Welcome Guest, Not a member yet? Register   Sign In
I think i found a new bug , but im not sure (involves escaping & validation->run)

I am currenly trying to get my form validation correct and somehow CI is throwing away some of the '\' if i use it in the input fields. Below is the debugging code i used to pinpoint the problem.

$this->validation->set_error_delimiters('<div class="error">', '</div>');

        if( count($_POST)){
            echo("Voor: ");
            echo($this->validation->name . " ");


        if ($this->validation->run() == FALSE){ //validation failed, reload the view
            $data['query_groups'] = $this->db->get('user_groups');
        if(false || count($_POST)){
            echo("NA: ");

this gives the following output:
Voor: aaa\bbb NA: aaabbb

I checked everything until the validation->run and right at that point the '\' disappears.

Im not sure if this is already known since i know there are already some bugreports involving escaping.

(PS i know there shouldn't be any backslashes in a name anyway Smile )

I think i found it:

line 663 in validation.php
return str_replace(array("'", '"', '<', '>'), array("'", "&quot;", '&lt;', '&gt;'), stripslashes($str));

There shouldn't be a stripslashes there right?

I also posted this in the bug topic just to be sure it is known .

[eluser]Alex Florea[/eluser]

Theme © iAndrew 2016 - Forum software by © MyBB