From 8c5299640fed112bb86e7a3930432bd084e86dad Mon Sep 17 00:00:00 2001 From: Derek Jones Date: Fri, 10 Jul 2009 19:05:08 +0000 Subject: removed entity protection from form_prep() so as to preserve the user's input when called back into a form element --- system/helpers/form_helper.php | 11 ----------- 1 file changed, 11 deletions(-) (limited to 'system/helpers') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index bdc87b86f..987ff18e2 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -610,22 +610,11 @@ if ( ! function_exists('form_prep')) return ''; } - $temp = '__TEMP_AMPERSANDS__'; - - // Replace entities to temporary markers so that - // htmlspecialchars won't mess them up - $str = preg_replace("/&#(\d+);/", "$temp\\1;", $str); - $str = preg_replace("/&(\w+);/", "$temp\\1;", $str); - $str = htmlspecialchars($str); // In case htmlspecialchars misses these. $str = str_replace(array("'", '"'), array("'", """), $str); - // Decode the temp markers back to entities - $str = preg_replace("/$temp(\d+);/","&#\\1;",$str); - $str = preg_replace("/$temp(\w+);/","&\\1;",$str); - return $str; } } -- cgit v1.2.3-24-g4f1b