[eluser]Twisted1919[/eluser]
Code:
//class variables:
var $ip_address = FALSE;
var $user_agent = FALSE;
var $_allow_get_array = FALSE;
var $_standardize_newlines = TRUE;
var $_enable_xss = FALSE; // Set automatically based on config setting
var $_enable_csrf = FALSE; // Set automatically based on config setting
//The constructor :
function CI_Input()
{
log_message('debug', "Input Class Initialized");
$this->_allow_get_array = (config_item('enable_query_strings') === TRUE) ? TRUE : FALSE;
$this->_enable_xss = (config_item('global_xss_filtering') === TRUE) ? TRUE : FALSE;
$this->_enable_csrf = (config_item('csrf_protection') === TRUE) ? TRUE : FALSE;
// Do we need to load the security class?
if ($this->_enable_xss == TRUE OR $this->_enable_csrf == TRUE)
{
$this->security =& load_class('Security');
}
// Do we need the Unicode class?
if (UTF8_ENABLED === TRUE)
{
global $UNI;
$this->uni =& $UNI;
}
// Sanitize global arrays
$this->_sanitize_globals();
}
//FETCH FROM ARRAY METHOD
function _fetch_from_array(&$array, $index = '', $xss_clean = FALSE)
{
if ( ! isset($array[$index]))
{
return FALSE;
}
if ($xss_clean === TRUE)
{
$_security =& load_class('Security');
return $_security->xss_clean($array[$index]);
}
return $array[$index];
}
Shouldn't this be :
Code:
//Variables
var $ip_address = FALSE;
var $user_agent = FALSE;
var $_allow_get_array = FALSE;
var $_standardize_newlines = TRUE;
var $_enable_xss = FALSE; // Set automatically based on config setting
var $_enable_csrf = FALSE; // Set automatically based on config setting
var $security = FALSE;
//Now the construct method really knows who $security is .
//FETCH FROM ARRAY METHOD
function _fetch_from_array(&$array, $index = '', $xss_clean = FALSE)
{
if ( ! isset($array[$index]))
{
return FALSE;
}
if ($xss_clean === TRUE)
{
if( ! $this->security)
{
$this->security =& load_class('Security');
}
return $this->security->xss_clean($array[$index]);
}
return $array[$index];
}
I just saw the piece of code, wondering if i am right or not .