summaryrefslogtreecommitdiffstats
path: root/system/libraries
diff options
context:
space:
mode:
authorGreg Aker <greg.aker@ellislab.com>2010-04-15 02:06:19 +0200
committerGreg Aker <greg.aker@ellislab.com>2010-04-15 02:06:19 +0200
commit757dda61aa0556aca8172dc2a8175596afe28ce2 (patch)
tree825d49d42328cdcf46642c1df71233d6879975c1 /system/libraries
parentb4ae79daccd0823fd86bda446046c933164ffb01 (diff)
Fixing a bug where odbc/mssql/oci8 db drivers would encounter a PHP error due to a function being moved from the input to security class.
Moving remove_invisible_characters() to Common.php so the entire class does not need to be instantiated in those database drivers.
Diffstat (limited to 'system/libraries')
-rw-r--r--system/libraries/Security.php42
1 files changed, 2 insertions, 40 deletions
diff --git a/system/libraries/Security.php b/system/libraries/Security.php
index 60adf0a27..cdae50168 100644
--- a/system/libraries/Security.php
+++ b/system/libraries/Security.php
@@ -198,7 +198,7 @@ class CI_Security {
/*
* Remove Invisible Characters
*/
- $str = $this->_remove_invisible_characters($str);
+ $str = remove_invisible_characters($str);
/*
* Protect GET variables in URLs
@@ -258,7 +258,7 @@ class CI_Security {
/*
* Remove Invisible Characters Again!
*/
- $str = $this->_remove_invisible_characters($str);
+ $str = remove_invisible_characters($str);
/*
* Convert all tabs to spaces
@@ -481,44 +481,6 @@ class CI_Security {
// --------------------------------------------------------------------
/**
- * Remove Invisible Characters
- *
- * This prevents sandwiching null characters
- * between ascii characters, like Java\0script.
- *
- * @access public
- * @param string
- * @return string
- */
- function _remove_invisible_characters($str)
- {
- static $non_displayables;
-
- if ( ! isset($non_displayables))
- {
- // every control character except newline (dec 10), carriage return (dec 13), and horizontal tab (dec 09),
- $non_displayables = array(
- '/%0[0-8bcef]/', // url encoded 00-08, 11, 12, 14, 15
- '/%1[0-9a-f]/', // url encoded 16-31
- '/[\x00-\x08]/', // 00-08
- '/\x0b/', '/\x0c/', // 11, 12
- '/[\x0e-\x1f]/' // 14-31
- );
- }
-
- do
- {
- $cleaned = $str;
- $str = preg_replace($non_displayables, '', $str);
- }
- while ($cleaned != $str);
-
- return $str;
- }
-
- // --------------------------------------------------------------------
-
- /**
* Compact Exploded Words
*
* Callback function for xss_clean() to remove whitespace from