Hello,
Can i use codeigniter's input class to xss clean GET data like this:
$somevar = $this->input->xss_clean($_GET['somevar']);
CodeIgniter's suggest that xss_clean method should be used for the submitted data.
I wonder whether $_GET vars are submitted or just visiting a URL.
So can i use it in that fashion?
The GET array is unset by CI on startup because it uses the URI segments instead.
But you can use the xss_clean method on any var you want, just like your example, but you will find $_GET to be empty. The input class is available everywhere by default.
Hello
Try using:
$this->input->get()
This function is identical to the post function, only it fetches get data: $this->input->get('somevar', TRUE);
The function returns FALSE (boolean) if the item you are attempting to retrieve does not exist.
The second optional parameter lets you run the data through the XSS filter. It's enabled by setting the second parameter to boolean TRUE;