2 files changed, 33 insertions, 19 deletions

diff --git a/system/libraries/Input.php b/system/libraries/Input.php
index 5832d2d80..1c5682eb7 100644
--- a/system/libraries/Input.php
+++ b/system/libraries/Input.php
@@ -72,16 +72,15 @@ class CI_Input {
 		$protected = array('_SERVER', '_GET', '_POST', '_FILES', '_REQUEST', '_SESSION', '_ENV', 'GLOBALS', 'HTTP_RAW_POST_DATA',

 							'system_folder', 'application_folder', 'BM', 'EXT', 'CFG', 'URI', 'RTR', 'OUT', 'IN');

 		

-		// Unset globals for securiy. 

+		// Unset globals for security. 

 		// This is effectively the same as register_globals = off

-		foreach (array($_GET, $_POST, $_COOKIE) as $global)

+		foreach (array($_GET, $_POST, $_COOKIE, $_SERVER, $_FILES, $_ENV, (isset($_SESSION) && is_array($_SESSION)) ? $_SESSION : array()) as $global)

 		{

 			if ( ! is_array($global))

 			{

 				if ( ! in_array($global, $protected))

 				{

-					global $$global;

-					$$global = NULL;

+					unset($GLOBALS[$global]);

 				}

 			}

 			else

@@ -90,8 +89,18 @@ class CI_Input {
 				{

 					if ( ! in_array($key, $protected))

 					{

-						global $$key;

-						$$key = NULL;

+						unset($GLOBALS[$key]);

+					}

+					

+					if (is_array($val))

+					{

+						foreach($val as $k => $v)

+						{

+							if ( ! in_array($k, $protected))

+							{

+								unset($GLOBALS[$k]);

+							}

+						}

 					}

 				}	

 			}

diff --git a/user_guide/changelog.html b/user_guide/changelog.html
index 550138ff8..c9586353e 100644
--- a/user_guide/changelog.html
+++ b/user_guide/changelog.html
@@ -63,24 +63,29 @@ Change Log
 

 <ul>

 	<li>Active Record 

-	    <ul>

-	        <li>Added <a href="./database/active_record.html#caching">Active Record Caching</a>.</li>

-	        <li>Made Active Record fully database-prefix aware</li>

-	    </ul>

+		<ul>

+			<li>Added <a href="./database/active_record.html#caching">Active Record Caching</a>.</li>

+			<li>Made Active Record fully database-prefix aware</li>

+		</ul>

+	</li>

+	<li>Core Changes

+		<ul>

+			<li>Modified xss_clean() to be more intelligent with its handling of URL encoded strings.</li>

+			<li>Added $_SERVER, $_FILES, $_ENV, and $_SESSION to sanitization of globals.</li>

+		</ul>

 	</li>

-    <li>Core Changes

-        <ul>

-            <li>Modified xss_clean() to be more intelligent with its handling of URL encoded strings.</li>

-            </ul>

-    </li>

-    </ul>

+</ul>

 

 

 <h3>Bugfixes for 1.6.1</h3>

 <ul>

-    <li> Made Active Record fully database prefix aware (#3384)</li>

-    <li>Fixed a bug where DBForge was outputting invalid SQL in Postgres by adding brackets around the tables in FROM</li>

-    </ul>

+	<li>Made Active Record fully database prefix aware (#3384)</li>

+	<li>Fixed a bug where DBForge was outputting invalid SQL in Postgres by adding brackets around the tables in FROM</li>

+	<li>Fixed a bug (#3396) where certain POST variables would cause a PHP warning.</li>

+</ul>

+

+

+

 <h2>Version 1.6.0</h2>

 <p>Release Date: January 30, 2008 </p>

 <ul>