HTML code in a textarea

[eluser]Salvador P.[/eluser]
Thanks for your replies Aken and freeman204!

Tried with $_POST and same result if the XSS_Filtering is enabled.

Now I have tried with XSS_filtering disabled, and cleared all caches, and there they are!! We've got back the style tags!

So XSS_filtering is getting rid of the style tags... but we need the XSS_filtering enabled.

Searching for a solution got this:
We can use $this->input->post('some_name', TRUE); to enable XSS_filtering in each field of the form, with the global xss filtering disabled.

After some tests:
With config.php $config['global_xss_filtering'] = TRUE;

Code:

$this->input->post('some_name');
$this->input->post('some_name', FALSE);

Throw the same result, style tags gone.

With config.php $config['global_xss_filtering'] = FALSE;

Code:

$this->input->post('some_name', TRUE); // Wrong result
$this->input->post('some_name'); //Good result

Got the right result, with global xss filtering false.

----

We need the $config['global_xss_filtering'] = TRUE; for security reasons.

There is a way we can disable global_xss_filtering only for that controller? So we can get the correct input from the textarea, and keep the xss filtering in all the application.

Thanks!