diff options
author | DiederikLascaris <info@runesa.nl> | 2017-01-22 21:45:15 +0100 |
---|---|---|
committer | DiederikLascaris <info@runesa.nl> | 2017-01-22 21:45:15 +0100 |
commit | 312efeba32d532878c536fd28e75f39d61a9dade (patch) | |
tree | 71ae4aaca33a9d34a789d6d375acd2594160123a | |
parent | 947f1a06093a52a32b703ee795e52c22cd66363a (diff) | |
parent | 44c7af639ac1726780b64fb5a6cb6fca2df8b651 (diff) |
Merge branch 'develop' of git://github.com/bcit-ci/CodeIgniter into develop
328 files changed, 6738 insertions, 10283 deletions
diff --git a/.editorconfig b/.editorconfig new file mode 100644 index 000000000..39f48d95f --- /dev/null +++ b/.editorconfig @@ -0,0 +1,15 @@ +# top-most EditorConfig file +root = true + +# Unix-style newlines with a newline ending every file +[*] +end_of_line = lf +insert_final_newline = true + +# Matches multiple files with brace expansion notation +# Set default charset +[*] +charset = utf-8 + +# Tab indentation (no size specified) +indent_style = tab diff --git a/.gitignore b/.gitignore index 5982f9bad..97f1d3159 100644 --- a/.gitignore +++ b/.gitignore @@ -25,3 +25,4 @@ user_guide_src/cilexer/pycilexer.egg-info/* *.stTheme.cache *.sublime-workspace *.sublime-project +/tests/tests/
\ No newline at end of file diff --git a/.travis.yml b/.travis.yml index 258ad76f1..3d0691e50 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,12 +1,11 @@ language: php php: - - 5.2 - - 5.3.3 - 5.4 - 5.5 - 5.6 - - 7 + - 7.0 + - 7.1 - hhvm env: @@ -21,7 +20,7 @@ env: sudo: false before_script: - - sh -c "if [ '$TRAVIS_PHP_VERSION' = '5.2' ]; then pear channel-discover pear.bovigo.org && pear install bovigo/vfsStream-beta; else composer install --dev --no-progress; fi" + - sh -c "composer install --dev --no-progress" - sh -c "if [ '$DB' = 'pgsql' ] || [ '$DB' = 'pdo/pgsql' ]; then psql -c 'DROP DATABASE IF EXISTS ci_test;' -U postgres; fi" - sh -c "if [ '$DB' = 'pgsql' ] || [ '$DB' = 'pdo/pgsql' ]; then psql -c 'create database ci_test;' -U postgres; fi" - sh -c "if [ '$DB' = 'mysql' ] || [ '$DB' = 'mysqli' ] || [ '$DB' = 'pdo/mysql' ]; then mysql -e 'create database IF NOT EXISTS ci_test;'; fi" @@ -30,22 +29,20 @@ script: phpunit -d zend.enable_gc=0 -d date.timezone=UTC --coverage-text --confi matrix: allow_failures: - - php: 5.2 - php: hhvm - - php: 7 exclude: - php: hhvm env: DB=pgsql - php: hhvm env: DB=pdo/pgsql - - php: 7 + - php: 7.0 + env: DB=mysql + - php: 7.1 env: DB=mysql - - php: 5.2 - env: DB=sqlite - - php: 5.2 - env: DB=pdo/sqlite branches: only: - develop + - 3.0-stable + - 3.1-stable - /^feature\/.+$/ diff --git a/application/config/autoload.php b/application/config/autoload.php index 4bc6bf0ad..7cdc9013c 100644 --- a/application/config/autoload.php +++ b/application/config/autoload.php @@ -72,6 +72,12 @@ $autoload['libraries'] = array(); | Prototype: | | $autoload['drivers'] = array('cache'); +| +| You can also supply an alternative property name to be assigned in +| the controller: +| +| $autoload['drivers'] = array('cache' => 'cch'); +| */ $autoload['drivers'] = array(); diff --git a/application/config/config.php b/application/config/config.php index a4d883fab..c6e1a7af5 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -11,10 +11,16 @@ defined('BASEPATH') OR exit('No direct script access allowed'); | | http://example.com/ | -| If this is not set then CodeIgniter will try guess the protocol, domain -| and path to your installation. However, you should always configure this -| explicitly and never rely on auto-guessing, especially in production -| environments. +| WARNING: You MUST set this value! +| +| If it is not set, then CodeIgniter will try guess the protocol and path +| your installation, but due to security concerns the hostname will be set +| to $_SERVER['SERVER_ADDR'] if available, or localhost otherwise. +| The auto-detection mechanism exists only for convenience during +| development and MUST NOT be used in production! +| +| If you need to allow multiple domains, remember that this file is still +| a PHP script and you can easily do that on your own. | */ $config['base_url'] = ''; @@ -56,7 +62,9 @@ $config['uri_protocol'] = 'REQUEST_URI'; | This option allows you to add a suffix to all URLs generated by CodeIgniter. | For more information please see the user guide: | -| http://codeigniter.com/user_guide/general/urls.html +| https://codeigniter.com/user_guide/general/urls.html +| +| Note: This option is ignored for CLI requests. */ $config['url_suffix'] = ''; @@ -104,8 +112,8 @@ $config['enable_hooks'] = FALSE; | This item allows you to set the filename/classname prefix when extending | native libraries. For more information please see the user guide: | -| http://codeigniter.com/user_guide/general/core_classes.html -| http://codeigniter.com/user_guide/general/creating_libraries.html +| https://codeigniter.com/user_guide/general/core_classes.html +| https://codeigniter.com/user_guide/general/creating_libraries.html | */ $config['subclass_prefix'] = 'MY_'; @@ -151,6 +159,8 @@ $config['composer_autoload'] = FALSE; | | DO NOT CHANGE THIS UNLESS YOU FULLY UNDERSTAND THE REPERCUSSIONS!! | +| Note: This option is ignored for CLI requests. +| */ $config['permitted_uri_chars'] = 'a-z 0-9~%.:_\-'; @@ -162,9 +172,6 @@ $config['permitted_uri_chars'] = 'a-z 0-9~%.:_\-'; | By default CodeIgniter uses search-engine friendly segment based URLs: | example.com/who/what/where/ | -| By default CodeIgniter enables access to the $_GET array. If for some -| reason you would like to disable it, set 'allow_get_array' to FALSE. -| | You can optionally enable standard query string based URLs: | example.com?who=me&what=something&where=here | @@ -179,7 +186,6 @@ $config['permitted_uri_chars'] = 'a-z 0-9~%.:_\-'; | use segment based URLs. | */ -$config['allow_get_array'] = TRUE; $config['enable_query_strings'] = FALSE; $config['controller_trigger'] = 'c'; $config['function_trigger'] = 'm'; @@ -305,7 +311,7 @@ $config['cache_query_string'] = FALSE; | If you use the Encryption class, you must set an encryption key. | See the user guide for more info. | -| http://codeigniter.com/user_guide/libraries/encryption.html +| https://codeigniter.com/user_guide/libraries/encryption.html | */ $config['encryption_key'] = ''; @@ -344,6 +350,9 @@ $config['encryption_key'] = ''; | | Whether to match the user's IP address when reading the session data. | +| WARNING: If you're using the database driver, don't forget to update +| your session table's PRIMARY KEY when changing this setting. +| | 'sess_time_to_update' | | How many seconds between CI regenerating the session ID. @@ -389,34 +398,6 @@ $config['cookie_httponly'] = FALSE; /* |-------------------------------------------------------------------------- -| Standardize newlines -|-------------------------------------------------------------------------- -| -| Determines whether to standardize newline characters in input data, -| meaning to replace \r\n, \r, \n occurrences with the PHP_EOL value. -| -| This is particularly useful for portability between UNIX-based OSes, -| (usually \n) and Windows (\r\n). -| -*/ -$config['standardize_newlines'] = FALSE; - -/* -|-------------------------------------------------------------------------- -| Global XSS Filtering -|-------------------------------------------------------------------------- -| -| Determines whether the XSS filter is always active when GET, POST or -| COOKIE data is encountered -| -| WARNING: This feature is DEPRECATED and currently available only -| for backwards compatibility purposes! -| -*/ -$config['global_xss_filtering'] = FALSE; - -/* -|-------------------------------------------------------------------------- | Cross Site Request Forgery |-------------------------------------------------------------------------- | Enables a CSRF cookie token to be set. When set to TRUE, token will be @@ -473,20 +454,6 @@ $config['time_reference'] = 'local'; /* |-------------------------------------------------------------------------- -| Rewrite PHP Short Tags -|-------------------------------------------------------------------------- -| -| If your PHP installation does not have short tag support enabled CI -| can rewrite the tags on-the-fly, enabling you to utilize that syntax -| in your view files. Options are TRUE or FALSE (boolean) -| -| Note: You need to have eval() enabled for this to work. -| -*/ -$config['rewrite_short_tags'] = FALSE; - -/* -|-------------------------------------------------------------------------- | Reverse Proxy IPs |-------------------------------------------------------------------------- | diff --git a/application/config/constants.php b/application/config/constants.php index 48283e223..18d3b4b76 100644 --- a/application/config/constants.php +++ b/application/config/constants.php @@ -3,6 +3,18 @@ defined('BASEPATH') OR exit('No direct script access allowed'); /* |-------------------------------------------------------------------------- +| Display Debug backtrace +|-------------------------------------------------------------------------- +| +| If set to TRUE, a backtrace will be displayed along with php errors. If +| error_reporting is disabled, the backtrace will not display, regardless +| of this setting +| +*/ +defined('SHOW_DEBUG_BACKTRACE') OR define('SHOW_DEBUG_BACKTRACE', TRUE); + +/* +|-------------------------------------------------------------------------- | File and Directory Modes |-------------------------------------------------------------------------- | @@ -14,10 +26,10 @@ defined('BASEPATH') OR exit('No direct script access allowed'); | always be used to set the mode correctly. | */ -define('FILE_READ_MODE', 0644); -define('FILE_WRITE_MODE', 0666); -define('DIR_READ_MODE', 0755); -define('DIR_WRITE_MODE', 0755); +defined('FILE_READ_MODE') OR define('FILE_READ_MODE', 0644); +defined('FILE_WRITE_MODE') OR define('FILE_WRITE_MODE', 0666); +defined('DIR_READ_MODE') OR define('DIR_READ_MODE', 0755); +defined('DIR_WRITE_MODE') OR define('DIR_WRITE_MODE', 0755); /* |-------------------------------------------------------------------------- @@ -27,26 +39,14 @@ define('DIR_WRITE_MODE', 0755); | These modes are used when working with fopen()/popen() | */ -define('FOPEN_READ', 'rb'); -define('FOPEN_READ_WRITE', 'r+b'); -define('FOPEN_WRITE_CREATE_DESTRUCTIVE', 'wb'); // truncates existing file data, use with care -define('FOPEN_READ_WRITE_CREATE_DESTRUCTIVE', 'w+b'); // truncates existing file data, use with care -define('FOPEN_WRITE_CREATE', 'ab'); -define('FOPEN_READ_WRITE_CREATE', 'a+b'); -define('FOPEN_WRITE_CREATE_STRICT', 'xb'); -define('FOPEN_READ_WRITE_CREATE_STRICT', 'x+b'); - -/* -|-------------------------------------------------------------------------- -| Display Debug backtrace -|-------------------------------------------------------------------------- -| -| If set to TRUE, a backtrace will be displayed along with php errors. If -| error_reporting is disabled, the backtrace will not display, regardless -| of this setting -| -*/ -define('SHOW_DEBUG_BACKTRACE', TRUE); +defined('FOPEN_READ') OR define('FOPEN_READ', 'rb'); +defined('FOPEN_READ_WRITE') OR define('FOPEN_READ_WRITE', 'r+b'); +defined('FOPEN_WRITE_CREATE_DESTRUCTIVE') OR define('FOPEN_WRITE_CREATE_DESTRUCTIVE', 'wb'); // truncates existing file data, use with care +defined('FOPEN_READ_WRITE_CREATE_DESTRUCTIVE') OR define('FOPEN_READ_WRITE_CREATE_DESTRUCTIVE', 'w+b'); // truncates existing file data, use with care +defined('FOPEN_WRITE_CREATE') OR define('FOPEN_WRITE_CREATE', 'ab'); +defined('FOPEN_READ_WRITE_CREATE') OR define('FOPEN_READ_WRITE_CREATE', 'a+b'); +defined('FOPEN_WRITE_CREATE_STRICT') OR define('FOPEN_WRITE_CREATE_STRICT', 'xb'); +defined('FOPEN_READ_WRITE_CREATE_STRICT') OR define('FOPEN_READ_WRITE_CREATE_STRICT', 'x+b'); /* |-------------------------------------------------------------------------- @@ -73,13 +73,13 @@ define('SHOW_DEBUG_BACKTRACE', TRUE); | http://tldp.org/LDP/abs/html/exitcodes.html | */ -define('EXIT_SUCCESS', 0); // no errors -define('EXIT_ERROR', 1); // generic error -define('EXIT_CONFIG', 3); // configuration error -define('EXIT_UNKNOWN_FILE', 4); // file not found -define('EXIT_UNKNOWN_CLASS', 5); // unknown class -define('EXIT_UNKNOWN_METHOD', 6); // unknown class member -define('EXIT_USER_INPUT', 7); // invalid user input -define('EXIT_DATABASE', 8); // database error -define('EXIT__AUTO_MIN', 9); // lowest automatically-assigned error code -define('EXIT__AUTO_MAX', 125); // highest automatically-assigned error code +defined('EXIT_SUCCESS') OR define('EXIT_SUCCESS', 0); // no errors +defined('EXIT_ERROR') OR define('EXIT_ERROR', 1); // generic error +defined('EXIT_CONFIG') OR define('EXIT_CONFIG', 3); // configuration error +defined('EXIT_UNKNOWN_FILE') OR define('EXIT_UNKNOWN_FILE', 4); // file not found +defined('EXIT_UNKNOWN_CLASS') OR define('EXIT_UNKNOWN_CLASS', 5); // unknown class +defined('EXIT_UNKNOWN_METHOD') OR define('EXIT_UNKNOWN_METHOD', 6); // unknown class member +defined('EXIT_USER_INPUT') OR define('EXIT_USER_INPUT', 7); // invalid user input +defined('EXIT_DATABASE') OR define('EXIT_DATABASE', 8); // database error +defined('EXIT__AUTO_MIN') OR define('EXIT__AUTO_MIN', 9); // lowest automatically-assigned error code +defined('EXIT__AUTO_MAX') OR define('EXIT__AUTO_MAX', 125); // highest automatically-assigned error code diff --git a/application/config/database.php b/application/config/database.php index bf9857fff..b4d8a6a3e 100644 --- a/application/config/database.php +++ b/application/config/database.php @@ -22,7 +22,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); | ['dbdriver'] The database driver. e.g.: mysqli. | Currently supported: | cubrid, ibase, mssql, mysql, mysqli, oci8, -| odbc, pdo, postgre, sqlite, sqlite3, sqlsrv +| odbc, pdo, postgre, sqlite3, sqlsrv | ['dbprefix'] You can add an optional prefix, which will be added | to the table name when using the Query Builder class | ['pconnect'] TRUE/FALSE - Whether to use a persistent connection diff --git a/application/config/hooks.php b/application/config/hooks.php index 2eac5bbc9..a8f38a5dc 100644 --- a/application/config/hooks.php +++ b/application/config/hooks.php @@ -8,6 +8,6 @@ defined('BASEPATH') OR exit('No direct script access allowed'); | This file lets you define "hooks" to extend CI without hacking the core | files. Please see the user guide for info: | -| http://codeigniter.com/user_guide/general/hooks.html +| https://codeigniter.com/user_guide/general/hooks.html | */ diff --git a/application/config/memcached.php b/application/config/memcached.php index 55949a66c..5c23b39c1 100644 --- a/application/config/memcached.php +++ b/application/config/memcached.php @@ -7,7 +7,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); | ------------------------------------------------------------------------- | Your Memcached servers can be specified below. | -| See: http://codeigniter.com/user_guide/libraries/caching.html#memcached +| See: https://codeigniter.com/user_guide/libraries/caching.html#memcached | */ $config = array( diff --git a/application/config/mimes.php b/application/config/mimes.php index 1f591ba6b..017653335 100644 --- a/application/config/mimes.php +++ b/application/config/mimes.php @@ -77,6 +77,14 @@ return array( 'jpeg' => array('image/jpeg', 'image/pjpeg'), 'jpg' => array('image/jpeg', 'image/pjpeg'), 'jpe' => array('image/jpeg', 'image/pjpeg'), + 'jp2' => array('image/jp2', 'video/mj2', 'image/jpx', 'image/jpm'), + 'j2k' => array('image/jp2', 'video/mj2', 'image/jpx', 'image/jpm'), + 'jpf' => array('image/jp2', 'video/mj2', 'image/jpx', 'image/jpm'), + 'jpg2' => array('image/jp2', 'video/mj2', 'image/jpx', 'image/jpm'), + 'jpx' => array('image/jp2', 'video/mj2', 'image/jpx', 'image/jpm'), + 'jpm' => array('image/jp2', 'video/mj2', 'image/jpx', 'image/jpm'), + 'mj2' => array('image/jp2', 'video/mj2', 'image/jpx', 'image/jpm'), + 'mjp2' => array('image/jp2', 'video/mj2', 'image/jpx', 'image/jpm'), 'png' => array('image/png', 'image/x-png'), 'tiff' => 'image/tiff', 'tif' => 'image/tiff', @@ -129,7 +137,8 @@ return array( '3gp' => array('video/3gp', 'video/3gpp'), 'mp4' => 'video/mp4', 'm4a' => 'audio/x-m4a', - 'f4v' => 'video/mp4', + 'f4v' => array('video/mp4', 'video/x-f4v'), + 'flv' => 'video/x-flv', 'webm' => 'video/webm', 'aac' => 'audio/x-acc', 'm4u' => 'application/vnd.mpegurl', @@ -140,7 +149,7 @@ return array( 'au' => 'audio/x-au', 'ac3' => 'audio/ac3', 'flac' => 'audio/x-flac', - 'ogg' => 'audio/ogg', + 'ogg' => array('audio/ogg', 'video/ogg', 'application/ogg'), 'kmz' => array('application/vnd.google-earth.kmz', 'application/zip', 'application/x-zip'), 'kml' => array('application/vnd.google-earth.kml+xml', 'application/xml', 'text/xml'), 'ics' => 'text/calendar', @@ -154,5 +163,21 @@ return array( 'vcf' => 'text/x-vcard', 'srt' => array('text/srt', 'text/plain'), 'vtt' => array('text/vtt', 'text/plain'), - 'ico' => array('image/x-icon', 'image/x-ico', 'image/vnd.microsoft.icon') + 'ico' => array('image/x-icon', 'image/x-ico', 'image/vnd.microsoft.icon'), + 'odc' => 'application/vnd.oasis.opendocument.chart', + 'otc' => 'application/vnd.oasis.opendocument.chart-template', + 'odf' => 'application/vnd.oasis.opendocument.formula', + 'otf' => 'application/vnd.oasis.opendocument.formula-template', + 'odg' => 'application/vnd.oasis.opendocument.graphics', + 'otg' => 'application/vnd.oasis.opendocument.graphics-template', + 'odi' => 'application/vnd.oasis.opendocument.image', + 'oti' => 'application/vnd.oasis.opendocument.image-template', + 'odp' => 'application/vnd.oasis.opendocument.presentation', + 'otp' => 'application/vnd.oasis.opendocument.presentation-template', + 'ods' => 'application/vnd.oasis.opendocument.spreadsheet', + 'ots' => 'application/vnd.oasis.opendocument.spreadsheet-template', + 'odt' => 'application/vnd.oasis.opendocument.text', + 'odm' => 'application/vnd.oasis.opendocument.text-master', + 'ott' => 'application/vnd.oasis.opendocument.text-template', + 'oth' => 'application/vnd.oasis.opendocument.text-web' ); diff --git a/application/config/profiler.php b/application/config/profiler.php index b30204e16..3db22e39c 100644 --- a/application/config/profiler.php +++ b/application/config/profiler.php @@ -9,6 +9,6 @@ defined('BASEPATH') OR exit('No direct script access allowed'); | data are displayed when the Profiler is enabled. | Please see the user guide for info: | -| http://codeigniter.com/user_guide/general/profiling.html +| https://codeigniter.com/user_guide/general/profiling.html | */ diff --git a/application/config/routes.php b/application/config/routes.php index a98c6d122..8ebf62bfa 100644 --- a/application/config/routes.php +++ b/application/config/routes.php @@ -19,7 +19,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); | | Please see the user guide for complete details: | -| http://codeigniter.com/user_guide/general/routing.html +| https://codeigniter.com/user_guide/general/routing.html | | ------------------------------------------------------------------------- | RESERVED ROUTES @@ -43,8 +43,8 @@ defined('BASEPATH') OR exit('No direct script access allowed'); | This is not exactly a route, but allows you to automatically route | controller and method names that contain dashes. '-' isn't a valid | class or method name character, so it requires translation. -| When you set this option to TRUE, it will replace ALL dashes in the -| controller and method URI segments. +| When you set this option to TRUE, it will replace ALL dashes with +| underscores in the controller and method URI segments. | | Examples: my-controller/index -> my_controller/index | my-controller/my-method -> my_controller/my_method diff --git a/application/config/smileys.php b/application/config/smileys.php deleted file mode 100644 index 1eeba4776..000000000 --- a/application/config/smileys.php +++ /dev/null @@ -1,64 +0,0 @@ -<?php -defined('BASEPATH') OR exit('No direct script access allowed'); - -/* -| ------------------------------------------------------------------- -| SMILEYS -| ------------------------------------------------------------------- -| This file contains an array of smileys for use with the emoticon helper. -| Individual images can be used to replace multiple smileys. For example: -| :-) and :) use the same image replacement. -| -| Please see user guide for more info: -| http://codeigniter.com/user_guide/helpers/smiley_helper.html -| -*/ -$smileys = array( - -// smiley image name width height alt - - ':-)' => array('grin.gif', '19', '19', 'grin'), - ':lol:' => array('lol.gif', '19', '19', 'LOL'), - ':cheese:' => array('cheese.gif', '19', '19', 'cheese'), - ':)' => array('smile.gif', '19', '19', 'smile'), - ';-)' => array('wink.gif', '19', '19', 'wink'), - ';)' => array('wink.gif', '19', '19', 'wink'), - ':smirk:' => array('smirk.gif', '19', '19', 'smirk'), - ':roll:' => array('rolleyes.gif', '19', '19', 'rolleyes'), - ':-S' => array('confused.gif', '19', '19', 'confused'), - ':wow:' => array('surprise.gif', '19', '19', 'surprised'), - ':bug:' => array('bigsurprise.gif', '19', '19', 'big surprise'), - ':-P' => array('tongue_laugh.gif', '19', '19', 'tongue laugh'), - '%-P' => array('tongue_rolleye.gif', '19', '19', 'tongue rolleye'), - ';-P' => array('tongue_wink.gif', '19', '19', 'tongue wink'), - ':P' => array('raspberry.gif', '19', '19', 'raspberry'), - ':blank:' => array('blank.gif', '19', '19', 'blank stare'), - ':long:' => array('longface.gif', '19', '19', 'long face'), - ':ohh:' => array('ohh.gif', '19', '19', 'ohh'), - ':grrr:' => array('grrr.gif', '19', '19', 'grrr'), - ':gulp:' => array('gulp.gif', '19', '19', 'gulp'), - '8-/' => array('ohoh.gif', '19', '19', 'oh oh'), - ':down:' => array('downer.gif', '19', '19', 'downer'), - ':red:' => array('embarrassed.gif', '19', '19', 'red face'), - ':sick:' => array('sick.gif', '19', '19', 'sick'), - ':shut:' => array('shuteye.gif', '19', '19', 'shut eye'), - ':-/' => array('hmm.gif', '19', '19', 'hmmm'), - '>:(' => array('mad.gif', '19', '19', 'mad'), - ':mad:' => array('mad.gif', '19', '19', 'mad'), - '>:-(' => array('angry.gif', '19', '19', 'angry'), - ':angry:' => array('angry.gif', '19', '19', 'angry'), - ':zip:' => array('zip.gif', '19', '19', 'zipper'), - ':kiss:' => array('kiss.gif', '19', '19', 'kiss'), - ':ahhh:' => array('shock.gif', '19', '19', 'shock'), - ':coolsmile:' => array('shade_smile.gif', '19', '19', 'cool smile'), - ':coolsmirk:' => array('shade_smirk.gif', '19', '19', 'cool smirk'), - ':coolgrin:' => array('shade_grin.gif', '19', '19', 'cool grin'), - ':coolhmm:' => array('shade_hmm.gif', '19', '19', 'cool hmm'), - ':coolmad:' => array('shade_mad.gif', '19', '19', 'cool mad'), - ':coolcheese:' => array('shade_cheese.gif', '19', '19', 'cool cheese'), - ':vampire:' => array('vampire.gif', '19', '19', 'vampire'), - ':snake:' => array('snake.gif', '19', '19', 'snake'), - ':exclaim:' => array('exclaim.gif', '19', '19', 'exclaim'), - ':question:' => array('question.gif', '19', '19', 'question') - -); diff --git a/application/config/user_agents.php b/application/config/user_agents.php index 1129dbacd..1359bbea9 100644 --- a/application/config/user_agents.php +++ b/application/config/user_agents.php @@ -87,7 +87,8 @@ $browsers = array( 'amaya' => 'Amaya', 'IBrowse' => 'IBrowse', 'Maxthon' => 'Maxthon', - 'Ubuntu' => 'Ubuntu Web Browser' + 'Ubuntu' => 'Ubuntu Web Browser', + 'Vivaldi' => 'Vivaldi' ); $mobiles = array( @@ -207,5 +208,8 @@ $robots = array( 'CRAZYWEBCRAWLER' => 'Crazy Webcrawler', 'adsbot-google' => 'AdsBot Google', 'feedfetcher-google' => 'Feedfetcher Google', - 'curious george' => 'Curious George' + 'curious george' => 'Curious George', + 'ia_archiver' => 'Alexa Crawler', + 'MJ12bot' => 'Majestic-12', + 'Uptimebot' => 'Uptimebot' ); diff --git a/application/controllers/Welcome.php b/application/controllers/Welcome.php index 34535ef05..9213c0cf5 100644 --- a/application/controllers/Welcome.php +++ b/application/controllers/Welcome.php @@ -16,7 +16,7 @@ class Welcome extends CI_Controller { * * So any other public methods not prefixed with an underscore will * map to /index.php/welcome/<method_name> - * @see http://codeigniter.com/user_guide/general/urls.html + * @see https://codeigniter.com/user_guide/general/urls.html */ public function index() { diff --git a/build-release.sh b/build-release.sh new file mode 100755 index 000000000..6b3b31d12 --- /dev/null +++ b/build-release.sh @@ -0,0 +1,99 @@ +#!/usr/bin/env bash + +cd $(dirname $BASH_SOURCE) + +if [ $# -eq 0 ]; then + echo 'Usage: '$BASH_SOURCE' <version_number>' + exit 1 +fi + +version_number=$1 + +if [ ${#version_number} -lt 5 ] +then + echo "Provided version number is too short" + exit 1 +elif [ ${version_number: -4} == "-dev" ] +then + echo "'-dev' releases are not allowed" + exit 1 +fi + +version_id=${version_number:0:5} +version_id=${version_id//./} +upgrade_rst='user_guide_src/source/installation/upgrade_'$version_id'.rst' + +if [ ${#version_id} -ne 3 ] +then + echo "Invalid version number format" + exit 1 +elif [ `grep -c -F --regexp="'$version_number'" system/core/CodeIgniter.php` -ne 1 ] +then + echo "Provided version number doesn't match in system/core/CodeIgniter.php" + exit 1 +elif [ `grep -c -F --regexp="'$version_number'" user_guide_src/source/conf.py` -ne 2 ] +then + echo "Provided version number doesn't match in user_guide_src/source/conf.py" + exit 1 +elif [ `grep -c -F --regexp="$version_number (Current version) <https://codeload.github.com/bcit-ci/CodeIgniter/zip/$version_number>" user_guide_src/source/installation/downloads.rst` -ne 1 ] +then + echo "user_guide_src/source/installation/downloads.rst doesn't appear to contain a link for this version" + exit 1 +elif [ ! -f "$upgrade_rst" ] +then + echo "${upgrade_rst} doesn't exist" + exit 1 +fi + +echo "Running tests ..." + +cd tests/ +phpunit + +if [ $? -ne 0 ] +then + echo "Build FAILED!" + exit 1 +fi + +cd .. +cd user_guide_src/ + +echo "" +echo "Building HTML docs; please check output for warnings ..." +echo "" + +make html + +echo "" + +if [ $? -ne 0 ] +then + echo "Build FAILED!" + exit 1 +fi + +echo "Building EPUB docs; please check output for warnings ..." +echo "" + +make epub + +echo "" + +if [ $? -ne 0 ] +then + echo "Build FAILED!" + exit 1 +fi + +cd .. + +if [ -d user_guide/ ] +then + rm -r user_guide/ +fi + +cp -r user_guide_src/build/html/ user_guide/ +cp user_guide_src/build/epub/CodeIgniter.epub "CodeIgniter ${version_number}.epub" + +echo "Build complete." diff --git a/composer.json b/composer.json index 0653a7885..64d1be155 100644 --- a/composer.json +++ b/composer.json @@ -2,7 +2,7 @@ "description": "The CodeIgniter framework", "name": "codeigniter/framework", "type": "project", - "homepage": "http://codeigniter.com", + "homepage": "https://codeigniter.com", "license": "MIT", "support": { "forum": "http://forum.codeigniter.com/", @@ -13,6 +13,9 @@ "require": { "php": ">=5.2.4" }, + "suggest": { + "paragonie/random_compat": "Provides better randomness in PHP 5.x" + }, "require-dev": { "mikey179/vfsStream": "1.1.*" } diff --git a/contributing.md b/contributing.md index 5a25698bf..10b89b1db 100644 --- a/contributing.md +++ b/contributing.md @@ -20,8 +20,8 @@ for us to maintain quality of the code-base. ### PHP Style -All code must meet the [Style Guide](http://codeigniter.com/user_guide/general/styleguide.html), which is -essentially the [Allman indent style](http://en.wikipedia.org/wiki/Indent_style#Allman_style), underscores and readable operators. This makes certain that all code is the same format as the existing code and means it will be as readable as possible. +All code must meet the [Style Guide](https://codeigniter.com/user_guide/general/styleguide.html), which is +essentially the [Allman indent style](https://en.wikipedia.org/wiki/Indent_style#Allman_style), underscores and readable operators. This makes certain that all code is the same format as the existing code and means it will be as readable as possible. ### Documentation @@ -29,7 +29,7 @@ If you change anything that requires a change to documentation then you will nee ### Compatibility -CodeIgniter recommends PHP 5.4 or newer to be used, but it should be +CodeIgniter recommends PHP 5.5 or newer to be used, but it should be compatible with PHP 5.2.4 so all code supplied must stick to this requirement. If PHP 5.3 (and above) functions or features are used then there must be a fallback for PHP 5.2.4. @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -73,14 +73,7 @@ switch (ENVIRONMENT) case 'testing': case 'production': ini_set('display_errors', 0); - if (version_compare(PHP_VERSION, '5.3', '>=')) - { - error_reporting(E_ALL & ~E_NOTICE & ~E_DEPRECATED & ~E_STRICT & ~E_USER_NOTICE & ~E_USER_DEPRECATED); - } - else - { - error_reporting(E_ALL & ~E_NOTICE & ~E_STRICT & ~E_USER_NOTICE); - } + error_reporting(E_ALL & ~E_NOTICE & ~E_DEPRECATED & ~E_STRICT & ~E_USER_NOTICE & ~E_USER_DEPRECATED); break; default: @@ -91,25 +84,26 @@ switch (ENVIRONMENT) /* *--------------------------------------------------------------- - * SYSTEM FOLDER NAME + * SYSTEM DIRECTORY NAME *--------------------------------------------------------------- * - * This variable must contain the name of your "system" folder. - * Include the path if the folder is not in the same directory - * as this file. + * This variable must contain the name of your "system" directory. + * Set the path if it is not in the same directory as this file. */ $system_path = 'system'; /* *--------------------------------------------------------------- - * APPLICATION FOLDER NAME + * APPLICATION DIRECTORY NAME *--------------------------------------------------------------- * * If you want this front controller to use a different "application" - * folder than the default one you can set its name here. The folder - * can also be renamed or relocated anywhere on your server. If - * you do, use a full server path. For more info please see the user guide: - * http://codeigniter.com/user_guide/general/managing_apps.html + * directory than the default one you can set its name here. The directory + * can also be renamed or relocated anywhere on your server. If you do, + * use an absolute (full) server path. + * For more info please see the user guide: + * + * https://codeigniter.com/user_guide/general/managing_apps.html * * NO TRAILING SLASH! */ @@ -117,14 +111,14 @@ switch (ENVIRONMENT) /* *--------------------------------------------------------------- - * VIEW FOLDER NAME + * VIEW DIRECTORY NAME *--------------------------------------------------------------- * - * If you want to move the view folder out of the application - * folder set the path to the folder here. The folder can be renamed + * If you want to move the view directory out of the application + * directory, set the path to it here. The directory can be renamed * and relocated anywhere on your server. If blank, it will default - * to the standard location inside your application folder. If you - * do move this, use the full server path to this folder. + * to the standard location inside your application directory. + * If you do move this, use an absolute (full) server path. * * NO TRAILING SLASH! */ @@ -150,8 +144,8 @@ switch (ENVIRONMENT) * * Un-comment the $routing array below to use this feature */ - // The directory name, relative to the "controllers" folder. Leave blank - // if your controller is not in a sub-folder within the "controllers" folder + // The directory name, relative to the "controllers" directory. Leave blank + // if your controller is not in a sub-directory within the "controllers" one // $routing['directory'] = ''; // The controller class file name. Example: mycontroller @@ -197,12 +191,16 @@ switch (ENVIRONMENT) if (($_temp = realpath($system_path)) !== FALSE) { - $system_path = $_temp.'/'; + $system_path = $_temp.DIRECTORY_SEPARATOR; } else { // Ensure there's a trailing slash - $system_path = rtrim($system_path, '/').'/'; + $system_path = strtr( + rtrim($system_path, '/\\'), + '/\\', + DIRECTORY_SEPARATOR.DIRECTORY_SEPARATOR + ).DIRECTORY_SEPARATOR; } // Is the system path correct? @@ -221,66 +219,84 @@ switch (ENVIRONMENT) // The name of THIS file define('SELF', pathinfo(__FILE__, PATHINFO_BASENAME)); - // Path to the system folder - define('BASEPATH', str_replace('\\', '/', $system_path)); + // Path to the system directory + define('BASEPATH', $system_path); - // Path to the front controller (this file) - define('FCPATH', dirname(__FILE__).'/'); + // Path to the front controller (this file) directory + define('FCPATH', dirname(__FILE__).DIRECTORY_SEPARATOR); - // Name of the "system folder" - define('SYSDIR', trim(strrchr(trim(BASEPATH, '/'), '/'), '/')); + // Name of the "system" directory + define('SYSDIR', basename(BASEPATH)); - // The path to the "application" folder + // The path to the "application" directory if (is_dir($application_folder)) { if (($_temp = realpath($application_folder)) !== FALSE) { $application_folder = $_temp; } - - define('APPPATH', $application_folder.DIRECTORY_SEPARATOR); + else + { + $application_folder = strtr( + rtrim($application_folder, '/\\'), + '/\\', + DIRECTORY_SEPARATOR.DIRECTORY_SEPARATOR + ); + } + } + elseif (is_dir(BASEPATH.$application_folder.DIRECTORY_SEPARATOR)) + { + $application_folder = BASEPATH.strtr( + trim($application_folder, '/\\'), + '/\\', + DIRECTORY_SEPARATOR.DIRECTORY_SEPARATOR + ); } else { - if ( ! is_dir(BASEPATH.$application_folder.DIRECTORY_SEPARATOR)) - { - header('HTTP/1.1 503 Service Unavailable.', TRUE, 503); - echo 'Your application folder path does not appear to be set correctly. Please open the following file and correct this: '.SELF; - exit(3); // EXIT_CONFIG - } - - define('APPPATH', BASEPATH.$application_folder.DIRECTORY_SEPARATOR); + header('HTTP/1.1 503 Service Unavailable.', TRUE, 503); + echo 'Your application folder path does not appear to be set correctly. Please open the following file and correct this: '.SELF; + exit(3); // EXIT_CONFIG } - // The path to the "views" folder - if ( ! is_dir($view_folder)) + define('APPPATH', $application_folder.DIRECTORY_SEPARATOR); + + // The path to the "views" directory + if ( ! isset($view_folder[0]) && is_dir(APPPATH.'views'.DIRECTORY_SEPARATOR)) { - if ( ! empty($view_folder) && is_dir(APPPATH.$view_folder.DIRECTORY_SEPARATOR)) - { - $view_folder = APPPATH.$view_folder; - } - elseif ( ! is_dir(APPPATH.'views'.DIRECTORY_SEPARATOR)) + $view_folder = APPPATH.'views'; + } + elseif (is_dir($view_folder)) + { + if (($_temp = realpath($view_folder)) !== FALSE) { - header('HTTP/1.1 503 Service Unavailable.', TRUE, 503); - echo 'Your view folder path does not appear to be set correctly. Please open the following file and correct this: '.SELF; - exit(3); // EXIT_CONFIG + $view_folder = $_temp; } else { - $view_folder = APPPATH.'views'; + $view_folder = strtr( + rtrim($view_folder, '/\\'), + '/\\', + DIRECTORY_SEPARATOR.DIRECTORY_SEPARATOR + ); } } - - if (($_temp = realpath($view_folder)) !== FALSE) + elseif (is_dir(APPPATH.$view_folder.DIRECTORY_SEPARATOR)) { - $view_folder = $_temp.DIRECTORY_SEPARATOR; + $view_folder = APPPATH.strtr( + trim($view_folder, '/\\'), + '/\\', + DIRECTORY_SEPARATOR.DIRECTORY_SEPARATOR + ); } else { - $view_folder = rtrim($view_folder, '/\\').DIRECTORY_SEPARATOR; + header('HTTP/1.1 503 Service Unavailable.', TRUE, 503); + echo 'Your view folder path does not appear to be set correctly. Please open the following file and correct this: '.SELF; + exit(3); // EXIT_CONFIG } - define('VIEWPATH', $view_folder); + define('VIEWPATH', $view_folder.DIRECTORY_SEPARATOR); /* * -------------------------------------------------------------------- diff --git a/license.txt b/license.txt index cb2d8b471..934e126ff 100644 --- a/license.txt +++ b/license.txt @@ -1,6 +1,6 @@ The MIT License (MIT) -Copyright (c) 2014 - 2015, British Columbia Institute of Technology +Copyright (c) 2014 - 2017, British Columbia Institute of Technology Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/readme.rst b/readme.rst index 640dd241b..a2537b393 100644 --- a/readme.rst +++ b/readme.rst @@ -16,7 +16,7 @@ Release Information This repo contains in-development code for future releases. To download the latest stable release please visit the `CodeIgniter Downloads -<http://www.codeigniter.com/download>`_ page. +<https://codeigniter.com/download>`_ page. ************************** Changelog and New Features @@ -29,9 +29,9 @@ guide change log <https://github.com/bcit-ci/CodeIgniter/blob/develop/user_guide Server Requirements ******************* -PHP version 5.4 or newer is recommended. +PHP version 5.6 or newer is recommended. -It should work on 5.2.4 as well, but we strongly advise you NOT to run +It should work on 5.4.8 as well, but we strongly advise you NOT to run such old versions of PHP, because of potential security and performance issues, as well as missing features. @@ -39,7 +39,7 @@ issues, as well as missing features. Installation ************ -Please see the `installation section <http://www.codeigniter.com/user_guide/installation/index.html>`_ +Please see the `installation section <https://codeigniter.com/user_guide/installation/index.html>`_ of the CodeIgniter User Guide. ******* @@ -53,17 +53,18 @@ agreement <https://github.com/bcit-ci/CodeIgniter/blob/develop/user_guide_src/so Resources ********* -- `User Guide <http://www.codeigniter.com/docs>`_ +- `User Guide <https://codeigniter.com/docs>`_ - `Language File Translations <https://github.com/bcit-ci/codeigniter3-translations>`_ - `Community Forums <http://forum.codeigniter.com/>`_ - `Community Wiki <https://github.com/bcit-ci/CodeIgniter/wiki>`_ -- `Community IRC <http://www.codeigniter.com/irc>`_ +- `Community IRC <https://webchat.freenode.net/?channels=%23codeigniter>`_ -Report security issues to our `Security Panel <mailto:security@codeigniter.com>`_, thank you. +Report security issues to our `Security Panel <mailto:security@codeigniter.com>`_ +or via our `page on HackerOne <https://hackerone.com/codeigniter>`_, thank you. *************** Acknowledgement *************** The CodeIgniter team would like to thank EllisLab, all the -contributors to the CodeIgniter project and you, the CodeIgniter user.
\ No newline at end of file +contributors to the CodeIgniter project and you, the CodeIgniter user. diff --git a/system/core/Benchmark.php b/system/core/Benchmark.php index e420f62a1..b3ac79c62 100644 --- a/system/core/Benchmark.php +++ b/system/core/Benchmark.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -47,7 +47,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Libraries * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/benchmark.html + * @link https://codeigniter.com/user_guide/libraries/benchmark.html */ class CI_Benchmark { diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index ddf322749..8eed52eb7 100644 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage CodeIgniter * @category Front-controller * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/ + * @link https://codeigniter.com/user_guide/ */ /** @@ -55,7 +55,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @var string * */ - define('CI_VERSION', '3.0.1-dev'); + const CI_VERSION = '3.2.0-dev'; /* * ------------------------------------------------------ @@ -67,7 +67,10 @@ defined('BASEPATH') OR exit('No direct script access allowed'); require_once(APPPATH.'config/'.ENVIRONMENT.'/constants.php'); } - require_once(APPPATH.'config/constants.php'); + if (file_exists(APPPATH.'config/constants.php')) + { + require_once(APPPATH.'config/constants.php'); + } /* * ------------------------------------------------------ @@ -76,57 +79,6 @@ defined('BASEPATH') OR exit('No direct script access allowed'); */ require_once(BASEPATH.'core/Common.php'); - -/* - * ------------------------------------------------------ - * Security procedures - * ------------------------------------------------------ - */ - -if ( ! is_php('5.4')) -{ - ini_set('magic_quotes_runtime', 0); - - if ((bool) ini_get('register_globals')) - { - $_protected = array( - '_SERVER', - '_GET', - '_POST', - '_FILES', - '_REQUEST', - '_SESSION', - '_ENV', - '_COOKIE', - 'GLOBALS', - 'HTTP_RAW_POST_DATA', - 'system_path', - 'application_folder', - 'view_folder', - '_protected', - '_registered' - ); - - $_registered = ini_get('variables_order'); - foreach (array('E' => '_ENV', 'G' => '_GET', 'P' => '_POST', 'C' => '_COOKIE', 'S' => '_SERVER') as $key => $superglobal) - { - if (strpos($_registered, $key) === FALSE) - { - continue; - } - - foreach (array_keys($$superglobal) as $var) - { - if (isset($GLOBALS[$var]) && ! in_array($var, $_protected, TRUE)) - { - $GLOBALS[$var] = NULL; - } - } - } - } -} - - /* * ------------------------------------------------------ * Define a custom error handler so we can log PHP errors @@ -291,14 +243,14 @@ if ( ! is_php('5.4')) * Instantiate the UTF-8 class * ------------------------------------------------------ */ - $UNI =& load_class('Utf8', 'core'); + $UNI =& load_class('Utf8', 'core', $charset); /* * ------------------------------------------------------ * Instantiate the URI class * ------------------------------------------------------ */ - $URI =& load_class('URI', 'core'); + $URI =& load_class('URI', 'core', $CFG); /* * ------------------------------------------------------ @@ -329,14 +281,14 @@ if ( ! is_php('5.4')) * Load the security class for xss and csrf support * ----------------------------------------------------- */ - $SEC =& load_class('Security', 'core'); + $SEC =& load_class('Security', 'core', $charset); /* * ------------------------------------------------------ * Load the Input class and sanitize globals * ------------------------------------------------------ */ - $IN =& load_class('Input', 'core'); + $IN =& load_class('Input', 'core', $SEC); /* * ------------------------------------------------------ @@ -359,7 +311,7 @@ if ( ! is_php('5.4')) * * Returns current CI instance object * - * @return object + * @return CI_Controller */ function &get_instance() { @@ -416,14 +368,29 @@ if ( ! is_php('5.4')) $params = array($method, array_slice($URI->rsegments, 2)); $method = '_remap'; } - // WARNING: It appears that there are issues with is_callable() even in PHP 5.2! - // Furthermore, there are bug reports and feature/change requests related to it - // that make it unreliable to use in this context. Please, DO NOT change this - // work-around until a better alternative is available. - elseif ( ! in_array(strtolower($method), array_map('strtolower', get_class_methods($class)), TRUE)) + elseif ( ! method_exists($class, $method)) { $e404 = TRUE; } + /** + * DO NOT CHANGE THIS, NOTHING ELSE WORKS! + * + * - method_exists() returns true for non-public methods, which passes the previous elseif + * - is_callable() returns false for PHP 4-style constructors, even if there's a __construct() + * - method_exists($class, '__construct') won't work because CI_Controller::__construct() is inherited + * - People will only complain if this doesn't work, even though it is documented that it shouldn't. + * + * ReflectionMethod::isConstructor() is the ONLY reliable check, + * knowing which method will be executed as a constructor. + */ + elseif ( ! is_callable(array($class, $method)) && strcasecmp($class, $method) === 0) + { + $reflection = new ReflectionMethod($class, $method); + if ( ! $reflection->isPublic() OR $reflection->isConstructor()) + { + $e404 = TRUE; + } + } } if ($e404) diff --git a/system/core/Common.php b/system/core/Common.php index ce324a1cc..2712df0e4 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage CodeIgniter * @category Common Functions * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/ + * @link https://codeigniter.com/user_guide/ */ // ------------------------------------------------------------------------ @@ -81,8 +81,7 @@ if ( ! function_exists('is_really_writable')) * Tests for file writability * * is_writable() returns TRUE on Windows servers when you really can't write to - * the file, based on the read-only attribute. is_writable() is also unreliable - * on Unix servers if safe_mode is on. + * the file, based on the read-only attribute. * * @link https://bugs.php.net/bug.php?id=54709 * @param string @@ -90,8 +89,8 @@ if ( ! function_exists('is_really_writable')) */ function is_really_writable($file) { - // If we're on a Unix server with safe_mode off we call is_writable - if (DIRECTORY_SEPARATOR === '/' && (is_php('5.4') OR ! ini_get('safe_mode'))) + // If we're on a UNIX-like server, just is_writable() + if (DIRECTORY_SEPARATOR === '/') { return is_writable($file); } @@ -355,7 +354,7 @@ if ( ! function_exists('is_https')) { return TRUE; } - elseif (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https') + elseif (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && strtolower($_SERVER['HTTP_X_FORWARDED_PROTO']) === 'https') { return TRUE; } @@ -544,13 +543,18 @@ if ( ! function_exists('set_status_header')) 416 => 'Requested Range Not Satisfiable', 417 => 'Expectation Failed', 422 => 'Unprocessable Entity', + 426 => 'Upgrade Required', + 428 => 'Precondition Required', + 429 => 'Too Many Requests', + 431 => 'Request Header Fields Too Large', 500 => 'Internal Server Error', 501 => 'Not Implemented', 502 => 'Bad Gateway', 503 => 'Service Unavailable', 504 => 'Gateway Timeout', - 505 => 'HTTP Version Not Supported' + 505 => 'HTTP Version Not Supported', + 511 => 'Network Authentication Required', ); if (isset($stati[$code])) @@ -598,7 +602,7 @@ if ( ! function_exists('_error_handler')) */ function _error_handler($severity, $message, $filepath, $line) { - $is_error = (((E_ERROR | E_COMPILE_ERROR | E_CORE_ERROR | E_USER_ERROR) & $severity) === $severity); + $is_error = (((E_ERROR | E_PARSE | E_COMPILE_ERROR | E_CORE_ERROR | E_USER_ERROR) & $severity) === $severity); // When an error occurred, set the status header to '500 Internal Server Error' // to indicate to the client something went wrong. @@ -656,6 +660,7 @@ if ( ! function_exists('_exception_handler')) $_error =& load_class('Exceptions', 'core'); $_error->log_exception('error', 'Exception: '.$exception->getMessage(), $exception->getFile(), $exception->getLine()); + is_cli() OR set_status_header(500); // Should we display the error? if (str_ireplace(array('off', 'none', 'no', 'false', 'null'), '', ini_get('display_errors'))) { @@ -677,7 +682,7 @@ if ( ! function_exists('_shutdown_handler')) * of CodeIgniter.php. The main reason we use this is to simulate * a complete custom exception handler. * - * E_STRICT is purposivly neglected because such events may have + * E_STRICT is purposively neglected because such events may have * been caught. Duplication or none? None is preferred for now. * * @link http://insomanic.me.uk/post/229851073/php-trick-catching-fatal-errors-e-error-with-a @@ -716,8 +721,8 @@ if ( ! function_exists('remove_invisible_characters')) // carriage return (dec 13) and horizontal tab (dec 09) if ($url_encoded) { - $non_displayables[] = '/%0[0-8bcef]/'; // url encoded 00-08, 11, 12, 14, 15 - $non_displayables[] = '/%1[0-9a-f]/'; // url encoded 16-31 + $non_displayables[] = '/%0[0-8bcef]/i'; // url encoded 00-08, 11, 12, 14, 15 + $non_displayables[] = '/%1[0-9a-f]/i'; // url encoded 16-31 } $non_displayables[] = '/[\x00-\x08\x0B\x0C\x0E-\x1F\x7F]+/S'; // 00-08, 11, 12, 14-31, 127 @@ -752,7 +757,12 @@ if ( ! function_exists('html_escape')) if (is_array($var)) { - return array_map('html_escape', $var, array_fill(0, count($var), $double_encode)); + foreach (array_keys($var) as $key) + { + $var[$key] = html_escape($var[$key], $double_encode); + } + + return $var; } return htmlspecialchars($var, ENT_QUOTES, config_item('charset'), $double_encode); @@ -816,7 +826,7 @@ if ( ! function_exists('function_usable')) * terminate script execution if a disabled function is executed. * * The above described behavior turned out to be a bug in Suhosin, - * but even though a fix was commited for 0.9.34 on 2012-02-12, + * but even though a fix was committed for 0.9.34 on 2012-02-12, * that version is yet to be released. This function will therefore * be just temporary, but would probably be kept for a few years. * diff --git a/system/core/Config.php b/system/core/Config.php index d07000ac9..d7236df1f 100644 --- a/system/core/Config.php +++ b/system/core/Config.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Libraries * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/config.html + * @link https://codeigniter.com/user_guide/libraries/config.html */ class CI_Config { @@ -88,11 +88,18 @@ class CI_Config { // Set the base_url automatically if none was provided if (empty($this->config['base_url'])) { - // The regular expression is only a basic validation for a valid "Host" header. - // It's not exhaustive, only checks for valid characters. - if (isset($_SERVER['HTTP_HOST']) && preg_match('/^((\[[0-9a-f:]+\])|(\d{1,3}(\.\d{1,3}){3})|[a-z0-9\-\.]+)(:\d+)?$/i', $_SERVER['HTTP_HOST'])) + if (isset($_SERVER['SERVER_ADDR'])) { - $base_url = (is_https() ? 'https' : 'http').'://'.$_SERVER['HTTP_HOST'] + if (strpos($_SERVER['SERVER_ADDR'], ':') !== FALSE) + { + $server_addr = '['.$_SERVER['SERVER_ADDR'].']'; + } + else + { + $server_addr = $_SERVER['SERVER_ADDR']; + } + + $base_url = (is_https() ? 'https' : 'http').'://'.$server_addr .substr($_SERVER['SCRIPT_NAME'], 0, strpos($_SERVER['SCRIPT_NAME'], basename($_SERVER['SCRIPT_FILENAME']))); } else @@ -162,7 +169,7 @@ class CI_Config { $this->is_loaded[] = $file_path; $config = NULL; $loaded = TRUE; - log_message('debug', 'Config file loaded: '.$file_path); + log_message('info', 'Config file loaded: '.$file_path); } } @@ -238,7 +245,15 @@ class CI_Config { if (isset($protocol)) { - $base_url = $protocol.substr($base_url, strpos($base_url, '://')); + // For protocol-relative links + if ($protocol === '') + { + $base_url = substr($base_url, strpos($base_url, '//')); + } + else + { + $base_url = $protocol.substr($base_url, strpos($base_url, '://')); + } } if (empty($uri)) @@ -293,10 +308,18 @@ class CI_Config { if (isset($protocol)) { - $base_url = $protocol.substr($base_url, strpos($base_url, '://')); + // For protocol-relative links + if ($protocol === '') + { + $base_url = substr($base_url, strpos($base_url, '//')); + } + else + { + $base_url = $protocol.substr($base_url, strpos($base_url, '://')); + } } - return $base_url.ltrim($this->_uri_string($uri), '/'); + return $base_url.$this->_uri_string($uri); } // ------------------------------------------------------------- @@ -314,11 +337,8 @@ class CI_Config { { if ($this->item('enable_query_strings') === FALSE) { - if (is_array($uri)) - { - $uri = implode('/', $uri); - } - return trim($uri, '/'); + is_array($uri) && $uri = implode('/', $uri); + return ltrim($uri, '/'); } elseif (is_array($uri)) { @@ -331,20 +351,6 @@ class CI_Config { // -------------------------------------------------------------------- /** - * System URL - * - * @deprecated 3.0.0 Encourages insecure practices - * @return string - */ - public function system_url() - { - $x = explode('/', preg_replace('|/*(.+?)/*$|', '\\1', BASEPATH)); - return $this->slash_item('base_url').end($x).'/'; - } - - // -------------------------------------------------------------------- - - /** * Set a config file item * * @param string $item Config item key diff --git a/system/core/Controller.php b/system/core/Controller.php index a0d97baa2..59a916734 100644 --- a/system/core/Controller.php +++ b/system/core/Controller.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -47,7 +47,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Libraries * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/general/controllers.html + * @link https://codeigniter.com/user_guide/general/controllers.html */ class CI_Controller { diff --git a/system/core/Exceptions.php b/system/core/Exceptions.php index fc25f57e6..47d153f49 100644 --- a/system/core/Exceptions.php +++ b/system/core/Exceptions.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Exceptions * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/exceptions.html + * @link https://codeigniter.com/user_guide/libraries/exceptions.html */ class CI_Exceptions { @@ -187,7 +187,7 @@ class CI_Exceptions { // -------------------------------------------------------------------- - public function show_exception(Exception $exception) + public function show_exception($exception) { $templates_path = config_item('error_views_path'); if (empty($templates_path)) @@ -207,7 +207,6 @@ class CI_Exceptions { } else { - set_status_header(500); $templates_path .= 'html'.DIRECTORY_SEPARATOR; } diff --git a/system/core/Hooks.php b/system/core/Hooks.php index 3b4fb2250..f2d6f21ca 100644 --- a/system/core/Hooks.php +++ b/system/core/Hooks.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Libraries * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/general/hooks.html + * @link https://codeigniter.com/user_guide/general/hooks.html */ class CI_Hooks { diff --git a/system/core/Input.php b/system/core/Input.php index e1319be8d..70a3c61ee 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Input * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/input.html + * @link https://codeigniter.com/user_guide/libraries/input.html */ class CI_Input { @@ -58,45 +58,6 @@ class CI_Input { protected $ip_address = FALSE; /** - * Allow GET array flag - * - * If set to FALSE, then $_GET will be set to an empty array. - * - * @var bool - */ - protected $_allow_get_array = TRUE; - - /** - * Standardize new lines flag - * - * If set to TRUE, then newlines are standardized. - * - * @var bool - */ - protected $_standardize_newlines; - - /** - * Enable XSS flag - * - * Determines whether the XSS filter is always active when - * GET, POST or COOKIE data is encountered. - * Set automatically based on config setting. - * - * @var bool - */ - protected $_enable_xss = FALSE; - - /** - * Enable CSRF flag - * - * Enables a CSRF cookie token to be set. - * Set automatically based on config setting. - * - * @var bool - */ - protected $_enable_csrf = FALSE; - - /** * List of all HTTP request headers * * @var array @@ -122,8 +83,15 @@ class CI_Input { */ protected $_input_stream; + /** + * CI_Security instance + * + * Used for the optional $xss_filter parameter that most + * getter methods have here. + * + * @var CI_Security + */ protected $security; - protected $uni; // -------------------------------------------------------------------- @@ -135,24 +103,9 @@ class CI_Input { * * @return void */ - public function __construct() + public function __construct(CI_Security &$security) { - $this->_allow_get_array = (config_item('allow_get_array') === TRUE); - $this->_enable_xss = (config_item('global_xss_filtering') === TRUE); - $this->_enable_csrf = (config_item('csrf_protection') === TRUE); - $this->_standardize_newlines = (bool) config_item('standardize_newlines'); - - $this->security =& load_class('Security', 'core'); - - // Do we need the UTF-8 class? - if (UTF8_ENABLED === TRUE) - { - $this->uni =& load_class('Utf8', 'core'); - } - - // Sanitize global arrays - $this->_sanitize_globals(); - + $this->security = $security; log_message('info', 'Input Class Initialized'); } @@ -168,10 +121,8 @@ class CI_Input { * @param bool $xss_clean Whether to apply XSS filtering * @return mixed */ - protected function _fetch_from_array(&$array, $index = NULL, $xss_clean = NULL) + protected function _fetch_from_array(&$array, $index = NULL, $xss_clean = FALSE) { - is_bool($xss_clean) OR $xss_clean = $this->_enable_xss; - // If $index is NULL, it means that the whole $array is requested isset($index) OR $index = array_keys($array); @@ -231,7 +182,7 @@ class CI_Input { * @param bool $xss_clean Whether to apply XSS filtering * @return mixed */ - public function get($index = NULL, $xss_clean = NULL) + public function get($index = NULL, $xss_clean = FALSE) { return $this->_fetch_from_array($_GET, $index, $xss_clean); } @@ -245,7 +196,7 @@ class CI_Input { * @param bool $xss_clean Whether to apply XSS filtering * @return mixed */ - public function post($index = NULL, $xss_clean = NULL) + public function post($index = NULL, $xss_clean = FALSE) { return $this->_fetch_from_array($_POST, $index, $xss_clean); } @@ -259,7 +210,7 @@ class CI_Input { * @param bool $xss_clean Whether to apply XSS filtering * @return mixed */ - public function post_get($index, $xss_clean = NULL) + public function post_get($index, $xss_clean = FALSE) { return isset($_POST[$index]) ? $this->post($index, $xss_clean) @@ -275,7 +226,7 @@ class CI_Input { * @param bool $xss_clean Whether to apply XSS filtering * @return mixed */ - public function get_post($index, $xss_clean = NULL) + public function get_post($index, $xss_clean = FALSE) { return isset($_GET[$index]) ? $this->get($index, $xss_clean) @@ -291,7 +242,7 @@ class CI_Input { * @param bool $xss_clean Whether to apply XSS filtering * @return mixed */ - public function cookie($index = NULL, $xss_clean = NULL) + public function cookie($index = NULL, $xss_clean = FALSE) { return $this->_fetch_from_array($_COOKIE, $index, $xss_clean); } @@ -305,7 +256,7 @@ class CI_Input { * @param bool $xss_clean Whether to apply XSS filtering * @return mixed */ - public function server($index, $xss_clean = NULL) + public function server($index, $xss_clean = FALSE) { return $this->_fetch_from_array($_SERVER, $index, $xss_clean); } @@ -321,7 +272,7 @@ class CI_Input { * @param bool $xss_clean Whether to apply XSS filtering * @return mixed */ - public function input_stream($index = NULL, $xss_clean = NULL) + public function input_stream($index = NULL, $xss_clean = FALSE) { // Prior to PHP 5.6, the input stream can only be read once, // so we'll need to check if we have already done that first. @@ -353,7 +304,7 @@ class CI_Input { * @param bool $httponly Whether to only makes the cookie accessible via HTTP (no javascript) * @return void */ - public function set_cookie($name, $value = '', $expire = '', $domain = '', $path = '/', $prefix = '', $secure = FALSE, $httponly = FALSE) + public function set_cookie($name, $value = '', $expire = 0, $domain = '', $path = '/', $prefix = '', $secure = FALSE, $httponly = FALSE) { if (is_array($name)) { @@ -392,9 +343,9 @@ class CI_Input { $httponly = config_item('cookie_httponly'); } - if ( ! is_numeric($expire)) + if ( ! is_numeric($expire) OR $expire < 0) { - $expire = time() - 86500; + $expire = 1; } else { @@ -513,9 +464,9 @@ class CI_Input { if ($separator === ':') { $netaddr = explode(':', str_replace('::', str_repeat(':', 9 - substr_count($netaddr, ':')), $netaddr)); - for ($i = 0; $i < 8; $i++) + for ($j = 0; $j < 8; $j++) { - $netaddr[$i] = intval($netaddr[$i], 16); + $netaddr[$j] = intval($netaddr[$j], 16); } } else @@ -575,7 +526,7 @@ class CI_Input { * * @return string|null User Agent string or NULL if it doesn't exist */ - public function user_agent($xss_clean = NULL) + public function user_agent($xss_clean = FALSE) { return $this->_fetch_from_array($_SERVER, 'HTTP_USER_AGENT', $xss_clean); } @@ -583,173 +534,6 @@ class CI_Input { // -------------------------------------------------------------------- /** - * Sanitize Globals - * - * Internal method serving for the following purposes: - * - * - Unsets $_GET data, if query strings are not enabled - * - Cleans POST, COOKIE and SERVER data - * - Standardizes newline characters to PHP_EOL - * - * @return void - */ - protected function _sanitize_globals() - { - // Is $_GET data allowed? If not we'll set the $_GET to an empty array - if ($this->_allow_get_array === FALSE) - { - $_GET = array(); - } - elseif (is_array($_GET) && count($_GET) > 0) - { - foreach ($_GET as $key => $val) - { - $_GET[$this->_clean_input_keys($key)] = $this->_clean_input_data($val); - } - } - - // Clean $_POST Data - if (is_array($_POST) && count($_POST) > 0) - { - foreach ($_POST as $key => $val) - { - $_POST[$this->_clean_input_keys($key)] = $this->_clean_input_data($val); - } - } - - // Clean $_COOKIE Data - if (is_array($_COOKIE) && count($_COOKIE) > 0) - { - // Also get rid of specially treated cookies that might be set by a server - // or silly application, that are of no use to a CI application anyway - // but that when present will trip our 'Disallowed Key Characters' alarm - // http://www.ietf.org/rfc/rfc2109.txt - // note that the key names below are single quoted strings, and are not PHP variables - unset( - $_COOKIE['$Version'], - $_COOKIE['$Path'], - $_COOKIE['$Domain'] - ); - - foreach ($_COOKIE as $key => $val) - { - if (($cookie_key = $this->_clean_input_keys($key)) !== FALSE) - { - $_COOKIE[$cookie_key] = $this->_clean_input_data($val); - } - else - { - unset($_COOKIE[$key]); - } - } - } - - // Sanitize PHP_SELF - $_SERVER['PHP_SELF'] = strip_tags($_SERVER['PHP_SELF']); - - // CSRF Protection check - if ($this->_enable_csrf === TRUE && ! is_cli()) - { - $this->security->csrf_verify(); - } - - log_message('debug', 'Global POST, GET and COOKIE data sanitized'); - } - - // -------------------------------------------------------------------- - - /** - * Clean Input Data - * - * Internal method that aids in escaping data and - * standardizing newline characters to PHP_EOL. - * - * @param string|string[] $str Input string(s) - * @return string - */ - protected function _clean_input_data($str) - { - if (is_array($str)) - { - $new_array = array(); - foreach (array_keys($str) as $key) - { - $new_array[$this->_clean_input_keys($key)] = $this->_clean_input_data($str[$key]); - } - return $new_array; - } - - /* We strip slashes if magic quotes is on to keep things consistent - - NOTE: In PHP 5.4 get_magic_quotes_gpc() will always return 0 and - it will probably not exist in future versions at all. - */ - if ( ! is_php('5.4') && get_magic_quotes_gpc()) - { - $str = stripslashes($str); - } - - // Clean UTF-8 if supported - if (UTF8_ENABLED === TRUE) - { - $str = $this->uni->clean_string($str); - } - - // Remove control characters - $str = remove_invisible_characters($str, FALSE); - - // Standardize newlines if needed - if ($this->_standardize_newlines === TRUE) - { - return preg_replace('/(?:\r\n|[\r\n])/', PHP_EOL, $str); - } - - return $str; - } - - // -------------------------------------------------------------------- - - /** - * Clean Keys - * - * Internal method that helps to prevent malicious users - * from trying to exploit keys we make sure that keys are - * only named with alpha-numeric text and a few other items. - * - * @param string $str Input string - * @param bool $fatal Whether to terminate script exection - * or to return FALSE if an invalid - * key is encountered - * @return string|bool - */ - protected function _clean_input_keys($str, $fatal = TRUE) - { - if ( ! preg_match('/^[a-z0-9:_\/|-]+$/i', $str)) - { - if ($fatal === TRUE) - { - return FALSE; - } - else - { - set_status_header(503); - echo 'Disallowed Key Characters.'; - exit(7); // EXIT_USER_INPUT - } - } - - // Clean UTF-8 if supported - if (UTF8_ENABLED === TRUE) - { - return $this->uni->clean_string($str); - } - - return $str; - } - - // -------------------------------------------------------------------- - - /** * Request Headers * * @param bool $xss_clean Whether to apply XSS filtering @@ -760,30 +544,32 @@ class CI_Input { // If header is already defined, return it immediately if ( ! empty($this->headers)) { - return $this->headers; + return $this->_fetch_from_array($this->headers, NULL, $xss_clean); } // In Apache, you can simply call apache_request_headers() if (function_exists('apache_request_headers')) { - return $this->headers = apache_request_headers(); + $this->headers = apache_request_headers(); } - - $this->headers['Content-Type'] = isset($_SERVER['CONTENT_TYPE']) ? $_SERVER['CONTENT_TYPE'] : @getenv('CONTENT_TYPE'); - - foreach ($_SERVER as $key => $val) + else { - if (sscanf($key, 'HTTP_%s', $header) === 1) + isset($_SERVER['CONTENT_TYPE']) && $this->headers['Content-Type'] = $_SERVER['CONTENT_TYPE']; + + foreach ($_SERVER as $key => $val) { - // take SOME_HEADER and turn it into Some-Header - $header = str_replace('_', ' ', strtolower($header)); - $header = str_replace(' ', '-', ucwords($header)); + if (sscanf($key, 'HTTP_%s', $header) === 1) + { + // take SOME_HEADER and turn it into Some-Header + $header = str_replace('_', ' ', strtolower($header)); + $header = str_replace(' ', '-', ucwords($header)); - $this->headers[$header] = $this->_fetch_from_array($_SERVER, $key, $xss_clean); + $this->headers[$header] = $_SERVER[$key]; + } } } - return $this->headers; + return $this->_fetch_from_array($this->headers, NULL, $xss_clean); } // -------------------------------------------------------------------- @@ -803,7 +589,7 @@ class CI_Input { if ( ! isset($headers)) { - empty($this->headers) OR $this->request_headers(); + empty($this->headers) && $this->request_headers(); foreach ($this->headers as $key => $value) { $headers[strtolower($key)] = $value; @@ -839,21 +625,6 @@ class CI_Input { // -------------------------------------------------------------------- /** - * Is CLI request? - * - * Test to see if a request was made from the command line. - * - * @deprecated 3.0.0 Use is_cli() instead - * @return bool - */ - public function is_cli_request() - { - return is_cli(); - } - - // -------------------------------------------------------------------- - - /** * Get Request Method * * Return the request method diff --git a/system/core/Lang.php b/system/core/Lang.php index deb955414..569b02368 100644 --- a/system/core/Lang.php +++ b/system/core/Lang.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Language * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/language.html + * @link https://codeigniter.com/user_guide/libraries/language.html */ class CI_Lang { diff --git a/system/core/Loader.php b/system/core/Loader.php index 5de7a9483..7279e8833 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Loader * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/loader.html + * @link https://codeigniter.com/user_guide/libraries/loader.html */ class CI_Loader { @@ -285,13 +285,43 @@ class CI_Loader { $this->database($db_conn, FALSE, TRUE); } + // Note: All of the code under this condition used to be just: + // + // load_class('Model', 'core'); + // + // However, load_class() instantiates classes + // to cache them for later use and that prevents + // MY_Model from being an abstract class and is + // sub-optimal otherwise anyway. if ( ! class_exists('CI_Model', FALSE)) { - load_class('Model', 'core'); + $app_path = APPPATH.'core'.DIRECTORY_SEPARATOR; + if (file_exists($app_path.'Model.php')) + { + require_once($app_path.'Model.php'); + if ( ! class_exists('CI_Model', FALSE)) + { + throw new RuntimeException($app_path."Model.php exists, but doesn't declare class CI_Model"); + } + } + elseif ( ! class_exists('CI_Model', FALSE)) + { + require_once(BASEPATH.'core'.DIRECTORY_SEPARATOR.'Model.php'); + } + + $class = config_item('subclass_prefix').'Model'; + if (file_exists($app_path.$class.'.php')) + { + require_once($app_path.$class.'.php'); + if ( ! class_exists($class, FALSE)) + { + throw new RuntimeException($app_path.$class.".php exists, but doesn't declare class ".$class); + } + } } - $model = ucfirst(strtolower($model)); - if ( ! class_exists($model)) + $model = ucfirst($model); + if ( ! class_exists($model, FALSE)) { foreach ($this->_ci_model_paths as $mod_path) { @@ -456,7 +486,7 @@ class CI_Loader { */ public function view($view, $vars = array(), $return = FALSE) { - return $this->_ci_load(array('_ci_view' => $view, '_ci_vars' => $this->_ci_object_to_array($vars), '_ci_return' => $return)); + return $this->_ci_load(array('_ci_view' => $view, '_ci_vars' => $this->_ci_prepare_view_vars($vars), '_ci_return' => $return)); } // -------------------------------------------------------------------- @@ -489,19 +519,13 @@ class CI_Loader { */ public function vars($vars, $val = '') { - if (is_string($vars)) - { - $vars = array($vars => $val); - } - - $vars = $this->_ci_object_to_array($vars); + $vars = is_string($vars) + ? array($vars => $val) + : $this->_ci_prepare_view_vars($vars); - if (is_array($vars) && count($vars) > 0) + foreach ($vars as $key => $val) { - foreach ($vars as $key => $val) - { - $this->_ci_cached_vars[$key] = $val; - } + $this->_ci_cached_vars[$key] = $val; } return $this; @@ -561,15 +585,21 @@ class CI_Loader { */ public function helper($helpers = array()) { - foreach ($this->_ci_prep_filename($helpers, '_helper') as $helper) + is_array($helpers) OR $helpers = array($helpers); + foreach ($helpers as &$helper) { + $filename = basename($helper); + $filepath = ($filename === $helper) ? '' : substr($helper, 0, strlen($helper) - strlen($filename)); + $filename = strtolower(preg_replace('#(_helper)?(\.php)?$#i', '', $filename)).'_helper'; + $helper = $filepath.$filename; + if (isset($this->_ci_helpers[$helper])) { continue; } // Is this a helper extension request? - $ext_helper = config_item('subclass_prefix').$helper; + $ext_helper = config_item('subclass_prefix').$filename; $ext_loaded = FALSE; foreach ($this->_ci_helper_paths as $path) { @@ -688,9 +718,16 @@ class CI_Loader { { if (is_array($library)) { - foreach ($library as $driver) + foreach ($library as $key => $value) { - $this->driver($driver); + if (is_int($key)) + { + $this->driver($value, $params); + } + else + { + $this->driver($key, $params, $value); + } } return $this; @@ -897,13 +934,10 @@ class CI_Loader { * the two types and cache them so that views that are embedded within * other views can have access to these variables. */ - if (is_array($_ci_vars)) - { - $this->_ci_cached_vars = array_merge($this->_ci_cached_vars, $_ci_vars); - } + empty($_ci_vars) OR $this->_ci_cached_vars = array_merge($this->_ci_cached_vars, $_ci_vars); extract($this->_ci_cached_vars); - /* + /** * Buffer the output * * We buffer the output for two reasons: @@ -916,18 +950,7 @@ class CI_Loader { */ ob_start(); - // If the PHP installation does not support short tags we'll - // do a little string replacement, changing the short tags - // to standard PHP echo statements. - if ( ! is_php('5.4') && ! ini_get('short_open_tag') && config_item('rewrite_short_tags') === TRUE) - { - echo eval('?>'.preg_replace('/;*\s*\?>/', '; ?>', str_replace('<?=', '<?php echo ', file_get_contents($_ci_path)))); - } - else - { - include($_ci_path); // include() vs include_once() allows for multiple views with the same name - } - + include($_ci_path); // include() vs include_once() allows for multiple views with the same name log_message('info', 'File loaded: '.$_ci_path); // Return the file data if requested @@ -1061,7 +1084,7 @@ class CI_Loader { * @used-by CI_Loader::_ci_load_library() * @uses CI_Loader::_ci_init_library() * - * @param string $library Library name to load + * @param string $library_name Library name to load * @param string $file_path Path to the library filename, relative to libraries/ * @param mixed $params Optional parameters to pass to the class constructor * @param string $object_name Optional object name to assign to @@ -1304,10 +1327,7 @@ class CI_Loader { // Autoload drivers if (isset($autoload['drivers'])) { - foreach ($autoload['drivers'] as $item) - { - $this->driver($item); - } + $this->driver($autoload['drivers']); } // Load libraries @@ -1334,17 +1354,32 @@ class CI_Loader { // -------------------------------------------------------------------- /** - * CI Object to Array translator + * Prepare variables for _ci_vars, to be later extract()-ed inside views * - * Takes an object as input and converts the class variables to - * an associative array with key/value pairs. + * Converts objects to associative arrays and filters-out internal + * variable names (i.e. keys prefixed with '_ci_'). * - * @param object $object Object data to translate + * @param mixed $vars * @return array */ - protected function _ci_object_to_array($object) + protected function _ci_prepare_view_vars($vars) { - return is_object($object) ? get_object_vars($object) : $object; + if ( ! is_array($vars)) + { + $vars = is_object($vars) + ? get_object_vars($vars) + : array(); + } + + foreach (array_keys($vars) as $key) + { + if (strncmp($key, '_ci_', 4) === 0) + { + unset($vars[$key]); + } + } + + return $vars; } // -------------------------------------------------------------------- @@ -1362,34 +1397,4 @@ class CI_Loader { $CI =& get_instance(); return $CI->$component; } - - // -------------------------------------------------------------------- - - /** - * Prep filename - * - * This function prepares filenames of various items to - * make their loading more reliable. - * - * @param string|string[] $filename Filename(s) - * @param string $extension Filename extension - * @return array - */ - protected function _ci_prep_filename($filename, $extension) - { - if ( ! is_array($filename)) - { - return array(strtolower(str_replace(array($extension, '.php'), '', $filename).$extension)); - } - else - { - foreach ($filename as $key => $val) - { - $filename[$key] = strtolower(str_replace(array($extension, '.php'), '', $val).$extension); - } - - return $filename; - } - } - } diff --git a/system/core/Log.php b/system/core/Log.php index e8cb401f5..5be7baea8 100644 --- a/system/core/Log.php +++ b/system/core/Log.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Logging * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/general/errors.html + * @link https://codeigniter.com/user_guide/general/errors.html */ class CI_Log { @@ -104,6 +104,13 @@ class CI_Log { */ protected $_levels = array('ERROR' => 1, 'DEBUG' => 2, 'INFO' => 3, 'ALL' => 4); + /** + * mbstring.func_override flag + * + * @var bool + */ + protected static $func_override; + // -------------------------------------------------------------------- /** @@ -115,6 +122,8 @@ class CI_Log { { $config =& get_config(); + isset(self::$func_override) OR self::$func_override = (extension_loaded('mbstring') && ini_get('mbstring.func_override')); + $this->_log_path = ($config['log_path'] !== '') ? $config['log_path'] : APPPATH.'logs/'; $this->_file_ext = (isset($config['log_file_extension']) && $config['log_file_extension'] !== '') ? ltrim($config['log_file_extension'], '.') : 'php'; @@ -154,8 +163,8 @@ class CI_Log { * * Generally this function will be called using the global log_message() function * - * @param string the error level: 'error', 'debug' or 'info' - * @param string the error message + * @param string $level The error level: 'error', 'debug' or 'info' + * @param string $msg The error message * @return bool */ public function write_log($level, $msg) @@ -191,6 +200,8 @@ class CI_Log { return FALSE; } + flock($fp, LOCK_EX); + // Instantiating DateTime with microseconds appended to initial date is needed for proper support of this format if (strpos($this->_date_fmt, 'u') !== FALSE) { @@ -204,13 +215,11 @@ class CI_Log { $date = date($this->_date_fmt); } - $message .= $level.' - '.$date.' --> '.$msg."\n"; - - flock($fp, LOCK_EX); + $message .= $this->_format_line($level, $date, $msg); - for ($written = 0, $length = strlen($message); $written < $length; $written += $result) + for ($written = 0, $length = self::strlen($message); $written < $length; $written += $result) { - if (($result = fwrite($fp, substr($message, $written))) === FALSE) + if (($result = fwrite($fp, self::substr($message, $written))) === FALSE) { break; } @@ -227,4 +236,58 @@ class CI_Log { return is_int($result); } + // -------------------------------------------------------------------- + + /** + * Format the log line. + * + * This is for extensibility of log formatting + * If you want to change the log format, extend the CI_Log class and override this method + * + * @param string $level The error level + * @param string $date Formatted date string + * @param string $message The log message + * @return string Formatted log line with a new line character '\n' at the end + */ + protected function _format_line($level, $date, $message) + { + return $level.' - '.$date.' --> '.$message."\n"; + } + + // -------------------------------------------------------------------- + + /** + * Byte-safe strlen() + * + * @param string $str + * @return int + */ + protected static function strlen($str) + { + return (self::$func_override) + ? mb_strlen($str, '8bit') + : strlen($str); + } + + // -------------------------------------------------------------------- + + /** + * Byte-safe substr() + * + * @param string $str + * @param int $start + * @param int $length + * @return string + */ + protected static function substr($str, $start, $length = NULL) + { + if (self::$func_override) + { + return mb_substr($str, $start, $length, '8bit'); + } + + return isset($length) + ? substr($str, $start, $length) + : substr($str, $start); + } } diff --git a/system/core/Model.php b/system/core/Model.php index a0469de11..c809e7b84 100644 --- a/system/core/Model.php +++ b/system/core/Model.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Libraries * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/config.html + * @link https://codeigniter.com/user_guide/libraries/config.html */ class CI_Model { diff --git a/system/core/Output.php b/system/core/Output.php index 76c1329d2..0887717d9 100644 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Output * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/output.html + * @link https://codeigniter.com/user_guide/libraries/output.html */ class CI_Output { @@ -123,6 +123,13 @@ class CI_Output { public $parse_exec_vars = TRUE; /** + * mbstring.func_override flag + * + * @var bool + */ + protected static $func_override; + + /** * Class constructor * * Determines whether zLib output compression will be used. @@ -138,6 +145,8 @@ class CI_Output { && extension_loaded('zlib') ); + isset(self::$func_override) OR self::$func_override = (extension_loaded('mbstring') && ini_get('mbstring.func_override')); + // Get mime types for later $this->mimes =& get_mimes(); @@ -285,7 +294,7 @@ class CI_Output { /** * Get Header * - * @param string $header_name + * @param string $header * @return string */ public function get_header($header) @@ -302,11 +311,12 @@ class CI_Output { return NULL; } - for ($i = 0, $c = count($headers); $i < $c; $i++) + // Count backwards, in order to get the last matching header + for ($c = count($headers) - 1; $c > -1; $c--) { - if (strncasecmp($header, $headers[$i], $l = strlen($header)) === 0) + if (strncasecmp($header, $headers[$c], $l = self::strlen($header)) === 0) { - return trim(substr($headers[$i], $l+1)); + return trim(self::substr($headers[$c], $l+1)); } } @@ -377,7 +387,7 @@ class CI_Output { /** * Set Cache * - * @param int $time Cache expiration time in seconds + * @param int $time Cache expiration time in minutes * @return CI_Output */ public function cache($time) @@ -480,19 +490,19 @@ class CI_Output { if (isset($_SERVER['HTTP_ACCEPT_ENCODING']) && strpos($_SERVER['HTTP_ACCEPT_ENCODING'], 'gzip') !== FALSE) { header('Content-Encoding: gzip'); - header('Content-Length: '.strlen($output)); + header('Content-Length: '.self::strlen($output)); } else { // User agent doesn't support gzip compression, // so we'll have to decompress our cache - $output = gzinflate(substr($output, 10, -8)); + $output = gzinflate(self::substr($output, 10, -8)); } } echo $output; log_message('info', 'Final output sent to browser'); - log_message('debug', 'Total execution time: '.$elapsed); + log_message('info', 'Total execution time: '.$elapsed); return; } @@ -529,7 +539,7 @@ class CI_Output { } log_message('info', 'Final output sent to browser'); - log_message('debug', 'Total execution time: '.$elapsed); + log_message('info', 'Total execution time: '.$elapsed); } // -------------------------------------------------------------------- @@ -601,9 +611,9 @@ class CI_Output { $output = $cache_info.'ENDCI--->'.$output; - for ($written = 0, $length = strlen($output); $written < $length; $written += $result) + for ($written = 0, $length = self::strlen($output); $written < $length; $written += $result) { - if (($result = fwrite($fp, substr($output, $written))) === FALSE) + if (($result = fwrite($fp, self::substr($output, $written))) === FALSE) { break; } @@ -711,7 +721,7 @@ class CI_Output { } // Display the cache - $this->_display(substr($cache, strlen($match[0]))); + $this->_display(self::substr($cache, self::strlen($match[0]))); log_message('debug', 'Cache file is current. Sending it to browser.'); return TRUE; } @@ -797,4 +807,40 @@ class CI_Output { } } + // -------------------------------------------------------------------- + + /** + * Byte-safe strlen() + * + * @param string $str + * @return int + */ + protected static function strlen($str) + { + return (self::$func_override) + ? mb_strlen($str, '8bit') + : strlen($str); + } + + // -------------------------------------------------------------------- + + /** + * Byte-safe substr() + * + * @param string $str + * @param int $start + * @param int $length + * @return string + */ + protected static function substr($str, $start, $length = NULL) + { + if (self::$func_override) + { + return mb_substr($str, $start, $length, '8bit'); + } + + return isset($length) + ? substr($str, $start, $length) + : substr($str, $start); + } } diff --git a/system/core/Router.php b/system/core/Router.php index 0c793e418..e92a8f540 100644 --- a/system/core/Router.php +++ b/system/core/Router.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Libraries * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/general/routing.html + * @link https://codeigniter.com/user_guide/general/routing.html */ class CI_Router { @@ -118,6 +118,7 @@ class CI_Router { * * Runs the route mapping function. * + * @param array $routing * @return void */ public function __construct($routing = NULL) @@ -153,6 +154,28 @@ class CI_Router { */ protected function _set_routing() { + // Load the routes.php file. It would be great if we could + // skip this for enable_query_strings = TRUE, but then + // default_controller would be empty ... + if (file_exists(APPPATH.'config/routes.php')) + { + include(APPPATH.'config/routes.php'); + } + + if (file_exists(APPPATH.'config/'.ENVIRONMENT.'/routes.php')) + { + include(APPPATH.'config/'.ENVIRONMENT.'/routes.php'); + } + + // Validate & get reserved routes + if (isset($route) && is_array($route)) + { + isset($route['default_controller']) && $this->default_controller = $route['default_controller']; + isset($route['translate_uri_dashes']) && $this->translate_uri_dashes = $route['translate_uri_dashes']; + unset($route['default_controller'], $route['translate_uri_dashes']); + $this->routes = $route; + } + // Are query strings enabled in the config file? Normally CI doesn't utilize query strings // since URI segments are more search-engine friendly, but they can optionally be used. // If this feature is enabled, we will gather the directory/class/method a little differently @@ -199,26 +222,6 @@ class CI_Router { return; } - // Load the routes.php file. - if (file_exists(APPPATH.'config/routes.php')) - { - include(APPPATH.'config/routes.php'); - } - - if (file_exists(APPPATH.'config/'.ENVIRONMENT.'/routes.php')) - { - include(APPPATH.'config/'.ENVIRONMENT.'/routes.php'); - } - - // Validate & get reserved routes - if (isset($route) && is_array($route)) - { - isset($route['default_controller']) && $this->default_controller = $route['default_controller']; - isset($route['translate_uri_dashes']) && $this->translate_uri_dashes = $route['translate_uri_dashes']; - unset($route['default_controller'], $route['translate_uri_dashes']); - $this->routes = $route; - } - // Is there anything to parse? if ($this->uri->uri_string !== '') { @@ -372,26 +375,6 @@ class CI_Router { // Get HTTP verb $http_verb = isset($_SERVER['REQUEST_METHOD']) ? strtolower($_SERVER['REQUEST_METHOD']) : 'cli'; - // Is there a literal match? If so we're done - if (isset($this->routes[$uri])) - { - // Is it an HTTP verb-based route? - if (is_array($this->routes[$uri])) - { - $route = array_change_key_case($this->routes[$uri], CASE_LOWER); - if (isset($route[$http_verb])) - { - $this->_set_request(explode('/', $route[$http_verb])); - return; - } - } - else - { - $this->_set_request(explode('/', $this->routes[$uri])); - return; - } - } - // Loop through the route array looking for wildcards foreach ($this->routes as $key => $val) { @@ -456,19 +439,6 @@ class CI_Router { // -------------------------------------------------------------------- /** - * Fetch the current class - * - * @deprecated 3.0.0 Read the 'class' property instead - * @return string - */ - public function fetch_class() - { - return $this->class; - } - - // -------------------------------------------------------------------- - - /** * Set method name * * @param string $method Method name @@ -482,19 +452,6 @@ class CI_Router { // -------------------------------------------------------------------- /** - * Fetch the current method - * - * @deprecated 3.0.0 Read the 'method' property instead - * @return string - */ - public function fetch_method() - { - return $this->method; - } - - // -------------------------------------------------------------------- - - /** * Set directory name * * @param string $dir Directory name @@ -512,21 +469,4 @@ class CI_Router { $this->directory .= str_replace('.', '', trim($dir, '/')).'/'; } } - - // -------------------------------------------------------------------- - - /** - * Fetch directory - * - * Feches the sub-directory (if any) that contains the requested - * controller class. - * - * @deprecated 3.0.0 Read the 'directory' property instead - * @return string - */ - public function fetch_directory() - { - return $this->directory; - } - } diff --git a/system/core/Security.php b/system/core/Security.php index 7c5199255..4ad550fff 100644 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Security * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/security.html + * @link https://codeigniter.com/user_guide/libraries/security.html */ class CI_Security { @@ -133,15 +133,16 @@ class CI_Security { * @var array */ protected $_never_allowed_str = array( - 'document.cookie' => '[removed]', - 'document.write' => '[removed]', - '.parentNode' => '[removed]', - '.innerHTML' => '[removed]', - '-moz-binding' => '[removed]', - '<!--' => '<!--', - '-->' => '-->', - '<![CDATA[' => '<![CDATA[', - '<comment>' => '<comment>' + 'document.cookie' => '[removed]', + 'document.write' => '[removed]', + '.parentNode' => '[removed]', + '.innerHTML' => '[removed]', + '-moz-binding' => '[removed]', + '<!--' => '<!--', + '-->' => '-->', + '<![CDATA[' => '<![CDATA[', + '<comment>' => '<comment>', + '<%' => '<%' ); /** @@ -166,10 +167,12 @@ class CI_Security { * * @return void */ - public function __construct() + public function __construct($charset) { + $this->charset = $charset; + // Is CSRF protection enabled? - if (config_item('csrf_protection')) + if (config_item('csrf_protection') && ! is_cli()) { // CSRF config foreach (array('csrf_expire', 'csrf_token_name', 'csrf_cookie_name') as $key) @@ -188,10 +191,9 @@ class CI_Security { // Set the CSRF hash $this->_csrf_set_hash(); + $this->csrf_verify(); } - $this->charset = strtoupper(config_item('charset')); - log_message('info', 'Security Class Initialized'); } @@ -223,14 +225,11 @@ class CI_Security { } } - // Do the tokens exist in both the _POST and _COOKIE arrays? - if ( ! isset($_POST[$this->_csrf_token_name], $_COOKIE[$this->_csrf_cookie_name]) - OR $_POST[$this->_csrf_token_name] !== $_COOKIE[$this->_csrf_cookie_name]) // Do the tokens match? - { - $this->csrf_show_error(); - } + // Check CSRF token validity, but don't error on mismatch just yet - we'll want to regenerate + $valid = isset($_POST[$this->_csrf_token_name], $_COOKIE[$this->_csrf_cookie_name]) + && hash_equals($_POST[$this->_csrf_token_name], $_COOKIE[$this->_csrf_cookie_name]); - // We kill this since we're done and we don't want to polute the _POST array + // We kill this since we're done and we don't want to pollute the _POST array unset($_POST[$this->_csrf_token_name]); // Regenerate on every submission? @@ -244,6 +243,11 @@ class CI_Security { $this->_csrf_set_hash(); $this->csrf_set_cookie(); + if ($valid !== TRUE) + { + $this->csrf_show_error(); + } + log_message('info', 'CSRF token verified'); return $this; } @@ -371,11 +375,17 @@ class CI_Security { * * Note: Use rawurldecode() so it does not remove plus signs */ - do + if (stripos($str, '%') !== false) { - $str = rawurldecode($str); + do + { + $oldstr = $str; + $str = rawurldecode($str); + $str = preg_replace_callback('#%(?:\s*[0-9a-f]){2,}#i', array($this, '_urldecodespaces'), $str); + } + while ($oldstr !== $str); + unset($oldstr); } - while (preg_match('/%[0-9a-f]{2,}/i', $str)); /* * Convert character entities to ASCII @@ -436,7 +446,7 @@ class CI_Security { $words = array( 'javascript', 'expression', 'vbscript', 'jscript', 'wscript', 'vbs', 'script', 'base64', 'applet', 'alert', 'document', - 'write', 'cookie', 'window', 'confirm', 'prompt' + 'write', 'cookie', 'window', 'confirm', 'prompt', 'eval' ); foreach ($words as $word) @@ -466,7 +476,7 @@ class CI_Security { if (preg_match('/<a/i', $str)) { - $str = preg_replace_callback('#<a[^a-z0-9>]+([^>]*?)(?:>|$)#si', array($this, '_js_link_removal'), $str); + $str = preg_replace_callback('#<a(?:rea)?[^a-z0-9>]+([^>]*?)(?:>|$)#si', array($this, '_js_link_removal'), $str); } if (preg_match('/<img/i', $str)) @@ -480,12 +490,8 @@ class CI_Security { } } while ($original !== $str); - unset($original); - // Remove evil attributes such as style, onclick and xmlns - $str = $this->_remove_evil_attributes($str, $is_image); - /* * Sanitize naughty HTML elements * @@ -495,8 +501,29 @@ class CI_Security { * So this: <blink> * Becomes: <blink> */ - $naughty = 'alert|prompt|confirm|applet|audio|basefont|base|behavior|bgsound|blink|body|embed|expression|form|frameset|frame|head|html|ilayer|iframe|input|button|select|isindex|layer|link|meta|keygen|object|plaintext|style|script|textarea|title|math|video|svg|xml|xss'; - $str = preg_replace_callback('#<(/*\s*)('.$naughty.')([^><]*)([><]*)#is', array($this, '_sanitize_naughty_html'), $str); + $pattern = '#' + .'<((?<slash>/*\s*)((?<tagName>[a-z0-9]+)(?=[^a-z0-9]|$)|.+)' // tag start and name, followed by a non-tag character + .'[^\s\042\047a-z0-9>/=]*' // a valid attribute character immediately after the tag would count as a separator + // optional attributes + .'(?<attributes>(?:[\s\042\047/=]*' // non-attribute characters, excluding > (tag close) for obvious reasons + .'[^\s\042\047>/=]+' // attribute characters + // optional attribute-value + .'(?:\s*=' // attribute-value separator + .'(?:[^\s\042\047=><`]+|\s*\042[^\042]*\042|\s*\047[^\047]*\047|\s*(?U:[^\s\042\047=><`]*))' // single, double or non-quoted value + .')?' // end optional attribute-value group + .')*)' // end optional attributes group + .'[^>]*)(?<closeTag>\>)?#isS'; + + // Note: It would be nice to optimize this for speed, BUT + // only matching the naughty elements here results in + // false positives and in turn - vulnerabilities! + do + { + $old_str = $str; + $str = preg_replace_callback($pattern, array($this, '_sanitize_naughty_html'), $str); + } + while ($old_str !== $str); + unset($old_str); /* * Sanitize naughty scripting elements @@ -510,9 +537,11 @@ class CI_Security { * For example: eval('some code') * Becomes: eval('some code') */ - $str = preg_replace('#(alert|prompt|confirm|cmd|passthru|eval|exec|expression|system|fopen|fsockopen|file|file_get_contents|readfile|unlink)(\s*)\((.*?)\)#si', - '\\1\\2(\\3)', - $str); + $str = preg_replace( + '#(alert|prompt|confirm|cmd|passthru|eval|exec|expression|system|fopen|fsockopen|file|file_get_contents|readfile|unlink)(\s*)\((.*?)\)#si', + '\\1\\2(\\3)', + $str + ); // Final clean up // This adds a bit of extra precaution in case @@ -574,6 +603,22 @@ class CI_Security { return FALSE; } + if (function_exists('random_bytes')) + { + try + { + // The cast is required to avoid TypeError + return random_bytes((int) $length); + } + catch (Exception $e) + { + // If random_bytes() can't do the job, we can't either ... + // There's no point in using fallbacks. + log_message('error', $e->getMessage()); + return FALSE; + } + } + // Unfortunately, none of the following PRNGs is guaranteed to exist ... if (defined('MCRYPT_DEV_URANDOM') && ($output = mcrypt_create_iv($length, MCRYPT_DEV_URANDOM)) !== FALSE) { @@ -584,7 +629,7 @@ class CI_Security { if (is_readable('/dev/urandom') && ($fp = fopen('/dev/urandom', 'rb')) !== FALSE) { // Try not to waste entropy ... - is_php('5.4') && stream_set_chunk_size($fp, $length); + stream_set_chunk_size($fp, $length); $output = fread($fp, $length); fclose($fp); if ($output !== FALSE) @@ -629,10 +674,8 @@ class CI_Security { static $_entities; - isset($charset) OR $charset = $this->charset; - $flag = is_php('5.4') - ? ENT_COMPAT | ENT_HTML5 - : ENT_COMPAT; + isset($charset) OR $charset = $this->charset; + isset($_entities) OR $_entities = array_map('strtolower', get_html_translation_table(HTML_ENTITIES, ENT_COMPAT | ENT_HTML5, $charset)); do { @@ -641,27 +684,6 @@ class CI_Security { // Decode standard entities, avoiding false positives if (preg_match_all('/&[a-z]{2,}(?![a-z;])/i', $str, $matches)) { - if ( ! isset($_entities)) - { - $_entities = array_map( - 'strtolower', - is_php('5.3.4') - ? get_html_translation_table(HTML_ENTITIES, $flag, $charset) - : get_html_translation_table(HTML_ENTITIES, $flag) - ); - - // If we're not on PHP 5.4+, add the possibly dangerous HTML 5 - // entities to the array manually - if ($flag === ENT_COMPAT) - { - $_entities[':'] = ':'; - $_entities['('] = '('; - $_entities[')'] = ')'; - $_entities["\n"] = '&newline;'; - $_entities["\t"] = '&tab;'; - } - } - $replace = array(); $matches = array_unique(array_map('strtolower', $matches[0])); foreach ($matches as &$match) @@ -672,13 +694,13 @@ class CI_Security { } } - $str = str_ireplace(array_keys($replace), array_values($replace), $str); + $str = str_replace(array_keys($replace), array_values($replace), $str); } // Decode numeric & UTF16 two byte entities $str = html_entity_decode( preg_replace('/(&#(?:x0*[0-9a-f]{2,5}(?![0-9a-f;])|(?:0*\d{2,4}(?![0-9;]))))/iS', '$1;', $str), - $flag, + ENT_COMPAT | ENT_HTML5, $charset ); } @@ -727,7 +749,32 @@ class CI_Security { */ public function strip_image_tags($str) { - return preg_replace(array('#<img[\s/]+.*?src\s*=\s*["\'](.+?)["\'].*?\>#', '#<img[\s/]+.*?src\s*=\s*(.+?).*?\>#'), '\\1', $str); + return preg_replace( + array( + '#<img[\s/]+.*?src\s*=\s*(["\'])([^\\1]+?)\\1.*?\>#i', + '#<img[\s/]+.*?src\s*=\s*?(([^\s"\'=<>`]+)).*?\>#i' + ), + '\\2', + $str + ); + } + + // ---------------------------------------------------------------- + + /** + * URL-decode taking spaces into account + * + * @see https://github.com/bcit-ci/CodeIgniter/issues/4877 + * @param array $matches + * @return string + */ + protected function _urldecodespaces($matches) + { + $input = $matches[0]; + $nospaces = preg_replace('#\s+#', '', $input); + return ($nospaces === $input) + ? $input + : rawurldecode($nospaces); } // ---------------------------------------------------------------- @@ -750,71 +797,92 @@ class CI_Security { // -------------------------------------------------------------------- /** - * Remove Evil HTML Attributes (like event handlers and style) - * - * It removes the evil attribute and either: - * - * - Everything up until a space. For example, everything between the pipes: - * - * <code> - * <a |style=document.write('hello');alert('world');| class=link> - * </code> - * - * - Everything inside the quotes. For example, everything between the pipes: + * Sanitize Naughty HTML * - * <code> - * <a |style="document.write('hello'); alert('world');"| class="link"> - * </code> + * Callback method for xss_clean() to remove naughty HTML elements. * - * @param string $str The string to check - * @param bool $is_image Whether the input is an image - * @return string The string with the evil attributes removed + * @used-by CI_Security::xss_clean() + * @param array $matches + * @return string */ - protected function _remove_evil_attributes($str, $is_image) + protected function _sanitize_naughty_html($matches) { - $evil_attributes = array('on\w*', 'style', 'xmlns', 'formaction', 'form', 'xlink:href', 'FSCommand', 'seekSegmentTime'); + static $naughty_tags = array( + 'alert', 'area', 'prompt', 'confirm', 'applet', 'audio', 'basefont', 'base', 'behavior', 'bgsound', + 'blink', 'body', 'embed', 'expression', 'form', 'frameset', 'frame', 'head', 'html', 'ilayer', + 'iframe', 'input', 'button', 'select', 'isindex', 'layer', 'link', 'meta', 'keygen', 'object', + 'plaintext', 'style', 'script', 'textarea', 'title', 'math', 'video', 'svg', 'xml', 'xss' + ); - if ($is_image === TRUE) + static $evil_attributes = array( + 'on\w+', 'style', 'xmlns', 'formaction', 'form', 'xlink:href', 'FSCommand', 'seekSegmentTime' + ); + + // First, escape unclosed tags + if (empty($matches['closeTag'])) + { + return '<'.$matches[1]; + } + // Is the element that we caught naughty? If so, escape it + elseif (in_array(strtolower($matches['tagName']), $naughty_tags, TRUE)) { - /* - * Adobe Photoshop puts XML metadata into JFIF images, - * including namespacing, so we have to allow this for images. - */ - unset($evil_attributes[array_search('xmlns', $evil_attributes)]); + return '<'.$matches[1].'>'; } + // For other tags, see if their attributes are "evil" and strip those + elseif (isset($matches['attributes'])) + { + // We'll store the already fitlered attributes here + $attributes = array(); - do { - $count = $temp_count = 0; + // Attribute-catching pattern + $attributes_pattern = '#' + .'(?<name>[^\s\042\047>/=]+)' // attribute characters + // optional attribute-value + .'(?:\s*=(?<value>[^\s\042\047=><`]+|\s*\042[^\042]*\042|\s*\047[^\047]*\047|\s*(?U:[^\s\042\047=><`]*)))' // attribute-value separator + .'#i'; - // replace occurrences of illegal attribute strings with quotes (042 and 047 are octal quotes) - $str = preg_replace('/(<[^>]+)(?<!\w)('.implode('|', $evil_attributes).')\s*=\s*(\042|\047)([^\\2]*?)(\\2)/is', '$1[removed]', $str, -1, $temp_count); - $count += $temp_count; + // Blacklist pattern for evil attribute names + $is_evil_pattern = '#^('.implode('|', $evil_attributes).')$#i'; - // find occurrences of illegal attribute strings without quotes - $str = preg_replace('/(<[^>]+)(?<!\w)('.implode('|', $evil_attributes).')\s*=\s*([^\s>]*)/is', '$1[removed]', $str, -1, $temp_count); - $count += $temp_count; - } - while ($count); + // Each iteration filters a single attribute + do + { + // Strip any non-alpha characters that may precede an attribute. + // Browsers often parse these incorrectly and that has been a + // of numerous XSS issues we've had. + $matches['attributes'] = preg_replace('#^[^a-z]+#i', '', $matches['attributes']); - return $str; - } + if ( ! preg_match($attributes_pattern, $matches['attributes'], $attribute, PREG_OFFSET_CAPTURE)) + { + // No (valid) attribute found? Discard everything else inside the tag + break; + } - // -------------------------------------------------------------------- + if ( + // Is it indeed an "evil" attribute? + preg_match($is_evil_pattern, $attribute['name'][0]) + // Or does it have an equals sign, but no value and not quoted? Strip that too! + OR (trim($attribute['value'][0]) === '') + ) + { + $attributes[] = 'xss=removed'; + } + else + { + $attributes[] = $attribute[0][0]; + } - /** - * Sanitize Naughty HTML - * - * Callback method for xss_clean() to remove naughty HTML elements. - * - * @used-by CI_Security::xss_clean() - * @param array $matches - * @return string - */ - protected function _sanitize_naughty_html($matches) - { - return '<'.$matches[1].$matches[2].$matches[3] // encode opening brace - // encode captured opening or closing brace to prevent recursive vectors: - .str_replace(array('>', '<'), array('>', '<'), $matches[4]); + $matches['attributes'] = substr($matches['attributes'], $attribute[0][1] + strlen($attribute[0][0])); + } + while ($matches['attributes'] !== ''); + + $attributes = empty($attributes) + ? '' + : ' '.implode(' ', $attributes); + return '<'.$matches['slash'].$matches['tagName'].$attributes.'>'; + } + + return $matches[0]; } // -------------------------------------------------------------------- @@ -834,12 +902,15 @@ class CI_Security { */ protected function _js_link_removal($match) { - return str_replace($match[1], - preg_replace('#href=.*?(?:(?:alert|prompt|confirm)(?:\(|&\#40;)|javascript:|livescript:|mocha:|charset=|window\.|document\.|\.cookie|<script|<xss|data\s*:)#si', - '', - $this->_filter_attributes(str_replace(array('<', '>'), '', $match[1])) - ), - $match[0]); + return str_replace( + $match[1], + preg_replace( + '#href=.*?(?:(?:alert|prompt|confirm)(?:\(|&\#40;)|javascript:|livescript:|mocha:|charset=|window\.|document\.|\.cookie|<script|<xss|d\s*a\s*t\s*a\s*:)#si', + '', + $this->_filter_attributes($match[1]) + ), + $match[0] + ); } // -------------------------------------------------------------------- @@ -859,12 +930,15 @@ class CI_Security { */ protected function _js_img_removal($match) { - return str_replace($match[1], - preg_replace('#src=.*?(?:(?:alert|prompt|confirm)(?:\(|&\#40;)|javascript:|livescript:|mocha:|charset=|window\.|document\.|\.cookie|<script|<xss|base64\s*,)#si', - '', - $this->_filter_attributes(str_replace(array('<', '>'), '', $match[1])) - ), - $match[0]); + return str_replace( + $match[1], + preg_replace( + '#src=.*?(?:(?:alert|prompt|confirm|eval)(?:\(|&\#40;)|javascript:|livescript:|mocha:|charset=|window\.|document\.|\.cookie|<script|<xss|base64\s*,)#si', + '', + $this->_filter_attributes($match[1]) + ), + $match[0] + ); } // -------------------------------------------------------------------- @@ -980,5 +1054,4 @@ class CI_Security { return $this->_csrf_hash; } - } diff --git a/system/core/URI.php b/system/core/URI.php index 5b658f679..275c07900 100644 --- a/system/core/URI.php +++ b/system/core/URI.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category URI * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/uri.html + * @link https://codeigniter.com/user_guide/libraries/uri.html */ class CI_URI { @@ -96,45 +96,40 @@ class CI_URI { * * @return void */ - public function __construct() + public function __construct(CI_Config $config) { - $this->config =& load_class('Config', 'core'); + $this->config = $config; + // If it's a CLI request, ignore the configuration + if (is_cli()) + { + $this->_set_uri_string($this->_parse_argv(), TRUE); + } // If query strings are enabled, we don't need to parse any segments. - // However, they don't make sense under CLI. - if (is_cli() OR $this->config->item('enable_query_strings') !== TRUE) + elseif ($this->config->item('enable_query_strings') !== TRUE) { $this->_permitted_uri_chars = $this->config->item('permitted_uri_chars'); + $protocol = $this->config->item('uri_protocol'); + empty($protocol) && $protocol = 'REQUEST_URI'; - // If it's a CLI request, ignore the configuration - if (is_cli()) + switch ($protocol) { - $uri = $this->_parse_argv(); + case 'AUTO': // For BC purposes only + case 'REQUEST_URI': + $uri = $this->_parse_request_uri(); + break; + case 'QUERY_STRING': + $uri = $this->_parse_query_string(); + break; + case 'PATH_INFO': + default: + $uri = isset($_SERVER[$protocol]) + ? $_SERVER[$protocol] + : $this->_parse_request_uri(); + break; } - else - { - $protocol = $this->config->item('uri_protocol'); - empty($protocol) && $protocol = 'REQUEST_URI'; - switch ($protocol) - { - case 'AUTO': // For BC purposes only - case 'REQUEST_URI': - $uri = $this->_parse_request_uri(); - break; - case 'QUERY_STRING': - $uri = $this->_parse_query_string(); - break; - case 'PATH_INFO': - default: - $uri = isset($_SERVER[$protocol]) - ? $_SERVER[$protocol] - : $this->_parse_request_uri(); - break; - } - } - - $this->_set_uri_string($uri); + $this->_set_uri_string($uri, FALSE); } log_message('info', 'URI Class Initialized'); @@ -145,43 +140,66 @@ class CI_URI { /** * Set URI String * - * @param string $str + * @param string $str Input URI string + * @param bool $is_cli Whether the input comes from CLI * @return void */ - protected function _set_uri_string($str) + protected function _set_uri_string($str, $is_cli = FALSE) { - // Filter out control characters and trim slashes - $this->uri_string = trim(remove_invisible_characters($str, FALSE), '/'); - - if ($this->uri_string !== '') + // CLI requests have a bit simpler logic + if ($is_cli) { - // Remove the URL suffix, if present - if (($suffix = (string) $this->config->item('url_suffix')) !== '') + if (($this->uri_string = trim($str, '/')) === '') { - $slen = strlen($suffix); - - if (substr($this->uri_string, -$slen) === $suffix) - { - $this->uri_string = substr($this->uri_string, 0, -$slen); - } + return; } $this->segments[0] = NULL; - // Populate the segments array - foreach (explode('/', trim($this->uri_string, '/')) as $val) + foreach (explode('/', $this->uri_string) as $segment) { - $val = trim($val); - // Filter segments for security - $this->filter_uri($val); - - if ($val !== '') + if (($segment = trim($segment)) !== '') { - $this->segments[] = $val; + $this->segments[] = $segment; } } unset($this->segments[0]); + return; + } + + // Filter out control characters and trim slashes + $this->uri_string = trim(remove_invisible_characters($str, FALSE), '/'); + + if ($this->uri_string === '') + { + return; } + + // Remove the URL suffix, if present + if (($suffix = (string) $this->config->item('url_suffix')) !== '') + { + $slen = strlen($suffix); + + if (substr($this->uri_string, -$slen) === $suffix) + { + $this->uri_string = substr($this->uri_string, 0, -$slen); + } + } + + $this->segments[0] = NULL; + foreach (explode('/', trim($this->uri_string, '/')) as $segment) + { + $segment = trim($segment); + // Filter segments for security + $this->filter_uri($segment); + + if ($segment !== '') + { + $this->segments[] = $segment; + } + } + + unset($this->segments[0]); } // -------------------------------------------------------------------- @@ -294,7 +312,7 @@ class CI_URI { * * Do some final cleaning of the URI and return it, currently only used in self::_parse_request_uri() * - * @param string $url + * @param string $uri * @return string */ protected function _remove_relative_directory($uri) diff --git a/system/core/Utf8.php b/system/core/Utf8.php index 9d8ac41e1..1aafbf3a3 100644 --- a/system/core/Utf8.php +++ b/system/core/Utf8.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 2.0.0 * @filesource */ @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category UTF-8 * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/utf8.html + * @link https://codeigniter.com/user_guide/libraries/utf8.html */ class CI_Utf8 { @@ -57,21 +57,21 @@ class CI_Utf8 { * * @return void */ - public function __construct() + public function __construct($charset) { if ( - defined('PREG_BAD_UTF8_ERROR') // PCRE must support UTF-8 - && (ICONV_ENABLED === TRUE OR MB_ENABLED === TRUE) // iconv or mbstring must be installed - && strtoupper(config_item('charset')) === 'UTF-8' // Application charset must be UTF-8 - ) + defined('PREG_BAD_UTF8_ERROR') // PCRE must support UTF-8 + && (ICONV_ENABLED === TRUE OR MB_ENABLED === TRUE) // iconv or mbstring must be installed + && $charset === 'UTF-8' // Application charset must be UTF-8 + ) { define('UTF8_ENABLED', TRUE); - log_message('debug', 'UTF-8 Support Enabled'); + log_message('info', 'UTF-8 Support Enabled'); } else { define('UTF8_ENABLED', FALSE); - log_message('debug', 'UTF-8 Support Disabled'); + log_message('info', 'UTF-8 Support Disabled'); } log_message('info', 'Utf8 Class Initialized'); diff --git a/system/core/compat/hash.php b/system/core/compat/hash.php index 15954559c..c0eab4909 100644 --- a/system/core/compat/hash.php +++ b/system/core/compat/hash.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage CodeIgniter * @category Compatibility * @author Andrey Andreev - * @link http://codeigniter.com/user_guide/ + * @link https://codeigniter.com/user_guide/ * @link http://php.net/hash */ @@ -119,7 +119,7 @@ if ( ! function_exists('hash_pbkdf2')) */ function hash_pbkdf2($algo, $password, $salt, $iterations, $length = 0, $raw_output = FALSE) { - if ( ! in_array($algo, hash_algos(), TRUE)) + if ( ! in_array(strtolower($algo), hash_algos(), TRUE)) { trigger_error('hash_pbkdf2(): Unknown hashing algorithm: '.$algo, E_USER_WARNING); return FALSE; @@ -203,8 +203,6 @@ if ( ! function_exists('hash_pbkdf2')) 'ripemd160' => 64, 'ripemd256' => 64, 'ripemd320' => 64, - 'salsa10' => 64, - 'salsa20' => 64, 'sha1' => 64, 'sha224' => 64, 'sha256' => 64, diff --git a/system/core/compat/mbstring.php b/system/core/compat/mbstring.php index e335c85f7..f466e1c34 100644 --- a/system/core/compat/mbstring.php +++ b/system/core/compat/mbstring.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage CodeIgniter * @category Compatibility * @author Andrey Andreev - * @link http://codeigniter.com/user_guide/ + * @link https://codeigniter.com/user_guide/ * @link http://php.net/mbstring */ diff --git a/system/core/compat/password.php b/system/core/compat/password.php index 7b933aa04..84be66738 100644 --- a/system/core/compat/password.php +++ b/system/core/compat/password.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -44,13 +44,13 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage CodeIgniter * @category Compatibility * @author Andrey Andreev - * @link http://codeigniter.com/user_guide/ + * @link https://codeigniter.com/user_guide/ * @link http://php.net/password */ // ------------------------------------------------------------------------ -if (is_php('5.5') OR ! is_php('5.3.7') OR ! defined('CRYPT_BLOWFISH') OR CRYPT_BLOWFISH !== 1 OR defined('HHVM_VERSION')) +if (is_php('5.5') OR ! defined('CRYPT_BLOWFISH') OR CRYPT_BLOWFISH !== 1 OR defined('HHVM_VERSION')) { return; } @@ -116,13 +116,21 @@ if ( ! function_exists('password_hash')) } elseif ( ! isset($options['salt'])) { - if (defined('MCRYPT_DEV_URANDOM')) + if (function_exists('random_bytes')) { - $options['salt'] = mcrypt_create_iv(16, MCRYPT_DEV_URANDOM); + try + { + $options['salt'] = random_bytes(16); + } + catch (Exception $e) + { + log_message('error', 'compat/password: Error while trying to use random_bytes(): '.$e->getMessage()); + return FALSE; + } } - elseif (function_exists('openssl_random_pseudo_bytes')) + elseif (defined('MCRYPT_DEV_URANDOM')) { - $options['salt'] = openssl_random_pseudo_bytes(16); + $options['salt'] = mcrypt_create_iv(16, MCRYPT_DEV_URANDOM); } elseif (DIRECTORY_SEPARATOR === '/' && (is_readable($dev = '/dev/arandom') OR is_readable($dev = '/dev/urandom'))) { @@ -133,7 +141,7 @@ if ( ! function_exists('password_hash')) } // Try not to waste entropy ... - is_php('5.4') && stream_set_chunk_size($fp, 16); + stream_set_chunk_size($fp, 16); $options['salt'] = ''; for ($read = 0; $read < 16; $read = ($func_override) ? mb_strlen($options['salt'], '8bit') : strlen($options['salt'])) @@ -148,6 +156,16 @@ if ( ! function_exists('password_hash')) fclose($fp); } + elseif (function_exists('openssl_random_pseudo_bytes')) + { + $is_secure = NULL; + $options['salt'] = openssl_random_pseudo_bytes(16, $is_secure); + if ($is_secure !== TRUE) + { + log_message('error', 'compat/password: openssl_random_pseudo_bytes() set the $cryto_strong flag to FALSE'); + return FALSE; + } + } else { log_message('error', 'compat/password: No CSPRNG available.'); diff --git a/system/core/compat/standard.php b/system/core/compat/standard.php index 5a428c114..6fd292a26 100644 --- a/system/core/compat/standard.php +++ b/system/core/compat/standard.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage CodeIgniter * @category Compatibility * @author Andrey Andreev - * @link http://codeigniter.com/user_guide/ + * @link https://codeigniter.com/user_guide/ */ // ------------------------------------------------------------------------ @@ -62,7 +62,7 @@ if ( ! function_exists('array_column')) * array_column() * * @link http://php.net/array_column - * @param string $array + * @param array $array * @param mixed $column_key * @param mixed $index_key * @return array @@ -132,258 +132,3 @@ if ( ! function_exists('array_column')) return $result; } } - -// ------------------------------------------------------------------------ - -if (is_php('5.4')) -{ - return; -} - -// ------------------------------------------------------------------------ - -if ( ! function_exists('hex2bin')) -{ - /** - * hex2bin() - * - * @link http://php.net/hex2bin - * @param string $data - * @return string - */ - function hex2bin($data) - { - if (in_array($type = gettype($data), array('array', 'double', 'object'), TRUE)) - { - if ($type === 'object' && method_exists($data, '__toString')) - { - $data = (string) $data; - } - else - { - trigger_error('hex2bin() expects parameter 1 to be string, '.$type.' given', E_USER_WARNING); - return NULL; - } - } - - if (strlen($data) % 2 !== 0) - { - trigger_error('Hexadecimal input string must have an even length', E_USER_WARNING); - return FALSE; - } - elseif ( ! preg_match('/^[0-9a-f]*$/i', $data)) - { - trigger_error('Input string must be hexadecimal string', E_USER_WARNING); - return FALSE; - } - - return pack('H*', $data); - } -} - -// ------------------------------------------------------------------------ - -if (is_php('5.3')) -{ - return; -} - -// ------------------------------------------------------------------------ - -if ( ! function_exists('array_replace')) -{ - /** - * array_replace() - * - * @link http://php.net/array_replace - * @return array - */ - function array_replace() - { - $arrays = func_get_args(); - - if (($c = count($arrays)) === 0) - { - trigger_error('array_replace() expects at least 1 parameter, 0 given', E_USER_WARNING); - return NULL; - } - elseif ($c === 1) - { - if ( ! is_array($arrays[0])) - { - trigger_error('array_replace(): Argument #1 is not an array', E_USER_WARNING); - return NULL; - } - - return $arrays[0]; - } - - $array = array_shift($arrays); - $c--; - - for ($i = 0; $i < $c; $i++) - { - if ( ! is_array($arrays[$i])) - { - trigger_error('array_replace(): Argument #'.($i + 2).' is not an array', E_USER_WARNING); - return NULL; - } - elseif (empty($arrays[$i])) - { - continue; - } - - foreach (array_keys($arrays[$i]) as $key) - { - $array[$key] = $arrays[$i][$key]; - } - } - - return $array; - } -} - -// ------------------------------------------------------------------------ - -if ( ! function_exists('array_replace_recursive')) -{ - /** - * array_replace_recursive() - * - * @link http://php.net/array_replace_recursive - * @return array - */ - function array_replace_recursive() - { - $arrays = func_get_args(); - - if (($c = count($arrays)) === 0) - { - trigger_error('array_replace_recursive() expects at least 1 parameter, 0 given', E_USER_WARNING); - return NULL; - } - elseif ($c === 1) - { - if ( ! is_array($arrays[0])) - { - trigger_error('array_replace_recursive(): Argument #1 is not an array', E_USER_WARNING); - return NULL; - } - - return $arrays[0]; - } - - $array = array_shift($arrays); - $c--; - - for ($i = 0; $i < $c; $i++) - { - if ( ! is_array($arrays[$i])) - { - trigger_error('array_replace_recursive(): Argument #'.($i + 2).' is not an array', E_USER_WARNING); - return NULL; - } - elseif (empty($arrays[$i])) - { - continue; - } - - foreach (array_keys($arrays[$i]) as $key) - { - $array[$key] = (is_array($arrays[$i][$key]) && isset($array[$key]) && is_array($array[$key])) - ? array_replace_recursive($array[$key], $arrays[$i][$key]) - : $arrays[$i][$key]; - } - } - - return $array; - } -} - -// ------------------------------------------------------------------------ - -if ( ! function_exists('quoted_printable_encode')) -{ - /** - * quoted_printable_encode() - * - * @link http://php.net/quoted_printable_encode - * @param string $str - * @return string - */ - function quoted_printable_encode($str) - { - if (strlen($str) === 0) - { - return ''; - } - elseif (in_array($type = gettype($str), array('array', 'object'), TRUE)) - { - if ($type === 'object' && method_exists($str, '__toString')) - { - $str = (string) $str; - } - else - { - trigger_error('quoted_printable_encode() expects parameter 1 to be string, '.$type.' given', E_USER_WARNING); - return NULL; - } - } - - if (function_exists('imap_8bit')) - { - return imap_8bit($str); - } - - $i = $lp = 0; - $output = ''; - $hex = '0123456789ABCDEF'; - $length = (extension_loaded('mbstring') && ini_get('mbstring.func_overload')) - ? mb_strlen($str, '8bit') - : strlen($str); - - while ($length--) - { - if ((($c = $str[$i++]) === "\015") && isset($str[$i]) && ($str[$i] === "\012") && $length > 0) - { - $output .= "\015".$str[$i++]; - $length--; - $lp = 0; - continue; - } - - if ( - ctype_cntrl($c) - OR (ord($c) === 0x7f) - OR (ord($c) & 0x80) - OR ($c === '=') - OR ($c === ' ' && isset($str[$i]) && $str[$i] === "\015") - ) - { - if ( - (($lp += 3) > 75 && ord($c) <= 0x7f) - OR (ord($c) > 0x7f && ord($c) <= 0xdf && ($lp + 3) > 75) - OR (ord($c) > 0xdf && ord($c) <= 0xef && ($lp + 6) > 75) - OR (ord($c) > 0xef && ord($c) <= 0xf4 && ($lp + 9) > 75) - ) - { - $output .= "=\015\012"; - $lp = 3; - } - - $output .= '='.$hex[ord($c) >> 4].$hex[ord($c) & 0xf]; - continue; - } - - if ((++$lp) > 75) - { - $output .= "=\015\012"; - $lp = 1; - } - - $output .= $c; - } - - return $output; - } -} diff --git a/system/database/DB.php b/system/database/DB.php index 0c7cf54b3..009035032 100644 --- a/system/database/DB.php +++ b/system/database/DB.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -42,7 +42,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ * * @param string|string[] $params * @param bool $query_builder_override @@ -82,7 +82,7 @@ function &DB($params = '', $query_builder_override = NULL) } } - if ( ! isset($db) OR count($db) === 0) + if (empty($db)) { show_error('No database connection settings were found in the database config file.'); } @@ -192,10 +192,13 @@ function &DB($params = '', $query_builder_override = NULL) // Load the DB driver $driver_file = BASEPATH.'database/drivers/'.$params['dbdriver'].'/'.$params['dbdriver'].'_driver.php'; - file_exists($driver_file) OR show_error('Invalid DB driver'); require_once($driver_file); + // Load the result classes as well + require_once(BASEPATH.'database/DB_result.php'); + require_once(BASEPATH.'database/drivers/'.$params['dbdriver'].'/'.$params['dbdriver'].'_result.php'); + // Instantiate the DB adapter $driver = 'CI_DB_'.$params['dbdriver'].'_driver'; $DB = new $driver($params); diff --git a/system/database/DB_cache.php b/system/database/DB_cache.php index 223055f60..b74c31924 100644 --- a/system/database/DB_cache.php +++ b/system/database/DB_cache.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -42,7 +42,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_Cache { diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php index e58496de9..161e0e225 100644 --- a/system/database/DB_driver.php +++ b/system/database/DB_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -48,7 +48,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ abstract class CI_DB_driver { @@ -380,7 +380,8 @@ abstract class CI_DB_driver { /** * Initialize Database Settings * - * @return bool + * @return void + * @throws RuntimeException In case of failure */ public function initialize() { @@ -392,7 +393,7 @@ abstract class CI_DB_driver { */ if ($this->conn_id) { - return TRUE; + return; } // ---------------------------------------------------------------- @@ -429,19 +430,9 @@ abstract class CI_DB_driver { // We still don't have a connection? if ( ! $this->conn_id) { - log_message('error', 'Unable to connect to the database'); - - if ($this->db_debug) - { - $this->display_error('db_unable_to_connect'); - } - - return FALSE; + throw new RuntimeException('Unable to connect to the database.'); } } - - // Now we set the character set and that's all - return $this->db_set_charset($this->char_set); } // -------------------------------------------------------------------- @@ -505,26 +496,13 @@ abstract class CI_DB_driver { // -------------------------------------------------------------------- /** - * Set client character set + * Last error * - * @param string - * @return bool + * @return array */ - public function db_set_charset($charset) + public function error() { - if (method_exists($this, '_db_set_charset') && ! $this->_db_set_charset($charset)) - { - log_message('error', 'Unable to set database connection charset: '.$charset); - - if ($this->db_debug) - { - $this->display_error('db_unable_to_set_charset', $charset); - } - - return FALSE; - } - - return TRUE; + return array('code' => NULL, 'message' => NULL); } // -------------------------------------------------------------------- @@ -622,7 +600,6 @@ abstract class CI_DB_driver { // cached query if it exists if ($this->cache_on === TRUE && $return_object === TRUE && $this->_cache_init()) { - $this->load_rdriver(); if (FALSE !== ($cache = $this->CACHE->read($sql))) { return $cache; @@ -647,7 +624,10 @@ abstract class CI_DB_driver { } // This will trigger a rollback if transactions are being used - $this->_trans_status = FALSE; + if ($this->_trans_depth !== 0) + { + $this->_trans_status = FALSE; + } // Grab the error now, as we might run some additional queries before displaying the error $error = $this->error(); @@ -661,13 +641,15 @@ abstract class CI_DB_driver { // if transactions are enabled. If we don't call this here // the error message will trigger an exit, causing the // transactions to remain in limbo. - if ($this->_trans_depth !== 0) + while ($this->_trans_depth !== 0) { - do + $trans_depth = $this->_trans_depth; + $this->trans_complete(); + if ($trans_depth === $this->_trans_depth) { - $this->trans_complete(); + log_message('error', 'Database: Failure during an automated transaction commit/rollback!'); + break; } - while ($this->_trans_depth !== 0); } // Display errors @@ -701,9 +683,9 @@ abstract class CI_DB_driver { return TRUE; } - // Load and instantiate the result driver - $driver = $this->load_rdriver(); - $RES = new $driver($this); + // Instantiate the driver-specific result class + $driver = 'CI_DB_'.$this->dbdriver.'_result'; + $RES = new $driver($this); // Is query caching enabled? If so, we'll serialize the // result object and save it to a cache file. @@ -733,26 +715,6 @@ abstract class CI_DB_driver { // -------------------------------------------------------------------- /** - * Load the result drivers - * - * @return string the name of the result class - */ - public function load_rdriver() - { - $driver = 'CI_DB_'.$this->dbdriver.'_result'; - - if ( ! class_exists($driver, FALSE)) - { - require_once(BASEPATH.'database/DB_result.php'); - require_once(BASEPATH.'database/drivers/'.$this->dbdriver.'/'.$this->dbdriver.'_result.php'); - } - - return $driver; - } - - // -------------------------------------------------------------------- - - /** * Simple Query * This is a simplified version of the query() function. Internally * we only use it when running transaction commands since they do @@ -763,11 +725,7 @@ abstract class CI_DB_driver { */ public function simple_query($sql) { - if ( ! $this->conn_id) - { - $this->initialize(); - } - + empty($this->conn_id) && $this->initialize(); return $this->_execute($sql); } @@ -788,10 +746,13 @@ abstract class CI_DB_driver { /** * Enable/disable Transaction Strict Mode + * * When strict mode is enabled, if you are running multiple groups of - * transactions, if one group fails all groups will be rolled back. - * If strict mode is disabled, each group is treated autonomously, meaning - * a failure of one group will not affect any others + * transactions, if one group fails all subsequent groups will be + * rolled back. + * + * If strict mode is disabled, each group is treated autonomously, + * meaning a failure of one group will not affect any others * * @param bool $mode = TRUE * @return void @@ -807,24 +768,16 @@ abstract class CI_DB_driver { * Start Transaction * * @param bool $test_mode = FALSE - * @return void + * @return bool */ public function trans_start($test_mode = FALSE) { if ( ! $this->trans_enabled) { - return; - } - - // When transactions are nested we only begin/commit/rollback the outermost ones - if ($this->_trans_depth > 0) - { - $this->_trans_depth += 1; - return; + return FALSE; } - $this->trans_begin($test_mode); - $this->_trans_depth += 1; + return $this->trans_begin($test_mode); } // -------------------------------------------------------------------- @@ -841,25 +794,14 @@ abstract class CI_DB_driver { return FALSE; } - // When transactions are nested we only begin/commit/rollback the outermost ones - if ($this->_trans_depth > 1) - { - $this->_trans_depth -= 1; - return TRUE; - } - else - { - $this->_trans_depth = 0; - } - // The query() function will set this flag to FALSE in the event that a query failed if ($this->_trans_status === FALSE OR $this->_trans_failure === TRUE) { $this->trans_rollback(); // If we are NOT running in strict mode, we will reset - // the _trans_status flag so that subsequent groups of transactions - // will be permitted. + // the _trans_status flag so that subsequent groups of + // transactions will be permitted. if ($this->trans_strict === FALSE) { $this->_trans_status = TRUE; @@ -869,8 +811,7 @@ abstract class CI_DB_driver { return FALSE; } - $this->trans_commit(); - return TRUE; + return $this->trans_commit(); } // -------------------------------------------------------------------- @@ -888,6 +829,87 @@ abstract class CI_DB_driver { // -------------------------------------------------------------------- /** + * Begin Transaction + * + * @param bool $test_mode + * @return bool + */ + public function trans_begin($test_mode = FALSE) + { + if ( ! $this->trans_enabled) + { + return FALSE; + } + // When transactions are nested we only begin/commit/rollback the outermost ones + elseif ($this->_trans_depth > 0) + { + $this->_trans_depth++; + return TRUE; + } + + // Reset the transaction failure flag. + // If the $test_mode flag is set to TRUE transactions will be rolled back + // even if the queries produce a successful result. + $this->_trans_failure = ($test_mode === TRUE); + + if ($this->_trans_begin()) + { + $this->_trans_depth++; + return TRUE; + } + + return FALSE; + } + + // -------------------------------------------------------------------- + + /** + * Commit Transaction + * + * @return bool + */ + public function trans_commit() + { + if ( ! $this->trans_enabled OR $this->_trans_depth === 0) + { + return FALSE; + } + // When transactions are nested we only begin/commit/rollback the outermost ones + elseif ($this->_trans_depth > 1 OR $this->_trans_commit()) + { + $this->_trans_depth--; + return TRUE; + } + + return FALSE; + } + + // -------------------------------------------------------------------- + + /** + * Rollback Transaction + * + * @return bool + */ + public function trans_rollback() + { + if ( ! $this->trans_enabled OR $this->_trans_depth === 0) + { + return FALSE; + } + // When transactions are nested we only begin/commit/rollback the outermost ones + elseif ($this->_trans_depth > 1 OR $this->_trans_rollback()) + { + $this->_trans_depth--; + return TRUE; + } + + return FALSE; + } + + // -------------------------------------------------------------------- + + /** * Compile Bindings * * @param string the sql statement @@ -896,7 +918,7 @@ abstract class CI_DB_driver { */ public function compile_binds($sql, $binds) { - if (empty($binds) OR empty($this->bind_marker) OR strpos($sql, $this->bind_marker) === FALSE) + if (empty($this->bind_marker) OR strpos($sql, $this->bind_marker) === FALSE) { return $sql; } @@ -916,7 +938,7 @@ abstract class CI_DB_driver { $ml = strlen($this->bind_marker); // Make sure not to replace a chunk inside a string that happens to match the bind marker - if ($c = preg_match_all("/'[^']*'/i", $sql, $matches)) + if ($c = preg_match_all("/'[^']*'|\"[^\"]*\"/i", $sql, $matches)) { $c = preg_match_all('/'.preg_quote($this->bind_marker, '/').'/i', str_replace($matches[0], @@ -1089,7 +1111,7 @@ abstract class CI_DB_driver { // -------------------------------------------------------------------- /** - * Platform-dependant string escape + * Platform-dependent string escape * * @param string * @return string @@ -1477,18 +1499,18 @@ abstract class CI_DB_driver { ? '\s+'.preg_quote(trim(sprintf($this->_like_escape_str, $this->_like_escape_chr)), '/') : ''; $_operators = array( - '\s*(?:<|>|!)?=\s*', // =, <=, >=, != - '\s*<>?\s*', // <, <> - '\s*>\s*', // > - '\s+IS NULL', // IS NULL - '\s+IS NOT NULL', // IS NOT NULL - '\s+EXISTS\s*\([^\)]+\)', // EXISTS(sql) - '\s+NOT EXISTS\s*\([^\)]+\)', // NOT EXISTS(sql) - '\s+BETWEEN\s+\S+\s+AND\s+\S+', // BETWEEN value AND value - '\s+IN\s*\([^\)]+\)', // IN(list) - '\s+NOT IN\s*\([^\)]+\)', // NOT IN (list) - '\s+LIKE\s+\S+'.$_les, // LIKE 'expr'[ ESCAPE '%s'] - '\s+NOT LIKE\s+\S+'.$_les // NOT LIKE 'expr'[ ESCAPE '%s'] + '\s*(?:<|>|!)?=\s*', // =, <=, >=, != + '\s*<>?\s*', // <, <> + '\s*>\s*', // > + '\s+IS NULL', // IS NULL + '\s+IS NOT NULL', // IS NOT NULL + '\s+EXISTS\s*\(.*\)', // EXISTS(sql) + '\s+NOT EXISTS\s*\(.*\)', // NOT EXISTS(sql) + '\s+BETWEEN\s+', // BETWEEN value AND value + '\s+IN\s*\(.*\)', // IN(list) + '\s+NOT IN\s*\(.*\)', // NOT IN (list) + '\s+LIKE\s+\S.*('.$_les.')?', // LIKE 'expr'[ ESCAPE '%s'] + '\s+NOT LIKE\s+\S.*('.$_les.')?' // NOT LIKE 'expr'[ ESCAPE '%s'] ); } @@ -1709,7 +1731,7 @@ abstract class CI_DB_driver { * the table prefix onto it. Some logic is necessary in order to deal with * column names that include the path. Consider a query like this: * - * SELECT * FROM hostname.database.table.column AS c FROM hostname.database.table + * SELECT hostname.database.table.column AS c FROM hostname.database.table * * Or a query with aliasing: * @@ -1757,7 +1779,7 @@ abstract class CI_DB_driver { } // Convert tabs or multiple spaces into single spaces - $item = preg_replace('/\s+/', ' ', $item); + $item = preg_replace('/\s+/', ' ', trim($item)); // If the item has an alias declaration we remove it and set it aside. // Note: strripos() is used in order to support spaces in table names @@ -1785,12 +1807,15 @@ abstract class CI_DB_driver { // with an alias. While we're at it, we will escape the components if (strpos($item, '.') !== FALSE) { - $parts = explode('.', $item); + $parts = explode('.', $item); // Does the first segment of the exploded item match // one of the aliases previously identified? If so, // we have nothing more to do other than escape the item - if (in_array($parts[0], $this->qb_aliased_tables)) + // + // NOTE: The ! empty() condition prevents this method + // from breaking when QB isn't enabled. + if ( ! empty($this->qb_aliased_tables) && in_array($parts[0], $this->qb_aliased_tables)) { if ($protect_identifiers === TRUE) { diff --git a/system/database/DB_forge.php b/system/database/DB_forge.php index dde285598..b52d1fb2b 100644 --- a/system/database/DB_forge.php +++ b/system/database/DB_forge.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -42,7 +42,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ abstract class CI_DB_forge { @@ -184,7 +184,7 @@ abstract class CI_DB_forge { { return ($this->db->db_debug) ? $this->db->display_error('db_unsupported_feature') : FALSE; } - elseif ( ! $this->db->query(sprintf($this->_create_database, $db_name, $this->db->char_set, $this->db->dbcollat))) + elseif ( ! $this->db->query(sprintf($this->_create_database, $this->db->escape_identifiers($db_name), $this->db->char_set, $this->db->dbcollat))) { return ($this->db->db_debug) ? $this->db->display_error('db_unable_to_drop') : FALSE; } @@ -211,7 +211,7 @@ abstract class CI_DB_forge { { return ($this->db->db_debug) ? $this->db->display_error('db_unsupported_feature') : FALSE; } - elseif ( ! $this->db->query(sprintf($this->_drop_database, $db_name))) + elseif ( ! $this->db->query(sprintf($this->_drop_database, $this->db->escape_identifiers($db_name)))) { return ($this->db->db_debug) ? $this->db->display_error('db_unable_to_drop') : FALSE; } @@ -239,7 +239,13 @@ abstract class CI_DB_forge { */ public function add_key($key, $primary = FALSE) { - if (is_array($key)) + // DO NOT change this! This condition is only applicable + // for PRIMARY keys because you can only have one such, + // and therefore all fields you add to it will be included + // in the same, composite PRIMARY KEY. + // + // It's not the same for regular indexes. + if ($primary === TRUE && is_array($key)) { foreach ($key as $one) { @@ -342,7 +348,7 @@ abstract class CI_DB_forge { if (($result = $this->db->query($sql)) !== FALSE) { - empty($this->db->data_cache['table_names']) OR $this->db->data_cache['table_names'][] = $table; + isset($this->db->data_cache['table_names']) && $this->db->data_cache['table_names'][] = $table; // Most databases don't support creating indexes from within the CREATE TABLE statement if ( ! empty($this->keys)) @@ -774,10 +780,6 @@ abstract class CI_DB_forge { case 'ENUM': case 'SET': $attributes['CONSTRAINT'] = $this->db->escape($attributes['CONSTRAINT']); - $field['length'] = is_array($attributes['CONSTRAINT']) - ? "('".implode("','", $attributes['CONSTRAINT'])."')" - : '('.$attributes['CONSTRAINT'].')'; - break; default: $field['length'] = is_array($attributes['CONSTRAINT']) ? '('.implode(',', $attributes['CONSTRAINT']).')' @@ -892,21 +894,33 @@ abstract class CI_DB_forge { return; } - if (array_key_exists('DEFAULT', $attributes)) + if ( ! array_key_exists('DEFAULT', $attributes)) { - if ($attributes['DEFAULT'] === NULL) - { - $field['default'] = empty($this->_null) ? '' : $this->_default.$this->_null; + return; + } - // Override the NULL attribute if that's our default - $attributes['NULL'] = TRUE; - $field['null'] = empty($this->_null) ? '' : ' '.$this->_null; - } - else - { - $field['default'] = $this->_default.$this->db->escape($attributes['DEFAULT']); - } + if ($attributes['DEFAULT'] === NULL) + { + $field['default'] = empty($this->_null) ? '' : $this->_default.$this->_null; + + // Override the NULL attribute if that's our default + $attributes['NULL'] = TRUE; + $field['null'] = empty($this->_null) ? '' : ' '.$this->_null; + return; } + + // White-list CURRENT_TIMESTAMP & similar (e.g. Oracle has stuff like SYSTIMESTAMP) defaults for date/time fields + if ( + isset($attributes['TYPE']) + && (stripos($attributes['TYPE'], 'time') !== FALSE OR stripos($attributes['TYPE'], 'date') !== FALSE) + && (stripos($attributes['DEFAULT'], 'time') !== FALSE OR stripos($attributes['DEFAULT'], 'date') !== FALSE) + ) + { + $field['default'] = $this->_default.$attributes['DEFAULT']; + return; + } + + $field['default'] = $this->_default.$this->db->escape($attributes['DEFAULT']); } // -------------------------------------------------------------------- diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index 7f3334763..fe4cf6993 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ abstract class CI_DB_query_builder extends CI_DB_driver { @@ -150,6 +150,13 @@ abstract class CI_DB_query_builder extends CI_DB_driver { protected $qb_set = array(); /** + * QB data set for update_batch() + * + * @var array + */ + protected $qb_set_ub = array(); + + /** * QB aliased tables list * * @var array @@ -208,6 +215,13 @@ abstract class CI_DB_query_builder extends CI_DB_driver { protected $qb_cache_join = array(); /** + * QB Cache aliased tables list + * + * @var array + */ + protected $qb_cache_aliased_tables = array(); + + /** * QB Cache WHERE data * * @var array @@ -531,39 +545,46 @@ abstract class CI_DB_query_builder extends CI_DB_driver { is_bool($escape) OR $escape = $this->_protect_identifiers; - // Split multiple conditions - if ($escape === TRUE && preg_match_all('/\sAND\s|\sOR\s/i', $cond, $m, PREG_OFFSET_CAPTURE)) + if ( ! $this->_has_operator($cond)) { - $newcond = ''; - $m[0][] = array('', strlen($cond)); - - for ($i = 0, $c = count($m[0]), $s = 0; - $i < $c; - $s = $m[0][$i][1] + strlen($m[0][$i][0]), $i++) - { - $temp = substr($cond, $s, ($m[0][$i][1] - $s)); - - $newcond .= preg_match("/([\[\]\w\.'-]+)(\s*[^\"\[`'\w]+\s*)(.+)/i", $temp, $match) - ? $this->protect_identifiers($match[1]).$match[2].$this->protect_identifiers($match[3]) - : $temp; - - $newcond .= $m[0][$i][0]; - } - - $cond = ' ON '.$newcond; - } - // Split apart the condition and protect the identifiers - elseif ($escape === TRUE && preg_match("/([\[\]\w\.'-]+)(\s*[^\"\[`'\w]+\s*)(.+)/i", $cond, $match)) - { - $cond = ' ON '.$this->protect_identifiers($match[1]).$match[2].$this->protect_identifiers($match[3]); + $cond = ' USING ('.($escape ? $this->escape_identifiers($cond) : $cond).')'; } - elseif ( ! $this->_has_operator($cond)) + elseif ($escape === FALSE) { - $cond = ' USING ('.($escape ? $this->escape_identifiers($cond) : $cond).')'; + $cond = ' ON '.$cond; } else { - $cond = ' ON '.$cond; + // Split multiple conditions + if (preg_match_all('/\sAND\s|\sOR\s/i', $cond, $joints, PREG_OFFSET_CAPTURE)) + { + $conditions = array(); + $joints = $joints[0]; + array_unshift($joints, array('', 0)); + + for ($i = count($joints) - 1, $pos = strlen($cond); $i >= 0; $i--) + { + $joints[$i][1] += strlen($joints[$i][0]); // offset + $conditions[$i] = substr($cond, $joints[$i][1], $pos - $joints[$i][1]); + $pos = $joints[$i][1] - strlen($joints[$i][0]); + $joints[$i] = $joints[$i][0]; + } + } + else + { + $conditions = array($cond); + $joints = array(''); + } + + $cond = ' ON '; + for ($i = 0, $c = count($conditions); $i < $c; $i++) + { + $operator = $this->_get_operator($conditions[$i]); + $cond .= $joints[$i]; + $cond .= preg_match("/(\(*)?([\[\]\w\.'-]+)".preg_quote($operator)."(.*)/i", $conditions[$i], $match) + ? $match[1].$this->protect_identifiers($match[2]).$operator.$this->protect_identifiers($match[3]) + : $conditions[$i]; + } } // Do we want to escape the table name? @@ -672,7 +693,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { // value appears not to have been set, assign the test to IS NULL $k .= ' IS NULL'; } - elseif (preg_match('/\s*(!?=|<>|IS(?:\s+NOT)?)\s*$/i', $k, $match, PREG_OFFSET_CAPTURE)) + elseif (preg_match('/\s*(!?=|<>|\sIS(?:\s+NOT)?\s)\s*$/i', $k, $match, PREG_OFFSET_CAPTURE)) { $k = substr($k, 0, $match[0][1]).($match[1][0] === '=' ? ' IS NULL' : ' IS NOT NULL'); } @@ -1138,7 +1159,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param string $key * @param string $value * @param bool $escape - * @return object + * @return CI_DB_query_builder */ public function having($key, $value = NULL, $escape = NULL) { @@ -1155,7 +1176,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param string $key * @param string $value * @param bool $escape - * @return object + * @return CI_DB_query_builder */ public function or_having($key, $value = NULL, $escape = NULL) { @@ -1264,7 +1285,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { */ protected function _limit($sql) { - return $sql.' LIMIT '.($this->qb_offset ? $this->qb_offset.', ' : '').$this->qb_limit; + return $sql.' LIMIT '.($this->qb_offset ? $this->qb_offset.', ' : '').(int) $this->qb_limit; } // -------------------------------------------------------------------- @@ -1339,7 +1360,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param string the table * @param string the limit clause * @param string the offset clause - * @return object + * @return CI_DB_result */ public function get($table = '', $limit = NULL, $offset = NULL) { @@ -1379,7 +1400,16 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $this->from($table); } - $result = ($this->qb_distinct === TRUE) + // ORDER BY usage is often problematic here (most notably + // on Microsoft SQL Server) and ultimately unnecessary + // for selecting COUNT(*) ... + if ( ! empty($this->qb_orderby)) + { + $orderby = $this->qb_orderby; + $this->qb_orderby = NULL; + } + + $result = ($this->qb_distinct === TRUE OR ! empty($this->qb_groupby) OR ! empty($this->qb_cache_groupby)) ? $this->query($this->_count_string.$this->protect_identifiers('numrows')."\nFROM (\n".$this->_compile_select()."\n) CI_count_all_results") : $this->query($this->_compile_select($this->_count_string.$this->protect_identifiers('numrows'))); @@ -1387,6 +1417,11 @@ abstract class CI_DB_query_builder extends CI_DB_driver { { $this->_reset_select(); } + // If we've previously reset the qb_orderby values, get them back + elseif ( ! isset($this->qb_orderby)) + { + $this->qb_orderby = $orderby; + } if ($result->num_rows() === 0) { @@ -1408,7 +1443,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param string $where * @param int $limit * @param int $offset - * @return object + * @return CI_DB_result */ public function get_where($table = '', $where = NULL, $limit = NULL, $offset = NULL) { @@ -1444,20 +1479,26 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param bool $escape Whether to escape values and identifiers * @return int Number of rows inserted or FALSE on failure */ - public function insert_batch($table = '', $set = NULL, $escape = NULL) + public function insert_batch($table, $set = NULL, $escape = NULL, $batch_size = 100) { - if ($set !== NULL) + if ($set === NULL) { - $this->set_insert_batch($set, '', $escape); + if (empty($this->qb_set)) + { + return ($this->db_debug) ? $this->display_error('db_must_use_set') : FALSE; + } } - - if (count($this->qb_set) === 0) + else { - // No valid data array. Folds in cases where keys and values did not match up - return ($this->db_debug) ? $this->display_error('db_must_use_set') : FALSE; + if (empty($set)) + { + return ($this->db_debug) ? $this->display_error('insert_batch() called with no data') : FALSE; + } + + $this->set_insert_batch($set, '', $escape); } - if ($table === '') + if (strlen($table) === 0) { if ( ! isset($this->qb_from[0])) { @@ -1469,10 +1510,12 @@ abstract class CI_DB_query_builder extends CI_DB_driver { // Batch this baby $affected_rows = 0; - for ($i = 0, $total = count($this->qb_set); $i < $total; $i += 100) + for ($i = 0, $total = count($this->qb_set); $i < $total; $i += $batch_size) { - $this->query($this->_insert_batch($this->protect_identifiers($table, TRUE, $escape, FALSE), $this->qb_keys, array_slice($this->qb_set, $i, 100))); - $affected_rows += $this->affected_rows(); + if ($this->query($this->_insert_batch($this->protect_identifiers($table, TRUE, $escape, FALSE), $this->qb_keys, array_slice($this->qb_set, $i, $batch_size)))) + { + $affected_rows += $this->affected_rows(); + } } $this->_reset_write(); @@ -1517,7 +1560,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { is_bool($escape) OR $escape = $this->_protect_identifiers; - $keys = array_keys($this->_object_to_array(current($key))); + $keys = array_keys($this->_object_to_array(reset($key))); sort($keys); foreach ($key as $row) @@ -1598,7 +1641,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param string the table to insert data into * @param array an associative array of insert values * @param bool $escape Whether to escape values and identifiers - * @return object + * @return bool TRUE on success, FALSE on failure */ public function insert($table = '', $set = NULL, $escape = NULL) { @@ -1664,7 +1707,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * * @param string the table to replace data into * @param array an associative array of insert values - * @return object + * @return bool TRUE on success, FALSE on failure */ public function replace($table = '', $set = NULL) { @@ -1770,7 +1813,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param array $set An associative array of update values * @param mixed $where * @param int $limit - * @return object + * @return bool TRUE on success, FALSE on failure */ public function update($table = '', $set = NULL, $where = NULL, $limit = NULL) { @@ -1845,7 +1888,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param string the where key * @return int number of rows affected or FALSE on failure */ - public function update_batch($table = '', $set = NULL, $index = NULL) + public function update_batch($table, $set = NULL, $index = NULL, $batch_size = 100) { // Combine any cached components with the current statements $this->_merge_cache(); @@ -1855,17 +1898,24 @@ abstract class CI_DB_query_builder extends CI_DB_driver { return ($this->db_debug) ? $this->display_error('db_must_use_index') : FALSE; } - if ($set !== NULL) + if ($set === NULL) { - $this->set_update_batch($set, $index); + if (empty($this->qb_set_ub)) + { + return ($this->db_debug) ? $this->display_error('db_must_use_set') : FALSE; + } } - - if (count($this->qb_set) === 0) + else { - return ($this->db_debug) ? $this->display_error('db_must_use_set') : FALSE; + if (empty($set)) + { + return ($this->db_debug) ? $this->display_error('update_batch() called with no data') : FALSE; + } + + $this->set_update_batch($set, $index); } - if ($table === '') + if (strlen($table) === 0) { if ( ! isset($this->qb_from[0])) { @@ -1877,10 +1927,13 @@ abstract class CI_DB_query_builder extends CI_DB_driver { // Batch this baby $affected_rows = 0; - for ($i = 0, $total = count($this->qb_set); $i < $total; $i += 100) + for ($i = 0, $total = count($this->qb_set_ub); $i < $total; $i += $batch_size) { - $this->query($this->_update_batch($this->protect_identifiers($table, TRUE, NULL, FALSE), array_slice($this->qb_set, $i, 100), $this->protect_identifiers($index))); - $affected_rows += $this->affected_rows(); + if ($this->query($this->_update_batch($this->protect_identifiers($table, TRUE, NULL, FALSE), array_slice($this->qb_set_ub, $i, $batch_size), $index))) + { + $affected_rows += $this->affected_rows(); + } + $this->qb_where = array(); } @@ -1905,13 +1958,13 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $ids = array(); foreach ($values as $key => $val) { - $ids[] = $val[$index]; + $ids[] = $val[$index]['value']; foreach (array_keys($val) as $field) { if ($field !== $index) { - $final[$field][] = 'WHEN '.$index.' = '.$val[$index].' THEN '.$val[$field]; + $final[$val[$field]['field']][] = 'WHEN '.$val[$index]['field'].' = '.$val[$index]['value'].' THEN '.$val[$field]['value']; } } } @@ -1924,7 +1977,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { .'ELSE '.$k.' END, '; } - $this->where($index.' IN('.implode(',', $ids).')', NULL, FALSE); + $this->where($val[$index]['field'].' IN('.implode(',', $ids).')', NULL, FALSE); return 'UPDATE '.$table.' SET '.substr($cases, 0, -2).$this->_compile_wh('qb_where'); } @@ -1961,7 +2014,10 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $index_set = TRUE; } - $clean[$this->protect_identifiers($k2, FALSE, $escape)] = ($escape === FALSE) ? $v2 : $this->escape($v2); + $clean[$k2] = array( + 'field' => $this->protect_identifiers($k2, FALSE, $escape), + 'value' => ($escape === FALSE ? $v2 : $this->escape($v2)) + ); } if ($index_set === FALSE) @@ -1969,7 +2025,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { return $this->display_error('db_batch_missing_index'); } - $this->qb_set[] = $clean; + $this->qb_set_ub[] = $clean; } return $this; @@ -1983,7 +2039,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * Compiles a delete string and runs "DELETE FROM table" * * @param string the table to empty - * @return object + * @return bool TRUE on success, FALSE on failure */ public function empty_table($table = '') { @@ -2016,7 +2072,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * This function maps to "DELETE FROM table" * * @param string the table to truncate - * @return object + * @return bool TRUE on success, FALSE on failure */ public function truncate($table = '') { @@ -2232,9 +2288,14 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $table = trim(strrchr($table, ' ')); // Store the alias, if it doesn't already exist - if ( ! in_array($table, $this->qb_aliased_tables)) + if ( ! in_array($table, $this->qb_aliased_tables, TRUE)) { $this->qb_aliased_tables[] = $table; + if ($this->qb_caching === TRUE && ! in_array($table, $this->qb_cache_aliased_tables, TRUE)) + { + $this->qb_cache_aliased_tables[] = $table; + $this->qb_cache_exists[] = 'aliased_tables'; + } } } } @@ -2301,7 +2362,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { .$this->_compile_order_by(); // ORDER BY // LIMIT - if ($this->qb_limit) + if ($this->qb_limit OR $this->qb_offset) { return $this->_limit($sql."\n"); } @@ -2316,7 +2377,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * * Escapes identifiers in WHERE and HAVING statements at execution time. * - * Required so that aliases are tracked properly, regardless of wether + * Required so that aliases are tracked properly, regardless of whether * where(), or_where(), having(), or_having are called prior to from(), * join() and dbprefix is added only if needed. * @@ -2342,7 +2403,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { // Split multiple conditions $conditions = preg_split( - '/((^|\s+)AND\s+|(^|\s+)OR\s+)/i', + '/((?:^|\s+)AND\s+|(?:^|\s+)OR\s+)/i', $this->{$qb_key}[$i]['condition'], -1, PREG_SPLIT_DELIM_CAPTURE | PREG_SPLIT_NO_EMPTY @@ -2392,7 +2453,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * * Escapes identifiers in GROUP BY statements at execution time. * - * Required so that aliases are tracked properly, regardless of wether + * Required so that aliases are tracked properly, regardless of whether * group_by() is called prior to from(), join() and dbprefix is added * only if needed. * @@ -2428,7 +2489,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * * Escapes identifiers in ORDER BY statements at execution time. * - * Required so that aliases are tracked properly, regardless of wether + * Required so that aliases are tracked properly, regardless of whether * order_by() is called prior to from(), join() and dbprefix is added * only if needed. * @@ -2576,7 +2637,8 @@ abstract class CI_DB_query_builder extends CI_DB_driver { 'qb_cache_orderby' => array(), 'qb_cache_set' => array(), 'qb_cache_exists' => array(), - 'qb_cache_no_escape' => array() + 'qb_cache_no_escape' => array(), + 'qb_cache_aliased_tables' => array() )); return $this; @@ -2627,13 +2689,6 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $this->qb_no_escape = $qb_no_escape; } } - - // If we are "protecting identifiers" we need to examine the "from" - // portion of the query to determine if there are any aliases - if ($this->_protect_identifiers === TRUE && count($this->qb_cache_from) > 0) - { - $this->_track_aliases($this->qb_from); - } } // -------------------------------------------------------------------- @@ -2736,6 +2791,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { { $this->_reset_run(array( 'qb_set' => array(), + 'qb_set_ub' => array(), 'qb_from' => array(), 'qb_join' => array(), 'qb_where' => array(), diff --git a/system/database/DB_result.php b/system/database/DB_result.php index 746f2a110..98d8876a7 100644 --- a/system/database/DB_result.php +++ b/system/database/DB_result.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_result { @@ -660,7 +660,7 @@ class CI_DB_result { */ protected function _fetch_object($class_name = 'stdClass') { - return array(); + return new $class_name(); } } diff --git a/system/database/DB_utility.php b/system/database/DB_utility.php index 78398ea83..944d45881 100644 --- a/system/database/DB_utility.php +++ b/system/database/DB_utility.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -42,7 +42,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ abstract class CI_DB_utility { @@ -235,13 +235,8 @@ abstract class CI_DB_utility { * @param string $enclosure Enclosure (default: ") * @return string */ - public function csv_from_result($query, $delim = ',', $newline = "\n", $enclosure = '"') + public function csv_from_result(CI_DB_result $query, $delim = ',', $newline = "\n", $enclosure = '"') { - if ( ! is_object($query) OR ! method_exists($query, 'list_fields')) - { - show_error('You must submit a valid result object'); - } - $out = ''; // First generate the headings from the table column names foreach ($query->list_fields() as $name) @@ -254,11 +249,12 @@ abstract class CI_DB_utility { // Next blast through the result array and build out the rows while ($row = $query->unbuffered_row('array')) { + $line = array(); foreach ($row as $item) { - $out .= $enclosure.str_replace($enclosure, $enclosure.$enclosure, $item).$enclosure.$delim; + $line[] = $enclosure.str_replace($enclosure, $enclosure.$enclosure, $item).$enclosure; } - $out = substr($out, 0, -strlen($delim)).$newline; + $out .= implode($delim, $line).$newline; } return $out; @@ -273,13 +269,8 @@ abstract class CI_DB_utility { * @param array $params Any preferences * @return string */ - public function xml_from_result($query, $params = array()) + public function xml_from_result(CI_DB_result $query, $params = array()) { - if ( ! is_object($query) OR ! method_exists($query, 'list_fields')) - { - show_error('You must submit a valid result object'); - } - // Set our default values foreach (array('root' => 'root', 'element' => 'element', 'newline' => "\n", 'tab' => "\t") as $key => $val) { diff --git a/system/database/drivers/cubrid/cubrid_driver.php b/system/database/drivers/cubrid/cubrid_driver.php index f80b4db54..6e8aff7c6 100644 --- a/system/database/drivers/cubrid/cubrid_driver.php +++ b/system/database/drivers/cubrid/cubrid_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 2.1.0 * @filesource */ @@ -48,7 +48,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author Esen Sagynov - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_cubrid_driver extends CI_DB { @@ -187,25 +187,17 @@ class CI_DB_cubrid_driver extends CI_DB { /** * Begin Transaction * - * @param bool $test_mode * @return bool */ - public function trans_begin($test_mode = FALSE) + protected function _trans_begin() { - // When transactions are nested we only begin/commit/rollback the outermost ones - if ( ! $this->trans_enabled OR $this->_trans_depth > 0) + if (($autocommit = cubrid_get_autocommit($this->conn_id)) === NULL) { - return TRUE; + return FALSE; } - - // Reset the transaction failure flag. - // If the $test_mode flag is set to TRUE transactions will be rolled back - // even if the queries produce a successful result. - $this->_trans_failure = ($test_mode === TRUE); - - if (cubrid_get_autocommit($this->conn_id)) + elseif ($autocommit === TRUE) { - cubrid_set_autocommit($this->conn_id, CUBRID_AUTOCOMMIT_FALSE); + return cubrid_set_autocommit($this->conn_id, CUBRID_AUTOCOMMIT_FALSE); } return TRUE; @@ -218,19 +210,16 @@ class CI_DB_cubrid_driver extends CI_DB { * * @return bool */ - public function trans_commit() + protected function _trans_commit() { - // When transactions are nested we only begin/commit/rollback the outermost ones - if ( ! $this->trans_enabled OR $this->_trans_depth > 0) + if ( ! cubrid_commit($this->conn_id)) { - return TRUE; + return FALSE; } - cubrid_commit($this->conn_id); - if ($this->auto_commit && ! cubrid_get_autocommit($this->conn_id)) { - cubrid_set_autocommit($this->conn_id, CUBRID_AUTOCOMMIT_TRUE); + return cubrid_set_autocommit($this->conn_id, CUBRID_AUTOCOMMIT_TRUE); } return TRUE; @@ -243,16 +232,13 @@ class CI_DB_cubrid_driver extends CI_DB { * * @return bool */ - public function trans_rollback() + protected function _trans_rollback() { - // When transactions are nested we only begin/commit/rollback the outermost ones - if ( ! $this->trans_enabled OR $this->_trans_depth > 0) + if ( ! cubrid_rollback($this->conn_id)) { - return TRUE; + return FALSE; } - cubrid_rollback($this->conn_id); - if ($this->auto_commit && ! cubrid_get_autocommit($this->conn_id)) { cubrid_set_autocommit($this->conn_id, CUBRID_AUTOCOMMIT_TRUE); @@ -264,7 +250,7 @@ class CI_DB_cubrid_driver extends CI_DB { // -------------------------------------------------------------------- /** - * Platform-dependant string escape + * Platform-dependent string escape * * @param string * @return string @@ -375,7 +361,7 @@ class CI_DB_cubrid_driver extends CI_DB { * Error * * Returns an array containing code and message of the last - * database error that has occured. + * database error that has occurred. * * @return array */ diff --git a/system/database/drivers/cubrid/cubrid_forge.php b/system/database/drivers/cubrid/cubrid_forge.php index 9484e94e1..27bfc1466 100644 --- a/system/database/drivers/cubrid/cubrid_forge.php +++ b/system/database/drivers/cubrid/cubrid_forge.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 2.1.0 * @filesource */ @@ -42,7 +42,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * * @category Database * @author Esen Sagynov - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_cubrid_forge extends CI_DB_forge { @@ -178,6 +178,9 @@ class CI_DB_cubrid_forge extends CI_DB_forge { $attributes['TYPE'] = 'INTEGER'; $attributes['UNSIGNED'] = FALSE; return; + case 'LONGTEXT': + $attributes['TYPE'] = 'STRING'; + return; default: return; } } diff --git a/system/database/drivers/cubrid/cubrid_result.php b/system/database/drivers/cubrid/cubrid_result.php index e666bab56..251b70a63 100644 --- a/system/database/drivers/cubrid/cubrid_result.php +++ b/system/database/drivers/cubrid/cubrid_result.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 2.1.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * * @category Database * @author Esen Sagynov - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_cubrid_result extends CI_DB_result { diff --git a/system/database/drivers/cubrid/cubrid_utility.php b/system/database/drivers/cubrid/cubrid_utility.php index de7d71568..555ae7a91 100644 --- a/system/database/drivers/cubrid/cubrid_utility.php +++ b/system/database/drivers/cubrid/cubrid_utility.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 2.1.0 * @filesource */ @@ -42,7 +42,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * * @category Database * @author Esen Sagynov - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_cubrid_utility extends CI_DB_utility { diff --git a/system/database/drivers/ibase/ibase_driver.php b/system/database/drivers/ibase/ibase_driver.php index 529c320cd..fea3bfe52 100644 --- a/system/database/drivers/ibase/ibase_driver.php +++ b/system/database/drivers/ibase/ibase_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -48,7 +48,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_ibase_driver extends CI_DB { @@ -126,7 +126,7 @@ class CI_DB_ibase_driver extends CI_DB { */ protected function _execute($sql) { - return ibase_query($this->conn_id, $sql); + return ibase_query(isset($this->_ibase_trans) ? $this->_ibase_trans : $this->conn_id, $sql); } // -------------------------------------------------------------------- @@ -134,24 +134,16 @@ class CI_DB_ibase_driver extends CI_DB { /** * Begin Transaction * - * @param bool $test_mode * @return bool */ - public function trans_begin($test_mode = FALSE) + protected function _trans_begin() { - // When transactions are nested we only begin/commit/rollback the outermost ones - if ( ! $this->trans_enabled OR $this->_trans_depth > 0) + if (($trans_handle = ibase_trans($this->conn_id)) === FALSE) { - return TRUE; + return FALSE; } - // Reset the transaction failure flag. - // If the $test_mode flag is set to TRUE transactions will be rolled back - // even if the queries produce a successful result. - $this->_trans_failure = ($test_mode === TRUE); - - $this->_ibase_trans = ibase_trans($this->conn_id); - + $this->_ibase_trans = $trans_handle; return TRUE; } @@ -162,15 +154,15 @@ class CI_DB_ibase_driver extends CI_DB { * * @return bool */ - public function trans_commit() + protected function _trans_commit() { - // When transactions are nested we only begin/commit/rollback the outermost ones - if ( ! $this->trans_enabled OR $this->_trans->depth > 0) + if (ibase_commit($this->_ibase_trans)) { + $this->_ibase_trans = NULL; return TRUE; } - return ibase_commit($this->_ibase_trans); + return FALSE; } // -------------------------------------------------------------------- @@ -180,15 +172,15 @@ class CI_DB_ibase_driver extends CI_DB { * * @return bool */ - public function trans_rollback() + protected function _trans_rollback() { - // When transactions are nested we only begin/commit/rollback the outermost ones - if ( ! $this->trans_enabled OR $this->_trans_depth > 0) + if (ibase_rollback($this->_ibase_trans)) { + $this->_ibase_trans = NULL; return TRUE; } - return ibase_rollback($this->_ibase_trans); + return FALSE; } // -------------------------------------------------------------------- @@ -302,7 +294,7 @@ class CI_DB_ibase_driver extends CI_DB { * Error * * Returns an array containing code and message of the last - * database error that has occured. + * database error that has occurred. * * @return array */ @@ -392,6 +384,23 @@ class CI_DB_ibase_driver extends CI_DB { // -------------------------------------------------------------------- /** + * Insert batch statement + * + * Generates a platform-specific insert string from the supplied data. + * + * @param string $table Table name + * @param array $keys INSERT keys + * @param array $values INSERT values + * @return string|bool + */ + protected function _insert_batch($table, $keys, $values) + { + return ($this->db->db_debug) ? $this->db->display_error('db_unsupported_feature') : FALSE; + } + + // -------------------------------------------------------------------- + + /** * Close DB Connection * * @return void diff --git a/system/database/drivers/ibase/ibase_forge.php b/system/database/drivers/ibase/ibase_forge.php index 0e748c710..44bb24e68 100644 --- a/system/database/drivers/ibase/ibase_forge.php +++ b/system/database/drivers/ibase/ibase_forge.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -42,7 +42,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_ibase_forge extends CI_DB_forge { @@ -111,7 +111,7 @@ class CI_DB_ibase_forge extends CI_DB_forge { * @param string $db_name (ignored) * @return bool */ - public function drop_database($db_name = '') + public function drop_database($db_name) { if ( ! ibase_drop_db($this->conn_id)) { diff --git a/system/database/drivers/ibase/ibase_result.php b/system/database/drivers/ibase/ibase_result.php index 991146f45..7d7dd79ac 100644 --- a/system/database/drivers/ibase/ibase_result.php +++ b/system/database/drivers/ibase/ibase_result.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_ibase_result extends CI_DB_result { diff --git a/system/database/drivers/ibase/ibase_utility.php b/system/database/drivers/ibase/ibase_utility.php index 79d2788e5..3c152101a 100644 --- a/system/database/drivers/ibase/ibase_utility.php +++ b/system/database/drivers/ibase/ibase_utility.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -42,7 +42,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_ibase_utility extends CI_DB_utility { diff --git a/system/database/drivers/mssql/mssql_driver.php b/system/database/drivers/mssql/mssql_driver.php index 8f15d8d69..a490d206c 100644 --- a/system/database/drivers/mssql/mssql_driver.php +++ b/system/database/drivers/mssql/mssql_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.3.0 * @filesource */ @@ -48,7 +48,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_mssql_driver extends CI_DB { @@ -108,6 +108,7 @@ class CI_DB_mssql_driver extends CI_DB { */ public function db_connect($persistent = FALSE) { + ini_set('mssql.charset', $this->char_set); $this->conn_id = ($persistent) ? mssql_pconnect($this->hostname, $this->username, $this->password) : mssql_connect($this->hostname, $this->username, $this->password); @@ -158,6 +159,7 @@ class CI_DB_mssql_driver extends CI_DB { if (mssql_select_db('['.$database.']', $this->conn_id)) { $this->database = $database; + $this->data_cache = array(); return TRUE; } @@ -182,22 +184,10 @@ class CI_DB_mssql_driver extends CI_DB { /** * Begin Transaction * - * @param bool $test_mode * @return bool */ - public function trans_begin($test_mode = FALSE) + protected function _trans_begin() { - // When transactions are nested we only begin/commit/rollback the outermost ones - if ( ! $this->trans_enabled OR $this->_trans_depth > 0) - { - return TRUE; - } - - // Reset the transaction failure flag. - // If the $test_mode flag is set to TRUE transactions will be rolled back - // even if the queries produce a successful result. - $this->_trans_failure = ($test_mode === TRUE); - return $this->simple_query('BEGIN TRAN'); } @@ -208,14 +198,8 @@ class CI_DB_mssql_driver extends CI_DB { * * @return bool */ - public function trans_commit() + protected function _trans_commit() { - // When transactions are nested we only begin/commit/rollback the outermost ones - if ( ! $this->trans_enabled OR $this->_trans_depth > 0) - { - return TRUE; - } - return $this->simple_query('COMMIT TRAN'); } @@ -226,14 +210,8 @@ class CI_DB_mssql_driver extends CI_DB { * * @return bool */ - public function trans_rollback() + protected function _trans_rollback() { - // When transactions are nested we only begin/commit/rollback the outermost ones - if ( ! $this->trans_enabled OR $this->_trans_depth > 0) - { - return TRUE; - } - return $this->simple_query('ROLLBACK TRAN'); } @@ -272,26 +250,13 @@ class CI_DB_mssql_driver extends CI_DB { // -------------------------------------------------------------------- /** - * Set client character set - * - * @param string $charset - * @return bool - */ - protected function _db_set_charset($charset) - { - return (ini_set('mssql.charset', $charset) !== FALSE); - } - - // -------------------------------------------------------------------- - - /** * Version number query string * * @return string */ protected function _version() { - return 'SELECT @@VERSION AS ver'; + return "SELECT SERVERPROPERTY('ProductVersion') AS ver"; } // -------------------------------------------------------------------- @@ -375,15 +340,25 @@ class CI_DB_mssql_driver extends CI_DB { * Error * * Returns an array containing code and message of the last - * database error that has occured. + * database error that has occurred. * * @return array */ public function error() { - $query = $this->query('SELECT @@ERROR AS code'); - $query = $query->row(); - return array('code' => $query->code, 'message' => mssql_get_last_message()); + // We need this because the error info is discarded by the + // server the first time you request it, and query() already + // calls error() once for logging purposes when a query fails. + static $error = array('code' => 0, 'message' => NULL); + + $message = mssql_get_last_message(); + if ( ! empty($message)) + { + $error['code'] = $this->query('SELECT @@ERROR AS code')->row()->code; + $error['message'] = $message; + } + + return $error; } // -------------------------------------------------------------------- diff --git a/system/database/drivers/mssql/mssql_forge.php b/system/database/drivers/mssql/mssql_forge.php index 84406a016..6b6109868 100644 --- a/system/database/drivers/mssql/mssql_forge.php +++ b/system/database/drivers/mssql/mssql_forge.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.3.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_mssql_forge extends CI_DB_forge { @@ -113,6 +113,11 @@ class CI_DB_mssql_forge extends CI_DB_forge { */ protected function _attr_type(&$attributes) { + if (isset($attributes['CONSTRAINT']) && strpos($attributes['TYPE'], 'INT') !== FALSE) + { + unset($attributes['CONSTRAINT']); + } + switch (strtoupper($attributes['TYPE'])) { case 'MEDIUMINT': diff --git a/system/database/drivers/mssql/mssql_result.php b/system/database/drivers/mssql/mssql_result.php index c1c42a486..38a0a0574 100644 --- a/system/database/drivers/mssql/mssql_result.php +++ b/system/database/drivers/mssql/mssql_result.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.3.0 * @filesource */ @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_mssql_result extends CI_DB_result { diff --git a/system/database/drivers/mssql/mssql_utility.php b/system/database/drivers/mssql/mssql_utility.php index 1040b5e41..95ce88f13 100644 --- a/system/database/drivers/mssql/mssql_utility.php +++ b/system/database/drivers/mssql/mssql_utility.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.3.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_mssql_utility extends CI_DB_utility { diff --git a/system/database/drivers/mysql/mysql_driver.php b/system/database/drivers/mysql/mysql_driver.php index df0f24920..3a7fc9812 100644 --- a/system/database/drivers/mysql/mysql_driver.php +++ b/system/database/drivers/mysql/mysql_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -48,7 +48,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_mysql_driver extends CI_DB { @@ -84,7 +84,7 @@ class CI_DB_mysql_driver extends CI_DB { * * @var bool */ - public $stricton = FALSE; + public $stricton; // -------------------------------------------------------------------- @@ -147,12 +147,41 @@ class CI_DB_mysql_driver extends CI_DB { : FALSE; } - if ($this->stricton && is_resource($this->conn_id)) + if (is_resource($this->conn_id)) { - $this->simple_query('SET SESSION sql_mode="STRICT_ALL_TABLES"'); + if ( ! mysql_set_charset($this->char_set, $this->conn_id)) + { + log_message('error', "Database: Unable to set the configured connection charset ('{$this->char_set}')."); + $this->close(); + return ($this->db->debug) ? $this->display_error('db_unable_to_set_charset', $this->char_set) : FALSE; + } + + if (isset($this->stricton)) + { + if ($this->stricton) + { + $this->simple_query('SET SESSION sql_mode = CONCAT(@@sql_mode, ",", "STRICT_ALL_TABLES")'); + } + else + { + $this->simple_query( + 'SET SESSION sql_mode = + REPLACE(REPLACE(REPLACE(REPLACE(REPLACE(REPLACE( + @@sql_mode, + "STRICT_ALL_TABLES,", ""), + ",STRICT_ALL_TABLES", ""), + "STRICT_ALL_TABLES", ""), + "STRICT_TRANS_TABLES,", ""), + ",STRICT_TRANS_TABLES", ""), + "STRICT_TRANS_TABLES", "")' + ); + } + } + + return $this->conn_id; } - return $this->conn_id; + return FALSE; } // -------------------------------------------------------------------- @@ -191,6 +220,7 @@ class CI_DB_mysql_driver extends CI_DB { if (mysql_select_db($database, $this->conn_id)) { $this->database = $database; + $this->data_cache = array(); return TRUE; } @@ -200,19 +230,6 @@ class CI_DB_mysql_driver extends CI_DB { // -------------------------------------------------------------------- /** - * Set client character set - * - * @param string $charset - * @return bool - */ - protected function _db_set_charset($charset) - { - return mysql_set_charset($charset, $this->conn_id); - } - - // -------------------------------------------------------------------- - - /** * Database version number * * @return string @@ -272,25 +289,12 @@ class CI_DB_mysql_driver extends CI_DB { /** * Begin Transaction * - * @param bool $test_mode * @return bool */ - public function trans_begin($test_mode = FALSE) + protected function _trans_begin() { - // When transactions are nested we only begin/commit/rollback the outermost ones - if ( ! $this->trans_enabled OR $this->_trans_depth > 0) - { - return TRUE; - } - - // Reset the transaction failure flag. - // If the $test_mode flag is set to TRUE transactions will be rolled back - // even if the queries produce a successful result. - $this->_trans_failure = ($test_mode === TRUE); - $this->simple_query('SET AUTOCOMMIT=0'); - $this->simple_query('START TRANSACTION'); // can also be BEGIN or BEGIN WORK - return TRUE; + return $this->simple_query('START TRANSACTION'); // can also be BEGIN or BEGIN WORK } // -------------------------------------------------------------------- @@ -300,17 +304,15 @@ class CI_DB_mysql_driver extends CI_DB { * * @return bool */ - public function trans_commit() + protected function _trans_commit() { - // When transactions are nested we only begin/commit/rollback the outermost ones - if ( ! $this->trans_enabled OR $this->_trans_depth > 0) + if ($this->simple_query('COMMIT')) { + $this->simple_query('SET AUTOCOMMIT=1'); return TRUE; } - $this->simple_query('COMMIT'); - $this->simple_query('SET AUTOCOMMIT=1'); - return TRUE; + return FALSE; } // -------------------------------------------------------------------- @@ -320,23 +322,21 @@ class CI_DB_mysql_driver extends CI_DB { * * @return bool */ - public function trans_rollback() + protected function _trans_rollback() { - // When transactions are nested we only begin/commit/rollback the outermost ones - if ( ! $this->trans_enabled OR $this->_trans_depth > 0) + if ($this->simple_query('ROLLBACK')) { + $this->simple_query('SET AUTOCOMMIT=1'); return TRUE; } - $this->simple_query('ROLLBACK'); - $this->simple_query('SET AUTOCOMMIT=1'); - return TRUE; + return FALSE; } // -------------------------------------------------------------------- /** - * Platform-dependant string escape + * Platform-dependent string escape * * @param string * @return string @@ -447,7 +447,7 @@ class CI_DB_mysql_driver extends CI_DB { * Error * * Returns an array containing code and message of the last - * database error that has occured. + * database error that has occurred. * * @return array */ diff --git a/system/database/drivers/mysql/mysql_forge.php b/system/database/drivers/mysql/mysql_forge.php index cb90065f2..7ed8f8d38 100644 --- a/system/database/drivers/mysql/mysql_forge.php +++ b/system/database/drivers/mysql/mysql_forge.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -42,7 +42,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_mysql_forge extends CI_DB_forge { diff --git a/system/database/drivers/mysql/mysql_result.php b/system/database/drivers/mysql/mysql_result.php index 26aaddd32..7aa265ebb 100644 --- a/system/database/drivers/mysql/mysql_result.php +++ b/system/database/drivers/mysql/mysql_result.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_mysql_result extends CI_DB_result { diff --git a/system/database/drivers/mysql/mysql_utility.php b/system/database/drivers/mysql/mysql_utility.php index 55857ab08..bc01fc58d 100644 --- a/system/database/drivers/mysql/mysql_utility.php +++ b/system/database/drivers/mysql/mysql_utility.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -42,7 +42,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_mysql_utility extends CI_DB_utility { diff --git a/system/database/drivers/mysqli/mysqli_driver.php b/system/database/drivers/mysqli/mysqli_driver.php index dd3cc77c6..290101153 100644 --- a/system/database/drivers/mysqli/mysqli_driver.php +++ b/system/database/drivers/mysqli/mysqli_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.3.0 * @filesource */ @@ -48,7 +48,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_mysqli_driver extends CI_DB { @@ -84,7 +84,7 @@ class CI_DB_mysqli_driver extends CI_DB { * * @var bool */ - public $stricton = FALSE; + public $stricton; // -------------------------------------------------------------------- @@ -98,6 +98,17 @@ class CI_DB_mysqli_driver extends CI_DB { // -------------------------------------------------------------------- /** + * MySQLi object + * + * Has to be preserved without being assigned to $conn_id. + * + * @var MySQLi + */ + protected $_mysqli; + + // -------------------------------------------------------------------- + + /** * Database connection * * @param bool $persistent @@ -114,21 +125,37 @@ class CI_DB_mysqli_driver extends CI_DB { } else { - // Persistent connection support was added in PHP 5.3.0 - $hostname = ($persistent === TRUE && is_php('5.3')) + $hostname = ($persistent === TRUE) ? 'p:'.$this->hostname : $this->hostname; $port = empty($this->port) ? NULL : $this->port; $socket = NULL; } $client_flags = ($this->compress === TRUE) ? MYSQLI_CLIENT_COMPRESS : 0; - $mysqli = mysqli_init(); + $this->_mysqli = mysqli_init(); - $mysqli->options(MYSQLI_OPT_CONNECT_TIMEOUT, 10); + $this->_mysqli->options(MYSQLI_OPT_CONNECT_TIMEOUT, 10); - if ($this->stricton) + if (isset($this->stricton)) { - $mysqli->options(MYSQLI_INIT_COMMAND, 'SET SESSION sql_mode="STRICT_ALL_TABLES"'); + if ($this->stricton) + { + $this->_mysqli->options(MYSQLI_INIT_COMMAND, 'SET SESSION sql_mode = CONCAT(@@sql_mode, ",", "STRICT_ALL_TABLES")'); + } + else + { + $this->_mysqli->options(MYSQLI_INIT_COMMAND, + 'SET SESSION sql_mode = + REPLACE(REPLACE(REPLACE(REPLACE(REPLACE(REPLACE( + @@sql_mode, + "STRICT_ALL_TABLES,", ""), + ",STRICT_ALL_TABLES", ""), + "STRICT_ALL_TABLES", ""), + "STRICT_TRANS_TABLES,", ""), + ",STRICT_TRANS_TABLES", ""), + "STRICT_TRANS_TABLES", "")' + ); + } } if (is_array($this->encrypt)) @@ -142,13 +169,26 @@ class CI_DB_mysqli_driver extends CI_DB { if ( ! empty($ssl)) { - if ( ! empty($this->encrypt['ssl_verify']) && defined('MYSQLI_OPT_SSL_VERIFY_SERVER_CERT')) + if (isset($this->encrypt['ssl_verify'])) { - $mysqli->options(MYSQLI_OPT_SSL_VERIFY_SERVER_CERT, TRUE); + if ($this->encrypt['ssl_verify']) + { + defined('MYSQLI_OPT_SSL_VERIFY_SERVER_CERT') && $this->_mysqli->options(MYSQLI_OPT_SSL_VERIFY_SERVER_CERT, TRUE); + } + // Apparently (when it exists), setting MYSQLI_OPT_SSL_VERIFY_SERVER_CERT + // to FALSE didn't do anything, so PHP 5.6.16 introduced yet another + // constant ... + // + // https://secure.php.net/ChangeLog-5.php#5.6.16 + // https://bugs.php.net/bug.php?id=68344 + elseif (defined('MYSQLI_CLIENT_SSL_DONT_VERIFY_SERVER_CERT')) + { + $client_flags |= MYSQLI_CLIENT_SSL_DONT_VERIFY_SERVER_CERT; + } } $client_flags |= MYSQLI_CLIENT_SSL; - $mysqli->ssl_set( + $this->_mysqli->ssl_set( isset($ssl['key']) ? $ssl['key'] : NULL, isset($ssl['cert']) ? $ssl['cert'] : NULL, isset($ssl['ca']) ? $ssl['ca'] : NULL, @@ -158,22 +198,29 @@ class CI_DB_mysqli_driver extends CI_DB { } } - if ($mysqli->real_connect($hostname, $this->username, $this->password, $this->database, $port, $socket, $client_flags)) + if ($this->_mysqli->real_connect($hostname, $this->username, $this->password, $this->database, $port, $socket, $client_flags)) { // Prior to version 5.7.3, MySQL silently downgrades to an unencrypted connection if SSL setup fails if ( ($client_flags & MYSQLI_CLIENT_SSL) - && version_compare($mysqli->client_info, '5.7.3', '<=') - && empty($mysqli->query("SHOW STATUS LIKE 'ssl_cipher'")->fetch_object()->Value) + && version_compare($this->_mysqli->client_info, '5.7.3', '<=') + && empty($this->_mysqli->query("SHOW STATUS LIKE 'ssl_cipher'")->fetch_object()->Value) ) { - $mysqli->close(); + $this->_mysqli->close(); $message = 'MySQLi was configured for an SSL connection, but got an unencrypted connection instead!'; log_message('error', $message); return ($this->db->db_debug) ? $this->db->display_error($message, '', TRUE) : FALSE; } - return $mysqli; + if ( ! $this->_mysqli->set_charset($this->char_set)) + { + log_message('error', "Database: Unable to set the configured connection charset ('{$this->char_set}')."); + $this->_mysqli->close(); + return ($this->db->db_debug) ? $this->display_error('db_unable_to_set_charset', $this->char_set) : FALSE; + } + + return $this->_mysqli; } return FALSE; @@ -215,6 +262,7 @@ class CI_DB_mysqli_driver extends CI_DB { if ($this->conn_id->select_db($database)) { $this->database = $database; + $this->data_cache = array(); return TRUE; } @@ -224,19 +272,6 @@ class CI_DB_mysqli_driver extends CI_DB { // -------------------------------------------------------------------- /** - * Set client character set - * - * @param string $charset - * @return bool - */ - protected function _db_set_charset($charset) - { - return $this->conn_id->set_charset($charset); - } - - // -------------------------------------------------------------------- - - /** * Database version number * * @return string @@ -291,22 +326,10 @@ class CI_DB_mysqli_driver extends CI_DB { /** * Begin Transaction * - * @param bool $test_mode * @return bool */ - public function trans_begin($test_mode = FALSE) + protected function _trans_begin() { - // When transactions are nested we only begin/commit/rollback the outermost ones - if ( ! $this->trans_enabled OR $this->_trans_depth > 0) - { - return TRUE; - } - - // Reset the transaction failure flag. - // If the $test_mode flag is set to TRUE transactions will be rolled back - // even if the queries produce a successful result. - $this->_trans_failure = ($test_mode === TRUE); - $this->conn_id->autocommit(FALSE); return is_php('5.5') ? $this->conn_id->begin_transaction() @@ -320,14 +343,8 @@ class CI_DB_mysqli_driver extends CI_DB { * * @return bool */ - public function trans_commit() + protected function _trans_commit() { - // When transactions are nested we only begin/commit/rollback the outermost ones - if ( ! $this->trans_enabled OR $this->_trans_depth > 0) - { - return TRUE; - } - if ($this->conn_id->commit()) { $this->conn_id->autocommit(TRUE); @@ -344,14 +361,8 @@ class CI_DB_mysqli_driver extends CI_DB { * * @return bool */ - public function trans_rollback() + protected function _trans_rollback() { - // When transactions are nested we only begin/commit/rollback the outermost ones - if ( ! $this->trans_enabled OR $this->_trans_depth > 0) - { - return TRUE; - } - if ($this->conn_id->rollback()) { $this->conn_id->autocommit(TRUE); @@ -364,7 +375,7 @@ class CI_DB_mysqli_driver extends CI_DB { // -------------------------------------------------------------------- /** - * Platform-dependant string escape + * Platform-dependent string escape * * @param string * @return string @@ -481,11 +492,11 @@ class CI_DB_mysqli_driver extends CI_DB { */ public function error() { - if ( ! empty($this->conn_id->connect_errno)) + if ( ! empty($this->_mysqli->connect_errno)) { return array( - 'code' => $this->conn_id->connect_errno, - 'message' => is_php('5.2.9') ? $this->conn_id->connect_error : mysqli_connect_error() + 'code' => $this->_mysqli->connect_errno, + 'message' => $this->_mysqli->connect_error ); } diff --git a/system/database/drivers/mysqli/mysqli_forge.php b/system/database/drivers/mysqli/mysqli_forge.php index 196afa845..c5b23b6ca 100644 --- a/system/database/drivers/mysqli/mysqli_forge.php +++ b/system/database/drivers/mysqli/mysqli_forge.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.3.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_mysqli_forge extends CI_DB_forge { diff --git a/system/database/drivers/mysqli/mysqli_result.php b/system/database/drivers/mysqli/mysqli_result.php index d648828bd..929c2b455 100644 --- a/system/database/drivers/mysqli/mysqli_result.php +++ b/system/database/drivers/mysqli/mysqli_result.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.3.0 * @filesource */ @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_mysqli_result extends CI_DB_result { diff --git a/system/database/drivers/mysqli/mysqli_utility.php b/system/database/drivers/mysqli/mysqli_utility.php index 04fcd1ded..4a3dad4d1 100644 --- a/system/database/drivers/mysqli/mysqli_utility.php +++ b/system/database/drivers/mysqli/mysqli_utility.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.3.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_mysqli_utility extends CI_DB_utility { diff --git a/system/database/drivers/oci8/oci8_driver.php b/system/database/drivers/oci8/oci8_driver.php index f2e40da9b..fb2f6b31b 100644 --- a/system/database/drivers/oci8/oci8_driver.php +++ b/system/database/drivers/oci8/oci8_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.4.1 * @filesource */ @@ -48,7 +48,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ /** @@ -252,12 +252,16 @@ class CI_DB_oci8_driver extends CI_DB { return $this->data_cache['version']; } - if ( ! $this->conn_id OR ($version = oci_server_version($this->conn_id)) === FALSE) + if ( ! $this->conn_id OR ($version_string = oci_server_version($this->conn_id)) === FALSE) { return FALSE; } + elseif (preg_match('#Release\s(\d+(?:\.\d+)+)#', $version_string, $match)) + { + return $this->data_cache['version'] = $match[1]; + } - return $this->data_cache['version'] = $version; + return FALSE; } // -------------------------------------------------------------------- @@ -378,28 +382,11 @@ class CI_DB_oci8_driver extends CI_DB { /** * Begin Transaction * - * @param bool $test_mode * @return bool */ - public function trans_begin($test_mode = FALSE) + protected function _trans_begin() { - if ( ! $this->trans_enabled) - { - return TRUE; - } - - // When transactions are nested we only begin/commit/rollback the outermost ones - if ($this->_trans_depth > 0) - { - return TRUE; - } - - // Reset the transaction failure flag. - // If the $test_mode flag is set to TRUE transactions will be rolled back - // even if the queries produce a successful result. - $this->_trans_failure = ($test_mode === TRUE); - - $this->commit_mode = is_php('5.3.2') ? OCI_NO_AUTO_COMMIT : OCI_DEFAULT; + $this->commit_mode = OCI_NO_AUTO_COMMIT; return TRUE; } @@ -410,20 +397,10 @@ class CI_DB_oci8_driver extends CI_DB { * * @return bool */ - public function trans_commit() + protected function _trans_commit() { - if ( ! $this->trans_enabled) - { - return TRUE; - } - - // When transactions are nested we only begin/commit/rollback the outermost ones - if ($this->_trans_depth > 0) - { - return TRUE; - } - $this->commit_mode = OCI_COMMIT_ON_SUCCESS; + return oci_commit($this->conn_id); } @@ -434,14 +411,8 @@ class CI_DB_oci8_driver extends CI_DB { * * @return bool */ - public function trans_rollback() + protected function _trans_rollback() { - // When transactions are nested we only begin/commit/rollback the outermost ones - if ( ! $this->trans_enabled OR $this->_trans_depth > 0) - { - return TRUE; - } - $this->commit_mode = OCI_COMMIT_ON_SUCCESS; return oci_rollback($this->conn_id); } @@ -582,29 +553,35 @@ class CI_DB_oci8_driver extends CI_DB { * Error * * Returns an array containing code and message of the last - * database error that has occured. + * database error that has occurred. * * @return array */ public function error() { - /* oci_error() returns an array that already contains the - * 'code' and 'message' keys, so we can just return it. - */ + // oci_error() returns an array that already contains + // 'code' and 'message' keys, but it can return false + // if there was no error .... if (is_resource($this->curs_id)) { - return oci_error($this->curs_id); + $error = oci_error($this->curs_id); } elseif (is_resource($this->stmt_id)) { - return oci_error($this->stmt_id); + $error = oci_error($this->stmt_id); } elseif (is_resource($this->conn_id)) { - return oci_error($this->conn_id); + $error = oci_error($this->conn_id); + } + else + { + $error = oci_error(); } - return oci_error(); + return is_array($error) + ? $error + : array('code' => '', 'message' => ''); } // -------------------------------------------------------------------- @@ -683,6 +660,14 @@ class CI_DB_oci8_driver extends CI_DB { */ protected function _limit($sql) { + if (version_compare($this->version(), '12.1', '>=')) + { + // OFFSET-FETCH can be used only with the ORDER BY clause + empty($this->qb_orderby) && $sql .= ' ORDER BY 1'; + + return $sql.' OFFSET '.(int) $this->qb_offset.' ROWS FETCH NEXT '.$this->qb_limit.' ROWS ONLY'; + } + $this->limit_used = TRUE; return 'SELECT * FROM (SELECT inner_query.*, rownum rnum FROM ('.$sql.') inner_query WHERE rownum < '.($this->qb_offset + $this->qb_limit + 1).')' .($this->qb_offset ? ' WHERE rnum >= '.($this->qb_offset + 1) : ''); diff --git a/system/database/drivers/oci8/oci8_forge.php b/system/database/drivers/oci8/oci8_forge.php index 80100977a..867a94341 100644 --- a/system/database/drivers/oci8/oci8_forge.php +++ b/system/database/drivers/oci8/oci8_forge.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.4.1 * @filesource */ @@ -42,7 +42,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_oci8_forge extends CI_DB_forge { @@ -54,6 +54,13 @@ class CI_DB_oci8_forge extends CI_DB_forge { protected $_create_database = FALSE; /** + * CREATE TABLE IF statement + * + * @var string + */ + protected $_create_table_if = FALSE; + + /** * DROP DATABASE statement * * @var string @@ -119,6 +126,8 @@ class CI_DB_oci8_forge extends CI_DB_forge { $sqls[] = $sql.' RENAME COLUMN '.$this->db->escape_identifiers($field[$i]['name']) .' '.$this->db->escape_identifiers($field[$i]['new_name']); } + + $field[$i] = "\n\t".$field[$i]['_literal']; } } @@ -129,7 +138,7 @@ class CI_DB_oci8_forge extends CI_DB_forge { // RENAME COLUMN must be executed after MODIFY array_unshift($sqls, $sql); - return $sql; + return $sqls; } // -------------------------------------------------------------------- @@ -146,4 +155,33 @@ class CI_DB_oci8_forge extends CI_DB_forge { // Not supported - sequences and triggers must be used instead } + // -------------------------------------------------------------------- + + /** + * Field attribute TYPE + * + * Performs a data type mapping between different databases. + * + * @param array &$attributes + * @return void + */ + protected function _attr_type(&$attributes) + { + switch (strtoupper($attributes['TYPE'])) + { + case 'TINYINT': + $attributes['TYPE'] = 'NUMBER'; + return; + case 'MEDIUMINT': + $attributes['TYPE'] = 'NUMBER'; + return; + case 'INT': + $attributes['TYPE'] = 'NUMBER'; + return; + case 'BIGINT': + $attributes['TYPE'] = 'NUMBER'; + return; + default: return; + } + } } diff --git a/system/database/drivers/oci8/oci8_result.php b/system/database/drivers/oci8/oci8_result.php index 9ec54cc5c..0c3543333 100644 --- a/system/database/drivers/oci8/oci8_result.php +++ b/system/database/drivers/oci8/oci8_result.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.4.1 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_oci8_result extends CI_DB_result { diff --git a/system/database/drivers/oci8/oci8_utility.php b/system/database/drivers/oci8/oci8_utility.php index 90022a8c1..ce0dfc5f8 100644 --- a/system/database/drivers/oci8/oci8_utility.php +++ b/system/database/drivers/oci8/oci8_utility.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.4.1 * @filesource */ @@ -42,7 +42,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_oci8_utility extends CI_DB_utility { diff --git a/system/database/drivers/odbc/odbc_driver.php b/system/database/drivers/odbc/odbc_driver.php index f5d77a147..ed44412c1 100644 --- a/system/database/drivers/odbc/odbc_driver.php +++ b/system/database/drivers/odbc/odbc_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.3.0 * @filesource */ @@ -48,9 +48,9 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ -class CI_DB_odbc_driver extends CI_DB { +class CI_DB_odbc_driver extends CI_DB_driver { /** * Database driver @@ -94,6 +94,22 @@ class CI_DB_odbc_driver extends CI_DB { // -------------------------------------------------------------------- /** + * ODBC result ID resource returned from odbc_prepare() + * + * @var resource + */ + private $odbc_result; + + /** + * Values to use with odbc_execute() for prepared statements + * + * @var array + */ + private $binds = array(); + + // -------------------------------------------------------------------- + + /** * Class constructor * * @param array $params @@ -128,6 +144,74 @@ class CI_DB_odbc_driver extends CI_DB { // -------------------------------------------------------------------- /** + * Compile Bindings + * + * @param string $sql SQL statement + * @param array $binds An array of values to bind + * @return string + */ + public function compile_binds($sql, $binds) + { + if (empty($binds) OR empty($this->bind_marker) OR strpos($sql, $this->bind_marker) === FALSE) + { + return $sql; + } + elseif ( ! is_array($binds)) + { + $binds = array($binds); + $bind_count = 1; + } + else + { + // Make sure we're using numeric keys + $binds = array_values($binds); + $bind_count = count($binds); + } + + // We'll need the marker length later + $ml = strlen($this->bind_marker); + + // Make sure not to replace a chunk inside a string that happens to match the bind marker + if ($c = preg_match_all("/'[^']*'|\"[^\"]*\"/i", $sql, $matches)) + { + $c = preg_match_all('/'.preg_quote($this->bind_marker, '/').'/i', + str_replace($matches[0], + str_replace($this->bind_marker, str_repeat(' ', $ml), $matches[0]), + $sql, $c), + $matches, PREG_OFFSET_CAPTURE); + + // Bind values' count must match the count of markers in the query + if ($bind_count !== $c) + { + return $sql; + } + } + elseif (($c = preg_match_all('/'.preg_quote($this->bind_marker, '/').'/i', $sql, $matches, PREG_OFFSET_CAPTURE)) !== $bind_count) + { + return $sql; + } + + if ($this->bind_marker !== '?') + { + do + { + $c--; + $sql = substr_replace($sql, '?', $matches[0][$c][1], $ml); + } + while ($c !== 0); + } + + if (FALSE !== ($this->odbc_result = odbc_prepare($this->conn_id, $sql))) + { + $this->binds = array_values($binds); + } + + return $sql; + } + + // -------------------------------------------------------------------- + + /** * Execute the query * * @param string $sql an SQL query @@ -135,7 +219,25 @@ class CI_DB_odbc_driver extends CI_DB { */ protected function _execute($sql) { - return odbc_exec($this->conn_id, $sql); + if ( ! isset($this->odbc_result)) + { + return odbc_exec($this->conn_id, $sql); + } + elseif ($this->odbc_result === FALSE) + { + return FALSE; + } + + if (TRUE === ($success = odbc_execute($this->odbc_result, $this->binds))) + { + // For queries that return result sets, return the result_id resource on success + $this->is_write_type($sql) OR $success = $this->odbc_result; + } + + $this->odbc_result = NULL; + $this->binds = array(); + + return $success; } // -------------------------------------------------------------------- @@ -143,22 +245,10 @@ class CI_DB_odbc_driver extends CI_DB { /** * Begin Transaction * - * @param bool $test_mode * @return bool */ - public function trans_begin($test_mode = FALSE) + protected function _trans_begin() { - // When transactions are nested we only begin/commit/rollback the outermost ones - if ( ! $this->trans_enabled OR $this->_trans_depth > 0) - { - return TRUE; - } - - // Reset the transaction failure flag. - // If the $test_mode flag is set to TRUE transactions will be rolled back - // even if the queries produce a successful result. - $this->_trans_failure = ($test_mode === TRUE); - return odbc_autocommit($this->conn_id, FALSE); } @@ -169,17 +259,15 @@ class CI_DB_odbc_driver extends CI_DB { * * @return bool */ - public function trans_commit() + protected function _trans_commit() { - // When transactions are nested we only begin/commit/rollback the outermost ones - if ( ! $this->trans_enabled OR $this->_trans_depth > 0) + if (odbc_commit($this->conn_id)) { + odbc_autocommit($this->conn_id, TRUE); return TRUE; } - $ret = odbc_commit($this->conn_id); - odbc_autocommit($this->conn_id, TRUE); - return $ret; + return FALSE; } // -------------------------------------------------------------------- @@ -189,30 +277,46 @@ class CI_DB_odbc_driver extends CI_DB { * * @return bool */ - public function trans_rollback() + protected function _trans_rollback() { - // When transactions are nested we only begin/commit/rollback the outermost ones - if ( ! $this->trans_enabled OR $this->_trans_depth > 0) + if (odbc_rollback($this->conn_id)) { + odbc_autocommit($this->conn_id, TRUE); return TRUE; } - $ret = odbc_rollback($this->conn_id); - odbc_autocommit($this->conn_id, TRUE); - return $ret; + return FALSE; } // -------------------------------------------------------------------- /** - * Platform-dependant string escape + * Determines if a query is a "write" type. + * + * @param string An SQL query string + * @return bool + */ + public function is_write_type($sql) + { + if (preg_match('#^(INSERT|UPDATE).*RETURNING\s.+(\,\s?.+)*$#is', $sql)) + { + return FALSE; + } + + return parent::is_write_type($sql); + } + + // -------------------------------------------------------------------- + + /** + * Platform-dependent string escape * * @param string * @return string */ protected function _escape_str($str) { - return remove_invisible_characters($str); + $this->db->display_error('db_unsupported_feature'); } // -------------------------------------------------------------------- @@ -298,7 +402,7 @@ class CI_DB_odbc_driver extends CI_DB { * Error * * Returns an array containing code and message of the last - * database error that has occured. + * database error that has occurred. * * @return array */ @@ -310,58 +414,6 @@ class CI_DB_odbc_driver extends CI_DB { // -------------------------------------------------------------------- /** - * Update statement - * - * Generates a platform-specific update string from the supplied data - * - * @param string $table - * @param array $values - * @return string - */ - protected function _update($table, $values) - { - $this->qb_limit = FALSE; - $this->qb_orderby = array(); - return parent::_update($table, $values); - } - - // -------------------------------------------------------------------- - - /** - * Truncate statement - * - * Generates a platform-specific truncate string from the supplied data - * - * If the database does not support the TRUNCATE statement, - * then this method maps to 'DELETE FROM table' - * - * @param string $table - * @return string - */ - protected function _truncate($table) - { - return 'DELETE FROM '.$table; - } - - // -------------------------------------------------------------------- - - /** - * Delete statement - * - * Generates a platform-specific delete string from the supplied data - * - * @param string $table - * @return string - */ - protected function _delete($table) - { - $this->qb_limit = FALSE; - return parent::_delete($table); - } - - // -------------------------------------------------------------------- - - /** * Close DB Connection * * @return void @@ -370,5 +422,4 @@ class CI_DB_odbc_driver extends CI_DB { { odbc_close($this->conn_id); } - } diff --git a/system/database/drivers/odbc/odbc_forge.php b/system/database/drivers/odbc/odbc_forge.php index 45c5dc108..77b2fdf62 100644 --- a/system/database/drivers/odbc/odbc_forge.php +++ b/system/database/drivers/odbc/odbc_forge.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.3.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/database/ + * @link https://codeigniter.com/database/ */ class CI_DB_odbc_forge extends CI_DB_forge { diff --git a/system/database/drivers/odbc/odbc_result.php b/system/database/drivers/odbc/odbc_result.php index 10b93d4fc..845aa9c79 100644 --- a/system/database/drivers/odbc/odbc_result.php +++ b/system/database/drivers/odbc/odbc_result.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.3.0 * @filesource */ @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_odbc_result extends CI_DB_result { diff --git a/system/database/drivers/odbc/odbc_utility.php b/system/database/drivers/odbc/odbc_utility.php index 0e6c23328..643f6ec0c 100644 --- a/system/database/drivers/odbc/odbc_utility.php +++ b/system/database/drivers/odbc/odbc_utility.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.3.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/database/ + * @link https://codeigniter.com/database/ */ class CI_DB_odbc_utility extends CI_DB_utility { diff --git a/system/database/drivers/pdo/pdo_driver.php b/system/database/drivers/pdo/pdo_driver.php index cc77e9568..6afc999c2 100644 --- a/system/database/drivers/pdo/pdo_driver.php +++ b/system/database/drivers/pdo/pdo_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 2.1.0 * @filesource */ @@ -48,7 +48,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_pdo_driver extends CI_DB { @@ -126,7 +126,10 @@ class CI_DB_pdo_driver extends CI_DB { */ public function db_connect($persistent = FALSE) { - $this->options[PDO::ATTR_PERSISTENT] = $persistent; + if ($persistent === TRUE) + { + $this->options[PDO::ATTR_PERSISTENT] = TRUE; + } try { @@ -186,22 +189,10 @@ class CI_DB_pdo_driver extends CI_DB { /** * Begin Transaction * - * @param bool $test_mode * @return bool */ - public function trans_begin($test_mode = FALSE) + protected function _trans_begin() { - // When transactions are nested we only begin/commit/rollback the outermost ones - if ( ! $this->trans_enabled OR $this->_trans_depth > 0) - { - return TRUE; - } - - // Reset the transaction failure flag. - // If the $test_mode flag is set to TRUE transactions will be rolled back - // even if the queries produce a successful result. - $this->_trans_failure = ($test_mode === TRUE); - return $this->conn_id->beginTransaction(); } @@ -212,14 +203,8 @@ class CI_DB_pdo_driver extends CI_DB { * * @return bool */ - public function trans_commit() + protected function _trans_commit() { - // When transactions are nested we only begin/commit/rollback the outermost ones - if ( ! $this->trans_enabled OR $this->_trans_depth > 0) - { - return TRUE; - } - return $this->conn_id->commit(); } @@ -230,21 +215,15 @@ class CI_DB_pdo_driver extends CI_DB { * * @return bool */ - public function trans_rollback() + protected function _trans_rollback() { - // When transactions are nested we only begin/commit/rollback the outermost ones - if ( ! $this->trans_enabled OR $this->_trans_depth > 0) - { - return TRUE; - } - return $this->conn_id->rollBack(); } // -------------------------------------------------------------------- /** - * Platform-dependant string escape + * Platform-dependent string escape * * @param string * @return string @@ -306,7 +285,7 @@ class CI_DB_pdo_driver extends CI_DB { * Error * * Returns an array containing code and message of the last - * database error that has occured. + * database error that has occurred. * * @return array */ @@ -332,52 +311,6 @@ class CI_DB_pdo_driver extends CI_DB { // -------------------------------------------------------------------- /** - * Update_Batch statement - * - * Generates a platform-specific batch update string from the supplied data - * - * @param string $table Table name - * @param array $values Update data - * @param string $index WHERE key - * @return string - */ - protected function _update_batch($table, $values, $index) - { - $ids = array(); - foreach ($values as $key => $val) - { - $ids[] = $val[$index]; - - foreach (array_keys($val) as $field) - { - if ($field !== $index) - { - $final[$field][] = 'WHEN '.$index.' = '.$val[$index].' THEN '.$val[$field]; - } - } - } - - $cases = ''; - foreach ($final as $k => $v) - { - $cases .= $k.' = CASE '."\n"; - - foreach ($v as $row) - { - $cases .= $row."\n"; - } - - $cases .= 'ELSE '.$k.' END, '; - } - - $this->where($index.' IN('.implode(',', $ids).')', NULL, FALSE); - - return 'UPDATE '.$table.' SET '.substr($cases, 0, -2).$this->_compile_wh('qb_where'); - } - - // -------------------------------------------------------------------- - - /** * Truncate statement * * Generates a platform-specific truncate string from the supplied data diff --git a/system/database/drivers/pdo/pdo_forge.php b/system/database/drivers/pdo/pdo_forge.php index eedd9722d..685b6776d 100644 --- a/system/database/drivers/pdo/pdo_forge.php +++ b/system/database/drivers/pdo/pdo_forge.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 2.1.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/database/ + * @link https://codeigniter.com/database/ */ class CI_DB_pdo_forge extends CI_DB_forge { diff --git a/system/database/drivers/pdo/pdo_result.php b/system/database/drivers/pdo/pdo_result.php index fe26fea6e..bbc2cdc5a 100644 --- a/system/database/drivers/pdo/pdo_result.php +++ b/system/database/drivers/pdo/pdo_result.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 2.1.0 * @filesource */ @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_pdo_result extends CI_DB_result { diff --git a/system/database/drivers/pdo/pdo_utility.php b/system/database/drivers/pdo/pdo_utility.php index 72169c3ca..5029cac94 100644 --- a/system/database/drivers/pdo/pdo_utility.php +++ b/system/database/drivers/pdo/pdo_utility.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 2.1.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/database/ + * @link https://codeigniter.com/database/ */ class CI_DB_pdo_utility extends CI_DB_utility { diff --git a/system/database/drivers/pdo/subdrivers/pdo_4d_driver.php b/system/database/drivers/pdo/subdrivers/pdo_4d_driver.php index 7a767ef40..7eaeaa1fd 100644 --- a/system/database/drivers/pdo/subdrivers/pdo_4d_driver.php +++ b/system/database/drivers/pdo/subdrivers/pdo_4d_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -48,7 +48,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_pdo_4d_driver extends CI_DB_pdo_driver { diff --git a/system/database/drivers/pdo/subdrivers/pdo_4d_forge.php b/system/database/drivers/pdo/subdrivers/pdo_4d_forge.php index 6b420540c..3f636d3bd 100644 --- a/system/database/drivers/pdo/subdrivers/pdo_4d_forge.php +++ b/system/database/drivers/pdo/subdrivers/pdo_4d_forge.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -42,7 +42,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_pdo_4d_forge extends CI_DB_pdo_forge { diff --git a/system/database/drivers/pdo/subdrivers/pdo_cubrid_driver.php b/system/database/drivers/pdo/subdrivers/pdo_cubrid_driver.php index 98ac89f3d..fc49e0dd0 100644 --- a/system/database/drivers/pdo/subdrivers/pdo_cubrid_driver.php +++ b/system/database/drivers/pdo/subdrivers/pdo_cubrid_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -48,7 +48,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_pdo_cubrid_driver extends CI_DB_pdo_driver { @@ -171,47 +171,6 @@ class CI_DB_pdo_cubrid_driver extends CI_DB_pdo_driver { // -------------------------------------------------------------------- /** - * Update_Batch statement - * - * Generates a platform-specific batch update string from the supplied data - * - * @param string $table Table name - * @param array $values Update data - * @param string $index WHERE key - * @return string - */ - protected function _update_batch($table, $values, $index) - { - $ids = array(); - foreach ($values as $key => $val) - { - $ids[] = $val[$index]; - - foreach (array_keys($val) as $field) - { - if ($field !== $index) - { - $final[$field][] = 'WHEN '.$index.' = '.$val[$index].' THEN '.$val[$field]; - } - } - } - - $cases = ''; - foreach ($final as $k => $v) - { - $cases .= $k." = CASE \n" - .implode("\n", $v)."\n" - .'ELSE '.$k.' END), '; - } - - $this->where($index.' IN('.implode(',', $ids).')', NULL, FALSE); - - return 'UPDATE '.$table.' SET '.substr($cases, 0, -2).$this->_compile_wh('qb_where'); - } - - // -------------------------------------------------------------------- - - /** * Truncate statement * * Generates a platform-specific truncate string from the supplied data diff --git a/system/database/drivers/pdo/subdrivers/pdo_cubrid_forge.php b/system/database/drivers/pdo/subdrivers/pdo_cubrid_forge.php index 15b100d9b..276cbb6bc 100644 --- a/system/database/drivers/pdo/subdrivers/pdo_cubrid_forge.php +++ b/system/database/drivers/pdo/subdrivers/pdo_cubrid_forge.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -42,7 +42,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_pdo_cubrid_forge extends CI_DB_pdo_forge { @@ -178,6 +178,9 @@ class CI_DB_pdo_cubrid_forge extends CI_DB_pdo_forge { $attributes['TYPE'] = 'INTEGER'; $attributes['UNSIGNED'] = FALSE; return; + case 'LONGTEXT': + $attributes['TYPE'] = 'STRING'; + return; default: return; } } diff --git a/system/database/drivers/pdo/subdrivers/pdo_dblib_driver.php b/system/database/drivers/pdo/subdrivers/pdo_dblib_driver.php index ae2b9983b..3249a1d7f 100644 --- a/system/database/drivers/pdo/subdrivers/pdo_dblib_driver.php +++ b/system/database/drivers/pdo/subdrivers/pdo_dblib_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -48,7 +48,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_pdo_dblib_driver extends CI_DB_pdo_driver { @@ -126,7 +126,12 @@ class CI_DB_pdo_dblib_driver extends CI_DB_pdo_driver { */ public function db_connect($persistent = FALSE) { - $this->conn_id = parent::db_connect($persistent); + if ($persistent === TRUE) + { + log_message('debug', "dblib driver doesn't support persistent connections"); + } + + $this->conn_id = parent::db_connect(FALSE); if ( ! is_object($this->conn_id)) { diff --git a/system/database/drivers/pdo/subdrivers/pdo_dblib_forge.php b/system/database/drivers/pdo/subdrivers/pdo_dblib_forge.php index d3dd9032e..d0cca38dd 100644 --- a/system/database/drivers/pdo/subdrivers/pdo_dblib_forge.php +++ b/system/database/drivers/pdo/subdrivers/pdo_dblib_forge.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -42,7 +42,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_pdo_dblib_forge extends CI_DB_pdo_forge { @@ -111,6 +111,11 @@ class CI_DB_pdo_dblib_forge extends CI_DB_pdo_forge { */ protected function _attr_type(&$attributes) { + if (isset($attributes['CONSTRAINT']) && strpos($attributes['TYPE'], 'INT') !== FALSE) + { + unset($attributes['CONSTRAINT']); + } + switch (strtoupper($attributes['TYPE'])) { case 'MEDIUMINT': diff --git a/system/database/drivers/pdo/subdrivers/pdo_firebird_driver.php b/system/database/drivers/pdo/subdrivers/pdo_firebird_driver.php index 0bafde861..aa5e7d6e7 100644 --- a/system/database/drivers/pdo/subdrivers/pdo_firebird_driver.php +++ b/system/database/drivers/pdo/subdrivers/pdo_firebird_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -48,7 +48,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_pdo_firebird_driver extends CI_DB_pdo_driver { @@ -260,4 +260,20 @@ class CI_DB_pdo_firebird_driver extends CI_DB_pdo_driver { return preg_replace('`SELECT`i', 'SELECT '.$select, $sql); } + // -------------------------------------------------------------------- + + /** + * Insert batch statement + * + * Generates a platform-specific insert string from the supplied data. + * + * @param string $table Table name + * @param array $keys INSERT keys + * @param array $values INSERT values + * @return string|bool + */ + protected function _insert_batch($table, $keys, $values) + { + return ($this->db->db_debug) ? $this->db->display_error('db_unsupported_feature') : FALSE; + } } diff --git a/system/database/drivers/pdo/subdrivers/pdo_firebird_forge.php b/system/database/drivers/pdo/subdrivers/pdo_firebird_forge.php index ad28a6550..20c5a6897 100644 --- a/system/database/drivers/pdo/subdrivers/pdo_firebird_forge.php +++ b/system/database/drivers/pdo/subdrivers/pdo_firebird_forge.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -42,7 +42,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_pdo_firebird_forge extends CI_DB_pdo_forge { @@ -97,7 +97,7 @@ class CI_DB_pdo_firebird_forge extends CI_DB_pdo_forge { * @param string $db_name (ignored) * @return bool */ - public function drop_database($db_name = '') + public function drop_database($db_name) { if ( ! ibase_drop_db($this->conn_id)) { diff --git a/system/database/drivers/pdo/subdrivers/pdo_ibm_driver.php b/system/database/drivers/pdo/subdrivers/pdo_ibm_driver.php index 5dba26ec9..26b556a78 100644 --- a/system/database/drivers/pdo/subdrivers/pdo_ibm_driver.php +++ b/system/database/drivers/pdo/subdrivers/pdo_ibm_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -48,7 +48,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_pdo_ibm_driver extends CI_DB_pdo_driver { diff --git a/system/database/drivers/pdo/subdrivers/pdo_ibm_forge.php b/system/database/drivers/pdo/subdrivers/pdo_ibm_forge.php index d1b5f92c9..4238ca082 100644 --- a/system/database/drivers/pdo/subdrivers/pdo_ibm_forge.php +++ b/system/database/drivers/pdo/subdrivers/pdo_ibm_forge.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -42,7 +42,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_pdo_ibm_forge extends CI_DB_pdo_forge { diff --git a/system/database/drivers/pdo/subdrivers/pdo_informix_driver.php b/system/database/drivers/pdo/subdrivers/pdo_informix_driver.php index 9f8c017a5..050171f64 100644 --- a/system/database/drivers/pdo/subdrivers/pdo_informix_driver.php +++ b/system/database/drivers/pdo/subdrivers/pdo_informix_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -48,7 +48,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_pdo_informix_driver extends CI_DB_pdo_driver { diff --git a/system/database/drivers/pdo/subdrivers/pdo_informix_forge.php b/system/database/drivers/pdo/subdrivers/pdo_informix_forge.php index 22bdf6104..2ddc2a933 100644 --- a/system/database/drivers/pdo/subdrivers/pdo_informix_forge.php +++ b/system/database/drivers/pdo/subdrivers/pdo_informix_forge.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -42,7 +42,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_pdo_informix_forge extends CI_DB_pdo_forge { diff --git a/system/database/drivers/pdo/subdrivers/pdo_mysql_driver.php b/system/database/drivers/pdo/subdrivers/pdo_mysql_driver.php index e9d25cebc..66c15dac6 100644 --- a/system/database/drivers/pdo/subdrivers/pdo_mysql_driver.php +++ b/system/database/drivers/pdo/subdrivers/pdo_mysql_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -48,7 +48,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_pdo_mysql_driver extends CI_DB_pdo_driver { @@ -73,7 +73,7 @@ class CI_DB_pdo_mysql_driver extends CI_DB_pdo_driver { * * @var bool */ - public $stricton = FALSE; + public $stricton; // -------------------------------------------------------------------- @@ -106,7 +106,7 @@ class CI_DB_pdo_mysql_driver extends CI_DB_pdo_driver { empty($this->database) OR $this->dsn .= ';dbname='.$this->database; empty($this->char_set) OR $this->dsn .= ';charset='.$this->char_set; } - elseif ( ! empty($this->char_set) && strpos($this->dsn, 'charset=', 6) === FALSE && is_php('5.3.6')) + elseif ( ! empty($this->char_set) && strpos($this->dsn, 'charset=', 6) === FALSE) { $this->dsn .= ';charset='.$this->char_set; } @@ -122,26 +122,34 @@ class CI_DB_pdo_mysql_driver extends CI_DB_pdo_driver { */ public function db_connect($persistent = FALSE) { - /* Prior to PHP 5.3.6, even if the charset was supplied in the DSN - * on connect - it was ignored. This is a work-around for the issue. - * - * Reference: http://www.php.net/manual/en/ref.pdo-mysql.connection.php - */ - if ( ! is_php('5.3.6') && ! empty($this->char_set)) + if (isset($this->stricton)) { - $this->options[PDO::MYSQL_ATTR_INIT_COMMAND] = 'SET NAMES '.$this->char_set - .(empty($this->dbcollat) ? '' : ' COLLATE '.$this->dbcollat); - } - - if ($this->stricton) - { - if (empty($this->options[PDO::MYSQL_ATTR_INIT_COMMAND])) + if ($this->stricton) { - $this->options[PDO::MYSQL_ATTR_INIT_COMMAND] = 'SET SESSION sql_mode="STRICT_ALL_TABLES"'; + $sql = 'CONCAT(@@sql_mode, ",", "STRICT_ALL_TABLES")'; } else { - $this->options[PDO::MYSQL_ATTR_INIT_COMMAND] .= ', @@session.sql_mode = "STRICT_ALL_TABLES"'; + $sql = 'REPLACE(REPLACE(REPLACE(REPLACE(REPLACE(REPLACE( + @@sql_mode, + "STRICT_ALL_TABLES,", ""), + ",STRICT_ALL_TABLES", ""), + "STRICT_ALL_TABLES", ""), + "STRICT_TRANS_TABLES,", ""), + ",STRICT_TRANS_TABLES", ""), + "STRICT_TRANS_TABLES", "")'; + } + + if ( ! empty($sql)) + { + if (empty($this->options[PDO::MYSQL_ATTR_INIT_COMMAND])) + { + $this->options[PDO::MYSQL_ATTR_INIT_COMMAND] = 'SET SESSION sql_mode = '.$sql; + } + else + { + $this->options[PDO::MYSQL_ATTR_INIT_COMMAND] .= ', @@session.sql_mode = '.$sql; + } } } @@ -150,8 +158,7 @@ class CI_DB_pdo_mysql_driver extends CI_DB_pdo_driver { $this->options[PDO::MYSQL_ATTR_COMPRESS] = TRUE; } - // SSL support was added to PDO_MYSQL in PHP 5.3.7 - if (is_array($this->encrypt) && is_php('5.3.7')) + if (is_array($this->encrypt)) { $ssl = array(); empty($this->encrypt['ssl_key']) OR $ssl[PDO::MYSQL_ATTR_SSL_KEY] = $this->encrypt['ssl_key']; @@ -199,6 +206,56 @@ class CI_DB_pdo_mysql_driver extends CI_DB_pdo_driver { if (FALSE !== $this->simple_query('USE '.$this->escape_identifiers($database))) { $this->database = $database; + $this->data_cache = array(); + return TRUE; + } + + return FALSE; + } + + // -------------------------------------------------------------------- + + /** + * Begin Transaction + * + * @return bool + */ + protected function _trans_begin() + { + $this->conn_id->setAttribute(PDO::ATTR_AUTOCOMMIT, FALSE); + return $this->conn_id->beginTransaction(); + } + + // -------------------------------------------------------------------- + + /** + * Commit Transaction + * + * @return bool + */ + protected function _trans_commit() + { + if ($this->conn_id->commit()) + { + $this->conn_id->setAttribute(PDO::ATTR_AUTOCOMMIT, TRUE); + return TRUE; + } + + return FALSE; + } + + // -------------------------------------------------------------------- + + /** + * Rollback Transaction + * + * @return bool + */ + protected function _trans_rollback() + { + if ($this->conn_id->rollBack()) + { + $this->conn_id->setAttribute(PDO::ATTR_AUTOCOMMIT, TRUE); return TRUE; } diff --git a/system/database/drivers/pdo/subdrivers/pdo_mysql_forge.php b/system/database/drivers/pdo/subdrivers/pdo_mysql_forge.php index e8e24c6b3..c7a92b826 100644 --- a/system/database/drivers/pdo/subdrivers/pdo_mysql_forge.php +++ b/system/database/drivers/pdo/subdrivers/pdo_mysql_forge.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -42,7 +42,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_pdo_mysql_forge extends CI_DB_pdo_forge { diff --git a/system/database/drivers/pdo/subdrivers/pdo_oci_driver.php b/system/database/drivers/pdo/subdrivers/pdo_oci_driver.php index d17e311f7..abf9167d6 100644 --- a/system/database/drivers/pdo/subdrivers/pdo_oci_driver.php +++ b/system/database/drivers/pdo/subdrivers/pdo_oci_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -48,7 +48,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_pdo_oci_driver extends CI_DB_pdo_driver { @@ -130,6 +130,29 @@ class CI_DB_pdo_oci_driver extends CI_DB_pdo_driver { // -------------------------------------------------------------------- /** + * Database version number + * + * @return string + */ + public function version() + { + if (isset($this->data_cache['version'])) + { + return $this->data_cache['version']; + } + + $version_string = parent::version(); + if (preg_match('#Release\s(?<version>\d+(?:\.\d+)+)#', $version_string, $match)) + { + return $this->data_cache['version'] = $match[1]; + } + + return FALSE; + } + + // -------------------------------------------------------------------- + + /** * Show table query * * Generates a platform-specific query string so that the table names can be fetched @@ -288,6 +311,14 @@ class CI_DB_pdo_oci_driver extends CI_DB_pdo_driver { */ protected function _limit($sql) { + if (version_compare($this->version(), '12.1', '>=')) + { + // OFFSET-FETCH can be used only with the ORDER BY clause + empty($this->qb_orderby) && $sql .= ' ORDER BY 1'; + + return $sql.' OFFSET '.(int) $this->qb_offset.' ROWS FETCH NEXT '.$this->qb_limit.' ROWS ONLY'; + } + return 'SELECT * FROM (SELECT inner_query.*, rownum rnum FROM ('.$sql.') inner_query WHERE rownum < '.($this->qb_offset + $this->qb_limit + 1).')' .($this->qb_offset ? ' WHERE rnum >= '.($this->qb_offset + 1): ''); } diff --git a/system/database/drivers/pdo/subdrivers/pdo_oci_forge.php b/system/database/drivers/pdo/subdrivers/pdo_oci_forge.php index e2078cf39..c8983ee56 100644 --- a/system/database/drivers/pdo/subdrivers/pdo_oci_forge.php +++ b/system/database/drivers/pdo/subdrivers/pdo_oci_forge.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -42,7 +42,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_pdo_oci_forge extends CI_DB_pdo_forge { @@ -54,18 +54,18 @@ class CI_DB_pdo_oci_forge extends CI_DB_pdo_forge { protected $_create_database = FALSE; /** - * DROP DATABASE statement + * CREATE TABLE IF statement * * @var string */ - protected $_drop_database = FALSE; + protected $_create_table_if = FALSE; /** - * CREATE TABLE IF statement + * DROP DATABASE statement * * @var string */ - protected $_create_table_if = 'CREATE TABLE IF NOT EXISTS'; + protected $_drop_database = FALSE; /** * UNSIGNED support @@ -146,4 +146,31 @@ class CI_DB_pdo_oci_forge extends CI_DB_pdo_forge { // Not supported - sequences and triggers must be used instead } + /** + * Field attribute TYPE + * + * Performs a data type mapping between different databases. + * + * @param array &$attributes + * @return void + */ + protected function _attr_type(&$attributes) + { + switch (strtoupper($attributes['TYPE'])) + { + case 'TINYINT': + $attributes['TYPE'] = 'NUMBER'; + return; + case 'MEDIUMINT': + $attributes['TYPE'] = 'NUMBER'; + return; + case 'INT': + $attributes['TYPE'] = 'NUMBER'; + return; + case 'BIGINT': + $attributes['TYPE'] = 'NUMBER'; + return; + default: return; + } + } } diff --git a/system/database/drivers/pdo/subdrivers/pdo_odbc_driver.php b/system/database/drivers/pdo/subdrivers/pdo_odbc_driver.php index 51c70b630..5a492d881 100644 --- a/system/database/drivers/pdo/subdrivers/pdo_odbc_driver.php +++ b/system/database/drivers/pdo/subdrivers/pdo_odbc_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -48,7 +48,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_pdo_odbc_driver extends CI_DB_pdo_driver { @@ -161,106 +161,69 @@ class CI_DB_pdo_odbc_driver extends CI_DB_pdo_driver { // -------------------------------------------------------------------- /** - * Show table query - * - * Generates a platform-specific query string so that the table names can be fetched + * Platform-dependent string escape * - * @param bool $prefix_limit + * @param string * @return string */ - protected function _list_tables($prefix_limit = FALSE) + protected function _escape_str($str) { - $sql = "SELECT table_name FROM information_schema.tables WHERE table_schema = '".$this->schema."'"; - - if ($prefix_limit !== FALSE && $this->dbprefix !== '') - { - return $sql." AND table_name LIKE '".$this->escape_like_str($this->dbprefix)."%' " - .sprintf($this->_like_escape_str, $this->_like_escape_chr); - } - - return $sql; + $this->db->display_error('db_unsupported_feature'); } // -------------------------------------------------------------------- /** - * Show column query + * Determines if a query is a "write" type. * - * Generates a platform-specific query string so that the column names can be fetched - * - * @param string $table - * @return string + * @param string An SQL query string + * @return bool */ - protected function _list_columns($table = '') + public function is_write_type($sql) { - return 'SELECT column_name FROM information_schema.columns WHERE table_name = '.$this->escape($table); - } - - // -------------------------------------------------------------------- + if (preg_match('#^(INSERT|UPDATE).*RETURNING\s.+(\,\s?.+)*$#is', $sql)) + { + return FALSE; + } - /** - * Update statement - * - * Generates a platform-specific update string from the supplied data - * - * @param string $table - * @param array $values - * @return string - */ - protected function _update($table, $values) - { - $this->qb_limit = FALSE; - $this->qb_orderby = array(); - return parent::_update($table, $values); + return parent::is_write_type($sql); } // -------------------------------------------------------------------- /** - * Truncate statement - * - * Generates a platform-specific truncate string from the supplied data + * Show table query * - * If the database does not support the TRUNCATE statement, - * then this method maps to 'DELETE FROM table' + * Generates a platform-specific query string so that the table names can be fetched * - * @param string $table + * @param bool $prefix_limit * @return string */ - protected function _truncate($table) + protected function _list_tables($prefix_limit = FALSE) { - return 'DELETE FROM '.$table; - } + $sql = "SELECT table_name FROM information_schema.tables WHERE table_schema = '".$this->schema."'"; - // -------------------------------------------------------------------- + if ($prefix_limit !== FALSE && $this->dbprefix !== '') + { + return $sql." AND table_name LIKE '".$this->escape_like_str($this->dbprefix)."%' " + .sprintf($this->_like_escape_str, $this->_like_escape_chr); + } - /** - * Delete statement - * - * Generates a platform-specific delete string from the supplied data - * - * @param string the table name - * @return string - */ - protected function _delete($table) - { - $this->qb_limit = FALSE; - return parent::_delete($table); + return $sql; } // -------------------------------------------------------------------- /** - * LIMIT + * Show column query * - * Generates a platform-specific LIMIT clause + * Generates a platform-specific query string so that the column names can be fetched * - * @param string $sql SQL Query + * @param string $table * @return string */ - protected function _limit($sql) + protected function _list_columns($table = '') { - return preg_replace('/(^\SELECT (DISTINCT)?)/i','\\1 TOP '.$this->qb_limit.' ', $sql); + return 'SELECT column_name FROM information_schema.columns WHERE table_name = '.$this->escape($table); } - } diff --git a/system/database/drivers/pdo/subdrivers/pdo_odbc_forge.php b/system/database/drivers/pdo/subdrivers/pdo_odbc_forge.php index 291352982..a2a3bada3 100644 --- a/system/database/drivers/pdo/subdrivers/pdo_odbc_forge.php +++ b/system/database/drivers/pdo/subdrivers/pdo_odbc_forge.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -42,7 +42,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/database/ + * @link https://codeigniter.com/database/ */ class CI_DB_pdo_odbc_forge extends CI_DB_pdo_forge { diff --git a/system/database/drivers/pdo/subdrivers/pdo_pgsql_driver.php b/system/database/drivers/pdo/subdrivers/pdo_pgsql_driver.php index 2dd41ca87..9aed3a2fe 100644 --- a/system/database/drivers/pdo/subdrivers/pdo_pgsql_driver.php +++ b/system/database/drivers/pdo/subdrivers/pdo_pgsql_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -48,7 +48,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_pdo_pgsql_driver extends CI_DB_pdo_driver { @@ -154,7 +154,12 @@ class CI_DB_pdo_pgsql_driver extends CI_DB_pdo_driver { */ public function is_write_type($sql) { - return (bool) preg_match('/^\s*"?(SET|INSERT(?![^\)]+\)\s+RETURNING)|UPDATE(?!.*\sRETURNING)|DELETE|CREATE|DROP|TRUNCATE|LOAD|COPY|ALTER|RENAME|GRANT|REVOKE|LOCK|UNLOCK|REINDEX)\s/i', str_replace(array("\r\n", "\r", "\n"), ' ', $sql)); + if (preg_match('#^(INSERT|UPDATE).*RETURNING\s.+(\,\s?.+)*$#is', $sql)) + { + return FALSE; + } + + return parent::is_write_type($sql); } // -------------------------------------------------------------------- @@ -321,13 +326,13 @@ class CI_DB_pdo_pgsql_driver extends CI_DB_pdo_driver { $ids = array(); foreach ($values as $key => $val) { - $ids[] = $val[$index]; + $ids[] = $val[$index]['value']; foreach (array_keys($val) as $field) { if ($field !== $index) { - $final[$field][] = 'WHEN '.$val[$index].' THEN '.$val[$field]; + $final[$val[$field]['field']][] = 'WHEN '.$val[$index]['value'].' THEN '.$val[$field]['value']; } } } @@ -335,12 +340,12 @@ class CI_DB_pdo_pgsql_driver extends CI_DB_pdo_driver { $cases = ''; foreach ($final as $k => $v) { - $cases .= $k.' = (CASE '.$index."\n" + $cases .= $k.' = (CASE '.$val[$index]['field']."\n" .implode("\n", $v)."\n" .'ELSE '.$k.' END), '; } - $this->where($index.' IN('.implode(',', $ids).')', NULL, FALSE); + $this->where($val[$index]['field'].' IN('.implode(',', $ids).')', NULL, FALSE); return 'UPDATE '.$table.' SET '.substr($cases, 0, -2).$this->_compile_wh('qb_where'); } diff --git a/system/database/drivers/pdo/subdrivers/pdo_pgsql_forge.php b/system/database/drivers/pdo/subdrivers/pdo_pgsql_forge.php index b4a6160a8..b00af4ad0 100644 --- a/system/database/drivers/pdo/subdrivers/pdo_pgsql_forge.php +++ b/system/database/drivers/pdo/subdrivers/pdo_pgsql_forge.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -42,7 +42,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_pdo_pgsql_forge extends CI_DB_pdo_forge { @@ -168,7 +168,7 @@ class CI_DB_pdo_pgsql_forge extends CI_DB_pdo_forge { */ protected function _attr_type(&$attributes) { - // Reset field lenghts for data types that don't support it + // Reset field lengths for data types that don't support it if (isset($attributes['CONSTRAINT']) && stripos($attributes['TYPE'], 'int') !== FALSE) { $attributes['CONSTRAINT'] = NULL; diff --git a/system/database/drivers/pdo/subdrivers/pdo_sqlite_driver.php b/system/database/drivers/pdo/subdrivers/pdo_sqlite_driver.php index 409e6501b..9b70f3ea6 100644 --- a/system/database/drivers/pdo/subdrivers/pdo_sqlite_driver.php +++ b/system/database/drivers/pdo/subdrivers/pdo_sqlite_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -48,7 +48,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_pdo_sqlite_driver extends CI_DB_pdo_driver { @@ -66,7 +66,7 @@ class CI_DB_pdo_sqlite_driver extends CI_DB_pdo_driver { * * @var array */ - protected $_random_keyword = ' RANDOM()'; + protected $_random_keyword = array('RANDOM()', 'RANDOM()'); // -------------------------------------------------------------------- diff --git a/system/database/drivers/pdo/subdrivers/pdo_sqlite_forge.php b/system/database/drivers/pdo/subdrivers/pdo_sqlite_forge.php index 15afbdef5..18c475b17 100644 --- a/system/database/drivers/pdo/subdrivers/pdo_sqlite_forge.php +++ b/system/database/drivers/pdo/subdrivers/pdo_sqlite_forge.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -42,7 +42,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_pdo_sqlite_forge extends CI_DB_pdo_forge { @@ -101,7 +101,7 @@ class CI_DB_pdo_sqlite_forge extends CI_DB_pdo_forge { * @param string $db_name (ignored) * @return bool */ - public function create_database($db_name = '') + public function create_database($db_name) { // In SQLite, a database is created when you connect to the database. // We'll return TRUE so that an error isn't generated @@ -116,7 +116,7 @@ class CI_DB_pdo_sqlite_forge extends CI_DB_pdo_forge { * @param string $db_name (ignored) * @return bool */ - public function drop_database($db_name = '') + public function drop_database($db_name) { // In SQLite, a database is dropped when we delete a file if (file_exists($this->db->database)) diff --git a/system/database/drivers/pdo/subdrivers/pdo_sqlsrv_driver.php b/system/database/drivers/pdo/subdrivers/pdo_sqlsrv_driver.php index f8ae5f6db..1cf6c614d 100644 --- a/system/database/drivers/pdo/subdrivers/pdo_sqlsrv_driver.php +++ b/system/database/drivers/pdo/subdrivers/pdo_sqlsrv_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -48,7 +48,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_pdo_sqlsrv_driver extends CI_DB_pdo_driver { diff --git a/system/database/drivers/pdo/subdrivers/pdo_sqlsrv_forge.php b/system/database/drivers/pdo/subdrivers/pdo_sqlsrv_forge.php index 602a1d426..82a0d515d 100644 --- a/system/database/drivers/pdo/subdrivers/pdo_sqlsrv_forge.php +++ b/system/database/drivers/pdo/subdrivers/pdo_sqlsrv_forge.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -42,7 +42,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_pdo_sqlsrv_forge extends CI_DB_pdo_forge { @@ -111,6 +111,11 @@ class CI_DB_pdo_sqlsrv_forge extends CI_DB_pdo_forge { */ protected function _attr_type(&$attributes) { + if (isset($attributes['CONSTRAINT']) && strpos($attributes['TYPE'], 'INT') !== FALSE) + { + unset($attributes['CONSTRAINT']); + } + switch (strtoupper($attributes['TYPE'])) { case 'MEDIUMINT': diff --git a/system/database/drivers/postgre/postgre_driver.php b/system/database/drivers/postgre/postgre_driver.php index 7be07c3bf..75b1d4c37 100644 --- a/system/database/drivers/postgre/postgre_driver.php +++ b/system/database/drivers/postgre/postgre_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.3.0 * @filesource */ @@ -48,7 +48,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_postgre_driver extends CI_DB { @@ -163,6 +163,13 @@ class CI_DB_postgre_driver extends CI_DB { return FALSE; } + if (pg_set_client_encoding($this->conn_id, $this->char_set) !== 0) + { + log_message('error', "Database: Unable to set the configured connection charset ('{$this->char_set}')."); + pg_close($this->conn_id); + return ($this->db->db_debug) ? $this->display_error('db_unable_to_set_charset', $this->char_set) : FALSE; + } + empty($this->schema) OR $this->simple_query('SET search_path TO '.$this->schema.',public'); } @@ -190,19 +197,6 @@ class CI_DB_postgre_driver extends CI_DB { // -------------------------------------------------------------------- /** - * Set client character set - * - * @param string $charset - * @return bool - */ - protected function _db_set_charset($charset) - { - return (pg_set_client_encoding($this->conn_id, $charset) === 0); - } - - // -------------------------------------------------------------------- - - /** * Database version number * * @return string @@ -247,22 +241,10 @@ class CI_DB_postgre_driver extends CI_DB { /** * Begin Transaction * - * @param bool $test_mode * @return bool */ - public function trans_begin($test_mode = FALSE) + protected function _trans_begin() { - // When transactions are nested we only begin/commit/rollback the outermost ones - if ( ! $this->trans_enabled OR $this->_trans_depth > 0) - { - return TRUE; - } - - // Reset the transaction failure flag. - // If the $test_mode flag is set to TRUE transactions will be rolled back - // even if the queries produce a successful result. - $this->_trans_failure = ($test_mode === TRUE); - return (bool) pg_query($this->conn_id, 'BEGIN'); } @@ -273,14 +255,8 @@ class CI_DB_postgre_driver extends CI_DB { * * @return bool */ - public function trans_commit() + protected function _trans_commit() { - // When transactions are nested we only begin/commit/rollback the outermost ones - if ( ! $this->trans_enabled OR $this->_trans_depth > 0) - { - return TRUE; - } - return (bool) pg_query($this->conn_id, 'COMMIT'); } @@ -291,14 +267,8 @@ class CI_DB_postgre_driver extends CI_DB { * * @return bool */ - public function trans_rollback() + protected function _trans_rollback() { - // When transactions are nested we only begin/commit/rollback the outermost ones - if ( ! $this->trans_enabled OR $this->_trans_depth > 0) - { - return TRUE; - } - return (bool) pg_query($this->conn_id, 'ROLLBACK'); } @@ -312,13 +282,18 @@ class CI_DB_postgre_driver extends CI_DB { */ public function is_write_type($sql) { - return (bool) preg_match('/^\s*"?(SET|INSERT(?![^\)]+\)\s+RETURNING)|UPDATE(?!.*\sRETURNING)|DELETE|CREATE|DROP|TRUNCATE|LOAD|COPY|ALTER|RENAME|GRANT|REVOKE|LOCK|UNLOCK|REINDEX)\s/i', str_replace(array("\r\n", "\r", "\n"), ' ', $sql)); + if (preg_match('#^(INSERT|UPDATE).*RETURNING\s.+(\,\s?.+)*$#is', $sql)) + { + return FALSE; + } + + return parent::is_write_type($sql); } // -------------------------------------------------------------------- /** - * Platform-dependant string escape + * Platform-dependent string escape * * @param string * @return string @@ -340,7 +315,7 @@ class CI_DB_postgre_driver extends CI_DB { */ public function escape($str) { - if (is_php('5.4.4') && (is_string($str) OR (is_object($str) && method_exists($str, '__toString')))) + if (is_string($str) OR (is_object($str) && method_exists($str, '__toString'))) { return pg_escape_literal($this->conn_id, $str); } @@ -490,7 +465,7 @@ class CI_DB_postgre_driver extends CI_DB { * Error * * Returns an array containing code and message of the last - * database error that has occured. + * database error that has occurred. * * @return array */ @@ -569,13 +544,13 @@ class CI_DB_postgre_driver extends CI_DB { $ids = array(); foreach ($values as $key => $val) { - $ids[] = $val[$index]; + $ids[] = $val[$index]['value']; foreach (array_keys($val) as $field) { if ($field !== $index) { - $final[$field][] = 'WHEN '.$val[$index].' THEN '.$val[$field]; + $final[$val[$field]['field']][] = 'WHEN '.$val[$index]['value'].' THEN '.$val[$field]['value']; } } } @@ -583,12 +558,12 @@ class CI_DB_postgre_driver extends CI_DB { $cases = ''; foreach ($final as $k => $v) { - $cases .= $k.' = (CASE '.$index."\n" + $cases .= $k.' = (CASE '.$val[$index]['field']."\n" .implode("\n", $v)."\n" .'ELSE '.$k.' END), '; } - $this->where($index.' IN('.implode(',', $ids).')', NULL, FALSE); + $this->where($val[$index]['field'].' IN('.implode(',', $ids).')', NULL, FALSE); return 'UPDATE '.$table.' SET '.substr($cases, 0, -2).$this->_compile_wh('qb_where'); } diff --git a/system/database/drivers/postgre/postgre_forge.php b/system/database/drivers/postgre/postgre_forge.php index d26e84cbc..cdbff4c4b 100644 --- a/system/database/drivers/postgre/postgre_forge.php +++ b/system/database/drivers/postgre/postgre_forge.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.3.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_postgre_forge extends CI_DB_forge { @@ -163,7 +163,7 @@ class CI_DB_postgre_forge extends CI_DB_forge { */ protected function _attr_type(&$attributes) { - // Reset field lenghts for data types that don't support it + // Reset field lengths for data types that don't support it if (isset($attributes['CONSTRAINT']) && stripos($attributes['TYPE'], 'int') !== FALSE) { $attributes['CONSTRAINT'] = NULL; diff --git a/system/database/drivers/postgre/postgre_result.php b/system/database/drivers/postgre/postgre_result.php index a8ad24edf..57864a7f3 100644 --- a/system/database/drivers/postgre/postgre_result.php +++ b/system/database/drivers/postgre/postgre_result.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.3.0 * @filesource */ @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_postgre_result extends CI_DB_result { diff --git a/system/database/drivers/postgre/postgre_utility.php b/system/database/drivers/postgre/postgre_utility.php index 7c6c02590..5ca358da5 100644 --- a/system/database/drivers/postgre/postgre_utility.php +++ b/system/database/drivers/postgre/postgre_utility.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.3.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_postgre_utility extends CI_DB_utility { diff --git a/system/database/drivers/sqlite/index.html b/system/database/drivers/sqlite/index.html deleted file mode 100644 index b702fbc39..000000000 --- a/system/database/drivers/sqlite/index.html +++ /dev/null @@ -1,11 +0,0 @@ -<!DOCTYPE html> -<html> -<head> - <title>403 Forbidden</title> -</head> -<body> - -<p>Directory access is forbidden.</p> - -</body> -</html> diff --git a/system/database/drivers/sqlite/sqlite_driver.php b/system/database/drivers/sqlite/sqlite_driver.php deleted file mode 100644 index 9d9caa0b4..000000000 --- a/system/database/drivers/sqlite/sqlite_driver.php +++ /dev/null @@ -1,357 +0,0 @@ -<?php -/** - * CodeIgniter - * - * An open source application development framework for PHP - * - * This content is released under the MIT License (MIT) - * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology - * - * Permission is hereby granted, free of charge, to any person obtaining a copy - * of this software and associated documentation files (the "Software"), to deal - * in the Software without restriction, including without limitation the rights - * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell - * copies of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included in - * all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, - * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN - * THE SOFTWARE. - * - * @package CodeIgniter - * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) - * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com - * @since Version 1.3.0 - * @filesource - */ -defined('BASEPATH') OR exit('No direct script access allowed'); - -/** - * SQLite Database Adapter Class - * - * Note: _DB is an extender class that the app controller - * creates dynamically based on whether the query builder - * class is being used or not. - * - * @package CodeIgniter - * @subpackage Drivers - * @category Database - * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ - */ -class CI_DB_sqlite_driver extends CI_DB { - - /** - * Database driver - * - * @var string - */ - public $dbdriver = 'sqlite'; - - // -------------------------------------------------------------------- - - /** - * ORDER BY random keyword - * - * @var array - */ - protected $_random_keyword = array('RANDOM()', 'RANDOM()'); - - // -------------------------------------------------------------------- - - /** - * Non-persistent database connection - * - * @param bool $persistent - * @return resource - */ - public function db_connect($persistent = FALSE) - { - $error = NULL; - $conn_id = ($persistent === TRUE) - ? sqlite_popen($this->database, 0666, $error) - : sqlite_open($this->database, 0666, $error); - - isset($error) && log_message('error', $error); - - return $conn_id; - } - - // -------------------------------------------------------------------- - - /** - * Database version number - * - * @return string - */ - public function version() - { - return isset($this->data_cache['version']) - ? $this->data_cache['version'] - : $this->data_cache['version'] = sqlite_libversion(); - } - - // -------------------------------------------------------------------- - - /** - * Execute the query - * - * @param string $sql an SQL query - * @return resource - */ - protected function _execute($sql) - { - return $this->is_write_type($sql) - ? sqlite_exec($this->conn_id, $sql) - : sqlite_query($this->conn_id, $sql); - } - - // -------------------------------------------------------------------- - - /** - * Begin Transaction - * - * @param bool $test_mode - * @return bool - */ - public function trans_begin($test_mode = FALSE) - { - // When transactions are nested we only begin/commit/rollback the outermost ones - if ( ! $this->trans_enabled OR $this->_trans_depth > 0) - { - return TRUE; - } - - // Reset the transaction failure flag. - // If the $test_mode flag is set to TRUE transactions will be rolled back - // even if the queries produce a successful result. - $this->_trans_failure = ($test_mode === TRUE); - - $this->simple_query('BEGIN TRANSACTION'); - return TRUE; - } - - // -------------------------------------------------------------------- - - /** - * Commit Transaction - * - * @return bool - */ - public function trans_commit() - { - // When transactions are nested we only begin/commit/rollback the outermost ones - if ( ! $this->trans_enabled OR $this->_trans_depth > 0) - { - return TRUE; - } - - $this->simple_query('COMMIT'); - return TRUE; - } - - // -------------------------------------------------------------------- - - /** - * Rollback Transaction - * - * @return bool - */ - public function trans_rollback() - { - // When transactions are nested we only begin/commit/rollback the outermost ones - if ( ! $this->trans_enabled OR $this->_trans_depth > 0) - { - return TRUE; - } - - $this->simple_query('ROLLBACK'); - return TRUE; - } - - // -------------------------------------------------------------------- - - /** - * Platform-dependant string escape - * - * @param string - * @return string - */ - protected function _escape_str($str) - { - return sqlite_escape_string($str); - } - - // -------------------------------------------------------------------- - - /** - * Affected Rows - * - * @return int - */ - public function affected_rows() - { - return sqlite_changes($this->conn_id); - } - - // -------------------------------------------------------------------- - - /** - * Insert ID - * - * @return int - */ - public function insert_id() - { - return sqlite_last_insert_rowid($this->conn_id); - } - - // -------------------------------------------------------------------- - - /** - * List table query - * - * Generates a platform-specific query string so that the table names can be fetched - * - * @param bool $prefix_limit - * @return string - */ - protected function _list_tables($prefix_limit = FALSE) - { - $sql = "SELECT name FROM sqlite_master WHERE type='table'"; - - if ($prefix_limit !== FALSE && $this->dbprefix != '') - { - return $sql." AND 'name' LIKE '".$this->escape_like_str($this->dbprefix)."%' ".sprintf($this->_like_escape_str, $this->_like_escape_chr); - } - - return $sql; - } - - // -------------------------------------------------------------------- - - /** - * Show column query - * - * Generates a platform-specific query string so that the column names can be fetched - * - * @param string $table - * @return bool - */ - protected function _list_columns($table = '') - { - // Not supported - return FALSE; - } - - // -------------------------------------------------------------------- - - /** - * Returns an object with field data - * - * @param string $table - * @return array - */ - public function field_data($table) - { - if (($query = $this->query('PRAGMA TABLE_INFO('.$this->protect_identifiers($table, TRUE, NULL, FALSE).')')) === FALSE) - { - return FALSE; - } - - $query = $query->result_array(); - if (empty($query)) - { - return FALSE; - } - - $retval = array(); - for ($i = 0, $c = count($query); $i < $c; $i++) - { - $retval[$i] = new stdClass(); - $retval[$i]->name = $query[$i]['name']; - $retval[$i]->type = $query[$i]['type']; - $retval[$i]->max_length = NULL; - $retval[$i]->default = $query[$i]['dflt_value']; - $retval[$i]->primary_key = isset($query[$i]['pk']) ? (int) $query[$i]['pk'] : 0; - } - - return $retval; - } - - // -------------------------------------------------------------------- - - /** - * Error - * - * Returns an array containing code and message of the last - * database error that has occured. - * - * @return array - */ - public function error() - { - $error = array('code' => sqlite_last_error($this->conn_id)); - $error['message'] = sqlite_error_string($error['code']); - return $error; - } - - // -------------------------------------------------------------------- - - /** - * Replace statement - * - * Generates a platform-specific replace string from the supplied data - * - * @param string $table Table name - * @param array $keys INSERT keys - * @param array $values INSERT values - * @return string - */ - protected function _replace($table, $keys, $values) - { - return 'INSERT OR '.parent::_replace($table, $keys, $values); - } - - // -------------------------------------------------------------------- - - /** - * Truncate statement - * - * Generates a platform-specific truncate string from the supplied data - * - * If the database does not support the TRUNCATE statement, - * then this function maps to 'DELETE FROM table' - * - * @param string $table - * @return string - */ - protected function _truncate($table) - { - return 'DELETE FROM '.$table; - } - - // -------------------------------------------------------------------- - - /** - * Close DB Connection - * - * @return void - */ - protected function _close() - { - sqlite_close($this->conn_id); - } - -} diff --git a/system/database/drivers/sqlite/sqlite_forge.php b/system/database/drivers/sqlite/sqlite_forge.php deleted file mode 100644 index 2bba330c0..000000000 --- a/system/database/drivers/sqlite/sqlite_forge.php +++ /dev/null @@ -1,205 +0,0 @@ -<?php -/** - * CodeIgniter - * - * An open source application development framework for PHP - * - * This content is released under the MIT License (MIT) - * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology - * - * Permission is hereby granted, free of charge, to any person obtaining a copy - * of this software and associated documentation files (the "Software"), to deal - * in the Software without restriction, including without limitation the rights - * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell - * copies of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included in - * all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, - * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN - * THE SOFTWARE. - * - * @package CodeIgniter - * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) - * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com - * @since Version 1.3.0 - * @filesource - */ -defined('BASEPATH') OR exit('No direct script access allowed'); - -/** - * SQLite Forge Class - * - * @category Database - * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ - */ -class CI_DB_sqlite_forge extends CI_DB_forge { - - /** - * CREATE TABLE IF statement - * - * @var string - */ - protected $_create_table_if = FALSE; - - /** - * UNSIGNED support - * - * @var bool|array - */ - protected $_unsigned = FALSE; - - /** - * NULL value representation in CREATE/ALTER TABLE statements - * - * @var string - */ - protected $_null = 'NULL'; - - // -------------------------------------------------------------------- - - /** - * Create database - * - * @param string $db_name (ignored) - * @return bool - */ - public function create_database($db_name = '') - { - // In SQLite, a database is created when you connect to the database. - // We'll return TRUE so that an error isn't generated - return TRUE; - } - - // -------------------------------------------------------------------- - - /** - * Drop database - * - * @param string $db_name (ignored) - * @return bool - */ - public function drop_database($db_name = '') - { - if ( ! file_exists($this->db->database) OR ! @unlink($this->db->database)) - { - return ($this->db->db_debug) ? $this->db->display_error('db_unable_to_drop') : FALSE; - } - elseif ( ! empty($this->db->data_cache['db_names'])) - { - $key = array_search(strtolower($this->db->database), array_map('strtolower', $this->db->data_cache['db_names']), TRUE); - if ($key !== FALSE) - { - unset($this->db->data_cache['db_names'][$key]); - } - } - - return TRUE; - } - - // -------------------------------------------------------------------- - - /** - * ALTER TABLE - * - * @todo implement drop_column(), modify_column() - * @param string $alter_type ALTER type - * @param string $table Table name - * @param mixed $field Column definition - * @return string|string[] - */ - protected function _alter_table($alter_type, $table, $field) - { - if ($alter_type === 'DROP' OR $alter_type === 'CHANGE') - { - // drop_column(): - // BEGIN TRANSACTION; - // CREATE TEMPORARY TABLE t1_backup(a,b); - // INSERT INTO t1_backup SELECT a,b FROM t1; - // DROP TABLE t1; - // CREATE TABLE t1(a,b); - // INSERT INTO t1 SELECT a,b FROM t1_backup; - // DROP TABLE t1_backup; - // COMMIT; - - return FALSE; - } - - return parent::_alter_table($alter_type, $table, $field); - } - - // -------------------------------------------------------------------- - - /** - * Process column - * - * @param array $field - * @return string - */ - protected function _process_column($field) - { - return $this->db->escape_identifiers($field['name']) - .' '.$field['type'] - .$field['auto_increment'] - .$field['null'] - .$field['unique'] - .$field['default']; - } - - // -------------------------------------------------------------------- - - /** - * Field attribute TYPE - * - * Performs a data type mapping between different databases. - * - * @param array &$attributes - * @return void - */ - protected function _attr_type(&$attributes) - { - switch (strtoupper($attributes['TYPE'])) - { - case 'ENUM': - case 'SET': - $attributes['TYPE'] = 'TEXT'; - return; - default: return; - } - } - - // -------------------------------------------------------------------- - - /** - * Field attribute AUTO_INCREMENT - * - * @param array &$attributes - * @param array &$field - * @return void - */ - protected function _attr_auto_increment(&$attributes, &$field) - { - if ( ! empty($attributes['AUTO_INCREMENT']) && $attributes['AUTO_INCREMENT'] === TRUE && stripos($field['type'], 'int') !== FALSE) - { - $field['type'] = 'INTEGER PRIMARY KEY'; - $field['default'] = ''; - $field['null'] = ''; - $field['unique'] = ''; - $field['auto_increment'] = ' AUTOINCREMENT'; - - $this->primary_keys = array(); - } - } - -} diff --git a/system/database/drivers/sqlite/sqlite_result.php b/system/database/drivers/sqlite/sqlite_result.php deleted file mode 100644 index 487d00366..000000000 --- a/system/database/drivers/sqlite/sqlite_result.php +++ /dev/null @@ -1,164 +0,0 @@ -<?php -/** - * CodeIgniter - * - * An open source application development framework for PHP - * - * This content is released under the MIT License (MIT) - * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology - * - * Permission is hereby granted, free of charge, to any person obtaining a copy - * of this software and associated documentation files (the "Software"), to deal - * in the Software without restriction, including without limitation the rights - * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell - * copies of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included in - * all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, - * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN - * THE SOFTWARE. - * - * @package CodeIgniter - * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) - * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com - * @since Version 1.3.0 - * @filesource - */ -defined('BASEPATH') OR exit('No direct script access allowed'); - -/** - * SQLite Result Class - * - * This class extends the parent result class: CI_DB_result - * - * @category Database - * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ - */ -class CI_DB_sqlite_result extends CI_DB_result { - - /** - * Number of rows in the result set - * - * @return int - */ - public function num_rows() - { - return is_int($this->num_rows) - ? $this->num_rows - : $this->num_rows = @sqlite_num_rows($this->result_id); - } - - // -------------------------------------------------------------------- - - /** - * Number of fields in the result set - * - * @return int - */ - public function num_fields() - { - return @sqlite_num_fields($this->result_id); - } - - // -------------------------------------------------------------------- - - /** - * Fetch Field Names - * - * Generates an array of column names - * - * @return array - */ - public function list_fields() - { - $field_names = array(); - for ($i = 0, $c = $this->num_fields(); $i < $c; $i++) - { - $field_names[$i] = sqlite_field_name($this->result_id, $i); - } - - return $field_names; - } - - // -------------------------------------------------------------------- - - /** - * Field data - * - * Generates an array of objects containing field meta-data - * - * @return array - */ - public function field_data() - { - $retval = array(); - for ($i = 0, $c = $this->num_fields(); $i < $c; $i++) - { - $retval[$i] = new stdClass(); - $retval[$i]->name = sqlite_field_name($this->result_id, $i); - $retval[$i]->type = NULL; - $retval[$i]->max_length = NULL; - } - - return $retval; - } - - // -------------------------------------------------------------------- - - /** - * Data Seek - * - * Moves the internal pointer to the desired offset. We call - * this internally before fetching results to make sure the - * result set starts at zero. - * - * @param int $n - * @return bool - */ - public function data_seek($n = 0) - { - return sqlite_seek($this->result_id, $n); - } - - // -------------------------------------------------------------------- - - /** - * Result - associative array - * - * Returns the result set as an array - * - * @return array - */ - protected function _fetch_assoc() - { - return sqlite_fetch_array($this->result_id); - } - - // -------------------------------------------------------------------- - - /** - * Result - object - * - * Returns the result set as an object - * - * @param string $class_name - * @return object - */ - protected function _fetch_object($class_name = 'stdClass') - { - return sqlite_fetch_object($this->result_id, $class_name); - } - -} diff --git a/system/database/drivers/sqlite/sqlite_utility.php b/system/database/drivers/sqlite/sqlite_utility.php deleted file mode 100644 index 9cb454274..000000000 --- a/system/database/drivers/sqlite/sqlite_utility.php +++ /dev/null @@ -1,61 +0,0 @@ -<?php -/** - * CodeIgniter - * - * An open source application development framework for PHP - * - * This content is released under the MIT License (MIT) - * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology - * - * Permission is hereby granted, free of charge, to any person obtaining a copy - * of this software and associated documentation files (the "Software"), to deal - * in the Software without restriction, including without limitation the rights - * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell - * copies of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included in - * all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, - * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN - * THE SOFTWARE. - * - * @package CodeIgniter - * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) - * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com - * @since Version 1.3.0 - * @filesource - */ -defined('BASEPATH') OR exit('No direct script access allowed'); - -/** - * SQLite Utility Class - * - * @category Database - * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ - */ -class CI_DB_sqlite_utility extends CI_DB_utility { - - /** - * Export - * - * @param array $params Preferences - * @return mixed - */ - protected function _backup($params = array()) - { - // Currently unsupported - return $this->db->display_error('db_unsupported_feature'); - } - -} diff --git a/system/database/drivers/sqlite3/sqlite3_driver.php b/system/database/drivers/sqlite3/sqlite3_driver.php index 31e37de91..d131baad7 100644 --- a/system/database/drivers/sqlite3/sqlite3_driver.php +++ b/system/database/drivers/sqlite3/sqlite3_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -48,7 +48,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author Andrey Andreev - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_sqlite3_driver extends CI_DB { @@ -134,22 +134,10 @@ class CI_DB_sqlite3_driver extends CI_DB { /** * Begin Transaction * - * @param bool $test_mode * @return bool */ - public function trans_begin($test_mode = FALSE) + protected function _trans_begin() { - // When transactions are nested we only begin/commit/rollback the outermost ones - if ( ! $this->trans_enabled OR $this->_trans_depth > 0) - { - return TRUE; - } - - // Reset the transaction failure flag. - // If the $test_mode flag is set to TRUE transactions will be rolled back - // even if the queries produce a successful result. - $this->_trans_failure = ($test_mode === TRUE); - return $this->conn_id->exec('BEGIN TRANSACTION'); } @@ -160,14 +148,8 @@ class CI_DB_sqlite3_driver extends CI_DB { * * @return bool */ - public function trans_commit() + protected function _trans_commit() { - // When transactions are nested we only begin/commit/rollback the outermost ones - if ( ! $this->trans_enabled OR $this->_trans_depth > 0) - { - return TRUE; - } - return $this->conn_id->exec('END TRANSACTION'); } @@ -178,21 +160,15 @@ class CI_DB_sqlite3_driver extends CI_DB { * * @return bool */ - public function trans_rollback() + protected function _trans_rollback() { - // When transactions are nested we only begin/commit/rollback the outermost ones - if ( ! $this->trans_enabled OR $this->_trans_depth > 0) - { - return TRUE; - } - return $this->conn_id->exec('ROLLBACK'); } // -------------------------------------------------------------------- /** - * Platform-dependant string escape + * Platform-dependent string escape * * @param string * @return string @@ -315,7 +291,7 @@ class CI_DB_sqlite3_driver extends CI_DB { * Error * * Returns an array containing code and message of the last - * database error that has occured. + * database error that has occurred. * * @return array */ diff --git a/system/database/drivers/sqlite3/sqlite3_forge.php b/system/database/drivers/sqlite3/sqlite3_forge.php index 24690ba20..5ee6daae3 100644 --- a/system/database/drivers/sqlite3/sqlite3_forge.php +++ b/system/database/drivers/sqlite3/sqlite3_forge.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -42,7 +42,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * * @category Database * @author Andrey Andreev - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_sqlite3_forge extends CI_DB_forge { @@ -87,7 +87,7 @@ class CI_DB_sqlite3_forge extends CI_DB_forge { * @param string $db_name * @return bool */ - public function create_database($db_name = '') + public function create_database($db_name) { // In SQLite, a database is created when you connect to the database. // We'll return TRUE so that an error isn't generated @@ -102,7 +102,7 @@ class CI_DB_sqlite3_forge extends CI_DB_forge { * @param string $db_name (ignored) * @return bool */ - public function drop_database($db_name = '') + public function drop_database($db_name) { // In SQLite, a database is dropped when we delete a file if (file_exists($this->db->database)) diff --git a/system/database/drivers/sqlite3/sqlite3_result.php b/system/database/drivers/sqlite3/sqlite3_result.php index 387481b7f..03751f0dc 100644 --- a/system/database/drivers/sqlite3/sqlite3_result.php +++ b/system/database/drivers/sqlite3/sqlite3_result.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * * @category Database * @author Andrey Andreev - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_sqlite3_result extends CI_DB_result { diff --git a/system/database/drivers/sqlite3/sqlite3_utility.php b/system/database/drivers/sqlite3/sqlite3_utility.php index 336f68754..20d562f96 100644 --- a/system/database/drivers/sqlite3/sqlite3_utility.php +++ b/system/database/drivers/sqlite3/sqlite3_utility.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -42,7 +42,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * * @category Database * @author Andrey Andreev - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_sqlite3_utility extends CI_DB_utility { diff --git a/system/database/drivers/sqlsrv/sqlsrv_driver.php b/system/database/drivers/sqlsrv/sqlsrv_driver.php index 16f77fab2..e4f403180 100644 --- a/system/database/drivers/sqlsrv/sqlsrv_driver.php +++ b/system/database/drivers/sqlsrv/sqlsrv_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 2.0.3 * @filesource */ @@ -48,7 +48,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_sqlsrv_driver extends CI_DB { @@ -141,13 +141,14 @@ class CI_DB_sqlsrv_driver extends CI_DB { unset($connection['UID'], $connection['PWD']); } - $this->conn_id = sqlsrv_connect($this->hostname, $connection); - - // Determine how identifiers are escaped - $query = $this->query('SELECT CASE WHEN (@@OPTIONS | 256) = @@OPTIONS THEN 1 ELSE 0 END AS qi'); - $query = $query->row_array(); - $this->_quoted_identifier = empty($query) ? FALSE : (bool) $query['qi']; - $this->_escape_char = ($this->_quoted_identifier) ? '"' : array('[', ']'); + if (FALSE !== ($this->conn_id = sqlsrv_connect($this->hostname, $connection))) + { + // Determine how identifiers are escaped + $query = $this->query('SELECT CASE WHEN (@@OPTIONS | 256) = @@OPTIONS THEN 1 ELSE 0 END AS qi'); + $query = $query->row_array(); + $this->_quoted_identifier = empty($query) ? FALSE : (bool) $query['qi']; + $this->_escape_char = ($this->_quoted_identifier) ? '"' : array('[', ']'); + } return $this->conn_id; } @@ -170,6 +171,7 @@ class CI_DB_sqlsrv_driver extends CI_DB { if ($this->_execute('USE '.$this->escape_identifiers($database))) { $this->database = $database; + $this->data_cache = array(); return TRUE; } @@ -196,22 +198,10 @@ class CI_DB_sqlsrv_driver extends CI_DB { /** * Begin Transaction * - * @param bool $test_mode * @return bool */ - public function trans_begin($test_mode = FALSE) + protected function _trans_begin() { - // When transactions are nested we only begin/commit/rollback the outermost ones - if ( ! $this->trans_enabled OR $this->_trans_depth > 0) - { - return TRUE; - } - - // Reset the transaction failure flag. - // If the $test_mode flag is set to TRUE transactions will be rolled back - // even if the queries produce a successful result. - $this->_trans_failure = ($test_mode === TRUE); - return sqlsrv_begin_transaction($this->conn_id); } @@ -222,14 +212,8 @@ class CI_DB_sqlsrv_driver extends CI_DB { * * @return bool */ - public function trans_commit() + protected function _trans_commit() { - // When transactions are nested we only begin/commit/rollback the outermost ones - if ( ! $this->trans_enabled OR $this->_trans_depth > 0) - { - return TRUE; - } - return sqlsrv_commit($this->conn_id); } @@ -240,14 +224,8 @@ class CI_DB_sqlsrv_driver extends CI_DB { * * @return bool */ - public function trans_rollback() + protected function _trans_rollback() { - // When transactions are nested we only begin/commit/rollback the outermost ones - if ( ! $this->trans_enabled OR $this->_trans_depth > 0) - { - return TRUE; - } - return sqlsrv_rollback($this->conn_id); } @@ -274,9 +252,7 @@ class CI_DB_sqlsrv_driver extends CI_DB { */ public function insert_id() { - $query = $this->query('SELECT @@IDENTITY AS insert_id'); - $query = $query->row(); - return $query->insert_id; + return $this->query('SELECT SCOPE_IDENTITY() AS insert_id')->row()->insert_id; } // -------------------------------------------------------------------- @@ -382,7 +358,7 @@ class CI_DB_sqlsrv_driver extends CI_DB { * Error * * Returns an array containing code and message of the last - * database error that has occured. + * database error that has occurred. * * @return array */ diff --git a/system/database/drivers/sqlsrv/sqlsrv_forge.php b/system/database/drivers/sqlsrv/sqlsrv_forge.php index b22b60a4a..aa8490ee4 100644 --- a/system/database/drivers/sqlsrv/sqlsrv_forge.php +++ b/system/database/drivers/sqlsrv/sqlsrv_forge.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 2.0.3 * @filesource */ @@ -42,7 +42,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_sqlsrv_forge extends CI_DB_forge { @@ -111,6 +111,11 @@ class CI_DB_sqlsrv_forge extends CI_DB_forge { */ protected function _attr_type(&$attributes) { + if (isset($attributes['CONSTRAINT']) && strpos($attributes['TYPE'], 'INT') !== FALSE) + { + unset($attributes['CONSTRAINT']); + } + switch (strtoupper($attributes['TYPE'])) { case 'MEDIUMINT': diff --git a/system/database/drivers/sqlsrv/sqlsrv_result.php b/system/database/drivers/sqlsrv/sqlsrv_result.php index d2be926aa..f784ebea8 100644 --- a/system/database/drivers/sqlsrv/sqlsrv_result.php +++ b/system/database/drivers/sqlsrv/sqlsrv_result.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 2.0.3 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_sqlsrv_result extends CI_DB_result { diff --git a/system/database/drivers/sqlsrv/sqlsrv_utility.php b/system/database/drivers/sqlsrv/sqlsrv_utility.php index 77cf0aaf3..19c93d0c6 100644 --- a/system/database/drivers/sqlsrv/sqlsrv_utility.php +++ b/system/database/drivers/sqlsrv/sqlsrv_utility.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 2.0.3 * @filesource */ @@ -42,7 +42,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_sqlsrv_utility extends CI_DB_utility { diff --git a/system/helpers/array_helper.php b/system/helpers/array_helper.php index 2ce55b9c4..74c7c15a8 100644 --- a/system/helpers/array_helper.php +++ b/system/helpers/array_helper.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Helpers * @category Helpers * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/helpers/array_helper.html + * @link https://codeigniter.com/user_guide/helpers/array_helper.html */ // ------------------------------------------------------------------------ diff --git a/system/helpers/captcha_helper.php b/system/helpers/captcha_helper.php index 201987ac8..f98d8a4cd 100644 --- a/system/helpers/captcha_helper.php +++ b/system/helpers/captcha_helper.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Helpers * @category Helpers * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/helpers/captcha_helper.html + * @link https://codeigniter.com/user_guide/helpers/captcha_helper.html */ // ------------------------------------------------------------------------ @@ -68,6 +68,7 @@ if ( ! function_exists('create_captcha')) 'img_url' => '', 'img_width' => '150', 'img_height' => '30', + 'img_alt' => 'captcha', 'font_path' => '', 'expiration' => 7200, 'word_length' => 8, @@ -110,7 +111,8 @@ if ( ! function_exists('create_captcha')) $current_dir = @opendir($img_path); while ($filename = @readdir($current_dir)) { - if (substr($filename, -4) === '.jpg' && (str_replace('.jpg', '', $filename) + $expiration) < $now) + if (in_array(substr($filename, -4), array('.jpg', '.png')) + && (str_replace(array('.jpg', '.png'), '', $filename) + $expiration) < $now) { @unlink($img_path.$filename); } @@ -125,9 +127,96 @@ if ( ! function_exists('create_captcha')) if (empty($word)) { $word = ''; - for ($i = 0, $mt_rand_max = strlen($pool) - 1; $i < $word_length; $i++) + $pool_length = strlen($pool); + $rand_max = $pool_length - 1; + + // PHP7 or a suitable polyfill + if (function_exists('random_int')) + { + try + { + for ($i = 0; $i < $word_length; $i++) + { + $word .= $pool[random_int(0, $rand_max)]; + } + } + catch (Exception $e) + { + // This means fallback to the next possible + // alternative to random_int() + $word = ''; + } + } + } + + if (empty($word)) + { + // Nobody will have a larger character pool than + // 256 characters, but let's handle it just in case ... + // + // No, I do not care that the fallback to mt_rand() can + // handle it; if you trigger this, you're very obviously + // trying to break it. -- Narf + if ($pool_length > 256) + { + return FALSE; + } + + // We'll try using the operating system's PRNG first, + // which we can access through CI_Security::get_random_bytes() + $security = get_instance()->security; + + // To avoid numerous get_random_bytes() calls, we'll + // just try fetching as much bytes as we need at once. + if (($bytes = $security->get_random_bytes($pool_length)) !== FALSE) + { + $byte_index = $word_index = 0; + while ($word_index < $word_length) + { + // Do we have more random data to use? + // It could be exhausted by previous iterations + // ignoring bytes higher than $rand_max. + if ($byte_index === $pool_length) + { + // No failures should be possible if the + // first get_random_bytes() call didn't + // return FALSE, but still ... + for ($i = 0; $i < 5; $i++) + { + if (($bytes = $security->get_random_bytes($pool_length)) === FALSE) + { + continue; + } + + $byte_index = 0; + break; + } + + if ($bytes === FALSE) + { + // Sadly, this means fallback to mt_rand() + $word = ''; + break; + } + } + + list(, $rand_index) = unpack('C', $bytes[$byte_index++]); + if ($rand_index > $rand_max) + { + continue; + } + + $word .= $pool[$rand_index]; + $word_index++; + } + } + } + + if (empty($word)) + { + for ($i = 0; $i < $word_length; $i++) { - $word .= $pool[mt_rand(0, $mt_rand_max)]; + $word .= $pool[mt_rand(0, $rand_max)]; } } elseif ( ! is_string($word)) @@ -245,7 +334,7 @@ if ( ! function_exists('create_captcha')) return FALSE; } - $img = '<img '.($img_id === '' ? '' : 'id="'.$img_id.'"').' src="'.$img_url.$img_filename.'" style="width: '.$img_width.'; height: '.$img_height .'; border: 0;" alt=" " />'; + $img = '<img '.($img_id === '' ? '' : 'id="'.$img_id.'"').' src="'.$img_url.$img_filename.'" style="width: '.$img_width.'; height: '.$img_height .'; border: 0;" alt="'.$img_alt.'" />'; ImageDestroy($im); return array('word' => $word, 'time' => $now, 'image' => $img, 'filename' => $img_filename); diff --git a/system/helpers/cookie_helper.php b/system/helpers/cookie_helper.php index c2dc73a17..d069cdb15 100644 --- a/system/helpers/cookie_helper.php +++ b/system/helpers/cookie_helper.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Helpers * @category Helpers * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/helpers/cookie_helper.html + * @link https://codeigniter.com/user_guide/helpers/cookie_helper.html */ // ------------------------------------------------------------------------ @@ -59,7 +59,7 @@ if ( ! function_exists('set_cookie')) * * @param mixed * @param string the value of the cookie - * @param string the number of seconds until expiration + * @param int the number of seconds until expiration * @param string the cookie domain. Usually: .yourdomain.com * @param string the cookie path * @param string the cookie prefix @@ -67,7 +67,7 @@ if ( ! function_exists('set_cookie')) * @param bool true makes the cookie accessible via http(s) only (no javascript) * @return void */ - function set_cookie($name, $value = '', $expire = '', $domain = '', $path = '/', $prefix = '', $secure = FALSE, $httponly = FALSE) + function set_cookie($name, $value = '', $expire = 0, $domain = '', $path = '/', $prefix = '', $secure = FALSE, $httponly = FALSE) { // Set the config file options get_instance()->input->set_cookie($name, $value, $expire, $domain, $path, $prefix, $secure, $httponly); @@ -85,9 +85,8 @@ if ( ! function_exists('get_cookie')) * @param bool * @return mixed */ - function get_cookie($index, $xss_clean = NULL) + function get_cookie($index, $xss_clean = FALSE) { - is_bool($xss_clean) OR $xss_clean = (config_item('global_xss_filtering') === TRUE); $prefix = isset($_COOKIE[$index]) ? '' : config_item('cookie_prefix'); return get_instance()->input->cookie($prefix.$index, $xss_clean); } diff --git a/system/helpers/date_helper.php b/system/helpers/date_helper.php index c9b71c30f..799c9f6d2 100644 --- a/system/helpers/date_helper.php +++ b/system/helpers/date_helper.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Helpers * @category Helpers * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/helpers/date_helper.html + * @link https://codeigniter.com/user_guide/helpers/date_helper.html */ // ------------------------------------------------------------------------ @@ -122,46 +122,6 @@ if ( ! function_exists('mdate')) // ------------------------------------------------------------------------ -if ( ! function_exists('standard_date')) -{ - /** - * Standard Date - * - * Returns a date formatted according to the submitted standard. - * - * As of PHP 5.2, the DateTime extension provides constants that - * serve for the exact same purpose and are used with date(). - * - * @todo Remove in version 3.1+. - * @deprecated 3.0.0 Use PHP's native date() instead. - * @link http://www.php.net/manual/en/class.datetime.php#datetime.constants.types - * - * @example date(DATE_RFC822, now()); // default - * @example date(DATE_W3C, $time); // a different format and time - * - * @param string $fmt = 'DATE_RFC822' the chosen format - * @param int $time = NULL Unix timestamp - * @return string - */ - function standard_date($fmt = 'DATE_RFC822', $time = NULL) - { - if (empty($time)) - { - $time = now(); - } - - // Procedural style pre-defined constants from the DateTime extension - if (strpos($fmt, 'DATE_') !== 0 OR defined($fmt) === FALSE) - { - return FALSE; - } - - return date(constant($fmt), $time); - } -} - -// ------------------------------------------------------------------------ - if ( ! function_exists('timespan')) { /** @@ -496,6 +456,7 @@ if ( ! function_exists('nice_date')) * Turns many "reasonably-date-like" strings into something * that is actually useful. This only works for dates after unix epoch. * + * @deprecated 3.1.3 Use DateTime::createFromFormat($input_format, $input)->format($output_format); * @param string The terribly formatted date-like string * @param string Date format to return (same as php date function) * @return string @@ -529,9 +490,9 @@ if ( ! function_exists('nice_date')) } // Date Like: YYYYMMDD - if (preg_match('/^(\d{2})\d{2}(\d{4})$/i', $bad_date, $matches)) + if (preg_match('/^\d{8}$/i', $bad_date, $matches)) { - return date($format, strtotime($matches[1].'/01/'.$matches[2])); + return DateTime::createFromFormat('Ymd', $bad_date)->format($format); } // Date Like: MM-DD-YYYY __or__ M-D-YYYY (or anything in between) @@ -707,87 +668,32 @@ if ( ! function_exists('date_range')) $range = array(); - /* NOTE: Even though the DateTime object has many useful features, it appears that - * it doesn't always handle properly timezones, when timestamps are passed - * directly to its constructor. Neither of the following gave proper results: - * - * new DateTime('<timestamp>') - * new DateTime('<timestamp>', '<timezone>') - * - * --- available in PHP 5.3: - * - * DateTime::createFromFormat('<format>', '<timestamp>') - * DateTime::createFromFormat('<format>', '<timestamp>', '<timezone') - * - * ... so we'll have to set the timestamp after the object is instantiated. - * Furthermore, in PHP 5.3 we can use DateTime::setTimestamp() to do that and - * given that we have UNIX timestamps - we should use it. - */ $from = new DateTime(); + $from->setTimestamp($unix_start); - if (is_php('5.3')) - { - $from->setTimestamp($unix_start); - if ($is_unix) - { - $arg = new DateTime(); - $arg->setTimestamp($mixed); - } - else - { - $arg = (int) $mixed; - } - - $period = new DatePeriod($from, new DateInterval('P1D'), $arg); - foreach ($period as $date) - { - $range[] = $date->format($format); - } - - /* If a period end date was passed to the DatePeriod constructor, it might not - * be in our results. Not sure if this is a bug or it's just possible because - * the end date might actually be less than 24 hours away from the previously - * generated DateTime object, but either way - we have to append it manually. - */ - if ( ! is_int($arg) && $range[count($range) - 1] !== $arg->format($format)) - { - $range[] = $arg->format($format); - } - - return $range; - } - - $from->setDate(date('Y', $unix_start), date('n', $unix_start), date('j', $unix_start)); - $from->setTime(date('G', $unix_start), date('i', $unix_start), date('s', $unix_start)); if ($is_unix) { $arg = new DateTime(); - $arg->setDate(date('Y', $mixed), date('n', $mixed), date('j', $mixed)); - $arg->setTime(date('G', $mixed), date('i', $mixed), date('s', $mixed)); + $arg->setTimestamp($mixed); } else { $arg = (int) $mixed; } - $range[] = $from->format($format); - if (is_int($arg)) // Day intervals + $period = new DatePeriod($from, new DateInterval('P1D'), $arg); + foreach ($period as $date) { - do - { - $from->modify('+1 day'); - $range[] = $from->format($format); - } - while (--$arg > 0); + $range[] = $date->format($format); } - else // end date UNIX timestamp - { - for ($from->modify('+1 day'), $end_check = $arg->format('Ymd'); $from->format('Ymd') < $end_check; $from->modify('+1 day')) - { - $range[] = $from->format($format); - } - // Our loop only appended dates prior to our end date + /* If a period end date was passed to the DatePeriod constructor, it might not + * be in our results. Not sure if this is a bug or it's just possible because + * the end date might actually be less than 24 hours away from the previously + * generated DateTime object, but either way - we have to append it manually. + */ + if ( ! is_int($arg) && $range[count($range) - 1] !== $arg->format($format)) + { $range[] = $arg->format($format); } diff --git a/system/helpers/directory_helper.php b/system/helpers/directory_helper.php index 8f05c5b18..2785241e6 100644 --- a/system/helpers/directory_helper.php +++ b/system/helpers/directory_helper.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Helpers * @category Helpers * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/helpers/directory_helper.html + * @link https://codeigniter.com/user_guide/helpers/directory_helper.html */ // ------------------------------------------------------------------------ diff --git a/system/helpers/download_helper.php b/system/helpers/download_helper.php index 73f6456c4..ea3da1bf4 100644 --- a/system/helpers/download_helper.php +++ b/system/helpers/download_helper.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Helpers * @category Helpers * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/helpers/download_helper.html + * @link https://codeigniter.com/user_guide/helpers/download_helper.html */ // ------------------------------------------------------------------------ @@ -56,7 +56,7 @@ if ( ! function_exists('force_download')) * * Generates headers that force a download to happen * - * @param string filename + * @param mixed filename (or an array of local file path => destination filename) * @param mixed the data to be downloaded * @param bool whether to try and send the actual file MIME type * @return void @@ -69,14 +69,38 @@ if ( ! function_exists('force_download')) } elseif ($data === NULL) { - if ( ! @is_file($filename) OR ($filesize = @filesize($filename)) === FALSE) + // Is $filename an array as ['local source path' => 'destination filename']? + if (is_array($filename)) { - return; + if (count($filename) !== 1) + { + return; + } + + $filepath = key($filename); + $filename = current($filename); + + if (is_int($filepath)) + { + return; + } + + if ( ! @is_file($filepath) OR ($filesize = @filesize($filepath)) === FALSE) + { + return; + } + } + else + { + if ( ! @is_file($filename) OR ($filesize = @filesize($filename)) === FALSE) + { + return; + } + + $filepath = $filename; + $filename = explode('/', str_replace(DIRECTORY_SEPARATOR, '/', $filename)); + $filename = end($filename); } - - $filepath = $filename; - $filename = explode('/', str_replace(DIRECTORY_SEPARATOR, '/', $filename)); - $filename = end($filename); } else { @@ -121,11 +145,6 @@ if ( ! function_exists('force_download')) $filename = implode('.', $x); } - if ($data === NULL && ($fp = @fopen($filepath, 'rb')) === FALSE) - { - return; - } - // Clean output buffer if (ob_get_level() !== 0 && @ob_end_clean() === FALSE) { @@ -146,13 +165,12 @@ if ( ! function_exists('force_download')) exit($data); } - // Flush 1MB chunks of data - while ( ! feof($fp) && ($data = fread($fp, 1048576)) !== FALSE) + // Flush the file + if (@readfile($filepath) === FALSE) { - echo $data; + return; } - fclose($fp); exit; } } diff --git a/system/helpers/email_helper.php b/system/helpers/email_helper.php deleted file mode 100644 index c4d705810..000000000 --- a/system/helpers/email_helper.php +++ /dev/null @@ -1,84 +0,0 @@ -<?php -/** - * CodeIgniter - * - * An open source application development framework for PHP - * - * This content is released under the MIT License (MIT) - * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology - * - * Permission is hereby granted, free of charge, to any person obtaining a copy - * of this software and associated documentation files (the "Software"), to deal - * in the Software without restriction, including without limitation the rights - * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell - * copies of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included in - * all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, - * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN - * THE SOFTWARE. - * - * @package CodeIgniter - * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) - * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com - * @since Version 1.0.0 - * @filesource - */ -defined('BASEPATH') OR exit('No direct script access allowed'); - -/** - * CodeIgniter Email Helpers - * - * @package CodeIgniter - * @subpackage Helpers - * @category Helpers - * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/helpers/email_helper.html - */ - -// ------------------------------------------------------------------------ - -if ( ! function_exists('valid_email')) -{ - /** - * Validate email address - * - * @deprecated 3.0.0 Use PHP's filter_var() instead - * @param string $email - * @return bool - */ - function valid_email($email) - { - return (bool) filter_var($email, FILTER_VALIDATE_EMAIL); - } -} - -// ------------------------------------------------------------------------ - -if ( ! function_exists('send_email')) -{ - /** - * Send an email - * - * @deprecated 3.0.0 Use PHP's mail() instead - * @param string $recipient - * @param string $subject - * @param string $message - * @return bool - */ - function send_email($recipient, $subject, $message) - { - return mail($recipient, $subject, $message); - } -} diff --git a/system/helpers/file_helper.php b/system/helpers/file_helper.php index cd1c641ec..6af632b07 100644 --- a/system/helpers/file_helper.php +++ b/system/helpers/file_helper.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -44,31 +44,11 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Helpers * @category Helpers * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/helpers/file_helper.html + * @link https://codeigniter.com/user_guide/helpers/file_helper.html */ // ------------------------------------------------------------------------ -if ( ! function_exists('read_file')) -{ - /** - * Read File - * - * Opens the file specified in the path and returns it as a string. - * - * @todo Remove in version 3.1+. - * @deprecated 3.0.0 It is now just an alias for PHP's native file_get_contents(). - * @param string $file Path to file - * @return string File contents - */ - function read_file($file) - { - return @file_get_contents($file); - } -} - -// ------------------------------------------------------------------------ - if ( ! function_exists('write_file')) { /** @@ -138,13 +118,15 @@ if ( ! function_exists('delete_files')) { if ($filename !== '.' && $filename !== '..') { - if (is_dir($path.DIRECTORY_SEPARATOR.$filename) && $filename[0] !== '.') + $filepath = $path.DIRECTORY_SEPARATOR.$filename; + + if (is_dir($filepath) && $filename[0] !== '.' && ! is_link($filepath)) { - delete_files($path.DIRECTORY_SEPARATOR.$filename, $del_dir, $htdocs, $_level + 1); + delete_files($filepath, $del_dir, $htdocs, $_level + 1); } elseif ($htdocs !== TRUE OR ! preg_match('/^(\.htaccess|index\.(html|htm|php)|web\.config)$/i', $filename)) { - @unlink($path.DIRECTORY_SEPARATOR.$filename); + @unlink($filepath); } } } @@ -343,7 +325,7 @@ if ( ! function_exists('get_mime_by_extension')) if ( ! is_array($mimes)) { - $mimes =& get_mimes(); + $mimes = get_mimes(); if (empty($mimes)) { diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index fd807769a..4a4a7c89f 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Helpers * @category Helpers * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/helpers/form_helper.html + * @link https://codeigniter.com/user_guide/helpers/form_helper.html */ // ------------------------------------------------------------------------ @@ -90,18 +90,47 @@ if ( ! function_exists('form_open')) $form = '<form action="'.$action.'"'.$attributes.">\n"; - // Add CSRF field if enabled, but leave it out for GET requests and requests to external websites - if ($CI->config->item('csrf_protection') === TRUE && strpos($action, $CI->config->base_url()) !== FALSE && ! stripos($form, 'method="get"')) + if (is_array($hidden)) { - $hidden[$CI->security->get_csrf_token_name()] = $CI->security->get_csrf_hash(); + foreach ($hidden as $name => $value) + { + $form .= '<input type="hidden" name="'.$name.'" value="'.html_escape($value).'" />'."\n"; + } } - if (is_array($hidden)) + // Add CSRF field if enabled, but leave it out for GET requests and requests to external websites + if ($CI->config->item('csrf_protection') === TRUE && strpos($action, $CI->config->base_url()) !== FALSE && ! stripos($form, 'method="get"')) { - foreach ($hidden as $name => $value) + // Prepend/append random-length "white noise" around the CSRF + // token input, as a form of protection against BREACH attacks + if (FALSE !== ($noise = $CI->security->get_random_bytes(1))) { - $form .= '<input type="hidden" name="'.$name.'" value="'.html_escape($value).'" style="display:none;" />'."\n"; + list(, $noise) = unpack('c', $noise); } + else + { + $noise = mt_rand(-128, 127); + } + + // Prepend if $noise has a negative value, append if positive, do nothing for zero + $prepend = $append = ''; + if ($noise < 0) + { + $prepend = str_repeat(" ", abs($noise)); + } + elseif ($noise > 0) + { + $append = str_repeat(" ", $noise); + } + + $form .= sprintf( + '%s<input type="hidden" name="%s" value="%s" />%s%s', + $prepend, + $CI->security->get_csrf_token_name(), + $CI->security->get_csrf_hash(), + $append, + "\n" + ); } return $form; @@ -244,11 +273,10 @@ if ( ! function_exists('form_upload')) * Identical to the input function but adds the "file" type * * @param mixed - * @param string * @param mixed * @return string */ - function form_upload($data = '', $value = '', $extra = '') + function form_upload($data = '', $extra = '') { $defaults = array('type' => 'file', 'name' => ''); is_array($data) OR $data = array('name' => $data); @@ -568,7 +596,7 @@ if ( ! function_exists('form_label')) * * @param string The text to appear onscreen * @param string The id the label applies to - * @param string Additional attributes + * @param array Additional attributes * @return string */ function form_label($label_text = '', $id = '', $attributes = array()) @@ -653,25 +681,6 @@ if ( ! function_exists('form_close')) // ------------------------------------------------------------------------ -if ( ! function_exists('form_prep')) -{ - /** - * Form Prep - * - * Formats text so that it can be safely placed in a form field in the event it has HTML tags. - * - * @deprecated 3.0.0 An alias for html_escape() - * @param string|string[] $str Value to escape - * @return string|string[] Escaped values - */ - function form_prep($str) - { - return html_escape($str, TRUE); - } -} - -// ------------------------------------------------------------------------ - if ( ! function_exists('set_value')) { /** @@ -769,12 +778,11 @@ if ( ! function_exists('set_checkbox')) { return $CI->form_validation->set_checkbox($field, $value, $default); } - elseif (($input = $CI->input->post($field, FALSE)) === NULL) - { - return ($default === TRUE) ? ' checked="checked"' : ''; - } + // Form inputs are always strings ... $value = (string) $value; + $input = $CI->input->post($field, FALSE); + if (is_array($input)) { // Note: in_array('', array(0)) returns TRUE, do not use it @@ -789,7 +797,13 @@ if ( ! function_exists('set_checkbox')) return ''; } - return ($input === $value) ? ' checked="checked"' : ''; + // Unchecked checkbox and radio inputs are not even submitted by browsers ... + if ($CI->input->method() === 'post') + { + return ($input === $value) ? ' checked="checked"' : ''; + } + + return ($default === TRUE) ? ' checked="checked"' : ''; } } @@ -816,12 +830,32 @@ if ( ! function_exists('set_radio')) { return $CI->form_validation->set_radio($field, $value, $default); } - elseif (($input = $CI->input->post($field, FALSE)) === NULL) + + // Form inputs are always strings ... + $value = (string) $value; + $input = $CI->input->post($field, FALSE); + + if (is_array($input)) + { + // Note: in_array('', array(0)) returns TRUE, do not use it + foreach ($input as &$v) + { + if ($value === $v) + { + return ' checked="checked"'; + } + } + + return ''; + } + + // Unchecked checkbox and radio inputs are not even submitted by browsers ... + if ($CI->input->method() === 'post') { - return ($default === TRUE) ? ' checked="checked"' : ''; + return ($input === $value) ? ' checked="checked"' : ''; } - return ($input === (string) $value) ? ' checked="checked"' : ''; + return ($default === TRUE) ? ' checked="checked"' : ''; } } diff --git a/system/helpers/html_helper.php b/system/helpers/html_helper.php index 28fbe00be..b5e8ed783 100644 --- a/system/helpers/html_helper.php +++ b/system/helpers/html_helper.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Helpers * @category Helpers * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/helpers/html_helper.html + * @link https://codeigniter.com/user_guide/helpers/html_helper.html */ // ------------------------------------------------------------------------ @@ -229,7 +229,7 @@ if ( ! function_exists('doctype')) * @param string type The doctype to be generated * @return string */ - function doctype($type = 'xhtml1-strict') + function doctype($type = 'html5') { static $doctypes; @@ -360,51 +360,32 @@ if ( ! function_exists('meta')) $name = array($name); } + $allowed_types = array('charset', 'http-equiv', 'name', 'property'); $str = ''; foreach ($name as $meta) { - $type = (isset($meta['type']) && $meta['type'] !== 'name') ? 'http-equiv' : 'name'; - $name = isset($meta['name']) ? $meta['name'] : ''; - $content = isset($meta['content']) ? $meta['content'] : ''; - $newline = isset($meta['newline']) ? $meta['newline'] : "\n"; + // This is to preserve BC with pre-3.1 versions where only + // 'http-equiv' (default) and 'name' were supported. + if (isset($meta['type'])) + { + if ($meta['type'] === 'equiv') + { + $meta['type'] === 'http-equiv'; + } + elseif ( ! in_array($meta['type'], $allowed_types, TRUE)) + { + $meta['type'] = 'name'; + } + } - $str .= '<meta '.$type.'="'.$name.'" content="'.$content.'" />'.$newline; + $type = isset($meta['type']) ? $meta['type'] : 'name'; + $name = isset($meta['name']) ? $meta['name'] : ''; + $content = isset($meta['content']) ? $meta['content'] : ''; + $newline = isset($meta['newline']) ? $meta['newline'] : "\n"; + + $str .= '<meta '.$type.'="'.$name.($type === 'charset' ? '' : '" content="'.$content).'" />'.$newline; } return $str; } } - -// ------------------------------------------------------------------------ - -if ( ! function_exists('br')) -{ - /** - * Generates HTML BR tags based on number supplied - * - * @deprecated 3.0.0 Use str_repeat() instead - * @param int $count Number of times to repeat the tag - * @return string - */ - function br($count = 1) - { - return str_repeat('<br />', $count); - } -} - -// ------------------------------------------------------------------------ - -if ( ! function_exists('nbs')) -{ - /** - * Generates non-breaking space entities based on number supplied - * - * @deprecated 3.0.0 Use str_repeat() instead - * @param int - * @return string - */ - function nbs($num = 1) - { - return str_repeat(' ', $num); - } -} diff --git a/system/helpers/inflector_helper.php b/system/helpers/inflector_helper.php index f2890059f..49e2a53db 100644 --- a/system/helpers/inflector_helper.php +++ b/system/helpers/inflector_helper.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Helpers * @category Helpers * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/helpers/inflector_helper.html + * @link https://codeigniter.com/user_guide/helpers/inflector_helper.html */ // -------------------------------------------------------------------- @@ -219,7 +219,7 @@ if ( ! function_exists('humanize')) */ function humanize($str, $separator = '_') { - return ucwords(preg_replace('/['.$separator.']+/', ' ', trim(MB_ENABLED ? mb_strtolower($str) : strtolower($str)))); + return ucwords(preg_replace('/['.preg_quote($separator).']+/', ' ', trim(MB_ENABLED ? mb_strtolower($str) : strtolower($str)))); } } @@ -238,9 +238,77 @@ if ( ! function_exists('is_countable')) return ! in_array( strtolower($word), array( - 'equipment', 'information', 'rice', 'money', - 'species', 'series', 'fish', 'meta' + 'audio', + 'bison', + 'chassis', + 'compensation', + 'coreopsis', + 'data', + 'deer', + 'education', + 'emoji', + 'equipment', + 'fish', + 'furniture', + 'gold', + 'information', + 'knowledge', + 'love', + 'rain', + 'money', + 'moose', + 'nutrition', + 'offspring', + 'plankton', + 'pokemon', + 'police', + 'rice', + 'series', + 'sheep', + 'species', + 'swine', + 'traffic', + 'wheat' ) ); } } + +// ------------------------------------------------------------------------ + +if ( ! function_exists('ordinal_format')) +{ + /** + * Returns the English ordinal numeral for a given number + * + * @param int $number + * @return string + */ + function ordinal_format($number) + { + if ( ! ctype_digit((string) $number) OR $number < 1) + { + return $number; + } + + $last_digit = array( + 0 => 'th', + 1 => 'st', + 2 => 'nd', + 3 => 'rd', + 4 => 'th', + 5 => 'th', + 6 => 'th', + 7 => 'th', + 8 => 'th', + 9 => 'th' + ); + + if (($number % 100) >= 11 && ($number % 100) <= 13) + { + return $number.'th'; + } + + return $number.$last_digit[$number % 10]; + } +} diff --git a/system/helpers/language_helper.php b/system/helpers/language_helper.php index 25ce8abe1..d26cf5b8d 100644 --- a/system/helpers/language_helper.php +++ b/system/helpers/language_helper.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Helpers * @category Helpers * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/helpers/language_helper.html + * @link https://codeigniter.com/user_guide/helpers/language_helper.html */ // ------------------------------------------------------------------------ diff --git a/system/helpers/number_helper.php b/system/helpers/number_helper.php index 3a24259e1..cc8a7760c 100644 --- a/system/helpers/number_helper.php +++ b/system/helpers/number_helper.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Helpers * @category Helpers * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/helpers/number_helper.html + * @link https://codeigniter.com/user_guide/helpers/number_helper.html */ // ------------------------------------------------------------------------ diff --git a/system/helpers/path_helper.php b/system/helpers/path_helper.php index c96d0b8b3..6896cb97b 100644 --- a/system/helpers/path_helper.php +++ b/system/helpers/path_helper.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Helpers * @category Helpers * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/helpers/path_helper.html + * @link https://codeigniter.com/user_guide/helpers/path_helper.html */ // ------------------------------------------------------------------------ @@ -61,7 +61,7 @@ if ( ! function_exists('set_realpath')) function set_realpath($path, $check_existance = FALSE) { // Security check to make sure the path is NOT a URL. No remote file inclusion! - if (preg_match('#^(http:\/\/|https:\/\/|www\.|ftp)#i', $path) OR filter_var($path, FILTER_VALIDATE_IP) === $path ) + if (preg_match('#^(http:\/\/|https:\/\/|www\.|ftp|php:\/\/)#i', $path) OR filter_var($path, FILTER_VALIDATE_IP) === $path) { show_error('The path you submitted must be a local server path, not a URL'); } diff --git a/system/helpers/security_helper.php b/system/helpers/security_helper.php index adbf136bb..72736fa7d 100644 --- a/system/helpers/security_helper.php +++ b/system/helpers/security_helper.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Helpers * @category Helpers * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/helpers/security_helper.html + * @link https://codeigniter.com/user_guide/helpers/security_helper.html */ // ------------------------------------------------------------------------ @@ -80,30 +80,6 @@ if ( ! function_exists('sanitize_filename')) } } -// -------------------------------------------------------------------- - -if ( ! function_exists('do_hash')) -{ - /** - * Hash encode a string - * - * @todo Remove in version 3.1+. - * @deprecated 3.0.0 Use PHP's native hash() instead. - * @param string $str - * @param string $type = 'sha1' - * @return string - */ - function do_hash($str, $type = 'sha1') - { - if ( ! in_array(strtolower($type), hash_algos())) - { - $type = 'md5'; - } - - return hash($type, $str); - } -} - // ------------------------------------------------------------------------ if ( ! function_exists('strip_image_tags')) diff --git a/system/helpers/smiley_helper.php b/system/helpers/smiley_helper.php deleted file mode 100644 index d053dd22c..000000000 --- a/system/helpers/smiley_helper.php +++ /dev/null @@ -1,255 +0,0 @@ -<?php -/** - * CodeIgniter - * - * An open source application development framework for PHP - * - * This content is released under the MIT License (MIT) - * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology - * - * Permission is hereby granted, free of charge, to any person obtaining a copy - * of this software and associated documentation files (the "Software"), to deal - * in the Software without restriction, including without limitation the rights - * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell - * copies of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included in - * all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, - * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN - * THE SOFTWARE. - * - * @package CodeIgniter - * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) - * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com - * @since Version 1.0.0 - * @filesource - */ -defined('BASEPATH') OR exit('No direct script access allowed'); - -/** - * CodeIgniter Smiley Helpers - * - * @package CodeIgniter - * @subpackage Helpers - * @category Helpers - * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/helpers/smiley_helper.html - * @deprecated 3.0.0 This helper is too specific for CI. - */ - -// ------------------------------------------------------------------------ - -if ( ! function_exists('smiley_js')) -{ - /** - * Smiley Javascript - * - * Returns the javascript required for the smiley insertion. Optionally takes - * an array of aliases to loosely couple the smiley array to the view. - * - * @param mixed alias name or array of alias->field_id pairs - * @param string field_id if alias name was passed in - * @param bool - * @return array - */ - function smiley_js($alias = '', $field_id = '', $inline = TRUE) - { - static $do_setup = TRUE; - $r = ''; - - if ($alias !== '' && ! is_array($alias)) - { - $alias = array($alias => $field_id); - } - - if ($do_setup === TRUE) - { - $do_setup = FALSE; - $m = array(); - - if (is_array($alias)) - { - foreach ($alias as $name => $id) - { - $m[] = '"'.$name.'" : "'.$id.'"'; - } - } - - $m = '{'.implode(',', $m).'}'; - - $r .= <<<EOF - var smiley_map = {$m}; - - function insert_smiley(smiley, field_id) { - var el = document.getElementById(field_id), newStart; - - if ( ! el && smiley_map[field_id]) { - el = document.getElementById(smiley_map[field_id]); - - if ( ! el) - return false; - } - - el.focus(); - smiley = " " + smiley; - - if ('selectionStart' in el) { - newStart = el.selectionStart + smiley.length; - - el.value = el.value.substr(0, el.selectionStart) + - smiley + - el.value.substr(el.selectionEnd, el.value.length); - el.setSelectionRange(newStart, newStart); - } - else if (document.selection) { - document.selection.createRange().text = smiley; - } - } -EOF; - } - elseif (is_array($alias)) - { - foreach ($alias as $name => $id) - { - $r .= 'smiley_map["'.$name.'"] = "'.$id."\";\n"; - } - } - - return ($inline) - ? '<script type="text/javascript" charset="utf-8">/*<![CDATA[ */'.$r.'// ]]></script>' - : $r; - } -} - -// ------------------------------------------------------------------------ - -if ( ! function_exists('get_clickable_smileys')) -{ - /** - * Get Clickable Smileys - * - * Returns an array of image tag links that can be clicked to be inserted - * into a form field. - * - * @param string the URL to the folder containing the smiley images - * @param array - * @return array - */ - function get_clickable_smileys($image_url, $alias = '') - { - // For backward compatibility with js_insert_smiley - if (is_array($alias)) - { - $smileys = $alias; - } - elseif (FALSE === ($smileys = _get_smiley_array())) - { - return FALSE; - } - - // Add a trailing slash to the file path if needed - $image_url = rtrim($image_url, '/').'/'; - - $used = array(); - foreach ($smileys as $key => $val) - { - // Keep duplicates from being used, which can happen if the - // mapping array contains multiple identical replacements. For example: - // :-) and :) might be replaced with the same image so both smileys - // will be in the array. - if (isset($used[$smileys[$key][0]])) - { - continue; - } - - $link[] = '<a href="javascript:void(0);" onclick="insert_smiley(\''.$key.'\', \''.$alias.'\')"><img src="'.$image_url.$smileys[$key][0].'" alt="'.$smileys[$key][3].'" style="width: '.$smileys[$key][1].'; height: '.$smileys[$key][2].'; border: 0;" /></a>'; - $used[$smileys[$key][0]] = TRUE; - } - - return $link; - } -} - -// ------------------------------------------------------------------------ - -if ( ! function_exists('parse_smileys')) -{ - /** - * Parse Smileys - * - * Takes a string as input and swaps any contained smileys for the actual image - * - * @param string the text to be parsed - * @param string the URL to the folder containing the smiley images - * @param array - * @return string - */ - function parse_smileys($str = '', $image_url = '', $smileys = NULL) - { - if ($image_url === '' OR ( ! is_array($smileys) && FALSE === ($smileys = _get_smiley_array()))) - { - return $str; - } - - // Add a trailing slash to the file path if needed - $image_url = rtrim($image_url, '/').'/'; - - foreach ($smileys as $key => $val) - { - $str = str_replace($key, '<img src="'.$image_url.$smileys[$key][0].'" alt="'.$smileys[$key][3].'" style="width: '.$smileys[$key][1].'; height: '.$smileys[$key][2].'; border: 0;" />', $str); - } - - return $str; - } -} - -// ------------------------------------------------------------------------ - -if ( ! function_exists('_get_smiley_array')) -{ - /** - * Get Smiley Array - * - * Fetches the config/smiley.php file - * - * @return mixed - */ - function _get_smiley_array() - { - static $_smileys; - - if ( ! is_array($_smileys)) - { - if (file_exists(APPPATH.'config/smileys.php')) - { - include(APPPATH.'config/smileys.php'); - } - - if (file_exists(APPPATH.'config/'.ENVIRONMENT.'/smileys.php')) - { - include(APPPATH.'config/'.ENVIRONMENT.'/smileys.php'); - } - - if (empty($smileys) OR ! is_array($smileys)) - { - $_smileys = array(); - return FALSE; - } - - $_smileys = $smileys; - } - - return $_smileys; - } -} diff --git a/system/helpers/string_helper.php b/system/helpers/string_helper.php index 5860e15fb..311f7a420 100644 --- a/system/helpers/string_helper.php +++ b/system/helpers/string_helper.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -44,38 +44,11 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Helpers * @category Helpers * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/helpers/string_helper.html + * @link https://codeigniter.com/user_guide/helpers/string_helper.html */ // ------------------------------------------------------------------------ -if ( ! function_exists('trim_slashes')) -{ - /** - * Trim Slashes - * - * Removes any leading/trailing slashes from a string: - * - * /this/that/theother/ - * - * becomes: - * - * this/that/theother - * - * @todo Remove in version 3.1+. - * @deprecated 3.0.0 This is just an alias for PHP's native trim() - * - * @param string - * @return string - */ - function trim_slashes($str) - { - return trim($str, '/'); - } -} - -// ------------------------------------------------------------------------ - if ( ! function_exists('strip_slashes')) { /** @@ -253,7 +226,7 @@ if ( ! function_exists('increment_string')) */ function increment_string($str, $separator = '_', $first = 1) { - preg_match('/(.+)'.$separator.'([0-9]+)$/', $str, $match); + preg_match('/(.+)'.preg_quote($separator, '/').'([0-9]+)$/', $str, $match); return isset($match[2]) ? $match[1].$separator.($match[2] + 1) : $str.$separator.$first; } } @@ -270,7 +243,7 @@ if ( ! function_exists('alternator')) * @param string (as many parameters as needed) * @return string */ - function alternator($args) + function alternator() { static $i; @@ -279,27 +252,8 @@ if ( ! function_exists('alternator')) $i = 0; return ''; } + $args = func_get_args(); return $args[($i++ % count($args))]; } } - -// ------------------------------------------------------------------------ - -if ( ! function_exists('repeater')) -{ - /** - * Repeater function - * - * @todo Remove in version 3.1+. - * @deprecated 3.0.0 This is just an alias for PHP's native str_repeat() - * - * @param string $data String to repeat - * @param int $num Number of repeats - * @return string - */ - function repeater($data, $num = 1) - { - return ($num > 0) ? str_repeat($data, $num) : ''; - } -} diff --git a/system/helpers/text_helper.php b/system/helpers/text_helper.php index fb47036f2..07c01c3af 100644 --- a/system/helpers/text_helper.php +++ b/system/helpers/text_helper.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Helpers * @category Helpers * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/helpers/text_helper.html + * @link https://codeigniter.com/user_guide/helpers/text_helper.html */ // ------------------------------------------------------------------------ @@ -102,7 +102,7 @@ if ( ! function_exists('character_limiter')) } // a bit complicated, but faster than preg_replace with \s+ - $str = preg_replace('/ {2,}/', ' ', str_replace(array("\r", "\n", "\t", "\x0B", "\x0C"), ' ', $str)); + $str = preg_replace('/ {2,}/', ' ', str_replace(array("\r", "\n", "\t", "\v", "\f"), ' ', $str)); if (mb_strlen($str) <= $n) { @@ -275,13 +275,28 @@ if ( ! function_exists('word_censor')) foreach ($censored as $badword) { + $badword = str_replace('\*', '\w*?', preg_quote($badword, '/')); if ($replacement !== '') { - $str = preg_replace("/({$delim})(".str_replace('\*', '\w*?', preg_quote($badword, '/')).")({$delim})/i", "\\1{$replacement}\\3", $str); + $str = preg_replace( + "/({$delim})(".$badword.")({$delim})/i", + "\\1{$replacement}\\3", + $str + ); } - else + elseif (preg_match_all("/{$delim}(".$badword."){$delim}/i", $str, $matches, PREG_PATTERN_ORDER | PREG_OFFSET_CAPTURE)) { - $str = preg_replace("/({$delim})(".str_replace('\*', '\w*?', preg_quote($badword, '/')).")({$delim})/ie", "'\\1'.str_repeat('#', strlen('\\2')).'\\3'", $str); + $matches = $matches[1]; + for ($i = count($matches) - 1; $i >= 0; $i--) + { + $length = strlen($matches[$i][0]); + $str = substr_replace( + $str, + str_repeat('#', $length), + $matches[$i][1], + $length + ); + } } } diff --git a/system/helpers/typography_helper.php b/system/helpers/typography_helper.php index 45bb9b1d4..183e117bf 100644 --- a/system/helpers/typography_helper.php +++ b/system/helpers/typography_helper.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Helpers * @category Helpers * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/helpers/typography_helper.html + * @link https://codeigniter.com/user_guide/helpers/typography_helper.html */ // ------------------------------------------------------------------------ diff --git a/system/helpers/url_helper.php b/system/helpers/url_helper.php index d65f92f1b..99e82ef9f 100644 --- a/system/helpers/url_helper.php +++ b/system/helpers/url_helper.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Helpers * @category Helpers * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/helpers/url_helper.html + * @link https://codeigniter.com/user_guide/helpers/url_helper.html */ // ------------------------------------------------------------------------ @@ -443,7 +443,7 @@ if ( ! function_exists('prep_url')) */ function prep_url($str = '') { - if ($str === 'http://' OR $str === '') + if ($str === '') { return ''; } diff --git a/system/helpers/xml_helper.php b/system/helpers/xml_helper.php index 55f9c2f66..a12ee25db 100644 --- a/system/helpers/xml_helper.php +++ b/system/helpers/xml_helper.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Helpers * @category Helpers * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/helpers/xml_helper.html + * @link https://codeigniter.com/user_guide/helpers/xml_helper.html */ // ------------------------------------------------------------------------ diff --git a/system/language/english/calendar_lang.php b/system/language/english/calendar_lang.php index 9d3352868..77911e983 100644 --- a/system/language/english/calendar_lang.php +++ b/system/language/english/calendar_lang.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ diff --git a/system/language/english/date_lang.php b/system/language/english/date_lang.php index c61c9c2ad..bb454edfb 100644 --- a/system/language/english/date_lang.php +++ b/system/language/english/date_lang.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ diff --git a/system/language/english/db_lang.php b/system/language/english/db_lang.php index 5b67da659..b44bda951 100644 --- a/system/language/english/db_lang.php +++ b/system/language/english/db_lang.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ diff --git a/system/language/english/email_lang.php b/system/language/english/email_lang.php index cc6b2fd5a..22dc0fa78 100644 --- a/system/language/english/email_lang.php +++ b/system/language/english/email_lang.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ diff --git a/system/language/english/form_validation_lang.php b/system/language/english/form_validation_lang.php index 75d6e4b82..357f747ce 100644 --- a/system/language/english/form_validation_lang.php +++ b/system/language/english/form_validation_lang.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -43,6 +43,7 @@ $lang['form_validation_valid_email'] = 'The {field} field must contain a valid $lang['form_validation_valid_emails'] = 'The {field} field must contain all valid email addresses.'; $lang['form_validation_valid_url'] = 'The {field} field must contain a valid URL.'; $lang['form_validation_valid_ip'] = 'The {field} field must contain a valid IP.'; +$lang['form_validation_valid_mac'] = 'The {field} field must contain a valid MAC.'; $lang['form_validation_min_length'] = 'The {field} field must be at least {param} characters in length.'; $lang['form_validation_max_length'] = 'The {field} field cannot exceed {param} characters in length.'; $lang['form_validation_exact_length'] = 'The {field} field must be exactly {param} characters in length.'; diff --git a/system/language/english/ftp_lang.php b/system/language/english/ftp_lang.php index bccc27397..eada3e5d5 100644 --- a/system/language/english/ftp_lang.php +++ b/system/language/english/ftp_lang.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ diff --git a/system/language/english/imglib_lang.php b/system/language/english/imglib_lang.php index 41129cd6e..218874cfe 100644 --- a/system/language/english/imglib_lang.php +++ b/system/language/english/imglib_lang.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -51,6 +51,7 @@ $lang['imglib_libpath_invalid'] = 'The path to your image library is not correct $lang['imglib_image_process_failed'] = 'Image processing failed. Please verify that your server supports the chosen protocol and that the path to your image library is correct.'; $lang['imglib_rotation_angle_required'] = 'An angle of rotation is required to rotate the image.'; $lang['imglib_invalid_path'] = 'The path to the image is not correct.'; +$lang['imglib_invalid_image'] = 'The provided image is not valid.'; $lang['imglib_copy_failed'] = 'The image copy routine failed.'; $lang['imglib_missing_font'] = 'Unable to find a font to use.'; $lang['imglib_save_failed'] = 'Unable to save the image. Please make sure the image and file directory are writable.'; diff --git a/system/language/english/migration_lang.php b/system/language/english/migration_lang.php index 9e4a7c58c..168496090 100644 --- a/system/language/english/migration_lang.php +++ b/system/language/english/migration_lang.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ diff --git a/system/language/english/number_lang.php b/system/language/english/number_lang.php index db229c5b5..9723ce5ec 100644 --- a/system/language/english/number_lang.php +++ b/system/language/english/number_lang.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ diff --git a/system/language/english/pagination_lang.php b/system/language/english/pagination_lang.php index be133781e..d24dd047b 100644 --- a/system/language/english/pagination_lang.php +++ b/system/language/english/pagination_lang.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ diff --git a/system/language/english/profiler_lang.php b/system/language/english/profiler_lang.php index ba3edba60..20949a20a 100644 --- a/system/language/english/profiler_lang.php +++ b/system/language/english/profiler_lang.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ diff --git a/system/language/english/unit_test_lang.php b/system/language/english/unit_test_lang.php index 639829ed8..a89cb2d93 100644 --- a/system/language/english/unit_test_lang.php +++ b/system/language/english/unit_test_lang.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ diff --git a/system/language/english/upload_lang.php b/system/language/english/upload_lang.php index a536dda31..ec611f9ac 100644 --- a/system/language/english/upload_lang.php +++ b/system/language/english/upload_lang.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ diff --git a/system/libraries/Cache/Cache.php b/system/libraries/Cache/Cache.php index 0c87a5628..267dffb09 100644 --- a/system/libraries/Cache/Cache.php +++ b/system/libraries/Cache/Cache.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 2.0.0 * @filesource */ diff --git a/system/libraries/Cache/drivers/Cache_apc.php b/system/libraries/Cache/drivers/Cache_apc.php index e0d2ffb39..f2b61adb1 100644 --- a/system/libraries/Cache/drivers/Cache_apc.php +++ b/system/libraries/Cache/drivers/Cache_apc.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 2.0.0 * @filesource */ @@ -49,6 +49,24 @@ defined('BASEPATH') OR exit('No direct script access allowed'); class CI_Cache_apc extends CI_Driver { /** + * Class constructor + * + * Only present so that an error message is logged + * if APC is not available. + * + * @return void + */ + public function __construct() + { + if ( ! $this->is_supported()) + { + log_message('error', 'Cache: Failed to initialize APC; extension not loaded/enabled?'); + } + } + + // ------------------------------------------------------------------------ + + /** * Get * * Look for a value in the cache. If it exists, return the data @@ -79,7 +97,7 @@ class CI_Cache_apc extends CI_Driver { * * @param string $id Cache ID * @param mixed $data Data to store - * @param int $ttol Length of time (in seconds) to cache the data + * @param int $ttl Length of time (in seconds) to cache the data * @param bool $raw Whether to store the raw value * @return bool TRUE on success, FALSE on failure */ @@ -198,13 +216,6 @@ class CI_Cache_apc extends CI_Driver { */ public function is_supported() { - if ( ! extension_loaded('apc') OR ! ini_get('apc.enabled')) - { - log_message('debug', 'The APC PHP extension must be loaded to use APC Cache.'); - return FALSE; - } - - return TRUE; + return (extension_loaded('apc') && ini_get('apc.enabled')); } - } diff --git a/system/libraries/Cache/drivers/Cache_dummy.php b/system/libraries/Cache/drivers/Cache_dummy.php index bf80945a9..c6d9a61f1 100644 --- a/system/libraries/Cache/drivers/Cache_dummy.php +++ b/system/libraries/Cache/drivers/Cache_dummy.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 2.0 * @filesource */ diff --git a/system/libraries/Cache/drivers/Cache_file.php b/system/libraries/Cache/drivers/Cache_file.php index 68bc1ec96..8a36e9d79 100644 --- a/system/libraries/Cache/drivers/Cache_file.php +++ b/system/libraries/Cache/drivers/Cache_file.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 2.0 * @filesource */ @@ -120,7 +120,7 @@ class CI_Cache_file extends CI_Driver { */ public function delete($id) { - return file_exists($this->_cache_path.$id) ? unlink($this->_cache_path.$id) : FALSE; + return is_file($this->_cache_path.$id) ? unlink($this->_cache_path.$id) : FALSE; } // ------------------------------------------------------------------------ @@ -216,7 +216,7 @@ class CI_Cache_file extends CI_Driver { */ public function get_metadata($id) { - if ( ! file_exists($this->_cache_path.$id)) + if ( ! is_file($this->_cache_path.$id)) { return FALSE; } @@ -227,13 +227,13 @@ class CI_Cache_file extends CI_Driver { { $mtime = filemtime($this->_cache_path.$id); - if ( ! isset($data['ttl'])) + if ( ! isset($data['ttl'], $data['time'])) { return FALSE; } return array( - 'expire' => $mtime + $data['ttl'], + 'expire' => $data['time'] + $data['ttl'], 'mtime' => $mtime ); } @@ -267,7 +267,7 @@ class CI_Cache_file extends CI_Driver { */ protected function _get($id) { - if ( ! file_exists($this->_cache_path.$id)) + if ( ! is_file($this->_cache_path.$id)) { return FALSE; } diff --git a/system/libraries/Cache/drivers/Cache_memcached.php b/system/libraries/Cache/drivers/Cache_memcached.php index 111e2109d..4836b6aed 100644 --- a/system/libraries/Cache/drivers/Cache_memcached.php +++ b/system/libraries/Cache/drivers/Cache_memcached.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 2.0 * @filesource */ @@ -60,7 +60,7 @@ class CI_Cache_memcached extends CI_Driver { * * @var array */ - protected $_memcache_conf = array( + protected $_config = array( 'default' => array( 'host' => '127.0.0.1', 'port' => 11211, @@ -81,19 +81,11 @@ class CI_Cache_memcached extends CI_Driver { { // Try to load memcached server info from the config file. $CI =& get_instance(); - $defaults = $this->_memcache_conf['default']; + $defaults = $this->_config['default']; if ($CI->config->load('memcached', TRUE, TRUE)) { - if (is_array($CI->config->config['memcached'])) - { - $this->_memcache_conf = array(); - - foreach ($CI->config->config['memcached'] as $name => $conf) - { - $this->_memcache_conf[$name] = $conf; - } - } + $this->_config = $CI->config->config['memcached']; } if (class_exists('Memcached', FALSE)) @@ -106,18 +98,31 @@ class CI_Cache_memcached extends CI_Driver { } else { - throw new RuntimeException('Cache: Failed to create Memcache(d) object; extension not loaded?'); + log_message('error', 'Cache: Failed to create Memcache(d) object; extension not loaded?'); + return; } - foreach ($this->_memcache_conf as $cache_server) + foreach ($this->_config as $cache_name => $cache_server) { - isset($cache_server['hostname']) OR $cache_server['hostname'] = $defaults['host']; - isset($cache_server['port']) OR $cache_server['port'] = $defaults['port']; + if ( ! isset($cache_server['hostname'])) + { + log_message('debug', 'Cache: Memcache(d) configuration "'.$cache_name.'" doesn\'t include a hostname; ignoring.'); + continue; + } + elseif ($cache_server['hostname'][0] === '/') + { + $cache_server['port'] = 0; + } + elseif (empty($cache_server['port'])) + { + $cache_server['port'] = $defaults['port']; + } + isset($cache_server['weight']) OR $cache_server['weight'] = $defaults['weight']; - if (get_class($this->_memcached) === 'Memcache') + if ($this->_memcached instanceof Memcache) { - // Third parameter is persistance and defaults to TRUE. + // Third parameter is persistence and defaults to TRUE. $this->_memcached->addServer( $cache_server['hostname'], $cache_server['port'], @@ -125,7 +130,7 @@ class CI_Cache_memcached extends CI_Driver { $cache_server['weight'] ); } - else + elseif ($this->_memcached instanceof Memcached) { $this->_memcached->addServer( $cache_server['hostname'], @@ -169,11 +174,11 @@ class CI_Cache_memcached extends CI_Driver { $data = array($data, time(), $ttl); } - if (get_class($this->_memcached) === 'Memcached') + if ($this->_memcached instanceof Memcached) { return $this->_memcached->set($id, $data, $ttl); } - elseif (get_class($this->_memcached) === 'Memcache') + elseif ($this->_memcached instanceof Memcache) { return $this->_memcached->set($id, $data, 0, $ttl); } @@ -186,7 +191,7 @@ class CI_Cache_memcached extends CI_Driver { /** * Delete from Cache * - * @param mixed key to be deleted. + * @param mixed $id key to be deleted. * @return bool true on success, false on failure */ public function delete($id) @@ -251,7 +256,7 @@ class CI_Cache_memcached extends CI_Driver { /** * Get Cache Metadata * - * @param mixed key to get cache metadata on + * @param mixed $id key to get cache metadata on * @return mixed FALSE on failure, array on success. */ public function get_metadata($id) @@ -284,12 +289,27 @@ class CI_Cache_memcached extends CI_Driver { */ public function is_supported() { - if ( ! extension_loaded('memcached') && ! extension_loaded('memcache')) + return (extension_loaded('memcached') OR extension_loaded('memcache')); + } + + // ------------------------------------------------------------------------ + + /** + * Class destructor + * + * Closes the connection to Memcache(d) if present. + * + * @return void + */ + public function __destruct() + { + if ($this->_memcached instanceof Memcache) { - log_message('debug', 'The Memcached Extension must be loaded to use Memcached Cache.'); - return FALSE; + $this->_memcached->close(); + } + elseif ($this->_memcached instanceof Memcached && method_exists($this->_memcached, 'quit')) + { + $this->_memcached->quit(); } - - return TRUE; } } diff --git a/system/libraries/Cache/drivers/Cache_redis.php b/system/libraries/Cache/drivers/Cache_redis.php index d7dca1973..bb26b3b47 100644 --- a/system/libraries/Cache/drivers/Cache_redis.php +++ b/system/libraries/Cache/drivers/Cache_redis.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -55,11 +55,11 @@ class CI_Cache_redis extends CI_Driver * @var array */ protected static $_default_config = array( - 'socket_type' => 'tcp', 'host' => '127.0.0.1', 'password' => NULL, 'port' => 6379, - 'timeout' => 0 + 'timeout' => 0, + 'database' => 0 ); /** @@ -69,13 +69,6 @@ class CI_Cache_redis extends CI_Driver */ protected $_redis; - /** - * An internal cache for storing keys of serialized values. - * - * @var array - */ - protected $_serialized = array(); - // ------------------------------------------------------------------------ /** @@ -91,46 +84,46 @@ class CI_Cache_redis extends CI_Driver */ public function __construct() { - $config = array(); + if ( ! $this->is_supported()) + { + log_message('error', 'Cache: Failed to create Redis object; extension not loaded?'); + return; + } + $CI =& get_instance(); if ($CI->config->load('redis', TRUE, TRUE)) { - $config = $CI->config->item('redis'); + $config = array_merge(self::$_default_config, $CI->config->item('redis')); + } + else + { + $config = self::$_default_config; } - $config = array_merge(self::$_default_config, $config); $this->_redis = new Redis(); try { - if ($config['socket_type'] === 'unix') + if ( ! $this->_redis->connect($config['host'], ($config['host'][0] === '/' ? 0 : $config['port']), $config['timeout'])) { - $success = $this->_redis->connect($config['socket']); + log_message('error', 'Cache: Redis connection failed. Check your configuration.'); } - else // tcp socket + + if (isset($config['password']) && ! $this->_redis->auth($config['password'])) { - $success = $this->_redis->connect($config['host'], $config['port'], $config['timeout']); + log_message('error', 'Cache: Redis authentication failed.'); } - if ( ! $success) + if (isset($config['database']) && $config['database'] > 0 && ! $this->_redis->select($config['database'])) { - throw new RuntimeException('Cache: Redis connection failed. Check your configuration.'); + log_message('error', 'Cache: Redis select database failed.'); } } catch (RedisException $e) { - throw new RuntimeException('Cache: Redis connection refused ('.$e->getMessage().')'); + log_message('error', 'Cache: Redis connection refused ('.$e->getMessage().')'); } - - if (isset($config['password']) && ! $this->_redis->auth($config['password'])) - { - throw new RuntimeException('Cache: Redis authentication failed.'); - } - - // Initialize the index of serialized values. - $serialized = $this->_redis->sMembers('_ci_redis_serialized'); - empty($serialized) OR $this->_serialized = array_flip($serialized); } // ------------------------------------------------------------------------ @@ -138,19 +131,35 @@ class CI_Cache_redis extends CI_Driver /** * Get cache * - * @param string Cache ID + * @param string $key Cache ID * @return mixed */ public function get($key) { - $value = $this->_redis->get($key); + $data = $this->_redis->hMGet($key, array('__ci_type', '__ci_value')); - if ($value !== FALSE && isset($this->_serialized[$key])) + if ( ! isset($data['__ci_type'], $data['__ci_value']) OR $data['__ci_value'] === FALSE) { - return unserialize($value); + return FALSE; } - return $value; + switch ($data['__ci_type']) + { + case 'array': + case 'object': + return unserialize($data['__ci_value']); + case 'boolean': + case 'integer': + case 'double': // Yes, 'double' is returned and NOT 'float' + case 'string': + case 'NULL': + return settype($data['__ci_value'], $data['__ci_type']) + ? $data['__ci_value'] + : FALSE; + case 'resource': + default: + return FALSE; + } } // ------------------------------------------------------------------------ @@ -166,23 +175,33 @@ class CI_Cache_redis extends CI_Driver */ public function save($id, $data, $ttl = 60, $raw = FALSE) { - if (is_array($data) OR is_object($data)) + switch ($data_type = gettype($data)) { - if ( ! $this->_redis->sIsMember('_ci_redis_serialized', $id) && ! $this->_redis->sAdd('_ci_redis_serialized', $id)) - { + case 'array': + case 'object': + $data = serialize($data); + break; + case 'boolean': + case 'integer': + case 'double': // Yes, 'double' is returned and NOT 'float' + case 'string': + case 'NULL': + break; + case 'resource': + default: return FALSE; - } + } - isset($this->_serialized[$id]) OR $this->_serialized[$id] = TRUE; - $data = serialize($data); + if ( ! $this->_redis->hMSet($id, array('__ci_type' => $data_type, '__ci_value' => $data))) + { + return FALSE; } - elseif (isset($this->_serialized[$id])) + elseif ($ttl) { - $this->_serialized[$id] = NULL; - $this->_redis->sRemove('_ci_redis_serialized', $id); + $this->_redis->expireAt($id, time() + $ttl); } - return $this->_redis->set($id, $data, $ttl); + return TRUE; } // ------------------------------------------------------------------------ @@ -190,23 +209,12 @@ class CI_Cache_redis extends CI_Driver /** * Delete from cache * - * @param string Cache key + * @param string $key Cache key * @return bool */ public function delete($key) { - if ($this->_redis->delete($key) !== 1) - { - return FALSE; - } - - if (isset($this->_serialized[$key])) - { - $this->_serialized[$key] = NULL; - $this->_redis->sRemove('_ci_redis_serialized', $key); - } - - return TRUE; + return ($this->_redis->delete($key) === 1); } // ------------------------------------------------------------------------ @@ -220,7 +228,7 @@ class CI_Cache_redis extends CI_Driver */ public function increment($id, $offset = 1) { - return $this->_redis->incr($id, $offset); + return $this->_redis->hIncrBy($id, 'data', $offset); } // ------------------------------------------------------------------------ @@ -234,7 +242,7 @@ class CI_Cache_redis extends CI_Driver */ public function decrement($id, $offset = 1) { - return $this->_redis->decr($id, $offset); + return $this->_redis->hIncrBy($id, 'data', -$offset); } // ------------------------------------------------------------------------ @@ -255,9 +263,9 @@ class CI_Cache_redis extends CI_Driver /** * Get cache driver info * - * @param string Not supported in Redis. - * Only included in order to offer a - * consistent cache API. + * @param string $type Not supported in Redis. + * Only included in order to offer a + * consistent cache API. * @return array * @see Redis::info() */ @@ -271,7 +279,7 @@ class CI_Cache_redis extends CI_Driver /** * Get cache metadata * - * @param string Cache key + * @param string $key Cache key * @return array */ public function get_metadata($key) @@ -298,13 +306,7 @@ class CI_Cache_redis extends CI_Driver */ public function is_supported() { - if ( ! extension_loaded('redis')) - { - log_message('debug', 'The Redis extension must be loaded to use Redis cache.'); - return FALSE; - } - - return TRUE; + return extension_loaded('redis'); } // ------------------------------------------------------------------------ diff --git a/system/libraries/Cache/drivers/Cache_wincache.php b/system/libraries/Cache/drivers/Cache_wincache.php index 9cc6ff016..f296a5e26 100644 --- a/system/libraries/Cache/drivers/Cache_wincache.php +++ b/system/libraries/Cache/drivers/Cache_wincache.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -52,6 +52,24 @@ defined('BASEPATH') OR exit('No direct script access allowed'); class CI_Cache_wincache extends CI_Driver { /** + * Class constructor + * + * Only present so that an error message is logged + * if APC is not available. + * + * @return void + */ + public function __construct() + { + if ( ! $this->is_supported()) + { + log_message('error', 'Cache: Failed to initialize Wincache; extension not loaded/enabled?'); + } + } + + // ------------------------------------------------------------------------ + + /** * Get * * Look for a value in the cache. If it exists, return the data, @@ -194,13 +212,6 @@ class CI_Cache_wincache extends CI_Driver { */ public function is_supported() { - if ( ! extension_loaded('wincache') OR ! ini_get('wincache.ucenabled')) - { - log_message('debug', 'The Wincache PHP extension must be loaded to use Wincache Cache.'); - return FALSE; - } - - return TRUE; + return (extension_loaded('wincache') && ini_get('wincache.ucenabled')); } - } diff --git a/system/libraries/Calendar.php b/system/libraries/Calendar.php index f6a0c39c4..edb0fb4d9 100644 --- a/system/libraries/Calendar.php +++ b/system/libraries/Calendar.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Libraries * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/calendar.html + * @link https://codeigniter.com/user_guide/libraries/calendar.html */ class CI_Calendar { diff --git a/system/libraries/Cart.php b/system/libraries/Cart.php deleted file mode 100644 index bf27c6392..000000000 --- a/system/libraries/Cart.php +++ /dev/null @@ -1,567 +0,0 @@ -<?php -/** - * CodeIgniter - * - * An open source application development framework for PHP - * - * This content is released under the MIT License (MIT) - * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology - * - * Permission is hereby granted, free of charge, to any person obtaining a copy - * of this software and associated documentation files (the "Software"), to deal - * in the Software without restriction, including without limitation the rights - * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell - * copies of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included in - * all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, - * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN - * THE SOFTWARE. - * - * @package CodeIgniter - * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) - * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com - * @since Version 1.0.0 - * @filesource - */ -defined('BASEPATH') OR exit('No direct script access allowed'); - -/** - * Shopping Cart Class - * - * @package CodeIgniter - * @subpackage Libraries - * @category Shopping Cart - * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/cart.html - * @deprecated 3.0.0 This class is too specific for CI. - */ -class CI_Cart { - - /** - * These are the regular expression rules that we use to validate the product ID and product name - * alpha-numeric, dashes, underscores, or periods - * - * @var string - */ - public $product_id_rules = '\.a-z0-9_-'; - - /** - * These are the regular expression rules that we use to validate the product ID and product name - * alpha-numeric, dashes, underscores, colons or periods - * - * @var string - */ - public $product_name_rules = '\w \-\.\:'; - - /** - * only allow safe product names - * - * @var bool - */ - public $product_name_safe = TRUE; - - // -------------------------------------------------------------------------- - - /** - * Reference to CodeIgniter instance - * - * @var object - */ - protected $CI; - - /** - * Contents of the cart - * - * @var array - */ - protected $_cart_contents = array(); - - /** - * Shopping Class Constructor - * - * The constructor loads the Session class, used to store the shopping cart contents. - * - * @param array - * @return void - */ - public function __construct($params = array()) - { - // Set the super object to a local variable for use later - $this->CI =& get_instance(); - - // Are any config settings being passed manually? If so, set them - $config = is_array($params) ? $params : array(); - - // Load the Sessions class - $this->CI->load->driver('session', $config); - - // Grab the shopping cart array from the session table - $this->_cart_contents = $this->CI->session->userdata('cart_contents'); - if ($this->_cart_contents === NULL) - { - // No cart exists so we'll set some base values - $this->_cart_contents = array('cart_total' => 0, 'total_items' => 0); - } - - log_message('info', 'Cart Class Initialized'); - } - - // -------------------------------------------------------------------- - - /** - * Insert items into the cart and save it to the session table - * - * @param array - * @return bool - */ - public function insert($items = array()) - { - // Was any cart data passed? No? Bah... - if ( ! is_array($items) OR count($items) === 0) - { - log_message('error', 'The insert method must be passed an array containing data.'); - return FALSE; - } - - // You can either insert a single product using a one-dimensional array, - // or multiple products using a multi-dimensional one. The way we - // determine the array type is by looking for a required array key named "id" - // at the top level. If it's not found, we will assume it's a multi-dimensional array. - - $save_cart = FALSE; - if (isset($items['id'])) - { - if (($rowid = $this->_insert($items))) - { - $save_cart = TRUE; - } - } - else - { - foreach ($items as $val) - { - if (is_array($val) && isset($val['id'])) - { - if ($this->_insert($val)) - { - $save_cart = TRUE; - } - } - } - } - - // Save the cart data if the insert was successful - if ($save_cart === TRUE) - { - $this->_save_cart(); - return isset($rowid) ? $rowid : TRUE; - } - - return FALSE; - } - - // -------------------------------------------------------------------- - - /** - * Insert - * - * @param array - * @return bool - */ - protected function _insert($items = array()) - { - // Was any cart data passed? No? Bah... - if ( ! is_array($items) OR count($items) === 0) - { - log_message('error', 'The insert method must be passed an array containing data.'); - return FALSE; - } - - // -------------------------------------------------------------------- - - // Does the $items array contain an id, quantity, price, and name? These are required - if ( ! isset($items['id'], $items['qty'], $items['price'], $items['name'])) - { - log_message('error', 'The cart array must contain a product ID, quantity, price, and name.'); - return FALSE; - } - - // -------------------------------------------------------------------- - - // Prep the quantity. It can only be a number. Duh... also trim any leading zeros - $items['qty'] = (float) $items['qty']; - - // If the quantity is zero or blank there's nothing for us to do - if ($items['qty'] == 0) - { - return FALSE; - } - - // -------------------------------------------------------------------- - - // Validate the product ID. It can only be alpha-numeric, dashes, underscores or periods - // Not totally sure we should impose this rule, but it seems prudent to standardize IDs. - // Note: These can be user-specified by setting the $this->product_id_rules variable. - if ( ! preg_match('/^['.$this->product_id_rules.']+$/i', $items['id'])) - { - log_message('error', 'Invalid product ID. The product ID can only contain alpha-numeric characters, dashes, and underscores'); - return FALSE; - } - - // -------------------------------------------------------------------- - - // Validate the product name. It can only be alpha-numeric, dashes, underscores, colons or periods. - // Note: These can be user-specified by setting the $this->product_name_rules variable. - if ($this->product_name_safe && ! preg_match('/^['.$this->product_name_rules.']+$/i'.(UTF8_ENABLED ? 'u' : ''), $items['name'])) - { - log_message('error', 'An invalid name was submitted as the product name: '.$items['name'].' The name can only contain alpha-numeric characters, dashes, underscores, colons, and spaces'); - return FALSE; - } - - // -------------------------------------------------------------------- - - // Prep the price. Remove leading zeros and anything that isn't a number or decimal point. - $items['price'] = (float) $items['price']; - - // We now need to create a unique identifier for the item being inserted into the cart. - // Every time something is added to the cart it is stored in the master cart array. - // Each row in the cart array, however, must have a unique index that identifies not only - // a particular product, but makes it possible to store identical products with different options. - // For example, what if someone buys two identical t-shirts (same product ID), but in - // different sizes? The product ID (and other attributes, like the name) will be identical for - // both sizes because it's the same shirt. The only difference will be the size. - // Internally, we need to treat identical submissions, but with different options, as a unique product. - // Our solution is to convert the options array to a string and MD5 it along with the product ID. - // This becomes the unique "row ID" - if (isset($items['options']) && count($items['options']) > 0) - { - $rowid = md5($items['id'].serialize($items['options'])); - } - else - { - // No options were submitted so we simply MD5 the product ID. - // Technically, we don't need to MD5 the ID in this case, but it makes - // sense to standardize the format of array indexes for both conditions - $rowid = md5($items['id']); - } - - // -------------------------------------------------------------------- - - // Now that we have our unique "row ID", we'll add our cart items to the master array - // grab quantity if it's already there and add it on - $old_quantity = isset($this->_cart_contents[$rowid]['qty']) ? (int) $this->_cart_contents[$rowid]['qty'] : 0; - - // Re-create the entry, just to make sure our index contains only the data from this submission - $items['rowid'] = $rowid; - $items['qty'] += $old_quantity; - $this->_cart_contents[$rowid] = $items; - - return $rowid; - } - - // -------------------------------------------------------------------- - - /** - * Update the cart - * - * This function permits the quantity of a given item to be changed. - * Typically it is called from the "view cart" page if a user makes - * changes to the quantity before checkout. That array must contain the - * product ID and quantity for each item. - * - * @param array - * @return bool - */ - public function update($items = array()) - { - // Was any cart data passed? - if ( ! is_array($items) OR count($items) === 0) - { - return FALSE; - } - - // You can either update a single product using a one-dimensional array, - // or multiple products using a multi-dimensional one. The way we - // determine the array type is by looking for a required array key named "rowid". - // If it's not found we assume it's a multi-dimensional array - $save_cart = FALSE; - if (isset($items['rowid'])) - { - if ($this->_update($items) === TRUE) - { - $save_cart = TRUE; - } - } - else - { - foreach ($items as $val) - { - if (is_array($val) && isset($val['rowid'])) - { - if ($this->_update($val) === TRUE) - { - $save_cart = TRUE; - } - } - } - } - - // Save the cart data if the insert was successful - if ($save_cart === TRUE) - { - $this->_save_cart(); - return TRUE; - } - - return FALSE; - } - - // -------------------------------------------------------------------- - - /** - * Update the cart - * - * This function permits changing item properties. - * Typically it is called from the "view cart" page if a user makes - * changes to the quantity before checkout. That array must contain the - * rowid and quantity for each item. - * - * @param array - * @return bool - */ - protected function _update($items = array()) - { - // Without these array indexes there is nothing we can do - if ( ! isset($items['rowid'], $this->_cart_contents[$items['rowid']])) - { - return FALSE; - } - - // Prep the quantity - if (isset($items['qty'])) - { - $items['qty'] = (float) $items['qty']; - // Is the quantity zero? If so we will remove the item from the cart. - // If the quantity is greater than zero we are updating - if ($items['qty'] == 0) - { - unset($this->_cart_contents[$items['rowid']]); - return TRUE; - } - } - - // find updatable keys - $keys = array_intersect(array_keys($this->_cart_contents[$items['rowid']]), array_keys($items)); - // if a price was passed, make sure it contains valid data - if (isset($items['price'])) - { - $items['price'] = (float) $items['price']; - } - - // product id & name shouldn't be changed - foreach (array_diff($keys, array('id', 'name')) as $key) - { - $this->_cart_contents[$items['rowid']][$key] = $items[$key]; - } - - return TRUE; - } - - // -------------------------------------------------------------------- - - /** - * Save the cart array to the session DB - * - * @return bool - */ - protected function _save_cart() - { - // Let's add up the individual prices and set the cart sub-total - $this->_cart_contents['total_items'] = $this->_cart_contents['cart_total'] = 0; - foreach ($this->_cart_contents as $key => $val) - { - // We make sure the array contains the proper indexes - if ( ! is_array($val) OR ! isset($val['price'], $val['qty'])) - { - continue; - } - - $this->_cart_contents['cart_total'] += ($val['price'] * $val['qty']); - $this->_cart_contents['total_items'] += $val['qty']; - $this->_cart_contents[$key]['subtotal'] = ($this->_cart_contents[$key]['price'] * $this->_cart_contents[$key]['qty']); - } - - // Is our cart empty? If so we delete it from the session - if (count($this->_cart_contents) <= 2) - { - $this->CI->session->unset_userdata('cart_contents'); - - // Nothing more to do... coffee time! - return FALSE; - } - - // If we made it this far it means that our cart has data. - // Let's pass it to the Session class so it can be stored - $this->CI->session->set_userdata(array('cart_contents' => $this->_cart_contents)); - - // Woot! - return TRUE; - } - - // -------------------------------------------------------------------- - - /** - * Cart Total - * - * @return int - */ - public function total() - { - return $this->_cart_contents['cart_total']; - } - - // -------------------------------------------------------------------- - - /** - * Remove Item - * - * Removes an item from the cart - * - * @param int - * @return bool - */ - public function remove($rowid) - { - // unset & save - unset($this->_cart_contents[$rowid]); - $this->_save_cart(); - return TRUE; - } - - // -------------------------------------------------------------------- - - /** - * Total Items - * - * Returns the total item count - * - * @return int - */ - public function total_items() - { - return $this->_cart_contents['total_items']; - } - - // -------------------------------------------------------------------- - - /** - * Cart Contents - * - * Returns the entire cart array - * - * @param bool - * @return array - */ - public function contents($newest_first = FALSE) - { - // do we want the newest first? - $cart = ($newest_first) ? array_reverse($this->_cart_contents) : $this->_cart_contents; - - // Remove these so they don't create a problem when showing the cart table - unset($cart['total_items']); - unset($cart['cart_total']); - - return $cart; - } - - // -------------------------------------------------------------------- - - /** - * Get cart item - * - * Returns the details of a specific item in the cart - * - * @param string $row_id - * @return array - */ - public function get_item($row_id) - { - return (in_array($row_id, array('total_items', 'cart_total'), TRUE) OR ! isset($this->_cart_contents[$row_id])) - ? FALSE - : $this->_cart_contents[$row_id]; - } - - // -------------------------------------------------------------------- - - /** - * Has options - * - * Returns TRUE if the rowid passed to this function correlates to an item - * that has options associated with it. - * - * @param string $row_id = '' - * @return bool - */ - public function has_options($row_id = '') - { - return (isset($this->_cart_contents[$row_id]['options']) && count($this->_cart_contents[$row_id]['options']) !== 0); - } - - // -------------------------------------------------------------------- - - /** - * Product options - * - * Returns the an array of options, for a particular product row ID - * - * @param string $row_id = '' - * @return array - */ - public function product_options($row_id = '') - { - return isset($this->_cart_contents[$row_id]['options']) ? $this->_cart_contents[$row_id]['options'] : array(); - } - - // -------------------------------------------------------------------- - - /** - * Format Number - * - * Returns the supplied number with commas and a decimal point. - * - * @param float - * @return string - */ - public function format_number($n = '') - { - return ($n === '') ? '' : number_format( (float) $n, 2, '.', ','); - } - - // -------------------------------------------------------------------- - - /** - * Destroy the cart - * - * Empties the cart and kills the session - * - * @return void - */ - public function destroy() - { - $this->_cart_contents = array('cart_total' => 0, 'total_items' => 0); - $this->CI->session->unset_userdata('cart_contents'); - } - -} diff --git a/system/libraries/Driver.php b/system/libraries/Driver.php index da4c548e6..00e8416f9 100644 --- a/system/libraries/Driver.php +++ b/system/libraries/Driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ diff --git a/system/libraries/Email.php b/system/libraries/Email.php index 459c8f590..1483f2203 100644 --- a/system/libraries/Email.php +++ b/system/libraries/Email.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Libraries * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/email.html + * @link https://codeigniter.com/user_guide/libraries/email.html */ class CI_Email { @@ -150,13 +150,6 @@ class CI_Email { public $charset = 'utf-8'; /** - * Multipart message - * - * @var string 'mixed' (in the body) or 'related' (separate) - */ - public $multipart = 'mixed'; // "mixed" (in the body) or "related" (separate) - - /** * Alternative message (for HTML messages only) * * @var string @@ -168,7 +161,7 @@ class CI_Email { * * @var bool */ - public $validate = FALSE; + public $validate = TRUE; /** * X-Priority header value. @@ -233,13 +226,6 @@ class CI_Email { // -------------------------------------------------------------------- /** - * Whether PHP is running in safe mode. Initialized by the class constructor. - * - * @var bool - */ - protected $_safe_mode = FALSE; - - /** * Subject header * * @var string @@ -261,20 +247,6 @@ class CI_Email { protected $_finalbody = ''; /** - * multipart/alternative boundary - * - * @var string - */ - protected $_alt_boundary = ''; - - /** - * Attachment boundary - * - * @var string - */ - protected $_atc_boundary = ''; - - /** * Final headers to send * * @var string @@ -395,6 +367,13 @@ class CI_Email { 5 => '5 (Lowest)' ); + /** + * mbstring.func_override flag + * + * @var bool + */ + protected static $func_override; + // -------------------------------------------------------------------- /** @@ -408,18 +387,9 @@ class CI_Email { public function __construct(array $config = array()) { $this->charset = config_item('charset'); + $this->initialize($config); - if (count($config) > 0) - { - $this->initialize($config); - } - else - { - $this->_smtp_auth = ! ($this->smtp_user === '' && $this->smtp_pass === ''); - } - - $this->_safe_mode = ( ! is_php('5.4') && ini_get('safe_mode')); - $this->charset = strtoupper($this->charset); + isset(self::$func_override) OR self::$func_override = (extension_loaded('mbstring') && ini_get('mbstring.func_override')); log_message('info', 'Email Class Initialized'); } @@ -427,28 +397,15 @@ class CI_Email { // -------------------------------------------------------------------- /** - * Destructor - Releases Resources - * - * @return void - */ - public function __destruct() - { - if (is_resource($this->_smtp_connect)) - { - $this->_send_command('quit'); - } - } - - // -------------------------------------------------------------------- - - /** * Initialize preferences * - * @param array + * @param array $config * @return CI_Email */ - public function initialize($config = array()) + public function initialize(array $config = array()) { + $this->clear(); + foreach ($config as $key => $val) { if (isset($this->$key)) @@ -465,9 +422,9 @@ class CI_Email { } } } - $this->clear(); - $this->_smtp_auth = ! ($this->smtp_user === '' && $this->smtp_pass === ''); + $this->charset = strtoupper($this->charset); + $this->_smtp_auth = isset($this->smtp_user[0], $this->smtp_pass[0]); return $this; } @@ -493,7 +450,6 @@ class CI_Email { $this->_headers = array(); $this->_debug_msg = array(); - $this->set_header('User-Agent', $this->useragent); $this->set_header('Date', $this->_set_date()); if ($clear_attachments !== FALSE) @@ -574,14 +530,18 @@ class CI_Email { $this->validate_email($this->_str_to_array($replyto)); } - if ($name === '') - { - $name = $replyto; - } - - if (strpos($name, '"') !== 0) + if ($name !== '') { - $name = '"'.$name.'"'; + // only use Q encoding if there are characters that would require it + if ( ! preg_match('/[\200-\377]/', $name)) + { + // add slashes for non-printing characters, slashes, and double quotes, and surround it in double quotes + $name = '"'.addcslashes($name, "\0..\37\177'\"\\").'"'; + } + else + { + $name = $this->_prep_q_encoding($name); + } } $this->set_header('Reply-To', $name.' <'.$replyto.'>'); @@ -707,18 +667,6 @@ class CI_Email { public function message($body) { $this->_body = rtrim(str_replace("\r", '', $body)); - - /* strip slashes only if magic quotes is ON - if we do it with magic quotes OFF, it strips real, user-inputted chars. - - NOTE: In PHP 5.4 get_magic_quotes_gpc() will always return 0 and - it will probably not exist in future versions at all. - */ - if ( ! is_php('5.4') && get_magic_quotes_gpc()) - { - $this->_body = stripslashes($this->_body); - } - return $this; } @@ -762,7 +710,8 @@ class CI_Email { 'name' => array($file, $newname), 'disposition' => empty($disposition) ? 'attachment' : $disposition, // Can also be 'inline' Not sure if it matters 'type' => $mime, - 'content' => chunk_split(base64_encode($file_content)) + 'content' => chunk_split(base64_encode($file_content)), + 'multipart' => 'mixed' ); return $this; @@ -780,15 +729,11 @@ class CI_Email { */ public function attachment_cid($filename) { - if ($this->multipart !== 'related') - { - $this->multipart = 'related'; // Thunderbird need this for inline images - } - for ($i = 0, $c = count($this->_attachments); $i < $c; $i++) { if ($this->_attachments[$i]['name'][0] === $filename) { + $this->_attachments[$i]['multipart'] = 'related'; $this->_attachments[$i]['cid'] = uniqid(basename($this->_attachments[$i]['name'][0]).'@'); return $this->_attachments[$i]['cid']; } @@ -933,19 +878,6 @@ class CI_Email { // -------------------------------------------------------------------- /** - * Set Message Boundary - * - * @return void - */ - protected function _set_boundaries() - { - $this->_alt_boundary = 'B_ALT_'.uniqid(''); // multipart/alternative - $this->_atc_boundary = 'B_ATC_'.uniqid(''); // attachment boundary - } - - // -------------------------------------------------------------------- - - /** * Get the Message ID * * @return string @@ -1012,9 +944,9 @@ class CI_Email { { if ($this->mailtype === 'html') { - return (count($this->_attachments) === 0) ? 'html' : 'html-attach'; + return empty($this->_attachments) ? 'html' : 'html-attach'; } - elseif ($this->mailtype === 'text' && count($this->_attachments) > 0) + elseif ($this->mailtype === 'text' && ! empty($this->_attachments)) { return 'plain-attach'; } @@ -1093,7 +1025,7 @@ class CI_Email { { if (function_exists('idn_to_ascii') && $atpos = strpos($email, '@')) { - $email = substr($email, 0, ++$atpos).idn_to_ascii(substr($email, $atpos)); + $email = self::substr($email, 0, ++$atpos).idn_to_ascii(self::substr($email, $atpos)); } return (bool) filter_var($email, FILTER_VALIDATE_EMAIL); @@ -1210,7 +1142,7 @@ class CI_Email { { // Is the line within the allowed character count? // If so we'll join it to the output and continue - if (mb_strlen($line) <= $charlim) + if (self::strlen($line) <= $charlim) { $output .= $line.$this->newline; continue; @@ -1226,10 +1158,10 @@ class CI_Email { } // Trim the word down - $temp .= mb_substr($line, 0, $charlim - 1); - $line = mb_substr($line, $charlim - 1); + $temp .= self::substr($line, 0, $charlim - 1); + $line = self::substr($line, $charlim - 1); } - while (mb_strlen($line) > $charlim); + while (self::strlen($line) > $charlim); // If $temp contains data it means we had to split up an over-length // word into smaller chunks so we'll add it back to our current line @@ -1258,10 +1190,11 @@ class CI_Email { /** * Build final headers * - * @return string + * @return void */ protected function _build_headers() { + $this->set_header('User-Agent', $this->useragent); $this->set_header('X-Sender', $this->clean_email($this->_headers['From'])); $this->set_header('X-Mailer', $this->useragent); $this->set_header('X-Priority', $this->_priorities[$this->priority]); @@ -1320,7 +1253,6 @@ class CI_Email { $this->_body = $this->word_wrap($this->_body); } - $this->_set_boundaries(); $this->_write_headers(); $hdr = ($this->_get_protocol() === 'mail') ? $this->newline : ''; @@ -1328,7 +1260,7 @@ class CI_Email { switch ($this->_get_content_type()) { - case 'plain' : + case 'plain': $hdr .= 'Content-Type: text/plain; charset='.$this->charset.$this->newline .'Content-Transfer-Encoding: '.$this->_get_encoding(); @@ -1345,7 +1277,7 @@ class CI_Email { return; - case 'html' : + case 'html': if ($this->send_multipart === FALSE) { @@ -1354,14 +1286,16 @@ class CI_Email { } else { - $hdr .= 'Content-Type: multipart/alternative; boundary="'.$this->_alt_boundary.'"'; + $boundary = uniqid('B_ALT_'); + $hdr .= 'Content-Type: multipart/alternative; boundary="'.$boundary.'"'; $body .= $this->_get_mime_message().$this->newline.$this->newline - .'--'.$this->_alt_boundary.$this->newline + .'--'.$boundary.$this->newline .'Content-Type: text/plain; charset='.$this->charset.$this->newline .'Content-Transfer-Encoding: '.$this->_get_encoding().$this->newline.$this->newline - .$this->_get_alt_message().$this->newline.$this->newline.'--'.$this->_alt_boundary.$this->newline + .$this->_get_alt_message().$this->newline.$this->newline + .'--'.$boundary.$this->newline .'Content-Type: text/html; charset='.$this->charset.$this->newline .'Content-Transfer-Encoding: quoted-printable'.$this->newline.$this->newline; @@ -1380,14 +1314,15 @@ class CI_Email { if ($this->send_multipart !== FALSE) { - $this->_finalbody .= '--'.$this->_alt_boundary.'--'; + $this->_finalbody .= '--'.$boundary.'--'; } return; - case 'plain-attach' : + case 'plain-attach': - $hdr .= 'Content-Type: multipart/'.$this->multipart.'; boundary="'.$this->_atc_boundary.'"'; + $boundary = uniqid('B_ATC_'); + $hdr .= 'Content-Type: multipart/mixed; boundary="'.$boundary.'"'; if ($this->_get_protocol() === 'mail') { @@ -1396,59 +1331,83 @@ class CI_Email { $body .= $this->_get_mime_message().$this->newline .$this->newline - .'--'.$this->_atc_boundary.$this->newline + .'--'.$boundary.$this->newline .'Content-Type: text/plain; charset='.$this->charset.$this->newline .'Content-Transfer-Encoding: '.$this->_get_encoding().$this->newline .$this->newline .$this->_body.$this->newline.$this->newline; - break; - case 'html-attach' : + $this->_append_attachments($body, $boundary); + + break; + case 'html-attach': - $hdr .= 'Content-Type: multipart/'.$this->multipart.'; boundary="'.$this->_atc_boundary.'"'; + $alt_boundary = uniqid('B_ALT_'); + $last_boundary = NULL; + + if ($this->_attachments_have_multipart('mixed')) + { + $atc_boundary = uniqid('B_ATC_'); + $hdr .= 'Content-Type: multipart/mixed; boundary="'.$atc_boundary.'"'; + $last_boundary = $atc_boundary; + } + + if ($this->_attachments_have_multipart('related')) + { + $rel_boundary = uniqid('B_REL_'); + $rel_boundary_header = 'Content-Type: multipart/related; boundary="'.$rel_boundary.'"'; + + if (isset($last_boundary)) + { + $body .= '--'.$last_boundary.$this->newline.$rel_boundary_header; + } + else + { + $hdr .= $rel_boundary_header; + } + + $last_boundary = $rel_boundary; + } if ($this->_get_protocol() === 'mail') { $this->_header_str .= $hdr; } + self::strlen($body) && $body .= $this->newline.$this->newline; $body .= $this->_get_mime_message().$this->newline.$this->newline - .'--'.$this->_atc_boundary.$this->newline + .'--'.$last_boundary.$this->newline - .'Content-Type: multipart/alternative; boundary="'.$this->_alt_boundary.'"'.$this->newline.$this->newline - .'--'.$this->_alt_boundary.$this->newline + .'Content-Type: multipart/alternative; boundary="'.$alt_boundary.'"'.$this->newline.$this->newline + .'--'.$alt_boundary.$this->newline .'Content-Type: text/plain; charset='.$this->charset.$this->newline .'Content-Transfer-Encoding: '.$this->_get_encoding().$this->newline.$this->newline - .$this->_get_alt_message().$this->newline.$this->newline.'--'.$this->_alt_boundary.$this->newline + .$this->_get_alt_message().$this->newline.$this->newline + .'--'.$alt_boundary.$this->newline .'Content-Type: text/html; charset='.$this->charset.$this->newline .'Content-Transfer-Encoding: quoted-printable'.$this->newline.$this->newline .$this->_prep_quoted_printable($this->_body).$this->newline.$this->newline - .'--'.$this->_alt_boundary.'--'.$this->newline.$this->newline; - - break; - } + .'--'.$alt_boundary.'--'.$this->newline.$this->newline; - $attachment = array(); - for ($i = 0, $c = count($this->_attachments), $z = 0; $i < $c; $i++) - { - $filename = $this->_attachments[$i]['name'][0]; - $basename = ($this->_attachments[$i]['name'][1] === NULL) - ? basename($filename) : $this->_attachments[$i]['name'][1]; + if ( ! empty($rel_boundary)) + { + $body .= $this->newline.$this->newline; + $this->_append_attachments($body, $rel_boundary, 'related'); + } - $attachment[$z++] = '--'.$this->_atc_boundary.$this->newline - .'Content-type: '.$this->_attachments[$i]['type'].'; ' - .'name="'.$basename.'"'.$this->newline - .'Content-Disposition: '.$this->_attachments[$i]['disposition'].';'.$this->newline - .'Content-Transfer-Encoding: base64'.$this->newline - .(empty($this->_attachments[$i]['cid']) ? '' : 'Content-ID: <'.$this->_attachments[$i]['cid'].'>'.$this->newline); + // multipart/mixed attachments + if ( ! empty($atc_boundary)) + { + $body .= $this->newline.$this->newline; + $this->_append_attachments($body, $atc_boundary, 'mixed'); + } - $attachment[$z++] = $this->_attachments[$i]['content']; + break; } - $body .= implode($this->newline, $attachment).$this->newline.'--'.$this->_atc_boundary.'--'; $this->_finalbody = ($this->_get_protocol() === 'mail') ? $body : $hdr.$this->newline.$this->newline.$body; @@ -1458,6 +1417,58 @@ class CI_Email { // -------------------------------------------------------------------- + protected function _attachments_have_multipart($type) + { + foreach ($this->_attachments as &$attachment) + { + if ($attachment['multipart'] === $type) + { + return TRUE; + } + } + + return FALSE; + } + + // -------------------------------------------------------------------- + + /** + * Prepares attachment string + * + * @param string $body Message body to append to + * @param string $boundary Multipart boundary + * @param string $multipart When provided, only attachments of this type will be processed + * @return string + */ + protected function _append_attachments(&$body, $boundary, $multipart = null) + { + for ($i = 0, $c = count($this->_attachments); $i < $c; $i++) + { + if (isset($multipart) && $this->_attachments[$i]['multipart'] !== $multipart) + { + continue; + } + + $name = isset($this->_attachments[$i]['name'][1]) + ? $this->_attachments[$i]['name'][1] + : basename($this->_attachments[$i]['name'][0]); + + $body .= '--'.$boundary.$this->newline + .'Content-Type: '.$this->_attachments[$i]['type'].'; name="'.$name.'"'.$this->newline + .'Content-Disposition: '.$this->_attachments[$i]['disposition'].';'.$this->newline + .'Content-Transfer-Encoding: base64'.$this->newline + .(empty($this->_attachments[$i]['cid']) ? '' : 'Content-ID: <'.$this->_attachments[$i]['cid'].'>'.$this->newline) + .$this->newline + .$this->_attachments[$i]['content'].$this->newline; + } + + // $name won't be set if no attachments were appended, + // and therefore a boundary wouldn't be necessary + empty($name) OR $body .= '--'.$boundary.'--'; + } + + // -------------------------------------------------------------------- + /** * Prep Quoted Printable * @@ -1469,6 +1480,20 @@ class CI_Email { */ protected function _prep_quoted_printable($str) { + // ASCII code numbers for "safe" characters that can always be + // used literally, without encoding, as described in RFC 2049. + // http://www.ietf.org/rfc/rfc2049.txt + static $ascii_safe_chars = array( + // ' ( ) + , - . / : = ? + 39, 40, 41, 43, 44, 45, 46, 47, 58, 61, 63, + // numbers + 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, + // upper-case letters + 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78, 79, 80, 81, 82, 83, 84, 85, 86, 87, 88, 89, 90, + // lower-case letters + 97, 98, 99, 100, 101, 102, 103, 104, 105, 106, 107, 108, 109, 110, 111, 112, 113, 114, 115, 116, 117, 118, 119, 120, 121, 122 + ); + // We are intentionally wrapping so mail servers will encode characters // properly and MUAs will behave, so {unwrap} must go! $str = str_replace(array('{unwrap}', '{/unwrap}'), '', $str); @@ -1479,14 +1504,7 @@ class CI_Email { // which only works with "\n". if ($this->crlf === "\r\n") { - if (is_php('5.3')) - { - return quoted_printable_encode($str); - } - elseif (function_exists('imap_8bit')) - { - return imap_8bit($str); - } + return quoted_printable_encode($str); } // Reduce multiple spaces & remove nulls @@ -1503,7 +1521,7 @@ class CI_Email { foreach (explode("\n", $str) as $line) { - $length = strlen($line); + $length = self::strlen($line); $temp = ''; // Loop through each character in the line to add soft-wrap @@ -1516,18 +1534,29 @@ class CI_Email { $ascii = ord($char); // Convert spaces and tabs but only if it's the end of the line - if ($i === ($length - 1) && ($ascii === 32 OR $ascii === 9)) + if ($ascii === 32 OR $ascii === 9) { - $char = $escape.sprintf('%02s', dechex($ascii)); + if ($i === ($length - 1)) + { + $char = $escape.sprintf('%02s', dechex($ascii)); + } } - elseif ($ascii === 61) // encode = signs + // DO NOT move this below the $ascii_safe_chars line! + // + // = (equals) signs are allowed by RFC2049, but must be encoded + // as they are the encoding delimiter! + elseif ($ascii === 61) { $char = $escape.strtoupper(sprintf('%02s', dechex($ascii))); // =3D } + elseif ( ! in_array($ascii, $ascii_safe_chars, TRUE)) + { + $char = $escape.strtoupper(sprintf('%02s', dechex($ascii))); + } // If we're at the character limit, add the line to the output, // reset our temp variable, and keep on chuggin' - if ((strlen($temp) + strlen($char)) >= 76) + if ((self::strlen($temp) + self::strlen($char)) >= 76) { $output .= $temp.$escape.$this->crlf; $temp = ''; @@ -1542,7 +1571,7 @@ class CI_Email { } // get rid of extra CRLF tacked onto the end - return substr($output, 0, strlen($this->crlf) * -1); + return self::substr($output, 0, self::strlen($this->crlf) * -1); } // -------------------------------------------------------------------- @@ -1563,11 +1592,10 @@ class CI_Email { if ($this->charset === 'UTF-8') { - if (MB_ENABLED === TRUE) - { - return mb_encode_mimeheader($str, $this->charset, 'Q', $this->crlf); - } - elseif (ICONV_ENABLED === TRUE) + // Note: We used to have mb_encode_mimeheader() as the first choice + // here, but it turned out to be buggy and unreliable. DO NOT + // re-add it! -- Narf + if (ICONV_ENABLED === TRUE) { $output = @iconv_mime_encode('', $str, array( @@ -1585,18 +1613,22 @@ class CI_Email { // iconv_mime_encode() will always put a header field name. // We've passed it an empty one, but it still prepends our // encoded string with ': ', so we need to strip it. - return substr($output, 2); + return self::substr($output, 2); } $chars = iconv_strlen($str, 'UTF-8'); } + elseif (MB_ENABLED === TRUE) + { + $chars = mb_strlen($str, 'UTF-8'); + } } // We might already have this set for UTF-8 - isset($chars) OR $chars = strlen($str); + isset($chars) OR $chars = self::strlen($str); $output = '=?'.$this->charset.'?Q?'; - for ($i = 0, $length = strlen($output); $i < $chars; $i++) + for ($i = 0, $length = self::strlen($output); $i < $chars; $i++) { $chr = ($this->charset === 'UTF-8' && ICONV_ENABLED === TRUE) ? '='.implode('=', str_split(strtoupper(bin2hex(iconv_substr($str, $i, 1, $this->charset))), 2)) @@ -1604,11 +1636,11 @@ class CI_Email { // RFC 2045 sets a limit of 76 characters per line. // We'll append ?= to the end of each line though. - if ($length + ($l = strlen($chr)) > 74) + if ($length + ($l = self::strlen($chr)) > 74) { $output .= '?='.$this->crlf // EOL .' =?'.$this->charset.'?Q?'.$chr; // New line - $length = 6 + strlen($this->charset) + $l; // Reset the length for the new line + $length = 6 + self::strlen($this->charset) + $l; // Reset the length for the new line } else { @@ -1701,14 +1733,14 @@ class CI_Email { if ($i === $float) { - $chunk[] = substr($set, 1); + $chunk[] = self::substr($set, 1); $float += $this->bcc_batch_size; $set = ''; } if ($i === $c-1) { - $chunk[] = substr($set, 1); + $chunk[] = self::substr($set, 1); } } @@ -1791,6 +1823,33 @@ class CI_Email { // -------------------------------------------------------------------- /** + * Validate email for shell + * + * Applies stricter, shell-safe validation to email addresses. + * Introduced to prevent RCE via sendmail's -f option. + * + * @see https://github.com/bcit-ci/CodeIgniter/issues/4963 + * @see https://gist.github.com/Zenexer/40d02da5e07f151adeaeeaa11af9ab36 + * @license https://creativecommons.org/publicdomain/zero/1.0/ CC0 1.0, Public Domain + * + * Credits for the base concept go to Paul Buonopane <paul@namepros.com> + * + * @param string $email + * @return bool + */ + protected function _validate_email_for_shell(&$email) + { + if (function_exists('idn_to_ascii') && $atpos = strpos($email, '@')) + { + $email = self::substr($email, 0, ++$atpos).idn_to_ascii(self::substr($email, $atpos)); + } + + return (filter_var($email, FILTER_VALIDATE_EMAIL) === $email && preg_match('#\A[a-z0-9._+-]+@[a-z0-9.-]{1,253}\z#i', $email)); + } + + // -------------------------------------------------------------------- + + /** * Send using mail() * * @return bool @@ -1802,16 +1861,18 @@ class CI_Email { $this->_recipients = implode(', ', $this->_recipients); } - if ($this->_safe_mode === TRUE) + // _validate_email_for_shell() below accepts by reference, + // so this needs to be assigned to a variable + $from = $this->clean_email($this->_headers['Return-Path']); + + if ( ! $this->_validate_email_for_shell($from)) { return mail($this->_recipients, $this->_subject, $this->_finalbody, $this->_header_str); } - else - { - // most documentation of sendmail using the "-f" flag lacks a space after it, however - // we've encountered servers that seem to require it to be in place. - return mail($this->_recipients, $this->_subject, $this->_finalbody, $this->_header_str, '-f '.$this->clean_email($this->_headers['Return-Path'])); - } + + // most documentation of sendmail using the "-f" flag lacks a space after it, however + // we've encountered servers that seem to require it to be in place. + return mail($this->_recipients, $this->_subject, $this->_finalbody, $this->_header_str, '-f '.$from); } // -------------------------------------------------------------------- @@ -1823,14 +1884,22 @@ class CI_Email { */ protected function _send_with_sendmail() { + // _validate_email_for_shell() below accepts by reference, + // so this needs to be assigned to a variable + $from = $this->clean_email($this->_headers['From']); + if ($this->_validate_email_for_shell($from)) + { + $from = '-f '.$from; + } + else + { + $from = ''; + } + // is popen() enabled? - if ( ! function_usable('popen') - OR FALSE === ($fp = @popen( - $this->mailpath.' -oi -f '.$this->clean_email($this->_headers['From']) - .' -t -r '.$this->clean_email($this->_headers['Return-Path']) - , 'w')) - ) // server probably has popen disabled, so nothing we can do to get a verbose error. + if ( ! function_usable('popen') OR FALSE === ($fp = @popen($this->mailpath.' -oi '.$from.' -t', 'w'))) { + // server probably has popen disabled, so nothing we can do to get a verbose error. return FALSE; } @@ -1869,20 +1938,29 @@ class CI_Email { return FALSE; } - $this->_send_command('from', $this->clean_email($this->_headers['From'])); + if ( ! $this->_send_command('from', $this->clean_email($this->_headers['From']))) + { + $this->_smtp_end(); + return FALSE; + } foreach ($this->_recipients as $val) { - $this->_send_command('to', $val); + if ( ! $this->_send_command('to', $val)) + { + $this->_smtp_end(); + return FALSE; + } } if (count($this->_cc_array) > 0) { foreach ($this->_cc_array as $val) { - if ($val !== '') + if ($val !== '' && ! $this->_send_command('to', $val)) { - $this->_send_command('to', $val); + $this->_smtp_end(); + return FALSE; } } } @@ -1891,14 +1969,19 @@ class CI_Email { { foreach ($this->_bcc_array as $val) { - if ($val !== '') + if ($val !== '' && ! $this->_send_command('to', $val)) { - $this->_send_command('to', $val); + $this->_smtp_end(); + return FALSE; } } } - $this->_send_command('data'); + if ( ! $this->_send_command('data')) + { + $this->_smtp_end(); + return FALSE; + } // perform dot transformation on any lines that begin with a dot $this->_send_data($this->_header_str.preg_replace('/^\./m', '..$1', $this->_finalbody)); @@ -1906,30 +1989,38 @@ class CI_Email { $this->_send_data('.'); $reply = $this->_get_smtp_data(); - $this->_set_error_message($reply); + $this->_smtp_end(); + if (strpos($reply, '250') !== 0) { $this->_set_error_message('lang:email_smtp_error', $reply); return FALSE; } - if ($this->smtp_keepalive) - { - $this->_send_command('reset'); - } - else - { - $this->_send_command('quit'); - } - return TRUE; } // -------------------------------------------------------------------- /** + * SMTP End + * + * Shortcut to send RSET or QUIT depending on keep-alive + * + * @return void + */ + protected function _smtp_end() + { + ($this->smtp_keepalive) + ? $this->_send_command('reset') + : $this->_send_command('quit'); + } + + // -------------------------------------------------------------------- + + /** * SMTP Connect * * @return string @@ -1982,7 +2073,7 @@ class CI_Email { * * @param string * @param string - * @return string + * @return bool */ protected function _send_command($cmd, $data = '') { @@ -2045,7 +2136,7 @@ class CI_Email { $this->_debug_msg[] = '<pre>'.$cmd.': '.$reply.'</pre>'; - if ((int) substr($reply, 0, 3) !== $resp) + if ((int) self::substr($reply, 0, 3) !== $resp) { $this->_set_error_message('lang:email_smtp_error', $reply); return FALSE; @@ -2113,6 +2204,11 @@ class CI_Email { return FALSE; } + if ($this->smtp_keepalive) + { + $this->_smtp_auth = FALSE; + } + return TRUE; } @@ -2127,9 +2223,9 @@ class CI_Email { protected function _send_data($data) { $data .= $this->newline; - for ($written = $timestamp = 0, $length = strlen($data); $written < $length; $written += $result) + for ($written = $timestamp = 0, $length = self::strlen($data); $written < $length; $written += $result) { - if (($result = fwrite($this->_smtp_connect, substr($data, $written))) === FALSE) + if (($result = fwrite($this->_smtp_connect, self::substr($data, $written))) === FALSE) { break; } @@ -2302,4 +2398,52 @@ class CI_Email { return 'application/x-unknown-content-type'; } + // -------------------------------------------------------------------- + + /** + * Destructor + * + * @return void + */ + public function __destruct() + { + is_resource($this->_smtp_connect) && $this->_send_command('quit'); + } + + // -------------------------------------------------------------------- + + /** + * Byte-safe strlen() + * + * @param string $str + * @return int + */ + protected static function strlen($str) + { + return (self::$func_override) + ? mb_strlen($str, '8bit') + : strlen($str); + } + + // -------------------------------------------------------------------- + + /** + * Byte-safe substr() + * + * @param string $str + * @param int $start + * @param int $length + * @return string + */ + protected static function substr($str, $start, $length = NULL) + { + if (self::$func_override) + { + return mb_substr($str, $start, $length, '8bit'); + } + + return isset($length) + ? substr($str, $start, $length) + : substr($str, $start); + } } diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index a46d4f462..46f374726 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Libraries * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/encryption.html + * @link https://codeigniter.com/user_guide/libraries/encryption.html */ class CI_Encrypt { @@ -198,7 +198,7 @@ class CI_Encrypt { * This allows for backwards compatibility and a method to transition to the * new encryption algorithms. * - * For more details, see http://codeigniter.com/user_guide/installation/upgrade_200.html#encryption + * For more details, see https://codeigniter.com/user_guide/installation/upgrade_200.html#encryption * * @param string * @param int (mcrypt mode constant) diff --git a/system/libraries/Encryption.php b/system/libraries/Encryption.php index f3e039881..6799d0fef 100644 --- a/system/libraries/Encryption.php +++ b/system/libraries/Encryption.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Libraries * @author Andrey Andreev - * @link http://codeigniter.com/user_guide/libraries/encryption.html + * @link https://codeigniter.com/user_guide/libraries/encryption.html */ class CI_Encryption { @@ -152,10 +152,8 @@ class CI_Encryption { public function __construct(array $params = array()) { $this->_drivers = array( - 'mcrypt' => defined('MCRYPT_DEV_URANDOM'), - // While OpenSSL is available for PHP 5.3.0, an IV parameter - // for the encrypt/decrypt functions is only available since 5.3.3 - 'openssl' => (is_php('5.3.3') && extension_loaded('openssl')) + 'mcrypt' => defined('MCRYPT_DEV_URANDOM'), + 'openssl' => extension_loaded('openssl') ); if ( ! $this->_drivers['mcrypt'] && ! $this->_drivers['openssl']) @@ -337,9 +335,28 @@ class CI_Encryption { */ public function create_key($length) { - return ($this->_driver === 'mcrypt') - ? mcrypt_create_iv($length, MCRYPT_DEV_URANDOM) - : openssl_random_pseudo_bytes($length); + if (function_exists('random_bytes')) + { + try + { + return random_bytes((int) $length); + } + catch (Exception $e) + { + log_message('error', $e->getMessage()); + return FALSE; + } + } + elseif (defined('MCRYPT_DEV_URANDOM')) + { + return mcrypt_create_iv($length, MCRYPT_DEV_URANDOM); + } + + $is_secure = NULL; + $key = openssl_random_pseudo_bytes($length, $is_secure); + return ($is_secure === TRUE) + ? $key + : FALSE; } // -------------------------------------------------------------------- @@ -395,7 +412,7 @@ class CI_Encryption { // The greater-than-1 comparison is mostly a work-around for a bug, // where 1 is returned for ARCFour instead of 0. $iv = (($iv_size = mcrypt_enc_get_iv_size($params['handle'])) > 1) - ? mcrypt_create_iv($iv_size, MCRYPT_DEV_URANDOM) + ? $this->create_key($iv_size) : NULL; if (mcrypt_generic_init($params['handle'], $params['key'], $iv) < 0) @@ -458,14 +475,14 @@ class CI_Encryption { } $iv = ($iv_size = openssl_cipher_iv_length($params['handle'])) - ? openssl_random_pseudo_bytes($iv_size) + ? $this->create_key($iv_size) : NULL; $data = openssl_encrypt( $data, $params['handle'], $params['key'], - 1, // DO NOT TOUCH! + OPENSSL_RAW_DATA, $iv ); @@ -624,7 +641,7 @@ class CI_Encryption { $data, $params['handle'], $params['key'], - 1, // DO NOT TOUCH! + OPENSSL_RAW_DATA, $iv ); } @@ -890,7 +907,7 @@ class CI_Encryption { * Byte-safe strlen() * * @param string $str - * @return integer + * @return int */ protected static function strlen($str) { @@ -913,9 +930,6 @@ class CI_Encryption { { if (self::$func_override) { - // mb_substr($str, $start, null, '8bit') returns an empty - // string on PHP 5.3 - isset($length) OR $length = ($start >= 0 ? self::strlen($str) - $start : -$start); return mb_substr($str, $start, $length, '8bit'); } diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php index d9ecc45f9..7be0b949d 100644 --- a/system/libraries/Form_validation.php +++ b/system/libraries/Form_validation.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Validation * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/form_validation.html + * @link https://codeigniter.com/user_guide/libraries/form_validation.html */ class CI_Form_validation { @@ -164,7 +164,7 @@ class CI_Form_validation { * @param array $errors * @return CI_Form_validation */ - public function set_rules($field, $label = '', $rules = array(), $errors = array()) + public function set_rules($field, $label = null, $rules = null, $errors = array()) { // No reason to set rules if we have no POST data // or a validation array has not been specified @@ -197,6 +197,10 @@ class CI_Form_validation { return $this; } + elseif ( ! isset($rules)) + { + throw new BadMethodCallException('Form_validation: set_rules() called without a $rules parameter'); + } // No fields or no rules? Nothing to do... if ( ! is_string($field) OR $field === '' OR empty($rules)) @@ -211,7 +215,7 @@ class CI_Form_validation { return $this; } - $rules = explode('|', $rules); + $rules = preg_split('/\|(?![^\[]*\])/', $rules); } // If the field label wasn't passed we use the field name @@ -415,12 +419,9 @@ class CI_Form_validation { */ public function run($group = '') { - // Do we even have any data to process? Mm? - $validation_array = empty($this->validation_data) ? $_POST : $this->validation_data; - if (count($validation_array) === 0) - { - return FALSE; - } + $validation_array = empty($this->validation_data) + ? $_POST + : $this->validation_data; // Does the _field_data array containing the validation rules exist? // If not, we look to see if they were assigned via a config file @@ -453,7 +454,7 @@ class CI_Form_validation { $this->CI->lang->load('form_validation'); // Cycle through the rules for each field and match the corresponding $validation_data item - foreach ($this->_field_data as $field => $row) + foreach ($this->_field_data as $field => &$row) { // Fetch the data from the validation_data array item and cache it in the _field_data array. // Depending on whether the field name is an array or a string will determine where we get it from. @@ -470,7 +471,7 @@ class CI_Form_validation { // Execute validation rules // Note: A second foreach (for now) is required in order to avoid false-positives // for rules like 'matches', which correlate to other validation fields. - foreach ($this->_field_data as $field => $row) + foreach ($this->_field_data as $field => &$row) { // Don't try to validate if we have no rules set if (empty($row['rules'])) @@ -478,7 +479,7 @@ class CI_Form_validation { continue; } - $this->_execute($row, $row['rules'], $this->_field_data[$field]['postdata']); + $this->_execute($row, $row['rules'], $row['postdata']); } // Did we end up with any errors? @@ -489,7 +490,7 @@ class CI_Form_validation { } // Now we need to re-set the POST data with the new, processed data - $this->_reset_post_array(); + empty($this->validation_data) && $this->_reset_post_array(); return ($total_errors === 0); } @@ -497,6 +498,63 @@ class CI_Form_validation { // -------------------------------------------------------------------- /** + * Prepare rules + * + * Re-orders the provided rules in order of importance, so that + * they can easily be executed later without weird checks ... + * + * "Callbacks" are given the highest priority (always called), + * followed by 'required' (called if callbacks didn't fail), + * and then every next rule depends on the previous one passing. + * + * @param array $rules + * @return array + */ + protected function _prepare_rules($rules) + { + $new_rules = array(); + $callbacks = array(); + + foreach ($rules as &$rule) + { + // Let 'required' always be the first (non-callback) rule + if ($rule === 'required') + { + array_unshift($new_rules, 'required'); + } + // 'isset' is a kind of a weird alias for 'required' ... + elseif ($rule === 'isset' && (empty($new_rules) OR $new_rules[0] !== 'required')) + { + array_unshift($new_rules, 'isset'); + } + // The old/classic 'callback_'-prefixed rules + elseif (is_string($rule) && strncmp('callback_', $rule, 9) === 0) + { + $callbacks[] = $rule; + } + // Proper callables + elseif (is_callable($rule)) + { + $callbacks[] = $rule; + } + // "Named" callables; i.e. array('name' => $callable) + elseif (is_array($rule) && isset($rule[0], $rule[1]) && is_callable($rule[1])) + { + $callbacks[] = $rule; + } + // Everything else goes at the end of the queue + else + { + $new_rules[] = $rule; + } + } + + return array_merge($callbacks, $new_rules); + } + + // -------------------------------------------------------------------- + + /** * Traverse a multidimensional $_POST array index until the data is found * * @param array @@ -530,10 +588,7 @@ class CI_Form_validation { { if ($row['is_array'] === FALSE) { - if (isset($_POST[$row['field']])) - { - $_POST[$row['field']] = $row['postdata']; - } + isset($_POST[$field]) && $_POST[$field] = $row['postdata']; } else { @@ -553,20 +608,7 @@ class CI_Form_validation { } } - if (is_array($row['postdata'])) - { - $array = array(); - foreach ($row['postdata'] as $k => $v) - { - $array[$k] = $v; - } - - $post_ref = $array; - } - else - { - $post_ref = $row['postdata']; - } + $post_ref = $row['postdata']; } } } @@ -586,7 +628,10 @@ class CI_Form_validation { protected function _execute($row, $rules, $postdata = NULL, $cycles = 0) { // If the $_POST data is an array we will run a recursive call - if (is_array($postdata)) + // + // Note: We MUST check if the array is empty or not! + // Otherwise empty arrays will always pass validation. + if (is_array($postdata) && ! empty($postdata)) { foreach ($postdata as $key => $val) { @@ -596,84 +641,7 @@ class CI_Form_validation { return; } - // If the field is blank, but NOT required, no further tests are necessary - $callback = FALSE; - if ( ! in_array('required', $rules) && ($postdata === NULL OR $postdata === '')) - { - // Before we bail out, does the rule contain a callback? - foreach ($rules as &$rule) - { - if (is_string($rule)) - { - if (strncmp($rule, 'callback_', 9) === 0) - { - $callback = TRUE; - $rules = array(1 => $rule); - break; - } - } - elseif (is_callable($rule)) - { - $callback = TRUE; - $rules = array(1 => $rule); - break; - } - elseif (is_array($rule) && isset($rule[0], $rule[1]) && is_callable($rule[1])) - { - $callback = TRUE; - $rules = array(array($rule[0], $rule[1])); - break; - } - } - - if ( ! $callback) - { - return; - } - } - - // Isset Test. Typically this rule will only apply to checkboxes. - if (($postdata === NULL OR $postdata === '') && ! $callback) - { - if (in_array('isset', $rules, TRUE) OR in_array('required', $rules)) - { - // Set the message type - $type = in_array('required', $rules) ? 'required' : 'isset'; - - // Check if a custom message is defined - if (isset($this->_field_data[$row['field']]['errors'][$type])) - { - $line = $this->_field_data[$row['field']]['errors'][$type]; - } - elseif (isset($this->_error_messages[$type])) - { - $line = $this->_error_messages[$type]; - } - elseif (FALSE === ($line = $this->CI->lang->line('form_validation_'.$type)) - // DEPRECATED support for non-prefixed keys - && FALSE === ($line = $this->CI->lang->line($type, FALSE))) - { - $line = 'The field was not set'; - } - - // Build the error message - $message = $this->_build_error_msg($line, $this->_translate_fieldname($row['label'])); - - // Save the error message - $this->_field_data[$row['field']]['error'] = $message; - - if ( ! isset($this->_error_array[$row['field']])) - { - $this->_error_array[$row['field']] = $message; - } - } - - return; - } - - // -------------------------------------------------------------------- - - // Cycle through each rule and run it + $rules = $this->_prepare_rules($rules); foreach ($rules as $rule) { $_in_array = FALSE; @@ -732,6 +700,17 @@ class CI_Form_validation { $param = $match[2]; } + // Ignore empty, non-required inputs with a few exceptions ... + if ( + ($postdata === NULL OR $postdata === '') + && $callback === FALSE + && $callable === FALSE + && ! in_array($rule, array('required', 'isset', 'matches'), TRUE) + ) + { + continue; + } + // Call the function that corresponds to the rule if ($callback OR $callable !== FALSE) { @@ -770,12 +749,6 @@ class CI_Form_validation { { $this->_field_data[$row['field']]['postdata'] = is_bool($result) ? $postdata : $result; } - - // If the field isn't required and we just processed a callback we'll move on... - if ( ! in_array('required', $rules, TRUE) && $result !== FALSE) - { - continue; - } } elseif ( ! method_exists($this, $rule)) { @@ -823,23 +796,9 @@ class CI_Form_validation { { $line = $this->CI->lang->line('form_validation_error_message_not_set').'(Anonymous function)'; } - // Check if a custom message is defined - elseif (isset($this->_field_data[$row['field']]['errors'][$rule])) - { - $line = $this->_field_data[$row['field']]['errors'][$rule]; - } - elseif ( ! isset($this->_error_messages[$rule])) - { - if (FALSE === ($line = $this->CI->lang->line('form_validation_'.$rule)) - // DEPRECATED support for non-prefixed keys - && FALSE === ($line = $this->CI->lang->line($rule, FALSE))) - { - $line = $this->CI->lang->line('form_validation_error_message_not_set').'('.$rule.')'; - } - } else { - $line = $this->_error_messages[$rule]; + $line = $this->_get_error_message($rule, $row['field']); } // Is the parameter we are inserting into the error message the name @@ -868,6 +827,40 @@ class CI_Form_validation { // -------------------------------------------------------------------- /** + * Get the error message for the rule + * + * @param string $rule The rule name + * @param string $field The field name + * @return string + */ + protected function _get_error_message($rule, $field) + { + // check if a custom message is defined through validation config row. + if (isset($this->_field_data[$field]['errors'][$rule])) + { + return $this->_field_data[$field]['errors'][$rule]; + } + // check if a custom message has been set using the set_message() function + elseif (isset($this->_error_messages[$rule])) + { + return $this->_error_messages[$rule]; + } + elseif (FALSE !== ($line = $this->CI->lang->line('form_validation_'.$rule))) + { + return $line; + } + // DEPRECATED support for non-prefixed keys, lang file again + elseif (FALSE !== ($line = $this->CI->lang->line($rule, FALSE))) + { + return $line; + } + + return $this->CI->lang->line('form_validation_error_message_not_set').'('.$rule.')'; + } + + // -------------------------------------------------------------------- + + /** * Translate a field name * * @param string the field name @@ -1065,7 +1058,9 @@ class CI_Form_validation { */ public function required($str) { - return is_array($str) ? (bool) count($str) : (trim($str) !== ''); + return is_array($str) + ? (empty($str) === FALSE) + : (trim($str) !== ''); } // -------------------------------------------------------------------- @@ -1209,7 +1204,7 @@ class CI_Form_validation { { return FALSE; } - elseif ( ! in_array($matches[1], array('http', 'https'), TRUE)) + elseif ( ! in_array(strtolower($matches[1]), array('http', 'https'), TRUE)) { return FALSE; } @@ -1217,18 +1212,15 @@ class CI_Form_validation { $str = $matches[2]; } - $str = 'http://'.$str; - - // There's a bug affecting PHP 5.2.13, 5.3.2 that considers the - // underscore to be a valid hostname character instead of a dash. - // Reference: https://bugs.php.net/bug.php?id=51192 - if (version_compare(PHP_VERSION, '5.2.13', '==') OR version_compare(PHP_VERSION, '5.3.2', '==')) + // PHP 7 accepts IPv6 addresses within square brackets as hostnames, + // but it appears that the PR that came in with https://bugs.php.net/bug.php?id=68039 + // was never merged into a PHP 5 branch ... https://3v4l.org/8PsSN + if (preg_match('/^\[([^\]]+)\]/', $str, $matches) && ! is_php('7') && filter_var($matches[1], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6) !== FALSE) { - sscanf($str, 'http://%[^/]', $host); - $str = substr_replace($str, strtr($host, array('_' => '-', '-' => '_')), 7, strlen($host)); + $str = 'ipv6.host'.substr($str, strlen($matches[1]) + 2); } - return (filter_var($str, FILTER_VALIDATE_URL) !== FALSE); + return (filter_var('http://'.$str, FILTER_VALIDATE_URL) !== FALSE); } // -------------------------------------------------------------------- @@ -1241,9 +1233,9 @@ class CI_Form_validation { */ public function valid_email($str) { - if (function_exists('idn_to_ascii') && $atpos = strpos($str, '@')) + if (function_exists('idn_to_ascii') && sscanf($str, '%[^@]@%s', $name, $domain) === 2) { - $str = substr($str, 0, ++$atpos).idn_to_ascii(substr($str, $atpos)); + $str = $name.'@'.idn_to_ascii($domain); } return (bool) filter_var($str, FILTER_VALIDATE_EMAIL); @@ -1292,6 +1284,31 @@ class CI_Form_validation { // -------------------------------------------------------------------- /** + * Validate MAC address + * + * @param string $mac + * @return bool + */ + public function valid_mac($mac) + { + if ( ! is_php('5.5')) + { + // Most common format, with either dash or colon delimiters + if (preg_match('#\A[0-9a-f]{2}(?<delimiter>[:-])([0-9a-f]{2}(?P=delimiter)){4}[0-9a-f]{2}\z#i', $mac)) + { + return TRUE; + } + + // The less common format; e.g. 0123.4567.89ab + return (bool) preg_match('#((\A|\.)[0-9a-f]{4}){3}\z#i', $mac); + } + + return (bool) filter_var($mac, FILTER_VALIDATE_MAC); + } + + // -------------------------------------------------------------------- + + /** * Alpha * * @param string @@ -1496,37 +1513,6 @@ class CI_Form_validation { // -------------------------------------------------------------------- /** - * Prep data for form - * - * This function allows HTML to be safely shown in a form. - * Special characters are converted. - * - * @param string - * @return string - */ - public function prep_for_form($data = '') - { - if ($this->_safe_form_data === FALSE OR empty($data)) - { - return $data; - } - - if (is_array($data)) - { - foreach ($data as $key => $val) - { - $data[$key] = $this->prep_for_form($val); - } - - return $data; - } - - return str_replace(array("'", '"', '<', '>'), array(''', '"', '<', '>'), stripslashes($data)); - } - - // -------------------------------------------------------------------- - - /** * Prep URL * * @param string @@ -1534,12 +1520,7 @@ class CI_Form_validation { */ public function prep_url($str = '') { - if ($str === 'http://' OR $str === '') - { - return ''; - } - - if (strpos($str, 'http://') !== 0 && strpos($str, 'https://') !== 0) + if ($str !== '' && stripos($str, 'http://') !== 0 && stripos($str, 'https://') !== 0) { return 'http://'.$str; } @@ -1586,7 +1567,6 @@ class CI_Form_validation { public function reset_validation() { $this->_field_data = array(); - $this->_config_rules = array(); $this->_error_array = array(); $this->_error_messages = array(); $this->error_string = ''; diff --git a/system/libraries/Ftp.php b/system/libraries/Ftp.php index 2d345c294..86e5b8f33 100644 --- a/system/libraries/Ftp.php +++ b/system/libraries/Ftp.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Libraries * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/ftp.html + * @link https://codeigniter.com/user_guide/libraries/ftp.html */ class CI_FTP { @@ -486,7 +486,7 @@ class CI_FTP { { for ($i = 0, $c = count($list); $i < $c; $i++) { - // If we can't delete the item it's probaly a directory, + // If we can't delete the item it's probably a directory, // so we'll recursively call delete_dir() if ( ! preg_match('#/\.\.?$#', $list[$i]) && ! @ftp_delete($this->conn_id, $list[$i])) { diff --git a/system/libraries/Image_lib.php b/system/libraries/Image_lib.php index e813efd89..8b5a1adb0 100644 --- a/system/libraries/Image_lib.php +++ b/system/libraries/Image_lib.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Image_lib * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/image_lib.html + * @link https://codeigniter.com/user_guide/libraries/image_lib.html */ class CI_Image_lib { @@ -392,6 +392,16 @@ class CI_Image_lib { $this->initialize($props); } + /** + * A work-around for some improperly formatted, but + * usable JPEGs; known to be produced by Samsung + * smartphones' front-facing cameras. + * + * @see https://github.com/bcit-ci/CodeIgniter/issues/4967 + * @see https://bugs.php.net/bug.php?id=72404 + */ + ini_set('gd.jpeg_ignore_warning', 1); + log_message('info', 'Image Lib Class Initialized'); } @@ -456,7 +466,7 @@ class CI_Image_lib { { if (property_exists($this, $key)) { - if (in_array($key, array('wm_font_color', 'wm_shadow_color'))) + if (in_array($key, array('wm_font_color', 'wm_shadow_color'), TRUE)) { if (preg_match('/^#?([0-9a-f]{3}|[0-9a-f]{6})$/i', $val, $matches)) { @@ -478,6 +488,10 @@ class CI_Image_lib { continue; } } + elseif (in_array($key, array('width', 'height'), TRUE) && ! ctype_digit((string) $val)) + { + continue; + } $this->$key = $val; } @@ -540,37 +554,30 @@ class CI_Image_lib { */ if ($this->new_image === '') { - $this->dest_image = $this->source_image; + $this->dest_image = $this->source_image; $this->dest_folder = $this->source_folder; } - elseif (strpos($this->new_image, '/') === FALSE) + elseif (strpos($this->new_image, '/') === FALSE && strpos($this->new_image, '\\') === FALSE) { + $this->dest_image = $this->new_image; $this->dest_folder = $this->source_folder; - $this->dest_image = $this->new_image; } else { - if (strpos($this->new_image, '/') === FALSE && strpos($this->new_image, '\\') === FALSE) - { - $full_dest_path = str_replace('\\', '/', realpath($this->new_image)); - } - else - { - $full_dest_path = $this->new_image; - } - // Is there a file name? - if ( ! preg_match('#\.(jpg|jpeg|gif|png)$#i', $full_dest_path)) + if ( ! preg_match('#\.(jpg|jpeg|gif|png)$#i', $this->new_image)) { - $this->dest_folder = $full_dest_path.'/'; - $this->dest_image = $this->source_image; + $this->dest_image = $this->source_image; + $this->dest_folder = $this->new_image; } else { - $x = explode('/', $full_dest_path); - $this->dest_image = end($x); - $this->dest_folder = str_replace($this->dest_image, '', $full_dest_path); + $x = explode('/', str_replace('\\', '/', $this->new_image)); + $this->dest_image = end($x); + $this->dest_folder = str_replace($this->dest_image, '', $this->new_image); } + + $this->dest_folder = realpath($this->dest_folder).'/'; } /* Compile the finalized filenames/paths @@ -862,27 +869,28 @@ class CI_Image_lib { if ($action === 'crop') { - $cmd .= ' -crop '.$this->width.'x'.$this->height.'+'.$this->x_axis.'+'.$this->y_axis.' "'.$this->full_src_path.'" "'.$this->full_dst_path .'" 2>&1'; + $cmd .= ' -crop '.$this->width.'x'.$this->height.'+'.$this->x_axis.'+'.$this->y_axis; } elseif ($action === 'rotate') { - $angle = ($this->rotation_angle === 'hor' OR $this->rotation_angle === 'vrt') - ? '-flop' : '-rotate '.$this->rotation_angle; - - $cmd .= ' '.$angle.' "'.$this->full_src_path.'" "'.$this->full_dst_path.'" 2>&1'; + $cmd .= ($this->rotation_angle === 'hor' OR $this->rotation_angle === 'vrt') + ? ' -flop' + : ' -rotate '.$this->rotation_angle; } else // Resize { if($this->maintain_ratio === TRUE) { - $cmd .= ' -resize '.$this->width.'x'.$this->height.' "'.$this->full_src_path.'" "'.$this->full_dst_path.'" 2>&1'; + $cmd .= ' -resize '.$this->width.'x'.$this->height; } else { - $cmd .= ' -resize '.$this->width.'x'.$this->height.'\! "'.$this->full_src_path.'" "'.$this->full_dst_path.'" 2>&1'; + $cmd .= ' -resize '.$this->width.'x'.$this->height.'\!'; } } + $cmd .= ' '.escapeshellarg($this->full_src_path).' '.escapeshellarg($this->full_dst_path).' 2>&1'; + $retval = 1; // exec() might be disabled if (function_usable('exec')) @@ -1196,7 +1204,7 @@ class CI_Image_lib { } // Build the finalized image - if ($wm_img_type === 3 && function_exists('imagealphablending')) + if ($wm_img_type === 3) { @imagealphablending($src_img, TRUE); } @@ -1641,25 +1649,31 @@ class CI_Image_lib { } $vals = getimagesize($path); + if ($vals === FALSE) + { + $this->set_error('imglib_invalid_image'); + return FALSE; + } + $types = array(1 => 'gif', 2 => 'jpeg', 3 => 'png'); - $mime = (isset($types[$vals[2]])) ? 'image/'.$types[$vals[2]] : 'image/jpg'; + $mime = isset($types[$vals[2]]) ? 'image/'.$types[$vals[2]] : 'image/jpg'; if ($return === TRUE) { return array( - 'width' => $vals[0], - 'height' => $vals[1], - 'image_type' => $vals[2], - 'size_str' => $vals[3], - 'mime_type' => $mime - ); - } - - $this->orig_width = $vals[0]; - $this->orig_height = $vals[1]; - $this->image_type = $vals[2]; - $this->size_str = $vals[3]; - $this->mime_type = $mime; + 'width' => $vals[0], + 'height' => $vals[1], + 'image_type' => $vals[2], + 'size_str' => $vals[3], + 'mime_type' => $mime + ); + } + + $this->orig_width = $vals[0]; + $this->orig_height = $vals[1]; + $this->image_type = $vals[2]; + $this->size_str = $vals[3]; + $this->mime_type = $mime; return TRUE; } diff --git a/system/libraries/Javascript.php b/system/libraries/Javascript.php deleted file mode 100644 index 4cc628692..000000000 --- a/system/libraries/Javascript.php +++ /dev/null @@ -1,856 +0,0 @@ -<?php -/** - * CodeIgniter - * - * An open source application development framework for PHP - * - * This content is released under the MIT License (MIT) - * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology - * - * Permission is hereby granted, free of charge, to any person obtaining a copy - * of this software and associated documentation files (the "Software"), to deal - * in the Software without restriction, including without limitation the rights - * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell - * copies of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included in - * all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, - * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN - * THE SOFTWARE. - * - * @package CodeIgniter - * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) - * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com - * @since Version 1.0.0 - * @filesource - */ -defined('BASEPATH') OR exit('No direct script access allowed'); - -/** - * Javascript Class - * - * @package CodeIgniter - * @subpackage Libraries - * @category Javascript - * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/javascript.html - * @deprecated 3.0.0 This was never a good idea in the first place. - */ -class CI_Javascript { - - /** - * JavaScript location - * - * @var string - */ - protected $_javascript_location = 'js'; - - // -------------------------------------------------------------------- - - /** - * Constructor - * - * @param array $params - * @return void - */ - public function __construct($params = array()) - { - $defaults = array('js_library_driver' => 'jquery', 'autoload' => TRUE); - - foreach ($defaults as $key => $val) - { - if (isset($params[$key]) && $params[$key] !== '') - { - $defaults[$key] = $params[$key]; - } - } - - extract($defaults); - - $this->CI =& get_instance(); - - // load the requested js library - $this->CI->load->library('Javascript/'.$js_library_driver, array('autoload' => $autoload)); - // make js to refer to current library - $this->js =& $this->CI->$js_library_driver; - - log_message('info', 'Javascript Class Initialized and loaded. Driver used: '.$js_library_driver); - } - - // -------------------------------------------------------------------- - // Event Code - // -------------------------------------------------------------------- - - /** - * Blur - * - * Outputs a javascript library blur event - * - * @param string The element to attach the event to - * @param string The code to execute - * @return string - */ - public function blur($element = 'this', $js = '') - { - return $this->js->_blur($element, $js); - } - - // -------------------------------------------------------------------- - - /** - * Change - * - * Outputs a javascript library change event - * - * @param string The element to attach the event to - * @param string The code to execute - * @return string - */ - public function change($element = 'this', $js = '') - { - return $this->js->_change($element, $js); - } - - // -------------------------------------------------------------------- - - /** - * Click - * - * Outputs a javascript library click event - * - * @param string The element to attach the event to - * @param string The code to execute - * @param bool whether or not to return false - * @return string - */ - public function click($element = 'this', $js = '', $ret_false = TRUE) - { - return $this->js->_click($element, $js, $ret_false); - } - - // -------------------------------------------------------------------- - - /** - * Double Click - * - * Outputs a javascript library dblclick event - * - * @param string The element to attach the event to - * @param string The code to execute - * @return string - */ - public function dblclick($element = 'this', $js = '') - { - return $this->js->_dblclick($element, $js); - } - - // -------------------------------------------------------------------- - - /** - * Error - * - * Outputs a javascript library error event - * - * @param string The element to attach the event to - * @param string The code to execute - * @return string - */ - public function error($element = 'this', $js = '') - { - return $this->js->_error($element, $js); - } - - // -------------------------------------------------------------------- - - /** - * Focus - * - * Outputs a javascript library focus event - * - * @param string The element to attach the event to - * @param string The code to execute - * @return string - */ - public function focus($element = 'this', $js = '') - { - return $this->js->_focus($element, $js); - } - - // -------------------------------------------------------------------- - - /** - * Hover - * - * Outputs a javascript library hover event - * - * @param string - element - * @param string - Javascript code for mouse over - * @param string - Javascript code for mouse out - * @return string - */ - public function hover($element = 'this', $over = '', $out = '') - { - return $this->js->_hover($element, $over, $out); - } - - // -------------------------------------------------------------------- - - /** - * Keydown - * - * Outputs a javascript library keydown event - * - * @param string The element to attach the event to - * @param string The code to execute - * @return string - */ - public function keydown($element = 'this', $js = '') - { - return $this->js->_keydown($element, $js); - } - - // -------------------------------------------------------------------- - - /** - * Keyup - * - * Outputs a javascript library keydown event - * - * @param string The element to attach the event to - * @param string The code to execute - * @return string - */ - public function keyup($element = 'this', $js = '') - { - return $this->js->_keyup($element, $js); - } - - // -------------------------------------------------------------------- - - /** - * Load - * - * Outputs a javascript library load event - * - * @param string The element to attach the event to - * @param string The code to execute - * @return string - */ - public function load($element = 'this', $js = '') - { - return $this->js->_load($element, $js); - } - - // -------------------------------------------------------------------- - - /** - * Mousedown - * - * Outputs a javascript library mousedown event - * - * @param string The element to attach the event to - * @param string The code to execute - * @return string - */ - public function mousedown($element = 'this', $js = '') - { - return $this->js->_mousedown($element, $js); - } - - // -------------------------------------------------------------------- - - /** - * Mouse Out - * - * Outputs a javascript library mouseout event - * - * @param string The element to attach the event to - * @param string The code to execute - * @return string - */ - public function mouseout($element = 'this', $js = '') - { - return $this->js->_mouseout($element, $js); - } - - // -------------------------------------------------------------------- - - /** - * Mouse Over - * - * Outputs a javascript library mouseover event - * - * @param string The element to attach the event to - * @param string The code to execute - * @return string - */ - public function mouseover($element = 'this', $js = '') - { - return $this->js->_mouseover($element, $js); - } - - // -------------------------------------------------------------------- - - /** - * Mouseup - * - * Outputs a javascript library mouseup event - * - * @param string The element to attach the event to - * @param string The code to execute - * @return string - */ - public function mouseup($element = 'this', $js = '') - { - return $this->js->_mouseup($element, $js); - } - - // -------------------------------------------------------------------- - - /** - * Output - * - * Outputs the called javascript to the screen - * - * @param string The code to output - * @return string - */ - public function output($js) - { - return $this->js->_output($js); - } - - // -------------------------------------------------------------------- - - /** - * Ready - * - * Outputs a javascript library mouseup event - * - * @param string $js Code to execute - * @return string - */ - public function ready($js) - { - return $this->js->_document_ready($js); - } - - // -------------------------------------------------------------------- - - /** - * Resize - * - * Outputs a javascript library resize event - * - * @param string The element to attach the event to - * @param string The code to execute - * @return string - */ - public function resize($element = 'this', $js = '') - { - return $this->js->_resize($element, $js); - } - - // -------------------------------------------------------------------- - - /** - * Scroll - * - * Outputs a javascript library scroll event - * - * @param string The element to attach the event to - * @param string The code to execute - * @return string - */ - public function scroll($element = 'this', $js = '') - { - return $this->js->_scroll($element, $js); - } - - // -------------------------------------------------------------------- - - /** - * Unload - * - * Outputs a javascript library unload event - * - * @param string The element to attach the event to - * @param string The code to execute - * @return string - */ - public function unload($element = 'this', $js = '') - { - return $this->js->_unload($element, $js); - } - - // -------------------------------------------------------------------- - // Effects - // -------------------------------------------------------------------- - - /** - * Add Class - * - * Outputs a javascript library addClass event - * - * @param string - element - * @param string - Class to add - * @return string - */ - public function addClass($element = 'this', $class = '') - { - return $this->js->_addClass($element, $class); - } - - // -------------------------------------------------------------------- - - /** - * Animate - * - * Outputs a javascript library animate event - * - * @param string $element = 'this' - * @param array $params = array() - * @param mixed $speed 'slow', 'normal', 'fast', or time in milliseconds - * @param string $extra - * @return string - */ - public function animate($element = 'this', $params = array(), $speed = '', $extra = '') - { - return $this->js->_animate($element, $params, $speed, $extra); - } - - // -------------------------------------------------------------------- - - /** - * Fade In - * - * Outputs a javascript library hide event - * - * @param string - element - * @param string - One of 'slow', 'normal', 'fast', or time in milliseconds - * @param string - Javascript callback function - * @return string - */ - public function fadeIn($element = 'this', $speed = '', $callback = '') - { - return $this->js->_fadeIn($element, $speed, $callback); - } - - // -------------------------------------------------------------------- - - /** - * Fade Out - * - * Outputs a javascript library hide event - * - * @param string - element - * @param string - One of 'slow', 'normal', 'fast', or time in milliseconds - * @param string - Javascript callback function - * @return string - */ - public function fadeOut($element = 'this', $speed = '', $callback = '') - { - return $this->js->_fadeOut($element, $speed, $callback); - } - // -------------------------------------------------------------------- - - /** - * Slide Up - * - * Outputs a javascript library slideUp event - * - * @param string - element - * @param string - One of 'slow', 'normal', 'fast', or time in milliseconds - * @param string - Javascript callback function - * @return string - */ - public function slideUp($element = 'this', $speed = '', $callback = '') - { - return $this->js->_slideUp($element, $speed, $callback); - - } - - // -------------------------------------------------------------------- - - /** - * Remove Class - * - * Outputs a javascript library removeClass event - * - * @param string - element - * @param string - Class to add - * @return string - */ - public function removeClass($element = 'this', $class = '') - { - return $this->js->_removeClass($element, $class); - } - - // -------------------------------------------------------------------- - - /** - * Slide Down - * - * Outputs a javascript library slideDown event - * - * @param string - element - * @param string - One of 'slow', 'normal', 'fast', or time in milliseconds - * @param string - Javascript callback function - * @return string - */ - public function slideDown($element = 'this', $speed = '', $callback = '') - { - return $this->js->_slideDown($element, $speed, $callback); - } - - // -------------------------------------------------------------------- - - /** - * Slide Toggle - * - * Outputs a javascript library slideToggle event - * - * @param string - element - * @param string - One of 'slow', 'normal', 'fast', or time in milliseconds - * @param string - Javascript callback function - * @return string - */ - public function slideToggle($element = 'this', $speed = '', $callback = '') - { - return $this->js->_slideToggle($element, $speed, $callback); - - } - - // -------------------------------------------------------------------- - - /** - * Hide - * - * Outputs a javascript library hide action - * - * @param string - element - * @param string - One of 'slow', 'normal', 'fast', or time in milliseconds - * @param string - Javascript callback function - * @return string - */ - public function hide($element = 'this', $speed = '', $callback = '') - { - return $this->js->_hide($element, $speed, $callback); - } - - // -------------------------------------------------------------------- - - /** - * Toggle - * - * Outputs a javascript library toggle event - * - * @param string - element - * @return string - */ - public function toggle($element = 'this') - { - return $this->js->_toggle($element); - - } - - // -------------------------------------------------------------------- - - /** - * Toggle Class - * - * Outputs a javascript library toggle class event - * - * @param string $element = 'this' - * @param string $class = '' - * @return string - */ - public function toggleClass($element = 'this', $class = '') - { - return $this->js->_toggleClass($element, $class); - } - - // -------------------------------------------------------------------- - - /** - * Show - * - * Outputs a javascript library show event - * - * @param string - element - * @param string - One of 'slow', 'normal', 'fast', or time in milliseconds - * @param string - Javascript callback function - * @return string - */ - public function show($element = 'this', $speed = '', $callback = '') - { - return $this->js->_show($element, $speed, $callback); - } - - // -------------------------------------------------------------------- - - /** - * Compile - * - * gather together all script needing to be output - * - * @param string $view_var - * @param bool $script_tags - * @return string - */ - public function compile($view_var = 'script_foot', $script_tags = TRUE) - { - $this->js->_compile($view_var, $script_tags); - } - - // -------------------------------------------------------------------- - - /** - * Clear Compile - * - * Clears any previous javascript collected for output - * - * @return void - */ - public function clear_compile() - { - $this->js->_clear_compile(); - } - - // -------------------------------------------------------------------- - - /** - * External - * - * Outputs a <script> tag with the source as an external js file - * - * @param string $external_file - * @param bool $relative - * @return string - */ - public function external($external_file = '', $relative = FALSE) - { - if ($external_file !== '') - { - $this->_javascript_location = $external_file; - } - elseif ($this->CI->config->item('javascript_location') !== '') - { - $this->_javascript_location = $this->CI->config->item('javascript_location'); - } - - if ($relative === TRUE OR strpos($external_file, 'http://') === 0 OR strpos($external_file, 'https://') === 0) - { - $str = $this->_open_script($external_file); - } - elseif (strpos($this->_javascript_location, 'http://') !== FALSE) - { - $str = $this->_open_script($this->_javascript_location.$external_file); - } - else - { - $str = $this->_open_script($this->CI->config->slash_item('base_url').$this->_javascript_location.$external_file); - } - - return $str.$this->_close_script(); - } - - // -------------------------------------------------------------------- - - /** - * Inline - * - * Outputs a <script> tag - * - * @param string The element to attach the event to - * @param bool If a CDATA section should be added - * @return string - */ - public function inline($script, $cdata = TRUE) - { - return $this->_open_script() - . ($cdata ? "\n// <![CDATA[\n".$script."\n// ]]>\n" : "\n".$script."\n") - . $this->_close_script(); - } - - // -------------------------------------------------------------------- - - /** - * Open Script - * - * Outputs an opening <script> - * - * @param string - * @return string - */ - protected function _open_script($src = '') - { - return '<script type="text/javascript" charset="'.strtolower($this->CI->config->item('charset')).'"' - .($src === '' ? '>' : ' src="'.$src.'">'); - } - - // -------------------------------------------------------------------- - - /** - * Close Script - * - * Outputs an closing </script> - * - * @param string - * @return string - */ - protected function _close_script($extra = "\n") - { - return '</script>'.$extra; - } - - // -------------------------------------------------------------------- - // AJAX-Y STUFF - still a testbed - // -------------------------------------------------------------------- - - /** - * Update - * - * Outputs a javascript library slideDown event - * - * @param string - element - * @param string - One of 'slow', 'normal', 'fast', or time in milliseconds - * @param string - Javascript callback function - * @return string - */ - public function update($element = 'this', $speed = '', $callback = '') - { - return $this->js->_updater($element, $speed, $callback); - } - - // -------------------------------------------------------------------- - - /** - * Generate JSON - * - * Can be passed a database result or associative array and returns a JSON formatted string - * - * @param mixed result set or array - * @param bool match array types (defaults to objects) - * @return string a json formatted string - */ - public function generate_json($result = NULL, $match_array_type = FALSE) - { - // JSON data can optionally be passed to this function - // either as a database result object or an array, or a user supplied array - if ($result !== NULL) - { - if (is_object($result)) - { - $json_result = is_callable(array($result, 'result_array')) ? $result->result_array() : (array) $result; - } - elseif (is_array($result)) - { - $json_result = $result; - } - else - { - return $this->_prep_args($result); - } - } - else - { - return 'null'; - } - - $json = array(); - $_is_assoc = TRUE; - - if ( ! is_array($json_result) && empty($json_result)) - { - show_error('Generate JSON Failed - Illegal key, value pair.'); - } - elseif ($match_array_type) - { - $_is_assoc = $this->_is_associative_array($json_result); - } - - foreach ($json_result as $k => $v) - { - if ($_is_assoc) - { - $json[] = $this->_prep_args($k, TRUE).':'.$this->generate_json($v, $match_array_type); - } - else - { - $json[] = $this->generate_json($v, $match_array_type); - } - } - - $json = implode(',', $json); - - return $_is_assoc ? '{'.$json.'}' : '['.$json.']'; - - } - - // -------------------------------------------------------------------- - - /** - * Is associative array - * - * Checks for an associative array - * - * @param array - * @return bool - */ - protected function _is_associative_array($arr) - { - foreach (array_keys($arr) as $key => $val) - { - if ($key !== $val) - { - return TRUE; - } - } - - return FALSE; - } - - // -------------------------------------------------------------------- - - /** - * Prep Args - * - * Ensures a standard json value and escapes values - * - * @param mixed $result - * @param bool $is_key = FALSE - * @return string - */ - protected function _prep_args($result, $is_key = FALSE) - { - if ($result === NULL) - { - return 'null'; - } - elseif (is_bool($result)) - { - return ($result === TRUE) ? 'true' : 'false'; - } - elseif (is_string($result) OR $is_key) - { - return '"'.str_replace(array('\\', "\t", "\n", "\r", '"', '/'), array('\\\\', '\\t', '\\n', "\\r", '\"', '\/'), $result).'"'; - } - elseif (is_scalar($result)) - { - return $result; - } - } - -} diff --git a/system/libraries/Javascript/Jquery.php b/system/libraries/Javascript/Jquery.php deleted file mode 100644 index 11f2d2361..000000000 --- a/system/libraries/Javascript/Jquery.php +++ /dev/null @@ -1,1076 +0,0 @@ -<?php -/** - * CodeIgniter - * - * An open source application development framework for PHP - * - * This content is released under the MIT License (MIT) - * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology - * - * Permission is hereby granted, free of charge, to any person obtaining a copy - * of this software and associated documentation files (the "Software"), to deal - * in the Software without restriction, including without limitation the rights - * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell - * copies of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included in - * all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, - * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN - * THE SOFTWARE. - * - * @package CodeIgniter - * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) - * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com - * @since Version 1.0.0 - * @filesource - */ -defined('BASEPATH') OR exit('No direct script access allowed'); - -/** - * Jquery Class - * - * @package CodeIgniter - * @subpackage Libraries - * @category Loader - * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/javascript.html - */ -class CI_Jquery extends CI_Javascript { - - /** - * JavaScript directory location - * - * @var string - */ - protected $_javascript_folder = 'js'; - - /** - * JQuery code for load - * - * @var array - */ - public $jquery_code_for_load = array(); - - /** - * JQuery code for compile - * - * @var array - */ - public $jquery_code_for_compile = array(); - - /** - * JQuery corner active flag - * - * @var bool - */ - public $jquery_corner_active = FALSE; - - /** - * JQuery table sorter active flag - * - * @var bool - */ - public $jquery_table_sorter_active = FALSE; - - /** - * JQuery table sorter pager active - * - * @var bool - */ - public $jquery_table_sorter_pager_active = FALSE; - - /** - * JQuery AJAX image - * - * @var string - */ - public $jquery_ajax_img = ''; - - // -------------------------------------------------------------------- - - /** - * Constructor - * - * @param array $params - * @return void - */ - public function __construct($params) - { - $this->CI =& get_instance(); - extract($params); - - if ($autoload === TRUE) - { - $this->script(); - } - - log_message('info', 'Jquery Class Initialized'); - } - - // -------------------------------------------------------------------- - // Event Code - // -------------------------------------------------------------------- - - /** - * Blur - * - * Outputs a jQuery blur event - * - * @param string The element to attach the event to - * @param string The code to execute - * @return string - */ - protected function _blur($element = 'this', $js = '') - { - return $this->_add_event($element, $js, 'blur'); - } - - // -------------------------------------------------------------------- - - /** - * Change - * - * Outputs a jQuery change event - * - * @param string The element to attach the event to - * @param string The code to execute - * @return string - */ - protected function _change($element = 'this', $js = '') - { - return $this->_add_event($element, $js, 'change'); - } - - // -------------------------------------------------------------------- - - /** - * Click - * - * Outputs a jQuery click event - * - * @param string The element to attach the event to - * @param string The code to execute - * @param bool whether or not to return false - * @return string - */ - protected function _click($element = 'this', $js = '', $ret_false = TRUE) - { - is_array($js) OR $js = array($js); - - if ($ret_false) - { - $js[] = 'return false;'; - } - - return $this->_add_event($element, $js, 'click'); - } - - // -------------------------------------------------------------------- - - /** - * Double Click - * - * Outputs a jQuery dblclick event - * - * @param string The element to attach the event to - * @param string The code to execute - * @return string - */ - protected function _dblclick($element = 'this', $js = '') - { - return $this->_add_event($element, $js, 'dblclick'); - } - - // -------------------------------------------------------------------- - - /** - * Error - * - * Outputs a jQuery error event - * - * @param string The element to attach the event to - * @param string The code to execute - * @return string - */ - protected function _error($element = 'this', $js = '') - { - return $this->_add_event($element, $js, 'error'); - } - - // -------------------------------------------------------------------- - - /** - * Focus - * - * Outputs a jQuery focus event - * - * @param string The element to attach the event to - * @param string The code to execute - * @return string - */ - protected function _focus($element = 'this', $js = '') - { - return $this->_add_event($element, $js, 'focus'); - } - - // -------------------------------------------------------------------- - - /** - * Hover - * - * Outputs a jQuery hover event - * - * @param string - element - * @param string - Javascript code for mouse over - * @param string - Javascript code for mouse out - * @return string - */ - protected function _hover($element = 'this', $over = '', $out = '') - { - $event = "\n\t$(".$this->_prep_element($element).").hover(\n\t\tfunction()\n\t\t{\n\t\t\t{$over}\n\t\t}, \n\t\tfunction()\n\t\t{\n\t\t\t{$out}\n\t\t});\n"; - - $this->jquery_code_for_compile[] = $event; - - return $event; - } - - // -------------------------------------------------------------------- - - /** - * Keydown - * - * Outputs a jQuery keydown event - * - * @param string The element to attach the event to - * @param string The code to execute - * @return string - */ - protected function _keydown($element = 'this', $js = '') - { - return $this->_add_event($element, $js, 'keydown'); - } - - // -------------------------------------------------------------------- - - /** - * Keyup - * - * Outputs a jQuery keydown event - * - * @param string The element to attach the event to - * @param string The code to execute - * @return string - */ - protected function _keyup($element = 'this', $js = '') - { - return $this->_add_event($element, $js, 'keyup'); - } - - // -------------------------------------------------------------------- - - /** - * Load - * - * Outputs a jQuery load event - * - * @param string The element to attach the event to - * @param string The code to execute - * @return string - */ - protected function _load($element = 'this', $js = '') - { - return $this->_add_event($element, $js, 'load'); - } - - // -------------------------------------------------------------------- - - /** - * Mousedown - * - * Outputs a jQuery mousedown event - * - * @param string The element to attach the event to - * @param string The code to execute - * @return string - */ - protected function _mousedown($element = 'this', $js = '') - { - return $this->_add_event($element, $js, 'mousedown'); - } - - // -------------------------------------------------------------------- - - /** - * Mouse Out - * - * Outputs a jQuery mouseout event - * - * @param string The element to attach the event to - * @param string The code to execute - * @return string - */ - protected function _mouseout($element = 'this', $js = '') - { - return $this->_add_event($element, $js, 'mouseout'); - } - - // -------------------------------------------------------------------- - - /** - * Mouse Over - * - * Outputs a jQuery mouseover event - * - * @param string The element to attach the event to - * @param string The code to execute - * @return string - */ - protected function _mouseover($element = 'this', $js = '') - { - return $this->_add_event($element, $js, 'mouseover'); - } - - // -------------------------------------------------------------------- - - /** - * Mouseup - * - * Outputs a jQuery mouseup event - * - * @param string The element to attach the event to - * @param string The code to execute - * @return string - */ - protected function _mouseup($element = 'this', $js = '') - { - return $this->_add_event($element, $js, 'mouseup'); - } - - // -------------------------------------------------------------------- - - /** - * Output - * - * Outputs script directly - * - * @param array $array_js = array() - * @return void - */ - protected function _output($array_js = array()) - { - if ( ! is_array($array_js)) - { - $array_js = array($array_js); - } - - foreach ($array_js as $js) - { - $this->jquery_code_for_compile[] = "\t".$js."\n"; - } - } - - // -------------------------------------------------------------------- - - /** - * Resize - * - * Outputs a jQuery resize event - * - * @param string The element to attach the event to - * @param string The code to execute - * @return string - */ - protected function _resize($element = 'this', $js = '') - { - return $this->_add_event($element, $js, 'resize'); - } - - // -------------------------------------------------------------------- - - /** - * Scroll - * - * Outputs a jQuery scroll event - * - * @param string The element to attach the event to - * @param string The code to execute - * @return string - */ - protected function _scroll($element = 'this', $js = '') - { - return $this->_add_event($element, $js, 'scroll'); - } - - // -------------------------------------------------------------------- - - /** - * Unload - * - * Outputs a jQuery unload event - * - * @param string The element to attach the event to - * @param string The code to execute - * @return string - */ - protected function _unload($element = 'this', $js = '') - { - return $this->_add_event($element, $js, 'unload'); - } - - // -------------------------------------------------------------------- - // Effects - // -------------------------------------------------------------------- - - /** - * Add Class - * - * Outputs a jQuery addClass event - * - * @param string $element - * @param string $class - * @return string - */ - protected function _addClass($element = 'this', $class = '') - { - $element = $this->_prep_element($element); - return '$('.$element.').addClass("'.$class.'");'; - } - - // -------------------------------------------------------------------- - - /** - * Animate - * - * Outputs a jQuery animate event - * - * @param string $element - * @param array $params - * @param string $speed 'slow', 'normal', 'fast', or time in milliseconds - * @param string $extra - * @return string - */ - protected function _animate($element = 'this', $params = array(), $speed = '', $extra = '') - { - $element = $this->_prep_element($element); - $speed = $this->_validate_speed($speed); - - $animations = "\t\t\t"; - - foreach ($params as $param => $value) - { - $animations .= $param.": '".$value."', "; - } - - $animations = substr($animations, 0, -2); // remove the last ", " - - if ($speed !== '') - { - $speed = ', '.$speed; - } - - if ($extra !== '') - { - $extra = ', '.$extra; - } - - return "$({$element}).animate({\n$animations\n\t\t}".$speed.$extra.');'; - } - - // -------------------------------------------------------------------- - - /** - * Fade In - * - * Outputs a jQuery hide event - * - * @param string - element - * @param string - One of 'slow', 'normal', 'fast', or time in milliseconds - * @param string - Javascript callback function - * @return string - */ - protected function _fadeIn($element = 'this', $speed = '', $callback = '') - { - $element = $this->_prep_element($element); - $speed = $this->_validate_speed($speed); - - if ($callback !== '') - { - $callback = ", function(){\n{$callback}\n}"; - } - - return "$({$element}).fadeIn({$speed}{$callback});"; - } - - // -------------------------------------------------------------------- - - /** - * Fade Out - * - * Outputs a jQuery hide event - * - * @param string - element - * @param string - One of 'slow', 'normal', 'fast', or time in milliseconds - * @param string - Javascript callback function - * @return string - */ - protected function _fadeOut($element = 'this', $speed = '', $callback = '') - { - $element = $this->_prep_element($element); - $speed = $this->_validate_speed($speed); - - if ($callback !== '') - { - $callback = ", function(){\n{$callback}\n}"; - } - - return '$('.$element.').fadeOut('.$speed.$callback.');'; - } - - // -------------------------------------------------------------------- - - /** - * Hide - * - * Outputs a jQuery hide action - * - * @param string - element - * @param string - One of 'slow', 'normal', 'fast', or time in milliseconds - * @param string - Javascript callback function - * @return string - */ - protected function _hide($element = 'this', $speed = '', $callback = '') - { - $element = $this->_prep_element($element); - $speed = $this->_validate_speed($speed); - - if ($callback !== '') - { - $callback = ", function(){\n{$callback}\n}"; - } - - return "$({$element}).hide({$speed}{$callback});"; - } - - // -------------------------------------------------------------------- - - /** - * Remove Class - * - * Outputs a jQuery remove class event - * - * @param string $element - * @param string $class - * @return string - */ - protected function _removeClass($element = 'this', $class = '') - { - $element = $this->_prep_element($element); - return '$('.$element.').removeClass("'.$class.'");'; - } - - // -------------------------------------------------------------------- - - /** - * Slide Up - * - * Outputs a jQuery slideUp event - * - * @param string - element - * @param string - One of 'slow', 'normal', 'fast', or time in milliseconds - * @param string - Javascript callback function - * @return string - */ - protected function _slideUp($element = 'this', $speed = '', $callback = '') - { - $element = $this->_prep_element($element); - $speed = $this->_validate_speed($speed); - - if ($callback !== '') - { - $callback = ", function(){\n{$callback}\n}"; - } - - return '$('.$element.').slideUp('.$speed.$callback.');'; - } - - // -------------------------------------------------------------------- - - /** - * Slide Down - * - * Outputs a jQuery slideDown event - * - * @param string - element - * @param string - One of 'slow', 'normal', 'fast', or time in milliseconds - * @param string - Javascript callback function - * @return string - */ - protected function _slideDown($element = 'this', $speed = '', $callback = '') - { - $element = $this->_prep_element($element); - $speed = $this->_validate_speed($speed); - - if ($callback !== '') - { - $callback = ", function(){\n{$callback}\n}"; - } - - return '$('.$element.').slideDown('.$speed.$callback.');'; - } - - // -------------------------------------------------------------------- - - /** - * Slide Toggle - * - * Outputs a jQuery slideToggle event - * - * @param string - element - * @param string - One of 'slow', 'normal', 'fast', or time in milliseconds - * @param string - Javascript callback function - * @return string - */ - protected function _slideToggle($element = 'this', $speed = '', $callback = '') - { - $element = $this->_prep_element($element); - $speed = $this->_validate_speed($speed); - - if ($callback !== '') - { - $callback = ", function(){\n{$callback}\n}"; - } - - return '$('.$element.').slideToggle('.$speed.$callback.');'; - } - - // -------------------------------------------------------------------- - - /** - * Toggle - * - * Outputs a jQuery toggle event - * - * @param string - element - * @return string - */ - protected function _toggle($element = 'this') - { - $element = $this->_prep_element($element); - return '$('.$element.').toggle();'; - } - - // -------------------------------------------------------------------- - - /** - * Toggle Class - * - * Outputs a jQuery toggle class event - * - * @param string $element - * @param string $class - * @return string - */ - protected function _toggleClass($element = 'this', $class = '') - { - $element = $this->_prep_element($element); - return '$('.$element.').toggleClass("'.$class.'");'; - } - - // -------------------------------------------------------------------- - - /** - * Show - * - * Outputs a jQuery show event - * - * @param string - element - * @param string - One of 'slow', 'normal', 'fast', or time in milliseconds - * @param string - Javascript callback function - * @return string - */ - protected function _show($element = 'this', $speed = '', $callback = '') - { - $element = $this->_prep_element($element); - $speed = $this->_validate_speed($speed); - - if ($callback !== '') - { - $callback = ", function(){\n{$callback}\n}"; - } - - return '$('.$element.').show('.$speed.$callback.');'; - } - - // -------------------------------------------------------------------- - - /** - * Updater - * - * An Ajax call that populates the designated DOM node with - * returned content - * - * @param string The element to attach the event to - * @param string the controller to run the call against - * @param string optional parameters - * @return string - */ - - protected function _updater($container = 'this', $controller = '', $options = '') - { - $container = $this->_prep_element($container); - $controller = (strpos('://', $controller) === FALSE) ? $controller : $this->CI->config->site_url($controller); - - // ajaxStart and ajaxStop are better choices here... but this is a stop gap - if ($this->CI->config->item('javascript_ajax_img') === '') - { - $loading_notifier = 'Loading...'; - } - else - { - $loading_notifier = '<img src="'.$this->CI->config->slash_item('base_url').$this->CI->config->item('javascript_ajax_img').'" alt="Loading" />'; - } - - $updater = '$('.$container.").empty();\n" // anything that was in... get it out - ."\t\t$(".$container.').prepend("'.$loading_notifier."\");\n"; // to replace with an image - - $request_options = ''; - if ($options !== '') - { - $request_options .= ', {' - .(is_array($options) ? "'".implode("', '", $options)."'" : "'".str_replace(':', "':'", $options)."'") - .'}'; - } - - return $updater."\t\t$($container).load('$controller'$request_options);"; - } - - // -------------------------------------------------------------------- - // Pre-written handy stuff - // -------------------------------------------------------------------- - - /** - * Zebra tables - * - * @param string $class - * @param string $odd - * @param string $hover - * @return string - */ - protected function _zebraTables($class = '', $odd = 'odd', $hover = '') - { - $class = ($class !== '') ? '.'.$class : ''; - $zebra = "\t\$(\"table{$class} tbody tr:nth-child(even)\").addClass(\"{$odd}\");"; - - $this->jquery_code_for_compile[] = $zebra; - - if ($hover !== '') - { - $hover = $this->hover("table{$class} tbody tr", "$(this).addClass('hover');", "$(this).removeClass('hover');"); - } - - return $zebra; - } - - // -------------------------------------------------------------------- - // Plugins - // -------------------------------------------------------------------- - - /** - * Corner Plugin - * - * @link http://www.malsup.com/jquery/corner/ - * @param string $element - * @param string $corner_style - * @return string - */ - public function corner($element = '', $corner_style = '') - { - // may want to make this configurable down the road - $corner_location = '/plugins/jquery.corner.js'; - - if ($corner_style !== '') - { - $corner_style = '"'.$corner_style.'"'; - } - - return '$('.$this->_prep_element($element).').corner('.$corner_style.');'; - } - - // -------------------------------------------------------------------- - - /** - * Modal window - * - * Load a thickbox modal window - * - * @param string $src - * @param bool $relative - * @return void - */ - public function modal($src, $relative = FALSE) - { - $this->jquery_code_for_load[] = $this->external($src, $relative); - } - - // -------------------------------------------------------------------- - - /** - * Effect - * - * Load an Effect library - * - * @param string $src - * @param bool $relative - * @return void - */ - public function effect($src, $relative = FALSE) - { - $this->jquery_code_for_load[] = $this->external($src, $relative); - } - - // -------------------------------------------------------------------- - - /** - * Plugin - * - * Load a plugin library - * - * @param string $src - * @param bool $relative - * @return void - */ - public function plugin($src, $relative = FALSE) - { - $this->jquery_code_for_load[] = $this->external($src, $relative); - } - - // -------------------------------------------------------------------- - - /** - * UI - * - * Load a user interface library - * - * @param string $src - * @param bool $relative - * @return void - */ - public function ui($src, $relative = FALSE) - { - $this->jquery_code_for_load[] = $this->external($src, $relative); - } - - // -------------------------------------------------------------------- - - /** - * Sortable - * - * Creates a jQuery sortable - * - * @param string $element - * @param array $options - * @return string - */ - public function sortable($element, $options = array()) - { - if (count($options) > 0) - { - $sort_options = array(); - foreach ($options as $k=>$v) - { - $sort_options[] = "\n\t\t".$k.': '.$v; - } - $sort_options = implode(',', $sort_options); - } - else - { - $sort_options = ''; - } - - return '$('.$this->_prep_element($element).').sortable({'.$sort_options."\n\t});"; - } - - // -------------------------------------------------------------------- - - /** - * Table Sorter Plugin - * - * @param string table name - * @param string plugin location - * @return string - */ - public function tablesorter($table = '', $options = '') - { - $this->jquery_code_for_compile[] = "\t$(".$this->_prep_element($table).').tablesorter('.$options.");\n"; - } - - // -------------------------------------------------------------------- - // Class functions - // -------------------------------------------------------------------- - - /** - * Add Event - * - * Constructs the syntax for an event, and adds to into the array for compilation - * - * @param string The element to attach the event to - * @param string The code to execute - * @param string The event to pass - * @return string - */ - protected function _add_event($element, $js, $event) - { - if (is_array($js)) - { - $js = implode("\n\t\t", $js); - } - - $event = "\n\t$(".$this->_prep_element($element).').'.$event."(function(){\n\t\t{$js}\n\t});\n"; - $this->jquery_code_for_compile[] = $event; - return $event; - } - - // -------------------------------------------------------------------- - - /** - * Compile - * - * As events are specified, they are stored in an array - * This function compiles them all for output on a page - * - * @param string $view_var - * @param bool $script_tags - * @return void - */ - protected function _compile($view_var = 'script_foot', $script_tags = TRUE) - { - // External references - $external_scripts = implode('', $this->jquery_code_for_load); - $this->CI->load->vars(array('library_src' => $external_scripts)); - - if (count($this->jquery_code_for_compile) === 0) - { - // no inline references, let's just return - return; - } - - // Inline references - $script = '$(document).ready(function() {'."\n" - .implode('', $this->jquery_code_for_compile) - .'});'; - - $output = ($script_tags === FALSE) ? $script : $this->inline($script); - - $this->CI->load->vars(array($view_var => $output)); - } - - // -------------------------------------------------------------------- - - /** - * Clear Compile - * - * Clears the array of script events collected for output - * - * @return void - */ - protected function _clear_compile() - { - $this->jquery_code_for_compile = array(); - } - - // -------------------------------------------------------------------- - - /** - * Document Ready - * - * A wrapper for writing document.ready() - * - * @param array $js - * @return void - */ - protected function _document_ready($js) - { - is_array($js) OR $js = array($js); - - foreach ($js as $script) - { - $this->jquery_code_for_compile[] = $script; - } - } - - // -------------------------------------------------------------------- - - /** - * Script Tag - * - * Outputs the script tag that loads the jquery.js file into an HTML document - * - * @param string $library_src - * @param bool $relative - * @return string - */ - public function script($library_src = '', $relative = FALSE) - { - $library_src = $this->external($library_src, $relative); - $this->jquery_code_for_load[] = $library_src; - return $library_src; - } - - // -------------------------------------------------------------------- - - /** - * Prep Element - * - * Puts HTML element in quotes for use in jQuery code - * unless the supplied element is the Javascript 'this' - * object, in which case no quotes are added - * - * @param string - * @return string - */ - protected function _prep_element($element) - { - if ($element !== 'this') - { - $element = '"'.$element.'"'; - } - - return $element; - } - - // -------------------------------------------------------------------- - - /** - * Validate Speed - * - * Ensures the speed parameter is valid for jQuery - * - * @param string - * @return string - */ - protected function _validate_speed($speed) - { - if (in_array($speed, array('slow', 'normal', 'fast'))) - { - return '"'.$speed.'"'; - } - elseif (preg_match('/[^0-9]/', $speed)) - { - return ''; - } - - return $speed; - } - -} diff --git a/system/libraries/Javascript/index.html b/system/libraries/Javascript/index.html deleted file mode 100644 index b702fbc39..000000000 --- a/system/libraries/Javascript/index.html +++ /dev/null @@ -1,11 +0,0 @@ -<!DOCTYPE html> -<html> -<head> - <title>403 Forbidden</title> -</head> -<body> - -<p>Directory access is forbidden.</p> - -</body> -</html> diff --git a/system/libraries/Migration.php b/system/libraries/Migration.php index 45a3cbbce..2a87d9d7c 100644 --- a/system/libraries/Migration.php +++ b/system/libraries/Migration.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -96,9 +96,9 @@ class CI_Migration { /** * Migration basename regex * - * @var bool + * @var string */ - protected $_migration_regex = NULL; + protected $_migration_regex; /** * Error message @@ -217,31 +217,66 @@ class CI_Migration { if ($target_version > $current_version) { - // Moving Up $method = 'up'; } - else + elseif ($target_version < $current_version) { - // Moving Down, apply in reverse order $method = 'down'; + // We need this so that migrations are applied in reverse order krsort($migrations); } - - if (empty($migrations)) + else { + // Well, there's nothing to migrate then ... return TRUE; } - $previous = FALSE; - - // Validate all available migrations, and run the ones within our target range + // Validate all available migrations within our target range. + // + // Unfortunately, we'll have to use another loop to run them + // in order to avoid leaving the procedure in a broken state. + // + // See https://github.com/bcit-ci/CodeIgniter/issues/4539 + $pending = array(); foreach ($migrations as $number => $file) { + // Ignore versions out of our range. + // + // Because we've previously sorted the $migrations array depending on the direction, + // we can safely break the loop once we reach $target_version ... + if ($method === 'up') + { + if ($number <= $current_version) + { + continue; + } + elseif ($number > $target_version) + { + break; + } + } + else + { + if ($number > $current_version) + { + continue; + } + elseif ($number <= $target_version) + { + break; + } + } + // Check for sequence gaps - if ($this->_migration_type === 'sequential' && $previous !== FALSE && abs($number - $previous) > 1) + if ($this->_migration_type === 'sequential') { - $this->_error_string = sprintf($this->lang->line('migration_sequence_gap'), $number); - return FALSE; + if (isset($previous) && abs($number - $previous) > 1) + { + $this->_error_string = sprintf($this->lang->line('migration_sequence_gap'), $number); + return FALSE; + } + + $previous = $number; } include_once($file); @@ -253,27 +288,24 @@ class CI_Migration { $this->_error_string = sprintf($this->lang->line('migration_class_doesnt_exist'), $class); return FALSE; } + elseif ( ! is_callable(array($class, $method))) + { + $this->_error_string = sprintf($this->lang->line('migration_missing_'.$method.'_method'), $class); + return FALSE; + } - $previous = $number; + $pending[$number] = array($class, $method); + } - // Run migrations that are inside the target range - if ( - ($method === 'up' && $number > $current_version && $number <= $target_version) OR - ($method === 'down' && $number <= $current_version && $number > $target_version) - ) - { - $instance = new $class(); - if ( ! is_callable(array($instance, $method))) - { - $this->_error_string = sprintf($this->lang->line('migration_missing_'.$method.'_method'), $class); - return FALSE; - } + // Now just run the necessary migrations + foreach ($pending as $number => $migration) + { + log_message('debug', 'Migrating '.$method.' from version '.$current_version.' to version '.$number); - log_message('debug', 'Migrating '.$method.' from version '.$current_version.' to version '.$number); - call_user_func(array($instance, $method)); - $current_version = $number; - $this->_update_version($current_version); - } + $migration[0] = new $migration[0]; + call_user_func($migration); + $current_version = $number; + $this->_update_version($current_version); } // This is necessary when moving down, since the the last migration applied @@ -285,7 +317,6 @@ class CI_Migration { } log_message('debug', 'Finished migrating to '.$current_version); - return $current_version; } diff --git a/system/libraries/Pagination.php b/system/libraries/Pagination.php index 5b3aa01f4..f26f8a4ed 100644 --- a/system/libraries/Pagination.php +++ b/system/libraries/Pagination.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Pagination * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/pagination.html + * @link https://codeigniter.com/user_guide/libraries/pagination.html */ class CI_Pagination { @@ -428,7 +428,7 @@ class CI_Pagination { { $get = $this->CI->input->get(); - // Unset the controll, method, old-school routing options + // Unset the control, method, old-school routing options unset($get['c'], $get['m'], $get[$this->query_string_segment]); } else @@ -497,7 +497,7 @@ class CI_Pagination { { $this->cur_page = $this->CI->input->get($this->query_string_segment); } - else + elseif (empty($this->cur_page)) { // Default to the last segment number if one hasn't been defined. if ($this->uri_segment === 0) @@ -513,6 +513,10 @@ class CI_Pagination { $this->cur_page = str_replace(array($this->prefix, $this->suffix), '', $this->cur_page); } } + else + { + $this->cur_page = (string) $this->cur_page; + } // If something isn't quite right, back to the default base page. if ( ! ctype_digit($this->cur_page) OR ($this->use_page_numbers && (int) $this->cur_page === 0)) @@ -571,7 +575,7 @@ class CI_Pagination { { $i = ($this->use_page_numbers) ? $uri_page_number - 1 : $uri_page_number - $this->per_page; - $attributes = sprintf('%s %s="%d"', $this->_attributes, $this->data_page_attr, (int) $i); + $attributes = sprintf('%s %s="%d"', $this->_attributes, $this->data_page_attr, ($this->cur_page - 1)); if ($i === $base_page) { @@ -592,11 +596,11 @@ class CI_Pagination { if ($this->display_pages !== FALSE) { // Write the digit links - for ($loop = $start -1; $loop <= $end; $loop++) + for ($loop = $start - 1; $loop <= $end; $loop++) { $i = ($this->use_page_numbers) ? $loop : ($loop * $this->per_page) - $this->per_page; - $attributes = sprintf('%s %s="%d"', $this->_attributes, $this->data_page_attr, (int) $i); + $attributes = sprintf('%s %s="%d"', $this->_attributes, $this->data_page_attr, $loop); if ($i >= $base_page) { @@ -614,7 +618,7 @@ class CI_Pagination { else { $append = $this->prefix.$i.$this->suffix; - $output .= $this->num_tag_open.'<a href="'.$base_url.$append.'"'.$attributes.$this->_attr_rel('start').'>' + $output .= $this->num_tag_open.'<a href="'.$base_url.$append.'"'.$attributes.'>' .$loop.'</a>'.$this->num_tag_close; } } @@ -626,7 +630,7 @@ class CI_Pagination { { $i = ($this->use_page_numbers) ? $this->cur_page + 1 : $this->cur_page * $this->per_page; - $attributes = sprintf('%s %s="%d"', $this->_attributes, $this->data_page_attr, (int) $i); + $attributes = sprintf('%s %s="%d"', $this->_attributes, $this->data_page_attr, $this->cur_page + 1); $output .= $this->next_tag_open.'<a href="'.$base_url.$this->prefix.$i.$this->suffix.'"'.$attributes .$this->_attr_rel('next').'>'.$this->next_link.'</a>'.$this->next_tag_close; @@ -637,7 +641,7 @@ class CI_Pagination { { $i = ($this->use_page_numbers) ? $num_pages : ($num_pages * $this->per_page) - $this->per_page; - $attributes = sprintf('%s %s="%d"', $this->_attributes, $this->data_page_attr, (int) $i); + $attributes = sprintf('%s %s="%d"', $this->_attributes, $this->data_page_attr, $num_pages); $output .= $this->last_tag_open.'<a href="'.$base_url.$this->prefix.$i.$this->suffix.'"'.$attributes.'>' .$this->last_link.'</a>'.$this->last_tag_close; diff --git a/system/libraries/Parser.php b/system/libraries/Parser.php index 57981af95..fdd958b22 100644 --- a/system/libraries/Parser.php +++ b/system/libraries/Parser.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Parser * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/parser.html + * @link https://codeigniter.com/user_guide/libraries/parser.html */ class CI_Parser { diff --git a/system/libraries/Profiler.php b/system/libraries/Profiler.php index 1e464d8b0..e9e03cfe0 100644 --- a/system/libraries/Profiler.php +++ b/system/libraries/Profiler.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -50,7 +50,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Libraries * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/general/profiling.html + * @link https://codeigniter.com/user_guide/general/profiling.html */ class CI_Profiler { @@ -314,12 +314,14 @@ class CI_Profiler { foreach ($_GET as $key => $val) { - is_int($key) OR $key = "'".$key."'"; + is_int($key) OR $key = "'".htmlspecialchars($key, ENT_QUOTES, config_item('charset'))."'"; + $val = (is_array($val) OR is_object($val)) + ? '<pre>'.htmlspecialchars(print_r($val, TRUE), ENT_QUOTES, config_item('charset')) + : htmlspecialchars($val, ENT_QUOTES, config_item('charset')); $output .= '<tr><td style="width:50%;color:#000;background-color:#ddd;padding:5px;">$_GET[' .$key.'] </td><td style="width:50%;padding:5px;color:#cd6e00;font-weight:normal;background-color:#ddd;">' - .((is_array($val) OR is_object($val)) ? '<pre>'.htmlspecialchars(stripslashes(print_r($val, TRUE))).'</pre>' : htmlspecialchars(stripslashes($val))) - ."</td></tr>\n"; + .$val."</td></tr>\n"; } $output .= "</table>\n"; @@ -352,36 +354,26 @@ class CI_Profiler { foreach ($_POST as $key => $val) { - is_int($key) OR $key = "'".$key."'"; + is_int($key) OR $key = "'".htmlspecialchars($key, ENT_QUOTES, config_item('charset'))."'"; + $val = (is_array($val) OR is_object($val)) + ? '<pre>'.htmlspecialchars(print_r($val, TRUE), ENT_QUOTES, config_item('charset')) + : htmlspecialchars($val, ENT_QUOTES, config_item('charset')); $output .= '<tr><td style="width:50%;padding:5px;color:#000;background-color:#ddd;">$_POST[' - .$key.'] </td><td style="width:50%;padding:5px;color:#009900;font-weight:normal;background-color:#ddd;">'; - - if (is_array($val) OR is_object($val)) - { - $output .= '<pre>'.htmlspecialchars(stripslashes(print_r($val, TRUE))).'</pre>'; - } - else - { - $output .= htmlspecialchars(stripslashes($val)); - } - - $output .= "</td></tr>\n"; + .$key.'] </td><td style="width:50%;padding:5px;color:#009900;font-weight:normal;background-color:#ddd;">' + .$val."</td></tr>\n"; } foreach ($_FILES as $key => $val) { - is_int($key) OR $key = "'".$key."'"; + is_int($key) OR $key = "'".htmlspecialchars($key, ENT_QUOTES, config_item('charset'))."'"; + $val = (is_array($val) OR is_object($val)) + ? '<pre>'.htmlspecialchars(print_r($val, TRUE), ENT_QUOTES, config_item('charset')) + : htmlspecialchars($val, ENT_QUOTES, config_item('charset')); $output .= '<tr><td style="width:50%;padding:5px;color:#000;background-color:#ddd;">$_FILES[' - .$key.'] </td><td style="width:50%;padding:5px;color:#009900;font-weight:normal;background-color:#ddd;">'; - - if (is_array($val) OR is_object($val)) - { - $output .= '<pre>'.htmlspecialchars(stripslashes(print_r($val, TRUE))).'</pre>'; - } - - $output .= "</td></tr>\n"; + .$key.'] </td><td style="width:50%;padding:5px;color:#009900;font-weight:normal;background-color:#ddd;">' + .$val."</td></tr>\n"; } $output .= "</table>\n"; @@ -465,7 +457,7 @@ class CI_Profiler { foreach (array('HTTP_ACCEPT', 'HTTP_USER_AGENT', 'HTTP_CONNECTION', 'SERVER_PORT', 'SERVER_NAME', 'REMOTE_ADDR', 'SERVER_SOFTWARE', 'HTTP_ACCEPT_LANGUAGE', 'SCRIPT_NAME', 'REQUEST_METHOD',' HTTP_HOST', 'REMOTE_HOST', 'CONTENT_TYPE', 'SERVER_PROTOCOL', 'QUERY_STRING', 'HTTP_ACCEPT_ENCODING', 'HTTP_X_FORWARDED_FOR', 'HTTP_DNT') as $header) { - $val = isset($_SERVER[$header]) ? $_SERVER[$header] : ''; + $val = isset($_SERVER[$header]) ? htmlspecialchars($_SERVER[$header], ENT_QUOTES, config_item('charset')) : ''; $output .= '<tr><td style="vertical-align:top;width:50%;padding:5px;color:#900;background-color:#ddd;">' .$header.' </td><td style="width:50%;padding:5px;color:#000;background-color:#ddd;">'.$val."</td></tr>\n"; } diff --git a/system/libraries/Session/Session.php b/system/libraries/Session/Session.php index 05a470d86..3e4865cd1 100644 --- a/system/libraries/Session/Session.php +++ b/system/libraries/Session/Session.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 2.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Sessions * @author Andrey Andreev - * @link http://codeigniter.com/user_guide/libraries/sessions.html + * @link https://codeigniter.com/user_guide/libraries/sessions.html */ class CI_Session { @@ -57,6 +57,7 @@ class CI_Session { protected $_driver = 'files'; protected $_config; + protected $_sid_regexp; // ------------------------------------------------------------------------ @@ -91,6 +92,7 @@ class CI_Session { // Note: BC workaround elseif (config_item('sess_use_database')) { + log_message('debug', 'Session: "sess_driver" is empty; using BC fallback to "sess_use_database".'); $this->_driver = 'database'; } @@ -98,27 +100,12 @@ class CI_Session { // Configuration ... $this->_configure($params); + $this->_config['_sid_regexp'] = $this->_sid_regexp; $class = new $class($this->_config); if ($class instanceof SessionHandlerInterface) { - if (is_php('5.4')) - { - session_set_save_handler($class, TRUE); - } - else - { - session_set_save_handler( - array($class, 'open'), - array($class, 'close'), - array($class, 'read'), - array($class, 'write'), - array($class, 'destroy'), - array($class, 'gc') - ); - - register_shutdown_function('session_write_close'); - } + session_set_save_handler($class, TRUE); } else { @@ -130,7 +117,7 @@ class CI_Session { if (isset($_COOKIE[$this->_config['cookie_name']]) && ( ! is_string($_COOKIE[$this->_config['cookie_name']]) - OR ! preg_match('/^[0-9a-f]{40}$/', $_COOKIE[$this->_config['cookie_name']]) + OR ! preg_match('#\A'.$this->_sid_regexp.'\z#', $_COOKIE[$this->_config['cookie_name']]) ) ) { @@ -187,9 +174,6 @@ class CI_Session { */ protected function _ci_load_classes($driver) { - // PHP 5.4 compatibility - interface_exists('SessionHandlerInterface', FALSE) OR require_once(BASEPATH.'libraries/Session/SessionHandlerInterface.php'); - $prefix = config_item('subclass_prefix'); if ( ! class_exists('CI_Session_driver', FALSE)) @@ -231,7 +215,7 @@ class CI_Session { } } - if ( ! class_exists($prefix.$class) && file_exists($file_path = APPPATH.'libraries/Session/drivers/'.$prefix.$class.'.php')) + if ( ! class_exists($prefix.$class, FALSE) && file_exists($file_path = APPPATH.'libraries/Session/drivers/'.$prefix.$class.'.php')) { require_once($file_path); if (class_exists($prefix.$class, FALSE)) @@ -314,8 +298,82 @@ class CI_Session { ini_set('session.use_strict_mode', 1); ini_set('session.use_cookies', 1); ini_set('session.use_only_cookies', 1); - ini_set('session.hash_function', 1); - ini_set('session.hash_bits_per_character', 4); + + $this->_configure_sid_length(); + } + + // ------------------------------------------------------------------------ + + /** + * Configure session ID length + * + * To make life easier, we used to force SHA-1 and 4 bits per + * character on everyone. And of course, someone was unhappy. + * + * Then PHP 7.1 broke backwards-compatibility because ext/session + * is such a mess that nobody wants to touch it with a pole stick, + * and the one guy who does, nobody has the energy to argue with. + * + * So we were forced to make changes, and OF COURSE something was + * going to break and now we have this pile of shit. -- Narf + * + * @return void + */ + protected function _configure_sid_length() + { + if (PHP_VERSION_ID < 70100) + { + $hash_function = ini_get('session.hash_function'); + if (ctype_digit($hash_function)) + { + if ($hash_function !== '1') + { + ini_set('session.hash_function', 1); + } + + $bits = 160; + } + elseif ( ! in_array($hash_function, hash_algos(), TRUE)) + { + ini_set('session.hash_function', 1); + $bits = 160; + } + elseif (($bits = strlen(hash($hash_function, 'dummy', false)) * 4) < 160) + { + ini_set('session.hash_function', 1); + $bits = 160; + } + + $bits_per_character = (int) ini_get('session.hash_bits_per_character'); + $sid_length = (int) ceil($bits / $bits_per_character); + } + else + { + $bits_per_character = (int) ini_get('session.sid_bits_per_character'); + $sid_length = (int) ini_get('session.sid_length'); + if (($bits = $sid_length * $bits_per_character) < 160) + { + // Add as many more characters as necessary to reach at least 160 bits + $sid_length += (int) ceil((160 % $bits) / $bits_per_character); + ini_set('session.sid_length', $sid_length); + } + } + + // Yes, 4,5,6 are the only known possible values as of 2016-10-27 + switch ($bits_per_character) + { + case 4: + $this->_sid_regexp = '[0-9a-f]'; + break; + case 5: + $this->_sid_regexp = '[0-9a-v]'; + break; + case 6: + $this->_sid_regexp = '[0-9a-zA-Z,-]'; + break; + } + + $this->_sid_regexp .= '{'.$sid_length.'}'; } // ------------------------------------------------------------------------ @@ -584,6 +642,24 @@ class CI_Session { // ------------------------------------------------------------------------ /** + * __isset() + * + * @param string $key 'session_id' or a session data key + * @return bool + */ + public function __isset($key) + { + if ($key === 'session_id') + { + return (session_status() === PHP_SESSION_ACTIVE); + } + + return isset($_SESSION[$key]); + } + + // ------------------------------------------------------------------------ + + /** * __set() * * @param string $key Session data key @@ -711,7 +787,7 @@ class CI_Session { * * Legacy CI_Session compatibility method * - * @param mixed $data Session data key(s) + * @param mixed $key Session data key(s) * @return void */ public function unset_userdata($key) diff --git a/system/libraries/Session/SessionHandlerInterface.php b/system/libraries/Session/SessionHandlerInterface.php deleted file mode 100644 index 9dab5ac07..000000000 --- a/system/libraries/Session/SessionHandlerInterface.php +++ /dev/null @@ -1,59 +0,0 @@ -<?php -/** - * CodeIgniter - * - * An open source application development framework for PHP - * - * This content is released under the MIT License (MIT) - * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology - * - * Permission is hereby granted, free of charge, to any person obtaining a copy - * of this software and associated documentation files (the "Software"), to deal - * in the Software without restriction, including without limitation the rights - * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell - * copies of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included in - * all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, - * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN - * THE SOFTWARE. - * - * @package CodeIgniter - * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) - * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com - * @since Version 3.0.0 - * @filesource - */ -defined('BASEPATH') OR exit('No direct script access allowed'); - -/** - * SessionHandlerInterface - * - * PHP 5.4 compatibility interface - * - * @package CodeIgniter - * @subpackage Libraries - * @category Sessions - * @author Andrey Andreev - * @link http://codeigniter.com/user_guide/libraries/sessions.html - */ -interface SessionHandlerInterface { - - public function open($save_path, $name); - public function close(); - public function read($session_id); - public function write($session_id, $session_data); - public function destroy($session_id); - public function gc($maxlifetime); -} diff --git a/system/libraries/Session/Session_driver.php b/system/libraries/Session/Session_driver.php index 47376da5b..f32f14ae0 100644 --- a/system/libraries/Session/Session_driver.php +++ b/system/libraries/Session/Session_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Sessions * @author Andrey Andreev - * @link http://codeigniter.com/user_guide/libraries/sessions.html + * @link https://codeigniter.com/user_guide/libraries/sessions.html */ abstract class CI_Session_driver implements SessionHandlerInterface { @@ -74,6 +74,18 @@ abstract class CI_Session_driver implements SessionHandlerInterface { */ protected $_session_id; + /** + * Success and failure return values + * + * Necessary due to a bug in all PHP 5 versions where return values + * from userspace handlers are not handled properly. PHP 7 fixes the + * bug, so we need to return different values depending on the version. + * + * @see https://wiki.php.net/rfc/session.user.return-value + * @var mixed + */ + protected $_success, $_failure; + // ------------------------------------------------------------------------ /** @@ -85,6 +97,17 @@ abstract class CI_Session_driver implements SessionHandlerInterface { public function __construct(&$params) { $this->_config =& $params; + + if (is_php('7')) + { + $this->_success = TRUE; + $this->_failure = FALSE; + } + else + { + $this->_success = 0; + $this->_failure = -1; + } } // ------------------------------------------------------------------------ @@ -145,4 +168,24 @@ abstract class CI_Session_driver implements SessionHandlerInterface { return TRUE; } + // ------------------------------------------------------------------------ + + /** + * Fail + * + * Drivers other than the 'files' one don't (need to) use the + * session.save_path INI setting, but that leads to confusing + * error messages emitted by PHP when open() or write() fail, + * as the message contains session.save_path ... + * To work around the problem, the drivers will call this method + * so that the INI is set just in time for the error message to + * be properly generated. + * + * @return mixed + */ + protected function _fail() + { + ini_set('session.save_path', config_item('sess_save_path')); + return $this->_failure; + } } diff --git a/system/libraries/Session/drivers/Session_database_driver.php b/system/libraries/Session/drivers/Session_database_driver.php index 1d01c2923..31f5a4663 100644 --- a/system/libraries/Session/drivers/Session_database_driver.php +++ b/system/libraries/Session/drivers/Session_database_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Sessions * @author Andrey Andreev - * @link http://codeigniter.com/user_guide/libraries/sessions.html + * @link https://codeigniter.com/user_guide/libraries/sessions.html */ class CI_Session_database_driver extends CI_Session_driver implements SessionHandlerInterface { @@ -109,7 +109,10 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan } // Note: BC work-around for the old 'sess_table_name' setting, should be removed in the future. - isset($this->_config['save_path']) OR $this->_config['save_path'] = config_item('sess_table_name'); + if ( ! isset($this->_config['save_path']) && ($this->_config['save_path'] = config_item('sess_table_name'))) + { + log_message('debug', 'Session: "sess_save_path" is empty; using BC fallback to "sess_table_name".'); + } } // ------------------------------------------------------------------------ @@ -125,9 +128,12 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan */ public function open($save_path, $name) { - return empty($this->_db->conn_id) - ? (bool) $this->_db->db_connect() - : TRUE; + if (empty($this->_db->conn_id) && ! $this->_db->db_connect()) + { + return $this->_fail(); + } + + return $this->_success; } // ------------------------------------------------------------------------ @@ -144,6 +150,9 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan { if ($this->_get_lock($session_id) !== FALSE) { + // Prevent previous QB calls from messing with our queries + $this->_db->reset_query(); + // Needed by write() to detect session_regenerate_id() calls $this->_session_id = $session_id; @@ -157,8 +166,12 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan $this->_db->where('ip_address', $_SERVER['REMOTE_ADDR']); } - if (($result = $this->_db->get()->row()) === NULL) + if ( ! ($result = $this->_db->get()) OR ($result = $result->row()) === NULL) { + // PHP7 will reuse the same SessionHandler object after + // ID regeneration, so we need to explicitly set this to + // FALSE instead of relying on the default ... + $this->_row_exists = FALSE; $this->_fingerprint = md5(''); return ''; } @@ -192,21 +205,24 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan */ public function write($session_id, $session_data) { + // Prevent previous QB calls from messing with our queries + $this->_db->reset_query(); + + if ($this->_lock === FALSE) + { + return $this->_fail(); + } // Was the ID regenerated? - if ($session_id !== $this->_session_id) + elseif ($session_id !== $this->_session_id) { if ( ! $this->_release_lock() OR ! $this->_get_lock($session_id)) { - return FALSE; + return $this->_fail(); } $this->_row_exists = FALSE; $this->_session_id = $session_id; } - elseif ($this->_lock === FALSE) - { - return FALSE; - } if ($this->_row_exists === FALSE) { @@ -220,10 +236,11 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan if ($this->_db->insert($this->_config['save_path'], $insert_data)) { $this->_fingerprint = md5($session_data); - return $this->_row_exists = TRUE; + $this->_row_exists = TRUE; + return $this->_success; } - return FALSE; + return $this->_fail(); } $this->_db->where('id', $session_id); @@ -243,10 +260,10 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan if ($this->_db->update($this->_config['save_path'], $update_data)) { $this->_fingerprint = md5($session_data); - return TRUE; + return $this->_success; } - return FALSE; + return $this->_fail(); } // ------------------------------------------------------------------------ @@ -260,9 +277,9 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan */ public function close() { - return ($this->_lock) - ? $this->_release_lock() - : TRUE; + return ($this->_lock && ! $this->_release_lock()) + ? $this->_fail() + : $this->_success; } // ------------------------------------------------------------------------ @@ -279,18 +296,28 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan { if ($this->_lock) { + // Prevent previous QB calls from messing with our queries + $this->_db->reset_query(); + $this->_db->where('id', $session_id); if ($this->_config['match_ip']) { $this->_db->where('ip_address', $_SERVER['REMOTE_ADDR']); } - return $this->_db->delete($this->_config['save_path']) - ? ($this->close() && $this->_cookie_destroy()) - : FALSE; + if ( ! $this->_db->delete($this->_config['save_path'])) + { + return $this->_fail(); + } } - return ($this->close() && $this->_cookie_destroy()); + if ($this->close() === $this->_success) + { + $this->_cookie_destroy(); + return $this->_success; + } + + return $this->_fail(); } // ------------------------------------------------------------------------ @@ -305,7 +332,12 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan */ public function gc($maxlifetime) { - return $this->_db->delete($this->_config['save_path'], 'timestamp < '.(time() - $maxlifetime)); + // Prevent previous QB calls from messing with our queries + $this->_db->reset_query(); + + return ($this->_db->delete($this->_config['save_path'], 'timestamp < '.(time() - $maxlifetime))) + ? $this->_success + : $this->_fail(); } // ------------------------------------------------------------------------ @@ -322,7 +354,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan { if ($this->_platform === 'mysql') { - $arg = $session_id.($this->_config['match_ip'] ? '_'.$_SERVER['REMOTE_ADDR'] : ''); + $arg = md5($session_id.($this->_config['match_ip'] ? '_'.$_SERVER['REMOTE_ADDR'] : '')); if ($this->_db->query("SELECT GET_LOCK('".$arg."', 300) AS ci_session_lock")->row()->ci_session_lock) { $this->_lock = $arg; @@ -385,5 +417,4 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan return parent::_release_lock(); } - } diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php index 45da91c46..6016e094e 100644 --- a/system/libraries/Session/drivers/Session_files_driver.php +++ b/system/libraries/Session/drivers/Session_files_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Sessions * @author Andrey Andreev - * @link http://codeigniter.com/user_guide/libraries/sessions.html + * @link https://codeigniter.com/user_guide/libraries/sessions.html */ class CI_Session_files_driver extends CI_Session_driver implements SessionHandlerInterface { @@ -76,6 +76,20 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle */ protected $_file_new; + /** + * Validate SID regular expression + * + * @var string + */ + protected $_sid_regexp; + + /** + * mbstring.func_override flag + * + * @var bool + */ + protected static $func_override; + // ------------------------------------------------------------------------ /** @@ -95,8 +109,13 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle } else { + log_message('debug', 'Session: "sess_save_path" is empty; using "session.save_path" value from php.ini.'); $this->_config['save_path'] = rtrim(ini_get('session.save_path'), '/\\'); } + + $this->_sid_regexp = $this->_config['_sid_regexp']; + + isset(self::$func_override) OR self::$func_override = (extension_loaded('mbstring') && ini_get('mbstring.func_override')); } // ------------------------------------------------------------------------ @@ -129,7 +148,7 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle .$name // we'll use the session cookie name as a prefix to avoid collisions .($this->_config['match_ip'] ? md5($_SERVER['REMOTE_ADDR']) : ''); - return TRUE; + return $this->_success; } // ------------------------------------------------------------------------ @@ -148,21 +167,12 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle // which re-reads session data if ($this->_file_handle === NULL) { - // Just using fopen() with 'c+b' mode would be perfect, but it is only - // available since PHP 5.2.6 and we have to set permissions for new files, - // so we'd have to hack around this ... - if (($this->_file_new = ! file_exists($this->_file_path.$session_id)) === TRUE) - { - if (($this->_file_handle = fopen($this->_file_path.$session_id, 'w+b')) === FALSE) - { - log_message('error', "Session: File '".$this->_file_path.$session_id."' doesn't exist and cannot be created."); - return FALSE; - } - } - elseif (($this->_file_handle = fopen($this->_file_path.$session_id, 'r+b')) === FALSE) + $this->_file_new = ! file_exists($this->_file_path.$session_id); + + if (($this->_file_handle = fopen($this->_file_path.$session_id, 'c+b')) === FALSE) { log_message('error', "Session: Unable to open file '".$this->_file_path.$session_id."'."); - return FALSE; + return $this->_failure; } if (flock($this->_file_handle, LOCK_EX) === FALSE) @@ -170,7 +180,7 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle log_message('error', "Session: Unable to obtain lock for file '".$this->_file_path.$session_id."'."); fclose($this->_file_handle); $this->_file_handle = NULL; - return FALSE; + return $this->_failure; } // Needed by write() to detect session_regenerate_id() calls @@ -183,13 +193,19 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle return ''; } } + // We shouldn't need this, but apparently we do ... + // See https://github.com/bcit-ci/CodeIgniter/issues/4039 + elseif ($this->_file_handle === FALSE) + { + return $this->_failure; + } else { rewind($this->_file_handle); } $session_data = ''; - for ($read = 0, $length = filesize($this->_file_path.$session_id); $read < $length; $read += strlen($buffer)) + for ($read = 0, $length = filesize($this->_file_path.$session_id); $read < $length; $read += self::strlen($buffer)) { if (($buffer = fread($this->_file_handle, $length - $read)) === FALSE) { @@ -218,20 +234,20 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle { // If the two IDs don't match, we have a session_regenerate_id() call // and we need to close the old handle and open a new one - if ($session_id !== $this->_session_id && ( ! $this->close() OR $this->read($session_id) === FALSE)) + if ($session_id !== $this->_session_id && ($this->close() === $this->_failure OR $this->read($session_id) === $this->_failure)) { - return FALSE; + return $this->_failure; } if ( ! is_resource($this->_file_handle)) { - return FALSE; + return $this->_failure; } elseif ($this->_fingerprint === md5($session_data)) { - return ($this->_file_new) - ? TRUE - : touch($this->_file_path.$session_id); + return ( ! $this->_file_new && ! touch($this->_file_path.$session_id)) + ? $this->_failure + : $this->_success; } if ( ! $this->_file_new) @@ -254,12 +270,12 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle { $this->_fingerprint = md5(substr($session_data, 0, $written)); log_message('error', 'Session: Unable to write data.'); - return FALSE; + return $this->_failure; } } $this->_fingerprint = md5($session_data); - return TRUE; + return $this->_success; } // ------------------------------------------------------------------------ @@ -279,10 +295,9 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle fclose($this->_file_handle); $this->_file_handle = $this->_file_new = $this->_session_id = NULL; - return TRUE; } - return TRUE; + return $this->_success; } // ------------------------------------------------------------------------ @@ -297,21 +312,33 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle */ public function destroy($session_id) { - if ($this->close()) + if ($this->close() === $this->_success) { - return file_exists($this->_file_path.$session_id) - ? (unlink($this->_file_path.$session_id) && $this->_cookie_destroy()) - : TRUE; + if (file_exists($this->_file_path.$session_id)) + { + $this->_cookie_destroy(); + return unlink($this->_file_path.$session_id) + ? $this->_success + : $this->_failure; + } + + return $this->_success; } elseif ($this->_file_path !== NULL) { clearstatcache(); - return file_exists($this->_file_path.$session_id) - ? (unlink($this->_file_path.$session_id) && $this->_cookie_destroy()) - : TRUE; + if (file_exists($this->_file_path.$session_id)) + { + $this->_cookie_destroy(); + return unlink($this->_file_path.$session_id) + ? $this->_success + : $this->_failure; + } + + return $this->_success; } - return FALSE; + return $this->_failure; } // ------------------------------------------------------------------------ @@ -329,15 +356,18 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle if ( ! is_dir($this->_config['save_path']) OR ($directory = opendir($this->_config['save_path'])) === FALSE) { log_message('debug', "Session: Garbage collector couldn't list files under directory '".$this->_config['save_path']."'."); - return FALSE; + return $this->_failure; } $ts = time() - $maxlifetime; + $pattern = ($this->_config['match_ip'] === TRUE) + ? '[0-9a-f]{32}' + : ''; + $pattern = sprintf( - '/^%s[0-9a-f]{%d}$/', - preg_quote($this->_config['cookie_name'], '/'), - ($this->_config['match_ip'] === TRUE ? 72 : 40) + '#\A%s'.$pattern.$this->_sid_regexp.'\z#', + preg_quote($this->_config['cookie_name']) ); while (($file = readdir($directory)) !== FALSE) @@ -356,7 +386,21 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle closedir($directory); - return TRUE; + return $this->_success; } + // -------------------------------------------------------------------- + + /** + * Byte-safe strlen() + * + * @param string $str + * @return int + */ + protected static function strlen($str) + { + return (self::$func_override) + ? mb_strlen($str, '8bit') + : strlen($str); + } } diff --git a/system/libraries/Session/drivers/Session_memcached_driver.php b/system/libraries/Session/drivers/Session_memcached_driver.php index 97b860588..2556bf0f7 100644 --- a/system/libraries/Session/drivers/Session_memcached_driver.php +++ b/system/libraries/Session/drivers/Session_memcached_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Sessions * @author Andrey Andreev - * @link http://codeigniter.com/user_guide/libraries/sessions.html + * @link https://codeigniter.com/user_guide/libraries/sessions.html */ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHandlerInterface { @@ -117,7 +117,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa { $this->_memcached = NULL; log_message('error', 'Session: Invalid Memcached save path format: '.$this->_config['save_path']); - return FALSE; + return $this->_fail(); } foreach ($matches as $match) @@ -142,10 +142,10 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa if (empty($server_list)) { log_message('error', 'Session: Memcached server pool is empty.'); - return FALSE; + return $this->_fail(); } - return TRUE; + return $this->_success; } // ------------------------------------------------------------------------ @@ -170,7 +170,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa return $session_data; } - return FALSE; + return $this->_fail(); } // ------------------------------------------------------------------------ @@ -186,40 +186,44 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa */ public function write($session_id, $session_data) { - if ( ! isset($this->_memcached)) + if ( ! isset($this->_memcached, $this->_lock_key)) { - return FALSE; + return $this->_fail(); } // Was the ID regenerated? elseif ($session_id !== $this->_session_id) { if ( ! $this->_release_lock() OR ! $this->_get_lock($session_id)) { - return FALSE; + return $this->_fail(); } $this->_fingerprint = md5(''); $this->_session_id = $session_id; } - if (isset($this->_lock_key)) + $key = $this->_key_prefix.$session_id; + + $this->_memcached->replace($this->_lock_key, time(), 300); + if ($this->_fingerprint !== ($fingerprint = md5($session_data))) { - $this->_memcached->replace($this->_lock_key, time(), 300); - if ($this->_fingerprint !== ($fingerprint = md5($session_data))) + if ($this->_memcached->set($key, $session_data, $this->_config['expiration'])) { - if ($this->_memcached->set($this->_key_prefix.$session_id, $session_data, $this->_config['expiration'])) - { - $this->_fingerprint = $fingerprint; - return TRUE; - } - - return FALSE; + $this->_fingerprint = $fingerprint; + return $this->_success; } - return $this->_memcached->touch($this->_key_prefix.$session_id, $this->_config['expiration']); + return $this->_fail(); + } + elseif ( + $this->_memcached->touch($key, $this->_config['expiration']) + OR ($this->_memcached->getResultCode() === Memcached::RES_NOTFOUND && $this->_memcached->set($key, $session_data, $this->_config['expiration'])) + ) + { + return $this->_success; } - return FALSE; + return $this->_fail(); } // ------------------------------------------------------------------------ @@ -235,17 +239,17 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa { if (isset($this->_memcached)) { - isset($this->_lock_key) && $this->_memcached->delete($this->_lock_key); + $this->_release_lock(); if ( ! $this->_memcached->quit()) { - return FALSE; + return $this->_fail(); } $this->_memcached = NULL; - return TRUE; + return $this->_success; } - return FALSE; + return $this->_fail(); } // ------------------------------------------------------------------------ @@ -263,10 +267,11 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa if (isset($this->_memcached, $this->_lock_key)) { $this->_memcached->delete($this->_key_prefix.$session_id); - return $this->_cookie_destroy(); + $this->_cookie_destroy(); + return $this->_success; } - return FALSE; + return $this->_fail(); } // ------------------------------------------------------------------------ @@ -282,7 +287,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa public function gc($maxlifetime) { // Not necessary, Memcached takes care of that. - return TRUE; + return $this->_success; } // ------------------------------------------------------------------------ @@ -297,9 +302,17 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa */ protected function _get_lock($session_id) { - if (isset($this->_lock_key)) + // PHP 7 reuses the SessionHandler object on regeneration, + // so we need to check here if the lock key is for the + // correct session ID. + if ($this->_lock_key === $this->_key_prefix.$session_id.':lock') { - return $this->_memcached->replace($this->_lock_key, time(), 300); + if ( ! $this->_memcached->replace($this->_lock_key, time(), 300)) + { + return ($this->_memcached->getResultCode() === Memcached::RES_NOTFOUND) + ? $this->_memcached->set($this->_lock_key, time(), 300) + : FALSE; + } } // 30 attempts to obtain a lock, in case another request already has it @@ -359,5 +372,4 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa return TRUE; } - } diff --git a/system/libraries/Session/drivers/Session_redis_driver.php b/system/libraries/Session/drivers/Session_redis_driver.php index b098cc441..5313de04c 100644 --- a/system/libraries/Session/drivers/Session_redis_driver.php +++ b/system/libraries/Session/drivers/Session_redis_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Sessions * @author Andrey Andreev - * @link http://codeigniter.com/user_guide/libraries/sessions.html + * @link https://codeigniter.com/user_guide/libraries/sessions.html */ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandlerInterface { @@ -69,6 +69,13 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle */ protected $_lock_key; + /** + * Key exists flag + * + * @var bool + */ + protected $_key_exists = FALSE; + // ------------------------------------------------------------------------ /** @@ -85,27 +92,40 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle { log_message('error', 'Session: No Redis save path configured.'); } - elseif (preg_match('#(?:tcp://)?([^:?]+)(?:\:(\d+))?(\?.+)?#', $this->_config['save_path'], $matches)) + elseif (preg_match('#^unix://([^\?]+)(?<options>\?.+)?$#', $this->_config['save_path'], $matches)) + { + $save_path = array('path' => $matches[1]); + } + elseif (preg_match('#(?:tcp://)?([^:?]+)(?:\:(\d+))?(?<options>\?.+)?#', $this->_config['save_path'], $matches)) { - isset($matches[3]) OR $matches[3] = ''; // Just to avoid undefined index notices below - $this->_config['save_path'] = array( - 'host' => $matches[1], - 'port' => empty($matches[2]) ? NULL : $matches[2], - 'password' => preg_match('#auth=([^\s&]+)#', $matches[3], $match) ? $match[1] : NULL, - 'database' => preg_match('#database=(\d+)#', $matches[3], $match) ? (int) $match[1] : NULL, - 'timeout' => preg_match('#timeout=(\d+\.\d+)#', $matches[3], $match) ? (float) $match[1] : NULL + $save_path = array( + 'host' => $matches[1], + 'port' => empty($matches[2]) ? NULL : $matches[2], + 'timeout' => NULL // We always pass this to Redis::connect(), so it needs to exist ); - - preg_match('#prefix=([^\s&]+)#', $matches[3], $match) && $this->_key_prefix = $match[1]; } else { log_message('error', 'Session: Invalid Redis save path format: '.$this->_config['save_path']); } - if ($this->_config['match_ip'] === TRUE) + if (isset($save_path)) { - $this->_key_prefix .= $_SERVER['REMOTE_ADDR'].':'; + if (isset($matches['options'])) + { + $save_path['password'] = preg_match('#auth=([^\s&]+)#', $matches['options'], $match) ? $match[1] : NULL; + $save_path['database'] = preg_match('#database=(\d+)#', $matches['options'], $match) ? (int) $match[1] : NULL; + $save_path['timeout'] = preg_match('#timeout=(\d+\.\d+)#', $matches['options'], $match) ? (float) $match[1] : NULL; + + preg_match('#prefix=([^\s&]+)#', $matches['options'], $match) && $this->_key_prefix = $match[1]; + } + + $this->_config['save_path'] = $save_path; + + if ($this->_config['match_ip'] === TRUE) + { + $this->_key_prefix .= $_SERVER['REMOTE_ADDR'].':'; + } } } @@ -124,29 +144,40 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle { if (empty($this->_config['save_path'])) { - return FALSE; + return $this->_fail(); } $redis = new Redis(); - if ( ! $redis->connect($this->_config['save_path']['host'], $this->_config['save_path']['port'], $this->_config['save_path']['timeout'])) - { - log_message('error', 'Session: Unable to connect to Redis with the configured settings.'); - } - elseif (isset($this->_config['save_path']['password']) && ! $redis->auth($this->_config['save_path']['password'])) - { - log_message('error', 'Session: Unable to authenticate to Redis instance.'); - } - elseif (isset($this->_config['save_path']['database']) && ! $redis->select($this->_config['save_path']['database'])) + $connected = isset($this->_config['save_path']['path']) + ? $redis->connect($this->_config['save_path']['path']) + : $redis->connect( + $this->_config['save_path']['host'], + $this->_config['save_path']['port'], + $this->_config['save_path']['timeout'] + ); + + if ($connected) { - log_message('error', 'Session: Unable to select Redis database with index '.$this->_config['save_path']['database']); + if (isset($this->_config['save_path']['password']) && ! $redis->auth($this->_config['save_path']['password'])) + { + log_message('error', 'Session: Unable to authenticate to Redis instance.'); + } + elseif (isset($this->_config['save_path']['database']) && ! $redis->select($this->_config['save_path']['database'])) + { + log_message('error', 'Session: Unable to select Redis database with index '.$this->_config['save_path']['database']); + } + else + { + $this->_redis = $redis; + return $this->_success; + } } else { - $this->_redis = $redis; - return TRUE; + log_message('error', 'Session: Unable to connect to Redis with the configured settings.'); } - return FALSE; + return $this->_fail(); } // ------------------------------------------------------------------------ @@ -166,12 +197,17 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle // Needed by write() to detect session_regenerate_id() calls $this->_session_id = $session_id; - $session_data = (string) $this->_redis->get($this->_key_prefix.$session_id); + $session_data = $this->_redis->get($this->_key_prefix.$session_id); + + is_string($session_data) + ? $this->_key_exists = TRUE + : $session_data = ''; + $this->_fingerprint = md5($session_data); return $session_data; } - return FALSE; + return $this->_fail(); } // ------------------------------------------------------------------------ @@ -187,40 +223,38 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle */ public function write($session_id, $session_data) { - if ( ! isset($this->_redis)) + if ( ! isset($this->_redis, $this->_lock_key)) { - return FALSE; + return $this->_fail(); } // Was the ID regenerated? elseif ($session_id !== $this->_session_id) { if ( ! $this->_release_lock() OR ! $this->_get_lock($session_id)) { - return FALSE; + return $this->_fail(); } - $this->_fingerprint = md5(''); + $this->_key_exists = FALSE; $this->_session_id = $session_id; } - if (isset($this->_lock_key)) + $this->_redis->setTimeout($this->_lock_key, 300); + if ($this->_fingerprint !== ($fingerprint = md5($session_data)) OR $this->_key_exists === FALSE) { - $this->_redis->setTimeout($this->_lock_key, 300); - if ($this->_fingerprint !== ($fingerprint = md5($session_data))) + if ($this->_redis->set($this->_key_prefix.$session_id, $session_data, $this->_config['expiration'])) { - if ($this->_redis->set($this->_key_prefix.$session_id, $session_data, $this->_config['expiration'])) - { - $this->_fingerprint = $fingerprint; - return TRUE; - } - - return FALSE; + $this->_fingerprint = $fingerprint; + $this->_key_exists = TRUE; + return $this->_success; } - return $this->_redis->setTimeout($this->_key_prefix.$session_id, $this->_config['expiration']); + return $this->_fail(); } - return FALSE; + return ($this->_redis->setTimeout($this->_key_prefix.$session_id, $this->_config['expiration'])) + ? $this->_success + : $this->_fail(); } // ------------------------------------------------------------------------ @@ -239,10 +273,10 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle try { if ($this->_redis->ping() === '+PONG') { - isset($this->_lock_key) && $this->_redis->delete($this->_lock_key); - if ( ! $this->_redis->close()) + $this->_release_lock(); + if ($this->_redis->close() === FALSE) { - return FALSE; + return $this->_fail(); } } } @@ -252,10 +286,10 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle } $this->_redis = NULL; - return TRUE; + return $this->_success; } - return TRUE; + return $this->_success; } // ------------------------------------------------------------------------ @@ -277,10 +311,11 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle log_message('debug', 'Session: Redis::delete() expected to return 1, got '.var_export($result, TRUE).' instead.'); } - return $this->_cookie_destroy(); + $this->_cookie_destroy(); + return $this->_success; } - return FALSE; + return $this->_fail(); } // ------------------------------------------------------------------------ @@ -296,7 +331,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle public function gc($maxlifetime) { // Not necessary, Redis takes care of that. - return TRUE; + return $this->_success; } // ------------------------------------------------------------------------ @@ -311,7 +346,10 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle */ protected function _get_lock($session_id) { - if (isset($this->_lock_key)) + // PHP 7 reuses the SessionHandler object on regeneration, + // so we need to check here if the lock key is for the + // correct session ID. + if ($this->_lock_key === $this->_key_prefix.$session_id.':lock') { return $this->_redis->setTimeout($this->_lock_key, 300); } diff --git a/system/libraries/Table.php b/system/libraries/Table.php index 2d9823093..dc309890b 100644 --- a/system/libraries/Table.php +++ b/system/libraries/Table.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.3.1 * @filesource */ @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category HTML Tables * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/table.html + * @link https://codeigniter.com/user_guide/libraries/table.html */ class CI_Table { @@ -277,6 +277,7 @@ class CI_Table { public function set_caption($caption) { $this->caption = $caption; + return $this; } // -------------------------------------------------------------------- @@ -426,6 +427,7 @@ class CI_Table { $this->rows = array(); $this->heading = array(); $this->auto_heading = TRUE; + $this->caption = NULL; return $this; } diff --git a/system/libraries/Trackback.php b/system/libraries/Trackback.php index 23bdbbd58..55e9a0ee6 100644 --- a/system/libraries/Trackback.php +++ b/system/libraries/Trackback.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Trackbacks * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/trackback.html + * @link https://codeigniter.com/user_guide/libraries/trackback.html */ class CI_Trackback { @@ -370,7 +370,7 @@ class CI_Trackback { { $url = trim($url); - if (strpos($url, 'http') !== 0) + if (stripos($url, 'http') !== 0) { $url = 'http://'.$url; } diff --git a/system/libraries/Typography.php b/system/libraries/Typography.php index 3b6cb1645..b25d8fdaa 100644 --- a/system/libraries/Typography.php +++ b/system/libraries/Typography.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Helpers * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/typography.html + * @link https://codeigniter.com/user_guide/libraries/typography.html */ class CI_Typography { @@ -241,7 +241,7 @@ class CI_Typography { // Clean up stray paragraph tags that appear before block level elements '#<p></p><('.$this->block_elements.')#' => '<$1', - // Clean up stray non-breaking spaces preceeding block elements + // Clean up stray non-breaking spaces preceding block elements '#( \s*)+<('.$this->block_elements.')#' => ' <$2', // Replace the temporary markers we added earlier diff --git a/system/libraries/Unit_test.php b/system/libraries/Unit_test.php index 3f986f3e8..38e0fbd24 100644 --- a/system/libraries/Unit_test.php +++ b/system/libraries/Unit_test.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.3.1 * @filesource */ @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category UnitTesting * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/unit_testing.html + * @link https://codeigniter.com/user_guide/libraries/unit_testing.html */ class CI_Unit_test { @@ -154,7 +154,6 @@ class CI_Unit_test { if (in_array($expected, array('is_object', 'is_string', 'is_bool', 'is_true', 'is_false', 'is_int', 'is_numeric', 'is_float', 'is_double', 'is_array', 'is_null', 'is_resource'), TRUE)) { - $expected = str_replace('is_double', 'is_float', $expected); $result = $expected($test); $extype = str_replace(array('true', 'false'), 'bool', str_replace('is_', '', $expected)); } @@ -291,7 +290,7 @@ class CI_Unit_test { { continue; } - elseif (in_array($key, array('test_name', 'test_datatype', 'test_res_datatype', 'result'), TRUE)) + elseif (in_array($key, array('test_name', 'test_datatype', 'res_datatype', 'result'), TRUE)) { if (FALSE !== ($line = $CI->lang->line(strtolower('ut_'.$val), FALSE))) { diff --git a/system/libraries/Upload.php b/system/libraries/Upload.php index 8a2dec76a..3a1731e58 100644 --- a/system/libraries/Upload.php +++ b/system/libraries/Upload.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Uploads * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/file_uploading.html + * @link https://codeigniter.com/user_guide/libraries/file_uploading.html */ class CI_Upload { @@ -286,7 +286,7 @@ class CI_Upload { /** * Constructor * - * @param array $props + * @param array $config * @return void */ public function __construct($config = array()) @@ -526,6 +526,12 @@ class CI_Upload { $this->file_name = preg_replace('/\s+/', '_', $this->file_name); } + if ($this->file_ext_tolower && ($ext_length = strlen($this->file_ext))) + { + // file_ext was previously lower-cased by a get_extension() call + $this->file_name = substr($this->file_name, 0, -$ext_length).$this->file_ext; + } + /* * Validate the file name * This function appends an number onto the end of @@ -595,7 +601,7 @@ class CI_Upload { 'file_type' => $this->file_type, 'file_path' => $this->upload_path, 'full_path' => $this->upload_path.$this->file_name, - 'raw_name' => str_replace($this->file_ext, '', $this->file_name), + 'raw_name' => substr($this->file_name, 0, -strlen($this->file_ext)), 'orig_name' => $this->orig_name, 'client_name' => $this->client_name, 'file_ext' => $this->file_ext, @@ -1077,16 +1083,27 @@ class CI_Upload { return FALSE; } - if (memory_get_usage() && ($memory_limit = ini_get('memory_limit'))) + if (memory_get_usage() && ($memory_limit = ini_get('memory_limit')) > 0) { - $memory_limit *= 1024 * 1024; - - // There was a bug/behavioural change in PHP 5.2, where numbers over one million get output - // into scientific notation. number_format() ensures this number is an integer - // http://bugs.php.net/bug.php?id=43053 - - $memory_limit = number_format(ceil(filesize($file) + $memory_limit), 0, '.', ''); + $memory_limit = str_split($memory_limit, strspn($memory_limit, '1234567890')); + if ( ! empty($memory_limit[1])) + { + switch ($memory_limit[1][0]) + { + case 'g': + case 'G': + $memory_limit[0] *= 1024 * 1024 * 1024; + break; + case 'm': + case 'M': + $memory_limit[0] *= 1024 * 1024; + break; + default: + break; + } + } + $memory_limit = (int) ceil(filesize($file) + $memory_limit[0]); ini_set('memory_limit', $memory_limit); // When an integer is used, the value is measured in bytes. - PHP.net } @@ -1201,10 +1218,13 @@ class CI_Upload { // We'll need this to validate the MIME info string (e.g. text/plain; charset=us-ascii) $regexp = '/^([a-z\-]+\/[a-z0-9\-\.\+]+)(;\s.+)?$/'; - /* Fileinfo extension - most reliable method + /** + * Fileinfo extension - most reliable method * - * Unfortunately, prior to PHP 5.3 - it's only available as a PECL extension and the - * more convenient FILEINFO_MIME_TYPE flag doesn't exist. + * Apparently XAMPP, CentOS, cPanel and who knows what + * other PHP distribution channels EXPLICITLY DISABLE + * ext/fileinfo, which is otherwise enabled by default + * since PHP 5.3 ... */ if (function_exists('finfo_file')) { @@ -1239,9 +1259,7 @@ class CI_Upload { */ if (DIRECTORY_SEPARATOR !== '\\') { - $cmd = function_exists('escapeshellarg') - ? 'file --brief --mime '.escapeshellarg($file['tmp_name']).' 2>&1' - : 'file --brief --mime '.$file['tmp_name'].' 2>&1'; + $cmd = 'file --brief --mime '.escapeshellarg($file['tmp_name']).' 2>&1'; if (function_usable('exec')) { @@ -1258,7 +1276,7 @@ class CI_Upload { } } - if ( ! ini_get('safe_mode') && function_usable('shell_exec')) + if (function_usable('shell_exec')) { $mime = @shell_exec($cmd); if (strlen($mime) > 0) diff --git a/system/libraries/User_agent.php b/system/libraries/User_agent.php index 53d932a53..cda3ef0a0 100644 --- a/system/libraries/User_agent.php +++ b/system/libraries/User_agent.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category User Agent * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/user_agent.html + * @link https://codeigniter.com/user_guide/libraries/user_agent.html */ class CI_User_agent { @@ -173,13 +173,11 @@ class CI_User_agent { */ public function __construct() { + $this->_load_agent_file(); + if (isset($_SERVER['HTTP_USER_AGENT'])) { $this->agent = trim($_SERVER['HTTP_USER_AGENT']); - } - - if ($this->agent !== NULL && $this->_load_agent_file()) - { $this->_compile_data(); } diff --git a/system/libraries/Xmlrpc.php b/system/libraries/Xmlrpc.php index 55555f56f..e025c4508 100644 --- a/system/libraries/Xmlrpc.php +++ b/system/libraries/Xmlrpc.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -51,7 +51,7 @@ if ( ! function_exists('xml_parser_create')) * @subpackage Libraries * @category XML-RPC * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/xmlrpc.html + * @link https://codeigniter.com/user_guide/libraries/xmlrpc.html */ class CI_Xmlrpc { @@ -238,7 +238,7 @@ class CI_Xmlrpc { public $result; /** - * XML-RPC Reponse + * XML-RPC Response * * @var array */ @@ -352,7 +352,7 @@ class CI_Xmlrpc { */ public function server($url, $port = 80, $proxy = FALSE, $proxy_port = 8080) { - if (strpos($url, 'http') !== 0) + if (stripos($url, 'http') !== 0) { $url = 'http://'.$url; } @@ -559,7 +559,7 @@ class CI_Xmlrpc { * * @category XML-RPC * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/xmlrpc.html + * @link https://codeigniter.com/user_guide/libraries/xmlrpc.html */ class XML_RPC_Client extends CI_Xmlrpc { @@ -735,6 +735,8 @@ class XML_RPC_Client extends CI_Xmlrpc .'Content-Length: '.strlen($msg->payload).$r.$r .$msg->payload; + stream_set_timeout($fp, $this->timeout); // set timeout for subsequent operations + for ($written = $timestamp = 0, $length = strlen($op); $written < $length; $written += $result) { if (($result = fwrite($fp, substr($op, $written))) === FALSE) @@ -753,9 +755,6 @@ class XML_RPC_Client extends CI_Xmlrpc $result = FALSE; break; } - - usleep(250000); - continue; } else { @@ -781,7 +780,7 @@ class XML_RPC_Client extends CI_Xmlrpc * * @category XML-RPC * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/xmlrpc.html + * @link https://codeigniter.com/user_guide/libraries/xmlrpc.html */ class XML_RPC_Response { @@ -837,9 +836,7 @@ class XML_RPC_Response { // error $this->errno = $code; - $this->errstr = htmlspecialchars($fstr, - (is_php('5.4') ? ENT_XML1 | ENT_NOQUOTES : ENT_NOQUOTES), - 'UTF-8'); + $this->errstr = htmlspecialchars($fstr, ENT_XML1 | ENT_NOQUOTES, 'UTF-8'); } elseif ( ! is_object($val)) { @@ -1030,7 +1027,7 @@ class XML_RPC_Response * * @category XML-RPC * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/xmlrpc.html + * @link https://codeigniter.com/user_guide/libraries/xmlrpc.html */ class XML_RPC_Message extends CI_Xmlrpc { @@ -1649,7 +1646,7 @@ class XML_RPC_Message extends CI_Xmlrpc * * @category XML-RPC * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/xmlrpc.html + * @link https://codeigniter.com/user_guide/libraries/xmlrpc.html */ class XML_RPC_Values extends CI_Xmlrpc { diff --git a/system/libraries/Xmlrpcs.php b/system/libraries/Xmlrpcs.php index 00d1feca6..21de937c8 100644 --- a/system/libraries/Xmlrpcs.php +++ b/system/libraries/Xmlrpcs.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -56,7 +56,7 @@ if ( ! class_exists('CI_Xmlrpc', FALSE)) * @subpackage Libraries * @category XML-RPC * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/xmlrpc.html + * @link https://codeigniter.com/user_guide/libraries/xmlrpc.html */ class CI_Xmlrpcs extends CI_Xmlrpc { @@ -339,11 +339,11 @@ class CI_Xmlrpcs extends CI_Xmlrpc { //------------------------------------- $method_parts = explode('.', $this->methods[$methName]['function']); - $objectCall = (isset($method_parts[1]) && $method_parts[1] !== ''); + $objectCall = ! empty($method_parts[1]); if ($system_call === TRUE) { - if ( ! is_callable(array($this,$method_parts[1]))) + if ( ! is_callable(array($this, $method_parts[1]))) { return new XML_RPC_Response(0, $this->xmlrpcerr['unknown_method'], $this->xmlrpcstr['unknown_method']); } @@ -400,11 +400,11 @@ class CI_Xmlrpcs extends CI_Xmlrpc { } elseif ($this->object === FALSE) { - return get_instance()->$method_parts[1]($m); + return get_instance()->{$method_parts[1]}($m); } else { - return $this->object->$method_parts[1]($m); + return $this->object->{$method_parts[1]}($m); } } else diff --git a/system/libraries/Zip.php b/system/libraries/Zip.php index 3e98ac568..d6974b13a 100644 --- a/system/libraries/Zip.php +++ b/system/libraries/Zip.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -50,7 +50,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Encryption * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/zip.html + * @link https://codeigniter.com/user_guide/libraries/zip.html */ class CI_Zip { @@ -106,12 +106,21 @@ class CI_Zip { public $compression_level = 2; /** + * mbstring.func_override flag + * + * @var bool + */ + protected static $func_override; + + /** * Initialize zip compression class * * @return void */ public function __construct() { + isset(self::$func_override) OR self::$func_override = (extension_loaded('mbstring') && ini_get('mbstring.func_override')); + $this->now = time(); log_message('info', 'Zip Compression Class Initialized'); } @@ -182,7 +191,7 @@ class CI_Zip { .pack('V', 0) // crc32 .pack('V', 0) // compressed filesize .pack('V', 0) // uncompressed filesize - .pack('v', strlen($dir)) // length of pathname + .pack('v', self::strlen($dir)) // length of pathname .pack('v', 0) // extra field length .$dir // below is "data descriptor" segment @@ -197,7 +206,7 @@ class CI_Zip { .pack('V',0) // crc32 .pack('V',0) // compressed filesize .pack('V',0) // uncompressed filesize - .pack('v', strlen($dir)) // length of pathname + .pack('v', self::strlen($dir)) // length of pathname .pack('v', 0) // extra field length .pack('v', 0) // file comment length .pack('v', 0) // disk number start @@ -206,7 +215,7 @@ class CI_Zip { .pack('V', $this->offset) // relative offset of local header .$dir; - $this->offset = strlen($this->zipdata); + $this->offset = self::strlen($this->zipdata); $this->entries++; } @@ -255,10 +264,10 @@ class CI_Zip { { $filepath = str_replace('\\', '/', $filepath); - $uncompressed_size = strlen($data); + $uncompressed_size = self::strlen($data); $crc32 = crc32($data); - $gzdata = substr(gzcompress($data, $this->compression_level), 2, -4); - $compressed_size = strlen($gzdata); + $gzdata = self::substr(gzcompress($data, $this->compression_level), 2, -4); + $compressed_size = self::strlen($gzdata); $this->zipdata .= "\x50\x4b\x03\x04\x14\x00\x00\x00\x08\x00" @@ -267,7 +276,7 @@ class CI_Zip { .pack('V', $crc32) .pack('V', $compressed_size) .pack('V', $uncompressed_size) - .pack('v', strlen($filepath)) // length of filename + .pack('v', self::strlen($filepath)) // length of filename .pack('v', 0) // extra field length .$filepath .$gzdata; // "file data" segment @@ -279,7 +288,7 @@ class CI_Zip { .pack('V', $crc32) .pack('V', $compressed_size) .pack('V', $uncompressed_size) - .pack('v', strlen($filepath)) // length of filename + .pack('v', self::strlen($filepath)) // length of filename .pack('v', 0) // extra field length .pack('v', 0) // file comment length .pack('v', 0) // disk number start @@ -288,7 +297,7 @@ class CI_Zip { .pack('V', $this->offset) // relative offset of local header .$filepath; - $this->offset = strlen($this->zipdata); + $this->offset = self::strlen($this->zipdata); $this->entries++; $this->file_num++; } @@ -401,8 +410,8 @@ class CI_Zip { .$this->directory."\x50\x4b\x05\x06\x00\x00\x00\x00" .pack('v', $this->entries) // total # of entries "on this disk" .pack('v', $this->entries) // total # of entries overall - .pack('V', strlen($this->directory)) // size of central dir - .pack('V', strlen($this->zipdata)) // offset to start of central dir + .pack('V', self::strlen($this->directory)) // size of central dir + .pack('V', self::strlen($this->zipdata)) // offset to start of central dir ."\x00\x00"; // .zip file comment length } @@ -425,9 +434,9 @@ class CI_Zip { flock($fp, LOCK_EX); - for ($result = $written = 0, $data = $this->get_zip(), $length = strlen($data); $written < $length; $written += $result) + for ($result = $written = 0, $data = $this->get_zip(), $length = self::strlen($data); $written < $length; $written += $result) { - if (($result = fwrite($fp, substr($data, $written))) === FALSE) + if (($result = fwrite($fp, self::substr($data, $written))) === FALSE) { break; } @@ -481,4 +490,40 @@ class CI_Zip { return $this; } + // -------------------------------------------------------------------- + + /** + * Byte-safe strlen() + * + * @param string $str + * @return int + */ + protected static function strlen($str) + { + return (self::$func_override) + ? mb_strlen($str, '8bit') + : strlen($str); + } + + // -------------------------------------------------------------------- + + /** + * Byte-safe substr() + * + * @param string $str + * @param int $start + * @param int $length + * @return string + */ + protected static function substr($str, $start, $length = NULL) + { + if (self::$func_override) + { + return mb_substr($str, $start, $length, '8bit'); + } + + return isset($length) + ? substr($str, $start, $length) + : substr($str, $start); + } } diff --git a/tests/Bootstrap.php b/tests/Bootstrap.php index 8240d2340..b4e56bdae 100644 --- a/tests/Bootstrap.php +++ b/tests/Bootstrap.php @@ -1,10 +1,4 @@ <?php -// For some reason, setting this fixes the 5.2 tests but breaks the 5.3 ones ... -if (version_compare(PHP_VERSION, '5.3.0', '<')) -{ - ini_set('memory_limit', '128M'); -} - // Errors on full! ini_set('display_errors', 1); error_reporting(E_ALL | E_STRICT); diff --git a/tests/codeigniter/core/Common_test.php b/tests/codeigniter/core/Common_test.php index 999b49cb3..ca19e5de0 100644 --- a/tests/codeigniter/core/Common_test.php +++ b/tests/codeigniter/core/Common_test.php @@ -47,6 +47,23 @@ class Common_test extends CI_TestCase { html_escape('Here is a string containing "quoted" text.'), 'Here is a string containing "quoted" text.' ); + + $this->assertEquals( + html_escape(array('associative' => 'and', array('multi' => 'dimentional'))), + array('associative' => 'and', array('multi' => 'dimentional')) + ); } + // ------------------------------------------------------------------------ + + public function test_remove_invisible_characters() + { + $raw_string = 'Here is a string containing invisible'.chr(0x08).' text %0e.'; + $removed_string = 'Here is a string containing invisible text %0e.'; + $this->assertEquals($removed_string, remove_invisible_characters($raw_string, FALSE)); + + $raw_string = 'Here is a string %0econtaining url_encoded invisible%1F text.'; + $removed_string = 'Here is a string containing url_encoded invisible text.'; + $this->assertEquals($removed_string, remove_invisible_characters($raw_string)); + } }
\ No newline at end of file diff --git a/tests/codeigniter/core/Config_test.php b/tests/codeigniter/core/Config_test.php index f125fc6e9..5201d46dc 100644 --- a/tests/codeigniter/core/Config_test.php +++ b/tests/codeigniter/core/Config_test.php @@ -79,46 +79,33 @@ class Config_test extends CI_TestCase { $old_script_name = isset($_SERVER['SCRIPT_NAME']) ? $_SERVER['SCRIPT_NAME'] : NULL; $old_script_filename = $_SERVER['SCRIPT_FILENAME']; $old_https = isset($_SERVER['HTTPS']) ? $_SERVER['HTTPS'] : NULL; + $old_server_addr = isset($_SERVER['SERVER_ADDR']) ? $_SERVER['SERVER_ADDR'] : NULL; - // Setup server vars for detection - $host = 'test.com'; - $path = '/'; - $script = 'base_test.php'; - $_SERVER['HTTP_HOST'] = $host; - $_SERVER['SCRIPT_NAME'] = $path.$script; - $_SERVER['SCRIPT_FILENAME'] = '/foo/bar/'.$script; - - // Rerun constructor + // The 'Host' header is user input and must not be trusted + $_SERVER['HTTP_HOST'] = 'test.com'; $this->config = new $cls; + $this->assertEquals('http://localhost/', $this->config->base_url()); - // Test plain detected (root) - $this->assertEquals('http://'.$host.$path, $this->config->base_url()); - - // Rerun constructor - $path = '/path/'; - $_SERVER['SCRIPT_NAME'] = $path.$script; - $_SERVER['SCRIPT_FILENAME'] = '/foo/bar/'.$path.$script; + // However, we may fallback to the server's IP address + $_SERVER['SERVER_ADDR'] = '127.0.0.1'; + $_SERVER['SCRIPT_NAME'] = '/base_test.php'; + $_SERVER['SCRIPT_FILENAME'] = '/foo/bar/base_test.php'; $this->config = new $cls; + $this->assertEquals('http://127.0.0.1/', $this->config->base_url()); - // Test plain detected (subfolder) - $this->assertEquals('http://'.$host.$path, $this->config->base_url()); - - // Rerun constructor + // Making sure that HTTPS and URI path are also detected $_SERVER['HTTPS'] = 'on'; + $_SERVER['SCRIPT_NAME'] = '/path/base_test.php'; + $_SERVER['SCRIPT_FILENAME'] = '/foo/bar/path/base_test.php'; $this->config = new $cls; - - // Test secure detected - $this->assertEquals('https://'.$host.$path, $this->config->base_url()); + $this->assertEquals('https://127.0.0.1/path/', $this->config->base_url()); // Restore server vars - if ($old_host === NULL) unset($_SERVER['HTTP_HOST']); - else $_SERVER['HTTP_HOST'] = $old_host; - if ($old_script_name === NULL) unset($_SERVER['SCRIPT_NAME']); - else $_SERVER['SCRIPT_NAME'] = $old_script_name; - if ($old_https === NULL) unset($_SERVER['HTTPS']); - else $_SERVER['HTTPS'] = $old_https; - + $_SERVER['HTTP_HOST'] = $old_host; + $_SERVER['SCRIPT_NAME'] = $old_script_name; $_SERVER['SCRIPT_FILENAME'] = $old_script_filename; + $_SERVER['HTTPS'] = $old_https; + $_SERVER['SERVER_ADDR'] = $old_server_addr; } // -------------------------------------------------------------------- @@ -140,6 +127,8 @@ class Config_test extends CI_TestCase { $this->assertEquals($index_page.'/'.$uri, $this->config->site_url($uri)); $this->assertEquals($index_page.'/'.$uri.'/'.$uri2, $this->config->site_url(array($uri, $uri2))); + $this->assertEquals($index_page.'/test/', $this->config->site_url('test/')); + $suffix = 'ing'; $this->config->set_item('url_suffix', $suffix); @@ -163,13 +152,6 @@ class Config_test extends CI_TestCase { // -------------------------------------------------------------------- - public function test_system_url() - { - $this->assertEquals($this->cfg['base_url'].'system/', $this->config->system_url()); - } - - // -------------------------------------------------------------------- - public function test_load() { // Test regular load @@ -248,4 +230,4 @@ class Config_test extends CI_TestCase { $this->assertNull($this->config->load($file)); } -}
\ No newline at end of file +} diff --git a/tests/codeigniter/core/Input_test.php b/tests/codeigniter/core/Input_test.php index c56900d22..e068a84be 100644 --- a/tests/codeigniter/core/Input_test.php +++ b/tests/codeigniter/core/Input_test.php @@ -12,12 +12,8 @@ class Input_test extends CI_TestCase { $this->ci_set_config('global_xss_filtering', FALSE); $this->ci_set_config('csrf_protection', FALSE); - $security = new Mock_Core_Security(); - - $this->ci_set_config('charset', 'UTF-8'); - $utf8 = new Mock_Core_Utf8(); - - $this->input = new Mock_Core_Input($security, $utf8); + $security = new Mock_Core_Security('UTF-8'); + $this->input = new CI_Input($security); } // -------------------------------------------------------------------- @@ -122,14 +118,17 @@ class Input_test extends CI_TestCase { public function test_fetch_from_array() { + $reflection = new ReflectionMethod($this->input, '_fetch_from_array'); + $reflection->setAccessible(TRUE); + $data = array( 'foo' => 'bar', 'harm' => 'Hello, i try to <script>alert(\'Hack\');</script> your site', ); - $foo = $this->input->fetch_from_array($data, 'foo'); - $harm = $this->input->fetch_from_array($data, 'harm'); - $harmless = $this->input->fetch_from_array($data, 'harm', TRUE); + $foo = $reflection->invokeArgs($this->input, [&$data, 'foo']); + $harm = $reflection->invokeArgs($this->input, [&$data, 'harm']); + $harmless = $reflection->invokeArgs($this->input, [&$data, 'harm', TRUE]); $this->assertEquals('bar', $foo); $this->assertEquals("Hello, i try to <script>alert('Hack');</script> your site", $harm); @@ -217,51 +216,60 @@ class Input_test extends CI_TestCase { public function test_ip_address() { - $this->input->ip_address = '127.0.0.1'; + $reflection = new ReflectionProperty($this->input, 'ip_address'); + $reflection->setAccessible(TRUE); + + $reflection->setValue($this->input, '127.0.0.1'); $this->assertEquals('127.0.0.1', $this->input->ip_address()); // 127.0.0.1 is set in our Bootstrap file - $this->input->ip_address = FALSE; + $reflection->setValue($this->input, FALSE); $this->assertEquals('127.0.0.1', $this->input->ip_address()); // Invalid $_SERVER['REMOTE_ADDR'] = 'invalid_ip_address'; - $this->input->ip_address = FALSE; // reset cached value + $reflection->setValue($this->input, FALSE); // reset cached value $this->assertEquals('0.0.0.0', $this->input->ip_address()); $_SERVER['REMOTE_ADDR'] = '127.0.0.1'; // Proxy_ips tests - $this->input->ip_address = FALSE; + $reflection->setValue($this->input, FALSE); $this->ci_set_config('proxy_ips', '127.0.0.3, 127.0.0.4, 127.0.0.2'); $_SERVER['HTTP_CLIENT_IP'] = '127.0.0.2'; $this->assertEquals('127.0.0.1', $this->input->ip_address()); // Invalid spoof - $this->input->ip_address = FALSE; + $reflection->setValue($this->input, FALSE); $this->ci_set_config('proxy_ips', 'invalid_ip_address'); $_SERVER['HTTP_CLIENT_IP'] = 'invalid_ip_address'; $this->assertEquals('127.0.0.1', $this->input->ip_address()); - $this->input->ip_address = FALSE; + $reflection->setValue($this->input, FALSE); $this->ci_set_config('proxy_ips', 'http://foo/bar/baz, 127.0.0.1/1'); $_SERVER['HTTP_CLIENT_IP'] = '127.0.0.1'; $this->assertEquals('127.0.0.1', $this->input->ip_address()); - $this->input->ip_address = FALSE; + $reflection->setValue($this->input, FALSE); $this->ci_set_config('proxy_ips', 'http://foo/bar/baz, 127.0.0.2'); $_SERVER['HTTP_CLIENT_IP'] = '127.0.0.2'; $_SERVER['REMOTE_ADDR'] = '127.0.0.2'; $this->assertEquals('127.0.0.2', $this->input->ip_address()); - //IPv6 - $this->input->ip_address = FALSE; + // IPv6 + $reflection->setValue($this->input, FALSE); $this->ci_set_config('proxy_ips', 'FE80:0000:0000:0000:0202:B3FF:FE1E:8329/1, FE80:0000:0000:0000:0202:B3FF:FE1E:8300/2'); $_SERVER['HTTP_CLIENT_IP'] = 'FE80:0000:0000:0000:0202:B3FF:FE1E:8300'; $_SERVER['REMOTE_ADDR'] = 'FE80:0000:0000:0000:0202:B3FF:FE1E:8329'; $this->assertEquals('FE80:0000:0000:0000:0202:B3FF:FE1E:8300', $this->input->ip_address()); - $this->input->ip_address = FALSE; + $reflection->setValue($this->input, FALSE); + $this->ci_set_config('proxy_ips', '0::/32'); + $_SERVER['HTTP_CLIENT_IP'] = '127.0.0.7'; + $_SERVER['REMOTE_ADDR'] = '0000:0000:0000:0000:0000:0000:0000:0001'; + $this->assertEquals('127.0.0.7', $this->input->ip_address()); + + $reflection->setValue($this->input, FALSE); $_SERVER['REMOTE_ADDR'] = '127.0.0.1'; // back to reality } diff --git a/tests/codeigniter/core/Lang_test.php b/tests/codeigniter/core/Lang_test.php index d2dd7598a..4958f42e1 100644 --- a/tests/codeigniter/core/Lang_test.php +++ b/tests/codeigniter/core/Lang_test.php @@ -34,11 +34,6 @@ class Lang_test extends CI_TestCase { $this->assertTrue($this->lang->load('email', 'german')); $this->assertEquals('german', $this->lang->is_loaded['email_lang.php']); - // Non-alpha idiom (should act the same as unspecified language) - $this->ci_vfs_clone('system/language/english/number_lang.php'); - $this->assertTrue($this->lang->load('number')); - $this->assertEquals('Bytes', $this->lang->language['bytes']); - // Non-existent file $this->setExpectedException( 'RuntimeException', @@ -49,6 +44,23 @@ class Lang_test extends CI_TestCase { // -------------------------------------------------------------------- + public function test_non_alpha_idiom() + { + // Non-alpha idiom (should act the same as unspecified language) + // test with existing file + $this->ci_vfs_clone('system/language/english/number_lang.php'); + $this->ci_vfs_clone('system/language/english/number_lang.php', 'system/language/123funny/'); + $this->assertTrue($this->lang->load('number', '123funny')); + $this->assertEquals('Bytes', $this->lang->language['bytes']); + + // test without existing file + $this->ci_vfs_clone('system/language/english/email_lang.php'); + $this->assertTrue($this->lang->load('email', '456funny')); + $this->assertEquals('You did not specify a SMTP hostname.', $this->lang->language['email_no_hostname']); + } + + // -------------------------------------------------------------------- + public function test_multiple_file_load() { // Multiple files diff --git a/tests/codeigniter/core/Loader_test.php b/tests/codeigniter/core/Loader_test.php index 889ab92e4..241c415b3 100644 --- a/tests/codeigniter/core/Loader_test.php +++ b/tests/codeigniter/core/Loader_test.php @@ -48,11 +48,9 @@ class Loader_test extends CI_TestCase { // Test a string given to params $this->assertInstanceOf('CI_Loader', $this->load->library($lib, ' ')); - // Create library w/o class - $lib = 'bad_test_lib'; - $this->ci_vfs_create($lib, '', $this->ci_base_root, 'libraries'); + // test non existent lib + $lib = 'non_existent_test_lib'; - // Test non-existent class $this->setExpectedException( 'RuntimeException', 'CI Error: Unable to load the requested class: '.ucfirst($lib) @@ -62,6 +60,19 @@ class Loader_test extends CI_TestCase { // -------------------------------------------------------------------- + public function test_bad_library() + { + $lib = 'bad_test_lib'; + $this->ci_vfs_create(ucfirst($lib), '', $this->ci_app_root, 'libraries'); + $this->setExpectedException( + 'RuntimeException', + 'CI Error: Non-existent class: '.ucfirst($lib) + ); + $this->assertInstanceOf('CI_Loader', $this->load->library($lib)); + } + + // -------------------------------------------------------------------- + public function test_library_extension() { // Create library and extension in VFS @@ -131,6 +142,16 @@ class Loader_test extends CI_TestCase { // Test is_loaded $this->assertEquals($obj, $this->load->is_loaded(ucfirst($lib))); + + // Test to load another class with the same object name + $lib = 'another_test_lib'; + $class = ucfirst($lib); + $this->ci_vfs_create(ucfirst($lib), '<?php class '.$class.' { }', $this->ci_app_root, 'libraries'); + $this->setExpectedException( + 'RuntimeException', + "CI Error: Resource '".$obj."' already exists and is not a ".$class." instance." + ); + $this->load->library($lib, NULL, $obj); } // -------------------------------------------------------------------- @@ -270,12 +291,14 @@ class Loader_test extends CI_TestCase { $this->assertEquals($content.$value, $out); // Mock output class - $output = $this->getMock('CI_Output', array('append_output')); + $output = $this->getMockBuilder('CI_Output')->setMethods(array('append_output'))->getMock(); $output->expects($this->once())->method('append_output')->with($content.$value); $this->ci_instance_var('output', $output); - // Test view output - $this->assertInstanceOf('CI_Loader', $this->load->view($view, array($var => $value))); + // Test view output and $vars as an object + $vars = new stdClass(); + $vars->$var = $value; + $this->assertInstanceOf('CI_Loader', $this->load->view($view, $vars)); } // -------------------------------------------------------------------- @@ -420,7 +443,7 @@ class Loader_test extends CI_TestCase { { // Mock lang class and test load call $file = 'test'; - $lang = $this->getMock('CI_Lang', array('load')); + $lang = $this->getMockBuilder('CI_Lang')->setMethods(array('load'))->getMock(); $lang->expects($this->once())->method('load')->with($file); $this->ci_instance_var('lang', $lang); $this->assertInstanceOf('CI_Loader', $this->load->language($file)); diff --git a/tests/codeigniter/core/Log_test.php b/tests/codeigniter/core/Log_test.php new file mode 100644 index 000000000..d5a6fcb6b --- /dev/null +++ b/tests/codeigniter/core/Log_test.php @@ -0,0 +1,63 @@ +<?php +class Log_test extends CI_TestCase { + + public function test_configuration() + { + $path = new ReflectionProperty('CI_Log', '_log_path'); + $path->setAccessible(TRUE); + $threshold = new ReflectionProperty('CI_Log', '_threshold'); + $threshold->setAccessible(TRUE); + $date_fmt = new ReflectionProperty('CI_Log', '_date_fmt'); + $date_fmt->setAccessible(TRUE); + $file_ext = new ReflectionProperty('CI_Log', '_file_ext'); + $file_ext->setAccessible(TRUE); + $file_perms = new ReflectionProperty('CI_Log', '_file_permissions'); + $file_perms->setAccessible(TRUE); + $enabled = new ReflectionProperty('CI_Log', '_enabled'); + $enabled->setAccessible(TRUE); + + $this->ci_set_config('log_path', '/root/'); + $this->ci_set_config('log_threshold', 'z'); + $this->ci_set_config('log_date_format', 'd.m.Y'); + $this->ci_set_config('log_file_extension', ''); + $this->ci_set_config('log_file_permissions', ''); + $instance = new CI_Log(); + + $this->assertEquals($path->getValue($instance), '/root/'); + $this->assertEquals($threshold->getValue($instance), 1); + $this->assertEquals($date_fmt->getValue($instance), 'd.m.Y'); + $this->assertEquals($file_ext->getValue($instance), 'php'); + $this->assertEquals($file_perms->getValue($instance), 0644); + $this->assertEquals($enabled->getValue($instance), FALSE); + + $this->ci_set_config('log_path', ''); + $this->ci_set_config('log_threshold', '0'); + $this->ci_set_config('log_date_format', ''); + $this->ci_set_config('log_file_extension', '.log'); + $this->ci_set_config('log_file_permissions', 0600); + $instance = new CI_Log(); + + $this->assertEquals($path->getValue($instance), APPPATH.'logs/'); + $this->assertEquals($threshold->getValue($instance), 0); + $this->assertEquals($date_fmt->getValue($instance), 'Y-m-d H:i:s'); + $this->assertEquals($file_ext->getValue($instance), 'log'); + $this->assertEquals($file_perms->getValue($instance), 0600); + $this->assertEquals($enabled->getValue($instance), TRUE); + } + + // -------------------------------------------------------------------- + + public function test_format_line() + { + $this->ci_set_config('log_path', ''); + $this->ci_set_config('log_threshold', 0); + $instance = new CI_Log(); + + $format_line = new ReflectionMethod($instance, '_format_line'); + $format_line->setAccessible(TRUE); + $this->assertEquals( + $format_line->invoke($instance, 'LEVEL', 'Timestamp', 'Message'), + "LEVEL - Timestamp --> Message\n" + ); + } +}
\ No newline at end of file diff --git a/tests/codeigniter/core/Security_test.php b/tests/codeigniter/core/Security_test.php index bab76dffb..4dd31f4b1 100644 --- a/tests/codeigniter/core/Security_test.php +++ b/tests/codeigniter/core/Security_test.php @@ -12,7 +12,8 @@ class Security_test extends CI_TestCase { $this->ci_set_config('csrf_token_name', 'ci_csrf_token'); $this->ci_set_config('csrf_cookie_name', 'ci_csrf_cookie'); - $this->security = new Mock_Core_Security(); + $_SERVER['REQUEST_METHOD'] = 'GET'; + $this->security = new Mock_Core_Security('UTF-8'); } // -------------------------------------------------------------------- @@ -96,7 +97,7 @@ class Security_test extends CI_TestCase { $xss_clean_return = $this->security->xss_clean($harm_string, TRUE); - $this->assertTrue($xss_clean_return); +// $this->assertTrue($xss_clean_return); } // -------------------------------------------------------------------- @@ -115,7 +116,18 @@ class Security_test extends CI_TestCase { public function test_xss_clean_entity_double_encoded() { $input = '<a href="&#106&#97&#118&#97&#115&#99&#114&#105&#112&#116&#58&#99&#111&#110&#102&#105&#114&#109&#40&#49&#41">Clickhere</a>'; - $this->assertEquals('<a >Clickhere</a>', $this->security->xss_clean($input)); + $this->assertEquals('<a>Clickhere</a>', $this->security->xss_clean($input)); + } + + // -------------------------------------------------------------------- + + public function text_xss_clean_js_link_removal() + { + // This one is to prevent a false positive + $this->assertEquals( + "<a href=\"javascrip\n<t\n:alert\n(1)\"\n>", + $this->security->xss_clean("<a href=\"javascrip\n<t\n:alert\n(1)\"\n>") + ); } // -------------------------------------------------------------------- @@ -123,29 +135,113 @@ class Security_test extends CI_TestCase { public function test_xss_clean_js_img_removal() { $input = '<img src="&#106&#97&#118&#97&#115&#99&#114&#105&#112&#116&#58&#99&#111&#110&#102&#105&#114&#109&#40&#49&#41">Clickhere'; - $this->assertEquals('<img >', $this->security->xss_clean($input)); + $this->assertEquals('<img>', $this->security->xss_clean($input)); } // -------------------------------------------------------------------- - public function test_xss_clean_sanitize_naughty_html() + public function test_xss_clean_sanitize_naughty_html_tags() { - $input = '<blink>'; - $this->assertEquals('<blink>', $this->security->xss_clean($input)); + $this->assertEquals('<unclosedTag', $this->security->xss_clean('<unclosedTag')); + $this->assertEquals('<blink>', $this->security->xss_clean('<blink>')); + $this->assertEquals('<fubar>', $this->security->xss_clean('<fubar>')); + + $this->assertEquals( + '<img svg=""> src="x">', + $this->security->xss_clean('<img <svg=""> src="x">') + ); + + $this->assertEquals( + '<img src="b on=">on=">"x onerror="alert(1)">', + $this->security->xss_clean('<img src="b on="<x">on=">"x onerror="alert(1)">') + ); + + $this->assertEquals( + "\n><!-\n<b d=\"'e><iframe onload=alert(1) src=x>\n<a HREF=\">\n", + $this->security->xss_clean("\n><!-\n<b\n<c d=\"'e><iframe onload=alert(1) src=x>\n<a HREF=\"\">\n") + ); } // -------------------------------------------------------------------- - public function test_remove_evil_attributes() + public function test_xss_clean_sanitize_naughty_html_attributes() { - $this->assertEquals('<foo [removed]>', $this->security->remove_evil_attributes('<foo onAttribute="bar">', FALSE)); - $this->assertEquals('<foo [removed]>', $this->security->remove_evil_attributes('<foo onAttributeNoQuotes=bar>', FALSE)); - $this->assertEquals('<foo [removed]>', $this->security->remove_evil_attributes('<foo onAttributeWithSpaces = bar>', FALSE)); - $this->assertEquals('<foo prefixOnAttribute="bar">', $this->security->remove_evil_attributes('<foo prefixOnAttribute="bar">', FALSE)); - $this->assertEquals('<foo>onOutsideOfTag=test</foo>', $this->security->remove_evil_attributes('<foo>onOutsideOfTag=test</foo>', FALSE)); - $this->assertEquals('onNoTagAtAll = true', $this->security->remove_evil_attributes('onNoTagAtAll = true', FALSE)); - $this->assertEquals('<foo [removed]>', $this->security->remove_evil_attributes('<foo fscommand=case-insensitive>', FALSE)); - $this->assertEquals('<foo [removed]>', $this->security->remove_evil_attributes('<foo seekSegmentTime=whatever>', FALSE)); + $this->assertEquals('<foo xss=removed>', $this->security->xss_clean('<foo onAttribute="bar">')); + $this->assertEquals('<foo xss=removed>', $this->security->xss_clean('<foo onAttributeNoQuotes=bar>')); + $this->assertEquals('<foo xss=removed>', $this->security->xss_clean('<foo onAttributeWithSpaces = bar>')); + $this->assertEquals('<foo prefixOnAttribute="bar">', $this->security->xss_clean('<foo prefixOnAttribute="bar">')); + $this->assertEquals('<foo>onOutsideOfTag=test</foo>', $this->security->xss_clean('<foo>onOutsideOfTag=test</foo>')); + $this->assertEquals('onNoTagAtAll = true', $this->security->xss_clean('onNoTagAtAll = true')); + $this->assertEquals('<foo xss=removed>', $this->security->xss_clean('<foo fscommand=case-insensitive>')); + $this->assertEquals('<foo xss=removed>', $this->security->xss_clean('<foo seekSegmentTime=whatever>')); + + $this->assertEquals( + '<foo bar=">" baz=\'>\' xss=removed>', + $this->security->xss_clean('<foo bar=">" baz=\'>\' onAfterGreaterThan="quotes">') + ); + $this->assertEquals( + '<foo bar=">" baz=\'>\' xss=removed>', + $this->security->xss_clean('<foo bar=">" baz=\'>\' onAfterGreaterThan=noQuotes>') + ); + + $this->assertEquals( + '<img src="x" on=""> on=<svg> onerror=alert(1)>', + $this->security->xss_clean('<img src="x" on=""> on=<svg> onerror=alert(1)>') + ); + + $this->assertEquals( + '<img src="on=\'">"<svg> onerror=alert(1) onmouseover=alert(1)>', + $this->security->xss_clean('<img src="on=\'">"<svg> onerror=alert(1) onmouseover=alert(1)>') + ); + + $this->assertEquals( + '<img src="x"> on=\'x\' onerror=``,alert(1)>', + $this->security->xss_clean('<img src="x"> on=\'x\' onerror=``,alert(1)>') + ); + + $this->assertEquals( + '<a xss=removed>', + $this->security->xss_clean('<a< onmouseover="alert(1)">') + ); + + $this->assertEquals( + '<img src="x"> on=\'x\' onerror=,xssm()>', + $this->security->xss_clean('<img src="x"> on=\'x\' onerror=,xssm()>') + ); + + $this->assertEquals( + '<image src="<>" xss=removed>', + $this->security->xss_clean('<image src="<>" onerror=\'alert(1)\'>') + ); + + $this->assertEquals( + '<b xss=removed>', + $this->security->xss_clean('<b "=<= onmouseover=alert(1)>') + ); + + $this->assertEquals( + '<b xss=removed xss=removed>1">', + $this->security->xss_clean('<b a=<=" onmouseover="alert(1),1>1">') + ); + + $this->assertEquals( + '<b x=" onmouseover=alert(1)//">', + $this->security->xss_clean('<b "="< x=" onmouseover=alert(1)//">') + ); + } + + // -------------------------------------------------------------------- + + /** + * @depends test_xss_clean_sanitize_naughty_html_tags + * @depends test_xss_clean_sanitize_naughty_html_attributes + */ + public function test_naughty_html_plus_evil_attributes() + { + $this->assertEquals( + '<svg<img src="x" xss=removed>', + $this->security->xss_clean('<svg<img > src="x" onerror="location=/javascript/.source+/:alert/.source+/(1)/.source">') + ); } // -------------------------------------------------------------------- @@ -180,6 +276,12 @@ class Security_test extends CI_TestCase { $this->assertEquals('<div>Hello <b>Booya</b></div>', $decoded); + $this->assertEquals('colon:', $this->security->entity_decode('colon:')); + $this->assertEquals("NewLine\n", $this->security->entity_decode('NewLine
')); + $this->assertEquals("Tab\t", $this->security->entity_decode('Tab	')); + $this->assertEquals("lpar(", $this->security->entity_decode('lpar(')); + $this->assertEquals("rpar)", $this->security->entity_decode('rpar)')); + // Issue #3057 (https://github.com/bcit-ci/CodeIgniter/issues/3057) $this->assertEquals( '&foo should not include a semicolon', @@ -209,7 +311,8 @@ class Security_test extends CI_TestCase { '<img src="mdn-logo-sm.png" alt="MD Logo" srcset="mdn-logo-HD.png 2x, mdn-logo-small.png 15w, mdn-banner-HD.png 100w 2x" />', '<img sqrc="/img/sunset.gif" height="100%" width="100%">', '<img srqc="/img/sunset.gif" height="100%" width="100%">', - '<img srcq="/img/sunset.gif" height="100%" width="100%">' + '<img srcq="/img/sunset.gif" height="100%" width="100%">', + '<img src=non-quoted.attribute foo="bar">' ); $urls = array( @@ -220,7 +323,8 @@ class Security_test extends CI_TestCase { 'mdn-logo-sm.png', '<img sqrc="/img/sunset.gif" height="100%" width="100%">', '<img srqc="/img/sunset.gif" height="100%" width="100%">', - '<img srcq="/img/sunset.gif" height="100%" width="100%">' + '<img srcq="/img/sunset.gif" height="100%" width="100%">', + 'non-quoted.attribute' ); for ($i = 0; $i < count($imgtags); $i++) @@ -243,7 +347,7 @@ class Security_test extends CI_TestCase { // leave csrf_cookie_name as blank to test _csrf_set_hash function $this->ci_set_config('csrf_cookie_name', ''); - $this->security = new Mock_Core_Security(); + $this->security = new Mock_Core_Security('UTF-8'); $this->assertNotEmpty($this->security->get_csrf_hash()); } diff --git a/tests/codeigniter/core/URI_test.php b/tests/codeigniter/core/URI_test.php index 42dff3639..f862c666e 100644 --- a/tests/codeigniter/core/URI_test.php +++ b/tests/codeigniter/core/URI_test.php @@ -119,8 +119,13 @@ class URI_test extends CI_TestCase { */ // -------------------------------------------------------------------- + /** + * @runInSeparateProcess + */ public function test_filter_uri_passing() { + define('UTF8_ENABLED', FALSE); + $this->uri->_set_permitted_uri_chars('a-z 0-9~%.:_\-'); $str = 'abc01239~%.:_-'; @@ -129,8 +134,12 @@ class URI_test extends CI_TestCase { // -------------------------------------------------------------------- + /** + * @runInSeparateProcess + */ public function test_filter_uri_throws_error() { + define('UTF8_ENABLED', FALSE); $this->setExpectedException('RuntimeException'); $this->uri->config->set_item('enable_query_strings', FALSE); diff --git a/tests/codeigniter/core/Utf8_test.php b/tests/codeigniter/core/Utf8_test.php index 7e6ffd930..f40bb9848 100644 --- a/tests/codeigniter/core/Utf8_test.php +++ b/tests/codeigniter/core/Utf8_test.php @@ -1,31 +1,27 @@ <?php +/** + * @runTestsInSeparateProcesses + */ class Utf8_test extends CI_TestCase { - public function set_up() + public function test___constructUTF8_ENABLED() { - $this->ci_set_config('charset', 'UTF-8'); - $this->utf8 = new Mock_Core_Utf8(); - $this->ci_instance_var('utf8', $this->utf8); + if ( ! defined('PREG_BAD_UTF8_ERROR') OR (ICONV_ENABLED === FALSE && MB_ENABLED === FALSE)) + { + return $this->markTestSkipped('PCRE_UTF8 and/or both ext/mbstring & ext/iconv are unavailable'); + } + + new CI_Utf8('UTF-8'); + $this->assertTrue(UTF8_ENABLED); } // -------------------------------------------------------------------- - /** - * __construct() test - * - * @covers CI_Utf8::__construct - */ - public function test___construct() + public function test__constructUTF8_DISABLED() { - if (defined('PREG_BAD_UTF8_ERROR') && (ICONV_ENABLED === TRUE OR MB_ENABLED === TRUE) && strtoupper(config_item('charset')) === 'UTF-8') - { - $this->assertTrue(UTF8_ENABLED); - } - else - { - $this->assertFalse(UTF8_ENABLED); - } + new CI_Utf8('WINDOWS-1251'); + $this->assertFalse(UTF8_ENABLED); } // -------------------------------------------------------------------- @@ -37,8 +33,9 @@ class Utf8_test extends CI_TestCase { */ public function test_is_ascii() { - $this->assertTrue($this->utf8->is_ascii('foo bar')); - $this->assertFalse($this->utf8->is_ascii('теÑÑ‚')); + $utf8 = new CI_Utf8('UTF-8'); + $this->assertTrue($utf8->is_ascii('foo bar')); + $this->assertFalse($utf8->is_ascii('теÑÑ‚')); } // -------------------------------------------------------------------- @@ -51,21 +48,22 @@ class Utf8_test extends CI_TestCase { */ public function test_clean_string() { - $this->assertEquals('foo bar', $this->utf8->clean_string('foo bar')); + $utf8 = new CI_Utf8('UTF-8'); + $this->assertEquals('foo bar', $utf8->clean_string('foo bar')); $illegal_utf8 = "\xc0теÑÑ‚"; if (MB_ENABLED) { - $this->assertEquals('теÑÑ‚', $this->utf8->clean_string($illegal_utf8)); + $this->assertEquals('теÑÑ‚', $utf8->clean_string($illegal_utf8)); } elseif (ICONV_ENABLED) { // This is a known issue, iconv doesn't always work with //IGNORE - $this->assertTrue(in_array($this->utf8->clean_string($illegal_utf8), array('теÑÑ‚', ''), TRUE)); + $this->assertTrue(in_array($utf8->clean_string($illegal_utf8), array('теÑÑ‚', ''), TRUE)); } else { - $this->assertEquals($illegal_utf8, $this->utf8->clean_string($illegal_utf8)); + $this->assertEquals($illegal_utf8, $utf8->clean_string($illegal_utf8)); } } @@ -78,14 +76,15 @@ class Utf8_test extends CI_TestCase { */ public function test_convert_to_utf8() { + $utf8 = new CI_Utf8('UTF-8'); if (MB_ENABLED OR ICONV_ENABLED) { - $this->assertEquals('теÑÑ‚', $this->utf8->convert_to_utf8('òåñò', 'WINDOWS-1251')); + $this->assertEquals('теÑÑ‚', $utf8->convert_to_utf8('òåñò', 'WINDOWS-1251')); } else { - $this->assertFalse($this->utf8->convert_to_utf8('òåñò', 'WINDOWS-1251')); + $this->assertFalse($utf8->convert_to_utf8('òåñò', 'WINDOWS-1251')); } } -}
\ No newline at end of file +} diff --git a/tests/codeigniter/core/compat/password_test.php b/tests/codeigniter/core/compat/password_test.php index 8a507d14a..77f5eba4e 100644 --- a/tests/codeigniter/core/compat/password_test.php +++ b/tests/codeigniter/core/compat/password_test.php @@ -8,11 +8,6 @@ class password_test extends CI_TestCase { { return $this->markTestSkipped('ext/standard/password is available on PHP 5.5'); } - elseif ( ! is_php('5.3.7')) - { - $this->assertFalse(defined('PASSWORD_BCRYPT')); - return $this->markTestSkipped("PHP versions prior to 5.3.7 don't have the '2y' Blowfish version"); - } // defined as of HHVM 2.3.0, which is also when they introduce password_*() as well // Note: Do NOT move this after the CRYPT_BLOWFISH check elseif (defined('HHVM_VERSION')) diff --git a/tests/codeigniter/core/compat/standard_test.php b/tests/codeigniter/core/compat/standard_test.php index 4077a5c7c..54424bb9b 100644 --- a/tests/codeigniter/core/compat/standard_test.php +++ b/tests/codeigniter/core/compat/standard_test.php @@ -10,18 +10,6 @@ class standard_test extends CI_TestCase { } $this->assertTrue(function_exists('array_column')); - - if ( ! is_php('5.4')) - { - $this->assertTrue(function_exists('hex2bin')); - } - - if ( ! is_php('5.3')) - { - $this->assertTrue(function_exists('array_replace')); - $this->assertTrue(function_exists('array_replace_recursive')); - $this->assertTrue(function_exists('quoted_printable_encode')); - } } // ------------------------------------------------------------------------ @@ -337,212 +325,6 @@ class standard_test extends CI_TestCase { array_column($input, 'b', 'a') ); } - - // ------------------------------------------------------------------------ - - /** - * hex2bin() tests - * - * @depends test_bootstrap - */ - public function test_hex2bin() - { - if (is_php('5.4')) - { - return $this->markTestSkipped('hex2bin() is already available on PHP 5.4'); - } - - $this->assertEquals("\x03\x04", hex2bin("0304")); - $this->assertEquals('', hex2bin('')); - $this->assertEquals("\x01\x02\x03", hex2bin(new FooHex())); - } - - // ------------------------------------------------------------------------ - - /** - * array_replace(), array_replace_recursive() tests - * - * Borrowed from PHP's own tests - * - * @depends test_bootstrap - */ - public function test_array_replace_recursive() - { - if (is_php('5.3')) - { - return $this->markTestSkipped('array_replace() and array_replace_recursive() are already available on PHP 5.3'); - } - - $array1 = array( - 0 => 'dontclobber', - '1' => 'unclobbered', - 'test2' => 0.0, - 'test3' => array( - 'testarray2' => TRUE, - 1 => array( - 'testsubarray1' => 'dontclobber2', - 'testsubarray2' => 'dontclobber3' - ) - ) - ); - - $array2 = array( - 1 => 'clobbered', - 'test3' => array( - 'testarray2' => FALSE - ), - 'test4' => array( - 'clobbered3' => array(0, 1, 2) - ) - ); - - // array_replace() - $this->assertEquals( - array( - 0 => 'dontclobber', - 1 => 'clobbered', - 'test2' => 0.0, - 'test3' => array( - 'testarray2' => FALSE - ), - 'test4' => array( - 'clobbered3' => array(0, 1, 2) - ) - ), - array_replace($array1, $array2) - ); - - // array_replace_recursive() - $this->assertEquals( - array( - 0 => 'dontclobber', - 1 => 'clobbered', - 'test2' => 0.0, - 'test3' => array( - 'testarray2' => FALSE, - 1 => array( - 'testsubarray1' => 'dontclobber2', - 'testsubarray2' => 'dontclobber3' - ) - ), - 'test4' => array( - 'clobbered3' => array(0, 1, 2) - ) - ), - array_replace_recursive($array1, $array2) - ); - } - - // ------------------------------------------------------------------------ - - /** - * quoted_printable_encode() tests - * - * Borrowed from PHP's own tests - * - * @depends test_bootstrap - */ - public function test_quoted_printable_encode() - { - if (is_php('5.3')) - { - return $this->markTestSkipped('quoted_printable_encode() is already available on PHP 5.3'); - } - - // These are actually imap_8bit() tests: - $this->assertEquals("String with CRLF at end=20\r\n", quoted_printable_encode("String with CRLF at end \r\n")); - // ext/imap/tests/imap_8bit_basic.phpt says for this line: - // NB this appears to be a bug in cclient; a space at end of string should be encoded as =20 - $this->assertEquals("String with space at end ", quoted_printable_encode("String with space at end ")); - $this->assertEquals("String with tabs =09=09 in middle", quoted_printable_encode("String with tabs \t\t in middle")); - $this->assertEquals("String with tab at end =09", quoted_printable_encode("String with tab at end \t")); - $this->assertEquals("=00=01=02=03=04=FE=FF=0A=0D", quoted_printable_encode("\x00\x01\x02\x03\x04\xfe\xff\x0a\x0d")); - - if (function_exists('imap_8bit')) - { - return $this->markTestIncomplete('imap_8bit() exists and is called as an alias for quoted_printable_encode()'); - } - - // And these are from ext/standard/tests/strings/quoted_printable_encode_002.phpt: - $this->assertEquals( - "=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=\r\n" - ."=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=\r\n" - ."=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=\r\n" - ."=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=\r\n" - ."=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=\r\n" - ."=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=\r\n" - ."=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=\r\n" - ."=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00=00", - $d = quoted_printable_encode(str_repeat("\0", 200)) - ); - $this->assertEquals(str_repeat("\x0", 200), quoted_printable_decode($d)); - $this->assertEquals( - "=D1=81=D1=82=D1=80=D0=BE=D0=BA=D0=B0 =D0=B2 =D1=8E=D0=BD=D0=B8=D0=BA=D0=\r\n" - ."=BE=D0=B4=D0=B5=D1=81=D1=82=D1=80=D0=BE=D0=BA=D0=B0 =D0=B2 =D1=8E=D0=BD=\r\n" - ."=D0=B8=D0=BA=D0=BE=D0=B4=D0=B5=D1=81=D1=82=D1=80=D0=BE=D0=BA=D0=B0 =D0=\r\n" - ."=B2 =D1=8E=D0=BD=D0=B8=D0=BA=D0=BE=D0=B4=D0=B5=D1=81=D1=82=D1=80=D0=BE=\r\n" - ."=D0=BA=D0=B0 =D0=B2 =D1=8E=D0=BD=D0=B8=D0=BA=D0=BE=D0=B4=D0=B5=D1=81=D1=\r\n" - ."=82=D1=80=D0=BE=D0=BA=D0=B0 =D0=B2 =D1=8E=D0=BD=D0=B8=D0=BA=D0=BE=D0=B4=\r\n" - ."=D0=B5=D1=81=D1=82=D1=80=D0=BE=D0=BA=D0=B0 =D0=B2 =D1=8E=D0=BD=D0=B8=D0=\r\n" - ."=BA=D0=BE=D0=B4=D0=B5=D1=81=D1=82=D1=80=D0=BE=D0=BA=D0=B0 =D0=B2 =D1=8E=\r\n" - ."=D0=BD=D0=B8=D0=BA=D0=BE=D0=B4=D0=B5=D1=81=D1=82=D1=80=D0=BE=D0=BA=D0=B0 =\r\n" - ."=D0=B2 =D1=8E=D0=BD=D0=B8=D0=BA=D0=BE=D0=B4=D0=B5=D1=81=D1=82=D1=80=D0=\r\n" - ."=BE=D0=BA=D0=B0 =D0=B2 =D1=8E=D0=BD=D0=B8=D0=BA=D0=BE=D0=B4=D0=B5=D1=81=\r\n" - ."=D1=82=D1=80=D0=BE=D0=BA=D0=B0 =D0=B2 =D1=8E=D0=BD=D0=B8=D0=BA=D0=BE=D0=\r\n" - ."=B4=D0=B5=D1=81=D1=82=D1=80=D0=BE=D0=BA=D0=B0 =D0=B2 =D1=8E=D0=BD=D0=B8=\r\n" - ."=D0=BA=D0=BE=D0=B4=D0=B5=D1=81=D1=82=D1=80=D0=BE=D0=BA=D0=B0 =D0=B2 =D1=\r\n" - ."=8E=D0=BD=D0=B8=D0=BA=D0=BE=D0=B4=D0=B5=D1=81=D1=82=D1=80=D0=BE=D0=BA=D0=\r\n" - ."=B0 =D0=B2 =D1=8E=D0=BD=D0=B8=D0=BA=D0=BE=D0=B4=D0=B5=D1=81=D1=82=D1=80=\r\n" - ."=D0=BE=D0=BA=D0=B0 =D0=B2 =D1=8E=D0=BD=D0=B8=D0=BA=D0=BE=D0=B4=D0=B5=D1=\r\n" - ."=81=D1=82=D1=80=D0=BE=D0=BA=D0=B0 =D0=B2 =D1=8E=D0=BD=D0=B8=D0=BA=D0=BE=\r\n" - ."=D0=B4=D0=B5=D1=81=D1=82=D1=80=D0=BE=D0=BA=D0=B0 =D0=B2 =D1=8E=D0=BD=D0=\r\n" - ."=B8=D0=BA=D0=BE=D0=B4=D0=B5=D1=81=D1=82=D1=80=D0=BE=D0=BA=D0=B0 =D0=B2 =\r\n" - ."=D1=8E=D0=BD=D0=B8=D0=BA=D0=BE=D0=B4=D0=B5=D1=81=D1=82=D1=80=D0=BE=D0=BA=\r\n" - ."=D0=B0 =D0=B2 =D1=8E=D0=BD=D0=B8=D0=BA=D0=BE=D0=B4=D0=B5=D1=81=D1=82=D1=\r\n" - ."=80=D0=BE=D0=BA=D0=B0 =D0=B2 =D1=8E=D0=BD=D0=B8=D0=BA=D0=BE=D0=B4=D0=B5=\r\n" - ."=D1=81=D1=82=D1=80=D0=BE=D0=BA=D0=B0 =D0=B2 =D1=8E=D0=BD=D0=B8=D0=BA=D0=\r\n" - ."=BE=D0=B4=D0=B5=D1=81=D1=82=D1=80=D0=BE=D0=BA=D0=B0 =D0=B2 =D1=8E=D0=BD=\r\n" - ."=D0=B8=D0=BA=D0=BE=D0=B4=D0=B5=D1=81=D1=82=D1=80=D0=BE=D0=BA=D0=B0 =D0=\r\n" - ."=B2 =D1=8E=D0=BD=D0=B8=D0=BA=D0=BE=D0=B4=D0=B5=D1=81=D1=82=D1=80=D0=BE=\r\n" - ."=D0=BA=D0=B0 =D0=B2 =D1=8E=D0=BD=D0=B8=D0=BA=D0=BE=D0=B4=D0=B5=D1=81=D1=\r\n" - ."=82=D1=80=D0=BE=D0=BA=D0=B0 =D0=B2 =D1=8E=D0=BD=D0=B8=D0=BA=D0=BE=D0=B4=\r\n" - ."=D0=B5=D1=81=D1=82=D1=80=D0=BE=D0=BA=D0=B0 =D0=B2 =D1=8E=D0=BD=D0=B8=D0=\r\n" - ."=BA=D0=BE=D0=B4=D0=B5=D1=81=D1=82=D1=80=D0=BE=D0=BA=D0=B0 =D0=B2 =D1=8E=\r\n" - ."=D0=BD=D0=B8=D0=BA=D0=BE=D0=B4=D0=B5=D1=81=D1=82=D1=80=D0=BE=D0=BA=D0=B0 =\r\n" - ."=D0=B2 =D1=8E=D0=BD=D0=B8=D0=BA=D0=BE=D0=B4=D0=B5=D1=81=D1=82=D1=80=D0=\r\n" - ."=BE=D0=BA=D0=B0 =D0=B2 =D1=8E=D0=BD=D0=B8=D0=BA=D0=BE=D0=B4=D0=B5=D1=81=\r\n" - ."=D1=82=D1=80=D0=BE=D0=BA=D0=B0 =D0=B2 =D1=8E=D0=BD=D0=B8=D0=BA=D0=BE=D0=\r\n" - ."=B4=D0=B5=D1=81=D1=82=D1=80=D0=BE=D0=BA=D0=B0 =D0=B2 =D1=8E=D0=BD=D0=B8=\r\n" - ."=D0=BA=D0=BE=D0=B4=D0=B5=D1=81=D1=82=D1=80=D0=BE=D0=BA=D0=B0 =D0=B2 =D1=\r\n" - ."=8E=D0=BD=D0=B8=D0=BA=D0=BE=D0=B4=D0=B5=D1=81=D1=82=D1=80=D0=BE=D0=BA=D0=\r\n" - ."=B0 =D0=B2 =D1=8E=D0=BD=D0=B8=D0=BA=D0=BE=D0=B4=D0=B5=D1=81=D1=82=D1=80=\r\n" - ."=D0=BE=D0=BA=D0=B0 =D0=B2 =D1=8E=D0=BD=D0=B8=D0=BA=D0=BE=D0=B4=D0=B5=D1=\r\n" - ."=81=D1=82=D1=80=D0=BE=D0=BA=D0=B0 =D0=B2 =D1=8E=D0=BD=D0=B8=D0=BA=D0=BE=\r\n" - ."=D0=B4=D0=B5=D1=81=D1=82=D1=80=D0=BE=D0=BA=D0=B0 =D0=B2 =D1=8E=D0=BD=D0=\r\n" - ."=B8=D0=BA=D0=BE=D0=B4=D0=B5=D1=81=D1=82=D1=80=D0=BE=D0=BA=D0=B0 =D0=B2 =\r\n" - ."=D1=8E=D0=BD=D0=B8=D0=BA=D0=BE=D0=B4=D0=B5=D1=81=D1=82=D1=80=D0=BE=D0=BA=\r\n" - ."=D0=B0 =D0=B2 =D1=8E=D0=BD=D0=B8=D0=BA=D0=BE=D0=B4=D0=B5=D1=81=D1=82=D1=\r\n" - ."=80=D0=BE=D0=BA=D0=B0 =D0=B2 =D1=8E=D0=BD=D0=B8=D0=BA=D0=BE=D0=B4=D0=B5=\r\n" - ."=D1=81=D1=82=D1=80=D0=BE=D0=BA=D0=B0 =D0=B2 =D1=8E=D0=BD=D0=B8=D0=BA=D0=\r\n" - ."=BE=D0=B4=D0=B5=D1=81=D1=82=D1=80=D0=BE=D0=BA=D0=B0 =D0=B2 =D1=8E=D0=BD=\r\n" - ."=D0=B8=D0=BA=D0=BE=D0=B4=D0=B5=D1=81=D1=82=D1=80=D0=BE=D0=BA=D0=B0 =D0=\r\n" - ."=B2 =D1=8E=D0=BD=D0=B8=D0=BA=D0=BE=D0=B4=D0=B5=D1=81=D1=82=D1=80=D0=BE=\r\n" - ."=D0=BA=D0=B0 =D0=B2 =D1=8E=D0=BD=D0=B8=D0=BA=D0=BE=D0=B4=D0=B5=D1=81=D1=\r\n" - ."=82=D1=80=D0=BE=D0=BA=D0=B0 =D0=B2 =D1=8E=D0=BD=D0=B8=D0=BA=D0=BE=D0=B4=\r\n" - ."=D0=B5=D1=81=D1=82=D1=80=D0=BE=D0=BA=D0=B0 =D0=B2 =D1=8E=D0=BD=D0=B8=D0=\r\n" - ."=BA=D0=BE=D0=B4=D0=B5=D1=81=D1=82=D1=80=D0=BE=D0=BA=D0=B0 =D0=B2 =D1=8E=\r\n" - ."=D0=BD=D0=B8=D0=BA=D0=BE=D0=B4=D0=B5=D1=81=D1=82=D1=80=D0=BE=D0=BA=D0=B0 =\r\n" - ."=D0=B2 =D1=8E=D0=BD=D0=B8=D0=BA=D0=BE=D0=B4=D0=B5=D1=81=D1=82=D1=80=D0=\r\n" - ."=BE=D0=BA=D0=B0 =D0=B2 =D1=8E=D0=BD=D0=B8=D0=BA=D0=BE=D0=B4=D0=B5=D1=81=\r\n" - ."=D1=82=D1=80=D0=BE=D0=BA=D0=B0 =D0=B2 =D1=8E=D0=BD=D0=B8=D0=BA=D0=BE=D0=\r\n" - ."=B4=D0=B5=D1=81=D1=82=D1=80=D0=BE=D0=BA=D0=B0 =D0=B2 =D1=8E=D0=BD=D0=B8=\r\n" - ."=D0=BA=D0=BE=D0=B4=D0=B5=D1=81=D1=82=D1=80=D0=BE=D0=BA=D0=B0 =D0=B2 =D1=\r\n" - ."=8E=D0=BD=D0=B8=D0=BA=D0=BE=D0=B4=D0=B5", - $d = quoted_printable_encode(str_repeat('Ñтрока в юникоде', 50)) - ); - $this->assertEquals(str_repeat('Ñтрока в юникоде', 50), quoted_printable_decode($d)); - $this->assertEquals('this is a foo', quoted_printable_encode(new FooObject())); - } } // ------------------------------------------------------------------------ @@ -562,19 +344,3 @@ class Bar { return 'first_name'; } } - -class FooHex { - - public function __toString() - { - return '010203'; - } -} - -class FooObject -{ - public function __toString() - { - return 'this is a foo'; - } -}
\ No newline at end of file diff --git a/tests/codeigniter/database/DB_driver_test.php b/tests/codeigniter/database/DB_driver_test.php index 26416d3fc..13e9abf84 100644 --- a/tests/codeigniter/database/DB_driver_test.php +++ b/tests/codeigniter/database/DB_driver_test.php @@ -7,8 +7,6 @@ class DB_driver_test extends CI_TestCase { $config = Mock_Database_DB::config(DB_DRIVER); sscanf(DB_DRIVER, '%[^/]/', $driver_name); $driver = $this->{$driver_name}($config[DB_DRIVER]); - - $this->assertTrue($driver->initialize()); } protected function pdo($config) diff --git a/tests/codeigniter/database/query_builder/join_test.php b/tests/codeigniter/database/query_builder/join_test.php index 25bd4accb..54b2a4e18 100644 --- a/tests/codeigniter/database/query_builder/join_test.php +++ b/tests/codeigniter/database/query_builder/join_test.php @@ -37,6 +37,29 @@ class Join_test extends CI_TestCase { // ------------------------------------------------------------------------ + public function test_join_escape_is_null() + { + $expected = 'SELECT '.$this->db->escape_identifiers('field') + ."\nFROM ".$this->db->escape_identifiers('table1') + ."\nJOIN ".$this->db->escape_identifiers('table2').' ON '.$this->db->escape_identifiers('field').' IS NULL'; + + $this->assertEquals( + $expected, + $this->db->select('field')->from('table1')->join('table2', 'field IS NULL')->get_compiled_select() + ); + + $expected = 'SELECT '.$this->db->escape_identifiers('field') + ."\nFROM ".$this->db->escape_identifiers('table1') + ."\nJOIN ".$this->db->escape_identifiers('table2').' ON '.$this->db->escape_identifiers('field').' IS NOT NULL'; + + $this->assertEquals( + $expected, + $this->db->select('field')->from('table1')->join('table2', 'field IS NOT NULL')->get_compiled_select() + ); + } + + // ------------------------------------------------------------------------ + public function test_join_escape_multiple_conditions() { // We just need a valid query produced, not one that makes sense @@ -55,4 +78,24 @@ class Join_test extends CI_TestCase { $this->assertEquals($expected, $result); } + // ------------------------------------------------------------------------ + + public function test_join_escape_multiple_conditions_with_parentheses() + { + // We just need a valid query produced, not one that makes sense + $fields = array($this->db->protect_identifiers('table1.field1'), $this->db->protect_identifiers('table2.field2')); + + $expected = 'SELECT '.implode(', ', $fields) + ."\nFROM ".$this->db->escape_identifiers('table1') + ."\nRIGHT JOIN ".$this->db->escape_identifiers('table2').' ON '.implode(' = ', $fields) + .' AND ('.$fields[0]." = 'foo' OR ".$fields[1].' IS NULL)'; + + $result = $this->db->select('table1.field1, table2.field2') + ->from('table1') + ->join('table2', "table1.field1 = table2.field2 AND (table1.field1 = 'foo' OR table2.field2 IS NULL)", 'RIGHT') + ->get_compiled_select(); + + $this->assertEquals($expected, $result); + } + }
\ No newline at end of file diff --git a/tests/codeigniter/database/query_builder/where_test.php b/tests/codeigniter/database/query_builder/where_test.php index 20b7a567c..46a7fa2eb 100644 --- a/tests/codeigniter/database/query_builder/where_test.php +++ b/tests/codeigniter/database/query_builder/where_test.php @@ -123,4 +123,12 @@ class Where_test extends CI_TestCase { $this->assertEquals('Musician', $jobs[1]['name']); } + // ------------------------------------------------------------------------ + + public function test_issue4093() + { + $input = 'bar and baz or qux'; + $sql = $this->db->where('foo', $input)->get_compiled_select('dummy'); + $this->assertEquals("'".$input."'", substr($sql, -20)); + } }
\ No newline at end of file diff --git a/tests/codeigniter/helpers/cookie_helper_test.php b/tests/codeigniter/helpers/cookie_helper_test.php index fba68f20f..e984be21c 100644 --- a/tests/codeigniter/helpers/cookie_helper_test.php +++ b/tests/codeigniter/helpers/cookie_helper_test.php @@ -28,10 +28,9 @@ class Cookie_helper_test extends CI_TestCase { { $_COOKIE['foo'] = 'bar'; - $security = new Mock_Core_Security(); - $utf8 = new Mock_Core_Utf8(); + $security = new Mock_Core_Security('UTF-8'); $input_cls = $this->ci_core_class('input'); - $this->ci_instance_var('input', new Mock_Core_Input($security, $utf8)); + $this->ci_instance_var('input', new CI_Input($security)); $this->assertEquals('bar', get_cookie('foo', FALSE)); $this->assertEquals('bar', get_cookie('foo', TRUE)); @@ -56,4 +55,4 @@ class Cookie_helper_test extends CI_TestCase { $this->markTestSkipped('Need to find a way to overcome a headers already set exception'); } -}
\ No newline at end of file +} diff --git a/tests/codeigniter/helpers/date_helper_test.php b/tests/codeigniter/helpers/date_helper_test.php index c80e92cd0..8d0317dcb 100644 --- a/tests/codeigniter/helpers/date_helper_test.php +++ b/tests/codeigniter/helpers/date_helper_test.php @@ -10,12 +10,20 @@ class Date_helper_test extends CI_TestCase { // ------------------------------------------------------------------------ + public function test_nice_date() + { + $this->assertEquals('2016-11-01', nice_date('201611', 'Y-m-d')); + $this->assertEquals('2016-11-23', nice_date('20161123', 'Y-m-d')); + } + + // ------------------------------------------------------------------------ + public function test_now_local() { /* // This stub job, is simply to cater $config['time_reference'] - $config = $this->getMock('CI_Config'); + $config = $this->getMockBuilder('CI_Config')->getMock(); $config->expects($this->any()) ->method('item') ->will($this->returnValue('local')); @@ -37,7 +45,7 @@ class Date_helper_test extends CI_TestCase { /* // This stub job, is simply to cater $config['time_reference'] - $config = $this->getMock('CI_Config'); + $config = $this->getMockBuilder('CI_Config')->getMock(); $config->expects($this->any()) ->method('item') ->will($this->returnValue('UTC')); @@ -65,106 +73,6 @@ class Date_helper_test extends CI_TestCase { // ------------------------------------------------------------------------ - public function test_standard_date_rfc822() - { - $this->assertEquals( - date(DATE_RFC822, $this->time), - standard_date('DATE_RFC822', $this->time) - ); - } - - // ------------------------------------------------------------------------ - - public function test_standard_date_atom() - { - $this->assertEquals( - date(DATE_ATOM, $this->time), - standard_date('DATE_ATOM', $this->time) - ); - } - - // ------------------------------------------------------------------------ - - public function test_standard_date_cookie() - { - $this->assertEquals( - date(DATE_COOKIE, $this->time), - standard_date('DATE_COOKIE', $this->time) - ); - } - - // ------------------------------------------------------------------------ - - public function test_standard_date_iso8601() - { - $this->assertEquals( - date(DATE_ISO8601, $this->time), - standard_date('DATE_ISO8601', $this->time) - ); - } - - // ------------------------------------------------------------------------ - - public function test_standard_date_rfc850() - { - $this->assertEquals( - date(DATE_RFC850, $this->time), - standard_date('DATE_RFC850', $this->time) - ); - } - - // ------------------------------------------------------------------------ - - public function test_standard_date_rfc1036() - { - $this->assertEquals( - date(DATE_RFC1036, $this->time), - standard_date('DATE_RFC1036', $this->time) - ); - } - - // ------------------------------------------------------------------------ - - public function test_standard_date_rfc1123() - { - $this->assertEquals( - date(DATE_RFC1123, $this->time), - standard_date('DATE_RFC1123', $this->time) - ); - } - - // ------------------------------------------------------------------------ - - public function test_standard_date_rfc2822() - { - $this->assertEquals( - date(DATE_RFC2822, $this->time), - standard_date('DATE_RFC2822', $this->time) - ); - } - - // ------------------------------------------------------------------------ - - public function test_standard_date_rss() - { - $this->assertEquals( - date(DATE_RSS, $this->time), - standard_date('DATE_RSS', $this->time) - ); - } - - // ------------------------------------------------------------------------ - - public function test_standard_date_w3c() - { - $this->assertEquals( - date(DATE_W3C, $this->time), - standard_date('DATE_W3C', $this->time) - ); - } - - // ------------------------------------------------------------------------ - public function test_timespan() { $this->ci_vfs_clone('system/language/english/date_lang.php'); @@ -288,7 +196,7 @@ class Date_helper_test extends CI_TestCase { } $this->assertArrayHasKey('UP3', timezones()); - $this->assertEquals(0, timezones('non_existant')); + $this->assertEquals(0, timezones('non_existent')); } // ------------------------------------------------------------------------ diff --git a/tests/codeigniter/helpers/email_helper_test.php b/tests/codeigniter/helpers/email_helper_test.php deleted file mode 100644 index 529e96910..000000000 --- a/tests/codeigniter/helpers/email_helper_test.php +++ /dev/null @@ -1,24 +0,0 @@ -<?php - -class Email_helper_test extends CI_TestCase { - - public function set_up() - { - $this->helper('email'); - } - - public function test_valid_email() - { - $this->assertEquals(FALSE, valid_email('test')); - $this->assertEquals(FALSE, valid_email('test@test@test.com')); - $this->assertEquals(TRUE, valid_email('test@test.com')); - $this->assertEquals(TRUE, valid_email('my.test@test.com')); - $this->assertEquals(TRUE, valid_email('my.test@subdomain.test.com')); - } - - public function test_send_mail() - { - $this->markTestSkipped("Can't test"); - } - -}
\ No newline at end of file diff --git a/tests/codeigniter/helpers/file_helper_test.php b/tests/codeigniter/helpers/file_helper_test.php index c31817595..5ed8cb5c0 100644 --- a/tests/codeigniter/helpers/file_helper_test.php +++ b/tests/codeigniter/helpers/file_helper_test.php @@ -14,19 +14,6 @@ class File_helper_Test extends CI_TestCase { // -------------------------------------------------------------------- - public function test_read_file() - { - $this->assertFalse(read_file('does_not_exist')); - - $content = 'Jack and Jill went up the mountain to fight a billy goat.'; - - $file = vfsStream::newFile('my_file.txt')->withContent($content)->at($this->_test_dir); - - $this->assertEquals($content, read_file(vfsStream::url('my_file.txt'))); - } - - // -------------------------------------------------------------------- - public function test_octal_permissions() { $content = 'Jack and Jill went up the mountain to fight a billy goat.'; @@ -144,4 +131,4 @@ class File_helper_Test extends CI_TestCase { $this->assertTrue(write_file(vfsStream::url('write.txt'), $content)); } -}
\ No newline at end of file +} diff --git a/tests/codeigniter/helpers/form_helper_test.php b/tests/codeigniter/helpers/form_helper_test.php index b5fe99b96..4ecfaa5f7 100644 --- a/tests/codeigniter/helpers/form_helper_test.php +++ b/tests/codeigniter/helpers/form_helper_test.php @@ -271,20 +271,4 @@ EOH; $this->assertEquals($expected, form_close('</div></div>')); } - - // ------------------------------------------------------------------------ - - public function test_form_prep() - { - $this->assertEquals( - 'Here is a string containing "quoted" text.', - form_prep('Here is a string containing "quoted" text.') - ); - - $this->assertEquals( - 'Here is a string containing a <tag>.', - form_prep('Here is a string containing a <tag>.', TRUE) - ); - } - } diff --git a/tests/codeigniter/helpers/html_helper_test.php b/tests/codeigniter/helpers/html_helper_test.php index d66ad895c..5565e011b 100644 --- a/tests/codeigniter/helpers/html_helper_test.php +++ b/tests/codeigniter/helpers/html_helper_test.php @@ -9,13 +9,6 @@ class Html_helper_test extends CI_TestCase { // ------------------------------------------------------------------------ - public function test_br() - { - $this->assertEquals('<br /><br />', br(2)); - } - - // ------------------------------------------------------------------------ - public function test_heading() { $this->assertEquals('<h1>foobar</h1>', heading('foobar')); @@ -72,21 +65,26 @@ EOH; // ------------------------------------------------------------------------ - public function test_NBS() - { - $this->assertEquals(' ', nbs(3)); - } - - // ------------------------------------------------------------------------ - public function test_meta() { - $this->assertEquals("<meta name=\"test\" content=\"foo\" />\n", meta('test', 'foo')); - - $expect = "<meta name=\"foo\" content=\"\" />\n"; - - $this->assertEquals($expect, meta(array('name' => 'foo'))); - + $this->assertEquals( + "<meta name=\"test\" content=\"foo\" />\n", + meta('test', 'foo') + ); + + $this->assertEquals( + "<meta name=\"foo\" content=\"\" />\n", + meta(array('name' => 'foo')) + ); + + $this->assertEquals( + "<meta charset=\"foo\" />\n", + meta(array('name' => 'foo', 'type' => 'charset')) + ); + + $this->assertEquals( + "<meta charset=\"foo\" />\n", + meta(array('name' => 'foo', 'type' => 'charset')) + ); } - -}
\ No newline at end of file +} diff --git a/tests/codeigniter/helpers/inflector_helper_test.php b/tests/codeigniter/helpers/inflector_helper_test.php index 81ce5e394..4a1e64fae 100644 --- a/tests/codeigniter/helpers/inflector_helper_test.php +++ b/tests/codeigniter/helpers/inflector_helper_test.php @@ -93,4 +93,23 @@ class Inflector_helper_test extends CI_TestCase { } } + // -------------------------------------------------------------------- + + public function test_ordinal_format() + { + $strs = array( + 1 => '1st', + 2 => '2nd', + 4 => '4th', + 11 => '11th', + 12 => '12th', + 13 => '13th', + 'something else' => 'something else', + ); + + foreach ($strs as $str => $expect) + { + $this->assertEquals($expect, ordinal_format($str)); + } + } }
\ No newline at end of file diff --git a/tests/codeigniter/helpers/language_helper_test.php b/tests/codeigniter/helpers/language_helper_test.php index 176da689a..1ddabea3d 100644 --- a/tests/codeigniter/helpers/language_helper_test.php +++ b/tests/codeigniter/helpers/language_helper_test.php @@ -5,7 +5,7 @@ class Language_helper_test extends CI_TestCase { public function test_lang() { $this->helper('language'); - $lang = $this->getMock('CI_Lang', array('line')); + $lang = $this->getMockBuilder('CI_Lang')->setMethods(array('line'))->getMock(); $lang->expects($this->any())->method('line')->will($this->returnValue(FALSE)); $this->ci_instance_var('lang', $lang); @@ -13,4 +13,4 @@ class Language_helper_test extends CI_TestCase { $this->assertEquals('<label for="foo" class="bar"></label>', lang(1, 'foo', array('class' => 'bar'))); } -}
\ No newline at end of file +} diff --git a/tests/codeigniter/helpers/number_helper_test.php b/tests/codeigniter/helpers/number_helper_test.php index 817db2c7e..663e354fe 100644 --- a/tests/codeigniter/helpers/number_helper_test.php +++ b/tests/codeigniter/helpers/number_helper_test.php @@ -11,7 +11,7 @@ class Number_helper_test extends CI_TestCase { // Mock away load, too much going on in there, // we'll just check for the expected parameter - $lang = $this->getMock($lang_cls, array('load')); + $lang = $this->getMockBuilder('CI_Lang')->setMethods(array('load'))->getMock(); $lang->expects($this->once()) ->method('load') ->with($this->equalTo('number')); @@ -60,4 +60,4 @@ class Number_helper_test extends CI_TestCase { $this->assertEquals('112,283.3 TB', byte_format(123456789123456789)); } -}
\ No newline at end of file +} diff --git a/tests/codeigniter/helpers/security_helper_test.php b/tests/codeigniter/helpers/security_helper_test.php index effd3ec02..d7e3f4734 100644 --- a/tests/codeigniter/helpers/security_helper_test.php +++ b/tests/codeigniter/helpers/security_helper_test.php @@ -6,7 +6,7 @@ class Security_helper_tests extends CI_TestCase { { $this->helper('security'); $obj = new stdClass; - $obj->security = new Mock_Core_Security(); + $obj->security = new Mock_Core_Security('UTF-8'); $this->ci_instance($obj); } @@ -25,30 +25,6 @@ class Security_helper_tests extends CI_TestCase { $this->assertEquals('foo', sanitize_filename($filename)); } - function test_do_hash() - { - $md5 = md5('foo'); - $sha1 = sha1('foo'); - - $algos = hash_algos(); - $algo_results = array(); - foreach ($algos as $k => $v) - { - $algo_results[$v] = hash($v, 'foo'); - } - - $this->assertEquals($sha1, do_hash('foo')); - $this->assertEquals($sha1, do_hash('foo', 'sha1')); - $this->assertEquals($md5, do_hash('foo', 'md5')); - $this->assertEquals($md5, do_hash('foo', 'foobar')); - - // Test each algorithm available to PHP - foreach ($algo_results as $algo => $result) - { - $this->assertEquals($result, do_hash('foo', $algo)); - } - } - function test_strip_image_tags() { $this->assertEquals('http://example.com/spacer.gif', strip_image_tags('http://example.com/spacer.gif')); @@ -61,4 +37,4 @@ class Security_helper_tests extends CI_TestCase { $this->assertEquals('<? echo $foo; ?>', encode_php_tags('<? echo $foo; ?>')); } -}
\ No newline at end of file +} diff --git a/tests/codeigniter/helpers/string_helper_test.php b/tests/codeigniter/helpers/string_helper_test.php index 75701ec13..6de336b01 100644 --- a/tests/codeigniter/helpers/string_helper_test.php +++ b/tests/codeigniter/helpers/string_helper_test.php @@ -22,19 +22,6 @@ class String_helper_test extends CI_TestCase { $this->assertEquals($expected, strip_slashes($str)); } - public function test_trim_slashes() - { - $strs = array( - '//Slashes//\/' => 'Slashes//\\', - '/var/www/html/' => 'var/www/html' - ); - - foreach ($strs as $str => $expect) - { - $this->assertEquals($expect, trim_slashes($str)); - } - } - // -------------------------------------------------------------------- public function test_strip_quotes() @@ -108,23 +95,6 @@ class String_helper_test extends CI_TestCase { // -------------------------------------------------------------------- - public function test_repeater() - { - $strs = array( - 'a' => 'aaaaaaaaaa', - ' ' => ' ', - '<br>' => '<br><br><br><br><br><br><br><br><br><br>' - - ); - - foreach ($strs as $str => $expect) - { - $this->assertEquals($expect, repeater($str, 10)); - } - } - - // -------------------------------------------------------------------- - public function test_random_string() { $this->assertEquals(16, strlen(random_string('alnum', 16))); @@ -145,4 +115,4 @@ class String_helper_test extends CI_TestCase { $this->assertEquals(124, increment_string('123', '')); } -}
\ No newline at end of file +} diff --git a/tests/codeigniter/helpers/text_helper_test.php b/tests/codeigniter/helpers/text_helper_test.php index 7a7dc0a12..36465f203 100644 --- a/tests/codeigniter/helpers/text_helper_test.php +++ b/tests/codeigniter/helpers/text_helper_test.php @@ -2,21 +2,19 @@ class Text_helper_test extends CI_TestCase { - private $_long_string; - public function set_up() { $this->helper('text'); - - $this->_long_string = 'Once upon a time, a framework had no tests. It sad. So some nice people began to write tests. The more time that went on, the happier it became. Everyone was happy.'; } // ------------------------------------------------------------------------ public function test_word_limiter() { - $this->assertEquals('Once upon a time,…', word_limiter($this->_long_string, 4)); - $this->assertEquals('Once upon a time,…', word_limiter($this->_long_string, 4, '…')); + $long_string = 'Once upon a time, a framework had no tests. It sad. So some nice people began to write tests. The more time that went on, the happier it became. Everyone was happy.'; + + $this->assertEquals('Once upon a time,…', word_limiter($long_string, 4)); + $this->assertEquals('Once upon a time,…', word_limiter($long_string, 4, '…')); $this->assertEquals('', word_limiter('', 4)); } @@ -24,8 +22,10 @@ class Text_helper_test extends CI_TestCase { public function test_character_limiter() { - $this->assertEquals('Once upon a time, a…', character_limiter($this->_long_string, 20)); - $this->assertEquals('Once upon a time, a…', character_limiter($this->_long_string, 20, '…')); + $long_string = 'Once upon a time, a framework had no tests. It sad. So some nice people began to write tests. The more time that went on, the happier it became. Everyone was happy.'; + + $this->assertEquals('Once upon a time, a…', character_limiter($long_string, 20)); + $this->assertEquals('Once upon a time, a…', character_limiter($long_string, 20, '…')); $this->assertEquals('Short', character_limiter('Short', 20)); $this->assertEquals('Short', character_limiter('Short', 5)); } @@ -103,8 +103,13 @@ class Text_helper_test extends CI_TestCase { // ------------------------------------------------------------------------ + /** + * @runInSeparateProcess + */ public function test_highlight_phrase() { + define('UTF8_ENABLED', FALSE); + $strs = array( 'this is a phrase' => '<mark>this is</mark> a phrase', 'this is another' => '<mark>this is</mark> another', @@ -171,4 +176,4 @@ class Text_helper_test extends CI_TestCase { $this->assertEquals(strpos(word_wrap($string), "\n"), 73); } -}
\ No newline at end of file +} diff --git a/tests/codeigniter/helpers/url_helper_test.php b/tests/codeigniter/helpers/url_helper_test.php index 24823a634..c5b0f80b7 100644 --- a/tests/codeigniter/helpers/url_helper_test.php +++ b/tests/codeigniter/helpers/url_helper_test.php @@ -7,8 +7,13 @@ class Url_helper_test extends CI_TestCase { $this->helper('url'); } + /** + * @runInSeparateProcess + */ public function test_url_title() { + define('UTF8_ENABLED', FALSE); + $words = array( 'foo bar /' => 'foo-bar', '\ testing 12' => 'testing-12' @@ -22,8 +27,13 @@ class Url_helper_test extends CI_TestCase { // -------------------------------------------------------------------- + /** + * @runInSeparateProcess + */ public function test_url_title_extra_dashes() { + define('UTF8_ENABLED', FALSE); + $words = array( '_foo bar_' => 'foo_bar', '_What\'s wrong with CSS?_' => 'Whats_wrong_with_CSS' @@ -76,4 +86,4 @@ class Url_helper_test extends CI_TestCase { } } -}
\ No newline at end of file +} diff --git a/tests/codeigniter/libraries/Calendar_test.php b/tests/codeigniter/libraries/Calendar_test.php index 54879fec9..ad1f45e8c 100644 --- a/tests/codeigniter/libraries/Calendar_test.php +++ b/tests/codeigniter/libraries/Calendar_test.php @@ -5,9 +5,9 @@ class Calendar_test extends CI_TestCase { public function set_up() { // Required for get_total_days() - $this->ci_instance_var('load', $this->getMock('CI_Loader', array('helper'))); + $this->ci_instance_var('load', $this->getMockBuilder('CI_Loader')->setMethods(array('helper'))->getMock()); - $lang = $this->getMock('CI_Lang', array('load', 'line')); + $lang = $this->getMockBuilder('CI_Lang')->setMethods(array('load', 'line'))->getMock(); $lang->expects($this->any())->method('line')->will($this->returnValue(FALSE)); $this->ci_instance_var('lang', $lang); @@ -219,4 +219,4 @@ class Calendar_test extends CI_TestCase { $this->assertEquals($array, $this->calendar->default_template()); } -}
\ No newline at end of file +} diff --git a/tests/codeigniter/libraries/Driver_test.php b/tests/codeigniter/libraries/Driver_test.php index c62cbee45..e4401e688 100644 --- a/tests/codeigniter/libraries/Driver_test.php +++ b/tests/codeigniter/libraries/Driver_test.php @@ -16,7 +16,7 @@ class Driver_test extends CI_TestCase { // Mock Loader->get_package_paths $paths = 'get_package_paths'; - $ldr = $this->getMock('CI_Loader', array($paths)); + $ldr = $this->getMockBuilder('CI_Loader')->setMethods(array($paths))->getMock(); $ldr->expects($this->any())->method($paths)->will($this->returnValue(array(APPPATH, BASEPATH))); $this->ci_instance_var('load', $ldr); @@ -175,4 +175,4 @@ class Driver_test extends CI_TestCase { $this->assertEquals($return, $child->$method()); } -}
\ No newline at end of file +} diff --git a/tests/codeigniter/libraries/Encrypt_test.php b/tests/codeigniter/libraries/Encrypt_test.php index ced763301..adbca31b2 100644 --- a/tests/codeigniter/libraries/Encrypt_test.php +++ b/tests/codeigniter/libraries/Encrypt_test.php @@ -10,6 +10,10 @@ class Encrypt_test extends CI_TestCase { { return; } + elseif (version_compare(PHP_VERSION, '7.1.0-alpha', '>=')) + { + return $this->markTestSkipped('ext/mcrypt is deprecated since PHP 7.1 and will generate notices here.'); + } $this->encrypt = new Mock_Libraries_Encrypt(); $this->ci_instance_var('encrypt', $this->encrypt); @@ -72,4 +76,4 @@ class Encrypt_test extends CI_TestCase { $this->assertEquals('cfb', $this->encrypt->get_mode()); } -}
\ No newline at end of file +} diff --git a/tests/codeigniter/libraries/Encryption_test.php b/tests/codeigniter/libraries/Encryption_test.php index cbcae3133..96e52ada8 100644 --- a/tests/codeigniter/libraries/Encryption_test.php +++ b/tests/codeigniter/libraries/Encryption_test.php @@ -240,6 +240,10 @@ class Encryption_test extends CI_TestCase { { return $this->markTestSkipped('Cannot test MCrypt because it is not available.'); } + elseif (version_compare(PHP_VERSION, '7.1.0-alpha', '>=')) + { + return $this->markTestSkipped('ext/mcrypt is deprecated since PHP 7.1 and will generate notices here.'); + } $this->assertTrue(is_resource($this->encryption->__driver_get_handle('mcrypt', 'rijndael-128', 'cbc'))); } @@ -274,6 +278,10 @@ class Encryption_test extends CI_TestCase { $this->markTestSkipped('Both MCrypt and OpenSSL support are required for portability tests.'); return; } + elseif (version_compare(PHP_VERSION, '7.1.0-alpha', '>=')) + { + return $this->markTestSkipped('ext/mcrypt is deprecated since PHP 7.1 and will generate notices here.'); + } $message = 'This is a message encrypted via MCrypt and decrypted via OpenSSL, or vice-versa.'; @@ -377,4 +385,4 @@ class Encryption_test extends CI_TestCase { $this->assertEquals('stream', $this->encryption->mode); } -}
\ No newline at end of file +} diff --git a/tests/codeigniter/libraries/Form_validation_test.php b/tests/codeigniter/libraries/Form_validation_test.php index 26d82ec93..035410724 100644 --- a/tests/codeigniter/libraries/Form_validation_test.php +++ b/tests/codeigniter/libraries/Form_validation_test.php @@ -8,15 +8,13 @@ class Form_validation_test extends CI_TestCase { // Create a mock loader since load->helper() looks in the wrong directories for unit tests, // We'll use CI_TestCase->helper() instead - $loader = $this->getMock('CI_Loader', array('helper')); + $loader = $this->getMockBuilder('CI_Loader')->setMethods(array('helper'))->getMock(); // Same applies for lang - $lang = $this->getMock('CI_Lang', array('load')); + $lang = $this->getMockBuilder('CI_Lang')->setMethods(array('load'))->getMock(); - $this->ci_set_config('charset', 'UTF-8'); - $utf8 = new Mock_Core_Utf8(); - $security = new Mock_Core_Security(); - $input = new Mock_Core_Input($security, $utf8); + $security = new Mock_Core_Security('UTF-8'); + $input = new CI_Input($security); $this->ci_instance_var('lang', $lang); $this->ci_instance_var('load', $loader); @@ -28,13 +26,34 @@ class Form_validation_test extends CI_TestCase { $this->form_validation = new CI_Form_validation(); } + public function test_empty_array_input() + { + $this->assertFalse( + $this->run_rules( + array(array('field' => 'foo', 'label' => 'Foo Label', 'rules' => 'required')), + array('foo' => array()) + ) + ); + } + public function test_rule_required() { - $rules = array(array('field' => 'foo', 'label' => 'foo_label', 'rules' => 'required')); - $this->assertTrue($this->run_rules($rules, array('foo' => 'bar'))); + $rules = array(array('field' => 'foo', 'label' => 'Foo', 'rules' => 'is_numeric')); + + // Empty, not required + $this->assertTrue($this->run_rules($rules, array('foo' => ''))); + + // Not required, but also not empty + $this->assertTrue($this->run_rules($rules, array('foo' => '123'))); + $this->assertFalse($this->run_rules($rules, array('foo' => 'bar'))); + + // Required variations + $rules[0]['rules'] .= '|required'; + $this->assertTrue($this->run_rules($rules, array('foo' => '123'))); $this->assertFalse($this->run_rules($rules, array('foo' => ''))); $this->assertFalse($this->run_rules($rules, array('foo' => ' '))); + $this->assertFalse($this->run_rules($rules, array('foo' => 'bar'))); } public function test_rule_matches() @@ -45,9 +64,9 @@ class Form_validation_test extends CI_TestCase { ); $values_base = array('foo' => 'sample'); - $this->assertTrue($this->run_rules($rules, array_merge($values_base, array('bar' => '')))); $this->assertTrue($this->run_rules($rules, array_merge($values_base, array('bar' => 'sample')))); + $this->assertFalse($this->run_rules($rules, array_merge($values_base, array('bar' => '')))); $this->assertFalse($this->run_rules($rules, array_merge($values_base, array('bar' => 'Sample')))); $this->assertFalse($this->run_rules($rules, array_merge($values_base, array('bar' => ' sample')))); } @@ -229,7 +248,17 @@ class Form_validation_test extends CI_TestCase { public function test_rule_valid_url() { $this->assertTrue($this->form_validation->valid_url('www.codeigniter.com')); - $this->assertTrue($this->form_validation->valid_url('http://codeigniter.eu')); + $this->assertTrue($this->form_validation->valid_url('http://codeigniter.com')); + + // https://bugs.php.net/bug.php?id=51192 + $this->assertTrue($this->form_validation->valid_url('http://accept-dashes.tld')); + $this->assertFalse($this->form_validation->valid_url('http://reject_underscores.tld')); + + // https://github.com/bcit-ci/CodeIgniter/issues/4415 + $this->assertTrue($this->form_validation->valid_url('http://[::1]/ipv6')); + + // URI scheme case-sensitivity: https://github.com/bcit-ci/CodeIgniter/pull/4758 + $this->assertTrue($this->form_validation->valid_url('HtTp://127.0.0.1/')); $this->assertFalse($this->form_validation->valid_url('htt://www.codeIgniter.com')); $this->assertFalse($this->form_validation->valid_url('')); @@ -239,7 +268,6 @@ class Form_validation_test extends CI_TestCase { public function test_rule_valid_email() { $this->assertTrue($this->form_validation->valid_email('email@sample.com')); - $this->assertFalse($this->form_validation->valid_email('valid_email', '@sample.com')); } @@ -265,10 +293,22 @@ class Form_validation_test extends CI_TestCase { $this->assertFalse($this->form_validation->valid_ip('127.0.0.259')); } + public function test_rule_valid_mac() + { + $this->assertTrue($this->form_validation->valid_mac("01-23-45-67-89-aB")); + $this->assertTrue($this->form_validation->valid_mac("01:23:45:67:89:aB")); + $this->assertTrue($this->form_validation->valid_mac("0123.4567.89aB")); + + $this->assertFalse($this->form_validation->valid_mac("-01-23-45-67-89-ab")); + $this->assertFalse($this->form_validation->valid_mac("01:23:45:67:89:ab:")); + $this->assertFalse($this->form_validation->valid_mac("01:23:45:67:89:ab\n")); + $this->assertFalse($this->form_validation->valid_mac("01:23:45:67:89:ag:")); + $this->assertFalse($this->form_validation->valid_mac('0123456789ab')); + } + public function test_rule_valid_base64() { $this->assertTrue($this->form_validation->valid_base64(base64_encode('string'))); - $this->assertFalse($this->form_validation->valid_base64('FA08GG')); } @@ -404,6 +444,12 @@ class Form_validation_test extends CI_TestCase { $this->assertFalse($form_validation->run('fail')); } + public function test_set_rules_exception() + { + $this->setExpectedException('BadMethodCallException'); + $this->form_validation->set_rules('foo', 'bar'); + } + public function test_has_rule() { $this->form_validation->reset_validation(); @@ -542,20 +588,6 @@ class Form_validation_test extends CI_TestCase { $this->assertFalse($this->form_validation->regex_match('bar', $regex)); } - public function test_prep_for_form() - { - $this->form_validation->reset_validation(); - $error_msg_unprepped = '<error =\'foobar\'">'; - $error_msg_prepped = '<error ='foobar'">'; - $this->form_validation->set_rules('foo', 'label', 'required', array('required' => $error_msg_unprepped)); - $_POST = array('foo' => ''); - $this->form_validation->run(); - $error_arr = $this->form_validation->error_array(); - - $this->assertEquals('', $this->form_validation->prep_for_form('')); - $this->assertEquals(array('foo' => $error_msg_prepped), $this->form_validation->prep_for_form($error_arr)); - } - public function test_prep_url() { $this->assertEquals('', $this->form_validation->prep_url('')); diff --git a/tests/codeigniter/libraries/Session_test.php b/tests/codeigniter/libraries/Session_test.php index 76a4fcc98..840df076a 100644 --- a/tests/codeigniter/libraries/Session_test.php +++ b/tests/codeigniter/libraries/Session_test.php @@ -37,7 +37,8 @@ return; $ci = $this->ci_instance(); $ldr = $this->ci_core_class('load'); $ci->load = new $ldr(); - $ci->input = new Mock_Core_Input(NULL, NULL); + $security = new Mock_Core_Security('UTF-8'); + $ci->input = new CI_Input($security); // Make sure string helper is available $this->ci_vfs_clone('system/helpers/string_helper.php'); @@ -437,4 +438,4 @@ return; $this->assertNull($this->session->native->userdata($key)); } -}
\ No newline at end of file +} diff --git a/tests/codeigniter/libraries/Upload_test.php b/tests/codeigniter/libraries/Upload_test.php index 4fbc11ef0..74a7d2c22 100644 --- a/tests/codeigniter/libraries/Upload_test.php +++ b/tests/codeigniter/libraries/Upload_test.php @@ -6,8 +6,8 @@ class Upload_test extends CI_TestCase { { $ci = $this->ci_instance(); $ci->upload = new CI_Upload(); - $ci->security = new Mock_Core_Security(); - $ci->lang = $this->getMock('CI_Lang', array('load', 'line')); + $ci->security = new Mock_Core_Security('UTF-8'); + $ci->lang = $this->getMockBuilder('CI_Lang')->setMethods(array('load', 'line'))->getMock(); $ci->lang->expects($this->any())->method('line')->will($this->returnValue(FALSE)); $this->upload = $ci->upload; } @@ -25,14 +25,10 @@ class Upload_test extends CI_TestCase { ) ); - // ReflectionProperty::setAccessible() is not available in PHP 5.2.x - if (is_php('5.3')) - { - $reflection = new ReflectionClass($upload); - $reflection = $reflection->getProperty('_file_name_override'); - $reflection->setAccessible(TRUE); - $this->assertEquals('foo', $reflection->getValue($upload)); - } + $reflection = new ReflectionClass($upload); + $reflection = $reflection->getProperty('_file_name_override'); + $reflection->setAccessible(TRUE); + $this->assertEquals('foo', $reflection->getValue($upload)); $this->assertTrue($upload->file_ext_tolower); @@ -300,4 +296,4 @@ class Upload_test extends CI_TestCase { $this->assertEquals('<p>Error test</p>', $this->upload->display_errors()); } -}
\ No newline at end of file +} diff --git a/tests/mocks/autoloader.php b/tests/mocks/autoloader.php index 33942768d..a912327ca 100644 --- a/tests/mocks/autoloader.php +++ b/tests/mocks/autoloader.php @@ -1,6 +1,6 @@ <?php -// This autoloader provide convinient way to working with mock object +// This autoloader provide convenient way to working with mock object // make the test looks natural. This autoloader support cascade file loading as well // within mocks directory. // @@ -33,7 +33,6 @@ function autoload($class) $ci_libraries = array( 'Calendar', - 'Cart', 'Driver_Library', 'Email', 'Encrypt', @@ -116,4 +115,4 @@ function autoload($class) } include_once($file); -}
\ No newline at end of file +} diff --git a/tests/mocks/ci_testcase.php b/tests/mocks/ci_testcase.php index a2c37b92e..b320aab74 100644 --- a/tests/mocks/ci_testcase.php +++ b/tests/mocks/ci_testcase.php @@ -24,9 +24,9 @@ class CI_TestCase extends PHPUnit_Framework_TestCase { // -------------------------------------------------------------------- - public function __construct() + public function __construct($name = null, array $data = [], $dataName = '') { - parent::__construct(); + parent::__construct($name, $data, $dataName); $this->ci_instance = new stdClass(); } diff --git a/tests/mocks/core/input.php b/tests/mocks/core/input.php deleted file mode 100644 index 40e27441f..000000000 --- a/tests/mocks/core/input.php +++ /dev/null @@ -1,49 +0,0 @@ -<?php - -class Mock_Core_Input extends CI_Input { - - /** - * Since we use GLOBAL to fetch Security and Utf8 classes, - * we need to use inversion of control to mock up - * the same process within CI_Input class constructor. - * - * @covers CI_Input::__construct() - */ - public function __construct($security, $utf8) - { - $this->_allow_get_array = (config_item('allow_get_array') === TRUE); - $this->_enable_xss = (config_item('global_xss_filtering') === TRUE); - $this->_enable_csrf = (config_item('csrf_protection') === TRUE); - - // Assign Security and Utf8 classes - $this->security = $security; - $this->uni = $utf8; - - // Sanitize global arrays - $this->_sanitize_globals(); - } - - public function fetch_from_array($array, $index = '', $xss_clean = FALSE) - { - return parent::_fetch_from_array($array, $index, $xss_clean); - } - - /** - * Lie about being a CLI request - * - * We take advantage of this in libraries/Session_test - */ - public function is_cli_request() - { - return FALSE; - } - - public function __set($name, $value) - { - if ($name === 'ip_address') - { - $this->ip_address = $value; - } - } - -}
\ No newline at end of file diff --git a/tests/mocks/core/utf8.php b/tests/mocks/core/utf8.php deleted file mode 100644 index 3a6282e1d..000000000 --- a/tests/mocks/core/utf8.php +++ /dev/null @@ -1,19 +0,0 @@ -<?php - -class Mock_Core_Utf8 extends CI_Utf8 { - - /** - * We need to define UTF8_ENABLED the same way that - * CI_Utf8 constructor does. - */ - public function __construct() - { - if (defined('UTF8_ENABLED')) - { - return; - } - - parent::__construct(); - } - -}
\ No newline at end of file diff --git a/tests/mocks/database/drivers/mysql.php b/tests/mocks/database/drivers/mysql.php index e0c1fb06c..b7718ebaf 100644 --- a/tests/mocks/database/drivers/mysql.php +++ b/tests/mocks/database/drivers/mysql.php @@ -5,7 +5,6 @@ class Mock_Database_Drivers_Mysql extends Mock_Database_DB_Driver { /** * Instantiate the database driver * - * @param string DB Driver class name * @param array DB configuration to set * @return void */ diff --git a/tests/mocks/database/drivers/mysqli.php b/tests/mocks/database/drivers/mysqli.php index 73c35b609..f747aad46 100644 --- a/tests/mocks/database/drivers/mysqli.php +++ b/tests/mocks/database/drivers/mysqli.php @@ -5,7 +5,6 @@ class Mock_Database_Drivers_Mysqli extends Mock_Database_DB_Driver { /** * Instantiate the database driver * - * @param string DB Driver class name * @param array DB configuration to set * @return void */ diff --git a/tests/mocks/database/drivers/pdo.php b/tests/mocks/database/drivers/pdo.php index 17768eed7..af1958aea 100644 --- a/tests/mocks/database/drivers/pdo.php +++ b/tests/mocks/database/drivers/pdo.php @@ -5,7 +5,6 @@ class Mock_Database_Drivers_PDO extends Mock_Database_DB_Driver { /** * Instantiate the database driver * - * @param string DB Driver class name * @param array DB configuration to set * @return void */ diff --git a/tests/mocks/database/drivers/postgre.php b/tests/mocks/database/drivers/postgre.php index 5a45115fa..8c91e54a9 100644 --- a/tests/mocks/database/drivers/postgre.php +++ b/tests/mocks/database/drivers/postgre.php @@ -5,7 +5,6 @@ class Mock_Database_Drivers_Postgre extends Mock_Database_DB_Driver { /** * Instantiate the database driver * - * @param string DB Driver class name * @param array DB configuration to set * @return void */ diff --git a/tests/mocks/database/drivers/sqlite.php b/tests/mocks/database/drivers/sqlite.php index 512467520..b2aec28e6 100644 --- a/tests/mocks/database/drivers/sqlite.php +++ b/tests/mocks/database/drivers/sqlite.php @@ -5,7 +5,6 @@ class Mock_Database_Drivers_Sqlite extends Mock_Database_DB_Driver { /** * Instantiate the database driver * - * @param string DB Driver class name * @param array DB configuration to set * @return void */ diff --git a/user_guide_src/README.rst b/user_guide_src/README.rst index 188b42e88..d645adb73 100644 --- a/user_guide_src/README.rst +++ b/user_guide_src/README.rst @@ -24,7 +24,7 @@ Installation 1. Install `easy_install <http://peak.telecommunity.com/DevCenter/EasyInstall#installing-easy-install>`_ 2. ``easy_install "sphinx==1.2.3"`` -3. ``easy_install sphinxcontrib-phpdomain`` +3. ``easy_install "sphinxcontrib-phpdomain==0.1.3.post1"`` 4. Install the CI Lexer which allows PHP, HTML, CSS, and JavaScript syntax highlighting in code examples (see *cilexer/README*) 5. ``cd user_guide_src`` 6. ``make html`` @@ -60,4 +60,4 @@ Style Guideline *************** Please refer to source/documentation/index.rst for general guidelines for -using Sphinx to document CodeIgniter.
\ No newline at end of file +using Sphinx to document CodeIgniter. diff --git a/user_guide_src/cilexer/cilexer/cilexer.py b/user_guide_src/cilexer/cilexer/cilexer.py index 2580b0b30..4ecfd0bc4 100644 --- a/user_guide_src/cilexer/cilexer/cilexer.py +++ b/user_guide_src/cilexer/cilexer/cilexer.py @@ -1,11 +1,11 @@ # CodeIgniter -# http://codeigniter.com -# +# https://codeigniter.com +# # An open source application development framework for PHP -# +# # This content is released under the MIT License (MIT) # -# Copyright (c) 2014 - 2015, British Columbia Institute of Technology +# Copyright (c) 2014 - 2017, British Columbia Institute of Technology # # Permission is hereby granted, free of charge, to any person obtaining a copy # of this software and associated documentation files (the "Software"), to deal @@ -25,8 +25,8 @@ # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN # THE SOFTWARE. # -# Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) -# Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) +# Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) +# Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) # # http://opensource.org/licenses/MIT MIT License diff --git a/user_guide_src/source/_themes/sphinx_rtd_theme/breadcrumbs.html b/user_guide_src/source/_themes/sphinx_rtd_theme/breadcrumbs.html index ff0938e5c..60343661a 100644 --- a/user_guide_src/source/_themes/sphinx_rtd_theme/breadcrumbs.html +++ b/user_guide_src/source/_themes/sphinx_rtd_theme/breadcrumbs.html @@ -2,18 +2,21 @@ <ul class="wy-breadcrumbs"> <li><a href="{{ pathto(master_doc) }}">Docs</a> »</li> {% for doc in parents %} - <li><a href="{{ doc.link|e }}">{{ doc.title }}</a> »</li> + <li><a href="{{ doc.link|e }}">{{ doc.title }}</a> »</li> {% endfor %} <li>{{ title }}</li> - <li class="wy-breadcrumbs-aside"> - {% if display_github %} - <a href="https://github.com/{{ github_user }}/{{ github_repo }}/blob/{{ github_version }}{{ conf_py_path }}{{ pagename }}{{ source_suffix }}" class="fa fa-github"> Edit on GitHub</a> - {% elif display_bitbucket %} - <a href="https://bitbucket.org/{{ bitbucket_user }}/{{ bitbucket_repo }}/src/{{ bitbucket_version}}{{ conf_py_path }}{{ pagename }}{{ source_suffix }}" class="fa fa-bitbucket"> Edit on Bitbucket</a> - {% elif show_source and has_source and sourcename %} - <a href="{{ pathto('_sources/' + sourcename, true)|e }}" rel="nofollow"> View page source</a> - {% endif %} - </li> + <li class="wy-breadcrumbs-aside"> + {% if display_github %} + <a href="https://github.com/{{ github_user }}/{{ github_repo }}/blob/{{ github_version }}{{ conf_py_path }}{{ pagename }}{{ source_suffix }}" class="fa fa-github"> Edit on GitHub</a> + {% elif display_bitbucket %} + <a href="https://bitbucket.org/{{ bitbucket_user }}/{{ bitbucket_repo }}/src/{{ bitbucket_version}}{{ conf_py_path }}{{ pagename }}{{ source_suffix }}" class="fa fa-bitbucket"> Edit on Bitbucket</a> + {% elif show_source and has_source and sourcename %} + <a href="{{ pathto('_sources/' + sourcename, true)|e }}" rel="nofollow"> View page source</a> + {% endif %} + </li> + <div style="float:right;margin-left:5px;" id="closeMe"> + <img title="Classic Layout" alt="classic layout" src="data:image/gif;base64,R0lGODlhFAAUAJEAAAAAADMzM////wAAACH5BAUUAAIALAAAAAAUABQAAAImlI+py+0PU5gRBRDM3DxbWoXis42X13USOLauUIqnlsaH/eY6UwAAOw==" /> + </div> </ul> <hr/> </div> diff --git a/user_guide_src/source/_themes/sphinx_rtd_theme/layout.html b/user_guide_src/source/_themes/sphinx_rtd_theme/layout.html index 1203b2f34..20ede7d32 100644 --- a/user_guide_src/source/_themes/sphinx_rtd_theme/layout.html +++ b/user_guide_src/source/_themes/sphinx_rtd_theme/layout.html @@ -77,6 +77,8 @@ <body class="wy-body-for-nav" role="document"> + {% include "pulldown.html" %} + <div class="wy-grid-for-nav"> {# SIDE NAV, TOGGLES ON MOBILE #} diff --git a/user_guide_src/source/_themes/sphinx_rtd_theme/pulldown.html b/user_guide_src/source/_themes/sphinx_rtd_theme/pulldown.html new file mode 100644 index 000000000..7877346d8 --- /dev/null +++ b/user_guide_src/source/_themes/sphinx_rtd_theme/pulldown.html @@ -0,0 +1,17 @@ +<div id="nav"> + <div id="nav_inner"> + {% block ciNav %} + {% set toctree = toctree(maxdepth=2, collapse=False, includehidden=False) %} + {% if toctree %} + <div id="pulldown-menu" class="ciNav"> + {{ toctree }} + </div> + {% endif %} + {% endblock %} + </div> +</div> +<div id="nav2"> + <a href="#" id="openToc"> + <img src="data:image/jpeg;base64,/9j/4AAQSkZJRgABAgAAZABkAAD/7AARRHVja3kAAQAEAAAARgAA/+4ADkFkb2JlAGTAAAAAAf/bAIQABAMDAwMDBAMDBAYEAwQGBwUEBAUHCAYGBwYGCAoICQkJCQgKCgwMDAwMCgwMDQ0MDBERERERFBQUFBQUFBQUFAEEBQUIBwgPCgoPFA4ODhQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQU/8AAEQgAKwCaAwERAAIRAQMRAf/EAHsAAQAABwEBAAAAAAAAAAAAAAABAwQFBgcIAgkBAQAAAAAAAAAAAAAAAAAAAAAQAAEDAwICBwYEAgsAAAAAAAIBAwQAEQUSBiEHkROTVNQWGDFBUVIUCHEiMtOUFWGBobHRQlMkZIRVEQEAAAAAAAAAAAAAAAAAAAAA/9oADAMBAAIRAxEAPwDSC+ygkOOaUoKigUCgUCgUCgUCgUCgUCgUCgkuGguIP9FBMFb0Hqg7We+3jlmIqqYFf4ub+/QYlnOR/LqIBKGFUbf8qWv971BytQXXE7Y3Lnm3HsFhp2TaZJAdchRXpIgSpdEJWxJEW3xoKV7F5OMy7JkQn2o7D6w33XGjEAkoiqrJEqIiOIiKuhePCgqp22dyYyS3CyWHnQ5joG61HkRnmnTbaFSMhExRVQRRVJU9iUHjE7ez+fJ0MFipmUNhBV8YUd2SoIV9KkjQla9ltegttBdPLW4/qocL+UTfrMiHW4+P9M71shuyrqaHTcxsl7jegpsji8nh5ZwMvDfgTm0RTjSmjYdFCS6KoOIipdFunCgmNYTMv457MMY6U7iI6oMieDDhRm1VbIhuoOkbqtuK0Hpzb+eZcYZexUxt6UyUqK2cd0SdjtgrhOgijcgERUlJOCIl6CpgbP3blRI8XgMjNARAyKNDfeRBdFDBVUAXgQrqH4pxoJTu2NysY97LP4ac1io5q1InHFeGO24LnVKJuKOkSQ/yKir+rh7aCLG1dzypZQI2FnvTgccYOM3FeN0XWERXAUEFVQgQkUktdLpegm+Td3/Xli/L+S/mYNJIOF9G/wBeLKrZHFb0akG6W1WtQWSg3Dyg5e7V3fipE3O4/wCrktyzYA+ufas2LbZIlmnAT2kvuoN1wft95augilglX/tzP3qCu9O3LL/wV/i5v79BvmTADq14UGu91467Z6U9y0HzH/ncj/U/sT/CgynZG7I2NezpZGUjIycJkYkZSG+uQ81pbBNKLxJfjwoMqZ3/ALYHl35AJ7/cuwHcu5k7r1Q5pHetBjquqVVJWGxj9Zrtcl/Ggy3dHMvauR3HFZj5nHNxSyW5JISYDMoIwx8tFIGHZhPNaykGapr6rUAiicEoMG21lMRj8buPAz8xhJrr7uOeiPTCyAwXUaGR1mgozbTusOsFLEiJ7fbQa/h7gcjy2H3V6xppwDNtUSxCJIqp7valBuWVzJ22xuCROXNNZiJkMtms0DbjUkAZjzoDrTMd9dDRI44ZC2YsrYdKWP2WDT2S3N9dNdlRYrGMYc06IURXSYb0igrpWS485xVNS6nF4rwslkoMwnbpgZLB7bmt5uMweAhDEl4B5uSLzzqTnnyVpW2jaJHRMSIjdDiiotvy3DOE5rYTEbkl5yFn28k7JyG4c7AU2HtLH1uKfaiMPI40CdYbpNtmLdwTSn5rewLNld+7TLdeal4WarWBkbVKBjgdElMJJwAAY5fl4kB3b1fp4XvagsGS3FjJfLzDNtS8aeXx7LzT7TyzByQE5PccRGRC0ZRUDRV6y62vbjagzLmJzS2vuPK43JY6aP1TW6Jz+RIWyFtyC06y3EkiiinAo7YCqfq1AqqnGgsOH3lhZO8d1pmcpB8j5XIm9OYlBJSQ/FSS4427DKO0RC8AlcEMhFdViRR1WDWR5t3WXVuL1d106kG9vdeye2g60+1FDyW0shIcXVpyroXt8I8dfd+NB1vioAdWnD3UF1+gD4UFc6CEKpagxXN43rwJLUHz7yX2c8zokt9uHlsPIhA4aRnnHJTLptIS6CNsY7iASpxUUMkReGpfbQW0vtN5pitvrsN28rwtBD0nc0+/Yft5XhaB6TuaXfsP28rwtA9J3NPv2H7eV4Wgek7mn37D9vK8LQPSdzT79h+3leFoHpO5pd+w/byvC0D0nc0u/Yft5XhaB6TuaXfsP28rwtA9J3NLv2H7eV4Wgek7ml37D9vK8LQPSdzS79h+3leFoHpO5p9+w/byvC0E9r7Reazy2HIYVPxkS/CUHVn26cosxyv2g7h89LYmZSXOenvLEQ1YaQ222RATcQCP8rSGqqA8S02W2pQ6FhMoAIlqCtsnwoCpdKClejI4i3Sgtb+GBxVuNBSFt1pV/RQefLjPyUDy4z8lA8uM/JQPLjPyUDy4z8lA8uM/JQPLjPyUDy4z8lA8uM/JQPLjPyUDy4z8lA8utJ/koJ7WCbBU/LQXOPAFq1koK8B0pag90CggtBBf6qB0UDooHRQOigdFA6KB0UDooHRQOigdFA6KB0UDooI0EaBQf//Z" title="Toggle Table of Contents" alt="Toggle Table of Contents" /> + </a> +</div> diff --git a/user_guide_src/source/_themes/sphinx_rtd_theme/static/css/citheme.css b/user_guide_src/source/_themes/sphinx_rtd_theme/static/css/citheme.css index 10e7d04c6..a2a3b3e91 100644 --- a/user_guide_src/source/_themes/sphinx_rtd_theme/static/css/citheme.css +++ b/user_guide_src/source/_themes/sphinx_rtd_theme/static/css/citheme.css @@ -3,5 +3,86 @@ .highlighted { padding: 0px !important; font-weight: inherit !important; - background-color: #f1d40f !important; + background-color: #f1d40f !important; +} + +#nav { + background-color: #494949; + margin: 0; + padding: 0; + display: none; +} + +#nav2 { + background: url(data:image/jpeg;base64,/9j/4AAQSkZJRgABAgAAZABkAAD/7AARRHVja3kAAQAEAAAARgAA/+4ADkFkb2JlAGTAAAAAAf/bAIQABAMDAwMDBAMDBAYEAwQGBwUEBAUHCAYGBwYGCAoICQkJCQgKCgwMDAwMCgwMDQ0MDBERERERFBQUFBQUFBQUFAEEBQUIBwgPCgoPFA4ODhQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQU/8AAEQgAMgAzAwERAAIRAQMRAf/EAFkAAQADAQAAAAAAAAAAAAAAAAABBQcIAQEAAAAAAAAAAAAAAAAAAAAAEAABAgYDAAAAAAAAAAAAAAAAAVERAtMEFJRVBxgRAQAAAAAAAAAAAAAAAAAAAAD/2gAMAwEAAhEDEQA/AMRAAAAAAAA7a87dZcCu3e1wHnbrLgV272uA87dZcCu3e1wHnbrLgV272uA87dZcCu3e1wHnbrLgV272uA87dZcCu3e1wN/wJGAYEjAMCRgGBIwDAkYBgSMAwJGAsoIwCCMAgjAIIwCCMAgjAIIwEgAAAAAAAAAAAAAAAAAAAAAAAH//2Q==) repeat-x scroll left top transparent; + margin: 0; + padding: 0 310px 0 0; + text-align: right; + display: none; +} + +#nav_inner { + background-color: transparent; + font-family: Lucida Grande,Verdana,Geneva,sans-serif; + font-size: 11px; + margin: 0; + padding: 8px 12px 0 20px; +} + +div#pulldown-menu { + -moz-column-count: 5; + -moz-column-gap: 20px; + -webkit-column-count: 5; + -webkit-column-gap: 20px; + column-count: 5; + column-gap: 20px; + -webkit-column-rule: 1px groove #b8b8b8; + -moz-column-rule: 1px groove #b8b8b8; + column-rule: 1px groove #b8b8b8; +} + +#pulldown-menu > ul { + padding-top: 10px; + padding-bottom: 10px; + -webkit-column-break-inside: avoid; /*Chrome, Safari*/ + display: table; /*Firefox*/ + break-inside: avoid; /*IE 10+ theoretically*/ +} + +#pulldown-menu ul li.toctree-l2 { + font-size: 0.82em; + margin-left: 20px; + list-style-image: url(data:image/gif;base64,R0lGODlhCwAJALMJAO7u7uTk5PLy8unp6fb29t7e3vj4+Li4uIWFheTk5AAAAAAAAAAAAAAAAAAAAAAAACH5BAEAAAkALAAAAAALAAkAAAQoMJ1JqTQ4Z3SI98jHCWSJkByArCyiHkMsIzEX3DeCc0Xv+4hEa5iIAAA7); +} + +#pulldown-menu ul li.toctree-l1 a { + color: #ffffff; + text-decoration: none; + font-size: 12px; + font-family: "Roboto Slab","ff-tisa-web-pro","Georgia",Arial,sans-serif; + font-weight: 700; +} + +#pulldown-menu ul li.toctree-l2 a { + text-decoration: none; + font-size: 11px; + line-height: 1.4em; + font-weight: 300; + font-family: Lucida Grande,Verdana,Geneva,sans-serif; + color: #aaaaaa; +} + +/*hide pulldown menu on mobile devices*/ +@media (max-width: 768px) { /*tablet size defined by theme*/ + #closeMe { + display: none; + } + + #pulldown { + display: none; + } + + #openToc { + display: none; + } }
\ No newline at end of file diff --git a/user_guide_src/source/_themes/sphinx_rtd_theme/static/images/ci-icon.ico b/user_guide_src/source/_themes/sphinx_rtd_theme/static/images/ci-icon.ico Binary files differnew file mode 100644 index 000000000..c4246f8bf --- /dev/null +++ b/user_guide_src/source/_themes/sphinx_rtd_theme/static/images/ci-icon.ico diff --git a/user_guide_src/source/_themes/sphinx_rtd_theme/static/js/theme.js b/user_guide_src/source/_themes/sphinx_rtd_theme/static/js/theme.js index 66edf2fa2..081d77bdf 100644 --- a/user_guide_src/source/_themes/sphinx_rtd_theme/static/js/theme.js +++ b/user_guide_src/source/_themes/sphinx_rtd_theme/static/js/theme.js @@ -1,118 +1,131 @@ -$( document ).ready(function() { +$(document).ready(function () { // Shift nav in mobile when clicking the menu. - $(document).on('click', "[data-toggle='wy-nav-top']", function() { - $("[data-toggle='wy-nav-shift']").toggleClass("shift"); - $("[data-toggle='rst-versions']").toggleClass("shift"); + $(document).on('click', "[data-toggle='wy-nav-top']", function () { + $("[data-toggle='wy-nav-shift']").toggleClass("shift"); + $("[data-toggle='rst-versions']").toggleClass("shift"); }); // Close menu when you click a link. - $(document).on('click', ".wy-menu-vertical .current ul li a", function() { - $("[data-toggle='wy-nav-shift']").removeClass("shift"); - $("[data-toggle='rst-versions']").toggleClass("shift"); + $(document).on('click', ".wy-menu-vertical .current ul li a", function () { + $("[data-toggle='wy-nav-shift']").removeClass("shift"); + $("[data-toggle='rst-versions']").toggleClass("shift"); + }); + $(document).on('click', "[data-toggle='rst-current-version']", function () { + $("[data-toggle='rst-versions']").toggleClass("shift-up"); }); - $(document).on('click', "[data-toggle='rst-current-version']", function() { - $("[data-toggle='rst-versions']").toggleClass("shift-up"); - }); // Make tables responsive - $("table.docutils:not(.field-list)").wrap("<div class='wy-table-responsive'></div>"); - // --- - // START DOC MODIFICATION BY RUFNEX - // v1.0 04.02.2015 - // Add ToogleButton to get FullWidth-View by Johannes Gamperl codeigniter.de - var ciNav = '<style >#nav { background-color: #494949; margin: 0; padding: 0;display:none;}#nav2 { background: url(data:image/jpeg;base64,/9j/4AAQSkZJRgABAgAAZABkAAD/7AARRHVja3kAAQAEAAAARgAA/+4ADkFkb2JlAGTAAAAAAf/bAIQABAMDAwMDBAMDBAYEAwQGBwUEBAUHCAYGBwYGCAoICQkJCQgKCgwMDAwMCgwMDQ0MDBERERERFBQUFBQUFBQUFAEEBQUIBwgPCgoPFA4ODhQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQU/8AAEQgAMgAzAwERAAIRAQMRAf/EAFkAAQADAQAAAAAAAAAAAAAAAAABBQcIAQEAAAAAAAAAAAAAAAAAAAAAEAABAgYDAAAAAAAAAAAAAAAAAVERAtMEFJRVBxgRAQAAAAAAAAAAAAAAAAAAAAD/2gAMAwEAAhEDEQA/AMRAAAAAAAA7a87dZcCu3e1wHnbrLgV272uA87dZcCu3e1wHnbrLgV272uA87dZcCu3e1wHnbrLgV272uA87dZcCu3e1wN/wJGAYEjAMCRgGBIwDAkYBgSMAwJGAsoIwCCMAgjAIIwCCMAgjAIIwEgAAAAAAAAAAAAAAAAAAAAAAAH//2Q==) repeat-x scroll left top transparent; margin: 0; padding: 0 310px 0 0; text-align: right;display:none;}#nav_inner { background-color: transparent; font-family: Lucida Grande,Verdana,Geneva,sans-serif; font-size: 11px; margin: 0; padding: 8px 12px 0 20px;}table.ciNav { background-color: #494949; width: 100%; }table.ciNav ul { margin: 10px; margin-top:0; padding: 5px; }table.ciNav td li { font-size:0.82em; margin-left: 20px; list-style-image: url(data:image/gif;base64,R0lGODlhCwAJALMJAO7u7uTk5PLy8unp6fb29t7e3vj4+Li4uIWFheTk5AAAAAAAAAAAAAAAAAAAAAAAACH5BAEAAAkALAAAAAALAAkAAAQoMJ1JqTQ4Z3SI98jHCWSJkByArCyiHkMsIzEX3DeCc0Xv+4hEa5iIAAA7); }table.ciNav h3 { margin:0; margin-left: 10px; }table.ciNav h3.first { margin-bottom: 20px; }table.ciNav h3 a { color:#fff;text-decoration: none; font-size:12px; }table.ciNav td li a { color:#fff;text-decoration: none; font-size:11px; line-height:1.4em; font-weight: 300; color: #aaa; }table.ciNav td.td_sep {padding-left:20px; background: url(data:image/jpeg;base64,/9j/4AAQSkZJRgABAgAAZABkAAD/7AARRHVja3kAAQAEAAAARgAA/+4ADkFkb2JlAGTAAAAAAf/bAIQABAMDAwMDBAMDBAYEAwQGBwUEBAUHCAYGBwYGCAoICQkJCQgKCgwMDAwMCgwMDQ0MDBERERERFBQUFBQUFBQUFAEEBQUIBwgPCgoPFA4ODhQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQU/8AAEQgACAACAwERAAIRAQMRAf/EAEsAAQAAAAAAAAAAAAAAAAAAAAcBAQAAAAAAAAAAAAAAAAAAAAAQAQEAAAAAAAAAAAAAAAAAAADVEQEAAAAAAAAAAAAAAAAAAAAA/9oADAMBAAIRAxEAPwAesg//2Q==) repeat-y scroll left top transparent;}</style>'; - ciNav += '<div style="background:#494949;"><div id="nav"><div id="nav_inner">'; - ciNav += '<table class="ciNav"><tr><td valign="top"><h3 class="first"><a href="../general/welcome.html">Welcome to CodeIgniter</a></h3><h3><a href="../installation/index.html">Installation Instructions</a></h3><ul><li><a href="../installation/downloads.html">Downloading CodeIgniter</a></li><li><a href="../installation/index.html">Installation Instructions</a></li><li><a href="../installation/upgrading.html">Upgrading From a Previous Version</a></li><li><a href="../installation/troubleshooting.html">Troubleshooting</a></li></ul><h3><a href="../overview/index.html">CodeIgniter Overview</a></h3><ul><li><a href="../overview/getting_started.html">Getting Started</a></li><li><a href="../overview/at_a_glance.html">CodeIgniter at a Glance</a></li><li><a href="../overview/features.html">Supported Features</a></li><li><a href="../overview/appflow.html">Application Flow Chart</a></li><li><a href="../overview/mvc.html">Model-View-Controller</a></li><li><a href="../overview/goals.html">Architectural Goals</a></li></ul><h3><a href="../tutorial/index.html">Tutorial</a></h3><ul><li><a href="../tutorial/static_pages.html">Static pages</a></li><li><a href="../tutorial/news_section.html">News section</a></li><li><a href="../tutorial/create_news_items.html">Create news items</a></li><li><a href="../tutorial/conclusion.html">Conclusion</a></li></ul><h3><a href="../contributing/index.html">Contributing to CodeIgniter</a></h3><ul><li class="toctree-l2"><a href="../documentation/index.html">Writing CodeIgniter Documentation</a></li><li class="toctree-l2"><a href="../DCO.html">Developer’s Certificate of Origin 1.1</a></li></ul></td><td valign="top" class="td_sep"><h3><a href="../general/index.html">General Topics</a></h3><ul><li><a href="../general/urls.html">CodeIgniter URLs</a></li><li><a href="../general/controllers.html">Controllers</a></li><li><a href="../general/reserved_names.html">Reserved Names</a></li><li><a href="../general/views.html">Views</a></li><li><a href="../general/models.html">Models</a></li><li><a href="../general/helpers.html">Helpers</a></li><li><a href="../general/libraries.html">Using CodeIgniter Libraries</a></li><li><a href="../general/creating_libraries.html">Creating Libraries</a></li><li><a href="../general/drivers.html">Using CodeIgniter Drivers</a></li><li><a href="../general/creating_drivers.html">Creating Drivers</a></li><li><a href="../general/core_classes.html">Creating Core System Classes</a></li><li><a href="../general/ancillary_classes.html">Creating Ancillary Classes</a></li><li><a href="../general/hooks.html">Hooks - Extending the Framework Core</a></li><li><a href="../general/autoloader.html">Auto-loading Resources</a></li><li><a href="../general/common_functions.html">Common Functions</a></li><li><a href="../general/compatibility_functions.html">Compatibility Functions</a></li><li><a href="../general/routing.html">URI Routing</a></li><li><a href="../general/errors.html">Error Handling</a></li><li><a href="../general/caching.html">Caching</a></li><li><a href="../general/profiling.html">Profiling Your Application</a></li><li><a href="../general/cli.html">Running via the CLI</a></li><li><a href="../general/managing_apps.html">Managing your Applications</a></li><li><a href="../general/environments.html">Handling Multiple Environments</a></li><li><a href="../general/alternative_php.html">Alternate PHP Syntax for View Files</a></li><li><a href="../general/security.html">Security</a></li><li><a href="../general/styleguide.html">PHP Style Guide</a></li></ul></td><td valign="top" class="td_sep"><h3><a href="../libraries/index.html">Libraries</a></h3><ul><li><a href="../libraries/benchmark.html">Benchmarking Class</a></li><li><a href="../libraries/caching.html">Caching Driver</a></li><li><a href="../libraries/calendar.html">Calendaring Class</a></li><li><a href="../libraries/cart.html">Shopping Cart Class</a></li><li><a href="../libraries/config.html">Config Class</a></li><li><a href="../libraries/email.html">Email Class</a></li><li><a href="../libraries/encrypt.html">Encrypt Class</a></li><li><a href="../libraries/encryption.html">Encryption Library</a></li><li><a href="../libraries/file_uploading.html">File Uploading Class</a></li><li><a href="../libraries/form_validation.html">Form Validation</a></li><li><a href="../libraries/ftp.html">FTP Class</a></li><li><a href="../libraries/image_lib.html">Image Manipulation Class</a></li><li><a href="../libraries/input.html">Input Class</a></li><li><a href="../libraries/javascript.html">Javascript Class</a></li><li><a href="../libraries/language.html">Language Class</a></li><li><a href="../libraries/loader.html">Loader Class</a></li><li><a href="../libraries/migration.html">Migrations Class</a></li><li><a href="../libraries/output.html">Output Class</a></li><li><a href="../libraries/pagination.html">Pagination Class</a></li><li><a href="../libraries/parser.html">Template Parser Class</a></li><li><a href="../libraries/security.html">Security Class</a></li><li><a href="../libraries/sessions.html">Session Library</a></li><li><a href="../libraries/table.html">HTML Table Class</a></li><li><a href="../libraries/trackback.html">Trackback Class</a></li><li><a href="../libraries/typography.html">Typography Class</a></li><li><a href="../libraries/unit_testing.html">Unit Testing Class</a></li><li><a href="../libraries/uri.html">URI Class</a></li><li><a href="../libraries/user_agent.html">User Agent Class</a></li><li><a href="../libraries/xmlrpc.html">XML-RPC and XML-RPC Server Classes</a></li><li><a href="../libraries/zip.html">Zip Encoding Class</a></li></ul></td><td valign="top" class="td_sep"><h3><a href="../database/index.html">Database Reference</a></h3><ul><li><a href="../database/examples.html">Quick Start: Usage Examples</a></li><li><a href="../database/configuration.html">Database Configuration</a></li><li><a href="../database/connecting.html">Connecting to a Database</a></li><li><a href="../database/queries.html">Running Queries</a></li><li><a href="../database/results.html">Generating Query Results</a></li><li><a href="../database/helpers.html">Query Helper Functions</a></li><li><a href="../database/query_builder.html">Query Builder Class</a></li><li><a href="../database/transactions.html">Transactions</a></li><li><a href="../database/metadata.html">Getting MetaData</a></li><li><a href="../database/call_function.html">Custom Function Calls</a></li><li><a href="../database/caching.html">Query Caching</a></li><li><a href="../database/forge.html">Database Manipulation with Database Forge</a></li><li><a href="../database/utilities.html">Database Utilities Class</a></li><li><a href="../database/db_driver_reference.html">Database Driver Reference</a></li></ul></td><td valign="top" class="td_sep"><h3><a href="../helpers/index.html">Helpers</a></h3><ul><li><a href="../helpers/array_helper.html">Array Helper</a></li><li><a href="../helpers/captcha_helper.html">CAPTCHA Helper</a></li><li><a href="../helpers/cookie_helper.html">Cookie Helper</a></li><li><a href="../helpers/date_helper.html">Date Helper</a></li><li><a href="../helpers/directory_helper.html">Directory Helper</a></li><li><a href="../helpers/download_helper.html">Download Helper</a></li><li><a href="../helpers/email_helper.html">Email Helper</a></li><li><a href="../helpers/file_helper.html">File Helper</a></li><li><a href="../helpers/form_helper.html">Form Helper</a></li><li><a href="../helpers/html_helper.html">HTML Helper</a></li><li><a href="../helpers/inflector_helper.html">Inflector Helper</a></li><li><a href="../helpers/language_helper.html">Language Helper</a></li><li><a href="../helpers/number_helper.html">Number Helper</a></li><li><a href="../helpers/path_helper.html">Path Helper</a></li><li><a href="../helpers/security_helper.html">Security Helper</a></li><li><a href="../helpers/smiley_helper.html">Smiley Helper</a></li><li><a href="../helpers/string_helper.html">String Helper</a></li><li><a href="../helpers/text_helper.html">Text Helper</a></li><li><a href="../helpers/typography_helper.html">Typography Helper</a></li><li><a href="../helpers/url_helper.html">URL Helper</a></li><li><a href="../helpers/xml_helper.html">XML Helper</a></li></ul></td></tr></table>'; - ciNav += '</div></div><div id="nav2"><a name="top"></a><a href="#" id="openToc"><img src="data:image/jpeg;base64,/9j/4AAQSkZJRgABAgAAZABkAAD/7AARRHVja3kAAQAEAAAARgAA/+4ADkFkb2JlAGTAAAAAAf/bAIQABAMDAwMDBAMDBAYEAwQGBwUEBAUHCAYGBwYGCAoICQkJCQgKCgwMDAwMCgwMDQ0MDBERERERFBQUFBQUFBQUFAEEBQUIBwgPCgoPFA4ODhQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQU/8AAEQgAKwCaAwERAAIRAQMRAf/EAHsAAQAABwEBAAAAAAAAAAAAAAABAwQFBgcIAgkBAQAAAAAAAAAAAAAAAAAAAAAQAAEDAwICBwYEAgsAAAAAAAIBAwQAEQUSBiEHkROTVNQWGDFBUVIUCHEiMtOUFWGBobHRQlMkZIRVEQEAAAAAAAAAAAAAAAAAAAAA/9oADAMBAAIRAxEAPwDSC+ygkOOaUoKigUCgUCgUCgUCgUCgUCgUCgkuGguIP9FBMFb0Hqg7We+3jlmIqqYFf4ub+/QYlnOR/LqIBKGFUbf8qWv971BytQXXE7Y3Lnm3HsFhp2TaZJAdchRXpIgSpdEJWxJEW3xoKV7F5OMy7JkQn2o7D6w33XGjEAkoiqrJEqIiOIiKuhePCgqp22dyYyS3CyWHnQ5joG61HkRnmnTbaFSMhExRVQRRVJU9iUHjE7ez+fJ0MFipmUNhBV8YUd2SoIV9KkjQla9ltegttBdPLW4/qocL+UTfrMiHW4+P9M71shuyrqaHTcxsl7jegpsji8nh5ZwMvDfgTm0RTjSmjYdFCS6KoOIipdFunCgmNYTMv457MMY6U7iI6oMieDDhRm1VbIhuoOkbqtuK0Hpzb+eZcYZexUxt6UyUqK2cd0SdjtgrhOgijcgERUlJOCIl6CpgbP3blRI8XgMjNARAyKNDfeRBdFDBVUAXgQrqH4pxoJTu2NysY97LP4ac1io5q1InHFeGO24LnVKJuKOkSQ/yKir+rh7aCLG1dzypZQI2FnvTgccYOM3FeN0XWERXAUEFVQgQkUktdLpegm+Td3/Xli/L+S/mYNJIOF9G/wBeLKrZHFb0akG6W1WtQWSg3Dyg5e7V3fipE3O4/wCrktyzYA+ufas2LbZIlmnAT2kvuoN1wft95augilglX/tzP3qCu9O3LL/wV/i5v79BvmTADq14UGu91467Z6U9y0HzH/ncj/U/sT/CgynZG7I2NezpZGUjIycJkYkZSG+uQ81pbBNKLxJfjwoMqZ3/ALYHl35AJ7/cuwHcu5k7r1Q5pHetBjquqVVJWGxj9Zrtcl/Ggy3dHMvauR3HFZj5nHNxSyW5JISYDMoIwx8tFIGHZhPNaykGapr6rUAiicEoMG21lMRj8buPAz8xhJrr7uOeiPTCyAwXUaGR1mgozbTusOsFLEiJ7fbQa/h7gcjy2H3V6xppwDNtUSxCJIqp7valBuWVzJ22xuCROXNNZiJkMtms0DbjUkAZjzoDrTMd9dDRI44ZC2YsrYdKWP2WDT2S3N9dNdlRYrGMYc06IURXSYb0igrpWS485xVNS6nF4rwslkoMwnbpgZLB7bmt5uMweAhDEl4B5uSLzzqTnnyVpW2jaJHRMSIjdDiiotvy3DOE5rYTEbkl5yFn28k7JyG4c7AU2HtLH1uKfaiMPI40CdYbpNtmLdwTSn5rewLNld+7TLdeal4WarWBkbVKBjgdElMJJwAAY5fl4kB3b1fp4XvagsGS3FjJfLzDNtS8aeXx7LzT7TyzByQE5PccRGRC0ZRUDRV6y62vbjagzLmJzS2vuPK43JY6aP1TW6Jz+RIWyFtyC06y3EkiiinAo7YCqfq1AqqnGgsOH3lhZO8d1pmcpB8j5XIm9OYlBJSQ/FSS4427DKO0RC8AlcEMhFdViRR1WDWR5t3WXVuL1d106kG9vdeye2g60+1FDyW0shIcXVpyroXt8I8dfd+NB1vioAdWnD3UF1+gD4UFc6CEKpagxXN43rwJLUHz7yX2c8zokt9uHlsPIhA4aRnnHJTLptIS6CNsY7iASpxUUMkReGpfbQW0vtN5pitvrsN28rwtBD0nc0+/Yft5XhaB6TuaXfsP28rwtA9J3NPv2H7eV4Wgek7mn37D9vK8LQPSdzT79h+3leFoHpO5pd+w/byvC0D0nc0u/Yft5XhaB6TuaXfsP28rwtA9J3NLv2H7eV4Wgek7ml37D9vK8LQPSdzS79h+3leFoHpO5p9+w/byvC0E9r7Reazy2HIYVPxkS/CUHVn26cosxyv2g7h89LYmZSXOenvLEQ1YaQ222RATcQCP8rSGqqA8S02W2pQ6FhMoAIlqCtsnwoCpdKClejI4i3Sgtb+GBxVuNBSFt1pV/RQefLjPyUDy4z8lA8uM/JQPLjPyUDy4z8lA8uM/JQPLjPyUDy4z8lA8uM/JQPLjPyUDy4z8lA8utJ/koJ7WCbBU/LQXOPAFq1koK8B0pag90CggtBBf6qB0UDooHRQOigdFA6KB0UDooHRQOigdFA6KB0UDooI0EaBQf//Z" title="Toggle Table of Contents" alt="Toggle Table of Contents" /></a></div></div>'; - $('body').prepend(ciNav); - // - var a = ['Index', 'CodeIgniter User Guide¶', 'Change Log¶', 'Developer’s Certificate of Origin 1.1¶', 'The MIT License (MIT)¶']; - if ($.inArray($('h1').text(), a) > 0 || $('h2').text() == 'Search Results') - { - $('table.ciNav a').each(function(){ - $(this).attr('href', $(this).attr("href").replace('../', '')); - }); - console.log(1111); - } - // - $('#openToc').click(function(){ - $('#nav').slideToggle(); - }); - $('.wy-breadcrumbs').append('<div style="float:right;"><div style="text-decoration:underline;color:blue;margin-left:5px;" id="closeMe"><img title="toc" alt="toc" src="data:image/gif;base64,R0lGODlhFAAUAJEAAAAAADMzM////wAAACH5BAUUAAIALAAAAAAUABQAAAImlI+py+0PU5gRBRDM3DxbWoXis42X13USOLauUIqnlsaH/eY6UwAAOw==" /></div></div>'); - $('#closeMe').toggle( - function() - { - setCookie('ciNav', true, 365); - $('#nav2').show(); - $('#topMenu').remove(); - $('body').css({ background:'none' }); - $('.wy-nav-content-wrap').css({ background:'none', 'margin-left':0 }); - $('.wy-breadcrumbs').append('<div style="float:right;"><div style="float:left;" id="topMenu">'+$('.wy-form').parent().html()+'</div></div>');$('.wy-nav-side').toggle(); - }, - function() - { - setCookie('ciNav', false, 365); - $('#topMenu').remove(); - $('#nav').hide(); - $('#nav2').hide(); - $('body').css({ background:'#edf0f2;' }); - $('.wy-nav-content-wrap').css({ background:'none repeat scroll 0 0 #fcfcfc;', 'margin-left':'300px' }); - $('.wy-nav-side').show(); - } - ); - if (getCookie('ciNav') == 'true') - { - $('#closeMe').trigger('click'); - //$('#nav').slideToggle(); - } - // END MODIFICATION --- + $("table.docutils:not(.field-list)").wrap("<div class='wy-table-responsive'></div>"); + // --- + // START DOC MODIFICATION BY RUFNEX + // v1.0 04.02.2015 + // Add ToogleButton to get FullWidth-View by Johannes Gamperl codeigniter.de + + $('#openToc').click(function () { + $('#nav').slideToggle(); + }); + $('#closeMe').toggle( + function () + { + setCookie('ciNav', 'yes', 365); + $('#nav2').show(); + $('#topMenu').remove(); + $('body').css({background: 'none'}); + $('.wy-nav-content-wrap').css({background: 'none', 'margin-left': 0}); + $('.wy-breadcrumbs').append('<div style="float:right;"><div style="float:left;" id="topMenu">' + $('.wy-form').parent().html() + '</div></div>'); + $('.wy-nav-side').toggle(); + }, + function () + { + setCookie('ciNav', 'no', 365); + $('#topMenu').remove(); + $('#nav').hide(); + $('#nav2').hide(); + $('body').css({background: '#edf0f2;'}); + $('.wy-nav-content-wrap').css({background: 'none repeat scroll 0 0 #fcfcfc;', 'margin-left': '300px'}); + $('.wy-nav-side').show(); + } + ); + if (getCookie('ciNav') == 'yes') + { + $('#closeMe').trigger('click'); + //$('#nav').slideToggle(); + } + // END MODIFICATION --- + }); // Rufnex Cookie functions -function setCookie(cname,cvalue,exdays) { +function setCookie(cname, cvalue, exdays) { + // expire the old cookie if existed to avoid multiple cookies with the same name + if (getCookie(cname)) { + document.cookie = cname + "=;expires=Thu, 01 Jan 1970 00:00:00 GMT"; + } var d = new Date(); - d.setTime(d.getTime() + (exdays*24*60*60*1000)); + d.setTime(d.getTime() + (exdays * 24 * 60 * 60 * 1000)); var expires = "expires=" + d.toGMTString(); - document.cookie = cname+"="+cvalue+"; "+expires; + document.cookie = cname + "=" + cvalue + "; " + expires + "; path=/"; } function getCookie(cname) { var name = cname + "="; var ca = document.cookie.split(';'); - for(var i=0; i<ca.length; i++) { + for (var i = 0; i < ca.length; i++) { var c = ca[i]; - while (c.charAt(0)==' ') c = c.substring(1); + while (c.charAt(0) == ' ') + c = c.substring(1); if (c.indexOf(name) == 0) { return c.substring(name.length, c.length); } } - return false; + return ''; } // End +// resize window +$(window).on('resize', function(){ + // show side nav on small screens when pulldown is enabled + if (getCookie('ciNav') == 'yes' && $(window).width() <= 768) { // 768px is the tablet size defined by the theme + $('.wy-nav-side').show(); + } + // changing css with jquery seems to override the default css media query + // change margin + else if (getCookie('ciNav') == 'no' && $(window).width() <= 768) { + $('.wy-nav-content-wrap').css({'margin-left': 0}); + } + // hide side nav on large screens when pulldown is enabled + else if (getCookie('ciNav') == 'yes' && $(window).width() > 768) { + $('.wy-nav-side').hide(); + } + // change margin + else if (getCookie('ciNav') == 'no' && $(window).width() > 768) { + $('.wy-nav-content-wrap').css({'margin-left': '300px'}); + } +}); + window.SphinxRtdTheme = (function (jquery) { var stickyNav = (function () { var navBar, - win, - stickyNavCssClass = 'stickynav', - applyStickNav = function () { - if (navBar.height() <= win.height()) { - navBar.addClass(stickyNavCssClass); - } else { - navBar.removeClass(stickyNavCssClass); - } - }, - enable = function () { - applyStickNav(); - win.on('resize', applyStickNav); - }, - init = function () { - navBar = jquery('nav.wy-nav-side:first'); - win = jquery(window); - }; + win, + stickyNavCssClass = 'stickynav', + applyStickNav = function () { + if (navBar.height() <= win.height()) { + navBar.addClass(stickyNavCssClass); + } else { + navBar.removeClass(stickyNavCssClass); + } + }, + enable = function () { + applyStickNav(); + win.on('resize', applyStickNav); + }, + init = function () { + navBar = jquery('nav.wy-nav-side:first'); + win = jquery(window); + }; jquery(init); return { - enable : enable + enable: enable }; }()); return { - StickyNav : stickyNav + StickyNav: stickyNav }; }($)); diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index 1b044cc5f..7e52a0eda 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -2,11 +2,451 @@ Change Log ########## -Version 3.0.1 +Version 3.2.0 ============= Release Date: Not Released +- General Changes + + - Officially dropped any kind of support for anything under PHP 5.4.8. + +- Core + + - Removed ``$config['rewrite_short_tags']`` (irrelevant on PHP 5.4+). + - Removed previously deprecated ``$config['global_xss_filtering']``. + - Removed previously deprecated :doc:`Routing Class <general/routing>` methods ``fetch_directory()``, ``fetch_class()`` and ``fetch_method()`` (use the respective class properties instead). + - Removed previously deprecated :doc:`Config Library <libraries/config>` method ``system_url()`` (encourages insecure practices). + - Changed :doc:`URI Library <libraries/uri>` to ignore the ``$config['url_suffix']``, ``$config['permitted_uri_chars']`` configuration settings for CLI requests. + + - :doc:`Input Library <libraries/input>` changes include: + + - Removed previously deprecated ``$config['allow_get_array']``. + - Removed previously deprecated ``$config['standardize_newlines']``. + - Removed previously deprecated method ``is_cli_request()`` (use :php:func:`is_cli()` instead). + - Changed the ``set_cookie()`` method's default expiry time to 0 (expires when browser is closed). + - Changed the ``set_cookie()`` method to delete the cookie if a negative expiry time is passed to it. + +- Libraries + + - Removed previously deprecated *Cart Library*. + - Removed previously deprecated *Javascript Library* (it was always experimental in the first place). + - Added UNIX socket connection support to :doc:`Session Library <libraries/sessions>` 'redis' driver. + + - :doc:`Cache Library <libraries/caching>` changes include: + + - Added UNIX socket connection support to the 'memcached' driver. + - Added 'database' configuration option to the 'redis' driver, allowing to auto-select another database. + - Changed the 'memcached' driver to ignore configurations that don't specify a hostname. + - Removed the *socket_type* configuration setting from the 'redis' driver. + - Changed data serialization logic in 'redis' driver for better performance. + + - :doc:`Form Validation Library <libraries/form_validation>` changes include: + + - Removed previously deprecated method ``prep_for_form()`` / rule *prep_for_form*. + - Changed method ``set_rules()`` to throw a ``BadMethodCallException`` when its first parameter is not an array and the ``$rules`` one is unused. + - Added rule **valid_mac**, which replicates PHP's native ``filter_var()`` with ``FILTER_VALIDATE_MAC``. + + - :doc:`HTML Table Library <libraries/table>` changes include: + + - Changed method ``clear()`` to also reset captions. + + - :doc:`Email Library <libraries/email>` changes include: + + - Changed the default value of the **validate** option to ``TRUE``. + +- :doc:`Database <database/index>` changes include: + + - Removed previously deprecated 'sqlite' driver (used for SQLite version 2; no longer shipped with PHP 5.4+). + - Removed method ``db_set_charset()`` and the ability to change a connection character set at runtime. + - Changed method ``initialize()`` to return void and instead throw a ``RuntimeException`` in case of failure. + - Changed method ``db_connect()`` to always set the connection character set (if supported by the driver) and to fail if it can't. + + - :doc:`Database Forge <database/forge>`: + + - Added support for declaring date/time type fields default values as ``CURRENT_TIMESTAMP`` and similar. + +- Helpers + + - Removed previously deprecated *Email Helper* (had only two functions, aliases for PHP's native ``filter_var()`` and ``mail()``). + - Removed previously deprecated *Smiley Helper*. + - Removed previously deprecated :doc:`Date Helper <helpers/date_helper>` function ``standard_date()`` (use PHP's native ``date()`` instead). + - Removed previously deprecated :doc:`Security Helper <helpers/security_helper>` function ``do_hash()`` (use PHP's native ``hash()`` instead). + - Removed previously deprecated :doc:`File Helper <helpers/file_helper>` function ``read_file()`` (use PHP's native ``file_get_contents()`` instead). + - Added new function :php:func:`ordinal_format()` to :doc:`Inflector Helper <helpers/inflector_helper>`. + - Added 'img_alt' option to :php:func`create_captcha()` :doc:`CAPTCHA Helper` with a default value of 'captcha'. + + - :doc:`Download Helper <helpers/download_helper>` changes include: + + - Updated :php:func:`force_download()` to allow existing files to be renamed for download. + - Updated :php:func:`force_download()` to better utilize available server memory. + + - :doc:`String Helper <helpers/string_helper>` changes include: + + - Removed previously deprecated function ``trim_slashes()`` (use PHP's native ``trim()`` with ``'/'`` instead). + - Removed previously deprecated function ``repeater()`` (use PHP's native ``str_repeat()`` instead). + + - :doc:`HTML Helper <helpers/html_helper>` changes include: + + - Removed previously deprecated function ``br()`` (use PHP's native ``str_repeat()`` with ``'<br />'`` instead). + - Removed previously deprecated function ``nbs()`` (use PHP's native ``str_repeat()`` with ``' '`` instead). + - Updated function :php:func:`meta()` with support for "charset" and "property" properties. + - Changed function :php:func:`doctype()` default document type to HTML 5. + + - :doc:`Form Helper <helpers/form_helper>` changes include: + + - Removed previously deprecated function ``form_prep()`` (use :php:func:`html_escape()` instead). + - Removed the second (out of three) parameter from the :php:func:`form_upload()` function (it was never used). + + +Version 3.1.4 +============= + +Release Date: Not Released + +- General Changes + + - Updated the :doc:`Image Manipulation Library <libraries/image_lib>` to work-around an issue with some JPEGs when using GD. + +Bug fixes for 3.1.4 +------------------- + +- Fixed a regression (#4975) - :doc:`Loader Library <libraries/loader>` couldn't handle objects passed as view variables. + +Version 3.1.3 +============= + +Release Date: Jan 09, 2017 + +- **Security** + + - Fixed an XSS vulnerability in :doc:`Security Library <libraries/security>` method ``xss_clean()``. + - Fixed a possible file inclusion vulnerability in :doc:`Loader Library <libraries/loader>` method ``vars()``. + - Fixed a possible remote code execution vulnerability in the :doc:`Email Library <libraries/email>` when 'mail' or 'sendmail' are used (thanks to Paul Buonopane from `NamePros <https://www.namepros.com/>`_). + - Added protection against timing side-channel attacks in :doc:`Security Library <libraries/security>` method ``csrf_verify()``. + - Added protection against BREACH attacks targeting the CSRF token field generated by :doc:`Form Helper <helpers/form_helper>` function :php:func:`form_open()`. + +- General Changes + + - Deprecated ``$config['allow_get_array']``. + - Deprecated ``$config['standardize_newlines']``. + - Deprecated :doc:`Date Helper <helpers/date_helper>` function :php:func:`nice_date()`. + +Bug fixes for 3.1.3 +------------------- + +- Fixed a bug (#4886) - :doc:`Database Library <database/index>` didn't differentiate bind markers inside double-quoted strings in queries. +- Fixed a bug (#4890) - :doc:`XML-RPC Library <libraries/xmlrpc>` didn't work on PHP 7. +- Fixed a regression (#4887) - :doc:`File Uploading Library <libraries/file_uploading>` triggered fatal errors due to numerous PHP distribution channels (XAMPP and cPanel confirmed) explicitly disabling ext/fileinfo by default. +- Fixed a bug (#4679) - :doc:`Input Library <libraries/input>` method ``ip_address()`` didn't properly resolve ``$config['proxy_ips']`` IPv6 addresses. +- Fixed a bug (#4902) - :doc:`Image Manipulation Library <libraries/image_lib>` processing via ImageMagick didn't work. +- Fixed a bug (#4905) - :doc:`Loader Library <libraries/loader>` didn't take into account possible user-provided directory paths when loading helpers. +- Fixed a bug (#4916) - :doc:`Session Library <libraries/sessions>` with ``sess_match_ip`` enabled was unusable for IPv6 clients when using the 'database' driver on MySQL 5.7.5+. +- Fixed a bug (#4917) - :doc:`Date Helper <helpers/date_helper>` function :php:func:`nice_date()` didn't handle YYYYMMDD inputs properly. +- Fixed a bug (#4923) - :doc:`Session Library <libraries/sessions>` could execute an erroneous SQL query with the 'database' driver, if the lock attempt times out. +- Fixed a bug (#4927) - :doc:`Output Library <libraries/output>` method ``get_header()`` returned the first matching header, regardless of whether it would be replaced by a second ``set_header()`` call. +- Fixed a bug (#4844) - :doc:`Email Library <libraries/email>` didn't apply ``escapeshellarg()`` to the while passing the Sendmail ``-f`` parameter through ``popen()``. +- Fixed a bug (#4928) - the bootstrap file didn't check if *config/constants.php* exists before trying to load it. +- Fixed a bug (#4937) - :doc:`Image Manipulation Library <libraries/image_lib>` method ``initialize()`` didn't translate *new_image* inputs to absolute paths. +- Fixed a bug (#4941) - :doc:`Query Builder <database/query_builder>` method ``order_by()`` didn't work with 'RANDOM' under the 'pdo/sqlite' driver. +- Fixed a regression (#4892) - :doc:`Query Builder <database/query_builder>` method ``update_batch()`` didn't properly handle identifier escaping. +- Fixed a bug (#4953) - :doc:`Database Forge <database/forge>` method ``create_table()`` didn't update an internal tables list cache if it exists but is empty. +- Fixed a bug (#4958) - :doc:`Query Builder <database/query_builder>` method ``count_all_results()`` didn't take into account cached ``ORDER BY`` clauses. +- Fixed a bug (#4804) - :doc:`Query Builder <database/query_builder>` method ``insert_batch()`` could fail if the input array pointer was modified. +- Fixed a bug (#4962) - :doc:`Database Force <database/forge>` method ``alter_table()`` would fail with the 'oci8' driver. +- Fixed a bug (#4457) - :doc:`Image Manipulation Library <libraries/image_lib>` method ``get_image_properties()`` didn't detect invalid images. +- Fixed a bug (#4765) - :doc:`Email Library <libraries/email>` didn't send the ``User-Agent`` header without a prior call to ``clear()``. + +Version 3.1.2 +============= + +Release Date: Oct 28, 2016 + +- **Security** + + - Fixed a number of new vulnerabilities in :doc:`Security Library <libraries/security>` method ``xss_clean()``. + +- General Changes + + - Allowed PHP 4-style constructors (``Matching_name::Matching_name()`` methods) to be used as routes, if there's a ``__construct()`` to override them. + +Bug fixes for 3.1.2 +------------------- + +- Fixed a regression (#4874) - :doc:`Session Library <libraries/sessions>` didn't take into account ``session.hash_bits_per_character`` when validating session IDs. +- Fixed a bug (#4871) - :doc:`Query Builder <database/query_builder>` method ``update_batch()`` didn't properly handle identifier escaping. +- Fixed a bug (#4884) - :doc:`Query Builder <database/query_builder>` didn't properly parse field names ending in 'is' when used inside WHERE and HAVING statements. +- Fixed a bug where ``CI_Log``, ``CI_Output``, ``CI_Email`` and ``CI_Zip`` didn't handle strings in a byte-safe manner when ``mbstring.func_override`` is enabled. + +Version 3.1.1 +============= + +Release Date: Oct 22, 2016 + +- **Security** + + - Fixed a flaw in :doc:`Security Library <libraries/security>` method ``entity_decode()`` (used by ``xss_clean()``) that affects HTML 5 entities when using PHP 5.3. + +- General Changes + + - Added ``E_PARSE`` to the list of error levels detected by the shutdown handler. + - Updated :doc:`Inflector Helper <helpers/inflector_helper>` :php:func:`is_countable()` with more words. + - Updated :doc:`common function <general/common_functions>` :php:func:`set_status_header()` with new status codes from IETF RFCs + `2817 <https://tools.ietf.org/html/rfc2817>`_ (426) + and `6585 <https://tools.ietf.org/html/rfc6585>`_ (428, 429, 431, 511). + +Bug fixes for 3.1.1 +------------------- + +- Fixed a bug (#4732) - :doc:`Session Library <libraries/sessions>` triggered errors while writing data for a newly-created sessions with the 'memcached' driver. +- Fixed a regression (#4736) - :doc:`Image Manipulation Library <libraries/image_lib>` processing via ImageMagick didn't work. +- Fixed a bug (#4737) - :doc:`Query Builder <database/query_builder>` didn't add an ``OFFSET`` when ``LIMIT`` is zero or unused. +- Fixed a regression (#4739) - :doc:`Email Library <libraries/email>` doesn't properly separate attachment bodies from headers. +- Fixed a bug (#4754) - :doc:`Unit Testing Library <libraries/unit_testing>` method ``result()`` didn't translate ``res_datatype``. +- Fixed a bug (#4759) - :doc:`Form Validation <libraries/form_validation>`, :doc:`Trackback <libraries/trackback>` and :doc:`XML-RPC <libraries/xmlrpc>` libraries treated URI schemes in a case-sensitive manner. +- Fixed a bug (#4762) - :doc:`Cache Library <libraries/caching>` 'file' driver method ``get_metadata()`` checked TTL time against ``mtime`` instead of the cache item's creation time. +- Fixed a bug where :doc:`File Uploading Library <libraries/file_uploading>` generated error messages on PHP 7.1. +- Fixed a bug (#4780) - :doc:`compatibility function <general/compatibility_functions>` ``hex2bin()`` didn't reject inputs of type "resource". +- Fixed a bug (#4787) - :doc:`Form Validation Library <libraries/form_validation>` method ``valid_email()`` triggered ``E_WARNING`` when input emails have empty domain names. +- Fixed a bug (#4805) - :doc:`Database <database/index>` driver 'mysqli' didn't use the ``MYSQLI_CLIENT_SSL_DONT_VERIFY_SERVER_CERT`` flag properly. +- Fixed a bug (#4808) - :doc:`Database <database/index>` method ``is_write_type()`` only looked at the first line of a queries using ``RETURNING`` with the 'postgre', 'pdo/pgsql', 'odbc' and 'pdo/odbc' drivers. +- Fixed a bug where :doc:`Query Builder <database/query_builder>` method ``insert_batch()`` tried to execute an unsupported SQL query with the 'ibase' and 'pdo/firebird' drivers. +- Fixed a bug (#4809) - :doc:`Database <database/index>` driver 'pdo/mysql' didn't turn off ``AUTOCOMMIT`` when starting a transaction. +- Fixed a bug (#4822) - :doc:`CAPTCHA Helper <helpers/captcha_helper>` didn't clear expired PNG images. +- Fixed a bug (#4823) - :doc:`Session Library <libraries/sessions>` 'files' driver could enter an infinite loop if ``mbstring.func_override`` is enabled. +- Fixed a bug (#4851) - :doc:`Database Forge <database/forge>` didn't quote schema names passed to its ``create_database()`` method. +- Fixed a bug (#4863) - :doc:`HTML Table Library <libraries/table>` method ``set_caption()`` was missing method chaining support. +- Fixed a bug (#4843) - :doc:`XML-RPC Library <libraries/xmlrpc>` client class didn't set a read/write socket timeout. +- Fixed a bug (#4865) - uncaught exceptions didn't set the HTTP Response status code to 500 unless ``display_errors`` was turned On. +- Fixed a bug (#4830) - :doc:`Session Library <libraries/sessions>` didn't take into account the new session INI settings in PHP 7.1. + +Version 3.1.0 +============= + +Release Date: July 26, 2016 + +- **Security** + + - Fixed an SQL injection in the 'odbc' database driver. + - Updated :php:func:`set_realpath()` :doc:`Path Helper <helpers/path_helper>` function to filter-out ``php://`` wrapper inputs. + - Officially dropped any kind of support for PHP 5.2.x and anything under 5.3.7. + +- General Changes + + - Updated :doc:`Image Manipulation Library <libraries/image_lib>` to validate *width* and *height* configuration values. + - Updated :doc:`Encryption Library <libraries/encryption>` to always prefer ``random_bytes()`` when it is available. + - Updated :doc:`Session Library <libraries/sessions>` to log 'debug' messages when using fallbacks to *session.save_path* (php.ini) or 'sess_use_database', 'sess_table_name' settings. + - Added a 'LONGTEXT' to 'STRING' alias to :doc:`Database Forge <database/forge>` for the 'cubrid', 'pdo/cubrid' drivers. + - Added 'TINYINT', 'MEDIUMINT', 'INT' and 'BIGINT' aliases to 'NUMBER' to :doc:`Database Forge <database/forge>` for the 'oci8', 'pdo/oci' drivers. + + - :php:func:`password_hash()` :doc:`compatibility function <general/compatibility_functions>` changes: + + - Changed salt-generation logic to prefer ``random_bytes()`` when it is available. + - Changed salt-generation logic to prefer direct access to */dev/urandom* over ``openssl_random_pseudo_bytes()``. + - Changed salt-generation logic to error if ``openssl_random_pseudo_bytes()`` sets its ``$crypto_strong`` flag to FALSE. + +Bug fixes for 3.1.0 +------------------- + +- Fixed a bug where :doc:`Image Manipulation Library <libraries/image_lib>` didn't escape image source paths passed to ImageMagick as shell arguments. +- Fixed a bug (#861) - :doc:`Database Forge <database/forge>` method ``create_table()`` incorrectly accepts field width constraints for MSSQL/SQLSRV integer-type columns. +- Fixed a bug (#4562) - :doc:`Cache Library <libraries/caching>` didn't check if ``Memcached::quit()`` is available before calling it. +- Fixed a bug (#4563) - :doc:`Input Library <libraries/input>` method ``request_headers()`` ignores ``$xss_clean`` parameter value after first call. +- Fixed a bug (#4605) - :doc:`Config Library <libraries/config>` method ``site_url()`` stripped trailing slashes from relative URIs passed to it. +- Fixed a bug (#4613) - :doc:`Email Library <libraries/config>` failed to send multiple emails via SMTP due to "already authenticated" errors when keep-alive is enabled. +- Fixed a bug (#4633) - :doc:`Form Validation Library <libraries/form_validation>` ignored multiple "callback" rules for empty, non-required fields. +- Fixed a bug (#4637) - :doc:`Database <database/index>` method ``error()`` returned ``FALSE`` with the 'oci8' driver if there was no error. +- Fixed a bug (#4647) - :doc:`Query Builder <database/query_builder>` method ``count_all_results()`` doesn't take into account ``GROUP BY`` clauses while deciding whether to do a subquery or not. +- Fixed a bug where :doc:`Session Library <libraries/sessions>` 'redis' driver didn't properly detect if a connection is properly closed on PHP 5.x. +- Fixed a bug (#4583) - :doc:`Email Library <libraries/email>` didn't properly handle inline attachments in HTML emails. +- Fixed a bug where :doc:`Database <database/index>` method ``db_select()`` didn't clear metadata cached for the previously used database. +- Fixed a bug (#4675) - :doc:`File Helper <helpers/file_helper>` function :php:func:`delete_files()` treated symbolic links as regular directories. +- Fixed a bug (#4674) - :doc:`Database <database/index>` driver 'dblib' triggered E_WARNING messages while connecting. +- Fixed a bug (#4678) - :doc:`Database Forge <database/forge>` tried to use unsupported ``IF NOT EXISTS`` clause when creating tables on Oracle. +- Fixed a bug (#4691) - :doc:`File Uploading Library <libraries/file_uploading>` method ``data()`` returns wrong 'raw_name' when the filename extension is also contained in the raw filename. +- Fixed a bug (#4679) - :doc:`Input Library <libraries/input>` method ``ip_address()`` errors with a matching ``$config['proxy_ips']`` IPv6 address. +- Fixed a bug (#4695) - :doc:`User Agent Library <libraries/user_agent>` didn't load the *config/user_agents.php* file when there's no ``User-Agent`` HTTP request header. +- Fixed a bug (#4713) - :doc:`Query Builder <database/query_builder>` methods ``insert_batch()``, ``update_batch()`` could return wrong affected rows count. +- Fixed a bug (#4712) - :doc:`Email Library <libraries/email>` doesn't sent ``RSET`` to SMTP servers after a failure and while using keep-alive. +- Fixed a bug (#4724) - :doc:`Common function <general/common_functions>` :php:func:`is_https()` compared the ``X-Forwarded-Proto`` HTTP header case-sensitively. +- Fixed a bug (#4725) - :doc:`Common function <general/common_functions>` :php:func:`remove_invisible_characters()` searched case-sensitively for URL-encoded characters. + +Version 3.0.6 +============= + +Release Date: March 21, 2016 + +- General Changes + + - Added a destructor to :doc:`Cache Library <libraries/caching>` 'memcached' driver to ensure that Memcache(d) connections are properly closed. + - Deprecated :doc:`Form Validation Library <libraries/form_validation>` method ``prep_for_form()``. + +Bug fixes for 3.0.6 +------------------- + +- Fixed a bug (#4516) - :doc:`Form Validation Library <libraries/form_validation>` always accepted empty array inputs. +- Fixed a bug where :doc:`Session Library <libraries/sessions>` allowed accessing ``$_SESSION`` values as class properties but ``isset()`` didn't work on them. +- Fixed a bug where :doc:`Form Validation Library <libraries/form_validation>` modified the ``$_POST`` array when the data being validated was actually provided via ``set_data()``. +- Fixed a bug (#4539) - :doc:`Migration Library <libraries/migration>` applied migrations before validating that all migrations within the requested version range are valid. +- Fixed a bug (#4539) - :doc:`Migration Library <libraries/migration>` triggered failures for migrations that are out of the requested version range. + +Version 3.0.5 +============= + +Release Date: March 11, 2016 + +- Core + + - Changed :doc:`Loader Library <libraries/loader>` to allow ``$autoload['drivers']`` assigning with custom property names. + - Changed :doc:`Loader Library <libraries/loader>` to ignore variables prefixed with '_ci_' when loading views. + +- General Changes + + - Updated the :doc:`Session Library <libraries/sessions>` to produce friendlier error messages on failures with drivers other than 'files'. + +- :doc:`Query Builder <database/query_builder>` + + - Added a ``$batch_size`` parameter to the ``insert_batch()`` method (defaults to 100). + - Added a ``$batch_size`` parameter to the ``update_batch()`` method (defaults to 100). + +Bug fixes for 3.0.5 +------------------- + +- Fixed a bug (#4391) - :doc:`Email Library <libraries/email>` method ``reply_to()`` didn't apply Q-encoding. +- Fixed a bug (#4384) - :doc:`Pagination Library <libraries/pagination>` ignored (possible) *cur_page* configuration value. +- Fixed a bug (#4395) - :doc:`Query Builder <database/query_builder>` method ``count_all_results()`` still fails if an ``ORDER BY`` condition is used. +- Fixed a bug (#4399) - :doc:`Query Builder <database/query_builder>` methods ``insert_batch()``, ``update_batch()`` produced confusing error messages when called with no data and *db_debug* is enabled. +- Fixed a bug (#4401) - :doc:`Query Builder <database/query_builder>` breaks ``WHERE`` and ``HAVING`` conditions that use ``IN()`` with strings containing a closing parenthesis. +- Fixed a regression in :doc:`Form Helper <helpers/form_helper>` functions :php:func:`set_checkbox()`, :php:func:`set_radio()` where "checked" inputs aren't recognized after a form submit. +- Fixed a bug (#4407) - :doc:`Text Helper <helpers/text_helper>` function :php:func:`word_censor()` doesn't work under PHP 7 if there's no custom replacement provided. +- Fixed a bug (#4415) - :doc:`Form Validation Library <libraries/form_validation>` rule **valid_url** didn't accept URLs with IPv6 addresses enclosed in square brackets under PHP 5 (upstream bug). +- Fixed a bug (#4427) - :doc:`CAPTCHA Helper <helpers/captcha_helper>` triggers an error if the provided character pool is too small. +- Fixed a bug (#4430) - :doc:`File Uploading Library <libraries/file_uploading>` option **file_ext_tolower** didn't work. +- Fixed a bug (#4431) - :doc:`Query Builder <database/query_builder>` method ``join()`` discarded opening parentheses. +- Fixed a bug (#4424) - :doc:`Session Library <libraries/sessions>` triggered a PHP warning when writing a newly created session with the 'redis' driver. +- Fixed a bug (#4437) - :doc:`Inflector Helper <helpers/inflector_helper>` function :php:func:`humanize()` didn't escape its ``$separator`` parameter while using it in a regular expression. +- Fixed a bug where :doc:`Session Library <libraries/sessions>` didn't properly handle its locks' statuses with the 'memcached' driver. +- Fixed a bug where :doc:`Session Library <libraries/sessions>` triggered a PHP warning when writing a newly created session with the 'memcached' driver. +- Fixed a bug (#4449) - :doc:`Query Builder <database/query_builder>` method ``join()`` breaks conditions containing ``IS NULL``, ``IS NOT NULL``. +- Fixed a bug (#4491) - :doc:`Session Library <libraries/sessions>` didn't clean-up internal variables for emulated locks with the 'redis' driver. +- Fixed a bug where :doc:`Session Library <libraries/sessions>` didn't clean-up internal variables for emulated locks with the 'memcached' driver. +- Fixed a bug where :doc:`Database <database/index>` transactions didn't work with the 'ibase' driver. +- Fixed a bug (#4475) - :doc:`Security Library <libraries/security>` method ``strip_image_tags()`` preserves only the first URL character from non-quoted *src* attributes. +- Fixed a bug where :doc:`Profiler Library <general/profiling>` didn't apply ``htmlspecialchars()`` to all displayed inputs. +- Fixed a bug (#4277) - :doc:`Cache Library <libraries/caching>` triggered fatal errors if accessing the Memcache(d) and/or Redis driver and they are not available on the system. +- Fixed a bug where :doc:`Cache Library <libraries/caching>` method ``is_supported()`` logged an error message when it returns ``FALSE`` for the APC and Wincache drivers. + +Version 3.0.4 +============= + +Release Date: January 13, 2016 + +- General Changes + + - Updated :doc:`Security Library <libraries/security>` method ``get_random_bytes()`` to use PHP 7's ``random_bytes()`` function when possible. + - Updated :doc:`Encryption Library <libraries/security>` method ``create_key()`` to use PHP 7's ``random_bytes()`` function when possible. + +- :doc:`Database <database/index>` + + - Added support for ``OFFSET-FETCH`` with Oracle 12c for the 'oci8' and 'pdo/oci' drivers. + - Added support for the new ``MYSQLI_CLIENT_SSL_DONT_VERIFY_SERVER_CERT`` constant from `PHP 5.6.16 <https://secure.php.net/ChangeLog-5.php#5.6.16>`_ for the 'mysqli' driver. + +Bug fixes for 3.0.4 +------------------- + +- Fixed a bug (#4212) - :doc:`Query Builder <database/query_builder>` method ``count_all_results()`` could fail if an ``ORDER BY`` condition is used. +- Fixed a bug where :doc:`Form Helper <helpers/form_helper>` functions :php:func:`set_checkbox()`, :php:func:`set_radio()` didn't "uncheck" inputs on a submitted form if the default state is "checked". +- Fixed a bug (#4217) - :doc:`Config Library <libraries/config>` method ``base_url()`` didn't use proper formatting for IPv6 when it falls back to ``$_SERVER['SERVER_ADDR']``. +- Fixed a bug where :doc:`CAPTCHA Helper <helpers/captcha_helper>` entered an infinite loop while generating a random string. +- Fixed a bug (#4223) - :doc:`Database <database/index>` method ``simple_query()`` blindly executes queries without checking if the connection was initialized properly. +- Fixed a bug (#4244) - :doc:`Email Library <libraries/email>` could improperly use "unsafe" US-ASCII characters during Quoted-printable encoding. +- Fixed a bug (#4245) - :doc:`Database Forge <database/forge>` couldn't properly handle ``SET`` and ``ENUM`` type fields with string values. +- Fixed a bug (#4283) - :doc:`String Helper <helpers/string_helper>` function :php:func:`alternator()` couldn't be called without arguments. +- Fixed a bug (#4306) - :doc:`Database <database/index>` method ``version()`` didn't work properly with the 'mssql' driver. +- Fixed a bug (#4039) - :doc:`Session Library <libraries/sessions>` could generate multiple (redundant) warnings in case of a read failure with the 'files' driver, due to a bug in PHP. +- Fixed a bug where :doc:`Session Library <libraries/sessions>` didn't have proper error handling on PHP 5 (due to a PHP bug). +- Fixed a bug (#4312) - :doc:`Form Validation Library <libraries/form_validation>` didn't provide error feedback for failed validation on empty requests. +- Fixed a bug where :doc:`Database <database/index>` method `version()` returned banner text instead of only the version number with the 'oci8' and 'pdo/oci' drivers. +- Fixed a bug (#4331) - :doc:`Database <database/index>` method ``error()`` didn't really work for connection errors with the 'mysqli' driver. +- Fixed a bug (#4343) - :doc:`Email Library <libraries/email>` failing with a *"More than one 'from' person"* message when using *sendmail*. +- Fixed a bug (#4350) - :doc:`Loader Library <libraries/loader>` method ``model()`` logic directly instantiated the ``CI_Model`` or ``MY_Model`` classes. +- Fixed a bug (#4337) - :doc:`Database <database/index>` method ``query()`` didn't return a result set for queries with the ``RETURNING`` statement on PostgreSQL. +- Fixed a bug (#4362) - :doc:`Session Library <libraries/sessions>` doesn't properly maintain its state after ID regeneration with the 'redis' and 'memcached' drivers on PHP 7. +- Fixed a bug (#4349) - :doc:`Database <database/index>` drivers 'mysql', 'mysqli', 'pdo/mysql' discard other ``sql_mode`` flags when "stricton" is enabled. +- Fixed a bug (#4349) - :doc:`Database <database/index>` drivers 'mysql', 'mysqli', 'pdo/mysql' don't turn off ``STRICT_TRANS_TABLES`` on MySQL 5.7+ when "stricton" is disabled. +- Fixed a bug (#4374) - :doc:`Session Library <libraries/sessions>` with the 'database' driver could be affected by userspace :doc:`Query Builder <database/query_builder>` conditions. + +Version 3.0.3 +============= + +Release Date: October 31, 2015 + +- **Security** + + - Fixed an XSS attack vector in :doc:`Security Library <libraries/security>` method ``xss_clean()``. + - Changed :doc:`Config Library <libraries/config>` method ``base_url()`` to fallback to ``$_SERVER['SERVER_ADDR']`` when ``$config['base_url']`` is empty in order to avoid *Host* header injections. + - Changed :doc:`CAPTCHA Helper <helpers/captcha_helper>` to use the operating system's PRNG when possible. + +- :doc:`Database <database/index>` + + - Optimized :doc:`Database Utility <database/utilities>` method ``csv_from_result()`` for speed with larger result sets. + - Added proper return values to :doc:`Database Transactions <database/transactions>` method ``trans_start()``. + +Bug fixes for 3.0.3 +------------------- + +- Fixed a bug (#4170) - :doc:`Database <database/index>` method ``insert_id()`` could return an identity from the wrong scope with the 'sqlsrv' driver. +- Fixed a bug (#4179) - :doc:`Session Library <libraries/sessions>` doesn't properly maintain its state after ID regeneration with the 'database' driver on PHP 7. +- Fixed a bug (#4173) - :doc:`Database Forge <database/forge>` method ``add_key()`` didn't allow creation of non-PRIMARY composite keys after the "bugfix" for #3968. +- Fixed a bug (#4171) - :doc:`Database Transactions <database/transactions>` didn't work with nesting in methods ``trans_begin()``, ``trans_commit()``, ``trans_rollback()``. +- Fixed a bug where :doc:`Database Transaction <database/transactions>` methods ``trans_begin()``, ``trans_commit()``, ``trans_rollback()`` ignored failures. +- Fixed a bug where all :doc:`Database Transaction <database/transactions>` methods returned TRUE while transactions are actually disabled. +- Fixed a bug where :doc:`common function <general/common_functions>` :php:func:`html_escape()` modified keys of its array inputs. +- Fixed a bug (#4192) - :doc:`Email Library <libraries/email>` wouldn't always have proper Quoted-printable encoding due to a bug in PHP's own ``mb_mime_encodeheader()`` function. + +Version 3.0.2 +============= + +Release Date: October 8, 2015 + +- **Security** + + - Fixed a number of XSS attack vectors in :doc:`Security Library <libraries/security>` method ``xss_clean()`` (thanks to Frans Rosén from `Detectify <https://detectify.com/>`_). + +- General Changes + + - Updated the *application/config/constants.php* file to check if constants aren't already defined before doing that. + - Changed :doc:`Loader Library <libraries/loader>` method ``model()`` to only apply ``ucfirst()`` and not ``strtolower()`` to the requested class name. + - Changed :doc:`Config Library <libraries/config>` methods ``base_url()``, ``site_url()`` to allow protocol-relative URLs by passing an empty string as the protocol. + +Bug fixes for 3.0.2 +------------------- + +- Fixed a bug (#2284) - :doc:`Database <database/index>` method ``protect_identifiers()`` breaks when :doc:`Query Builder <database/query_builder>` isn't enabled. +- Fixed a bug (#4052) - :doc:`Routing <general/routing>` with anonymous functions didn't work for routes that don't use regular expressions. +- Fixed a bug (#4056) - :doc:`Input Library <libraries/input>` method ``get_request_header()`` could not return a value unless ``request_headers()`` was called beforehand. +- Fixed a bug where the :doc:`Database Class <database/index>` entered an endless loop if it fails to connect with the 'sqlsrv' driver. +- Fixed a bug (#4065) - :doc:`Database <database/index>` method ``protect_identifiers()`` treats a traling space as an alias separator if the input doesn't contain ' AS '. +- Fixed a bug (#4066) - :doc:`Cache Library <libraries/caching>` couldn't fallback to a backup driver if the primary one is Memcache(d) or Redis. +- Fixed a bug (#4073) - :doc:`Email Library <libraries/email>` method ``send()`` could return TRUE in case of an actual failure when an SMTP command fails. +- Fixed a bug (#4086) - :doc:`Query Builder <database/query_builder>` didn't apply *dbprefix* to LIKE conditions if the pattern included spaces. +- Fixed a bug (#4091) - :doc:`Cache Library <libraries/caching>` 'file' driver could be tricked into accepting empty cache item IDs. +- Fixed a bug (#4093) - :doc:`Query Builder <database/query_builder>` modified string values containing 'AND', 'OR' while compiling WHERE conditions. +- Fixed a bug (#4096) - :doc:`Query Builder <database/query_builder>` didn't apply *dbprefix* when compiling BETWEEN conditions. +- Fixed a bug (#4105) - :doc:`Form Validation Library <libraries/form_validation>` didn't allow pipe characters inside "bracket parameters" when using a string ruleset. +- Fixed a bug (#4109) - :doc:`Routing <general/routing>` to *default_controller* didn't work when *enable_query_strings* is set to TRUE. +- Fixed a bug (#4044) - :doc:`Cache Library <libraries/caching>` 'redis' driver didn't catch ``RedisException`` that could be thrown during authentication. +- Fixed a bug (#4120) - :doc:`Database <database/index>` method ``error()`` didn't return error info when called after ``query()`` with the 'mssql' driver. +- Fixed a bug (#4116) - :doc:`Pagination Library <libraries/pagination>` set the wrong page number on the "data-ci-pagination-page" attribute in generated links. +- Fixed a bug where :doc:`Pagination Library <libraries/pagination>` added the 'rel="start"' attribute to the first displayed link even if it's not actually linking the first page. +- Fixed a bug (#4137) - :doc:`Error Handling <general/errors>` breaks for the new ``Error`` exceptions under PHP 7. +- Fixed a bug (#4126) - :doc:`Form Validation Library <libraries/form_validation>` method ``reset_validation()`` discarded validation rules from config files. + +Version 3.0.1 +============= + +Release Date: August 7, 2015 + - Core - Added DoS mitigation to :php:func:`hash_pbkdf2()` :doc:`compatibility function <general/compatibility_functions>`. @@ -77,6 +517,8 @@ Bug fixes for 3.0.1 - Fixed a bug (#4012) - :doc:`Query Builder <database/query_builder>` methods ``where_in()``, ``or_where_in()``, ``where_not_in()``, ``or_where_not_in()`` didn't take into account previously cached WHERE conditions when query cache is in use. - Fixed a bug (#4015) - :doc:`Email Library <libraries/email>` method ``set_header()`` didn't support method chaining, although it was advertised. - Fixed a bug (#4027) - :doc:`Routing <general/routing>` with HTTP verbs only worked if the route request method was declared in all-lowercase letters. +- Fixed a bug (#4026) - :doc:`Database Transactions <database/transactions>` always rollback if any previous ``query()`` call fails. +- Fixed a bug (#4023) - :doc:`String Helper <helpers/string_helper>` function ``increment_string()`` didn't escape its ``$separator`` parameter. Version 3.0.0 ============= @@ -180,15 +622,15 @@ Release Date: March 30, 2015 - :doc:`Form Helper <helpers/form_helper>` changes include: - :php:func:`form_dropdown()` will now also take an array for unity with other form helpers. - - :php:func:`form_prep()` is now DEPRECATED and only acts as an alias for :doc:`common function <general/common_functions>` :php:func:`html_escape()`. + - ``form_prep()`` is now DEPRECATED and only acts as an alias for :doc:`common function <general/common_functions>` :php:func:`html_escape()`. - :php:func:`set_value()` will now also accept a third argument, allowing to turn off HTML escaping of the value. - :doc:`Security Helper <helpers/security_helper>` changes include: - - :php:func:`do_hash()` now uses PHP's native ``hash()`` function (supporting more algorithms) and is deprecated. + - ``do_hash()`` now uses PHP's native ``hash()`` function (supporting more algorithms) and is deprecated. - :php:func:`strip_image_tags()` is now an alias for the same method in the :doc:`Security Library <libraries/security>`. - - :doc:`Smiley Helper <helpers/smiley_helper>` changes include: + - *Smiley Helper* changes include: - Deprecated the whole helper as too specific for CodeIgniter. - Removed previously deprecated function ``js_insert_smiley()``. @@ -224,7 +666,7 @@ Release Date: March 30, 2015 - :doc:`Directory Helper <helpers/directory_helper>` :php:func:`directory_map()` will now append ``DIRECTORY_SEPARATOR`` to directory names in the returned array. - :doc:`Array Helper <helpers/array_helper>` :php:func:`element()` and :php:func:`elements()` now return NULL instead of FALSE when the required elements don't exist. - :doc:`Language Helper <helpers/language_helper>` :php:func:`lang()` now accepts an optional list of additional HTML attributes. - - Deprecated the :doc:`Email Helper <helpers/email_helper>` as its ``valid_email()``, ``send_email()`` functions are now only aliases for PHP native functions ``filter_var()`` and ``mail()`` respectively. + - Deprecated the *Email Helper* as its ``valid_email()``, ``send_email()`` functions are now only aliases for PHP native functions ``filter_var()`` and ``mail()`` respectively. - Database @@ -399,7 +841,7 @@ Release Date: March 30, 2015 - Added support for templating via an array in addition to the encoded string. - Changed method ``get_total_days()`` to be an alias for :doc:`Date Helper <helpers/date_helper>` :php:func:`days_in_month()`. - - :doc:`Cart Library <libraries/cart>` changes include: + - *Cart Library* changes include: - Deprecated the library as too specific for CodeIgniter. - Added method ``remove()`` to remove a cart item, updating with quantity of 0 seemed like a hack but has remained to retain compatibility. @@ -668,7 +1110,7 @@ Bug fixes for 3.0 - Fixed a bug where :doc:`Database Forge <database/forge>` method ``create_table()`` with PostgreSQL database could lead to fetching the whole table. - Fixed a bug (#795) - :doc:`Form Helper <helpers/form_helper>` :php:func:`form_open()` didn't add the default form *method* and *accept-charset* when an empty array is passed to it. - Fixed a bug (#797) - :doc:`Date Helper <helpers/date_helper>` :php:func:`timespan()` was using incorrect seconds for year and month. -- Fixed a bug in :doc:`Cart Library <libraries/cart>` method ``contents()`` where if called without a TRUE (or equal) parameter, it would fail due to a typo. +- Fixed a bug in *Cart Library* method ``contents()`` where if called without a TRUE (or equal) parameter, it would fail due to a typo. - Fixed a bug (#406) - SQLSRV DB driver not returning resource on ``db_pconnect()``. - Fixed a bug in :doc:`Image Manipulation Library <libraries/image_lib>` method ``gd_loaded()`` where it was possible for the script execution to end or a PHP E_WARNING message to be emitted. - Fixed a bug in the :doc:`Pagination library <libraries/pagination>` where when use_page_numbers=TRUE previous link and page 1 link did not have the same url. @@ -750,7 +1192,7 @@ Bug fixes for 3.0 - Fixed a bug (#79) - :doc:`Form Validation Library <libraries/form_validation>` didn't properly validate array fields that use associative keys or have custom indexes. - Fixed a bug (#427) - :doc:`Form Validation Library <libraries/form_validation>` method ``strip_image_tags()`` was an alias to a non-existent method. - Fixed a bug (#1545) - :doc:`Query Builder <database/query_builder>` method ``limit()`` wasn't executed properly under Oracle. -- Fixed a bug (#1551) - :doc:`Date Helper <helpers/date_helper>` function :php:func:`standard_date()` didn't properly format *W3C* and *ATOM* standard dates. +- Fixed a bug (#1551) - :doc:`Date Helper <helpers/date_helper>` function ``standard_date()`` didn't properly format *W3C* and *ATOM* standard dates. - Fixed a bug where :doc:`Query Builder <database/query_builder>` method ``join()`` escaped literal values as if they were fields. - Fixed a bug (#135) - PHP Error logging was impossible without the errors being displayed. - Fixed a bug (#1613) - :doc:`Form Helper <helpers/form_helper>` functions :php:func:`form_multiselect()`, :php:func:`form_dropdown()` didn't properly handle empty array option groups. @@ -805,7 +1247,7 @@ Bug fixes for 3.0 - Fixed a bug (#2298) - :doc:`Database Results <database/results>` method ``next_row()`` kept returning the last row, allowing for infinite loops. - Fixed a bug (#2236, #2639) - :doc:`Form Helper <helpers/form_helper>` functions :php:func:`set_value()`, :php:func:`set_select()`, :php:func:`set_radio()`, :php:func:`set_checkbox()` didn't parse array notation for keys if the rule was not present in the :doc:`Form Validation Library <libraries/form_validation>`. - Fixed a bug (#2353) - :doc:`Query Builder <database/query_builder>` erroneously prefixed literal strings with **dbprefix**. -- Fixed a bug (#78) - :doc:`Cart Library <libraries/cart>` didn't allow non-English letters in product names. +- Fixed a bug (#78) - *Cart Library* didn't allow non-English letters in product names. - Fixed a bug (#77) - :doc:`Database Class <database/index>` didn't properly handle the transaction "test mode" flag. - Fixed a bug (#2380) - :doc:`URI Routing <general/routing>` method ``fetch_method()`` returned 'index' if the requested method name matches its controller name. - Fixed a bug (#2388) - :doc:`Email Library <libraries/email>` used to ignore attachment errors, resulting in broken emails being sent. @@ -1040,9 +1482,8 @@ Release Date: November 14, 2011 - Libraries - - Changed ``$this->cart->insert()`` in the :doc:`Cart - Library <libraries/cart>` to return the Row ID if a single - item was inserted successfully. + - Changed ``$this->cart->insert()`` in the *Cart Library* + to return the Row ID if a single item was inserted successfully. - Added support to set an optional parameter in your callback rules of validation using the :doc:`Form Validation Library <libraries/form_validation>`. @@ -1150,9 +1591,8 @@ Release Date: August 20, 2011 string. See upgrade notes if using database sessions. - Added $this->db->set_dbprefix() to the :doc:`Database Driver <database/queries>`. - - Changed $this->cart->insert() in the :doc:`Cart - Library <libraries/cart>` to return the Row ID if a single - item was inserted successfully. + - Changed ``$this->cart->insert()`` in the *Cart Library* + to return the Row ID if a single item was inserted successfully. - Added $this->load->get_var() to the :doc:`Loader library <libraries/loader>` to retrieve global vars set with $this->load->view() and $this->load->vars(). @@ -1177,8 +1617,8 @@ Bug fixes for 2.0.3 properly escaped. - Fixed issue #199 - Attributes passed as string does not include a space between it and the opening tag. -- Fixed a bug where the method $this->cart->total_items() from :doc:`Cart - Library <libraries/cart>` now returns the sum of the quantity +- Fixed a bug where the method ``$this->cart->total_items()`` from + *Cart Library* now returns the sum of the quantity of all items in the cart instead of your total count. - Fixed a bug where not setting 'null' when adding fields in db_forge for mysql and mysqli drivers would default to NULL instead of NOT @@ -1214,8 +1654,8 @@ Hg Tag: v2.0.2 - Helpers - - Removed the previously deprecated dohash() from the :doc:`Security - helper <./helpers/security_helper>`; use do_hash() instead. + - Removed the previously deprecated ``dohash()`` from the :doc:`Security + helper <./helpers/security_helper>`; use ``do_hash()`` instead. - Changed the 'plural' function so that it doesn't ruin the captalization of your string. It also take into consideration acronyms which are all caps. @@ -1457,7 +1897,7 @@ Hg Tag: v2.0.0 helper <./helpers/text_helper>`. - Added accept-charset to the list of inserted attributes of form_open() in the :doc:`Form Helper <helpers/form_helper>`. - - Deprecated the dohash() function in favour of do_hash() for + - Deprecated the ``dohash()`` function in favour of ``do_hash()`` for naming consistency. - Non-backwards compatible change made to get_dir_file_info() in the :doc:`File Helper <helpers/file_helper>`. No longer recurses @@ -1477,7 +1917,7 @@ Hg Tag: v2.0.0 string already has a scheme. - Modified get_file_info in the file helper, changing filectime() to filemtime() for dates. - - Modified smiley_js() to add optional third parameter to return + - Modified ``smiley_js()`` to add optional third parameter to return only the javascript with no script tags. - The img() function of the :doc:`HTML helper <./helpers/html_helper>` will now generate an empty @@ -1597,7 +2037,7 @@ Hg Tag: v1.7.2 - Libraries - - Added a new :doc:`Cart Class <libraries/cart>`. + - Added a new *Cart Class*. - Added the ability to pass $config['file_name'] for the :doc:`File Uploading Class <libraries/file_uploading>` and rename the uploaded file. @@ -1624,7 +2064,7 @@ Hg Tag: v1.7.2 - Modified form_hidden() in the :doc:`Form helper <helpers/form_helper>` to accept multi-dimensional arrays. - - Modified form_prep() in the :doc:`Form + - Modified ``form_prep()`` in the :doc:`Form helper <helpers/form_helper>` to keep track of prepped fields to avoid multiple prep/mutation from subsequent calls which can occur when using Form Validation and form helper functions to @@ -1632,7 +2072,7 @@ Hg Tag: v1.7.2 - Modified directory_map() in the :doc:`Directory helper <helpers/directory_helper>` to allow the inclusion of hidden files, and to return FALSE on failure to read directory. - - Modified the :doc:`Smiley helper <helpers/smiley_helper>` to work + - Modified the *Smiley helper* to work with multiple fields and insert the smiley at the last known cursor position. @@ -1683,7 +2123,7 @@ Bug fixes for 1.7.2 - Fixed a case sensitive string replacement in xss_clean() - Fixed a bug in form_textarea() where form data was not prepped correctly. -- Fixed a bug in form_prep() causing it to not preserve entities in +- Fixed a bug in ``form_prep()`` causing it to not preserve entities in the user's original input when called back into a form element - Fixed a bug in _protect_identifiers() where the swap prefix ($swap_pre) was not being observed. @@ -2376,7 +2816,7 @@ Release Date: January 30, 2008 class. <./libraries/sessions>` - Removed 'last_visit' from the Session class. - Added a language entry for valid_ip validation error. - - Modified prep_for_form() in the Validation class to accept + - Modified ``prep_for_form()`` in the Validation class to accept arrays, adding support for POST array validation (via callbacks only) - Added an "integer" rule into the Validation library. @@ -2400,8 +2840,7 @@ Release Date: January 30, 2008 helper. <./helpers/html_helper>` - Added img() to the :doc:`HTML helper. <./helpers/html_helper>` - Added ability to :doc:`"extend" Helpers <./general/helpers>`. - - Added an :doc:`email helper <./helpers/email_helper>` into core - helpers. + - Added an *Email Helper* into core helpers. - Added strip_quotes() function to :doc:`string helper <./helpers/string_helper>`. - Added reduce_multiples() function to :doc:`string @@ -2602,7 +3041,7 @@ Release Date: July 12, 2007 - Fixed various doc typos. - Documented two functions from the :doc:`String helper <./helpers/string_helper>` that were missing from the - user guide: trim_slashes() and reduce_double_slashes(). + user guide: ``trim_slashes()`` and ``reduce_double_slashes()``. - Docs now validate to XHTML 1 transitional - Updated the XSS Filtering to take into account the IE expression() ability and improved certain deletions to prevent possible exploits @@ -2633,7 +3072,7 @@ Release Date: April 15, 2007 - Added array to string into the profiler - Code Igniter references updated to CodeIgniter - pMachine references updated to EllisLab -- Fixed a bug in the repeater function of :doc:`string +- Fixed a bug in the ``repeater()`` function of :doc:`string helper <./helpers/string_helper>`. - Fixed a bug in ODBC driver - Fixed a bug in result_array() that was returning an empty array when @@ -2732,8 +3171,7 @@ Release Date: October 30, 2006 - Added :doc:`Download Helper <./helpers/download_helper>`. - Added :doc:`simple_query() <./database/queries>` function to the database classes -- Added :doc:`standard_date() <./helpers/date_helper>` function to - the Date Helper. +- Added ``standard_date()`` function function to the :doc:`Date Helper <helpers/date_helper>`. - Added :doc:`$query->free_result() <./database/results>` to database class. - Added :doc:`$query->list_fields() <./database/metadata>` function to @@ -2741,7 +3179,7 @@ Release Date: October 30, 2006 - Added :doc:`$this->db->platform() <./database/helpers>` function - Added new :doc:`File Helper <./helpers/file_helper>`: get_filenames() -- Added new helper: :doc:`Smiley Helper <./helpers/smiley_helper>` +- Added new helper: *Smiley Helper* - Added support for <ul> and <ol> lists in the :doc:`HTML Helper <./helpers/html_helper>` - Added the ability to rewrite :doc:`short @@ -2774,7 +3212,7 @@ Release Date: October 30, 2006 - Fixed a bug in the validation class. - Fixed a bug in the typography helper that was incorrectly wrapping block level elements in paragraph tags. -- Fixed a problem in the form_prep() function that was double encoding +- Fixed a problem in the ``form_prep()`` function that was double encoding entities. - Fixed a bug that affects some versions of PHP when output buffering is nested. @@ -3136,7 +3574,7 @@ Release Date: March 10, 2006 - Fixed a pagination problem in the scaffolding. - Fixed a bug in the mysql class "where" function. - Fixed a regex problem in some code that trimmed duplicate slashes. -- Fixed a bug in the br() function in the HTML helper +- Fixed a bug in the ``br()`` function in the HTML helper - Fixed a syntax mistake in the form_dropdown function in the Form Helper. - Removed the "style" attributes form the form helpers. diff --git a/user_guide_src/source/conf.py b/user_guide_src/source/conf.py index 1704654b6..e0312d3c1 100644 --- a/user_guide_src/source/conf.py +++ b/user_guide_src/source/conf.py @@ -41,16 +41,16 @@ master_doc = 'index' # General information about the project. project = u'CodeIgniter' -copyright = u'2014 - 2015, British Columbia Institute of Technology' +copyright = u'2014 - 2017, British Columbia Institute of Technology' # The version info for the project you're documenting, acts as replacement for # |version| and |release|, also used in various other places throughout the # built documents. # # The short X.Y version. -version = '3.0.1' +version = '3.2.0-dev' # The full version, including alpha/beta/rc tags. -release = '3.0.0-dev' +release = '3.2.0-dev' # The language for content autogenerated by Sphinx. Refer to documentation # for a list of supported languages. @@ -229,7 +229,7 @@ man_pages = [ epub_title = u'CodeIgniter' epub_author = u'British Columbia Institute of Technology' epub_publisher = u'British Columbia Institute of Technology' -epub_copyright = u'2014 - 2015, British Columbia Institute of Technology' +epub_copyright = u'2014 - 2017, British Columbia Institute of Technology' # The language of the text. It defaults to the language option # or en if the language is not set. diff --git a/user_guide_src/source/contributing/index.rst b/user_guide_src/source/contributing/index.rst index 0112ca065..e102b8848 100644 --- a/user_guide_src/source/contributing/index.rst +++ b/user_guide_src/source/contributing/index.rst @@ -29,12 +29,24 @@ own copy. This will require you to use the version control system called Git. Support ******* -Note that GitHub is not for general support questions! +Please note that GitHub is not for general support questions! If you are +having trouble using a feature of CodeIgniter, ask for help on our +`forums <http://forum.codeigniter.com/>`_ instead. -If you are having trouble using a feature of CodeIgniter, ask for help on the forum. +If you are not sure whether you are using something correctly or if you +have found a bug, again - please ask on the forums first. -If you are wondering if you are using -something correctly or if you have found a bug, ask on the forum first. +******** +Security +******** + +Did you find a security issue in CodeIgniter? + +Please *don't* disclose it publicly, but e-mail us at security@codeigniter.com, +or report it via our page on `HackerOne <https://hackerone.com/codeigniter>`_. + +If you've found a critical vulnerability, we'd be happy to credit you in our +`ChangeLog <../changelog>`. **************************** Tips for a Good Issue Report @@ -74,9 +86,9 @@ PHP Style ========= All code must meet the `Style Guide -<http://www.codeigniter.com/userguide3/general/styleguide.html>`_, which is +<https://codeigniter.com/userguide3/general/styleguide.html>`_, which is essentially the `Allman indent style -<http://en.wikipedia.org/wiki/Indent_style#Allman_style>`_, underscores and +<https://en.wikipedia.org/wiki/Indent_style#Allman_style>`_, underscores and readable operators. This makes certain that all code is the same format as the existing code and means it will be as readable as possible. @@ -91,10 +103,10 @@ must also be updated for every change. Also PHPDoc blocks must be maintained. Compatibility ============= -CodeIgniter recommends PHP 5.4 or newer to be used, but it should be -compatible with PHP 5.2.4 so all code supplied must stick to this -requirement. If PHP 5.3 (and above) functions or features are used then -there must be a fallback for PHP 5.2.4. +CodeIgniter recommends PHP 5.6 or newer to be used, but it should be +compatible with PHP 5.4.8 so all code supplied must stick to this +requirement. If PHP 5.5 (and above) functions or features are used then +there must be a fallback for PHP 5.4.8. Branching ========= @@ -143,5 +155,5 @@ could even alias git commit to use the -s flag so you don’t have to think abou it. By signing your work in this manner, you certify to a "Developer's Certificate -or Origin". The current version of this certificate is in the :doc:`/DCO` file +of Origin". The current version of this certificate is in the :doc:`/DCO` file in the root of this documentation. diff --git a/user_guide_src/source/database/configuration.rst b/user_guide_src/source/database/configuration.rst index 8026be63a..e231a7d6a 100644 --- a/user_guide_src/source/database/configuration.rst +++ b/user_guide_src/source/database/configuration.rst @@ -7,7 +7,7 @@ connection values (username, password, database name, etc.). The config file is located at application/config/database.php. You can also set database connection values for specific :doc:`environments <../libraries/config>` by placing **database.php** -it the respective environment config folder. +in the respective environment config folder. The config settings are stored in a multi-dimensional array with this prototype:: diff --git a/user_guide_src/source/database/db_driver_reference.rst b/user_guide_src/source/database/db_driver_reference.rst index 005e6b3dc..6f2fa5fb1 100644 --- a/user_guide_src/source/database/db_driver_reference.rst +++ b/user_guide_src/source/database/db_driver_reference.rst @@ -17,8 +17,8 @@ This article is intended to be a reference for them. .. php:method:: initialize() - :returns: TRUE on success, FALSE on failure - :rtype: bool + :rtype: void + :throws: RuntimeException In case of failure Initialize database settings, establish a connection to the database. @@ -61,14 +61,6 @@ This article is intended to be a reference for them. Select / switch the current database. - .. php:method:: db_set_charset($charset) - - :param string $charset: Character set name - :returns: TRUE on success, FALSE on failure - :rtype: bool - - Set client character set. - .. php:method:: platform() :returns: Platform name @@ -83,7 +75,7 @@ This article is intended to be a reference for them. Database version number. - .. php:method:: query($sql[, $binds = FALSE[, $return_object = NULL]]]) + .. php:method:: query($sql[, $binds = FALSE[, $return_object = NULL]]) :param string $sql: The SQL statement to execute :param array $binds: An array of binding data @@ -116,6 +108,16 @@ This article is intended to be a reference for them. for use when you don't need to get a result object or to just send a query to the database and not care for the result. + .. php:method:: affected_rows() + + :returns: Number of rows affected + :rtype: int + + Returns the number of rows *changed* by the last executed query. + + Useful for checking how much rows were created, updated or deleted + during the last executed query. + .. php:method:: trans_strict([$mode = TRUE]) :param bool $mode: Strict mode flag @@ -124,8 +126,8 @@ This article is intended to be a reference for them. Enable/disable transaction "strict" mode. When strict mode is enabled, if you are running multiple - groups of transactions and one group fails, all groups - will be rolled back. + groups of transactions and one group fails, all subsequent + groups will be rolled back. If strict mode is disabled, each group is treated autonomously, meaning a failure of one group will not @@ -140,13 +142,15 @@ This article is intended to be a reference for them. .. php:method:: trans_start([$test_mode = FALSE]) :param bool $test_mode: Test mode flag - :rtype: void + :returns: TRUE on success, FALSE on failure + :rtype: bool Start a transaction. .. php:method:: trans_complete() - :rtype: void + :returns: TRUE on success, FALSE on failure + :rtype: bool Complete Transaction. @@ -232,6 +236,13 @@ This article is intended to be a reference for them. and ``_`` wildcard characters, so that they don't cause false-positives in LIKE conditions. + .. important:: The ``escape_like_str()`` method uses '!' (exclamation mark) + to escape special characters for *LIKE* conditions. Because this + method escapes partial strings that you would wrap in quotes + yourself, it cannot automatically add the ``ESCAPE '!'`` + condition for you, and so you'll have to manually do that. + + .. php:method:: primary($table) :param string $table: Table name diff --git a/user_guide_src/source/database/examples.rst b/user_guide_src/source/database/examples.rst index 8b3cc4701..5fd7fccfa 100644 --- a/user_guide_src/source/database/examples.rst +++ b/user_guide_src/source/database/examples.rst @@ -55,23 +55,6 @@ Standard Query With Multiple Results (Array Version) The above result_array() function returns an array of standard array indexes. Example: $row['title'] -Testing for Results -=================== - -If you run queries that might **not** produce a result, you are -encouraged to test for a result first using the num_rows() function:: - - $query = $this->db->query("YOUR QUERY"); - if ($query->num_rows() > 0) - { - foreach ($query->result() as $row) - { - echo $row->title; - echo $row->name; - echo $row->body; - } - } - Standard Query With Single Result ================================= diff --git a/user_guide_src/source/database/forge.rst b/user_guide_src/source/database/forge.rst index 646e3a56e..5af4f2248 100644 --- a/user_guide_src/source/database/forge.rst +++ b/user_guide_src/source/database/forge.rst @@ -97,6 +97,7 @@ Additionally, the following key/values can be used: - auto_increment/true : generates an auto_increment flag on the field. Note that the field type must be a type that supports this, such as integer. +- unique/true : to generate a unique key for the field definition. :: @@ -110,6 +111,7 @@ Additionally, the following key/values can be used: 'blog_title' => array( 'type' => 'VARCHAR', 'constraint' => '100', + 'unique' => TRUE, ), 'blog_author' => array( 'type' =>'VARCHAR', @@ -175,14 +177,14 @@ below is for MySQL. $this->dbforge->add_key('blog_id', TRUE); // gives PRIMARY KEY `blog_id` (`blog_id`) - + $this->dbforge->add_key('blog_id', TRUE); $this->dbforge->add_key('site_id', TRUE); // gives PRIMARY KEY `blog_id_site_id` (`blog_id`, `site_id`) - + $this->dbforge->add_key('blog_name'); // gives KEY `blog_name` (`blog_name`) - + $this->dbforge->add_key(array('blog_name', 'blog_label')); // gives KEY `blog_name_blog_label` (`blog_name`, `blog_label`) @@ -261,7 +263,7 @@ number of additional fields. $fields = array( 'preferences' => array('type' => 'TEXT') ); - $this->dbforge->add_column('table_name', $fields); + $this->dbforge->add_column('table_name', $fields); // Executes: ALTER TABLE table_name ADD preferences TEXT If you are using MySQL or CUBIRD, then you can take advantage of their diff --git a/user_guide_src/source/database/queries.rst b/user_guide_src/source/database/queries.rst index 43a0a30bf..f626f1e83 100644 --- a/user_guide_src/source/database/queries.rst +++ b/user_guide_src/source/database/queries.rst @@ -123,7 +123,13 @@ this: $search = '20% raise'; $sql = "SELECT id FROM table WHERE column LIKE '%" . - $this->db->escape_like_str($search)."%'"; + $this->db->escape_like_str($search)."%' ESCAPE '!'"; + +.. important:: The ``escape_like_str()`` method uses '!' (exclamation mark) + to escape special characters for *LIKE* conditions. Because this + method escapes partial strings that you would wrap in quotes + yourself, it cannot automatically add the ``ESCAPE '!'`` + condition for you, and so you'll have to manually do that. ************** @@ -159,7 +165,7 @@ Handling Errors **$this->db->error();** -If you need to get the last error that has occured, the error() method +If you need to get the last error that has occurred, the error() method will return an array containing its code and message. Here's a quick example:: diff --git a/user_guide_src/source/database/query_builder.rst b/user_guide_src/source/database/query_builder.rst index 9c3ff306f..3135f76da 100644 --- a/user_guide_src/source/database/query_builder.rst +++ b/user_guide_src/source/database/query_builder.rst @@ -1018,7 +1018,7 @@ Here's a usage example:: .. note:: The following statements can be cached: select, from, join, - where, like, group_by, having, order_by, set + where, like, group_by, having, order_by *********************** @@ -1433,15 +1433,20 @@ Class Reference Compiles and executes an INSERT statement. - .. php:method:: insert_batch([$table = ''[, $set = NULL[, $escape = NULL]]]) + .. php:method:: insert_batch($table[, $set = NULL[, $escape = NULL[, $batch_size = 100]]]) :param string $table: Table name :param array $set: Data to insert :param bool $escape: Whether to escape values and identifiers + :param int $batch_size: Count of rows to insert at once :returns: Number of rows inserted or FALSE on failure :rtype: mixed - Compiles and executes batch INSERT statements. + Compiles and executes batch ``INSERT`` statements. + + .. note:: When more than ``$batch_size`` rows are provided, multiple + ``INSERT`` queries will be executed, each trying to insert + up to ``$batch_size`` rows. .. php:method:: set_insert_batch($key[, $value = ''[, $escape = NULL]]) @@ -1464,15 +1469,20 @@ Class Reference Compiles and executes an UPDATE statement. - .. php:method:: update_batch([$table = ''[, $set = NULL[, $value = NULL]]]) + .. php:method:: update_batch($table[, $set = NULL[, $value = NULL[, $batch_size = 100]]]) :param string $table: Table name :param array $set: Field name, or an associative array of field/value pairs :param string $value: Field value, if $set is a single field + :param int $batch_size: Count of conditions to group in a single query :returns: Number of rows updated or FALSE on failure :rtype: mixed - Compiles and executes batch UPDATE statements. + Compiles and executes batch ``UPDATE`` statements. + + .. note:: When more than ``$batch_size`` field/value pairs are provided, + multiple queries will be executed, each handling up to + ``$batch_size`` field/value pairs. .. php:method:: set_update_batch($key[, $value = ''[, $escape = NULL]]) diff --git a/user_guide_src/source/database/transactions.rst b/user_guide_src/source/database/transactions.rst index 2e6d4b477..cfd6a566d 100644 --- a/user_guide_src/source/database/transactions.rst +++ b/user_guide_src/source/database/transactions.rst @@ -75,12 +75,11 @@ debugging is turned off, you can manage your own errors like this:: // generate an error... or use the log_message() function to log your error } -Enabling Transactions -===================== +Disabling Transactions +====================== -Transactions are enabled automatically the moment you use -$this->db->trans_start(). If you would like to disable transactions you -can do so using $this->db->trans_off():: +If you would like to disable transactions you can do so using +``$this->db->trans_off()``:: $this->db->trans_off(); @@ -88,8 +87,9 @@ can do so using $this->db->trans_off():: $this->db->query('AN SQL QUERY...'); $this->db->trans_complete(); -When transactions are disabled, your queries will be auto-commited, just -as they are when running queries without transactions. +When transactions are disabled, your queries will be auto-committed, just as +they are when running queries without transactions, practically ignoring +any calls to ``trans_start()``, ``trans_complete()``, etc. Test Mode ========= diff --git a/user_guide_src/source/documentation/index.rst b/user_guide_src/source/documentation/index.rst index 60c6b4ed6..aaac33ecb 100644 --- a/user_guide_src/source/documentation/index.rst +++ b/user_guide_src/source/documentation/index.rst @@ -18,7 +18,7 @@ It is created automatically by inserting the following: .. raw:: html - <div class="custom-index container"></div> + <div class="custom-index container"></div> .. contents:: :local: @@ -43,7 +43,7 @@ Pygments, so that code blocks can be properly highlighted. .. code-block:: bash easy_install "sphinx==1.2.3" - easy_install sphinxcontrib-phpdomain + easy_install "sphinxcontrib-phpdomain==0.1.3.post1" Then follow the directions in the README file in the :samp:`cilexer` folder inside the documentation repository to install the CI Lexer. @@ -199,4 +199,4 @@ It creates the following display: .. php:method:: should_do_something() :returns: Whether or not something should be done - :rtype: bool
\ No newline at end of file + :rtype: bool diff --git a/user_guide_src/source/general/cli.rst b/user_guide_src/source/general/cli.rst index b45be1aa8..764a6b835 100644 --- a/user_guide_src/source/general/cli.rst +++ b/user_guide_src/source/general/cli.rst @@ -47,11 +47,11 @@ in it:: Then save the file to your *application/controllers/* folder. -Now normally you would visit the your site using a URL similar to this:: +Now normally you would visit the site using a URL similar to this:: example.com/index.php/tools/message/to -Instead, we are going to open Terminal in Mac/Linux or go to Run > "cmd" +Instead, we are going to open the terminal in Mac/Linux or go to Run > "cmd" in Windows and navigate to our CodeIgniter project. .. code-block:: bash @@ -75,4 +75,4 @@ That's it! That, in a nutshell, is all there is to know about controllers on the command line. Remember that this is just a normal controller, so routing -and ``_remap()`` works fine.
\ No newline at end of file +and ``_remap()`` works fine. diff --git a/user_guide_src/source/general/common_functions.rst b/user_guide_src/source/general/common_functions.rst index 6d6744cf7..77b0df14e 100644 --- a/user_guide_src/source/general/common_functions.rst +++ b/user_guide_src/source/general/common_functions.rst @@ -24,9 +24,9 @@ loading any libraries or helpers. Example:: - if (is_php('5.3')) + if (is_php('5.5')) { - $str = quoted_printable_encode($str); + echo json_last_error_msg(); } Returns boolean TRUE if the installed version of PHP is equal to or @@ -101,7 +101,7 @@ loading any libraries or helpers. .. php:function:: set_status_header($code[, $text = '']) - :param int $code: HTTP Reponse status code + :param int $code: HTTP Response status code :param string $text: A custom message to set with the status code :rtype: void @@ -185,4 +185,4 @@ loading any libraries or helpers. .. note:: This function was introduced because Suhosin terminated script execution, but this turned out to be a bug. A fix has been available for some time (version 0.9.34), but is - unfortunately not released yet.
\ No newline at end of file + unfortunately not released yet. diff --git a/user_guide_src/source/general/compatibility_functions.rst b/user_guide_src/source/general/compatibility_functions.rst index 434b0982f..522e43f60 100644 --- a/user_guide_src/source/general/compatibility_functions.rst +++ b/user_guide_src/source/general/compatibility_functions.rst @@ -10,7 +10,7 @@ Being custom implementations, these functions will also have some set of dependencies on their own, but are still useful if your PHP setup doesn't offer them natively. -.. note:: Much like the `common functions <common_functions>`, the +.. note:: Much like the :doc:`common functions <common_functions>`, the compatibility functions are always available, as long as their dependencies are met. @@ -32,7 +32,6 @@ that is otherwise available only since PHP 5.5. Dependencies ============ -- PHP 5.3.7 - ``CRYPT_BLOWFISH`` support for ``crypt()`` Constants @@ -221,44 +220,3 @@ Function reference For more information, please refer to the `PHP manual for array_column() <http://php.net/array_column>`_. - -.. php:function:: array_replace(array $array1[, ...]) - - :param array $array1: Array in which to replace elements - :param array ...: Array (or multiple ones) from which to extract elements - :returns: Modified array - :rtype: array - - For more information, please refer to the `PHP manual for - array_replace() <http://php.net/array_replace>`_. - -.. php:function:: array_replace_recursive(array $array1[, ...]) - - :param array $array1: Array in which to replace elements - :param array ...: Array (or multiple ones) from which to extract elements - :returns: Modified array - :rtype: array - - For more information, please refer to the `PHP manual for - array_replace_recursive() <http://php.net/array_replace_recursive>`_. - - .. important:: Only PHP's native function can detect endless recursion. - Unless you are running PHP 5.3+, be careful with references! - -.. php:function:: hex2bin($data) - - :param array $data: Hexadecimal representation of data - :returns: Binary representation of the given data - :rtype: string - - For more information, please refer to the `PHP manual for hex2bin() - <http://php.net/hex2bin>`_. - -.. php:function:: quoted_printable_encode($str) - - :param string $str: Input string - :returns: 8bit-encoded string - :rtype: string - - For more information, please refer to the `PHP manual for - quoted_printable_encode() <http://php.net/quoted_printable_encode>`_.
\ No newline at end of file diff --git a/user_guide_src/source/general/controllers.rst b/user_guide_src/source/general/controllers.rst index 7ab5a7f6a..5a111d8dc 100644 --- a/user_guide_src/source/general/controllers.rst +++ b/user_guide_src/source/general/controllers.rst @@ -140,9 +140,12 @@ file and set this variable:: $route['default_controller'] = 'blog'; -Where Blog is the name of the controller class you want used. If you now +Where 'blog' is the name of the controller class you want used. If you now load your main index.php file without specifying any URI segments you'll -see your Hello World message by default. +see your "Hello World" message by default. + +For more information, please refer to the "Reserved Routes" section of the +:doc:`URI Routing <routing>` documentation. Remapping Method Calls ====================== @@ -263,12 +266,12 @@ Trying to access it via the URL, like this, will not work:: Organizing Your Controllers into Sub-directories ================================================ -If you are building a large application you might find it convenient to -organize your controllers into sub-directories. CodeIgniter permits you -to do this. +If you are building a large application you might want to hierarchically +organize or structure your controllers into sub-directories. CodeIgniter +permits you to do this. -Simply create folders within your *application/controllers/* directory -and place your controller classes within them. +Simply create sub-directories under the main *application/controllers/* +one and place your controller classes within them. .. note:: When using this feature the first segment of your URI must specify the folder. For example, let's say you have a controller located @@ -281,8 +284,9 @@ and place your controller classes within them. example.com/index.php/products/shoes/show/123 Each of your sub-directories may contain a default controller which will be -called if the URL contains only the sub-folder. Simply name your default -controller as specified in your *application/config/routes.php* file. +called if the URL contains *only* the sub-directory. Simply put a controller +in there that matches the name of your 'default_controller' as specified in +your *application/config/routes.php* file. CodeIgniter also permits you to remap your URIs using its :doc:`URI Routing <routing>` feature. diff --git a/user_guide_src/source/general/core_classes.rst b/user_guide_src/source/general/core_classes.rst index 07c0b00ba..79f73ef06 100644 --- a/user_guide_src/source/general/core_classes.rst +++ b/user_guide_src/source/general/core_classes.rst @@ -101,6 +101,7 @@ your new class in your application controller's constructors. public function __construct() { parent::__construct(); + // Your own constructor code } public function index() diff --git a/user_guide_src/source/general/errors.rst b/user_guide_src/source/general/errors.rst index 9c190feb1..a1cc3517a 100644 --- a/user_guide_src/source/general/errors.rst +++ b/user_guide_src/source/general/errors.rst @@ -78,11 +78,10 @@ The following functions let you generate errors: CodeIgniter automatically logs any ``show_404()`` calls. Setting the optional second parameter to FALSE will skip logging. -.. php:function:: log_message($level, $message, $php_error = FALSE) +.. php:function:: log_message($level, $message) :param string $level: Log level: 'error', 'debug' or 'info' :param string $message: Message to log - :param bool $php_error: Whether we're logging a native PHP error message :rtype: void This function lets you write messages to your log files. You must diff --git a/user_guide_src/source/general/hooks.rst b/user_guide_src/source/general/hooks.rst index ffe3fef39..6cc3407a3 100644 --- a/user_guide_src/source/general/hooks.rst +++ b/user_guide_src/source/general/hooks.rst @@ -56,8 +56,8 @@ defined in your associative hook array: - **params** Any parameters you wish to pass to your script. This item is optional. -If you're running PHP 5.3+, you can also use lambda/anoymous functions -(or closures) as hooks, with a simpler syntax:: +You can also use lambda/anoymous functions (or closures) as hooks, with +a simpler syntax:: $hook['post_controller'] = function() { diff --git a/user_guide_src/source/general/models.rst b/user_guide_src/source/general/models.rst index 1cfe736de..eb842e927 100644 --- a/user_guide_src/source/general/models.rst +++ b/user_guide_src/source/general/models.rst @@ -22,12 +22,6 @@ model class might look like:: public $content; public $date; - public function __construct() - { - // Call the CI_Model constructor - parent::__construct(); - } - public function get_last_ten_entries() { $query = $this->db->get('entries', 10); @@ -76,6 +70,7 @@ The basic prototype for a model class is this:: public function __construct() { parent::__construct(); + // Your own constructor code } } @@ -91,6 +86,7 @@ The file name must match the class name. For example, if this is your class:: public function __construct() { parent::__construct(); + // Your own constructor code } } diff --git a/user_guide_src/source/general/requirements.rst b/user_guide_src/source/general/requirements.rst index f90cdd30d..982a6014f 100644 --- a/user_guide_src/source/general/requirements.rst +++ b/user_guide_src/source/general/requirements.rst @@ -2,9 +2,9 @@ Server Requirements ################### -`PHP <http://php.net/>`_ version 5.4 or newer is recommended. +`PHP <http://php.net/>`_ version 5.6 or newer is recommended. -It should work on 5.2.4 as well, but we strongly advise you NOT to run +It should work on 5.4.8 as well, but we strongly advise you NOT to run such old versions of PHP, because of potential security and performance issues, as well as missing features. @@ -15,7 +15,7 @@ Currently supported databases are: - Oracle via the *oci8* and *pdo* drivers - PostgreSQL via the *postgre* and *pdo* drivers - MS SQL via the *mssql*, *sqlsrv* (version 2005 and above only) and *pdo* drivers - - SQLite via the *sqlite* (version 2), *sqlite3* (version 3) and *pdo* drivers + - SQLite via the *sqlite3* and *pdo* drivers - CUBRID via the *cubrid* and *pdo* drivers - Interbase/Firebird via the *ibase* and *pdo* drivers - - ODBC via the *odbc* and *pdo* drivers (you should know that ODBC is actually an abstraction layer)
\ No newline at end of file + - ODBC via the *odbc* and *pdo* drivers (you should know that ODBC is actually an abstraction layer) diff --git a/user_guide_src/source/general/routing.rst b/user_guide_src/source/general/routing.rst index 766e0b2ab..b53a85d31 100644 --- a/user_guide_src/source/general/routing.rst +++ b/user_guide_src/source/general/routing.rst @@ -113,18 +113,19 @@ A typical RegEx route might look something like this:: In the above example, a URI similar to products/shirts/123 would instead call the "shirts" controller class and the "id_123" method. -With regular expressions, you can also catch a segment containing a -forward slash ('/'), which would usually represent the delimiter between -multiple segments. - +With regular expressions, you can also catch multiple segments at once. For example, if a user accesses a password protected area of your web application and you wish to be able to redirect them back to the same page after they log in, you may find this example useful:: $route['login/(.+)'] = 'auth/login/$1'; +.. note:: In the above example, if the ``$1`` placeholder contains a + slash, it will still be split into multiple parameters when + passed to ``Auth::login()``. + For those of you who don't know regular expressions and want to learn -more about them, `regular-expressions.info <http://www.regular-expressions.info/>` +more about them, `regular-expressions.info <http://www.regular-expressions.info/>`_ might be a good starting point. .. note:: You can also mix and match wildcards with regular expressions. @@ -132,8 +133,8 @@ might be a good starting point. Callbacks ========= -If you are using PHP >= 5.3 you can use callbacks in place of the normal -routing rules to process the back-references. Example:: +You can also use callbacks in place of the normal routing rules to process +the back-references. Example:: $route['products/([a-zA-Z]+)/edit/(\d+)'] = function ($product_type, $id) { @@ -170,11 +171,16 @@ There are three reserved routes:: $route['default_controller'] = 'welcome'; -This route indicates which controller class should be loaded if the URI -contains no data, which will be the case when people load your root URL. -In the above example, the "welcome" class would be loaded. You are -encouraged to always have a default route otherwise a 404 page will -appear by default. +This route points to the action that should be executed if the URI contains +no data, which will be the case when people load your root URL. +The setting accepts a **controller/method** value and ``index()`` would be +the default method if you don't specify one. In the above example, it is +``Welcome::index()`` that would be called. + +.. note:: You can NOT use a directory as a part of this setting! + +You are encouraged to always have a default route as otherwise a 404 page +will appear by default. :: @@ -182,11 +188,13 @@ appear by default. This route indicates which controller class should be loaded if the requested controller is not found. It will override the default 404 -error page. It won't affect to the ``show_404()`` function, which will +error page. Same per-directory rules as with 'default_controller' +apply here as well. + +It won't affect to the ``show_404()`` function, which will continue loading the default *error_404.php* file at *application/views/errors/error_404.php*. - :: $route['translate_uri_dashes'] = FALSE; diff --git a/user_guide_src/source/general/security.rst b/user_guide_src/source/general/security.rst index d4120d162..744a2c934 100644 --- a/user_guide_src/source/general/security.rst +++ b/user_guide_src/source/general/security.rst @@ -5,6 +5,9 @@ Security This page describes some "best practices" regarding web security, and details CodeIgniter's internal security features. +.. note:: If you came here looking for a security contact, please refer to + our `Contribution Guide <../contributing/index>`. + URI Security ============ @@ -130,12 +133,7 @@ with that. Please read below. in PHP's own `Password Hashing <http://php.net/password>`_ functions. Please use them, even if you're not running PHP 5.5+, CodeIgniter - provides them for you as long as you're running at least PHP version - 5.3.7 (and if you don't meet that requirement - please, upgrade). - - If you're one of the really unlucky people who can't even upgrade to a - more recent PHP version, use `hash_pbkdf() <http://php.net/hash_pbkdf2>`, - which we also provide in our compatibility layer. + provides them for you. - DO NOT ever display or send a password in plain-text format! diff --git a/user_guide_src/source/general/styleguide.rst b/user_guide_src/source/general/styleguide.rst index 7704a59c5..5f25a5ae4 100644 --- a/user_guide_src/source/general/styleguide.rst +++ b/user_guide_src/source/general/styleguide.rst @@ -345,8 +345,8 @@ inability for CodeIgniter to send proper headers. Compatibility ============= -CodeIgniter recommends PHP 5.4 or newer to be used, but it should be -compatible with PHP 5.2.4. Your code must either be compatible with this +CodeIgniter recommends PHP 5.6 or newer to be used, but it should be +compatible with PHP 5.4.8. Your code must either be compatible with this requirement, provide a suitable fallback, or be an optional feature that dies quietly without affecting a user's application. @@ -633,4 +633,4 @@ Whenever appropriate, provide function argument defaults, which helps prevent PHP errors with mistaken calls and provides common fallback values which can save a few lines of code. Example:: - function foo($bar = '', $baz = FALSE)
\ No newline at end of file + function foo($bar = '', $baz = FALSE) diff --git a/user_guide_src/source/helpers/cookie_helper.rst b/user_guide_src/source/helpers/cookie_helper.rst index da26151cb..71e40a33c 100644 --- a/user_guide_src/source/helpers/cookie_helper.rst +++ b/user_guide_src/source/helpers/cookie_helper.rst @@ -25,7 +25,7 @@ Available Functions The following functions are available: -.. php:function:: set_cookie($name[, $value = ''[, $expire = ''[, $domain = ''[, $path = '/'[, $prefix = ''[, $secure = FALSE[, $httponly = FALSE]]]]]]]]) +.. php:function:: set_cookie($name[, $value = ''[, $expire = ''[, $domain = ''[, $path = '/'[, $prefix = ''[, $secure = FALSE[, $httponly = FALSE]]]]]]]) :param mixed $name: Cookie name *or* associative array of all of the parameters available to this function :param string $value: Cookie value @@ -42,7 +42,7 @@ The following functions are available: a description of its use, as this function is an alias for ``CI_Input::set_cookie()``. -.. php:function:: get_cookie($index[, $xss_clean = NULL]]) +.. php:function:: get_cookie($index[, $xss_clean = FALSE]) :param string $index: Cookie name :param bool $xss_clean: Whether to apply XSS filtering to the returned value @@ -56,7 +56,7 @@ The following functions are available: the ``$config['cookie_prefix']`` that you might've set in your *application/config/config.php* file. -.. php:function:: delete_cookie($name[, $domain = ''[, $path = '/'[, $prefix = '']]]]) +.. php:function:: delete_cookie($name[, $domain = ''[, $path = '/'[, $prefix = '']]]) :param string $name: Cookie name :param string $domain: Cookie domain (usually: .yourdomain.com) diff --git a/user_guide_src/source/helpers/date_helper.rst b/user_guide_src/source/helpers/date_helper.rst index a85da26a4..2f44cb923 100644 --- a/user_guide_src/source/helpers/date_helper.rst +++ b/user_guide_src/source/helpers/date_helper.rst @@ -31,7 +31,7 @@ The following functions are available: :rtype: int Returns the current time as a UNIX timestamp, referenced either to your server's - local time or any PHP suported timezone, based on the "time reference" setting + local time or any PHP supported timezone, based on the "time reference" setting in your config file. If you do not intend to set your master time reference to any other PHP supported timezone (which you'll typically do if you run a site that lets each user set their own timezone settings) there is no benefit to using @@ -67,45 +67,6 @@ The following functions are available: If a timestamp is not included in the second parameter the current time will be used. -.. php:function:: standard_date([$fmt = 'DATE_RFC822'[, $time = NULL]]) - - :param string $fmt: Date format - :param int $time: UNIX timestamp - :returns: Formatted date or FALSE on invalid format - :rtype: string - - Lets you generate a date string in one of several standardized formats. - - Example:: - - $format = 'DATE_RFC822'; - $time = time(); - echo standard_date($format, $time); - - .. note:: This function is DEPRECATED. Use the native ``date()`` combined with - `DateTime's format constants - <http://php.net/manual/en/class.datetime.php#datetime.constants.types>`_ - instead:: - - echo date(DATE_RFC822, time()); - - **Supported formats:** - - =============== ======================= ====================================== - Constant Description Example - =============== ======================= ====================================== - DATE_ATOM Atom 2005-08-15T16:13:03+0000 - DATE_COOKIE HTTP Cookies Sun, 14 Aug 2005 16:13:03 UTC - DATE_ISO8601 ISO-8601 2005-08-14T16:13:03+00:00 - DATE_RFC822 RFC 822 Sun, 14 Aug 05 16:13:03 UTC - DATE_RFC850 RFC 850 Sunday, 14-Aug-05 16:13:03 UTC - DATE_RFC1036 RFC 1036 Sunday, 14-Aug-05 16:13:03 UTC - DATE_RFC1123 RFC 1123 Sun, 14 Aug 2005 16:13:03 UTC - DATE_RFC2822 RFC 2822 Sun, 14 Aug 2005 16:13:03 +0000 - DATE_RSS RSS Sun, 14 Aug 2005 16:13:03 UTC - DATE_W3C W3C 2005-08-14T16:13:03+0000 - =============== ======================= ====================================== - .. php:function:: local_to_gmt([$time = '']) :param int $time: UNIX timestamp @@ -220,6 +181,9 @@ The following functions are available: // Should Produce: 2001-09-11 $better_date = nice_date($bad_date, 'Y-m-d'); + .. note:: This function is DEPRECATED. Use PHP's native `DateTime class + <https://secure.php.net/datetime>`_ instead. + .. php:function:: timespan([$seconds = 1[, $time = ''[, $units = '']]]) :param int $seconds: Number of seconds @@ -434,4 +398,4 @@ UP12 (UTC +12:00) Fiji, Gilbert Islands, Kamchatka, New Zealand UP1275 (UTC +12:45) Chatham Islands Standard Time UP13 (UTC +13:00) Phoenix Islands Time, Tonga UP14 (UTC +14:00) Line Islands -=========== =====================================================================
\ No newline at end of file +=========== ===================================================================== diff --git a/user_guide_src/source/helpers/download_helper.rst b/user_guide_src/source/helpers/download_helper.rst index 1a4065073..e11d92a14 100644 --- a/user_guide_src/source/helpers/download_helper.rst +++ b/user_guide_src/source/helpers/download_helper.rst @@ -26,7 +26,7 @@ The following functions are available: .. php:function:: force_download([$filename = ''[, $data = ''[, $set_mime = FALSE]]]) - :param string $filename: Filename + :param mixed $filename: Filename :param mixed $data: File contents :param bool $set_mime: Whether to try to send the actual MIME type :rtype: void @@ -37,8 +37,11 @@ The following functions are available: file data. If you set the second parameter to NULL and ``$filename`` is an existing, readable - file path, then its content will be read instead. - + file path, then its content will be read instead. You may also set ``$filename`` + as an associative array with a single element, where the key of that element would be + the local file you are trying to read and where the value is the name of the downloadable + file that will be sent to browser. An example of this is provided below. + If you set the third parameter to boolean TRUE, then the actual file MIME type (based on the filename extension) will be sent, so that if your browser has a handler for that type - it can use it. @@ -53,4 +56,10 @@ The following functions are available: do the following:: // Contents of photo.jpg will be automatically read - force_download('/path/to/photo.jpg', NULL);
\ No newline at end of file + force_download('/path/to/photo.jpg', NULL); + + If you want to download an existing file from your server, but change the name + of the actual file sent to browser, you will need this:: + + // Contents of photo.jpg will be automatically read and sent as my-photo.jpg + force_download(array('/path/to/photo.jpg' => 'my-photo.jpg'), NULL);
\ No newline at end of file diff --git a/user_guide_src/source/helpers/email_helper.rst b/user_guide_src/source/helpers/email_helper.rst deleted file mode 100644 index 1ee97d902..000000000 --- a/user_guide_src/source/helpers/email_helper.rst +++ /dev/null @@ -1,75 +0,0 @@ -############ -Email Helper -############ - -The Email Helper provides some assistive functions for working with -Email. For a more robust email solution, see CodeIgniter's :doc:`Email -Class <../libraries/email>`. - -.. important:: The Email helper is DEPRECATED and is currently - only kept for backwards compatibility. - -.. contents:: - :local: - -.. raw:: html - - <div class="custom-index container"></div> - -Loading this Helper -=================== - -This helper is loaded using the following code:: - - $this->load->helper('email'); - -Available Functions -=================== - -The following functions are available: - - -.. php:function:: valid_email($email) - - :param string $email: E-mail address - :returns: TRUE if a valid email is supplied, FALSE otherwise - :rtype: bool - - Checks if the input is a correctly formatted e-mail address. Note that is - doesn't actually prove that the address will be able recieve mail, but - simply that it is a validly formed address. - - Example:: - - if (valid_email('email@somesite.com')) - { - echo 'email is valid'; - } - else - { - echo 'email is not valid'; - } - - .. note:: All that this function does is to use PHP's native ``filter_var()``:: - - (bool) filter_var($email, FILTER_VALIDATE_EMAIL); - -.. php:function:: send_email($recipient, $subject, $message) - - :param string $recipient: E-mail address - :param string $subject: Mail subject - :param string $message: Message body - :returns: TRUE if the mail was successfully sent, FALSE in case of an error - :rtype: bool - - Sends an email using PHP's native `mail() <http://php.net/function.mail>`_ - function. - - .. note:: All that this function does is to use PHP's native ``mail`` - - :: - - mail($recipient, $subject, $message); - - For a more robust email solution, see CodeIgniter's :doc:`Email Library - <../libraries/email>`.
\ No newline at end of file diff --git a/user_guide_src/source/helpers/file_helper.rst b/user_guide_src/source/helpers/file_helper.rst index 833cddea4..dcf3a2340 100644 --- a/user_guide_src/source/helpers/file_helper.rst +++ b/user_guide_src/source/helpers/file_helper.rst @@ -23,32 +23,6 @@ Available Functions The following functions are available: - -.. php:function:: read_file($file) - - :param string $file: File path - :returns: File contents or FALSE on failure - :rtype: string - - Returns the data contained in the file specified in the path. - - Example:: - - $string = read_file('./path/to/file.php'); - - The path can be a relative or full server path. Returns FALSE (boolean) on failure. - - .. note:: The path is relative to your main site index.php file, NOT your - controller or view files. CodeIgniter uses a front controller so paths - are always relative to the main site index. - - .. note:: This function is DEPRECATED. Use the native ``file_get_contents()`` - instead. - - .. important:: If your server is running an **open_basedir** restriction this - function might not work if you are trying to access a file above the - calling script. - .. php:function:: write_file($path, $data[, $mode = 'wb']) :param string $path: File path @@ -199,4 +173,4 @@ The following functions are available: :: - echo octal_permissions(fileperms('./index.php')); // 644
\ No newline at end of file + echo octal_permissions(fileperms('./index.php')); // 644 diff --git a/user_guide_src/source/helpers/form_helper.rst b/user_guide_src/source/helpers/form_helper.rst index d3ee3ffb6..97595c90b 100644 --- a/user_guide_src/source/helpers/form_helper.rst +++ b/user_guide_src/source/helpers/form_helper.rst @@ -108,7 +108,7 @@ The following functions are available: <input type="hidden" name="member_id" value="234" /> -.. php:function:: form_open_multipart([$action = ''[, $attributes = array()[, $hidden = array()]]) +.. php:function:: form_open_multipart([$action = ''[, $attributes = array()[, $hidden = array()]]]) :param string $action: Form action/target URI string :param array $attributes: HTML attributes @@ -187,7 +187,7 @@ The following functions are available: <input type="hidden" name="email" value="john@example.com" id="hiddenemail" class="hiddenemail" /> */ -.. php:function:: form_input([$data = ''[, $value = ''[, $extra = '']]) +.. php:function:: form_input([$data = ''[, $value = ''[, $extra = '']]]) :param array $data: Field attributes data :param string $value: Field value @@ -243,10 +243,9 @@ The following functions are available: function above except that it uses the "password" input type. -.. php:function:: form_upload([$data = ''[, $value = ''[, $extra = '']]]) +.. php:function:: form_upload([$data = '', $extra = '']]) :param array $data: Field attributes data - :param string $value: Field value :param mixed $extra: Extra attributes to be added to the tag either as an array or a literal string :returns: An HTML file upload input field tag :rtype: string @@ -461,12 +460,12 @@ The following functions are available: fourth parameter:: $js = 'onClick="some_function()"'; - echo form_checkbox('newsletter', 'accept', TRUE, $js) + echo form_checkbox('newsletter', 'accept', TRUE, $js); Or you can pass it as an array:: $js = array('onClick' => 'some_function();'); - echo form_checkbox('newsletter', 'accept', TRUE, $js) + echo form_checkbox('newsletter', 'accept', TRUE, $js); .. php:function:: form_radio([$data = ''[, $value = ''[, $checked = FALSE[, $extra = '']]]]) @@ -724,20 +723,3 @@ The following functions are available: <span class="error">The "password" field doesn't match the "repeat_password" field!</span> */ - -.. php:function:: form_prep($str) - - :param string $str: Value to escape - :returns: Escaped value - :rtype: string - - Allows you to safely use HTML and characters such as quotes within form - elements without breaking out of the form. - - .. note:: If you use any of the form helper functions listed in this page the form - values will be prepped automatically, so there is no need to call this - function. Use it only if you are creating your own form elements. - - .. note:: This function is DEPRECATED and is just an alias for - :doc:`common function <../general/common_functions>` - :func:`html_escape()` - please use that instead. diff --git a/user_guide_src/source/helpers/html_helper.rst b/user_guide_src/source/helpers/html_helper.rst index 2c748bea0..734b4465c 100644 --- a/user_guide_src/source/helpers/html_helper.rst +++ b/user_guide_src/source/helpers/html_helper.rst @@ -286,7 +286,7 @@ The following functions are available: // Generates: <meta name="description" content="My Great Site" /> echo meta('Content-type', 'text/html; charset=utf-8', 'equiv'); - // Note the third parameter. Can be "equiv" or "name" + // Note the third parameter. Can be "charset", "http-equiv", "name" or "property" // Generates: <meta http-equiv="Content-type" content="text/html; charset=utf-8" /> echo meta(array('name' => 'robots', 'content' => 'no-cache')); @@ -310,8 +310,13 @@ The following functions are available: 'content' => 'no-cache' ), array( - 'name' => 'Content-type', - 'content' => 'text/html; charset=utf-8', 'type' => 'equiv' + 'name' => 'Content-Type', + 'type' => 'http-equiv', + 'content' => 'text/html; charset=utf-8' + ), + array( + 'name' => 'UTF-8', + 'type' => 'charset' ) ); @@ -321,21 +326,22 @@ The following functions are available: // <meta name="description" content="My Great Site" /> // <meta name="keywords" content="love, passion, intrigue, deception" /> // <meta name="robots" content="no-cache" /> - // <meta http-equiv="Content-type" content="text/html; charset=utf-8" /> + // <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> + // <meta charset="UTF-8" /> -.. php:function:: doctype([$type = 'xhtml1-strict']) +.. php:function:: doctype([$type = 'html5']) :param string $type: Doctype name :returns: HTML DocType tag :rtype: string - Helps you generate document type declarations, or DTD's. XHTML 1.0 - Strict is used by default, but many doctypes are available. + Helps you generate document type declarations, or DTD's. HTML 5 + is used by default, but many doctypes are available. Example:: - echo doctype(); // <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> + echo doctype(); // <!DOCTYPE html> echo doctype('html4-trans'); // <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> @@ -365,43 +371,3 @@ The following functions are available: XHTML+RDFa 1.0 xhtml-rdfa-1 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML+RDFa 1.0//EN" "http://www.w3.org/MarkUp/DTD/xhtml-rdfa-1.dtd"> XHTML+RDFa 1.1 xhtml-rdfa-2 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML+RDFa 1.1//EN" "http://www.w3.org/MarkUp/DTD/xhtml-rdfa-2.dtd"> =============================== =================== ================================================================================================================================================== - -.. php:function:: br([$count = 1]) - - :param int $count: Number of times to repeat the tag - :returns: HTML line break tag - :rtype: string - - Generates line break tags (<br />) based on the number you submit. - Example:: - - echo br(3); - - The above would produce: - - .. code-block:: html - - <br /><br /><br /> - - .. note:: This function is DEPRECATED. Use the native ``str_repeat()`` - in combination with ``<br />`` instead. - -.. php:function:: nbs([$num = 1]) - - :param int $num: Number of space entities to produce - :returns: A sequence of non-breaking space HTML entities - :rtype: string - - Generates non-breaking spaces ( ) based on the number you submit. - Example:: - - echo nbs(3); - - The above would produce: - - .. code-block:: html - - - - .. note:: This function is DEPRECATED. Use the native ``str_repeat()`` - in combination with `` `` instead. diff --git a/user_guide_src/source/helpers/inflector_helper.rst b/user_guide_src/source/helpers/inflector_helper.rst index ed1e2b30f..76cce6f4d 100644 --- a/user_guide_src/source/helpers/inflector_helper.rst +++ b/user_guide_src/source/helpers/inflector_helper.rst @@ -3,7 +3,7 @@ Inflector Helper ################ The Inflector Helper file contains functions that permits you to change -words to plural, singular, camel case, etc. +**English** words to plural, singular, camel case, etc. .. contents:: :local: @@ -38,7 +38,7 @@ The following functions are available: .. php:function:: plural($str) :param string $str: Input string - :returns: A plular word + :returns: A plural word :rtype: string Changes a singular word to plural. Example:: @@ -93,4 +93,20 @@ The following functions are available: Checks if the given word has a plural version. Example:: - is_countable('equipment'); // Returns FALSE
\ No newline at end of file + is_countable('equipment'); // Returns FALSE + +.. php:function:: ordinal_format($number) + + :param int $number: non-negative natural number to be converted + :returns: Ordinal numeral for given number or original value on failure + :rtype: string + + Returns the ordinal numeral (1st, 2nd, 3rd etc.) for a + non-negative natural number. If the input is not a natural number + greater than 0, the function will return the original value. Examples:: + + echo ordinal_format(1); // Returns 1st + echo ordinal_format(3); // Returns 3rd + echo ordinal_format(21); // Returns 21st + echo ordinal_format(102); // Returns 102nd + echo ordinal_format(-5); // Invalid input, will return -5 diff --git a/user_guide_src/source/helpers/language_helper.rst b/user_guide_src/source/helpers/language_helper.rst index cadf3c0ce..cfbd6c057 100644 --- a/user_guide_src/source/helpers/language_helper.rst +++ b/user_guide_src/source/helpers/language_helper.rst @@ -27,17 +27,20 @@ The following functions are available: .. php:function:: lang($line[, $for = ''[, $attributes = array()]]) - :param string $line: Language line key - :param string $for: HTML "for" attribute (ID of the element we're creating a label for) - :param array $attributes: Any additional HTML attributes - :returns: HTML-formatted language line label + :param string $line: Language line key + :param string $for: HTML "for" attribute (ID of the element we're creating a label for) + :param array $attributes: Any additional HTML attributes + :returns: The language line; in an HTML label tag, if the ``$for`` parameter is not empty :rtype: string This function returns a line of text from a loaded language file with simplified syntax that may be more desirable for view files than ``CI_Lang::line()``. - Example:: + Examples:: + + echo lang('language_key'); + // Outputs: Language line echo lang('language_key', 'form_item_id', array('class' => 'myClass')); // Outputs: <label for="form_item_id" class="myClass">Language line</label>
\ No newline at end of file diff --git a/user_guide_src/source/helpers/security_helper.rst b/user_guide_src/source/helpers/security_helper.rst index 103880cf9..e981bc6b6 100644 --- a/user_guide_src/source/helpers/security_helper.rst +++ b/user_guide_src/source/helpers/security_helper.rst @@ -48,31 +48,6 @@ The following functions are available: For more info, please see the :doc:`Security Library <../libraries/security>` documentation. - -.. php:function:: do_hash($str[, $type = 'sha1']) - - :param string $str: Input - :param string $type: Algorithm - :returns: Hex-formatted hash - :rtype: string - - Permits you to create one way hashes suitable for encrypting - passwords. Will use SHA1 by default. - - See `hash_algos() <http://php.net/function.hash_algos>`_ - for a full list of supported algorithms. - - Examples:: - - $str = do_hash($str); // SHA1 - $str = do_hash($str, 'md5'); // MD5 - - .. note:: This function was formerly named ``dohash()``, which has been - removed in favor of ``do_hash()``. - - .. note:: This function is DEPRECATED. Use the native ``hash()`` instead. - - .. php:function:: strip_image_tags($str) :param string $str: Input string @@ -103,4 +78,4 @@ The following functions are available: Example:: - $string = encode_php_tags($string);
\ No newline at end of file + $string = encode_php_tags($string); diff --git a/user_guide_src/source/helpers/smiley_helper.rst b/user_guide_src/source/helpers/smiley_helper.rst deleted file mode 100644 index 3e7669942..000000000 --- a/user_guide_src/source/helpers/smiley_helper.rst +++ /dev/null @@ -1,169 +0,0 @@ -############# -Smiley Helper -############# - -The Smiley Helper file contains functions that let you manage smileys -(emoticons). - -.. important:: The Smiley helper is DEPRECATED and should not be used. - It is currently only kept for backwards compatibility. - -.. contents:: - :local: - -.. raw:: html - - <div class="custom-index container"></div> - -Loading this Helper -=================== - -This helper is loaded using the following code:: - - $this->load->helper('smiley'); - -Overview -======== - -The Smiley helper has a renderer that takes plain text smileys, like -:-) and turns them into a image representation, like |smile!| - -It also lets you display a set of smiley images that when clicked will -be inserted into a form field. For example, if you have a blog that -allows user commenting you can show the smileys next to the comment -form. Your users can click a desired smiley and with the help of some -JavaScript it will be placed into the form field. - -Clickable Smileys Tutorial -========================== - -Here is an example demonstrating how you might create a set of clickable -smileys next to a form field. This example requires that you first -download and install the smiley images, then create a controller and the -View as described. - -.. important:: Before you begin, please `download the smiley images - <https://ellislab.com/asset/ci_download_files/smileys.zip>`_ - and put them in a publicly accessible place on your server. - This helper also assumes you have the smiley replacement array - located at `application/config/smileys.php` - -The Controller --------------- - -In your **application/controllers/** directory, create a file called -Smileys.php and place the code below in it. - -.. important:: Change the URL in the :php:func:`get_clickable_smileys()` - function below so that it points to your smiley folder. - -You'll notice that in addition to the smiley helper, we are also using -the :doc:`Table Class <../libraries/table>`:: - - <?php - - class Smileys extends CI_Controller { - - public function index() - { - $this->load->helper('smiley'); - $this->load->library('table'); - - $image_array = get_clickable_smileys('http://example.com/images/smileys/', 'comments'); - $col_array = $this->table->make_columns($image_array, 8); - - $data['smiley_table'] = $this->table->generate($col_array); - $this->load->view('smiley_view', $data); - } - - } - -In your **application/views/** directory, create a file called **smiley_view.php** -and place this code in it:: - - <html> - <head> - <title>Smileys</title> - <?php echo smiley_js(); ?> - </head> - <body> - <form name="blog"> - <textarea name="comments" id="comments" cols="40" rows="4"></textarea> - </form> - <p>Click to insert a smiley!</p> - <?php echo $smiley_table; ?> </body> </html> - When you have created the above controller and view, load it by visiting http://www.example.com/index.php/smileys/ - </body> - </html> - -Field Aliases -------------- - -When making changes to a view it can be inconvenient to have the field -id in the controller. To work around this, you can give your smiley -links a generic name that will be tied to a specific id in your view. - -:: - - $image_array = get_smiley_links("http://example.com/images/smileys/", "comment_textarea_alias"); - -To map the alias to the field id, pass them both into the -:func:`smiley_js()` function:: - - $image_array = smiley_js("comment_textarea_alias", "comments"); - -Available Functions -=================== - -.. php:function:: get_clickable_smileys($image_url[, $alias = ''[, $smileys = NULL]]) - - :param string $image_url: URL path to the smileys directory - :param string $alias: Field alias - :returns: An array of ready to use smileys - :rtype: array - - Returns an array containing your smiley images wrapped in a clickable - link. You must supply the URL to your smiley folder and a field id or - field alias. - - Example:: - - $image_array = get_clickable_smileys('http://example.com/images/smileys/', 'comment'); - -.. php:function:: smiley_js([$alias = ''[, $field_id = ''[, $inline = TRUE]]]) - - :param string $alias: Field alias - :param string $field_id: Field ID - :param bool $inline: Whether we're inserting an inline smiley - :returns: Smiley-enabling JavaScript code - :rtype: string - - Generates the JavaScript that allows the images to be clicked and - inserted into a form field. If you supplied an alias instead of an id - when generating your smiley links, you need to pass the alias and - corresponding form id into the function. This function is designed to be - placed into the <head> area of your web page. - - Example:: - - <?php echo smiley_js(); ?> - -.. php:function:: parse_smileys([$str = ''[, $image_url = ''[, $smileys = NULL]]]) - - :param string $str: Text containing smiley codes - :param string $image_url: URL path to the smileys directory - :param array $smileys: An array of smileys - :returns: Parsed smileys - :rtype: string - - Takes a string of text as input and replaces any contained plain text - smileys into the image equivalent. The first parameter must contain your - string, the second must contain the URL to your smiley folder - - Example:: - - $str = 'Here are some smileys: :-) ;-)'; - $str = parse_smileys($str, 'http://example.com/images/smileys/'); - echo $str; - -.. |smile!| image:: ../images/smile.gif
\ No newline at end of file diff --git a/user_guide_src/source/helpers/string_helper.rst b/user_guide_src/source/helpers/string_helper.rst index a1acb215c..7a45dc95b 100644 --- a/user_guide_src/source/helpers/string_helper.rst +++ b/user_guide_src/source/helpers/string_helper.rst @@ -5,6 +5,9 @@ String Helper The String Helper file contains functions that assist in working with strings. +.. important:: Please note that these functions are NOT intended, nor + suitable to be used for any kind of security-related logic. + .. contents:: :local: @@ -24,7 +27,6 @@ Available Functions The following functions are available: - .. php:function:: random_string([$type = 'alnum'[, $len = 8]]) :param string $type: Randomization type @@ -99,24 +101,6 @@ The following functions are available: .. note:: To use multiple separate calls to this function simply call the function with no arguments to re-initialize. -.. php:function:: repeater($data[, $num = 1]) - - :param string $data: Input - :param int $num: Number of times to repeat - :returns: Repeated string - :rtype: string - - Generates repeating copies of the data you submit. Example:: - - $string = "\n"; - echo repeater($string, 30); - - The above would generate 30 newlines. - - .. note:: This function is DEPRECATED. Use the native ``str_repeat()`` - instead. - - .. php:function:: reduce_double_slashes($str) :param string $str: Input string @@ -131,7 +115,6 @@ The following functions are available: $string = "http://example.com//index.php"; echo reduce_double_slashes($string); // results in "http://example.com/index.php" - .. php:function:: strip_slashes($data) :param mixed $data: Input string or an array of strings @@ -160,21 +143,6 @@ The following functions are available: and handle string inputs. This however makes it just an alias for ``stripslashes()``. -.. php:function:: trim_slashes($str) - - :param string $str: Input string - :returns: Slash-trimmed string - :rtype: string - - Removes any leading/trailing slashes from a string. Example:: - - $string = "/this/that/theother/"; - echo trim_slashes($string); // results in this/that/theother - - .. note:: This function is DEPRECATED. Use the native ``trim()`` instead: - | - | trim($str, '/'); - .. php:function:: reduce_multiples($str[, $character = ''[, $trim = FALSE]]) :param string $str: Text to search in @@ -183,7 +151,7 @@ The following functions are available: :returns: Reduced string :rtype: string - Reduces multiple instances of a particular character occuring directly + Reduces multiple instances of a particular character occurring directly after each other. Example:: $string = "Fred, Bill,, Joe, Jimmy"; @@ -217,4 +185,4 @@ The following functions are available: Removes single and double quotes from a string. Example:: $string = "Joe's \"dinner\""; - $string = strip_quotes($string); //results in "Joes dinner"
\ No newline at end of file + $string = strip_quotes($string); //results in "Joes dinner" diff --git a/user_guide_src/source/helpers/typography_helper.rst b/user_guide_src/source/helpers/typography_helper.rst index 7eb4fceec..89730b03d 100644 --- a/user_guide_src/source/helpers/typography_helper.rst +++ b/user_guide_src/source/helpers/typography_helper.rst @@ -35,7 +35,7 @@ The following functions are available: Formats text so that it is semantically and typographically correct HTML. - This function is an alias for ``CI_Typography::auto_typography``. + This function is an alias for ``CI_Typography::auto_typography()``. For more info, please see the :doc:`Typography Library <../libraries/typography>` documentation. @@ -45,7 +45,7 @@ The following functions are available: .. note:: Typographic formatting can be processor intensive, particularly if you have a lot of content being formatted. If you choose to use this - function you may want to consider `caching <../general/caching>` your + function you may want to consider :doc:`caching <../general/caching>` your pages. diff --git a/user_guide_src/source/helpers/url_helper.rst b/user_guide_src/source/helpers/url_helper.rst index 64deae240..435a21df4 100644 --- a/user_guide_src/source/helpers/url_helper.rst +++ b/user_guide_src/source/helpers/url_helper.rst @@ -18,11 +18,11 @@ This helper is loaded using the following code:: $this->load->helper('url'); -The following functions are available: - Available Functions =================== +The following functions are available: + .. php:function:: site_url([$uri = ''[, $protocol = NULL]]) :param string $uri: URI string @@ -277,7 +277,7 @@ Available Functions :param string $str: Input string :param string $separator: Word separator - :param string $lowercase: Whether to transform the output string to lower-case + :param bool $lowercase: Whether to transform the output string to lower-case :returns: URL-formatted string :rtype: string @@ -360,7 +360,7 @@ Available Functions is outputted to the browser since it utilizes server headers. .. note:: For very fine grained control over headers, you should use the - `Output Library </libraries/output>` ``set_header()`` method. + :doc:`Output Library </libraries/output>` ``set_header()`` method. .. note:: To IIS users: if you hide the `Server` HTTP header, the *auto* method won't detect IIS, in that case it is advised you explicitly @@ -370,4 +370,4 @@ Available Functions will *automatically* be selected when the page is currently accessed via POST and HTTP/1.1 is used. - .. important:: This function will terminate script execution.
\ No newline at end of file + .. important:: This function will terminate script execution. diff --git a/user_guide_src/source/images/smile.gif b/user_guide_src/source/images/smile.gif Binary files differdeleted file mode 100644 index bf0922504..000000000 --- a/user_guide_src/source/images/smile.gif +++ /dev/null diff --git a/user_guide_src/source/index.rst b/user_guide_src/source/index.rst index 8d8aa9438..615c27f3c 100644 --- a/user_guide_src/source/index.rst +++ b/user_guide_src/source/index.rst @@ -54,6 +54,16 @@ Tutorial tutorial/index +*************************** +Contributing to CodeIgniter +*************************** + +.. toctree:: + :glob: + :titlesonly: + + contributing/index + ************** General Topics ************** @@ -94,16 +104,6 @@ Helper Reference helpers/index -*************************** -Contributing to CodeIgniter -*************************** - -.. toctree:: - :glob: - :titlesonly: - - contributing/index - .. toctree:: :glob: :titlesonly: @@ -116,7 +116,7 @@ Contributing to CodeIgniter installation/index general/index libraries/index - helpers/index database/index + helpers/index tutorial/index general/credits diff --git a/user_guide_src/source/installation/downloads.rst b/user_guide_src/source/installation/downloads.rst index 16c8e537a..d36296e35 100644 --- a/user_guide_src/source/installation/downloads.rst +++ b/user_guide_src/source/installation/downloads.rst @@ -2,7 +2,18 @@ Downloading CodeIgniter ####################### -- `CodeIgniter v3.0.1-dev (Current version) <https://codeload.github.com/bcit-ci/CodeIgniter/zip/develop>`_ +- `CodeIgniter v3.2.0-dev (Current version) <https://codeload.github.com/bcit-ci/CodeIgniter/zip/develop>`_ +- `CodeIgniter v3.1.4-dev <https://codeload.github.com/bcit-ci/CodeIgniter/zip/3.1-stable>`_ +- `CodeIgniter v3.1.3 <https://codeload.github.com/bcit-ci/CodeIgniter/zip/3.1.3>`_ +- `CodeIgniter v3.1.2 <https://codeload.github.com/bcit-ci/CodeIgniter/zip/3.1.2>`_ +- `CodeIgniter v3.1.1 <https://codeload.github.com/bcit-ci/CodeIgniter/zip/3.1.1>`_ +- `CodeIgniter v3.1.0 <https://codeload.github.com/bcit-ci/CodeIgniter/zip/3.1.0>`_ +- `CodeIgniter v3.0.6 <https://codeload.github.com/bcit-ci/CodeIgniter/zip/3.0.6>`_ +- `CodeIgniter v3.0.5 <https://codeload.github.com/bcit-ci/CodeIgniter/zip/3.0.5>`_ +- `CodeIgniter v3.0.4 <https://codeload.github.com/bcit-ci/CodeIgniter/zip/3.0.4>`_ +- `CodeIgniter v3.0.3 <https://codeload.github.com/bcit-ci/CodeIgniter/zip/3.0.3>`_ +- `CodeIgniter v3.0.2 <https://codeload.github.com/bcit-ci/CodeIgniter/zip/3.0.2>`_ +- `CodeIgniter v3.0.1 <https://codeload.github.com/bcit-ci/CodeIgniter/zip/3.0.1>`_ - `CodeIgniter v3.0.0 <https://codeload.github.com/bcit-ci/CodeIgniter/zip/3.0.0>`_ - `CodeIgniter v2.2.3 <https://codeload.github.com/bcit-ci/CodeIgniter/zip/2.2.3>`_ - `CodeIgniter v2.2.2 <https://codeload.github.com/bcit-ci/CodeIgniter/zip/2.2.2>`_ @@ -25,4 +36,4 @@ Please note that while every effort is made to keep this code base functional, we cannot guarantee the functionality of code taken from the develop branch. -Beginning with version 2.0.3, stable versions are also available via `GitHub Releases <https://github.com/bcit-ci/CodeIgniter/releases>`_.
\ No newline at end of file +Beginning with version 2.0.3, stable versions are also available via `GitHub Releases <https://github.com/bcit-ci/CodeIgniter/releases>`_. diff --git a/user_guide_src/source/installation/index.rst b/user_guide_src/source/installation/index.rst index 50493bbbd..fbf6ecee1 100644 --- a/user_guide_src/source/installation/index.rst +++ b/user_guide_src/source/installation/index.rst @@ -6,37 +6,37 @@ CodeIgniter is installed in four steps: #. Unzip the package. #. Upload the CodeIgniter folders and files to your server. Normally the - index.php file will be at your root. -#. Open the application/config/config.php file with a text editor and + *index.php* file will be at your root. +#. Open the *application/config/config.php* file with a text editor and set your base URL. If you intend to use encryption or sessions, set your encryption key. #. If you intend to use a database, open the - application/config/database.php file with a text editor and set your + *application/config/database.php* file with a text editor and set your database settings. If you wish to increase security by hiding the location of your CodeIgniter files you can rename the system and application folders to something more private. If you do rename them, you must open your main -index.php file and set the $system_path and $application_folder +*index.php* file and set the ``$system_path`` and ``$application_folder`` variables at the top of the file with the new name you've chosen. For the best security, both the system and any application folders should be placed above web root so that they are not directly accessible -via a browser. By default, .htaccess files are included in each folder +via a browser. By default, *.htaccess* files are included in each folder to help prevent direct access, but it is best to remove them from public access entirely in case the web server configuration changes or doesn't -abide by the .htaccess. +abide by the *.htaccess*. If you would like to keep your views public it is also possible to move the views folder out of your application folder. After moving them, open your main index.php file and set the -$system_path, $application_folder and $view_folder variables, -preferably with a full path, e.g. '/www/MyUser/system'. +``$system_path``, ``$application_folder`` and ``$view_folder`` variables, +preferably with a full path, e.g. '*/www/MyUser/system*'. One additional measure to take in production environments is to disable PHP error reporting and any other development-only functionality. In -CodeIgniter, this can be done by setting the ENVIRONMENT constant, which +CodeIgniter, this can be done by setting the ``ENVIRONMENT`` constant, which is more fully described on the :doc:`security page <../general/security>`. diff --git a/user_guide_src/source/installation/troubleshooting.rst b/user_guide_src/source/installation/troubleshooting.rst index e874bb0ec..cca290763 100644 --- a/user_guide_src/source/installation/troubleshooting.rst +++ b/user_guide_src/source/installation/troubleshooting.rst @@ -5,11 +5,11 @@ Troubleshooting If you find that no matter what you put in your URL only your default page is loading, it might be that your server does not support the REQUEST_URI variable needed to serve search-engine friendly URLs. As a -first step, open your application/config/config.php file and look for +first step, open your *application/config/config.php* file and look for the URI Protocol information. It will recommend that you try a couple alternate settings. If it still doesn't work after you've tried this you'll need to force CodeIgniter to add a question mark to your URLs. To -do this open your **application/config/config.php** file and change this:: +do this open your *application/config/config.php* file and change this:: $config['index_page'] = "index.php"; diff --git a/user_guide_src/source/installation/upgrade_150.rst b/user_guide_src/source/installation/upgrade_150.rst index bfe01ebba..50eb5eae5 100644 --- a/user_guide_src/source/installation/upgrade_150.rst +++ b/user_guide_src/source/installation/upgrade_150.rst @@ -49,8 +49,8 @@ Open your application/config/config.php file and ADD these new items:: | This item allows you to set the filename/classname prefix when extending | native libraries. For more information please see the user guide: | - | http://codeigniter.com/user_guide/general/core_classes.html - | http://codeigniter.com/user_guide/general/creating_libraries.html + | https://codeigniter.com/user_guide/general/core_classes.html + | https://codeigniter.com/user_guide/general/creating_libraries.html | */ $config['subclass_prefix'] = 'MY_'; diff --git a/user_guide_src/source/installation/upgrade_210.rst b/user_guide_src/source/installation/upgrade_210.rst index 5874bfc86..421435452 100644 --- a/user_guide_src/source/installation/upgrade_210.rst +++ b/user_guide_src/source/installation/upgrade_210.rst @@ -13,14 +13,14 @@ Replace all files and directories in your "system" folder. .. note:: If you have any custom developed files in these folders please make copies of them first. -Step 2: Replace config/user_agents.php -====================================== +Step 2: Replace config/mimes.php +================================ This config file has been updated to contain more user agent types, -please copy it to _application/config/user_agents.php*. +please copy it to *application/config/mimes.php*. Step 3: Update your user guide ============================== Please also replace your local copy of the user guide with the new -version.
\ No newline at end of file +version. diff --git a/user_guide_src/source/installation/upgrade_300.rst b/user_guide_src/source/installation/upgrade_300.rst index 971f9e484..4e2ff8ab2 100644 --- a/user_guide_src/source/installation/upgrade_300.rst +++ b/user_guide_src/source/installation/upgrade_300.rst @@ -65,7 +65,7 @@ Step 3: Replace config/mimes.php ******************************** This config file has been updated to contain more user mime-types, please copy -it to _application/config/mimes.php*. +it to *application/config/mimes.php*. ************************************************************** Step 4: Remove $autoload['core'] from your config/autoload.php @@ -111,7 +111,7 @@ that you should make: - Set your ``$config['sess_driver']`` value - It will default to 'files', unles you've previously used + It will default to 'files', unless you've previously used ``$config['sess_use_database']``, in which case it will be set to 'database'. @@ -206,13 +206,13 @@ Step 8: Replace your error templates ************************************ In CodeIgniter 3.0, the error templates are now considered as views and have been moved to the -_application/views/errors* directory. +*application/views/errors* directory. Furthermore, we've added support for CLI error templates in plain-text format that unlike HTML, is suitable for the command line. This of course requires another level of separation. -It is safe to move your old templates from _application/errors* to _application/views/errors/html*, -but you'll have to copy the new _application/views/errors/cli* directory from the CodeIgniter archive. +It is safe to move your old templates from *application/errors* to *application/views/errors/html*, +but you'll have to copy the new *application/views/errors/cli* directory from the CodeIgniter archive. ****************************************** Step 9: Update your config/routes.php file @@ -266,8 +266,7 @@ cause your 'Main' controller to be loaded. However, what happens if you have an *application/controllers/admin/* directory and the user visits ``http://example.com/admin/``? In CodeIgniter 3, the router will look for a 'Main' controller under the -admin/ directory as well. If not found, it will fallback to the parent -(*application/controllers/*) directory, like in version 2.x. +admin/ directory as well. If not found, a Not Found (404) will be triggered. The same rule applies to the '404_override' setting. @@ -465,8 +464,51 @@ files and error messages format: Therefore you're encouraged to update its usage sooner rather than later. +************************************************************ +Step 19: Make sure your 'base_url' config value is not empty +************************************************************ + +When ``$config['base_url']`` is not set, CodeIgniter tries to automatically +detect what your website's base URL is. This is done purely for convenience +when you are starting development of a new application. + +Auto-detection is never reliable and also has security implications, which +is why you should **always** have it manually configured! + +One of the changes in CodeIgniter 3.0.3 is how this auto-detection works, +and more specifically it now falls back to the server's IP address instead +of the hostname requested by the client. Therefore, if you've ever relied +on auto-detection, it will change how your website works now. + +In case you need to allow e.g. multiple domains, or both http:// and +https:// prefixes to be dynamically used depending on the request, +remember that *application/config/config.php* is still a PHP script, in +which you can create this logic with a few lines of code. For example:: + + $allowed_domains = array('domain1.tld', 'domain2.tld'); + $default_domain = 'domain1.tld'; + + if (in_array($_SERVER['HTTP_HOST'], $allowed_domains, TRUE)) + { + $domain = $_SERVER['HTTP_HOST']; + } + else + { + $domain = $default_domain; + } + + if ( ! empty($_SERVER['HTTPS'])) + { + $config['base_url'] = 'https://'.$domain; + } + else + { + $config['base_url'] = 'http://'.$domain; + } + + **************************************************************** -Step 19: Remove usage of (previously) deprecated functionalities +Step 20: Remove usage of (previously) deprecated functionalities **************************************************************** In addition to the ``$autoload['core']`` configuration setting, there's a @@ -490,9 +532,9 @@ the ``EXT`` constant has been removed. Use just '.php' instead. Smiley helper ============= -The :doc:`Smiley Helper <../helpers/smiley_helper>` is a legacy feature from EllisLab's -ExpressionEngine product. However, it is too specific for a general purpose framework like -CodeIgniter and as such it is now deprecated. +The *Smiley Helper* is a legacy feature from EllisLab's ExpressionEngine product. +However, it is too specific for a general purpose framework like CodeIgniter +and as such it is now deprecated. Also, the previously deprecated ``js_insert_smiley()`` (since version 1.7.2) is now removed. @@ -517,12 +559,12 @@ implemented cryptographic functions. The Cart library ================ -The :doc:`Cart Library <../libraries/cart>`, similarly to the :doc:`Smiley Helper -<../helpers/smiley_helper>` is too specific for CodeIgniter. It is now deprecated -and scheduled for removal in CodeIgniter 3.1+. +The *Cart Library*, similarly to the *Smiley Helper* is too specific for +CodeIgniter. It is now deprecated and scheduled for removal in +CodeIgniter 3.1+. -.. note:: The library is still available, but you're strongly encouraged to remove its usage sooner - rather than later. +.. note:: The library is still available, but you're strongly encouraged to + remove its usage sooner rather than later. Database drivers 'mysql', 'sqlite', 'mssql', 'pdo/dblib' ======================================================== @@ -582,7 +624,7 @@ CodeIgniter 3.1+. String helper repeater() ======================== -:doc:`String Helper <../helpers/string_helper>` function :php:func:`repeater()` is now just an alias for +:doc:`String Helper <../helpers/string_helper>` function ``repeater()`` is now just an alias for PHP's native ``str_repeat()`` function. It is deprecated and scheduled for removal in CodeIgniter 3.1+. .. note:: This function is still available, but you're strongly encouraged to remove its usage sooner @@ -591,7 +633,7 @@ PHP's native ``str_repeat()`` function. It is deprecated and scheduled for remov String helper trim_slashes() ============================ -:doc:`String Helper <../helpers/string_helper>` function :php:func:`trim_slashes()` is now just an alias +:doc:`String Helper <../helpers/string_helper>` function ``trim_slashes()`` is now just an alias for PHP's native ``trim()`` function (with a slash passed as its second argument). It is deprecated and scheduled for removal in CodeIgniter 3.1+. @@ -601,8 +643,8 @@ scheduled for removal in CodeIgniter 3.1+. Form helper form_prep() ======================= -:doc:`Form Helper <../helpers/form_helper>` function :php:func:`form_prep()` -is now just an alias for :doc:`common function </general/common_functions>` +:doc:`Form Helper <../helpers/form_helper>` function ``form_prep()`` is now +just an alias for :doc:`common function </general/common_functions>` :func:`html_escape()`. It is deprecated and will be removed in the future. Please use :php:func:`html_escape()` instead. @@ -613,14 +655,13 @@ Please use :php:func:`html_escape()` instead. Email helper functions ====================== -:doc:`Email Helper <../helpers/email_helper>` only has two functions +The *Email Helper* only has two functions: - - :php:func:`valid_email()` - - :php:func:`send_email()` + - ``valid_email()`` + - ``send_email()`` Both of them are now aliases for PHP's native ``filter_var()`` and ``mail()`` functions, respectively. -Therefore the :doc:`Email Helper <../helpers/email_helper>` altogether is being deprecated and -is scheduled for removal in CodeIgniter 3.1+. +Therefore, the *Email Helper* altogether is being deprecated and is scheduled for removal in CodeIgniter 3.1+. .. note:: These functions are still available, but you're strongly encouraged to remove their usage sooner rather than later. @@ -800,20 +841,38 @@ CodeIgniter 3.1+. .. note:: This method is still available, but you're strongly encouraged to remove its usage sooner rather than later. -====================== The Javascript library ====================== -The :doc:`Javascript Library <../libraries/javascript>` has always had an -'experimental' status and was never really useful, nor a proper solution. +The *Javascript Library* has always had an 'experimental' status and was +never really useful, nor a proper solution. It is now deprecated and scheduled for removal in CodeIgniter 3.1+. .. note:: This library is still available, but you're strongly encouraged to remove its usage sooner rather than later. +Form Validation method prep_for_form() +====================================== + +The :doc:`Form Validation Library <../libraries/form_validation>` has a +``prep_for_form()`` method, which is/can also be used as a rule in +``set_rules()`` to automatically perform HTML encoding on input data. + +Automatically encoding input (instead of output) data is a bad practice in +the first place, and CodeIgniter and PHP itself offer other alternatives +to this method anyway. +For example, :doc:`Form Helper <../helpers/form_helper>` functions will +automatically perform HTML escaping when necessary. + +Therefore, the *prep_for_form* method/rule is pretty much useless and is now +deprecated and scheduled for removal in 3.1+. + +.. note:: The method is still available, but you're strongly encouraged to + remove its usage sooner rather than later. + *********************************************************** -Step 20: Check your usage of Text helper highlight_phrase() +Step 21: Check your usage of Text helper highlight_phrase() *********************************************************** The default HTML tag used by :doc:`Text Helper <../helpers/text_helper>` function diff --git a/user_guide_src/source/installation/upgrade_301.rst b/user_guide_src/source/installation/upgrade_301.rst index f38d34008..450cdb288 100644 --- a/user_guide_src/source/installation/upgrade_301.rst +++ b/user_guide_src/source/installation/upgrade_301.rst @@ -16,4 +16,4 @@ Replace all files and directories in your *system/* directory. Step 2: Update your CLI error templates ======================================= -Replace all files under your *application/errors/cli/* directory.
\ No newline at end of file +Replace all files under your *application/views/errors/cli/* directory. diff --git a/user_guide_src/source/installation/upgrade_302.rst b/user_guide_src/source/installation/upgrade_302.rst new file mode 100644 index 000000000..93d87ac41 --- /dev/null +++ b/user_guide_src/source/installation/upgrade_302.rst @@ -0,0 +1,24 @@ +############################# +Upgrading from 3.0.1 to 3.0.2 +############################# + +Before performing an update you should take your site offline by +replacing the index.php file with a static one. + +Step 1: Update your CodeIgniter files +===================================== + +Replace all files and directories in your *system/* directory. + +.. note:: If you have any custom developed files in these directories, + please make copies of them first. + +Step 2: Update your application/config/constants.php file +========================================================= + +The *application/config/constants.php* file has been updated to check +if constants aren't already defined before doing that, making it easier +to add an environment-specific configuration. + +.. note:: If you've made modifications to this file, please make a + backup first and cross-check the differences first.
\ No newline at end of file diff --git a/user_guide_src/source/installation/upgrade_303.rst b/user_guide_src/source/installation/upgrade_303.rst new file mode 100644 index 000000000..d13a0fe46 --- /dev/null +++ b/user_guide_src/source/installation/upgrade_303.rst @@ -0,0 +1,55 @@ +############################# +Upgrading from 3.0.2 to 3.0.3 +############################# + +Before performing an update you should take your site offline by +replacing the index.php file with a static one. + +Step 1: Update your CodeIgniter files +===================================== + +Replace all files and directories in your *system/* directory. + +.. note:: If you have any custom developed files in these directories, + please make copies of them first. + +Step 2: Make sure your 'base_url' config value is not empty +=========================================================== + +When ``$config['base_url']`` is not set, CodeIgniter tries to automatically +detect what your website's base URL is. This is done purely for convenience +when you are starting development of a new application. + +Auto-detection is never reliable and also has security implications, which +is why you should **always** have it manually configured! + +One of the changes in CodeIgniter 3.0.3 is how this auto-detection works, +and more specifically it now falls back to the server's IP address instead +of the hostname requested by the client. Therefore, if you've ever relied +on auto-detection, it will change how your website works now. + +In case you need to allow e.g. multiple domains, or both http:// and +https:// prefixes to be dynamically used depending on the request, +remember that *application/config/config.php* is still a PHP script, in +which you can create this logic with a few lines of code. For example:: + + $allowed_domains = array('domain1.tld', 'domain2.tld'); + $default_domain = 'domain1.tld'; + + if (in_array($_SERVER['HTTP_HOST'], $allowed_domains, TRUE)) + { + $domain = $_SERVER['HTTP_HOST']; + } + else + { + $domain = $default_domain; + } + + if ( ! empty($_SERVER['HTTPS'])) + { + $config['base_url'] = 'https://'.$domain; + } + else + { + $config['base_url'] = 'http://'.$domain; + } diff --git a/user_guide_src/source/installation/upgrade_304.rst b/user_guide_src/source/installation/upgrade_304.rst new file mode 100644 index 000000000..4d5bd2bb0 --- /dev/null +++ b/user_guide_src/source/installation/upgrade_304.rst @@ -0,0 +1,14 @@ +############################# +Upgrading from 3.0.3 to 3.0.4 +############################# + +Before performing an update you should take your site offline by +replacing the index.php file with a static one. + +Step 1: Update your CodeIgniter files +===================================== + +Replace all files and directories in your *system/* directory. + +.. note:: If you have any custom developed files in these directories, + please make copies of them first. diff --git a/user_guide_src/source/installation/upgrade_305.rst b/user_guide_src/source/installation/upgrade_305.rst new file mode 100644 index 000000000..a47982481 --- /dev/null +++ b/user_guide_src/source/installation/upgrade_305.rst @@ -0,0 +1,14 @@ +############################# +Upgrading from 3.0.4 to 3.0.5 +############################# + +Before performing an update you should take your site offline by +replacing the index.php file with a static one. + +Step 1: Update your CodeIgniter files +===================================== + +Replace all files and directories in your *system/* directory. + +.. note:: If you have any custom developed files in these directories, + please make copies of them first. diff --git a/user_guide_src/source/installation/upgrade_306.rst b/user_guide_src/source/installation/upgrade_306.rst new file mode 100644 index 000000000..3863e0afa --- /dev/null +++ b/user_guide_src/source/installation/upgrade_306.rst @@ -0,0 +1,48 @@ +############################# +Upgrading from 3.0.5 to 3.0.6 +############################# + +Before performing an update you should take your site offline by +replacing the index.php file with a static one. + +Step 1: Update your CodeIgniter files +===================================== + +Replace all files and directories in your *system/* directory. + +.. note:: If you have any custom developed files in these directories, + please make copies of them first. + +Step 2: Update your index.php file (optional) +============================================= + +We've made some tweaks to the index.php file, mostly related to proper +usage of directory separators (i.e. use the ``DIRECTORY_SEPARATOR`` +constant instead of a hard coded forward slash "/"). + +Nothing will break if you skip this step, but if you're running Windows +or just want to be up to date with every change - we do recommend that +you update your index.php file. + +*Tip: Just copy the ``ENVIRONMENT``, ``$system_path``, ``$application_folder`` +and ``$view_folder`` declarations from the old file and put them into the +new one, replacing the defaults.* + +Step 3: Remove 'prep_for_form' usage (deprecation) +================================================== + +The :doc:`Form Validation Library <../libraries/form_validation>` has a +``prep_for_form()`` method, which is/can also be used as a rule in +``set_rules()`` to automatically perform HTML encoding on input data. + +Automatically encoding input (instead of output) data is a bad practice in +the first place, and CodeIgniter and PHP itself offer other alternatives +to this method anyway. +For example, :doc:`Form Helper <../helpers/form_helper>` functions will +automatically perform HTML escaping when necessary. + +Therefore, the *prep_for_form* method/rule is pretty much useless and is now +deprecated and scheduled for removal in 3.1+. + +.. note:: The method is still available, but you're strongly encouraged to + remove its usage sooner rather than later. diff --git a/user_guide_src/source/installation/upgrade_310.rst b/user_guide_src/source/installation/upgrade_310.rst new file mode 100644 index 000000000..cae814327 --- /dev/null +++ b/user_guide_src/source/installation/upgrade_310.rst @@ -0,0 +1,38 @@ +############################# +Upgrading from 3.0.6 to 3.1.0 +############################# + +Before performing an update you should take your site offline by +replacing the index.php file with a static one. + +Step 1: Update your CodeIgniter files +===================================== + +Replace all files and directories in your *system/* directory. + +.. note:: If you have any custom developed files in these directories, + please make copies of them first. + +Step 2: Check your PHP version +============================== + +We recommend always running versions that are `currently supported +<https://secure.php.net/supported-versions.php>`_, which right now is at least PHP 5.6. + +PHP 5.2.x versions are now officially not supported by CodeIgniter, and while 5.3.7+ +may be at least runnable, we strongly discourage you from using any PHP versions below +the ones listed on the `PHP.net Supported Versions <https://secure.php.net/supported-versions.php>`_ +page. + +Step 3: If you're using the 'odbc' database driver, check for usage of Query Builder +==================================================================================== + +:doc:`Query Builder <../database/query_builder>` functionality and ``escape()`` can +no longer be used with the 'odbc' database driver. + +This is because, due to its nature, the `ODBC extension for PHP <https://secure.php.net/odbc>`_ +does not provide a function that allows to safely escape user-supplied strings for usage +inside an SQL query (which our :doc:`Query Builder <../database/query_builder>` relies on). + +Thus, user inputs MUST be bound, as shown in :doc:`Running Queries <../database/queries>`, +under the "Query Bindings" section. diff --git a/user_guide_src/source/installation/upgrade_311.rst b/user_guide_src/source/installation/upgrade_311.rst new file mode 100644 index 000000000..a36e72323 --- /dev/null +++ b/user_guide_src/source/installation/upgrade_311.rst @@ -0,0 +1,14 @@ +############################# +Upgrading from 3.1.0 to 3.1.1 +############################# + +Before performing an update you should take your site offline by +replacing the index.php file with a static one. + +Step 1: Update your CodeIgniter files +===================================== + +Replace all files and directories in your *system/* directory. + +.. note:: If you have any custom developed files in these directories, + please make copies of them first. diff --git a/user_guide_src/source/installation/upgrade_312.rst b/user_guide_src/source/installation/upgrade_312.rst new file mode 100644 index 000000000..e0b2191dd --- /dev/null +++ b/user_guide_src/source/installation/upgrade_312.rst @@ -0,0 +1,40 @@ +############################# +Upgrading from 3.1.1 to 3.1.2 +############################# + +Before performing an update you should take your site offline by +replacing the index.php file with a static one. + +Step 1: Update your CodeIgniter files +===================================== + +Replace all files and directories in your *system/* directory. + +.. note:: If you have any custom developed files in these directories, + please make copies of them first. + +Step 2: Update your "ci_sessions" database table +================================================ + +If you're using the :doc:`Session Library </libraries/sessions>` with the +'database' driver, you may have to ``ALTER`` your sessions table for your +sessions to continue to work. + +.. note:: The table in question is not necessarily named "ci_sessions". + It is what you've set as your ``$config['sess_save_path']``. + +This will only affect you if you've changed your ``session.hash_function`` +*php.ini* setting to something like 'sha512'. Or if you've been running +an older CodeIgniter version on PHP 7.1+. + +It is recommended that you do this anyway, just to avoid potential issues +in the future if you do change your configuration. + +Just execute the one of the following SQL queries, depending on your +database:: + + // MySQL: + ALTER TABLE ci_sessions CHANGE id id varchar(128) NOT NULL; + + // PostgreSQL + ALTER TABLE ci_sessions ALTER COLUMN id SET DATA TYPE varchar(128); diff --git a/user_guide_src/source/installation/upgrade_313.rst b/user_guide_src/source/installation/upgrade_313.rst new file mode 100644 index 000000000..13af775a1 --- /dev/null +++ b/user_guide_src/source/installation/upgrade_313.rst @@ -0,0 +1,46 @@ +############################# +Upgrading from 3.1.2 to 3.1.3 +############################# + +Before performing an update you should take your site offline by +replacing the index.php file with a static one. + +Step 1: Update your CodeIgniter files +===================================== + +Replace all files and directories in your *system/* directory. + +.. note:: If you have any custom developed files in these directories, + please make copies of them first. + +Step 2: Remove usage of nice_date() helper (deprecation) +======================================================== + +The :doc:`Date Helper <../helpers/date_helper>` function ``nice_date()`` is +no longer useful since the introduction of PHP's `DateTime classes +<https://secure.php.net/datetime>`_ + +You can replace it with the following: +:: + + DateTime::createFromFormat($input_format, $input_date)->format($desired_output_format); + +Thus, ``nice_date()`` is now deprecated and scheduled for removal in +CodeIgniter 3.2+. + +.. note:: The function is still available, but you're strongly encouraged + to remove its usage sooner rather than later. + +Step 3: Remove usage of $config['standardize_newlines'] +======================================================= + +The :doc:`Input Library <../libraries/input>` would optionally replace +occurrences of `\r\n`, `\r`, `\n` in input data with whatever the ``PHP_EOL`` +value is on your system - if you've set ``$config['standardize_newlines']`` +to ``TRUE`` in your *application/config/config.php*. + +This functionality is now deprecated and scheduled for removal in +CodeIgniter 3.2.+. + +.. note:: The functionality is still available, but you're strongly + encouraged to remove its usage sooner rather than later. diff --git a/user_guide_src/source/installation/upgrade_314.rst b/user_guide_src/source/installation/upgrade_314.rst new file mode 100644 index 000000000..3f2da6564 --- /dev/null +++ b/user_guide_src/source/installation/upgrade_314.rst @@ -0,0 +1,14 @@ +############################# +Upgrading from 3.1.3 to 3.1.4 +############################# + +Before performing an update you should take your site offline by +replacing the index.php file with a static one. + +Step 1: Update your CodeIgniter files +===================================== + +Replace all files and directories in your *system/* directory. + +.. note:: If you have any custom developed files in these directories, + please make copies of them first. diff --git a/user_guide_src/source/installation/upgrade_320.rst b/user_guide_src/source/installation/upgrade_320.rst new file mode 100644 index 000000000..18f8717f8 --- /dev/null +++ b/user_guide_src/source/installation/upgrade_320.rst @@ -0,0 +1,210 @@ +############################# +Upgrading from 3.1.x to 3.2.x +############################# + +Before performing an update you should take your site offline by +replacing the index.php file with a static one. + +Step 1: Update your CodeIgniter files +===================================== + +Replace all files and directories in your *system/* directory. + +.. note:: If you have any custom developed files in these directories, + please make copies of them first. + +Step 2: Check your PHP version +============================== + +We recommend always running versions that are `currently supported +<https://secure.php.net/supported-versions.php>`_, which right now is at least PHP 5.6. + +PHP 5.3.x versions are now officially not supported by CodeIgniter, and while 5.4.8+ +may be at least runnable, we strongly discourage you from using any PHP versions below +the ones listed on the `PHP.net Supported Versions <https://secure.php.net/supported-versions.php>`_ +page. + +Step 3: Change database connection handling +=========================================== + +"Loading" a database, whether by using the *config/autoload.php* settings +or manually via calling ``$this->load->database()`` or the less-known +``DB()`` function, will now throw a ``RuntimeException`` in case of a +failure. + +In addition, being unable to set the configured character set is now also +considered a connection failure. + +.. note:: This has been the case for most database drivers in the in the + past as well (i.e. all but the 'mysql', 'mysqli' and 'postgre' + drivers). + +What this means is that if you're unable to connect to a database, or +have an erroneous character set configured, CodeIgniter will no longer +fail silently, but will throw an exception instead. + +You may choose to explicitly catch it (and for that purpose you can't use +*config/autoload.php* to load the :doc:`Database Class <../database/index>`) +:: + + try + { + $this->load->database(); + } + catch (RuntimeException $e) + { + // Handle the failure + } + +Or you may leave it to CodeIgniter's default exception handler, which would +log the error message and display an error screen if you're running in +development mode. + +Remove db_set_charset() calls +----------------------------- + +With the above-mentioned changes, the purpose of the ``db_set_charset()`` +method would now only be to change the connection character set at runtime. +That doesn't make sense and that's the reason why most database drivers +don't support it at all. +Thus, ``db_set_charset()`` is no longer necessary and is removed. + +Step 4: Check logic related to URI parsing of CLI requests +========================================================== + +When running a CodeIgniter application from the CLI, the +:doc:`URI Library <../libraries/uri>` will now ignore the +``$config['url_suffix']`` and ``$config['permitted_uri_chars']`` +configuration settings. + +These two options don't make sense under the command line (which is why +this change was made) and therefore you shouldn't be affected by this, but +if you've relied on them for some reason, you'd probably have to make some +changes to your code. + +Step 5: Check Cache Library configurations for Redis, Memcache(d) +================================================================= + +The new improvements for the 'redis' and 'memcached' drivers of the +:doc:`Cache Library <../libraries/caching>` may require some small +adjustments to your configuration values ... + +Redis +----- + +If you're using the 'redis' driver with a UNIX socket connection, you'll +have to move the socket path from ``$config['socket']`` to +``$config['host']`` instead. + +The ``$config['socket_type']`` option is also removed, although that won't +affect your application - it will be ignored and the connection type will +be determined by the format used for ``$config['host']`` instead. + +Memcache(d) +----------- + +The 'memcached' will now ignore configurations that don't specify a ``host`` +value (previously, it just set the host to the default '127.0.0.1'). + +Therefore, if you've added a configuration that only sets e.g. a ``port``, +you will now have to explicitly set the ``host`` to '127.0.0.1' as well. + +Step 6: Check usage of the Email library +======================================== + +The :doc:`Email Library <../libraries/email>` will now by default check the +validity of all e-mail addresses passed to it. This check used to be Off by +default, and required explicitly setting the **validate** option to ``TRUE`` +in order to enable it. + +Naturally, a validity check should not result in any problems, but this is +technically a backwards-compatibility break and you should check that +everything works fine. +If something indeed goes wrong with that, please report it as a bug to us, +and you can disable the **validate** option to revert to the old behavior. + +Step 7: Check usage of doctype() HTML helper +============================================ + +The :doc:`HTML Helper <../helpers/html_helper>` function +:php:func:`doctype()` used to default to 'xhtml1-strict' (XHTML 1.0 Strict) +when no document type was specified. That default value is now changed to +'html5', which obviously stands for the modern HTML 5 standard. + +Nothing should be really broken by this change, but if your application +relies on the default value, you should double-check it and either +explicitly set the desired format, or adapt your front-end to use proper +HTML 5 formatting. + +Step 8: Check usage of form_upload() Form helper +================================================ + +The :doc:`Form Helper <../helpers/form_helper>` function +:php:func:`form_upload()` used to have 3 parameters, the second of which +(``$value``) was never used, as it doesn't make sense for an HTML ``input`` +tag of the "file" type. + +That dead parameter is now removed, and so if you've used the third one +(``$extra``), having code like this:: + + form_upload('name', 'irrelevant value', $extra); + +You should change it to:: + + form_upload('name', $extra); + +Step 9: Remove usage of previously deprecated functionalities +============================================================= + +The following is a list of functionalities deprecated in previous +CodeIgniter versions that have been removed in 3.2.0: + +- ``$config['allow_get_array']`` (use ``$_GET = array();`` instead) +- ``$config['standardize_newlines']`` +- ``$config['rewrite_short_tags']`` (no impact; irrelevant on PHP 5.4+) + +- 'sqlite' database driver (no longer shipped with PHP 5.4+; 'sqlite3' is still available) + +- ``CI_Input::is_cli_request()`` (use :php:func:`is_cli()` instead) +- ``CI_Router::fetch_directory()`` (use ``CI_Router::$directory`` instead) +- ``CI_Router::fetch_class()`` (use ``CI_Router::$class`` instead) +- ``CI_Router::fetch_method()`` (use ``CI_Router::$method`` instead) +- ``CI_Config::system_url()`` (encourages insecure practices) +- ``CI_Form_validation::prep_for_form()`` (the *prep_for_form* rule) + +- ``standard_date()`` :doc:`Date Helper <../helpers/date_helper>` function (use ``date()`` instead) +- ``do_hash()`` :doc:`Security Helper <../helpers/security_helper>` function (use ``hash()`` instead) +- ``br()`` :doc:`HTML Helper <../helpers/html_helper>` function (use ``str_repeat()`` with ``'<br />'`` instead) +- ``nbs()`` :doc:`HTML Helper <../helpers/html_helper>` function (use ``str_repeat()`` with ``' '`` instead) +- ``trim_slashes()`` :doc:`String Helper <../helpers/string_helper>` function (use ``trim()`` with ``'/'`` instead) +- ``repeater()`` :doc:`String Helper <../helpers/string_helper>` function (use ``str_repeat()`` instead) +- ``read_file()`` :doc:`File Helper <../helpers/file_helper>` function (use ``file_get_contents()`` instead) +- ``form_prep()`` :doc:`Form Helper <../helpers/form_helper>` function (use :php:func:`html_escape()` instead) + +- The entire *Cart Library* (an archived version is available on GitHub: `bcit-ci/ci3-cart-library <https://github.com/bcit-ci/ci3-cart-library>`_) +- The entire *Javascript Library* (it was always experimental in the first place) + +- The entire *Email Helper*, which only had two functions: + + - ``valid_email()`` (use ``filter_var($email, FILTER_VALIDATE_EMAIL)`` instead) + - ``send_email()`` (use ``mail()`` instead) + +- The entire *Smiley Helper* (an archived version is available on GitHub: `bcit-ci/ci3-smiley-helper <https://github.com/bcit-ci/ci3-smiley-helper>`_) + +Step 10: Make sure you're validating all user inputs +==================================================== + +The :doc:`Input Library <../libraries/input>` used to (often +unconditionally) filter and/or sanitize user input in the ``$_GET``, +``$_POST`` and ``$_COOKIE`` superglobals. + +This was a legacy feature from older times, when things like +`register_globals <https://secure.php.net/register_globals>`_ and +`magic_quotes_gpc <https://secure.php.net/magic_quotes_gpc>`_ existed in +PHP. +It was a necessity back then, but this is no longer the case and reliance +on global filters is a bad practice, giving you a false sense of security. + +This functionality is now removed, and so if you've relied on it for +whatever reasons, you should double-check that you are properly validating +all user inputs in your application (as you always should do). diff --git a/user_guide_src/source/installation/upgrading.rst b/user_guide_src/source/installation/upgrading.rst index e0f0dd5b7..ca7677ba9 100644 --- a/user_guide_src/source/installation/upgrading.rst +++ b/user_guide_src/source/installation/upgrading.rst @@ -8,6 +8,17 @@ upgrading from. .. toctree:: :titlesonly: + Upgrading from 3.1.3+ to 3.2.x <upgrade_320> + Upgrading from 3.1.3 to 3.1.4 <upgrade_314> + Upgrading from 3.1.2 to 3.1.3 <upgrade_313> + Upgrading from 3.1.1 to 3.1.2 <upgrade_312> + Upgrading from 3.1.0 to 3.1.1 <upgrade_311> + Upgrading from 3.0.6 to 3.1.0 <upgrade_310> + Upgrading from 3.0.5 to 3.0.6 <upgrade_306> + Upgrading from 3.0.4 to 3.0.5 <upgrade_305> + Upgrading from 3.0.3 to 3.0.4 <upgrade_304> + Upgrading from 3.0.2 to 3.0.3 <upgrade_303> + Upgrading from 3.0.1 to 3.0.2 <upgrade_302> Upgrading from 3.0.0 to 3.0.1 <upgrade_301> Upgrading from 2.2.x to 3.0.x <upgrade_300> Upgrading from 2.2.2 to 2.2.3 <upgrade_223> diff --git a/user_guide_src/source/libraries/caching.rst b/user_guide_src/source/libraries/caching.rst index a7081ec6b..81019c015 100644 --- a/user_guide_src/source/libraries/caching.rst +++ b/user_guide_src/source/libraries/caching.rst @@ -255,8 +255,6 @@ To use it, you need `Redis server and phpredis PHP extension <https://github.com Config options to connect to redis server must be stored in the application/config/redis.php file. Available options are:: - $config['socket_type'] = 'tcp'; //`tcp` or `unix` - $config['socket'] = '/var/run/redis.sock'; // in case of `unix` socket type $config['host'] = '127.0.0.1'; $config['password'] = NULL; $config['port'] = 6379; diff --git a/user_guide_src/source/libraries/calendar.rst b/user_guide_src/source/libraries/calendar.rst index 52883d297..8fdacf1d7 100644 --- a/user_guide_src/source/libraries/calendar.rst +++ b/user_guide_src/source/libraries/calendar.rst @@ -60,10 +60,10 @@ parameter of the calendar generating function. Consider this example:: $this->load->library('calendar'); $data = array( - 3 => 'http://example.com/news/article/2006/03/', - 7 => 'http://example.com/news/article/2006/07/', - 13 => 'http://example.com/news/article/2006/13/', - 26 => 'http://example.com/news/article/2006/26/' + 3 => 'http://example.com/news/article/2006/06/03/', + 7 => 'http://example.com/news/article/2006/06/07/', + 13 => 'http://example.com/news/article/2006/06/13/', + 26 => 'http://example.com/news/article/2006/06/26/' ); echo $this->calendar->generate(2006, 6, $data); @@ -179,7 +179,7 @@ will be placed within a pair of pseudo-variables as shown here:: {cal_cell_blank} {/cal_cell_blank} - {cal_cell_other}{day}{cal_cel_other} + {cal_cell_other}{day}{/cal_cel_other} {cal_cell_end}</td>{/cal_cell_end} {cal_cell_end_today}</td>{/cal_cell_end_today} @@ -304,4 +304,4 @@ Class Reference :rtype: CI_Calendar Harvests the data within the template ``{pseudo-variables}`` used to - display the calendar.
\ No newline at end of file + display the calendar. diff --git a/user_guide_src/source/libraries/cart.rst b/user_guide_src/source/libraries/cart.rst deleted file mode 100644 index be343320d..000000000 --- a/user_guide_src/source/libraries/cart.rst +++ /dev/null @@ -1,398 +0,0 @@ -################### -Shopping Cart Class -################### - -The Cart Class permits items to be added to a session that stays active -while a user is browsing your site. These items can be retrieved and -displayed in a standard "shopping cart" format, allowing the user to -update the quantity or remove items from the cart. - -.. important:: The Cart library is DEPRECATED and should not be used. - It is currently only kept for backwards compatibility. - -Please note that the Cart Class ONLY provides the core "cart" -functionality. It does not provide shipping, credit card authorization, -or other processing components. - -.. contents:: - :local: - -.. raw:: html - - <div class="custom-index container"></div> - -******************** -Using the Cart Class -******************** - -Initializing the Shopping Cart Class -==================================== - -.. important:: The Cart class utilizes CodeIgniter's :doc:`Session - Class <sessions>` to save the cart information to a database, so - before using the Cart class you must set up a database table as - indicated in the :doc:`Session Documentation <sessions>`, and set the - session preferences in your application/config/config.php file to - utilize a database. - -To initialize the Shopping Cart Class in your controller constructor, -use the ``$this->load->library()`` method:: - - $this->load->library('cart'); - -Once loaded, the Cart object will be available using:: - - $this->cart - -.. note:: The Cart Class will load and initialize the Session Class - automatically, so unless you are using sessions elsewhere in your - application, you do not need to load the Session class. - -Adding an Item to The Cart -========================== - -To add an item to the shopping cart, simply pass an array with the -product information to the ``$this->cart->insert()`` method, as shown -below:: - - $data = array( - 'id' => 'sku_123ABC', - 'qty' => 1, - 'price' => 39.95, - 'name' => 'T-Shirt', - 'options' => array('Size' => 'L', 'Color' => 'Red') - ); - - $this->cart->insert($data); - -.. important:: The first four array indexes above (id, qty, price, and - name) are **required**. If you omit any of them the data will not be - saved to the cart. The fifth index (options) is optional. It is intended - to be used in cases where your product has options associated with it. - Use an array for options, as shown above. - -The five reserved indexes are: - -- **id** - Each product in your store must have a unique identifier. - Typically this will be an "sku" or other such identifier. -- **qty** - The quantity being purchased. -- **price** - The price of the item. -- **name** - The name of the item. -- **options** - Any additional attributes that are needed to identify - the product. These must be passed via an array. - -In addition to the five indexes above, there are two reserved words: -rowid and subtotal. These are used internally by the Cart class, so -please do NOT use those words as index names when inserting data into -the cart. - -Your array may contain additional data. Anything you include in your -array will be stored in the session. However, it is best to standardize -your data among all your products in order to make displaying the -information in a table easier. - -:: - - $data = array( - 'id' => 'sku_123ABC', - 'qty' => 1, - 'price' => 39.95, - 'name' => 'T-Shirt', - 'coupon' => 'XMAS-50OFF' - ); - - $this->cart->insert($data); - -The ``insert()`` method will return the $rowid if you successfully insert a -single item. - -Adding Multiple Items to The Cart -================================= - -By using a multi-dimensional array, as shown below, it is possible to -add multiple products to the cart in one action. This is useful in cases -where you wish to allow people to select from among several items on the -same page. - -:: - - $data = array( - array( - 'id' => 'sku_123ABC', - 'qty' => 1, - 'price' => 39.95, - 'name' => 'T-Shirt', - 'options' => array('Size' => 'L', 'Color' => 'Red') - ), - array( - 'id' => 'sku_567ZYX', - 'qty' => 1, - 'price' => 9.95, - 'name' => 'Coffee Mug' - ), - array( - 'id' => 'sku_965QRS', - 'qty' => 1, - 'price' => 29.95, - 'name' => 'Shot Glass' - ) - ); - - $this->cart->insert($data); - -Displaying the Cart -=================== - -To display the cart you will create a :doc:`view -file </general/views>` with code similar to the one shown below. - -Please note that this example uses the :doc:`form -helper </helpers/form_helper>`. - -:: - - <?php echo form_open('path/to/controller/update/method'); ?> - - <table cellpadding="6" cellspacing="1" style="width:100%" border="0"> - - <tr> - <th>QTY</th> - <th>Item Description</th> - <th style="text-align:right">Item Price</th> - <th style="text-align:right">Sub-Total</th> - </tr> - - <?php $i = 1; ?> - - <?php foreach ($this->cart->contents() as $items): ?> - - <?php echo form_hidden($i.'[rowid]', $items['rowid']); ?> - - <tr> - <td><?php echo form_input(array('name' => $i.'[qty]', 'value' => $items['qty'], 'maxlength' => '3', 'size' => '5')); ?></td> - <td> - <?php echo $items['name']; ?> - - <?php if ($this->cart->has_options($items['rowid']) == TRUE): ?> - - <p> - <?php foreach ($this->cart->product_options($items['rowid']) as $option_name => $option_value): ?> - - <strong><?php echo $option_name; ?>:</strong> <?php echo $option_value; ?><br /> - - <?php endforeach; ?> - </p> - - <?php endif; ?> - - </td> - <td style="text-align:right"><?php echo $this->cart->format_number($items['price']); ?></td> - <td style="text-align:right">$<?php echo $this->cart->format_number($items['subtotal']); ?></td> - </tr> - - <?php $i++; ?> - - <?php endforeach; ?> - - <tr> - <td colspan="2">Â </td> - <td class="right"><strong>Total</strong></td> - <td class="right">$<?php echo $this->cart->format_number($this->cart->total()); ?></td> - </tr> - - </table> - - <p><?php echo form_submit('', 'Update your Cart'); ?></p> - -Updating The Cart -================= - -To update the information in your cart, you must pass an array -containing the Row ID and one or more pre-defined properties to the -``$this->cart->update()`` method. - -.. note:: If the quantity is set to zero, the item will be removed from - the cart. - -:: - - $data = array( - 'rowid' => 'b99ccdf16028f015540f341130b6d8ec', - 'qty' => 3 - ); - - $this->cart->update($data); - - // Or a multi-dimensional array - - $data = array( - array( - 'rowid' => 'b99ccdf16028f015540f341130b6d8ec', - 'qty' => 3 - ), - array( - 'rowid' => 'xw82g9q3r495893iajdh473990rikw23', - 'qty' => 4 - ), - array( - 'rowid' => 'fh4kdkkkaoe30njgoe92rkdkkobec333', - 'qty' => 2 - ) - ); - - $this->cart->update($data); - -You may also update any property you have previously defined when -inserting the item such as options, price or other custom fields. - -:: - - $data = array( - 'rowid' => 'b99ccdf16028f015540f341130b6d8ec', - 'qty' => 1, - 'price' => 49.95, - 'coupon' => NULL - ); - - $this->cart->update($data); - -What is a Row ID? -***************** - -The row ID is a unique identifier that is generated by the cart code -when an item is added to the cart. The reason a unique ID is created -is so that identical products with different options can be managed -by the cart. - -For example, let's say someone buys two identical t-shirts (same product -ID), but in different sizes. The product ID (and other attributes) will -be identical for both sizes because it's the same shirt. The only -difference will be the size. The cart must therefore have a means of -identifying this difference so that the two sizes of shirts can be -managed independently. It does so by creating a unique "row ID" based on -the product ID and any options associated with it. - -In nearly all cases, updating the cart will be something the user does -via the "view cart" page, so as a developer, it is unlikely that you -will ever have to concern yourself with the "row ID", other than making -sure your "view cart" page contains this information in a hidden form -field, and making sure it gets passed to the ``update()`` method when -the update form is submitted. Please examine the construction of the -"view cart" page above for more information. - - -*************** -Class Reference -*************** - -.. php:class:: CI_Cart - - .. attribute:: $product_id_rules = '\.a-z0-9_-' - - These are the regular expression rules that we use to validate the product - ID - alpha-numeric, dashes, underscores, or periods by default - - .. attribute:: $product_name_rules = '\w \-\.\:' - - These are the regular expression rules that we use to validate the product ID and product name - alpha-numeric, dashes, underscores, colons or periods by - default - - .. attribute:: $product_name_safe = TRUE - - Whether or not to only allow safe product names. Default TRUE. - - - .. php:method:: insert([$items = array()]) - - :param array $items: Items to insert into the cart - :returns: TRUE on success, FALSE on failure - :rtype: bool - - Insert items into the cart and save it to the session table. Returns TRUE - on success and FALSE on failure. - - - .. php:method:: update([$items = array()]) - - :param array $items: Items to update in the cart - :returns: TRUE on success, FALSE on failure - :rtype: bool - - This method permits changing the properties of a given item. - Typically it is called from the "view cart" page if a user makes changes - to the quantity before checkout. That array must contain the rowid - for each item. - - .. php:method:: remove($rowid) - - :param int $rowid: ID of the item to remove from the cart - :returns: TRUE on success, FALSE on failure - :rtype: bool - - Allows you to remove an item from the shopping cart by passing it the - ``$rowid``. - - .. php:method:: total() - - :returns: Total amount - :rtype: int - - Displays the total amount in the cart. - - - .. php:method:: total_items() - - :returns: Total amount of items in the cart - :rtype: int - - Displays the total number of items in the cart. - - - .. php:method:: contents([$newest_first = FALSE]) - - :param bool $newest_first: Whether to order the array with newest items first - :returns: An array of cart contents - :rtype: array - - Returns an array containing everything in the cart. You can sort the - order by which the array is returned by passing it TRUE where the contents - will be sorted from newest to oldest, otherwise it is sorted from oldest - to newest. - - .. php:method:: get_item($row_id) - - :param int $row_id: Row ID to retrieve - :returns: Array of item data - :rtype: array - - Returns an array containing data for the item matching the specified row - ID, or FALSE if no such item exists. - - .. php:method:: has_options($row_id = '') - - :param int $row_id: Row ID to inspect - :returns: TRUE if options exist, FALSE otherwise - :rtype: bool - - Returns TRUE (boolean) if a particular row in the cart contains options. - This method is designed to be used in a loop with ``contents()``, since - you must pass the rowid to this method, as shown in the Displaying - the Cart example above. - - .. php:method:: product_options([$row_id = '']) - - :param int $row_id: Row ID - :returns: Array of product options - :rtype: array - - Returns an array of options for a particular product. This method is - designed to be used in a loop with ``contents()``, since you - must pass the rowid to this method, as shown in the Displaying the - Cart example above. - - .. php:method:: destroy() - - :rtype: void - - Permits you to destroy the cart. This method will likely be called - when you are finished processing the customer's order.
\ No newline at end of file diff --git a/user_guide_src/source/libraries/config.rst b/user_guide_src/source/libraries/config.rst index a45cacdf5..2431abf93 100644 --- a/user_guide_src/source/libraries/config.rst +++ b/user_guide_src/source/libraries/config.rst @@ -211,7 +211,7 @@ Class Reference .. php:method:: load([$file = ''[, $use_sections = FALSE[, $fail_gracefully = FALSE]]]) :param string $file: Configuration file name - :param bool $use_sections: Whether config values shoud be loaded into their own section (index of the main config array) + :param bool $use_sections: Whether config values should be loaded into their own section (index of the main config array) :param bool $fail_gracefully: Whether to return FALSE or to display an error message :returns: TRUE on success, FALSE on failure :rtype: bool @@ -239,14 +239,3 @@ Class Reference This method is normally accessed via the corresponding functions in the :doc:`URL Helper </helpers/url_helper>`. - - .. php:method:: system_url() - - :returns: URL pointing at your CI system/ directory - :rtype: string - - This method retrieves the URL to your CodeIgniter system/ directory. - - .. note:: This method is DEPRECATED because it encourages usage of - insecure coding practices. Your *system/* directory shouldn't - be publicly accessible.
\ No newline at end of file diff --git a/user_guide_src/source/libraries/email.rst b/user_guide_src/source/libraries/email.rst index eadfcfd5c..bd416ba3b 100644 --- a/user_guide_src/source/libraries/email.rst +++ b/user_guide_src/source/libraries/email.rst @@ -108,7 +108,7 @@ Preference Default Value Options Descript page. Make sure you don't have any relative links or relative image paths otherwise they will not work. **charset** ``$config['charset']`` Character set (utf-8, iso-8859-1, etc.). -**validate** FALSE TRUE or FALSE (boolean) Whether to validate the email address. +**validate** TRUE TRUE or FALSE (boolean) Whether to validate the email address. **priority** 3 1, 2, 3, 4, 5 Email Priority. 1 = highest. 5 = lowest. 3 = normal. **crlf** \\n "\\r\\n" or "\\n" or "\\r" Newline character. (Use "\\r\\n" to comply with RFC 822). **newline** \\n "\\r\\n" or "\\n" or "\\r" Newline character. (Use "\\r\\n" to comply with RFC 822). @@ -348,7 +348,7 @@ Class Reference $this->email->attach('http://example.com/filename.pdf'); - If you'd like to use a custom file name, you can use the third paramater:: + If you'd like to use a custom file name, you can use the third parameter:: $this->email->attach('filename.pdf', 'attachment', 'report.pdf'); @@ -374,7 +374,7 @@ Class Reference { $this->email->to($address); $cid = $this->email->attachment_cid($filename); - $this->email->message('<img src='cid:". $cid ."' alt="photo1" />'); + $this->email->message('<img src="cid:'. $cid .'" alt="photo1" />'); $this->email->send(); } @@ -387,7 +387,7 @@ Class Reference :rtype: string Returns a string containing any server messages, the email headers, and - the email messsage. Useful for debugging. + the email message. Useful for debugging. You can optionally specify which parts of the message should be printed. Valid options are: **headers**, **subject**, **body**. @@ -402,4 +402,4 @@ Class Reference // Will only print the email headers, excluding the message subject and body $this->email->print_debugger(array('headers')); - .. note:: By default, all of the raw data will be printed.
\ No newline at end of file + .. note:: By default, all of the raw data will be printed. diff --git a/user_guide_src/source/libraries/encryption.rst b/user_guide_src/source/libraries/encryption.rst index 599be4df0..b16511d4d 100644 --- a/user_guide_src/source/libraries/encryption.rst +++ b/user_guide_src/source/libraries/encryption.rst @@ -13,7 +13,7 @@ unfortunately not always available on all systems. You must meet one of the following dependencies in order to use this library: -- `OpenSSL <http://php.net/openssl>`_ (and PHP 5.3.3) +- `OpenSSL <http://php.net/openssl>`_ - `MCrypt <http://php.net/mcrypt>`_ (and `MCRYPT_DEV_URANDOM` availability) If neither of the above dependencies is met, we simply cannot offer @@ -75,7 +75,7 @@ process that allows you to be the only one who is able to decrypt data that you've decided to hide from the eyes of the public. After one key is used to encrypt data, that same key provides the **only** means to decrypt it, so not only must you chose one carefully, but you -must not lose it or you will also use the encrypted data. +must not lose it or you will also lose access to the data. It must be noted that to ensure maximum security, such key *should* not only be as strong as possible, but also often changed. Such behavior @@ -382,7 +382,7 @@ the hood: #. Check if the string is long enough, separate the HMAC out of it and validate if it is correct (this is done in a way that - prevents timing attacks agains it). Return FALSE if either of + prevents timing attacks against it). Return FALSE if either of the checks fails. #. Base64-decode the string. diff --git a/user_guide_src/source/libraries/form_validation.rst b/user_guide_src/source/libraries/form_validation.rst index be6d1f233..6a92cc983 100644 --- a/user_guide_src/source/libraries/form_validation.rst +++ b/user_guide_src/source/libraries/form_validation.rst @@ -116,7 +116,7 @@ this code and save it to your application/views/ folder:: The Controller ============== -Using a text editor, create a controller called form.php. In it, place +Using a text editor, create a controller called Form.php. In it, place this code and save it to your application/controllers/ folder:: <?php @@ -175,7 +175,7 @@ The form (myform.php) is a standard web form with a couple exceptions: This function will return any error messages sent back by the validator. If there are no messages it returns an empty string. -The controller (form.php) has one method: ``index()``. This method +The controller (Form.php) has one method: ``index()``. This method initializes the validation class and loads the form helper and URL helper used by your view files. It also runs the validation routine. Based on whether the validation was successful it either presents the @@ -205,7 +205,7 @@ The above method takes **three** parameters as input: .. note:: If you would like the field name to be stored in a language file, please see :ref:`translating-field-names`. -Here is an example. In your controller (form.php), add this code just +Here is an example. In your controller (Form.php), add this code just below the validation initialization method:: $this->form_validation->set_rules('username', 'Username', 'required'); @@ -465,7 +465,7 @@ for you to process. To invoke a callback just put the method name in a rule, with "callback\_" as the rule **prefix**. If you need to receive an extra parameter in your callback method, just add it normally after the -method name between square brackets, as in: "callback_foo**[bar]**", +method name between square brackets, as in: ``callback_foo[bar]``, then it will be passed as the second argument of your callback method. .. note:: You can also process the form data that is passed to your @@ -495,8 +495,7 @@ The above code would use the ``valid_username()`` method from your This is just an example of course, and callbacks aren't limited to models. You can use any object/method that accepts the field value as its' first -parameter. Or if you're running PHP 5.3+, you can also use an anonymous -function:: +parameter. You can also use an anonymous function:: $this->form_validation->set_rules( 'username', 'Username', @@ -522,7 +521,7 @@ the second element of an array, with the first one being the rule name:: ) ); -Anonymous function (PHP 5.3+) version:: +Anonymous function version:: $this->form_validation->set_rules( 'username', 'Username', @@ -547,7 +546,10 @@ All of the native error messages are located in the following language file: **system/language/english/form_validation_lang.php** To set your own global custom message for a rule, you can either -edit that file, or use the following method:: +extend/override the language file by creating your own in +**application/language/english/form_validation_lang.php** (read more +about this in the :doc:`Language Class <language>` documentation), +or use the following method:: $this->form_validation->set_message('rule', 'Error Message'); @@ -983,8 +985,9 @@ Rule Parameter Description **valid_url** No Returns FALSE if the form element does not contain a valid URL. **valid_email** No Returns FALSE if the form element does not contain a valid email address. **valid_emails** No Returns FALSE if any value provided in a comma separated list is not a valid email. -**valid_ip** No Returns FALSE if the supplied IP is not valid. +**valid_ip** Yes Returns FALSE if the supplied IP address is not valid. Accepts an optional parameter of 'ipv4' or 'ipv6' to specify an IP format. +**valid_mac** No Returns FALSE if the supplied MAC address is not valid. **valid_base64** No Returns FALSE if the supplied string contains anything other than valid Base64 characters. ========================= ========== ============================================================================================= ======================= @@ -1004,14 +1007,13 @@ Prepping Reference The following is a list of all the prepping methods that are available to use: -==================== ========= ======================================================================================================= +==================== ========= ============================================================================================================== Name Parameter Description -==================== ========= ======================================================================================================= -**prep_for_form** No Converts special characters so that HTML data can be shown in a form field without breaking it. +==================== ========= ============================================================================================================== **prep_url** No Adds "\http://" to URLs if missing. **strip_image_tags** No Strips the HTML from image tags leaving the raw URL. **encode_php_tags** No Converts PHP tags to entities. -==================== ========= ======================================================================================================= +==================== ========= ============================================================================================================== .. note:: You can also use any native PHP functions that permits one parameter, like ``trim()``, ``htmlspecialchars()``, ``urldecode()``, @@ -1025,12 +1027,14 @@ Class Reference .. php:class:: CI_Form_validation - .. php:method:: set_rules($field[, $label = ''[, $rules = '']]) + .. php:method:: set_rules($field[, $label = null[, $rules = null[, $errors = array()]]]) :param string $field: Field name :param string $label: Field label :param mixed $rules: Validation rules, as a string list separated by a pipe "|", or as an array or rules + :param array $errors: A list of custom error messages :returns: CI_Form_validation instance (method chaining) + :throws: BadMethodCallException If $field is not an array and $rules was not used :rtype: CI_Form_validation Permits you to set validation rules, as described in the tutorial @@ -1137,4 +1141,4 @@ the following functions: - :php:func:`set_radio()` Note that these are procedural functions, so they **do not** require you -to prepend them with ``$this->form_validation``.
\ No newline at end of file +to prepend them with ``$this->form_validation``. diff --git a/user_guide_src/source/libraries/ftp.rst b/user_guide_src/source/libraries/ftp.rst index ddd4442fd..2a015256d 100644 --- a/user_guide_src/source/libraries/ftp.rst +++ b/user_guide_src/source/libraries/ftp.rst @@ -2,7 +2,7 @@ FTP Class ######### -CodeIgniter's FTP Class permits files to be transfered to a remote +CodeIgniter's FTP Class permits files to be transferred to a remote server. Remote files can also be moved, renamed, and deleted. The FTP class also includes a "mirroring" function that permits an entire local directory to be recreated remotely via FTP. diff --git a/user_guide_src/source/libraries/image_lib.rst b/user_guide_src/source/libraries/image_lib.rst index e5f7c000f..442541bf6 100644 --- a/user_guide_src/source/libraries/image_lib.rst +++ b/user_guide_src/source/libraries/image_lib.rst @@ -63,7 +63,8 @@ called *mypic.jpg* located in the source_image folder, then create a thumbnail that is 75 X 50 pixels using the GD2 image_library. Since the maintain_ratio option is enabled, the thumb will be as close to the target width and height as possible while preserving the original aspect -ratio. The thumbnail will be called *mypic_thumb.jpg* +ratio. The thumbnail will be called *mypic_thumb.jpg* and located at +the same level as *source_image*. .. note:: In order for the image class to be allowed to do any processing, the folder containing the image files must have write @@ -282,7 +283,7 @@ Preference Default Value Options Description **wm_shadow_color** None None The color of the drop shadow, specified in hex. If you leave this blank a drop shadow will not be used. Both the full 6-length (ie, 993300) and the short three character abbreviated version (ie, fff) are supported. -**wm_shadow_distance** 3 None The distance (in pixels) from the font that the drop shadow should +**wm_shadow_distance** 2 None The distance (in pixels) from the font that the drop shadow should appear. ======================= =================== =================== ========================================================================== @@ -407,7 +408,7 @@ Class Reference method is not very useful unless you intend to build such an interface. That's exactly what we did using for the photo gallery module in ExpressionEngine, the CMS we develop. We added a JavaScript UI that - lets the cropping area be selected. + lets the cropping area be selected. (from EllisLab) .. php:method:: rotate() @@ -471,4 +472,4 @@ Class Reference Returns all detected errors formatted as a string. :: - echo $this->image_lib->diplay_errors();
\ No newline at end of file + echo $this->image_lib->display_errors(); diff --git a/user_guide_src/source/libraries/input.rst b/user_guide_src/source/libraries/input.rst index d9c6c2dd1..8a0b5f286 100644 --- a/user_guide_src/source/libraries/input.rst +++ b/user_guide_src/source/libraries/input.rst @@ -2,10 +2,8 @@ Input Class ########### -The Input Class serves two purposes: - -#. It pre-processes global input data for security. -#. It provides some helper methods for fetching input data and pre-processing it. +The Input Class provides some helper methods for accessing input data +and pre-processing it. .. note:: This class is initialized automatically by the system so there is no need to do it manually. @@ -17,49 +15,9 @@ The Input Class serves two purposes: <div class="custom-index container"></div> -*************** -Input Filtering -*************** - -Security Filtering -================== - -The security filtering method is called automatically when a new -:doc:`controller <../general/controllers>` is invoked. It does the -following: - -- If ``$config['allow_get_array']`` is FALSE (default is TRUE), destroys - the global GET array. -- Destroys all global variables in the event register_globals is - turned on. -- Filters the GET/POST/COOKIE array keys, permitting only alpha-numeric - (and a few other) characters. -- Provides XSS (Cross-site Scripting Hacks) filtering. This can be - enabled globally, or upon request. -- Standardizes newline characters to ``PHP_EOL`` (\\n in UNIX-based OSes, - \\r\\n under Windows). This is configurable. - -XSS Filtering -============= - -The Input class has the ability to filter input automatically to prevent -cross-site scripting attacks. If you want the filter to run -automatically every time it encounters POST or COOKIE data you can -enable it by opening your *application/config/config.php* file and setting -this:: - - $config['global_xss_filtering'] = TRUE; - -Please refer to the :doc:`Security class <security>` documentation for -information on using XSS Filtering in your application. - -.. important:: The 'global_xss_filtering' setting is DEPRECATED and kept - solely for backwards-compatibility purposes. XSS escaping should - be performed on *output*, not *input*! - -******************* -Accessing form data -******************* +******************** +Accessing input data +******************** Using POST, GET, COOKIE, or SERVER Data ======================================= @@ -130,7 +88,7 @@ Class Reference The property can be read multiple times. - .. php:method:: post([$index = NULL[, $xss_clean = NULL]]) + .. php:method:: post([$index = NULL[, $xss_clean = FALSE]]) :param mixed $index: POST parameter name :param bool $xss_clean: Whether to apply XSS filtering @@ -147,7 +105,6 @@ Class Reference The second optional parameter lets you run the data through the XSS filter. It's enabled by setting the second parameter to boolean TRUE - or by setting your ``$config['global_xss_filtering']`` to TRUE. :: $this->input->post('some_data', TRUE); @@ -167,13 +124,13 @@ Class Reference $this->input->post(array('field1', 'field2')); - Same rule applied here, to retrive the parameters with XSS filtering enabled, set the + Same rule applied here, to retrieve the parameters with XSS filtering enabled, set the second parameter to boolean TRUE. :: $this->input->post(array('field1', 'field2'), TRUE); - .. php:method:: get([$index = NULL[, $xss_clean = NULL]]) + .. php:method:: get([$index = NULL[, $xss_clean = FALSE]]) :param mixed $index: GET parameter name :param bool $xss_clean: Whether to apply XSS filtering @@ -200,13 +157,13 @@ Class Reference $this->input->get(array('field1', 'field2')); - Same rule applied here, to retrive the parameters with XSS filtering enabled, set the + Same rule applied here, to retrieve the parameters with XSS filtering enabled, set the second parameter to boolean TRUE. :: $this->input->get(array('field1', 'field2'), TRUE); - .. php:method:: post_get($index[, $xss_clean = NULL]) + .. php:method:: post_get($index[, $xss_clean = FALSE]) :param string $index: POST/GET parameter name :param bool $xss_clean: Whether to apply XSS filtering @@ -219,7 +176,7 @@ Class Reference $this->input->post_get('some_data', TRUE); - .. php:method:: get_post($index[, $xss_clean = NULL]) + .. php:method:: get_post($index[, $xss_clean = FALSE]) :param string $index: GET/POST parameter name :param bool $xss_clean: Whether to apply XSS filtering @@ -234,7 +191,7 @@ Class Reference .. note:: This method used to act EXACTLY like ``post_get()``, but it's behavior has changed in CodeIgniter 3.0. - .. php:method:: cookie([$index = NULL[, $xss_clean = NULL]]) + .. php:method:: cookie([$index = NULL[, $xss_clean = FALSE]]) :param mixed $index: COOKIE name :param bool $xss_clean: Whether to apply XSS filtering @@ -257,7 +214,7 @@ Class Reference function :php:func:`get_cookie()`, this method does NOT prepend your configured ``$config['cookie_prefix']`` value. - .. php:method:: server($index[, $xss_clean = NULL]) + .. php:method:: server($index[, $xss_clean = FALSE]) :param mixed $index: Value name :param bool $xss_clean: Whether to apply XSS filtering @@ -275,7 +232,7 @@ Class Reference $this->input->server(array('SERVER_PROTOCOL', 'REQUEST_URI')); - .. php:method:: input_stream([$index = NULL[, $xss_clean = NULL]]) + .. php:method:: input_stream([$index = NULL[, $xss_clean = FALSE]]) :param mixed $index: Key name :param bool $xss_clean: Whether to apply XSS filtering @@ -285,7 +242,7 @@ Class Reference This method is identical to ``get()``, ``post()`` and ``cookie()``, only it fetches the *php://input* stream data. - .. php:method:: set_cookie($name = ''[, $value = ''[, $expire = ''[, $domain = ''[, $path = '/'[, $prefix = ''[, $secure = FALSE[, $httponly = FALSE]]]]]]]) + .. php:method:: set_cookie($name = ''[, $value = ''[, $expire = 0[, $domain = ''[, $path = '/'[, $prefix = ''[, $secure = FALSE[, $httponly = FALSE]]]]]]]) :param mixed $name: Cookie name or an array of parameters :param string $value: Cookie value @@ -310,7 +267,7 @@ Class Reference $cookie = array( 'name' => 'The Cookie Name', 'value' => 'The Value', - 'expire' => '86500', + 'expire' => 86500, 'domain' => '.some-domain.com', 'path' => '/', 'prefix' => 'myprefix_', @@ -321,8 +278,8 @@ Class Reference **Notes** - Only the name and value are required. To delete a cookie set it with the - expiration blank. + Only the name and value are required. To delete a cookie set the expiry + time to a negative, or non-numeric value. The expiration is set in **seconds**, which will be added to the current time. Do not include the time, but rather only the number of seconds @@ -390,7 +347,7 @@ Class Reference Accepts an optional second string parameter of 'ipv4' or 'ipv6' to specify an IP format. The default checks for both formats. - .. php:method:: user_agent([$xss_clean = NULL]) + .. php:method:: user_agent([$xss_clean = FALSE]) :returns: User agent string or NULL if not set :param bool $xss_clean: Whether to apply XSS filtering @@ -440,25 +397,6 @@ Class Reference Checks to see if the HTTP_X_REQUESTED_WITH server header has been set, and returns boolean TRUE if it is or FALSE if not. - .. php:method:: is_cli_request() - - :returns: TRUE if it is a CLI request, FALSE if not - :rtype: bool - - Checks to see if the application was run from the command-line - interface. - - .. note:: This method checks both the PHP SAPI name currently in use - and if the ``STDIN`` constant is defined, which is usually a - failsafe way to see if PHP is being run via the command line. - - :: - - $this->input->is_cli_request() - - .. note:: This method is DEPRECATED and is now just an alias for the - :func:`is_cli()` function. - .. php:method:: method([$upper = FALSE]) :param bool $upper: Whether to return the request method name in upper or lower case diff --git a/user_guide_src/source/libraries/javascript.rst b/user_guide_src/source/libraries/javascript.rst deleted file mode 100644 index e91b9ad78..000000000 --- a/user_guide_src/source/libraries/javascript.rst +++ /dev/null @@ -1,322 +0,0 @@ -################ -Javascript Class -################ - -CodeIgniter provides a library to help you with certain common functions -that you may want to use with Javascript. Please note that CodeIgniter -does not require the jQuery library to run, and that any scripting -library will work equally well. The jQuery library is simply presented -as a convenience if you choose to use it. - -.. important:: This library is DEPRECATED and should not be used. It has always - been with an 'experimental' status and is now no longer supported. - Currently only kept for backwards compatibility. - -.. contents:: - :local: - -.. raw:: html - - <div class="custom-index container"></div> - -************************** -Using the Javascript Class -************************** - -Initializing the Class -====================== - -To initialize the Javascript class manually in your controller -constructor, use the ``$this->load->library()`` method. Currently, -the only available library is jQuery, which will automatically be -loaded like this:: - - $this->load->library('javascript'); - -The Javascript class also accepts parameters: - -- js_library_driver (string) *default: 'jquery'* -- autoload (bool) *default: TRUE* - -You may override the defaults by sending an associative array:: - - $this->load->library( - 'javascript', - array( - 'js_library_driver' => 'scripto', - 'autoload' => FALSE - ) - ); - -Again, presently only 'jquery' is available. You may wish to set -autoload to FALSE, though, if you do not want the jQuery library to -automatically include a script tag for the main jQuery script file. This -is useful if you are loading it from a location outside of CodeIgniter, -or already have the script tag in your markup. - -Once loaded, the jQuery library object will be available using: - - $this->javascript - -Setup and Configuration -======================= - -Set these variables in your view --------------------------------- - -As a Javascript library, your files must be available to your -application. - -As Javascript is a client side language, the library must be able to -write content into your final output. This generally means a view. -You'll need to include the following variables in the ``<head>`` -sections of your output. - -:: - - <?php echo $library_src;?> - <?php echo $script_head;?> - - -``$library_src``, is where the actual library file will be loaded, as -well as any subsequent plugin script calls; $script_head is where -specific events, functions and other commands will be rendered. - -Set the path to the librarys with config items ----------------------------------------------- - -There are some configuration items in Javascript library. These can -either be set in *application/config.php*, within its own -*config/javascript.php* file, or within any controller usings the -``set_item()`` function. - -An image to be used as an "ajax loader", or progress indicator. Without -one, the simple text message of "loading" will appear when Ajax calls -need to be made. - -:: - - $config['javascript_location'] = 'http://localhost/codeigniter/themes/js/jquery/'; - $config['javascript_ajax_img'] = 'images/ajax-loader.gif'; - -If you keep your files in the same directories they were downloaded -from, then you need not set this configuration items. - -The jQuery Class -================ - -To initialize the jQuery class manually in your controller constructor, -use the ``$this->load->library()`` method:: - - $this->load->library('javascript/jquery'); - -You may send an optional parameter to determine whether or not a script -tag for the main jQuery file will be automatically included when loading -the library. It will be created by default. To prevent this, load the -library as follows:: - - $this->load->library('javascript/jquery', FALSE); - -Once loaded, the jQuery library object will be available using: - - $this->jquery - -jQuery Events -============= - -Events are set using the following syntax. -:: - - $this->jquery->event('element_path', code_to_run()); - -In the above example: - -- "event" is any of blur, change, click, dblclick, error, focus, hover, - keydown, keyup, load, mousedown, mouseup, mouseover, mouseup, resize, - scroll, or unload. -- "element_path" is any valid `jQuery selector - <http://api.jquery.com/category/selectors/>`_. Due to jQuery's unique - selector syntax, this is usually an element id, or CSS selector. For - example "#notice_area" would effect ``<div id="notice_area">``, and - "#content a.notice" would effect all anchors with a class of "notice" - in the div with id "content". -- "``code_to_run()``" is script your write yourself, or an action such as - an effect from the jQuery library below. - -Effects -======= - -The query library supports a powerful -`Effects <http://api.jquery.com/category/effects/>`_ repertoire. Before an effect -can be used, it must be loaded:: - - $this->jquery->effect([optional path] plugin name); // for example $this->jquery->effect('bounce'); - - -hide() / show() ---------------- - -Each of this functions will affect the visibility of an item on your -page. hide() will set an item invisible, show() will reveal it. - -:: - - $this->jquery->hide(target, optional speed, optional extra information); - $this->jquery->show(target, optional speed, optional extra information); - - -- "target" will be any valid jQuery selector or selectors. -- "speed" is optional, and is set to either slow, normal, fast, or - alternatively a number of milliseconds. -- "extra information" is optional, and could include a callback, or - other additional information. - -toggle() --------- - -toggle() will change the visibility of an item to the opposite of its -current state, hiding visible elements, and revealing hidden ones. - -:: - - $this->jquery->toggle(target); - - -- "target" will be any valid jQuery selector or selectors. - -animate() ---------- - -:: - - $this->jquery->animate(target, parameters, optional speed, optional extra information); - - -- "target" will be any valid jQuery selector or selectors. -- "parameters" in jQuery would generally include a series of CSS - properties that you wish to change. -- "speed" is optional, and is set to either slow, normal, fast, or - alternatively a number of milliseconds. -- "extra information" is optional, and could include a callback, or - other additional information. - -For a full summary, see -`http://api.jquery.com/animate/ <http://api.jquery.com/animate/>`_ - -Here is an example of an animate() called on a div with an id of "note", -and triggered by a click using the jQuery library's click() event. - -:: - - $params = array( - 'height' => 80, - 'width' => '50%', - 'marginLeft' => 125 - ); - $this->jquery->click('#trigger', $this->jquery->animate('#note', $params, 'normal')); - -fadeIn() / fadeOut() --------------------- - -:: - - $this->jquery->fadeIn(target, optional speed, optional extra information); - $this->jquery->fadeOut(target, optional speed, optional extra information); - - -- "target" will be any valid jQuery selector or selectors. -- "speed" is optional, and is set to either slow, normal, fast, or - alternatively a number of milliseconds. -- "extra information" is optional, and could include a callback, or - other additional information. - -toggleClass() -------------- - -This function will add or remove a CSS class to its target. - -:: - - $this->jquery->toggleClass(target, class) - - -- "target" will be any valid jQuery selector or selectors. -- "class" is any CSS classname. Note that this class must be defined - and available in a CSS that is already loaded. - -fadeIn() / fadeOut() --------------------- - -These effects cause an element(s) to disappear or reappear over time. - -:: - - $this->jquery->fadeIn(target, optional speed, optional extra information); - $this->jquery->fadeOut(target, optional speed, optional extra information); - - -- "target" will be any valid jQuery selector or selectors. -- "speed" is optional, and is set to either slow, normal, fast, or - alternatively a number of milliseconds. -- "extra information" is optional, and could include a callback, or - other additional information. - -slideUp() / slideDown() / slideToggle() ---------------------------------------- - -These effects cause an element(s) to slide. - -:: - - $this->jquery->slideUp(target, optional speed, optional extra information); - $this->jquery->slideDown(target, optional speed, optional extra information); - $this->jquery->slideToggle(target, optional speed, optional extra information); - - -- "target" will be any valid jQuery selector or selectors. -- "speed" is optional, and is set to either slow, normal, fast, or - alternatively a number of milliseconds. -- "extra information" is optional, and could include a callback, or - other additional information. - -Plugins -======= - -Some select jQuery plugins are made available using this library. - -corner() --------- - -Used to add distinct corners to page elements. For full details see -`http://malsup.com/jquery/corner/ <http://malsup.com/jquery/corner/>`_ - -:: - - $this->jquery->corner(target, corner_style); - - -- "target" will be any valid jQuery selector or selectors. -- "corner_style" is optional, and can be set to any valid style such - as round, sharp, bevel, bite, dog, etc. Individual corners can be set - by following the style with a space and using "tl" (top left), "tr" - (top right), "bl" (bottom left), or "br" (bottom right). - -:: - - $this->jquery->corner("#note", "cool tl br"); - - -tablesorter() -------------- - -description to come - -modal() -------- - -description to come - -calendar() ----------- - -description to come
\ No newline at end of file diff --git a/user_guide_src/source/libraries/output.rst b/user_guide_src/source/libraries/output.rst index 84529f766..92060f66a 100644 --- a/user_guide_src/source/libraries/output.rst +++ b/user_guide_src/source/libraries/output.rst @@ -199,11 +199,11 @@ Class Reference .. php:method:: cache($time) - :param int $time: Cache expiration time in seconds + :param int $time: Cache expiration time in minutes :returns: CI_Output instance (method chaining) :rtype: CI_Output - Caches the current page for the specified amount of seconds. + Caches the current page for the specified amount of minutes. For more information, please see the :doc:`caching documentation <../general/caching>`. diff --git a/user_guide_src/source/libraries/pagination.rst b/user_guide_src/source/libraries/pagination.rst index 913717c67..99b5a80a2 100644 --- a/user_guide_src/source/libraries/pagination.rst +++ b/user_guide_src/source/libraries/pagination.rst @@ -101,7 +101,7 @@ like:: If you have ``$config['enable_query_strings']`` set to TRUE your links will automatically be re-written using Query Strings. This option can -also be explictly set. Using ``$config['page_query_string']`` set to TRUE, +also be explicitly set. Using ``$config['page_query_string']`` set to TRUE, the pagination link will become:: http://example.com/index.php?c=test&m=page&per_page=20 diff --git a/user_guide_src/source/libraries/security.rst b/user_guide_src/source/libraries/security.rst index 305a8e57c..f7604ef00 100644 --- a/user_guide_src/source/libraries/security.rst +++ b/user_guide_src/source/libraries/security.rst @@ -16,20 +16,11 @@ application, processing input data for security. XSS Filtering ************* -CodeIgniter comes with a Cross Site Scripting Hack prevention filter -which can either run automatically to filter all POST and COOKIE data -that is encountered, or you can run it on a per item basis. By default -it does **not** run globally since it requires a bit of processing -overhead, and since you may not need it in all cases. - -The XSS filter looks for commonly used techniques to trigger Javascript -or other types of code that attempt to hijack cookies or do other -malicious things. If anything disallowed is encountered it is rendered -safe by converting the data to character entities. - -Note: This function should only be used to deal with data upon -submission. It's not something that should be used for general runtime -processing since it requires a fair amount of processing overhead. +CodeIgniter comes with a Cross Site Scripting prevention filter, which +looks for commonly used techniques to trigger JavaScript or other types +of code that attempt to hijack cookies or do other malicious things. +If anything disallowed is encountered it is rendered safe by converting +the data to character entities. To filter data through the XSS filter use the ``xss_clean()`` method:: diff --git a/user_guide_src/source/libraries/sessions.rst b/user_guide_src/source/libraries/sessions.rst index 2034ed2b0..b1f658d8f 100644 --- a/user_guide_src/source/libraries/sessions.rst +++ b/user_guide_src/source/libraries/sessions.rst @@ -471,7 +471,7 @@ Preference Default Description .. note:: The 'cookie_httponly' setting doesn't have an effect on sessions. Instead the HttpOnly parameter is always enabled, for security - reasons. Additionaly, the 'cookie_prefix' setting is completely + reasons. Additionally, the 'cookie_prefix' setting is completely ignored. Session Drivers @@ -594,31 +594,36 @@ And then of course, create the database table ... For MySQL:: CREATE TABLE IF NOT EXISTS `ci_sessions` ( - `id` varchar(40) NOT NULL, + `id` varchar(128) NOT NULL, `ip_address` varchar(45) NOT NULL, `timestamp` int(10) unsigned DEFAULT 0 NOT NULL, `data` blob NOT NULL, - PRIMARY KEY (id), KEY `ci_sessions_timestamp` (`timestamp`) ); For PostgreSQL:: CREATE TABLE "ci_sessions" ( - "id" varchar(40) NOT NULL, + "id" varchar(128) NOT NULL, "ip_address" varchar(45) NOT NULL, "timestamp" bigint DEFAULT 0 NOT NULL, - "data" text DEFAULT '' NOT NULL, - PRIMARY KEY ("id") + "data" text DEFAULT '' NOT NULL ); CREATE INDEX "ci_sessions_timestamp" ON "ci_sessions" ("timestamp"); -However, if you want to turn on the *sess_match_ip* setting, you should -also do the following, after creating the table:: +You will also need to add a PRIMARY KEY **depending on your 'sess_match_ip' +setting**. The examples below work both on MySQL and PostgreSQL:: + + // When sess_match_ip = TRUE + ALTER TABLE ci_sessions ADD PRIMARY KEY (id, ip_address); + + // When sess_match_ip = FALSE + ALTER TABLE ci_sessions ADD PRIMARY KEY (id); + + // To drop a previously created primary key (use when changing the setting) + ALTER TABLE ci_sessions DROP PRIMARY KEY; - // Works both on MySQL and PostgreSQL - ALTER TABLE ci_sessions ADD CONSTRAINT ci_sessions_id_ip UNIQUE (id, ip_address); .. important:: Only MySQL and PostgreSQL databases are officially supported, due to lack of advisory locking mechanisms on other @@ -901,7 +906,7 @@ Class Reference Gets a list of all ``$_SESSION`` that have been marked as "flashdata". - .. php:method:: umark_flash($key) + .. php:method:: unmark_flash($key) :param mixed $key: Key to be un-marked as flashdata, or an array of multiple keys :rtype: void @@ -966,7 +971,7 @@ Class Reference Gets a list of all ``$_SESSION`` that have been marked as "tempdata". - .. php:method:: umark_temp($key) + .. php:method:: unmark_temp($key) :param mixed $key: Key to be un-marked as tempdata, or an array of multiple keys :rtype: void diff --git a/user_guide_src/source/libraries/table.rst b/user_guide_src/source/libraries/table.rst index 91ae1ae8d..06dfe59de 100644 --- a/user_guide_src/source/libraries/table.rst +++ b/user_guide_src/source/libraries/table.rst @@ -275,11 +275,16 @@ Class Reference :returns: CI_Table instance (method chaining) :rtype: CI_Table - Lets you clear the table heading and row data. If you need to show multiple tables with different data you should to call this method - after each table has been generated to clear the previous table information. Example:: + Lets you clear the table heading, row data and caption. If + you need to show multiple tables with different data you + should to call this method after each table has been + generated to clear the previous table information. + + Example :: $this->load->library('table'); + $this->table->set_caption('Preferences'); $this->table->set_heading('Name', 'Color', 'Size'); $this->table->add_row('Fred', 'Blue', 'Small'); $this->table->add_row('Mary', 'Red', 'Large'); @@ -289,6 +294,7 @@ Class Reference $this->table->clear(); + $this->table->set_caption('Shipping'); $this->table->set_heading('Name', 'Day', 'Delivery'); $this->table->add_row('Fred', 'Wednesday', 'Express'); $this->table->add_row('Mary', 'Monday', 'Air'); diff --git a/user_guide_src/source/libraries/trackback.rst b/user_guide_src/source/libraries/trackback.rst index 4e0cb5541..dc4477e9f 100644 --- a/user_guide_src/source/libraries/trackback.rst +++ b/user_guide_src/source/libraries/trackback.rst @@ -239,7 +239,7 @@ Class Reference This method simply validates the incoming TB data, returning TRUE on success and FALSE on failure. If the data is valid it is set to the ``$this->data`` array so that it can be inserted into a database. - .. php:method:: send_error([$message = 'Incomplete information') + .. php:method:: send_error([$message = 'Incomplete information']) :param string $message: Error message :rtype: void @@ -262,7 +262,7 @@ Class Reference :returns: Data value or empty string if not found :rtype: string - Returns a single item from the reponse data array. + Returns a single item from the response data array. .. php:method:: process($url, $data) diff --git a/user_guide_src/source/libraries/xmlrpc.rst b/user_guide_src/source/libraries/xmlrpc.rst index 4d7ed66d5..2fe07c49d 100644 --- a/user_guide_src/source/libraries/xmlrpc.rst +++ b/user_guide_src/source/libraries/xmlrpc.rst @@ -490,6 +490,10 @@ Class Reference $this->xmlrpc->timeout(6); + This timeout period will be used both for an initial connection to + the remote server, as well as for getting a response from it. + Make sure you set the timeout before calling ``send_request()``. + .. php:method:: method($function) :param string $function: Method name @@ -575,4 +579,4 @@ Class Reference 'struct' ); - return $this->xmlrpc->send_response($response);
\ No newline at end of file + return $this->xmlrpc->send_response($response); diff --git a/user_guide_src/source/libraries/zip.rst b/user_guide_src/source/libraries/zip.rst index 816f49ca1..9704d5b1d 100644 --- a/user_guide_src/source/libraries/zip.rst +++ b/user_guide_src/source/libraries/zip.rst @@ -24,7 +24,7 @@ your controller using the $this->load->library function:: $this->load->library('zip'); -Once loaded, the Zip library object will be available using: +Once loaded, the Zip library object will be available using:: $this->zip diff --git a/user_guide_src/source/license.rst b/user_guide_src/source/license.rst index c1a32772f..c943c294a 100644 --- a/user_guide_src/source/license.rst +++ b/user_guide_src/source/license.rst @@ -2,7 +2,7 @@ The MIT License (MIT) ##################### -Copyright (c) 2014 - 2015, British Columbia Institute of Technology +Copyright (c) 2014 - 2017, British Columbia Institute of Technology Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/user_guide_src/source/overview/at_a_glance.rst b/user_guide_src/source/overview/at_a_glance.rst index ce195c211..742d7bd0e 100644 --- a/user_guide_src/source/overview/at_a_glance.rst +++ b/user_guide_src/source/overview/at_a_glance.rst @@ -54,8 +54,8 @@ approach:: example.com/news/article/345 -Note: By default the index.php file is included in the URL but it can be -removed using a simple .htaccess file. +.. note:: By default the *index.php* file is included in the URL but it can + be removed using a simple *.htaccess* file. CodeIgniter Packs a Punch ========================= diff --git a/user_guide_src/source/tutorial/create_news_items.rst b/user_guide_src/source/tutorial/create_news_items.rst index 5c5270472..cde52fde8 100644 --- a/user_guide_src/source/tutorial/create_news_items.rst +++ b/user_guide_src/source/tutorial/create_news_items.rst @@ -14,7 +14,7 @@ To input data into the database you need to create a form where you can input the information to be stored. This means you'll be needing a form with two fields, one for the title and one for the text. You'll derive the slug from our title in the model. Create the new view at -application/views/news/create.php. +*application/views/news/create.php*. :: @@ -35,7 +35,7 @@ application/views/news/create.php. </form> There are only two things here that probably look unfamiliar to you: the -form_open() function and the validation_errors() function. +``form_open()`` function and the ``validation_errors()`` function. The first function is provided by the :doc:`form helper <../helpers/form_helper>` and renders the form element and @@ -58,7 +58,7 @@ validation <../libraries/form_validation>` library to do this. $data['title'] = 'Create a news item'; $this->form_validation->set_rules('title', 'Title', 'required'); - $this->form_validation->set_rules('text', 'text', 'required'); + $this->form_validation->set_rules('text', 'Text', 'required'); if ($this->form_validation->run() === FALSE) { @@ -76,7 +76,7 @@ validation <../libraries/form_validation>` library to do this. The code above adds a lot of functionality. The first few lines load the form helper and the form validation library. After that, rules for the -form validation are set. The set\_rules() method takes three arguments; +form validation are set. The ``set_rules()`` method takes three arguments; the name of the input field, the name to be used in error messages, and the rule. In this case the title and text fields are required. @@ -88,7 +88,7 @@ Continuing down, you can see a condition that checks whether the form validation ran successfully. If it did not, the form is displayed, if it was submitted **and** passed all the rules, the model is called. After this, a view is loaded to display a success message. Create a view at -application/views/news/success.php and write a success message. +*application/views/news/success.php* and write a success message. Model ----- @@ -123,19 +123,19 @@ sure everything is in lowercase characters. This leaves you with a nice slug, perfect for creating URIs. Let's continue with preparing the record that is going to be inserted -later, inside the $data array. Each element corresponds with a column in +later, inside the ``$data`` array. Each element corresponds with a column in the database table created earlier. You might notice a new method here, -namely the post() method from the :doc:`input +namely the ``post()`` method from the :doc:`input library <../libraries/input>`. This method makes sure the data is sanitized, protecting you from nasty attacks from others. The input -library is loaded by default. At last, you insert our $data array into +library is loaded by default. At last, you insert our ``$data`` array into our database. Routing ------- Before you can start adding news items into your CodeIgniter application -you have to add an extra rule to config/routes.php file. Make sure your +you have to add an extra rule to *config/routes.php* file. Make sure your file contains the following. This makes sure CodeIgniter sees 'create' as a method instead of a news item's slug. diff --git a/user_guide_src/source/tutorial/static_pages.rst b/user_guide_src/source/tutorial/static_pages.rst index 66621471e..5daaa958f 100644 --- a/user_guide_src/source/tutorial/static_pages.rst +++ b/user_guide_src/source/tutorial/static_pages.rst @@ -24,7 +24,7 @@ you'll see URL patterns that match: As URL schemes become more complex, this may change. But for now, this is all we will need to know. -Create a file at application/controllers/Pages.php with the following +Create a file at *application/controllers/Pages.php* with the following code. :: @@ -97,7 +97,7 @@ page actually exists: public function view($page = 'home') { - if ( ! file_exists(APPPATH.'/views/pages/'.$page.'.php')) + if ( ! file_exists(APPPATH.'views/pages/'.$page.'.php')) { // Whoops, we don't have a page for that! show_404(); |