CI在开启XSS后会自动过虑和转码掉一些特殊字符,这样在中文全角环境下很容易造成乱码的情况,查了资料后发现有两种解决办法:
1,关闭XSS,设置config.php 的 $config['global_xss_filtering'] = FALSE;
2,利用hooks提前把$_POST和$_GET的值保存一份出来。
a) config.php
$config['enable_hooks'] = TRUE;
b) hooks.php
$hook['pre_controller'] = array(
'class' => '',
'function' => 'keep_vars',
'filename' => 'keep_vars.php',
'filepath' => 'hooks',
'params' => array($_POST, $_GET)
);
c) 新建 hooks/keep_vars.php
<?php
function keep_vars ($vars = array())
{
if (empty($vars)) return;
global $pre_filter;
$pre_filter = array();
foreach ($vars as $var) {
$pre_filter = array_merge($pre_filter, $var);
}
}
?>
d) 在需要用到原始值的地方
global $pre_filter;
print_r($pre_filter);
参考:
http://stackoverflow.com/questions/17686074/codeigniter-2-and-how-to-disabled-xss-for-tinymce