summaryrefslogtreecommitdiffstats
path: root/system/core
diff options
context:
space:
mode:
authorAndrey Andreev <narf@bofh.bg>2013-01-29 14:38:33 +0100
committerAndrey Andreev <narf@bofh.bg>2013-01-29 14:38:33 +0100
commit7e5597782a589e4171ca08abdd9ce1a185542ff4 (patch)
treede46d9995631d11c83197a266c46116e6e1343c4 /system/core
parentd911fccb3198ffb0629d9956115ae08244ce3e66 (diff)
Replace CI_Upload::clean_file_name() usage with CI_Security::sanitize_filename()
Also applied @xeptor's fix (a big thanks) to the sanitize_filename() method and added a changelog entry for it - fixes issue #73.
Diffstat (limited to 'system/core')
-rw-r--r--system/core/Security.php10
1 files changed, 9 insertions, 1 deletions
diff --git a/system/core/Security.php b/system/core/Security.php
index a6cd14a5f..7aae54efc 100644
--- a/system/core/Security.php
+++ b/system/core/Security.php
@@ -576,7 +576,15 @@ class CI_Security {
}
$str = remove_invisible_characters($str, FALSE);
- return stripslashes(str_replace($bad, '', $str));
+
+ do
+ {
+ $old = $str;
+ $str = str_replace($bad, '', $str);
+ }
+ while ($old !== $str);
+
+ return stripslashes($str);
}
// ----------------------------------------------------------------