From 7c4d10660a0a47446474bf97e3cb65f80693f1ee Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 1 Nov 2012 15:14:34 +0200 Subject: Fix issue #1953 (form values being escaped twice) Re-instaing an improved form_prep() function, reverting most of the changes from 74ffd17ab06327ca62ddfe28a186cae7ba6bd459. --- system/libraries/Form_validation.php | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'system/libraries/Form_validation.php') diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php index c1bf51935..74dac7d29 100644 --- a/system/libraries/Form_validation.php +++ b/system/libraries/Form_validation.php @@ -1323,6 +1323,11 @@ class CI_Form_validation { */ public function prep_for_form($data = '') { + if ($this->_safe_form_data === FALSE OR empty($data)) + { + return $data; + } + if (is_array($data)) { foreach ($data as $key => $val) @@ -1333,11 +1338,6 @@ class CI_Form_validation { return $data; } - if ($this->_safe_form_data === FALSE OR $data === '') - { - return $data; - } - return str_replace(array("'", '"', '<', '>'), array(''', '"', '<', '>'), stripslashes($data)); } -- cgit v1.2.3-24-g4f1b From c5536aac5752054f7f76e448d58b86407d8f574e Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 1 Nov 2012 17:33:58 +0200 Subject: Manually apply PR #1594 (fixing phpdoc page-level generation/warnings) Also partially fixes issue #1295, fixes inconsistencies in some page-level docblocks and adds include checks in language files. --- system/libraries/Form_validation.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'system/libraries/Form_validation.php') diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php index 74dac7d29..50708c7d8 100644 --- a/system/libraries/Form_validation.php +++ b/system/libraries/Form_validation.php @@ -1,4 +1,4 @@ - Date: Sat, 3 Nov 2012 18:26:27 +0200 Subject: Fix #1957 --- system/libraries/Form_validation.php | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) (limited to 'system/libraries/Form_validation.php') diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php index 50708c7d8..e50eee4f2 100644 --- a/system/libraries/Form_validation.php +++ b/system/libraries/Form_validation.php @@ -440,11 +440,10 @@ class CI_Form_validation { // Load the language file containing error messages $this->CI->lang->load('form_validation'); - // Cycle through the rules for each field, match the - // corresponding $_POST item and test for errors + // Cycle through the rules for each field and match the corresponding $validation_data item foreach ($this->_field_data as $field => $row) { - // Fetch the data from the corresponding $_POST or validation array and cache it in the _field_data array. + // Fetch the data from the validation_data array item and cache it in the _field_data array. // Depending on whether the field name is an array or a string will determine where we get it from. if ($row['is_array'] === TRUE) { @@ -454,7 +453,13 @@ class CI_Form_validation { { $this->_field_data[$field]['postdata'] = $validation_array[$field]; } + } + // Execute validation rules + // Note: A second foreach (for now) is required in order to avoid false-positives + // for rules like 'matches', which correlate to other validation fields. + foreach ($this->_field_data as $field => $row) + { // Don't try to validate if we have no rules set if (empty($row['rules'])) { -- cgit v1.2.3-24-g4f1b