Upgrade to Codeigniter 2.0

Read Time:58 Second


In codeigniter 2.0, you will need to modify $this->input->xss_clean() to $this->secuirty->xss_clean(). Otherwise, it won’t work. Of course, don’t forget to load ‘security’ library before you use the function.

extends Controller or extends Model

You will need to change

class Test extends Controller


class Test extends CI_Controller


class Test extends Model


class Test extends CI_Model


Constructors and parent constructors

class Test extends CI_Controller{
function Test(){


class Test extends CI_Controller{
function __construct(){


CSRF Protection
If you are using ‘form_open()’ for all form elements, then it will generate a hidden CSRF field and works well.

Here is good tutorial “Protect a CodeIgniter Application Against CSRF”: http://net.tutsplus.com/tutorials/php/protect-a-codeigniter-application-against-csrf/

And here is good tutorial for jQuery AJAX, which can be pain to fix it: “CodeIgniter CSRF Protection With Ajax” http://ericlbarnes.com/blog/post/codeigniter_csrf_protection_with_ajax

Well, it looks like many people suffering with CSRF ignorance problem: http://codeigniter.com/forums/viewthread/186026/

One thought

  1. Thanks for the $this->security->xss_clean() tip. It should have been documented in the Codeigniter’s online documentation.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.