diff options
author | Andrey Andreev <narf@bofh.bg> | 2012-02-28 13:48:55 +0100 |
---|---|---|
committer | Andrey Andreev <narf@bofh.bg> | 2012-02-28 13:48:55 +0100 |
commit | 575bbfe97e4f0e3ad88558454fb2c87d372a7651 (patch) | |
tree | eec271f209f8a7539b3b519be3a68e067f24562a /system | |
parent | d33e24c2a649420d420ad9b11efb1bbf2421114c (diff) | |
parent | 0aa8c60ae7eee0122c42ae17d42fd5471a575743 (diff) |
Merge remote-tracking branch 'upstream/develop' into develop-db-sqlite
Diffstat (limited to 'system')
-rw-r--r-- | system/core/Common.php | 34 | ||||
-rwxr-xr-x | system/core/Input.php | 67 | ||||
-rwxr-xr-x | system/database/DB.php | 1 | ||||
-rw-r--r-- | system/database/DB_driver.php | 61 | ||||
-rw-r--r-- | system/database/drivers/mssql/mssql_driver.php | 21 | ||||
-rw-r--r-- | system/database/drivers/mysql/mysql_driver.php | 16 | ||||
-rw-r--r-- | system/database/drivers/mysql/mysql_forge.php | 4 | ||||
-rw-r--r-- | system/database/drivers/mysql/mysql_utility.php | 17 | ||||
-rw-r--r-- | system/database/drivers/mysqli/mysqli_driver.php | 16 | ||||
-rw-r--r-- | system/database/drivers/pdo/pdo_driver.php | 281 | ||||
-rw-r--r-- | system/database/drivers/pdo/pdo_forge.php | 12 | ||||
-rw-r--r-- | system/database/drivers/pdo/pdo_result.php | 67 | ||||
-rw-r--r-- | system/database/drivers/sqlsrv/sqlsrv_driver.php | 21 | ||||
-rw-r--r-- | system/helpers/inflector_helper.php | 2 | ||||
-rw-r--r-- | system/libraries/Cache/drivers/Cache_file.php | 2 | ||||
-rw-r--r-- | system/libraries/Cart.php | 7 | ||||
-rw-r--r-- | system/libraries/Form_validation.php | 42 | ||||
-rw-r--r-- | system/libraries/Image_lib.php | 435 | ||||
-rw-r--r-- | system/libraries/Session.php | 133 |
19 files changed, 702 insertions, 537 deletions
diff --git a/system/core/Common.php b/system/core/Common.php index 2f9c4ff43..491979350 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -56,7 +56,7 @@ if ( ! function_exists('is_php')) function is_php($version = '5.0.0') { static $_is_php; - $version = (string)$version; + $version = (string) $version; if ( ! isset($_is_php[$version])) { @@ -84,7 +84,7 @@ if ( ! function_exists('is_really_writable')) function is_really_writable($file) { // If we're on a Unix server with safe_mode off we call is_writable - if (DIRECTORY_SEPARATOR === '/' AND @ini_get('safe_mode') == FALSE) + if (DIRECTORY_SEPARATOR === '/' && (bool) @ini_get('safe_mode') === FALSE) { return is_writable($file); } @@ -120,7 +120,7 @@ if ( ! function_exists('is_really_writable')) /** * Class registry * -* This function acts as a singleton. If the requested class does not +* This function acts as a singleton. If the requested class does not * exist it is instantiated and set to a static variable. If it has * previously been instantiated the variable is returned. * @@ -177,6 +177,7 @@ if ( ! function_exists('load_class')) { // Note: We use exit() rather then show_error() in order to avoid a // self-referencing loop with the Excptions class + set_status_header(503); exit('Unable to locate the specified class: '.$class.'.php'); } @@ -191,7 +192,7 @@ if ( ! function_exists('load_class')) // -------------------------------------------------------------------- /** -* Keeps track of which libraries have been loaded. This function is +* Keeps track of which libraries have been loaded. This function is * called by the load_class() function above * * @access public @@ -243,6 +244,7 @@ if ( ! function_exists('get_config')) // Fetch the config file if ( ! file_exists($file_path)) { + set_status_header(503); exit('The configuration file does not exist.'); } @@ -251,6 +253,7 @@ if ( ! function_exists('get_config')) // Does the $config array exist in the file? if ( ! isset($config) OR ! is_array($config)) { + set_status_header(503); exit('Your config file does not appear to be formatted correctly.'); } @@ -434,7 +437,7 @@ if ( ! function_exists('set_status_header')) show_error('Status codes must be numeric', 500); } - if (isset($stati[$code]) AND $text == '') + if (isset($stati[$code]) && $text == '') { $text = $stati[$code]; } @@ -444,19 +447,19 @@ if ( ! function_exists('set_status_header')) show_error('No status text available. Please check your status code number or supply your own message text.', 500); } - $server_protocol = (isset($_SERVER['SERVER_PROTOCOL'])) ? $_SERVER['SERVER_PROTOCOL'] : FALSE; + $server_protocol = isset($_SERVER['SERVER_PROTOCOL']) ? $_SERVER['SERVER_PROTOCOL'] : FALSE; if (strpos(php_sapi_name(), 'cgi') === 0) { - header("Status: {$code} {$text}", TRUE); + header('Status: '.$code.' '.$text, TRUE); } - elseif ($server_protocol == 'HTTP/1.1' OR $server_protocol == 'HTTP/1.0') + elseif ($server_protocol === 'HTTP/1.0') { - header($server_protocol." {$code} {$text}", TRUE, $code); + header('HTTP/1.0 '.$code.' '.$text, TRUE, $code); } else { - header("HTTP/1.1 {$code} {$text}", TRUE, $code); + header('HTTP/1.1 '.$code.' '.$text, TRUE, $code); } } } @@ -561,14 +564,9 @@ if ( ! function_exists('html_escape')) { function html_escape($var) { - if (is_array($var)) - { - return array_map('html_escape', $var); - } - else - { - return htmlspecialchars($var, ENT_QUOTES, config_item('charset')); - } + return is_array($var) + ? array_map('html_escape', $var) + : htmlspecialchars($var, ENT_QUOTES, config_item('charset')); } } diff --git a/system/core/Input.php b/system/core/Input.php index 7a16e51ab..ee15f4013 100755 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -25,8 +25,6 @@ * @filesource */ -// ------------------------------------------------------------------------ - /** * Input Class * @@ -152,7 +150,7 @@ class CI_Input { public function get($index = NULL, $xss_clean = FALSE) { // Check if a field has been provided - if ($index === NULL AND ! empty($_GET)) + if ($index === NULL && ! empty($_GET)) { $get = array(); @@ -179,7 +177,7 @@ class CI_Input { public function post($index = NULL, $xss_clean = FALSE) { // Check if a field has been provided - if ($index === NULL AND ! empty($_POST)) + if ($index === NULL && ! empty($_POST)) { $post = array(); @@ -206,9 +204,9 @@ class CI_Input { */ public function get_post($index = '', $xss_clean = FALSE) { - return ( ! isset($_POST[$index])) - ? $this->get($index, $xss_clean) - : $this->post($index, $xss_clean); + return isset($_POST[$index]) + ? $this->post($index, $xss_clean) + : $this->get($index, $xss_clean); } // -------------------------------------------------------------------- @@ -256,19 +254,19 @@ class CI_Input { } } - if ($prefix == '' AND config_item('cookie_prefix') != '') + if ($prefix == '' && config_item('cookie_prefix') != '') { $prefix = config_item('cookie_prefix'); } - if ($domain == '' AND config_item('cookie_domain') != '') + if ($domain == '' && config_item('cookie_domain') != '') { $domain = config_item('cookie_domain'); } - if ($path == '/' AND config_item('cookie_path') != '/') + if ($path == '/' && config_item('cookie_path') !== '/') { $path = config_item('cookie_path'); } - if ($secure == FALSE AND config_item('cookie_secure') != FALSE) + if ($secure == FALSE && config_item('cookie_secure') != FALSE) { $secure = config_item('cookie_secure'); } @@ -320,11 +318,11 @@ class CI_Input { $this->ip_address = in_array($_SERVER['REMOTE_ADDR'], $proxies) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR']; } - elseif ( ! $this->server('HTTP_CLIENT_IP') AND $this->server('REMOTE_ADDR')) + elseif ( ! $this->server('HTTP_CLIENT_IP') && $this->server('REMOTE_ADDR')) { $this->ip_address = $_SERVER['REMOTE_ADDR']; } - elseif ($this->server('REMOTE_ADDR') AND $this->server('HTTP_CLIENT_IP')) + elseif ($this->server('REMOTE_ADDR') && $this->server('HTTP_CLIENT_IP')) { $this->ip_address = $_SERVER['HTTP_CLIENT_IP']; } @@ -414,7 +412,7 @@ class CI_Input { return $this->user_agent; } - return $this->user_agent = ( ! isset($_SERVER['HTTP_USER_AGENT'])) ? FALSE : $_SERVER['HTTP_USER_AGENT']; + return $this->user_agent = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : FALSE; } // -------------------------------------------------------------------- @@ -469,19 +467,16 @@ class CI_Input { { $_GET = array(); } - else + elseif (is_array($_GET) && count($_GET) > 0) { - if (is_array($_GET) AND count($_GET) > 0) + foreach ($_GET as $key => $val) { - foreach ($_GET as $key => $val) - { - $_GET[$this->_clean_input_keys($key)] = $this->_clean_input_data($val); - } + $_GET[$this->_clean_input_keys($key)] = $this->_clean_input_data($val); } } // Clean $_POST Data - if (is_array($_POST) AND count($_POST) > 0) + if (is_array($_POST) && count($_POST) > 0) { foreach ($_POST as $key => $val) { @@ -490,7 +485,7 @@ class CI_Input { } // Clean $_COOKIE Data - if (is_array($_COOKIE) AND count($_COOKIE) > 0) + if (is_array($_COOKIE) && count($_COOKIE) > 0) { // Also get rid of specially treated cookies that might be set by a server // or silly application, that are of no use to a CI application anyway @@ -568,7 +563,7 @@ class CI_Input { } // Standardize newlines if needed - if ($this->_standardize_newlines == TRUE AND strpos($str, "\r") !== FALSE) + if ($this->_standardize_newlines == TRUE && strpos($str, "\r") !== FALSE) { return str_replace(array("\r\n", "\r", "\r\n\n"), PHP_EOL, $str); } @@ -592,6 +587,7 @@ class CI_Input { { if ( ! preg_match('/^[a-z0-9:_\/-]+$/i', $str)) { + set_status_header(503); exit('Disallowed Key Characters.'); } @@ -624,7 +620,7 @@ class CI_Input { } else { - $headers['Content-Type'] = (isset($_SERVER['CONTENT_TYPE'])) ? $_SERVER['CONTENT_TYPE'] : @getenv('CONTENT_TYPE'); + $headers['Content-Type'] = isset($_SERVER['CONTENT_TYPE']) ? $_SERVER['CONTENT_TYPE'] : @getenv('CONTENT_TYPE'); foreach ($_SERVER as $key => $val) { @@ -654,9 +650,9 @@ class CI_Input { * * Returns the value of a single member of the headers class member * - * @param string array key for $this->headers - * @param boolean XSS Clean or not - * @return mixed FALSE on failure, string on success + * @param string array key for $this->headers + * @param bool XSS Clean or not + * @return mixed FALSE on failure, string on success */ public function get_request_header($index, $xss_clean = FALSE) { @@ -670,12 +666,9 @@ class CI_Input { return FALSE; } - if ($xss_clean === TRUE) - { - return $this->security->xss_clean($this->headers[$index]); - } - - return $this->headers[$index]; + return ($xss_clean === TRUE) + ? $this->security->xss_clean($this->headers[$index]) + : $this->headers[$index]; } // -------------------------------------------------------------------- @@ -685,11 +678,11 @@ class CI_Input { * * Test to see if a request contains the HTTP_X_REQUESTED_WITH header * - * @return boolean + * @return bool */ public function is_ajax_request() { - return ($this->server('HTTP_X_REQUESTED_WITH') === 'XMLHttpRequest'); + return ( ! empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) === 'xmlhttprequest'); } // -------------------------------------------------------------------- @@ -699,11 +692,11 @@ class CI_Input { * * Test to see if a request was made from the command line * - * @return boolean + * @return bool */ public function is_cli_request() { - return (php_sapi_name() === 'cli') or defined('STDIN'); + return (php_sapi_name() === 'cli' OR defined('STDIN')); } } diff --git a/system/database/DB.php b/system/database/DB.php index ed6afd7ed..d06ffb40e 100755 --- a/system/database/DB.php +++ b/system/database/DB.php @@ -82,6 +82,7 @@ function &DB($params = '', $active_record_override = NULL) $params = array( 'dbdriver' => $dns['scheme'], 'hostname' => (isset($dns['host'])) ? rawurldecode($dns['host']) : '', + 'port' => (isset($dns['port'])) ? rawurldecode($dns['port']) : '', 'username' => (isset($dns['user'])) ? rawurldecode($dns['user']) : '', 'password' => (isset($dns['pass'])) ? rawurldecode($dns['pass']) : '', 'database' => (isset($dns['path'])) ? rawurldecode(substr($dns['path'], 1)) : '' diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php index 7445a5069..271a70ec4 100644 --- a/system/database/DB_driver.php +++ b/system/database/DB_driver.php @@ -81,8 +81,7 @@ class CI_DB_driver { var $stmt_id; var $curs_id; var $limit_used; - - + /** * Constructor. Accepts one parameter containing the database @@ -108,11 +107,9 @@ class CI_DB_driver { /** * Initialize Database Settings * - * @access private Called by the constructor - * @param mixed - * @return void + * @return bool */ - function initialize() + public function initialize() { // If an existing connection resource is available // there is no need to connect and select the database @@ -126,7 +123,7 @@ class CI_DB_driver { // Connect to the database and set the connection ID $this->conn_id = ($this->pconnect == FALSE) ? $this->db_connect() : $this->db_pconnect(); - // No connection resource? Check if there is a failover else throw an error + // No connection resource? Check if there is a failover else throw an error if ( ! $this->conn_id) { // Check if there is a failover set @@ -168,31 +165,19 @@ class CI_DB_driver { // ---------------------------------------------------------------- // Select the DB... assuming a database name is specified in the config file - if ($this->database != '') + if ($this->database !== '' && ! $this->db_select()) { - if ( ! $this->db_select()) - { - log_message('error', 'Unable to select database: '.$this->database); + log_message('error', 'Unable to select database: '.$this->database); - if ($this->db_debug) - { - $this->display_error('db_unable_to_select', $this->database); - } - return FALSE; - } - else + if ($this->db_debug) { - // We've selected the DB. Now we set the character set - if ( ! $this->db_set_charset($this->char_set, $this->dbcollat)) - { - return FALSE; - } - - return TRUE; + $this->display_error('db_unable_to_select', $this->database); } + return FALSE; } - return TRUE; + // Now we set the character set and that's all + return $this->db_set_charset($this->char_set, $this->dbcollat); } // -------------------------------------------------------------------- @@ -814,20 +799,23 @@ class CI_DB_driver { if ($query->num_rows() > 0) { - foreach ($query->result_array() as $row) + $table = FALSE; + $rows = $query->result_array(); + $key = (($row = current($rows)) && in_array('table_name', array_map('strtolower', array_keys($row)))); + + if ($key) { - if (isset($row['TABLE_NAME'])) - { - $retval[] = $row['TABLE_NAME']; - } - else - { - $retval[] = array_shift($row); - } + $table = array_key_exists('TABLE_NAME', $row) ? 'TABLE_NAME' : 'table_name'; + } + + foreach ($rows as $row) + { + $retval[] = ( ! $table) ? current($row) : $row[$table]; } } $this->data_cache['table_names'] = $retval; + return $this->data_cache['table_names']; } @@ -1436,10 +1424,7 @@ class CI_DB_driver { return $item.$alias; } - - } - /* End of file DB_driver.php */ /* Location: ./system/database/DB_driver.php */ diff --git a/system/database/drivers/mssql/mssql_driver.php b/system/database/drivers/mssql/mssql_driver.php index 2a1098932..25a32f364 100644 --- a/system/database/drivers/mssql/mssql_driver.php +++ b/system/database/drivers/mssql/mssql_driver.php @@ -114,14 +114,25 @@ class CI_DB_mssql_driver extends CI_DB { /** * Select the database * - * @access private called by the base class - * @return resource + * @param string database name + * @return bool */ - function db_select() + public function db_select($database = '') { + if ($database === '') + { + $database = $this->database; + } + // Note: The brackets are required in the event that the DB name // contains reserved characters - return @mssql_select_db('['.$this->database.']', $this->conn_id); + if (@mssql_select_db('['.$database.']', $this->conn_id)) + { + $this->database = $database; + return TRUE; + } + + return FALSE; } // -------------------------------------------------------------------- @@ -676,4 +687,4 @@ class CI_DB_mssql_driver extends CI_DB { /* End of file mssql_driver.php */ -/* Location: ./system/database/drivers/mssql/mssql_driver.php */
\ No newline at end of file +/* Location: ./system/database/drivers/mssql/mssql_driver.php */ diff --git a/system/database/drivers/mysql/mysql_driver.php b/system/database/drivers/mysql/mysql_driver.php index 067710ff0..c88a8a766 100644 --- a/system/database/drivers/mysql/mysql_driver.php +++ b/system/database/drivers/mysql/mysql_driver.php @@ -119,11 +119,23 @@ class CI_DB_mysql_driver extends CI_DB { /** * Select the database * + * @param string database name * @return bool */ - public function db_select() + public function db_select($database = '') { - return @mysql_select_db($this->database, $this->conn_id); + if ($database === '') + { + $database = $this->database; + } + + if (@mysql_select_db($database, $this->conn_id)) + { + $this->database = $database; + return TRUE; + } + + return FALSE; } // -------------------------------------------------------------------- diff --git a/system/database/drivers/mysql/mysql_forge.php b/system/database/drivers/mysql/mysql_forge.php index d3107134e..0f251b086 100644 --- a/system/database/drivers/mysql/mysql_forge.php +++ b/system/database/drivers/mysql/mysql_forge.php @@ -147,7 +147,7 @@ class CI_DB_mysql_forge extends CI_DB_forge { $sql .= 'IF NOT EXISTS '; } - $sql .= $this->db->_escape_identifiers($table).' ('.$this->_process_fields($fields); + $sql .= $this->db->protect_identifiers($table).' ('.$this->_process_fields($fields); if (count($primary_keys) > 0) { @@ -187,7 +187,7 @@ class CI_DB_mysql_forge extends CI_DB_forge { */ public function _drop_table($table) { - return 'DROP TABLE IF EXISTS '.$this->db->_escape_identifiers($table); + return 'DROP TABLE IF EXISTS '.$this->db->protect_identifiers($table); } // -------------------------------------------------------------------- diff --git a/system/database/drivers/mysql/mysql_utility.php b/system/database/drivers/mysql/mysql_utility.php index 0e7c18e16..952f887fe 100644 --- a/system/database/drivers/mysql/mysql_utility.php +++ b/system/database/drivers/mysql/mysql_utility.php @@ -56,7 +56,7 @@ class CI_DB_mysql_utility extends CI_DB_utility { */ public function _optimize_table($table) { - return 'OPTIMIZE TABLE '.$this->db->_escape_identifiers($table); + return 'OPTIMIZE TABLE '.$this->db->protect_identifiers($table); } // -------------------------------------------------------------------- @@ -71,7 +71,7 @@ class CI_DB_mysql_utility extends CI_DB_utility { */ public function _repair_table($table) { - return 'REPAIR TABLE '.$this->db->_escape_identifiers($table); + return 'REPAIR TABLE '.$this->db->protect_identifiers($table); } // -------------------------------------------------------------------- @@ -102,7 +102,7 @@ class CI_DB_mysql_utility extends CI_DB_utility { } // Get the table schema - $query = $this->db->query('SHOW CREATE TABLE `'.$this->db->database.'`.`'.$table.'`'); + $query = $this->db->query('SHOW CREATE TABLE '.$this->db->protect_identifiers($this->db->database).'.'.$this->db->protect_identifiers($table)); // No result means the table name was invalid if ($query === FALSE) @@ -115,7 +115,7 @@ class CI_DB_mysql_utility extends CI_DB_utility { if ($add_drop == TRUE) { - $output .= 'DROP TABLE IF EXISTS '.$table.';'.$newline.$newline; + $output .= 'DROP TABLE IF EXISTS '.$this->db->protect_identifiers($table).';'.$newline.$newline; } $i = 0; @@ -135,7 +135,7 @@ class CI_DB_mysql_utility extends CI_DB_utility { } // Grab all the data from the current table - $query = $this->db->query('SELECT * FROM '.$table); + $query = $this->db->query('SELECT * FROM '.$this->db->protect_identifiers($table)); if ($query->num_rows() == 0) { @@ -157,7 +157,7 @@ class CI_DB_mysql_utility extends CI_DB_utility { TRUE); // Create a string of field names - $field_str .= '`'.$field->name.'`, '; + $field_str .= $this->db->protect_identifiers($field->name).', '; $i++; } @@ -192,14 +192,15 @@ class CI_DB_mysql_utility extends CI_DB_utility { $val_str = preg_replace('/, $/' , '', $val_str); // Build the INSERT string - $output .= 'INSERT INTO '.$table.' ('.$field_str.') VALUES ('.$val_str.');'.$newline; + $output .= 'INSERT INTO '.$this->db->protect_identifiers($table).' ('.$field_str.') VALUES ('.$val_str.');'.$newline; } - return $output.$newline.$newline; + $output .= $newline.$newline; } return $output; } + } /* End of file mysql_utility.php */ diff --git a/system/database/drivers/mysqli/mysqli_driver.php b/system/database/drivers/mysqli/mysqli_driver.php index a79b2a4ad..dbba12e15 100644 --- a/system/database/drivers/mysqli/mysqli_driver.php +++ b/system/database/drivers/mysqli/mysqli_driver.php @@ -119,11 +119,23 @@ class CI_DB_mysqli_driver extends CI_DB { /** * Select the database * + * @param string database name * @return bool */ - public function db_select() + public function db_select($database = '') { - return @mysqli_select_db($this->conn_id, $this->database); + if ($database === '') + { + $database = $this->database; + } + + if (@mysqli_select_db($this->conn_id, $database)) + { + $this->database = $database; + return TRUE; + } + + return FALSE; } // -------------------------------------------------------------------- diff --git a/system/database/drivers/pdo/pdo_driver.php b/system/database/drivers/pdo/pdo_driver.php index 4f4f44ba7..de2b0abeb 100644 --- a/system/database/drivers/pdo/pdo_driver.php +++ b/system/database/drivers/pdo/pdo_driver.php @@ -46,9 +46,10 @@ class CI_DB_pdo_driver extends CI_DB { // the character used to excape - not necessary for PDO var $_escape_char = ''; + + // clause and character used for LIKE escape sequences var $_like_escape_str; var $_like_escape_chr; - /** * The syntax to count rows is slightly different across different @@ -57,29 +58,36 @@ class CI_DB_pdo_driver extends CI_DB { */ var $_count_string = "SELECT COUNT(*) AS "; var $_random_keyword; - + + // need to track the pdo DSN, driver and options + var $dsn; + var $pdodriver; var $options = array(); function __construct($params) { parent::__construct($params); - + + if (preg_match('/([^;]+):/', $this->dsn, $match) && count($match) == 2) + { + // If there is a minimum valid dsn string pattern found, we're done + // This is for general PDO users, who tend to have a full DSN string. + $this->pdodriver = end($match); + } + else + { + // Try to build a complete DSN string from params + $this->_connect_string($params); + } + // clause and character used for LIKE escape sequences - if (strpos($this->hostname, 'mysql') !== FALSE) + // this one depends on the driver being used + if ($this->pdodriver == 'mysql') { $this->_like_escape_str = ''; $this->_like_escape_chr = ''; - - //Prior to this version, the charset can't be set in the dsn - if(is_php('5.3.6')) - { - $this->hostname .= ";charset={$this->char_set}"; - } - - //Set the charset with the connection options - $this->options['PDO::MYSQL_ATTR_INIT_COMMAND'] = "SET NAMES {$this->char_set}"; } - else if (strpos($this->hostname, 'odbc') !== FALSE) + elseif ($this->pdodriver == 'odbc') { $this->_like_escape_str = " {escape '%s'} "; $this->_like_escape_chr = '!'; @@ -90,14 +98,94 @@ class CI_DB_pdo_driver extends CI_DB { $this->_like_escape_chr = '!'; } - if (strpos($this->hostname, 'sqlite') === FALSE) + $this->trans_enabled = FALSE; + $this->_random_keyword = ' RND('.time().')'; // database specific random keyword + } + + /** + * Connection String + * + * @access private + * @param array + * @return void + */ + function _connect_string($params) + { + if (strpos($this->hostname, ':')) { - $this->hostname .= ";dbname=".$this->database; + // hostname generally would have this prototype + // $db['hostname'] = 'pdodriver:host(/Server(/DSN))=hostname(/DSN);'; + // We need to get the prefix (pdodriver used by PDO). + $dsnarray = explode(':', $this->hostname); + $this->pdodriver = $dsnarray[0]; + + // End dsn with a semicolon for extra backward compability + // if database property was not empty. + if ( ! empty($this->database)) + { + $this->dsn .= rtrim($this->hostname, ';').';'; + } } - - $this->trans_enabled = FALSE; + else + { + // Invalid DSN, display an error + if ( ! array_key_exists('pdodriver', $params)) + { + show_error('Invalid DB Connection String for PDO'); + } - $this->_random_keyword = ' RND('.time().')'; // database specific random keyword + // Assuming that the following DSN string format is used: + // $dsn = 'pdo://username:password@hostname:port/database?pdodriver=pgsql'; + $this->dsn = $this->pdodriver.':'; + + // Add hostname to the DSN for databases that need it + if ( ! empty($this->hostname) + && strpos($this->hostname, ':') === FALSE + && in_array($this->pdodriver, array('informix', 'mysql', 'pgsql', 'sybase', 'mssql', 'dblib', 'cubrid'))) + { + $this->dsn .= 'host='.$this->hostname.';'; + } + + // Add a port to the DSN for databases that can use it + if ( ! empty($this->port) && in_array($this->pdodriver, array('informix', 'mysql', 'pgsql', 'ibm', 'cubrid'))) + { + $this->dsn .= 'port='.$this->port.';'; + } + } + + // Add the database name to the DSN, if needed + if (stripos($this->dsn, 'dbname') === FALSE + && in_array($this->pdodriver, array('4D', 'pgsql', 'mysql', 'firebird', 'sybase', 'mssql', 'dblib', 'cubrid'))) + { + $this->dsn .= 'dbname='.$this->database.';'; + } + elseif (stripos($this->dsn, 'database') === FALSE && in_array($this->pdodriver, array('ibm', 'sqlsrv'))) + { + if (stripos($this->dsn, 'dsn') === FALSE) + { + $this->dsn .= 'database='.$this->database.';'; + } + } + elseif ($this->pdodriver === 'sqlite' && $this->dsn === 'sqlite:') + { + if ($this->database !== ':memory') + { + if ( ! file_exists($this->database)) + { + show_error('Invalid DB Connection string for PDO SQLite'); + } + + $this->dsn .= (strpos($this->database, DIRECTORY_SEPARATOR) !== 0) ? DIRECTORY_SEPARATOR : ''; + } + + $this->dsn .= $this->database; + } + + // Add charset to the DSN, if needed + if ( ! empty($this->char_set) && in_array($this->pdodriver, array('4D', 'mysql', 'sybase', 'mssql', 'dblib', 'oci'))) + { + $this->dsn .= 'charset='.$this->char_set.';'; + } } /** @@ -108,9 +196,9 @@ class CI_DB_pdo_driver extends CI_DB { */ function db_connect() { - $this->options['PDO::ATTR_ERRMODE'] = PDO::ERRMODE_SILENT; - - return new PDO($this->hostname, $this->username, $this->password, $this->options); + $this->options[PDO::ATTR_ERRMODE] = PDO::ERRMODE_SILENT; + + return $this->pdo_connect(); } // -------------------------------------------------------------------- @@ -123,10 +211,44 @@ class CI_DB_pdo_driver extends CI_DB { */ function db_pconnect() { - $this->options['PDO::ATTR_ERRMODE'] = PDO::ERRMODE_SILENT; - $this->options['PDO::ATTR_PERSISTENT'] = TRUE; + $this->options[PDO::ATTR_ERRMODE] = PDO::ERRMODE_SILENT; + $this->options[PDO::ATTR_PERSISTENT] = TRUE; - return new PDO($this->hostname, $this->username, $this->password, $this->options); + return $this->pdo_connect(); + } + + // -------------------------------------------------------------------- + + /** + * PDO connection + * + * @access private called by the PDO driver class + * @return resource + */ + function pdo_connect() + { + // Refer : http://php.net/manual/en/ref.pdo-mysql.connection.php + if ($this->pdodriver == 'mysql' && is_php('5.3.6')) + { + $this->options[PDO::MYSQL_ATTR_INIT_COMMAND] = "SET NAMES $this->char_set COLLATE '$this->dbcollat'"; + } + + // Connecting... + try + { + $db = new PDO($this->dsn, $this->username, $this->password, $this->options); + } + catch (PDOException $e) + { + if ($this->db_debug && empty($this->failover)) + { + $this->display_error($e->getMessage(), '', TRUE); + } + + return FALSE; + } + + return $db; } // -------------------------------------------------------------------- @@ -146,6 +268,7 @@ class CI_DB_pdo_driver extends CI_DB { { return $this->db->display_error('db_unsuported_feature'); } + return FALSE; } @@ -175,7 +298,6 @@ class CI_DB_pdo_driver extends CI_DB { */ function db_set_charset($charset, $collation) { - // @todo - add support if needed return TRUE; } @@ -204,6 +326,7 @@ class CI_DB_pdo_driver extends CI_DB { function _execute($sql) { $sql = $this->_prep_query($sql); + $result_id = $this->conn_id->query($sql); if (is_object($result_id)) @@ -231,6 +354,17 @@ class CI_DB_pdo_driver extends CI_DB { */ function _prep_query($sql) { + if ($this->pdodriver === 'pgsql') + { + // Change the backtick(s) for Postgre + $sql = str_replace('`', '"', $sql); + } + elseif ($this->pdodriver === 'sqlite') + { + // Change the backtick(s) for SQLite + $sql = str_replace('`', '', $sql); + } + return $sql; } @@ -285,6 +419,7 @@ class CI_DB_pdo_driver extends CI_DB { } $ret = $this->conn->commit(); + return $ret; } @@ -310,6 +445,7 @@ class CI_DB_pdo_driver extends CI_DB { } $ret = $this->conn_id->rollBack(); + return $ret; } @@ -348,7 +484,9 @@ class CI_DB_pdo_driver extends CI_DB { if ($like === TRUE) { $str = str_replace( array('%', '_', $this->_like_escape_chr), - array($this->_like_escape_chr.'%', $this->_like_escape_chr.'_', $this->_like_escape_chr.$this->_like_escape_chr), + array($this->_like_escape_chr.'%', + $this->_like_escape_chr.'_', + $this->_like_escape_chr.$this->_like_escape_chr), $str); } @@ -378,9 +516,9 @@ class CI_DB_pdo_driver extends CI_DB { */ function insert_id($name=NULL) { - //Convenience method for postgres insertid - if (strpos($this->hostname, 'pgsql') !== FALSE) + if ($this->pdodriver == 'pgsql') { + //Convenience method for postgres insertid $v = $this->_version(); $table = func_num_args() > 0 ? func_get_arg(0) : NULL; @@ -389,8 +527,10 @@ class CI_DB_pdo_driver extends CI_DB { { $sql='SELECT LASTVAL() as ins_id'; } + $query = $this->query($sql); - $row = $query->row(); + $row = $query->row(); + return $row->ins_id; } else @@ -418,7 +558,9 @@ class CI_DB_pdo_driver extends CI_DB { return 0; } - $query = $this->query($this->_count_string . $this->_protect_identifiers('numrows') . " FROM " . $this->_protect_identifiers($table, TRUE, NULL, FALSE)); + $sql = $this->_count_string.$this->_protect_identifiers('numrows').' FROM '; + $sql .= $this->_protect_identifiers($table, TRUE, NULL, FALSE); + $query = $this->query($sql); if ($query->num_rows() == 0) { @@ -427,6 +569,7 @@ class CI_DB_pdo_driver extends CI_DB { $row = $query->row(); $this->_reset_select(); + return (int) $row->numrows; } @@ -443,12 +586,19 @@ class CI_DB_pdo_driver extends CI_DB { */ function _list_tables($prefix_limit = FALSE) { - $sql = "SHOW TABLES FROM `".$this->database."`"; + if ($this->pdodriver == 'pgsql') + { + // Analog function to show all tables in postgre + $sql = "SELECT * FROM information_schema.tables WHERE table_schema = 'public'"; + } + else + { + $sql = "SHOW TABLES FROM `".$this->database."`"; + } if ($prefix_limit !== FALSE AND $this->dbprefix != '') { - //$sql .= " LIKE '".$this->escape_like_str($this->dbprefix)."%' ".sprintf($this->_like_escape_str, $this->_like_escape_chr); - return FALSE; // not currently supported + return FALSE; } return $sql; @@ -467,7 +617,7 @@ class CI_DB_pdo_driver extends CI_DB { */ function _list_columns($table = '') { - return "SHOW COLUMNS FROM ".$table; + return 'SHOW COLUMNS FROM '.$this->_from_tables($table); } // -------------------------------------------------------------------- @@ -483,7 +633,7 @@ class CI_DB_pdo_driver extends CI_DB { */ function _field_data($table) { - return "SELECT TOP 1 FROM ".$table; + return 'SELECT TOP 1 FROM '.$this->_from_tables($table); } // -------------------------------------------------------------------- @@ -497,6 +647,7 @@ class CI_DB_pdo_driver extends CI_DB { function _error_message() { $error_array = $this->conn_id->errorInfo(); + return $error_array[2]; } @@ -544,8 +695,8 @@ class CI_DB_pdo_driver extends CI_DB { if (strpos($item, '.') !== FALSE) { - $str = $this->_escape_char.str_replace('.', $this->_escape_char.'.'.$this->_escape_char, $item).$this->_escape_char; - + $str = $this->_escape_char.str_replace('.', $this->_escape_char.'.'.$this->_escape_char, $item); + $str .= $this->_escape_char; } else { @@ -575,7 +726,7 @@ class CI_DB_pdo_driver extends CI_DB { $tables = array($tables); } - return (count($tables) == 1) ? $tables[0] : '('.implode(', ', $tables).')'; + return (count($tables) == 1) ? '`'.$tables[0].'`' : '('.implode(', ', $tables).')'; } // -------------------------------------------------------------------- @@ -593,7 +744,7 @@ class CI_DB_pdo_driver extends CI_DB { */ function _insert($table, $keys, $values) { - return "INSERT INTO ".$table." (".implode(', ', $keys).") VALUES (".implode(', ', $values).")"; + return 'INSERT INTO '.$this->_from_tables($table).' ('.implode(', ', $keys).') VALUES ('.implode(', ', $values).')'; } // -------------------------------------------------------------------- @@ -611,7 +762,7 @@ class CI_DB_pdo_driver extends CI_DB { */ function _insert_batch($table, $keys, $values) { - return "INSERT INTO ".$table." (".implode(', ', $keys).") VALUES ".implode(', ', $values); + return 'INSERT INTO '.$this->_from_tables($table).' ('.implode(', ', $keys).') VALUES '.implode(', ', $values); } // -------------------------------------------------------------------- @@ -636,14 +787,11 @@ class CI_DB_pdo_driver extends CI_DB { $valstr[] = $key." = ".$val; } - $limit = ( ! $limit) ? '' : ' LIMIT '.$limit; - - $orderby = (count($orderby) >= 1)?' ORDER BY '.implode(", ", $orderby):''; - - $sql = "UPDATE ".$table." SET ".implode(', ', $valstr); - - $sql .= ($where != '' AND count($where) >=1) ? " WHERE ".implode(" ", $where) : ''; + $limit = ( ! $limit) ? '' : ' LIMIT '.$limit; + $orderby = (count($orderby) >= 1) ? ' ORDER BY '.implode(', ', $orderby) : ''; + $sql = 'UPDATE '.$this->_from_tables($table).' SET '.implode(', ', $valstr); + $sql .= ($where != '' && count($where) >= 1) ? ' WHERE '.implode(' ', $where) : ''; $sql .= $orderby.$limit; return $sql; @@ -664,8 +812,8 @@ class CI_DB_pdo_driver extends CI_DB { */ function _update_batch($table, $values, $index, $where = NULL) { - $ids = array(); - $where = ($where != '' AND count($where) >=1) ? implode(" ", $where).' AND ' : ''; + $ids = array(); + $where = ($where != '' && count($where) >=1) ? implode(" ", $where).' AND ' : ''; foreach ($values as $key => $val) { @@ -680,12 +828,13 @@ class CI_DB_pdo_driver extends CI_DB { } } - $sql = "UPDATE ".$table." SET "; + $sql = 'UPDATE '.$this->_from_tables($table).' SET '; $cases = ''; foreach ($final as $k => $v) { $cases .= $k.' = CASE '."\n"; + foreach ($v as $row) { $cases .= $row."\n"; @@ -695,7 +844,6 @@ class CI_DB_pdo_driver extends CI_DB { } $sql .= substr($cases, 0, -2); - $sql .= ' WHERE '.$where.$index.' IN ('.implode(',', $ids).')'; return $sql; @@ -739,19 +887,20 @@ class CI_DB_pdo_driver extends CI_DB { if (count($where) > 0 OR count($like) > 0) { - $conditions = "\nWHERE "; + $conditions = "\nWHERE "; $conditions .= implode("\n", $this->ar_where); if (count($where) > 0 && count($like) > 0) { $conditions .= " AND "; } + $conditions .= implode("\n", $like); } $limit = ( ! $limit) ? '' : ' LIMIT '.$limit; - return "DELETE FROM ".$table.$conditions.$limit; + return 'DELETE FROM '.$this->_from_tables($table).$conditions.$limit; } // -------------------------------------------------------------------- @@ -769,27 +918,16 @@ class CI_DB_pdo_driver extends CI_DB { */ function _limit($sql, $limit, $offset) { - if (strpos($this->hostname, 'cubrid') !== FALSE || strpos($this->hostname, 'sqlite') !== FALSE) + if ($this->pdodriver == 'cubrid' OR $this->pdodriver == 'sqlite') { - if ($offset == 0) - { - $offset = ''; - } - else - { - $offset .= ", "; - } + $offset = ($offset == 0) ? '' : $offset.', '; - return $sql."LIMIT ".$offset.$limit; + return $sql.'LIMIT '.$offset.$limit; } else { - $sql .= "LIMIT ".$limit; - - if ($offset > 0) - { - $sql .= " OFFSET ".$offset; - } + $sql .= 'LIMIT '.$limit; + $sql .= ($offset > 0) ? ' OFFSET '.$offset : ''; return $sql; } @@ -809,10 +947,7 @@ class CI_DB_pdo_driver extends CI_DB { $this->conn_id = null; } - } - - /* End of file pdo_driver.php */ /* Location: ./system/database/drivers/pdo/pdo_driver.php */
\ No newline at end of file diff --git a/system/database/drivers/pdo/pdo_forge.php b/system/database/drivers/pdo/pdo_forge.php index 076415928..478b2dbfb 100644 --- a/system/database/drivers/pdo/pdo_forge.php +++ b/system/database/drivers/pdo/pdo_forge.php @@ -96,7 +96,7 @@ class CI_DB_pdo_forge extends CI_DB_forge { $sql .= 'IF NOT EXISTS '; } - $sql .= $this->db->_escape_identifiers($table)." ("; + $sql .= '`'.$this->db->_escape_identifiers($table).'` ('; $current_field_count = 0; foreach ($fields as $field=>$attributes) @@ -111,6 +111,7 @@ class CI_DB_pdo_forge extends CI_DB_forge { else { $attributes = array_change_key_case($attributes, CASE_UPPER); + $numeric = array('SERIAL', 'INTEGER'); $sql .= "\n\t".$this->db->_protect_identifiers($field); @@ -118,7 +119,11 @@ class CI_DB_pdo_forge extends CI_DB_forge { if (array_key_exists('CONSTRAINT', $attributes)) { - $sql .= '('.$attributes['CONSTRAINT'].')'; + // Exception for Postgre numeric which not too happy with constraint within those type + if ( ! ($this->db->pdodriver == 'pgsql' && in_array($attributes['TYPE'], $numeric))) + { + $sql .= '('.$attributes['CONSTRAINT'].')'; + } } if (array_key_exists('UNSIGNED', $attributes) && $attributes['UNSIGNED'] === TRUE) @@ -219,7 +224,7 @@ class CI_DB_pdo_forge extends CI_DB_forge { */ function _alter_table($alter_type, $table, $column_name, $column_definition = '', $default_value = '', $null = '', $after_field = '') { - $sql = 'ALTER TABLE '.$this->db->_protect_identifiers($table)." $alter_type ".$this->db->_protect_identifiers($column_name); + $sql = 'ALTER TABLE `'.$this->db->_protect_identifiers($table)."` $alter_type ".$this->db->_protect_identifiers($column_name); // DROP has everything it needs now. if ($alter_type == 'DROP') @@ -271,7 +276,6 @@ class CI_DB_pdo_forge extends CI_DB_forge { return $sql; } - } /* End of file pdo_forge.php */ diff --git a/system/database/drivers/pdo/pdo_result.php b/system/database/drivers/pdo/pdo_result.php index 6b523b001..c333abc40 100644 --- a/system/database/drivers/pdo/pdo_result.php +++ b/system/database/drivers/pdo/pdo_result.php @@ -39,6 +39,16 @@ class CI_DB_pdo_result extends CI_DB_result { /** + * @var bool Hold the flag whether a result handler already fetched before + */ + protected $is_fetched = FALSE; + + /** + * @var mixed Hold the fetched assoc array of a result handler + */ + protected $result_assoc; + + /** * Number of rows in the result set * * @access public @@ -46,7 +56,59 @@ class CI_DB_pdo_result extends CI_DB_result { */ function num_rows() { - return $this->result_id->rowCount(); + if (empty($this->result_id) OR ! is_object($this->result_id)) + { + // invalid result handler + return 0; + } + elseif (($num_rows = $this->result_id->rowCount()) && $num_rows > 0) + { + // If rowCount return something, we're done. + return $num_rows; + } + + // Fetch the result, instead perform another extra query + return ($this->is_fetched && is_array($this->result_assoc)) ? count($this->result_assoc) : count($this->result_assoc()); + } + + /** + * Fetch the result handler + * + * @access public + * @return mixed + */ + function result_assoc() + { + // If the result already fetched before, use that one + if (count($this->result_array) > 0 OR $this->is_fetched) + { + return $this->result_array(); + } + + // Define the output + $output = array('assoc', 'object'); + + // Fetch the result + foreach ($output as $type) + { + // Define the method and handler + $res_method = '_fetch_'.$type; + $res_handler = 'result_'.$type; + + $this->$res_handler = array(); + $this->_data_seek(0); + + while ($row = $this->$res_method()) + { + $this->{$res_handler}[] = $row; + } + } + + // Save this as buffer and marked the fetch flag + $this->result_array = $this->result_assoc; + $this->is_fetched = TRUE; + + return $this->result_assoc; } // -------------------------------------------------------------------- @@ -78,6 +140,7 @@ class CI_DB_pdo_result extends CI_DB_result { { return $this->db->display_error('db_unsuported_feature'); } + return FALSE; } @@ -110,6 +173,7 @@ class CI_DB_pdo_result extends CI_DB_result { { return $this->db->display_error('db_unsuported_feature'); } + return FALSE; } } @@ -178,6 +242,5 @@ class CI_DB_pdo_result extends CI_DB_result { } - /* End of file pdo_result.php */ /* Location: ./system/database/drivers/pdo/pdo_result.php */
\ No newline at end of file diff --git a/system/database/drivers/sqlsrv/sqlsrv_driver.php b/system/database/drivers/sqlsrv/sqlsrv_driver.php index 6fd52ef70..9c50209ec 100644 --- a/system/database/drivers/sqlsrv/sqlsrv_driver.php +++ b/system/database/drivers/sqlsrv/sqlsrv_driver.php @@ -122,12 +122,23 @@ class CI_DB_sqlsrv_driver extends CI_DB { /** * Select the database * - * @access private called by the base class - * @return resource + * @param string database name + * @return bool */ - function db_select() + public function db_select($database = '') { - return $this->_execute('USE ' . $this->database); + if ($database === '') + { + $database = $this->database; + } + + if ($this->_execute('USE '.$database)) + { + $this->database = $database; + return TRUE; + } + + return FALSE; } // -------------------------------------------------------------------- @@ -608,4 +619,4 @@ class CI_DB_sqlsrv_driver extends CI_DB { /* End of file mssql_driver.php */ -/* Location: ./system/database/drivers/mssql/mssql_driver.php */
\ No newline at end of file +/* Location: ./system/database/drivers/mssql/mssql_driver.php */ diff --git a/system/helpers/inflector_helper.php b/system/helpers/inflector_helper.php index 0bd1e112f..2069a1927 100644 --- a/system/helpers/inflector_helper.php +++ b/system/helpers/inflector_helper.php @@ -85,7 +85,7 @@ if ( ! function_exists('singular')) '/([^u])s$/' => '\1', ); - return preg_replace(array_keys($singular_values), $singular_values, $result); + return preg_replace(array_keys($singular_rules), $singular_rules, $result); } } diff --git a/system/libraries/Cache/drivers/Cache_file.php b/system/libraries/Cache/drivers/Cache_file.php index 4a81b0422..a960730d7 100644 --- a/system/libraries/Cache/drivers/Cache_file.php +++ b/system/libraries/Cache/drivers/Cache_file.php @@ -99,7 +99,7 @@ class CI_Cache_file extends CI_Driver { if (write_file($this->_cache_path.$id, serialize($contents))) { - @chmod($this->_cache_path.$id, 0777); + @chmod($this->_cache_path.$id, 0660); return TRUE; } diff --git a/system/libraries/Cart.php b/system/libraries/Cart.php index ba8d69be2..10b5362a5 100644 --- a/system/libraries/Cart.php +++ b/system/libraries/Cart.php @@ -329,13 +329,6 @@ class CI_Cart { return FALSE; } - // Is the new quantity different than what is already saved in the cart? - // If it's the same there's nothing to do - if ($this->_cart_contents[$items['rowid']]['qty'] == $items['qty']) - { - return FALSE; - } - // Is the quantity zero? If so we will remove the item from the cart. // If the quantity is greater than zero we are updating if ($items['qty'] == 0) diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php index 0a6a2af0d..2ee734ae6 100644 --- a/system/libraries/Form_validation.php +++ b/system/libraries/Form_validation.php @@ -703,11 +703,11 @@ class CI_Form_validation { * * @param string the field name * @param string - * @return void + * @return string */ public function set_value($field = '', $default = '') { - if ( ! isset($this->_field_data[$field])) + if ( ! isset($this->_field_data[$field], $this->_field_data[$field]['postdata'])) { return $default; } @@ -736,13 +736,9 @@ class CI_Form_validation { */ public function set_select($field = '', $value = '', $default = FALSE) { - if ( ! isset($this->_field_data[$field]) OR ! isset($this->_field_data[$field]['postdata'])) + if ( ! isset($this->_field_data[$field], $this->_field_data[$field]['postdata'])) { - if ($default === TRUE AND count($this->_field_data) === 0) - { - return ' selected="selected"'; - } - return ''; + return ($default === TRUE && count($this->_field_data) === 0) ? ' selected="selected"' : ''; } $field = $this->_field_data[$field]['postdata']; @@ -754,12 +750,9 @@ class CI_Form_validation { return ''; } } - else + elseif (($field == '' OR $value == '') OR ($field != $value)) { - if (($field == '' OR $value == '') OR ($field != $value)) - { - return ''; - } + return ''; } return ' selected="selected"'; @@ -779,13 +772,9 @@ class CI_Form_validation { */ public function set_radio($field = '', $value = '', $default = FALSE) { - if ( ! isset($this->_field_data[$field]) OR ! isset($this->_field_data[$field]['postdata'])) + if ( ! isset($this->_field_data[$field], $this->_field_data[$field]['postdata'])) { - if ($default === TRUE AND count($this->_field_data) === 0) - { - return ' checked="checked"'; - } - return ''; + return ($default === TRUE && count($this->_field_data) === 0) ? ' checked="checked"' : ''; } $field = $this->_field_data[$field]['postdata']; @@ -869,9 +858,7 @@ class CI_Form_validation { return FALSE; } - $field = $_POST[$field]; - - return ($str === $field); + return ($str === $_POST[$field]); } // -------------------------------------------------------------------- @@ -908,7 +895,7 @@ class CI_Form_validation { */ public function min_length($str, $val) { - if (preg_match("/[^0-9]/", $val)) + if (preg_match('/[^0-9]/', $val)) { return FALSE; } @@ -932,7 +919,7 @@ class CI_Form_validation { */ public function max_length($str, $val) { - if (preg_match("/[^0-9]/", $val)) + if (preg_match('/[^0-9]/', $val)) { return FALSE; } @@ -956,7 +943,7 @@ class CI_Form_validation { */ public function exact_length($str, $val) { - if (preg_match("/[^0-9]/", $val)) + if (preg_match('/[^0-9]/', $val)) { return FALSE; } @@ -1170,7 +1157,7 @@ class CI_Form_validation { */ public function is_natural_no_zero($str) { - return ($str != 0 AND preg_match('/^[0-9]+$/', $str)); + return ($str != 0 && preg_match('/^[0-9]+$/', $str)); } // -------------------------------------------------------------------- @@ -1217,7 +1204,7 @@ class CI_Form_validation { return $data; } - return str_replace(array("'", '"', '<', '>'), array("'", """, '<', '>'), stripslashes($data)); + return str_replace(array("'", '"', '<', '>'), array(''', '"', '<', '>'), stripslashes($data)); } // -------------------------------------------------------------------- @@ -1283,7 +1270,6 @@ class CI_Form_validation { } } -// END Form Validation Class /* End of file Form_validation.php */ /* Location: ./system/libraries/Form_validation.php */ diff --git a/system/libraries/Image_lib.php b/system/libraries/Image_lib.php index a226ae8f8..5ea830fb1 100644 --- a/system/libraries/Image_lib.php +++ b/system/libraries/Image_lib.php @@ -25,8 +25,6 @@ * @filesource */ -// ------------------------------------------------------------------------ - /** * Image Manipulation class * @@ -88,12 +86,6 @@ class CI_Image_lib { protected $wm_use_drop_shadow = FALSE; public $wm_use_truetype = FALSE; - /** - * Constructor - * - * @param string - * @return void - */ public function __construct($props = array()) { if (count($props) > 0) @@ -101,7 +93,7 @@ class CI_Image_lib { $this->initialize($props); } - log_message('debug', "Image Lib Class Initialized"); + log_message('debug', 'Image Lib Class Initialized'); } // -------------------------------------------------------------------- @@ -158,9 +150,7 @@ class CI_Image_lib { */ public function initialize($props = array()) { - /* - * Convert array elements into class variables - */ + // Convert array elements into class variables if (count($props) > 0) { foreach ($props as $key => $val) @@ -195,25 +185,18 @@ class CI_Image_lib { } } - /* - * Is there a source image? - * - * If not, there's no reason to continue - * - */ + // Is there a source image? If not, there's no reason to continue if ($this->source_image == '') { $this->set_error('imglib_source_image_required'); return FALSE; } - /* - * Is getimagesize() Available? + /* Is getimagesize() available? * * We use it to determine the image properties (width/height). - * Note: We need to figure out how to determine image + * Note: We need to figure out how to determine image * properties using ImageMagick and NetPBM - * */ if ( ! function_exists('getimagesize')) { @@ -223,17 +206,15 @@ class CI_Image_lib { $this->image_library = strtolower($this->image_library); - /* - * Set the full server path + /* Set the full server path * * The source image may or may not contain a path. * Either way, we'll try use realpath to generate the * full server path in order to more reliably read it. - * */ - if (function_exists('realpath') AND @realpath($this->source_image) !== FALSE) + if (function_exists('realpath') && @realpath($this->source_image) !== FALSE) { - $full_source_path = str_replace("\\", "/", realpath($this->source_image)); + $full_source_path = str_replace('\\', '/', realpath($this->source_image)); } else { @@ -255,64 +236,58 @@ class CI_Image_lib { * * If the user has set a "new_image" name it means * we are making a copy of the source image. If not - * it means we are altering the original. We'll + * it means we are altering the original. We'll * set the destination filename and path accordingly. - * */ if ($this->new_image == '') { $this->dest_image = $this->source_image; $this->dest_folder = $this->source_folder; } + elseif (strpos($this->new_image, '/') === FALSE) + { + $this->dest_folder = $this->source_folder; + $this->dest_image = $this->new_image; + } else { - if (strpos($this->new_image, '/') === FALSE) + if (function_exists('realpath') && @realpath($this->new_image) !== FALSE) { - $this->dest_folder = $this->source_folder; - $this->dest_image = $this->new_image; + $full_dest_path = str_replace('\\', '/', realpath($this->new_image)); } else { - if (function_exists('realpath') AND @realpath($this->new_image) !== FALSE) - { - $full_dest_path = str_replace("\\", "/", realpath($this->new_image)); - } - else - { - $full_dest_path = $this->new_image; - } + $full_dest_path = $this->new_image; + } - // Is there a file name? - if ( ! preg_match("#\.(jpg|jpeg|gif|png)$#i", $full_dest_path)) - { - $this->dest_folder = $full_dest_path.'/'; - $this->dest_image = $this->source_image; - } - else - { - $x = explode('/', $full_dest_path); - $this->dest_image = end($x); - $this->dest_folder = str_replace($this->dest_image, '', $full_dest_path); - } + // Is there a file name? + if ( ! preg_match('#\.(jpg|jpeg|gif|png)$#i', $full_dest_path)) + { + $this->dest_folder = $full_dest_path.'/'; + $this->dest_image = $this->source_image; + } + else + { + $x = explode('/', $full_dest_path); + $this->dest_image = end($x); + $this->dest_folder = str_replace($this->dest_image, '', $full_dest_path); } } - /* - * Compile the finalized filenames/paths + /* Compile the finalized filenames/paths * * We'll create two master strings containing the * full server path to the source image and the * full server path to the destination image. * We'll also split the destination image name * so we can insert the thumbnail marker if needed. - * */ if ($this->create_thumb === FALSE OR $this->thumb_marker == '') { $this->thumb_marker = ''; } - $xp = $this->explode_name($this->dest_image); + $xp = $this->explode_name($this->dest_image); $filename = $xp['name']; $file_ext = $xp['ext']; @@ -320,54 +295,55 @@ class CI_Image_lib { $this->full_src_path = $this->source_folder.$this->source_image; $this->full_dst_path = $this->dest_folder.$filename.$this->thumb_marker.$file_ext; - /* - * Should we maintain image proportions? + /* Should we maintain image proportions? * * When creating thumbs or copies, the target width/height * might not be in correct proportion with the source - * image's width/height. We'll recalculate it here. - * + * image's width/height. We'll recalculate it here. */ - if ($this->maintain_ratio === TRUE && ($this->width != '' AND $this->height != '')) + if ($this->maintain_ratio === TRUE && ($this->width != 0 OR $this->height != 0)) { $this->image_reproportion(); } - /* - * Was a width and height specified? - * - * If the destination width/height was - * not submitted we will use the values - * from the actual file + /* Was a width and height specified? * + * If the destination width/height was not submitted we + * will use the values from the actual file */ if ($this->width == '') + { $this->width = $this->orig_width; + } if ($this->height == '') + { $this->height = $this->orig_height; + } // Set the quality - $this->quality = trim(str_replace("%", "", $this->quality)); + $this->quality = trim(str_replace('%', '', $this->quality)); - if ($this->quality == '' OR $this->quality == 0 OR ! is_numeric($this->quality)) + if ($this->quality == '' OR $this->quality == 0 OR ! preg_match('/^[0-9]+$/', $this->quality)) + { $this->quality = 90; + } // Set the x/y coordinates - $this->x_axis = ($this->x_axis == '' OR ! is_numeric($this->x_axis)) ? 0 : $this->x_axis; - $this->y_axis = ($this->y_axis == '' OR ! is_numeric($this->y_axis)) ? 0 : $this->y_axis; + $this->x_axis = ($this->x_axis == '' OR ! preg_match('/^[0-9]+$/', $this->x_axis)) ? 0 : $this->x_axis; + $this->y_axis = ($this->y_axis == '' OR ! preg_match('/^[0-9]+$/', $this->y_axis)) ? 0 : $this->y_axis; // Watermark-related Stuff... if ($this->wm_overlay_path != '') { - $this->wm_overlay_path = str_replace("\\", "/", realpath($this->wm_overlay_path)); + $this->wm_overlay_path = str_replace('\\', '/', realpath($this->wm_overlay_path)); } if ($this->wm_shadow_color != '') { $this->wm_use_drop_shadow = TRUE; } - elseif ($this->wm_use_drop_shadow == TRUE AND $this->wm_shadow_color == '') + elseif ($this->wm_use_drop_shadow == TRUE && $this->wm_shadow_color == '') { $this->wm_use_drop_shadow = FALSE; } @@ -445,22 +421,16 @@ class CI_Image_lib { $this->height = $this->orig_height; } - // Choose resizing function - if ($this->image_library == 'imagemagick' OR $this->image_library == 'netpbm') + if ($this->image_library === 'imagemagick' OR $this->image_library === 'netpbm') { $protocol = 'image_process_'.$this->image_library; return $this->$protocol('rotate'); } - if ($this->rotation_angle == 'hor' OR $this->rotation_angle == 'vrt') - { - return $this->image_mirror_gd(); - } - else - { - return $this->image_rotate_gd(); - } + return ($this->rotation_angle === 'hor' OR $this->rotation_angle === 'vrt') + ? $this->image_mirror_gd() + : $this->image_rotate_gd(); } // -------------------------------------------------------------------- @@ -479,9 +449,9 @@ class CI_Image_lib { // If the target width/height match the source, AND if the new file name is not equal to the old file name // we'll simply make a copy of the original with the new name... assuming dynamic rendering is off. - if ($this->dynamic_output === FALSE AND $this->orig_width == $this->width AND $this->orig_height == $this->height) + if ($this->dynamic_output === FALSE && $this->orig_width == $this->width && $this->orig_height == $this->height) { - if ($this->source_image != $this->new_image AND @copy($this->full_src_path, $this->full_dst_path)) + if ($this->source_image != $this->new_image && @copy($this->full_src_path, $this->full_dst_path)) { @chmod($this->full_dst_path, FILE_WRITE_MODE); } @@ -492,7 +462,7 @@ class CI_Image_lib { // Let's set up our values based on the action if ($action == 'crop') { - // Reassign the source width/height if cropping + // Reassign the source width/height if cropping $this->orig_width = $this->width; $this->orig_height = $this->height; @@ -516,14 +486,15 @@ class CI_Image_lib { return FALSE; } - // Create The Image - // - // old conditional which users report cause problems with shared GD libs who report themselves as "2.0 or greater" - // it appears that this is no longer the issue that it was in 2004, so we've removed it, retaining it in the comment - // below should that ever prove inaccurate. - // - // if ($this->image_library == 'gd2' AND function_exists('imagecreatetruecolor') AND $v2_override == FALSE) - if ($this->image_library == 'gd2' AND function_exists('imagecreatetruecolor')) + /* Create the image + * + * Old conditional which users report cause problems with shared GD libs who report themselves as "2.0 or greater" + * it appears that this is no longer the issue that it was in 2004, so we've removed it, retaining it in the comment + * below should that ever prove inaccurate. + * + * if ($this->image_library === 'gd2' && function_exists('imagecreatetruecolor') && $v2_override == FALSE) + */ + if ($this->image_library === 'gd2' && function_exists('imagecreatetruecolor')) { $create = 'imagecreatetruecolor'; $copy = 'imagecopyresampled'; @@ -544,21 +515,17 @@ class CI_Image_lib { $copy($dst_img, $src_img, 0, 0, $this->x_axis, $this->y_axis, $this->width, $this->height, $this->orig_width, $this->orig_height); - // Show the image + // Show the image if ($this->dynamic_output == TRUE) { $this->image_display_gd($dst_img); } - else + elseif ( ! $this->image_save_gd($dst_img)) // Or save it { - // Or save it - if ( ! $this->image_save_gd($dst_img)) - { - return FALSE; - } + return FALSE; } - // Kill the file handles + // Kill the file handles imagedestroy($dst_img); imagedestroy($src_img); @@ -587,42 +554,34 @@ class CI_Image_lib { return FALSE; } - if ( ! preg_match("/convert$/i", $this->library_path)) + if ( ! preg_match('/convert$/i', $this->library_path)) { $this->library_path = rtrim($this->library_path, '/').'/convert'; } // Execute the command - $cmd = $this->library_path." -quality ".$this->quality; + $cmd = $this->library_path.' -quality '.$this->quality; if ($action == 'crop') { - $cmd .= " -crop ".$this->width."x".$this->height."+".$this->x_axis."+".$this->y_axis." \"$this->full_src_path\" \"$this->full_dst_path\" 2>&1"; + $cmd .= ' -crop '.$this->width.'x'.$this->height.'+'.$this->x_axis.'+'.$this->y_axis.' "'.$this->full_src_path.'" "'.$this->full_dst_path .'" 2>&1'; } elseif ($action == 'rotate') { - switch ($this->rotation_angle) - { - case 'hor' : $angle = '-flop'; - break; - case 'vrt' : $angle = '-flip'; - break; - default : $angle = '-rotate '.$this->rotation_angle; - break; - } + $angle = ($this->rotation_angle === 'hor' OR $this->rotation_angle === 'vrt') + ? '-flop' : '-rotate '.$this->rotation_angle; - $cmd .= " ".$angle." \"$this->full_src_path\" \"$this->full_dst_path\" 2>&1"; + $cmd .= ' '.$angle.' "'.$this->full_src_path.'" "'.$this->full_dst_path.'" 2>&1'; } - else // Resize + else // Resize { - $cmd .= " -resize ".$this->width."x".$this->height." \"$this->full_src_path\" \"$this->full_dst_path\" 2>&1"; + $cmd .= ' -resize '.$this->width.'x'.$this->height.' "'.$this->full_src_path.'" "'.$this->full_dst_path.'" 2>&1'; } $retval = 1; - @exec($cmd, $output, $retval); - // Did it work? + // Did it work? if ($retval > 0) { $this->set_error('imglib_image_process_failed'); @@ -653,7 +612,7 @@ class CI_Image_lib { return FALSE; } - // Build the resizing command + // Build the resizing command switch ($this->image_type) { case 1 : @@ -700,10 +659,9 @@ class CI_Image_lib { $cmd = $this->library_path.$cmd_in.' '.$this->full_src_path.' | '.$cmd_inner.' | '.$cmd_out.' > '.$this->dest_folder.'netpbm.tmp'; $retval = 1; - @exec($cmd, $output, $retval); - // Did it work? + // Did it work? if ($retval > 0) { $this->set_error('imglib_image_process_failed'); @@ -714,7 +672,7 @@ class CI_Image_lib { // If you try manipulating the original it fails so // we have to rename the temp file. copy ($this->dest_folder.'netpbm.tmp', $this->full_dst_path); - unlink ($this->dest_folder.'netpbm.tmp'); + unlink($this->dest_folder.'netpbm.tmp'); @chmod($this->full_dst_path, FILE_WRITE_MODE); return TRUE; @@ -729,7 +687,7 @@ class CI_Image_lib { */ public function image_rotate_gd() { - // Create the image handle + // Create the image handle if ( ! ($src_img = $this->image_create_gd())) { return FALSE; @@ -742,29 +700,24 @@ class CI_Image_lib { $white = imagecolorallocate($src_img, 255, 255, 255); - // Rotate it! + // Rotate it! $dst_img = imagerotate($src_img, $this->rotation_angle, $white); - // Save the Image + // Show the image if ($this->dynamic_output == TRUE) { $this->image_display_gd($dst_img); } - else + elseif ( ! $this->image_save_gd($dst_img)) // ... or save it { - // Or save it - if ( ! $this->image_save_gd($dst_img)) - { - return FALSE; - } + return FALSE; } - // Kill the file handles + // Kill the file handles imagedestroy($dst_img); imagedestroy($src_img); // Set the file to 777 - @chmod($this->full_dst_path, FILE_WRITE_MODE); return TRUE; @@ -789,7 +742,7 @@ class CI_Image_lib { $width = $this->orig_width; $height = $this->orig_height; - if ($this->rotation_angle == 'hor') + if ($this->rotation_angle === 'hor') { for ($i = 0; $i < $height; $i++, $left = 0, $right = $width-1) { @@ -824,21 +777,17 @@ class CI_Image_lib { } } - // Show the image + // Show the image if ($this->dynamic_output == TRUE) { $this->image_display_gd($src_img); } - else + elseif ( ! $this->image_save_gd($src_img)) // ... or save it { - // Or save it - if ( ! $this->image_save_gd($src_img)) - { - return FALSE; - } + return FALSE; } - // Kill the file handles + // Kill the file handles imagedestroy($src_img); // Set the file to 777 @@ -860,14 +809,7 @@ class CI_Image_lib { */ public function watermark() { - if ($this->wm_type == 'overlay') - { - return $this->overlay_watermark(); - } - else - { - return $this->text_watermark(); - } + return ($this->wm_type === 'overlay') ? $this->overlay_watermark() : $this->text_watermark(); } // -------------------------------------------------------------------- @@ -885,28 +827,28 @@ class CI_Image_lib { return FALSE; } - // Fetch source image properties + // Fetch source image properties $this->get_image_properties(); - // Fetch watermark image properties - $props = $this->get_image_properties($this->wm_overlay_path, TRUE); + // Fetch watermark image properties + $props = $this->get_image_properties($this->wm_overlay_path, TRUE); $wm_img_type = $props['image_type']; - $wm_width = $props['width']; - $wm_height = $props['height']; + $wm_width = $props['width']; + $wm_height = $props['height']; - // Create two image resources + // Create two image resources $wm_img = $this->image_create_gd($this->wm_overlay_path, $wm_img_type); $src_img = $this->image_create_gd($this->full_src_path); // Reverse the offset if necessary // When the image is positioned at the bottom // we don't want the vertical offset to push it - // further down. We want the reverse, so we'll - // invert the offset. Same with the horizontal + // further down. We want the reverse, so we'll + // invert the offset. Same with the horizontal // offset when the image is at the right - $this->wm_vrt_alignment = strtoupper(substr($this->wm_vrt_alignment, 0, 1)); - $this->wm_hor_alignment = strtoupper(substr($this->wm_hor_alignment, 0, 1)); + $this->wm_vrt_alignment = strtoupper($this->wm_vrt_alignment[0]); + $this->wm_hor_alignment = strtoupper($this->wm_hor_alignment[0]); if ($this->wm_vrt_alignment == 'B') $this->wm_vrt_offset = $this->wm_vrt_offset * -1; @@ -914,34 +856,32 @@ class CI_Image_lib { if ($this->wm_hor_alignment == 'R') $this->wm_hor_offset = $this->wm_hor_offset * -1; - // Set the base x and y axis values + // Set the base x and y axis values $x_axis = $this->wm_hor_offset + $this->wm_padding; $y_axis = $this->wm_vrt_offset + $this->wm_padding; - // Set the vertical position - switch ($this->wm_vrt_alignment) + // Set the vertical position + if ($this->wm_vrt_alignment === 'M') { - case 'T': - break; - case 'M': $y_axis += ($this->orig_height / 2) - ($wm_height / 2); - break; - case 'B': $y_axis += $this->orig_height - $wm_height; - break; + $y_axis += ($this->orig_height / 2) - ($wm_height / 2); + } + elseif ($this->wm_vrt_alignment === 'B') + { + $y_axis += $this->orig_height - $wm_height; } - // Set the horizontal position - switch ($this->wm_hor_alignment) + // Set the horizontal position + if ($this->wm_hor_alignment === 'C') { - case 'L': - break; - case 'C': $x_axis += ($this->orig_width / 2) - ($wm_width / 2); - break; - case 'R': $x_axis += $this->orig_width - $wm_width; - break; + $x_axis += ($this->orig_width / 2) - ($wm_width / 2); + } + elseif ($this->wm_hor_alignment === 'R') + { + $x_axis += $this->orig_width - $wm_width; } // Build the finalized image - if ($wm_img_type == 3 AND function_exists('imagealphablending')) + if ($wm_img_type == 3 && function_exists('imagealphablending')) { @imagealphablending($src_img, TRUE); } @@ -963,12 +903,12 @@ class CI_Image_lib { imagecopymerge($src_img, $wm_img, $x_axis, $y_axis, 0, 0, $wm_width, $wm_height, $this->wm_opacity); } - // Output the image + // Output the image if ($this->dynamic_output == TRUE) { $this->image_display_gd($src_img); } - elseif ( ! $this->image_save_gd($src_img)) + elseif ( ! $this->image_save_gd($src_img)) // ... or save it { return FALSE; } @@ -993,20 +933,20 @@ class CI_Image_lib { return FALSE; } - if ($this->wm_use_truetype == TRUE AND ! file_exists($this->wm_font_path)) + if ($this->wm_use_truetype == TRUE && ! file_exists($this->wm_font_path)) { $this->set_error('imglib_missing_font'); return FALSE; } - // Fetch source image properties + // Fetch source image properties $this->get_image_properties(); // Reverse the vertical offset // When the image is positioned at the bottom // we don't want the vertical offset to push it - // further down. We want the reverse, so we'll - // invert the offset. Note: The horizontal + // further down. We want the reverse, so we'll + // invert the offset. Note: The horizontal // offset flips itself automatically if ($this->wm_vrt_alignment == 'B') @@ -1039,49 +979,39 @@ class CI_Image_lib { $x_axis = $this->wm_hor_offset + $this->wm_padding; $y_axis = $this->wm_vrt_offset + $this->wm_padding; - // Set verticle alignment if ($this->wm_use_drop_shadow == FALSE) $this->wm_shadow_distance = 0; $this->wm_vrt_alignment = strtoupper(substr($this->wm_vrt_alignment, 0, 1)); $this->wm_hor_alignment = strtoupper(substr($this->wm_hor_alignment, 0, 1)); - switch ($this->wm_vrt_alignment) + // Set verticle alignment + if ($this->wm_vrt_alignment === 'M') { - case 'T': - break; - case 'M': $y_axis += ($this->orig_height/2)+($fontheight/2); - break; - case 'B': $y_axis += ($this->orig_height - $fontheight - $this->wm_shadow_distance - ($fontheight/2)); - break; + $y_axis += ($this->orig_height / 2) + ($fontheight / 2); + } + elseif ($this->wm_vrt_alignment === 'B') + { + $y_axis += $this->orig_height - $fontheight - $this->wm_shadow_distance - ($fontheight / 2); } $x_shad = $x_axis + $this->wm_shadow_distance; $y_shad = $y_axis + $this->wm_shadow_distance; - // Set horizontal alignment - switch ($this->wm_hor_alignment) - { - case 'L': - break; - case 'R': - if ($this->wm_use_drop_shadow) - { - $x_shad += ($this->orig_width - $fontwidth*strlen($this->wm_text)); - $x_axis += ($this->orig_width - $fontwidth*strlen($this->wm_text)); - } - break; - case 'C': - if ($this->wm_use_drop_shadow) - { - $x_shad += floor(($this->orig_width - $fontwidth*strlen($this->wm_text))/2); - $x_axis += floor(($this->orig_width - $fontwidth*strlen($this->wm_text))/2); - } - break; - } - if ($this->wm_use_drop_shadow) { + // Set horizontal alignment + if ($this->wm_hor_alignment === 'R') + { + $x_shad += $this->orig_width - ($fontwidth * strlen($this->wm_text)); + $x_axis += $this->orig_width - ($fontwidth * strlen($this->wm_text)); + } + elseif ($this->wm_hor_alignment === 'C') + { + $x_shad += floor(($this->orig_width - ($fontwidth * strlen($this->wm_text))) / 2); + $x_axis += floor(($this->orig_width - ($fontwidth * strlen($this->wm_text))) / 2); + } + /* Set RGB values for text and shadow * * First character is #, so we don't really need it. @@ -1093,7 +1023,7 @@ class CI_Image_lib { $drp_color = str_split(substr($this->wm_shadow_color, 1, 6), 2); $drp_color = imagecolorclosest($src_img, hexdec($drp_color[0]), hexdec($drp_color[1]), hexdec($drp_color[2])); - // Add the text to the source image + // Add the text to the source image if ($this->wm_use_truetype) { imagettftext($src_img, $this->wm_font_size, 0, $x_shad, $y_shad, $drp_color, $this->wm_font_path, $this->wm_text); @@ -1106,7 +1036,7 @@ class CI_Image_lib { } } - // Output the final image + // Output the final image if ($this->dynamic_output == TRUE) { $this->image_display_gd($src_img); @@ -1250,8 +1180,8 @@ class CI_Image_lib { */ public function image_display_gd($resource) { - header("Content-Disposition: filename={$this->source_image};"); - header("Content-Type: {$this->mime_type}"); + header('Content-Disposition: filename='.$this->source_image.';'); + header('Content-Type: '.$this->mime_type); header('Content-Transfer-Encoding: binary'); header('Last-Modified: '.gmdate('D, d M Y H:i:s', time()).' GMT'); @@ -1284,33 +1214,43 @@ class CI_Image_lib { */ public function image_reproportion() { - if ( ! is_numeric($this->width) OR ! is_numeric($this->height) OR $this->width == 0 OR $this->height == 0) - return; - - if ( ! is_numeric($this->orig_width) OR ! is_numeric($this->orig_height) OR $this->orig_width == 0 OR $this->orig_height == 0) - return; - - $new_width = ceil($this->orig_width*$this->height/$this->orig_height); - $new_height = ceil($this->width*$this->orig_height/$this->orig_width); - - $ratio = (($this->orig_height/$this->orig_width) - ($this->height/$this->width)); - - if ($this->master_dim != 'width' AND $this->master_dim != 'height') + if (($this->width == 0 && $this->height == 0) OR $this->orig_width == 0 OR $this->orig_height == 0 + OR ( ! preg_match('/^[0-9]+$/', $this->width) && ! preg_match('/^[0-9]+$/', $this->height)) + OR ! preg_match('/^[0-9]+$/', $this->orig_width) OR ! preg_match('/^[0-9]+$/', $this->orig_height)) { - $this->master_dim = ($ratio < 0) ? 'width' : 'height'; + return; } - if (($this->width != $new_width) AND ($this->height != $new_height)) + // Sanitize so we don't call preg_match() anymore + $this->width = (int) $this->width; + $this->height = (int) $this->height; + + if ($this->master_dim !== 'width' && $this->master_dim !== 'height') { - if ($this->master_dim == 'height') + if ($this->width > 0 && $this->height > 0) { - $this->width = $new_width; + $this->master_dim = ((($this->orig_height/$this->orig_width) - ($this->height/$this->width)) < 0) + ? 'width' : 'height'; } else { - $this->height = $new_height; + $this->master_dim = ($this->height === 0) ? 'width' : 'height'; } } + elseif (($this->master_dim === 'width' && $this->width === 0) + OR ($this->master_dim === 'height' && $this->height === 0)) + { + return; + } + + if ($this->master_dim === 'width') + { + $this->height = (int) ceil($this->width*$this->orig_height/$this->orig_width); + } + else + { + $this->width = (int) ceil($this->orig_width*$this->height/$this->orig_height); + } } // -------------------------------------------------------------------- @@ -1329,7 +1269,9 @@ class CI_Image_lib { // find a way to determine this using IM or NetPBM if ($path == '') + { $path = $this->full_src_path; + } if ( ! file_exists($path)) { @@ -1367,15 +1309,15 @@ class CI_Image_lib { * Size calculator * * This function takes a known width x height and - * recalculates it to a new size. Only one + * recalculates it to a new size. Only one * new variable needs to be known * * $props = array( - * 'width' => $width, - * 'height' => $height, - * 'new_width' => 40, - * 'new_height' => '' - * ); + * 'width' => $width, + * 'height' => $height, + * 'new_width' => 40, + * 'new_height' => '' + * ); * * @param array * @return array @@ -1419,7 +1361,7 @@ class CI_Image_lib { * * This is a helper function that extracts the extension * from the source_image. This function lets us deal with - * source_images with multiple periods, like: my.cool.jpg + * source_images with multiple periods, like: my.cool.jpg * It returns an associative array with two elements: * $array['ext'] = '.jpg'; * $array['name'] = 'my.cool'; @@ -1449,7 +1391,7 @@ class CI_Image_lib { /* As it is stated in the PHP manual, dl() is not always available * and even if so - it could generate an E_WARNING message on failure */ - return (function_exists('dl') AND @dl('gd.so')); + return (function_exists('dl') && @dl('gd.so')); } return TRUE; @@ -1467,9 +1409,7 @@ class CI_Image_lib { if (function_exists('gd_info')) { $gd_version = @gd_info(); - $gd_version = preg_replace("/\D/", "", $gd_version['GD Version']); - - return $gd_version; + return preg_replace('/\D/', '', $gd_version['GD Version']); } return FALSE; @@ -1516,11 +1456,10 @@ class CI_Image_lib { */ public function display_errors($open = '<p>', $close = '</p>') { - return (count($this->error_msg) > 0) ? $open . implode($close . $open, $this->error_msg) . $close : ''; + return (count($this->error_msg) > 0) ? $open.implode($close.$open, $this->error_msg).$close : ''; } } -// END Image_lib Class /* End of file Image_lib.php */ /* Location: ./system/libraries/Image_lib.php */ diff --git a/system/libraries/Session.php b/system/libraries/Session.php index 04103a4d9..66b39a6a2 100644 --- a/system/libraries/Session.php +++ b/system/libraries/Session.php @@ -25,8 +25,6 @@ * @filesource */ -// ------------------------------------------------------------------------ - /** * Session Class * @@ -67,7 +65,7 @@ class CI_Session { */ public function __construct($params = array()) { - log_message('debug', "Session Class Initialized"); + log_message('debug', 'Session Class Initialized'); // Set the super object to a local variable for use throughout the class $this->CI =& get_instance(); @@ -93,14 +91,14 @@ class CI_Session { $this->CI->load->library('encrypt'); } - // Are we using a database? If so, load it - if ($this->sess_use_database === TRUE AND $this->sess_table_name != '') + // Are we using a database? If so, load it + if ($this->sess_use_database === TRUE && $this->sess_table_name != '') { $this->CI->load->database(); } - // Set the "now" time. Can either be GMT or server time, based on the - // config prefs. We use this to set the "last activity" time + // Set the "now" time. Can either be GMT or server time, based on the + // config prefs. We use this to set the "last activity" time $this->now = $this->_get_time(); // Set the session length. If the session expiration is @@ -114,7 +112,7 @@ class CI_Session { $this->sess_cookie_name = $this->cookie_prefix.$this->sess_cookie_name; // Run the Session routine. If a session doesn't exist we'll - // create a new one. If it does, we'll update it. + // create a new one. If it does, we'll update it. if ( ! $this->sess_read()) { $this->sess_create(); @@ -133,7 +131,7 @@ class CI_Session { // Delete expired sessions if necessary $this->_sess_gc(); - log_message('debug', "Session routines successfully run"); + log_message('debug', 'Session routines successfully run'); } // -------------------------------------------------------------------- @@ -166,7 +164,7 @@ class CI_Session { $hash = substr($session, strlen($session)-32); // get last 32 chars $session = substr($session, 0, strlen($session)-32); - // Does the md5 hash match? This is to prevent manipulation of session data in userspace + // Does the md5 hash match? This is to prevent manipulation of session data in userspace if ($hash !== md5($session.$this->encryption_key)) { log_message('error', 'The session cookie data did not match what was expected. This could be a possible hacking attempt.'); @@ -179,7 +177,7 @@ class CI_Session { $session = $this->_unserialize($session); // Is the session data we unserialized an array with the correct format? - if ( ! is_array($session) OR ! isset($session['session_id']) OR ! isset($session['ip_address']) OR ! isset($session['user_agent']) OR ! isset($session['last_activity'])) + if ( ! is_array($session) OR ! isset($session['session_id'], $session['ip_address'], $session['user_agent'], $session['last_activity'])) { $this->sess_destroy(); return FALSE; @@ -192,15 +190,15 @@ class CI_Session { return FALSE; } - // Does the IP Match? - if ($this->sess_match_ip == TRUE AND $session['ip_address'] !== $this->CI->input->ip_address()) + // Does the IP match? + if ($this->sess_match_ip == TRUE && $session['ip_address'] !== $this->CI->input->ip_address()) { $this->sess_destroy(); return FALSE; } // Does the User Agent Match? - if ($this->sess_match_useragent == TRUE AND trim($session['user_agent']) !== trim(substr($this->CI->input->user_agent(), 0, 120))) + if ($this->sess_match_useragent == TRUE && trim($session['user_agent']) !== trim(substr($this->CI->input->user_agent(), 0, 120))) { $this->sess_destroy(); return FALSE; @@ -223,7 +221,7 @@ class CI_Session { $query = $this->CI->db->get($this->sess_table_name); - // No result? Kill it! + // No result? Kill it! if ($query->num_rows() === 0) { $this->sess_destroy(); @@ -232,7 +230,7 @@ class CI_Session { // Is there custom data? If so, add it to the main session array $row = $query->row(); - if (isset($row->user_data) AND $row->user_data != '') + if (isset($row->user_data) && $row->user_data != '') { $custom_data = $this->_unserialize($row->user_data); @@ -282,7 +280,7 @@ class CI_Session { $cookie_userdata[$val] = $this->userdata[$val]; } - // Did we find any custom data? If not, we turn the empty array into a string + // Did we find any custom data? If not, we turn the empty array into a string // since there's no reason to serialize and store an empty array in the DB if (count($custom_userdata) === 0) { @@ -298,7 +296,7 @@ class CI_Session { $this->CI->db->where('session_id', $this->userdata['session_id']); $this->CI->db->update($this->sess_table_name, array('last_activity' => $this->userdata['last_activity'], 'user_data' => $custom_userdata)); - // Write the cookie. Notice that we manually pass the cookie data array to the + // Write the cookie. Notice that we manually pass the cookie data array to the // _set_cookie() function. Normally that function will store $this->userdata, but // in this case that array contains custom data, which we do not want in the cookie. $this->_set_cookie($cookie_userdata); @@ -324,13 +322,12 @@ class CI_Session { $sessid .= $this->CI->input->ip_address(); $this->userdata = array( - 'session_id' => md5(uniqid($sessid, TRUE)), - 'ip_address' => $this->CI->input->ip_address(), - 'user_agent' => substr($this->CI->input->user_agent(), 0, 120), - 'last_activity' => $this->now, - 'user_data' => '' - ); - + 'session_id' => md5(uniqid($sessid, TRUE)), + 'ip_address' => $this->CI->input->ip_address(), + 'user_agent' => substr($this->CI->input->user_agent(), 0, 120), + 'last_activity' => $this->now, + 'user_data' => '' + ); // Save the data to the DB if needed if ($this->sess_use_database === TRUE) @@ -357,6 +354,35 @@ class CI_Session { return; } + // _set_cookie() will handle this for us if we aren't using database sessions + // by pushing all userdata to the cookie. + $cookie_data = NULL; + + /* Changing the session ID during an AJAX call causes problems, + * so we'll only update our last_activity + */ + if ($this->CI->input->is_ajax_request()) + { + $this->userdata['last_activity'] = $this->now; + + // Update the session ID and last_activity field in the DB if needed + if ($this->sess_use_database === TRUE) + { + // set cookie explicitly to only have our session data + $cookie_data = array(); + foreach (array('session_id','ip_address','user_agent','last_activity') as $val) + { + $cookie_data[$val] = $this->userdata[$val]; + } + + $this->CI->db->query($this->CI->db->update_string($this->sess_table_name, + array('last_activity' => $this->userdata['last_activity']), + array('session_id' => $this->userdata['session_id']))); + } + + return $this->_set_cookie($cookie_data); + } + // Save the old session id so we know which record to // update in the database if we need it $old_sessid = $this->userdata['session_id']; @@ -374,10 +400,6 @@ class CI_Session { $this->userdata['session_id'] = $new_sessid = md5(uniqid($new_sessid, TRUE)); $this->userdata['last_activity'] = $this->now; - // _set_cookie() will handle this for us if we aren't using database sessions - // by pushing all userdata to the cookie. - $cookie_data = NULL; - // Update the session ID and last_activity field in the DB if needed if ($this->sess_use_database === TRUE) { @@ -405,7 +427,7 @@ class CI_Session { public function sess_destroy() { // Kill the session DB row - if ($this->sess_use_database === TRUE AND isset($this->userdata['session_id'])) + if ($this->sess_use_database === TRUE && isset($this->userdata['session_id'])) { $this->CI->db->where('session_id', $this->userdata['session_id']); $this->CI->db->delete($this->sess_table_name); @@ -413,13 +435,13 @@ class CI_Session { // Kill the cookie setcookie( - $this->sess_cookie_name, - addslashes(serialize(array())), - ($this->now - 31500000), - $this->cookie_path, - $this->cookie_domain, - 0 - ); + $this->sess_cookie_name, + addslashes(serialize(array())), + ($this->now - 31500000), + $this->cookie_path, + $this->cookie_domain, + 0 + ); } // -------------------------------------------------------------------- @@ -535,7 +557,7 @@ class CI_Session { */ public function keep_flashdata($key) { - // 'old' flashdata gets removed. Here we mark all + // 'old' flashdata gets removed. Here we mark all // flashdata as 'new' to preserve it from _flashdata_sweep() // Note the function will return FALSE if the $key // provided cannot be found @@ -586,7 +608,6 @@ class CI_Session { * * @return void */ - protected function _flashdata_sweep() { $userdata = $this->all_userdata(); @@ -609,13 +630,9 @@ class CI_Session { */ protected function _get_time() { - if (strtolower($this->time_reference) === 'gmt') - { - $now = time(); - return mktime(gmdate('H', $now), gmdate('i', $now), gmdate('s', $now), gmdate('m', $now), gmdate('d', $now), gmdate('Y', $now)); - } - - return time(); + return (strtolower($this->time_reference) === 'gmt') + ? mktime(gmdate('H'), gmdate('i'), gmdate('s'), gmdate('m'), gmdate('d'), gmdate('Y')) + : time(); } // -------------------------------------------------------------------- @@ -649,13 +666,13 @@ class CI_Session { // Set the cookie setcookie( - $this->sess_cookie_name, - $cookie_data, - $expire, - $this->cookie_path, - $this->cookie_domain, - $this->cookie_secure - ); + $this->sess_cookie_name, + $cookie_data, + $expire, + $this->cookie_path, + $this->cookie_domain, + $this->cookie_secure + ); } // -------------------------------------------------------------------- @@ -687,8 +704,11 @@ class CI_Session { * * This function converts any slashes found into a temporary marker * + * @param string + * @param string + * @return void */ - function _escape_slashes(&$val, $key) + protected function _escape_slashes(&$val, $key) { if (is_string($val)) { @@ -725,6 +745,9 @@ class CI_Session { * * This function converts any slash markers back into actual slashes * + * @param string + * @param string + * @return void */ protected function _unescape_slashes(&$val, $key) { @@ -763,9 +786,7 @@ class CI_Session { } } - } -// END Session Class /* End of file Session.php */ /* Location: ./system/libraries/Session.php */ |