diff options
author | Andrey Andreev <narf@bofh.bg> | 2012-02-29 13:39:42 +0100 |
---|---|---|
committer | Andrey Andreev <narf@bofh.bg> | 2012-02-29 13:39:42 +0100 |
commit | 386c089ea519643b6e4b73508d571206a5a8c152 (patch) | |
tree | b3930906771ef04f895708266a67e7dd94ed9024 /system | |
parent | 2fc37142e068e91cf39aaf1686eb77bcdd5e25a4 (diff) | |
parent | 002b4be248e448227a718e6f7d9ee39ccc575745 (diff) |
Merge remote-tracking branch 'upstream/develop' into develop-db-postgre
Diffstat (limited to 'system')
-rw-r--r-- | system/core/Common.php | 31 | ||||
-rw-r--r-- | system/database/DB_driver.php | 18 | ||||
-rw-r--r-- | system/helpers/inflector_helper.php | 152 | ||||
-rw-r--r-- | system/libraries/Form_validation.php | 42 | ||||
-rw-r--r-- | system/libraries/Image_lib.php | 2 | ||||
-rw-r--r-- | system/libraries/Upload.php | 103 |
6 files changed, 221 insertions, 127 deletions
diff --git a/system/core/Common.php b/system/core/Common.php index 225227d17..491979350 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -56,7 +56,7 @@ if ( ! function_exists('is_php')) function is_php($version = '5.0.0') { static $_is_php; - $version = (string)$version; + $version = (string) $version; if ( ! isset($_is_php[$version])) { @@ -84,7 +84,7 @@ if ( ! function_exists('is_really_writable')) function is_really_writable($file) { // If we're on a Unix server with safe_mode off we call is_writable - if (DIRECTORY_SEPARATOR === '/' AND @ini_get('safe_mode') == FALSE) + if (DIRECTORY_SEPARATOR === '/' && (bool) @ini_get('safe_mode') === FALSE) { return is_writable($file); } @@ -120,7 +120,7 @@ if ( ! function_exists('is_really_writable')) /** * Class registry * -* This function acts as a singleton. If the requested class does not +* This function acts as a singleton. If the requested class does not * exist it is instantiated and set to a static variable. If it has * previously been instantiated the variable is returned. * @@ -192,7 +192,7 @@ if ( ! function_exists('load_class')) // -------------------------------------------------------------------- /** -* Keeps track of which libraries have been loaded. This function is +* Keeps track of which libraries have been loaded. This function is * called by the load_class() function above * * @access public @@ -437,7 +437,7 @@ if ( ! function_exists('set_status_header')) show_error('Status codes must be numeric', 500); } - if (isset($stati[$code]) AND $text == '') + if (isset($stati[$code]) && $text == '') { $text = $stati[$code]; } @@ -447,19 +447,19 @@ if ( ! function_exists('set_status_header')) show_error('No status text available. Please check your status code number or supply your own message text.', 500); } - $server_protocol = (isset($_SERVER['SERVER_PROTOCOL'])) ? $_SERVER['SERVER_PROTOCOL'] : FALSE; + $server_protocol = isset($_SERVER['SERVER_PROTOCOL']) ? $_SERVER['SERVER_PROTOCOL'] : FALSE; if (strpos(php_sapi_name(), 'cgi') === 0) { - header("Status: {$code} {$text}", TRUE); + header('Status: '.$code.' '.$text, TRUE); } - elseif ($server_protocol == 'HTTP/1.1' OR $server_protocol == 'HTTP/1.0') + elseif ($server_protocol === 'HTTP/1.0') { - header($server_protocol." {$code} {$text}", TRUE, $code); + header('HTTP/1.0 '.$code.' '.$text, TRUE, $code); } else { - header("HTTP/1.1 {$code} {$text}", TRUE, $code); + header('HTTP/1.1 '.$code.' '.$text, TRUE, $code); } } } @@ -564,14 +564,9 @@ if ( ! function_exists('html_escape')) { function html_escape($var) { - if (is_array($var)) - { - return array_map('html_escape', $var); - } - else - { - return htmlspecialchars($var, ENT_QUOTES, config_item('charset')); - } + return is_array($var) + ? array_map('html_escape', $var) + : htmlspecialchars($var, ENT_QUOTES, config_item('charset')); } } diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php index 271a70ec4..6352c731e 100644 --- a/system/database/DB_driver.php +++ b/system/database/DB_driver.php @@ -1424,7 +1424,23 @@ class CI_DB_driver { return $item.$alias; } + + // -------------------------------------------------------------------- + + /** + * Dummy method that allows Active Record class to be disabled + * + * This function is used extensively by every db driver. + * + * @access private + * @return void + */ + protected function _reset_select() + { + + } + } /* End of file DB_driver.php */ -/* Location: ./system/database/DB_driver.php */ +/* Location: ./system/database/DB_driver.php */
\ No newline at end of file diff --git a/system/helpers/inflector_helper.php b/system/helpers/inflector_helper.php index 2069a1927..02c425b8a 100644 --- a/system/helpers/inflector_helper.php +++ b/system/helpers/inflector_helper.php @@ -34,7 +34,7 @@ * @subpackage Helpers * @category Helpers * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/helpers/directory_helper.html + * @link http://codeigniter.com/user_guide/helpers/inflector_helper.html */ @@ -45,7 +45,6 @@ * * Takes a plural word and makes it singular * - * @access public * @param string * @return str */ @@ -55,37 +54,51 @@ if ( ! function_exists('singular')) { $result = strval($str); + if ( ! is_countable($result)) + { + return $result; + } + $singular_rules = array( - '/(matr)ices$/' => '\1ix', - '/(vert|ind)ices$/' => '\1ex', - '/^(ox)en/' => '\1', - '/(alias)es$/' => '\1', - '/([octop|vir])i$/' => '\1us', - '/(cris|ax|test)es$/' => '\1is', - '/(shoe)s$/' => '\1', - '/(o)es$/' => '\1', - '/(bus|campus)es$/' => '\1', - '/([m|l])ice$/' => '\1ouse', - '/(x|ch|ss|sh)es$/' => '\1', - '/(m)ovies$/' => '\1\2ovie', - '/(s)eries$/' => '\1\2eries', - '/([^aeiouy]|qu)ies$/' => '\1y', - '/([lr])ves$/' => '\1f', - '/(tive)s$/' => '\1', - '/(hive)s$/' => '\1', - '/([^f])ves$/' => '\1fe', - '/(^analy)ses$/' => '\1sis', + '/(matr)ices$/' => '\1ix', + '/(vert|ind)ices$/' => '\1ex', + '/^(ox)en/' => '\1', + '/(alias)es$/' => '\1', + '/([octop|vir])i$/' => '\1us', + '/(cris|ax|test)es$/' => '\1is', + '/(shoe)s$/' => '\1', + '/(o)es$/' => '\1', + '/(bus|campus)es$/' => '\1', + '/([m|l])ice$/' => '\1ouse', + '/(x|ch|ss|sh)es$/' => '\1', + '/(m)ovies$/' => '\1\2ovie', + '/(s)eries$/' => '\1\2eries', + '/([^aeiouy]|qu)ies$/' => '\1y', + '/([lr])ves$/' => '\1f', + '/(tive)s$/' => '\1', + '/(hive)s$/' => '\1', + '/([^f])ves$/' => '\1fe', + '/(^analy)ses$/' => '\1sis', '/((a)naly|(b)a|(d)iagno|(p)arenthe|(p)rogno|(s)ynop|(t)he)ses$/' => '\1\2sis', - '/([ti])a$/' => '\1um', - '/(p)eople$/' => '\1\2erson', - '/(m)en$/' => '\1an', - '/(s)tatuses$/' => '\1\2tatus', - '/(c)hildren$/' => '\1\2hild', - '/(n)ews$/' => '\1\2ews', - '/([^u])s$/' => '\1', + '/([ti])a$/' => '\1um', + '/(p)eople$/' => '\1\2erson', + '/(m)en$/' => '\1an', + '/(s)tatuses$/' => '\1\2tatus', + '/(c)hildren$/' => '\1\2hild', + '/(n)ews$/' => '\1\2ews', + '/([^us])s$/' => '\1', ); - return preg_replace(array_keys($singular_rules), $singular_rules, $result); + foreach ($singular_rules as $rule => $replacement) + { + if (preg_match($rule, $result)) + { + $result = preg_replace($rule, $replacement, $result); + break; + } + } + + return $result; } } @@ -96,7 +109,6 @@ if ( ! function_exists('singular')) * * Takes a singular word and makes it plural * - * @access public * @param string * @param bool * @return str @@ -104,32 +116,46 @@ if ( ! function_exists('singular')) if ( ! function_exists('plural')) { function plural($str, $force = FALSE) - { + { $result = strval($str); + if ( ! is_countable($result)) + { + return $result; + } + $plural_rules = array( - '/^(ox)$/' => '\1\2en', // ox - '/([m|l])ouse$/' => '\1ice', // mouse, louse - '/(matr|vert|ind)ix|ex$/' => '\1ices', // matrix, vertex, index - '/(x|ch|ss|sh)$/' => '\1es', // search, switch, fix, box, process, address - '/([^aeiouy]|qu)y$/' => '\1ies', // query, ability, agency - '/(hive)$/' => '\1s', // archive, hive - '/(?:([^f])fe|([lr])f)$/' => '\1\2ves', // half, safe, wife - '/sis$/' => 'ses', // basis, diagnosis - '/([ti])um$/' => '\1a', // datum, medium - '/(p)erson$/' => '\1eople', // person, salesperson - '/(m)an$/' => '\1en', // man, woman, spokesman - '/(c)hild$/' => '\1hildren', // child - '/(buffal|tomat)o$/' => '\1\2oes', // buffalo, tomato - '/(bu|campu)s$/' => '\1\2ses', // bus, campus - '/(alias|status|virus)/' => '\1es', // alias - '/(octop)us$/' => '\1i', // octopus - '/(ax|cris|test)is$/' => '\1es', // axis, crisis - '/s$/' => 's', // no change (compatibility) - '/$/' => 's', + '/^(ox)$/' => '\1\2en', // ox + '/([m|l])ouse$/' => '\1ice', // mouse, louse + '/(matr|vert|ind)ix|ex$/' => '\1ices', // matrix, vertex, index + '/(x|ch|ss|sh)$/' => '\1es', // search, switch, fix, box, process, address + '/([^aeiouy]|qu)y$/' => '\1ies', // query, ability, agency + '/(hive)$/' => '\1s', // archive, hive + '/(?:([^f])fe|([lr])f)$/' => '\1\2ves', // half, safe, wife + '/sis$/' => 'ses', // basis, diagnosis + '/([ti])um$/' => '\1a', // datum, medium + '/(p)erson$/' => '\1eople', // person, salesperson + '/(m)an$/' => '\1en', // man, woman, spokesman + '/(c)hild$/' => '\1hildren', // child + '/(buffal|tomat)o$/' => '\1\2oes', // buffalo, tomato + '/(bu|campu)s$/' => '\1\2ses', // bus, campus + '/(alias|status|virus)$/' => '\1es', // alias + '/(octop)us$/' => '\1i', // octopus + '/(ax|cris|test)is$/' => '\1es', // axis, crisis + '/s$/' => 's', // no change (compatibility) + '/$/' => 's', ); - - return preg_replace(array_keys($plural_rules), $plural_rules, $result); + + foreach ($plural_rules as $rule => $replacement) + { + if (preg_match($rule, $result)) + { + $result = preg_replace($rule, $replacement, $result); + break; + } + } + + return $result; } } @@ -140,7 +166,6 @@ if ( ! function_exists('plural')) * * Takes multiple words separated by spaces or underscores and camelizes them * - * @access public * @param string * @return str */ @@ -159,7 +184,6 @@ if ( ! function_exists('camelize')) * * Takes multiple words separated by spaces and underscores them * - * @access public * @param string * @return str */ @@ -178,7 +202,6 @@ if ( ! function_exists('underscore')) * * Takes multiple words separated by the separator and changes them to spaces * - * @access public * @param string $str * @param string $separator * @return str @@ -191,5 +214,22 @@ if ( ! function_exists('humanize')) } } +/** + * Checks if the given word has a plural version. + * + * @param string the word to check + * @return bool if the word is countable + */ +if ( ! function_exists('is_countable')) +{ + function is_countable($word) + { + return ! (in_array(strtolower(strval($word)), array( + 'equipment', 'information', 'rice', 'money', + 'species', 'series', 'fish', 'meta' + ))); + } +} + /* End of file inflector_helper.php */ -/* Location: ./system/helpers/inflector_helper.php */ +/* Location: ./system/helpers/inflector_helper.php */
\ No newline at end of file diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php index 0a6a2af0d..2ee734ae6 100644 --- a/system/libraries/Form_validation.php +++ b/system/libraries/Form_validation.php @@ -703,11 +703,11 @@ class CI_Form_validation { * * @param string the field name * @param string - * @return void + * @return string */ public function set_value($field = '', $default = '') { - if ( ! isset($this->_field_data[$field])) + if ( ! isset($this->_field_data[$field], $this->_field_data[$field]['postdata'])) { return $default; } @@ -736,13 +736,9 @@ class CI_Form_validation { */ public function set_select($field = '', $value = '', $default = FALSE) { - if ( ! isset($this->_field_data[$field]) OR ! isset($this->_field_data[$field]['postdata'])) + if ( ! isset($this->_field_data[$field], $this->_field_data[$field]['postdata'])) { - if ($default === TRUE AND count($this->_field_data) === 0) - { - return ' selected="selected"'; - } - return ''; + return ($default === TRUE && count($this->_field_data) === 0) ? ' selected="selected"' : ''; } $field = $this->_field_data[$field]['postdata']; @@ -754,12 +750,9 @@ class CI_Form_validation { return ''; } } - else + elseif (($field == '' OR $value == '') OR ($field != $value)) { - if (($field == '' OR $value == '') OR ($field != $value)) - { - return ''; - } + return ''; } return ' selected="selected"'; @@ -779,13 +772,9 @@ class CI_Form_validation { */ public function set_radio($field = '', $value = '', $default = FALSE) { - if ( ! isset($this->_field_data[$field]) OR ! isset($this->_field_data[$field]['postdata'])) + if ( ! isset($this->_field_data[$field], $this->_field_data[$field]['postdata'])) { - if ($default === TRUE AND count($this->_field_data) === 0) - { - return ' checked="checked"'; - } - return ''; + return ($default === TRUE && count($this->_field_data) === 0) ? ' checked="checked"' : ''; } $field = $this->_field_data[$field]['postdata']; @@ -869,9 +858,7 @@ class CI_Form_validation { return FALSE; } - $field = $_POST[$field]; - - return ($str === $field); + return ($str === $_POST[$field]); } // -------------------------------------------------------------------- @@ -908,7 +895,7 @@ class CI_Form_validation { */ public function min_length($str, $val) { - if (preg_match("/[^0-9]/", $val)) + if (preg_match('/[^0-9]/', $val)) { return FALSE; } @@ -932,7 +919,7 @@ class CI_Form_validation { */ public function max_length($str, $val) { - if (preg_match("/[^0-9]/", $val)) + if (preg_match('/[^0-9]/', $val)) { return FALSE; } @@ -956,7 +943,7 @@ class CI_Form_validation { */ public function exact_length($str, $val) { - if (preg_match("/[^0-9]/", $val)) + if (preg_match('/[^0-9]/', $val)) { return FALSE; } @@ -1170,7 +1157,7 @@ class CI_Form_validation { */ public function is_natural_no_zero($str) { - return ($str != 0 AND preg_match('/^[0-9]+$/', $str)); + return ($str != 0 && preg_match('/^[0-9]+$/', $str)); } // -------------------------------------------------------------------- @@ -1217,7 +1204,7 @@ class CI_Form_validation { return $data; } - return str_replace(array("'", '"', '<', '>'), array("'", """, '<', '>'), stripslashes($data)); + return str_replace(array("'", '"', '<', '>'), array(''', '"', '<', '>'), stripslashes($data)); } // -------------------------------------------------------------------- @@ -1283,7 +1270,6 @@ class CI_Form_validation { } } -// END Form Validation Class /* End of file Form_validation.php */ /* Location: ./system/libraries/Form_validation.php */ diff --git a/system/libraries/Image_lib.php b/system/libraries/Image_lib.php index 5ea830fb1..9826eabdd 100644 --- a/system/libraries/Image_lib.php +++ b/system/libraries/Image_lib.php @@ -251,7 +251,7 @@ class CI_Image_lib { } else { - if (function_exists('realpath') && @realpath($this->new_image) !== FALSE) + if (strpos($this->new_image, '/') === FALSE AND strpos($this->new_image, '\\') === FALSE) { $full_dest_path = str_replace('\\', '/', realpath($this->new_image)); } diff --git a/system/libraries/Upload.php b/system/libraries/Upload.php index 0c63886e7..82383f658 100644 --- a/system/libraries/Upload.php +++ b/system/libraries/Upload.php @@ -1026,47 +1026,104 @@ class CI_Upload { */ protected function _file_mime_type($file) { - // Use if the Fileinfo extension, if available (only versions above 5.3 support the FILEINFO_MIME_TYPE flag) - if ( (float) substr(phpversion(), 0, 3) >= 5.3 && function_exists('finfo_file')) + // We'll need this to validate the MIME info string (e.g. text/plain; charset=us-ascii) + $regexp = '/^([a-z\-]+\/[a-z0-9\-\.\+]+)(;\s.+)?$/'; + + /* Fileinfo extension - most reliable method + * + * Unfortunately, prior to PHP 5.3 - it's only available as a PECL extension and the + * more convenient FILEINFO_MIME_TYPE flag doesn't exist. + */ + if (function_exists('finfo_file')) { - $finfo = new finfo(FILEINFO_MIME_TYPE); - if ($finfo !== FALSE) // This is possible, if there is no magic MIME database file found on the system + $finfo = finfo_open(FILEINFO_MIME); + if (is_resource($finfo)) // It is possible that a FALSE value is returned, if there is no magic MIME database file found on the system { - $file_type = $finfo->file($file['tmp_name']); + $mime = @finfo_file($finfo, $file['tmp_name']); + finfo_close($finfo); /* According to the comments section of the PHP manual page, * it is possible that this function returns an empty string * for some files (e.g. if they don't exist in the magic MIME database) */ - if (strlen($file_type) > 1) + if (is_string($mime) && preg_match($regexp, $mime, $matches)) { - $this->file_type = $file_type; + $this->file_type = $matches[1]; return; } } } - // Fall back to the deprecated mime_content_type(), if available - if (function_exists('mime_content_type')) - { - $this->file_type = @mime_content_type($file['tmp_name']); - return; - } - - /* This is an ugly hack, but UNIX-type systems provide a native way to detect the file type, - * which is still more secure than depending on the value of $_FILES[$field]['type']. + /* This is an ugly hack, but UNIX-type systems provide a "native" way to detect the file type, + * which is still more secure than depending on the value of $_FILES[$field]['type'], and as it + * was reported in issue #750 (https://github.com/EllisLab/CodeIgniter/issues/750) - it's better + * than mime_content_type() as well, hence the attempts to try calling the command line with + * three different functions. * * Notes: - * - a 'W' in the substr() expression bellow, would mean that we're using Windows - * - many system admins would disable the exec() function due to security concerns, hence the function_exists() check + * - the DIRECTORY_SEPARATOR comparison ensures that we're not on a Windows system + * - many system admins would disable the exec(), shell_exec(), popen() and similar functions + * due to security concerns, hence the function_exists() checks */ - if (DIRECTORY_SEPARATOR !== '\\' && function_exists('exec')) + if (DIRECTORY_SEPARATOR !== '\\') { - $output = array(); - @exec('file --brief --mime-type ' . escapeshellarg($file['tmp_path']), $output, $return_code); - if ($return_code === 0 && strlen($output[0]) > 0) // A return status code != 0 would mean failed execution + $cmd = 'file --brief --mime ' . escapeshellarg($file['tmp_name']) . ' 2>&1'; + + if (function_exists('exec')) + { + /* This might look confusing, as $mime is being populated with all of the output when set in the second parameter. + * However, we only neeed the last line, which is the actual return value of exec(), and as such - it overwrites + * anything that could already be set for $mime previously. This effectively makes the second parameter a dummy + * value, which is only put to allow us to get the return status code. + */ + $mime = @exec($cmd, $mime, $return_status); + if ($return_status === 0 && is_string($mime) && preg_match($regexp, $mime, $matches)) + { + $this->file_type = $matches[1]; + return; + } + } + + if ( (bool) @ini_get('safe_mode') === FALSE && function_exists('shell_exec')) + { + $mime = @shell_exec($cmd); + if (strlen($mime) > 0) + { + $mime = explode("\n", trim($mime)); + if (preg_match($regexp, $mime[(count($mime) - 1)], $matches)) + { + $this->file_type = $matches[1]; + return; + } + } + } + + if (function_exists('popen')) + { + $proc = @popen($cmd, 'r'); + if (is_resource($proc)) + { + $mime = @fread($test, 512); + @pclose($proc); + if ($mime !== FALSE) + { + $mime = explode("\n", trim($mime)); + if (preg_match($regexp, $mime[(count($mime) - 1)], $matches)) + { + $this->file_type = $matches[1]; + return; + } + } + } + } + } + + // Fall back to the deprecated mime_content_type(), if available (still better than $_FILES[$field]['type']) + if (function_exists('mime_content_type')) + { + $this->file_type = @mime_content_type($file['tmp_name']); + if (strlen($this->file_type) > 0) // It's possible that mime_content_type() returns FALSE or an empty string { - $this->file_type = rtrim($output[0]); return; } } |