Added function_usable() to common functions

It is now used to check whether dangerous functions like eval() and exec() are available. It appears that the Suhosin extension (which is becoming popular) terminates script execution instead of returning e.g. FALSE when it has a function blacklisted. function_exists() checks are insufficient and our only option is to check the ini settings here. Filed an issue here: https://github.com/stefanesser/suhosin/issues/18 ... hopefully we'll be able to deal with this in a more elegant way in the future. (this commit supersedes PR #1809)
author: Andrey Andreev <narf@bofh.bg> 2012-11-07 13:23:29 +0100
committer: Andrey Andreev <narf@bofh.bg> 2012-11-07 13:23:29 +0100
commit: e9d2dc85b9cb255aae235635576972e4b7dbd5a8 (patch)
tree: 139d0ecbef12a87fabb34c64bc77e4d0e2670176 /system/core/Loader.php
parent: 17e11cdf1c6ff23f00c3deb2a39a40ffeb446f5c (diff)
1 files changed, 3 insertions, 1 deletions
diff --git a/system/core/Loader.php b/system/core/Loader.php
index 9525f35d0..a9eec396c 100644
--- a/system/core/Loader.php
+++ b/system/core/Loader.php
@@ -871,7 +871,9 @@ class CI_Loader {
 		// If the PHP installation does not support short tags we'll
 		// do a little string replacement, changing the short tags
 		// to standard PHP echo statements.
-		if ( ! is_php('5.4') && (bool) @ini_get('short_open_tag') === FALSE && config_item('rewrite_short_tags') === TRUE)
+		if ( ! is_php('5.4') && (bool) @ini_get('short_open_tag') === FALSE
+			&& config_item('rewrite_short_tags') === TRUE && function_usable('eval')
+		)
 		{
 			echo eval('?>'.preg_replace('/;*\s*\?>/', '; ?>', str_replace('<?=', '<?php echo ', file_get_contents($_ci_path))));
 		}
author	Andrey Andreev <narf@bofh.bg>	2012-11-07 13:23:29 +0100
committer	Andrey Andreev <narf@bofh.bg>	2012-11-07 13:23:29 +0100
commit	e9d2dc85b9cb255aae235635576972e4b7dbd5a8 (patch)
tree	139d0ecbef12a87fabb34c64bc77e4d0e2670176 /system/core/Loader.php
parent	17e11cdf1c6ff23f00c3deb2a39a40ffeb446f5c (diff)