summaryrefslogtreecommitdiffstats
path: root/system/libraries/Input.php
diff options
context:
space:
mode:
authorRick Ellis <rick.ellis@ellislab.com>2007-06-09 02:16:13 +0200
committerRick Ellis <rick.ellis@ellislab.com>2007-06-09 02:16:13 +0200
commitbb2041dc4e5a121de9321fbf87846b7358d59d39 (patch)
tree683ccdbb1911937902435f52ae43d15c695e18b4 /system/libraries/Input.php
parentd885680948438cf59ad3d67820fb3ac2c6f7a8c6 (diff)
Diffstat (limited to 'system/libraries/Input.php')
-rw-r--r--system/libraries/Input.php17
1 files changed, 10 insertions, 7 deletions
diff --git a/system/libraries/Input.php b/system/libraries/Input.php
index 63a6833d6..f113cff71 100644
--- a/system/libraries/Input.php
+++ b/system/libraries/Input.php
@@ -68,7 +68,8 @@ class CI_Input {
*/
function _sanitize_globals()
{
- // Unset globals. This is effectively the same as register_globals = off
+ // Unset globals for securiy.
+ // This is effectively the same as register_globals = off
foreach (array($_GET, $_POST, $_COOKIE) as $global)
{
if ( ! is_array($global))
@@ -147,6 +148,13 @@ class CI_Input {
return $new_array;
}
+ // We strip slashes if magic quotes is on to keep things consistent
+ if (get_magic_quotes_gpc())
+ {
+ $str = stripslashes($str);
+ }
+
+ // Should we filter the input data?
if ($this->use_xss_clean === TRUE)
{
$str = $this->xss_clean($str);
@@ -175,12 +183,7 @@ class CI_Input {
{
exit('Disallowed Key Characters.');
}
-
- if ( ! get_magic_quotes_gpc())
- {
- return addslashes($str);
- }
-
+
return $str;
}