diff options
author | Derek Jones <derek.jones@ellislab.com> | 2010-04-23 18:22:40 +0200 |
---|---|---|
committer | Derek Jones <derek.jones@ellislab.com> | 2010-04-23 18:22:40 +0200 |
commit | 5640a7158559f4521911444b50798a6a9536f38b (patch) | |
tree | dd25f6ed7be7afa635c067f4b2feda59c37f990d /system/libraries | |
parent | 68c685ec6ed077e0ba4e5628963ef3183bb0a4fa (diff) |
ensured the security lib was loaded in a few calls to xss_clean() in other libraries. Fixes #35
Diffstat (limited to 'system/libraries')
-rw-r--r-- | system/libraries/Form_validation.php | 7 | ||||
-rw-r--r-- | system/libraries/Upload.php | 7 | ||||
-rw-r--r-- | system/libraries/Xmlrpc.php | 10 |
3 files changed, 22 insertions, 2 deletions
diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php index bb70f0f7f..73cb6b853 100644 --- a/system/libraries/Form_validation.php +++ b/system/libraries/Form_validation.php @@ -1254,7 +1254,12 @@ class CI_Form_validation { */ function xss_clean($str) { - return $this->CI->input->xss_clean($str); + if ( ! is_object($this->CI->security)) + { + $this->CI->load('security'); + } + + return $this->CI->security->xss_clean($str); } // -------------------------------------------------------------------- diff --git a/system/libraries/Upload.php b/system/libraries/Upload.php index 3227c3747..d7cf236f8 100644 --- a/system/libraries/Upload.php +++ b/system/libraries/Upload.php @@ -854,7 +854,12 @@ class CI_Upload { } $CI =& get_instance(); - + + if ( ! is_object($CI->security)) + { + $CI->load('security'); + } + return $CI->security->xss_clean($data, TRUE); } diff --git a/system/libraries/Xmlrpc.php b/system/libraries/Xmlrpc.php index e2b149b73..ee65398ec 100644 --- a/system/libraries/Xmlrpc.php +++ b/system/libraries/Xmlrpc.php @@ -505,6 +505,11 @@ class XML_RPC_Response { $CI =& get_instance(); + if ($this->xss_clean && ! is_object($CI->security)) + { + $CI->load('security'); + } + if ($array !== FALSE && is_array($array)) { while (list($key) = each($array)) @@ -1119,6 +1124,11 @@ class XML_RPC_Message extends CI_Xmlrpc { $CI =& get_instance(); + if ($this->xss_clean && ! is_object($CI->security)) + { + $CI->load('security'); + } + if ($array !== FALSE && is_array($array)) { while (list($key) = each($array)) |