From 07edd4b16f8037ca5adda499c72710aaf3bdf215 Mon Sep 17 00:00:00 2001 From: Derek Jones Date: Fri, 18 Jan 2008 19:50:49 +0000 Subject: modified prep_for_form() to accept an array so POST arrays can be validated with the Validation class via callback functions and have fields properly assigned --- system/libraries/Validation.php | 20 ++++++++++++++------ user_guide/changelog.html | 1 + 2 files changed, 15 insertions(+), 6 deletions(-) diff --git a/system/libraries/Validation.php b/system/libraries/Validation.php index 84415030d..061cacc9c 100644 --- a/system/libraries/Validation.php +++ b/system/libraries/Validation.php @@ -86,8 +86,8 @@ class CI_Validation { } foreach($this->_fields as $key => $val) - { - $this->$key = ( ! isset($_POST[$key]) OR is_array($_POST[$key])) ? '' : $this->prep_for_form($_POST[$key]); + { + $this->$key = ( ! isset($_POST[$key])) ? '' : $this->prep_for_form($_POST[$key]); $error = $key.'_error'; if ( ! isset($this->$error)) @@ -659,14 +659,22 @@ class CI_Validation { * @param string * @return string */ - function prep_for_form($str = '') + function prep_for_form($data = '') { - if ($this->_safe_form_data == FALSE OR $str == '') + if (is_array($data)) + { + foreach ($data as $key => $val) + { + $data[$key] = $this->prep_for_form($val); + } + } + + if ($this->_safe_form_data == FALSE OR $data == '') { - return $str; + return $data; } - return str_replace(array("'", '"', '<', '>'), array("'", """, '<', '>'), stripslashes($str)); + return str_replace(array("'", '"', '<', '>'), array("'", """, '<', '>'), stripslashes($data)); } // -------------------------------------------------------------------- diff --git a/user_guide/changelog.html b/user_guide/changelog.html index 9ef6bd36c..0f6c677d2 100644 --- a/user_guide/changelog.html +++ b/user_guide/changelog.html @@ -94,6 +94,7 @@ Change Log
  • Moved the safe mode and auth checks for the Email library into the constructor.
  • Moved part of the userguide menu javascript to an external file.
  • Modified variable names in _ci_load() method of Loader class to avoid conflicts with view variables.
    • +
  • Modified prep_for_form() in the Validation class to accept arrays, adding support for POST array validation (via callbacks only)
  • Changed the behaviour of custom callbacks so that they no longer trigger the "required" rule.
  • Changed the behaviour of variables submitted to the where() clause with no values to auto set "IS NULL"
  • Strengthened the Encryption library to help protect against man in the middle attacks when MCRYPT_MODE_CBC mode is used.
    • -- cgit v1.2.3-24-g4f1b