Part of the EllisLab Network
CodeIgniter  >   Forum Home  >  CodeIgniter Development Forums  >  Bug Reports  >  Thread
   
 
Input.php, Xss_clean and Preg_Replace
 
one4all
Posted: 04 January 2007 09:43 AM   [ Ignore ]  
Summer Student
Total Posts:  30
Joined  11-23-2006

Xss_clean function doesn’t work with PHP 5.2 versions.

Test near line 412 and 422 returns “null” with some content including accentuation (é, à, ê,...) for example.

412: preg_replace('#(&\#*\w+)[\x00-\x20]+;#u',"\\1;",$str);

422: preg_replace('#(&\#x*)([0-9A-F]+);*#iu',"\\1\\2;",$str);

Dont’ know if it is linked to a PHP preg_replace bug in that version of PHP (or to the syntax of the preg_replace calls in Input library which are “not anymore supported” ?
Profile
 
 
   
 
 
‹‹ CI Stupidly Kills GET Data      Typo: In Creating Libraries ››
Post Marker Legend
New Topic New posts Hot Topic Hot Topic with new posts New Poll New Poll Moved Topic Moved Topic Sticky Topic Sticky topic
Old Topic No new posts Hot Old Topic Hot Topic with no new posts Old Poll Old Poll Closed Topic Closed Topic Announcement Announcements
Theme
Change Theme
Visitor Statistics
The most visitors ever was 719, on June 06, 2008 10:16 AM
Total Registered Members: 66430 Total Logged-in Users: 37
Total Topics: 84795 Total Anonymous Users: 6
Total Replies: 455063 Total Guests: 244
Total Posts: 539858    
Members ( View Memberlist )
Newest Members:  Dylan1978X_franbaguasllogocsaturkeyPeter BryanttherendStudioGeorgiaJZeerfedeghe
Active Members:    Adam Griffithsandrzej.srokabennyhillbri@nClaudiu CISMARUcodexColin WilliamsCrucialDark PreacherdiezDisasterdjenniexdmorindoktorcivanimEmanuel01Ethan DunhamfxdcixxalnxxiJava Joejet_black82JoostVjwindhorstKoolavyLeggymdownsMorenoArdohainmvdg27psiborgShazaamThe Dooodetrs21219winterainWTHIGO?yogalYsekimzzet
Powered By ExpressionEngine
ExpressionEngine Discussion Forum - Version 2.1.1 (20081028)
Script Executed in 0.3790 seconds
Atom Feed   RSS 2.0