summaryrefslogtreecommitdiffstats
path: root/system
diff options
context:
space:
mode:
authorAndrey Andreev <narf@bofh.bg>2012-02-10 13:27:44 +0100
committerAndrey Andreev <narf@bofh.bg>2012-02-10 13:27:44 +0100
commit6f6704f3283a7b663f1598bc6013e6658d8d269b (patch)
tree8574a6dcaf138972452a3d12ab0c9882e3029cc8 /system
parent1fb51fdd28eb7c24431849ad3b6ab35cab9596f6 (diff)
parent16af6afe991381360439135ddb0735dab1280fed (diff)
Merge remote-tracking branch 'upstream/develop' into develop-db-sqlsrv
Diffstat (limited to 'system')
-rw-r--r--system/core/Common.php3
-rwxr-xr-xsystem/core/Input.php67
-rwxr-xr-xsystem/database/DB.php1
-rw-r--r--system/database/DB_driver.php27
-rw-r--r--system/database/drivers/pdo/pdo_driver.php272
-rw-r--r--system/database/drivers/pdo/pdo_forge.php12
-rw-r--r--system/database/drivers/pdo/pdo_result.php67
-rw-r--r--system/libraries/Session.php133
8 files changed, 396 insertions, 186 deletions
diff --git a/system/core/Common.php b/system/core/Common.php
index 2f9c4ff43..225227d17 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -177,6 +177,7 @@ if ( ! function_exists('load_class'))
{
// Note: We use exit() rather then show_error() in order to avoid a
// self-referencing loop with the Excptions class
+ set_status_header(503);
exit('Unable to locate the specified class: '.$class.'.php');
}
@@ -243,6 +244,7 @@ if ( ! function_exists('get_config'))
// Fetch the config file
if ( ! file_exists($file_path))
{
+ set_status_header(503);
exit('The configuration file does not exist.');
}
@@ -251,6 +253,7 @@ if ( ! function_exists('get_config'))
// Does the $config array exist in the file?
if ( ! isset($config) OR ! is_array($config))
{
+ set_status_header(503);
exit('Your config file does not appear to be formatted correctly.');
}
diff --git a/system/core/Input.php b/system/core/Input.php
index 7a16e51ab..ee15f4013 100755
--- a/system/core/Input.php
+++ b/system/core/Input.php
@@ -25,8 +25,6 @@
* @filesource
*/
-// ------------------------------------------------------------------------
-
/**
* Input Class
*
@@ -152,7 +150,7 @@ class CI_Input {
public function get($index = NULL, $xss_clean = FALSE)
{
// Check if a field has been provided
- if ($index === NULL AND ! empty($_GET))
+ if ($index === NULL && ! empty($_GET))
{
$get = array();
@@ -179,7 +177,7 @@ class CI_Input {
public function post($index = NULL, $xss_clean = FALSE)
{
// Check if a field has been provided
- if ($index === NULL AND ! empty($_POST))
+ if ($index === NULL && ! empty($_POST))
{
$post = array();
@@ -206,9 +204,9 @@ class CI_Input {
*/
public function get_post($index = '', $xss_clean = FALSE)
{
- return ( ! isset($_POST[$index]))
- ? $this->get($index, $xss_clean)
- : $this->post($index, $xss_clean);
+ return isset($_POST[$index])
+ ? $this->post($index, $xss_clean)
+ : $this->get($index, $xss_clean);
}
// --------------------------------------------------------------------
@@ -256,19 +254,19 @@ class CI_Input {
}
}
- if ($prefix == '' AND config_item('cookie_prefix') != '')
+ if ($prefix == '' && config_item('cookie_prefix') != '')
{
$prefix = config_item('cookie_prefix');
}
- if ($domain == '' AND config_item('cookie_domain') != '')
+ if ($domain == '' && config_item('cookie_domain') != '')
{
$domain = config_item('cookie_domain');
}
- if ($path == '/' AND config_item('cookie_path') != '/')
+ if ($path == '/' && config_item('cookie_path') !== '/')
{
$path = config_item('cookie_path');
}
- if ($secure == FALSE AND config_item('cookie_secure') != FALSE)
+ if ($secure == FALSE && config_item('cookie_secure') != FALSE)
{
$secure = config_item('cookie_secure');
}
@@ -320,11 +318,11 @@ class CI_Input {
$this->ip_address = in_array($_SERVER['REMOTE_ADDR'], $proxies) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR'];
}
- elseif ( ! $this->server('HTTP_CLIENT_IP') AND $this->server('REMOTE_ADDR'))
+ elseif ( ! $this->server('HTTP_CLIENT_IP') && $this->server('REMOTE_ADDR'))
{
$this->ip_address = $_SERVER['REMOTE_ADDR'];
}
- elseif ($this->server('REMOTE_ADDR') AND $this->server('HTTP_CLIENT_IP'))
+ elseif ($this->server('REMOTE_ADDR') && $this->server('HTTP_CLIENT_IP'))
{
$this->ip_address = $_SERVER['HTTP_CLIENT_IP'];
}
@@ -414,7 +412,7 @@ class CI_Input {
return $this->user_agent;
}
- return $this->user_agent = ( ! isset($_SERVER['HTTP_USER_AGENT'])) ? FALSE : $_SERVER['HTTP_USER_AGENT'];
+ return $this->user_agent = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : FALSE;
}
// --------------------------------------------------------------------
@@ -469,19 +467,16 @@ class CI_Input {
{
$_GET = array();
}
- else
+ elseif (is_array($_GET) && count($_GET) > 0)
{
- if (is_array($_GET) AND count($_GET) > 0)
+ foreach ($_GET as $key => $val)
{
- foreach ($_GET as $key => $val)
- {
- $_GET[$this->_clean_input_keys($key)] = $this->_clean_input_data($val);
- }
+ $_GET[$this->_clean_input_keys($key)] = $this->_clean_input_data($val);
}
}
// Clean $_POST Data
- if (is_array($_POST) AND count($_POST) > 0)
+ if (is_array($_POST) && count($_POST) > 0)
{
foreach ($_POST as $key => $val)
{
@@ -490,7 +485,7 @@ class CI_Input {
}
// Clean $_COOKIE Data
- if (is_array($_COOKIE) AND count($_COOKIE) > 0)
+ if (is_array($_COOKIE) && count($_COOKIE) > 0)
{
// Also get rid of specially treated cookies that might be set by a server
// or silly application, that are of no use to a CI application anyway
@@ -568,7 +563,7 @@ class CI_Input {
}
// Standardize newlines if needed
- if ($this->_standardize_newlines == TRUE AND strpos($str, "\r") !== FALSE)
+ if ($this->_standardize_newlines == TRUE && strpos($str, "\r") !== FALSE)
{
return str_replace(array("\r\n", "\r", "\r\n\n"), PHP_EOL, $str);
}
@@ -592,6 +587,7 @@ class CI_Input {
{
if ( ! preg_match('/^[a-z0-9:_\/-]+$/i', $str))
{
+ set_status_header(503);
exit('Disallowed Key Characters.');
}
@@ -624,7 +620,7 @@ class CI_Input {
}
else
{
- $headers['Content-Type'] = (isset($_SERVER['CONTENT_TYPE'])) ? $_SERVER['CONTENT_TYPE'] : @getenv('CONTENT_TYPE');
+ $headers['Content-Type'] = isset($_SERVER['CONTENT_TYPE']) ? $_SERVER['CONTENT_TYPE'] : @getenv('CONTENT_TYPE');
foreach ($_SERVER as $key => $val)
{
@@ -654,9 +650,9 @@ class CI_Input {
*
* Returns the value of a single member of the headers class member
*
- * @param string array key for $this->headers
- * @param boolean XSS Clean or not
- * @return mixed FALSE on failure, string on success
+ * @param string array key for $this->headers
+ * @param bool XSS Clean or not
+ * @return mixed FALSE on failure, string on success
*/
public function get_request_header($index, $xss_clean = FALSE)
{
@@ -670,12 +666,9 @@ class CI_Input {
return FALSE;
}
- if ($xss_clean === TRUE)
- {
- return $this->security->xss_clean($this->headers[$index]);
- }
-
- return $this->headers[$index];
+ return ($xss_clean === TRUE)
+ ? $this->security->xss_clean($this->headers[$index])
+ : $this->headers[$index];
}
// --------------------------------------------------------------------
@@ -685,11 +678,11 @@ class CI_Input {
*
* Test to see if a request contains the HTTP_X_REQUESTED_WITH header
*
- * @return boolean
+ * @return bool
*/
public function is_ajax_request()
{
- return ($this->server('HTTP_X_REQUESTED_WITH') === 'XMLHttpRequest');
+ return ( ! empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) === 'xmlhttprequest');
}
// --------------------------------------------------------------------
@@ -699,11 +692,11 @@ class CI_Input {
*
* Test to see if a request was made from the command line
*
- * @return boolean
+ * @return bool
*/
public function is_cli_request()
{
- return (php_sapi_name() === 'cli') or defined('STDIN');
+ return (php_sapi_name() === 'cli' OR defined('STDIN'));
}
}
diff --git a/system/database/DB.php b/system/database/DB.php
index ed6afd7ed..d06ffb40e 100755
--- a/system/database/DB.php
+++ b/system/database/DB.php
@@ -82,6 +82,7 @@ function &DB($params = '', $active_record_override = NULL)
$params = array(
'dbdriver' => $dns['scheme'],
'hostname' => (isset($dns['host'])) ? rawurldecode($dns['host']) : '',
+ 'port' => (isset($dns['port'])) ? rawurldecode($dns['port']) : '',
'username' => (isset($dns['user'])) ? rawurldecode($dns['user']) : '',
'password' => (isset($dns['pass'])) ? rawurldecode($dns['pass']) : '',
'database' => (isset($dns['path'])) ? rawurldecode(substr($dns['path'], 1)) : ''
diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php
index 566779d0e..9c9fdac85 100644
--- a/system/database/DB_driver.php
+++ b/system/database/DB_driver.php
@@ -81,8 +81,7 @@ class CI_DB_driver {
var $stmt_id;
var $curs_id;
var $limit_used;
-
-
+
/**
* Constructor. Accepts one parameter containing the database
@@ -814,20 +813,23 @@ class CI_DB_driver {
if ($query->num_rows() > 0)
{
- foreach ($query->result_array() as $row)
+ $table = FALSE;
+ $rows = $query->result_array();
+ $key = (($row = current($rows)) && in_array('table_name', array_map('strtolower', array_keys($row))));
+
+ if ($key)
{
- if (isset($row['TABLE_NAME']))
- {
- $retval[] = $row['TABLE_NAME'];
- }
- else
- {
- $retval[] = array_shift($row);
- }
+ $table = array_key_exists('TABLE_NAME', $row) ? 'TABLE_NAME' : 'table_name';
+ }
+
+ foreach ($rows as $row)
+ {
+ $retval[] = ( ! $table) ? current($row) : $row[$table];
}
}
$this->data_cache['table_names'] = $retval;
+
return $this->data_cache['table_names'];
}
@@ -1436,10 +1438,7 @@ class CI_DB_driver {
return $item.$alias;
}
-
-
}
-
/* End of file DB_driver.php */
/* Location: ./system/database/DB_driver.php */
diff --git a/system/database/drivers/pdo/pdo_driver.php b/system/database/drivers/pdo/pdo_driver.php
index 4f4f44ba7..fc378daeb 100644
--- a/system/database/drivers/pdo/pdo_driver.php
+++ b/system/database/drivers/pdo/pdo_driver.php
@@ -46,9 +46,10 @@ class CI_DB_pdo_driver extends CI_DB {
// the character used to excape - not necessary for PDO
var $_escape_char = '';
+
+ // clause and character used for LIKE escape sequences
var $_like_escape_str;
var $_like_escape_chr;
-
/**
* The syntax to count rows is slightly different across different
@@ -57,29 +58,36 @@ class CI_DB_pdo_driver extends CI_DB {
*/
var $_count_string = "SELECT COUNT(*) AS ";
var $_random_keyword;
-
+
+ // need to track the pdo DSN, driver and options
+ var $dsn;
+ var $pdodriver;
var $options = array();
function __construct($params)
{
parent::__construct($params);
-
+
+ if (preg_match('/([^;]+):/', $this->dsn, $match) && count($match) == 2)
+ {
+ // If there is a minimum valid dsn string pattern found, we're done
+ // This is for general PDO users, who tend to have a full DSN string.
+ $this->pdodriver = end($match);
+ }
+ else
+ {
+ // Try to build a complete DSN string from params
+ $this->_connect_string($params);
+ }
+
// clause and character used for LIKE escape sequences
- if (strpos($this->hostname, 'mysql') !== FALSE)
+ // this one depends on the driver being used
+ if ($this->pdodriver == 'mysql')
{
$this->_like_escape_str = '';
$this->_like_escape_chr = '';
-
- //Prior to this version, the charset can't be set in the dsn
- if(is_php('5.3.6'))
- {
- $this->hostname .= ";charset={$this->char_set}";
- }
-
- //Set the charset with the connection options
- $this->options['PDO::MYSQL_ATTR_INIT_COMMAND'] = "SET NAMES {$this->char_set}";
}
- else if (strpos($this->hostname, 'odbc') !== FALSE)
+ elseif ($this->pdodriver == 'odbc')
{
$this->_like_escape_str = " {escape '%s'} ";
$this->_like_escape_chr = '!';
@@ -90,14 +98,85 @@ class CI_DB_pdo_driver extends CI_DB {
$this->_like_escape_chr = '!';
}
- if (strpos($this->hostname, 'sqlite') === FALSE)
+ $this->trans_enabled = FALSE;
+ $this->_random_keyword = ' RND('.time().')'; // database specific random keyword
+ }
+
+ /**
+ * Connection String
+ *
+ * @access private
+ * @param array
+ * @return void
+ */
+ function _connect_string($params)
+ {
+ if (strpos($this->hostname, ':'))
{
- $this->hostname .= ";dbname=".$this->database;
+ // hostname generally would have this prototype
+ // $db['hostname'] = 'pdodriver:host(/Server(/DSN))=hostname(/DSN);';
+ // We need to get the prefix (pdodriver used by PDO).
+ $this->dsn = $this->hostname;
+ $this->pdodriver = substr($this->hostname, 0, strpos($this->hostname, ':'));
}
-
- $this->trans_enabled = FALSE;
+ else
+ {
+ // Invalid DSN, display an error
+ if ( ! array_key_exists('pdodriver', $params))
+ {
+ show_error('Invalid DB Connection String for PDO');
+ }
- $this->_random_keyword = ' RND('.time().')'; // database specific random keyword
+ // Assuming that the following DSN string format is used:
+ // $dsn = 'pdo://username:password@hostname:port/database?pdodriver=pgsql';
+ $this->dsn = $this->pdodriver.':';
+
+ // Add hostname to the DSN for databases that need it
+ if ( ! empty($this->hostname) && in_array($this->pdodriver, array('informix', 'mysql', 'pgsql', 'sybase', 'mssql', 'dblib', 'cubrid')))
+ {
+ $this->dsn .= 'host='.$this->hostname.';';
+ }
+
+ // Add a port to the DSN for databases that can use it
+ if ( ! empty($this->port) && in_array($this->pdodriver, array('informix', 'mysql', 'pgsql', 'ibm', 'cubrid')))
+ {
+ $this->dsn .= 'port='.$this->port.';';
+ }
+ }
+
+ // Add the database name to the DSN, if needed
+ if (stripos($this->dsn, 'dbname') === FALSE
+ && in_array($this->pdodriver, array('4D', 'pgsql', 'mysql', 'firebird', 'sybase', 'mssql', 'dblib', 'cubrid')))
+ {
+ $this->dsn .= 'dbname='.$this->database.';';
+ }
+ elseif (stripos($this->dsn, 'database') === FALSE && in_array($this->pdodriver, array('ibm', 'sqlsrv')))
+ {
+ if (stripos($this->dsn, 'dsn') === FALSE)
+ {
+ $this->dsn .= 'database='.$this->database.';';
+ }
+ }
+ elseif ($this->pdodriver === 'sqlite' && $this->dsn === 'sqlite:')
+ {
+ if ($this->database !== ':memory')
+ {
+ if ( ! file_exists($this->database))
+ {
+ show_error('Invalid DB Connection string for PDO SQLite');
+ }
+
+ $this->dsn .= (strpos($this->database, DIRECTORY_SEPARATOR) !== 0) ? DIRECTORY_SEPARATOR : '';
+ }
+
+ $this->dsn .= $this->database;
+ }
+
+ // Add charset to the DSN, if needed
+ if ( ! empty($this->char_set) && in_array($this->pdodriver, array('4D', 'mysql', 'sybase', 'mssql', 'dblib', 'oci')))
+ {
+ $this->dsn .= 'charset='.$this->char_set.';';
+ }
}
/**
@@ -108,9 +187,9 @@ class CI_DB_pdo_driver extends CI_DB {
*/
function db_connect()
{
- $this->options['PDO::ATTR_ERRMODE'] = PDO::ERRMODE_SILENT;
-
- return new PDO($this->hostname, $this->username, $this->password, $this->options);
+ $this->options[PDO::ATTR_ERRMODE] = PDO::ERRMODE_SILENT;
+
+ return $this->pdo_connect();
}
// --------------------------------------------------------------------
@@ -123,10 +202,44 @@ class CI_DB_pdo_driver extends CI_DB {
*/
function db_pconnect()
{
- $this->options['PDO::ATTR_ERRMODE'] = PDO::ERRMODE_SILENT;
- $this->options['PDO::ATTR_PERSISTENT'] = TRUE;
+ $this->options[PDO::ATTR_ERRMODE] = PDO::ERRMODE_SILENT;
+ $this->options[PDO::ATTR_PERSISTENT] = TRUE;
- return new PDO($this->hostname, $this->username, $this->password, $this->options);
+ return $this->pdo_connect();
+ }
+
+ // --------------------------------------------------------------------
+
+ /**
+ * PDO connection
+ *
+ * @access private called by the PDO driver class
+ * @return resource
+ */
+ function pdo_connect()
+ {
+ // Refer : http://php.net/manual/en/ref.pdo-mysql.connection.php
+ if ($this->pdodriver == 'mysql' && is_php('5.3.6'))
+ {
+ $this->options[PDO::MYSQL_ATTR_INIT_COMMAND] = "SET NAMES $this->char_set COLLATE '$this->dbcollat'";
+ }
+
+ // Connecting...
+ try
+ {
+ $db = new PDO($this->dsn, $this->username, $this->password, $this->options);
+ }
+ catch (PDOException $e)
+ {
+ if ($this->db_debug && empty($this->failover))
+ {
+ $this->display_error($e->getMessage(), '', TRUE);
+ }
+
+ return FALSE;
+ }
+
+ return $db;
}
// --------------------------------------------------------------------
@@ -146,6 +259,7 @@ class CI_DB_pdo_driver extends CI_DB {
{
return $this->db->display_error('db_unsuported_feature');
}
+
return FALSE;
}
@@ -175,7 +289,6 @@ class CI_DB_pdo_driver extends CI_DB {
*/
function db_set_charset($charset, $collation)
{
- // @todo - add support if needed
return TRUE;
}
@@ -204,6 +317,7 @@ class CI_DB_pdo_driver extends CI_DB {
function _execute($sql)
{
$sql = $this->_prep_query($sql);
+
$result_id = $this->conn_id->query($sql);
if (is_object($result_id))
@@ -231,6 +345,17 @@ class CI_DB_pdo_driver extends CI_DB {
*/
function _prep_query($sql)
{
+ if ($this->pdodriver === 'pgsql')
+ {
+ // Change the backtick(s) for Postgre
+ $sql = str_replace('`', '"', $sql);
+ }
+ elseif ($this->pdodriver === 'sqlite')
+ {
+ // Change the backtick(s) for SQLite
+ $sql = str_replace('`', '', $sql);
+ }
+
return $sql;
}
@@ -285,6 +410,7 @@ class CI_DB_pdo_driver extends CI_DB {
}
$ret = $this->conn->commit();
+
return $ret;
}
@@ -310,6 +436,7 @@ class CI_DB_pdo_driver extends CI_DB {
}
$ret = $this->conn_id->rollBack();
+
return $ret;
}
@@ -348,7 +475,9 @@ class CI_DB_pdo_driver extends CI_DB {
if ($like === TRUE)
{
$str = str_replace( array('%', '_', $this->_like_escape_chr),
- array($this->_like_escape_chr.'%', $this->_like_escape_chr.'_', $this->_like_escape_chr.$this->_like_escape_chr),
+ array($this->_like_escape_chr.'%',
+ $this->_like_escape_chr.'_',
+ $this->_like_escape_chr.$this->_like_escape_chr),
$str);
}
@@ -378,9 +507,9 @@ class CI_DB_pdo_driver extends CI_DB {
*/
function insert_id($name=NULL)
{
- //Convenience method for postgres insertid
- if (strpos($this->hostname, 'pgsql') !== FALSE)
+ if ($this->pdodriver == 'pgsql')
{
+ //Convenience method for postgres insertid
$v = $this->_version();
$table = func_num_args() > 0 ? func_get_arg(0) : NULL;
@@ -389,8 +518,10 @@ class CI_DB_pdo_driver extends CI_DB {
{
$sql='SELECT LASTVAL() as ins_id';
}
+
$query = $this->query($sql);
- $row = $query->row();
+ $row = $query->row();
+
return $row->ins_id;
}
else
@@ -418,7 +549,9 @@ class CI_DB_pdo_driver extends CI_DB {
return 0;
}
- $query = $this->query($this->_count_string . $this->_protect_identifiers('numrows') . " FROM " . $this->_protect_identifiers($table, TRUE, NULL, FALSE));
+ $sql = $this->_count_string.$this->_protect_identifiers('numrows').' FROM ';
+ $sql .= $this->_protect_identifiers($table, TRUE, NULL, FALSE);
+ $query = $this->query($sql);
if ($query->num_rows() == 0)
{
@@ -427,6 +560,7 @@ class CI_DB_pdo_driver extends CI_DB {
$row = $query->row();
$this->_reset_select();
+
return (int) $row->numrows;
}
@@ -443,12 +577,19 @@ class CI_DB_pdo_driver extends CI_DB {
*/
function _list_tables($prefix_limit = FALSE)
{
- $sql = "SHOW TABLES FROM `".$this->database."`";
+ if ($this->pdodriver == 'pgsql')
+ {
+ // Analog function to show all tables in postgre
+ $sql = "SELECT * FROM information_schema.tables WHERE table_schema = 'public'";
+ }
+ else
+ {
+ $sql = "SHOW TABLES FROM `".$this->database."`";
+ }
if ($prefix_limit !== FALSE AND $this->dbprefix != '')
{
- //$sql .= " LIKE '".$this->escape_like_str($this->dbprefix)."%' ".sprintf($this->_like_escape_str, $this->_like_escape_chr);
- return FALSE; // not currently supported
+ return FALSE;
}
return $sql;
@@ -467,7 +608,7 @@ class CI_DB_pdo_driver extends CI_DB {
*/
function _list_columns($table = '')
{
- return "SHOW COLUMNS FROM ".$table;
+ return 'SHOW COLUMNS FROM '.$this->_from_tables($table);
}
// --------------------------------------------------------------------
@@ -483,7 +624,7 @@ class CI_DB_pdo_driver extends CI_DB {
*/
function _field_data($table)
{
- return "SELECT TOP 1 FROM ".$table;
+ return 'SELECT TOP 1 FROM '.$this->_from_tables($table);
}
// --------------------------------------------------------------------
@@ -497,6 +638,7 @@ class CI_DB_pdo_driver extends CI_DB {
function _error_message()
{
$error_array = $this->conn_id->errorInfo();
+
return $error_array[2];
}
@@ -544,8 +686,8 @@ class CI_DB_pdo_driver extends CI_DB {
if (strpos($item, '.') !== FALSE)
{
- $str = $this->_escape_char.str_replace('.', $this->_escape_char.'.'.$this->_escape_char, $item).$this->_escape_char;
-
+ $str = $this->_escape_char.str_replace('.', $this->_escape_char.'.'.$this->_escape_char, $item);
+ $str .= $this->_escape_char;
}
else
{
@@ -575,7 +717,7 @@ class CI_DB_pdo_driver extends CI_DB {
$tables = array($tables);
}
- return (count($tables) == 1) ? $tables[0] : '('.implode(', ', $tables).')';
+ return (count($tables) == 1) ? '`'.$tables[0].'`' : '('.implode(', ', $tables).')';
}
// --------------------------------------------------------------------
@@ -593,7 +735,7 @@ class CI_DB_pdo_driver extends CI_DB {
*/
function _insert($table, $keys, $values)
{
- return "INSERT INTO ".$table." (".implode(', ', $keys).") VALUES (".implode(', ', $values).")";
+ return 'INSERT INTO '.$this->_from_tables($table).' ('.implode(', ', $keys).') VALUES ('.implode(', ', $values).')';
}
// --------------------------------------------------------------------
@@ -611,7 +753,7 @@ class CI_DB_pdo_driver extends CI_DB {
*/
function _insert_batch($table, $keys, $values)
{
- return "INSERT INTO ".$table." (".implode(', ', $keys).") VALUES ".implode(', ', $values);
+ return 'INSERT INTO '.$this->_from_tables($table).' ('.implode(', ', $keys).') VALUES '.implode(', ', $values);
}
// --------------------------------------------------------------------
@@ -636,14 +778,11 @@ class CI_DB_pdo_driver extends CI_DB {
$valstr[] = $key." = ".$val;
}
- $limit = ( ! $limit) ? '' : ' LIMIT '.$limit;
-
- $orderby = (count($orderby) >= 1)?' ORDER BY '.implode(", ", $orderby):'';
-
- $sql = "UPDATE ".$table." SET ".implode(', ', $valstr);
-
- $sql .= ($where != '' AND count($where) >=1) ? " WHERE ".implode(" ", $where) : '';
+ $limit = ( ! $limit) ? '' : ' LIMIT '.$limit;
+ $orderby = (count($orderby) >= 1) ? ' ORDER BY '.implode(', ', $orderby) : '';
+ $sql = 'UPDATE '.$this->_from_tables($table).' SET '.implode(', ', $valstr);
+ $sql .= ($where != '' && count($where) >= 1) ? ' WHERE '.implode(' ', $where) : '';
$sql .= $orderby.$limit;
return $sql;
@@ -664,8 +803,8 @@ class CI_DB_pdo_driver extends CI_DB {
*/
function _update_batch($table, $values, $index, $where = NULL)
{
- $ids = array();
- $where = ($where != '' AND count($where) >=1) ? implode(" ", $where).' AND ' : '';
+ $ids = array();
+ $where = ($where != '' && count($where) >=1) ? implode(" ", $where).' AND ' : '';
foreach ($values as $key => $val)
{
@@ -680,12 +819,13 @@ class CI_DB_pdo_driver extends CI_DB {
}
}
- $sql = "UPDATE ".$table." SET ";
+ $sql = 'UPDATE '.$this->_from_tables($table).' SET ';
$cases = '';
foreach ($final as $k => $v)
{
$cases .= $k.' = CASE '."\n";
+
foreach ($v as $row)
{
$cases .= $row."\n";
@@ -695,7 +835,6 @@ class CI_DB_pdo_driver extends CI_DB {
}
$sql .= substr($cases, 0, -2);
-
$sql .= ' WHERE '.$where.$index.' IN ('.implode(',', $ids).')';
return $sql;
@@ -739,19 +878,20 @@ class CI_DB_pdo_driver extends CI_DB {
if (count($where) > 0 OR count($like) > 0)
{
- $conditions = "\nWHERE ";
+ $conditions = "\nWHERE ";
$conditions .= implode("\n", $this->ar_where);
if (count($where) > 0 && count($like) > 0)
{
$conditions .= " AND ";
}
+
$conditions .= implode("\n", $like);
}
$limit = ( ! $limit) ? '' : ' LIMIT '.$limit;
- return "DELETE FROM ".$table.$conditions.$limit;
+ return 'DELETE FROM '.$this->_from_tables($table).$conditions.$limit;
}
// --------------------------------------------------------------------
@@ -769,27 +909,16 @@ class CI_DB_pdo_driver extends CI_DB {
*/
function _limit($sql, $limit, $offset)
{
- if (strpos($this->hostname, 'cubrid') !== FALSE || strpos($this->hostname, 'sqlite') !== FALSE)
+ if ($this->pdodriver == 'cubrid' OR $this->pdodriver == 'sqlite')
{
- if ($offset == 0)
- {
- $offset = '';
- }
- else
- {
- $offset .= ", ";
- }
+ $offset = ($offset == 0) ? '' : $offset.', ';
- return $sql."LIMIT ".$offset.$limit;
+ return $sql.'LIMIT '.$offset.$limit;
}
else
{
- $sql .= "LIMIT ".$limit;
-
- if ($offset > 0)
- {
- $sql .= " OFFSET ".$offset;
- }
+ $sql .= 'LIMIT '.$limit;
+ $sql .= ($offset > 0) ? ' OFFSET '.$offset : '';
return $sql;
}
@@ -809,10 +938,7 @@ class CI_DB_pdo_driver extends CI_DB {
$this->conn_id = null;
}
-
}
-
-
/* End of file pdo_driver.php */
/* Location: ./system/database/drivers/pdo/pdo_driver.php */ \ No newline at end of file
diff --git a/system/database/drivers/pdo/pdo_forge.php b/system/database/drivers/pdo/pdo_forge.php
index 076415928..478b2dbfb 100644
--- a/system/database/drivers/pdo/pdo_forge.php
+++ b/system/database/drivers/pdo/pdo_forge.php
@@ -96,7 +96,7 @@ class CI_DB_pdo_forge extends CI_DB_forge {
$sql .= 'IF NOT EXISTS ';
}
- $sql .= $this->db->_escape_identifiers($table)." (";
+ $sql .= '`'.$this->db->_escape_identifiers($table).'` (';
$current_field_count = 0;
foreach ($fields as $field=>$attributes)
@@ -111,6 +111,7 @@ class CI_DB_pdo_forge extends CI_DB_forge {
else
{
$attributes = array_change_key_case($attributes, CASE_UPPER);
+ $numeric = array('SERIAL', 'INTEGER');
$sql .= "\n\t".$this->db->_protect_identifiers($field);
@@ -118,7 +119,11 @@ class CI_DB_pdo_forge extends CI_DB_forge {
if (array_key_exists('CONSTRAINT', $attributes))
{
- $sql .= '('.$attributes['CONSTRAINT'].')';
+ // Exception for Postgre numeric which not too happy with constraint within those type
+ if ( ! ($this->db->pdodriver == 'pgsql' && in_array($attributes['TYPE'], $numeric)))
+ {
+ $sql .= '('.$attributes['CONSTRAINT'].')';
+ }
}
if (array_key_exists('UNSIGNED', $attributes) && $attributes['UNSIGNED'] === TRUE)
@@ -219,7 +224,7 @@ class CI_DB_pdo_forge extends CI_DB_forge {
*/
function _alter_table($alter_type, $table, $column_name, $column_definition = '', $default_value = '', $null = '', $after_field = '')
{
- $sql = 'ALTER TABLE '.$this->db->_protect_identifiers($table)." $alter_type ".$this->db->_protect_identifiers($column_name);
+ $sql = 'ALTER TABLE `'.$this->db->_protect_identifiers($table)."` $alter_type ".$this->db->_protect_identifiers($column_name);
// DROP has everything it needs now.
if ($alter_type == 'DROP')
@@ -271,7 +276,6 @@ class CI_DB_pdo_forge extends CI_DB_forge {
return $sql;
}
-
}
/* End of file pdo_forge.php */
diff --git a/system/database/drivers/pdo/pdo_result.php b/system/database/drivers/pdo/pdo_result.php
index 6b523b001..c333abc40 100644
--- a/system/database/drivers/pdo/pdo_result.php
+++ b/system/database/drivers/pdo/pdo_result.php
@@ -39,6 +39,16 @@
class CI_DB_pdo_result extends CI_DB_result {
/**
+ * @var bool Hold the flag whether a result handler already fetched before
+ */
+ protected $is_fetched = FALSE;
+
+ /**
+ * @var mixed Hold the fetched assoc array of a result handler
+ */
+ protected $result_assoc;
+
+ /**
* Number of rows in the result set
*
* @access public
@@ -46,7 +56,59 @@ class CI_DB_pdo_result extends CI_DB_result {
*/
function num_rows()
{
- return $this->result_id->rowCount();
+ if (empty($this->result_id) OR ! is_object($this->result_id))
+ {
+ // invalid result handler
+ return 0;
+ }
+ elseif (($num_rows = $this->result_id->rowCount()) && $num_rows > 0)
+ {
+ // If rowCount return something, we're done.
+ return $num_rows;
+ }
+
+ // Fetch the result, instead perform another extra query
+ return ($this->is_fetched && is_array($this->result_assoc)) ? count($this->result_assoc) : count($this->result_assoc());
+ }
+
+ /**
+ * Fetch the result handler
+ *
+ * @access public
+ * @return mixed
+ */
+ function result_assoc()
+ {
+ // If the result already fetched before, use that one
+ if (count($this->result_array) > 0 OR $this->is_fetched)
+ {
+ return $this->result_array();
+ }
+
+ // Define the output
+ $output = array('assoc', 'object');
+
+ // Fetch the result
+ foreach ($output as $type)
+ {
+ // Define the method and handler
+ $res_method = '_fetch_'.$type;
+ $res_handler = 'result_'.$type;
+
+ $this->$res_handler = array();
+ $this->_data_seek(0);
+
+ while ($row = $this->$res_method())
+ {
+ $this->{$res_handler}[] = $row;
+ }
+ }
+
+ // Save this as buffer and marked the fetch flag
+ $this->result_array = $this->result_assoc;
+ $this->is_fetched = TRUE;
+
+ return $this->result_assoc;
}
// --------------------------------------------------------------------
@@ -78,6 +140,7 @@ class CI_DB_pdo_result extends CI_DB_result {
{
return $this->db->display_error('db_unsuported_feature');
}
+
return FALSE;
}
@@ -110,6 +173,7 @@ class CI_DB_pdo_result extends CI_DB_result {
{
return $this->db->display_error('db_unsuported_feature');
}
+
return FALSE;
}
}
@@ -178,6 +242,5 @@ class CI_DB_pdo_result extends CI_DB_result {
}
-
/* End of file pdo_result.php */
/* Location: ./system/database/drivers/pdo/pdo_result.php */ \ No newline at end of file
diff --git a/system/libraries/Session.php b/system/libraries/Session.php
index 04103a4d9..66b39a6a2 100644
--- a/system/libraries/Session.php
+++ b/system/libraries/Session.php
@@ -25,8 +25,6 @@
* @filesource
*/
-// ------------------------------------------------------------------------
-
/**
* Session Class
*
@@ -67,7 +65,7 @@ class CI_Session {
*/
public function __construct($params = array())
{
- log_message('debug', "Session Class Initialized");
+ log_message('debug', 'Session Class Initialized');
// Set the super object to a local variable for use throughout the class
$this->CI =& get_instance();
@@ -93,14 +91,14 @@ class CI_Session {
$this->CI->load->library('encrypt');
}
- // Are we using a database? If so, load it
- if ($this->sess_use_database === TRUE AND $this->sess_table_name != '')
+ // Are we using a database? If so, load it
+ if ($this->sess_use_database === TRUE && $this->sess_table_name != '')
{
$this->CI->load->database();
}
- // Set the "now" time. Can either be GMT or server time, based on the
- // config prefs. We use this to set the "last activity" time
+ // Set the "now" time. Can either be GMT or server time, based on the
+ // config prefs. We use this to set the "last activity" time
$this->now = $this->_get_time();
// Set the session length. If the session expiration is
@@ -114,7 +112,7 @@ class CI_Session {
$this->sess_cookie_name = $this->cookie_prefix.$this->sess_cookie_name;
// Run the Session routine. If a session doesn't exist we'll
- // create a new one. If it does, we'll update it.
+ // create a new one. If it does, we'll update it.
if ( ! $this->sess_read())
{
$this->sess_create();
@@ -133,7 +131,7 @@ class CI_Session {
// Delete expired sessions if necessary
$this->_sess_gc();
- log_message('debug', "Session routines successfully run");
+ log_message('debug', 'Session routines successfully run');
}
// --------------------------------------------------------------------
@@ -166,7 +164,7 @@ class CI_Session {
$hash = substr($session, strlen($session)-32); // get last 32 chars
$session = substr($session, 0, strlen($session)-32);
- // Does the md5 hash match? This is to prevent manipulation of session data in userspace
+ // Does the md5 hash match? This is to prevent manipulation of session data in userspace
if ($hash !== md5($session.$this->encryption_key))
{
log_message('error', 'The session cookie data did not match what was expected. This could be a possible hacking attempt.');
@@ -179,7 +177,7 @@ class CI_Session {
$session = $this->_unserialize($session);
// Is the session data we unserialized an array with the correct format?
- if ( ! is_array($session) OR ! isset($session['session_id']) OR ! isset($session['ip_address']) OR ! isset($session['user_agent']) OR ! isset($session['last_activity']))
+ if ( ! is_array($session) OR ! isset($session['session_id'], $session['ip_address'], $session['user_agent'], $session['last_activity']))
{
$this->sess_destroy();
return FALSE;
@@ -192,15 +190,15 @@ class CI_Session {
return FALSE;
}
- // Does the IP Match?
- if ($this->sess_match_ip == TRUE AND $session['ip_address'] !== $this->CI->input->ip_address())
+ // Does the IP match?
+ if ($this->sess_match_ip == TRUE && $session['ip_address'] !== $this->CI->input->ip_address())
{
$this->sess_destroy();
return FALSE;
}
// Does the User Agent Match?
- if ($this->sess_match_useragent == TRUE AND trim($session['user_agent']) !== trim(substr($this->CI->input->user_agent(), 0, 120)))
+ if ($this->sess_match_useragent == TRUE && trim($session['user_agent']) !== trim(substr($this->CI->input->user_agent(), 0, 120)))
{
$this->sess_destroy();
return FALSE;
@@ -223,7 +221,7 @@ class CI_Session {
$query = $this->CI->db->get($this->sess_table_name);
- // No result? Kill it!
+ // No result? Kill it!
if ($query->num_rows() === 0)
{
$this->sess_destroy();
@@ -232,7 +230,7 @@ class CI_Session {
// Is there custom data? If so, add it to the main session array
$row = $query->row();
- if (isset($row->user_data) AND $row->user_data != '')
+ if (isset($row->user_data) && $row->user_data != '')
{
$custom_data = $this->_unserialize($row->user_data);
@@ -282,7 +280,7 @@ class CI_Session {
$cookie_userdata[$val] = $this->userdata[$val];
}
- // Did we find any custom data? If not, we turn the empty array into a string
+ // Did we find any custom data? If not, we turn the empty array into a string
// since there's no reason to serialize and store an empty array in the DB
if (count($custom_userdata) === 0)
{
@@ -298,7 +296,7 @@ class CI_Session {
$this->CI->db->where('session_id', $this->userdata['session_id']);
$this->CI->db->update($this->sess_table_name, array('last_activity' => $this->userdata['last_activity'], 'user_data' => $custom_userdata));
- // Write the cookie. Notice that we manually pass the cookie data array to the
+ // Write the cookie. Notice that we manually pass the cookie data array to the
// _set_cookie() function. Normally that function will store $this->userdata, but
// in this case that array contains custom data, which we do not want in the cookie.
$this->_set_cookie($cookie_userdata);
@@ -324,13 +322,12 @@ class CI_Session {
$sessid .= $this->CI->input->ip_address();
$this->userdata = array(
- 'session_id' => md5(uniqid($sessid, TRUE)),
- 'ip_address' => $this->CI->input->ip_address(),
- 'user_agent' => substr($this->CI->input->user_agent(), 0, 120),
- 'last_activity' => $this->now,
- 'user_data' => ''
- );
-
+ 'session_id' => md5(uniqid($sessid, TRUE)),
+ 'ip_address' => $this->CI->input->ip_address(),
+ 'user_agent' => substr($this->CI->input->user_agent(), 0, 120),
+ 'last_activity' => $this->now,
+ 'user_data' => ''
+ );
// Save the data to the DB if needed
if ($this->sess_use_database === TRUE)
@@ -357,6 +354,35 @@ class CI_Session {
return;
}
+ // _set_cookie() will handle this for us if we aren't using database sessions
+ // by pushing all userdata to the cookie.
+ $cookie_data = NULL;
+
+ /* Changing the session ID during an AJAX call causes problems,
+ * so we'll only update our last_activity
+ */
+ if ($this->CI->input->is_ajax_request())
+ {
+ $this->userdata['last_activity'] = $this->now;
+
+ // Update the session ID and last_activity field in the DB if needed
+ if ($this->sess_use_database === TRUE)
+ {
+ // set cookie explicitly to only have our session data
+ $cookie_data = array();
+ foreach (array('session_id','ip_address','user_agent','last_activity') as $val)
+ {
+ $cookie_data[$val] = $this->userdata[$val];
+ }
+
+ $this->CI->db->query($this->CI->db->update_string($this->sess_table_name,
+ array('last_activity' => $this->userdata['last_activity']),
+ array('session_id' => $this->userdata['session_id'])));
+ }
+
+ return $this->_set_cookie($cookie_data);
+ }
+
// Save the old session id so we know which record to
// update in the database if we need it
$old_sessid = $this->userdata['session_id'];
@@ -374,10 +400,6 @@ class CI_Session {
$this->userdata['session_id'] = $new_sessid = md5(uniqid($new_sessid, TRUE));
$this->userdata['last_activity'] = $this->now;
- // _set_cookie() will handle this for us if we aren't using database sessions
- // by pushing all userdata to the cookie.
- $cookie_data = NULL;
-
// Update the session ID and last_activity field in the DB if needed
if ($this->sess_use_database === TRUE)
{
@@ -405,7 +427,7 @@ class CI_Session {
public function sess_destroy()
{
// Kill the session DB row
- if ($this->sess_use_database === TRUE AND isset($this->userdata['session_id']))
+ if ($this->sess_use_database === TRUE && isset($this->userdata['session_id']))
{
$this->CI->db->where('session_id', $this->userdata['session_id']);
$this->CI->db->delete($this->sess_table_name);
@@ -413,13 +435,13 @@ class CI_Session {
// Kill the cookie
setcookie(
- $this->sess_cookie_name,
- addslashes(serialize(array())),
- ($this->now - 31500000),
- $this->cookie_path,
- $this->cookie_domain,
- 0
- );
+ $this->sess_cookie_name,
+ addslashes(serialize(array())),
+ ($this->now - 31500000),
+ $this->cookie_path,
+ $this->cookie_domain,
+ 0
+ );
}
// --------------------------------------------------------------------
@@ -535,7 +557,7 @@ class CI_Session {
*/
public function keep_flashdata($key)
{
- // 'old' flashdata gets removed. Here we mark all
+ // 'old' flashdata gets removed. Here we mark all
// flashdata as 'new' to preserve it from _flashdata_sweep()
// Note the function will return FALSE if the $key
// provided cannot be found
@@ -586,7 +608,6 @@ class CI_Session {
*
* @return void
*/
-
protected function _flashdata_sweep()
{
$userdata = $this->all_userdata();
@@ -609,13 +630,9 @@ class CI_Session {
*/
protected function _get_time()
{
- if (strtolower($this->time_reference) === 'gmt')
- {
- $now = time();
- return mktime(gmdate('H', $now), gmdate('i', $now), gmdate('s', $now), gmdate('m', $now), gmdate('d', $now), gmdate('Y', $now));
- }
-
- return time();
+ return (strtolower($this->time_reference) === 'gmt')
+ ? mktime(gmdate('H'), gmdate('i'), gmdate('s'), gmdate('m'), gmdate('d'), gmdate('Y'))
+ : time();
}
// --------------------------------------------------------------------
@@ -649,13 +666,13 @@ class CI_Session {
// Set the cookie
setcookie(
- $this->sess_cookie_name,
- $cookie_data,
- $expire,
- $this->cookie_path,
- $this->cookie_domain,
- $this->cookie_secure
- );
+ $this->sess_cookie_name,
+ $cookie_data,
+ $expire,
+ $this->cookie_path,
+ $this->cookie_domain,
+ $this->cookie_secure
+ );
}
// --------------------------------------------------------------------
@@ -687,8 +704,11 @@ class CI_Session {
*
* This function converts any slashes found into a temporary marker
*
+ * @param string
+ * @param string
+ * @return void
*/
- function _escape_slashes(&$val, $key)
+ protected function _escape_slashes(&$val, $key)
{
if (is_string($val))
{
@@ -725,6 +745,9 @@ class CI_Session {
*
* This function converts any slash markers back into actual slashes
*
+ * @param string
+ * @param string
+ * @return void
*/
protected function _unescape_slashes(&$val, $key)
{
@@ -763,9 +786,7 @@ class CI_Session {
}
}
-
}
-// END Session Class
/* End of file Session.php */
/* Location: ./system/libraries/Session.php */