Codeigniter is removing '+' plus signs from my form inputs (text areas). I need them to stay

Question

I'm trying to collect equations from my users, but my CodeIgniter installation is removing all of the '+' / 'plus signs' / 'addition signs' after the form has been submitted (this->input->post('form_value') is already cleaned before passing to the model).

I've researched xss_cleaning, input.php (in libraries) and I can't find where the default installation (1.7.2) is removing them? I've been researching this a while and can't find it. Any help would be GREATLY appreciated.

Answer 1

Problem Solved! I noticed that the form was submitting via AJAX and using a POST method. The problem was quite simply that the browser was translating "+" into " " when it passed via URL. The solution was to first encode all of the text prior to sending via:

var newvalue = encodeURIComponent(value);

CI then automatically decodes and enters into the database as "+" via:

$this->input->post($value); 

When retrieving this value from the database, no further formatting (encoding or decoding) is needed.

Thanks for all of your help. It really got me brainstorming on this. You guys are great!

A

Answer 2

It may come from the following settings:

• Global XSS filtering is activated in application/config/config.php:

  $config['global_xss_filtering'] = TRUE;
  

• XSS filtering is applied when you called $this->input->post():

  $this->input->post('some_data', TRUE); // XSS filtering ON
  $this->input->post('some_data'); // XSS filtering OFF by default
  

• Form validation rules turn XSS filtering ON:

  $this->form_validation->set_rules('some_data', 'Some Data', 'xss_clean');