added CI's global variables to the protected array in_sanitize_globals()
diff --git a/system/libraries/Input.php b/system/libraries/Input.php
index de70738..1874b37 100644
--- a/system/libraries/Input.php
+++ b/system/libraries/Input.php
@@ -68,8 +68,9 @@
*/
function _sanitize_globals()
{
- // Would kind of be "wrong" to unset any of these GLOBALS.
- $protected = array('_SERVER', '_GET', '_POST', '_FILES', '_REQUEST', '_SESSION', '_ENV', 'GLOBALS', 'HTTP_RAW_POST_DATA');
+ // Would kind of be "wrong" to unset any of these GLOBALS
+ $protected = array('_SERVER', '_GET', '_POST', '_FILES', '_REQUEST', '_SESSION', '_ENV', 'GLOBALS', 'HTTP_RAW_POST_DATA',
+ 'system_folder', 'application_folder', 'BM', 'EXT', 'CFG', 'URI', 'RTR', 'OUT', 'IN');
// Unset globals for securiy.
// This is effectively the same as register_globals = off
@@ -79,7 +80,7 @@
{
if ( ! in_array($global, $protected))
{
- global $global;
+ global $$global;
$$global = NULL;
}
}