[eluser]Unknown[/eluser]
Just to clarify, this snippet of code
Code:
if ($total_errors > 0)
{
$this->_safe_form_data = TRUE;
}
is inside the function run() on Form_validation.php.
Code:
public function run($group = '')
{
//......
}
And the only place where there is another reference to the variable _safe_form_data is inside the prep_for_form() function:
Code:
public function prep_for_form($data = '')
{
//Rest of function goes here....
if ($this->_safe_form_data == FALSE OR $data === '')
{
return $data;
}
return str_replace(array("'", '"', '<', '>'), array("'", """, '<', '>'), stripslashes($data));
}
I'm not sure if there is a bug or not. But when I tested, _safe_form_data always evaluated to be false... and the prep_for_form option on set_rules didn't do anything.
Any insight about what is happening? Thanks !