+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Archived Discussions (https://forum.codeigniter.com/forumdisplay.php?fid=20)
+--- Forum: Archived General Discussion (https://forum.codeigniter.com/forumdisplay.php?fid=21)
+--- Thread: Content failing to insert because of special characters (/showthread.php?tid=7058)
Content failing to insert because of special characters - El Forum - 03-22-2008
[eluser]-sek[/eluser]
Does anyone know why when a special character like the one MS Word substitutes for 1/4 is posted from my form and an attempt is made to insert into the database, the entire content fails to insert?
I have XSS checking turned off on this field even though I understand it should not delete content, but replace the offending character. Is there something in CI sanitizing this? Or should I look elsewhere in my code?
I did some further testing and discovered the text is being removed by the XSS checking on $this->input->post(), so at least I know why the text is vanishing. I just don't know why the text comes back empty from XSS scrubbing instead of just removing the offending character.
Thanks
Content failing to insert because of special characters - El Forum - 04-02-2008
[eluser]stef25[/eluser]
i tried out some xss attacks and some stuff does get filtered out completely so i guess what you are seeing is normal.
more at http://ha.ckers.org/xss.html and a good xss filter which you can use as a plugin
http://quickwired.com/smallprojects/php_xss_filter_function.php