From 8f5420b5c59cb50dfb4834a3ab9a5bee5faadb1c Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 6 Jan 2014 10:34:23 +0200 Subject: Make CI_Input::set_cookie() and cookie helpers set_cookie(), get_cookie(), delete_cookie()'s first (name) parameter mandatory --- system/helpers/cookie_helper.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'system/helpers/cookie_helper.php') diff --git a/system/helpers/cookie_helper.php b/system/helpers/cookie_helper.php index e5cf6b1d6..e465412cf 100644 --- a/system/helpers/cookie_helper.php +++ b/system/helpers/cookie_helper.php @@ -56,7 +56,7 @@ if ( ! function_exists('set_cookie')) * @param bool true makes the cookie accessible via http(s) only (no javascript) * @return void */ - function set_cookie($name = '', $value = '', $expire = '', $domain = '', $path = '/', $prefix = '', $secure = FALSE, $httponly = FALSE) + function set_cookie($name, $value = '', $expire = '', $domain = '', $path = '/', $prefix = '', $secure = FALSE, $httponly = FALSE) { // Set the config file options $CI =& get_instance(); @@ -75,7 +75,7 @@ if ( ! function_exists('get_cookie')) * @param bool * @return mixed */ - function get_cookie($index = '', $xss_clean = FALSE) + function get_cookie($index, $xss_clean = FALSE) { $CI =& get_instance(); $prefix = isset($_COOKIE[$index]) ? '' : config_item('cookie_prefix'); @@ -96,7 +96,7 @@ if ( ! function_exists('delete_cookie')) * @param string the cookie prefix * @return void */ - function delete_cookie($name = '', $domain = '', $path = '/', $prefix = '') + function delete_cookie($name, $domain = '', $path = '/', $prefix = '') { set_cookie($name, '', '', $domain, $path, $prefix); } -- cgit v1.2.3-24-g4f1b From 119d8a7547e155edaaa53682b9247cd7e80d8c9d Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 8 Jan 2014 15:27:53 +0200 Subject: Optimize get_instance() calls/assignments --- system/helpers/cookie_helper.php | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) (limited to 'system/helpers/cookie_helper.php') diff --git a/system/helpers/cookie_helper.php b/system/helpers/cookie_helper.php index e465412cf..5cdcdd137 100644 --- a/system/helpers/cookie_helper.php +++ b/system/helpers/cookie_helper.php @@ -59,8 +59,7 @@ if ( ! function_exists('set_cookie')) function set_cookie($name, $value = '', $expire = '', $domain = '', $path = '/', $prefix = '', $secure = FALSE, $httponly = FALSE) { // Set the config file options - $CI =& get_instance(); - $CI->input->set_cookie($name, $value, $expire, $domain, $path, $prefix, $secure, $httponly); + get_instance()->input->set_cookie($name, $value, $expire, $domain, $path, $prefix, $secure, $httponly); } } @@ -77,9 +76,8 @@ if ( ! function_exists('get_cookie')) */ function get_cookie($index, $xss_clean = FALSE) { - $CI =& get_instance(); $prefix = isset($_COOKIE[$index]) ? '' : config_item('cookie_prefix'); - return $CI->input->cookie($prefix.$index, $xss_clean); + return get_instance()->input->cookie($prefix.$index, $xss_clean); } } -- cgit v1.2.3-24-g4f1b From 80a16b1cd0d4716b5ea41497685a8fac02e34333 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 8 Jan 2014 17:19:03 +0200 Subject: Fix #346 When ['global_xss_filtering'] was turned on, the , , & superglobals were automatically overwritten. This resulted in one of the following problems: - xss_clean() being called twice - Inability to retrieve the original (not filtered) value XSS filtering is now only applied on demand by the Input class, and the default value for the parameter in CI_Input methods is changed to NULL. Unless a boolean value is passed to them, whether XSS filtering is applied depends on the ['global_xss_filtering'] value. --- system/helpers/cookie_helper.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'system/helpers/cookie_helper.php') diff --git a/system/helpers/cookie_helper.php b/system/helpers/cookie_helper.php index 5cdcdd137..a79083a63 100644 --- a/system/helpers/cookie_helper.php +++ b/system/helpers/cookie_helper.php @@ -74,8 +74,9 @@ if ( ! function_exists('get_cookie')) * @param bool * @return mixed */ - function get_cookie($index, $xss_clean = FALSE) + function get_cookie($index, $xss_clean = NULL) { + is_bool($xss_clean) OR $xss_clean = (config_item('global_xss_filtering') === TRUE); $prefix = isset($_COOKIE[$index]) ? '' : config_item('cookie_prefix'); return get_instance()->input->cookie($prefix.$index, $xss_clean); } -- cgit v1.2.3-24-g4f1b