Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived Development & Programming system/Input.php escape filter Globel Variable key is there any problem?
system/Input.php escape filter Globel Variable key is there any problem?
  • El Forum
    Guest
  •  
#1
04-01-2010, 02:12 AM

[eluser]Shiro[/eluser]
I'm using CI 1.72
Input.php

From the line 130
Code:
// Is $_GET data allowed? If not we'll set the $_GET to an empty array
        if ($this->allow_get_array == FALSE)
        {
            $_GET = array();
        }
        else
        {
            $_GET = $this->_clean_input_data($_GET);
        }

CI run the function _clean_input_data, after that

Code:
function _clean_input_data($str)
    {
        if (is_array($str))
        {
            $new_array = array();
            foreach ($str as $key => $val)
            {
                $new_array[$this->_clean_input_keys($key)] = $this->_clean_input_data($val);
            }
            return $new_array;
        }

I would like to ask, if I do not filter the key,
I change to
Code:
$new_array[$key] = $this->_clean_input_data($val);

will there any security issue or hacking problem?
I only escape $_GET.

Please share your opinion




Theme © iAndrew 2016 - Forum software by © MyBB