From 9593349964e9ba557b14e8cda9c16b16498a55a5 Mon Sep 17 00:00:00 2001 From: Chris Muench Date: Sun, 16 Oct 2011 14:14:04 -0400 Subject: Fixes issue #439 some slashes not escaped in session data --- system/libraries/Session.php | 45 ++++++++++++++++++++++++++++---------------- 1 file changed, 29 insertions(+), 16 deletions(-) (limited to 'system/libraries/Session.php') diff --git a/system/libraries/Session.php b/system/libraries/Session.php index 8ee08c5b2..dd951c325 100644 --- a/system/libraries/Session.php +++ b/system/libraries/Session.php @@ -688,13 +688,7 @@ class CI_Session { { if (is_array($data)) { - foreach ($data as $key => $val) - { - if (is_string($val)) - { - $data[$key] = str_replace('\\', '{{slash}}', $val); - } - } + array_walk_recursive($data, array(&$this, '_escape_slashes')); } else { @@ -703,9 +697,23 @@ class CI_Session { $data = str_replace('\\', '{{slash}}', $data); } } - return serialize($data); } + + /** + * Escape slashes + * + * This function converts any slashes found into a temporary marker + * + * @access private + */ + function _escape_slashes(&$val, $key) + { + if (is_string($val)) + { + $val = str_replace('\\', '{{slash}}', $val); + } + } // -------------------------------------------------------------------- @@ -725,19 +733,24 @@ class CI_Session { if (is_array($data)) { - foreach ($data as $key => $val) - { - if (is_string($val)) - { - $data[$key] = str_replace('{{slash}}', '\\', $val); - } - } - + array_walk_recursive($data, array(&$this, '_unescape_slashes')); return $data; } return (is_string($data)) ? str_replace('{{slash}}', '\\', $data) : $data; } + + /** + * Unescape slashes + * + * This function converts any slash markers back into actual slashes + * + * @access private + */ + function _unescape_slashes(&$val, $key) + { + $val= str_replace('{{slash}}', '\\', $val); + } // -------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b