summaryrefslogtreecommitdiffstats
path: root/system/libraries
diff options
context:
space:
mode:
authorFlorian Pritz <bluewind@xinu.at>2019-09-27 22:38:06 +0200
committerFlorian Pritz <bluewind@xinu.at>2019-09-27 22:38:06 +0200
commit9067e097cc335b4ec207d7c8c6a819741446a163 (patch)
tree3770e3d890ae5d968a1873ff55c40cedcc5a88af /system/libraries
parent3db68e2e947b6299a15ed5277b65b49ad1768415 (diff)
parentb73eb19aed66190c10c9cad476da7c36c271d6dc (diff)
Merge tag '3.1.11' of git://github.com/bcit-ci/CodeIgniter into dev
Signed-off-by: Florian Pritz <bluewind@xinu.at>
Diffstat (limited to 'system/libraries')
-rw-r--r--system/libraries/Cache/drivers/Cache_redis.php32
-rw-r--r--system/libraries/Form_validation.php7
-rw-r--r--system/libraries/Session/Session_driver.php21
-rw-r--r--system/libraries/Session/drivers/Session_database_driver.php85
-rw-r--r--system/libraries/Session/drivers/Session_files_driver.php6
-rw-r--r--system/libraries/Session/drivers/Session_memcached_driver.php20
-rw-r--r--system/libraries/Session/drivers/Session_redis_driver.php88
7 files changed, 145 insertions, 114 deletions
diff --git a/system/libraries/Cache/drivers/Cache_redis.php b/system/libraries/Cache/drivers/Cache_redis.php
index 37596189a..bff96fbfb 100644
--- a/system/libraries/Cache/drivers/Cache_redis.php
+++ b/system/libraries/Cache/drivers/Cache_redis.php
@@ -76,6 +76,13 @@ class CI_Cache_redis extends CI_Driver
*/
protected $_serialized = array();
+ /**
+ * del()/delete() method name depending on phpRedis version
+ *
+ * @var string
+ */
+ protected static $_delete_name;
+
// ------------------------------------------------------------------------
/**
@@ -97,6 +104,10 @@ class CI_Cache_redis extends CI_Driver
return;
}
+ isset(static::$_delete_name) OR static::$_delete_name = version_compare(phpversion('phpredis'), '5', '>=')
+ ? 'del'
+ : 'delete';
+
$CI =& get_instance();
if ($CI->config->load('redis', TRUE, TRUE))
@@ -135,10 +146,6 @@ class CI_Cache_redis extends CI_Driver
{
log_message('error', 'Cache: Redis connection refused ('.$e->getMessage().')');
}
-
- // Initialize the index of serialized values.
- $serialized = $this->_redis->sMembers('_ci_redis_serialized');
- empty($serialized) OR $this->_serialized = array_flip($serialized);
}
// ------------------------------------------------------------------------
@@ -153,7 +160,7 @@ class CI_Cache_redis extends CI_Driver
{
$value = $this->_redis->get($key);
- if ($value !== FALSE && isset($this->_serialized[$key]))
+ if ($value !== FALSE && $this->_redis->sIsMember('_ci_redis_serialized', $key))
{
return unserialize($value);
}
@@ -184,9 +191,8 @@ class CI_Cache_redis extends CI_Driver
isset($this->_serialized[$id]) OR $this->_serialized[$id] = TRUE;
$data = serialize($data);
}
- elseif (isset($this->_serialized[$id]))
+ else
{
- $this->_serialized[$id] = NULL;
$this->_redis->sRemove('_ci_redis_serialized', $id);
}
@@ -203,16 +209,12 @@ class CI_Cache_redis extends CI_Driver
*/
public function delete($key)
{
- if ($this->_redis->delete($key) !== 1)
+ if ($this->_redis->{static::$_delete_name}($key) !== 1)
{
return FALSE;
}
- if (isset($this->_serialized[$key]))
- {
- $this->_serialized[$key] = NULL;
- $this->_redis->sRemove('_ci_redis_serialized', $key);
- }
+ $this->_redis->sRemove('_ci_redis_serialized', $key);
return TRUE;
}
@@ -228,7 +230,7 @@ class CI_Cache_redis extends CI_Driver
*/
public function increment($id, $offset = 1)
{
- return $this->_redis->incr($id, $offset);
+ return $this->_redis->incrBy($id, $offset);
}
// ------------------------------------------------------------------------
@@ -242,7 +244,7 @@ class CI_Cache_redis extends CI_Driver
*/
public function decrement($id, $offset = 1)
{
- return $this->_redis->decr($id, $offset);
+ return $this->_redis->decrBy($id, $offset);
}
// ------------------------------------------------------------------------
diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php
index 1bd55499a..fdf202010 100644
--- a/system/libraries/Form_validation.php
+++ b/system/libraries/Form_validation.php
@@ -1208,6 +1208,13 @@ class CI_Form_validation {
$str = $matches[2];
}
+ // Apparently, FILTER_VALIDATE_URL doesn't reject digit-only names for some reason ...
+ // See https://github.com/bcit-ci/CodeIgniter/issues/5755
+ if (ctype_digit($str))
+ {
+ return FALSE;
+ }
+
// PHP 7 accepts IPv6 addresses within square brackets as hostnames,
// but it appears that the PR that came in with https://bugs.php.net/bug.php?id=68039
// was never merged into a PHP 5 branch ... https://3v4l.org/8PsSN
diff --git a/system/libraries/Session/Session_driver.php b/system/libraries/Session/Session_driver.php
index 14ebdb09f..dbc833739 100644
--- a/system/libraries/Session/Session_driver.php
+++ b/system/libraries/Session/Session_driver.php
@@ -184,25 +184,4 @@ abstract class CI_Session_driver implements SessionHandlerInterface {
return TRUE;
}
-
- // ------------------------------------------------------------------------
-
- /**
- * Fail
- *
- * Drivers other than the 'files' one don't (need to) use the
- * session.save_path INI setting, but that leads to confusing
- * error messages emitted by PHP when open() or write() fail,
- * as the message contains session.save_path ...
- * To work around the problem, the drivers will call this method
- * so that the INI is set just in time for the error message to
- * be properly generated.
- *
- * @return mixed
- */
- protected function _fail()
- {
- ini_set('session.save_path', config_item('sess_save_path'));
- return $this->_failure;
- }
}
diff --git a/system/libraries/Session/drivers/Session_database_driver.php b/system/libraries/Session/drivers/Session_database_driver.php
index 734fe624f..89afe3455 100644
--- a/system/libraries/Session/drivers/Session_database_driver.php
+++ b/system/libraries/Session/drivers/Session_database_driver.php
@@ -130,7 +130,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan
{
if (empty($this->_db->conn_id) && ! $this->_db->db_connect())
{
- return $this->_fail();
+ return $this->_failure;
}
$this->php5_validate_id();
@@ -150,48 +150,47 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan
*/
public function read($session_id)
{
- if ($this->_get_lock($session_id) !== FALSE)
+ if ($this->_get_lock($session_id) === FALSE)
{
- // Prevent previous QB calls from messing with our queries
- $this->_db->reset_query();
-
- // Needed by write() to detect session_regenerate_id() calls
- $this->_session_id = $session_id;
+ return $this->_failure;
+ }
- $this->_db
- ->select('data')
- ->from($this->_config['save_path'])
- ->where('id', $session_id);
+ // Prevent previous QB calls from messing with our queries
+ $this->_db->reset_query();
- if ($this->_config['match_ip'])
- {
- $this->_db->where('ip_address', $_SERVER['REMOTE_ADDR']);
- }
+ // Needed by write() to detect session_regenerate_id() calls
+ $this->_session_id = $session_id;
- if ( ! ($result = $this->_db->get()) OR ($result = $result->row()) === NULL)
- {
- // PHP7 will reuse the same SessionHandler object after
- // ID regeneration, so we need to explicitly set this to
- // FALSE instead of relying on the default ...
- $this->_row_exists = FALSE;
- $this->_fingerprint = md5('');
- return '';
- }
+ $this->_db
+ ->select('data')
+ ->from($this->_config['save_path'])
+ ->where('id', $session_id);
- // PostgreSQL's variant of a BLOB datatype is Bytea, which is a
- // PITA to work with, so we use base64-encoded data in a TEXT
- // field instead.
- $result = ($this->_platform === 'postgre')
- ? base64_decode(rtrim($result->data))
- : $result->data;
+ if ($this->_config['match_ip'])
+ {
+ $this->_db->where('ip_address', $_SERVER['REMOTE_ADDR']);
+ }
- $this->_fingerprint = md5($result);
- $this->_row_exists = TRUE;
- return $result;
+ if ( ! ($result = $this->_db->get()) OR ($result = $result->row()) === NULL)
+ {
+ // PHP7 will reuse the same SessionHandler object after
+ // ID regeneration, so we need to explicitly set this to
+ // FALSE instead of relying on the default ...
+ $this->_row_exists = FALSE;
+ $this->_fingerprint = md5('');
+ return '';
}
- $this->_fingerprint = md5('');
- return '';
+ // PostgreSQL's variant of a BLOB datatype is Bytea, which is a
+ // PITA to work with, so we use base64-encoded data in a TEXT
+ // field instead.
+ $result = ($this->_platform === 'postgre')
+ ? base64_decode(rtrim($result->data))
+ : $result->data;
+
+ $this->_fingerprint = md5($result);
+ $this->_row_exists = TRUE;
+ return $result;
}
// ------------------------------------------------------------------------
@@ -215,7 +214,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan
{
if ( ! $this->_release_lock() OR ! $this->_get_lock($session_id))
{
- return $this->_fail();
+ return $this->_failure;
}
$this->_row_exists = FALSE;
@@ -223,7 +222,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan
}
elseif ($this->_lock === FALSE)
{
- return $this->_fail();
+ return $this->_failure;
}
if ($this->_row_exists === FALSE)
@@ -242,7 +241,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan
return $this->_success;
}
- return $this->_fail();
+ return $this->_failure;
}
$this->_db->where('id', $session_id);
@@ -265,7 +264,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan
return $this->_success;
}
- return $this->_fail();
+ return $this->_failure;
}
// ------------------------------------------------------------------------
@@ -280,7 +279,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan
public function close()
{
return ($this->_lock && ! $this->_release_lock())
- ? $this->_fail()
+ ? $this->_failure
: $this->_success;
}
@@ -309,7 +308,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan
if ( ! $this->_db->delete($this->_config['save_path']))
{
- return $this->_fail();
+ return $this->_failure;
}
}
@@ -319,7 +318,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan
return $this->_success;
}
- return $this->_fail();
+ return $this->_failure;
}
// ------------------------------------------------------------------------
@@ -339,7 +338,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan
return ($this->_db->delete($this->_config['save_path'], 'timestamp < '.(time() - $maxlifetime)))
? $this->_success
- : $this->_fail();
+ : $this->_failure;
}
// --------------------------------------------------------------------
diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php
index 467059434..2899b7dec 100644
--- a/system/libraries/Session/drivers/Session_files_driver.php
+++ b/system/libraries/Session/drivers/Session_files_driver.php
@@ -135,12 +135,14 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle
{
if ( ! mkdir($save_path, 0700, TRUE))
{
- throw new Exception("Session: Configured save path '".$this->_config['save_path']."' is not a directory, doesn't exist or cannot be created.");
+ log_message('error', "Session: Configured save path '".$this->_config['save_path']."' is not a directory, doesn't exist or cannot be created.");
+ return $this->_failure;
}
}
elseif ( ! is_writable($save_path))
{
- throw new Exception("Session: Configured save path '".$this->_config['save_path']."' is not writable by the PHP process.");
+ log_message('error', "Session: Configured save path '".$this->_config['save_path']."' is not writable by the PHP process.");
+ return $this->_failure;
}
$this->_config['save_path'] = $save_path;
diff --git a/system/libraries/Session/drivers/Session_memcached_driver.php b/system/libraries/Session/drivers/Session_memcached_driver.php
index ab54f029f..854adf821 100644
--- a/system/libraries/Session/drivers/Session_memcached_driver.php
+++ b/system/libraries/Session/drivers/Session_memcached_driver.php
@@ -117,7 +117,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa
{
$this->_memcached = NULL;
log_message('error', 'Session: Invalid Memcached save path format: '.$this->_config['save_path']);
- return $this->_fail();
+ return $this->_failure;
}
foreach ($matches as $match)
@@ -142,7 +142,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa
if (empty($server_list))
{
log_message('error', 'Session: Memcached server pool is empty.');
- return $this->_fail();
+ return $this->_failure;
}
$this->php5_validate_id();
@@ -172,7 +172,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa
return $session_data;
}
- return $this->_fail();
+ return $this->_failure;
}
// ------------------------------------------------------------------------
@@ -190,14 +190,14 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa
{
if ( ! isset($this->_memcached, $this->_lock_key))
{
- return $this->_fail();
+ return $this->_failure;
}
// Was the ID regenerated?
elseif ($session_id !== $this->_session_id)
{
if ( ! $this->_release_lock() OR ! $this->_get_lock($session_id))
{
- return $this->_fail();
+ return $this->_failure;
}
$this->_fingerprint = md5('');
@@ -215,7 +215,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa
return $this->_success;
}
- return $this->_fail();
+ return $this->_failure;
}
elseif (
$this->_memcached->touch($key, $this->_config['expiration'])
@@ -225,7 +225,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa
return $this->_success;
}
- return $this->_fail();
+ return $this->_failure;
}
// ------------------------------------------------------------------------
@@ -244,14 +244,14 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa
$this->_release_lock();
if ( ! $this->_memcached->quit())
{
- return $this->_fail();
+ return $this->_failure;
}
$this->_memcached = NULL;
return $this->_success;
}
- return $this->_fail();
+ return $this->_failure;
}
// ------------------------------------------------------------------------
@@ -273,7 +273,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa
return $this->_success;
}
- return $this->_fail();
+ return $this->_failure;
}
// ------------------------------------------------------------------------
diff --git a/system/libraries/Session/drivers/Session_redis_driver.php b/system/libraries/Session/drivers/Session_redis_driver.php
index 434b11e58..df38174b4 100644
--- a/system/libraries/Session/drivers/Session_redis_driver.php
+++ b/system/libraries/Session/drivers/Session_redis_driver.php
@@ -76,6 +76,33 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle
*/
protected $_key_exists = FALSE;
+ /**
+ * Name of setTimeout() method in phpRedis
+ *
+ * Due to some deprecated methods in phpRedis, we need to call the
+ * specific methods depending on the version of phpRedis.
+ *
+ * @var string
+ */
+ protected $_setTimeout_name;
+
+ /**
+ * Name of delete() method in phpRedis
+ *
+ * Due to some deprecated methods in phpRedis, we need to call the
+ * specific methods depending on the version of phpRedis.
+ *
+ * @var string
+ */
+ protected $_delete_name;
+
+ /**
+ * Success return value of ping() method in phpRedis
+ *
+ * @var mixed
+ */
+ protected $_ping_success;
+
// ------------------------------------------------------------------------
/**
@@ -88,6 +115,20 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle
{
parent::__construct($params);
+ // Detect the names of some methods in phpRedis instance
+ if (version_compare(phpversion('redis'), '5', '>='))
+ {
+ $this->_setTimeout_name = 'expire';
+ $this->_delete_name = 'del';
+ $this->_ping_success = TRUE;
+ }
+ else
+ {
+ $this->_setTimeout_name = 'setTimeout';
+ $this->_delete_name = 'delete';
+ $this->_ping_success = '+PONG';
+ }
+
if (empty($this->_config['save_path']))
{
log_message('error', 'Session: No Redis save path configured.');
@@ -131,7 +172,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle
{
if (empty($this->_config['save_path']))
{
- return $this->_fail();
+ return $this->_failure;
}
$redis = new Redis();
@@ -150,12 +191,11 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle
else
{
$this->_redis = $redis;
+ $this->php5_validate_id();
return $this->_success;
}
- $this->php5_validate_id();
-
- return $this->_fail();
+ return $this->_failure;
}
// ------------------------------------------------------------------------
@@ -185,7 +225,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle
return $session_data;
}
- return $this->_fail();
+ return $this->_failure;
}
// ------------------------------------------------------------------------
@@ -203,21 +243,21 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle
{
if ( ! isset($this->_redis, $this->_lock_key))
{
- return $this->_fail();
+ return $this->_failure;
}
// Was the ID regenerated?
elseif ($session_id !== $this->_session_id)
{
if ( ! $this->_release_lock() OR ! $this->_get_lock($session_id))
{
- return $this->_fail();
+ return $this->_failure;
}
$this->_key_exists = FALSE;
$this->_session_id = $session_id;
}
- $this->_redis->setTimeout($this->_lock_key, 300);
+ $this->_redis->{$this->_setTimeout_name}($this->_lock_key, 300);
if ($this->_fingerprint !== ($fingerprint = md5($session_data)) OR $this->_key_exists === FALSE)
{
if ($this->_redis->set($this->_key_prefix.$session_id, $session_data, $this->_config['expiration']))
@@ -227,12 +267,12 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle
return $this->_success;
}
- return $this->_fail();
+ return $this->_failure;
}
- return ($this->_redis->setTimeout($this->_key_prefix.$session_id, $this->_config['expiration']))
+ return ($this->_redis->{$this->_setTimeout_name}($this->_key_prefix.$session_id, $this->_config['expiration']))
? $this->_success
- : $this->_fail();
+ : $this->_failure;
}
// ------------------------------------------------------------------------
@@ -249,12 +289,12 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle
if (isset($this->_redis))
{
try {
- if ($this->_redis->ping() === '+PONG')
+ if ($this->_redis->ping() === $this->_ping_success)
{
$this->_release_lock();
if ($this->_redis->close() === FALSE)
{
- return $this->_fail();
+ return $this->_failure;
}
}
}
@@ -284,16 +324,16 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle
{
if (isset($this->_redis, $this->_lock_key))
{
- if (($result = $this->_redis->delete($this->_key_prefix.$session_id)) !== 1)
+ if (($result = $this->_redis->{$this->_delete_name}($this->_key_prefix.$session_id)) !== 1)
{
- log_message('debug', 'Session: Redis::delete() expected to return 1, got '.var_export($result, TRUE).' instead.');
+ log_message('debug', 'Session: Redis::'.$this->_delete_name.'() expected to return 1, got '.var_export($result, TRUE).' instead.');
}
$this->_cookie_destroy();
return $this->_success;
}
- return $this->_fail();
+ return $this->_failure;
}
// ------------------------------------------------------------------------
@@ -345,7 +385,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle
// correct session ID.
if ($this->_lock_key === $this->_key_prefix.$session_id.':lock')
{
- return $this->_redis->setTimeout($this->_lock_key, 300);
+ return $this->_redis->{$this->_setTimeout_name}($this->_lock_key, 300);
}
// 30 attempts to obtain a lock, in case another request already has it
@@ -359,11 +399,13 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle
continue;
}
- $result = ($ttl === -2)
- ? $this->_redis->set($lock_key, time(), array('nx', 'ex' => 300))
- : $this->_redis->setex($lock_key, 300, time());
-
- if ( ! $result)
+ if ($ttl === -2 && ! $this->_redis->set($lock_key, time(), array('nx', 'ex' => 300)))
+ {
+ // Sleep for 1s to wait for lock releases.
+ sleep(1);
+ continue;
+ }
+ elseif ( ! $this->_redis->setex($lock_key, 300, time()))
{
log_message('error', 'Session: Error while trying to obtain lock for '.$this->_key_prefix.$session_id);
return FALSE;
@@ -401,7 +443,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle
{
if (isset($this->_redis, $this->_lock_key) && $this->_lock)
{
- if ( ! $this->_redis->delete($this->_lock_key))
+ if ( ! $this->_redis->{$this->_delete_name}($this->_lock_key))
{
log_message('error', 'Session: Error while trying to free lock for '.$this->_lock_key);
return FALSE;