如果你想改变 post() 方法的默认行为，你可以扩展核心 Input 库，或者如果你' 懒惰你可以改变输入库的第 278 行(左右)来读取:

If you want to change the default behavior of the post() method, you can extend the core Input library, or if you're lazy you can just change line 278 (or so) of the Input library to read:

/**
* Fetch an item from the POST array
*
* @access   public
* @param    string
* @param    bool
* @return   string
*/
function post($index = '', $xss_clean = TRUE)
{
    return $this->_fetch_from_array($_POST, $index, $xss_clean);
}

这里唯一的区别是我将 $xss_clean 变量更改为 TRUE 而不是 FALSE.现在您可以关闭全局 XSS 过滤，它会自动过滤输入，除非您在调用输入库的 post() 方法时指定 false 作为第二个参数.只有一种方法是 get() 方法，你可以用同样的方式改变它.

The only difference here is that I've changed the $xss_clean variable to TRUE instead of FALSE. Now you can turn off global XSS filtering and it will automatically filter inputs unless you specify false as the second parameter in your call to the Input library's post() method. Just one method down is the get() method, and you can change that in the same way.

然而，如果我是你，我只会扩展原生库，因为当你更新 CodeIgniter 的时候你很可能已经忘记了这一点，然后你会突然想知道为什么你受到 XSS 攻击.看起来像这样:

However, if I were you, I'd just extend the native library, because there's a good chance you'll have forgotten about this by the time you update CodeIgniter, and then you'll suddenly be wondering why you're getting XSS attacked. That would look like this:

class MY_Input extends CI_Input {

    function My_Input()
    {
        parent::CI_Input();
    }

    function post($index = '', $xss_clean = TRUE)
    {
        return parent::post($index, $xss_clean);
    }
}

您可以在此处了解有关扩展库的更多信息:

You can learn more about extending libraries here:

http://codeigniter.com/user_guide/general/creating_libraries.html