Internal method serving for the following purposes:
- Unsets $_GET data, if query strings are not enabled
- Cleans POST, COOKIE and SERVER data
- Standardizes newline characters to PHP_EOL
protected _sanitize_globals ( ) : void | ||
return | void |
function _sanitize_globals() { $ignore_csrf = config_item('csrf_ignore'); if (is_array($ignore_csrf) && count($ignore_csrf)) { global $URI; $haystack = $URI->uri_string(); foreach ($ignore_csrf as $needle) { if (strlen($haystack) >= strlen($needle) && substr($haystack, 0, strlen($needle)) == $needle) { $this->_enable_csrf = FALSE; break; } } } parent::_sanitize_globals(); }
/** * Extend _sanitize_globals to allow css * * For action requests we need to fully allow GET variables, so we set * an exception in EE_Config. For css, we only need that one and it's a * path, so we'll do some stricter cleaning. * * @param string * @return string */ function _sanitize_globals() { $_css = $this->get('css'); parent::_sanitize_globals(); if ($_css) { $_GET['css'] = remove_invisible_characters($_css); } }
function _sanitize_globals() { $this->allow_get_array = TRUE; parent::_sanitize_globals(); }
function _sanitize_globals() { // force allow access to $_GET, as CI ignores the $config['allow_get_array'] option $this->allow_get_array = TRUE; parent::_sanitize_globals(); }
protected function _sanitize_globals() { $_POST = $this->all(); parent::_sanitize_globals(); }