Moving security to core.
diff --git a/system/core/Input.php b/system/core/Input.php
index 1813135..dc7612e 100644
--- a/system/core/Input.php
+++ b/system/core/Input.php
@@ -53,11 +53,8 @@
$this->_enable_xss = (config_item('global_xss_filtering') === TRUE);
$this->_enable_csrf = (config_item('csrf_protection') === TRUE);
- // Do we need to load the security class?
- if ($this->_enable_xss == TRUE OR $this->_enable_csrf == TRUE)
- {
- $this->security =& load_class('Security');
- }
+ global $SEC;
+ $this->security =& $SEC;
// Do we need the UTF-8 class?
if (UTF8_ENABLED === TRUE)
@@ -92,8 +89,7 @@
if ($xss_clean === TRUE)
{
- $_security =& load_class('Security');
- return $_security->xss_clean($array[$index]);
+ return $this->security->xss_clean($array[$index]);
}
return $array[$index];
@@ -527,6 +523,9 @@
{
$str = $this->uni->clean_string($str);
}
+
+ // Remove control characters
+ $str = remove_invisible_characters($str);
// Should we filter the input data?
if ($this->_enable_xss === TRUE)
@@ -642,8 +641,7 @@
if ($xss_clean === TRUE)
{
- $_security =& load_class('Security');
- return $_security->xss_clean($this->headers[$index]);
+ return $this->security->xss_clean($this->headers[$index]);
}
return $this->headers[$index];