summaryrefslogtreecommitdiffstats
path: root/system/core
diff options
context:
space:
mode:
authorTimothy Warren <tim@timshomepage.net>2012-06-27 14:02:13 +0200
committerTimothy Warren <tim@timshomepage.net>2012-06-27 14:02:13 +0200
commit13077951b63cf9858dc14ec9cab7f2b53ec88a3e (patch)
treee1fc50ddb8c0a4103c945f15d674d85c6655231b /system/core
parent9128231452f3ccea857a848b61bd0e6e9e319737 (diff)
parentb66664b5decd68de50ae6c239c8d995d6c088d94 (diff)
Merge branch 'develop' of git://github.com/EllisLab/CodeIgniter into email
Diffstat (limited to 'system/core')
-rw-r--r--system/core/Common.php20
-rw-r--r--system/core/Config.php34
-rw-r--r--system/core/Exceptions.php4
-rw-r--r--system/core/Hooks.php4
-rw-r--r--system/core/Output.php188
-rw-r--r--system/core/Security.php13
-rw-r--r--system/core/URI.php8
7 files changed, 234 insertions, 37 deletions
diff --git a/system/core/Common.php b/system/core/Common.php
index 1708653e7..c309d4192 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -431,6 +431,7 @@ if ( ! function_exists('set_status_header'))
300 => 'Multiple Choices',
301 => 'Moved Permanently',
302 => 'Found',
+ 303 => 'See Other',
304 => 'Not Modified',
305 => 'Use Proxy',
307 => 'Temporary Redirect',
@@ -462,18 +463,23 @@ if ( ! function_exists('set_status_header'))
505 => 'HTTP Version Not Supported'
);
- if ($code == '' OR ! is_numeric($code))
+ if (empty($code) OR ! is_numeric($code))
{
show_error('Status codes must be numeric', 500);
}
- elseif (isset($stati[$code]) && $text === '')
- {
- $text = $stati[$code];
- }
- if ($text === '')
+ is_int($code) OR $code = (int) $code;
+
+ if (empty($text))
{
- show_error('No status text available. Please check your status code number or supply your own message text.', 500);
+ if (isset($stati[$code]))
+ {
+ $text = $stati[$code];
+ }
+ else
+ {
+ show_error('No status text available. Please check your status code number or supply your own message text.', 500);
+ }
}
$server_protocol = isset($_SERVER['SERVER_PROTOCOL']) ? $_SERVER['SERVER_PROTOCOL'] : FALSE;
diff --git a/system/core/Config.php b/system/core/Config.php
index 3de1bcb96..4b4e5a7ba 100644
--- a/system/core/Config.php
+++ b/system/core/Config.php
@@ -225,25 +225,39 @@ class CI_Config {
* Site URL
* Returns base_url . index_page [. uri_string]
*
- * @param string the URI string
+ * @param mixed the URI string or an array of segments
* @return string
*/
public function site_url($uri = '')
{
- if ($uri === '')
+ if (empty($uri))
{
return $this->slash_item('base_url').$this->item('index_page');
}
+ $uri = $this->_uri_string($uri);
+
if ($this->item('enable_query_strings') === FALSE)
{
$suffix = ($this->item('url_suffix') === FALSE) ? '' : $this->item('url_suffix');
- return $this->slash_item('base_url').$this->slash_item('index_page').$this->_uri_string($uri).$suffix;
+
+ if ($suffix !== '' && ($offset = strpos($uri, '?')) !== FALSE)
+ {
+ $uri = substr($uri, 0, $offset).$suffix.substr($uri, $offset);
+ }
+ else
+ {
+ $uri .= $suffix;
+ }
+
+ return $this->slash_item('base_url').$this->slash_item('index_page').$uri;
}
- else
+ elseif (strpos($uri, '?') === FALSE)
{
- return $this->slash_item('base_url').$this->item('index_page').'?'.$this->_uri_string($uri);
+ $uri = '?'.$uri;
}
+
+ return $this->slash_item('base_url').$this->item('index_page').$uri;
}
// -------------------------------------------------------------
@@ -280,15 +294,7 @@ class CI_Config {
}
elseif (is_array($uri))
{
- $i = 0;
- $str = '';
- foreach ($uri as $key => $val)
- {
- $prefix = ($i === 0) ? '' : '&';
- $str .= $prefix.$key.'='.$val;
- $i++;
- }
- return $str;
+ return http_build_query($uri);
}
return $uri;
diff --git a/system/core/Exceptions.php b/system/core/Exceptions.php
index 8c32085fe..bd9178dbd 100644
--- a/system/core/Exceptions.php
+++ b/system/core/Exceptions.php
@@ -143,7 +143,7 @@ class CI_Exceptions {
ob_end_flush();
}
ob_start();
- include(APPPATH.'views/errors/'.$template.'.php');
+ include(VIEWPATH.'errors/'.$template.'.php');
$buffer = ob_get_contents();
ob_end_clean();
return $buffer;
@@ -177,7 +177,7 @@ class CI_Exceptions {
ob_end_flush();
}
ob_start();
- include(APPPATH.'views/errors/error_php.php');
+ include(VIEWPATH.'errors/error_php.php');
$buffer = ob_get_contents();
ob_end_clean();
echo $buffer;
diff --git a/system/core/Hooks.php b/system/core/Hooks.php
index 29fd88201..afbf4b453 100644
--- a/system/core/Hooks.php
+++ b/system/core/Hooks.php
@@ -39,7 +39,7 @@
class CI_Hooks {
/**
- * Determines wether hooks are enabled
+ * Determines whether hooks are enabled
*
* @var bool
*/
@@ -53,7 +53,7 @@ class CI_Hooks {
public $hooks = array();
/**
- * Determines wether hook is in progress, used to prevent infinte loops
+ * Determines whether hook is in progress, used to prevent infinte loops
*
* @var bool
*/
diff --git a/system/core/Output.php b/system/core/Output.php
index 5588ffe8e..5ec8c4bc0 100644
--- a/system/core/Output.php
+++ b/system/core/Output.php
@@ -67,7 +67,14 @@ class CI_Output {
public $mimes = array();
/**
- * Determines wether profiler is enabled
+ * Mime-type for the current page
+ *
+ * @var string
+ */
+ protected $mime_type = 'text/html';
+
+ /**
+ * Determines whether profiler is enabled
*
* @var book
*/
@@ -78,7 +85,7 @@ class CI_Output {
*
* @var bool
*/
- protected $_zlib_oc = FALSE;
+ protected $_zlib_oc = FALSE;
/**
* List of profiler sections
@@ -174,7 +181,7 @@ class CI_Output {
* how to permit header data to be saved with the cache data...
*
* @param string
- * @param bool
+ * @param bool
* @return void
*/
public function set_header($header, $replace = TRUE)
@@ -218,6 +225,8 @@ class CI_Output {
}
}
+ $this->mime_type = $mime_type;
+
if (empty($charset))
{
$charset = config_item('charset');
@@ -292,6 +301,12 @@ class CI_Output {
*/
public function set_profiler_sections($sections)
{
+ if (isset($sections['query_toggle_count']))
+ {
+ $this->_profiler_sections['query_toggle_count'] = (int) $sections['query_toggle_count'];
+ unset($sections['query_toggle_count']);
+ }
+
foreach ($sections as $section => $enable)
{
$this->_profiler_sections[$section] = ($enable !== FALSE);
@@ -327,7 +342,7 @@ class CI_Output {
* with any server headers and profile data. It also stops the
* benchmark timer so the page rendering speed and memory usage can be shown.
*
- * @param string
+ * @param string
* @return mixed
*/
public function _display($output = '')
@@ -353,6 +368,15 @@ class CI_Output {
// --------------------------------------------------------------------
+ // Is minify requested?
+ if ($CFG->item('minify_output') === TRUE)
+ {
+ $output = $this->minify($output, $this->mime_type);
+ }
+
+
+ // --------------------------------------------------------------------
+
// Do we need to write a cache file? Only if the controller does not have its
// own _output() method and we are not dealing with a cache file, which we
// can determine by the existence of the $CI object above
@@ -450,7 +474,7 @@ class CI_Output {
/**
* Write a Cache File
*
- * @param string
+ * @param string
* @return void
*/
public function _write_cache($output)
@@ -493,6 +517,9 @@ class CI_Output {
@chmod($cache_path, FILE_WRITE_MODE);
log_message('debug', 'Cache file written: '.$cache_path);
+
+ // Send HTTP cache-control headers to browser to match file cache settings.
+ $this->set_cache_header($_SERVER['REQUEST_TIME'], $expire);
}
// --------------------------------------------------------------------
@@ -500,8 +527,8 @@ class CI_Output {
/**
* Update/serve a cached file
*
- * @param object config class
- * @param object uri class
+ * @param object config class
+ * @param object uri class
* @return bool
*/
public function _display_cache(&$CFG, &$URI)
@@ -530,13 +557,22 @@ class CI_Output {
return FALSE;
}
- // Has the file expired? If so we'll delete it.
- if (time() >= trim(str_replace('TS--->', '', $match[1])) && is_really_writable($cache_path))
+ $last_modified = filemtime($cache_path);
+ $expire = trim(str_replace('TS--->', '', $match[1]));
+
+ // Has the file expired?
+ if ($_SERVER['REQUEST_TIME'] >= $expire && is_really_writable($cache_path))
{
+ // If so we'll delete it.
@unlink($filepath);
log_message('debug', 'Cache file has expired. File deleted.');
return FALSE;
}
+ else
+ {
+ // Or else send the HTTP cache control headers.
+ $this->set_cache_header($last_modified, $expire);
+ }
// Display the cache
$this->_display(str_replace($match[0], '', $cache));
@@ -544,6 +580,140 @@ class CI_Output {
return TRUE;
}
+ // --------------------------------------------------------------------
+
+ /**
+ * Set the HTTP headers to match the server-side file cache settings
+ * in order to reduce bandwidth.
+ *
+ * @param int timestamp of when the page was last modified
+ * @param int timestamp of when should the requested page expire from cache
+ * @return void
+ */
+ public function set_cache_header($last_modified, $expiration)
+ {
+ $max_age = $expiration - $_SERVER['REQUEST_TIME'];
+
+ if (isset($_SERVER['HTTP_IF_MODIFIED_SINCE']) && $last_modified <= strtotime($_SERVER['HTTP_IF_MODIFIED_SINCE']))
+ {
+ $this->set_status_header(304);
+ exit;
+ }
+ else
+ {
+ header('Pragma: public');
+ header('Cache-Control: max-age=' . $max_age . ', public');
+ header('Expires: '.gmdate('D, d M Y H:i:s', $expiration).' GMT');
+ header('Last-modified: '.gmdate('D, d M Y H:i:s', $last_modified).' GMT');
+ }
+ }
+
+ // --------------------------------------------------------------------
+
+ /**
+ * Reduce excessive size of HTML content.
+ *
+ * @param string
+ * @param string
+ * @return string
+ */
+ public function minify($output, $type = 'text/html')
+ {
+ switch ($type)
+ {
+ case 'text/html':
+
+ $size_before = strlen($output);
+
+ if ($size_before === 0)
+ {
+ return '';
+ }
+
+ // Find all the <pre>,<code>,<textarea>, and <javascript> tags
+ // We'll want to return them to this unprocessed state later.
+ preg_match_all('{<pre.+</pre>}msU', $output, $pres_clean);
+ preg_match_all('{<code.+</code>}msU', $output, $codes_clean);
+ preg_match_all('{<textarea.+</textarea>}msU', $output, $textareas_clean);
+ preg_match_all('{<script.+</script>}msU', $output, $javascript_clean);
+
+ // Minify the CSS in all the <style> tags.
+ preg_match_all('{<style.+</style>}msU', $output, $style_clean);
+ foreach ($style_clean[0] as $s)
+ {
+ $output = str_replace($s, $this->minify($s, 'text/css'), $output);
+ }
+
+ // Minify the javascript in <script> tags.
+ foreach ($javascript_clean[0] as $s)
+ {
+ $javascript_mini[] = $this->minify($s, 'text/javascript');
+ }
+
+ // Replace multiple spaces with a single space.
+ $output = preg_replace('!\s{2,}!', ' ', $output);
+
+ // Remove comments (non-MSIE conditionals)
+ $output = preg_replace('{\s*<!--[^\[].*-->\s*}msU', '', $output);
+
+ // Remove spaces around block-level elements.
+ $output = preg_replace('/\s*(<\/?(html|head|title|meta|script|link|style|body|h[1-6]|div|p|br)[^>]*>)\s*/is', '$1', $output);
+
+ // Replace mangled <pre> etc. tags with unprocessed ones.
+
+ if ( ! empty($pres_clean))
+ {
+ preg_match_all('{<pre.+</pre>}msU', $output, $pres_messed);
+ $output = str_replace($pres_messed[0], $pres_clean[0], $output);
+ }
+
+ if ( ! empty($codes_clean))
+ {
+ preg_match_all('{<code.+</code>}msU', $output, $codes_messed);
+ $output = str_replace($codes_messed[0], $codes_clean[0], $output);
+ }
+
+ if ( ! empty($codes_clean))
+ {
+ preg_match_all('{<textarea.+</textarea>}msU', $output, $textareas_messed);
+ $output = str_replace($textareas_messed[0], $textareas_clean[0], $output);
+ }
+
+ if (isset($javascript_mini))
+ {
+ preg_match_all('{<script.+</script>}msU', $output, $javascript_messed);
+ $output = str_replace($javascript_messed[0], $javascript_mini, $output);
+ }
+
+ $size_removed = $size_before - strlen($output);
+ $savings_percent = round(($size_removed / $size_before * 100));
+
+ log_message('debug', 'Minifier shaved '.($size_removed / 1000).'KB ('.$savings_percent.'%) off final HTML output.');
+
+ break;
+
+ case 'text/css':
+
+ //Remove CSS comments
+ $output = preg_replace('!/\*[^*]*\*+([^/][^*]*\*+)*/!', '', $output);
+
+ // Remove spaces around curly brackets, colons,
+ // semi-colons, parenthesis, commas
+ $output = preg_replace('!\s*(:|;|,|}|{|\(|\))\s*!', '$1', $output);
+
+ break;
+
+ case 'text/javascript':
+
+ // Currently leaves JavaScript untouched.
+ break;
+
+ default: break;
+ }
+
+ return $output;
+ }
+
}
/* End of file Output.php */
diff --git a/system/core/Security.php b/system/core/Security.php
index 4593a1090..227217e75 100644
--- a/system/core/Security.php
+++ b/system/core/Security.php
@@ -561,6 +561,19 @@ class CI_Security {
// ----------------------------------------------------------------
/**
+ * Strip Image Tags
+ *
+ * @param string
+ * @return string
+ */
+ public function strip_image_tags($str)
+ {
+ return preg_replace(array('#<img\s+.*?src\s*=\s*["\'](.+?)["\'].*?\>#', '#<img\s+.*?src\s*=\s*(.+?).*?\>#'), '\\1', $str);
+ }
+
+ // ----------------------------------------------------------------
+
+ /**
* Compact Exploded Words
*
* Callback function for xss_clean() to remove whitespace from
diff --git a/system/core/URI.php b/system/core/URI.php
index a997525ee..6a8b1a5ac 100644
--- a/system/core/URI.php
+++ b/system/core/URI.php
@@ -278,7 +278,7 @@ class CI_URI {
{
// preg_quote() in PHP 5.3 escapes -, so the str_replace() and addition of - to preg_quote() is to maintain backwards
// compatibility as many are unaware of how characters in the permitted_uri_chars will be parsed as a regex pattern
- if ( ! preg_match('|^['.str_replace(array('\\-', '\-'), '-', preg_quote($this->config->item('permitted_uri_chars'), '-')).']+$|i', $str))
+ if ( ! preg_match('|^['.str_replace(array('\\-', '\-'), '-', preg_quote($this->config->item('permitted_uri_chars'), '-')).']+$|i', urldecode($str)))
{
show_error('The URI you submitted has disallowed characters.', 400);
}
@@ -302,9 +302,11 @@ class CI_URI {
*/
public function _remove_url_suffix()
{
- if ($this->config->item('url_suffix') !== '')
+ $suffix = (string) $this->config->item('url_suffix');
+
+ if ($suffix !== '' && ($offset = strrpos($this->uri_string, $suffix)) !== FALSE)
{
- $this->uri_string = preg_replace('|'.preg_quote($this->config->item('url_suffix')).'$|', '', $this->uri_string);
+ $this->uri_string = substr_replace($this->uri_string, '', $offset, strlen($suffix));
}
}