From b3a3bf342903b32a79e8799860a61b93d7f28581 Mon Sep 17 00:00:00 2001 From: Derek Jones Date: Fri, 26 Sep 2008 17:20:53 +0000 Subject: removed some legacy escaping code from _backup() in the MySQL utility, fixing bug 4536 http://codeigniter.com/bug_tracker/bug/4536/ --- system/database/drivers/mysql/mysql_utility.php | 9 --------- user_guide/changelog.html | 1 + 2 files changed, 1 insertion(+), 9 deletions(-) diff --git a/system/database/drivers/mysql/mysql_utility.php b/system/database/drivers/mysql/mysql_utility.php index 6fb1ab4bb..e035e0cf6 100644 --- a/system/database/drivers/mysql/mysql_utility.php +++ b/system/database/drivers/mysql/mysql_utility.php @@ -176,15 +176,6 @@ class CI_DB_mysql_utility extends CI_DB_utility { } else { - // Do a little formatting... - $v = str_replace(array("\x00", "\x0a", "\x0d", "\x1a"), array('\0', '\n', '\r', '\Z'), $v); - $v = str_replace(array("\n", "\r", "\t"), array('\n', '\r', '\t'), $v); - $v = str_replace('\\', '\\\\', $v); - $v = str_replace('\'', '\\\'', $v); - $v = str_replace('\\\n', '\n', $v); - $v = str_replace('\\\r', '\r', $v); - $v = str_replace('\\\t', '\t', $v); - // Escape the data if it's not an integer if ($is_int[$i] == FALSE) { diff --git a/user_guide/changelog.html b/user_guide/changelog.html index a1afab1c4..7a0a251b7 100644 --- a/user_guide/changelog.html +++ b/user_guide/changelog.html @@ -112,6 +112,7 @@ SVN Revision: XXXX

  • Modified XSS sanitization to no longer add semicolons after &[single letter], such as in M&M's, B&B, etc.
  • Modified XSS sanitization to no longer strip XHTML image tags of closing slashes.
  • Fixed a bug in the Session class when database sessions are used where upon session update all userdata would be errantly written to the session cookie.
    • +
  • Fixed a bug (#4536) in backups with the MySQL driver where some legacy code was causing certain characters to be double escaped.

    • Version 1.6.3

    -- cgit v1.2.3-24-g4f1b