diff options
author | Derek Jones <derek.jones@ellislab.com> | 2009-07-10 21:05:08 +0200 |
---|---|---|
committer | Derek Jones <derek.jones@ellislab.com> | 2009-07-10 21:05:08 +0200 |
commit | 8c5299640fed112bb86e7a3930432bd084e86dad (patch) | |
tree | ddc81bcbec98d5b4ff2b6a41a8be14d700cfd994 /system/helpers/form_helper.php | |
parent | c8dddd97b96f74ebf080fedde5a2630019783c78 (diff) |
removed entity protection from form_prep() so as to preserve the user's input when called back into a form element
Diffstat (limited to 'system/helpers/form_helper.php')
-rw-r--r-- | system/helpers/form_helper.php | 11 |
1 files changed, 0 insertions, 11 deletions
diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index bdc87b86f..987ff18e2 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -610,22 +610,11 @@ if ( ! function_exists('form_prep')) return ''; } - $temp = '__TEMP_AMPERSANDS__'; - - // Replace entities to temporary markers so that - // htmlspecialchars won't mess them up - $str = preg_replace("/&#(\d+);/", "$temp\\1;", $str); - $str = preg_replace("/&(\w+);/", "$temp\\1;", $str); - $str = htmlspecialchars($str); // In case htmlspecialchars misses these. $str = str_replace(array("'", '"'), array("'", """), $str); - // Decode the temp markers back to entities - $str = preg_replace("/$temp(\d+);/","&#\\1;",$str); - $str = preg_replace("/$temp(\w+);/","&\\1;",$str); - return $str; } } |