diff options
author | Derek Jones <derek.jones@ellislab.com> | 2008-02-27 06:19:50 +0100 |
---|---|---|
committer | Derek Jones <derek.jones@ellislab.com> | 2008-02-27 06:19:50 +0100 |
commit | 8a1607772c5e9221884d9f0a39a514536f1fe21d (patch) | |
tree | 7a2033dc494d5656427ec16656374d6acfd7bab0 | |
parent | 2c6dda41c8207ffa704934a1fbde65769ce86992 (diff) |
added improved check for controller method access so that CI does not attempt to load private or protected controller methods
added controller/method details to framework initiated 404 pages for logging
-rw-r--r-- | system/codeigniter/CodeIgniter.php | 8 | ||||
-rw-r--r-- | system/libraries/Router.php | 4 | ||||
-rw-r--r-- | user_guide/changelog.html | 2 |
3 files changed, 9 insertions, 5 deletions
diff --git a/system/codeigniter/CodeIgniter.php b/system/codeigniter/CodeIgniter.php index 8f9dbdf64..d1ef965cc 100644 --- a/system/codeigniter/CodeIgniter.php +++ b/system/codeigniter/CodeIgniter.php @@ -169,7 +169,7 @@ if ( ! class_exists($class) OR in_array($method, get_class_methods('Controller'), TRUE)
)
{
- show_404();
+ show_404("{$class}/{$method}");
}
/*
@@ -214,9 +214,11 @@ else }
else
{
- if ( ! method_exists($CI, $method))
+ // is_callable() returns TRUE on some versions of PHP 5 for private and protected
+ // methods, so we'll use this workaround for consistent behavior
+ if (! in_array($method, get_class_methods($CI)))
{
- show_404();
+ show_404("{$class}/{$method}");
}
// Call the requested method.
diff --git a/system/libraries/Router.php b/system/libraries/Router.php index f6464a31d..d9dd6dd3f 100644 --- a/system/libraries/Router.php +++ b/system/libraries/Router.php @@ -204,7 +204,7 @@ class CI_Router { // Does the requested controller exist in the sub-folder?
if ( ! file_exists(APPPATH.'controllers/'.$this->fetch_directory().$segments[0].EXT))
{
- show_404();
+ show_404($this->fetch_directory().$segments[0]);
}
}
else
@@ -225,7 +225,7 @@ class CI_Router { }
// Can't find the requested controller...
- show_404();
+ show_404($segments[0]);
}
// --------------------------------------------------------------------
diff --git a/user_guide/changelog.html b/user_guide/changelog.html index 80615aa2e..c8c74f1ff 100644 --- a/user_guide/changelog.html +++ b/user_guide/changelog.html @@ -95,6 +95,8 @@ Change Log <li>Added a <a href="./helpers/path_helper.html">Path Helper</a>.</li>
<li>Simplified _reindex_segments() in the URI class</li>
<li>Escaped the '-' in the default 'permitted_uri_chars' config item, to prevent errors if developers just try to add additional characters to the end of the default expression.</li>
+ <li>Modified method calling to controllers to show a 404 when a private or protected method is accessed via a URL</li>
+ <li>Modified framework initiated 404s to log the controller and method for invalid requests</li>
</ul>
</li>
<li>Helpers
|