[eluser]sampada[/eluser]
Hi,
I need to use xss filtering for the authentication part.
I made following changes:
In config.php:
$config['global_xss_filtering'] = TRUE;
and in auth.php
$this->rapyd->load('dataform');
$form->username->rule = "trim|required|min_length[5]|max_length[20]|xss_clean|encode_php_tags";
But I get no errors (I mean fatal errors)
If I put <? echo "test"; ?> in username, it shows only: The Username field can not exceed 20 characters in length. error.
I am confused whether xss_filtering has actually worked.
Thanks