CodeIgniter Forums
xss error on script tag - Printable Version

+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: CodeIgniter Archived (from EllisLab) (https://forum.codeigniter.com/forum-20.html)
+--- Forum: Archived Development & Programming (https://forum.codeigniter.com/forum-23.html)
+--- Thread: xss error on script tag (/thread-2348.html)



xss error on script tag - El Forum - 07-31-2007

[eluser]MaDe[/eluser]
I globally enabled xss filtering in my config
Code:
$config['global_xss_filtering'] = TRUE;
and submitted a form field with the following content:
Code:
alert('Test');
The following error occured:
Quote:Fatal error: Call to undefined function get_instance() in ***snip***\system\libraries\Input.php on line 855
I looked it up in the code and found the following lines, that produce the error:
Code:
$CI =& get_instance();
$charset = $CI->config->item('charset');
I was able to workaround by using
Code:
$CFG =& load_class('Config');
$this->charset = $CFG->item('charset');
As I don't know, why get_instance doesn't work (I found it in some other places, where it seems to work), I can't fix it in another way.

Is this a bug worth bug-tracking?


xss error on script tag - El Forum - 07-31-2007

[eluser]Derek Jones[/eluser]
Already is. Wink And is resolved in the svn.


xss error on script tag - El Forum - 08-01-2007

[eluser]MaDe[/eluser]
Thanks for the info. Didn't find it in the bug tracker :-S

Any info on when the next version will be released?


xss error on script tag - El Forum - 08-01-2007

[eluser]Derek Jones[/eluser]
No, I'm sorry I do not have a date; you may checkout the new Input.php file from the svn. As for not finding it in the bug tracker, if you didn't use the drop-downs, it was only searching titles for an exact phrase match. I'll modify the form so that by default it searches for "all words" in titles, entries, and comments.