XSS Protection Problem - it blocks the page

[eluser]xcristi[/eluser]
Hello,

Well, I turn on the XSS protection in CI configuration for automatic clean up. When I enter something nasty in a textarea, the filtering seems to work (?) but I get only a blank page as a result. The error thrown in logs is:

Code:

PHP Fatal error:  Call to undefined function:  get_instance() in /home/html/soimul/system/libraries/Input.php on line 855

I turn off this feature and try with some manual clean up ($this->input->post('field', 'true')) and it works very well. I can go on and use it this way, but it will be more convenient to do it automatically.

What do you think it's wrong in the first case?
Thanks.

[eluser]coolfactor[/eluser]
This is a known bug that's been fixed for 2 months, but hasn't yet made it to the public distribution.

1. Open up /system/libraries/Input.php
2. Revise the _html_entity_decode_callback() function to match the following:

Code:

function _html_entity_decode_callback($match)
    {
        $charset = config_item('charset');

        return $this->_html_entity_decode($match[0], strtoupper($charset));
    }

[eluser]xcristi[/eluser]
Thanks a lot man.

[eluser]tooHow[/eluser]
yeah.. finally i managed to get my xinha wysiwyg editor working! thanks for this tip

[eluser]JOKERz[/eluser]
yupz it work with tinyMCE too.
thanx a lot!!