diff options
author | Pascal Kriete <pascal.kriete@ellislab.com> | 2011-04-05 20:55:56 +0200 |
---|---|---|
committer | Pascal Kriete <pascal.kriete@ellislab.com> | 2011-04-05 20:55:56 +0200 |
commit | 14a0ac63a9dfb72e4681c37f7727cd48882152bd (patch) | |
tree | aa7062f10e105984eb9df84e5b98bb1371bbf564 /system/core/Input.php | |
parent | 0ff50269e6bac31870a4d69bf4bc0bb895999f1f (diff) |
Moving security to core.
Diffstat (limited to 'system/core/Input.php')
-rw-r--r-- | system/core/Input.php | 16 |
1 files changed, 7 insertions, 9 deletions
diff --git a/system/core/Input.php b/system/core/Input.php index 18131350f..dc7612e64 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -53,11 +53,8 @@ class CI_Input { $this->_enable_xss = (config_item('global_xss_filtering') === TRUE); $this->_enable_csrf = (config_item('csrf_protection') === TRUE); - // Do we need to load the security class? - if ($this->_enable_xss == TRUE OR $this->_enable_csrf == TRUE) - { - $this->security =& load_class('Security'); - } + global $SEC; + $this->security =& $SEC; // Do we need the UTF-8 class? if (UTF8_ENABLED === TRUE) @@ -92,8 +89,7 @@ class CI_Input { if ($xss_clean === TRUE) { - $_security =& load_class('Security'); - return $_security->xss_clean($array[$index]); + return $this->security->xss_clean($array[$index]); } return $array[$index]; @@ -527,6 +523,9 @@ class CI_Input { { $str = $this->uni->clean_string($str); } + + // Remove control characters + $str = remove_invisible_characters($str); // Should we filter the input data? if ($this->_enable_xss === TRUE) @@ -642,8 +641,7 @@ class CI_Input { if ($xss_clean === TRUE) { - $_security =& load_class('Security'); - return $_security->xss_clean($this->headers[$index]); + return $this->security->xss_clean($this->headers[$index]); } return $this->headers[$index]; |