diff options
author | brian978 <dbrian89@yahoo.com> | 2012-12-08 22:02:16 +0100 |
---|---|---|
committer | brian978 <dbrian89@yahoo.com> | 2012-12-08 22:02:16 +0100 |
commit | 9a214e1b31cd2ff2433f8ed8df8585537d358ac7 (patch) | |
tree | 14643a7698d55b3e054c7dc607fc18ee4d0dc26c | |
parent | 160c7d16c4e0c92c030c0a41d1223f916a82089d (diff) | |
parent | 545a7c86701875e1412bcde316e9bcc76d9a23a0 (diff) |
Merge remote-tracking branch 'upstream/develop' into dev/hex_xss
-rw-r--r-- | system/core/Router.php | 18 | ||||
-rw-r--r-- | system/core/URI.php | 29 | ||||
-rw-r--r-- | system/database/DB_result.php | 8 | ||||
-rw-r--r-- | system/database/drivers/cubrid/cubrid_result.php | 2 | ||||
-rw-r--r-- | system/database/drivers/mssql/mssql_result.php | 2 | ||||
-rw-r--r-- | system/database/drivers/mysql/mysql_result.php | 2 | ||||
-rw-r--r-- | system/database/drivers/mysqli/mysqli_result.php | 2 | ||||
-rw-r--r-- | system/database/drivers/oci8/oci8_result.php | 58 | ||||
-rw-r--r-- | system/database/drivers/postgre/postgre_result.php | 2 | ||||
-rw-r--r-- | system/database/drivers/sqlite/sqlite_result.php | 2 | ||||
-rw-r--r-- | system/database/drivers/sqlite3/sqlite3_result.php | 4 | ||||
-rw-r--r-- | system/helpers/url_helper.php | 6 | ||||
-rw-r--r-- | user_guide_src/source/changelog.rst | 10 | ||||
-rw-r--r-- | user_guide_src/source/database/results.rst | 43 |
14 files changed, 92 insertions, 96 deletions
diff --git a/system/core/Router.php b/system/core/Router.php index 01f44bc83..76772a0fb 100644 --- a/system/core/Router.php +++ b/system/core/Router.php @@ -111,21 +111,21 @@ class CI_Router { // since URI segments are more search-engine friendly, but they can optionally be used. // If this feature is enabled, we will gather the directory/class/method a little differently $segments = array(); - if ($this->config->item('enable_query_strings') === TRUE && isset($_GET[$this->config->item('controller_trigger')])) + if ($this->config->item('enable_query_strings') === TRUE + && ! empty($_GET[$this->config->item('controller_trigger')]) + && is_string($_GET[$this->config->item('controller_trigger')]) + ) { - if (isset($_GET[$this->config->item('directory_trigger')])) + if (isset($_GET[$this->config->item('directory_trigger')]) && is_string($_GET[$this->config->item('directory_trigger')])) { $this->set_directory(trim($this->uri->_filter_uri($_GET[$this->config->item('directory_trigger')]))); $segments[] = $this->fetch_directory(); } - if (isset($_GET[$this->config->item('controller_trigger')])) - { - $this->set_class(trim($this->uri->_filter_uri($_GET[$this->config->item('controller_trigger')]))); - $segments[] = $this->fetch_class(); - } + $this->set_class(trim($this->uri->_filter_uri($_GET[$this->config->item('controller_trigger')]))); + $segments[] = $this->fetch_class(); - if (isset($_GET[$this->config->item('function_trigger')])) + if ( ! empty($_GET[$this->config->item('function_trigger')]) && is_string($_GET[$this->config->item('function_trigger')])) { $this->set_method(trim($this->uri->_filter_uri($_GET[$this->config->item('function_trigger')]))); $segments[] = $this->fetch_method(); @@ -142,7 +142,7 @@ class CI_Router { include(APPPATH.'config/routes.php'); } - $this->routes = (isset($route) && is_array($route)) ? $route : array(); + $this->routes = (empty($route) OR ! is_array($route)) ? array() : $route; unset($route); // Set the default controller so we can display it in the event diff --git a/system/core/URI.php b/system/core/URI.php index 91740254c..900472b61 100644 --- a/system/core/URI.php +++ b/system/core/URI.php @@ -219,7 +219,32 @@ class CI_URI { } // Do some final cleaning of the URI and return it - return str_replace(array('//', '../'), '/', trim($uri, '/')); + return $this->_remove_relative_directory($uri); + } + + // -------------------------------------------------------------------- + + /** + * Remove relative directory (../) and multi slashes (///) + * + * Do some final cleaning of the URI and return it, currently only used in self::_parse_request_uri() + * + * @param string $url + * @return string + */ + protected function _remove_relative_directory($uri) + { + $uris = array(); + $tok = strtok($uri, '/'); + while ($tok !== FALSE) + { + if (( ! empty($tok) OR $tok === '0') && $tok !== '..') + { + $uris[] = $tok; + } + $tok = strtok('/'); + } + return implode('/', $uris); } // -------------------------------------------------------------------- @@ -249,7 +274,7 @@ class CI_URI { parse_str($_SERVER['QUERY_STRING'], $_GET); - return str_replace(array('//', '../'), '/', trim($uri, '/')); + return $this->_remove_relative_directory($uri); } // -------------------------------------------------------------------- diff --git a/system/database/DB_result.php b/system/database/DB_result.php index 9d19075ba..e1ef341a5 100644 --- a/system/database/DB_result.php +++ b/system/database/DB_result.php @@ -203,7 +203,7 @@ class CI_DB_result { return $this->custom_result_object[$class_name]; } - $this->_data_seek(0); + $this->data_seek(0); $this->custom_result_object[$class_name] = array(); while ($row = $this->_fetch_object($class_name)) @@ -246,7 +246,7 @@ class CI_DB_result { return $this->result_object; } - $this->_data_seek(0); + $this->data_seek(0); while ($row = $this->_fetch_object()) { $this->result_object[] = $row; @@ -287,7 +287,7 @@ class CI_DB_result { return $this->result_array; } - $this->_data_seek(0); + $this->data_seek(0); while ($row = $this->_fetch_assoc()) { $this->result_array[] = $row; @@ -617,7 +617,7 @@ class CI_DB_result { * @param int $n * @return bool */ - protected function _data_seek($n = 0) + public function data_seek($n = 0) { return FALSE; } diff --git a/system/database/drivers/cubrid/cubrid_result.php b/system/database/drivers/cubrid/cubrid_result.php index 130eea212..793b35b74 100644 --- a/system/database/drivers/cubrid/cubrid_result.php +++ b/system/database/drivers/cubrid/cubrid_result.php @@ -130,7 +130,7 @@ class CI_DB_cubrid_result extends CI_DB_result { * @param int $n * @return bool */ - protected function _data_seek($n = 0) + public function data_seek($n = 0) { return cubrid_data_seek($this->result_id, $n); } diff --git a/system/database/drivers/mssql/mssql_result.php b/system/database/drivers/mssql/mssql_result.php index a8f850d72..ca222aed4 100644 --- a/system/database/drivers/mssql/mssql_result.php +++ b/system/database/drivers/mssql/mssql_result.php @@ -135,7 +135,7 @@ class CI_DB_mssql_result extends CI_DB_result { * @param int $n * @return bool */ - protected function _data_seek($n = 0) + public function data_seek($n = 0) { return mssql_data_seek($this->result_id, $n); } diff --git a/system/database/drivers/mysql/mysql_result.php b/system/database/drivers/mysql/mysql_result.php index a6dcde4e7..293980e97 100644 --- a/system/database/drivers/mysql/mysql_result.php +++ b/system/database/drivers/mysql/mysql_result.php @@ -149,7 +149,7 @@ class CI_DB_mysql_result extends CI_DB_result { * @param int $n * @return bool */ - protected function _data_seek($n = 0) + public function data_seek($n = 0) { return $this->num_rows ? @mysql_data_seek($this->result_id, $n) diff --git a/system/database/drivers/mysqli/mysqli_result.php b/system/database/drivers/mysqli/mysqli_result.php index d55188e68..ac0f1a8d1 100644 --- a/system/database/drivers/mysqli/mysqli_result.php +++ b/system/database/drivers/mysqli/mysqli_result.php @@ -136,7 +136,7 @@ class CI_DB_mysqli_result extends CI_DB_result { * @param int $n * @return bool */ - protected function _data_seek($n = 0) + public function data_seek($n = 0) { return $this->result_id->data_seek($n); } diff --git a/system/database/drivers/oci8/oci8_result.php b/system/database/drivers/oci8/oci8_result.php index 7d5bf5172..84d46f82a 100644 --- a/system/database/drivers/oci8/oci8_result.php +++ b/system/database/drivers/oci8/oci8_result.php @@ -216,64 +216,6 @@ class CI_DB_oci8_result extends CI_DB_result { return $class_name; } - // -------------------------------------------------------------------- - - /** - * Data Seek - * - * Moves the internal pointer to the desired offset. We call - * this internally before fetching results to make sure the - * result set starts at zero. - * - * Oracle's PHP extension doesn't have an easy way of doing this - * and the only workaround is to (re)execute the statement or cursor - * in order to go to the first (zero) index of the result set. - * Then, we would need to "dummy" fetch ($n - 1) rows to get to the - * right one. - * - * This is as ridiculous as it sounds and it's the reason why every - * other method that is fetching data tries to use an already "cached" - * result set. Keeping this just in case it becomes needed at - * some point in the future, but it will only work for resetting the - * pointer to zero. - * - * @param int $n (ignored) - * @return bool - */ - protected function _data_seek($n = 0) - { - /* The PHP manual says that if OCI_NO_AUTO_COMMIT mode - * is used, and oci_rollback() and/or oci_commit() are - * not subsequently called - this will cause an unnecessary - * rollback to be triggered at the end of the script execution. - * - * Therefore we'll try to avoid using that mode flag - * if we're not currently in the middle of a transaction. - */ - if ($this->commit_mode !== OCI_COMMIT_ON_SUCCESS) - { - $result = @oci_execute($this->stmt_id, $this->commit_mode); - } - else - { - $result = @oci_execute($this->stmt_id); - } - - if ($result && $this->curs_id) - { - if ($this->commit_mode !== OCI_COMMIT_ON_SUCCESS) - { - return @oci_execute($this->curs_id, $this->commit_mode); - } - else - { - return @oci_execute($this->curs_id); - } - } - - return $result; - } - } /* End of file oci8_result.php */ diff --git a/system/database/drivers/postgre/postgre_result.php b/system/database/drivers/postgre/postgre_result.php index 3a4e57c42..fdaeaef70 100644 --- a/system/database/drivers/postgre/postgre_result.php +++ b/system/database/drivers/postgre/postgre_result.php @@ -133,7 +133,7 @@ class CI_DB_postgre_result extends CI_DB_result { * @param int $n * @return bool */ - protected function _data_seek($n = 0) + public function data_seek($n = 0) { return pg_result_seek($this->result_id, $n); } diff --git a/system/database/drivers/sqlite/sqlite_result.php b/system/database/drivers/sqlite/sqlite_result.php index 24f02a8b4..889757dea 100644 --- a/system/database/drivers/sqlite/sqlite_result.php +++ b/system/database/drivers/sqlite/sqlite_result.php @@ -117,7 +117,7 @@ class CI_DB_sqlite_result extends CI_DB_result { * @param int $n * @return bool */ - protected function _data_seek($n = 0) + public function data_seek($n = 0) { return sqlite_seek($this->result_id, $n); } diff --git a/system/database/drivers/sqlite3/sqlite3_result.php b/system/database/drivers/sqlite3/sqlite3_result.php index 44fef8909..69c42002c 100644 --- a/system/database/drivers/sqlite3/sqlite3_result.php +++ b/system/database/drivers/sqlite3/sqlite3_result.php @@ -175,10 +175,10 @@ class CI_DB_sqlite3_result extends CI_DB_result { * @param int $n (ignored) * @return array */ - protected function _data_seek($n = 0) + public function data_seek($n = 0) { // Only resetting to the start of the result set is supported - return $this->result_id->reset(); + return ($n > 0) ? FALSE : $this->result_id->reset(); } } diff --git a/system/helpers/url_helper.php b/system/helpers/url_helper.php index 14c216afe..36ff0ff2c 100644 --- a/system/helpers/url_helper.php +++ b/system/helpers/url_helper.php @@ -152,7 +152,7 @@ if ( ! function_exists('anchor')) if ( ! is_array($uri)) { - $site_url = preg_match('!^\w+://! i', $uri) ? $uri : site_url($uri); + $site_url = preg_match('#^(\w+:)?//#i', $uri) ? $uri : site_url($uri); } else { @@ -191,7 +191,7 @@ if ( ! function_exists('anchor_popup')) function anchor_popup($uri = '', $title = '', $attributes = FALSE) { $title = (string) $title; - $site_url = preg_match('!^\w+://! i', $uri) ? $uri : site_url($uri); + $site_url = preg_match('#^(\w+:)?//#i', $uri) ? $uri : site_url($uri); if ($title === '') { @@ -535,7 +535,7 @@ if ( ! function_exists('redirect')) */ function redirect($uri = '', $method = 'auto', $code = NULL) { - if ( ! preg_match('#^https?://#i', $uri)) + if ( ! preg_match('#^(\w+:)?//#i', $uri)) { $uri = site_url($uri); } diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index 9b0ea53c4..daf796504 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -73,6 +73,7 @@ Release Date: Not Released - Added JS window name support to the :php:func:`anchor_popup()` function. - Added support (auto-detection) for HTTP/1.1 response code 303 in :php:func:`redirect()`. - Changed :php:func:`redirect()` to only choose the **refresh** method only on IIS servers, instead of all servers on Windows (when **auto** is used). + - Changed :php:func:`anchor()`, :php:func:`anchor_popup()`, and :php:func:`redirect()` to support protocol-relative URLs, such as `redirect('//ellislab.com/codeigniter')`. - Added XHTML Basic 1.1 doctype to :doc:`HTML Helper <helpers/html_helper>`. - :doc:`Inflector Helper <helpers/inflector_helper>` changes include: - Changed :php:func:`humanize()` to allow passing an input separator as its second parameter. @@ -106,7 +107,6 @@ Release Date: Not Released - Added **schema** configuration setting (defaults to *public*) for drivers that might need it (currently used by PostgreSQL and ODBC). - Added subdrivers support (currently only used by PDO). - Added an optional database name parameter to ``db_select()``. - - Added a constructor to the ``DB_result`` class and moved all driver-specific properties and logic out of the base ``DB_driver`` class to allow better abstraction. - Removed ``protect_identifiers()`` and renamed internal method ``_protect_identifiers()`` to it instead - it was just an alias. - Renamed internal method ``_escape_identifiers()`` to ``escape_identifiers()``. - Updated ``escape_identifiers()`` to accept an array of fields as well as strings. @@ -114,8 +114,7 @@ Release Date: Not Released - ``db_set_charset()`` now only requires one parameter (collation was only needed due to legacy support for MySQL versions prior to 5.1). - Replaced the ``_error_message()`` and ``_error_number()`` methods with ``error()``, which returns an array containing the last database error code and message. - Improved ``version()`` implementation so that drivers that have a native function to get the version number don't have to be defined in the core ``DB_driver`` class. - - Added ``unbuffered_row()`` method for getting a row without prefetching whole result (consume less memory). - - Added capability for packages to hold *database.php* config files. + - Added capability for packages to hold *config/database.php* config files. - Added MySQL client compression support. - Added encrypted connections support (for *mysql*, *sqlsrv* and PDO with *sqlsrv*). - Removed :doc:`Loader Class <libraries/loader>` from Database error tracing to better find the likely culprit. @@ -133,6 +132,10 @@ Release Date: Not Released - Changed ``limit()`` to ignore NULL values instead of always casting to integer. - Changed ``offset()`` to ignore empty values instead of always casting to integer. - Methods ``insert_batch()`` and ``update_batch()`` now return an integer representing the number of rows affected by them. + - :doc:`Database Results <database/results>` changes include: + - Added a constructor to the ``DB_result`` class and moved all driver-specific properties and logic out of the base ``DB_driver`` class to allow better abstraction. + - Added method ``unbuffered_row()`` for fetching a row without prefetching the whole result (consume less memory). + - Renamed former method ``_data_seek()`` to ``data_seek()`` and made it public. - Improved support for the MySQLi driver, including: - OOP style of the PHP extension is now used, instead of the procedural aliases. - Server version checking is now done via ``mysqli::$server_info`` instead of running an SQL query. @@ -461,6 +464,7 @@ Bug fixes for 3.0 - Fixed a bug (#18) - :doc:`APC Cache <libraries/caching>` driver didn't (un)serialize data, resulting in failure to store objects. - Fixed a bug (#188) - :doc:`Unit Testing Library <libraries/unit_testing>` filled up logs with error messages for non-existing language keys. - Fixed a bug (#113) - :doc:`Form Validation Library <libraries/form_validation>` didn't properly handle empty fields that were specified as an array. +- Fixed a bug (#2061) - :doc:`Routing Class <general/routing>` didn't properly sanitize directory, controller and function triggers with **enable_query_strings** set to TRUE. Version 2.1.3 ============= diff --git a/user_guide_src/source/database/results.rst b/user_guide_src/source/database/results.rst index d032f734e..e0a87a851 100644 --- a/user_guide_src/source/database/results.rst +++ b/user_guide_src/source/database/results.rst @@ -99,7 +99,7 @@ to instantiate the row with:: echo $row->reverse_name(); // or methods defined on the 'User' class row_array() -============ +=========== Identical to the above row() function, except it returns an array. Example:: @@ -138,12 +138,12 @@ parameter: .. note:: all the functions above will load the whole result into memory (prefetching) use unbuffered_row() for processing large result sets. -unbuffered_row($type) -===================== +unbuffered_row() +================ -This function returns a single result row without prefetching the whole result in memory as row() does. -If your query has more than one row, it returns the current row and moves the internal data pointer ahead. -The result is returned as $type could be 'object' (default) or 'array' that will return an associative array. +This method returns a single result row without prefetching the whole +result in memory as ``row()`` does. If your query has more than one row, +it returns the current row and moves the internal data pointer ahead. :: @@ -156,12 +156,19 @@ The result is returned as $type could be 'object' (default) or 'array' that will echo $row->body; } +You can optionally pass 'object' (default) or 'array' in order to specify +the returned value's type:: + + $query->unbuffered_row(); // object + $query->unbuffered_row('object'); // object + $query->unbuffered_row('array'); // associative array + *********************** Result Helper Functions *********************** $query->num_rows() -=================== +================== The number of rows returned by the query. Note: In this example, $query is the variable that the query result object is assigned to:: @@ -177,7 +184,7 @@ is the variable that the query result object is assigned to:: resulting array in order to achieve the same functionality. $query->num_fields() -===================== +==================== The number of FIELDS (columns) returned by the query. Make sure to call the function using your query result object:: @@ -187,7 +194,7 @@ the function using your query result object:: echo $query->num_fields(); $query->free_result() -====================== +===================== It frees the memory associated with the result and deletes the result resource ID. Normally PHP frees its memory automatically at the end of @@ -209,3 +216,21 @@ Example:: $row = $query2->row(); echo $row->name; $query2->free_result(); // The $query2 result object will no longer be available + +data_seek() +=========== + +This method sets the internal pointer for the next result row to be +fetched. It is only useful in combination with ``unbuffered_row()``. + +It accepts a positive integer value, which defaults to 0 and returns +TRUE on success or FALSE on failure. + +:: + + $query = $this->db->query('SELECT `field_name` FROM `table_name`'); + $query->data_seek(5); // Skip the first 5 rows + $row = $query->unbuffered_row(); + +.. note:: Not all database drivers support this feature and will return FALSE. + Most notably - you won't be able to use it with PDO.
\ No newline at end of file |