summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPhil Sturgeon <email@philsturgeon.co.uk>2012-02-08 22:26:51 +0100
committerPhil Sturgeon <email@philsturgeon.co.uk>2012-02-08 22:26:51 +0100
commit0209c70195384308f06a6c0fc42693c1c649cf46 (patch)
tree948f6cffee21af5cb6d8fc88916a0f6c588cf1ad
parent082a383a26f0f36685c6b5bdddc44f10eceafcb8 (diff)
parent773e117f0bfd103116397d26f0ea1d1854de5ca8 (diff)
Merge pull request #1018 from narfbg/develop-input
Fix CI_Input::is_ajax_request()
-rwxr-xr-xsystem/core/Input.php66
-rw-r--r--user_guide_src/source/changelog.rst1
2 files changed, 30 insertions, 37 deletions
diff --git a/system/core/Input.php b/system/core/Input.php
index 3339d97c5..ee15f4013 100755
--- a/system/core/Input.php
+++ b/system/core/Input.php
@@ -25,8 +25,6 @@
* @filesource
*/
-// ------------------------------------------------------------------------
-
/**
* Input Class
*
@@ -152,7 +150,7 @@ class CI_Input {
public function get($index = NULL, $xss_clean = FALSE)
{
// Check if a field has been provided
- if ($index === NULL AND ! empty($_GET))
+ if ($index === NULL && ! empty($_GET))
{
$get = array();
@@ -179,7 +177,7 @@ class CI_Input {
public function post($index = NULL, $xss_clean = FALSE)
{
// Check if a field has been provided
- if ($index === NULL AND ! empty($_POST))
+ if ($index === NULL && ! empty($_POST))
{
$post = array();
@@ -206,9 +204,9 @@ class CI_Input {
*/
public function get_post($index = '', $xss_clean = FALSE)
{
- return ( ! isset($_POST[$index]))
- ? $this->get($index, $xss_clean)
- : $this->post($index, $xss_clean);
+ return isset($_POST[$index])
+ ? $this->post($index, $xss_clean)
+ : $this->get($index, $xss_clean);
}
// --------------------------------------------------------------------
@@ -256,19 +254,19 @@ class CI_Input {
}
}
- if ($prefix == '' AND config_item('cookie_prefix') != '')
+ if ($prefix == '' && config_item('cookie_prefix') != '')
{
$prefix = config_item('cookie_prefix');
}
- if ($domain == '' AND config_item('cookie_domain') != '')
+ if ($domain == '' && config_item('cookie_domain') != '')
{
$domain = config_item('cookie_domain');
}
- if ($path == '/' AND config_item('cookie_path') != '/')
+ if ($path == '/' && config_item('cookie_path') !== '/')
{
$path = config_item('cookie_path');
}
- if ($secure == FALSE AND config_item('cookie_secure') != FALSE)
+ if ($secure == FALSE && config_item('cookie_secure') != FALSE)
{
$secure = config_item('cookie_secure');
}
@@ -320,11 +318,11 @@ class CI_Input {
$this->ip_address = in_array($_SERVER['REMOTE_ADDR'], $proxies) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR'];
}
- elseif ( ! $this->server('HTTP_CLIENT_IP') AND $this->server('REMOTE_ADDR'))
+ elseif ( ! $this->server('HTTP_CLIENT_IP') && $this->server('REMOTE_ADDR'))
{
$this->ip_address = $_SERVER['REMOTE_ADDR'];
}
- elseif ($this->server('REMOTE_ADDR') AND $this->server('HTTP_CLIENT_IP'))
+ elseif ($this->server('REMOTE_ADDR') && $this->server('HTTP_CLIENT_IP'))
{
$this->ip_address = $_SERVER['HTTP_CLIENT_IP'];
}
@@ -414,7 +412,7 @@ class CI_Input {
return $this->user_agent;
}
- return $this->user_agent = ( ! isset($_SERVER['HTTP_USER_AGENT'])) ? FALSE : $_SERVER['HTTP_USER_AGENT'];
+ return $this->user_agent = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : FALSE;
}
// --------------------------------------------------------------------
@@ -469,19 +467,16 @@ class CI_Input {
{
$_GET = array();
}
- else
+ elseif (is_array($_GET) && count($_GET) > 0)
{
- if (is_array($_GET) AND count($_GET) > 0)
+ foreach ($_GET as $key => $val)
{
- foreach ($_GET as $key => $val)
- {
- $_GET[$this->_clean_input_keys($key)] = $this->_clean_input_data($val);
- }
+ $_GET[$this->_clean_input_keys($key)] = $this->_clean_input_data($val);
}
}
// Clean $_POST Data
- if (is_array($_POST) AND count($_POST) > 0)
+ if (is_array($_POST) && count($_POST) > 0)
{
foreach ($_POST as $key => $val)
{
@@ -490,7 +485,7 @@ class CI_Input {
}
// Clean $_COOKIE Data
- if (is_array($_COOKIE) AND count($_COOKIE) > 0)
+ if (is_array($_COOKIE) && count($_COOKIE) > 0)
{
// Also get rid of specially treated cookies that might be set by a server
// or silly application, that are of no use to a CI application anyway
@@ -568,7 +563,7 @@ class CI_Input {
}
// Standardize newlines if needed
- if ($this->_standardize_newlines == TRUE AND strpos($str, "\r") !== FALSE)
+ if ($this->_standardize_newlines == TRUE && strpos($str, "\r") !== FALSE)
{
return str_replace(array("\r\n", "\r", "\r\n\n"), PHP_EOL, $str);
}
@@ -625,7 +620,7 @@ class CI_Input {
}
else
{
- $headers['Content-Type'] = (isset($_SERVER['CONTENT_TYPE'])) ? $_SERVER['CONTENT_TYPE'] : @getenv('CONTENT_TYPE');
+ $headers['Content-Type'] = isset($_SERVER['CONTENT_TYPE']) ? $_SERVER['CONTENT_TYPE'] : @getenv('CONTENT_TYPE');
foreach ($_SERVER as $key => $val)
{
@@ -655,9 +650,9 @@ class CI_Input {
*
* Returns the value of a single member of the headers class member
*
- * @param string array key for $this->headers
- * @param boolean XSS Clean or not
- * @return mixed FALSE on failure, string on success
+ * @param string array key for $this->headers
+ * @param bool XSS Clean or not
+ * @return mixed FALSE on failure, string on success
*/
public function get_request_header($index, $xss_clean = FALSE)
{
@@ -671,12 +666,9 @@ class CI_Input {
return FALSE;
}
- if ($xss_clean === TRUE)
- {
- return $this->security->xss_clean($this->headers[$index]);
- }
-
- return $this->headers[$index];
+ return ($xss_clean === TRUE)
+ ? $this->security->xss_clean($this->headers[$index])
+ : $this->headers[$index];
}
// --------------------------------------------------------------------
@@ -686,11 +678,11 @@ class CI_Input {
*
* Test to see if a request contains the HTTP_X_REQUESTED_WITH header
*
- * @return boolean
+ * @return bool
*/
public function is_ajax_request()
{
- return ($this->server('HTTP_X_REQUESTED_WITH') === 'XMLHttpRequest');
+ return ( ! empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) === 'xmlhttprequest');
}
// --------------------------------------------------------------------
@@ -700,11 +692,11 @@ class CI_Input {
*
* Test to see if a request was made from the command line
*
- * @return boolean
+ * @return bool
*/
public function is_cli_request()
{
- return (php_sapi_name() === 'cli') or defined('STDIN');
+ return (php_sapi_name() === 'cli' OR defined('STDIN'));
}
}
diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst
index c9354dea4..385eb4825 100644
--- a/user_guide_src/source/changelog.rst
+++ b/user_guide_src/source/changelog.rst
@@ -101,6 +101,7 @@ Bug fixes for 3.0
- Fixed a bug (#904) - ``CI_Loader::initialize()`` caused a PHP Fatal error to be triggered if error level E_STRICT is used.
- Fixed a hosting edge case where an empty $_SERVER['HTTPS'] variable would evaluate to 'on'
- Fixed a bug (#154) - ``CI_Session::sess_update()`` caused the session to be destroyed on pages where multiple AJAX requests were executed at once.
+- Fixed a possible bug in ``CI_Input::is_ajax_request()`` where some clients might not send the X-Requested-With HTTP header value exactly as 'XmlHttpRequest'.
Version 2.1.0
=============