summaryrefslogtreecommitdiffstats
path: root/system/libraries
diff options
context:
space:
mode:
authorAndrey Andreev <narf@bofh.bg>2012-03-01 18:44:26 +0100
committerAndrey Andreev <narf@bofh.bg>2012-03-01 18:44:26 +0100
commitf4ec1f21d5d53ce7c2a1076ca8fd3ab2e6223a6e (patch)
tree6488c0e16d040dc5b112ea990bd6051ff32e003c /system/libraries
parent575bbfe97e4f0e3ad88558454fb2c87d372a7651 (diff)
parente3a68042c086acfc98ae273adbd8527af0c6ab8b (diff)
Merge upstream branch
Diffstat (limited to 'system/libraries')
-rw-r--r--system/libraries/Email.php331
-rw-r--r--system/libraries/Image_lib.php2
-rw-r--r--system/libraries/Upload.php121
3 files changed, 218 insertions, 236 deletions
diff --git a/system/libraries/Email.php b/system/libraries/Email.php
index 922107e9f..c8a5b41af 100644
--- a/system/libraries/Email.php
+++ b/system/libraries/Email.php
@@ -25,8 +25,6 @@
* @filesource
*/
-// ------------------------------------------------------------------------
-
/**
* CodeIgniter Email Class
*
@@ -40,55 +38,55 @@
*/
class CI_Email {
- public $useragent = "CodeIgniter";
- public $mailpath = "/usr/sbin/sendmail"; // Sendmail path
- public $protocol = "mail"; // mail/sendmail/smtp
- public $smtp_host = ""; // SMTP Server. Example: mail.earthlink.net
- public $smtp_user = ""; // SMTP Username
- public $smtp_pass = ""; // SMTP Password
- public $smtp_port = "25"; // SMTP Port
- public $smtp_timeout = 5; // SMTP Timeout in seconds
- public $smtp_crypto = ""; // SMTP Encryption. Can be null, tls or ssl.
- public $wordwrap = TRUE; // TRUE/FALSE Turns word-wrap on/off
- public $wrapchars = "76"; // Number of characters to wrap at.
- public $mailtype = "text"; // text/html Defines email formatting
- public $charset = "utf-8"; // Default char set: iso-8859-1 or us-ascii
- public $multipart = "mixed"; // "mixed" (in the body) or "related" (separate)
- public $alt_message = ''; // Alternative message for HTML emails
- public $validate = FALSE; // TRUE/FALSE. Enables email validation
- public $priority = "3"; // Default priority (1 - 5)
- public $newline = "\n"; // Default newline. "\r\n" or "\n" (Use "\r\n" to comply with RFC 822)
- public $crlf = "\n"; // The RFC 2045 compliant CRLF for quoted-printable is "\r\n". Apparently some servers,
+ public $useragent = 'CodeIgniter';
+ public $mailpath = '/usr/sbin/sendmail'; // Sendmail path
+ public $protocol = 'mail'; // mail/sendmail/smtp
+ public $smtp_host = ''; // SMTP Server. Example: mail.earthlink.net
+ public $smtp_user = ''; // SMTP Username
+ public $smtp_pass = ''; // SMTP Password
+ public $smtp_port = 25; // SMTP Port
+ public $smtp_timeout = 5; // SMTP Timeout in seconds
+ public $smtp_crypto = ''; // SMTP Encryption. Can be null, tls or ssl.
+ public $wordwrap = TRUE; // TRUE/FALSE Turns word-wrap on/off
+ public $wrapchars = 76; // Number of characters to wrap at.
+ public $mailtype = 'text'; // text/html Defines email formatting
+ public $charset = 'utf-8'; // Default char set: iso-8859-1 or us-ascii
+ public $multipart = 'mixed'; // "mixed" (in the body) or "related" (separate)
+ public $alt_message = ''; // Alternative message for HTML emails
+ public $validate = FALSE; // TRUE/FALSE. Enables email validation
+ public $priority = 3; // Default priority (1 - 5)
+ public $newline = "\n"; // Default newline. "\r\n" or "\n" (Use "\r\n" to comply with RFC 822)
+ public $crlf = "\n"; // The RFC 2045 compliant CRLF for quoted-printable is "\r\n". Apparently some servers,
// even on the receiving end think they need to muck with CRLFs, so using "\n", while
// distasteful, is the only thing that seems to work for all environments.
public $send_multipart = TRUE; // TRUE/FALSE - Yahoo does not like multipart alternative, so this is an override. Set to FALSE for Yahoo.
- public $bcc_batch_mode = FALSE; // TRUE/FALSE Turns on/off Bcc batch feature
+ public $bcc_batch_mode = FALSE; // TRUE/FALSE - Turns on/off Bcc batch feature
public $bcc_batch_size = 200; // If bcc_batch_mode = TRUE, sets max number of Bccs in each batch
- private $_safe_mode = FALSE;
- private $_subject = "";
- private $_body = "";
- private $_finalbody = "";
- private $_alt_boundary = "";
- private $_atc_boundary = "";
- private $_header_str = "";
- private $_smtp_connect = "";
- private $_encoding = "8bit";
- private $_IP = FALSE;
- private $_smtp_auth = FALSE;
- private $_replyto_flag = FALSE;
- private $_debug_msg = array();
- private $_recipients = array();
- private $_cc_array = array();
- private $_bcc_array = array();
- private $_headers = array();
- private $_attach_name = array();
- private $_attach_type = array();
- private $_attach_disp = array();
- private $_protocols = array('mail', 'sendmail', 'smtp');
- private $_base_charsets = array('us-ascii', 'iso-2022-'); // 7-bit charsets (excluding language suffix)
- private $_bit_depths = array('7bit', '8bit');
- private $_priorities = array('1 (Highest)', '2 (High)', '3 (Normal)', '4 (Low)', '5 (Lowest)');
+ protected $_safe_mode = FALSE;
+ protected $_subject = '';
+ protected $_body = '';
+ protected $_finalbody = '';
+ protected $_alt_boundary = '';
+ protected $_atc_boundary = '';
+ protected $_header_str = '';
+ protected $_smtp_connect = '';
+ protected $_encoding = '8bit';
+ protected $_IP = FALSE;
+ protected $_smtp_auth = FALSE;
+ protected $_replyto_flag = FALSE;
+ protected $_debug_msg = array();
+ protected $_recipients = array();
+ protected $_cc_array = array();
+ protected $_bcc_array = array();
+ protected $_headers = array();
+ protected $_attach_name = array();
+ protected $_attach_type = array();
+ protected $_attach_disp = array();
+ protected $_protocols = array('mail', 'sendmail', 'smtp');
+ protected $_base_charsets = array('us-ascii', 'iso-2022-'); // 7-bit charsets (excluding language suffix)
+ protected $_bit_depths = array('7bit', '8bit');
+ protected $_priorities = array('1 (Highest)', '2 (High)', '3 (Normal)', '4 (Low)', '5 (Lowest)');
/**
* Constructor - Sets Email Preferences
@@ -103,11 +101,11 @@ class CI_Email {
}
else
{
- $this->_smtp_auth = ($this->smtp_user == '' AND $this->smtp_pass == '') ? FALSE : TRUE;
- $this->_safe_mode = (bool) @ini_get("safe_mode");
+ $this->_smtp_auth = ! ($this->smtp_user == '' && $this->smtp_pass == '');
+ $this->_safe_mode = (bool) @ini_get('safe_mode');
}
- log_message('debug', "Email Class Initialized");
+ log_message('debug', 'Email Class Initialized');
}
// --------------------------------------------------------------------
@@ -115,7 +113,6 @@ class CI_Email {
/**
* Initialize preferences
*
- * @access public
* @param array
* @return void
*/
@@ -139,8 +136,8 @@ class CI_Email {
}
$this->clear();
- $this->_smtp_auth = ($this->smtp_user == '' AND $this->smtp_pass == '') ? FALSE : TRUE;
- $this->_safe_mode = (bool) @ini_get("safe_mode");
+ $this->_smtp_auth = ! ($this->smtp_user == '' && $this->smtp_pass == '');
+ $this->_safe_mode = (bool) @ini_get('safe_mode');
return $this;
}
@@ -150,17 +147,16 @@ class CI_Email {
/**
* Initialize the Email Data
*
- * @access public
* @param bool
- * @return void
+ * @return object
*/
public function clear($clear_attachments = FALSE)
{
- $this->_subject = "";
- $this->_body = "";
- $this->_finalbody = "";
- $this->_header_str = "";
- $this->_replyto_flag = FALSE;
+ $this->_subject = '';
+ $this->_body = '';
+ $this->_finalbody = '';
+ $this->_header_str = '';
+ $this->_replyto_flag = FALSE;
$this->_recipients = array();
$this->_cc_array = array();
$this->_bcc_array = array();
@@ -185,14 +181,13 @@ class CI_Email {
/**
* Set FROM
*
- * @access public
* @param string
* @param string
- * @return void
+ * @return object
*/
public function from($from, $name = '')
{
- if (preg_match( '/\<(.*)\>/', $from, $match))
+ if (preg_match('/\<(.*)\>/', $from, $match))
{
$from = $match[1];
}
@@ -228,14 +223,13 @@ class CI_Email {
/**
* Set Reply-to
*
- * @access public
* @param string
* @param string
- * @return void
+ * @return object
*/
public function reply_to($replyto, $name = '')
{
- if (preg_match( '/\<(.*)\>/', $replyto, $match))
+ if (preg_match('/\<(.*)\>/', $replyto, $match))
{
$replyto = $match[1];
}
@@ -266,9 +260,8 @@ class CI_Email {
/**
* Set Recipients
*
- * @access public
* @param string
- * @return void
+ * @return object
*/
public function to($to)
{
@@ -282,17 +275,17 @@ class CI_Email {
if ($this->_get_protocol() !== 'mail')
{
- $this->_set_header('To', implode(", ", $to));
+ $this->_set_header('To', implode(', ', $to));
}
switch ($this->_get_protocol())
{
- case 'smtp' :
+ case 'smtp':
$this->_recipients = $to;
break;
- case 'sendmail' :
- case 'mail' :
- $this->_recipients = implode(", ", $to);
+ case 'sendmail':
+ case 'mail':
+ $this->_recipients = implode(', ', $to);
break;
}
@@ -304,9 +297,8 @@ class CI_Email {
/**
* Set CC
*
- * @access public
* @param string
- * @return void
+ * @return object
*/
public function cc($cc)
{
@@ -318,7 +310,7 @@ class CI_Email {
$this->validate_email($cc);
}
- $this->_set_header('Cc', implode(", ", $cc));
+ $this->_set_header('Cc', implode(', ', $cc));
if ($this->_get_protocol() === 'smtp')
{
@@ -333,10 +325,9 @@ class CI_Email {
/**
* Set BCC
*
- * @access public
* @param string
* @param string
- * @return void
+ * @return object
*/
public function bcc($bcc, $limit = '')
{
@@ -360,7 +351,7 @@ class CI_Email {
}
else
{
- $this->_set_header('Bcc', implode(", ", $bcc));
+ $this->_set_header('Bcc', implode(', ', $bcc));
}
return $this;
@@ -371,9 +362,8 @@ class CI_Email {
/**
* Set Email Subject
*
- * @access public
* @param string
- * @return void
+ * @return object
*/
public function subject($subject)
{
@@ -387,13 +377,12 @@ class CI_Email {
/**
* Set Body
*
- * @access public
* @param string
- * @return void
+ * @return object
*/
public function message($body)
{
- $this->_body = rtrim(str_replace("\r", "", $body));
+ $this->_body = rtrim(str_replace("\r", '', $body));
/* strip slashes only if magic quotes is ON
if we do it with magic quotes OFF, it strips real, user-inputted chars.
@@ -414,9 +403,8 @@ class CI_Email {
/**
* Assign file attachments
*
- * @access public
* @param string
- * @return void
+ * @return object
*/
public function attach($filename, $disposition = '', $newname = NULL)
{
@@ -431,7 +419,6 @@ class CI_Email {
/**
* Add a Header Item
*
- * @access protected
* @param string
* @param string
* @return void
@@ -446,7 +433,6 @@ class CI_Email {
/**
* Convert a String to an Array
*
- * @access protected
* @param string
* @return array
*/
@@ -460,8 +446,7 @@ class CI_Email {
}
else
{
- $email = trim($email);
- settype($email, "array");
+ $email = (array) trim($email);
}
}
return $email;
@@ -472,9 +457,8 @@ class CI_Email {
/**
* Set Multipart Value
*
- * @access public
* @param string
- * @return void
+ * @return object
*/
public function set_alt_message($str = '')
{
@@ -487,9 +471,8 @@ class CI_Email {
/**
* Set Mailtype
*
- * @access public
* @param string
- * @return void
+ * @return object
*/
public function set_mailtype($type = 'text')
{
@@ -502,9 +485,8 @@ class CI_Email {
/**
* Set Wordwrap
*
- * @access public
* @param bool
- * @return void
+ * @return object
*/
public function set_wordwrap($wordwrap = TRUE)
{
@@ -517,13 +499,12 @@ class CI_Email {
/**
* Set Protocol
*
- * @access public
* @param string
- * @return void
+ * @return object
*/
public function set_protocol($protocol = 'mail')
{
- $this->protocol = ( ! in_array($protocol, $this->_protocols, TRUE)) ? 'mail' : strtolower($protocol);
+ $this->protocol = in_array($protocol, $this->_protocols, TRUE) ? strtolower($protocol) : 'mail';
return $this;
}
@@ -532,19 +513,12 @@ class CI_Email {
/**
* Set Priority
*
- * @access public
- * @param integer
- * @return void
+ * @param int
+ * @return object
*/
public function set_priority($n = 3)
{
- if ( ! is_numeric($n) OR $n < 1 OR $n > 5)
- {
- $this->priority = 3;
- return;
- }
-
- $this->priority = (int) $n;
+ $this->priority = preg_match('/^[1-5]$/', $n) ? (int) $n : 3;
return $this;
}
@@ -553,9 +527,8 @@ class CI_Email {
/**
* Set Newline Character
*
- * @access public
* @param string
- * @return void
+ * @return object
*/
public function set_newline($newline = "\n")
{
@@ -568,13 +541,12 @@ class CI_Email {
/**
* Set CRLF
*
- * @access public
* @param string
- * @return void
+ * @return object
*/
public function set_crlf($crlf = "\n")
{
- $this->crlf = ($crlf !== "\n" AND $crlf !== "\r\n" AND $crlf !== "\r") ? "\n" : $crlf;
+ $this->crlf = ($crlf !== "\n" && $crlf !== "\r\n" && $crlf !== "\r") ? "\n" : $crlf;
return $this;
}
@@ -583,13 +555,12 @@ class CI_Email {
/**
* Set Message Boundary
*
- * @access protected
* @return void
*/
protected function _set_boundaries()
{
- $this->_alt_boundary = "B_ALT_".uniqid(''); // multipart/alternative
- $this->_atc_boundary = "B_ATC_".uniqid(''); // attachment boundary
+ $this->_alt_boundary = 'B_ALT_'.uniqid(''); // multipart/alternative
+ $this->_atc_boundary = 'B_ATC_'.uniqid(''); // attachment boundary
}
// --------------------------------------------------------------------
@@ -597,14 +568,12 @@ class CI_Email {
/**
* Get the Message ID
*
- * @access protected
* @return string
*/
protected function _get_message_id()
{
$from = str_replace(array('>', '<'), '', $this->_headers['Return-Path']);
-
- return "<".uniqid('').strstr($from, '@').">";
+ return '<'.uniqid('').strstr($from, '@').'>';
}
// --------------------------------------------------------------------
@@ -612,14 +581,13 @@ class CI_Email {
/**
* Get Mail Protocol
*
- * @access protected
* @param bool
- * @return string
+ * @return mixed
*/
protected function _get_protocol($return = TRUE)
{
$this->protocol = strtolower($this->protocol);
- $this->protocol = ( ! in_array($this->protocol, $this->_protocols, TRUE)) ? 'mail' : $this->protocol;
+ in_array($this->protocol, $this->_protocols, TRUE) OR $this->protocol = 'mail';
if ($return == TRUE)
{
@@ -632,13 +600,12 @@ class CI_Email {
/**
* Get Mail Encoding
*
- * @access protected
* @param bool
* @return string
*/
protected function _get_encoding($return = TRUE)
{
- $this->_encoding = ( ! in_array($this->_encoding, $this->_bit_depths)) ? '8bit' : $this->_encoding;
+ in_array($this->_encoding, $this->_bit_depths) OR $this->_encoding = '8bit';
foreach ($this->_base_charsets as $charset)
{
@@ -659,7 +626,6 @@ class CI_Email {
/**
* Get content type (text/html/attachment)
*
- * @access protected
* @return string
*/
protected function _get_content_type()
@@ -687,17 +653,16 @@ class CI_Email {
/**
* Set RFC 822 Date
*
- * @access protected
* @return string
*/
protected function _set_date()
{
- $timezone = date("Z");
+ $timezone = date('Z');
$operator = (strncmp($timezone, '-', 1) === 0) ? '-' : '+';
$timezone = abs($timezone);
$timezone = floor($timezone/3600) * 100 + ($timezone % 3600) / 60;
- return sprintf("%s %s%04d", date("D, j M Y H:i:s"), $operator, $timezone);
+ return sprintf('%s %s%04d', date('D, j M Y H:i:s'), $operator, $timezone);
}
// --------------------------------------------------------------------
@@ -705,12 +670,11 @@ class CI_Email {
/**
* Mime message
*
- * @access protected
* @return string
*/
protected function _get_mime_message()
{
- return "This is a multi-part message in MIME format.".$this->newline."Your email application may not support this format.";
+ return 'This is a multi-part message in MIME format.'.$this->newline.'Your email application may not support this format.';
}
// --------------------------------------------------------------------
@@ -718,7 +682,6 @@ class CI_Email {
/**
* Validate Email Address
*
- * @access public
* @param string
* @return bool
*/
@@ -747,13 +710,12 @@ class CI_Email {
/**
* Email Validation
*
- * @access public
* @param string
* @return bool
*/
public function valid_email($address)
{
- return (bool) preg_match("/^([a-z0-9\+_\-]+)(\.[a-z0-9\+_\-]+)*@([a-z0-9\-]+\.)+[a-z]{2,6}$/ix", $address);
+ return (bool) preg_match('/^([a-z0-9\+_\-]+)(\.[a-z0-9\+_\-]+)*@([a-z0-9\-]+\.)+[a-z]{2,6}$/ix', $address);
}
// --------------------------------------------------------------------
@@ -761,7 +723,6 @@ class CI_Email {
/**
* Clean Extended Email Address: Joe Smith <joe@smith.com>
*
- * @access public
* @param string
* @return string
*/
@@ -776,7 +737,7 @@ class CI_Email {
foreach ($email as $addy)
{
- $clean_email[] = (preg_match( '/\<(.*)\>/', $addy, $match)) ? $match[1] : $addy;
+ $clean_email[] = preg_match('/\<(.*)\>/', $addy, $match) ? $match[1] : $addy;
}
return $clean_email;
@@ -792,12 +753,11 @@ class CI_Email {
* If the user hasn't specified his own alternative message
* it creates one by stripping the HTML
*
- * @access protected
* @return string
*/
protected function _get_alt_message()
{
- if ($this->alt_message != "")
+ if ($this->alt_message != '')
{
return $this->word_wrap($this->alt_message, '76');
}
@@ -818,9 +778,8 @@ class CI_Email {
/**
* Word Wrap
*
- * @access public
* @param string
- * @param integer
+ * @param int
* @return string
*/
public function word_wrap($str, $charlim = '')
@@ -911,8 +870,6 @@ class CI_Email {
/**
* Build final headers
*
- * @access protected
- * @param string
* @return string
*/
protected function _build_headers()
@@ -929,7 +886,6 @@ class CI_Email {
/**
* Write Headers as a string
*
- * @access protected
* @return void
*/
protected function _write_headers()
@@ -964,12 +920,11 @@ class CI_Email {
/**
* Build Final Body and attachments
*
- * @access protected
* @return void
*/
protected function _build_message()
{
- if ($this->wordwrap === TRUE AND $this->mailtype !== 'html')
+ if ($this->wordwrap === TRUE && $this->mailtype !== 'html')
{
$this->_body = $this->word_wrap($this->_body);
}
@@ -1131,9 +1086,8 @@ class CI_Email {
* Prepares string for Quoted-Printable Content-Transfer-Encoding
* Refer to RFC 2045 http://www.ietf.org/rfc/rfc2045.txt
*
- * @access protected
* @param string
- * @param integer
+ * @param int
* @return string
*/
protected function _prep_quoted_printable($str, $charlim = '')
@@ -1203,9 +1157,7 @@ class CI_Email {
}
// get rid of extra CRLF tacked onto the end
- $output = substr($output, 0, strlen($this->crlf) * -1);
-
- return $output;
+ return substr($output, 0, strlen($this->crlf) * -1);
}
// --------------------------------------------------------------------
@@ -1216,10 +1168,9 @@ class CI_Email {
* Performs "Q Encoding" on a string for use in email headers. It's related
* but not identical to quoted-printable, so it has its own method
*
- * @access public
- * @param str
- * @param bool // set to TRUE for processing From: headers
- * @return str
+ * @param string
+ * @param bool set to TRUE for processing From: headers
+ * @return string
*/
protected function _prep_q_encoding($str, $from = FALSE)
{
@@ -1275,9 +1226,7 @@ class CI_Email {
// wrap each line with the shebang, charset, and transfer encoding
// the preceding space on successive lines is required for header "folding"
- $str = trim(preg_replace('/^(.*)$/m', ' =?'.$this->charset.'?Q?$1?=', $str));
-
- return $str;
+ return trim(preg_replace('/^(.*)$/m', ' =?'.$this->charset.'?Q?$1?=', $str));
}
// --------------------------------------------------------------------
@@ -1285,7 +1234,6 @@ class CI_Email {
/**
* Send Email
*
- * @access public
* @return bool
*/
public function send()
@@ -1295,9 +1243,9 @@ class CI_Email {
$this->reply_to($this->_headers['From']);
}
- if (( ! isset($this->_recipients) AND ! isset($this->_headers['To'])) AND
- ( ! isset($this->_bcc_array) AND ! isset($this->_headers['Bcc'])) AND
- ( ! isset($this->_headers['Cc'])))
+ if ( ! isset($this->_recipients) && ! isset($this->_headers['To'])
+ && ! isset($this->_bcc_array) && ! isset($this->_headers['Bcc'])
+ && ! isset($this->_headers['Cc']))
{
$this->_set_error_message('lang:email_no_recipients');
return FALSE;
@@ -1305,44 +1253,40 @@ class CI_Email {
$this->_build_headers();
- if ($this->bcc_batch_mode AND count($this->_bcc_array) > $this->bcc_batch_size)
+ if ($this->bcc_batch_mode && count($this->_bcc_array) > $this->bcc_batch_size)
{
return $this->batch_bcc_send();
}
$this->_build_message();
-
return $this->_spool_email();
}
// --------------------------------------------------------------------
/**
- * Batch Bcc Send. Sends groups of BCCs in batches
+ * Batch Bcc Send. Sends groups of BCCs in batches
*
- * @access public
- * @return bool
+ * @return void
*/
public function batch_bcc_send()
{
- $float = $this->bcc_batch_size -1;
-
- $set = "";
-
+ $float = $this->bcc_batch_size - 1;
+ $set = '';
$chunk = array();
for ($i = 0, $c = count($this->_bcc_array); $i < $c; $i++)
{
if (isset($this->_bcc_array[$i]))
{
- $set .= ", ".$this->_bcc_array[$i];
+ $set .= ', '.$this->_bcc_array[$i];
}
if ($i == $float)
{
$chunk[] = substr($set, 1);
$float += $this->bcc_batch_size;
- $set = "";
+ $set = '';
}
if ($i === $c-1)
@@ -1359,7 +1303,7 @@ class CI_Email {
if ($this->protocol !== 'smtp')
{
- $this->_set_header('Bcc', implode(", ", $bcc));
+ $this->_set_header('Bcc', implode(', ', $bcc));
}
else
{
@@ -1376,7 +1320,6 @@ class CI_Email {
/**
* Unwrap special elements
*
- * @access protected
* @return void
*/
protected function _unwrap_specials()
@@ -1389,7 +1332,6 @@ class CI_Email {
/**
* Strip line-breaks via callback
*
- * @access protected
* @return string
*/
protected function _remove_nl_callback($matches)
@@ -1407,7 +1349,6 @@ class CI_Email {
/**
* Spool mail to the mail server
*
- * @access protected
* @return bool
*/
protected function _spool_email()
@@ -1429,7 +1370,6 @@ class CI_Email {
/**
* Send using mail()
*
- * @access protected
* @return bool
*/
protected function _send_with_mail()
@@ -1451,7 +1391,6 @@ class CI_Email {
/**
* Send using Sendmail
*
- * @access protected
* @return bool
*/
protected function _send_with_sendmail()
@@ -1484,7 +1423,6 @@ class CI_Email {
/**
* Send using SMTP
*
- * @access protected
* @return bool
*/
protected function _send_with_smtp()
@@ -1553,7 +1491,6 @@ class CI_Email {
/**
* SMTP Connect
*
- * @access protected
* @param string
* @return string
*/
@@ -1597,7 +1534,6 @@ class CI_Email {
/**
* Send SMTP command
*
- * @access protected
* @param string
* @param string
* @return string
@@ -1670,7 +1606,6 @@ class CI_Email {
/**
* SMTP Authenticate
*
- * @access protected
* @return bool
*/
protected function _smtp_authenticate()
@@ -1680,7 +1615,7 @@ class CI_Email {
return TRUE;
}
- if ($this->smtp_user == "" AND $this->smtp_pass == "")
+ if ($this->smtp_user == '' && $this->smtp_pass == '')
{
$this->_set_error_message('lang:email_no_smtp_unpw');
return FALSE;
@@ -1724,7 +1659,6 @@ class CI_Email {
/**
* Send SMTP data
*
- * @access protected
* @return bool
*/
protected function _send_data($data)
@@ -1743,7 +1677,6 @@ class CI_Email {
/**
* Get SMTP data
*
- * @access protected
* @return string
*/
protected function _get_smtp_data()
@@ -1768,12 +1701,11 @@ class CI_Email {
/**
* Get Hostname
*
- * @access protected
* @return string
*/
protected function _get_hostname()
{
- return (isset($_SERVER['SERVER_NAME'])) ? $_SERVER['SERVER_NAME'] : 'localhost.localdomain';
+ return isset($_SERVER['SERVER_NAME']) ? $_SERVER['SERVER_NAME'] : 'localhost.localdomain';
}
// --------------------------------------------------------------------
@@ -1781,7 +1713,6 @@ class CI_Email {
/**
* Get IP
*
- * @access protected
* @return string
*/
protected function _get_ip()
@@ -1791,13 +1722,13 @@ class CI_Email {
return $this->_IP;
}
- $cip = (isset($_SERVER['HTTP_CLIENT_IP']) AND $_SERVER['HTTP_CLIENT_IP'] != "") ? $_SERVER['HTTP_CLIENT_IP'] : FALSE;
- $rip = (isset($_SERVER['REMOTE_ADDR']) AND $_SERVER['REMOTE_ADDR'] != "") ? $_SERVER['REMOTE_ADDR'] : FALSE;
+ $cip = ( ! empty($_SERVER['HTTP_CLIENT_IP'])) ? $_SERVER['HTTP_CLIENT_IP'] : FALSE;
+ $rip = ( ! empty($_SERVER['REMOTE_ADDR'])) ? $_SERVER['REMOTE_ADDR'] : FALSE;
if ($cip) $this->_IP = $cip;
elseif ($rip) $this->_IP = $rip;
else
{
- $fip = (isset($_SERVER['HTTP_X_FORWARDED_FOR']) AND $_SERVER['HTTP_X_FORWARDED_FOR'] != "") ? $_SERVER['HTTP_X_FORWARDED_FOR'] : FALSE;
+ $fip = ( ! empty($_SERVER['HTTP_X_FORWARDED_FOR'])) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : FALSE;
if ($fip)
{
$this->_IP = $fip;
@@ -1810,7 +1741,7 @@ class CI_Email {
$this->_IP = end($x);
}
- if ( ! preg_match( "/^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$/", $this->_IP))
+ if ( ! preg_match('/^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$/', $this->_IP))
{
$this->_IP = '0.0.0.0';
}
@@ -1823,7 +1754,6 @@ class CI_Email {
/**
* Get Debug Message
*
- * @access public
* @return string
*/
public function print_debugger()
@@ -1838,8 +1768,7 @@ class CI_Email {
}
}
- $msg .= "<pre>".$this->_header_str."\n".htmlspecialchars($this->_subject)."\n".htmlspecialchars($this->_finalbody).'</pre>';
- return $msg;
+ return $msg.'<pre>'.$this->_header_str."\n".htmlspecialchars($this->_subject)."\n".htmlspecialchars($this->_finalbody).'</pre>';
}
// --------------------------------------------------------------------
@@ -1847,16 +1776,15 @@ class CI_Email {
/**
* Set Message
*
- * @access protected
* @param string
- * @return string
+ * @return void
*/
protected function _set_error_message($msg, $val = '')
{
$CI =& get_instance();
$CI->lang->load('email');
- if (substr($msg, 0, 5) !== 'lang:' || FALSE === ($line = $CI->lang->line(substr($msg, 5))))
+ if (substr($msg, 0, 5) !== 'lang:' OR FALSE === ($line = $CI->lang->line(substr($msg, 5))))
{
$this->_debug_msg[] = str_replace('%s', $val, $msg)."<br />";
}
@@ -1871,13 +1799,13 @@ class CI_Email {
/**
* Mime Types
*
- * @access protected
* @param string
* @return string
*/
- protected function _mime_types($ext = "")
+ protected function _mime_types($ext = '')
{
- $mimes = array( 'hqx' => 'application/mac-binhex40',
+ $mimes = array(
+ 'hqx' => 'application/mac-binhex40',
'cpt' => 'application/mac-compactpro',
'doc' => 'application/msword',
'bin' => 'application/macbinary',
@@ -1966,11 +1894,10 @@ class CI_Email {
'eml' => 'message/rfc822'
);
- return ( ! isset($mimes[strtolower($ext)])) ? "application/x-unknown-content-type" : $mimes[strtolower($ext)];
+ return isset($mimes[strtolower($ext)]) ? $mimes[strtolower($ext)] : 'application/x-unknown-content-type';
}
}
-// END CI_Email class
/* End of file Email.php */
/* Location: ./system/libraries/Email.php */
diff --git a/system/libraries/Image_lib.php b/system/libraries/Image_lib.php
index 5ea830fb1..9826eabdd 100644
--- a/system/libraries/Image_lib.php
+++ b/system/libraries/Image_lib.php
@@ -251,7 +251,7 @@ class CI_Image_lib {
}
else
{
- if (function_exists('realpath') && @realpath($this->new_image) !== FALSE)
+ if (strpos($this->new_image, '/') === FALSE AND strpos($this->new_image, '\\') === FALSE)
{
$full_dest_path = str_replace('\\', '/', realpath($this->new_image));
}
diff --git a/system/libraries/Upload.php b/system/libraries/Upload.php
index 0c63886e7..ac29c1bdd 100644
--- a/system/libraries/Upload.php
+++ b/system/libraries/Upload.php
@@ -1,4 +1,4 @@
-<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
+<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
/**
* CodeIgniter
*
@@ -593,16 +593,17 @@ class CI_Upload {
/**
* Verify that the filetype is allowed
*
+ * @param bool
* @return bool
*/
public function is_allowed_filetype($ignore_mime = FALSE)
{
- if ($this->allowed_types == '*')
+ if ($this->allowed_types === '*')
{
return TRUE;
}
- if (count($this->allowed_types) == 0 OR ! is_array($this->allowed_types))
+ if ( ! is_array($this->allowed_types) OR count($this->allowed_types) === 0)
{
$this->set_error('upload_no_file_types');
return FALSE;
@@ -618,12 +619,9 @@ class CI_Upload {
// Images get some additional checks
$image_types = array('gif', 'jpg', 'jpeg', 'png', 'jpe');
- if (in_array($ext, $image_types))
+ if (in_array($ext, $image_types) && @getimagesize($this->file_temp) === FALSE)
{
- if (getimagesize($this->file_temp) === FALSE)
- {
- return FALSE;
- }
+ return FALSE;
}
if ($ignore_mime === TRUE)
@@ -640,7 +638,7 @@ class CI_Upload {
return TRUE;
}
}
- elseif ($mime == $this->file_type)
+ elseif ($mime === $this->file_type)
{
return TRUE;
}
@@ -960,7 +958,7 @@ class CI_Upload {
}
elseif (is_file(APPPATH.'config/mimes.php'))
{
- include(APPPATH.'config//mimes.php');
+ include(APPPATH.'config/mimes.php');
}
else
{
@@ -1026,47 +1024,104 @@ class CI_Upload {
*/
protected function _file_mime_type($file)
{
- // Use if the Fileinfo extension, if available (only versions above 5.3 support the FILEINFO_MIME_TYPE flag)
- if ( (float) substr(phpversion(), 0, 3) >= 5.3 && function_exists('finfo_file'))
+ // We'll need this to validate the MIME info string (e.g. text/plain; charset=us-ascii)
+ $regexp = '/^([a-z\-]+\/[a-z0-9\-\.\+]+)(;\s.+)?$/';
+
+ /* Fileinfo extension - most reliable method
+ *
+ * Unfortunately, prior to PHP 5.3 - it's only available as a PECL extension and the
+ * more convenient FILEINFO_MIME_TYPE flag doesn't exist.
+ */
+ if (function_exists('finfo_file'))
{
- $finfo = new finfo(FILEINFO_MIME_TYPE);
- if ($finfo !== FALSE) // This is possible, if there is no magic MIME database file found on the system
+ $finfo = finfo_open(FILEINFO_MIME);
+ if (is_resource($finfo)) // It is possible that a FALSE value is returned, if there is no magic MIME database file found on the system
{
- $file_type = $finfo->file($file['tmp_name']);
+ $mime = @finfo_file($finfo, $file['tmp_name']);
+ finfo_close($finfo);
/* According to the comments section of the PHP manual page,
* it is possible that this function returns an empty string
* for some files (e.g. if they don't exist in the magic MIME database)
*/
- if (strlen($file_type) > 1)
+ if (is_string($mime) && preg_match($regexp, $mime, $matches))
{
- $this->file_type = $file_type;
+ $this->file_type = $matches[1];
return;
}
}
}
- // Fall back to the deprecated mime_content_type(), if available
- if (function_exists('mime_content_type'))
- {
- $this->file_type = @mime_content_type($file['tmp_name']);
- return;
- }
-
- /* This is an ugly hack, but UNIX-type systems provide a native way to detect the file type,
- * which is still more secure than depending on the value of $_FILES[$field]['type'].
+ /* This is an ugly hack, but UNIX-type systems provide a "native" way to detect the file type,
+ * which is still more secure than depending on the value of $_FILES[$field]['type'], and as it
+ * was reported in issue #750 (https://github.com/EllisLab/CodeIgniter/issues/750) - it's better
+ * than mime_content_type() as well, hence the attempts to try calling the command line with
+ * three different functions.
*
* Notes:
- * - a 'W' in the substr() expression bellow, would mean that we're using Windows
- * - many system admins would disable the exec() function due to security concerns, hence the function_exists() check
+ * - the DIRECTORY_SEPARATOR comparison ensures that we're not on a Windows system
+ * - many system admins would disable the exec(), shell_exec(), popen() and similar functions
+ * due to security concerns, hence the function_exists() checks
*/
- if (DIRECTORY_SEPARATOR !== '\\' && function_exists('exec'))
+ if (DIRECTORY_SEPARATOR !== '\\')
+ {
+ $cmd = 'file --brief --mime ' . escapeshellarg($file['tmp_name']) . ' 2>&1';
+
+ if (function_exists('exec'))
+ {
+ /* This might look confusing, as $mime is being populated with all of the output when set in the second parameter.
+ * However, we only neeed the last line, which is the actual return value of exec(), and as such - it overwrites
+ * anything that could already be set for $mime previously. This effectively makes the second parameter a dummy
+ * value, which is only put to allow us to get the return status code.
+ */
+ $mime = @exec($cmd, $mime, $return_status);
+ if ($return_status === 0 && is_string($mime) && preg_match($regexp, $mime, $matches))
+ {
+ $this->file_type = $matches[1];
+ return;
+ }
+ }
+
+ if ( (bool) @ini_get('safe_mode') === FALSE && function_exists('shell_exec'))
+ {
+ $mime = @shell_exec($cmd);
+ if (strlen($mime) > 0)
+ {
+ $mime = explode("\n", trim($mime));
+ if (preg_match($regexp, $mime[(count($mime) - 1)], $matches))
+ {
+ $this->file_type = $matches[1];
+ return;
+ }
+ }
+ }
+
+ if (function_exists('popen'))
+ {
+ $proc = @popen($cmd, 'r');
+ if (is_resource($proc))
+ {
+ $mime = @fread($test, 512);
+ @pclose($proc);
+ if ($mime !== FALSE)
+ {
+ $mime = explode("\n", trim($mime));
+ if (preg_match($regexp, $mime[(count($mime) - 1)], $matches))
+ {
+ $this->file_type = $matches[1];
+ return;
+ }
+ }
+ }
+ }
+ }
+
+ // Fall back to the deprecated mime_content_type(), if available (still better than $_FILES[$field]['type'])
+ if (function_exists('mime_content_type'))
{
- $output = array();
- @exec('file --brief --mime-type ' . escapeshellarg($file['tmp_path']), $output, $return_code);
- if ($return_code === 0 && strlen($output[0]) > 0) // A return status code != 0 would mean failed execution
+ $this->file_type = @mime_content_type($file['tmp_name']);
+ if (strlen($this->file_type) > 0) // It's possible that mime_content_type() returns FALSE or an empty string
{
- $this->file_type = rtrim($output[0]);
return;
}
}