summaryrefslogtreecommitdiffstats
path: root/system/core
diff options
context:
space:
mode:
authorJonathon Hill <jhill@brandmovers.com>2012-11-12 14:51:41 +0100
committerJonathon Hill <jhill@brandmovers.com>2012-11-12 14:51:41 +0100
commit3978fc33d82dd7f778d1adbf30744f4dfac41c25 (patch)
treef32be1ae610f0cfeff65c35abecd14e8ea5cadc6 /system/core
parent275cf274860c6ed181d50b398efd3a21d7ba9135 (diff)
parenta9ab46d7a031bda304eb9b6658ffaf693b8d9bcb (diff)
Merge remote-tracking branch 'upstream/develop' into develop
Conflicts: user_guide_src/source/changelog.rst Signed-off-by: Jonathon Hill <jhill@brandmovers.com>
Diffstat (limited to 'system/core')
-rw-r--r--system/core/Benchmark.php3
-rw-r--r--system/core/CodeIgniter.php96
-rw-r--r--system/core/Common.php52
-rw-r--r--system/core/Config.php3
-rw-r--r--system/core/Controller.php3
-rw-r--r--system/core/Exceptions.php3
-rw-r--r--system/core/Hooks.php3
-rw-r--r--system/core/Input.php54
-rw-r--r--system/core/Lang.php3
-rw-r--r--system/core/Loader.php111
-rw-r--r--system/core/Log.php181
-rw-r--r--system/core/Model.php3
-rw-r--r--system/core/Output.php3
-rw-r--r--system/core/Router.php144
-rw-r--r--system/core/Security.php3
-rw-r--r--system/core/URI.php128
-rw-r--r--system/core/Utf8.php3
17 files changed, 569 insertions, 227 deletions
diff --git a/system/core/Benchmark.php b/system/core/Benchmark.php
index f94db2721..e80ee54dd 100644
--- a/system/core/Benchmark.php
+++ b/system/core/Benchmark.php
@@ -1,4 +1,4 @@
-<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
+<?php
/**
* CodeIgniter
*
@@ -24,6 +24,7 @@
* @since Version 1.0
* @filesource
*/
+defined('BASEPATH') OR exit('No direct script access allowed');
/**
* Benchmark Class
diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php
index f27086386..89081b572 100644
--- a/system/core/CodeIgniter.php
+++ b/system/core/CodeIgniter.php
@@ -1,4 +1,4 @@
-<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
+<?php
/**
* CodeIgniter
*
@@ -24,6 +24,7 @@
* @since Version 1.0
* @filesource
*/
+defined('BASEPATH') OR exit('No direct script access allowed');
/**
* System Initialization File
@@ -255,23 +256,22 @@
* Security check
* ------------------------------------------------------
*
- * None of the functions in the app controller or the
+ * None of the methods in the app controller or the
* loader class can be called via the URI, nor can
- * controller functions that begin with an underscore
+ * controller functions that begin with an underscore.
*/
$class = $RTR->fetch_class();
$method = $RTR->fetch_method();
- if ( ! class_exists($class)
- OR strpos($method, '_') === 0
- OR in_array(strtolower($method), array_map('strtolower', get_class_methods('CI_Controller')))
- )
+ if ( ! class_exists($class) OR $method[0] === '_' OR method_exists('CI_Controller', $method))
{
if ( ! empty($RTR->routes['404_override']))
{
- $x = explode('/', $RTR->routes['404_override'], 2);
- $class = $x[0];
- $method = isset($x[1]) ? $x[1] : 'index';
+ if (sscanf($RTR->routes['404_override'], '%[^/]/%s', $class, $method) !== 2)
+ {
+ $method = 'index';
+ }
+
if ( ! class_exists($class))
{
if ( ! file_exists(APPPATH.'controllers/'.$class.'.php'))
@@ -288,6 +288,42 @@
}
}
+ if (method_exists($class, '_remap'))
+ {
+ $params = array($method, array_slice($URI->rsegments, 2));
+ $method = '_remap';
+ }
+ else
+ {
+ // WARNING: It appears that there are issues with is_callable() even in PHP 5.2!
+ // Furthermore, there are bug reports and feature/change requests related to it
+ // that make it unreliable to use in this context. Please, DO NOT change this
+ // work-around until a better alternative is available.
+ if ( ! in_array(strtolower($method), array_map('strtolower', get_class_methods($class)), TRUE))
+ {
+ if (empty($RTR->routes['404_override']))
+ {
+ show_404($class.'/'.$method);
+ }
+ elseif (sscanf($RTR->routes['404_override'], '%[^/]/%s', $class, $method) !== 2)
+ {
+ $method = 'index';
+ }
+
+ if ( ! class_exists($class))
+ {
+ if ( ! file_exists(APPPATH.'controllers/'.$class.'.php'))
+ {
+ show_404($class.'/'.$method);
+ }
+
+ include_once(APPPATH.'controllers/'.$class.'.php');
+ }
+ }
+
+ $params = array_slice($URI->rsegments, 2);
+ }
+
/*
* ------------------------------------------------------
* Is there a "pre_controller" hook?
@@ -317,45 +353,7 @@
* Call the requested method
* ------------------------------------------------------
*/
- // Is there a "remap" function? If so, we call it instead
- if (method_exists($CI, '_remap'))
- {
- $CI->_remap($method, array_slice($URI->rsegments, 2));
- }
- else
- {
- // is_callable() returns TRUE on some versions of PHP 5 for private and protected
- // methods, so we'll use this workaround for consistent behavior
- if ( ! in_array(strtolower($method), array_map('strtolower', get_class_methods($CI))))
- {
- // Check and see if we are using a 404 override and use it.
- if ( ! empty($RTR->routes['404_override']))
- {
- $x = explode('/', $RTR->routes['404_override'], 2);
- $class = $x[0];
- $method = isset($x[1]) ? $x[1] : 'index';
- if ( ! class_exists($class))
- {
- if ( ! file_exists(APPPATH.'controllers/'.$class.'.php'))
- {
- show_404($class.'/'.$method);
- }
-
- include_once(APPPATH.'controllers/'.$class.'.php');
- unset($CI);
- $CI = new $class();
- }
- }
- else
- {
- show_404($class.'/'.$method);
- }
- }
-
- // Call the requested method.
- // Any URI segments present (besides the class/function) will be passed to the method for convenience
- call_user_func_array(array(&$CI, $method), array_slice($URI->rsegments, 2));
- }
+ call_user_func_array(array(&$CI, $method), $params);
// Mark a benchmark end point
$BM->mark('controller_execution_time_( '.$class.' / '.$method.' )_end');
diff --git a/system/core/Common.php b/system/core/Common.php
index 2dd31d3e9..7feb16bfd 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -1,4 +1,4 @@
-<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
+<?php
/**
* CodeIgniter
*
@@ -24,6 +24,7 @@
* @since Version 1.0
* @filesource
*/
+defined('BASEPATH') OR exit('No direct script access allowed');
/**
* Common Functions
@@ -419,7 +420,7 @@ if ( ! function_exists('log_message'))
return;
}
- $_log =& load_class('Log');
+ $_log =& load_class('Log', 'core');
$_log->write_log($level, $message, $php_error);
}
}
@@ -650,5 +651,52 @@ if ( ! function_exists('_stringify_attributes'))
}
}
+// ------------------------------------------------------------------------
+
+if ( ! function_exists('function_usable'))
+{
+ /**
+ * Function usable
+ *
+ * Executes a function_exists() check, and if the Suhosin PHP
+ * extension is loaded - checks whether the function that is
+ * checked might be disabled in there as well.
+ *
+ * This is useful as function_exists() will return FALSE for
+ * functions disabled via the *disable_functions* php.ini
+ * setting, but not for *suhosin.executor.func.blacklist* and
+ * *suhosin.executor.disable_eval*. These settings will just
+ * terminate script execution if a disabled function is executed.
+ *
+ * @link http://www.hardened-php.net/suhosin/
+ * @param string $function_name Function to check for
+ * @return bool TRUE if the function exists and is safe to call,
+ * FALSE otherwise.
+ */
+ function function_usable($function_name)
+ {
+ static $_suhosin_func_blacklist;
+
+ if (function_exists($function_name))
+ {
+ if ( ! isset($_suhosin_func_blacklist))
+ {
+ $_suhosin_func_blacklist = extension_loaded('suhosin')
+ ? array()
+ : explode(',', trim(@ini_get('suhosin.executor.func.blacklist')));
+
+ if ( ! in_array('eval', $_suhosin_func_blacklist, TRUE) && @ini_get('suhosin.executor.disable_eval'))
+ {
+ $_suhosin_func_blacklist[] = 'eval';
+ }
+ }
+
+ return in_array($function_name, $_suhosin_func_blacklist, TRUE);
+ }
+
+ return FALSE;
+ }
+}
+
/* End of file Common.php */
/* Location: ./system/core/Common.php */ \ No newline at end of file
diff --git a/system/core/Config.php b/system/core/Config.php
index 642cee798..8250b5b1a 100644
--- a/system/core/Config.php
+++ b/system/core/Config.php
@@ -1,4 +1,4 @@
-<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
+<?php
/**
* CodeIgniter
*
@@ -24,6 +24,7 @@
* @since Version 1.0
* @filesource
*/
+defined('BASEPATH') OR exit('No direct script access allowed');
/**
* Config Class
diff --git a/system/core/Controller.php b/system/core/Controller.php
index 8c2ba893e..ee6fec8d5 100644
--- a/system/core/Controller.php
+++ b/system/core/Controller.php
@@ -1,4 +1,4 @@
-<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
+<?php
/**
* CodeIgniter
*
@@ -24,6 +24,7 @@
* @since Version 1.0
* @filesource
*/
+defined('BASEPATH') OR exit('No direct script access allowed');
/**
* Application Controller Class
diff --git a/system/core/Exceptions.php b/system/core/Exceptions.php
index 556257729..ced65ece4 100644
--- a/system/core/Exceptions.php
+++ b/system/core/Exceptions.php
@@ -1,4 +1,4 @@
-<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
+<?php
/**
* CodeIgniter
*
@@ -24,6 +24,7 @@
* @since Version 1.0
* @filesource
*/
+defined('BASEPATH') OR exit('No direct script access allowed');
/**
* Exceptions Class
diff --git a/system/core/Hooks.php b/system/core/Hooks.php
index d60e9ac5d..3c28ec9ba 100644
--- a/system/core/Hooks.php
+++ b/system/core/Hooks.php
@@ -1,4 +1,4 @@
-<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
+<?php
/**
* CodeIgniter
*
@@ -24,6 +24,7 @@
* @since Version 1.0
* @filesource
*/
+defined('BASEPATH') OR exit('No direct script access allowed');
/**
* Hooks Class
diff --git a/system/core/Input.php b/system/core/Input.php
index f6213c34e..adc5f7ac0 100644
--- a/system/core/Input.php
+++ b/system/core/Input.php
@@ -1,4 +1,4 @@
-<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
+<?php
/**
* CodeIgniter
*
@@ -24,6 +24,7 @@
* @since Version 1.0
* @filesource
*/
+defined('BASEPATH') OR exit('No direct script access allowed');
/**
* Input Class
@@ -99,6 +100,16 @@ class CI_Input {
protected $headers = array();
/**
+ * Input stream data
+ *
+ * Parsed from php://input at runtime
+ *
+ * @see CI_Input::input_stream()
+ * @var array
+ */
+ protected $_input_stream = NULL;
+
+ /**
* Class constructor
*
* Determines whether to globally enable the XSS processing
@@ -256,6 +267,37 @@ class CI_Input {
// ------------------------------------------------------------------------
/**
+ * Fetch an item from the php://input stream
+ *
+ * Useful when you need to access PUT, DELETE or PATCH request data.
+ *
+ * @param string $index Index for item to be fetched
+ * @param bool $xss_clean Whether to apply XSS filtering
+ * @return mixed
+ */
+ public function input_stream($index = '', $xss_clean = FALSE)
+ {
+ // The input stream can only be read once, so we'll need to check
+ // if we have already done that first.
+ if (is_array($this->_input_stream))
+ {
+ return $this->_fetch_from_array($this->_input_stream, $index, $xss_clean);
+ }
+
+ // Parse the input stream in our cache var
+ parse_str(file_get_contents('php://input'), $this->_input_stream);
+ if ( ! is_array($this->_input_stream))
+ {
+ $this->_input_stream = array();
+ return NULL;
+ }
+
+ return $this->_fetch_from_array($this->_input_stream, $index, $xss_clean);
+ }
+
+ // ------------------------------------------------------------------------
+
+ /**
* Set cookie
*
* Accepts an arbitrary number of parameters (up to 7) or an associative
@@ -355,11 +397,7 @@ class CI_Input {
// Some proxies typically list the whole chain of IP
// addresses through which the client has reached us.
// e.g. client_ip, proxy_ip1, proxy_ip2, etc.
- if (strpos($spoof, ',') !== FALSE)
- {
- $spoof = explode(',', $spoof, 2);
- $spoof = $spoof[0];
- }
+ sscanf($spoof, '%[^,]', $spoof);
if ( ! $this->valid_ip($spoof))
{
@@ -429,7 +467,7 @@ class CI_Input {
}
// Split the netmask length off the network address
- list($netaddr, $masklen) = explode('/', $proxy_ips[$i], 2);
+ sscanf($proxy_ips[$i], '%[^/]/%d', $netaddr, $masklen);
// Again, an IPv6 address is most likely in a compressed form
if ($separator === ':')
@@ -694,7 +732,7 @@ class CI_Input {
*/
protected function _clean_input_keys($str)
{
- if ( ! preg_match('/^[a-z0-9:_\/-]+$/i', $str))
+ if ( ! preg_match('/^[a-z0-9:_\/|-]+$/i', $str))
{
set_status_header(503);
exit('Disallowed Key Characters.');
diff --git a/system/core/Lang.php b/system/core/Lang.php
index 251cf6ef1..896385134 100644
--- a/system/core/Lang.php
+++ b/system/core/Lang.php
@@ -1,4 +1,4 @@
-<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
+<?php
/**
* CodeIgniter
*
@@ -24,6 +24,7 @@
* @since Version 1.0
* @filesource
*/
+defined('BASEPATH') OR exit('No direct script access allowed');
/**
* Language Class
diff --git a/system/core/Loader.php b/system/core/Loader.php
index db56ab3ae..1e6eafe8a 100644
--- a/system/core/Loader.php
+++ b/system/core/Loader.php
@@ -1,4 +1,4 @@
-<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
+<?php
/**
* CodeIgniter
*
@@ -24,6 +24,7 @@
* @since Version 1.0
* @filesource
*/
+defined('BASEPATH') OR exit('No direct script access allowed');
/**
* Loader Class
@@ -129,7 +130,7 @@ class CI_Loader {
/**
* Class constructor
*
- * Sets component load paths gets the initial output buffering level.
+ * Sets component load paths, gets the initial output buffering level.
*
* @return void
*/
@@ -147,21 +148,18 @@ class CI_Loader {
// --------------------------------------------------------------------
/**
- * Initialize the Loader
+ * Initializer
*
- * @used-by CI_Controller
+ * @todo Figure out a way to move this to the constructor
+ * without breaking *package_path*() methods.
* @uses CI_Loader::_ci_autoloader()
- * @return object $this
+ * @used-by CI_Controller::__construct()
+ * @return void
*/
public function initialize()
{
- $this->_ci_classes = array();
- $this->_ci_loaded_files = array();
- $this->_ci_models = array();
$this->_base_classes =& is_loaded();
-
$this->_ci_autoloader();
- return $this;
}
// --------------------------------------------------------------------
@@ -354,26 +352,30 @@ class CI_Loader {
/**
* Load the Database Utilities Class
*
- * @return void
+ * @param object $db Database object
+ * @param bool $return Whether to return the DB Forge class object or not
+ * @return void|object
*/
- public function dbutil()
+ public function dbutil($db = NULL, $return = FALSE)
{
- if ( ! class_exists('CI_DB'))
- {
- $this->database();
- }
-
$CI =& get_instance();
- // for backwards compatibility, load dbforge so we can extend dbutils off it
- // this use is deprecated and strongly discouraged
- $CI->load->dbforge();
+ if ( ! is_object($db) OR ! ($db instanceof CI_DB))
+ {
+ class_exists('CI_DB', FALSE) OR $this->database();
+ $db =& $CI->db;
+ }
require_once(BASEPATH.'database/DB_utility.php');
- require_once(BASEPATH.'database/drivers/'.$CI->db->dbdriver.'/'.$CI->db->dbdriver.'_utility.php');
- $class = 'CI_DB_'.$CI->db->dbdriver.'_utility';
+ require_once(BASEPATH.'database/drivers/'.$db->dbdriver.'/'.$db->dbdriver.'_utility.php');
+ $class = 'CI_DB_'.$db->dbdriver.'_utility';
- $CI->dbutil = new $class();
+ if ($return === TRUE)
+ {
+ return new $class($db);
+ }
+
+ $CI->dbutil = new $class($db);
}
// --------------------------------------------------------------------
@@ -381,22 +383,42 @@ class CI_Loader {
/**
* Load the Database Forge Class
*
- * @return void
+ * @param object $db Database object
+ * @param bool $return Whether to return the DB Forge class object or not
+ * @return void|object
*/
- public function dbforge()
+ public function dbforge($db = NULL, $return = FALSE)
{
- if ( ! class_exists('CI_DB'))
+ $CI =& get_instance();
+ if ( ! is_object($db) OR ! ($db instanceof CI_DB))
{
- $this->database();
+ class_exists('CI_DB', FALSE) OR $this->database();
+ $db =& $CI->db;
}
- $CI =& get_instance();
-
require_once(BASEPATH.'database/DB_forge.php');
- require_once(BASEPATH.'database/drivers/'.$CI->db->dbdriver.'/'.$CI->db->dbdriver.'_forge.php');
- $class = 'CI_DB_'.$CI->db->dbdriver.'_forge';
+ require_once(BASEPATH.'database/drivers/'.$db->dbdriver.'/'.$db->dbdriver.'_forge.php');
- $CI->dbforge = new $class();
+ if ( ! empty($db->subdriver))
+ {
+ $driver_path = BASEPATH.'database/drivers/'.$db->dbdriver.'/subdrivers/'.$db->dbdriver.'_'.$db->subdriver.'_forge.php';
+ if (file_exists($driver_path))
+ {
+ require_once($driver_path);
+ $class = 'CI_DB_'.$db->dbdriver.'_'.$db->subdriver.'_forge';
+ }
+ }
+ else
+ {
+ $class = 'CI_DB_'.$db->dbdriver.'_forge';
+ }
+
+ if ($return === TRUE)
+ {
+ return new $class($db);
+ }
+
+ $CI->dbforge = new $class($db);
}
// --------------------------------------------------------------------
@@ -510,27 +532,34 @@ class CI_Loader {
continue;
}
- $ext_helper = APPPATH.'helpers/'.config_item('subclass_prefix').$helper.'.php';
-
// Is this a helper extension request?
- if (file_exists($ext_helper))
+ $ext_helper = config_item('subclass_prefix').$helper;
+ $ext_loaded = FALSE;
+ foreach ($this->_ci_helper_paths as $path)
{
- $base_helper = BASEPATH.'helpers/'.$helper.'.php';
+ if (file_exists($path.'helpers/'.$ext_helper.'.php'))
+ {
+ include_once($path.'helpers/'.$ext_helper.'.php');
+ $ext_loaded = TRUE;
+ }
+ }
+ // If we have loaded extensions - check if the base one is here
+ if ($ext_loaded === TRUE)
+ {
+ $base_helper = BASEPATH.'helpers/'.$helper.'.php';
if ( ! file_exists($base_helper))
{
show_error('Unable to load the requested file: helpers/'.$helper.'.php');
}
- include_once($ext_helper);
include_once($base_helper);
-
$this->_ci_helpers[$helper] = TRUE;
log_message('debug', 'Helper loaded: '.$helper);
continue;
}
- // Try to load the helper
+ // No extensions found ... try loading regular helpers and/or overrides
foreach ($this->_ci_helper_paths as $path)
{
if (file_exists($path.'helpers/'.$helper.'.php'))
@@ -849,7 +878,9 @@ class CI_Loader {
// If the PHP installation does not support short tags we'll
// do a little string replacement, changing the short tags
// to standard PHP echo statements.
- if ( ! is_php('5.4') && (bool) @ini_get('short_open_tag') === FALSE && config_item('rewrite_short_tags') === TRUE)
+ if ( ! is_php('5.4') && (bool) @ini_get('short_open_tag') === FALSE
+ && config_item('rewrite_short_tags') === TRUE && function_usable('eval')
+ )
{
echo eval('?>'.preg_replace('/;*\s*\?>/', '; ?>', str_replace('<?=', '<?php echo ', file_get_contents($_ci_path))));
}
diff --git a/system/core/Log.php b/system/core/Log.php
new file mode 100644
index 000000000..e66270840
--- /dev/null
+++ b/system/core/Log.php
@@ -0,0 +1,181 @@
+<?php
+/**
+ * CodeIgniter
+ *
+ * An open source application development framework for PHP 5.2.4 or newer
+ *
+ * NOTICE OF LICENSE
+ *
+ * Licensed under the Open Software License version 3.0
+ *
+ * This source file is subject to the Open Software License (OSL 3.0) that is
+ * bundled with this package in the files license.txt / license.rst. It is
+ * also available through the world wide web at this URL:
+ * http://opensource.org/licenses/OSL-3.0
+ * If you did not receive a copy of the license and are unable to obtain it
+ * through the world wide web, please send an email to
+ * licensing@ellislab.com so we can send you a copy immediately.
+ *
+ * @package CodeIgniter
+ * @author EllisLab Dev Team
+ * @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/)
+ * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0)
+ * @link http://codeigniter.com
+ * @since Version 1.0
+ * @filesource
+ */
+defined('BASEPATH') OR exit('No direct script access allowed');
+
+/**
+ * Logging Class
+ *
+ * @package CodeIgniter
+ * @subpackage Libraries
+ * @category Logging
+ * @author EllisLab Dev Team
+ * @link http://codeigniter.com/user_guide/general/errors.html
+ */
+class CI_Log {
+
+ /**
+ * Path to save log files
+ *
+ * @var string
+ */
+ protected $_log_path;
+
+ /**
+ * Level of logging
+ *
+ * @var int
+ */
+ protected $_threshold = 1;
+
+ /**
+ * Highest level of logging
+ *
+ * @var int
+ */
+ protected $_threshold_max = 0;
+
+ /**
+ * Array of threshold levels to log
+ *
+ * @var array
+ */
+ protected $_threshold_array = array();
+
+ /**
+ * Format of timestamp for log files
+ *
+ * @var string
+ */
+ protected $_date_fmt = 'Y-m-d H:i:s';
+
+ /**
+ * Whether or not the logger can write to the log files
+ *
+ * @var bool
+ */
+ protected $_enabled = TRUE;
+
+ /**
+ * Predefined logging levels
+ *
+ * @var array
+ */
+ protected $_levels = array('ERROR' => 1, 'DEBUG' => 2, 'INFO' => 3, 'ALL' => 4);
+
+ /**
+ * Initialize Logging class
+ *
+ * @return void
+ */
+ public function __construct()
+ {
+ $config =& get_config();
+
+ $this->_log_path = ($config['log_path'] !== '') ? $config['log_path'] : APPPATH.'logs/';
+
+ if ( ! is_dir($this->_log_path) OR ! is_really_writable($this->_log_path))
+ {
+ $this->_enabled = FALSE;
+ }
+
+ if (is_numeric($config['log_threshold']))
+ {
+ $this->_threshold = (int) $config['log_threshold'];
+ }
+ elseif (is_array($config['log_threshold']))
+ {
+ $this->_threshold = $this->_threshold_max;
+ $this->_threshold_array = array_flip($config['log_threshold']);
+ }
+
+ if ($config['log_date_format'] !== '')
+ {
+ $this->_date_fmt = $config['log_date_format'];
+ }
+ }
+
+ // --------------------------------------------------------------------
+
+ /**
+ * Write Log File
+ *
+ * Generally this function will be called using the global log_message() function
+ *
+ * @param string the error level
+ * @param string the error message
+ * @param bool whether the error is a native PHP error
+ * @return bool
+ */
+ public function write_log($level = 'error', $msg, $php_error = FALSE)
+ {
+ if ($this->_enabled === FALSE)
+ {
+ return FALSE;
+ }
+
+ $level = strtoupper($level);
+
+ if (( ! isset($this->_levels[$level]) OR ($this->_levels[$level] > $this->_threshold))
+ && ! isset($this->_threshold_array[$this->_levels[$level]]))
+ {
+ return FALSE;
+ }
+
+
+ $filepath = $this->_log_path.'log-'.date('Y-m-d').'.php';
+ $message = '';
+
+ if ( ! file_exists($filepath))
+ {
+ $newfile = TRUE;
+ $message .= '<'."?php defined('BASEPATH') OR exit('No direct script access allowed'); ?".">\n\n";
+ }
+
+ if ( ! $fp = @fopen($filepath, FOPEN_WRITE_CREATE))
+ {
+ return FALSE;
+ }
+
+ $message .= $level.' '.($level === 'INFO' ? ' -' : '-').' '.date($this->_date_fmt).' --> '.$msg."\n";
+
+ flock($fp, LOCK_EX);
+ fwrite($fp, $message);
+ flock($fp, LOCK_UN);
+ fclose($fp);
+
+ if (isset($newfile) && $newfile === TRUE)
+ {
+ @chmod($filepath, FILE_WRITE_MODE);
+ }
+
+ return TRUE;
+ }
+
+}
+
+/* End of file Log.php */
+/* Location: ./system/libraries/Log.php */ \ No newline at end of file
diff --git a/system/core/Model.php b/system/core/Model.php
index 5a87ab153..28fdfbb69 100644
--- a/system/core/Model.php
+++ b/system/core/Model.php
@@ -1,4 +1,4 @@
-<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
+<?php
/**
* CodeIgniter
*
@@ -24,6 +24,7 @@
* @since Version 1.0
* @filesource
*/
+defined('BASEPATH') OR exit('No direct script access allowed');
/**
* Model Class
diff --git a/system/core/Output.php b/system/core/Output.php
index 3bb8f8dc0..9300df356 100644
--- a/system/core/Output.php
+++ b/system/core/Output.php
@@ -1,4 +1,4 @@
-<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
+<?php
/**
* CodeIgniter
*
@@ -24,6 +24,7 @@
* @since Version 1.0
* @filesource
*/
+defined('BASEPATH') OR exit('No direct script access allowed');
/**
* Output Class
diff --git a/system/core/Router.php b/system/core/Router.php
index a5e29f1a3..01f44bc83 100644
--- a/system/core/Router.php
+++ b/system/core/Router.php
@@ -1,4 +1,4 @@
-<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
+<?php
/**
* CodeIgniter
*
@@ -24,6 +24,7 @@
* @since Version 1.0
* @filesource
*/
+defined('BASEPATH') OR exit('No direct script access allowed');
/**
* Router Class
@@ -53,13 +54,6 @@ class CI_Router {
public $routes = array();
/**
- * List of error routes
- *
- * @var array
- */
- public $error_routes = array();
-
- /**
* Current class name
*
* @var string
@@ -148,12 +142,12 @@ class CI_Router {
include(APPPATH.'config/routes.php');
}
- $this->routes = ( ! isset($route) OR ! is_array($route)) ? array() : $route;
+ $this->routes = (isset($route) && is_array($route)) ? $route : array();
unset($route);
// Set the default controller so we can display it in the event
// the URI doesn't correlated to a valid controller.
- $this->default_controller = empty($this->routes['default_controller']) ? FALSE : strtolower($this->routes['default_controller']);
+ $this->default_controller = empty($this->routes['default_controller']) ? FALSE : $this->routes['default_controller'];
// Were there any query string segments? If so, we'll validate them and bail out since we're done.
if (count($segments) > 0)
@@ -185,25 +179,21 @@ class CI_Router {
*/
protected function _set_default_controller()
{
- if ($this->default_controller === FALSE)
+ if (empty($this->default_controller))
{
show_error('Unable to determine what should be displayed. A default route has not been specified in the routing file.');
}
+
// Is the method being specified?
- if (strpos($this->default_controller, '/') !== FALSE)
- {
- $x = explode('/', $this->default_controller);
- $this->set_class($x[0]);
- $this->set_method($x[1]);
- $this->_set_request($x);
- }
- else
+ if (sscanf($this->default_controller, '%[^/]/%s', $class, $method) !== 2)
{
- $this->set_class($this->default_controller);
- $this->set_method('index');
- $this->_set_request(array($this->default_controller, 'index'));
+ $method = 'index';
}
+ $this->set_class($class);
+ $this->set_method($method);
+ $this->_set_request(array($class, $method));
+
// re-index the routed segments array so it starts with 1 rather than 0
$this->uri->_reindex_segments();
@@ -232,17 +222,8 @@ class CI_Router {
$this->set_class($segments[0]);
- if (isset($segments[1]))
- {
- // A standard method request
- $this->set_method($segments[1]);
- }
- else
- {
- // This lets the "routed" segment array identify that the default
- // index method is being used.
- $segments[1] = 'index';
- }
+ isset($segments[1]) OR $segments[1] = 'index';
+ $this->set_method($segments[1]);
// Update our "routed" segment array to contain the segments.
// Note: If there is no custom routing, this array will be
@@ -267,9 +248,13 @@ class CI_Router {
return $segments;
}
+ $temp = str_replace('-', '_', $segments[0]);
+
// Does the requested controller exist in the root folder?
- if (file_exists(APPPATH.'controllers/'.$segments[0].'.php'))
+ if (file_exists(APPPATH.'controllers/'.$temp.'.php'))
{
+ $segments[0] = $temp;
+ empty($segments[1]) OR $segments[1] = str_replace('-', '_', $segments[1]);
return $segments;
}
@@ -277,22 +262,19 @@ class CI_Router {
if (is_dir(APPPATH.'controllers/'.$segments[0]))
{
// Set the directory and remove it from the segment array
- $this->set_directory($segments[0]);
- $segments = array_slice($segments, 1);
-
+ $this->set_directory(array_shift($segments));
if (count($segments) > 0)
{
+ $segments[0] = str_replace('-', '_', $segments[0]);
+ empty($segments[1]) OR $segments[1] = str_replace('-', '_', $segments[1]);
+
// Does the requested controller exist in the sub-folder?
if ( ! file_exists(APPPATH.'controllers/'.$this->fetch_directory().$segments[0].'.php'))
{
if ( ! empty($this->routes['404_override']))
{
- $x = explode('/', $this->routes['404_override']);
- $this->set_directory('');
- $this->set_class($x[0]);
- $this->set_method(isset($x[1]) ? $x[1] : 'index');
-
- return $x;
+ $this->directory = '';
+ return explode('/', $this->routes['404_override'], 2);
}
else
{
@@ -303,40 +285,26 @@ class CI_Router {
else
{
// Is the method being specified in the route?
- if (strpos($this->default_controller, '/') !== FALSE)
- {
- $x = explode('/', $this->default_controller);
- $this->set_class($x[0]);
- $this->set_method($x[1]);
- }
- else
- {
- $this->set_class($this->default_controller);
- $this->set_method('index');
- }
-
- // Does the default controller exist in the sub-folder?
- if ( ! file_exists(APPPATH.'controllers/'.$this->fetch_directory().$this->default_controller.'.php'))
+ $segments = explode('/', $this->default_controller);
+ if ( ! file_exists(APPPATH.'controllers/'.$this->fetch_directory().$segments[0].'.php'))
{
$this->directory = '';
- return array();
}
-
}
return $segments;
}
-
// If we've gotten this far it means that the URI does not correlate to a valid
// controller class. We will now see if there is an override
if ( ! empty($this->routes['404_override']))
{
- $x = explode('/', $this->routes['404_override']);
- $this->set_class($x[0]);
- $this->set_method(isset($x[1]) ? $x[1] : 'index');
+ if (sscanf($this->routes['404_override'], '%[^/]/%s', $class, $method) !== 2)
+ {
+ $method = 'index';
+ }
- return $x;
+ return array($class, $method);
}
// Nothing else to do at this point but show a 404
@@ -359,7 +327,7 @@ class CI_Router {
$uri = implode('/', $this->uri->segments);
// Is there a literal match? If so we're done
- if (isset($this->routes[$uri]))
+ if (isset($this->routes[$uri]) && is_string($this->routes[$uri]))
{
return $this->_set_request(explode('/', $this->routes[$uri]));
}
@@ -371,10 +339,48 @@ class CI_Router {
$key = str_replace(array(':any', ':num'), array('[^/]+', '[0-9]+'), $key);
// Does the RegEx match?
- if (preg_match('#^'.$key.'$#', $uri))
+ if (preg_match('#^'.$key.'$#', $uri, $matches))
{
- // Do we have a back-reference?
- if (strpos($val, '$') !== FALSE && strpos($key, '(') !== FALSE)
+ // Are we using callbacks to process back-references?
+ if ( ! is_string($val) && is_callable($val))
+ {
+ // Remove the original string from the matches array.
+ array_shift($matches);
+
+ // Get the match count.
+ $match_count = count($matches);
+
+ // Determine how many parameters the callback has.
+ $reflection = new ReflectionFunction($val);
+ $param_count = $reflection->getNumberOfParameters();
+
+ // Are there more parameters than matches?
+ if ($param_count > $match_count)
+ {
+ // Any params without matches will be set to an empty string.
+ $matches = array_merge($matches, array_fill($match_count, $param_count - $match_count, ''));
+
+ $match_count = $param_count;
+ }
+
+ // Get the parameters so we can use their default values.
+ $params = $reflection->getParameters();
+
+ for ($m = 0; $m < $match_count; $m++)
+ {
+ // Is the match empty and does a default value exist?
+ if (empty($matches[$m]) && $params[$m]->isDefaultValueAvailable())
+ {
+ // Substitute the empty match for the default value.
+ $matches[$m] = $params[$m]->getDefaultValue();
+ }
+ }
+
+ // Execute the callback using the values in matches as its parameters.
+ $val = call_user_func_array($val, $matches);
+ }
+ // Are we using the default routing method for back-references?
+ elseif (strpos($val, '$') !== FALSE && strpos($key, '(') !== FALSE)
{
$val = preg_replace('#^'.$key.'$#', $val, $uri);
}
@@ -493,7 +499,7 @@ class CI_Router {
if (isset($routing['function']))
{
- $routing['function'] = ($routing['function'] == '') ? 'index' : $routing['function'];
+ $routing['function'] = empty($routing['function']) ? 'index' : $routing['function'];
$this->set_method($routing['function']);
}
}
diff --git a/system/core/Security.php b/system/core/Security.php
index 50d0ce052..b8e66c087 100644
--- a/system/core/Security.php
+++ b/system/core/Security.php
@@ -1,4 +1,4 @@
-<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
+<?php
/**
* CodeIgniter
*
@@ -24,6 +24,7 @@
* @since Version 1.0
* @filesource
*/
+defined('BASEPATH') OR exit('No direct script access allowed');
/**
* Security Class
diff --git a/system/core/URI.php b/system/core/URI.php
index d67a35d4b..91740254c 100644
--- a/system/core/URI.php
+++ b/system/core/URI.php
@@ -1,4 +1,4 @@
-<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
+<?php
/**
* CodeIgniter
*
@@ -24,6 +24,7 @@
* @since Version 1.0
* @filesource
*/
+defined('BASEPATH') OR exit('No direct script access allowed');
/**
* URI Class
@@ -98,31 +99,28 @@ class CI_URI {
// Is the request coming from the command line?
if ($this->_is_cli_request())
{
- $this->_set_uri_string($this->_parse_cli_args());
+ $this->_set_uri_string($this->_parse_argv());
return;
}
- // Let's try the REQUEST_URI first, this will work in most situations
- if ($uri = $this->_detect_uri())
+ // Is there a PATH_INFO variable? This should be the easiest solution.
+ if (isset($_SERVER['PATH_INFO']))
{
- $this->_set_uri_string($uri);
+ $this->_set_uri_string($_SERVER['PATH_INFO']);
return;
}
- // Is there a PATH_INFO variable?
- // Note: some servers seem to have trouble with getenv() so we'll test it two ways
- $path = isset($_SERVER['PATH_INFO']) ? $_SERVER['PATH_INFO'] : @getenv('PATH_INFO');
- if (trim($path, '/') !== '' && $path !== '/'.SELF)
+ // Let's try REQUEST_URI then, this will work in most situations
+ if (($uri = $this->_parse_request_uri()) !== '')
{
- $this->_set_uri_string($path);
+ $this->_set_uri_string($uri);
return;
}
- // No PATH_INFO?... What about QUERY_STRING?
- $path = isset($_SERVER['QUERY_STRING']) ? $_SERVER['QUERY_STRING'] : @getenv('QUERY_STRING');
- if (trim($path, '/') !== '')
+ // No REQUEST_URI either?... What about QUERY_STRING?
+ if (($uri = $this->_parse_query_string()) !== '')
{
- $this->_set_uri_string($path);
+ $this->_set_uri_string($uri);
return;
}
@@ -140,19 +138,19 @@ class CI_URI {
$uri = strtoupper($this->config->item('uri_protocol'));
- if ($uri === 'REQUEST_URI')
+ if ($uri === 'CLI')
{
- $this->_set_uri_string($this->_detect_uri());
+ $this->_set_uri_string($this->_parse_argv());
return;
}
- elseif ($uri === 'CLI')
+ elseif (method_exists($this, ($method = '_parse_'.strtolower($uri))))
{
- $this->_set_uri_string($this->_parse_cli_args());
+ $this->_set_uri_string($this->$method());
return;
}
- $path = isset($_SERVER[$uri]) ? $_SERVER[$uri] : @getenv($uri);
- $this->_set_uri_string($path);
+ $uri = isset($_SERVER[$uri]) ? $_SERVER[$uri] : @getenv($uri);
+ $this->_set_uri_string($uri);
}
// --------------------------------------------------------------------
@@ -172,59 +170,54 @@ class CI_URI {
// --------------------------------------------------------------------
/**
- * Detects URI
+ * Parse REQUEST_URI
*
- * Will detect the URI automatically and fix the query string if necessary.
+ * Will parse REQUEST_URI and automatically detect the URI from it,
+ * while fixing the query string if necessary.
*
+ * @used-by CI_URI::_fetch_uri_string()
* @return string
*/
- protected function _detect_uri()
+ protected function _parse_request_uri()
{
if ( ! isset($_SERVER['REQUEST_URI'], $_SERVER['SCRIPT_NAME']))
{
return '';
}
- if (strpos($_SERVER['REQUEST_URI'], $_SERVER['SCRIPT_NAME']) === 0)
- {
- $uri = substr($_SERVER['REQUEST_URI'], strlen($_SERVER['SCRIPT_NAME']));
- }
- elseif (strpos($_SERVER['REQUEST_URI'], dirname($_SERVER['SCRIPT_NAME'])) === 0)
+ $uri = parse_url($_SERVER['REQUEST_URI']);
+ $query = isset($uri['query']) ? $uri['query'] : '';
+ $uri = isset($uri['path']) ? rawurldecode($uri['path']) : '';
+
+ if (strpos($uri, $_SERVER['SCRIPT_NAME']) === 0)
{
- $uri = substr($_SERVER['REQUEST_URI'], strlen(dirname($_SERVER['SCRIPT_NAME'])));
+ $uri = (string) substr($uri, strlen($_SERVER['SCRIPT_NAME']));
}
- else
+ elseif (strpos($uri, dirname($_SERVER['SCRIPT_NAME'])) === 0)
{
- $uri = $_SERVER['REQUEST_URI'];
+ $uri = (string) substr($uri, strlen(dirname($_SERVER['SCRIPT_NAME'])));
}
// This section ensures that even on servers that require the URI to be in the query string (Nginx) a correct
// URI is found, and also fixes the QUERY_STRING server var and $_GET array.
- if (strpos($uri, '?/') === 0)
+ if (trim($uri, '/') === '' && strncmp($query, '/', 1) === 0)
{
- $uri = substr($uri, 2);
- }
-
- $parts = explode('?', $uri, 2);
- $uri = $parts[0];
- if (isset($parts[1]))
- {
- $_SERVER['QUERY_STRING'] = $parts[1];
- parse_str($_SERVER['QUERY_STRING'], $_GET);
+ $query = explode('?', $query, 2);
+ $uri = rawurldecode($query[0]);
+ $_SERVER['QUERY_STRING'] = isset($query[1]) ? $query[1] : '';
}
else
{
- $_SERVER['QUERY_STRING'] = '';
- $_GET = array();
+ $_SERVER['QUERY_STRING'] = $query;
}
+ parse_str($_SERVER['QUERY_STRING'], $_GET);
+
if ($uri === '/' OR $uri === '')
{
return '/';
}
- $uri = parse_url('pseudo://hostname/'.$uri, PHP_URL_PATH);
-
// Do some final cleaning of the URI and return it
return str_replace(array('//', '../'), '/', trim($uri, '/'));
}
@@ -232,6 +225,36 @@ class CI_URI {
// --------------------------------------------------------------------
/**
+ * Parse QUERY_STRING
+ *
+ * Will parse QUERY_STRING and automatically detect the URI from it.
+ *
+ * @used-by CI_URI::_fetch_uri_string()
+ * @return string
+ */
+ protected function _parse_query_string()
+ {
+ $uri = isset($_SERVER['QUERY_STRING']) ? $_SERVER['QUERY_STRING'] : @getenv('QUERY_STRING');
+
+ if (trim($uri, '/') === '')
+ {
+ return '';
+ }
+ elseif (strncmp($uri, '/', 1) === 0)
+ {
+ $uri = explode('?', $uri, 2);
+ $_SERVER['QUERY_STRING'] = isset($uri[1]) ? $uri[1] : '';
+ $uri = rawurldecode($uri[0]);
+ }
+
+ parse_str($_SERVER['QUERY_STRING'], $_GET);
+
+ return str_replace(array('//', '../'), '/', trim($uri, '/'));
+ }
+
+ // --------------------------------------------------------------------
+
+ /**
* Is CLI Request?
*
* Duplicate of method from the Input class to test to see if
@@ -255,10 +278,10 @@ class CI_URI {
*
* @return string
*/
- protected function _parse_cli_args()
+ protected function _parse_argv()
{
$args = array_slice($_SERVER['argv'], 1);
- return $args ? '/'.implode('/', $args) : '';
+ return $args ? implode('/', $args) : '';
}
// --------------------------------------------------------------------
@@ -278,7 +301,7 @@ class CI_URI {
{
// preg_quote() in PHP 5.3 escapes -, so the str_replace() and addition of - to preg_quote() is to maintain backwards
// compatibility as many are unaware of how characters in the permitted_uri_chars will be parsed as a regex pattern
- if ( ! preg_match('|^['.str_replace(array('\\-', '\-'), '-', preg_quote($this->config->item('permitted_uri_chars'), '-')).']+$|i', urldecode($str)))
+ if ( ! preg_match('|^['.str_replace(array('\\-', '\-'), '-', preg_quote($this->config->item('permitted_uri_chars'), '-')).']+$|i', $str))
{
show_error('The URI you submitted has disallowed characters.', 400);
}
@@ -673,7 +696,14 @@ class CI_URI {
*/
public function ruri_string()
{
- return implode('/', $this->rsegment_array());
+ global $RTR;
+
+ if (($dir = $RTR->fetch_directory()) === '/')
+ {
+ $dir = '';
+ }
+
+ return $dir.implode('/', $this->rsegment_array());
}
}
diff --git a/system/core/Utf8.php b/system/core/Utf8.php
index efe3c10dc..5bc2dd5c9 100644
--- a/system/core/Utf8.php
+++ b/system/core/Utf8.php
@@ -1,4 +1,4 @@
-<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
+<?php
/**
* CodeIgniter
*
@@ -24,6 +24,7 @@
* @since Version 2.0
* @filesource
*/
+defined('BASEPATH') OR exit('No direct script access allowed');
/**
* Utf8 Class