Upgrade to Codeigniter 2.0

Read Time:58 Second

$this->input->xss_clean();

In codeigniter 2.0, you will need to modify $this->input->xss_clean() to $this->secuirty->xss_clean(). Otherwise, it won’t work. Of course, don’t forget to load ‘security’ library before you use the function.

extends Controller or extends Model

You will need to change

class Test extends Controller

to

class Test extends CI_Controller

And

class Test extends Model

to

class Test extends CI_Model

 

Constructors and parent constructors

class Test extends CI_Controller{
function Test(){
parent::Controller();
}
}

to

class Test extends CI_Controller{
function __construct(){
parent::__construct();
}
}

 

CSRF Protection
If you are using ‘form_open()’ for all form elements, then it will generate a hidden CSRF field and works well.

Here is good tutorial “Protect a CodeIgniter Application Against CSRF”: http://net.tutsplus.com/tutorials/php/protect-a-codeigniter-application-against-csrf/

And here is good tutorial for jQuery AJAX, which can be pain to fix it: “CodeIgniter CSRF Protection With Ajax” http://ericlbarnes.com/blog/post/codeigniter_csrf_protection_with_ajax

Well, it looks like many people suffering with CSRF ignorance problem: http://codeigniter.com/forums/viewthread/186026/

One thought

  1. Thanks for the $this->security->xss_clean() tip. It should have been documented in the Codeigniter’s online documentation.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.