From f50fc73cf63136b720c2bd247175f236d5b27eaa Mon Sep 17 00:00:00 2001
From: brian978 <dbrian89@yahoo.com>
Date: Sat, 8 Dec 2012 23:22:26 +0200
Subject: All the HEX code must be replaced or else some XSS attacks can be
 successful

---
 system/core/Security.php | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

(limited to 'system')

diff --git a/system/core/Security.php b/system/core/Security.php
index 4f2185db5..220188edc 100644
--- a/system/core/Security.php
+++ b/system/core/Security.php
@@ -526,9 +526,17 @@ class CI_Security {
 			$charset = config_item('charset');
 		}
 
-		$str = html_entity_decode($str, ENT_COMPAT, $charset);
-		$str = preg_replace('~&#x(0*[0-9a-f]{2,5})~ei', 'chr(hexdec("\\1"))', $str);
-		return preg_replace('~&#([0-9]{2,4})~e', 'chr(\\1)', $str);
+                do
+                {
+                    $matches = $matches1 = 0;
+                    
+                    $str = html_entity_decode($str, ENT_COMPAT, $charset);
+                    $str = preg_replace('~&#x(0*[0-9a-f]{2,5})~ei', 'chr(hexdec("\\1"))', $str, -1, $matches);
+                    $str = preg_replace('~&#([0-9]{2,4})~e', 'chr(\\1)', $str, -1, $matches1);
+                }
+                while($matches || $matches1);
+
+                return $str;
 	}
 
 	// --------------------------------------------------------------------
-- 
cgit v1.2.3-24-g4f1b