Changed it_untaint and it_taintcheck to not modify input var

2 files changed, 5 insertions, 5 deletions

diff --git a/auto_prepend.php b/auto_prepend.php
index 0b8bb68..7500061 100644
--- a/auto_prepend.php
+++ b/auto_prepend.php
@@ -154,8 +154,8 @@ function db_version()
  */
 if (function_exists("taint"))
 {
-	function it_untaint(&$value, $marks = TC_HTML) { untaint($value, $marks); return $value; }
-	function it_taintcheck(&$value, $marks = TC_HTML) { if (istainted($value) & $marks) { untaint($value, $marks); it::error("it_taintcheck($value, $marks) failed"); } return $value; }
+	function it_untaint($value, $marks = TC_HTML) { untaint($value, $marks); return $value; }
+	function it_taintcheck($value, $marks = TC_HTML) { if (istainted($value) & $marks) { untaint($value, $marks); it::error(it_untaint("it_taintcheck($value, $marks) failed")); } return $value; }
 }
 else
 {
@@ -166,8 +166,8 @@ else
 	define('TC_SELF', 0);
 	define('TC_ALL', 0);
 	define('TC_NONE', 0);
-	function it_untaint(&$value, $marks = 0) {  return $value; }
-	function it_taintcheck(&$value, $marks = 0) { return $value; }
+	function it_untaint($value, $marks = 0) {  return $value; }
+	function it_taintcheck($value, $marks = 0) { return $value; }
 }
 
 ?>
diff --git a/itjs.class b/itjs.class
index df80123..a040d79 100644
--- a/itjs.class
+++ b/itjs.class
@@ -56,7 +56,7 @@ function serialize($values, $envelope = false)
 		}
 	}
 
-	return $header . itjs::encode($values) . $footer;
+	return it_untaint($result = $header . itjs::encode($values) . $footer);
 }
 
 /*