From 71d8f72ffc48a7f46747b3b6b1a554533cc1cbc5 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 17 Jan 2017 12:01:00 +0200 Subject: [ci skip] Merge pull request #4986 from ka7/feature/spelling Spelling fixes in comment blocks and docs --- system/core/Security.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core/Security.php') diff --git a/system/core/Security.php b/system/core/Security.php index 585ed90ec..bacbb78d0 100644 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -869,7 +869,7 @@ class CI_Security { // Each iteration filters a single attribute do { - // Strip any non-alpha characters that may preceed an attribute. + // Strip any non-alpha characters that may precede an attribute. // Browsers often parse these incorrectly and that has been a // of numerous XSS issues we've had. $matches['attributes'] = preg_replace('#^[^a-z]+#i', '', $matches['attributes']); -- cgit v1.2.3-24-g4f1b From 4316a157c27a3721dbfd8a817bf8cbffb1fe371f Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 20 Jan 2017 15:46:17 +0200 Subject: Don't use each() Will be deprecated in PHP 7.2 --- system/core/Security.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'system/core/Security.php') diff --git a/system/core/Security.php b/system/core/Security.php index bacbb78d0..082ffa96b 100644 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -354,9 +354,9 @@ class CI_Security { // Is the string an array? if (is_array($str)) { - while (list($key) = each($str)) + foreach ($str as $key => &$value) { - $str[$key] = $this->xss_clean($str[$key]); + $str[$key] = $this->xss_clean($value); } return $str; -- cgit v1.2.3-24-g4f1b