diff options
Diffstat (limited to 'system/libraries/Form_validation.php')
| -rw-r--r-- | system/libraries/Form_validation.php | 24 |
1 files changed, 15 insertions, 9 deletions
diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php index c1bf51935..e50eee4f2 100644 --- a/system/libraries/Form_validation.php +++ b/system/libraries/Form_validation.php @@ -1,4 +1,4 @@ -<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +<?php /** * CodeIgniter * @@ -24,6 +24,7 @@ * @since Version 1.0 * @filesource */ +defined('BASEPATH') OR exit('No direct script access allowed'); /** * Form Validation Class @@ -439,11 +440,10 @@ class CI_Form_validation { // Load the language file containing error messages $this->CI->lang->load('form_validation'); - // Cycle through the rules for each field, match the - // corresponding $_POST item and test for errors + // Cycle through the rules for each field and match the corresponding $validation_data item foreach ($this->_field_data as $field => $row) { - // Fetch the data from the corresponding $_POST or validation array and cache it in the _field_data array. + // Fetch the data from the validation_data array item and cache it in the _field_data array. // Depending on whether the field name is an array or a string will determine where we get it from. if ($row['is_array'] === TRUE) { @@ -453,7 +453,13 @@ class CI_Form_validation { { $this->_field_data[$field]['postdata'] = $validation_array[$field]; } + } + // Execute validation rules + // Note: A second foreach (for now) is required in order to avoid false-positives + // for rules like 'matches', which correlate to other validation fields. + foreach ($this->_field_data as $field => $row) + { // Don't try to validate if we have no rules set if (empty($row['rules'])) { @@ -1323,6 +1329,11 @@ class CI_Form_validation { */ public function prep_for_form($data = '') { + if ($this->_safe_form_data === FALSE OR empty($data)) + { + return $data; + } + if (is_array($data)) { foreach ($data as $key => $val) @@ -1333,11 +1344,6 @@ class CI_Form_validation { return $data; } - if ($this->_safe_form_data === FALSE OR $data === '') - { - return $data; - } - return str_replace(array("'", '"', '<', '>'), array(''', '"', '<', '>'), stripslashes($data)); } |