diff options
author | Robin Sowell <robin.sowell@ellislab.com> | 2010-03-18 14:44:55 +0100 |
---|---|---|
committer | Robin Sowell <robin.sowell@ellislab.com> | 2010-03-18 14:44:55 +0100 |
commit | 66a3fc0a7dc6ae84da4a1e852e4458fda7714567 (patch) | |
tree | b3af2e9f7e8f830b2f00029aae9c648c64f388d0 /system/libraries/Xmlrpc.php | |
parent | 4e8d66aeea7f03b75df5a387a54fce1889834ded (diff) |
Added a $xss_clean class variable to the XMLRPC library, enabling control over the use of the Security library's xss_clean() method.
Diffstat (limited to 'system/libraries/Xmlrpc.php')
-rw-r--r-- | system/libraries/Xmlrpc.php | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/system/libraries/Xmlrpc.php b/system/libraries/Xmlrpc.php index c46d52cdb..2e0df5c9b 100644 --- a/system/libraries/Xmlrpc.php +++ b/system/libraries/Xmlrpc.php @@ -63,6 +63,7 @@ class CI_Xmlrpc { var $result; var $response = array(); // Response from remote server + var $xss_clean = TRUE; //------------------------------------- // VALUES THAT MULTIPLE CLASSES NEED @@ -513,7 +514,7 @@ class XML_RPC_Response } else { - $array[$key] = $CI->security->xss_clean($array[$key]); + $array[$key] = ($this->xss_clean) ? $CI->security->xss_clean($array[$key]) : $array[$key]; } } @@ -529,7 +530,7 @@ class XML_RPC_Response } else { - $result = $CI->security->xss_clean($result); + $result = ($this->xss_clean) ? $CI->security->xss_clean($result) : $result; } } @@ -1129,7 +1130,7 @@ class XML_RPC_Message extends CI_Xmlrpc { // 'bits' is for the MetaWeblog API image bits // @todo - this needs to be made more general purpose - $array[$key] = ($key == 'bits') ? $array[$key] : $CI->security->xss_clean($array[$key]); + $array[$key] = ($key == 'bits' OR $this->xss_clean == FALSE) ? $array[$key] : $CI->security->xss_clean($array[$key]); } } @@ -1149,7 +1150,7 @@ class XML_RPC_Message extends CI_Xmlrpc } else { - $parameters[] = $CI->security->xss_clean($a_param); + $parameters[] = ($this->xss_clean) ? $CI->security->xss_clean($a_param) : $a_param; } } } |