From a9647e8ed7eb19ca55e84fba9c5ee62e0045881d Mon Sep 17 00:00:00 2001 From: Derek Jones Date: Tue, 2 Mar 2010 22:59:07 -0600 Subject: updating XMLRPC class to use Security lib --- system/libraries/Xmlrpc.php | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/system/libraries/Xmlrpc.php b/system/libraries/Xmlrpc.php index 5a82391dd..c46d52cdb 100644 --- a/system/libraries/Xmlrpc.php +++ b/system/libraries/Xmlrpc.php @@ -513,7 +513,7 @@ class XML_RPC_Response } else { - $array[$key] = $CI->input->xss_clean($array[$key]); + $array[$key] = $CI->security->xss_clean($array[$key]); } } @@ -529,7 +529,7 @@ class XML_RPC_Response } else { - $result = $CI->input->xss_clean($result); + $result = $CI->security->xss_clean($result); } } @@ -1127,7 +1127,9 @@ class XML_RPC_Message extends CI_Xmlrpc } else { - $array[$key] = $CI->input->xss_clean($array[$key]); + // 'bits' is for the MetaWeblog API image bits + // @todo - this needs to be made more general purpose + $array[$key] = ($key == 'bits') ? $array[$key] : $CI->security->xss_clean($array[$key]); } } @@ -1147,7 +1149,7 @@ class XML_RPC_Message extends CI_Xmlrpc } else { - $parameters[] = $CI->input->xss_clean($a_param); + $parameters[] = $CI->security->xss_clean($a_param); } } } @@ -1322,7 +1324,7 @@ class XML_RPC_Values extends CI_Xmlrpc function serializedata($typ, $val) { $rs = ''; - + switch($this->xmlrpcTypes[$typ]) { case 3: -- cgit v1.2.3-24-g4f1b