 
 - ``CI_Input::is_cli_request()`` (use :php:func:`is_cli()` instead)
 - ``CI_Router::fetch_directory()`` (use ``CI_Router::$directory`` instead)
diff --git a/user_guide_src/source/libraries/input.rst b/user_guide_src/source/libraries/input.rst
index 899070ef4..8b816a567 100644
--- a/user_guide_src/source/libraries/input.rst
+++ b/user_guide_src/source/libraries/input.rst
@@ -28,16 +28,12 @@ The security filtering method is called automatically when a new
 :doc:`controller <../general/controllers>` is invoked. It does the
 following:
 
--  If ``$config['allow_get_array']`` is FALSE (default is TRUE), destroys
-   the global GET array.
 -  Destroys all global variables in the event register_globals is
    turned on.
 -  Filters the GET/POST/COOKIE array keys, permitting only alpha-numeric
    (and a few other) characters.
 -  Provides XSS (Cross-site Scripting Hacks) filtering. This can be
    enabled globally, or upon request.
--  Standardizes newline characters to ``PHP_EOL`` (\\n in UNIX-based OSes,
-   \\r\\n under Windows). This is configurable.
 
 XSS Filtering
 =============