From d85a11e9f9da50d04c724c0a4bc8c9ee734f2f59 Mon Sep 17 00:00:00 2001
From: Derek Jones <derek.jones@ellislab.com>
Date: Thu, 24 Jan 2008 20:48:07 +0000
Subject: added CI's global variables to the protected array
 in_sanitize_globals()

---
 system/libraries/Input.php | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

(limited to 'system/libraries/Input.php')

diff --git a/system/libraries/Input.php b/system/libraries/Input.php
index de70738e2..1874b3790 100644
--- a/system/libraries/Input.php
+++ b/system/libraries/Input.php
@@ -68,8 +68,9 @@ class CI_Input {
 	 */
 	function _sanitize_globals()
 	{
-		// Would kind of be "wrong" to unset any of these GLOBALS.
-		$protected = array('_SERVER', '_GET', '_POST', '_FILES', '_REQUEST', '_SESSION', '_ENV', 'GLOBALS', 'HTTP_RAW_POST_DATA');
+		// Would kind of be "wrong" to unset any of these GLOBALS
+		$protected = array('_SERVER', '_GET', '_POST', '_FILES', '_REQUEST', '_SESSION', '_ENV', 'GLOBALS', 'HTTP_RAW_POST_DATA',
+							'system_folder', 'application_folder', 'BM', 'EXT', 'CFG', 'URI', 'RTR', 'OUT', 'IN');
 		
 		// Unset globals for securiy. 
 		// This is effectively the same as register_globals = off
@@ -79,7 +80,7 @@ class CI_Input {
 			{
 				if ( ! in_array($global, $protected))
 				{
-					global $global;
+					global $$global;
 					$$global = NULL;
 				}
 			}
-- 
cgit v1.2.3-24-g4f1b