diff options
| -rw-r--r-- | system/libraries/Input.php | 2 | ||||
| -rw-r--r-- | user_guide/changelog.html | 1 |
2 files changed, 2 insertions, 1 deletions
diff --git a/system/libraries/Input.php b/system/libraries/Input.php index e7bf72779..98f28262f 100644 --- a/system/libraries/Input.php +++ b/system/libraries/Input.php @@ -554,7 +554,7 @@ class CI_Input { // 901119URL5918AMP18930PROTECT8198 - $str = preg_replace('|\&([a-z\_0-9]+)\=([a-z\_0-9]+)|i', $this->xss_hash()."\\1=\\2", $str); + $str = preg_replace('|\&([a-z\_0-9\-]+)\=([a-z\_0-9\-]+)|i', $this->xss_hash()."\\1=\\2", $str); /* * Validate standard character entities diff --git a/user_guide/changelog.html b/user_guide/changelog.html index 89d779ebf..c8f16fac9 100644 --- a/user_guide/changelog.html +++ b/user_guide/changelog.html @@ -83,6 +83,7 @@ SVN Revision: </p> <li>Fixed a bug in the Form Validation library where fields passed as rule parameters were not being translated (#9132)</li> <li>Switched some DIR_WRITE_MODE constant uses to FILE_WRITE_MODE where files and not directories are being operated on.</li> <li>Modified inflector helper to properly pluralize words that end in 'ch' or 'sh'</li> + <li>Fixed a bug in xss_clean() that was not allowing hyphens in query strings of submitted URLs.</li> </ul> <h2>Version 1.7.2</h2> |