[eluser]Matalina[/eluser]
Okay and why would that work over setting the value to FALSE?
I thought that you overwrote anything that was placed into the variable if it was passed.
I really don't see how rewriting that works. The input constructor is what cleans data when XSS_clean is set globally. So data is already cleaned by the time the post method is called which is why it can't be unset. So I don't think that method should work at all either. It's really no different than setting the value to false.