summaryrefslogtreecommitdiffstats
path: root/system/core/Input.php
diff options
context:
space:
mode:
authorPascal Kriete <pascal.kriete@ellislab.com>2011-04-05 20:55:56 +0200
committerPascal Kriete <pascal.kriete@ellislab.com>2011-04-05 20:55:56 +0200
commit14a0ac63a9dfb72e4681c37f7727cd48882152bd (patch)
treeaa7062f10e105984eb9df84e5b98bb1371bbf564 /system/core/Input.php
parent0ff50269e6bac31870a4d69bf4bc0bb895999f1f (diff)
Moving security to core.
Diffstat (limited to 'system/core/Input.php')
-rw-r--r--system/core/Input.php16
1 files changed, 7 insertions, 9 deletions
diff --git a/system/core/Input.php b/system/core/Input.php
index 18131350f..dc7612e64 100644
--- a/system/core/Input.php
+++ b/system/core/Input.php
@@ -53,11 +53,8 @@ class CI_Input {
$this->_enable_xss = (config_item('global_xss_filtering') === TRUE);
$this->_enable_csrf = (config_item('csrf_protection') === TRUE);
- // Do we need to load the security class?
- if ($this->_enable_xss == TRUE OR $this->_enable_csrf == TRUE)
- {
- $this->security =& load_class('Security');
- }
+ global $SEC;
+ $this->security =& $SEC;
// Do we need the UTF-8 class?
if (UTF8_ENABLED === TRUE)
@@ -92,8 +89,7 @@ class CI_Input {
if ($xss_clean === TRUE)
{
- $_security =& load_class('Security');
- return $_security->xss_clean($array[$index]);
+ return $this->security->xss_clean($array[$index]);
}
return $array[$index];
@@ -527,6 +523,9 @@ class CI_Input {
{
$str = $this->uni->clean_string($str);
}
+
+ // Remove control characters
+ $str = remove_invisible_characters($str);
// Should we filter the input data?
if ($this->_enable_xss === TRUE)
@@ -642,8 +641,7 @@ class CI_Input {
if ($xss_clean === TRUE)
{
- $_security =& load_class('Security');
- return $_security->xss_clean($this->headers[$index]);
+ return $this->security->xss_clean($this->headers[$index]);
}
return $this->headers[$index];