summaryrefslogtreecommitdiffstats
path: root/system/libraries
diff options
context:
space:
mode:
authorMike Funk <mfunk@xulonpress.com>2012-03-06 21:19:07 +0100
committerMike Funk <mfunk@xulonpress.com>2012-03-06 21:19:07 +0100
commit8f7db7bf06ab3014f80fdb730df13b57d87c2196 (patch)
treea61142583e19002db610e3ef74f3a9f0eedbd8e0 /system/libraries
parentc91a66cd7c770f8060cbe366491c1f4de9147da4 (diff)
parent738f53448fecd1a27c7f89965fbfc47b3bafdb9b (diff)
updated and merged user guide with develop branch.
Diffstat (limited to 'system/libraries')
-rw-r--r--system/libraries/Email.php338
-rw-r--r--system/libraries/Form_validation.php159
-rw-r--r--system/libraries/Image_lib.php2
-rw-r--r--system/libraries/Profiler.php12
-rw-r--r--system/libraries/Session.php12
-rw-r--r--system/libraries/Upload.php121
6 files changed, 354 insertions, 290 deletions
diff --git a/system/libraries/Email.php b/system/libraries/Email.php
index 922107e9f..8d839d0c9 100644
--- a/system/libraries/Email.php
+++ b/system/libraries/Email.php
@@ -25,8 +25,6 @@
* @filesource
*/
-// ------------------------------------------------------------------------
-
/**
* CodeIgniter Email Class
*
@@ -40,55 +38,55 @@
*/
class CI_Email {
- public $useragent = "CodeIgniter";
- public $mailpath = "/usr/sbin/sendmail"; // Sendmail path
- public $protocol = "mail"; // mail/sendmail/smtp
- public $smtp_host = ""; // SMTP Server. Example: mail.earthlink.net
- public $smtp_user = ""; // SMTP Username
- public $smtp_pass = ""; // SMTP Password
- public $smtp_port = "25"; // SMTP Port
- public $smtp_timeout = 5; // SMTP Timeout in seconds
- public $smtp_crypto = ""; // SMTP Encryption. Can be null, tls or ssl.
- public $wordwrap = TRUE; // TRUE/FALSE Turns word-wrap on/off
- public $wrapchars = "76"; // Number of characters to wrap at.
- public $mailtype = "text"; // text/html Defines email formatting
- public $charset = "utf-8"; // Default char set: iso-8859-1 or us-ascii
- public $multipart = "mixed"; // "mixed" (in the body) or "related" (separate)
- public $alt_message = ''; // Alternative message for HTML emails
- public $validate = FALSE; // TRUE/FALSE. Enables email validation
- public $priority = "3"; // Default priority (1 - 5)
- public $newline = "\n"; // Default newline. "\r\n" or "\n" (Use "\r\n" to comply with RFC 822)
- public $crlf = "\n"; // The RFC 2045 compliant CRLF for quoted-printable is "\r\n". Apparently some servers,
+ public $useragent = 'CodeIgniter';
+ public $mailpath = '/usr/sbin/sendmail'; // Sendmail path
+ public $protocol = 'mail'; // mail/sendmail/smtp
+ public $smtp_host = ''; // SMTP Server. Example: mail.earthlink.net
+ public $smtp_user = ''; // SMTP Username
+ public $smtp_pass = ''; // SMTP Password
+ public $smtp_port = 25; // SMTP Port
+ public $smtp_timeout = 5; // SMTP Timeout in seconds
+ public $smtp_crypto = ''; // SMTP Encryption. Can be null, tls or ssl.
+ public $wordwrap = TRUE; // TRUE/FALSE Turns word-wrap on/off
+ public $wrapchars = 76; // Number of characters to wrap at.
+ public $mailtype = 'text'; // text/html Defines email formatting
+ public $charset = 'utf-8'; // Default char set: iso-8859-1 or us-ascii
+ public $multipart = 'mixed'; // "mixed" (in the body) or "related" (separate)
+ public $alt_message = ''; // Alternative message for HTML emails
+ public $validate = FALSE; // TRUE/FALSE. Enables email validation
+ public $priority = 3; // Default priority (1 - 5)
+ public $newline = "\n"; // Default newline. "\r\n" or "\n" (Use "\r\n" to comply with RFC 822)
+ public $crlf = "\n"; // The RFC 2045 compliant CRLF for quoted-printable is "\r\n". Apparently some servers,
// even on the receiving end think they need to muck with CRLFs, so using "\n", while
// distasteful, is the only thing that seems to work for all environments.
public $send_multipart = TRUE; // TRUE/FALSE - Yahoo does not like multipart alternative, so this is an override. Set to FALSE for Yahoo.
- public $bcc_batch_mode = FALSE; // TRUE/FALSE Turns on/off Bcc batch feature
+ public $bcc_batch_mode = FALSE; // TRUE/FALSE - Turns on/off Bcc batch feature
public $bcc_batch_size = 200; // If bcc_batch_mode = TRUE, sets max number of Bccs in each batch
- private $_safe_mode = FALSE;
- private $_subject = "";
- private $_body = "";
- private $_finalbody = "";
- private $_alt_boundary = "";
- private $_atc_boundary = "";
- private $_header_str = "";
- private $_smtp_connect = "";
- private $_encoding = "8bit";
- private $_IP = FALSE;
- private $_smtp_auth = FALSE;
- private $_replyto_flag = FALSE;
- private $_debug_msg = array();
- private $_recipients = array();
- private $_cc_array = array();
- private $_bcc_array = array();
- private $_headers = array();
- private $_attach_name = array();
- private $_attach_type = array();
- private $_attach_disp = array();
- private $_protocols = array('mail', 'sendmail', 'smtp');
- private $_base_charsets = array('us-ascii', 'iso-2022-'); // 7-bit charsets (excluding language suffix)
- private $_bit_depths = array('7bit', '8bit');
- private $_priorities = array('1 (Highest)', '2 (High)', '3 (Normal)', '4 (Low)', '5 (Lowest)');
+ protected $_safe_mode = FALSE;
+ protected $_subject = '';
+ protected $_body = '';
+ protected $_finalbody = '';
+ protected $_alt_boundary = '';
+ protected $_atc_boundary = '';
+ protected $_header_str = '';
+ protected $_smtp_connect = '';
+ protected $_encoding = '8bit';
+ protected $_IP = FALSE;
+ protected $_smtp_auth = FALSE;
+ protected $_replyto_flag = FALSE;
+ protected $_debug_msg = array();
+ protected $_recipients = array();
+ protected $_cc_array = array();
+ protected $_bcc_array = array();
+ protected $_headers = array();
+ protected $_attach_name = array();
+ protected $_attach_type = array();
+ protected $_attach_disp = array();
+ protected $_protocols = array('mail', 'sendmail', 'smtp');
+ protected $_base_charsets = array('us-ascii', 'iso-2022-'); // 7-bit charsets (excluding language suffix)
+ protected $_bit_depths = array('7bit', '8bit');
+ protected $_priorities = array('1 (Highest)', '2 (High)', '3 (Normal)', '4 (Low)', '5 (Lowest)');
/**
* Constructor - Sets Email Preferences
@@ -103,11 +101,11 @@ class CI_Email {
}
else
{
- $this->_smtp_auth = ($this->smtp_user == '' AND $this->smtp_pass == '') ? FALSE : TRUE;
- $this->_safe_mode = (bool) @ini_get("safe_mode");
+ $this->_smtp_auth = ! ($this->smtp_user == '' && $this->smtp_pass == '');
+ $this->_safe_mode = (bool) @ini_get('safe_mode');
}
- log_message('debug', "Email Class Initialized");
+ log_message('debug', 'Email Class Initialized');
}
// --------------------------------------------------------------------
@@ -115,7 +113,6 @@ class CI_Email {
/**
* Initialize preferences
*
- * @access public
* @param array
* @return void
*/
@@ -139,8 +136,8 @@ class CI_Email {
}
$this->clear();
- $this->_smtp_auth = ($this->smtp_user == '' AND $this->smtp_pass == '') ? FALSE : TRUE;
- $this->_safe_mode = (bool) @ini_get("safe_mode");
+ $this->_smtp_auth = ! ($this->smtp_user == '' && $this->smtp_pass == '');
+ $this->_safe_mode = (bool) @ini_get('safe_mode');
return $this;
}
@@ -150,17 +147,16 @@ class CI_Email {
/**
* Initialize the Email Data
*
- * @access public
* @param bool
- * @return void
+ * @return object
*/
public function clear($clear_attachments = FALSE)
{
- $this->_subject = "";
- $this->_body = "";
- $this->_finalbody = "";
- $this->_header_str = "";
- $this->_replyto_flag = FALSE;
+ $this->_subject = '';
+ $this->_body = '';
+ $this->_finalbody = '';
+ $this->_header_str = '';
+ $this->_replyto_flag = FALSE;
$this->_recipients = array();
$this->_cc_array = array();
$this->_bcc_array = array();
@@ -185,14 +181,13 @@ class CI_Email {
/**
* Set FROM
*
- * @access public
* @param string
* @param string
- * @return void
+ * @return object
*/
public function from($from, $name = '')
{
- if (preg_match( '/\<(.*)\>/', $from, $match))
+ if (preg_match('/\<(.*)\>/', $from, $match))
{
$from = $match[1];
}
@@ -228,14 +223,13 @@ class CI_Email {
/**
* Set Reply-to
*
- * @access public
* @param string
* @param string
- * @return void
+ * @return object
*/
public function reply_to($replyto, $name = '')
{
- if (preg_match( '/\<(.*)\>/', $replyto, $match))
+ if (preg_match('/\<(.*)\>/', $replyto, $match))
{
$replyto = $match[1];
}
@@ -266,9 +260,8 @@ class CI_Email {
/**
* Set Recipients
*
- * @access public
* @param string
- * @return void
+ * @return object
*/
public function to($to)
{
@@ -282,17 +275,17 @@ class CI_Email {
if ($this->_get_protocol() !== 'mail')
{
- $this->_set_header('To', implode(", ", $to));
+ $this->_set_header('To', implode(', ', $to));
}
switch ($this->_get_protocol())
{
- case 'smtp' :
+ case 'smtp':
$this->_recipients = $to;
break;
- case 'sendmail' :
- case 'mail' :
- $this->_recipients = implode(", ", $to);
+ case 'sendmail':
+ case 'mail':
+ $this->_recipients = implode(', ', $to);
break;
}
@@ -304,9 +297,8 @@ class CI_Email {
/**
* Set CC
*
- * @access public
* @param string
- * @return void
+ * @return object
*/
public function cc($cc)
{
@@ -318,7 +310,7 @@ class CI_Email {
$this->validate_email($cc);
}
- $this->_set_header('Cc', implode(", ", $cc));
+ $this->_set_header('Cc', implode(', ', $cc));
if ($this->_get_protocol() === 'smtp')
{
@@ -333,10 +325,9 @@ class CI_Email {
/**
* Set BCC
*
- * @access public
* @param string
* @param string
- * @return void
+ * @return object
*/
public function bcc($bcc, $limit = '')
{
@@ -360,7 +351,7 @@ class CI_Email {
}
else
{
- $this->_set_header('Bcc', implode(", ", $bcc));
+ $this->_set_header('Bcc', implode(', ', $bcc));
}
return $this;
@@ -371,9 +362,8 @@ class CI_Email {
/**
* Set Email Subject
*
- * @access public
* @param string
- * @return void
+ * @return object
*/
public function subject($subject)
{
@@ -387,13 +377,12 @@ class CI_Email {
/**
* Set Body
*
- * @access public
* @param string
- * @return void
+ * @return object
*/
public function message($body)
{
- $this->_body = rtrim(str_replace("\r", "", $body));
+ $this->_body = rtrim(str_replace("\r", '', $body));
/* strip slashes only if magic quotes is ON
if we do it with magic quotes OFF, it strips real, user-inputted chars.
@@ -414,9 +403,8 @@ class CI_Email {
/**
* Assign file attachments
*
- * @access public
* @param string
- * @return void
+ * @return object
*/
public function attach($filename, $disposition = '', $newname = NULL)
{
@@ -431,7 +419,6 @@ class CI_Email {
/**
* Add a Header Item
*
- * @access protected
* @param string
* @param string
* @return void
@@ -446,7 +433,6 @@ class CI_Email {
/**
* Convert a String to an Array
*
- * @access protected
* @param string
* @return array
*/
@@ -460,8 +446,7 @@ class CI_Email {
}
else
{
- $email = trim($email);
- settype($email, "array");
+ $email = (array) trim($email);
}
}
return $email;
@@ -472,9 +457,8 @@ class CI_Email {
/**
* Set Multipart Value
*
- * @access public
* @param string
- * @return void
+ * @return object
*/
public function set_alt_message($str = '')
{
@@ -487,9 +471,8 @@ class CI_Email {
/**
* Set Mailtype
*
- * @access public
* @param string
- * @return void
+ * @return object
*/
public function set_mailtype($type = 'text')
{
@@ -502,9 +485,8 @@ class CI_Email {
/**
* Set Wordwrap
*
- * @access public
* @param bool
- * @return void
+ * @return object
*/
public function set_wordwrap($wordwrap = TRUE)
{
@@ -517,13 +499,12 @@ class CI_Email {
/**
* Set Protocol
*
- * @access public
* @param string
- * @return void
+ * @return object
*/
public function set_protocol($protocol = 'mail')
{
- $this->protocol = ( ! in_array($protocol, $this->_protocols, TRUE)) ? 'mail' : strtolower($protocol);
+ $this->protocol = in_array($protocol, $this->_protocols, TRUE) ? strtolower($protocol) : 'mail';
return $this;
}
@@ -532,19 +513,12 @@ class CI_Email {
/**
* Set Priority
*
- * @access public
- * @param integer
- * @return void
+ * @param int
+ * @return object
*/
public function set_priority($n = 3)
{
- if ( ! is_numeric($n) OR $n < 1 OR $n > 5)
- {
- $this->priority = 3;
- return;
- }
-
- $this->priority = (int) $n;
+ $this->priority = preg_match('/^[1-5]$/', $n) ? (int) $n : 3;
return $this;
}
@@ -553,9 +527,8 @@ class CI_Email {
/**
* Set Newline Character
*
- * @access public
* @param string
- * @return void
+ * @return object
*/
public function set_newline($newline = "\n")
{
@@ -568,13 +541,12 @@ class CI_Email {
/**
* Set CRLF
*
- * @access public
* @param string
- * @return void
+ * @return object
*/
public function set_crlf($crlf = "\n")
{
- $this->crlf = ($crlf !== "\n" AND $crlf !== "\r\n" AND $crlf !== "\r") ? "\n" : $crlf;
+ $this->crlf = ($crlf !== "\n" && $crlf !== "\r\n" && $crlf !== "\r") ? "\n" : $crlf;
return $this;
}
@@ -583,13 +555,12 @@ class CI_Email {
/**
* Set Message Boundary
*
- * @access protected
* @return void
*/
protected function _set_boundaries()
{
- $this->_alt_boundary = "B_ALT_".uniqid(''); // multipart/alternative
- $this->_atc_boundary = "B_ATC_".uniqid(''); // attachment boundary
+ $this->_alt_boundary = 'B_ALT_'.uniqid(''); // multipart/alternative
+ $this->_atc_boundary = 'B_ATC_'.uniqid(''); // attachment boundary
}
// --------------------------------------------------------------------
@@ -597,14 +568,12 @@ class CI_Email {
/**
* Get the Message ID
*
- * @access protected
* @return string
*/
protected function _get_message_id()
{
$from = str_replace(array('>', '<'), '', $this->_headers['Return-Path']);
-
- return "<".uniqid('').strstr($from, '@').">";
+ return '<'.uniqid('').strstr($from, '@').'>';
}
// --------------------------------------------------------------------
@@ -612,14 +581,13 @@ class CI_Email {
/**
* Get Mail Protocol
*
- * @access protected
* @param bool
- * @return string
+ * @return mixed
*/
protected function _get_protocol($return = TRUE)
{
$this->protocol = strtolower($this->protocol);
- $this->protocol = ( ! in_array($this->protocol, $this->_protocols, TRUE)) ? 'mail' : $this->protocol;
+ in_array($this->protocol, $this->_protocols, TRUE) OR $this->protocol = 'mail';
if ($return == TRUE)
{
@@ -632,13 +600,12 @@ class CI_Email {
/**
* Get Mail Encoding
*
- * @access protected
* @param bool
* @return string
*/
protected function _get_encoding($return = TRUE)
{
- $this->_encoding = ( ! in_array($this->_encoding, $this->_bit_depths)) ? '8bit' : $this->_encoding;
+ in_array($this->_encoding, $this->_bit_depths) OR $this->_encoding = '8bit';
foreach ($this->_base_charsets as $charset)
{
@@ -659,7 +626,6 @@ class CI_Email {
/**
* Get content type (text/html/attachment)
*
- * @access protected
* @return string
*/
protected function _get_content_type()
@@ -687,17 +653,16 @@ class CI_Email {
/**
* Set RFC 822 Date
*
- * @access protected
* @return string
*/
protected function _set_date()
{
- $timezone = date("Z");
+ $timezone = date('Z');
$operator = (strncmp($timezone, '-', 1) === 0) ? '-' : '+';
$timezone = abs($timezone);
$timezone = floor($timezone/3600) * 100 + ($timezone % 3600) / 60;
- return sprintf("%s %s%04d", date("D, j M Y H:i:s"), $operator, $timezone);
+ return sprintf('%s %s%04d', date('D, j M Y H:i:s'), $operator, $timezone);
}
// --------------------------------------------------------------------
@@ -705,12 +670,11 @@ class CI_Email {
/**
* Mime message
*
- * @access protected
* @return string
*/
protected function _get_mime_message()
{
- return "This is a multi-part message in MIME format.".$this->newline."Your email application may not support this format.";
+ return 'This is a multi-part message in MIME format.'.$this->newline.'Your email application may not support this format.';
}
// --------------------------------------------------------------------
@@ -718,7 +682,6 @@ class CI_Email {
/**
* Validate Email Address
*
- * @access public
* @param string
* @return bool
*/
@@ -747,13 +710,12 @@ class CI_Email {
/**
* Email Validation
*
- * @access public
* @param string
* @return bool
*/
public function valid_email($address)
{
- return (bool) preg_match("/^([a-z0-9\+_\-]+)(\.[a-z0-9\+_\-]+)*@([a-z0-9\-]+\.)+[a-z]{2,6}$/ix", $address);
+ return (bool) preg_match('/^([a-z0-9\+_\-]+)(\.[a-z0-9\+_\-]+)*@([a-z0-9\-]+\.)+[a-z]{2,6}$/ix', $address);
}
// --------------------------------------------------------------------
@@ -761,7 +723,6 @@ class CI_Email {
/**
* Clean Extended Email Address: Joe Smith <joe@smith.com>
*
- * @access public
* @param string
* @return string
*/
@@ -776,7 +737,7 @@ class CI_Email {
foreach ($email as $addy)
{
- $clean_email[] = (preg_match( '/\<(.*)\>/', $addy, $match)) ? $match[1] : $addy;
+ $clean_email[] = preg_match('/\<(.*)\>/', $addy, $match) ? $match[1] : $addy;
}
return $clean_email;
@@ -792,12 +753,11 @@ class CI_Email {
* If the user hasn't specified his own alternative message
* it creates one by stripping the HTML
*
- * @access protected
* @return string
*/
protected function _get_alt_message()
{
- if ($this->alt_message != "")
+ if ($this->alt_message != '')
{
return $this->word_wrap($this->alt_message, '76');
}
@@ -818,9 +778,8 @@ class CI_Email {
/**
* Word Wrap
*
- * @access public
* @param string
- * @param integer
+ * @param int
* @return string
*/
public function word_wrap($str, $charlim = '')
@@ -911,8 +870,6 @@ class CI_Email {
/**
* Build final headers
*
- * @access protected
- * @param string
* @return string
*/
protected function _build_headers()
@@ -929,7 +886,6 @@ class CI_Email {
/**
* Write Headers as a string
*
- * @access protected
* @return void
*/
protected function _write_headers()
@@ -964,12 +920,11 @@ class CI_Email {
/**
* Build Final Body and attachments
*
- * @access protected
* @return void
*/
protected function _build_message()
{
- if ($this->wordwrap === TRUE AND $this->mailtype !== 'html')
+ if ($this->wordwrap === TRUE && $this->mailtype !== 'html')
{
$this->_body = $this->word_wrap($this->_body);
}
@@ -1131,9 +1086,8 @@ class CI_Email {
* Prepares string for Quoted-Printable Content-Transfer-Encoding
* Refer to RFC 2045 http://www.ietf.org/rfc/rfc2045.txt
*
- * @access protected
* @param string
- * @param integer
+ * @param int
* @return string
*/
protected function _prep_quoted_printable($str, $charlim = '')
@@ -1203,9 +1157,7 @@ class CI_Email {
}
// get rid of extra CRLF tacked onto the end
- $output = substr($output, 0, strlen($this->crlf) * -1);
-
- return $output;
+ return substr($output, 0, strlen($this->crlf) * -1);
}
// --------------------------------------------------------------------
@@ -1216,10 +1168,9 @@ class CI_Email {
* Performs "Q Encoding" on a string for use in email headers. It's related
* but not identical to quoted-printable, so it has its own method
*
- * @access public
- * @param str
- * @param bool // set to TRUE for processing From: headers
- * @return str
+ * @param string
+ * @param bool set to TRUE for processing From: headers
+ * @return string
*/
protected function _prep_q_encoding($str, $from = FALSE)
{
@@ -1275,9 +1226,7 @@ class CI_Email {
// wrap each line with the shebang, charset, and transfer encoding
// the preceding space on successive lines is required for header "folding"
- $str = trim(preg_replace('/^(.*)$/m', ' =?'.$this->charset.'?Q?$1?=', $str));
-
- return $str;
+ return trim(preg_replace('/^(.*)$/m', ' =?'.$this->charset.'?Q?$1?=', $str));
}
// --------------------------------------------------------------------
@@ -1285,7 +1234,6 @@ class CI_Email {
/**
* Send Email
*
- * @access public
* @return bool
*/
public function send()
@@ -1295,9 +1243,9 @@ class CI_Email {
$this->reply_to($this->_headers['From']);
}
- if (( ! isset($this->_recipients) AND ! isset($this->_headers['To'])) AND
- ( ! isset($this->_bcc_array) AND ! isset($this->_headers['Bcc'])) AND
- ( ! isset($this->_headers['Cc'])))
+ if ( ! isset($this->_recipients) && ! isset($this->_headers['To'])
+ && ! isset($this->_bcc_array) && ! isset($this->_headers['Bcc'])
+ && ! isset($this->_headers['Cc']))
{
$this->_set_error_message('lang:email_no_recipients');
return FALSE;
@@ -1305,44 +1253,40 @@ class CI_Email {
$this->_build_headers();
- if ($this->bcc_batch_mode AND count($this->_bcc_array) > $this->bcc_batch_size)
+ if ($this->bcc_batch_mode && count($this->_bcc_array) > $this->bcc_batch_size)
{
return $this->batch_bcc_send();
}
$this->_build_message();
-
return $this->_spool_email();
}
// --------------------------------------------------------------------
/**
- * Batch Bcc Send. Sends groups of BCCs in batches
+ * Batch Bcc Send. Sends groups of BCCs in batches
*
- * @access public
- * @return bool
+ * @return void
*/
public function batch_bcc_send()
{
- $float = $this->bcc_batch_size -1;
-
- $set = "";
-
+ $float = $this->bcc_batch_size - 1;
+ $set = '';
$chunk = array();
for ($i = 0, $c = count($this->_bcc_array); $i < $c; $i++)
{
if (isset($this->_bcc_array[$i]))
{
- $set .= ", ".$this->_bcc_array[$i];
+ $set .= ', '.$this->_bcc_array[$i];
}
if ($i == $float)
{
$chunk[] = substr($set, 1);
$float += $this->bcc_batch_size;
- $set = "";
+ $set = '';
}
if ($i === $c-1)
@@ -1359,7 +1303,7 @@ class CI_Email {
if ($this->protocol !== 'smtp')
{
- $this->_set_header('Bcc', implode(", ", $bcc));
+ $this->_set_header('Bcc', implode(', ', $bcc));
}
else
{
@@ -1376,7 +1320,6 @@ class CI_Email {
/**
* Unwrap special elements
*
- * @access protected
* @return void
*/
protected function _unwrap_specials()
@@ -1389,7 +1332,6 @@ class CI_Email {
/**
* Strip line-breaks via callback
*
- * @access protected
* @return string
*/
protected function _remove_nl_callback($matches)
@@ -1407,7 +1349,6 @@ class CI_Email {
/**
* Spool mail to the mail server
*
- * @access protected
* @return bool
*/
protected function _spool_email()
@@ -1418,6 +1359,7 @@ class CI_Email {
if ( ! $this->$method())
{
$this->_set_error_message('lang:email_send_failure_' . ($this->_get_protocol() === 'mail' ? 'phpmail' : $this->_get_protocol()));
+ return FALSE;
}
$this->_set_error_message('lang:email_sent', $this->_get_protocol());
@@ -1429,7 +1371,6 @@ class CI_Email {
/**
* Send using mail()
*
- * @access protected
* @return bool
*/
protected function _send_with_mail()
@@ -1451,7 +1392,6 @@ class CI_Email {
/**
* Send using Sendmail
*
- * @access protected
* @return bool
*/
protected function _send_with_sendmail()
@@ -1484,7 +1424,6 @@ class CI_Email {
/**
* Send using SMTP
*
- * @access protected
* @return bool
*/
protected function _send_with_smtp()
@@ -1495,8 +1434,10 @@ class CI_Email {
return FALSE;
}
- $this->_smtp_connect();
- $this->_smtp_authenticate();
+ if ( ! $this->_smtp_connect() OR ! $this->_smtp_authenticate())
+ {
+ return FALSE;
+ }
$this->_send_command('from', $this->clean_email($this->_headers['From']));
@@ -1553,7 +1494,6 @@ class CI_Email {
/**
* SMTP Connect
*
- * @access protected
* @param string
* @return string
*/
@@ -1597,7 +1537,6 @@ class CI_Email {
/**
* Send SMTP command
*
- * @access protected
* @param string
* @param string
* @return string
@@ -1670,7 +1609,6 @@ class CI_Email {
/**
* SMTP Authenticate
*
- * @access protected
* @return bool
*/
protected function _smtp_authenticate()
@@ -1680,7 +1618,7 @@ class CI_Email {
return TRUE;
}
- if ($this->smtp_user == "" AND $this->smtp_pass == "")
+ if ($this->smtp_user == '' && $this->smtp_pass == '')
{
$this->_set_error_message('lang:email_no_smtp_unpw');
return FALSE;
@@ -1724,7 +1662,6 @@ class CI_Email {
/**
* Send SMTP data
*
- * @access protected
* @return bool
*/
protected function _send_data($data)
@@ -1743,7 +1680,6 @@ class CI_Email {
/**
* Get SMTP data
*
- * @access protected
* @return string
*/
protected function _get_smtp_data()
@@ -1768,12 +1704,11 @@ class CI_Email {
/**
* Get Hostname
*
- * @access protected
* @return string
*/
protected function _get_hostname()
{
- return (isset($_SERVER['SERVER_NAME'])) ? $_SERVER['SERVER_NAME'] : 'localhost.localdomain';
+ return isset($_SERVER['SERVER_NAME']) ? $_SERVER['SERVER_NAME'] : 'localhost.localdomain';
}
// --------------------------------------------------------------------
@@ -1781,7 +1716,6 @@ class CI_Email {
/**
* Get IP
*
- * @access protected
* @return string
*/
protected function _get_ip()
@@ -1791,13 +1725,13 @@ class CI_Email {
return $this->_IP;
}
- $cip = (isset($_SERVER['HTTP_CLIENT_IP']) AND $_SERVER['HTTP_CLIENT_IP'] != "") ? $_SERVER['HTTP_CLIENT_IP'] : FALSE;
- $rip = (isset($_SERVER['REMOTE_ADDR']) AND $_SERVER['REMOTE_ADDR'] != "") ? $_SERVER['REMOTE_ADDR'] : FALSE;
+ $cip = ( ! empty($_SERVER['HTTP_CLIENT_IP'])) ? $_SERVER['HTTP_CLIENT_IP'] : FALSE;
+ $rip = ( ! empty($_SERVER['REMOTE_ADDR'])) ? $_SERVER['REMOTE_ADDR'] : FALSE;
if ($cip) $this->_IP = $cip;
elseif ($rip) $this->_IP = $rip;
else
{
- $fip = (isset($_SERVER['HTTP_X_FORWARDED_FOR']) AND $_SERVER['HTTP_X_FORWARDED_FOR'] != "") ? $_SERVER['HTTP_X_FORWARDED_FOR'] : FALSE;
+ $fip = ( ! empty($_SERVER['HTTP_X_FORWARDED_FOR'])) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : FALSE;
if ($fip)
{
$this->_IP = $fip;
@@ -1810,7 +1744,7 @@ class CI_Email {
$this->_IP = end($x);
}
- if ( ! preg_match( "/^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$/", $this->_IP))
+ if ( ! preg_match('/^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$/', $this->_IP))
{
$this->_IP = '0.0.0.0';
}
@@ -1823,7 +1757,6 @@ class CI_Email {
/**
* Get Debug Message
*
- * @access public
* @return string
*/
public function print_debugger()
@@ -1838,8 +1771,7 @@ class CI_Email {
}
}
- $msg .= "<pre>".$this->_header_str."\n".htmlspecialchars($this->_subject)."\n".htmlspecialchars($this->_finalbody).'</pre>';
- return $msg;
+ return $msg.'<pre>'.$this->_header_str."\n".htmlspecialchars($this->_subject)."\n".htmlspecialchars($this->_finalbody).'</pre>';
}
// --------------------------------------------------------------------
@@ -1847,16 +1779,15 @@ class CI_Email {
/**
* Set Message
*
- * @access protected
* @param string
- * @return string
+ * @return void
*/
protected function _set_error_message($msg, $val = '')
{
$CI =& get_instance();
$CI->lang->load('email');
- if (substr($msg, 0, 5) !== 'lang:' || FALSE === ($line = $CI->lang->line(substr($msg, 5))))
+ if (substr($msg, 0, 5) !== 'lang:' OR FALSE === ($line = $CI->lang->line(substr($msg, 5))))
{
$this->_debug_msg[] = str_replace('%s', $val, $msg)."<br />";
}
@@ -1871,13 +1802,13 @@ class CI_Email {
/**
* Mime Types
*
- * @access protected
* @param string
* @return string
*/
- protected function _mime_types($ext = "")
+ protected function _mime_types($ext = '')
{
- $mimes = array( 'hqx' => 'application/mac-binhex40',
+ $mimes = array(
+ 'hqx' => 'application/mac-binhex40',
'cpt' => 'application/mac-compactpro',
'doc' => 'application/msword',
'bin' => 'application/macbinary',
@@ -1966,11 +1897,10 @@ class CI_Email {
'eml' => 'message/rfc822'
);
- return ( ! isset($mimes[strtolower($ext)])) ? "application/x-unknown-content-type" : $mimes[strtolower($ext)];
+ return isset($mimes[strtolower($ext)]) ? $mimes[strtolower($ext)] : 'application/x-unknown-content-type';
}
}
-// END CI_Email class
/* End of file Email.php */
/* Location: ./system/libraries/Email.php */
diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php
index 0a6a2af0d..cdb3d3d62 100644
--- a/system/libraries/Form_validation.php
+++ b/system/libraries/Form_validation.php
@@ -47,10 +47,8 @@ class CI_Form_validation {
protected $_error_suffix = '</p>';
protected $error_string = '';
protected $_safe_form_data = FALSE;
+ protected $validation_data = array();
- /**
- * Constructor
- */
public function __construct($rules = array())
{
$this->CI =& get_instance();
@@ -85,7 +83,8 @@ class CI_Form_validation {
public function set_rules($field, $label = '', $rules = '')
{
// No reason to set rules if we have no POST data
- if (count($_POST) === 0)
+ // or a validation array has not been specified
+ if (count($_POST) === 0 && count($this->validation_data) === 0)
{
return $this;
}
@@ -162,10 +161,33 @@ class CI_Form_validation {
// --------------------------------------------------------------------
/**
+ * By default, form validation uses the $_POST array to validate
+ *
+ * If an array is set through this method, then this array will
+ * be used instead of the $_POST array
+ *
+ * Note that if you are validating multiple arrays, then the
+ * reset_validation() function should be called after validating
+ * each array due to the limitations of CI's singleton
+ *
+ * @param array $data
+ * @return void
+ */
+ public function set_data($data = '')
+ {
+ if ( ! empty($data) && is_array($data))
+ {
+ $this->validation_data = $data;
+ }
+ }
+
+ // --------------------------------------------------------------------
+
+ /**
* Set Error Message
*
* Lets users set their own error messages on the fly. Note: The key
- * name has to match the function name that it corresponds to.
+ * name has to match the function name that it corresponds to.
*
* @param string
* @param string
@@ -235,6 +257,20 @@ class CI_Form_validation {
// --------------------------------------------------------------------
/**
+ * Get Array of Error Messages
+ *
+ * Returns the error messages as an array
+ *
+ * @return array
+ */
+ public function error_array()
+ {
+ return $this->_error_array;
+ }
+
+ // --------------------------------------------------------------------
+
+ /**
* Error String
*
* Returns the error messages as a string, wrapped in the error delimiters
@@ -286,7 +322,8 @@ class CI_Form_validation {
public function run($group = '')
{
// Do we even have any data to process? Mm?
- if (count($_POST) === 0)
+ $validation_array = ( ! empty($this->validation_data)) ? $this->validation_data : $_POST;
+ if (count($validation_array) === 0)
{
return FALSE;
}
@@ -328,18 +365,18 @@ class CI_Form_validation {
// corresponding $_POST item and test for errors
foreach ($this->_field_data as $field => $row)
{
- // Fetch the data from the corresponding $_POST array and cache it in the _field_data array.
+ // Fetch the data from the corresponding $_POST or validation array and cache it in the _field_data array.
// Depending on whether the field name is an array or a string will determine where we get it from.
if ($row['is_array'] === TRUE)
{
- $this->_field_data[$field]['postdata'] = $this->_reduce_array($_POST, $row['keys']);
+ $this->_field_data[$field]['postdata'] = $this->_reduce_array($validation_array, $row['keys']);
}
else
{
- if (isset($_POST[$field]) AND $_POST[$field] != "")
+ if (isset($validation_array[$field]) AND $validation_array[$field] != "")
{
- $this->_field_data[$field]['postdata'] = $_POST[$field];
+ $this->_field_data[$field]['postdata'] = $validation_array[$field];
}
}
@@ -703,11 +740,11 @@ class CI_Form_validation {
*
* @param string the field name
* @param string
- * @return void
+ * @return string
*/
public function set_value($field = '', $default = '')
{
- if ( ! isset($this->_field_data[$field]))
+ if ( ! isset($this->_field_data[$field], $this->_field_data[$field]['postdata']))
{
return $default;
}
@@ -736,13 +773,9 @@ class CI_Form_validation {
*/
public function set_select($field = '', $value = '', $default = FALSE)
{
- if ( ! isset($this->_field_data[$field]) OR ! isset($this->_field_data[$field]['postdata']))
+ if ( ! isset($this->_field_data[$field], $this->_field_data[$field]['postdata']))
{
- if ($default === TRUE AND count($this->_field_data) === 0)
- {
- return ' selected="selected"';
- }
- return '';
+ return ($default === TRUE && count($this->_field_data) === 0) ? ' selected="selected"' : '';
}
$field = $this->_field_data[$field]['postdata'];
@@ -754,12 +787,9 @@ class CI_Form_validation {
return '';
}
}
- else
+ elseif (($field == '' OR $value == '') OR ($field != $value))
{
- if (($field == '' OR $value == '') OR ($field != $value))
- {
- return '';
- }
+ return '';
}
return ' selected="selected"';
@@ -779,13 +809,9 @@ class CI_Form_validation {
*/
public function set_radio($field = '', $value = '', $default = FALSE)
{
- if ( ! isset($this->_field_data[$field]) OR ! isset($this->_field_data[$field]['postdata']))
+ if ( ! isset($this->_field_data[$field], $this->_field_data[$field]['postdata']))
{
- if ($default === TRUE AND count($this->_field_data) === 0)
- {
- return ' checked="checked"';
- }
- return '';
+ return ($default === TRUE && count($this->_field_data) === 0) ? ' checked="checked"' : '';
}
$field = $this->_field_data[$field]['postdata'];
@@ -864,14 +890,13 @@ class CI_Form_validation {
*/
public function matches($str, $field)
{
- if ( ! isset($_POST[$field]))
+ $validation_array = ( ! empty($this->validation_data)) ? $this->validation_data : $_POST;
+ if ( ! isset($validation_array[$field]))
{
return FALSE;
}
- $field = $_POST[$field];
-
- return ($str === $field);
+ return ($str === $validation_array[$field]);
}
// --------------------------------------------------------------------
@@ -908,7 +933,7 @@ class CI_Form_validation {
*/
public function min_length($str, $val)
{
- if (preg_match("/[^0-9]/", $val))
+ if (preg_match('/[^0-9]/', $val))
{
return FALSE;
}
@@ -932,7 +957,7 @@ class CI_Form_validation {
*/
public function max_length($str, $val)
{
- if (preg_match("/[^0-9]/", $val))
+ if (preg_match('/[^0-9]/', $val))
{
return FALSE;
}
@@ -956,7 +981,7 @@ class CI_Form_validation {
*/
public function exact_length($str, $val)
{
- if (preg_match("/[^0-9]/", $val))
+ if (preg_match('/[^0-9]/', $val))
{
return FALSE;
}
@@ -1116,7 +1141,7 @@ class CI_Form_validation {
// --------------------------------------------------------------------
/**
- * Greather than
+ * Greater than
*
* @param string
* @return bool
@@ -1131,6 +1156,24 @@ class CI_Form_validation {
}
// --------------------------------------------------------------------
+
+ /**
+ * Equal to or Greater than
+ *
+ * @access public
+ * @param string
+ * @return bool
+ */
+ function greater_than_equal_to($str, $min)
+ {
+ if ( ! is_numeric($str))
+ {
+ return FALSE;
+ }
+ return $str >= $min;
+ }
+
+ // --------------------------------------------------------------------
/**
* Less than
@@ -1150,6 +1193,24 @@ class CI_Form_validation {
// --------------------------------------------------------------------
/**
+ * Equal to or Less than
+ *
+ * @access public
+ * @param string
+ * @return bool
+ */
+ function less_than_equal_to($str, $max)
+ {
+ if ( ! is_numeric($str))
+ {
+ return FALSE;
+ }
+ return $str <= $max;
+ }
+
+ // --------------------------------------------------------------------
+
+ /**
* Is a Natural number (0,1,2,3, etc.)
*
* @param string
@@ -1170,7 +1231,7 @@ class CI_Form_validation {
*/
public function is_natural_no_zero($str)
{
- return ($str != 0 AND preg_match('/^[0-9]+$/', $str));
+ return ($str != 0 && preg_match('/^[0-9]+$/', $str));
}
// --------------------------------------------------------------------
@@ -1217,7 +1278,7 @@ class CI_Form_validation {
return $data;
}
- return str_replace(array("'", '"', '<', '>'), array("&#39;", "&quot;", '&lt;', '&gt;'), stripslashes($data));
+ return str_replace(array("'", '"', '<', '>'), array('&#39;', '&quot;', '&lt;', '&gt;'), stripslashes($data));
}
// --------------------------------------------------------------------
@@ -1282,8 +1343,26 @@ class CI_Form_validation {
return str_replace(array('<?php', '<?PHP', '<?', '?>'), array('&lt;?php', '&lt;?PHP', '&lt;?', '?&gt;'), $str);
}
+ // --------------------------------------------------------------------
+
+ /**
+ * Reset validation vars
+ *
+ * Prevents subsequent validation routines from being affected by the
+ * results of any previous validation routine due to the CI singleton.
+ *
+ * @return void
+ */
+ public function reset_validation()
+ {
+ $this->_field_data = array();
+ $this->_config_rules = array();
+ $this->_error_array = array();
+ $this->_error_messages = array();
+ $this->error_string = '';
+ }
+
}
-// END Form Validation Class
/* End of file Form_validation.php */
/* Location: ./system/libraries/Form_validation.php */
diff --git a/system/libraries/Image_lib.php b/system/libraries/Image_lib.php
index 5ea830fb1..9826eabdd 100644
--- a/system/libraries/Image_lib.php
+++ b/system/libraries/Image_lib.php
@@ -251,7 +251,7 @@ class CI_Image_lib {
}
else
{
- if (function_exists('realpath') && @realpath($this->new_image) !== FALSE)
+ if (strpos($this->new_image, '/') === FALSE AND strpos($this->new_image, '\\') === FALSE)
{
$full_dest_path = str_replace('\\', '/', realpath($this->new_image));
}
diff --git a/system/libraries/Profiler.php b/system/libraries/Profiler.php
index 89c616543..04216be5d 100644
--- a/system/libraries/Profiler.php
+++ b/system/libraries/Profiler.php
@@ -270,7 +270,7 @@ class CI_Profiler {
}
$output .= "<tr><td style='width:50%;color:#000;background-color:#ddd;padding:5px'>&#36;_GET[".$key."]&nbsp;&nbsp; </td><td style='width:50%;padding:5px;color:#cd6e00;font-weight:normal;background-color:#ddd;'>"
- . (is_array($val) ? "<pre>" . htmlspecialchars(stripslashes(print_r($val, true))) . "</pre>" : htmlspecialchars(stripslashes($val)))
+ . ((is_array($val) OR is_object($val)) ? "<pre>" . htmlspecialchars(stripslashes(print_r($val, true))) . "</pre>" : htmlspecialchars(stripslashes($val)))
. "</td></tr>\n";
}
@@ -311,7 +311,7 @@ class CI_Profiler {
}
$output .= "<tr><td style='width:50%;padding:5px;color:#000;background-color:#ddd;'>&#36;_POST[".$key."]&nbsp;&nbsp; </td><td style='width:50%;padding:5px;color:#009900;font-weight:normal;background-color:#ddd;'>";
- if (is_array($val))
+ if (is_array($val) OR is_object($val))
{
$output .= "<pre>" . htmlspecialchars(stripslashes(print_r($val, TRUE))) . "</pre>";
}
@@ -426,9 +426,9 @@ class CI_Profiler {
. '<legend style="color:#000;">&nbsp;&nbsp;'.$this->CI->lang->line('profiler_config').'&nbsp;&nbsp;(<span style="cursor: pointer;" onclick="var s=document.getElementById(\'ci_profiler_config_table\').style;s.display=s.display==\'none\'?\'\':\'none\';this.innerHTML=this.innerHTML==\''.$this->CI->lang->line('profiler_section_show').'\'?\''.$this->CI->lang->line('profiler_section_hide').'\':\''.$this->CI->lang->line('profiler_section_show').'\';">'.$this->CI->lang->line('profiler_section_show').'</span>)</legend>'
. "\n\n\n<table style='width:100%; display:none' id='ci_profiler_config_table'>\n";
- foreach ($this->CI->config->config as $config=>$val)
+ foreach ($this->CI->config->config as $config => $val)
{
- if (is_array($val))
+ if (is_array($val) OR is_object($val))
{
$val = print_r($val, TRUE);
}
@@ -459,7 +459,7 @@ class CI_Profiler {
foreach ($this->CI->session->all_userdata() as $key => $val)
{
- if (is_array($val) || is_object($val))
+ if (is_array($val) OR is_object($val))
{
$val = print_r($val, TRUE);
}
@@ -501,7 +501,5 @@ class CI_Profiler {
}
}
-// END CI_Profiler class
-
/* End of file Profiler.php */
/* Location: ./system/libraries/Profiler.php */
diff --git a/system/libraries/Session.php b/system/libraries/Session.php
index c14b11fa3..d90c7b42f 100644
--- a/system/libraries/Session.php
+++ b/system/libraries/Session.php
@@ -219,7 +219,7 @@ class CI_Session {
$this->CI->db->where('user_agent', $session['user_agent']);
}
- $query = $this->CI->db->get($this->sess_table_name);
+ $query = $this->CI->db->limit(1)->get($this->sess_table_name);
// No result? Kill it!
if ($query->num_rows() === 0)
@@ -454,7 +454,7 @@ class CI_Session {
*/
public function userdata($item)
{
- return ( ! isset($this->userdata[$item])) ? FALSE : $this->userdata[$item];
+ return isset($this->userdata[$item]) ? $this->userdata[$item] : FALSE;
}
// --------------------------------------------------------------------
@@ -752,7 +752,7 @@ class CI_Session {
*/
protected function _unserialize($data)
{
- $data = @unserialize(strip_slashes($data));
+ $data = @unserialize(strip_slashes(trim($data)));
if (is_array($data))
{
@@ -760,9 +760,11 @@ class CI_Session {
return $data;
}
- return (is_string($data)) ? str_replace('{{slash}}', '\\', $data) : $data;
+ return is_string($data) ? str_replace('{{slash}}', '\\', $data) : $data;
}
+ // --------------------------------------------------------------------
+
/**
* Unescape slashes
*
@@ -802,7 +804,7 @@ class CI_Session {
{
$expire = $this->now - $this->sess_expiration;
- $this->CI->db->where("last_activity < {$expire}");
+ $this->CI->db->where('last_activity < '.$expire);
$this->CI->db->delete($this->sess_table_name);
log_message('debug', 'Session garbage collection performed.');
diff --git a/system/libraries/Upload.php b/system/libraries/Upload.php
index 0c63886e7..89575c849 100644
--- a/system/libraries/Upload.php
+++ b/system/libraries/Upload.php
@@ -1,4 +1,4 @@
-<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
+<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
/**
* CodeIgniter
*
@@ -593,16 +593,17 @@ class CI_Upload {
/**
* Verify that the filetype is allowed
*
+ * @param bool
* @return bool
*/
public function is_allowed_filetype($ignore_mime = FALSE)
{
- if ($this->allowed_types == '*')
+ if ($this->allowed_types === '*')
{
return TRUE;
}
- if (count($this->allowed_types) == 0 OR ! is_array($this->allowed_types))
+ if ( ! is_array($this->allowed_types) OR count($this->allowed_types) === 0)
{
$this->set_error('upload_no_file_types');
return FALSE;
@@ -618,12 +619,9 @@ class CI_Upload {
// Images get some additional checks
$image_types = array('gif', 'jpg', 'jpeg', 'png', 'jpe');
- if (in_array($ext, $image_types))
+ if (in_array($ext, $image_types) && @getimagesize($this->file_temp) === FALSE)
{
- if (getimagesize($this->file_temp) === FALSE)
- {
- return FALSE;
- }
+ return FALSE;
}
if ($ignore_mime === TRUE)
@@ -640,7 +638,7 @@ class CI_Upload {
return TRUE;
}
}
- elseif ($mime == $this->file_type)
+ elseif ($mime === $this->file_type)
{
return TRUE;
}
@@ -960,7 +958,7 @@ class CI_Upload {
}
elseif (is_file(APPPATH.'config/mimes.php'))
{
- include(APPPATH.'config//mimes.php');
+ include(APPPATH.'config/mimes.php');
}
else
{
@@ -1026,47 +1024,104 @@ class CI_Upload {
*/
protected function _file_mime_type($file)
{
- // Use if the Fileinfo extension, if available (only versions above 5.3 support the FILEINFO_MIME_TYPE flag)
- if ( (float) substr(phpversion(), 0, 3) >= 5.3 && function_exists('finfo_file'))
+ // We'll need this to validate the MIME info string (e.g. text/plain; charset=us-ascii)
+ $regexp = '/^([a-z\-]+\/[a-z0-9\-\.\+]+)(;\s.+)?$/';
+
+ /* Fileinfo extension - most reliable method
+ *
+ * Unfortunately, prior to PHP 5.3 - it's only available as a PECL extension and the
+ * more convenient FILEINFO_MIME_TYPE flag doesn't exist.
+ */
+ if (function_exists('finfo_file'))
{
- $finfo = new finfo(FILEINFO_MIME_TYPE);
- if ($finfo !== FALSE) // This is possible, if there is no magic MIME database file found on the system
+ $finfo = finfo_open(FILEINFO_MIME);
+ if (is_resource($finfo)) // It is possible that a FALSE value is returned, if there is no magic MIME database file found on the system
{
- $file_type = $finfo->file($file['tmp_name']);
+ $mime = @finfo_file($finfo, $file['tmp_name']);
+ finfo_close($finfo);
/* According to the comments section of the PHP manual page,
* it is possible that this function returns an empty string
* for some files (e.g. if they don't exist in the magic MIME database)
*/
- if (strlen($file_type) > 1)
+ if (is_string($mime) && preg_match($regexp, $mime, $matches))
{
- $this->file_type = $file_type;
+ $this->file_type = $matches[1];
return;
}
}
}
- // Fall back to the deprecated mime_content_type(), if available
- if (function_exists('mime_content_type'))
- {
- $this->file_type = @mime_content_type($file['tmp_name']);
- return;
- }
-
- /* This is an ugly hack, but UNIX-type systems provide a native way to detect the file type,
- * which is still more secure than depending on the value of $_FILES[$field]['type'].
+ /* This is an ugly hack, but UNIX-type systems provide a "native" way to detect the file type,
+ * which is still more secure than depending on the value of $_FILES[$field]['type'], and as it
+ * was reported in issue #750 (https://github.com/EllisLab/CodeIgniter/issues/750) - it's better
+ * than mime_content_type() as well, hence the attempts to try calling the command line with
+ * three different functions.
*
* Notes:
- * - a 'W' in the substr() expression bellow, would mean that we're using Windows
- * - many system admins would disable the exec() function due to security concerns, hence the function_exists() check
+ * - the DIRECTORY_SEPARATOR comparison ensures that we're not on a Windows system
+ * - many system admins would disable the exec(), shell_exec(), popen() and similar functions
+ * due to security concerns, hence the function_exists() checks
*/
- if (DIRECTORY_SEPARATOR !== '\\' && function_exists('exec'))
+ if (DIRECTORY_SEPARATOR !== '\\')
+ {
+ $cmd = 'file --brief --mime ' . escapeshellarg($file['tmp_name']) . ' 2>&1';
+
+ if (function_exists('exec'))
+ {
+ /* This might look confusing, as $mime is being populated with all of the output when set in the second parameter.
+ * However, we only neeed the last line, which is the actual return value of exec(), and as such - it overwrites
+ * anything that could already be set for $mime previously. This effectively makes the second parameter a dummy
+ * value, which is only put to allow us to get the return status code.
+ */
+ $mime = @exec($cmd, $mime, $return_status);
+ if ($return_status === 0 && is_string($mime) && preg_match($regexp, $mime, $matches))
+ {
+ $this->file_type = $matches[1];
+ return;
+ }
+ }
+
+ if ( (bool) @ini_get('safe_mode') === FALSE && function_exists('shell_exec'))
+ {
+ $mime = @shell_exec($cmd);
+ if (strlen($mime) > 0)
+ {
+ $mime = explode("\n", trim($mime));
+ if (preg_match($regexp, $mime[(count($mime) - 1)], $matches))
+ {
+ $this->file_type = $matches[1];
+ return;
+ }
+ }
+ }
+
+ if (function_exists('popen'))
+ {
+ $proc = @popen($cmd, 'r');
+ if (is_resource($proc))
+ {
+ $mime = @fread($proc, 512);
+ @pclose($proc);
+ if ($mime !== FALSE)
+ {
+ $mime = explode("\n", trim($mime));
+ if (preg_match($regexp, $mime[(count($mime) - 1)], $matches))
+ {
+ $this->file_type = $matches[1];
+ return;
+ }
+ }
+ }
+ }
+ }
+
+ // Fall back to the deprecated mime_content_type(), if available (still better than $_FILES[$field]['type'])
+ if (function_exists('mime_content_type'))
{
- $output = array();
- @exec('file --brief --mime-type ' . escapeshellarg($file['tmp_path']), $output, $return_code);
- if ($return_code === 0 && strlen($output[0]) > 0) // A return status code != 0 would mean failed execution
+ $this->file_type = @mime_content_type($file['tmp_name']);
+ if (strlen($this->file_type) > 0) // It's possible that mime_content_type() returns FALSE or an empty string
{
- $this->file_type = rtrim($output[0]);
return;
}
}