From edec092e1aa616561063214a66620f9b6852875d Mon Sep 17 00:00:00 2001
From: Cash Costello <cash.costello@gmail.com>
Date: Sun, 30 Oct 2011 13:08:20 -0400
Subject: Fixes #3370 running the anti-spam option of htmlawed when filtering
 for output

---
 engine/lib/input.php | 34 +++++++++++++++++-----------------
 1 file changed, 17 insertions(+), 17 deletions(-)

(limited to 'engine/lib/input.php')

diff --git a/engine/lib/input.php b/engine/lib/input.php
index 4900817a5..2f68195f2 100644
--- a/engine/lib/input.php
+++ b/engine/lib/input.php
@@ -8,7 +8,7 @@
  */
 
 /**
- * Get some input from variables passed on the GET or POST line.
+ * Get some input from variables passed submitted through GET or POST.
  *
  * If using any data obtained from get_input() in a web page, please be aware that
  * it is a possible vector for a reflected XSS attack. If you are expecting an
@@ -18,41 +18,41 @@
  * because of the filtering done in htmlawed from the filter_tags call.
  * @todo Is this ^ still true?
  *
- * @param string $variable      The variable we want to return.
+ * @param string $variable      The variable name we want.
  * @param mixed  $default       A default value for the variable if it is not found.
- * @param bool   $filter_result If true then the result is filtered for bad tags.
+ * @param bool   $filter_result If true, then the result is filtered for bad tags.
  *
- * @return string
+ * @return mixed
  */
 function get_input($variable, $default = NULL, $filter_result = TRUE) {
 
 	global $CONFIG;
 
+	$result = $default;
+
+	elgg_push_context('input');
+
 	if (isset($CONFIG->input[$variable])) {
-		$var = $CONFIG->input[$variable];
+		$result = $CONFIG->input[$variable];
 
 		if ($filter_result) {
-			$var = filter_tags($var);
+			$result = filter_tags($result);
 		}
-
-		return $var;
-	}
-
-	if (isset($_REQUEST[$variable])) {
+	} elseif (isset($_REQUEST[$variable])) {
 		if (is_array($_REQUEST[$variable])) {
-			$var = $_REQUEST[$variable];
+			$result = $_REQUEST[$variable];
 		} else {
-			$var = trim($_REQUEST[$variable]);
+			$result = trim($_REQUEST[$variable]);
 		}
 
 		if ($filter_result) {
-			$var = filter_tags($var);
+			$result = filter_tags($result);
 		}
-
-		return $var;
 	}
 
-	return $default;
+	elgg_pop_context();
+
+	return $result;
 }
 
 /**
-- 
cgit v1.2.3