diff options
author | DiederikLascaris <info@runesa.nl> | 2017-01-22 21:45:15 +0100 |
---|---|---|
committer | DiederikLascaris <info@runesa.nl> | 2017-01-22 21:45:15 +0100 |
commit | 312efeba32d532878c536fd28e75f39d61a9dade (patch) | |
tree | 71ae4aaca33a9d34a789d6d375acd2594160123a /system | |
parent | 947f1a06093a52a32b703ee795e52c22cd66363a (diff) | |
parent | 44c7af639ac1726780b64fb5a6cb6fca2df8b651 (diff) |
Merge branch 'develop' of git://github.com/bcit-ci/CodeIgniter into develop
Diffstat (limited to 'system')
174 files changed, 4155 insertions, 7559 deletions
diff --git a/system/core/Benchmark.php b/system/core/Benchmark.php index e420f62a1..b3ac79c62 100644 --- a/system/core/Benchmark.php +++ b/system/core/Benchmark.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -47,7 +47,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Libraries * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/benchmark.html + * @link https://codeigniter.com/user_guide/libraries/benchmark.html */ class CI_Benchmark { diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index ddf322749..8eed52eb7 100644 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage CodeIgniter * @category Front-controller * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/ + * @link https://codeigniter.com/user_guide/ */ /** @@ -55,7 +55,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @var string * */ - define('CI_VERSION', '3.0.1-dev'); + const CI_VERSION = '3.2.0-dev'; /* * ------------------------------------------------------ @@ -67,7 +67,10 @@ defined('BASEPATH') OR exit('No direct script access allowed'); require_once(APPPATH.'config/'.ENVIRONMENT.'/constants.php'); } - require_once(APPPATH.'config/constants.php'); + if (file_exists(APPPATH.'config/constants.php')) + { + require_once(APPPATH.'config/constants.php'); + } /* * ------------------------------------------------------ @@ -76,57 +79,6 @@ defined('BASEPATH') OR exit('No direct script access allowed'); */ require_once(BASEPATH.'core/Common.php'); - -/* - * ------------------------------------------------------ - * Security procedures - * ------------------------------------------------------ - */ - -if ( ! is_php('5.4')) -{ - ini_set('magic_quotes_runtime', 0); - - if ((bool) ini_get('register_globals')) - { - $_protected = array( - '_SERVER', - '_GET', - '_POST', - '_FILES', - '_REQUEST', - '_SESSION', - '_ENV', - '_COOKIE', - 'GLOBALS', - 'HTTP_RAW_POST_DATA', - 'system_path', - 'application_folder', - 'view_folder', - '_protected', - '_registered' - ); - - $_registered = ini_get('variables_order'); - foreach (array('E' => '_ENV', 'G' => '_GET', 'P' => '_POST', 'C' => '_COOKIE', 'S' => '_SERVER') as $key => $superglobal) - { - if (strpos($_registered, $key) === FALSE) - { - continue; - } - - foreach (array_keys($$superglobal) as $var) - { - if (isset($GLOBALS[$var]) && ! in_array($var, $_protected, TRUE)) - { - $GLOBALS[$var] = NULL; - } - } - } - } -} - - /* * ------------------------------------------------------ * Define a custom error handler so we can log PHP errors @@ -291,14 +243,14 @@ if ( ! is_php('5.4')) * Instantiate the UTF-8 class * ------------------------------------------------------ */ - $UNI =& load_class('Utf8', 'core'); + $UNI =& load_class('Utf8', 'core', $charset); /* * ------------------------------------------------------ * Instantiate the URI class * ------------------------------------------------------ */ - $URI =& load_class('URI', 'core'); + $URI =& load_class('URI', 'core', $CFG); /* * ------------------------------------------------------ @@ -329,14 +281,14 @@ if ( ! is_php('5.4')) * Load the security class for xss and csrf support * ----------------------------------------------------- */ - $SEC =& load_class('Security', 'core'); + $SEC =& load_class('Security', 'core', $charset); /* * ------------------------------------------------------ * Load the Input class and sanitize globals * ------------------------------------------------------ */ - $IN =& load_class('Input', 'core'); + $IN =& load_class('Input', 'core', $SEC); /* * ------------------------------------------------------ @@ -359,7 +311,7 @@ if ( ! is_php('5.4')) * * Returns current CI instance object * - * @return object + * @return CI_Controller */ function &get_instance() { @@ -416,14 +368,29 @@ if ( ! is_php('5.4')) $params = array($method, array_slice($URI->rsegments, 2)); $method = '_remap'; } - // WARNING: It appears that there are issues with is_callable() even in PHP 5.2! - // Furthermore, there are bug reports and feature/change requests related to it - // that make it unreliable to use in this context. Please, DO NOT change this - // work-around until a better alternative is available. - elseif ( ! in_array(strtolower($method), array_map('strtolower', get_class_methods($class)), TRUE)) + elseif ( ! method_exists($class, $method)) { $e404 = TRUE; } + /** + * DO NOT CHANGE THIS, NOTHING ELSE WORKS! + * + * - method_exists() returns true for non-public methods, which passes the previous elseif + * - is_callable() returns false for PHP 4-style constructors, even if there's a __construct() + * - method_exists($class, '__construct') won't work because CI_Controller::__construct() is inherited + * - People will only complain if this doesn't work, even though it is documented that it shouldn't. + * + * ReflectionMethod::isConstructor() is the ONLY reliable check, + * knowing which method will be executed as a constructor. + */ + elseif ( ! is_callable(array($class, $method)) && strcasecmp($class, $method) === 0) + { + $reflection = new ReflectionMethod($class, $method); + if ( ! $reflection->isPublic() OR $reflection->isConstructor()) + { + $e404 = TRUE; + } + } } if ($e404) diff --git a/system/core/Common.php b/system/core/Common.php index ce324a1cc..2712df0e4 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage CodeIgniter * @category Common Functions * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/ + * @link https://codeigniter.com/user_guide/ */ // ------------------------------------------------------------------------ @@ -81,8 +81,7 @@ if ( ! function_exists('is_really_writable')) * Tests for file writability * * is_writable() returns TRUE on Windows servers when you really can't write to - * the file, based on the read-only attribute. is_writable() is also unreliable - * on Unix servers if safe_mode is on. + * the file, based on the read-only attribute. * * @link https://bugs.php.net/bug.php?id=54709 * @param string @@ -90,8 +89,8 @@ if ( ! function_exists('is_really_writable')) */ function is_really_writable($file) { - // If we're on a Unix server with safe_mode off we call is_writable - if (DIRECTORY_SEPARATOR === '/' && (is_php('5.4') OR ! ini_get('safe_mode'))) + // If we're on a UNIX-like server, just is_writable() + if (DIRECTORY_SEPARATOR === '/') { return is_writable($file); } @@ -355,7 +354,7 @@ if ( ! function_exists('is_https')) { return TRUE; } - elseif (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https') + elseif (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && strtolower($_SERVER['HTTP_X_FORWARDED_PROTO']) === 'https') { return TRUE; } @@ -544,13 +543,18 @@ if ( ! function_exists('set_status_header')) 416 => 'Requested Range Not Satisfiable', 417 => 'Expectation Failed', 422 => 'Unprocessable Entity', + 426 => 'Upgrade Required', + 428 => 'Precondition Required', + 429 => 'Too Many Requests', + 431 => 'Request Header Fields Too Large', 500 => 'Internal Server Error', 501 => 'Not Implemented', 502 => 'Bad Gateway', 503 => 'Service Unavailable', 504 => 'Gateway Timeout', - 505 => 'HTTP Version Not Supported' + 505 => 'HTTP Version Not Supported', + 511 => 'Network Authentication Required', ); if (isset($stati[$code])) @@ -598,7 +602,7 @@ if ( ! function_exists('_error_handler')) */ function _error_handler($severity, $message, $filepath, $line) { - $is_error = (((E_ERROR | E_COMPILE_ERROR | E_CORE_ERROR | E_USER_ERROR) & $severity) === $severity); + $is_error = (((E_ERROR | E_PARSE | E_COMPILE_ERROR | E_CORE_ERROR | E_USER_ERROR) & $severity) === $severity); // When an error occurred, set the status header to '500 Internal Server Error' // to indicate to the client something went wrong. @@ -656,6 +660,7 @@ if ( ! function_exists('_exception_handler')) $_error =& load_class('Exceptions', 'core'); $_error->log_exception('error', 'Exception: '.$exception->getMessage(), $exception->getFile(), $exception->getLine()); + is_cli() OR set_status_header(500); // Should we display the error? if (str_ireplace(array('off', 'none', 'no', 'false', 'null'), '', ini_get('display_errors'))) { @@ -677,7 +682,7 @@ if ( ! function_exists('_shutdown_handler')) * of CodeIgniter.php. The main reason we use this is to simulate * a complete custom exception handler. * - * E_STRICT is purposivly neglected because such events may have + * E_STRICT is purposively neglected because such events may have * been caught. Duplication or none? None is preferred for now. * * @link http://insomanic.me.uk/post/229851073/php-trick-catching-fatal-errors-e-error-with-a @@ -716,8 +721,8 @@ if ( ! function_exists('remove_invisible_characters')) // carriage return (dec 13) and horizontal tab (dec 09) if ($url_encoded) { - $non_displayables[] = '/%0[0-8bcef]/'; // url encoded 00-08, 11, 12, 14, 15 - $non_displayables[] = '/%1[0-9a-f]/'; // url encoded 16-31 + $non_displayables[] = '/%0[0-8bcef]/i'; // url encoded 00-08, 11, 12, 14, 15 + $non_displayables[] = '/%1[0-9a-f]/i'; // url encoded 16-31 } $non_displayables[] = '/[\x00-\x08\x0B\x0C\x0E-\x1F\x7F]+/S'; // 00-08, 11, 12, 14-31, 127 @@ -752,7 +757,12 @@ if ( ! function_exists('html_escape')) if (is_array($var)) { - return array_map('html_escape', $var, array_fill(0, count($var), $double_encode)); + foreach (array_keys($var) as $key) + { + $var[$key] = html_escape($var[$key], $double_encode); + } + + return $var; } return htmlspecialchars($var, ENT_QUOTES, config_item('charset'), $double_encode); @@ -816,7 +826,7 @@ if ( ! function_exists('function_usable')) * terminate script execution if a disabled function is executed. * * The above described behavior turned out to be a bug in Suhosin, - * but even though a fix was commited for 0.9.34 on 2012-02-12, + * but even though a fix was committed for 0.9.34 on 2012-02-12, * that version is yet to be released. This function will therefore * be just temporary, but would probably be kept for a few years. * diff --git a/system/core/Config.php b/system/core/Config.php index d07000ac9..d7236df1f 100644 --- a/system/core/Config.php +++ b/system/core/Config.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Libraries * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/config.html + * @link https://codeigniter.com/user_guide/libraries/config.html */ class CI_Config { @@ -88,11 +88,18 @@ class CI_Config { // Set the base_url automatically if none was provided if (empty($this->config['base_url'])) { - // The regular expression is only a basic validation for a valid "Host" header. - // It's not exhaustive, only checks for valid characters. - if (isset($_SERVER['HTTP_HOST']) && preg_match('/^((\[[0-9a-f:]+\])|(\d{1,3}(\.\d{1,3}){3})|[a-z0-9\-\.]+)(:\d+)?$/i', $_SERVER['HTTP_HOST'])) + if (isset($_SERVER['SERVER_ADDR'])) { - $base_url = (is_https() ? 'https' : 'http').'://'.$_SERVER['HTTP_HOST'] + if (strpos($_SERVER['SERVER_ADDR'], ':') !== FALSE) + { + $server_addr = '['.$_SERVER['SERVER_ADDR'].']'; + } + else + { + $server_addr = $_SERVER['SERVER_ADDR']; + } + + $base_url = (is_https() ? 'https' : 'http').'://'.$server_addr .substr($_SERVER['SCRIPT_NAME'], 0, strpos($_SERVER['SCRIPT_NAME'], basename($_SERVER['SCRIPT_FILENAME']))); } else @@ -162,7 +169,7 @@ class CI_Config { $this->is_loaded[] = $file_path; $config = NULL; $loaded = TRUE; - log_message('debug', 'Config file loaded: '.$file_path); + log_message('info', 'Config file loaded: '.$file_path); } } @@ -238,7 +245,15 @@ class CI_Config { if (isset($protocol)) { - $base_url = $protocol.substr($base_url, strpos($base_url, '://')); + // For protocol-relative links + if ($protocol === '') + { + $base_url = substr($base_url, strpos($base_url, '//')); + } + else + { + $base_url = $protocol.substr($base_url, strpos($base_url, '://')); + } } if (empty($uri)) @@ -293,10 +308,18 @@ class CI_Config { if (isset($protocol)) { - $base_url = $protocol.substr($base_url, strpos($base_url, '://')); + // For protocol-relative links + if ($protocol === '') + { + $base_url = substr($base_url, strpos($base_url, '//')); + } + else + { + $base_url = $protocol.substr($base_url, strpos($base_url, '://')); + } } - return $base_url.ltrim($this->_uri_string($uri), '/'); + return $base_url.$this->_uri_string($uri); } // ------------------------------------------------------------- @@ -314,11 +337,8 @@ class CI_Config { { if ($this->item('enable_query_strings') === FALSE) { - if (is_array($uri)) - { - $uri = implode('/', $uri); - } - return trim($uri, '/'); + is_array($uri) && $uri = implode('/', $uri); + return ltrim($uri, '/'); } elseif (is_array($uri)) { @@ -331,20 +351,6 @@ class CI_Config { // -------------------------------------------------------------------- /** - * System URL - * - * @deprecated 3.0.0 Encourages insecure practices - * @return string - */ - public function system_url() - { - $x = explode('/', preg_replace('|/*(.+?)/*$|', '\\1', BASEPATH)); - return $this->slash_item('base_url').end($x).'/'; - } - - // -------------------------------------------------------------------- - - /** * Set a config file item * * @param string $item Config item key diff --git a/system/core/Controller.php b/system/core/Controller.php index a0d97baa2..59a916734 100644 --- a/system/core/Controller.php +++ b/system/core/Controller.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -47,7 +47,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Libraries * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/general/controllers.html + * @link https://codeigniter.com/user_guide/general/controllers.html */ class CI_Controller { diff --git a/system/core/Exceptions.php b/system/core/Exceptions.php index fc25f57e6..47d153f49 100644 --- a/system/core/Exceptions.php +++ b/system/core/Exceptions.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Exceptions * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/exceptions.html + * @link https://codeigniter.com/user_guide/libraries/exceptions.html */ class CI_Exceptions { @@ -187,7 +187,7 @@ class CI_Exceptions { // -------------------------------------------------------------------- - public function show_exception(Exception $exception) + public function show_exception($exception) { $templates_path = config_item('error_views_path'); if (empty($templates_path)) @@ -207,7 +207,6 @@ class CI_Exceptions { } else { - set_status_header(500); $templates_path .= 'html'.DIRECTORY_SEPARATOR; } diff --git a/system/core/Hooks.php b/system/core/Hooks.php index 3b4fb2250..f2d6f21ca 100644 --- a/system/core/Hooks.php +++ b/system/core/Hooks.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Libraries * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/general/hooks.html + * @link https://codeigniter.com/user_guide/general/hooks.html */ class CI_Hooks { diff --git a/system/core/Input.php b/system/core/Input.php index e1319be8d..70a3c61ee 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Input * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/input.html + * @link https://codeigniter.com/user_guide/libraries/input.html */ class CI_Input { @@ -58,45 +58,6 @@ class CI_Input { protected $ip_address = FALSE; /** - * Allow GET array flag - * - * If set to FALSE, then $_GET will be set to an empty array. - * - * @var bool - */ - protected $_allow_get_array = TRUE; - - /** - * Standardize new lines flag - * - * If set to TRUE, then newlines are standardized. - * - * @var bool - */ - protected $_standardize_newlines; - - /** - * Enable XSS flag - * - * Determines whether the XSS filter is always active when - * GET, POST or COOKIE data is encountered. - * Set automatically based on config setting. - * - * @var bool - */ - protected $_enable_xss = FALSE; - - /** - * Enable CSRF flag - * - * Enables a CSRF cookie token to be set. - * Set automatically based on config setting. - * - * @var bool - */ - protected $_enable_csrf = FALSE; - - /** * List of all HTTP request headers * * @var array @@ -122,8 +83,15 @@ class CI_Input { */ protected $_input_stream; + /** + * CI_Security instance + * + * Used for the optional $xss_filter parameter that most + * getter methods have here. + * + * @var CI_Security + */ protected $security; - protected $uni; // -------------------------------------------------------------------- @@ -135,24 +103,9 @@ class CI_Input { * * @return void */ - public function __construct() + public function __construct(CI_Security &$security) { - $this->_allow_get_array = (config_item('allow_get_array') === TRUE); - $this->_enable_xss = (config_item('global_xss_filtering') === TRUE); - $this->_enable_csrf = (config_item('csrf_protection') === TRUE); - $this->_standardize_newlines = (bool) config_item('standardize_newlines'); - - $this->security =& load_class('Security', 'core'); - - // Do we need the UTF-8 class? - if (UTF8_ENABLED === TRUE) - { - $this->uni =& load_class('Utf8', 'core'); - } - - // Sanitize global arrays - $this->_sanitize_globals(); - + $this->security = $security; log_message('info', 'Input Class Initialized'); } @@ -168,10 +121,8 @@ class CI_Input { * @param bool $xss_clean Whether to apply XSS filtering * @return mixed */ - protected function _fetch_from_array(&$array, $index = NULL, $xss_clean = NULL) + protected function _fetch_from_array(&$array, $index = NULL, $xss_clean = FALSE) { - is_bool($xss_clean) OR $xss_clean = $this->_enable_xss; - // If $index is NULL, it means that the whole $array is requested isset($index) OR $index = array_keys($array); @@ -231,7 +182,7 @@ class CI_Input { * @param bool $xss_clean Whether to apply XSS filtering * @return mixed */ - public function get($index = NULL, $xss_clean = NULL) + public function get($index = NULL, $xss_clean = FALSE) { return $this->_fetch_from_array($_GET, $index, $xss_clean); } @@ -245,7 +196,7 @@ class CI_Input { * @param bool $xss_clean Whether to apply XSS filtering * @return mixed */ - public function post($index = NULL, $xss_clean = NULL) + public function post($index = NULL, $xss_clean = FALSE) { return $this->_fetch_from_array($_POST, $index, $xss_clean); } @@ -259,7 +210,7 @@ class CI_Input { * @param bool $xss_clean Whether to apply XSS filtering * @return mixed */ - public function post_get($index, $xss_clean = NULL) + public function post_get($index, $xss_clean = FALSE) { return isset($_POST[$index]) ? $this->post($index, $xss_clean) @@ -275,7 +226,7 @@ class CI_Input { * @param bool $xss_clean Whether to apply XSS filtering * @return mixed */ - public function get_post($index, $xss_clean = NULL) + public function get_post($index, $xss_clean = FALSE) { return isset($_GET[$index]) ? $this->get($index, $xss_clean) @@ -291,7 +242,7 @@ class CI_Input { * @param bool $xss_clean Whether to apply XSS filtering * @return mixed */ - public function cookie($index = NULL, $xss_clean = NULL) + public function cookie($index = NULL, $xss_clean = FALSE) { return $this->_fetch_from_array($_COOKIE, $index, $xss_clean); } @@ -305,7 +256,7 @@ class CI_Input { * @param bool $xss_clean Whether to apply XSS filtering * @return mixed */ - public function server($index, $xss_clean = NULL) + public function server($index, $xss_clean = FALSE) { return $this->_fetch_from_array($_SERVER, $index, $xss_clean); } @@ -321,7 +272,7 @@ class CI_Input { * @param bool $xss_clean Whether to apply XSS filtering * @return mixed */ - public function input_stream($index = NULL, $xss_clean = NULL) + public function input_stream($index = NULL, $xss_clean = FALSE) { // Prior to PHP 5.6, the input stream can only be read once, // so we'll need to check if we have already done that first. @@ -353,7 +304,7 @@ class CI_Input { * @param bool $httponly Whether to only makes the cookie accessible via HTTP (no javascript) * @return void */ - public function set_cookie($name, $value = '', $expire = '', $domain = '', $path = '/', $prefix = '', $secure = FALSE, $httponly = FALSE) + public function set_cookie($name, $value = '', $expire = 0, $domain = '', $path = '/', $prefix = '', $secure = FALSE, $httponly = FALSE) { if (is_array($name)) { @@ -392,9 +343,9 @@ class CI_Input { $httponly = config_item('cookie_httponly'); } - if ( ! is_numeric($expire)) + if ( ! is_numeric($expire) OR $expire < 0) { - $expire = time() - 86500; + $expire = 1; } else { @@ -513,9 +464,9 @@ class CI_Input { if ($separator === ':') { $netaddr = explode(':', str_replace('::', str_repeat(':', 9 - substr_count($netaddr, ':')), $netaddr)); - for ($i = 0; $i < 8; $i++) + for ($j = 0; $j < 8; $j++) { - $netaddr[$i] = intval($netaddr[$i], 16); + $netaddr[$j] = intval($netaddr[$j], 16); } } else @@ -575,7 +526,7 @@ class CI_Input { * * @return string|null User Agent string or NULL if it doesn't exist */ - public function user_agent($xss_clean = NULL) + public function user_agent($xss_clean = FALSE) { return $this->_fetch_from_array($_SERVER, 'HTTP_USER_AGENT', $xss_clean); } @@ -583,173 +534,6 @@ class CI_Input { // -------------------------------------------------------------------- /** - * Sanitize Globals - * - * Internal method serving for the following purposes: - * - * - Unsets $_GET data, if query strings are not enabled - * - Cleans POST, COOKIE and SERVER data - * - Standardizes newline characters to PHP_EOL - * - * @return void - */ - protected function _sanitize_globals() - { - // Is $_GET data allowed? If not we'll set the $_GET to an empty array - if ($this->_allow_get_array === FALSE) - { - $_GET = array(); - } - elseif (is_array($_GET) && count($_GET) > 0) - { - foreach ($_GET as $key => $val) - { - $_GET[$this->_clean_input_keys($key)] = $this->_clean_input_data($val); - } - } - - // Clean $_POST Data - if (is_array($_POST) && count($_POST) > 0) - { - foreach ($_POST as $key => $val) - { - $_POST[$this->_clean_input_keys($key)] = $this->_clean_input_data($val); - } - } - - // Clean $_COOKIE Data - if (is_array($_COOKIE) && count($_COOKIE) > 0) - { - // Also get rid of specially treated cookies that might be set by a server - // or silly application, that are of no use to a CI application anyway - // but that when present will trip our 'Disallowed Key Characters' alarm - // http://www.ietf.org/rfc/rfc2109.txt - // note that the key names below are single quoted strings, and are not PHP variables - unset( - $_COOKIE['$Version'], - $_COOKIE['$Path'], - $_COOKIE['$Domain'] - ); - - foreach ($_COOKIE as $key => $val) - { - if (($cookie_key = $this->_clean_input_keys($key)) !== FALSE) - { - $_COOKIE[$cookie_key] = $this->_clean_input_data($val); - } - else - { - unset($_COOKIE[$key]); - } - } - } - - // Sanitize PHP_SELF - $_SERVER['PHP_SELF'] = strip_tags($_SERVER['PHP_SELF']); - - // CSRF Protection check - if ($this->_enable_csrf === TRUE && ! is_cli()) - { - $this->security->csrf_verify(); - } - - log_message('debug', 'Global POST, GET and COOKIE data sanitized'); - } - - // -------------------------------------------------------------------- - - /** - * Clean Input Data - * - * Internal method that aids in escaping data and - * standardizing newline characters to PHP_EOL. - * - * @param string|string[] $str Input string(s) - * @return string - */ - protected function _clean_input_data($str) - { - if (is_array($str)) - { - $new_array = array(); - foreach (array_keys($str) as $key) - { - $new_array[$this->_clean_input_keys($key)] = $this->_clean_input_data($str[$key]); - } - return $new_array; - } - - /* We strip slashes if magic quotes is on to keep things consistent - - NOTE: In PHP 5.4 get_magic_quotes_gpc() will always return 0 and - it will probably not exist in future versions at all. - */ - if ( ! is_php('5.4') && get_magic_quotes_gpc()) - { - $str = stripslashes($str); - } - - // Clean UTF-8 if supported - if (UTF8_ENABLED === TRUE) - { - $str = $this->uni->clean_string($str); - } - - // Remove control characters - $str = remove_invisible_characters($str, FALSE); - - // Standardize newlines if needed - if ($this->_standardize_newlines === TRUE) - { - return preg_replace('/(?:\r\n|[\r\n])/', PHP_EOL, $str); - } - - return $str; - } - - // -------------------------------------------------------------------- - - /** - * Clean Keys - * - * Internal method that helps to prevent malicious users - * from trying to exploit keys we make sure that keys are - * only named with alpha-numeric text and a few other items. - * - * @param string $str Input string - * @param bool $fatal Whether to terminate script exection - * or to return FALSE if an invalid - * key is encountered - * @return string|bool - */ - protected function _clean_input_keys($str, $fatal = TRUE) - { - if ( ! preg_match('/^[a-z0-9:_\/|-]+$/i', $str)) - { - if ($fatal === TRUE) - { - return FALSE; - } - else - { - set_status_header(503); - echo 'Disallowed Key Characters.'; - exit(7); // EXIT_USER_INPUT - } - } - - // Clean UTF-8 if supported - if (UTF8_ENABLED === TRUE) - { - return $this->uni->clean_string($str); - } - - return $str; - } - - // -------------------------------------------------------------------- - - /** * Request Headers * * @param bool $xss_clean Whether to apply XSS filtering @@ -760,30 +544,32 @@ class CI_Input { // If header is already defined, return it immediately if ( ! empty($this->headers)) { - return $this->headers; + return $this->_fetch_from_array($this->headers, NULL, $xss_clean); } // In Apache, you can simply call apache_request_headers() if (function_exists('apache_request_headers')) { - return $this->headers = apache_request_headers(); + $this->headers = apache_request_headers(); } - - $this->headers['Content-Type'] = isset($_SERVER['CONTENT_TYPE']) ? $_SERVER['CONTENT_TYPE'] : @getenv('CONTENT_TYPE'); - - foreach ($_SERVER as $key => $val) + else { - if (sscanf($key, 'HTTP_%s', $header) === 1) + isset($_SERVER['CONTENT_TYPE']) && $this->headers['Content-Type'] = $_SERVER['CONTENT_TYPE']; + + foreach ($_SERVER as $key => $val) { - // take SOME_HEADER and turn it into Some-Header - $header = str_replace('_', ' ', strtolower($header)); - $header = str_replace(' ', '-', ucwords($header)); + if (sscanf($key, 'HTTP_%s', $header) === 1) + { + // take SOME_HEADER and turn it into Some-Header + $header = str_replace('_', ' ', strtolower($header)); + $header = str_replace(' ', '-', ucwords($header)); - $this->headers[$header] = $this->_fetch_from_array($_SERVER, $key, $xss_clean); + $this->headers[$header] = $_SERVER[$key]; + } } } - return $this->headers; + return $this->_fetch_from_array($this->headers, NULL, $xss_clean); } // -------------------------------------------------------------------- @@ -803,7 +589,7 @@ class CI_Input { if ( ! isset($headers)) { - empty($this->headers) OR $this->request_headers(); + empty($this->headers) && $this->request_headers(); foreach ($this->headers as $key => $value) { $headers[strtolower($key)] = $value; @@ -839,21 +625,6 @@ class CI_Input { // -------------------------------------------------------------------- /** - * Is CLI request? - * - * Test to see if a request was made from the command line. - * - * @deprecated 3.0.0 Use is_cli() instead - * @return bool - */ - public function is_cli_request() - { - return is_cli(); - } - - // -------------------------------------------------------------------- - - /** * Get Request Method * * Return the request method diff --git a/system/core/Lang.php b/system/core/Lang.php index deb955414..569b02368 100644 --- a/system/core/Lang.php +++ b/system/core/Lang.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Language * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/language.html + * @link https://codeigniter.com/user_guide/libraries/language.html */ class CI_Lang { diff --git a/system/core/Loader.php b/system/core/Loader.php index 5de7a9483..7279e8833 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Loader * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/loader.html + * @link https://codeigniter.com/user_guide/libraries/loader.html */ class CI_Loader { @@ -285,13 +285,43 @@ class CI_Loader { $this->database($db_conn, FALSE, TRUE); } + // Note: All of the code under this condition used to be just: + // + // load_class('Model', 'core'); + // + // However, load_class() instantiates classes + // to cache them for later use and that prevents + // MY_Model from being an abstract class and is + // sub-optimal otherwise anyway. if ( ! class_exists('CI_Model', FALSE)) { - load_class('Model', 'core'); + $app_path = APPPATH.'core'.DIRECTORY_SEPARATOR; + if (file_exists($app_path.'Model.php')) + { + require_once($app_path.'Model.php'); + if ( ! class_exists('CI_Model', FALSE)) + { + throw new RuntimeException($app_path."Model.php exists, but doesn't declare class CI_Model"); + } + } + elseif ( ! class_exists('CI_Model', FALSE)) + { + require_once(BASEPATH.'core'.DIRECTORY_SEPARATOR.'Model.php'); + } + + $class = config_item('subclass_prefix').'Model'; + if (file_exists($app_path.$class.'.php')) + { + require_once($app_path.$class.'.php'); + if ( ! class_exists($class, FALSE)) + { + throw new RuntimeException($app_path.$class.".php exists, but doesn't declare class ".$class); + } + } } - $model = ucfirst(strtolower($model)); - if ( ! class_exists($model)) + $model = ucfirst($model); + if ( ! class_exists($model, FALSE)) { foreach ($this->_ci_model_paths as $mod_path) { @@ -456,7 +486,7 @@ class CI_Loader { */ public function view($view, $vars = array(), $return = FALSE) { - return $this->_ci_load(array('_ci_view' => $view, '_ci_vars' => $this->_ci_object_to_array($vars), '_ci_return' => $return)); + return $this->_ci_load(array('_ci_view' => $view, '_ci_vars' => $this->_ci_prepare_view_vars($vars), '_ci_return' => $return)); } // -------------------------------------------------------------------- @@ -489,19 +519,13 @@ class CI_Loader { */ public function vars($vars, $val = '') { - if (is_string($vars)) - { - $vars = array($vars => $val); - } - - $vars = $this->_ci_object_to_array($vars); + $vars = is_string($vars) + ? array($vars => $val) + : $this->_ci_prepare_view_vars($vars); - if (is_array($vars) && count($vars) > 0) + foreach ($vars as $key => $val) { - foreach ($vars as $key => $val) - { - $this->_ci_cached_vars[$key] = $val; - } + $this->_ci_cached_vars[$key] = $val; } return $this; @@ -561,15 +585,21 @@ class CI_Loader { */ public function helper($helpers = array()) { - foreach ($this->_ci_prep_filename($helpers, '_helper') as $helper) + is_array($helpers) OR $helpers = array($helpers); + foreach ($helpers as &$helper) { + $filename = basename($helper); + $filepath = ($filename === $helper) ? '' : substr($helper, 0, strlen($helper) - strlen($filename)); + $filename = strtolower(preg_replace('#(_helper)?(\.php)?$#i', '', $filename)).'_helper'; + $helper = $filepath.$filename; + if (isset($this->_ci_helpers[$helper])) { continue; } // Is this a helper extension request? - $ext_helper = config_item('subclass_prefix').$helper; + $ext_helper = config_item('subclass_prefix').$filename; $ext_loaded = FALSE; foreach ($this->_ci_helper_paths as $path) { @@ -688,9 +718,16 @@ class CI_Loader { { if (is_array($library)) { - foreach ($library as $driver) + foreach ($library as $key => $value) { - $this->driver($driver); + if (is_int($key)) + { + $this->driver($value, $params); + } + else + { + $this->driver($key, $params, $value); + } } return $this; @@ -897,13 +934,10 @@ class CI_Loader { * the two types and cache them so that views that are embedded within * other views can have access to these variables. */ - if (is_array($_ci_vars)) - { - $this->_ci_cached_vars = array_merge($this->_ci_cached_vars, $_ci_vars); - } + empty($_ci_vars) OR $this->_ci_cached_vars = array_merge($this->_ci_cached_vars, $_ci_vars); extract($this->_ci_cached_vars); - /* + /** * Buffer the output * * We buffer the output for two reasons: @@ -916,18 +950,7 @@ class CI_Loader { */ ob_start(); - // If the PHP installation does not support short tags we'll - // do a little string replacement, changing the short tags - // to standard PHP echo statements. - if ( ! is_php('5.4') && ! ini_get('short_open_tag') && config_item('rewrite_short_tags') === TRUE) - { - echo eval('?>'.preg_replace('/;*\s*\?>/', '; ?>', str_replace('<?=', '<?php echo ', file_get_contents($_ci_path)))); - } - else - { - include($_ci_path); // include() vs include_once() allows for multiple views with the same name - } - + include($_ci_path); // include() vs include_once() allows for multiple views with the same name log_message('info', 'File loaded: '.$_ci_path); // Return the file data if requested @@ -1061,7 +1084,7 @@ class CI_Loader { * @used-by CI_Loader::_ci_load_library() * @uses CI_Loader::_ci_init_library() * - * @param string $library Library name to load + * @param string $library_name Library name to load * @param string $file_path Path to the library filename, relative to libraries/ * @param mixed $params Optional parameters to pass to the class constructor * @param string $object_name Optional object name to assign to @@ -1304,10 +1327,7 @@ class CI_Loader { // Autoload drivers if (isset($autoload['drivers'])) { - foreach ($autoload['drivers'] as $item) - { - $this->driver($item); - } + $this->driver($autoload['drivers']); } // Load libraries @@ -1334,17 +1354,32 @@ class CI_Loader { // -------------------------------------------------------------------- /** - * CI Object to Array translator + * Prepare variables for _ci_vars, to be later extract()-ed inside views * - * Takes an object as input and converts the class variables to - * an associative array with key/value pairs. + * Converts objects to associative arrays and filters-out internal + * variable names (i.e. keys prefixed with '_ci_'). * - * @param object $object Object data to translate + * @param mixed $vars * @return array */ - protected function _ci_object_to_array($object) + protected function _ci_prepare_view_vars($vars) { - return is_object($object) ? get_object_vars($object) : $object; + if ( ! is_array($vars)) + { + $vars = is_object($vars) + ? get_object_vars($vars) + : array(); + } + + foreach (array_keys($vars) as $key) + { + if (strncmp($key, '_ci_', 4) === 0) + { + unset($vars[$key]); + } + } + + return $vars; } // -------------------------------------------------------------------- @@ -1362,34 +1397,4 @@ class CI_Loader { $CI =& get_instance(); return $CI->$component; } - - // -------------------------------------------------------------------- - - /** - * Prep filename - * - * This function prepares filenames of various items to - * make their loading more reliable. - * - * @param string|string[] $filename Filename(s) - * @param string $extension Filename extension - * @return array - */ - protected function _ci_prep_filename($filename, $extension) - { - if ( ! is_array($filename)) - { - return array(strtolower(str_replace(array($extension, '.php'), '', $filename).$extension)); - } - else - { - foreach ($filename as $key => $val) - { - $filename[$key] = strtolower(str_replace(array($extension, '.php'), '', $val).$extension); - } - - return $filename; - } - } - } diff --git a/system/core/Log.php b/system/core/Log.php index e8cb401f5..5be7baea8 100644 --- a/system/core/Log.php +++ b/system/core/Log.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Logging * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/general/errors.html + * @link https://codeigniter.com/user_guide/general/errors.html */ class CI_Log { @@ -104,6 +104,13 @@ class CI_Log { */ protected $_levels = array('ERROR' => 1, 'DEBUG' => 2, 'INFO' => 3, 'ALL' => 4); + /** + * mbstring.func_override flag + * + * @var bool + */ + protected static $func_override; + // -------------------------------------------------------------------- /** @@ -115,6 +122,8 @@ class CI_Log { { $config =& get_config(); + isset(self::$func_override) OR self::$func_override = (extension_loaded('mbstring') && ini_get('mbstring.func_override')); + $this->_log_path = ($config['log_path'] !== '') ? $config['log_path'] : APPPATH.'logs/'; $this->_file_ext = (isset($config['log_file_extension']) && $config['log_file_extension'] !== '') ? ltrim($config['log_file_extension'], '.') : 'php'; @@ -154,8 +163,8 @@ class CI_Log { * * Generally this function will be called using the global log_message() function * - * @param string the error level: 'error', 'debug' or 'info' - * @param string the error message + * @param string $level The error level: 'error', 'debug' or 'info' + * @param string $msg The error message * @return bool */ public function write_log($level, $msg) @@ -191,6 +200,8 @@ class CI_Log { return FALSE; } + flock($fp, LOCK_EX); + // Instantiating DateTime with microseconds appended to initial date is needed for proper support of this format if (strpos($this->_date_fmt, 'u') !== FALSE) { @@ -204,13 +215,11 @@ class CI_Log { $date = date($this->_date_fmt); } - $message .= $level.' - '.$date.' --> '.$msg."\n"; - - flock($fp, LOCK_EX); + $message .= $this->_format_line($level, $date, $msg); - for ($written = 0, $length = strlen($message); $written < $length; $written += $result) + for ($written = 0, $length = self::strlen($message); $written < $length; $written += $result) { - if (($result = fwrite($fp, substr($message, $written))) === FALSE) + if (($result = fwrite($fp, self::substr($message, $written))) === FALSE) { break; } @@ -227,4 +236,58 @@ class CI_Log { return is_int($result); } + // -------------------------------------------------------------------- + + /** + * Format the log line. + * + * This is for extensibility of log formatting + * If you want to change the log format, extend the CI_Log class and override this method + * + * @param string $level The error level + * @param string $date Formatted date string + * @param string $message The log message + * @return string Formatted log line with a new line character '\n' at the end + */ + protected function _format_line($level, $date, $message) + { + return $level.' - '.$date.' --> '.$message."\n"; + } + + // -------------------------------------------------------------------- + + /** + * Byte-safe strlen() + * + * @param string $str + * @return int + */ + protected static function strlen($str) + { + return (self::$func_override) + ? mb_strlen($str, '8bit') + : strlen($str); + } + + // -------------------------------------------------------------------- + + /** + * Byte-safe substr() + * + * @param string $str + * @param int $start + * @param int $length + * @return string + */ + protected static function substr($str, $start, $length = NULL) + { + if (self::$func_override) + { + return mb_substr($str, $start, $length, '8bit'); + } + + return isset($length) + ? substr($str, $start, $length) + : substr($str, $start); + } } diff --git a/system/core/Model.php b/system/core/Model.php index a0469de11..c809e7b84 100644 --- a/system/core/Model.php +++ b/system/core/Model.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Libraries * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/config.html + * @link https://codeigniter.com/user_guide/libraries/config.html */ class CI_Model { diff --git a/system/core/Output.php b/system/core/Output.php index 76c1329d2..0887717d9 100644 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Output * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/output.html + * @link https://codeigniter.com/user_guide/libraries/output.html */ class CI_Output { @@ -123,6 +123,13 @@ class CI_Output { public $parse_exec_vars = TRUE; /** + * mbstring.func_override flag + * + * @var bool + */ + protected static $func_override; + + /** * Class constructor * * Determines whether zLib output compression will be used. @@ -138,6 +145,8 @@ class CI_Output { && extension_loaded('zlib') ); + isset(self::$func_override) OR self::$func_override = (extension_loaded('mbstring') && ini_get('mbstring.func_override')); + // Get mime types for later $this->mimes =& get_mimes(); @@ -285,7 +294,7 @@ class CI_Output { /** * Get Header * - * @param string $header_name + * @param string $header * @return string */ public function get_header($header) @@ -302,11 +311,12 @@ class CI_Output { return NULL; } - for ($i = 0, $c = count($headers); $i < $c; $i++) + // Count backwards, in order to get the last matching header + for ($c = count($headers) - 1; $c > -1; $c--) { - if (strncasecmp($header, $headers[$i], $l = strlen($header)) === 0) + if (strncasecmp($header, $headers[$c], $l = self::strlen($header)) === 0) { - return trim(substr($headers[$i], $l+1)); + return trim(self::substr($headers[$c], $l+1)); } } @@ -377,7 +387,7 @@ class CI_Output { /** * Set Cache * - * @param int $time Cache expiration time in seconds + * @param int $time Cache expiration time in minutes * @return CI_Output */ public function cache($time) @@ -480,19 +490,19 @@ class CI_Output { if (isset($_SERVER['HTTP_ACCEPT_ENCODING']) && strpos($_SERVER['HTTP_ACCEPT_ENCODING'], 'gzip') !== FALSE) { header('Content-Encoding: gzip'); - header('Content-Length: '.strlen($output)); + header('Content-Length: '.self::strlen($output)); } else { // User agent doesn't support gzip compression, // so we'll have to decompress our cache - $output = gzinflate(substr($output, 10, -8)); + $output = gzinflate(self::substr($output, 10, -8)); } } echo $output; log_message('info', 'Final output sent to browser'); - log_message('debug', 'Total execution time: '.$elapsed); + log_message('info', 'Total execution time: '.$elapsed); return; } @@ -529,7 +539,7 @@ class CI_Output { } log_message('info', 'Final output sent to browser'); - log_message('debug', 'Total execution time: '.$elapsed); + log_message('info', 'Total execution time: '.$elapsed); } // -------------------------------------------------------------------- @@ -601,9 +611,9 @@ class CI_Output { $output = $cache_info.'ENDCI--->'.$output; - for ($written = 0, $length = strlen($output); $written < $length; $written += $result) + for ($written = 0, $length = self::strlen($output); $written < $length; $written += $result) { - if (($result = fwrite($fp, substr($output, $written))) === FALSE) + if (($result = fwrite($fp, self::substr($output, $written))) === FALSE) { break; } @@ -711,7 +721,7 @@ class CI_Output { } // Display the cache - $this->_display(substr($cache, strlen($match[0]))); + $this->_display(self::substr($cache, self::strlen($match[0]))); log_message('debug', 'Cache file is current. Sending it to browser.'); return TRUE; } @@ -797,4 +807,40 @@ class CI_Output { } } + // -------------------------------------------------------------------- + + /** + * Byte-safe strlen() + * + * @param string $str + * @return int + */ + protected static function strlen($str) + { + return (self::$func_override) + ? mb_strlen($str, '8bit') + : strlen($str); + } + + // -------------------------------------------------------------------- + + /** + * Byte-safe substr() + * + * @param string $str + * @param int $start + * @param int $length + * @return string + */ + protected static function substr($str, $start, $length = NULL) + { + if (self::$func_override) + { + return mb_substr($str, $start, $length, '8bit'); + } + + return isset($length) + ? substr($str, $start, $length) + : substr($str, $start); + } } diff --git a/system/core/Router.php b/system/core/Router.php index 0c793e418..e92a8f540 100644 --- a/system/core/Router.php +++ b/system/core/Router.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Libraries * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/general/routing.html + * @link https://codeigniter.com/user_guide/general/routing.html */ class CI_Router { @@ -118,6 +118,7 @@ class CI_Router { * * Runs the route mapping function. * + * @param array $routing * @return void */ public function __construct($routing = NULL) @@ -153,6 +154,28 @@ class CI_Router { */ protected function _set_routing() { + // Load the routes.php file. It would be great if we could + // skip this for enable_query_strings = TRUE, but then + // default_controller would be empty ... + if (file_exists(APPPATH.'config/routes.php')) + { + include(APPPATH.'config/routes.php'); + } + + if (file_exists(APPPATH.'config/'.ENVIRONMENT.'/routes.php')) + { + include(APPPATH.'config/'.ENVIRONMENT.'/routes.php'); + } + + // Validate & get reserved routes + if (isset($route) && is_array($route)) + { + isset($route['default_controller']) && $this->default_controller = $route['default_controller']; + isset($route['translate_uri_dashes']) && $this->translate_uri_dashes = $route['translate_uri_dashes']; + unset($route['default_controller'], $route['translate_uri_dashes']); + $this->routes = $route; + } + // Are query strings enabled in the config file? Normally CI doesn't utilize query strings // since URI segments are more search-engine friendly, but they can optionally be used. // If this feature is enabled, we will gather the directory/class/method a little differently @@ -199,26 +222,6 @@ class CI_Router { return; } - // Load the routes.php file. - if (file_exists(APPPATH.'config/routes.php')) - { - include(APPPATH.'config/routes.php'); - } - - if (file_exists(APPPATH.'config/'.ENVIRONMENT.'/routes.php')) - { - include(APPPATH.'config/'.ENVIRONMENT.'/routes.php'); - } - - // Validate & get reserved routes - if (isset($route) && is_array($route)) - { - isset($route['default_controller']) && $this->default_controller = $route['default_controller']; - isset($route['translate_uri_dashes']) && $this->translate_uri_dashes = $route['translate_uri_dashes']; - unset($route['default_controller'], $route['translate_uri_dashes']); - $this->routes = $route; - } - // Is there anything to parse? if ($this->uri->uri_string !== '') { @@ -372,26 +375,6 @@ class CI_Router { // Get HTTP verb $http_verb = isset($_SERVER['REQUEST_METHOD']) ? strtolower($_SERVER['REQUEST_METHOD']) : 'cli'; - // Is there a literal match? If so we're done - if (isset($this->routes[$uri])) - { - // Is it an HTTP verb-based route? - if (is_array($this->routes[$uri])) - { - $route = array_change_key_case($this->routes[$uri], CASE_LOWER); - if (isset($route[$http_verb])) - { - $this->_set_request(explode('/', $route[$http_verb])); - return; - } - } - else - { - $this->_set_request(explode('/', $this->routes[$uri])); - return; - } - } - // Loop through the route array looking for wildcards foreach ($this->routes as $key => $val) { @@ -456,19 +439,6 @@ class CI_Router { // -------------------------------------------------------------------- /** - * Fetch the current class - * - * @deprecated 3.0.0 Read the 'class' property instead - * @return string - */ - public function fetch_class() - { - return $this->class; - } - - // -------------------------------------------------------------------- - - /** * Set method name * * @param string $method Method name @@ -482,19 +452,6 @@ class CI_Router { // -------------------------------------------------------------------- /** - * Fetch the current method - * - * @deprecated 3.0.0 Read the 'method' property instead - * @return string - */ - public function fetch_method() - { - return $this->method; - } - - // -------------------------------------------------------------------- - - /** * Set directory name * * @param string $dir Directory name @@ -512,21 +469,4 @@ class CI_Router { $this->directory .= str_replace('.', '', trim($dir, '/')).'/'; } } - - // -------------------------------------------------------------------- - - /** - * Fetch directory - * - * Feches the sub-directory (if any) that contains the requested - * controller class. - * - * @deprecated 3.0.0 Read the 'directory' property instead - * @return string - */ - public function fetch_directory() - { - return $this->directory; - } - } diff --git a/system/core/Security.php b/system/core/Security.php index 7c5199255..4ad550fff 100644 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Security * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/security.html + * @link https://codeigniter.com/user_guide/libraries/security.html */ class CI_Security { @@ -133,15 +133,16 @@ class CI_Security { * @var array */ protected $_never_allowed_str = array( - 'document.cookie' => '[removed]', - 'document.write' => '[removed]', - '.parentNode' => '[removed]', - '.innerHTML' => '[removed]', - '-moz-binding' => '[removed]', - '<!--' => '<!--', - '-->' => '-->', - '<![CDATA[' => '<![CDATA[', - '<comment>' => '<comment>' + 'document.cookie' => '[removed]', + 'document.write' => '[removed]', + '.parentNode' => '[removed]', + '.innerHTML' => '[removed]', + '-moz-binding' => '[removed]', + '<!--' => '<!--', + '-->' => '-->', + '<![CDATA[' => '<![CDATA[', + '<comment>' => '<comment>', + '<%' => '<%' ); /** @@ -166,10 +167,12 @@ class CI_Security { * * @return void */ - public function __construct() + public function __construct($charset) { + $this->charset = $charset; + // Is CSRF protection enabled? - if (config_item('csrf_protection')) + if (config_item('csrf_protection') && ! is_cli()) { // CSRF config foreach (array('csrf_expire', 'csrf_token_name', 'csrf_cookie_name') as $key) @@ -188,10 +191,9 @@ class CI_Security { // Set the CSRF hash $this->_csrf_set_hash(); + $this->csrf_verify(); } - $this->charset = strtoupper(config_item('charset')); - log_message('info', 'Security Class Initialized'); } @@ -223,14 +225,11 @@ class CI_Security { } } - // Do the tokens exist in both the _POST and _COOKIE arrays? - if ( ! isset($_POST[$this->_csrf_token_name], $_COOKIE[$this->_csrf_cookie_name]) - OR $_POST[$this->_csrf_token_name] !== $_COOKIE[$this->_csrf_cookie_name]) // Do the tokens match? - { - $this->csrf_show_error(); - } + // Check CSRF token validity, but don't error on mismatch just yet - we'll want to regenerate + $valid = isset($_POST[$this->_csrf_token_name], $_COOKIE[$this->_csrf_cookie_name]) + && hash_equals($_POST[$this->_csrf_token_name], $_COOKIE[$this->_csrf_cookie_name]); - // We kill this since we're done and we don't want to polute the _POST array + // We kill this since we're done and we don't want to pollute the _POST array unset($_POST[$this->_csrf_token_name]); // Regenerate on every submission? @@ -244,6 +243,11 @@ class CI_Security { $this->_csrf_set_hash(); $this->csrf_set_cookie(); + if ($valid !== TRUE) + { + $this->csrf_show_error(); + } + log_message('info', 'CSRF token verified'); return $this; } @@ -371,11 +375,17 @@ class CI_Security { * * Note: Use rawurldecode() so it does not remove plus signs */ - do + if (stripos($str, '%') !== false) { - $str = rawurldecode($str); + do + { + $oldstr = $str; + $str = rawurldecode($str); + $str = preg_replace_callback('#%(?:\s*[0-9a-f]){2,}#i', array($this, '_urldecodespaces'), $str); + } + while ($oldstr !== $str); + unset($oldstr); } - while (preg_match('/%[0-9a-f]{2,}/i', $str)); /* * Convert character entities to ASCII @@ -436,7 +446,7 @@ class CI_Security { $words = array( 'javascript', 'expression', 'vbscript', 'jscript', 'wscript', 'vbs', 'script', 'base64', 'applet', 'alert', 'document', - 'write', 'cookie', 'window', 'confirm', 'prompt' + 'write', 'cookie', 'window', 'confirm', 'prompt', 'eval' ); foreach ($words as $word) @@ -466,7 +476,7 @@ class CI_Security { if (preg_match('/<a/i', $str)) { - $str = preg_replace_callback('#<a[^a-z0-9>]+([^>]*?)(?:>|$)#si', array($this, '_js_link_removal'), $str); + $str = preg_replace_callback('#<a(?:rea)?[^a-z0-9>]+([^>]*?)(?:>|$)#si', array($this, '_js_link_removal'), $str); } if (preg_match('/<img/i', $str)) @@ -480,12 +490,8 @@ class CI_Security { } } while ($original !== $str); - unset($original); - // Remove evil attributes such as style, onclick and xmlns - $str = $this->_remove_evil_attributes($str, $is_image); - /* * Sanitize naughty HTML elements * @@ -495,8 +501,29 @@ class CI_Security { * So this: <blink> * Becomes: <blink> */ - $naughty = 'alert|prompt|confirm|applet|audio|basefont|base|behavior|bgsound|blink|body|embed|expression|form|frameset|frame|head|html|ilayer|iframe|input|button|select|isindex|layer|link|meta|keygen|object|plaintext|style|script|textarea|title|math|video|svg|xml|xss'; - $str = preg_replace_callback('#<(/*\s*)('.$naughty.')([^><]*)([><]*)#is', array($this, '_sanitize_naughty_html'), $str); + $pattern = '#' + .'<((?<slash>/*\s*)((?<tagName>[a-z0-9]+)(?=[^a-z0-9]|$)|.+)' // tag start and name, followed by a non-tag character + .'[^\s\042\047a-z0-9>/=]*' // a valid attribute character immediately after the tag would count as a separator + // optional attributes + .'(?<attributes>(?:[\s\042\047/=]*' // non-attribute characters, excluding > (tag close) for obvious reasons + .'[^\s\042\047>/=]+' // attribute characters + // optional attribute-value + .'(?:\s*=' // attribute-value separator + .'(?:[^\s\042\047=><`]+|\s*\042[^\042]*\042|\s*\047[^\047]*\047|\s*(?U:[^\s\042\047=><`]*))' // single, double or non-quoted value + .')?' // end optional attribute-value group + .')*)' // end optional attributes group + .'[^>]*)(?<closeTag>\>)?#isS'; + + // Note: It would be nice to optimize this for speed, BUT + // only matching the naughty elements here results in + // false positives and in turn - vulnerabilities! + do + { + $old_str = $str; + $str = preg_replace_callback($pattern, array($this, '_sanitize_naughty_html'), $str); + } + while ($old_str !== $str); + unset($old_str); /* * Sanitize naughty scripting elements @@ -510,9 +537,11 @@ class CI_Security { * For example: eval('some code') * Becomes: eval('some code') */ - $str = preg_replace('#(alert|prompt|confirm|cmd|passthru|eval|exec|expression|system|fopen|fsockopen|file|file_get_contents|readfile|unlink)(\s*)\((.*?)\)#si', - '\\1\\2(\\3)', - $str); + $str = preg_replace( + '#(alert|prompt|confirm|cmd|passthru|eval|exec|expression|system|fopen|fsockopen|file|file_get_contents|readfile|unlink)(\s*)\((.*?)\)#si', + '\\1\\2(\\3)', + $str + ); // Final clean up // This adds a bit of extra precaution in case @@ -574,6 +603,22 @@ class CI_Security { return FALSE; } + if (function_exists('random_bytes')) + { + try + { + // The cast is required to avoid TypeError + return random_bytes((int) $length); + } + catch (Exception $e) + { + // If random_bytes() can't do the job, we can't either ... + // There's no point in using fallbacks. + log_message('error', $e->getMessage()); + return FALSE; + } + } + // Unfortunately, none of the following PRNGs is guaranteed to exist ... if (defined('MCRYPT_DEV_URANDOM') && ($output = mcrypt_create_iv($length, MCRYPT_DEV_URANDOM)) !== FALSE) { @@ -584,7 +629,7 @@ class CI_Security { if (is_readable('/dev/urandom') && ($fp = fopen('/dev/urandom', 'rb')) !== FALSE) { // Try not to waste entropy ... - is_php('5.4') && stream_set_chunk_size($fp, $length); + stream_set_chunk_size($fp, $length); $output = fread($fp, $length); fclose($fp); if ($output !== FALSE) @@ -629,10 +674,8 @@ class CI_Security { static $_entities; - isset($charset) OR $charset = $this->charset; - $flag = is_php('5.4') - ? ENT_COMPAT | ENT_HTML5 - : ENT_COMPAT; + isset($charset) OR $charset = $this->charset; + isset($_entities) OR $_entities = array_map('strtolower', get_html_translation_table(HTML_ENTITIES, ENT_COMPAT | ENT_HTML5, $charset)); do { @@ -641,27 +684,6 @@ class CI_Security { // Decode standard entities, avoiding false positives if (preg_match_all('/&[a-z]{2,}(?![a-z;])/i', $str, $matches)) { - if ( ! isset($_entities)) - { - $_entities = array_map( - 'strtolower', - is_php('5.3.4') - ? get_html_translation_table(HTML_ENTITIES, $flag, $charset) - : get_html_translation_table(HTML_ENTITIES, $flag) - ); - - // If we're not on PHP 5.4+, add the possibly dangerous HTML 5 - // entities to the array manually - if ($flag === ENT_COMPAT) - { - $_entities[':'] = ':'; - $_entities['('] = '('; - $_entities[')'] = ')'; - $_entities["\n"] = '&newline;'; - $_entities["\t"] = '&tab;'; - } - } - $replace = array(); $matches = array_unique(array_map('strtolower', $matches[0])); foreach ($matches as &$match) @@ -672,13 +694,13 @@ class CI_Security { } } - $str = str_ireplace(array_keys($replace), array_values($replace), $str); + $str = str_replace(array_keys($replace), array_values($replace), $str); } // Decode numeric & UTF16 two byte entities $str = html_entity_decode( preg_replace('/(&#(?:x0*[0-9a-f]{2,5}(?![0-9a-f;])|(?:0*\d{2,4}(?![0-9;]))))/iS', '$1;', $str), - $flag, + ENT_COMPAT | ENT_HTML5, $charset ); } @@ -727,7 +749,32 @@ class CI_Security { */ public function strip_image_tags($str) { - return preg_replace(array('#<img[\s/]+.*?src\s*=\s*["\'](.+?)["\'].*?\>#', '#<img[\s/]+.*?src\s*=\s*(.+?).*?\>#'), '\\1', $str); + return preg_replace( + array( + '#<img[\s/]+.*?src\s*=\s*(["\'])([^\\1]+?)\\1.*?\>#i', + '#<img[\s/]+.*?src\s*=\s*?(([^\s"\'=<>`]+)).*?\>#i' + ), + '\\2', + $str + ); + } + + // ---------------------------------------------------------------- + + /** + * URL-decode taking spaces into account + * + * @see https://github.com/bcit-ci/CodeIgniter/issues/4877 + * @param array $matches + * @return string + */ + protected function _urldecodespaces($matches) + { + $input = $matches[0]; + $nospaces = preg_replace('#\s+#', '', $input); + return ($nospaces === $input) + ? $input + : rawurldecode($nospaces); } // ---------------------------------------------------------------- @@ -750,71 +797,92 @@ class CI_Security { // -------------------------------------------------------------------- /** - * Remove Evil HTML Attributes (like event handlers and style) - * - * It removes the evil attribute and either: - * - * - Everything up until a space. For example, everything between the pipes: - * - * <code> - * <a |style=document.write('hello');alert('world');| class=link> - * </code> - * - * - Everything inside the quotes. For example, everything between the pipes: + * Sanitize Naughty HTML * - * <code> - * <a |style="document.write('hello'); alert('world');"| class="link"> - * </code> + * Callback method for xss_clean() to remove naughty HTML elements. * - * @param string $str The string to check - * @param bool $is_image Whether the input is an image - * @return string The string with the evil attributes removed + * @used-by CI_Security::xss_clean() + * @param array $matches + * @return string */ - protected function _remove_evil_attributes($str, $is_image) + protected function _sanitize_naughty_html($matches) { - $evil_attributes = array('on\w*', 'style', 'xmlns', 'formaction', 'form', 'xlink:href', 'FSCommand', 'seekSegmentTime'); + static $naughty_tags = array( + 'alert', 'area', 'prompt', 'confirm', 'applet', 'audio', 'basefont', 'base', 'behavior', 'bgsound', + 'blink', 'body', 'embed', 'expression', 'form', 'frameset', 'frame', 'head', 'html', 'ilayer', + 'iframe', 'input', 'button', 'select', 'isindex', 'layer', 'link', 'meta', 'keygen', 'object', + 'plaintext', 'style', 'script', 'textarea', 'title', 'math', 'video', 'svg', 'xml', 'xss' + ); - if ($is_image === TRUE) + static $evil_attributes = array( + 'on\w+', 'style', 'xmlns', 'formaction', 'form', 'xlink:href', 'FSCommand', 'seekSegmentTime' + ); + + // First, escape unclosed tags + if (empty($matches['closeTag'])) + { + return '<'.$matches[1]; + } + // Is the element that we caught naughty? If so, escape it + elseif (in_array(strtolower($matches['tagName']), $naughty_tags, TRUE)) { - /* - * Adobe Photoshop puts XML metadata into JFIF images, - * including namespacing, so we have to allow this for images. - */ - unset($evil_attributes[array_search('xmlns', $evil_attributes)]); + return '<'.$matches[1].'>'; } + // For other tags, see if their attributes are "evil" and strip those + elseif (isset($matches['attributes'])) + { + // We'll store the already fitlered attributes here + $attributes = array(); - do { - $count = $temp_count = 0; + // Attribute-catching pattern + $attributes_pattern = '#' + .'(?<name>[^\s\042\047>/=]+)' // attribute characters + // optional attribute-value + .'(?:\s*=(?<value>[^\s\042\047=><`]+|\s*\042[^\042]*\042|\s*\047[^\047]*\047|\s*(?U:[^\s\042\047=><`]*)))' // attribute-value separator + .'#i'; - // replace occurrences of illegal attribute strings with quotes (042 and 047 are octal quotes) - $str = preg_replace('/(<[^>]+)(?<!\w)('.implode('|', $evil_attributes).')\s*=\s*(\042|\047)([^\\2]*?)(\\2)/is', '$1[removed]', $str, -1, $temp_count); - $count += $temp_count; + // Blacklist pattern for evil attribute names + $is_evil_pattern = '#^('.implode('|', $evil_attributes).')$#i'; - // find occurrences of illegal attribute strings without quotes - $str = preg_replace('/(<[^>]+)(?<!\w)('.implode('|', $evil_attributes).')\s*=\s*([^\s>]*)/is', '$1[removed]', $str, -1, $temp_count); - $count += $temp_count; - } - while ($count); + // Each iteration filters a single attribute + do + { + // Strip any non-alpha characters that may precede an attribute. + // Browsers often parse these incorrectly and that has been a + // of numerous XSS issues we've had. + $matches['attributes'] = preg_replace('#^[^a-z]+#i', '', $matches['attributes']); - return $str; - } + if ( ! preg_match($attributes_pattern, $matches['attributes'], $attribute, PREG_OFFSET_CAPTURE)) + { + // No (valid) attribute found? Discard everything else inside the tag + break; + } - // -------------------------------------------------------------------- + if ( + // Is it indeed an "evil" attribute? + preg_match($is_evil_pattern, $attribute['name'][0]) + // Or does it have an equals sign, but no value and not quoted? Strip that too! + OR (trim($attribute['value'][0]) === '') + ) + { + $attributes[] = 'xss=removed'; + } + else + { + $attributes[] = $attribute[0][0]; + } - /** - * Sanitize Naughty HTML - * - * Callback method for xss_clean() to remove naughty HTML elements. - * - * @used-by CI_Security::xss_clean() - * @param array $matches - * @return string - */ - protected function _sanitize_naughty_html($matches) - { - return '<'.$matches[1].$matches[2].$matches[3] // encode opening brace - // encode captured opening or closing brace to prevent recursive vectors: - .str_replace(array('>', '<'), array('>', '<'), $matches[4]); + $matches['attributes'] = substr($matches['attributes'], $attribute[0][1] + strlen($attribute[0][0])); + } + while ($matches['attributes'] !== ''); + + $attributes = empty($attributes) + ? '' + : ' '.implode(' ', $attributes); + return '<'.$matches['slash'].$matches['tagName'].$attributes.'>'; + } + + return $matches[0]; } // -------------------------------------------------------------------- @@ -834,12 +902,15 @@ class CI_Security { */ protected function _js_link_removal($match) { - return str_replace($match[1], - preg_replace('#href=.*?(?:(?:alert|prompt|confirm)(?:\(|&\#40;)|javascript:|livescript:|mocha:|charset=|window\.|document\.|\.cookie|<script|<xss|data\s*:)#si', - '', - $this->_filter_attributes(str_replace(array('<', '>'), '', $match[1])) - ), - $match[0]); + return str_replace( + $match[1], + preg_replace( + '#href=.*?(?:(?:alert|prompt|confirm)(?:\(|&\#40;)|javascript:|livescript:|mocha:|charset=|window\.|document\.|\.cookie|<script|<xss|d\s*a\s*t\s*a\s*:)#si', + '', + $this->_filter_attributes($match[1]) + ), + $match[0] + ); } // -------------------------------------------------------------------- @@ -859,12 +930,15 @@ class CI_Security { */ protected function _js_img_removal($match) { - return str_replace($match[1], - preg_replace('#src=.*?(?:(?:alert|prompt|confirm)(?:\(|&\#40;)|javascript:|livescript:|mocha:|charset=|window\.|document\.|\.cookie|<script|<xss|base64\s*,)#si', - '', - $this->_filter_attributes(str_replace(array('<', '>'), '', $match[1])) - ), - $match[0]); + return str_replace( + $match[1], + preg_replace( + '#src=.*?(?:(?:alert|prompt|confirm|eval)(?:\(|&\#40;)|javascript:|livescript:|mocha:|charset=|window\.|document\.|\.cookie|<script|<xss|base64\s*,)#si', + '', + $this->_filter_attributes($match[1]) + ), + $match[0] + ); } // -------------------------------------------------------------------- @@ -980,5 +1054,4 @@ class CI_Security { return $this->_csrf_hash; } - } diff --git a/system/core/URI.php b/system/core/URI.php index 5b658f679..275c07900 100644 --- a/system/core/URI.php +++ b/system/core/URI.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category URI * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/uri.html + * @link https://codeigniter.com/user_guide/libraries/uri.html */ class CI_URI { @@ -96,45 +96,40 @@ class CI_URI { * * @return void */ - public function __construct() + public function __construct(CI_Config $config) { - $this->config =& load_class('Config', 'core'); + $this->config = $config; + // If it's a CLI request, ignore the configuration + if (is_cli()) + { + $this->_set_uri_string($this->_parse_argv(), TRUE); + } // If query strings are enabled, we don't need to parse any segments. - // However, they don't make sense under CLI. - if (is_cli() OR $this->config->item('enable_query_strings') !== TRUE) + elseif ($this->config->item('enable_query_strings') !== TRUE) { $this->_permitted_uri_chars = $this->config->item('permitted_uri_chars'); + $protocol = $this->config->item('uri_protocol'); + empty($protocol) && $protocol = 'REQUEST_URI'; - // If it's a CLI request, ignore the configuration - if (is_cli()) + switch ($protocol) { - $uri = $this->_parse_argv(); + case 'AUTO': // For BC purposes only + case 'REQUEST_URI': + $uri = $this->_parse_request_uri(); + break; + case 'QUERY_STRING': + $uri = $this->_parse_query_string(); + break; + case 'PATH_INFO': + default: + $uri = isset($_SERVER[$protocol]) + ? $_SERVER[$protocol] + : $this->_parse_request_uri(); + break; } - else - { - $protocol = $this->config->item('uri_protocol'); - empty($protocol) && $protocol = 'REQUEST_URI'; - switch ($protocol) - { - case 'AUTO': // For BC purposes only - case 'REQUEST_URI': - $uri = $this->_parse_request_uri(); - break; - case 'QUERY_STRING': - $uri = $this->_parse_query_string(); - break; - case 'PATH_INFO': - default: - $uri = isset($_SERVER[$protocol]) - ? $_SERVER[$protocol] - : $this->_parse_request_uri(); - break; - } - } - - $this->_set_uri_string($uri); + $this->_set_uri_string($uri, FALSE); } log_message('info', 'URI Class Initialized'); @@ -145,43 +140,66 @@ class CI_URI { /** * Set URI String * - * @param string $str + * @param string $str Input URI string + * @param bool $is_cli Whether the input comes from CLI * @return void */ - protected function _set_uri_string($str) + protected function _set_uri_string($str, $is_cli = FALSE) { - // Filter out control characters and trim slashes - $this->uri_string = trim(remove_invisible_characters($str, FALSE), '/'); - - if ($this->uri_string !== '') + // CLI requests have a bit simpler logic + if ($is_cli) { - // Remove the URL suffix, if present - if (($suffix = (string) $this->config->item('url_suffix')) !== '') + if (($this->uri_string = trim($str, '/')) === '') { - $slen = strlen($suffix); - - if (substr($this->uri_string, -$slen) === $suffix) - { - $this->uri_string = substr($this->uri_string, 0, -$slen); - } + return; } $this->segments[0] = NULL; - // Populate the segments array - foreach (explode('/', trim($this->uri_string, '/')) as $val) + foreach (explode('/', $this->uri_string) as $segment) { - $val = trim($val); - // Filter segments for security - $this->filter_uri($val); - - if ($val !== '') + if (($segment = trim($segment)) !== '') { - $this->segments[] = $val; + $this->segments[] = $segment; } } unset($this->segments[0]); + return; + } + + // Filter out control characters and trim slashes + $this->uri_string = trim(remove_invisible_characters($str, FALSE), '/'); + + if ($this->uri_string === '') + { + return; } + + // Remove the URL suffix, if present + if (($suffix = (string) $this->config->item('url_suffix')) !== '') + { + $slen = strlen($suffix); + + if (substr($this->uri_string, -$slen) === $suffix) + { + $this->uri_string = substr($this->uri_string, 0, -$slen); + } + } + + $this->segments[0] = NULL; + foreach (explode('/', trim($this->uri_string, '/')) as $segment) + { + $segment = trim($segment); + // Filter segments for security + $this->filter_uri($segment); + + if ($segment !== '') + { + $this->segments[] = $segment; + } + } + + unset($this->segments[0]); } // -------------------------------------------------------------------- @@ -294,7 +312,7 @@ class CI_URI { * * Do some final cleaning of the URI and return it, currently only used in self::_parse_request_uri() * - * @param string $url + * @param string $uri * @return string */ protected function _remove_relative_directory($uri) diff --git a/system/core/Utf8.php b/system/core/Utf8.php index 9d8ac41e1..1aafbf3a3 100644 --- a/system/core/Utf8.php +++ b/system/core/Utf8.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 2.0.0 * @filesource */ @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category UTF-8 * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/utf8.html + * @link https://codeigniter.com/user_guide/libraries/utf8.html */ class CI_Utf8 { @@ -57,21 +57,21 @@ class CI_Utf8 { * * @return void */ - public function __construct() + public function __construct($charset) { if ( - defined('PREG_BAD_UTF8_ERROR') // PCRE must support UTF-8 - && (ICONV_ENABLED === TRUE OR MB_ENABLED === TRUE) // iconv or mbstring must be installed - && strtoupper(config_item('charset')) === 'UTF-8' // Application charset must be UTF-8 - ) + defined('PREG_BAD_UTF8_ERROR') // PCRE must support UTF-8 + && (ICONV_ENABLED === TRUE OR MB_ENABLED === TRUE) // iconv or mbstring must be installed + && $charset === 'UTF-8' // Application charset must be UTF-8 + ) { define('UTF8_ENABLED', TRUE); - log_message('debug', 'UTF-8 Support Enabled'); + log_message('info', 'UTF-8 Support Enabled'); } else { define('UTF8_ENABLED', FALSE); - log_message('debug', 'UTF-8 Support Disabled'); + log_message('info', 'UTF-8 Support Disabled'); } log_message('info', 'Utf8 Class Initialized'); diff --git a/system/core/compat/hash.php b/system/core/compat/hash.php index 15954559c..c0eab4909 100644 --- a/system/core/compat/hash.php +++ b/system/core/compat/hash.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage CodeIgniter * @category Compatibility * @author Andrey Andreev - * @link http://codeigniter.com/user_guide/ + * @link https://codeigniter.com/user_guide/ * @link http://php.net/hash */ @@ -119,7 +119,7 @@ if ( ! function_exists('hash_pbkdf2')) */ function hash_pbkdf2($algo, $password, $salt, $iterations, $length = 0, $raw_output = FALSE) { - if ( ! in_array($algo, hash_algos(), TRUE)) + if ( ! in_array(strtolower($algo), hash_algos(), TRUE)) { trigger_error('hash_pbkdf2(): Unknown hashing algorithm: '.$algo, E_USER_WARNING); return FALSE; @@ -203,8 +203,6 @@ if ( ! function_exists('hash_pbkdf2')) 'ripemd160' => 64, 'ripemd256' => 64, 'ripemd320' => 64, - 'salsa10' => 64, - 'salsa20' => 64, 'sha1' => 64, 'sha224' => 64, 'sha256' => 64, diff --git a/system/core/compat/mbstring.php b/system/core/compat/mbstring.php index e335c85f7..f466e1c34 100644 --- a/system/core/compat/mbstring.php +++ b/system/core/compat/mbstring.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage CodeIgniter * @category Compatibility * @author Andrey Andreev - * @link http://codeigniter.com/user_guide/ + * @link https://codeigniter.com/user_guide/ * @link http://php.net/mbstring */ diff --git a/system/core/compat/password.php b/system/core/compat/password.php index 7b933aa04..84be66738 100644 --- a/system/core/compat/password.php +++ b/system/core/compat/password.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -44,13 +44,13 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage CodeIgniter * @category Compatibility * @author Andrey Andreev - * @link http://codeigniter.com/user_guide/ + * @link https://codeigniter.com/user_guide/ * @link http://php.net/password */ // ------------------------------------------------------------------------ -if (is_php('5.5') OR ! is_php('5.3.7') OR ! defined('CRYPT_BLOWFISH') OR CRYPT_BLOWFISH !== 1 OR defined('HHVM_VERSION')) +if (is_php('5.5') OR ! defined('CRYPT_BLOWFISH') OR CRYPT_BLOWFISH !== 1 OR defined('HHVM_VERSION')) { return; } @@ -116,13 +116,21 @@ if ( ! function_exists('password_hash')) } elseif ( ! isset($options['salt'])) { - if (defined('MCRYPT_DEV_URANDOM')) + if (function_exists('random_bytes')) { - $options['salt'] = mcrypt_create_iv(16, MCRYPT_DEV_URANDOM); + try + { + $options['salt'] = random_bytes(16); + } + catch (Exception $e) + { + log_message('error', 'compat/password: Error while trying to use random_bytes(): '.$e->getMessage()); + return FALSE; + } } - elseif (function_exists('openssl_random_pseudo_bytes')) + elseif (defined('MCRYPT_DEV_URANDOM')) { - $options['salt'] = openssl_random_pseudo_bytes(16); + $options['salt'] = mcrypt_create_iv(16, MCRYPT_DEV_URANDOM); } elseif (DIRECTORY_SEPARATOR === '/' && (is_readable($dev = '/dev/arandom') OR is_readable($dev = '/dev/urandom'))) { @@ -133,7 +141,7 @@ if ( ! function_exists('password_hash')) } // Try not to waste entropy ... - is_php('5.4') && stream_set_chunk_size($fp, 16); + stream_set_chunk_size($fp, 16); $options['salt'] = ''; for ($read = 0; $read < 16; $read = ($func_override) ? mb_strlen($options['salt'], '8bit') : strlen($options['salt'])) @@ -148,6 +156,16 @@ if ( ! function_exists('password_hash')) fclose($fp); } + elseif (function_exists('openssl_random_pseudo_bytes')) + { + $is_secure = NULL; + $options['salt'] = openssl_random_pseudo_bytes(16, $is_secure); + if ($is_secure !== TRUE) + { + log_message('error', 'compat/password: openssl_random_pseudo_bytes() set the $cryto_strong flag to FALSE'); + return FALSE; + } + } else { log_message('error', 'compat/password: No CSPRNG available.'); diff --git a/system/core/compat/standard.php b/system/core/compat/standard.php index 5a428c114..6fd292a26 100644 --- a/system/core/compat/standard.php +++ b/system/core/compat/standard.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage CodeIgniter * @category Compatibility * @author Andrey Andreev - * @link http://codeigniter.com/user_guide/ + * @link https://codeigniter.com/user_guide/ */ // ------------------------------------------------------------------------ @@ -62,7 +62,7 @@ if ( ! function_exists('array_column')) * array_column() * * @link http://php.net/array_column - * @param string $array + * @param array $array * @param mixed $column_key * @param mixed $index_key * @return array @@ -132,258 +132,3 @@ if ( ! function_exists('array_column')) return $result; } } - -// ------------------------------------------------------------------------ - -if (is_php('5.4')) -{ - return; -} - -// ------------------------------------------------------------------------ - -if ( ! function_exists('hex2bin')) -{ - /** - * hex2bin() - * - * @link http://php.net/hex2bin - * @param string $data - * @return string - */ - function hex2bin($data) - { - if (in_array($type = gettype($data), array('array', 'double', 'object'), TRUE)) - { - if ($type === 'object' && method_exists($data, '__toString')) - { - $data = (string) $data; - } - else - { - trigger_error('hex2bin() expects parameter 1 to be string, '.$type.' given', E_USER_WARNING); - return NULL; - } - } - - if (strlen($data) % 2 !== 0) - { - trigger_error('Hexadecimal input string must have an even length', E_USER_WARNING); - return FALSE; - } - elseif ( ! preg_match('/^[0-9a-f]*$/i', $data)) - { - trigger_error('Input string must be hexadecimal string', E_USER_WARNING); - return FALSE; - } - - return pack('H*', $data); - } -} - -// ------------------------------------------------------------------------ - -if (is_php('5.3')) -{ - return; -} - -// ------------------------------------------------------------------------ - -if ( ! function_exists('array_replace')) -{ - /** - * array_replace() - * - * @link http://php.net/array_replace - * @return array - */ - function array_replace() - { - $arrays = func_get_args(); - - if (($c = count($arrays)) === 0) - { - trigger_error('array_replace() expects at least 1 parameter, 0 given', E_USER_WARNING); - return NULL; - } - elseif ($c === 1) - { - if ( ! is_array($arrays[0])) - { - trigger_error('array_replace(): Argument #1 is not an array', E_USER_WARNING); - return NULL; - } - - return $arrays[0]; - } - - $array = array_shift($arrays); - $c--; - - for ($i = 0; $i < $c; $i++) - { - if ( ! is_array($arrays[$i])) - { - trigger_error('array_replace(): Argument #'.($i + 2).' is not an array', E_USER_WARNING); - return NULL; - } - elseif (empty($arrays[$i])) - { - continue; - } - - foreach (array_keys($arrays[$i]) as $key) - { - $array[$key] = $arrays[$i][$key]; - } - } - - return $array; - } -} - -// ------------------------------------------------------------------------ - -if ( ! function_exists('array_replace_recursive')) -{ - /** - * array_replace_recursive() - * - * @link http://php.net/array_replace_recursive - * @return array - */ - function array_replace_recursive() - { - $arrays = func_get_args(); - - if (($c = count($arrays)) === 0) - { - trigger_error('array_replace_recursive() expects at least 1 parameter, 0 given', E_USER_WARNING); - return NULL; - } - elseif ($c === 1) - { - if ( ! is_array($arrays[0])) - { - trigger_error('array_replace_recursive(): Argument #1 is not an array', E_USER_WARNING); - return NULL; - } - - return $arrays[0]; - } - - $array = array_shift($arrays); - $c--; - - for ($i = 0; $i < $c; $i++) - { - if ( ! is_array($arrays[$i])) - { - trigger_error('array_replace_recursive(): Argument #'.($i + 2).' is not an array', E_USER_WARNING); - return NULL; - } - elseif (empty($arrays[$i])) - { - continue; - } - - foreach (array_keys($arrays[$i]) as $key) - { - $array[$key] = (is_array($arrays[$i][$key]) && isset($array[$key]) && is_array($array[$key])) - ? array_replace_recursive($array[$key], $arrays[$i][$key]) - : $arrays[$i][$key]; - } - } - - return $array; - } -} - -// ------------------------------------------------------------------------ - -if ( ! function_exists('quoted_printable_encode')) -{ - /** - * quoted_printable_encode() - * - * @link http://php.net/quoted_printable_encode - * @param string $str - * @return string - */ - function quoted_printable_encode($str) - { - if (strlen($str) === 0) - { - return ''; - } - elseif (in_array($type = gettype($str), array('array', 'object'), TRUE)) - { - if ($type === 'object' && method_exists($str, '__toString')) - { - $str = (string) $str; - } - else - { - trigger_error('quoted_printable_encode() expects parameter 1 to be string, '.$type.' given', E_USER_WARNING); - return NULL; - } - } - - if (function_exists('imap_8bit')) - { - return imap_8bit($str); - } - - $i = $lp = 0; - $output = ''; - $hex = '0123456789ABCDEF'; - $length = (extension_loaded('mbstring') && ini_get('mbstring.func_overload')) - ? mb_strlen($str, '8bit') - : strlen($str); - - while ($length--) - { - if ((($c = $str[$i++]) === "\015") && isset($str[$i]) && ($str[$i] === "\012") && $length > 0) - { - $output .= "\015".$str[$i++]; - $length--; - $lp = 0; - continue; - } - - if ( - ctype_cntrl($c) - OR (ord($c) === 0x7f) - OR (ord($c) & 0x80) - OR ($c === '=') - OR ($c === ' ' && isset($str[$i]) && $str[$i] === "\015") - ) - { - if ( - (($lp += 3) > 75 && ord($c) <= 0x7f) - OR (ord($c) > 0x7f && ord($c) <= 0xdf && ($lp + 3) > 75) - OR (ord($c) > 0xdf && ord($c) <= 0xef && ($lp + 6) > 75) - OR (ord($c) > 0xef && ord($c) <= 0xf4 && ($lp + 9) > 75) - ) - { - $output .= "=\015\012"; - $lp = 3; - } - - $output .= '='.$hex[ord($c) >> 4].$hex[ord($c) & 0xf]; - continue; - } - - if ((++$lp) > 75) - { - $output .= "=\015\012"; - $lp = 1; - } - - $output .= $c; - } - - return $output; - } -} diff --git a/system/database/DB.php b/system/database/DB.php index 0c7cf54b3..009035032 100644 --- a/system/database/DB.php +++ b/system/database/DB.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -42,7 +42,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ * * @param string|string[] $params * @param bool $query_builder_override @@ -82,7 +82,7 @@ function &DB($params = '', $query_builder_override = NULL) } } - if ( ! isset($db) OR count($db) === 0) + if (empty($db)) { show_error('No database connection settings were found in the database config file.'); } @@ -192,10 +192,13 @@ function &DB($params = '', $query_builder_override = NULL) // Load the DB driver $driver_file = BASEPATH.'database/drivers/'.$params['dbdriver'].'/'.$params['dbdriver'].'_driver.php'; - file_exists($driver_file) OR show_error('Invalid DB driver'); require_once($driver_file); + // Load the result classes as well + require_once(BASEPATH.'database/DB_result.php'); + require_once(BASEPATH.'database/drivers/'.$params['dbdriver'].'/'.$params['dbdriver'].'_result.php'); + // Instantiate the DB adapter $driver = 'CI_DB_'.$params['dbdriver'].'_driver'; $DB = new $driver($params); diff --git a/system/database/DB_cache.php b/system/database/DB_cache.php index 223055f60..b74c31924 100644 --- a/system/database/DB_cache.php +++ b/system/database/DB_cache.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -42,7 +42,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_Cache { diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php index e58496de9..161e0e225 100644 --- a/system/database/DB_driver.php +++ b/system/database/DB_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -48,7 +48,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ abstract class CI_DB_driver { @@ -380,7 +380,8 @@ abstract class CI_DB_driver { /** * Initialize Database Settings * - * @return bool + * @return void + * @throws RuntimeException In case of failure */ public function initialize() { @@ -392,7 +393,7 @@ abstract class CI_DB_driver { */ if ($this->conn_id) { - return TRUE; + return; } // ---------------------------------------------------------------- @@ -429,19 +430,9 @@ abstract class CI_DB_driver { // We still don't have a connection? if ( ! $this->conn_id) { - log_message('error', 'Unable to connect to the database'); - - if ($this->db_debug) - { - $this->display_error('db_unable_to_connect'); - } - - return FALSE; + throw new RuntimeException('Unable to connect to the database.'); } } - - // Now we set the character set and that's all - return $this->db_set_charset($this->char_set); } // -------------------------------------------------------------------- @@ -505,26 +496,13 @@ abstract class CI_DB_driver { // -------------------------------------------------------------------- /** - * Set client character set + * Last error * - * @param string - * @return bool + * @return array */ - public function db_set_charset($charset) + public function error() { - if (method_exists($this, '_db_set_charset') && ! $this->_db_set_charset($charset)) - { - log_message('error', 'Unable to set database connection charset: '.$charset); - - if ($this->db_debug) - { - $this->display_error('db_unable_to_set_charset', $charset); - } - - return FALSE; - } - - return TRUE; + return array('code' => NULL, 'message' => NULL); } // -------------------------------------------------------------------- @@ -622,7 +600,6 @@ abstract class CI_DB_driver { // cached query if it exists if ($this->cache_on === TRUE && $return_object === TRUE && $this->_cache_init()) { - $this->load_rdriver(); if (FALSE !== ($cache = $this->CACHE->read($sql))) { return $cache; @@ -647,7 +624,10 @@ abstract class CI_DB_driver { } // This will trigger a rollback if transactions are being used - $this->_trans_status = FALSE; + if ($this->_trans_depth !== 0) + { + $this->_trans_status = FALSE; + } // Grab the error now, as we might run some additional queries before displaying the error $error = $this->error(); @@ -661,13 +641,15 @@ abstract class CI_DB_driver { // if transactions are enabled. If we don't call this here // the error message will trigger an exit, causing the // transactions to remain in limbo. - if ($this->_trans_depth !== 0) + while ($this->_trans_depth !== 0) { - do + $trans_depth = $this->_trans_depth; + $this->trans_complete(); + if ($trans_depth === $this->_trans_depth) { - $this->trans_complete(); + log_message('error', 'Database: Failure during an automated transaction commit/rollback!'); + break; } - while ($this->_trans_depth !== 0); } // Display errors @@ -701,9 +683,9 @@ abstract class CI_DB_driver { return TRUE; } - // Load and instantiate the result driver - $driver = $this->load_rdriver(); - $RES = new $driver($this); + // Instantiate the driver-specific result class + $driver = 'CI_DB_'.$this->dbdriver.'_result'; + $RES = new $driver($this); // Is query caching enabled? If so, we'll serialize the // result object and save it to a cache file. @@ -733,26 +715,6 @@ abstract class CI_DB_driver { // -------------------------------------------------------------------- /** - * Load the result drivers - * - * @return string the name of the result class - */ - public function load_rdriver() - { - $driver = 'CI_DB_'.$this->dbdriver.'_result'; - - if ( ! class_exists($driver, FALSE)) - { - require_once(BASEPATH.'database/DB_result.php'); - require_once(BASEPATH.'database/drivers/'.$this->dbdriver.'/'.$this->dbdriver.'_result.php'); - } - - return $driver; - } - - // -------------------------------------------------------------------- - - /** * Simple Query * This is a simplified version of the query() function. Internally * we only use it when running transaction commands since they do @@ -763,11 +725,7 @@ abstract class CI_DB_driver { */ public function simple_query($sql) { - if ( ! $this->conn_id) - { - $this->initialize(); - } - + empty($this->conn_id) && $this->initialize(); return $this->_execute($sql); } @@ -788,10 +746,13 @@ abstract class CI_DB_driver { /** * Enable/disable Transaction Strict Mode + * * When strict mode is enabled, if you are running multiple groups of - * transactions, if one group fails all groups will be rolled back. - * If strict mode is disabled, each group is treated autonomously, meaning - * a failure of one group will not affect any others + * transactions, if one group fails all subsequent groups will be + * rolled back. + * + * If strict mode is disabled, each group is treated autonomously, + * meaning a failure of one group will not affect any others * * @param bool $mode = TRUE * @return void @@ -807,24 +768,16 @@ abstract class CI_DB_driver { * Start Transaction * * @param bool $test_mode = FALSE - * @return void + * @return bool */ public function trans_start($test_mode = FALSE) { if ( ! $this->trans_enabled) { - return; - } - - // When transactions are nested we only begin/commit/rollback the outermost ones - if ($this->_trans_depth > 0) - { - $this->_trans_depth += 1; - return; + return FALSE; } - $this->trans_begin($test_mode); - $this->_trans_depth += 1; + return $this->trans_begin($test_mode); } // -------------------------------------------------------------------- @@ -841,25 +794,14 @@ abstract class CI_DB_driver { return FALSE; } - // When transactions are nested we only begin/commit/rollback the outermost ones - if ($this->_trans_depth > 1) - { - $this->_trans_depth -= 1; - return TRUE; - } - else - { - $this->_trans_depth = 0; - } - // The query() function will set this flag to FALSE in the event that a query failed if ($this->_trans_status === FALSE OR $this->_trans_failure === TRUE) { $this->trans_rollback(); // If we are NOT running in strict mode, we will reset - // the _trans_status flag so that subsequent groups of transactions - // will be permitted. + // the _trans_status flag so that subsequent groups of + // transactions will be permitted. if ($this->trans_strict === FALSE) { $this->_trans_status = TRUE; @@ -869,8 +811,7 @@ abstract class CI_DB_driver { return FALSE; } - $this->trans_commit(); - return TRUE; + return $this->trans_commit(); } // -------------------------------------------------------------------- @@ -888,6 +829,87 @@ abstract class CI_DB_driver { // -------------------------------------------------------------------- /** + * Begin Transaction + * + * @param bool $test_mode + * @return bool + */ + public function trans_begin($test_mode = FALSE) + { + if ( ! $this->trans_enabled) + { + return FALSE; + } + // When transactions are nested we only begin/commit/rollback the outermost ones + elseif ($this->_trans_depth > 0) + { + $this->_trans_depth++; + return TRUE; + } + + // Reset the transaction failure flag. + // If the $test_mode flag is set to TRUE transactions will be rolled back + // even if the queries produce a successful result. + $this->_trans_failure = ($test_mode === TRUE); + + if ($this->_trans_begin()) + { + $this->_trans_depth++; + return TRUE; + } + + return FALSE; + } + + // -------------------------------------------------------------------- + + /** + * Commit Transaction + * + * @return bool + */ + public function trans_commit() + { + if ( ! $this->trans_enabled OR $this->_trans_depth === 0) + { + return FALSE; + } + // When transactions are nested we only begin/commit/rollback the outermost ones + elseif ($this->_trans_depth > 1 OR $this->_trans_commit()) + { + $this->_trans_depth--; + return TRUE; + } + + return FALSE; + } + + // -------------------------------------------------------------------- + + /** + * Rollback Transaction + * + * @return bool + */ + public function trans_rollback() + { + if ( ! $this->trans_enabled OR $this->_trans_depth === 0) + { + return FALSE; + } + // When transactions are nested we only begin/commit/rollback the outermost ones + elseif ($this->_trans_depth > 1 OR $this->_trans_rollback()) + { + $this->_trans_depth--; + return TRUE; + } + + return FALSE; + } + + // -------------------------------------------------------------------- + + /** * Compile Bindings * * @param string the sql statement @@ -896,7 +918,7 @@ abstract class CI_DB_driver { */ public function compile_binds($sql, $binds) { - if (empty($binds) OR empty($this->bind_marker) OR strpos($sql, $this->bind_marker) === FALSE) + if (empty($this->bind_marker) OR strpos($sql, $this->bind_marker) === FALSE) { return $sql; } @@ -916,7 +938,7 @@ abstract class CI_DB_driver { $ml = strlen($this->bind_marker); // Make sure not to replace a chunk inside a string that happens to match the bind marker - if ($c = preg_match_all("/'[^']*'/i", $sql, $matches)) + if ($c = preg_match_all("/'[^']*'|\"[^\"]*\"/i", $sql, $matches)) { $c = preg_match_all('/'.preg_quote($this->bind_marker, '/').'/i', str_replace($matches[0], @@ -1089,7 +1111,7 @@ abstract class CI_DB_driver { // -------------------------------------------------------------------- /** - * Platform-dependant string escape + * Platform-dependent string escape * * @param string * @return string @@ -1477,18 +1499,18 @@ abstract class CI_DB_driver { ? '\s+'.preg_quote(trim(sprintf($this->_like_escape_str, $this->_like_escape_chr)), '/') : ''; $_operators = array( - '\s*(?:<|>|!)?=\s*', // =, <=, >=, != - '\s*<>?\s*', // <, <> - '\s*>\s*', // > - '\s+IS NULL', // IS NULL - '\s+IS NOT NULL', // IS NOT NULL - '\s+EXISTS\s*\([^\)]+\)', // EXISTS(sql) - '\s+NOT EXISTS\s*\([^\)]+\)', // NOT EXISTS(sql) - '\s+BETWEEN\s+\S+\s+AND\s+\S+', // BETWEEN value AND value - '\s+IN\s*\([^\)]+\)', // IN(list) - '\s+NOT IN\s*\([^\)]+\)', // NOT IN (list) - '\s+LIKE\s+\S+'.$_les, // LIKE 'expr'[ ESCAPE '%s'] - '\s+NOT LIKE\s+\S+'.$_les // NOT LIKE 'expr'[ ESCAPE '%s'] + '\s*(?:<|>|!)?=\s*', // =, <=, >=, != + '\s*<>?\s*', // <, <> + '\s*>\s*', // > + '\s+IS NULL', // IS NULL + '\s+IS NOT NULL', // IS NOT NULL + '\s+EXISTS\s*\(.*\)', // EXISTS(sql) + '\s+NOT EXISTS\s*\(.*\)', // NOT EXISTS(sql) + '\s+BETWEEN\s+', // BETWEEN value AND value + '\s+IN\s*\(.*\)', // IN(list) + '\s+NOT IN\s*\(.*\)', // NOT IN (list) + '\s+LIKE\s+\S.*('.$_les.')?', // LIKE 'expr'[ ESCAPE '%s'] + '\s+NOT LIKE\s+\S.*('.$_les.')?' // NOT LIKE 'expr'[ ESCAPE '%s'] ); } @@ -1709,7 +1731,7 @@ abstract class CI_DB_driver { * the table prefix onto it. Some logic is necessary in order to deal with * column names that include the path. Consider a query like this: * - * SELECT * FROM hostname.database.table.column AS c FROM hostname.database.table + * SELECT hostname.database.table.column AS c FROM hostname.database.table * * Or a query with aliasing: * @@ -1757,7 +1779,7 @@ abstract class CI_DB_driver { } // Convert tabs or multiple spaces into single spaces - $item = preg_replace('/\s+/', ' ', $item); + $item = preg_replace('/\s+/', ' ', trim($item)); // If the item has an alias declaration we remove it and set it aside. // Note: strripos() is used in order to support spaces in table names @@ -1785,12 +1807,15 @@ abstract class CI_DB_driver { // with an alias. While we're at it, we will escape the components if (strpos($item, '.') !== FALSE) { - $parts = explode('.', $item); + $parts = explode('.', $item); // Does the first segment of the exploded item match // one of the aliases previously identified? If so, // we have nothing more to do other than escape the item - if (in_array($parts[0], $this->qb_aliased_tables)) + // + // NOTE: The ! empty() condition prevents this method + // from breaking when QB isn't enabled. + if ( ! empty($this->qb_aliased_tables) && in_array($parts[0], $this->qb_aliased_tables)) { if ($protect_identifiers === TRUE) { diff --git a/system/database/DB_forge.php b/system/database/DB_forge.php index dde285598..b52d1fb2b 100644 --- a/system/database/DB_forge.php +++ b/system/database/DB_forge.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -42,7 +42,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ abstract class CI_DB_forge { @@ -184,7 +184,7 @@ abstract class CI_DB_forge { { return ($this->db->db_debug) ? $this->db->display_error('db_unsupported_feature') : FALSE; } - elseif ( ! $this->db->query(sprintf($this->_create_database, $db_name, $this->db->char_set, $this->db->dbcollat))) + elseif ( ! $this->db->query(sprintf($this->_create_database, $this->db->escape_identifiers($db_name), $this->db->char_set, $this->db->dbcollat))) { return ($this->db->db_debug) ? $this->db->display_error('db_unable_to_drop') : FALSE; } @@ -211,7 +211,7 @@ abstract class CI_DB_forge { { return ($this->db->db_debug) ? $this->db->display_error('db_unsupported_feature') : FALSE; } - elseif ( ! $this->db->query(sprintf($this->_drop_database, $db_name))) + elseif ( ! $this->db->query(sprintf($this->_drop_database, $this->db->escape_identifiers($db_name)))) { return ($this->db->db_debug) ? $this->db->display_error('db_unable_to_drop') : FALSE; } @@ -239,7 +239,13 @@ abstract class CI_DB_forge { */ public function add_key($key, $primary = FALSE) { - if (is_array($key)) + // DO NOT change this! This condition is only applicable + // for PRIMARY keys because you can only have one such, + // and therefore all fields you add to it will be included + // in the same, composite PRIMARY KEY. + // + // It's not the same for regular indexes. + if ($primary === TRUE && is_array($key)) { foreach ($key as $one) { @@ -342,7 +348,7 @@ abstract class CI_DB_forge { if (($result = $this->db->query($sql)) !== FALSE) { - empty($this->db->data_cache['table_names']) OR $this->db->data_cache['table_names'][] = $table; + isset($this->db->data_cache['table_names']) && $this->db->data_cache['table_names'][] = $table; // Most databases don't support creating indexes from within the CREATE TABLE statement if ( ! empty($this->keys)) @@ -774,10 +780,6 @@ abstract class CI_DB_forge { case 'ENUM': case 'SET': $attributes['CONSTRAINT'] = $this->db->escape($attributes['CONSTRAINT']); - $field['length'] = is_array($attributes['CONSTRAINT']) - ? "('".implode("','", $attributes['CONSTRAINT'])."')" - : '('.$attributes['CONSTRAINT'].')'; - break; default: $field['length'] = is_array($attributes['CONSTRAINT']) ? '('.implode(',', $attributes['CONSTRAINT']).')' @@ -892,21 +894,33 @@ abstract class CI_DB_forge { return; } - if (array_key_exists('DEFAULT', $attributes)) + if ( ! array_key_exists('DEFAULT', $attributes)) { - if ($attributes['DEFAULT'] === NULL) - { - $field['default'] = empty($this->_null) ? '' : $this->_default.$this->_null; + return; + } - // Override the NULL attribute if that's our default - $attributes['NULL'] = TRUE; - $field['null'] = empty($this->_null) ? '' : ' '.$this->_null; - } - else - { - $field['default'] = $this->_default.$this->db->escape($attributes['DEFAULT']); - } + if ($attributes['DEFAULT'] === NULL) + { + $field['default'] = empty($this->_null) ? '' : $this->_default.$this->_null; + + // Override the NULL attribute if that's our default + $attributes['NULL'] = TRUE; + $field['null'] = empty($this->_null) ? '' : ' '.$this->_null; + return; } + + // White-list CURRENT_TIMESTAMP & similar (e.g. Oracle has stuff like SYSTIMESTAMP) defaults for date/time fields + if ( + isset($attributes['TYPE']) + && (stripos($attributes['TYPE'], 'time') !== FALSE OR stripos($attributes['TYPE'], 'date') !== FALSE) + && (stripos($attributes['DEFAULT'], 'time') !== FALSE OR stripos($attributes['DEFAULT'], 'date') !== FALSE) + ) + { + $field['default'] = $this->_default.$attributes['DEFAULT']; + return; + } + + $field['default'] = $this->_default.$this->db->escape($attributes['DEFAULT']); } // -------------------------------------------------------------------- diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index 7f3334763..fe4cf6993 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ abstract class CI_DB_query_builder extends CI_DB_driver { @@ -150,6 +150,13 @@ abstract class CI_DB_query_builder extends CI_DB_driver { protected $qb_set = array(); /** + * QB data set for update_batch() + * + * @var array + */ + protected $qb_set_ub = array(); + + /** * QB aliased tables list * * @var array @@ -208,6 +215,13 @@ abstract class CI_DB_query_builder extends CI_DB_driver { protected $qb_cache_join = array(); /** + * QB Cache aliased tables list + * + * @var array + */ + protected $qb_cache_aliased_tables = array(); + + /** * QB Cache WHERE data * * @var array @@ -531,39 +545,46 @@ abstract class CI_DB_query_builder extends CI_DB_driver { is_bool($escape) OR $escape = $this->_protect_identifiers; - // Split multiple conditions - if ($escape === TRUE && preg_match_all('/\sAND\s|\sOR\s/i', $cond, $m, PREG_OFFSET_CAPTURE)) + if ( ! $this->_has_operator($cond)) { - $newcond = ''; - $m[0][] = array('', strlen($cond)); - - for ($i = 0, $c = count($m[0]), $s = 0; - $i < $c; - $s = $m[0][$i][1] + strlen($m[0][$i][0]), $i++) - { - $temp = substr($cond, $s, ($m[0][$i][1] - $s)); - - $newcond .= preg_match("/([\[\]\w\.'-]+)(\s*[^\"\[`'\w]+\s*)(.+)/i", $temp, $match) - ? $this->protect_identifiers($match[1]).$match[2].$this->protect_identifiers($match[3]) - : $temp; - - $newcond .= $m[0][$i][0]; - } - - $cond = ' ON '.$newcond; - } - // Split apart the condition and protect the identifiers - elseif ($escape === TRUE && preg_match("/([\[\]\w\.'-]+)(\s*[^\"\[`'\w]+\s*)(.+)/i", $cond, $match)) - { - $cond = ' ON '.$this->protect_identifiers($match[1]).$match[2].$this->protect_identifiers($match[3]); + $cond = ' USING ('.($escape ? $this->escape_identifiers($cond) : $cond).')'; } - elseif ( ! $this->_has_operator($cond)) + elseif ($escape === FALSE) { - $cond = ' USING ('.($escape ? $this->escape_identifiers($cond) : $cond).')'; + $cond = ' ON '.$cond; } else { - $cond = ' ON '.$cond; + // Split multiple conditions + if (preg_match_all('/\sAND\s|\sOR\s/i', $cond, $joints, PREG_OFFSET_CAPTURE)) + { + $conditions = array(); + $joints = $joints[0]; + array_unshift($joints, array('', 0)); + + for ($i = count($joints) - 1, $pos = strlen($cond); $i >= 0; $i--) + { + $joints[$i][1] += strlen($joints[$i][0]); // offset + $conditions[$i] = substr($cond, $joints[$i][1], $pos - $joints[$i][1]); + $pos = $joints[$i][1] - strlen($joints[$i][0]); + $joints[$i] = $joints[$i][0]; + } + } + else + { + $conditions = array($cond); + $joints = array(''); + } + + $cond = ' ON '; + for ($i = 0, $c = count($conditions); $i < $c; $i++) + { + $operator = $this->_get_operator($conditions[$i]); + $cond .= $joints[$i]; + $cond .= preg_match("/(\(*)?([\[\]\w\.'-]+)".preg_quote($operator)."(.*)/i", $conditions[$i], $match) + ? $match[1].$this->protect_identifiers($match[2]).$operator.$this->protect_identifiers($match[3]) + : $conditions[$i]; + } } // Do we want to escape the table name? @@ -672,7 +693,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { // value appears not to have been set, assign the test to IS NULL $k .= ' IS NULL'; } - elseif (preg_match('/\s*(!?=|<>|IS(?:\s+NOT)?)\s*$/i', $k, $match, PREG_OFFSET_CAPTURE)) + elseif (preg_match('/\s*(!?=|<>|\sIS(?:\s+NOT)?\s)\s*$/i', $k, $match, PREG_OFFSET_CAPTURE)) { $k = substr($k, 0, $match[0][1]).($match[1][0] === '=' ? ' IS NULL' : ' IS NOT NULL'); } @@ -1138,7 +1159,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param string $key * @param string $value * @param bool $escape - * @return object + * @return CI_DB_query_builder */ public function having($key, $value = NULL, $escape = NULL) { @@ -1155,7 +1176,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param string $key * @param string $value * @param bool $escape - * @return object + * @return CI_DB_query_builder */ public function or_having($key, $value = NULL, $escape = NULL) { @@ -1264,7 +1285,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { */ protected function _limit($sql) { - return $sql.' LIMIT '.($this->qb_offset ? $this->qb_offset.', ' : '').$this->qb_limit; + return $sql.' LIMIT '.($this->qb_offset ? $this->qb_offset.', ' : '').(int) $this->qb_limit; } // -------------------------------------------------------------------- @@ -1339,7 +1360,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param string the table * @param string the limit clause * @param string the offset clause - * @return object + * @return CI_DB_result */ public function get($table = '', $limit = NULL, $offset = NULL) { @@ -1379,7 +1400,16 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $this->from($table); } - $result = ($this->qb_distinct === TRUE) + // ORDER BY usage is often problematic here (most notably + // on Microsoft SQL Server) and ultimately unnecessary + // for selecting COUNT(*) ... + if ( ! empty($this->qb_orderby)) + { + $orderby = $this->qb_orderby; + $this->qb_orderby = NULL; + } + + $result = ($this->qb_distinct === TRUE OR ! empty($this->qb_groupby) OR ! empty($this->qb_cache_groupby)) ? $this->query($this->_count_string.$this->protect_identifiers('numrows')."\nFROM (\n".$this->_compile_select()."\n) CI_count_all_results") : $this->query($this->_compile_select($this->_count_string.$this->protect_identifiers('numrows'))); @@ -1387,6 +1417,11 @@ abstract class CI_DB_query_builder extends CI_DB_driver { { $this->_reset_select(); } + // If we've previously reset the qb_orderby values, get them back + elseif ( ! isset($this->qb_orderby)) + { + $this->qb_orderby = $orderby; + } if ($result->num_rows() === 0) { @@ -1408,7 +1443,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param string $where * @param int $limit * @param int $offset - * @return object + * @return CI_DB_result */ public function get_where($table = '', $where = NULL, $limit = NULL, $offset = NULL) { @@ -1444,20 +1479,26 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param bool $escape Whether to escape values and identifiers * @return int Number of rows inserted or FALSE on failure */ - public function insert_batch($table = '', $set = NULL, $escape = NULL) + public function insert_batch($table, $set = NULL, $escape = NULL, $batch_size = 100) { - if ($set !== NULL) + if ($set === NULL) { - $this->set_insert_batch($set, '', $escape); + if (empty($this->qb_set)) + { + return ($this->db_debug) ? $this->display_error('db_must_use_set') : FALSE; + } } - - if (count($this->qb_set) === 0) + else { - // No valid data array. Folds in cases where keys and values did not match up - return ($this->db_debug) ? $this->display_error('db_must_use_set') : FALSE; + if (empty($set)) + { + return ($this->db_debug) ? $this->display_error('insert_batch() called with no data') : FALSE; + } + + $this->set_insert_batch($set, '', $escape); } - if ($table === '') + if (strlen($table) === 0) { if ( ! isset($this->qb_from[0])) { @@ -1469,10 +1510,12 @@ abstract class CI_DB_query_builder extends CI_DB_driver { // Batch this baby $affected_rows = 0; - for ($i = 0, $total = count($this->qb_set); $i < $total; $i += 100) + for ($i = 0, $total = count($this->qb_set); $i < $total; $i += $batch_size) { - $this->query($this->_insert_batch($this->protect_identifiers($table, TRUE, $escape, FALSE), $this->qb_keys, array_slice($this->qb_set, $i, 100))); - $affected_rows += $this->affected_rows(); + if ($this->query($this->_insert_batch($this->protect_identifiers($table, TRUE, $escape, FALSE), $this->qb_keys, array_slice($this->qb_set, $i, $batch_size)))) + { + $affected_rows += $this->affected_rows(); + } } $this->_reset_write(); @@ -1517,7 +1560,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { is_bool($escape) OR $escape = $this->_protect_identifiers; - $keys = array_keys($this->_object_to_array(current($key))); + $keys = array_keys($this->_object_to_array(reset($key))); sort($keys); foreach ($key as $row) @@ -1598,7 +1641,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param string the table to insert data into * @param array an associative array of insert values * @param bool $escape Whether to escape values and identifiers - * @return object + * @return bool TRUE on success, FALSE on failure */ public function insert($table = '', $set = NULL, $escape = NULL) { @@ -1664,7 +1707,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * * @param string the table to replace data into * @param array an associative array of insert values - * @return object + * @return bool TRUE on success, FALSE on failure */ public function replace($table = '', $set = NULL) { @@ -1770,7 +1813,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param array $set An associative array of update values * @param mixed $where * @param int $limit - * @return object + * @return bool TRUE on success, FALSE on failure */ public function update($table = '', $set = NULL, $where = NULL, $limit = NULL) { @@ -1845,7 +1888,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param string the where key * @return int number of rows affected or FALSE on failure */ - public function update_batch($table = '', $set = NULL, $index = NULL) + public function update_batch($table, $set = NULL, $index = NULL, $batch_size = 100) { // Combine any cached components with the current statements $this->_merge_cache(); @@ -1855,17 +1898,24 @@ abstract class CI_DB_query_builder extends CI_DB_driver { return ($this->db_debug) ? $this->display_error('db_must_use_index') : FALSE; } - if ($set !== NULL) + if ($set === NULL) { - $this->set_update_batch($set, $index); + if (empty($this->qb_set_ub)) + { + return ($this->db_debug) ? $this->display_error('db_must_use_set') : FALSE; + } } - - if (count($this->qb_set) === 0) + else { - return ($this->db_debug) ? $this->display_error('db_must_use_set') : FALSE; + if (empty($set)) + { + return ($this->db_debug) ? $this->display_error('update_batch() called with no data') : FALSE; + } + + $this->set_update_batch($set, $index); } - if ($table === '') + if (strlen($table) === 0) { if ( ! isset($this->qb_from[0])) { @@ -1877,10 +1927,13 @@ abstract class CI_DB_query_builder extends CI_DB_driver { // Batch this baby $affected_rows = 0; - for ($i = 0, $total = count($this->qb_set); $i < $total; $i += 100) + for ($i = 0, $total = count($this->qb_set_ub); $i < $total; $i += $batch_size) { - $this->query($this->_update_batch($this->protect_identifiers($table, TRUE, NULL, FALSE), array_slice($this->qb_set, $i, 100), $this->protect_identifiers($index))); - $affected_rows += $this->affected_rows(); + if ($this->query($this->_update_batch($this->protect_identifiers($table, TRUE, NULL, FALSE), array_slice($this->qb_set_ub, $i, $batch_size), $index))) + { + $affected_rows += $this->affected_rows(); + } + $this->qb_where = array(); } @@ -1905,13 +1958,13 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $ids = array(); foreach ($values as $key => $val) { - $ids[] = $val[$index]; + $ids[] = $val[$index]['value']; foreach (array_keys($val) as $field) { if ($field !== $index) { - $final[$field][] = 'WHEN '.$index.' = '.$val[$index].' THEN '.$val[$field]; + $final[$val[$field]['field']][] = 'WHEN '.$val[$index]['field'].' = '.$val[$index]['value'].' THEN '.$val[$field]['value']; } } } @@ -1924,7 +1977,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { .'ELSE '.$k.' END, '; } - $this->where($index.' IN('.implode(',', $ids).')', NULL, FALSE); + $this->where($val[$index]['field'].' IN('.implode(',', $ids).')', NULL, FALSE); return 'UPDATE '.$table.' SET '.substr($cases, 0, -2).$this->_compile_wh('qb_where'); } @@ -1961,7 +2014,10 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $index_set = TRUE; } - $clean[$this->protect_identifiers($k2, FALSE, $escape)] = ($escape === FALSE) ? $v2 : $this->escape($v2); + $clean[$k2] = array( + 'field' => $this->protect_identifiers($k2, FALSE, $escape), + 'value' => ($escape === FALSE ? $v2 : $this->escape($v2)) + ); } if ($index_set === FALSE) @@ -1969,7 +2025,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { return $this->display_error('db_batch_missing_index'); } - $this->qb_set[] = $clean; + $this->qb_set_ub[] = $clean; } return $this; @@ -1983,7 +2039,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * Compiles a delete string and runs "DELETE FROM table" * * @param string the table to empty - * @return object + * @return bool TRUE on success, FALSE on failure */ public function empty_table($table = '') { @@ -2016,7 +2072,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * This function maps to "DELETE FROM table" * * @param string the table to truncate - * @return object + * @return bool TRUE on success, FALSE on failure */ public function truncate($table = '') { @@ -2232,9 +2288,14 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $table = trim(strrchr($table, ' ')); // Store the alias, if it doesn't already exist - if ( ! in_array($table, $this->qb_aliased_tables)) + if ( ! in_array($table, $this->qb_aliased_tables, TRUE)) { $this->qb_aliased_tables[] = $table; + if ($this->qb_caching === TRUE && ! in_array($table, $this->qb_cache_aliased_tables, TRUE)) + { + $this->qb_cache_aliased_tables[] = $table; + $this->qb_cache_exists[] = 'aliased_tables'; + } } } } @@ -2301,7 +2362,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { .$this->_compile_order_by(); // ORDER BY // LIMIT - if ($this->qb_limit) + if ($this->qb_limit OR $this->qb_offset) { return $this->_limit($sql."\n"); } @@ -2316,7 +2377,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * * Escapes identifiers in WHERE and HAVING statements at execution time. * - * Required so that aliases are tracked properly, regardless of wether + * Required so that aliases are tracked properly, regardless of whether * where(), or_where(), having(), or_having are called prior to from(), * join() and dbprefix is added only if needed. * @@ -2342,7 +2403,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { // Split multiple conditions $conditions = preg_split( - '/((^|\s+)AND\s+|(^|\s+)OR\s+)/i', + '/((?:^|\s+)AND\s+|(?:^|\s+)OR\s+)/i', $this->{$qb_key}[$i]['condition'], -1, PREG_SPLIT_DELIM_CAPTURE | PREG_SPLIT_NO_EMPTY @@ -2392,7 +2453,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * * Escapes identifiers in GROUP BY statements at execution time. * - * Required so that aliases are tracked properly, regardless of wether + * Required so that aliases are tracked properly, regardless of whether * group_by() is called prior to from(), join() and dbprefix is added * only if needed. * @@ -2428,7 +2489,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * * Escapes identifiers in ORDER BY statements at execution time. * - * Required so that aliases are tracked properly, regardless of wether + * Required so that aliases are tracked properly, regardless of whether * order_by() is called prior to from(), join() and dbprefix is added * only if needed. * @@ -2576,7 +2637,8 @@ abstract class CI_DB_query_builder extends CI_DB_driver { 'qb_cache_orderby' => array(), 'qb_cache_set' => array(), 'qb_cache_exists' => array(), - 'qb_cache_no_escape' => array() + 'qb_cache_no_escape' => array(), + 'qb_cache_aliased_tables' => array() )); return $this; @@ -2627,13 +2689,6 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $this->qb_no_escape = $qb_no_escape; } } - - // If we are "protecting identifiers" we need to examine the "from" - // portion of the query to determine if there are any aliases - if ($this->_protect_identifiers === TRUE && count($this->qb_cache_from) > 0) - { - $this->_track_aliases($this->qb_from); - } } // -------------------------------------------------------------------- @@ -2736,6 +2791,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { { $this->_reset_run(array( 'qb_set' => array(), + 'qb_set_ub' => array(), 'qb_from' => array(), 'qb_join' => array(), 'qb_where' => array(), diff --git a/system/database/DB_result.php b/system/database/DB_result.php index 746f2a110..98d8876a7 100644 --- a/system/database/DB_result.php +++ b/system/database/DB_result.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_result { @@ -660,7 +660,7 @@ class CI_DB_result { */ protected function _fetch_object($class_name = 'stdClass') { - return array(); + return new $class_name(); } } diff --git a/system/database/DB_utility.php b/system/database/DB_utility.php index 78398ea83..944d45881 100644 --- a/system/database/DB_utility.php +++ b/system/database/DB_utility.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -42,7 +42,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ abstract class CI_DB_utility { @@ -235,13 +235,8 @@ abstract class CI_DB_utility { * @param string $enclosure Enclosure (default: ") * @return string */ - public function csv_from_result($query, $delim = ',', $newline = "\n", $enclosure = '"') + public function csv_from_result(CI_DB_result $query, $delim = ',', $newline = "\n", $enclosure = '"') { - if ( ! is_object($query) OR ! method_exists($query, 'list_fields')) - { - show_error('You must submit a valid result object'); - } - $out = ''; // First generate the headings from the table column names foreach ($query->list_fields() as $name) @@ -254,11 +249,12 @@ abstract class CI_DB_utility { // Next blast through the result array and build out the rows while ($row = $query->unbuffered_row('array')) { + $line = array(); foreach ($row as $item) { - $out .= $enclosure.str_replace($enclosure, $enclosure.$enclosure, $item).$enclosure.$delim; + $line[] = $enclosure.str_replace($enclosure, $enclosure.$enclosure, $item).$enclosure; } - $out = substr($out, 0, -strlen($delim)).$newline; + $out .= implode($delim, $line).$newline; } return $out; @@ -273,13 +269,8 @@ abstract class CI_DB_utility { * @param array $params Any preferences * @return string */ - public function xml_from_result($query, $params = array()) + public function xml_from_result(CI_DB_result $query, $params = array()) { - if ( ! is_object($query) OR ! method_exists($query, 'list_fields')) - { - show_error('You must submit a valid result object'); - } - // Set our default values foreach (array('root' => 'root', 'element' => 'element', 'newline' => "\n", 'tab' => "\t") as $key => $val) { diff --git a/system/database/drivers/cubrid/cubrid_driver.php b/system/database/drivers/cubrid/cubrid_driver.php index f80b4db54..6e8aff7c6 100644 --- a/system/database/drivers/cubrid/cubrid_driver.php +++ b/system/database/drivers/cubrid/cubrid_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 2.1.0 * @filesource */ @@ -48,7 +48,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author Esen Sagynov - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_cubrid_driver extends CI_DB { @@ -187,25 +187,17 @@ class CI_DB_cubrid_driver extends CI_DB { /** * Begin Transaction * - * @param bool $test_mode * @return bool */ - public function trans_begin($test_mode = FALSE) + protected function _trans_begin() { - // When transactions are nested we only begin/commit/rollback the outermost ones - if ( ! $this->trans_enabled OR $this->_trans_depth > 0) + if (($autocommit = cubrid_get_autocommit($this->conn_id)) === NULL) { - return TRUE; + return FALSE; } - - // Reset the transaction failure flag. - // If the $test_mode flag is set to TRUE transactions will be rolled back - // even if the queries produce a successful result. - $this->_trans_failure = ($test_mode === TRUE); - - if (cubrid_get_autocommit($this->conn_id)) + elseif ($autocommit === TRUE) { - cubrid_set_autocommit($this->conn_id, CUBRID_AUTOCOMMIT_FALSE); + return cubrid_set_autocommit($this->conn_id, CUBRID_AUTOCOMMIT_FALSE); } return TRUE; @@ -218,19 +210,16 @@ class CI_DB_cubrid_driver extends CI_DB { * * @return bool */ - public function trans_commit() + protected function _trans_commit() { - // When transactions are nested we only begin/commit/rollback the outermost ones - if ( ! $this->trans_enabled OR $this->_trans_depth > 0) + if ( ! cubrid_commit($this->conn_id)) { - return TRUE; + return FALSE; } - cubrid_commit($this->conn_id); - if ($this->auto_commit && ! cubrid_get_autocommit($this->conn_id)) { - cubrid_set_autocommit($this->conn_id, CUBRID_AUTOCOMMIT_TRUE); + return cubrid_set_autocommit($this->conn_id, CUBRID_AUTOCOMMIT_TRUE); } return TRUE; @@ -243,16 +232,13 @@ class CI_DB_cubrid_driver extends CI_DB { * * @return bool */ - public function trans_rollback() + protected function _trans_rollback() { - // When transactions are nested we only begin/commit/rollback the outermost ones - if ( ! $this->trans_enabled OR $this->_trans_depth > 0) + if ( ! cubrid_rollback($this->conn_id)) { - return TRUE; + return FALSE; } - cubrid_rollback($this->conn_id); - if ($this->auto_commit && ! cubrid_get_autocommit($this->conn_id)) { cubrid_set_autocommit($this->conn_id, CUBRID_AUTOCOMMIT_TRUE); @@ -264,7 +250,7 @@ class CI_DB_cubrid_driver extends CI_DB { // -------------------------------------------------------------------- /** - * Platform-dependant string escape + * Platform-dependent string escape * * @param string * @return string @@ -375,7 +361,7 @@ class CI_DB_cubrid_driver extends CI_DB { * Error * * Returns an array containing code and message of the last - * database error that has occured. + * database error that has occurred. * * @return array */ diff --git a/system/database/drivers/cubrid/cubrid_forge.php b/system/database/drivers/cubrid/cubrid_forge.php index 9484e94e1..27bfc1466 100644 --- a/system/database/drivers/cubrid/cubrid_forge.php +++ b/system/database/drivers/cubrid/cubrid_forge.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 2.1.0 * @filesource */ @@ -42,7 +42,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * * @category Database * @author Esen Sagynov - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_cubrid_forge extends CI_DB_forge { @@ -178,6 +178,9 @@ class CI_DB_cubrid_forge extends CI_DB_forge { $attributes['TYPE'] = 'INTEGER'; $attributes['UNSIGNED'] = FALSE; return; + case 'LONGTEXT': + $attributes['TYPE'] = 'STRING'; + return; default: return; } } diff --git a/system/database/drivers/cubrid/cubrid_result.php b/system/database/drivers/cubrid/cubrid_result.php index e666bab56..251b70a63 100644 --- a/system/database/drivers/cubrid/cubrid_result.php +++ b/system/database/drivers/cubrid/cubrid_result.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 2.1.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * * @category Database * @author Esen Sagynov - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_cubrid_result extends CI_DB_result { diff --git a/system/database/drivers/cubrid/cubrid_utility.php b/system/database/drivers/cubrid/cubrid_utility.php index de7d71568..555ae7a91 100644 --- a/system/database/drivers/cubrid/cubrid_utility.php +++ b/system/database/drivers/cubrid/cubrid_utility.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 2.1.0 * @filesource */ @@ -42,7 +42,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * * @category Database * @author Esen Sagynov - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_cubrid_utility extends CI_DB_utility { diff --git a/system/database/drivers/ibase/ibase_driver.php b/system/database/drivers/ibase/ibase_driver.php index 529c320cd..fea3bfe52 100644 --- a/system/database/drivers/ibase/ibase_driver.php +++ b/system/database/drivers/ibase/ibase_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -48,7 +48,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_ibase_driver extends CI_DB { @@ -126,7 +126,7 @@ class CI_DB_ibase_driver extends CI_DB { */ protected function _execute($sql) { - return ibase_query($this->conn_id, $sql); + return ibase_query(isset($this->_ibase_trans) ? $this->_ibase_trans : $this->conn_id, $sql); } // -------------------------------------------------------------------- @@ -134,24 +134,16 @@ class CI_DB_ibase_driver extends CI_DB { /** * Begin Transaction * - * @param bool $test_mode * @return bool */ - public function trans_begin($test_mode = FALSE) + protected function _trans_begin() { - // When transactions are nested we only begin/commit/rollback the outermost ones - if ( ! $this->trans_enabled OR $this->_trans_depth > 0) + if (($trans_handle = ibase_trans($this->conn_id)) === FALSE) { - return TRUE; + return FALSE; } - // Reset the transaction failure flag. - // If the $test_mode flag is set to TRUE transactions will be rolled back - // even if the queries produce a successful result. - $this->_trans_failure = ($test_mode === TRUE); - - $this->_ibase_trans = ibase_trans($this->conn_id); - + $this->_ibase_trans = $trans_handle; return TRUE; } @@ -162,15 +154,15 @@ class CI_DB_ibase_driver extends CI_DB { * * @return bool */ - public function trans_commit() + protected function _trans_commit() { - // When transactions are nested we only begin/commit/rollback the outermost ones - if ( ! $this->trans_enabled OR $this->_trans->depth > 0) + if (ibase_commit($this->_ibase_trans)) { + $this->_ibase_trans = NULL; return TRUE; } - return ibase_commit($this->_ibase_trans); + return FALSE; } // -------------------------------------------------------------------- @@ -180,15 +172,15 @@ class CI_DB_ibase_driver extends CI_DB { * * @return bool */ - public function trans_rollback() + protected function _trans_rollback() { - // When transactions are nested we only begin/commit/rollback the outermost ones - if ( ! $this->trans_enabled OR $this->_trans_depth > 0) + if (ibase_rollback($this->_ibase_trans)) { + $this->_ibase_trans = NULL; return TRUE; } - return ibase_rollback($this->_ibase_trans); + return FALSE; } // -------------------------------------------------------------------- @@ -302,7 +294,7 @@ class CI_DB_ibase_driver extends CI_DB { * Error * * Returns an array containing code and message of the last - * database error that has occured. + * database error that has occurred. * * @return array */ @@ -392,6 +384,23 @@ class CI_DB_ibase_driver extends CI_DB { // -------------------------------------------------------------------- /** + * Insert batch statement + * + * Generates a platform-specific insert string from the supplied data. + * + * @param string $table Table name + * @param array $keys INSERT keys + * @param array $values INSERT values + * @return string|bool + */ + protected function _insert_batch($table, $keys, $values) + { + return ($this->db->db_debug) ? $this->db->display_error('db_unsupported_feature') : FALSE; + } + + // -------------------------------------------------------------------- + + /** * Close DB Connection * * @return void diff --git a/system/database/drivers/ibase/ibase_forge.php b/system/database/drivers/ibase/ibase_forge.php index 0e748c710..44bb24e68 100644 --- a/system/database/drivers/ibase/ibase_forge.php +++ b/system/database/drivers/ibase/ibase_forge.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -42,7 +42,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_ibase_forge extends CI_DB_forge { @@ -111,7 +111,7 @@ class CI_DB_ibase_forge extends CI_DB_forge { * @param string $db_name (ignored) * @return bool */ - public function drop_database($db_name = '') + public function drop_database($db_name) { if ( ! ibase_drop_db($this->conn_id)) { diff --git a/system/database/drivers/ibase/ibase_result.php b/system/database/drivers/ibase/ibase_result.php index 991146f45..7d7dd79ac 100644 --- a/system/database/drivers/ibase/ibase_result.php +++ b/system/database/drivers/ibase/ibase_result.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_ibase_result extends CI_DB_result { diff --git a/system/database/drivers/ibase/ibase_utility.php b/system/database/drivers/ibase/ibase_utility.php index 79d2788e5..3c152101a 100644 --- a/system/database/drivers/ibase/ibase_utility.php +++ b/system/database/drivers/ibase/ibase_utility.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -42,7 +42,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_ibase_utility extends CI_DB_utility { diff --git a/system/database/drivers/mssql/mssql_driver.php b/system/database/drivers/mssql/mssql_driver.php index 8f15d8d69..a490d206c 100644 --- a/system/database/drivers/mssql/mssql_driver.php +++ b/system/database/drivers/mssql/mssql_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.3.0 * @filesource */ @@ -48,7 +48,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_mssql_driver extends CI_DB { @@ -108,6 +108,7 @@ class CI_DB_mssql_driver extends CI_DB { */ public function db_connect($persistent = FALSE) { + ini_set('mssql.charset', $this->char_set); $this->conn_id = ($persistent) ? mssql_pconnect($this->hostname, $this->username, $this->password) : mssql_connect($this->hostname, $this->username, $this->password); @@ -158,6 +159,7 @@ class CI_DB_mssql_driver extends CI_DB { if (mssql_select_db('['.$database.']', $this->conn_id)) { $this->database = $database; + $this->data_cache = array(); return TRUE; } @@ -182,22 +184,10 @@ class CI_DB_mssql_driver extends CI_DB { /** * Begin Transaction * - * @param bool $test_mode * @return bool */ - public function trans_begin($test_mode = FALSE) + protected function _trans_begin() { - // When transactions are nested we only begin/commit/rollback the outermost ones - if ( ! $this->trans_enabled OR $this->_trans_depth > 0) - { - return TRUE; - } - - // Reset the transaction failure flag. - // If the $test_mode flag is set to TRUE transactions will be rolled back - // even if the queries produce a successful result. - $this->_trans_failure = ($test_mode === TRUE); - return $this->simple_query('BEGIN TRAN'); } @@ -208,14 +198,8 @@ class CI_DB_mssql_driver extends CI_DB { * * @return bool */ - public function trans_commit() + protected function _trans_commit() { - // When transactions are nested we only begin/commit/rollback the outermost ones - if ( ! $this->trans_enabled OR $this->_trans_depth > 0) - { - return TRUE; - } - return $this->simple_query('COMMIT TRAN'); } @@ -226,14 +210,8 @@ class CI_DB_mssql_driver extends CI_DB { * * @return bool */ - public function trans_rollback() + protected function _trans_rollback() { - // When transactions are nested we only begin/commit/rollback the outermost ones - if ( ! $this->trans_enabled OR $this->_trans_depth > 0) - { - return TRUE; - } - return $this->simple_query('ROLLBACK TRAN'); } @@ -272,26 +250,13 @@ class CI_DB_mssql_driver extends CI_DB { // -------------------------------------------------------------------- /** - * Set client character set - * - * @param string $charset - * @return bool - */ - protected function _db_set_charset($charset) - { - return (ini_set('mssql.charset', $charset) !== FALSE); - } - - // -------------------------------------------------------------------- - - /** * Version number query string * * @return string */ protected function _version() { - return 'SELECT @@VERSION AS ver'; + return "SELECT SERVERPROPERTY('ProductVersion') AS ver"; } // -------------------------------------------------------------------- @@ -375,15 +340,25 @@ class CI_DB_mssql_driver extends CI_DB { * Error * * Returns an array containing code and message of the last - * database error that has occured. + * database error that has occurred. * * @return array */ public function error() { - $query = $this->query('SELECT @@ERROR AS code'); - $query = $query->row(); - return array('code' => $query->code, 'message' => mssql_get_last_message()); + // We need this because the error info is discarded by the + // server the first time you request it, and query() already + // calls error() once for logging purposes when a query fails. + static $error = array('code' => 0, 'message' => NULL); + + $message = mssql_get_last_message(); + if ( ! empty($message)) + { + $error['code'] = $this->query('SELECT @@ERROR AS code')->row()->code; + $error['message'] = $message; + } + + return $error; } // -------------------------------------------------------------------- diff --git a/system/database/drivers/mssql/mssql_forge.php b/system/database/drivers/mssql/mssql_forge.php index 84406a016..6b6109868 100644 --- a/system/database/drivers/mssql/mssql_forge.php +++ b/system/database/drivers/mssql/mssql_forge.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.3.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_mssql_forge extends CI_DB_forge { @@ -113,6 +113,11 @@ class CI_DB_mssql_forge extends CI_DB_forge { */ protected function _attr_type(&$attributes) { + if (isset($attributes['CONSTRAINT']) && strpos($attributes['TYPE'], 'INT') !== FALSE) + { + unset($attributes['CONSTRAINT']); + } + switch (strtoupper($attributes['TYPE'])) { case 'MEDIUMINT': diff --git a/system/database/drivers/mssql/mssql_result.php b/system/database/drivers/mssql/mssql_result.php index c1c42a486..38a0a0574 100644 --- a/system/database/drivers/mssql/mssql_result.php +++ b/system/database/drivers/mssql/mssql_result.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.3.0 * @filesource */ @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_mssql_result extends CI_DB_result { diff --git a/system/database/drivers/mssql/mssql_utility.php b/system/database/drivers/mssql/mssql_utility.php index 1040b5e41..95ce88f13 100644 --- a/system/database/drivers/mssql/mssql_utility.php +++ b/system/database/drivers/mssql/mssql_utility.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.3.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_mssql_utility extends CI_DB_utility { diff --git a/system/database/drivers/mysql/mysql_driver.php b/system/database/drivers/mysql/mysql_driver.php index df0f24920..3a7fc9812 100644 --- a/system/database/drivers/mysql/mysql_driver.php +++ b/system/database/drivers/mysql/mysql_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -48,7 +48,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_mysql_driver extends CI_DB { @@ -84,7 +84,7 @@ class CI_DB_mysql_driver extends CI_DB { * * @var bool */ - public $stricton = FALSE; + public $stricton; // -------------------------------------------------------------------- @@ -147,12 +147,41 @@ class CI_DB_mysql_driver extends CI_DB { : FALSE; } - if ($this->stricton && is_resource($this->conn_id)) + if (is_resource($this->conn_id)) { - $this->simple_query('SET SESSION sql_mode="STRICT_ALL_TABLES"'); + if ( ! mysql_set_charset($this->char_set, $this->conn_id)) + { + log_message('error', "Database: Unable to set the configured connection charset ('{$this->char_set}')."); + $this->close(); + return ($this->db->debug) ? $this->display_error('db_unable_to_set_charset', $this->char_set) : FALSE; + } + + if (isset($this->stricton)) + { + if ($this->stricton) + { + $this->simple_query('SET SESSION sql_mode = CONCAT(@@sql_mode, ",", "STRICT_ALL_TABLES")'); + } + else + { + $this->simple_query( + 'SET SESSION sql_mode = + REPLACE(REPLACE(REPLACE(REPLACE(REPLACE(REPLACE( + @@sql_mode, + "STRICT_ALL_TABLES,", ""), + ",STRICT_ALL_TABLES", ""), + "STRICT_ALL_TABLES", ""), + "STRICT_TRANS_TABLES,", ""), + ",STRICT_TRANS_TABLES", ""), + "STRICT_TRANS_TABLES", "")' + ); + } + } + + return $this->conn_id; } - return $this->conn_id; + return FALSE; } // -------------------------------------------------------------------- @@ -191,6 +220,7 @@ class CI_DB_mysql_driver extends CI_DB { if (mysql_select_db($database, $this->conn_id)) { $this->database = $database; + $this->data_cache = array(); return TRUE; } @@ -200,19 +230,6 @@ class CI_DB_mysql_driver extends CI_DB { // -------------------------------------------------------------------- /** - * Set client character set - * - * @param string $charset - * @return bool - */ - protected function _db_set_charset($charset) - { - return mysql_set_charset($charset, $this->conn_id); - } - - // -------------------------------------------------------------------- - - /** * Database version number * * @return string @@ -272,25 +289,12 @@ class CI_DB_mysql_driver extends CI_DB { /** * Begin Transaction * - * @param bool $test_mode * @return bool */ - public function trans_begin($test_mode = FALSE) + protected function _trans_begin() { - // When transactions are nested we only begin/commit/rollback the outermost ones - if ( ! $this->trans_enabled OR $this->_trans_depth > 0) - { - return TRUE; - } - - // Reset the transaction failure flag. - // If the $test_mode flag is set to TRUE transactions will be rolled back - // even if the queries produce a successful result. - $this->_trans_failure = ($test_mode === TRUE); - $this->simple_query('SET AUTOCOMMIT=0'); - $this->simple_query('START TRANSACTION'); // can also be BEGIN or BEGIN WORK - return TRUE; + return $this->simple_query('START TRANSACTION'); // can also be BEGIN or BEGIN WORK } // -------------------------------------------------------------------- @@ -300,17 +304,15 @@ class CI_DB_mysql_driver extends CI_DB { * * @return bool */ - public function trans_commit() + protected function _trans_commit() { - // When transactions are nested we only begin/commit/rollback the outermost ones - if ( ! $this->trans_enabled OR $this->_trans_depth > 0) + if ($this->simple_query('COMMIT')) { + $this->simple_query('SET AUTOCOMMIT=1'); return TRUE; } - $this->simple_query('COMMIT'); - $this->simple_query('SET AUTOCOMMIT=1'); - return TRUE; + return FALSE; } // -------------------------------------------------------------------- @@ -320,23 +322,21 @@ class CI_DB_mysql_driver extends CI_DB { * * @return bool */ - public function trans_rollback() + protected function _trans_rollback() { - // When transactions are nested we only begin/commit/rollback the outermost ones - if ( ! $this->trans_enabled OR $this->_trans_depth > 0) + if ($this->simple_query('ROLLBACK')) { + $this->simple_query('SET AUTOCOMMIT=1'); return TRUE; } - $this->simple_query('ROLLBACK'); - $this->simple_query('SET AUTOCOMMIT=1'); - return TRUE; + return FALSE; } // -------------------------------------------------------------------- /** - * Platform-dependant string escape + * Platform-dependent string escape * * @param string * @return string @@ -447,7 +447,7 @@ class CI_DB_mysql_driver extends CI_DB { * Error * * Returns an array containing code and message of the last - * database error that has occured. + * database error that has occurred. * * @return array */ diff --git a/system/database/drivers/mysql/mysql_forge.php b/system/database/drivers/mysql/mysql_forge.php index cb90065f2..7ed8f8d38 100644 --- a/system/database/drivers/mysql/mysql_forge.php +++ b/system/database/drivers/mysql/mysql_forge.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -42,7 +42,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_mysql_forge extends CI_DB_forge { diff --git a/system/database/drivers/mysql/mysql_result.php b/system/database/drivers/mysql/mysql_result.php index 26aaddd32..7aa265ebb 100644 --- a/system/database/drivers/mysql/mysql_result.php +++ b/system/database/drivers/mysql/mysql_result.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_mysql_result extends CI_DB_result { diff --git a/system/database/drivers/mysql/mysql_utility.php b/system/database/drivers/mysql/mysql_utility.php index 55857ab08..bc01fc58d 100644 --- a/system/database/drivers/mysql/mysql_utility.php +++ b/system/database/drivers/mysql/mysql_utility.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -42,7 +42,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_mysql_utility extends CI_DB_utility { diff --git a/system/database/drivers/mysqli/mysqli_driver.php b/system/database/drivers/mysqli/mysqli_driver.php index dd3cc77c6..290101153 100644 --- a/system/database/drivers/mysqli/mysqli_driver.php +++ b/system/database/drivers/mysqli/mysqli_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.3.0 * @filesource */ @@ -48,7 +48,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_mysqli_driver extends CI_DB { @@ -84,7 +84,7 @@ class CI_DB_mysqli_driver extends CI_DB { * * @var bool */ - public $stricton = FALSE; + public $stricton; // -------------------------------------------------------------------- @@ -98,6 +98,17 @@ class CI_DB_mysqli_driver extends CI_DB { // -------------------------------------------------------------------- /** + * MySQLi object + * + * Has to be preserved without being assigned to $conn_id. + * + * @var MySQLi + */ + protected $_mysqli; + + // -------------------------------------------------------------------- + + /** * Database connection * * @param bool $persistent @@ -114,21 +125,37 @@ class CI_DB_mysqli_driver extends CI_DB { } else { - // Persistent connection support was added in PHP 5.3.0 - $hostname = ($persistent === TRUE && is_php('5.3')) + $hostname = ($persistent === TRUE) ? 'p:'.$this->hostname : $this->hostname; $port = empty($this->port) ? NULL : $this->port; $socket = NULL; } $client_flags = ($this->compress === TRUE) ? MYSQLI_CLIENT_COMPRESS : 0; - $mysqli = mysqli_init(); + $this->_mysqli = mysqli_init(); - $mysqli->options(MYSQLI_OPT_CONNECT_TIMEOUT, 10); + $this->_mysqli->options(MYSQLI_OPT_CONNECT_TIMEOUT, 10); - if ($this->stricton) + if (isset($this->stricton)) { - $mysqli->options(MYSQLI_INIT_COMMAND, 'SET SESSION sql_mode="STRICT_ALL_TABLES"'); + if ($this->stricton) + { + $this->_mysqli->options(MYSQLI_INIT_COMMAND, 'SET SESSION sql_mode = CONCAT(@@sql_mode, ",", "STRICT_ALL_TABLES")'); + } + else + { + $this->_mysqli->options(MYSQLI_INIT_COMMAND, + 'SET SESSION sql_mode = + REPLACE(REPLACE(REPLACE(REPLACE(REPLACE(REPLACE( + @@sql_mode, + "STRICT_ALL_TABLES,", ""), + ",STRICT_ALL_TABLES", ""), + "STRICT_ALL_TABLES", ""), + "STRICT_TRANS_TABLES,", ""), + ",STRICT_TRANS_TABLES", ""), + "STRICT_TRANS_TABLES", "")' + ); + } } if (is_array($this->encrypt)) @@ -142,13 +169,26 @@ class CI_DB_mysqli_driver extends CI_DB { if ( ! empty($ssl)) { - if ( ! empty($this->encrypt['ssl_verify']) && defined('MYSQLI_OPT_SSL_VERIFY_SERVER_CERT')) + if (isset($this->encrypt['ssl_verify'])) { - $mysqli->options(MYSQLI_OPT_SSL_VERIFY_SERVER_CERT, TRUE); + if ($this->encrypt['ssl_verify']) + { + defined('MYSQLI_OPT_SSL_VERIFY_SERVER_CERT') && $this->_mysqli->options(MYSQLI_OPT_SSL_VERIFY_SERVER_CERT, TRUE); + } + // Apparently (when it exists), setting MYSQLI_OPT_SSL_VERIFY_SERVER_CERT + // to FALSE didn't do anything, so PHP 5.6.16 introduced yet another + // constant ... + // + // https://secure.php.net/ChangeLog-5.php#5.6.16 + // https://bugs.php.net/bug.php?id=68344 + elseif (defined('MYSQLI_CLIENT_SSL_DONT_VERIFY_SERVER_CERT')) + { + $client_flags |= MYSQLI_CLIENT_SSL_DONT_VERIFY_SERVER_CERT; + } } $client_flags |= MYSQLI_CLIENT_SSL; - $mysqli->ssl_set( + $this->_mysqli->ssl_set( isset($ssl['key']) ? $ssl['key'] : NULL, isset($ssl['cert']) ? $ssl['cert'] : NULL, isset($ssl['ca']) ? $ssl['ca'] : NULL, @@ -158,22 +198,29 @@ class CI_DB_mysqli_driver extends CI_DB { } } - if ($mysqli->real_connect($hostname, $this->username, $this->password, $this->database, $port, $socket, $client_flags)) + if ($this->_mysqli->real_connect($hostname, $this->username, $this->password, $this->database, $port, $socket, $client_flags)) { // Prior to version 5.7.3, MySQL silently downgrades to an unencrypted connection if SSL setup fails if ( ($client_flags & MYSQLI_CLIENT_SSL) - && version_compare($mysqli->client_info, '5.7.3', '<=') - && empty($mysqli->query("SHOW STATUS LIKE 'ssl_cipher'")->fetch_object()->Value) + && version_compare($this->_mysqli->client_info, '5.7.3', '<=') + && empty($this->_mysqli->query("SHOW STATUS LIKE 'ssl_cipher'")->fetch_object()->Value) ) { - $mysqli->close(); + $this->_mysqli->close(); $message = 'MySQLi was configured for an SSL connection, but got an unencrypted connection instead!'; log_message('error', $message); return ($this->db->db_debug) ? $this->db->display_error($message, '', TRUE) : FALSE; } - return $mysqli; + if ( ! $this->_mysqli->set_charset($this->char_set)) + { + log_message('error', "Database: Unable to set the configured connection charset ('{$this->char_set}')."); + $this->_mysqli->close(); + return ($this->db->db_debug) ? $this->display_error('db_unable_to_set_charset', $this->char_set) : FALSE; + } + + return $this->_mysqli; } return FALSE; @@ -215,6 +262,7 @@ class CI_DB_mysqli_driver extends CI_DB { if ($this->conn_id->select_db($database)) { $this->database = $database; + $this->data_cache = array(); return TRUE; } @@ -224,19 +272,6 @@ class CI_DB_mysqli_driver extends CI_DB { // -------------------------------------------------------------------- /** - * Set client character set - * - * @param string $charset - * @return bool - */ - protected function _db_set_charset($charset) - { - return $this->conn_id->set_charset($charset); - } - - // -------------------------------------------------------------------- - - /** * Database version number * * @return string @@ -291,22 +326,10 @@ class CI_DB_mysqli_driver extends CI_DB { /** * Begin Transaction * - * @param bool $test_mode * @return bool */ - public function trans_begin($test_mode = FALSE) + protected function _trans_begin() { - // When transactions are nested we only begin/commit/rollback the outermost ones - if ( ! $this->trans_enabled OR $this->_trans_depth > 0) - { - return TRUE; - } - - // Reset the transaction failure flag. - // If the $test_mode flag is set to TRUE transactions will be rolled back - // even if the queries produce a successful result. - $this->_trans_failure = ($test_mode === TRUE); - $this->conn_id->autocommit(FALSE); return is_php('5.5') ? $this->conn_id->begin_transaction() @@ -320,14 +343,8 @@ class CI_DB_mysqli_driver extends CI_DB { * * @return bool */ - public function trans_commit() + protected function _trans_commit() { - // When transactions are nested we only begin/commit/rollback the outermost ones - if ( ! $this->trans_enabled OR $this->_trans_depth > 0) - { - return TRUE; - } - if ($this->conn_id->commit()) { $this->conn_id->autocommit(TRUE); @@ -344,14 +361,8 @@ class CI_DB_mysqli_driver extends CI_DB { * * @return bool */ - public function trans_rollback() + protected function _trans_rollback() { - // When transactions are nested we only begin/commit/rollback the outermost ones - if ( ! $this->trans_enabled OR $this->_trans_depth > 0) - { - return TRUE; - } - if ($this->conn_id->rollback()) { $this->conn_id->autocommit(TRUE); @@ -364,7 +375,7 @@ class CI_DB_mysqli_driver extends CI_DB { // -------------------------------------------------------------------- /** - * Platform-dependant string escape + * Platform-dependent string escape * * @param string * @return string @@ -481,11 +492,11 @@ class CI_DB_mysqli_driver extends CI_DB { */ public function error() { - if ( ! empty($this->conn_id->connect_errno)) + if ( ! empty($this->_mysqli->connect_errno)) { return array( - 'code' => $this->conn_id->connect_errno, - 'message' => is_php('5.2.9') ? $this->conn_id->connect_error : mysqli_connect_error() + 'code' => $this->_mysqli->connect_errno, + 'message' => $this->_mysqli->connect_error ); } diff --git a/system/database/drivers/mysqli/mysqli_forge.php b/system/database/drivers/mysqli/mysqli_forge.php index 196afa845..c5b23b6ca 100644 --- a/system/database/drivers/mysqli/mysqli_forge.php +++ b/system/database/drivers/mysqli/mysqli_forge.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.3.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_mysqli_forge extends CI_DB_forge { diff --git a/system/database/drivers/mysqli/mysqli_result.php b/system/database/drivers/mysqli/mysqli_result.php index d648828bd..929c2b455 100644 --- a/system/database/drivers/mysqli/mysqli_result.php +++ b/system/database/drivers/mysqli/mysqli_result.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.3.0 * @filesource */ @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_mysqli_result extends CI_DB_result { diff --git a/system/database/drivers/mysqli/mysqli_utility.php b/system/database/drivers/mysqli/mysqli_utility.php index 04fcd1ded..4a3dad4d1 100644 --- a/system/database/drivers/mysqli/mysqli_utility.php +++ b/system/database/drivers/mysqli/mysqli_utility.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.3.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_mysqli_utility extends CI_DB_utility { diff --git a/system/database/drivers/oci8/oci8_driver.php b/system/database/drivers/oci8/oci8_driver.php index f2e40da9b..fb2f6b31b 100644 --- a/system/database/drivers/oci8/oci8_driver.php +++ b/system/database/drivers/oci8/oci8_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.4.1 * @filesource */ @@ -48,7 +48,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ /** @@ -252,12 +252,16 @@ class CI_DB_oci8_driver extends CI_DB { return $this->data_cache['version']; } - if ( ! $this->conn_id OR ($version = oci_server_version($this->conn_id)) === FALSE) + if ( ! $this->conn_id OR ($version_string = oci_server_version($this->conn_id)) === FALSE) { return FALSE; } + elseif (preg_match('#Release\s(\d+(?:\.\d+)+)#', $version_string, $match)) + { + return $this->data_cache['version'] = $match[1]; + } - return $this->data_cache['version'] = $version; + return FALSE; } // -------------------------------------------------------------------- @@ -378,28 +382,11 @@ class CI_DB_oci8_driver extends CI_DB { /** * Begin Transaction * - * @param bool $test_mode * @return bool */ - public function trans_begin($test_mode = FALSE) + protected function _trans_begin() { - if ( ! $this->trans_enabled) - { - return TRUE; - } - - // When transactions are nested we only begin/commit/rollback the outermost ones - if ($this->_trans_depth > 0) - { - return TRUE; - } - - // Reset the transaction failure flag. - // If the $test_mode flag is set to TRUE transactions will be rolled back - // even if the queries produce a successful result. - $this->_trans_failure = ($test_mode === TRUE); - - $this->commit_mode = is_php('5.3.2') ? OCI_NO_AUTO_COMMIT : OCI_DEFAULT; + $this->commit_mode = OCI_NO_AUTO_COMMIT; return TRUE; } @@ -410,20 +397,10 @@ class CI_DB_oci8_driver extends CI_DB { * * @return bool */ - public function trans_commit() + protected function _trans_commit() { - if ( ! $this->trans_enabled) - { - return TRUE; - } - - // When transactions are nested we only begin/commit/rollback the outermost ones - if ($this->_trans_depth > 0) - { - return TRUE; - } - $this->commit_mode = OCI_COMMIT_ON_SUCCESS; + return oci_commit($this->conn_id); } @@ -434,14 +411,8 @@ class CI_DB_oci8_driver extends CI_DB { * * @return bool */ - public function trans_rollback() + protected function _trans_rollback() { - // When transactions are nested we only begin/commit/rollback the outermost ones - if ( ! $this->trans_enabled OR $this->_trans_depth > 0) - { - return TRUE; - } - $this->commit_mode = OCI_COMMIT_ON_SUCCESS; return oci_rollback($this->conn_id); } @@ -582,29 +553,35 @@ class CI_DB_oci8_driver extends CI_DB { * Error * * Returns an array containing code and message of the last - * database error that has occured. + * database error that has occurred. * * @return array */ public function error() { - /* oci_error() returns an array that already contains the - * 'code' and 'message' keys, so we can just return it. - */ + // oci_error() returns an array that already contains + // 'code' and 'message' keys, but it can return false + // if there was no error .... if (is_resource($this->curs_id)) { - return oci_error($this->curs_id); + $error = oci_error($this->curs_id); } elseif (is_resource($this->stmt_id)) { - return oci_error($this->stmt_id); + $error = oci_error($this->stmt_id); } elseif (is_resource($this->conn_id)) { - return oci_error($this->conn_id); + $error = oci_error($this->conn_id); + } + else + { + $error = oci_error(); } - return oci_error(); + return is_array($error) + ? $error + : array('code' => '', 'message' => ''); } // -------------------------------------------------------------------- @@ -683,6 +660,14 @@ class CI_DB_oci8_driver extends CI_DB { */ protected function _limit($sql) { + if (version_compare($this->version(), '12.1', '>=')) + { + // OFFSET-FETCH can be used only with the ORDER BY clause + empty($this->qb_orderby) && $sql .= ' ORDER BY 1'; + + return $sql.' OFFSET '.(int) $this->qb_offset.' ROWS FETCH NEXT '.$this->qb_limit.' ROWS ONLY'; + } + $this->limit_used = TRUE; return 'SELECT * FROM (SELECT inner_query.*, rownum rnum FROM ('.$sql.') inner_query WHERE rownum < '.($this->qb_offset + $this->qb_limit + 1).')' .($this->qb_offset ? ' WHERE rnum >= '.($this->qb_offset + 1) : ''); diff --git a/system/database/drivers/oci8/oci8_forge.php b/system/database/drivers/oci8/oci8_forge.php index 80100977a..867a94341 100644 --- a/system/database/drivers/oci8/oci8_forge.php +++ b/system/database/drivers/oci8/oci8_forge.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.4.1 * @filesource */ @@ -42,7 +42,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_oci8_forge extends CI_DB_forge { @@ -54,6 +54,13 @@ class CI_DB_oci8_forge extends CI_DB_forge { protected $_create_database = FALSE; /** + * CREATE TABLE IF statement + * + * @var string + */ + protected $_create_table_if = FALSE; + + /** * DROP DATABASE statement * * @var string @@ -119,6 +126,8 @@ class CI_DB_oci8_forge extends CI_DB_forge { $sqls[] = $sql.' RENAME COLUMN '.$this->db->escape_identifiers($field[$i]['name']) .' '.$this->db->escape_identifiers($field[$i]['new_name']); } + + $field[$i] = "\n\t".$field[$i]['_literal']; } } @@ -129,7 +138,7 @@ class CI_DB_oci8_forge extends CI_DB_forge { // RENAME COLUMN must be executed after MODIFY array_unshift($sqls, $sql); - return $sql; + return $sqls; } // -------------------------------------------------------------------- @@ -146,4 +155,33 @@ class CI_DB_oci8_forge extends CI_DB_forge { // Not supported - sequences and triggers must be used instead } + // -------------------------------------------------------------------- + + /** + * Field attribute TYPE + * + * Performs a data type mapping between different databases. + * + * @param array &$attributes + * @return void + */ + protected function _attr_type(&$attributes) + { + switch (strtoupper($attributes['TYPE'])) + { + case 'TINYINT': + $attributes['TYPE'] = 'NUMBER'; + return; + case 'MEDIUMINT': + $attributes['TYPE'] = 'NUMBER'; + return; + case 'INT': + $attributes['TYPE'] = 'NUMBER'; + return; + case 'BIGINT': + $attributes['TYPE'] = 'NUMBER'; + return; + default: return; + } + } } diff --git a/system/database/drivers/oci8/oci8_result.php b/system/database/drivers/oci8/oci8_result.php index 9ec54cc5c..0c3543333 100644 --- a/system/database/drivers/oci8/oci8_result.php +++ b/system/database/drivers/oci8/oci8_result.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.4.1 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_oci8_result extends CI_DB_result { diff --git a/system/database/drivers/oci8/oci8_utility.php b/system/database/drivers/oci8/oci8_utility.php index 90022a8c1..ce0dfc5f8 100644 --- a/system/database/drivers/oci8/oci8_utility.php +++ b/system/database/drivers/oci8/oci8_utility.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.4.1 * @filesource */ @@ -42,7 +42,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_oci8_utility extends CI_DB_utility { diff --git a/system/database/drivers/odbc/odbc_driver.php b/system/database/drivers/odbc/odbc_driver.php index f5d77a147..ed44412c1 100644 --- a/system/database/drivers/odbc/odbc_driver.php +++ b/system/database/drivers/odbc/odbc_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.3.0 * @filesource */ @@ -48,9 +48,9 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ -class CI_DB_odbc_driver extends CI_DB { +class CI_DB_odbc_driver extends CI_DB_driver { /** * Database driver @@ -94,6 +94,22 @@ class CI_DB_odbc_driver extends CI_DB { // -------------------------------------------------------------------- /** + * ODBC result ID resource returned from odbc_prepare() + * + * @var resource + */ + private $odbc_result; + + /** + * Values to use with odbc_execute() for prepared statements + * + * @var array + */ + private $binds = array(); + + // -------------------------------------------------------------------- + + /** * Class constructor * * @param array $params @@ -128,6 +144,74 @@ class CI_DB_odbc_driver extends CI_DB { // -------------------------------------------------------------------- /** + * Compile Bindings + * + * @param string $sql SQL statement + * @param array $binds An array of values to bind + * @return string + */ + public function compile_binds($sql, $binds) + { + if (empty($binds) OR empty($this->bind_marker) OR strpos($sql, $this->bind_marker) === FALSE) + { + return $sql; + } + elseif ( ! is_array($binds)) + { + $binds = array($binds); + $bind_count = 1; + } + else + { + // Make sure we're using numeric keys + $binds = array_values($binds); + $bind_count = count($binds); + } + + // We'll need the marker length later + $ml = strlen($this->bind_marker); + + // Make sure not to replace a chunk inside a string that happens to match the bind marker + if ($c = preg_match_all("/'[^']*'|\"[^\"]*\"/i", $sql, $matches)) + { + $c = preg_match_all('/'.preg_quote($this->bind_marker, '/').'/i', + str_replace($matches[0], + str_replace($this->bind_marker, str_repeat(' ', $ml), $matches[0]), + $sql, $c), + $matches, PREG_OFFSET_CAPTURE); + + // Bind values' count must match the count of markers in the query + if ($bind_count !== $c) + { + return $sql; + } + } + elseif (($c = preg_match_all('/'.preg_quote($this->bind_marker, '/').'/i', $sql, $matches, PREG_OFFSET_CAPTURE)) !== $bind_count) + { + return $sql; + } + + if ($this->bind_marker !== '?') + { + do + { + $c--; + $sql = substr_replace($sql, '?', $matches[0][$c][1], $ml); + } + while ($c !== 0); + } + + if (FALSE !== ($this->odbc_result = odbc_prepare($this->conn_id, $sql))) + { + $this->binds = array_values($binds); + } + + return $sql; + } + + // -------------------------------------------------------------------- + + /** * Execute the query * * @param string $sql an SQL query @@ -135,7 +219,25 @@ class CI_DB_odbc_driver extends CI_DB { */ protected function _execute($sql) { - return odbc_exec($this->conn_id, $sql); + if ( ! isset($this->odbc_result)) + { + return odbc_exec($this->conn_id, $sql); + } + elseif ($this->odbc_result === FALSE) + { + return FALSE; + } + + if (TRUE === ($success = odbc_execute($this->odbc_result, $this->binds))) + { + // For queries that return result sets, return the result_id resource on success + $this->is_write_type($sql) OR $success = $this->odbc_result; + } + + $this->odbc_result = NULL; + $this->binds = array(); + + return $success; } // -------------------------------------------------------------------- @@ -143,22 +245,10 @@ class CI_DB_odbc_driver extends CI_DB { /** * Begin Transaction * - * @param bool $test_mode * @return bool */ - public function trans_begin($test_mode = FALSE) + protected function _trans_begin() { - // When transactions are nested we only begin/commit/rollback the outermost ones - if ( ! $this->trans_enabled OR $this->_trans_depth > 0) - { - return TRUE; - } - - // Reset the transaction failure flag. - // If the $test_mode flag is set to TRUE transactions will be rolled back - // even if the queries produce a successful result. - $this->_trans_failure = ($test_mode === TRUE); - return odbc_autocommit($this->conn_id, FALSE); } @@ -169,17 +259,15 @@ class CI_DB_odbc_driver extends CI_DB { * * @return bool */ - public function trans_commit() + protected function _trans_commit() { - // When transactions are nested we only begin/commit/rollback the outermost ones - if ( ! $this->trans_enabled OR $this->_trans_depth > 0) + if (odbc_commit($this->conn_id)) { + odbc_autocommit($this->conn_id, TRUE); return TRUE; } - $ret = odbc_commit($this->conn_id); - odbc_autocommit($this->conn_id, TRUE); - return $ret; + return FALSE; } // -------------------------------------------------------------------- @@ -189,30 +277,46 @@ class CI_DB_odbc_driver extends CI_DB { * * @return bool */ - public function trans_rollback() + protected function _trans_rollback() { - // When transactions are nested we only begin/commit/rollback the outermost ones - if ( ! $this->trans_enabled OR $this->_trans_depth > 0) + if (odbc_rollback($this->conn_id)) { + odbc_autocommit($this->conn_id, TRUE); return TRUE; } - $ret = odbc_rollback($this->conn_id); - odbc_autocommit($this->conn_id, TRUE); - return $ret; + return FALSE; } // -------------------------------------------------------------------- /** - * Platform-dependant string escape + * Determines if a query is a "write" type. + * + * @param string An SQL query string + * @return bool + */ + public function is_write_type($sql) + { + if (preg_match('#^(INSERT|UPDATE).*RETURNING\s.+(\,\s?.+)*$#is', $sql)) + { + return FALSE; + } + + return parent::is_write_type($sql); + } + + // -------------------------------------------------------------------- + + /** + * Platform-dependent string escape * * @param string * @return string */ protected function _escape_str($str) { - return remove_invisible_characters($str); + $this->db->display_error('db_unsupported_feature'); } // -------------------------------------------------------------------- @@ -298,7 +402,7 @@ class CI_DB_odbc_driver extends CI_DB { * Error * * Returns an array containing code and message of the last - * database error that has occured. + * database error that has occurred. * * @return array */ @@ -310,58 +414,6 @@ class CI_DB_odbc_driver extends CI_DB { // -------------------------------------------------------------------- /** - * Update statement - * - * Generates a platform-specific update string from the supplied data - * - * @param string $table - * @param array $values - * @return string - */ - protected function _update($table, $values) - { - $this->qb_limit = FALSE; - $this->qb_orderby = array(); - return parent::_update($table, $values); - } - - // -------------------------------------------------------------------- - - /** - * Truncate statement - * - * Generates a platform-specific truncate string from the supplied data - * - * If the database does not support the TRUNCATE statement, - * then this method maps to 'DELETE FROM table' - * - * @param string $table - * @return string - */ - protected function _truncate($table) - { - return 'DELETE FROM '.$table; - } - - // -------------------------------------------------------------------- - - /** - * Delete statement - * - * Generates a platform-specific delete string from the supplied data - * - * @param string $table - * @return string - */ - protected function _delete($table) - { - $this->qb_limit = FALSE; - return parent::_delete($table); - } - - // -------------------------------------------------------------------- - - /** * Close DB Connection * * @return void @@ -370,5 +422,4 @@ class CI_DB_odbc_driver extends CI_DB { { odbc_close($this->conn_id); } - } diff --git a/system/database/drivers/odbc/odbc_forge.php b/system/database/drivers/odbc/odbc_forge.php index 45c5dc108..77b2fdf62 100644 --- a/system/database/drivers/odbc/odbc_forge.php +++ b/system/database/drivers/odbc/odbc_forge.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.3.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/database/ + * @link https://codeigniter.com/database/ */ class CI_DB_odbc_forge extends CI_DB_forge { diff --git a/system/database/drivers/odbc/odbc_result.php b/system/database/drivers/odbc/odbc_result.php index 10b93d4fc..845aa9c79 100644 --- a/system/database/drivers/odbc/odbc_result.php +++ b/system/database/drivers/odbc/odbc_result.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.3.0 * @filesource */ @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_odbc_result extends CI_DB_result { diff --git a/system/database/drivers/odbc/odbc_utility.php b/system/database/drivers/odbc/odbc_utility.php index 0e6c23328..643f6ec0c 100644 --- a/system/database/drivers/odbc/odbc_utility.php +++ b/system/database/drivers/odbc/odbc_utility.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.3.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/database/ + * @link https://codeigniter.com/database/ */ class CI_DB_odbc_utility extends CI_DB_utility { diff --git a/system/database/drivers/pdo/pdo_driver.php b/system/database/drivers/pdo/pdo_driver.php index cc77e9568..6afc999c2 100644 --- a/system/database/drivers/pdo/pdo_driver.php +++ b/system/database/drivers/pdo/pdo_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 2.1.0 * @filesource */ @@ -48,7 +48,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_pdo_driver extends CI_DB { @@ -126,7 +126,10 @@ class CI_DB_pdo_driver extends CI_DB { */ public function db_connect($persistent = FALSE) { - $this->options[PDO::ATTR_PERSISTENT] = $persistent; + if ($persistent === TRUE) + { + $this->options[PDO::ATTR_PERSISTENT] = TRUE; + } try { @@ -186,22 +189,10 @@ class CI_DB_pdo_driver extends CI_DB { /** * Begin Transaction * - * @param bool $test_mode * @return bool */ - public function trans_begin($test_mode = FALSE) + protected function _trans_begin() { - // When transactions are nested we only begin/commit/rollback the outermost ones - if ( ! $this->trans_enabled OR $this->_trans_depth > 0) - { - return TRUE; - } - - // Reset the transaction failure flag. - // If the $test_mode flag is set to TRUE transactions will be rolled back - // even if the queries produce a successful result. - $this->_trans_failure = ($test_mode === TRUE); - return $this->conn_id->beginTransaction(); } @@ -212,14 +203,8 @@ class CI_DB_pdo_driver extends CI_DB { * * @return bool */ - public function trans_commit() + protected function _trans_commit() { - // When transactions are nested we only begin/commit/rollback the outermost ones - if ( ! $this->trans_enabled OR $this->_trans_depth > 0) - { - return TRUE; - } - return $this->conn_id->commit(); } @@ -230,21 +215,15 @@ class CI_DB_pdo_driver extends CI_DB { * * @return bool */ - public function trans_rollback() + protected function _trans_rollback() { - // When transactions are nested we only begin/commit/rollback the outermost ones - if ( ! $this->trans_enabled OR $this->_trans_depth > 0) - { - return TRUE; - } - return $this->conn_id->rollBack(); } // -------------------------------------------------------------------- /** - * Platform-dependant string escape + * Platform-dependent string escape * * @param string * @return string @@ -306,7 +285,7 @@ class CI_DB_pdo_driver extends CI_DB { * Error * * Returns an array containing code and message of the last - * database error that has occured. + * database error that has occurred. * * @return array */ @@ -332,52 +311,6 @@ class CI_DB_pdo_driver extends CI_DB { // -------------------------------------------------------------------- /** - * Update_Batch statement - * - * Generates a platform-specific batch update string from the supplied data - * - * @param string $table Table name - * @param array $values Update data - * @param string $index WHERE key - * @return string - */ - protected function _update_batch($table, $values, $index) - { - $ids = array(); - foreach ($values as $key => $val) - { - $ids[] = $val[$index]; - - foreach (array_keys($val) as $field) - { - if ($field !== $index) - { - $final[$field][] = 'WHEN '.$index.' = '.$val[$index].' THEN '.$val[$field]; - } - } - } - - $cases = ''; - foreach ($final as $k => $v) - { - $cases .= $k.' = CASE '."\n"; - - foreach ($v as $row) - { - $cases .= $row."\n"; - } - - $cases .= 'ELSE '.$k.' END, '; - } - - $this->where($index.' IN('.implode(',', $ids).')', NULL, FALSE); - - return 'UPDATE '.$table.' SET '.substr($cases, 0, -2).$this->_compile_wh('qb_where'); - } - - // -------------------------------------------------------------------- - - /** * Truncate statement * * Generates a platform-specific truncate string from the supplied data diff --git a/system/database/drivers/pdo/pdo_forge.php b/system/database/drivers/pdo/pdo_forge.php index eedd9722d..685b6776d 100644 --- a/system/database/drivers/pdo/pdo_forge.php +++ b/system/database/drivers/pdo/pdo_forge.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 2.1.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/database/ + * @link https://codeigniter.com/database/ */ class CI_DB_pdo_forge extends CI_DB_forge { diff --git a/system/database/drivers/pdo/pdo_result.php b/system/database/drivers/pdo/pdo_result.php index fe26fea6e..bbc2cdc5a 100644 --- a/system/database/drivers/pdo/pdo_result.php +++ b/system/database/drivers/pdo/pdo_result.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 2.1.0 * @filesource */ @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_pdo_result extends CI_DB_result { diff --git a/system/database/drivers/pdo/pdo_utility.php b/system/database/drivers/pdo/pdo_utility.php index 72169c3ca..5029cac94 100644 --- a/system/database/drivers/pdo/pdo_utility.php +++ b/system/database/drivers/pdo/pdo_utility.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 2.1.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/database/ + * @link https://codeigniter.com/database/ */ class CI_DB_pdo_utility extends CI_DB_utility { diff --git a/system/database/drivers/pdo/subdrivers/pdo_4d_driver.php b/system/database/drivers/pdo/subdrivers/pdo_4d_driver.php index 7a767ef40..7eaeaa1fd 100644 --- a/system/database/drivers/pdo/subdrivers/pdo_4d_driver.php +++ b/system/database/drivers/pdo/subdrivers/pdo_4d_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -48,7 +48,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_pdo_4d_driver extends CI_DB_pdo_driver { diff --git a/system/database/drivers/pdo/subdrivers/pdo_4d_forge.php b/system/database/drivers/pdo/subdrivers/pdo_4d_forge.php index 6b420540c..3f636d3bd 100644 --- a/system/database/drivers/pdo/subdrivers/pdo_4d_forge.php +++ b/system/database/drivers/pdo/subdrivers/pdo_4d_forge.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -42,7 +42,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_pdo_4d_forge extends CI_DB_pdo_forge { diff --git a/system/database/drivers/pdo/subdrivers/pdo_cubrid_driver.php b/system/database/drivers/pdo/subdrivers/pdo_cubrid_driver.php index 98ac89f3d..fc49e0dd0 100644 --- a/system/database/drivers/pdo/subdrivers/pdo_cubrid_driver.php +++ b/system/database/drivers/pdo/subdrivers/pdo_cubrid_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -48,7 +48,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_pdo_cubrid_driver extends CI_DB_pdo_driver { @@ -171,47 +171,6 @@ class CI_DB_pdo_cubrid_driver extends CI_DB_pdo_driver { // -------------------------------------------------------------------- /** - * Update_Batch statement - * - * Generates a platform-specific batch update string from the supplied data - * - * @param string $table Table name - * @param array $values Update data - * @param string $index WHERE key - * @return string - */ - protected function _update_batch($table, $values, $index) - { - $ids = array(); - foreach ($values as $key => $val) - { - $ids[] = $val[$index]; - - foreach (array_keys($val) as $field) - { - if ($field !== $index) - { - $final[$field][] = 'WHEN '.$index.' = '.$val[$index].' THEN '.$val[$field]; - } - } - } - - $cases = ''; - foreach ($final as $k => $v) - { - $cases .= $k." = CASE \n" - .implode("\n", $v)."\n" - .'ELSE '.$k.' END), '; - } - - $this->where($index.' IN('.implode(',', $ids).')', NULL, FALSE); - - return 'UPDATE '.$table.' SET '.substr($cases, 0, -2).$this->_compile_wh('qb_where'); - } - - // -------------------------------------------------------------------- - - /** * Truncate statement * * Generates a platform-specific truncate string from the supplied data diff --git a/system/database/drivers/pdo/subdrivers/pdo_cubrid_forge.php b/system/database/drivers/pdo/subdrivers/pdo_cubrid_forge.php index 15b100d9b..276cbb6bc 100644 --- a/system/database/drivers/pdo/subdrivers/pdo_cubrid_forge.php +++ b/system/database/drivers/pdo/subdrivers/pdo_cubrid_forge.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -42,7 +42,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_pdo_cubrid_forge extends CI_DB_pdo_forge { @@ -178,6 +178,9 @@ class CI_DB_pdo_cubrid_forge extends CI_DB_pdo_forge { $attributes['TYPE'] = 'INTEGER'; $attributes['UNSIGNED'] = FALSE; return; + case 'LONGTEXT': + $attributes['TYPE'] = 'STRING'; + return; default: return; } } diff --git a/system/database/drivers/pdo/subdrivers/pdo_dblib_driver.php b/system/database/drivers/pdo/subdrivers/pdo_dblib_driver.php index ae2b9983b..3249a1d7f 100644 --- a/system/database/drivers/pdo/subdrivers/pdo_dblib_driver.php +++ b/system/database/drivers/pdo/subdrivers/pdo_dblib_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -48,7 +48,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_pdo_dblib_driver extends CI_DB_pdo_driver { @@ -126,7 +126,12 @@ class CI_DB_pdo_dblib_driver extends CI_DB_pdo_driver { */ public function db_connect($persistent = FALSE) { - $this->conn_id = parent::db_connect($persistent); + if ($persistent === TRUE) + { + log_message('debug', "dblib driver doesn't support persistent connections"); + } + + $this->conn_id = parent::db_connect(FALSE); if ( ! is_object($this->conn_id)) { diff --git a/system/database/drivers/pdo/subdrivers/pdo_dblib_forge.php b/system/database/drivers/pdo/subdrivers/pdo_dblib_forge.php index d3dd9032e..d0cca38dd 100644 --- a/system/database/drivers/pdo/subdrivers/pdo_dblib_forge.php +++ b/system/database/drivers/pdo/subdrivers/pdo_dblib_forge.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -42,7 +42,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_pdo_dblib_forge extends CI_DB_pdo_forge { @@ -111,6 +111,11 @@ class CI_DB_pdo_dblib_forge extends CI_DB_pdo_forge { */ protected function _attr_type(&$attributes) { + if (isset($attributes['CONSTRAINT']) && strpos($attributes['TYPE'], 'INT') !== FALSE) + { + unset($attributes['CONSTRAINT']); + } + switch (strtoupper($attributes['TYPE'])) { case 'MEDIUMINT': diff --git a/system/database/drivers/pdo/subdrivers/pdo_firebird_driver.php b/system/database/drivers/pdo/subdrivers/pdo_firebird_driver.php index 0bafde861..aa5e7d6e7 100644 --- a/system/database/drivers/pdo/subdrivers/pdo_firebird_driver.php +++ b/system/database/drivers/pdo/subdrivers/pdo_firebird_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -48,7 +48,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_pdo_firebird_driver extends CI_DB_pdo_driver { @@ -260,4 +260,20 @@ class CI_DB_pdo_firebird_driver extends CI_DB_pdo_driver { return preg_replace('`SELECT`i', 'SELECT '.$select, $sql); } + // -------------------------------------------------------------------- + + /** + * Insert batch statement + * + * Generates a platform-specific insert string from the supplied data. + * + * @param string $table Table name + * @param array $keys INSERT keys + * @param array $values INSERT values + * @return string|bool + */ + protected function _insert_batch($table, $keys, $values) + { + return ($this->db->db_debug) ? $this->db->display_error('db_unsupported_feature') : FALSE; + } } diff --git a/system/database/drivers/pdo/subdrivers/pdo_firebird_forge.php b/system/database/drivers/pdo/subdrivers/pdo_firebird_forge.php index ad28a6550..20c5a6897 100644 --- a/system/database/drivers/pdo/subdrivers/pdo_firebird_forge.php +++ b/system/database/drivers/pdo/subdrivers/pdo_firebird_forge.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -42,7 +42,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_pdo_firebird_forge extends CI_DB_pdo_forge { @@ -97,7 +97,7 @@ class CI_DB_pdo_firebird_forge extends CI_DB_pdo_forge { * @param string $db_name (ignored) * @return bool */ - public function drop_database($db_name = '') + public function drop_database($db_name) { if ( ! ibase_drop_db($this->conn_id)) { diff --git a/system/database/drivers/pdo/subdrivers/pdo_ibm_driver.php b/system/database/drivers/pdo/subdrivers/pdo_ibm_driver.php index 5dba26ec9..26b556a78 100644 --- a/system/database/drivers/pdo/subdrivers/pdo_ibm_driver.php +++ b/system/database/drivers/pdo/subdrivers/pdo_ibm_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -48,7 +48,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_pdo_ibm_driver extends CI_DB_pdo_driver { diff --git a/system/database/drivers/pdo/subdrivers/pdo_ibm_forge.php b/system/database/drivers/pdo/subdrivers/pdo_ibm_forge.php index d1b5f92c9..4238ca082 100644 --- a/system/database/drivers/pdo/subdrivers/pdo_ibm_forge.php +++ b/system/database/drivers/pdo/subdrivers/pdo_ibm_forge.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -42,7 +42,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_pdo_ibm_forge extends CI_DB_pdo_forge { diff --git a/system/database/drivers/pdo/subdrivers/pdo_informix_driver.php b/system/database/drivers/pdo/subdrivers/pdo_informix_driver.php index 9f8c017a5..050171f64 100644 --- a/system/database/drivers/pdo/subdrivers/pdo_informix_driver.php +++ b/system/database/drivers/pdo/subdrivers/pdo_informix_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -48,7 +48,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_pdo_informix_driver extends CI_DB_pdo_driver { diff --git a/system/database/drivers/pdo/subdrivers/pdo_informix_forge.php b/system/database/drivers/pdo/subdrivers/pdo_informix_forge.php index 22bdf6104..2ddc2a933 100644 --- a/system/database/drivers/pdo/subdrivers/pdo_informix_forge.php +++ b/system/database/drivers/pdo/subdrivers/pdo_informix_forge.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -42,7 +42,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_pdo_informix_forge extends CI_DB_pdo_forge { diff --git a/system/database/drivers/pdo/subdrivers/pdo_mysql_driver.php b/system/database/drivers/pdo/subdrivers/pdo_mysql_driver.php index e9d25cebc..66c15dac6 100644 --- a/system/database/drivers/pdo/subdrivers/pdo_mysql_driver.php +++ b/system/database/drivers/pdo/subdrivers/pdo_mysql_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -48,7 +48,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_pdo_mysql_driver extends CI_DB_pdo_driver { @@ -73,7 +73,7 @@ class CI_DB_pdo_mysql_driver extends CI_DB_pdo_driver { * * @var bool */ - public $stricton = FALSE; + public $stricton; // -------------------------------------------------------------------- @@ -106,7 +106,7 @@ class CI_DB_pdo_mysql_driver extends CI_DB_pdo_driver { empty($this->database) OR $this->dsn .= ';dbname='.$this->database; empty($this->char_set) OR $this->dsn .= ';charset='.$this->char_set; } - elseif ( ! empty($this->char_set) && strpos($this->dsn, 'charset=', 6) === FALSE && is_php('5.3.6')) + elseif ( ! empty($this->char_set) && strpos($this->dsn, 'charset=', 6) === FALSE) { $this->dsn .= ';charset='.$this->char_set; } @@ -122,26 +122,34 @@ class CI_DB_pdo_mysql_driver extends CI_DB_pdo_driver { */ public function db_connect($persistent = FALSE) { - /* Prior to PHP 5.3.6, even if the charset was supplied in the DSN - * on connect - it was ignored. This is a work-around for the issue. - * - * Reference: http://www.php.net/manual/en/ref.pdo-mysql.connection.php - */ - if ( ! is_php('5.3.6') && ! empty($this->char_set)) + if (isset($this->stricton)) { - $this->options[PDO::MYSQL_ATTR_INIT_COMMAND] = 'SET NAMES '.$this->char_set - .(empty($this->dbcollat) ? '' : ' COLLATE '.$this->dbcollat); - } - - if ($this->stricton) - { - if (empty($this->options[PDO::MYSQL_ATTR_INIT_COMMAND])) + if ($this->stricton) { - $this->options[PDO::MYSQL_ATTR_INIT_COMMAND] = 'SET SESSION sql_mode="STRICT_ALL_TABLES"'; + $sql = 'CONCAT(@@sql_mode, ",", "STRICT_ALL_TABLES")'; } else { - $this->options[PDO::MYSQL_ATTR_INIT_COMMAND] .= ', @@session.sql_mode = "STRICT_ALL_TABLES"'; + $sql = 'REPLACE(REPLACE(REPLACE(REPLACE(REPLACE(REPLACE( + @@sql_mode, + "STRICT_ALL_TABLES,", ""), + ",STRICT_ALL_TABLES", ""), + "STRICT_ALL_TABLES", ""), + "STRICT_TRANS_TABLES,", ""), + ",STRICT_TRANS_TABLES", ""), + "STRICT_TRANS_TABLES", "")'; + } + + if ( ! empty($sql)) + { + if (empty($this->options[PDO::MYSQL_ATTR_INIT_COMMAND])) + { + $this->options[PDO::MYSQL_ATTR_INIT_COMMAND] = 'SET SESSION sql_mode = '.$sql; + } + else + { + $this->options[PDO::MYSQL_ATTR_INIT_COMMAND] .= ', @@session.sql_mode = '.$sql; + } } } @@ -150,8 +158,7 @@ class CI_DB_pdo_mysql_driver extends CI_DB_pdo_driver { $this->options[PDO::MYSQL_ATTR_COMPRESS] = TRUE; } - // SSL support was added to PDO_MYSQL in PHP 5.3.7 - if (is_array($this->encrypt) && is_php('5.3.7')) + if (is_array($this->encrypt)) { $ssl = array(); empty($this->encrypt['ssl_key']) OR $ssl[PDO::MYSQL_ATTR_SSL_KEY] = $this->encrypt['ssl_key']; @@ -199,6 +206,56 @@ class CI_DB_pdo_mysql_driver extends CI_DB_pdo_driver { if (FALSE !== $this->simple_query('USE '.$this->escape_identifiers($database))) { $this->database = $database; + $this->data_cache = array(); + return TRUE; + } + + return FALSE; + } + + // -------------------------------------------------------------------- + + /** + * Begin Transaction + * + * @return bool + */ + protected function _trans_begin() + { + $this->conn_id->setAttribute(PDO::ATTR_AUTOCOMMIT, FALSE); + return $this->conn_id->beginTransaction(); + } + + // -------------------------------------------------------------------- + + /** + * Commit Transaction + * + * @return bool + */ + protected function _trans_commit() + { + if ($this->conn_id->commit()) + { + $this->conn_id->setAttribute(PDO::ATTR_AUTOCOMMIT, TRUE); + return TRUE; + } + + return FALSE; + } + + // -------------------------------------------------------------------- + + /** + * Rollback Transaction + * + * @return bool + */ + protected function _trans_rollback() + { + if ($this->conn_id->rollBack()) + { + $this->conn_id->setAttribute(PDO::ATTR_AUTOCOMMIT, TRUE); return TRUE; } diff --git a/system/database/drivers/pdo/subdrivers/pdo_mysql_forge.php b/system/database/drivers/pdo/subdrivers/pdo_mysql_forge.php index e8e24c6b3..c7a92b826 100644 --- a/system/database/drivers/pdo/subdrivers/pdo_mysql_forge.php +++ b/system/database/drivers/pdo/subdrivers/pdo_mysql_forge.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -42,7 +42,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_pdo_mysql_forge extends CI_DB_pdo_forge { diff --git a/system/database/drivers/pdo/subdrivers/pdo_oci_driver.php b/system/database/drivers/pdo/subdrivers/pdo_oci_driver.php index d17e311f7..abf9167d6 100644 --- a/system/database/drivers/pdo/subdrivers/pdo_oci_driver.php +++ b/system/database/drivers/pdo/subdrivers/pdo_oci_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -48,7 +48,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_pdo_oci_driver extends CI_DB_pdo_driver { @@ -130,6 +130,29 @@ class CI_DB_pdo_oci_driver extends CI_DB_pdo_driver { // -------------------------------------------------------------------- /** + * Database version number + * + * @return string + */ + public function version() + { + if (isset($this->data_cache['version'])) + { + return $this->data_cache['version']; + } + + $version_string = parent::version(); + if (preg_match('#Release\s(?<version>\d+(?:\.\d+)+)#', $version_string, $match)) + { + return $this->data_cache['version'] = $match[1]; + } + + return FALSE; + } + + // -------------------------------------------------------------------- + + /** * Show table query * * Generates a platform-specific query string so that the table names can be fetched @@ -288,6 +311,14 @@ class CI_DB_pdo_oci_driver extends CI_DB_pdo_driver { */ protected function _limit($sql) { + if (version_compare($this->version(), '12.1', '>=')) + { + // OFFSET-FETCH can be used only with the ORDER BY clause + empty($this->qb_orderby) && $sql .= ' ORDER BY 1'; + + return $sql.' OFFSET '.(int) $this->qb_offset.' ROWS FETCH NEXT '.$this->qb_limit.' ROWS ONLY'; + } + return 'SELECT * FROM (SELECT inner_query.*, rownum rnum FROM ('.$sql.') inner_query WHERE rownum < '.($this->qb_offset + $this->qb_limit + 1).')' .($this->qb_offset ? ' WHERE rnum >= '.($this->qb_offset + 1): ''); } diff --git a/system/database/drivers/pdo/subdrivers/pdo_oci_forge.php b/system/database/drivers/pdo/subdrivers/pdo_oci_forge.php index e2078cf39..c8983ee56 100644 --- a/system/database/drivers/pdo/subdrivers/pdo_oci_forge.php +++ b/system/database/drivers/pdo/subdrivers/pdo_oci_forge.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -42,7 +42,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_pdo_oci_forge extends CI_DB_pdo_forge { @@ -54,18 +54,18 @@ class CI_DB_pdo_oci_forge extends CI_DB_pdo_forge { protected $_create_database = FALSE; /** - * DROP DATABASE statement + * CREATE TABLE IF statement * * @var string */ - protected $_drop_database = FALSE; + protected $_create_table_if = FALSE; /** - * CREATE TABLE IF statement + * DROP DATABASE statement * * @var string */ - protected $_create_table_if = 'CREATE TABLE IF NOT EXISTS'; + protected $_drop_database = FALSE; /** * UNSIGNED support @@ -146,4 +146,31 @@ class CI_DB_pdo_oci_forge extends CI_DB_pdo_forge { // Not supported - sequences and triggers must be used instead } + /** + * Field attribute TYPE + * + * Performs a data type mapping between different databases. + * + * @param array &$attributes + * @return void + */ + protected function _attr_type(&$attributes) + { + switch (strtoupper($attributes['TYPE'])) + { + case 'TINYINT': + $attributes['TYPE'] = 'NUMBER'; + return; + case 'MEDIUMINT': + $attributes['TYPE'] = 'NUMBER'; + return; + case 'INT': + $attributes['TYPE'] = 'NUMBER'; + return; + case 'BIGINT': + $attributes['TYPE'] = 'NUMBER'; + return; + default: return; + } + } } diff --git a/system/database/drivers/pdo/subdrivers/pdo_odbc_driver.php b/system/database/drivers/pdo/subdrivers/pdo_odbc_driver.php index 51c70b630..5a492d881 100644 --- a/system/database/drivers/pdo/subdrivers/pdo_odbc_driver.php +++ b/system/database/drivers/pdo/subdrivers/pdo_odbc_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -48,7 +48,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_pdo_odbc_driver extends CI_DB_pdo_driver { @@ -161,106 +161,69 @@ class CI_DB_pdo_odbc_driver extends CI_DB_pdo_driver { // -------------------------------------------------------------------- /** - * Show table query - * - * Generates a platform-specific query string so that the table names can be fetched + * Platform-dependent string escape * - * @param bool $prefix_limit + * @param string * @return string */ - protected function _list_tables($prefix_limit = FALSE) + protected function _escape_str($str) { - $sql = "SELECT table_name FROM information_schema.tables WHERE table_schema = '".$this->schema."'"; - - if ($prefix_limit !== FALSE && $this->dbprefix !== '') - { - return $sql." AND table_name LIKE '".$this->escape_like_str($this->dbprefix)."%' " - .sprintf($this->_like_escape_str, $this->_like_escape_chr); - } - - return $sql; + $this->db->display_error('db_unsupported_feature'); } // -------------------------------------------------------------------- /** - * Show column query + * Determines if a query is a "write" type. * - * Generates a platform-specific query string so that the column names can be fetched - * - * @param string $table - * @return string + * @param string An SQL query string + * @return bool */ - protected function _list_columns($table = '') + public function is_write_type($sql) { - return 'SELECT column_name FROM information_schema.columns WHERE table_name = '.$this->escape($table); - } - - // -------------------------------------------------------------------- + if (preg_match('#^(INSERT|UPDATE).*RETURNING\s.+(\,\s?.+)*$#is', $sql)) + { + return FALSE; + } - /** - * Update statement - * - * Generates a platform-specific update string from the supplied data - * - * @param string $table - * @param array $values - * @return string - */ - protected function _update($table, $values) - { - $this->qb_limit = FALSE; - $this->qb_orderby = array(); - return parent::_update($table, $values); + return parent::is_write_type($sql); } // -------------------------------------------------------------------- /** - * Truncate statement - * - * Generates a platform-specific truncate string from the supplied data + * Show table query * - * If the database does not support the TRUNCATE statement, - * then this method maps to 'DELETE FROM table' + * Generates a platform-specific query string so that the table names can be fetched * - * @param string $table + * @param bool $prefix_limit * @return string */ - protected function _truncate($table) + protected function _list_tables($prefix_limit = FALSE) { - return 'DELETE FROM '.$table; - } + $sql = "SELECT table_name FROM information_schema.tables WHERE table_schema = '".$this->schema."'"; - // -------------------------------------------------------------------- + if ($prefix_limit !== FALSE && $this->dbprefix !== '') + { + return $sql." AND table_name LIKE '".$this->escape_like_str($this->dbprefix)."%' " + .sprintf($this->_like_escape_str, $this->_like_escape_chr); + } - /** - * Delete statement - * - * Generates a platform-specific delete string from the supplied data - * - * @param string the table name - * @return string - */ - protected function _delete($table) - { - $this->qb_limit = FALSE; - return parent::_delete($table); + return $sql; } // -------------------------------------------------------------------- /** - * LIMIT + * Show column query * - * Generates a platform-specific LIMIT clause + * Generates a platform-specific query string so that the column names can be fetched * - * @param string $sql SQL Query + * @param string $table * @return string */ - protected function _limit($sql) + protected function _list_columns($table = '') { - return preg_replace('/(^\SELECT (DISTINCT)?)/i','\\1 TOP '.$this->qb_limit.' ', $sql); + return 'SELECT column_name FROM information_schema.columns WHERE table_name = '.$this->escape($table); } - } diff --git a/system/database/drivers/pdo/subdrivers/pdo_odbc_forge.php b/system/database/drivers/pdo/subdrivers/pdo_odbc_forge.php index 291352982..a2a3bada3 100644 --- a/system/database/drivers/pdo/subdrivers/pdo_odbc_forge.php +++ b/system/database/drivers/pdo/subdrivers/pdo_odbc_forge.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -42,7 +42,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/database/ + * @link https://codeigniter.com/database/ */ class CI_DB_pdo_odbc_forge extends CI_DB_pdo_forge { diff --git a/system/database/drivers/pdo/subdrivers/pdo_pgsql_driver.php b/system/database/drivers/pdo/subdrivers/pdo_pgsql_driver.php index 2dd41ca87..9aed3a2fe 100644 --- a/system/database/drivers/pdo/subdrivers/pdo_pgsql_driver.php +++ b/system/database/drivers/pdo/subdrivers/pdo_pgsql_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -48,7 +48,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_pdo_pgsql_driver extends CI_DB_pdo_driver { @@ -154,7 +154,12 @@ class CI_DB_pdo_pgsql_driver extends CI_DB_pdo_driver { */ public function is_write_type($sql) { - return (bool) preg_match('/^\s*"?(SET|INSERT(?![^\)]+\)\s+RETURNING)|UPDATE(?!.*\sRETURNING)|DELETE|CREATE|DROP|TRUNCATE|LOAD|COPY|ALTER|RENAME|GRANT|REVOKE|LOCK|UNLOCK|REINDEX)\s/i', str_replace(array("\r\n", "\r", "\n"), ' ', $sql)); + if (preg_match('#^(INSERT|UPDATE).*RETURNING\s.+(\,\s?.+)*$#is', $sql)) + { + return FALSE; + } + + return parent::is_write_type($sql); } // -------------------------------------------------------------------- @@ -321,13 +326,13 @@ class CI_DB_pdo_pgsql_driver extends CI_DB_pdo_driver { $ids = array(); foreach ($values as $key => $val) { - $ids[] = $val[$index]; + $ids[] = $val[$index]['value']; foreach (array_keys($val) as $field) { if ($field !== $index) { - $final[$field][] = 'WHEN '.$val[$index].' THEN '.$val[$field]; + $final[$val[$field]['field']][] = 'WHEN '.$val[$index]['value'].' THEN '.$val[$field]['value']; } } } @@ -335,12 +340,12 @@ class CI_DB_pdo_pgsql_driver extends CI_DB_pdo_driver { $cases = ''; foreach ($final as $k => $v) { - $cases .= $k.' = (CASE '.$index."\n" + $cases .= $k.' = (CASE '.$val[$index]['field']."\n" .implode("\n", $v)."\n" .'ELSE '.$k.' END), '; } - $this->where($index.' IN('.implode(',', $ids).')', NULL, FALSE); + $this->where($val[$index]['field'].' IN('.implode(',', $ids).')', NULL, FALSE); return 'UPDATE '.$table.' SET '.substr($cases, 0, -2).$this->_compile_wh('qb_where'); } diff --git a/system/database/drivers/pdo/subdrivers/pdo_pgsql_forge.php b/system/database/drivers/pdo/subdrivers/pdo_pgsql_forge.php index b4a6160a8..b00af4ad0 100644 --- a/system/database/drivers/pdo/subdrivers/pdo_pgsql_forge.php +++ b/system/database/drivers/pdo/subdrivers/pdo_pgsql_forge.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -42,7 +42,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_pdo_pgsql_forge extends CI_DB_pdo_forge { @@ -168,7 +168,7 @@ class CI_DB_pdo_pgsql_forge extends CI_DB_pdo_forge { */ protected function _attr_type(&$attributes) { - // Reset field lenghts for data types that don't support it + // Reset field lengths for data types that don't support it if (isset($attributes['CONSTRAINT']) && stripos($attributes['TYPE'], 'int') !== FALSE) { $attributes['CONSTRAINT'] = NULL; diff --git a/system/database/drivers/pdo/subdrivers/pdo_sqlite_driver.php b/system/database/drivers/pdo/subdrivers/pdo_sqlite_driver.php index 409e6501b..9b70f3ea6 100644 --- a/system/database/drivers/pdo/subdrivers/pdo_sqlite_driver.php +++ b/system/database/drivers/pdo/subdrivers/pdo_sqlite_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -48,7 +48,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_pdo_sqlite_driver extends CI_DB_pdo_driver { @@ -66,7 +66,7 @@ class CI_DB_pdo_sqlite_driver extends CI_DB_pdo_driver { * * @var array */ - protected $_random_keyword = ' RANDOM()'; + protected $_random_keyword = array('RANDOM()', 'RANDOM()'); // -------------------------------------------------------------------- diff --git a/system/database/drivers/pdo/subdrivers/pdo_sqlite_forge.php b/system/database/drivers/pdo/subdrivers/pdo_sqlite_forge.php index 15afbdef5..18c475b17 100644 --- a/system/database/drivers/pdo/subdrivers/pdo_sqlite_forge.php +++ b/system/database/drivers/pdo/subdrivers/pdo_sqlite_forge.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -42,7 +42,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_pdo_sqlite_forge extends CI_DB_pdo_forge { @@ -101,7 +101,7 @@ class CI_DB_pdo_sqlite_forge extends CI_DB_pdo_forge { * @param string $db_name (ignored) * @return bool */ - public function create_database($db_name = '') + public function create_database($db_name) { // In SQLite, a database is created when you connect to the database. // We'll return TRUE so that an error isn't generated @@ -116,7 +116,7 @@ class CI_DB_pdo_sqlite_forge extends CI_DB_pdo_forge { * @param string $db_name (ignored) * @return bool */ - public function drop_database($db_name = '') + public function drop_database($db_name) { // In SQLite, a database is dropped when we delete a file if (file_exists($this->db->database)) diff --git a/system/database/drivers/pdo/subdrivers/pdo_sqlsrv_driver.php b/system/database/drivers/pdo/subdrivers/pdo_sqlsrv_driver.php index f8ae5f6db..1cf6c614d 100644 --- a/system/database/drivers/pdo/subdrivers/pdo_sqlsrv_driver.php +++ b/system/database/drivers/pdo/subdrivers/pdo_sqlsrv_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -48,7 +48,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_pdo_sqlsrv_driver extends CI_DB_pdo_driver { diff --git a/system/database/drivers/pdo/subdrivers/pdo_sqlsrv_forge.php b/system/database/drivers/pdo/subdrivers/pdo_sqlsrv_forge.php index 602a1d426..82a0d515d 100644 --- a/system/database/drivers/pdo/subdrivers/pdo_sqlsrv_forge.php +++ b/system/database/drivers/pdo/subdrivers/pdo_sqlsrv_forge.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -42,7 +42,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_pdo_sqlsrv_forge extends CI_DB_pdo_forge { @@ -111,6 +111,11 @@ class CI_DB_pdo_sqlsrv_forge extends CI_DB_pdo_forge { */ protected function _attr_type(&$attributes) { + if (isset($attributes['CONSTRAINT']) && strpos($attributes['TYPE'], 'INT') !== FALSE) + { + unset($attributes['CONSTRAINT']); + } + switch (strtoupper($attributes['TYPE'])) { case 'MEDIUMINT': diff --git a/system/database/drivers/postgre/postgre_driver.php b/system/database/drivers/postgre/postgre_driver.php index 7be07c3bf..75b1d4c37 100644 --- a/system/database/drivers/postgre/postgre_driver.php +++ b/system/database/drivers/postgre/postgre_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.3.0 * @filesource */ @@ -48,7 +48,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_postgre_driver extends CI_DB { @@ -163,6 +163,13 @@ class CI_DB_postgre_driver extends CI_DB { return FALSE; } + if (pg_set_client_encoding($this->conn_id, $this->char_set) !== 0) + { + log_message('error', "Database: Unable to set the configured connection charset ('{$this->char_set}')."); + pg_close($this->conn_id); + return ($this->db->db_debug) ? $this->display_error('db_unable_to_set_charset', $this->char_set) : FALSE; + } + empty($this->schema) OR $this->simple_query('SET search_path TO '.$this->schema.',public'); } @@ -190,19 +197,6 @@ class CI_DB_postgre_driver extends CI_DB { // -------------------------------------------------------------------- /** - * Set client character set - * - * @param string $charset - * @return bool - */ - protected function _db_set_charset($charset) - { - return (pg_set_client_encoding($this->conn_id, $charset) === 0); - } - - // -------------------------------------------------------------------- - - /** * Database version number * * @return string @@ -247,22 +241,10 @@ class CI_DB_postgre_driver extends CI_DB { /** * Begin Transaction * - * @param bool $test_mode * @return bool */ - public function trans_begin($test_mode = FALSE) + protected function _trans_begin() { - // When transactions are nested we only begin/commit/rollback the outermost ones - if ( ! $this->trans_enabled OR $this->_trans_depth > 0) - { - return TRUE; - } - - // Reset the transaction failure flag. - // If the $test_mode flag is set to TRUE transactions will be rolled back - // even if the queries produce a successful result. - $this->_trans_failure = ($test_mode === TRUE); - return (bool) pg_query($this->conn_id, 'BEGIN'); } @@ -273,14 +255,8 @@ class CI_DB_postgre_driver extends CI_DB { * * @return bool */ - public function trans_commit() + protected function _trans_commit() { - // When transactions are nested we only begin/commit/rollback the outermost ones - if ( ! $this->trans_enabled OR $this->_trans_depth > 0) - { - return TRUE; - } - return (bool) pg_query($this->conn_id, 'COMMIT'); } @@ -291,14 +267,8 @@ class CI_DB_postgre_driver extends CI_DB { * * @return bool */ - public function trans_rollback() + protected function _trans_rollback() { - // When transactions are nested we only begin/commit/rollback the outermost ones - if ( ! $this->trans_enabled OR $this->_trans_depth > 0) - { - return TRUE; - } - return (bool) pg_query($this->conn_id, 'ROLLBACK'); } @@ -312,13 +282,18 @@ class CI_DB_postgre_driver extends CI_DB { */ public function is_write_type($sql) { - return (bool) preg_match('/^\s*"?(SET|INSERT(?![^\)]+\)\s+RETURNING)|UPDATE(?!.*\sRETURNING)|DELETE|CREATE|DROP|TRUNCATE|LOAD|COPY|ALTER|RENAME|GRANT|REVOKE|LOCK|UNLOCK|REINDEX)\s/i', str_replace(array("\r\n", "\r", "\n"), ' ', $sql)); + if (preg_match('#^(INSERT|UPDATE).*RETURNING\s.+(\,\s?.+)*$#is', $sql)) + { + return FALSE; + } + + return parent::is_write_type($sql); } // -------------------------------------------------------------------- /** - * Platform-dependant string escape + * Platform-dependent string escape * * @param string * @return string @@ -340,7 +315,7 @@ class CI_DB_postgre_driver extends CI_DB { */ public function escape($str) { - if (is_php('5.4.4') && (is_string($str) OR (is_object($str) && method_exists($str, '__toString')))) + if (is_string($str) OR (is_object($str) && method_exists($str, '__toString'))) { return pg_escape_literal($this->conn_id, $str); } @@ -490,7 +465,7 @@ class CI_DB_postgre_driver extends CI_DB { * Error * * Returns an array containing code and message of the last - * database error that has occured. + * database error that has occurred. * * @return array */ @@ -569,13 +544,13 @@ class CI_DB_postgre_driver extends CI_DB { $ids = array(); foreach ($values as $key => $val) { - $ids[] = $val[$index]; + $ids[] = $val[$index]['value']; foreach (array_keys($val) as $field) { if ($field !== $index) { - $final[$field][] = 'WHEN '.$val[$index].' THEN '.$val[$field]; + $final[$val[$field]['field']][] = 'WHEN '.$val[$index]['value'].' THEN '.$val[$field]['value']; } } } @@ -583,12 +558,12 @@ class CI_DB_postgre_driver extends CI_DB { $cases = ''; foreach ($final as $k => $v) { - $cases .= $k.' = (CASE '.$index."\n" + $cases .= $k.' = (CASE '.$val[$index]['field']."\n" .implode("\n", $v)."\n" .'ELSE '.$k.' END), '; } - $this->where($index.' IN('.implode(',', $ids).')', NULL, FALSE); + $this->where($val[$index]['field'].' IN('.implode(',', $ids).')', NULL, FALSE); return 'UPDATE '.$table.' SET '.substr($cases, 0, -2).$this->_compile_wh('qb_where'); } diff --git a/system/database/drivers/postgre/postgre_forge.php b/system/database/drivers/postgre/postgre_forge.php index d26e84cbc..cdbff4c4b 100644 --- a/system/database/drivers/postgre/postgre_forge.php +++ b/system/database/drivers/postgre/postgre_forge.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.3.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_postgre_forge extends CI_DB_forge { @@ -163,7 +163,7 @@ class CI_DB_postgre_forge extends CI_DB_forge { */ protected function _attr_type(&$attributes) { - // Reset field lenghts for data types that don't support it + // Reset field lengths for data types that don't support it if (isset($attributes['CONSTRAINT']) && stripos($attributes['TYPE'], 'int') !== FALSE) { $attributes['CONSTRAINT'] = NULL; diff --git a/system/database/drivers/postgre/postgre_result.php b/system/database/drivers/postgre/postgre_result.php index a8ad24edf..57864a7f3 100644 --- a/system/database/drivers/postgre/postgre_result.php +++ b/system/database/drivers/postgre/postgre_result.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.3.0 * @filesource */ @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_postgre_result extends CI_DB_result { diff --git a/system/database/drivers/postgre/postgre_utility.php b/system/database/drivers/postgre/postgre_utility.php index 7c6c02590..5ca358da5 100644 --- a/system/database/drivers/postgre/postgre_utility.php +++ b/system/database/drivers/postgre/postgre_utility.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.3.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_postgre_utility extends CI_DB_utility { diff --git a/system/database/drivers/sqlite/index.html b/system/database/drivers/sqlite/index.html deleted file mode 100644 index b702fbc39..000000000 --- a/system/database/drivers/sqlite/index.html +++ /dev/null @@ -1,11 +0,0 @@ -<!DOCTYPE html> -<html> -<head> - <title>403 Forbidden</title> -</head> -<body> - -<p>Directory access is forbidden.</p> - -</body> -</html> diff --git a/system/database/drivers/sqlite/sqlite_driver.php b/system/database/drivers/sqlite/sqlite_driver.php deleted file mode 100644 index 9d9caa0b4..000000000 --- a/system/database/drivers/sqlite/sqlite_driver.php +++ /dev/null @@ -1,357 +0,0 @@ -<?php -/** - * CodeIgniter - * - * An open source application development framework for PHP - * - * This content is released under the MIT License (MIT) - * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology - * - * Permission is hereby granted, free of charge, to any person obtaining a copy - * of this software and associated documentation files (the "Software"), to deal - * in the Software without restriction, including without limitation the rights - * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell - * copies of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included in - * all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, - * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN - * THE SOFTWARE. - * - * @package CodeIgniter - * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) - * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com - * @since Version 1.3.0 - * @filesource - */ -defined('BASEPATH') OR exit('No direct script access allowed'); - -/** - * SQLite Database Adapter Class - * - * Note: _DB is an extender class that the app controller - * creates dynamically based on whether the query builder - * class is being used or not. - * - * @package CodeIgniter - * @subpackage Drivers - * @category Database - * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ - */ -class CI_DB_sqlite_driver extends CI_DB { - - /** - * Database driver - * - * @var string - */ - public $dbdriver = 'sqlite'; - - // -------------------------------------------------------------------- - - /** - * ORDER BY random keyword - * - * @var array - */ - protected $_random_keyword = array('RANDOM()', 'RANDOM()'); - - // -------------------------------------------------------------------- - - /** - * Non-persistent database connection - * - * @param bool $persistent - * @return resource - */ - public function db_connect($persistent = FALSE) - { - $error = NULL; - $conn_id = ($persistent === TRUE) - ? sqlite_popen($this->database, 0666, $error) - : sqlite_open($this->database, 0666, $error); - - isset($error) && log_message('error', $error); - - return $conn_id; - } - - // -------------------------------------------------------------------- - - /** - * Database version number - * - * @return string - */ - public function version() - { - return isset($this->data_cache['version']) - ? $this->data_cache['version'] - : $this->data_cache['version'] = sqlite_libversion(); - } - - // -------------------------------------------------------------------- - - /** - * Execute the query - * - * @param string $sql an SQL query - * @return resource - */ - protected function _execute($sql) - { - return $this->is_write_type($sql) - ? sqlite_exec($this->conn_id, $sql) - : sqlite_query($this->conn_id, $sql); - } - - // -------------------------------------------------------------------- - - /** - * Begin Transaction - * - * @param bool $test_mode - * @return bool - */ - public function trans_begin($test_mode = FALSE) - { - // When transactions are nested we only begin/commit/rollback the outermost ones - if ( ! $this->trans_enabled OR $this->_trans_depth > 0) - { - return TRUE; - } - - // Reset the transaction failure flag. - // If the $test_mode flag is set to TRUE transactions will be rolled back - // even if the queries produce a successful result. - $this->_trans_failure = ($test_mode === TRUE); - - $this->simple_query('BEGIN TRANSACTION'); - return TRUE; - } - - // -------------------------------------------------------------------- - - /** - * Commit Transaction - * - * @return bool - */ - public function trans_commit() - { - // When transactions are nested we only begin/commit/rollback the outermost ones - if ( ! $this->trans_enabled OR $this->_trans_depth > 0) - { - return TRUE; - } - - $this->simple_query('COMMIT'); - return TRUE; - } - - // -------------------------------------------------------------------- - - /** - * Rollback Transaction - * - * @return bool - */ - public function trans_rollback() - { - // When transactions are nested we only begin/commit/rollback the outermost ones - if ( ! $this->trans_enabled OR $this->_trans_depth > 0) - { - return TRUE; - } - - $this->simple_query('ROLLBACK'); - return TRUE; - } - - // -------------------------------------------------------------------- - - /** - * Platform-dependant string escape - * - * @param string - * @return string - */ - protected function _escape_str($str) - { - return sqlite_escape_string($str); - } - - // -------------------------------------------------------------------- - - /** - * Affected Rows - * - * @return int - */ - public function affected_rows() - { - return sqlite_changes($this->conn_id); - } - - // -------------------------------------------------------------------- - - /** - * Insert ID - * - * @return int - */ - public function insert_id() - { - return sqlite_last_insert_rowid($this->conn_id); - } - - // -------------------------------------------------------------------- - - /** - * List table query - * - * Generates a platform-specific query string so that the table names can be fetched - * - * @param bool $prefix_limit - * @return string - */ - protected function _list_tables($prefix_limit = FALSE) - { - $sql = "SELECT name FROM sqlite_master WHERE type='table'"; - - if ($prefix_limit !== FALSE && $this->dbprefix != '') - { - return $sql." AND 'name' LIKE '".$this->escape_like_str($this->dbprefix)."%' ".sprintf($this->_like_escape_str, $this->_like_escape_chr); - } - - return $sql; - } - - // -------------------------------------------------------------------- - - /** - * Show column query - * - * Generates a platform-specific query string so that the column names can be fetched - * - * @param string $table - * @return bool - */ - protected function _list_columns($table = '') - { - // Not supported - return FALSE; - } - - // -------------------------------------------------------------------- - - /** - * Returns an object with field data - * - * @param string $table - * @return array - */ - public function field_data($table) - { - if (($query = $this->query('PRAGMA TABLE_INFO('.$this->protect_identifiers($table, TRUE, NULL, FALSE).')')) === FALSE) - { - return FALSE; - } - - $query = $query->result_array(); - if (empty($query)) - { - return FALSE; - } - - $retval = array(); - for ($i = 0, $c = count($query); $i < $c; $i++) - { - $retval[$i] = new stdClass(); - $retval[$i]->name = $query[$i]['name']; - $retval[$i]->type = $query[$i]['type']; - $retval[$i]->max_length = NULL; - $retval[$i]->default = $query[$i]['dflt_value']; - $retval[$i]->primary_key = isset($query[$i]['pk']) ? (int) $query[$i]['pk'] : 0; - } - - return $retval; - } - - // -------------------------------------------------------------------- - - /** - * Error - * - * Returns an array containing code and message of the last - * database error that has occured. - * - * @return array - */ - public function error() - { - $error = array('code' => sqlite_last_error($this->conn_id)); - $error['message'] = sqlite_error_string($error['code']); - return $error; - } - - // -------------------------------------------------------------------- - - /** - * Replace statement - * - * Generates a platform-specific replace string from the supplied data - * - * @param string $table Table name - * @param array $keys INSERT keys - * @param array $values INSERT values - * @return string - */ - protected function _replace($table, $keys, $values) - { - return 'INSERT OR '.parent::_replace($table, $keys, $values); - } - - // -------------------------------------------------------------------- - - /** - * Truncate statement - * - * Generates a platform-specific truncate string from the supplied data - * - * If the database does not support the TRUNCATE statement, - * then this function maps to 'DELETE FROM table' - * - * @param string $table - * @return string - */ - protected function _truncate($table) - { - return 'DELETE FROM '.$table; - } - - // -------------------------------------------------------------------- - - /** - * Close DB Connection - * - * @return void - */ - protected function _close() - { - sqlite_close($this->conn_id); - } - -} diff --git a/system/database/drivers/sqlite/sqlite_forge.php b/system/database/drivers/sqlite/sqlite_forge.php deleted file mode 100644 index 2bba330c0..000000000 --- a/system/database/drivers/sqlite/sqlite_forge.php +++ /dev/null @@ -1,205 +0,0 @@ -<?php -/** - * CodeIgniter - * - * An open source application development framework for PHP - * - * This content is released under the MIT License (MIT) - * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology - * - * Permission is hereby granted, free of charge, to any person obtaining a copy - * of this software and associated documentation files (the "Software"), to deal - * in the Software without restriction, including without limitation the rights - * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell - * copies of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included in - * all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, - * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN - * THE SOFTWARE. - * - * @package CodeIgniter - * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) - * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com - * @since Version 1.3.0 - * @filesource - */ -defined('BASEPATH') OR exit('No direct script access allowed'); - -/** - * SQLite Forge Class - * - * @category Database - * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ - */ -class CI_DB_sqlite_forge extends CI_DB_forge { - - /** - * CREATE TABLE IF statement - * - * @var string - */ - protected $_create_table_if = FALSE; - - /** - * UNSIGNED support - * - * @var bool|array - */ - protected $_unsigned = FALSE; - - /** - * NULL value representation in CREATE/ALTER TABLE statements - * - * @var string - */ - protected $_null = 'NULL'; - - // -------------------------------------------------------------------- - - /** - * Create database - * - * @param string $db_name (ignored) - * @return bool - */ - public function create_database($db_name = '') - { - // In SQLite, a database is created when you connect to the database. - // We'll return TRUE so that an error isn't generated - return TRUE; - } - - // -------------------------------------------------------------------- - - /** - * Drop database - * - * @param string $db_name (ignored) - * @return bool - */ - public function drop_database($db_name = '') - { - if ( ! file_exists($this->db->database) OR ! @unlink($this->db->database)) - { - return ($this->db->db_debug) ? $this->db->display_error('db_unable_to_drop') : FALSE; - } - elseif ( ! empty($this->db->data_cache['db_names'])) - { - $key = array_search(strtolower($this->db->database), array_map('strtolower', $this->db->data_cache['db_names']), TRUE); - if ($key !== FALSE) - { - unset($this->db->data_cache['db_names'][$key]); - } - } - - return TRUE; - } - - // -------------------------------------------------------------------- - - /** - * ALTER TABLE - * - * @todo implement drop_column(), modify_column() - * @param string $alter_type ALTER type - * @param string $table Table name - * @param mixed $field Column definition - * @return string|string[] - */ - protected function _alter_table($alter_type, $table, $field) - { - if ($alter_type === 'DROP' OR $alter_type === 'CHANGE') - { - // drop_column(): - // BEGIN TRANSACTION; - // CREATE TEMPORARY TABLE t1_backup(a,b); - // INSERT INTO t1_backup SELECT a,b FROM t1; - // DROP TABLE t1; - // CREATE TABLE t1(a,b); - // INSERT INTO t1 SELECT a,b FROM t1_backup; - // DROP TABLE t1_backup; - // COMMIT; - - return FALSE; - } - - return parent::_alter_table($alter_type, $table, $field); - } - - // -------------------------------------------------------------------- - - /** - * Process column - * - * @param array $field - * @return string - */ - protected function _process_column($field) - { - return $this->db->escape_identifiers($field['name']) - .' '.$field['type'] - .$field['auto_increment'] - .$field['null'] - .$field['unique'] - .$field['default']; - } - - // -------------------------------------------------------------------- - - /** - * Field attribute TYPE - * - * Performs a data type mapping between different databases. - * - * @param array &$attributes - * @return void - */ - protected function _attr_type(&$attributes) - { - switch (strtoupper($attributes['TYPE'])) - { - case 'ENUM': - case 'SET': - $attributes['TYPE'] = 'TEXT'; - return; - default: return; - } - } - - // -------------------------------------------------------------------- - - /** - * Field attribute AUTO_INCREMENT - * - * @param array &$attributes - * @param array &$field - * @return void - */ - protected function _attr_auto_increment(&$attributes, &$field) - { - if ( ! empty($attributes['AUTO_INCREMENT']) && $attributes['AUTO_INCREMENT'] === TRUE && stripos($field['type'], 'int') !== FALSE) - { - $field['type'] = 'INTEGER PRIMARY KEY'; - $field['default'] = ''; - $field['null'] = ''; - $field['unique'] = ''; - $field['auto_increment'] = ' AUTOINCREMENT'; - - $this->primary_keys = array(); - } - } - -} diff --git a/system/database/drivers/sqlite/sqlite_result.php b/system/database/drivers/sqlite/sqlite_result.php deleted file mode 100644 index 487d00366..000000000 --- a/system/database/drivers/sqlite/sqlite_result.php +++ /dev/null @@ -1,164 +0,0 @@ -<?php -/** - * CodeIgniter - * - * An open source application development framework for PHP - * - * This content is released under the MIT License (MIT) - * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology - * - * Permission is hereby granted, free of charge, to any person obtaining a copy - * of this software and associated documentation files (the "Software"), to deal - * in the Software without restriction, including without limitation the rights - * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell - * copies of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included in - * all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, - * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN - * THE SOFTWARE. - * - * @package CodeIgniter - * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) - * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com - * @since Version 1.3.0 - * @filesource - */ -defined('BASEPATH') OR exit('No direct script access allowed'); - -/** - * SQLite Result Class - * - * This class extends the parent result class: CI_DB_result - * - * @category Database - * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ - */ -class CI_DB_sqlite_result extends CI_DB_result { - - /** - * Number of rows in the result set - * - * @return int - */ - public function num_rows() - { - return is_int($this->num_rows) - ? $this->num_rows - : $this->num_rows = @sqlite_num_rows($this->result_id); - } - - // -------------------------------------------------------------------- - - /** - * Number of fields in the result set - * - * @return int - */ - public function num_fields() - { - return @sqlite_num_fields($this->result_id); - } - - // -------------------------------------------------------------------- - - /** - * Fetch Field Names - * - * Generates an array of column names - * - * @return array - */ - public function list_fields() - { - $field_names = array(); - for ($i = 0, $c = $this->num_fields(); $i < $c; $i++) - { - $field_names[$i] = sqlite_field_name($this->result_id, $i); - } - - return $field_names; - } - - // -------------------------------------------------------------------- - - /** - * Field data - * - * Generates an array of objects containing field meta-data - * - * @return array - */ - public function field_data() - { - $retval = array(); - for ($i = 0, $c = $this->num_fields(); $i < $c; $i++) - { - $retval[$i] = new stdClass(); - $retval[$i]->name = sqlite_field_name($this->result_id, $i); - $retval[$i]->type = NULL; - $retval[$i]->max_length = NULL; - } - - return $retval; - } - - // -------------------------------------------------------------------- - - /** - * Data Seek - * - * Moves the internal pointer to the desired offset. We call - * this internally before fetching results to make sure the - * result set starts at zero. - * - * @param int $n - * @return bool - */ - public function data_seek($n = 0) - { - return sqlite_seek($this->result_id, $n); - } - - // -------------------------------------------------------------------- - - /** - * Result - associative array - * - * Returns the result set as an array - * - * @return array - */ - protected function _fetch_assoc() - { - return sqlite_fetch_array($this->result_id); - } - - // -------------------------------------------------------------------- - - /** - * Result - object - * - * Returns the result set as an object - * - * @param string $class_name - * @return object - */ - protected function _fetch_object($class_name = 'stdClass') - { - return sqlite_fetch_object($this->result_id, $class_name); - } - -} diff --git a/system/database/drivers/sqlite/sqlite_utility.php b/system/database/drivers/sqlite/sqlite_utility.php deleted file mode 100644 index 9cb454274..000000000 --- a/system/database/drivers/sqlite/sqlite_utility.php +++ /dev/null @@ -1,61 +0,0 @@ -<?php -/** - * CodeIgniter - * - * An open source application development framework for PHP - * - * This content is released under the MIT License (MIT) - * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology - * - * Permission is hereby granted, free of charge, to any person obtaining a copy - * of this software and associated documentation files (the "Software"), to deal - * in the Software without restriction, including without limitation the rights - * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell - * copies of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included in - * all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, - * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN - * THE SOFTWARE. - * - * @package CodeIgniter - * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) - * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com - * @since Version 1.3.0 - * @filesource - */ -defined('BASEPATH') OR exit('No direct script access allowed'); - -/** - * SQLite Utility Class - * - * @category Database - * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ - */ -class CI_DB_sqlite_utility extends CI_DB_utility { - - /** - * Export - * - * @param array $params Preferences - * @return mixed - */ - protected function _backup($params = array()) - { - // Currently unsupported - return $this->db->display_error('db_unsupported_feature'); - } - -} diff --git a/system/database/drivers/sqlite3/sqlite3_driver.php b/system/database/drivers/sqlite3/sqlite3_driver.php index 31e37de91..d131baad7 100644 --- a/system/database/drivers/sqlite3/sqlite3_driver.php +++ b/system/database/drivers/sqlite3/sqlite3_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -48,7 +48,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author Andrey Andreev - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_sqlite3_driver extends CI_DB { @@ -134,22 +134,10 @@ class CI_DB_sqlite3_driver extends CI_DB { /** * Begin Transaction * - * @param bool $test_mode * @return bool */ - public function trans_begin($test_mode = FALSE) + protected function _trans_begin() { - // When transactions are nested we only begin/commit/rollback the outermost ones - if ( ! $this->trans_enabled OR $this->_trans_depth > 0) - { - return TRUE; - } - - // Reset the transaction failure flag. - // If the $test_mode flag is set to TRUE transactions will be rolled back - // even if the queries produce a successful result. - $this->_trans_failure = ($test_mode === TRUE); - return $this->conn_id->exec('BEGIN TRANSACTION'); } @@ -160,14 +148,8 @@ class CI_DB_sqlite3_driver extends CI_DB { * * @return bool */ - public function trans_commit() + protected function _trans_commit() { - // When transactions are nested we only begin/commit/rollback the outermost ones - if ( ! $this->trans_enabled OR $this->_trans_depth > 0) - { - return TRUE; - } - return $this->conn_id->exec('END TRANSACTION'); } @@ -178,21 +160,15 @@ class CI_DB_sqlite3_driver extends CI_DB { * * @return bool */ - public function trans_rollback() + protected function _trans_rollback() { - // When transactions are nested we only begin/commit/rollback the outermost ones - if ( ! $this->trans_enabled OR $this->_trans_depth > 0) - { - return TRUE; - } - return $this->conn_id->exec('ROLLBACK'); } // -------------------------------------------------------------------- /** - * Platform-dependant string escape + * Platform-dependent string escape * * @param string * @return string @@ -315,7 +291,7 @@ class CI_DB_sqlite3_driver extends CI_DB { * Error * * Returns an array containing code and message of the last - * database error that has occured. + * database error that has occurred. * * @return array */ diff --git a/system/database/drivers/sqlite3/sqlite3_forge.php b/system/database/drivers/sqlite3/sqlite3_forge.php index 24690ba20..5ee6daae3 100644 --- a/system/database/drivers/sqlite3/sqlite3_forge.php +++ b/system/database/drivers/sqlite3/sqlite3_forge.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -42,7 +42,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * * @category Database * @author Andrey Andreev - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_sqlite3_forge extends CI_DB_forge { @@ -87,7 +87,7 @@ class CI_DB_sqlite3_forge extends CI_DB_forge { * @param string $db_name * @return bool */ - public function create_database($db_name = '') + public function create_database($db_name) { // In SQLite, a database is created when you connect to the database. // We'll return TRUE so that an error isn't generated @@ -102,7 +102,7 @@ class CI_DB_sqlite3_forge extends CI_DB_forge { * @param string $db_name (ignored) * @return bool */ - public function drop_database($db_name = '') + public function drop_database($db_name) { // In SQLite, a database is dropped when we delete a file if (file_exists($this->db->database)) diff --git a/system/database/drivers/sqlite3/sqlite3_result.php b/system/database/drivers/sqlite3/sqlite3_result.php index 387481b7f..03751f0dc 100644 --- a/system/database/drivers/sqlite3/sqlite3_result.php +++ b/system/database/drivers/sqlite3/sqlite3_result.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * * @category Database * @author Andrey Andreev - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_sqlite3_result extends CI_DB_result { diff --git a/system/database/drivers/sqlite3/sqlite3_utility.php b/system/database/drivers/sqlite3/sqlite3_utility.php index 336f68754..20d562f96 100644 --- a/system/database/drivers/sqlite3/sqlite3_utility.php +++ b/system/database/drivers/sqlite3/sqlite3_utility.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -42,7 +42,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * * @category Database * @author Andrey Andreev - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_sqlite3_utility extends CI_DB_utility { diff --git a/system/database/drivers/sqlsrv/sqlsrv_driver.php b/system/database/drivers/sqlsrv/sqlsrv_driver.php index 16f77fab2..e4f403180 100644 --- a/system/database/drivers/sqlsrv/sqlsrv_driver.php +++ b/system/database/drivers/sqlsrv/sqlsrv_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 2.0.3 * @filesource */ @@ -48,7 +48,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Drivers * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_sqlsrv_driver extends CI_DB { @@ -141,13 +141,14 @@ class CI_DB_sqlsrv_driver extends CI_DB { unset($connection['UID'], $connection['PWD']); } - $this->conn_id = sqlsrv_connect($this->hostname, $connection); - - // Determine how identifiers are escaped - $query = $this->query('SELECT CASE WHEN (@@OPTIONS | 256) = @@OPTIONS THEN 1 ELSE 0 END AS qi'); - $query = $query->row_array(); - $this->_quoted_identifier = empty($query) ? FALSE : (bool) $query['qi']; - $this->_escape_char = ($this->_quoted_identifier) ? '"' : array('[', ']'); + if (FALSE !== ($this->conn_id = sqlsrv_connect($this->hostname, $connection))) + { + // Determine how identifiers are escaped + $query = $this->query('SELECT CASE WHEN (@@OPTIONS | 256) = @@OPTIONS THEN 1 ELSE 0 END AS qi'); + $query = $query->row_array(); + $this->_quoted_identifier = empty($query) ? FALSE : (bool) $query['qi']; + $this->_escape_char = ($this->_quoted_identifier) ? '"' : array('[', ']'); + } return $this->conn_id; } @@ -170,6 +171,7 @@ class CI_DB_sqlsrv_driver extends CI_DB { if ($this->_execute('USE '.$this->escape_identifiers($database))) { $this->database = $database; + $this->data_cache = array(); return TRUE; } @@ -196,22 +198,10 @@ class CI_DB_sqlsrv_driver extends CI_DB { /** * Begin Transaction * - * @param bool $test_mode * @return bool */ - public function trans_begin($test_mode = FALSE) + protected function _trans_begin() { - // When transactions are nested we only begin/commit/rollback the outermost ones - if ( ! $this->trans_enabled OR $this->_trans_depth > 0) - { - return TRUE; - } - - // Reset the transaction failure flag. - // If the $test_mode flag is set to TRUE transactions will be rolled back - // even if the queries produce a successful result. - $this->_trans_failure = ($test_mode === TRUE); - return sqlsrv_begin_transaction($this->conn_id); } @@ -222,14 +212,8 @@ class CI_DB_sqlsrv_driver extends CI_DB { * * @return bool */ - public function trans_commit() + protected function _trans_commit() { - // When transactions are nested we only begin/commit/rollback the outermost ones - if ( ! $this->trans_enabled OR $this->_trans_depth > 0) - { - return TRUE; - } - return sqlsrv_commit($this->conn_id); } @@ -240,14 +224,8 @@ class CI_DB_sqlsrv_driver extends CI_DB { * * @return bool */ - public function trans_rollback() + protected function _trans_rollback() { - // When transactions are nested we only begin/commit/rollback the outermost ones - if ( ! $this->trans_enabled OR $this->_trans_depth > 0) - { - return TRUE; - } - return sqlsrv_rollback($this->conn_id); } @@ -274,9 +252,7 @@ class CI_DB_sqlsrv_driver extends CI_DB { */ public function insert_id() { - $query = $this->query('SELECT @@IDENTITY AS insert_id'); - $query = $query->row(); - return $query->insert_id; + return $this->query('SELECT SCOPE_IDENTITY() AS insert_id')->row()->insert_id; } // -------------------------------------------------------------------- @@ -382,7 +358,7 @@ class CI_DB_sqlsrv_driver extends CI_DB { * Error * * Returns an array containing code and message of the last - * database error that has occured. + * database error that has occurred. * * @return array */ diff --git a/system/database/drivers/sqlsrv/sqlsrv_forge.php b/system/database/drivers/sqlsrv/sqlsrv_forge.php index b22b60a4a..aa8490ee4 100644 --- a/system/database/drivers/sqlsrv/sqlsrv_forge.php +++ b/system/database/drivers/sqlsrv/sqlsrv_forge.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 2.0.3 * @filesource */ @@ -42,7 +42,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_sqlsrv_forge extends CI_DB_forge { @@ -111,6 +111,11 @@ class CI_DB_sqlsrv_forge extends CI_DB_forge { */ protected function _attr_type(&$attributes) { + if (isset($attributes['CONSTRAINT']) && strpos($attributes['TYPE'], 'INT') !== FALSE) + { + unset($attributes['CONSTRAINT']); + } + switch (strtoupper($attributes['TYPE'])) { case 'MEDIUMINT': diff --git a/system/database/drivers/sqlsrv/sqlsrv_result.php b/system/database/drivers/sqlsrv/sqlsrv_result.php index d2be926aa..f784ebea8 100644 --- a/system/database/drivers/sqlsrv/sqlsrv_result.php +++ b/system/database/drivers/sqlsrv/sqlsrv_result.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 2.0.3 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_sqlsrv_result extends CI_DB_result { diff --git a/system/database/drivers/sqlsrv/sqlsrv_utility.php b/system/database/drivers/sqlsrv/sqlsrv_utility.php index 77cf0aaf3..19c93d0c6 100644 --- a/system/database/drivers/sqlsrv/sqlsrv_utility.php +++ b/system/database/drivers/sqlsrv/sqlsrv_utility.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 2.0.3 * @filesource */ @@ -42,7 +42,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * * @category Database * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @link https://codeigniter.com/user_guide/database/ */ class CI_DB_sqlsrv_utility extends CI_DB_utility { diff --git a/system/helpers/array_helper.php b/system/helpers/array_helper.php index 2ce55b9c4..74c7c15a8 100644 --- a/system/helpers/array_helper.php +++ b/system/helpers/array_helper.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Helpers * @category Helpers * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/helpers/array_helper.html + * @link https://codeigniter.com/user_guide/helpers/array_helper.html */ // ------------------------------------------------------------------------ diff --git a/system/helpers/captcha_helper.php b/system/helpers/captcha_helper.php index 201987ac8..f98d8a4cd 100644 --- a/system/helpers/captcha_helper.php +++ b/system/helpers/captcha_helper.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Helpers * @category Helpers * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/helpers/captcha_helper.html + * @link https://codeigniter.com/user_guide/helpers/captcha_helper.html */ // ------------------------------------------------------------------------ @@ -68,6 +68,7 @@ if ( ! function_exists('create_captcha')) 'img_url' => '', 'img_width' => '150', 'img_height' => '30', + 'img_alt' => 'captcha', 'font_path' => '', 'expiration' => 7200, 'word_length' => 8, @@ -110,7 +111,8 @@ if ( ! function_exists('create_captcha')) $current_dir = @opendir($img_path); while ($filename = @readdir($current_dir)) { - if (substr($filename, -4) === '.jpg' && (str_replace('.jpg', '', $filename) + $expiration) < $now) + if (in_array(substr($filename, -4), array('.jpg', '.png')) + && (str_replace(array('.jpg', '.png'), '', $filename) + $expiration) < $now) { @unlink($img_path.$filename); } @@ -125,9 +127,96 @@ if ( ! function_exists('create_captcha')) if (empty($word)) { $word = ''; - for ($i = 0, $mt_rand_max = strlen($pool) - 1; $i < $word_length; $i++) + $pool_length = strlen($pool); + $rand_max = $pool_length - 1; + + // PHP7 or a suitable polyfill + if (function_exists('random_int')) + { + try + { + for ($i = 0; $i < $word_length; $i++) + { + $word .= $pool[random_int(0, $rand_max)]; + } + } + catch (Exception $e) + { + // This means fallback to the next possible + // alternative to random_int() + $word = ''; + } + } + } + + if (empty($word)) + { + // Nobody will have a larger character pool than + // 256 characters, but let's handle it just in case ... + // + // No, I do not care that the fallback to mt_rand() can + // handle it; if you trigger this, you're very obviously + // trying to break it. -- Narf + if ($pool_length > 256) + { + return FALSE; + } + + // We'll try using the operating system's PRNG first, + // which we can access through CI_Security::get_random_bytes() + $security = get_instance()->security; + + // To avoid numerous get_random_bytes() calls, we'll + // just try fetching as much bytes as we need at once. + if (($bytes = $security->get_random_bytes($pool_length)) !== FALSE) + { + $byte_index = $word_index = 0; + while ($word_index < $word_length) + { + // Do we have more random data to use? + // It could be exhausted by previous iterations + // ignoring bytes higher than $rand_max. + if ($byte_index === $pool_length) + { + // No failures should be possible if the + // first get_random_bytes() call didn't + // return FALSE, but still ... + for ($i = 0; $i < 5; $i++) + { + if (($bytes = $security->get_random_bytes($pool_length)) === FALSE) + { + continue; + } + + $byte_index = 0; + break; + } + + if ($bytes === FALSE) + { + // Sadly, this means fallback to mt_rand() + $word = ''; + break; + } + } + + list(, $rand_index) = unpack('C', $bytes[$byte_index++]); + if ($rand_index > $rand_max) + { + continue; + } + + $word .= $pool[$rand_index]; + $word_index++; + } + } + } + + if (empty($word)) + { + for ($i = 0; $i < $word_length; $i++) { - $word .= $pool[mt_rand(0, $mt_rand_max)]; + $word .= $pool[mt_rand(0, $rand_max)]; } } elseif ( ! is_string($word)) @@ -245,7 +334,7 @@ if ( ! function_exists('create_captcha')) return FALSE; } - $img = '<img '.($img_id === '' ? '' : 'id="'.$img_id.'"').' src="'.$img_url.$img_filename.'" style="width: '.$img_width.'; height: '.$img_height .'; border: 0;" alt=" " />'; + $img = '<img '.($img_id === '' ? '' : 'id="'.$img_id.'"').' src="'.$img_url.$img_filename.'" style="width: '.$img_width.'; height: '.$img_height .'; border: 0;" alt="'.$img_alt.'" />'; ImageDestroy($im); return array('word' => $word, 'time' => $now, 'image' => $img, 'filename' => $img_filename); diff --git a/system/helpers/cookie_helper.php b/system/helpers/cookie_helper.php index c2dc73a17..d069cdb15 100644 --- a/system/helpers/cookie_helper.php +++ b/system/helpers/cookie_helper.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Helpers * @category Helpers * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/helpers/cookie_helper.html + * @link https://codeigniter.com/user_guide/helpers/cookie_helper.html */ // ------------------------------------------------------------------------ @@ -59,7 +59,7 @@ if ( ! function_exists('set_cookie')) * * @param mixed * @param string the value of the cookie - * @param string the number of seconds until expiration + * @param int the number of seconds until expiration * @param string the cookie domain. Usually: .yourdomain.com * @param string the cookie path * @param string the cookie prefix @@ -67,7 +67,7 @@ if ( ! function_exists('set_cookie')) * @param bool true makes the cookie accessible via http(s) only (no javascript) * @return void */ - function set_cookie($name, $value = '', $expire = '', $domain = '', $path = '/', $prefix = '', $secure = FALSE, $httponly = FALSE) + function set_cookie($name, $value = '', $expire = 0, $domain = '', $path = '/', $prefix = '', $secure = FALSE, $httponly = FALSE) { // Set the config file options get_instance()->input->set_cookie($name, $value, $expire, $domain, $path, $prefix, $secure, $httponly); @@ -85,9 +85,8 @@ if ( ! function_exists('get_cookie')) * @param bool * @return mixed */ - function get_cookie($index, $xss_clean = NULL) + function get_cookie($index, $xss_clean = FALSE) { - is_bool($xss_clean) OR $xss_clean = (config_item('global_xss_filtering') === TRUE); $prefix = isset($_COOKIE[$index]) ? '' : config_item('cookie_prefix'); return get_instance()->input->cookie($prefix.$index, $xss_clean); } diff --git a/system/helpers/date_helper.php b/system/helpers/date_helper.php index c9b71c30f..799c9f6d2 100644 --- a/system/helpers/date_helper.php +++ b/system/helpers/date_helper.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Helpers * @category Helpers * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/helpers/date_helper.html + * @link https://codeigniter.com/user_guide/helpers/date_helper.html */ // ------------------------------------------------------------------------ @@ -122,46 +122,6 @@ if ( ! function_exists('mdate')) // ------------------------------------------------------------------------ -if ( ! function_exists('standard_date')) -{ - /** - * Standard Date - * - * Returns a date formatted according to the submitted standard. - * - * As of PHP 5.2, the DateTime extension provides constants that - * serve for the exact same purpose and are used with date(). - * - * @todo Remove in version 3.1+. - * @deprecated 3.0.0 Use PHP's native date() instead. - * @link http://www.php.net/manual/en/class.datetime.php#datetime.constants.types - * - * @example date(DATE_RFC822, now()); // default - * @example date(DATE_W3C, $time); // a different format and time - * - * @param string $fmt = 'DATE_RFC822' the chosen format - * @param int $time = NULL Unix timestamp - * @return string - */ - function standard_date($fmt = 'DATE_RFC822', $time = NULL) - { - if (empty($time)) - { - $time = now(); - } - - // Procedural style pre-defined constants from the DateTime extension - if (strpos($fmt, 'DATE_') !== 0 OR defined($fmt) === FALSE) - { - return FALSE; - } - - return date(constant($fmt), $time); - } -} - -// ------------------------------------------------------------------------ - if ( ! function_exists('timespan')) { /** @@ -496,6 +456,7 @@ if ( ! function_exists('nice_date')) * Turns many "reasonably-date-like" strings into something * that is actually useful. This only works for dates after unix epoch. * + * @deprecated 3.1.3 Use DateTime::createFromFormat($input_format, $input)->format($output_format); * @param string The terribly formatted date-like string * @param string Date format to return (same as php date function) * @return string @@ -529,9 +490,9 @@ if ( ! function_exists('nice_date')) } // Date Like: YYYYMMDD - if (preg_match('/^(\d{2})\d{2}(\d{4})$/i', $bad_date, $matches)) + if (preg_match('/^\d{8}$/i', $bad_date, $matches)) { - return date($format, strtotime($matches[1].'/01/'.$matches[2])); + return DateTime::createFromFormat('Ymd', $bad_date)->format($format); } // Date Like: MM-DD-YYYY __or__ M-D-YYYY (or anything in between) @@ -707,87 +668,32 @@ if ( ! function_exists('date_range')) $range = array(); - /* NOTE: Even though the DateTime object has many useful features, it appears that - * it doesn't always handle properly timezones, when timestamps are passed - * directly to its constructor. Neither of the following gave proper results: - * - * new DateTime('<timestamp>') - * new DateTime('<timestamp>', '<timezone>') - * - * --- available in PHP 5.3: - * - * DateTime::createFromFormat('<format>', '<timestamp>') - * DateTime::createFromFormat('<format>', '<timestamp>', '<timezone') - * - * ... so we'll have to set the timestamp after the object is instantiated. - * Furthermore, in PHP 5.3 we can use DateTime::setTimestamp() to do that and - * given that we have UNIX timestamps - we should use it. - */ $from = new DateTime(); + $from->setTimestamp($unix_start); - if (is_php('5.3')) - { - $from->setTimestamp($unix_start); - if ($is_unix) - { - $arg = new DateTime(); - $arg->setTimestamp($mixed); - } - else - { - $arg = (int) $mixed; - } - - $period = new DatePeriod($from, new DateInterval('P1D'), $arg); - foreach ($period as $date) - { - $range[] = $date->format($format); - } - - /* If a period end date was passed to the DatePeriod constructor, it might not - * be in our results. Not sure if this is a bug or it's just possible because - * the end date might actually be less than 24 hours away from the previously - * generated DateTime object, but either way - we have to append it manually. - */ - if ( ! is_int($arg) && $range[count($range) - 1] !== $arg->format($format)) - { - $range[] = $arg->format($format); - } - - return $range; - } - - $from->setDate(date('Y', $unix_start), date('n', $unix_start), date('j', $unix_start)); - $from->setTime(date('G', $unix_start), date('i', $unix_start), date('s', $unix_start)); if ($is_unix) { $arg = new DateTime(); - $arg->setDate(date('Y', $mixed), date('n', $mixed), date('j', $mixed)); - $arg->setTime(date('G', $mixed), date('i', $mixed), date('s', $mixed)); + $arg->setTimestamp($mixed); } else { $arg = (int) $mixed; } - $range[] = $from->format($format); - if (is_int($arg)) // Day intervals + $period = new DatePeriod($from, new DateInterval('P1D'), $arg); + foreach ($period as $date) { - do - { - $from->modify('+1 day'); - $range[] = $from->format($format); - } - while (--$arg > 0); + $range[] = $date->format($format); } - else // end date UNIX timestamp - { - for ($from->modify('+1 day'), $end_check = $arg->format('Ymd'); $from->format('Ymd') < $end_check; $from->modify('+1 day')) - { - $range[] = $from->format($format); - } - // Our loop only appended dates prior to our end date + /* If a period end date was passed to the DatePeriod constructor, it might not + * be in our results. Not sure if this is a bug or it's just possible because + * the end date might actually be less than 24 hours away from the previously + * generated DateTime object, but either way - we have to append it manually. + */ + if ( ! is_int($arg) && $range[count($range) - 1] !== $arg->format($format)) + { $range[] = $arg->format($format); } diff --git a/system/helpers/directory_helper.php b/system/helpers/directory_helper.php index 8f05c5b18..2785241e6 100644 --- a/system/helpers/directory_helper.php +++ b/system/helpers/directory_helper.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Helpers * @category Helpers * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/helpers/directory_helper.html + * @link https://codeigniter.com/user_guide/helpers/directory_helper.html */ // ------------------------------------------------------------------------ diff --git a/system/helpers/download_helper.php b/system/helpers/download_helper.php index 73f6456c4..ea3da1bf4 100644 --- a/system/helpers/download_helper.php +++ b/system/helpers/download_helper.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Helpers * @category Helpers * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/helpers/download_helper.html + * @link https://codeigniter.com/user_guide/helpers/download_helper.html */ // ------------------------------------------------------------------------ @@ -56,7 +56,7 @@ if ( ! function_exists('force_download')) * * Generates headers that force a download to happen * - * @param string filename + * @param mixed filename (or an array of local file path => destination filename) * @param mixed the data to be downloaded * @param bool whether to try and send the actual file MIME type * @return void @@ -69,14 +69,38 @@ if ( ! function_exists('force_download')) } elseif ($data === NULL) { - if ( ! @is_file($filename) OR ($filesize = @filesize($filename)) === FALSE) + // Is $filename an array as ['local source path' => 'destination filename']? + if (is_array($filename)) { - return; + if (count($filename) !== 1) + { + return; + } + + $filepath = key($filename); + $filename = current($filename); + + if (is_int($filepath)) + { + return; + } + + if ( ! @is_file($filepath) OR ($filesize = @filesize($filepath)) === FALSE) + { + return; + } + } + else + { + if ( ! @is_file($filename) OR ($filesize = @filesize($filename)) === FALSE) + { + return; + } + + $filepath = $filename; + $filename = explode('/', str_replace(DIRECTORY_SEPARATOR, '/', $filename)); + $filename = end($filename); } - - $filepath = $filename; - $filename = explode('/', str_replace(DIRECTORY_SEPARATOR, '/', $filename)); - $filename = end($filename); } else { @@ -121,11 +145,6 @@ if ( ! function_exists('force_download')) $filename = implode('.', $x); } - if ($data === NULL && ($fp = @fopen($filepath, 'rb')) === FALSE) - { - return; - } - // Clean output buffer if (ob_get_level() !== 0 && @ob_end_clean() === FALSE) { @@ -146,13 +165,12 @@ if ( ! function_exists('force_download')) exit($data); } - // Flush 1MB chunks of data - while ( ! feof($fp) && ($data = fread($fp, 1048576)) !== FALSE) + // Flush the file + if (@readfile($filepath) === FALSE) { - echo $data; + return; } - fclose($fp); exit; } } diff --git a/system/helpers/email_helper.php b/system/helpers/email_helper.php deleted file mode 100644 index c4d705810..000000000 --- a/system/helpers/email_helper.php +++ /dev/null @@ -1,84 +0,0 @@ -<?php -/** - * CodeIgniter - * - * An open source application development framework for PHP - * - * This content is released under the MIT License (MIT) - * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology - * - * Permission is hereby granted, free of charge, to any person obtaining a copy - * of this software and associated documentation files (the "Software"), to deal - * in the Software without restriction, including without limitation the rights - * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell - * copies of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included in - * all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, - * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN - * THE SOFTWARE. - * - * @package CodeIgniter - * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) - * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com - * @since Version 1.0.0 - * @filesource - */ -defined('BASEPATH') OR exit('No direct script access allowed'); - -/** - * CodeIgniter Email Helpers - * - * @package CodeIgniter - * @subpackage Helpers - * @category Helpers - * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/helpers/email_helper.html - */ - -// ------------------------------------------------------------------------ - -if ( ! function_exists('valid_email')) -{ - /** - * Validate email address - * - * @deprecated 3.0.0 Use PHP's filter_var() instead - * @param string $email - * @return bool - */ - function valid_email($email) - { - return (bool) filter_var($email, FILTER_VALIDATE_EMAIL); - } -} - -// ------------------------------------------------------------------------ - -if ( ! function_exists('send_email')) -{ - /** - * Send an email - * - * @deprecated 3.0.0 Use PHP's mail() instead - * @param string $recipient - * @param string $subject - * @param string $message - * @return bool - */ - function send_email($recipient, $subject, $message) - { - return mail($recipient, $subject, $message); - } -} diff --git a/system/helpers/file_helper.php b/system/helpers/file_helper.php index cd1c641ec..6af632b07 100644 --- a/system/helpers/file_helper.php +++ b/system/helpers/file_helper.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -44,31 +44,11 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Helpers * @category Helpers * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/helpers/file_helper.html + * @link https://codeigniter.com/user_guide/helpers/file_helper.html */ // ------------------------------------------------------------------------ -if ( ! function_exists('read_file')) -{ - /** - * Read File - * - * Opens the file specified in the path and returns it as a string. - * - * @todo Remove in version 3.1+. - * @deprecated 3.0.0 It is now just an alias for PHP's native file_get_contents(). - * @param string $file Path to file - * @return string File contents - */ - function read_file($file) - { - return @file_get_contents($file); - } -} - -// ------------------------------------------------------------------------ - if ( ! function_exists('write_file')) { /** @@ -138,13 +118,15 @@ if ( ! function_exists('delete_files')) { if ($filename !== '.' && $filename !== '..') { - if (is_dir($path.DIRECTORY_SEPARATOR.$filename) && $filename[0] !== '.') + $filepath = $path.DIRECTORY_SEPARATOR.$filename; + + if (is_dir($filepath) && $filename[0] !== '.' && ! is_link($filepath)) { - delete_files($path.DIRECTORY_SEPARATOR.$filename, $del_dir, $htdocs, $_level + 1); + delete_files($filepath, $del_dir, $htdocs, $_level + 1); } elseif ($htdocs !== TRUE OR ! preg_match('/^(\.htaccess|index\.(html|htm|php)|web\.config)$/i', $filename)) { - @unlink($path.DIRECTORY_SEPARATOR.$filename); + @unlink($filepath); } } } @@ -343,7 +325,7 @@ if ( ! function_exists('get_mime_by_extension')) if ( ! is_array($mimes)) { - $mimes =& get_mimes(); + $mimes = get_mimes(); if (empty($mimes)) { diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index fd807769a..4a4a7c89f 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Helpers * @category Helpers * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/helpers/form_helper.html + * @link https://codeigniter.com/user_guide/helpers/form_helper.html */ // ------------------------------------------------------------------------ @@ -90,18 +90,47 @@ if ( ! function_exists('form_open')) $form = '<form action="'.$action.'"'.$attributes.">\n"; - // Add CSRF field if enabled, but leave it out for GET requests and requests to external websites - if ($CI->config->item('csrf_protection') === TRUE && strpos($action, $CI->config->base_url()) !== FALSE && ! stripos($form, 'method="get"')) + if (is_array($hidden)) { - $hidden[$CI->security->get_csrf_token_name()] = $CI->security->get_csrf_hash(); + foreach ($hidden as $name => $value) + { + $form .= '<input type="hidden" name="'.$name.'" value="'.html_escape($value).'" />'."\n"; + } } - if (is_array($hidden)) + // Add CSRF field if enabled, but leave it out for GET requests and requests to external websites + if ($CI->config->item('csrf_protection') === TRUE && strpos($action, $CI->config->base_url()) !== FALSE && ! stripos($form, 'method="get"')) { - foreach ($hidden as $name => $value) + // Prepend/append random-length "white noise" around the CSRF + // token input, as a form of protection against BREACH attacks + if (FALSE !== ($noise = $CI->security->get_random_bytes(1))) { - $form .= '<input type="hidden" name="'.$name.'" value="'.html_escape($value).'" style="display:none;" />'."\n"; + list(, $noise) = unpack('c', $noise); } + else + { + $noise = mt_rand(-128, 127); + } + + // Prepend if $noise has a negative value, append if positive, do nothing for zero + $prepend = $append = ''; + if ($noise < 0) + { + $prepend = str_repeat(" ", abs($noise)); + } + elseif ($noise > 0) + { + $append = str_repeat(" ", $noise); + } + + $form .= sprintf( + '%s<input type="hidden" name="%s" value="%s" />%s%s', + $prepend, + $CI->security->get_csrf_token_name(), + $CI->security->get_csrf_hash(), + $append, + "\n" + ); } return $form; @@ -244,11 +273,10 @@ if ( ! function_exists('form_upload')) * Identical to the input function but adds the "file" type * * @param mixed - * @param string * @param mixed * @return string */ - function form_upload($data = '', $value = '', $extra = '') + function form_upload($data = '', $extra = '') { $defaults = array('type' => 'file', 'name' => ''); is_array($data) OR $data = array('name' => $data); @@ -568,7 +596,7 @@ if ( ! function_exists('form_label')) * * @param string The text to appear onscreen * @param string The id the label applies to - * @param string Additional attributes + * @param array Additional attributes * @return string */ function form_label($label_text = '', $id = '', $attributes = array()) @@ -653,25 +681,6 @@ if ( ! function_exists('form_close')) // ------------------------------------------------------------------------ -if ( ! function_exists('form_prep')) -{ - /** - * Form Prep - * - * Formats text so that it can be safely placed in a form field in the event it has HTML tags. - * - * @deprecated 3.0.0 An alias for html_escape() - * @param string|string[] $str Value to escape - * @return string|string[] Escaped values - */ - function form_prep($str) - { - return html_escape($str, TRUE); - } -} - -// ------------------------------------------------------------------------ - if ( ! function_exists('set_value')) { /** @@ -769,12 +778,11 @@ if ( ! function_exists('set_checkbox')) { return $CI->form_validation->set_checkbox($field, $value, $default); } - elseif (($input = $CI->input->post($field, FALSE)) === NULL) - { - return ($default === TRUE) ? ' checked="checked"' : ''; - } + // Form inputs are always strings ... $value = (string) $value; + $input = $CI->input->post($field, FALSE); + if (is_array($input)) { // Note: in_array('', array(0)) returns TRUE, do not use it @@ -789,7 +797,13 @@ if ( ! function_exists('set_checkbox')) return ''; } - return ($input === $value) ? ' checked="checked"' : ''; + // Unchecked checkbox and radio inputs are not even submitted by browsers ... + if ($CI->input->method() === 'post') + { + return ($input === $value) ? ' checked="checked"' : ''; + } + + return ($default === TRUE) ? ' checked="checked"' : ''; } } @@ -816,12 +830,32 @@ if ( ! function_exists('set_radio')) { return $CI->form_validation->set_radio($field, $value, $default); } - elseif (($input = $CI->input->post($field, FALSE)) === NULL) + + // Form inputs are always strings ... + $value = (string) $value; + $input = $CI->input->post($field, FALSE); + + if (is_array($input)) + { + // Note: in_array('', array(0)) returns TRUE, do not use it + foreach ($input as &$v) + { + if ($value === $v) + { + return ' checked="checked"'; + } + } + + return ''; + } + + // Unchecked checkbox and radio inputs are not even submitted by browsers ... + if ($CI->input->method() === 'post') { - return ($default === TRUE) ? ' checked="checked"' : ''; + return ($input === $value) ? ' checked="checked"' : ''; } - return ($input === (string) $value) ? ' checked="checked"' : ''; + return ($default === TRUE) ? ' checked="checked"' : ''; } } diff --git a/system/helpers/html_helper.php b/system/helpers/html_helper.php index 28fbe00be..b5e8ed783 100644 --- a/system/helpers/html_helper.php +++ b/system/helpers/html_helper.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Helpers * @category Helpers * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/helpers/html_helper.html + * @link https://codeigniter.com/user_guide/helpers/html_helper.html */ // ------------------------------------------------------------------------ @@ -229,7 +229,7 @@ if ( ! function_exists('doctype')) * @param string type The doctype to be generated * @return string */ - function doctype($type = 'xhtml1-strict') + function doctype($type = 'html5') { static $doctypes; @@ -360,51 +360,32 @@ if ( ! function_exists('meta')) $name = array($name); } + $allowed_types = array('charset', 'http-equiv', 'name', 'property'); $str = ''; foreach ($name as $meta) { - $type = (isset($meta['type']) && $meta['type'] !== 'name') ? 'http-equiv' : 'name'; - $name = isset($meta['name']) ? $meta['name'] : ''; - $content = isset($meta['content']) ? $meta['content'] : ''; - $newline = isset($meta['newline']) ? $meta['newline'] : "\n"; + // This is to preserve BC with pre-3.1 versions where only + // 'http-equiv' (default) and 'name' were supported. + if (isset($meta['type'])) + { + if ($meta['type'] === 'equiv') + { + $meta['type'] === 'http-equiv'; + } + elseif ( ! in_array($meta['type'], $allowed_types, TRUE)) + { + $meta['type'] = 'name'; + } + } - $str .= '<meta '.$type.'="'.$name.'" content="'.$content.'" />'.$newline; + $type = isset($meta['type']) ? $meta['type'] : 'name'; + $name = isset($meta['name']) ? $meta['name'] : ''; + $content = isset($meta['content']) ? $meta['content'] : ''; + $newline = isset($meta['newline']) ? $meta['newline'] : "\n"; + + $str .= '<meta '.$type.'="'.$name.($type === 'charset' ? '' : '" content="'.$content).'" />'.$newline; } return $str; } } - -// ------------------------------------------------------------------------ - -if ( ! function_exists('br')) -{ - /** - * Generates HTML BR tags based on number supplied - * - * @deprecated 3.0.0 Use str_repeat() instead - * @param int $count Number of times to repeat the tag - * @return string - */ - function br($count = 1) - { - return str_repeat('<br />', $count); - } -} - -// ------------------------------------------------------------------------ - -if ( ! function_exists('nbs')) -{ - /** - * Generates non-breaking space entities based on number supplied - * - * @deprecated 3.0.0 Use str_repeat() instead - * @param int - * @return string - */ - function nbs($num = 1) - { - return str_repeat(' ', $num); - } -} diff --git a/system/helpers/inflector_helper.php b/system/helpers/inflector_helper.php index f2890059f..49e2a53db 100644 --- a/system/helpers/inflector_helper.php +++ b/system/helpers/inflector_helper.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Helpers * @category Helpers * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/helpers/inflector_helper.html + * @link https://codeigniter.com/user_guide/helpers/inflector_helper.html */ // -------------------------------------------------------------------- @@ -219,7 +219,7 @@ if ( ! function_exists('humanize')) */ function humanize($str, $separator = '_') { - return ucwords(preg_replace('/['.$separator.']+/', ' ', trim(MB_ENABLED ? mb_strtolower($str) : strtolower($str)))); + return ucwords(preg_replace('/['.preg_quote($separator).']+/', ' ', trim(MB_ENABLED ? mb_strtolower($str) : strtolower($str)))); } } @@ -238,9 +238,77 @@ if ( ! function_exists('is_countable')) return ! in_array( strtolower($word), array( - 'equipment', 'information', 'rice', 'money', - 'species', 'series', 'fish', 'meta' + 'audio', + 'bison', + 'chassis', + 'compensation', + 'coreopsis', + 'data', + 'deer', + 'education', + 'emoji', + 'equipment', + 'fish', + 'furniture', + 'gold', + 'information', + 'knowledge', + 'love', + 'rain', + 'money', + 'moose', + 'nutrition', + 'offspring', + 'plankton', + 'pokemon', + 'police', + 'rice', + 'series', + 'sheep', + 'species', + 'swine', + 'traffic', + 'wheat' ) ); } } + +// ------------------------------------------------------------------------ + +if ( ! function_exists('ordinal_format')) +{ + /** + * Returns the English ordinal numeral for a given number + * + * @param int $number + * @return string + */ + function ordinal_format($number) + { + if ( ! ctype_digit((string) $number) OR $number < 1) + { + return $number; + } + + $last_digit = array( + 0 => 'th', + 1 => 'st', + 2 => 'nd', + 3 => 'rd', + 4 => 'th', + 5 => 'th', + 6 => 'th', + 7 => 'th', + 8 => 'th', + 9 => 'th' + ); + + if (($number % 100) >= 11 && ($number % 100) <= 13) + { + return $number.'th'; + } + + return $number.$last_digit[$number % 10]; + } +} diff --git a/system/helpers/language_helper.php b/system/helpers/language_helper.php index 25ce8abe1..d26cf5b8d 100644 --- a/system/helpers/language_helper.php +++ b/system/helpers/language_helper.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Helpers * @category Helpers * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/helpers/language_helper.html + * @link https://codeigniter.com/user_guide/helpers/language_helper.html */ // ------------------------------------------------------------------------ diff --git a/system/helpers/number_helper.php b/system/helpers/number_helper.php index 3a24259e1..cc8a7760c 100644 --- a/system/helpers/number_helper.php +++ b/system/helpers/number_helper.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Helpers * @category Helpers * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/helpers/number_helper.html + * @link https://codeigniter.com/user_guide/helpers/number_helper.html */ // ------------------------------------------------------------------------ diff --git a/system/helpers/path_helper.php b/system/helpers/path_helper.php index c96d0b8b3..6896cb97b 100644 --- a/system/helpers/path_helper.php +++ b/system/helpers/path_helper.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Helpers * @category Helpers * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/helpers/path_helper.html + * @link https://codeigniter.com/user_guide/helpers/path_helper.html */ // ------------------------------------------------------------------------ @@ -61,7 +61,7 @@ if ( ! function_exists('set_realpath')) function set_realpath($path, $check_existance = FALSE) { // Security check to make sure the path is NOT a URL. No remote file inclusion! - if (preg_match('#^(http:\/\/|https:\/\/|www\.|ftp)#i', $path) OR filter_var($path, FILTER_VALIDATE_IP) === $path ) + if (preg_match('#^(http:\/\/|https:\/\/|www\.|ftp|php:\/\/)#i', $path) OR filter_var($path, FILTER_VALIDATE_IP) === $path) { show_error('The path you submitted must be a local server path, not a URL'); } diff --git a/system/helpers/security_helper.php b/system/helpers/security_helper.php index adbf136bb..72736fa7d 100644 --- a/system/helpers/security_helper.php +++ b/system/helpers/security_helper.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Helpers * @category Helpers * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/helpers/security_helper.html + * @link https://codeigniter.com/user_guide/helpers/security_helper.html */ // ------------------------------------------------------------------------ @@ -80,30 +80,6 @@ if ( ! function_exists('sanitize_filename')) } } -// -------------------------------------------------------------------- - -if ( ! function_exists('do_hash')) -{ - /** - * Hash encode a string - * - * @todo Remove in version 3.1+. - * @deprecated 3.0.0 Use PHP's native hash() instead. - * @param string $str - * @param string $type = 'sha1' - * @return string - */ - function do_hash($str, $type = 'sha1') - { - if ( ! in_array(strtolower($type), hash_algos())) - { - $type = 'md5'; - } - - return hash($type, $str); - } -} - // ------------------------------------------------------------------------ if ( ! function_exists('strip_image_tags')) diff --git a/system/helpers/smiley_helper.php b/system/helpers/smiley_helper.php deleted file mode 100644 index d053dd22c..000000000 --- a/system/helpers/smiley_helper.php +++ /dev/null @@ -1,255 +0,0 @@ -<?php -/** - * CodeIgniter - * - * An open source application development framework for PHP - * - * This content is released under the MIT License (MIT) - * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology - * - * Permission is hereby granted, free of charge, to any person obtaining a copy - * of this software and associated documentation files (the "Software"), to deal - * in the Software without restriction, including without limitation the rights - * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell - * copies of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included in - * all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, - * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN - * THE SOFTWARE. - * - * @package CodeIgniter - * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) - * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com - * @since Version 1.0.0 - * @filesource - */ -defined('BASEPATH') OR exit('No direct script access allowed'); - -/** - * CodeIgniter Smiley Helpers - * - * @package CodeIgniter - * @subpackage Helpers - * @category Helpers - * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/helpers/smiley_helper.html - * @deprecated 3.0.0 This helper is too specific for CI. - */ - -// ------------------------------------------------------------------------ - -if ( ! function_exists('smiley_js')) -{ - /** - * Smiley Javascript - * - * Returns the javascript required for the smiley insertion. Optionally takes - * an array of aliases to loosely couple the smiley array to the view. - * - * @param mixed alias name or array of alias->field_id pairs - * @param string field_id if alias name was passed in - * @param bool - * @return array - */ - function smiley_js($alias = '', $field_id = '', $inline = TRUE) - { - static $do_setup = TRUE; - $r = ''; - - if ($alias !== '' && ! is_array($alias)) - { - $alias = array($alias => $field_id); - } - - if ($do_setup === TRUE) - { - $do_setup = FALSE; - $m = array(); - - if (is_array($alias)) - { - foreach ($alias as $name => $id) - { - $m[] = '"'.$name.'" : "'.$id.'"'; - } - } - - $m = '{'.implode(',', $m).'}'; - - $r .= <<<EOF - var smiley_map = {$m}; - - function insert_smiley(smiley, field_id) { - var el = document.getElementById(field_id), newStart; - - if ( ! el && smiley_map[field_id]) { - el = document.getElementById(smiley_map[field_id]); - - if ( ! el) - return false; - } - - el.focus(); - smiley = " " + smiley; - - if ('selectionStart' in el) { - newStart = el.selectionStart + smiley.length; - - el.value = el.value.substr(0, el.selectionStart) + - smiley + - el.value.substr(el.selectionEnd, el.value.length); - el.setSelectionRange(newStart, newStart); - } - else if (document.selection) { - document.selection.createRange().text = smiley; - } - } -EOF; - } - elseif (is_array($alias)) - { - foreach ($alias as $name => $id) - { - $r .= 'smiley_map["'.$name.'"] = "'.$id."\";\n"; - } - } - - return ($inline) - ? '<script type="text/javascript" charset="utf-8">/*<![CDATA[ */'.$r.'// ]]></script>' - : $r; - } -} - -// ------------------------------------------------------------------------ - -if ( ! function_exists('get_clickable_smileys')) -{ - /** - * Get Clickable Smileys - * - * Returns an array of image tag links that can be clicked to be inserted - * into a form field. - * - * @param string the URL to the folder containing the smiley images - * @param array - * @return array - */ - function get_clickable_smileys($image_url, $alias = '') - { - // For backward compatibility with js_insert_smiley - if (is_array($alias)) - { - $smileys = $alias; - } - elseif (FALSE === ($smileys = _get_smiley_array())) - { - return FALSE; - } - - // Add a trailing slash to the file path if needed - $image_url = rtrim($image_url, '/').'/'; - - $used = array(); - foreach ($smileys as $key => $val) - { - // Keep duplicates from being used, which can happen if the - // mapping array contains multiple identical replacements. For example: - // :-) and :) might be replaced with the same image so both smileys - // will be in the array. - if (isset($used[$smileys[$key][0]])) - { - continue; - } - - $link[] = '<a href="javascript:void(0);" onclick="insert_smiley(\''.$key.'\', \''.$alias.'\')"><img src="'.$image_url.$smileys[$key][0].'" alt="'.$smileys[$key][3].'" style="width: '.$smileys[$key][1].'; height: '.$smileys[$key][2].'; border: 0;" /></a>'; - $used[$smileys[$key][0]] = TRUE; - } - - return $link; - } -} - -// ------------------------------------------------------------------------ - -if ( ! function_exists('parse_smileys')) -{ - /** - * Parse Smileys - * - * Takes a string as input and swaps any contained smileys for the actual image - * - * @param string the text to be parsed - * @param string the URL to the folder containing the smiley images - * @param array - * @return string - */ - function parse_smileys($str = '', $image_url = '', $smileys = NULL) - { - if ($image_url === '' OR ( ! is_array($smileys) && FALSE === ($smileys = _get_smiley_array()))) - { - return $str; - } - - // Add a trailing slash to the file path if needed - $image_url = rtrim($image_url, '/').'/'; - - foreach ($smileys as $key => $val) - { - $str = str_replace($key, '<img src="'.$image_url.$smileys[$key][0].'" alt="'.$smileys[$key][3].'" style="width: '.$smileys[$key][1].'; height: '.$smileys[$key][2].'; border: 0;" />', $str); - } - - return $str; - } -} - -// ------------------------------------------------------------------------ - -if ( ! function_exists('_get_smiley_array')) -{ - /** - * Get Smiley Array - * - * Fetches the config/smiley.php file - * - * @return mixed - */ - function _get_smiley_array() - { - static $_smileys; - - if ( ! is_array($_smileys)) - { - if (file_exists(APPPATH.'config/smileys.php')) - { - include(APPPATH.'config/smileys.php'); - } - - if (file_exists(APPPATH.'config/'.ENVIRONMENT.'/smileys.php')) - { - include(APPPATH.'config/'.ENVIRONMENT.'/smileys.php'); - } - - if (empty($smileys) OR ! is_array($smileys)) - { - $_smileys = array(); - return FALSE; - } - - $_smileys = $smileys; - } - - return $_smileys; - } -} diff --git a/system/helpers/string_helper.php b/system/helpers/string_helper.php index 5860e15fb..311f7a420 100644 --- a/system/helpers/string_helper.php +++ b/system/helpers/string_helper.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -44,38 +44,11 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Helpers * @category Helpers * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/helpers/string_helper.html + * @link https://codeigniter.com/user_guide/helpers/string_helper.html */ // ------------------------------------------------------------------------ -if ( ! function_exists('trim_slashes')) -{ - /** - * Trim Slashes - * - * Removes any leading/trailing slashes from a string: - * - * /this/that/theother/ - * - * becomes: - * - * this/that/theother - * - * @todo Remove in version 3.1+. - * @deprecated 3.0.0 This is just an alias for PHP's native trim() - * - * @param string - * @return string - */ - function trim_slashes($str) - { - return trim($str, '/'); - } -} - -// ------------------------------------------------------------------------ - if ( ! function_exists('strip_slashes')) { /** @@ -253,7 +226,7 @@ if ( ! function_exists('increment_string')) */ function increment_string($str, $separator = '_', $first = 1) { - preg_match('/(.+)'.$separator.'([0-9]+)$/', $str, $match); + preg_match('/(.+)'.preg_quote($separator, '/').'([0-9]+)$/', $str, $match); return isset($match[2]) ? $match[1].$separator.($match[2] + 1) : $str.$separator.$first; } } @@ -270,7 +243,7 @@ if ( ! function_exists('alternator')) * @param string (as many parameters as needed) * @return string */ - function alternator($args) + function alternator() { static $i; @@ -279,27 +252,8 @@ if ( ! function_exists('alternator')) $i = 0; return ''; } + $args = func_get_args(); return $args[($i++ % count($args))]; } } - -// ------------------------------------------------------------------------ - -if ( ! function_exists('repeater')) -{ - /** - * Repeater function - * - * @todo Remove in version 3.1+. - * @deprecated 3.0.0 This is just an alias for PHP's native str_repeat() - * - * @param string $data String to repeat - * @param int $num Number of repeats - * @return string - */ - function repeater($data, $num = 1) - { - return ($num > 0) ? str_repeat($data, $num) : ''; - } -} diff --git a/system/helpers/text_helper.php b/system/helpers/text_helper.php index fb47036f2..07c01c3af 100644 --- a/system/helpers/text_helper.php +++ b/system/helpers/text_helper.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Helpers * @category Helpers * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/helpers/text_helper.html + * @link https://codeigniter.com/user_guide/helpers/text_helper.html */ // ------------------------------------------------------------------------ @@ -102,7 +102,7 @@ if ( ! function_exists('character_limiter')) } // a bit complicated, but faster than preg_replace with \s+ - $str = preg_replace('/ {2,}/', ' ', str_replace(array("\r", "\n", "\t", "\x0B", "\x0C"), ' ', $str)); + $str = preg_replace('/ {2,}/', ' ', str_replace(array("\r", "\n", "\t", "\v", "\f"), ' ', $str)); if (mb_strlen($str) <= $n) { @@ -275,13 +275,28 @@ if ( ! function_exists('word_censor')) foreach ($censored as $badword) { + $badword = str_replace('\*', '\w*?', preg_quote($badword, '/')); if ($replacement !== '') { - $str = preg_replace("/({$delim})(".str_replace('\*', '\w*?', preg_quote($badword, '/')).")({$delim})/i", "\\1{$replacement}\\3", $str); + $str = preg_replace( + "/({$delim})(".$badword.")({$delim})/i", + "\\1{$replacement}\\3", + $str + ); } - else + elseif (preg_match_all("/{$delim}(".$badword."){$delim}/i", $str, $matches, PREG_PATTERN_ORDER | PREG_OFFSET_CAPTURE)) { - $str = preg_replace("/({$delim})(".str_replace('\*', '\w*?', preg_quote($badword, '/')).")({$delim})/ie", "'\\1'.str_repeat('#', strlen('\\2')).'\\3'", $str); + $matches = $matches[1]; + for ($i = count($matches) - 1; $i >= 0; $i--) + { + $length = strlen($matches[$i][0]); + $str = substr_replace( + $str, + str_repeat('#', $length), + $matches[$i][1], + $length + ); + } } } diff --git a/system/helpers/typography_helper.php b/system/helpers/typography_helper.php index 45bb9b1d4..183e117bf 100644 --- a/system/helpers/typography_helper.php +++ b/system/helpers/typography_helper.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Helpers * @category Helpers * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/helpers/typography_helper.html + * @link https://codeigniter.com/user_guide/helpers/typography_helper.html */ // ------------------------------------------------------------------------ diff --git a/system/helpers/url_helper.php b/system/helpers/url_helper.php index d65f92f1b..99e82ef9f 100644 --- a/system/helpers/url_helper.php +++ b/system/helpers/url_helper.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Helpers * @category Helpers * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/helpers/url_helper.html + * @link https://codeigniter.com/user_guide/helpers/url_helper.html */ // ------------------------------------------------------------------------ @@ -443,7 +443,7 @@ if ( ! function_exists('prep_url')) */ function prep_url($str = '') { - if ($str === 'http://' OR $str === '') + if ($str === '') { return ''; } diff --git a/system/helpers/xml_helper.php b/system/helpers/xml_helper.php index 55f9c2f66..a12ee25db 100644 --- a/system/helpers/xml_helper.php +++ b/system/helpers/xml_helper.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Helpers * @category Helpers * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/helpers/xml_helper.html + * @link https://codeigniter.com/user_guide/helpers/xml_helper.html */ // ------------------------------------------------------------------------ diff --git a/system/language/english/calendar_lang.php b/system/language/english/calendar_lang.php index 9d3352868..77911e983 100644 --- a/system/language/english/calendar_lang.php +++ b/system/language/english/calendar_lang.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ diff --git a/system/language/english/date_lang.php b/system/language/english/date_lang.php index c61c9c2ad..bb454edfb 100644 --- a/system/language/english/date_lang.php +++ b/system/language/english/date_lang.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ diff --git a/system/language/english/db_lang.php b/system/language/english/db_lang.php index 5b67da659..b44bda951 100644 --- a/system/language/english/db_lang.php +++ b/system/language/english/db_lang.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ diff --git a/system/language/english/email_lang.php b/system/language/english/email_lang.php index cc6b2fd5a..22dc0fa78 100644 --- a/system/language/english/email_lang.php +++ b/system/language/english/email_lang.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ diff --git a/system/language/english/form_validation_lang.php b/system/language/english/form_validation_lang.php index 75d6e4b82..357f747ce 100644 --- a/system/language/english/form_validation_lang.php +++ b/system/language/english/form_validation_lang.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -43,6 +43,7 @@ $lang['form_validation_valid_email'] = 'The {field} field must contain a valid $lang['form_validation_valid_emails'] = 'The {field} field must contain all valid email addresses.'; $lang['form_validation_valid_url'] = 'The {field} field must contain a valid URL.'; $lang['form_validation_valid_ip'] = 'The {field} field must contain a valid IP.'; +$lang['form_validation_valid_mac'] = 'The {field} field must contain a valid MAC.'; $lang['form_validation_min_length'] = 'The {field} field must be at least {param} characters in length.'; $lang['form_validation_max_length'] = 'The {field} field cannot exceed {param} characters in length.'; $lang['form_validation_exact_length'] = 'The {field} field must be exactly {param} characters in length.'; diff --git a/system/language/english/ftp_lang.php b/system/language/english/ftp_lang.php index bccc27397..eada3e5d5 100644 --- a/system/language/english/ftp_lang.php +++ b/system/language/english/ftp_lang.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ diff --git a/system/language/english/imglib_lang.php b/system/language/english/imglib_lang.php index 41129cd6e..218874cfe 100644 --- a/system/language/english/imglib_lang.php +++ b/system/language/english/imglib_lang.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -51,6 +51,7 @@ $lang['imglib_libpath_invalid'] = 'The path to your image library is not correct $lang['imglib_image_process_failed'] = 'Image processing failed. Please verify that your server supports the chosen protocol and that the path to your image library is correct.'; $lang['imglib_rotation_angle_required'] = 'An angle of rotation is required to rotate the image.'; $lang['imglib_invalid_path'] = 'The path to the image is not correct.'; +$lang['imglib_invalid_image'] = 'The provided image is not valid.'; $lang['imglib_copy_failed'] = 'The image copy routine failed.'; $lang['imglib_missing_font'] = 'Unable to find a font to use.'; $lang['imglib_save_failed'] = 'Unable to save the image. Please make sure the image and file directory are writable.'; diff --git a/system/language/english/migration_lang.php b/system/language/english/migration_lang.php index 9e4a7c58c..168496090 100644 --- a/system/language/english/migration_lang.php +++ b/system/language/english/migration_lang.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ diff --git a/system/language/english/number_lang.php b/system/language/english/number_lang.php index db229c5b5..9723ce5ec 100644 --- a/system/language/english/number_lang.php +++ b/system/language/english/number_lang.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ diff --git a/system/language/english/pagination_lang.php b/system/language/english/pagination_lang.php index be133781e..d24dd047b 100644 --- a/system/language/english/pagination_lang.php +++ b/system/language/english/pagination_lang.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ diff --git a/system/language/english/profiler_lang.php b/system/language/english/profiler_lang.php index ba3edba60..20949a20a 100644 --- a/system/language/english/profiler_lang.php +++ b/system/language/english/profiler_lang.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ diff --git a/system/language/english/unit_test_lang.php b/system/language/english/unit_test_lang.php index 639829ed8..a89cb2d93 100644 --- a/system/language/english/unit_test_lang.php +++ b/system/language/english/unit_test_lang.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ diff --git a/system/language/english/upload_lang.php b/system/language/english/upload_lang.php index a536dda31..ec611f9ac 100644 --- a/system/language/english/upload_lang.php +++ b/system/language/english/upload_lang.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ diff --git a/system/libraries/Cache/Cache.php b/system/libraries/Cache/Cache.php index 0c87a5628..267dffb09 100644 --- a/system/libraries/Cache/Cache.php +++ b/system/libraries/Cache/Cache.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 2.0.0 * @filesource */ diff --git a/system/libraries/Cache/drivers/Cache_apc.php b/system/libraries/Cache/drivers/Cache_apc.php index e0d2ffb39..f2b61adb1 100644 --- a/system/libraries/Cache/drivers/Cache_apc.php +++ b/system/libraries/Cache/drivers/Cache_apc.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 2.0.0 * @filesource */ @@ -49,6 +49,24 @@ defined('BASEPATH') OR exit('No direct script access allowed'); class CI_Cache_apc extends CI_Driver { /** + * Class constructor + * + * Only present so that an error message is logged + * if APC is not available. + * + * @return void + */ + public function __construct() + { + if ( ! $this->is_supported()) + { + log_message('error', 'Cache: Failed to initialize APC; extension not loaded/enabled?'); + } + } + + // ------------------------------------------------------------------------ + + /** * Get * * Look for a value in the cache. If it exists, return the data @@ -79,7 +97,7 @@ class CI_Cache_apc extends CI_Driver { * * @param string $id Cache ID * @param mixed $data Data to store - * @param int $ttol Length of time (in seconds) to cache the data + * @param int $ttl Length of time (in seconds) to cache the data * @param bool $raw Whether to store the raw value * @return bool TRUE on success, FALSE on failure */ @@ -198,13 +216,6 @@ class CI_Cache_apc extends CI_Driver { */ public function is_supported() { - if ( ! extension_loaded('apc') OR ! ini_get('apc.enabled')) - { - log_message('debug', 'The APC PHP extension must be loaded to use APC Cache.'); - return FALSE; - } - - return TRUE; + return (extension_loaded('apc') && ini_get('apc.enabled')); } - } diff --git a/system/libraries/Cache/drivers/Cache_dummy.php b/system/libraries/Cache/drivers/Cache_dummy.php index bf80945a9..c6d9a61f1 100644 --- a/system/libraries/Cache/drivers/Cache_dummy.php +++ b/system/libraries/Cache/drivers/Cache_dummy.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 2.0 * @filesource */ diff --git a/system/libraries/Cache/drivers/Cache_file.php b/system/libraries/Cache/drivers/Cache_file.php index 68bc1ec96..8a36e9d79 100644 --- a/system/libraries/Cache/drivers/Cache_file.php +++ b/system/libraries/Cache/drivers/Cache_file.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 2.0 * @filesource */ @@ -120,7 +120,7 @@ class CI_Cache_file extends CI_Driver { */ public function delete($id) { - return file_exists($this->_cache_path.$id) ? unlink($this->_cache_path.$id) : FALSE; + return is_file($this->_cache_path.$id) ? unlink($this->_cache_path.$id) : FALSE; } // ------------------------------------------------------------------------ @@ -216,7 +216,7 @@ class CI_Cache_file extends CI_Driver { */ public function get_metadata($id) { - if ( ! file_exists($this->_cache_path.$id)) + if ( ! is_file($this->_cache_path.$id)) { return FALSE; } @@ -227,13 +227,13 @@ class CI_Cache_file extends CI_Driver { { $mtime = filemtime($this->_cache_path.$id); - if ( ! isset($data['ttl'])) + if ( ! isset($data['ttl'], $data['time'])) { return FALSE; } return array( - 'expire' => $mtime + $data['ttl'], + 'expire' => $data['time'] + $data['ttl'], 'mtime' => $mtime ); } @@ -267,7 +267,7 @@ class CI_Cache_file extends CI_Driver { */ protected function _get($id) { - if ( ! file_exists($this->_cache_path.$id)) + if ( ! is_file($this->_cache_path.$id)) { return FALSE; } diff --git a/system/libraries/Cache/drivers/Cache_memcached.php b/system/libraries/Cache/drivers/Cache_memcached.php index 111e2109d..4836b6aed 100644 --- a/system/libraries/Cache/drivers/Cache_memcached.php +++ b/system/libraries/Cache/drivers/Cache_memcached.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 2.0 * @filesource */ @@ -60,7 +60,7 @@ class CI_Cache_memcached extends CI_Driver { * * @var array */ - protected $_memcache_conf = array( + protected $_config = array( 'default' => array( 'host' => '127.0.0.1', 'port' => 11211, @@ -81,19 +81,11 @@ class CI_Cache_memcached extends CI_Driver { { // Try to load memcached server info from the config file. $CI =& get_instance(); - $defaults = $this->_memcache_conf['default']; + $defaults = $this->_config['default']; if ($CI->config->load('memcached', TRUE, TRUE)) { - if (is_array($CI->config->config['memcached'])) - { - $this->_memcache_conf = array(); - - foreach ($CI->config->config['memcached'] as $name => $conf) - { - $this->_memcache_conf[$name] = $conf; - } - } + $this->_config = $CI->config->config['memcached']; } if (class_exists('Memcached', FALSE)) @@ -106,18 +98,31 @@ class CI_Cache_memcached extends CI_Driver { } else { - throw new RuntimeException('Cache: Failed to create Memcache(d) object; extension not loaded?'); + log_message('error', 'Cache: Failed to create Memcache(d) object; extension not loaded?'); + return; } - foreach ($this->_memcache_conf as $cache_server) + foreach ($this->_config as $cache_name => $cache_server) { - isset($cache_server['hostname']) OR $cache_server['hostname'] = $defaults['host']; - isset($cache_server['port']) OR $cache_server['port'] = $defaults['port']; + if ( ! isset($cache_server['hostname'])) + { + log_message('debug', 'Cache: Memcache(d) configuration "'.$cache_name.'" doesn\'t include a hostname; ignoring.'); + continue; + } + elseif ($cache_server['hostname'][0] === '/') + { + $cache_server['port'] = 0; + } + elseif (empty($cache_server['port'])) + { + $cache_server['port'] = $defaults['port']; + } + isset($cache_server['weight']) OR $cache_server['weight'] = $defaults['weight']; - if (get_class($this->_memcached) === 'Memcache') + if ($this->_memcached instanceof Memcache) { - // Third parameter is persistance and defaults to TRUE. + // Third parameter is persistence and defaults to TRUE. $this->_memcached->addServer( $cache_server['hostname'], $cache_server['port'], @@ -125,7 +130,7 @@ class CI_Cache_memcached extends CI_Driver { $cache_server['weight'] ); } - else + elseif ($this->_memcached instanceof Memcached) { $this->_memcached->addServer( $cache_server['hostname'], @@ -169,11 +174,11 @@ class CI_Cache_memcached extends CI_Driver { $data = array($data, time(), $ttl); } - if (get_class($this->_memcached) === 'Memcached') + if ($this->_memcached instanceof Memcached) { return $this->_memcached->set($id, $data, $ttl); } - elseif (get_class($this->_memcached) === 'Memcache') + elseif ($this->_memcached instanceof Memcache) { return $this->_memcached->set($id, $data, 0, $ttl); } @@ -186,7 +191,7 @@ class CI_Cache_memcached extends CI_Driver { /** * Delete from Cache * - * @param mixed key to be deleted. + * @param mixed $id key to be deleted. * @return bool true on success, false on failure */ public function delete($id) @@ -251,7 +256,7 @@ class CI_Cache_memcached extends CI_Driver { /** * Get Cache Metadata * - * @param mixed key to get cache metadata on + * @param mixed $id key to get cache metadata on * @return mixed FALSE on failure, array on success. */ public function get_metadata($id) @@ -284,12 +289,27 @@ class CI_Cache_memcached extends CI_Driver { */ public function is_supported() { - if ( ! extension_loaded('memcached') && ! extension_loaded('memcache')) + return (extension_loaded('memcached') OR extension_loaded('memcache')); + } + + // ------------------------------------------------------------------------ + + /** + * Class destructor + * + * Closes the connection to Memcache(d) if present. + * + * @return void + */ + public function __destruct() + { + if ($this->_memcached instanceof Memcache) { - log_message('debug', 'The Memcached Extension must be loaded to use Memcached Cache.'); - return FALSE; + $this->_memcached->close(); + } + elseif ($this->_memcached instanceof Memcached && method_exists($this->_memcached, 'quit')) + { + $this->_memcached->quit(); } - - return TRUE; } } diff --git a/system/libraries/Cache/drivers/Cache_redis.php b/system/libraries/Cache/drivers/Cache_redis.php index d7dca1973..bb26b3b47 100644 --- a/system/libraries/Cache/drivers/Cache_redis.php +++ b/system/libraries/Cache/drivers/Cache_redis.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -55,11 +55,11 @@ class CI_Cache_redis extends CI_Driver * @var array */ protected static $_default_config = array( - 'socket_type' => 'tcp', 'host' => '127.0.0.1', 'password' => NULL, 'port' => 6379, - 'timeout' => 0 + 'timeout' => 0, + 'database' => 0 ); /** @@ -69,13 +69,6 @@ class CI_Cache_redis extends CI_Driver */ protected $_redis; - /** - * An internal cache for storing keys of serialized values. - * - * @var array - */ - protected $_serialized = array(); - // ------------------------------------------------------------------------ /** @@ -91,46 +84,46 @@ class CI_Cache_redis extends CI_Driver */ public function __construct() { - $config = array(); + if ( ! $this->is_supported()) + { + log_message('error', 'Cache: Failed to create Redis object; extension not loaded?'); + return; + } + $CI =& get_instance(); if ($CI->config->load('redis', TRUE, TRUE)) { - $config = $CI->config->item('redis'); + $config = array_merge(self::$_default_config, $CI->config->item('redis')); + } + else + { + $config = self::$_default_config; } - $config = array_merge(self::$_default_config, $config); $this->_redis = new Redis(); try { - if ($config['socket_type'] === 'unix') + if ( ! $this->_redis->connect($config['host'], ($config['host'][0] === '/' ? 0 : $config['port']), $config['timeout'])) { - $success = $this->_redis->connect($config['socket']); + log_message('error', 'Cache: Redis connection failed. Check your configuration.'); } - else // tcp socket + + if (isset($config['password']) && ! $this->_redis->auth($config['password'])) { - $success = $this->_redis->connect($config['host'], $config['port'], $config['timeout']); + log_message('error', 'Cache: Redis authentication failed.'); } - if ( ! $success) + if (isset($config['database']) && $config['database'] > 0 && ! $this->_redis->select($config['database'])) { - throw new RuntimeException('Cache: Redis connection failed. Check your configuration.'); + log_message('error', 'Cache: Redis select database failed.'); } } catch (RedisException $e) { - throw new RuntimeException('Cache: Redis connection refused ('.$e->getMessage().')'); + log_message('error', 'Cache: Redis connection refused ('.$e->getMessage().')'); } - - if (isset($config['password']) && ! $this->_redis->auth($config['password'])) - { - throw new RuntimeException('Cache: Redis authentication failed.'); - } - - // Initialize the index of serialized values. - $serialized = $this->_redis->sMembers('_ci_redis_serialized'); - empty($serialized) OR $this->_serialized = array_flip($serialized); } // ------------------------------------------------------------------------ @@ -138,19 +131,35 @@ class CI_Cache_redis extends CI_Driver /** * Get cache * - * @param string Cache ID + * @param string $key Cache ID * @return mixed */ public function get($key) { - $value = $this->_redis->get($key); + $data = $this->_redis->hMGet($key, array('__ci_type', '__ci_value')); - if ($value !== FALSE && isset($this->_serialized[$key])) + if ( ! isset($data['__ci_type'], $data['__ci_value']) OR $data['__ci_value'] === FALSE) { - return unserialize($value); + return FALSE; } - return $value; + switch ($data['__ci_type']) + { + case 'array': + case 'object': + return unserialize($data['__ci_value']); + case 'boolean': + case 'integer': + case 'double': // Yes, 'double' is returned and NOT 'float' + case 'string': + case 'NULL': + return settype($data['__ci_value'], $data['__ci_type']) + ? $data['__ci_value'] + : FALSE; + case 'resource': + default: + return FALSE; + } } // ------------------------------------------------------------------------ @@ -166,23 +175,33 @@ class CI_Cache_redis extends CI_Driver */ public function save($id, $data, $ttl = 60, $raw = FALSE) { - if (is_array($data) OR is_object($data)) + switch ($data_type = gettype($data)) { - if ( ! $this->_redis->sIsMember('_ci_redis_serialized', $id) && ! $this->_redis->sAdd('_ci_redis_serialized', $id)) - { + case 'array': + case 'object': + $data = serialize($data); + break; + case 'boolean': + case 'integer': + case 'double': // Yes, 'double' is returned and NOT 'float' + case 'string': + case 'NULL': + break; + case 'resource': + default: return FALSE; - } + } - isset($this->_serialized[$id]) OR $this->_serialized[$id] = TRUE; - $data = serialize($data); + if ( ! $this->_redis->hMSet($id, array('__ci_type' => $data_type, '__ci_value' => $data))) + { + return FALSE; } - elseif (isset($this->_serialized[$id])) + elseif ($ttl) { - $this->_serialized[$id] = NULL; - $this->_redis->sRemove('_ci_redis_serialized', $id); + $this->_redis->expireAt($id, time() + $ttl); } - return $this->_redis->set($id, $data, $ttl); + return TRUE; } // ------------------------------------------------------------------------ @@ -190,23 +209,12 @@ class CI_Cache_redis extends CI_Driver /** * Delete from cache * - * @param string Cache key + * @param string $key Cache key * @return bool */ public function delete($key) { - if ($this->_redis->delete($key) !== 1) - { - return FALSE; - } - - if (isset($this->_serialized[$key])) - { - $this->_serialized[$key] = NULL; - $this->_redis->sRemove('_ci_redis_serialized', $key); - } - - return TRUE; + return ($this->_redis->delete($key) === 1); } // ------------------------------------------------------------------------ @@ -220,7 +228,7 @@ class CI_Cache_redis extends CI_Driver */ public function increment($id, $offset = 1) { - return $this->_redis->incr($id, $offset); + return $this->_redis->hIncrBy($id, 'data', $offset); } // ------------------------------------------------------------------------ @@ -234,7 +242,7 @@ class CI_Cache_redis extends CI_Driver */ public function decrement($id, $offset = 1) { - return $this->_redis->decr($id, $offset); + return $this->_redis->hIncrBy($id, 'data', -$offset); } // ------------------------------------------------------------------------ @@ -255,9 +263,9 @@ class CI_Cache_redis extends CI_Driver /** * Get cache driver info * - * @param string Not supported in Redis. - * Only included in order to offer a - * consistent cache API. + * @param string $type Not supported in Redis. + * Only included in order to offer a + * consistent cache API. * @return array * @see Redis::info() */ @@ -271,7 +279,7 @@ class CI_Cache_redis extends CI_Driver /** * Get cache metadata * - * @param string Cache key + * @param string $key Cache key * @return array */ public function get_metadata($key) @@ -298,13 +306,7 @@ class CI_Cache_redis extends CI_Driver */ public function is_supported() { - if ( ! extension_loaded('redis')) - { - log_message('debug', 'The Redis extension must be loaded to use Redis cache.'); - return FALSE; - } - - return TRUE; + return extension_loaded('redis'); } // ------------------------------------------------------------------------ diff --git a/system/libraries/Cache/drivers/Cache_wincache.php b/system/libraries/Cache/drivers/Cache_wincache.php index 9cc6ff016..f296a5e26 100644 --- a/system/libraries/Cache/drivers/Cache_wincache.php +++ b/system/libraries/Cache/drivers/Cache_wincache.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -52,6 +52,24 @@ defined('BASEPATH') OR exit('No direct script access allowed'); class CI_Cache_wincache extends CI_Driver { /** + * Class constructor + * + * Only present so that an error message is logged + * if APC is not available. + * + * @return void + */ + public function __construct() + { + if ( ! $this->is_supported()) + { + log_message('error', 'Cache: Failed to initialize Wincache; extension not loaded/enabled?'); + } + } + + // ------------------------------------------------------------------------ + + /** * Get * * Look for a value in the cache. If it exists, return the data, @@ -194,13 +212,6 @@ class CI_Cache_wincache extends CI_Driver { */ public function is_supported() { - if ( ! extension_loaded('wincache') OR ! ini_get('wincache.ucenabled')) - { - log_message('debug', 'The Wincache PHP extension must be loaded to use Wincache Cache.'); - return FALSE; - } - - return TRUE; + return (extension_loaded('wincache') && ini_get('wincache.ucenabled')); } - } diff --git a/system/libraries/Calendar.php b/system/libraries/Calendar.php index f6a0c39c4..edb0fb4d9 100644 --- a/system/libraries/Calendar.php +++ b/system/libraries/Calendar.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Libraries * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/calendar.html + * @link https://codeigniter.com/user_guide/libraries/calendar.html */ class CI_Calendar { diff --git a/system/libraries/Cart.php b/system/libraries/Cart.php deleted file mode 100644 index bf27c6392..000000000 --- a/system/libraries/Cart.php +++ /dev/null @@ -1,567 +0,0 @@ -<?php -/** - * CodeIgniter - * - * An open source application development framework for PHP - * - * This content is released under the MIT License (MIT) - * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology - * - * Permission is hereby granted, free of charge, to any person obtaining a copy - * of this software and associated documentation files (the "Software"), to deal - * in the Software without restriction, including without limitation the rights - * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell - * copies of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included in - * all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, - * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN - * THE SOFTWARE. - * - * @package CodeIgniter - * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) - * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com - * @since Version 1.0.0 - * @filesource - */ -defined('BASEPATH') OR exit('No direct script access allowed'); - -/** - * Shopping Cart Class - * - * @package CodeIgniter - * @subpackage Libraries - * @category Shopping Cart - * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/cart.html - * @deprecated 3.0.0 This class is too specific for CI. - */ -class CI_Cart { - - /** - * These are the regular expression rules that we use to validate the product ID and product name - * alpha-numeric, dashes, underscores, or periods - * - * @var string - */ - public $product_id_rules = '\.a-z0-9_-'; - - /** - * These are the regular expression rules that we use to validate the product ID and product name - * alpha-numeric, dashes, underscores, colons or periods - * - * @var string - */ - public $product_name_rules = '\w \-\.\:'; - - /** - * only allow safe product names - * - * @var bool - */ - public $product_name_safe = TRUE; - - // -------------------------------------------------------------------------- - - /** - * Reference to CodeIgniter instance - * - * @var object - */ - protected $CI; - - /** - * Contents of the cart - * - * @var array - */ - protected $_cart_contents = array(); - - /** - * Shopping Class Constructor - * - * The constructor loads the Session class, used to store the shopping cart contents. - * - * @param array - * @return void - */ - public function __construct($params = array()) - { - // Set the super object to a local variable for use later - $this->CI =& get_instance(); - - // Are any config settings being passed manually? If so, set them - $config = is_array($params) ? $params : array(); - - // Load the Sessions class - $this->CI->load->driver('session', $config); - - // Grab the shopping cart array from the session table - $this->_cart_contents = $this->CI->session->userdata('cart_contents'); - if ($this->_cart_contents === NULL) - { - // No cart exists so we'll set some base values - $this->_cart_contents = array('cart_total' => 0, 'total_items' => 0); - } - - log_message('info', 'Cart Class Initialized'); - } - - // -------------------------------------------------------------------- - - /** - * Insert items into the cart and save it to the session table - * - * @param array - * @return bool - */ - public function insert($items = array()) - { - // Was any cart data passed? No? Bah... - if ( ! is_array($items) OR count($items) === 0) - { - log_message('error', 'The insert method must be passed an array containing data.'); - return FALSE; - } - - // You can either insert a single product using a one-dimensional array, - // or multiple products using a multi-dimensional one. The way we - // determine the array type is by looking for a required array key named "id" - // at the top level. If it's not found, we will assume it's a multi-dimensional array. - - $save_cart = FALSE; - if (isset($items['id'])) - { - if (($rowid = $this->_insert($items))) - { - $save_cart = TRUE; - } - } - else - { - foreach ($items as $val) - { - if (is_array($val) && isset($val['id'])) - { - if ($this->_insert($val)) - { - $save_cart = TRUE; - } - } - } - } - - // Save the cart data if the insert was successful - if ($save_cart === TRUE) - { - $this->_save_cart(); - return isset($rowid) ? $rowid : TRUE; - } - - return FALSE; - } - - // -------------------------------------------------------------------- - - /** - * Insert - * - * @param array - * @return bool - */ - protected function _insert($items = array()) - { - // Was any cart data passed? No? Bah... - if ( ! is_array($items) OR count($items) === 0) - { - log_message('error', 'The insert method must be passed an array containing data.'); - return FALSE; - } - - // -------------------------------------------------------------------- - - // Does the $items array contain an id, quantity, price, and name? These are required - if ( ! isset($items['id'], $items['qty'], $items['price'], $items['name'])) - { - log_message('error', 'The cart array must contain a product ID, quantity, price, and name.'); - return FALSE; - } - - // -------------------------------------------------------------------- - - // Prep the quantity. It can only be a number. Duh... also trim any leading zeros - $items['qty'] = (float) $items['qty']; - - // If the quantity is zero or blank there's nothing for us to do - if ($items['qty'] == 0) - { - return FALSE; - } - - // -------------------------------------------------------------------- - - // Validate the product ID. It can only be alpha-numeric, dashes, underscores or periods - // Not totally sure we should impose this rule, but it seems prudent to standardize IDs. - // Note: These can be user-specified by setting the $this->product_id_rules variable. - if ( ! preg_match('/^['.$this->product_id_rules.']+$/i', $items['id'])) - { - log_message('error', 'Invalid product ID. The product ID can only contain alpha-numeric characters, dashes, and underscores'); - return FALSE; - } - - // -------------------------------------------------------------------- - - // Validate the product name. It can only be alpha-numeric, dashes, underscores, colons or periods. - // Note: These can be user-specified by setting the $this->product_name_rules variable. - if ($this->product_name_safe && ! preg_match('/^['.$this->product_name_rules.']+$/i'.(UTF8_ENABLED ? 'u' : ''), $items['name'])) - { - log_message('error', 'An invalid name was submitted as the product name: '.$items['name'].' The name can only contain alpha-numeric characters, dashes, underscores, colons, and spaces'); - return FALSE; - } - - // -------------------------------------------------------------------- - - // Prep the price. Remove leading zeros and anything that isn't a number or decimal point. - $items['price'] = (float) $items['price']; - - // We now need to create a unique identifier for the item being inserted into the cart. - // Every time something is added to the cart it is stored in the master cart array. - // Each row in the cart array, however, must have a unique index that identifies not only - // a particular product, but makes it possible to store identical products with different options. - // For example, what if someone buys two identical t-shirts (same product ID), but in - // different sizes? The product ID (and other attributes, like the name) will be identical for - // both sizes because it's the same shirt. The only difference will be the size. - // Internally, we need to treat identical submissions, but with different options, as a unique product. - // Our solution is to convert the options array to a string and MD5 it along with the product ID. - // This becomes the unique "row ID" - if (isset($items['options']) && count($items['options']) > 0) - { - $rowid = md5($items['id'].serialize($items['options'])); - } - else - { - // No options were submitted so we simply MD5 the product ID. - // Technically, we don't need to MD5 the ID in this case, but it makes - // sense to standardize the format of array indexes for both conditions - $rowid = md5($items['id']); - } - - // -------------------------------------------------------------------- - - // Now that we have our unique "row ID", we'll add our cart items to the master array - // grab quantity if it's already there and add it on - $old_quantity = isset($this->_cart_contents[$rowid]['qty']) ? (int) $this->_cart_contents[$rowid]['qty'] : 0; - - // Re-create the entry, just to make sure our index contains only the data from this submission - $items['rowid'] = $rowid; - $items['qty'] += $old_quantity; - $this->_cart_contents[$rowid] = $items; - - return $rowid; - } - - // -------------------------------------------------------------------- - - /** - * Update the cart - * - * This function permits the quantity of a given item to be changed. - * Typically it is called from the "view cart" page if a user makes - * changes to the quantity before checkout. That array must contain the - * product ID and quantity for each item. - * - * @param array - * @return bool - */ - public function update($items = array()) - { - // Was any cart data passed? - if ( ! is_array($items) OR count($items) === 0) - { - return FALSE; - } - - // You can either update a single product using a one-dimensional array, - // or multiple products using a multi-dimensional one. The way we - // determine the array type is by looking for a required array key named "rowid". - // If it's not found we assume it's a multi-dimensional array - $save_cart = FALSE; - if (isset($items['rowid'])) - { - if ($this->_update($items) === TRUE) - { - $save_cart = TRUE; - } - } - else - { - foreach ($items as $val) - { - if (is_array($val) && isset($val['rowid'])) - { - if ($this->_update($val) === TRUE) - { - $save_cart = TRUE; - } - } - } - } - - // Save the cart data if the insert was successful - if ($save_cart === TRUE) - { - $this->_save_cart(); - return TRUE; - } - - return FALSE; - } - - // -------------------------------------------------------------------- - - /** - * Update the cart - * - * This function permits changing item properties. - * Typically it is called from the "view cart" page if a user makes - * changes to the quantity before checkout. That array must contain the - * rowid and quantity for each item. - * - * @param array - * @return bool - */ - protected function _update($items = array()) - { - // Without these array indexes there is nothing we can do - if ( ! isset($items['rowid'], $this->_cart_contents[$items['rowid']])) - { - return FALSE; - } - - // Prep the quantity - if (isset($items['qty'])) - { - $items['qty'] = (float) $items['qty']; - // Is the quantity zero? If so we will remove the item from the cart. - // If the quantity is greater than zero we are updating - if ($items['qty'] == 0) - { - unset($this->_cart_contents[$items['rowid']]); - return TRUE; - } - } - - // find updatable keys - $keys = array_intersect(array_keys($this->_cart_contents[$items['rowid']]), array_keys($items)); - // if a price was passed, make sure it contains valid data - if (isset($items['price'])) - { - $items['price'] = (float) $items['price']; - } - - // product id & name shouldn't be changed - foreach (array_diff($keys, array('id', 'name')) as $key) - { - $this->_cart_contents[$items['rowid']][$key] = $items[$key]; - } - - return TRUE; - } - - // -------------------------------------------------------------------- - - /** - * Save the cart array to the session DB - * - * @return bool - */ - protected function _save_cart() - { - // Let's add up the individual prices and set the cart sub-total - $this->_cart_contents['total_items'] = $this->_cart_contents['cart_total'] = 0; - foreach ($this->_cart_contents as $key => $val) - { - // We make sure the array contains the proper indexes - if ( ! is_array($val) OR ! isset($val['price'], $val['qty'])) - { - continue; - } - - $this->_cart_contents['cart_total'] += ($val['price'] * $val['qty']); - $this->_cart_contents['total_items'] += $val['qty']; - $this->_cart_contents[$key]['subtotal'] = ($this->_cart_contents[$key]['price'] * $this->_cart_contents[$key]['qty']); - } - - // Is our cart empty? If so we delete it from the session - if (count($this->_cart_contents) <= 2) - { - $this->CI->session->unset_userdata('cart_contents'); - - // Nothing more to do... coffee time! - return FALSE; - } - - // If we made it this far it means that our cart has data. - // Let's pass it to the Session class so it can be stored - $this->CI->session->set_userdata(array('cart_contents' => $this->_cart_contents)); - - // Woot! - return TRUE; - } - - // -------------------------------------------------------------------- - - /** - * Cart Total - * - * @return int - */ - public function total() - { - return $this->_cart_contents['cart_total']; - } - - // -------------------------------------------------------------------- - - /** - * Remove Item - * - * Removes an item from the cart - * - * @param int - * @return bool - */ - public function remove($rowid) - { - // unset & save - unset($this->_cart_contents[$rowid]); - $this->_save_cart(); - return TRUE; - } - - // -------------------------------------------------------------------- - - /** - * Total Items - * - * Returns the total item count - * - * @return int - */ - public function total_items() - { - return $this->_cart_contents['total_items']; - } - - // -------------------------------------------------------------------- - - /** - * Cart Contents - * - * Returns the entire cart array - * - * @param bool - * @return array - */ - public function contents($newest_first = FALSE) - { - // do we want the newest first? - $cart = ($newest_first) ? array_reverse($this->_cart_contents) : $this->_cart_contents; - - // Remove these so they don't create a problem when showing the cart table - unset($cart['total_items']); - unset($cart['cart_total']); - - return $cart; - } - - // -------------------------------------------------------------------- - - /** - * Get cart item - * - * Returns the details of a specific item in the cart - * - * @param string $row_id - * @return array - */ - public function get_item($row_id) - { - return (in_array($row_id, array('total_items', 'cart_total'), TRUE) OR ! isset($this->_cart_contents[$row_id])) - ? FALSE - : $this->_cart_contents[$row_id]; - } - - // -------------------------------------------------------------------- - - /** - * Has options - * - * Returns TRUE if the rowid passed to this function correlates to an item - * that has options associated with it. - * - * @param string $row_id = '' - * @return bool - */ - public function has_options($row_id = '') - { - return (isset($this->_cart_contents[$row_id]['options']) && count($this->_cart_contents[$row_id]['options']) !== 0); - } - - // -------------------------------------------------------------------- - - /** - * Product options - * - * Returns the an array of options, for a particular product row ID - * - * @param string $row_id = '' - * @return array - */ - public function product_options($row_id = '') - { - return isset($this->_cart_contents[$row_id]['options']) ? $this->_cart_contents[$row_id]['options'] : array(); - } - - // -------------------------------------------------------------------- - - /** - * Format Number - * - * Returns the supplied number with commas and a decimal point. - * - * @param float - * @return string - */ - public function format_number($n = '') - { - return ($n === '') ? '' : number_format( (float) $n, 2, '.', ','); - } - - // -------------------------------------------------------------------- - - /** - * Destroy the cart - * - * Empties the cart and kills the session - * - * @return void - */ - public function destroy() - { - $this->_cart_contents = array('cart_total' => 0, 'total_items' => 0); - $this->CI->session->unset_userdata('cart_contents'); - } - -} diff --git a/system/libraries/Driver.php b/system/libraries/Driver.php index da4c548e6..00e8416f9 100644 --- a/system/libraries/Driver.php +++ b/system/libraries/Driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ diff --git a/system/libraries/Email.php b/system/libraries/Email.php index 459c8f590..1483f2203 100644 --- a/system/libraries/Email.php +++ b/system/libraries/Email.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Libraries * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/email.html + * @link https://codeigniter.com/user_guide/libraries/email.html */ class CI_Email { @@ -150,13 +150,6 @@ class CI_Email { public $charset = 'utf-8'; /** - * Multipart message - * - * @var string 'mixed' (in the body) or 'related' (separate) - */ - public $multipart = 'mixed'; // "mixed" (in the body) or "related" (separate) - - /** * Alternative message (for HTML messages only) * * @var string @@ -168,7 +161,7 @@ class CI_Email { * * @var bool */ - public $validate = FALSE; + public $validate = TRUE; /** * X-Priority header value. @@ -233,13 +226,6 @@ class CI_Email { // -------------------------------------------------------------------- /** - * Whether PHP is running in safe mode. Initialized by the class constructor. - * - * @var bool - */ - protected $_safe_mode = FALSE; - - /** * Subject header * * @var string @@ -261,20 +247,6 @@ class CI_Email { protected $_finalbody = ''; /** - * multipart/alternative boundary - * - * @var string - */ - protected $_alt_boundary = ''; - - /** - * Attachment boundary - * - * @var string - */ - protected $_atc_boundary = ''; - - /** * Final headers to send * * @var string @@ -395,6 +367,13 @@ class CI_Email { 5 => '5 (Lowest)' ); + /** + * mbstring.func_override flag + * + * @var bool + */ + protected static $func_override; + // -------------------------------------------------------------------- /** @@ -408,18 +387,9 @@ class CI_Email { public function __construct(array $config = array()) { $this->charset = config_item('charset'); + $this->initialize($config); - if (count($config) > 0) - { - $this->initialize($config); - } - else - { - $this->_smtp_auth = ! ($this->smtp_user === '' && $this->smtp_pass === ''); - } - - $this->_safe_mode = ( ! is_php('5.4') && ini_get('safe_mode')); - $this->charset = strtoupper($this->charset); + isset(self::$func_override) OR self::$func_override = (extension_loaded('mbstring') && ini_get('mbstring.func_override')); log_message('info', 'Email Class Initialized'); } @@ -427,28 +397,15 @@ class CI_Email { // -------------------------------------------------------------------- /** - * Destructor - Releases Resources - * - * @return void - */ - public function __destruct() - { - if (is_resource($this->_smtp_connect)) - { - $this->_send_command('quit'); - } - } - - // -------------------------------------------------------------------- - - /** * Initialize preferences * - * @param array + * @param array $config * @return CI_Email */ - public function initialize($config = array()) + public function initialize(array $config = array()) { + $this->clear(); + foreach ($config as $key => $val) { if (isset($this->$key)) @@ -465,9 +422,9 @@ class CI_Email { } } } - $this->clear(); - $this->_smtp_auth = ! ($this->smtp_user === '' && $this->smtp_pass === ''); + $this->charset = strtoupper($this->charset); + $this->_smtp_auth = isset($this->smtp_user[0], $this->smtp_pass[0]); return $this; } @@ -493,7 +450,6 @@ class CI_Email { $this->_headers = array(); $this->_debug_msg = array(); - $this->set_header('User-Agent', $this->useragent); $this->set_header('Date', $this->_set_date()); if ($clear_attachments !== FALSE) @@ -574,14 +530,18 @@ class CI_Email { $this->validate_email($this->_str_to_array($replyto)); } - if ($name === '') - { - $name = $replyto; - } - - if (strpos($name, '"') !== 0) + if ($name !== '') { - $name = '"'.$name.'"'; + // only use Q encoding if there are characters that would require it + if ( ! preg_match('/[\200-\377]/', $name)) + { + // add slashes for non-printing characters, slashes, and double quotes, and surround it in double quotes + $name = '"'.addcslashes($name, "\0..\37\177'\"\\").'"'; + } + else + { + $name = $this->_prep_q_encoding($name); + } } $this->set_header('Reply-To', $name.' <'.$replyto.'>'); @@ -707,18 +667,6 @@ class CI_Email { public function message($body) { $this->_body = rtrim(str_replace("\r", '', $body)); - - /* strip slashes only if magic quotes is ON - if we do it with magic quotes OFF, it strips real, user-inputted chars. - - NOTE: In PHP 5.4 get_magic_quotes_gpc() will always return 0 and - it will probably not exist in future versions at all. - */ - if ( ! is_php('5.4') && get_magic_quotes_gpc()) - { - $this->_body = stripslashes($this->_body); - } - return $this; } @@ -762,7 +710,8 @@ class CI_Email { 'name' => array($file, $newname), 'disposition' => empty($disposition) ? 'attachment' : $disposition, // Can also be 'inline' Not sure if it matters 'type' => $mime, - 'content' => chunk_split(base64_encode($file_content)) + 'content' => chunk_split(base64_encode($file_content)), + 'multipart' => 'mixed' ); return $this; @@ -780,15 +729,11 @@ class CI_Email { */ public function attachment_cid($filename) { - if ($this->multipart !== 'related') - { - $this->multipart = 'related'; // Thunderbird need this for inline images - } - for ($i = 0, $c = count($this->_attachments); $i < $c; $i++) { if ($this->_attachments[$i]['name'][0] === $filename) { + $this->_attachments[$i]['multipart'] = 'related'; $this->_attachments[$i]['cid'] = uniqid(basename($this->_attachments[$i]['name'][0]).'@'); return $this->_attachments[$i]['cid']; } @@ -933,19 +878,6 @@ class CI_Email { // -------------------------------------------------------------------- /** - * Set Message Boundary - * - * @return void - */ - protected function _set_boundaries() - { - $this->_alt_boundary = 'B_ALT_'.uniqid(''); // multipart/alternative - $this->_atc_boundary = 'B_ATC_'.uniqid(''); // attachment boundary - } - - // -------------------------------------------------------------------- - - /** * Get the Message ID * * @return string @@ -1012,9 +944,9 @@ class CI_Email { { if ($this->mailtype === 'html') { - return (count($this->_attachments) === 0) ? 'html' : 'html-attach'; + return empty($this->_attachments) ? 'html' : 'html-attach'; } - elseif ($this->mailtype === 'text' && count($this->_attachments) > 0) + elseif ($this->mailtype === 'text' && ! empty($this->_attachments)) { return 'plain-attach'; } @@ -1093,7 +1025,7 @@ class CI_Email { { if (function_exists('idn_to_ascii') && $atpos = strpos($email, '@')) { - $email = substr($email, 0, ++$atpos).idn_to_ascii(substr($email, $atpos)); + $email = self::substr($email, 0, ++$atpos).idn_to_ascii(self::substr($email, $atpos)); } return (bool) filter_var($email, FILTER_VALIDATE_EMAIL); @@ -1210,7 +1142,7 @@ class CI_Email { { // Is the line within the allowed character count? // If so we'll join it to the output and continue - if (mb_strlen($line) <= $charlim) + if (self::strlen($line) <= $charlim) { $output .= $line.$this->newline; continue; @@ -1226,10 +1158,10 @@ class CI_Email { } // Trim the word down - $temp .= mb_substr($line, 0, $charlim - 1); - $line = mb_substr($line, $charlim - 1); + $temp .= self::substr($line, 0, $charlim - 1); + $line = self::substr($line, $charlim - 1); } - while (mb_strlen($line) > $charlim); + while (self::strlen($line) > $charlim); // If $temp contains data it means we had to split up an over-length // word into smaller chunks so we'll add it back to our current line @@ -1258,10 +1190,11 @@ class CI_Email { /** * Build final headers * - * @return string + * @return void */ protected function _build_headers() { + $this->set_header('User-Agent', $this->useragent); $this->set_header('X-Sender', $this->clean_email($this->_headers['From'])); $this->set_header('X-Mailer', $this->useragent); $this->set_header('X-Priority', $this->_priorities[$this->priority]); @@ -1320,7 +1253,6 @@ class CI_Email { $this->_body = $this->word_wrap($this->_body); } - $this->_set_boundaries(); $this->_write_headers(); $hdr = ($this->_get_protocol() === 'mail') ? $this->newline : ''; @@ -1328,7 +1260,7 @@ class CI_Email { switch ($this->_get_content_type()) { - case 'plain' : + case 'plain': $hdr .= 'Content-Type: text/plain; charset='.$this->charset.$this->newline .'Content-Transfer-Encoding: '.$this->_get_encoding(); @@ -1345,7 +1277,7 @@ class CI_Email { return; - case 'html' : + case 'html': if ($this->send_multipart === FALSE) { @@ -1354,14 +1286,16 @@ class CI_Email { } else { - $hdr .= 'Content-Type: multipart/alternative; boundary="'.$this->_alt_boundary.'"'; + $boundary = uniqid('B_ALT_'); + $hdr .= 'Content-Type: multipart/alternative; boundary="'.$boundary.'"'; $body .= $this->_get_mime_message().$this->newline.$this->newline - .'--'.$this->_alt_boundary.$this->newline + .'--'.$boundary.$this->newline .'Content-Type: text/plain; charset='.$this->charset.$this->newline .'Content-Transfer-Encoding: '.$this->_get_encoding().$this->newline.$this->newline - .$this->_get_alt_message().$this->newline.$this->newline.'--'.$this->_alt_boundary.$this->newline + .$this->_get_alt_message().$this->newline.$this->newline + .'--'.$boundary.$this->newline .'Content-Type: text/html; charset='.$this->charset.$this->newline .'Content-Transfer-Encoding: quoted-printable'.$this->newline.$this->newline; @@ -1380,14 +1314,15 @@ class CI_Email { if ($this->send_multipart !== FALSE) { - $this->_finalbody .= '--'.$this->_alt_boundary.'--'; + $this->_finalbody .= '--'.$boundary.'--'; } return; - case 'plain-attach' : + case 'plain-attach': - $hdr .= 'Content-Type: multipart/'.$this->multipart.'; boundary="'.$this->_atc_boundary.'"'; + $boundary = uniqid('B_ATC_'); + $hdr .= 'Content-Type: multipart/mixed; boundary="'.$boundary.'"'; if ($this->_get_protocol() === 'mail') { @@ -1396,59 +1331,83 @@ class CI_Email { $body .= $this->_get_mime_message().$this->newline .$this->newline - .'--'.$this->_atc_boundary.$this->newline + .'--'.$boundary.$this->newline .'Content-Type: text/plain; charset='.$this->charset.$this->newline .'Content-Transfer-Encoding: '.$this->_get_encoding().$this->newline .$this->newline .$this->_body.$this->newline.$this->newline; - break; - case 'html-attach' : + $this->_append_attachments($body, $boundary); + + break; + case 'html-attach': - $hdr .= 'Content-Type: multipart/'.$this->multipart.'; boundary="'.$this->_atc_boundary.'"'; + $alt_boundary = uniqid('B_ALT_'); + $last_boundary = NULL; + + if ($this->_attachments_have_multipart('mixed')) + { + $atc_boundary = uniqid('B_ATC_'); + $hdr .= 'Content-Type: multipart/mixed; boundary="'.$atc_boundary.'"'; + $last_boundary = $atc_boundary; + } + + if ($this->_attachments_have_multipart('related')) + { + $rel_boundary = uniqid('B_REL_'); + $rel_boundary_header = 'Content-Type: multipart/related; boundary="'.$rel_boundary.'"'; + + if (isset($last_boundary)) + { + $body .= '--'.$last_boundary.$this->newline.$rel_boundary_header; + } + else + { + $hdr .= $rel_boundary_header; + } + + $last_boundary = $rel_boundary; + } if ($this->_get_protocol() === 'mail') { $this->_header_str .= $hdr; } + self::strlen($body) && $body .= $this->newline.$this->newline; $body .= $this->_get_mime_message().$this->newline.$this->newline - .'--'.$this->_atc_boundary.$this->newline + .'--'.$last_boundary.$this->newline - .'Content-Type: multipart/alternative; boundary="'.$this->_alt_boundary.'"'.$this->newline.$this->newline - .'--'.$this->_alt_boundary.$this->newline + .'Content-Type: multipart/alternative; boundary="'.$alt_boundary.'"'.$this->newline.$this->newline + .'--'.$alt_boundary.$this->newline .'Content-Type: text/plain; charset='.$this->charset.$this->newline .'Content-Transfer-Encoding: '.$this->_get_encoding().$this->newline.$this->newline - .$this->_get_alt_message().$this->newline.$this->newline.'--'.$this->_alt_boundary.$this->newline + .$this->_get_alt_message().$this->newline.$this->newline + .'--'.$alt_boundary.$this->newline .'Content-Type: text/html; charset='.$this->charset.$this->newline .'Content-Transfer-Encoding: quoted-printable'.$this->newline.$this->newline .$this->_prep_quoted_printable($this->_body).$this->newline.$this->newline - .'--'.$this->_alt_boundary.'--'.$this->newline.$this->newline; - - break; - } + .'--'.$alt_boundary.'--'.$this->newline.$this->newline; - $attachment = array(); - for ($i = 0, $c = count($this->_attachments), $z = 0; $i < $c; $i++) - { - $filename = $this->_attachments[$i]['name'][0]; - $basename = ($this->_attachments[$i]['name'][1] === NULL) - ? basename($filename) : $this->_attachments[$i]['name'][1]; + if ( ! empty($rel_boundary)) + { + $body .= $this->newline.$this->newline; + $this->_append_attachments($body, $rel_boundary, 'related'); + } - $attachment[$z++] = '--'.$this->_atc_boundary.$this->newline - .'Content-type: '.$this->_attachments[$i]['type'].'; ' - .'name="'.$basename.'"'.$this->newline - .'Content-Disposition: '.$this->_attachments[$i]['disposition'].';'.$this->newline - .'Content-Transfer-Encoding: base64'.$this->newline - .(empty($this->_attachments[$i]['cid']) ? '' : 'Content-ID: <'.$this->_attachments[$i]['cid'].'>'.$this->newline); + // multipart/mixed attachments + if ( ! empty($atc_boundary)) + { + $body .= $this->newline.$this->newline; + $this->_append_attachments($body, $atc_boundary, 'mixed'); + } - $attachment[$z++] = $this->_attachments[$i]['content']; + break; } - $body .= implode($this->newline, $attachment).$this->newline.'--'.$this->_atc_boundary.'--'; $this->_finalbody = ($this->_get_protocol() === 'mail') ? $body : $hdr.$this->newline.$this->newline.$body; @@ -1458,6 +1417,58 @@ class CI_Email { // -------------------------------------------------------------------- + protected function _attachments_have_multipart($type) + { + foreach ($this->_attachments as &$attachment) + { + if ($attachment['multipart'] === $type) + { + return TRUE; + } + } + + return FALSE; + } + + // -------------------------------------------------------------------- + + /** + * Prepares attachment string + * + * @param string $body Message body to append to + * @param string $boundary Multipart boundary + * @param string $multipart When provided, only attachments of this type will be processed + * @return string + */ + protected function _append_attachments(&$body, $boundary, $multipart = null) + { + for ($i = 0, $c = count($this->_attachments); $i < $c; $i++) + { + if (isset($multipart) && $this->_attachments[$i]['multipart'] !== $multipart) + { + continue; + } + + $name = isset($this->_attachments[$i]['name'][1]) + ? $this->_attachments[$i]['name'][1] + : basename($this->_attachments[$i]['name'][0]); + + $body .= '--'.$boundary.$this->newline + .'Content-Type: '.$this->_attachments[$i]['type'].'; name="'.$name.'"'.$this->newline + .'Content-Disposition: '.$this->_attachments[$i]['disposition'].';'.$this->newline + .'Content-Transfer-Encoding: base64'.$this->newline + .(empty($this->_attachments[$i]['cid']) ? '' : 'Content-ID: <'.$this->_attachments[$i]['cid'].'>'.$this->newline) + .$this->newline + .$this->_attachments[$i]['content'].$this->newline; + } + + // $name won't be set if no attachments were appended, + // and therefore a boundary wouldn't be necessary + empty($name) OR $body .= '--'.$boundary.'--'; + } + + // -------------------------------------------------------------------- + /** * Prep Quoted Printable * @@ -1469,6 +1480,20 @@ class CI_Email { */ protected function _prep_quoted_printable($str) { + // ASCII code numbers for "safe" characters that can always be + // used literally, without encoding, as described in RFC 2049. + // http://www.ietf.org/rfc/rfc2049.txt + static $ascii_safe_chars = array( + // ' ( ) + , - . / : = ? + 39, 40, 41, 43, 44, 45, 46, 47, 58, 61, 63, + // numbers + 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, + // upper-case letters + 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78, 79, 80, 81, 82, 83, 84, 85, 86, 87, 88, 89, 90, + // lower-case letters + 97, 98, 99, 100, 101, 102, 103, 104, 105, 106, 107, 108, 109, 110, 111, 112, 113, 114, 115, 116, 117, 118, 119, 120, 121, 122 + ); + // We are intentionally wrapping so mail servers will encode characters // properly and MUAs will behave, so {unwrap} must go! $str = str_replace(array('{unwrap}', '{/unwrap}'), '', $str); @@ -1479,14 +1504,7 @@ class CI_Email { // which only works with "\n". if ($this->crlf === "\r\n") { - if (is_php('5.3')) - { - return quoted_printable_encode($str); - } - elseif (function_exists('imap_8bit')) - { - return imap_8bit($str); - } + return quoted_printable_encode($str); } // Reduce multiple spaces & remove nulls @@ -1503,7 +1521,7 @@ class CI_Email { foreach (explode("\n", $str) as $line) { - $length = strlen($line); + $length = self::strlen($line); $temp = ''; // Loop through each character in the line to add soft-wrap @@ -1516,18 +1534,29 @@ class CI_Email { $ascii = ord($char); // Convert spaces and tabs but only if it's the end of the line - if ($i === ($length - 1) && ($ascii === 32 OR $ascii === 9)) + if ($ascii === 32 OR $ascii === 9) { - $char = $escape.sprintf('%02s', dechex($ascii)); + if ($i === ($length - 1)) + { + $char = $escape.sprintf('%02s', dechex($ascii)); + } } - elseif ($ascii === 61) // encode = signs + // DO NOT move this below the $ascii_safe_chars line! + // + // = (equals) signs are allowed by RFC2049, but must be encoded + // as they are the encoding delimiter! + elseif ($ascii === 61) { $char = $escape.strtoupper(sprintf('%02s', dechex($ascii))); // =3D } + elseif ( ! in_array($ascii, $ascii_safe_chars, TRUE)) + { + $char = $escape.strtoupper(sprintf('%02s', dechex($ascii))); + } // If we're at the character limit, add the line to the output, // reset our temp variable, and keep on chuggin' - if ((strlen($temp) + strlen($char)) >= 76) + if ((self::strlen($temp) + self::strlen($char)) >= 76) { $output .= $temp.$escape.$this->crlf; $temp = ''; @@ -1542,7 +1571,7 @@ class CI_Email { } // get rid of extra CRLF tacked onto the end - return substr($output, 0, strlen($this->crlf) * -1); + return self::substr($output, 0, self::strlen($this->crlf) * -1); } // -------------------------------------------------------------------- @@ -1563,11 +1592,10 @@ class CI_Email { if ($this->charset === 'UTF-8') { - if (MB_ENABLED === TRUE) - { - return mb_encode_mimeheader($str, $this->charset, 'Q', $this->crlf); - } - elseif (ICONV_ENABLED === TRUE) + // Note: We used to have mb_encode_mimeheader() as the first choice + // here, but it turned out to be buggy and unreliable. DO NOT + // re-add it! -- Narf + if (ICONV_ENABLED === TRUE) { $output = @iconv_mime_encode('', $str, array( @@ -1585,18 +1613,22 @@ class CI_Email { // iconv_mime_encode() will always put a header field name. // We've passed it an empty one, but it still prepends our // encoded string with ': ', so we need to strip it. - return substr($output, 2); + return self::substr($output, 2); } $chars = iconv_strlen($str, 'UTF-8'); } + elseif (MB_ENABLED === TRUE) + { + $chars = mb_strlen($str, 'UTF-8'); + } } // We might already have this set for UTF-8 - isset($chars) OR $chars = strlen($str); + isset($chars) OR $chars = self::strlen($str); $output = '=?'.$this->charset.'?Q?'; - for ($i = 0, $length = strlen($output); $i < $chars; $i++) + for ($i = 0, $length = self::strlen($output); $i < $chars; $i++) { $chr = ($this->charset === 'UTF-8' && ICONV_ENABLED === TRUE) ? '='.implode('=', str_split(strtoupper(bin2hex(iconv_substr($str, $i, 1, $this->charset))), 2)) @@ -1604,11 +1636,11 @@ class CI_Email { // RFC 2045 sets a limit of 76 characters per line. // We'll append ?= to the end of each line though. - if ($length + ($l = strlen($chr)) > 74) + if ($length + ($l = self::strlen($chr)) > 74) { $output .= '?='.$this->crlf // EOL .' =?'.$this->charset.'?Q?'.$chr; // New line - $length = 6 + strlen($this->charset) + $l; // Reset the length for the new line + $length = 6 + self::strlen($this->charset) + $l; // Reset the length for the new line } else { @@ -1701,14 +1733,14 @@ class CI_Email { if ($i === $float) { - $chunk[] = substr($set, 1); + $chunk[] = self::substr($set, 1); $float += $this->bcc_batch_size; $set = ''; } if ($i === $c-1) { - $chunk[] = substr($set, 1); + $chunk[] = self::substr($set, 1); } } @@ -1791,6 +1823,33 @@ class CI_Email { // -------------------------------------------------------------------- /** + * Validate email for shell + * + * Applies stricter, shell-safe validation to email addresses. + * Introduced to prevent RCE via sendmail's -f option. + * + * @see https://github.com/bcit-ci/CodeIgniter/issues/4963 + * @see https://gist.github.com/Zenexer/40d02da5e07f151adeaeeaa11af9ab36 + * @license https://creativecommons.org/publicdomain/zero/1.0/ CC0 1.0, Public Domain + * + * Credits for the base concept go to Paul Buonopane <paul@namepros.com> + * + * @param string $email + * @return bool + */ + protected function _validate_email_for_shell(&$email) + { + if (function_exists('idn_to_ascii') && $atpos = strpos($email, '@')) + { + $email = self::substr($email, 0, ++$atpos).idn_to_ascii(self::substr($email, $atpos)); + } + + return (filter_var($email, FILTER_VALIDATE_EMAIL) === $email && preg_match('#\A[a-z0-9._+-]+@[a-z0-9.-]{1,253}\z#i', $email)); + } + + // -------------------------------------------------------------------- + + /** * Send using mail() * * @return bool @@ -1802,16 +1861,18 @@ class CI_Email { $this->_recipients = implode(', ', $this->_recipients); } - if ($this->_safe_mode === TRUE) + // _validate_email_for_shell() below accepts by reference, + // so this needs to be assigned to a variable + $from = $this->clean_email($this->_headers['Return-Path']); + + if ( ! $this->_validate_email_for_shell($from)) { return mail($this->_recipients, $this->_subject, $this->_finalbody, $this->_header_str); } - else - { - // most documentation of sendmail using the "-f" flag lacks a space after it, however - // we've encountered servers that seem to require it to be in place. - return mail($this->_recipients, $this->_subject, $this->_finalbody, $this->_header_str, '-f '.$this->clean_email($this->_headers['Return-Path'])); - } + + // most documentation of sendmail using the "-f" flag lacks a space after it, however + // we've encountered servers that seem to require it to be in place. + return mail($this->_recipients, $this->_subject, $this->_finalbody, $this->_header_str, '-f '.$from); } // -------------------------------------------------------------------- @@ -1823,14 +1884,22 @@ class CI_Email { */ protected function _send_with_sendmail() { + // _validate_email_for_shell() below accepts by reference, + // so this needs to be assigned to a variable + $from = $this->clean_email($this->_headers['From']); + if ($this->_validate_email_for_shell($from)) + { + $from = '-f '.$from; + } + else + { + $from = ''; + } + // is popen() enabled? - if ( ! function_usable('popen') - OR FALSE === ($fp = @popen( - $this->mailpath.' -oi -f '.$this->clean_email($this->_headers['From']) - .' -t -r '.$this->clean_email($this->_headers['Return-Path']) - , 'w')) - ) // server probably has popen disabled, so nothing we can do to get a verbose error. + if ( ! function_usable('popen') OR FALSE === ($fp = @popen($this->mailpath.' -oi '.$from.' -t', 'w'))) { + // server probably has popen disabled, so nothing we can do to get a verbose error. return FALSE; } @@ -1869,20 +1938,29 @@ class CI_Email { return FALSE; } - $this->_send_command('from', $this->clean_email($this->_headers['From'])); + if ( ! $this->_send_command('from', $this->clean_email($this->_headers['From']))) + { + $this->_smtp_end(); + return FALSE; + } foreach ($this->_recipients as $val) { - $this->_send_command('to', $val); + if ( ! $this->_send_command('to', $val)) + { + $this->_smtp_end(); + return FALSE; + } } if (count($this->_cc_array) > 0) { foreach ($this->_cc_array as $val) { - if ($val !== '') + if ($val !== '' && ! $this->_send_command('to', $val)) { - $this->_send_command('to', $val); + $this->_smtp_end(); + return FALSE; } } } @@ -1891,14 +1969,19 @@ class CI_Email { { foreach ($this->_bcc_array as $val) { - if ($val !== '') + if ($val !== '' && ! $this->_send_command('to', $val)) { - $this->_send_command('to', $val); + $this->_smtp_end(); + return FALSE; } } } - $this->_send_command('data'); + if ( ! $this->_send_command('data')) + { + $this->_smtp_end(); + return FALSE; + } // perform dot transformation on any lines that begin with a dot $this->_send_data($this->_header_str.preg_replace('/^\./m', '..$1', $this->_finalbody)); @@ -1906,30 +1989,38 @@ class CI_Email { $this->_send_data('.'); $reply = $this->_get_smtp_data(); - $this->_set_error_message($reply); + $this->_smtp_end(); + if (strpos($reply, '250') !== 0) { $this->_set_error_message('lang:email_smtp_error', $reply); return FALSE; } - if ($this->smtp_keepalive) - { - $this->_send_command('reset'); - } - else - { - $this->_send_command('quit'); - } - return TRUE; } // -------------------------------------------------------------------- /** + * SMTP End + * + * Shortcut to send RSET or QUIT depending on keep-alive + * + * @return void + */ + protected function _smtp_end() + { + ($this->smtp_keepalive) + ? $this->_send_command('reset') + : $this->_send_command('quit'); + } + + // -------------------------------------------------------------------- + + /** * SMTP Connect * * @return string @@ -1982,7 +2073,7 @@ class CI_Email { * * @param string * @param string - * @return string + * @return bool */ protected function _send_command($cmd, $data = '') { @@ -2045,7 +2136,7 @@ class CI_Email { $this->_debug_msg[] = '<pre>'.$cmd.': '.$reply.'</pre>'; - if ((int) substr($reply, 0, 3) !== $resp) + if ((int) self::substr($reply, 0, 3) !== $resp) { $this->_set_error_message('lang:email_smtp_error', $reply); return FALSE; @@ -2113,6 +2204,11 @@ class CI_Email { return FALSE; } + if ($this->smtp_keepalive) + { + $this->_smtp_auth = FALSE; + } + return TRUE; } @@ -2127,9 +2223,9 @@ class CI_Email { protected function _send_data($data) { $data .= $this->newline; - for ($written = $timestamp = 0, $length = strlen($data); $written < $length; $written += $result) + for ($written = $timestamp = 0, $length = self::strlen($data); $written < $length; $written += $result) { - if (($result = fwrite($this->_smtp_connect, substr($data, $written))) === FALSE) + if (($result = fwrite($this->_smtp_connect, self::substr($data, $written))) === FALSE) { break; } @@ -2302,4 +2398,52 @@ class CI_Email { return 'application/x-unknown-content-type'; } + // -------------------------------------------------------------------- + + /** + * Destructor + * + * @return void + */ + public function __destruct() + { + is_resource($this->_smtp_connect) && $this->_send_command('quit'); + } + + // -------------------------------------------------------------------- + + /** + * Byte-safe strlen() + * + * @param string $str + * @return int + */ + protected static function strlen($str) + { + return (self::$func_override) + ? mb_strlen($str, '8bit') + : strlen($str); + } + + // -------------------------------------------------------------------- + + /** + * Byte-safe substr() + * + * @param string $str + * @param int $start + * @param int $length + * @return string + */ + protected static function substr($str, $start, $length = NULL) + { + if (self::$func_override) + { + return mb_substr($str, $start, $length, '8bit'); + } + + return isset($length) + ? substr($str, $start, $length) + : substr($str, $start); + } } diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index a46d4f462..46f374726 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Libraries * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/encryption.html + * @link https://codeigniter.com/user_guide/libraries/encryption.html */ class CI_Encrypt { @@ -198,7 +198,7 @@ class CI_Encrypt { * This allows for backwards compatibility and a method to transition to the * new encryption algorithms. * - * For more details, see http://codeigniter.com/user_guide/installation/upgrade_200.html#encryption + * For more details, see https://codeigniter.com/user_guide/installation/upgrade_200.html#encryption * * @param string * @param int (mcrypt mode constant) diff --git a/system/libraries/Encryption.php b/system/libraries/Encryption.php index f3e039881..6799d0fef 100644 --- a/system/libraries/Encryption.php +++ b/system/libraries/Encryption.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Libraries * @author Andrey Andreev - * @link http://codeigniter.com/user_guide/libraries/encryption.html + * @link https://codeigniter.com/user_guide/libraries/encryption.html */ class CI_Encryption { @@ -152,10 +152,8 @@ class CI_Encryption { public function __construct(array $params = array()) { $this->_drivers = array( - 'mcrypt' => defined('MCRYPT_DEV_URANDOM'), - // While OpenSSL is available for PHP 5.3.0, an IV parameter - // for the encrypt/decrypt functions is only available since 5.3.3 - 'openssl' => (is_php('5.3.3') && extension_loaded('openssl')) + 'mcrypt' => defined('MCRYPT_DEV_URANDOM'), + 'openssl' => extension_loaded('openssl') ); if ( ! $this->_drivers['mcrypt'] && ! $this->_drivers['openssl']) @@ -337,9 +335,28 @@ class CI_Encryption { */ public function create_key($length) { - return ($this->_driver === 'mcrypt') - ? mcrypt_create_iv($length, MCRYPT_DEV_URANDOM) - : openssl_random_pseudo_bytes($length); + if (function_exists('random_bytes')) + { + try + { + return random_bytes((int) $length); + } + catch (Exception $e) + { + log_message('error', $e->getMessage()); + return FALSE; + } + } + elseif (defined('MCRYPT_DEV_URANDOM')) + { + return mcrypt_create_iv($length, MCRYPT_DEV_URANDOM); + } + + $is_secure = NULL; + $key = openssl_random_pseudo_bytes($length, $is_secure); + return ($is_secure === TRUE) + ? $key + : FALSE; } // -------------------------------------------------------------------- @@ -395,7 +412,7 @@ class CI_Encryption { // The greater-than-1 comparison is mostly a work-around for a bug, // where 1 is returned for ARCFour instead of 0. $iv = (($iv_size = mcrypt_enc_get_iv_size($params['handle'])) > 1) - ? mcrypt_create_iv($iv_size, MCRYPT_DEV_URANDOM) + ? $this->create_key($iv_size) : NULL; if (mcrypt_generic_init($params['handle'], $params['key'], $iv) < 0) @@ -458,14 +475,14 @@ class CI_Encryption { } $iv = ($iv_size = openssl_cipher_iv_length($params['handle'])) - ? openssl_random_pseudo_bytes($iv_size) + ? $this->create_key($iv_size) : NULL; $data = openssl_encrypt( $data, $params['handle'], $params['key'], - 1, // DO NOT TOUCH! + OPENSSL_RAW_DATA, $iv ); @@ -624,7 +641,7 @@ class CI_Encryption { $data, $params['handle'], $params['key'], - 1, // DO NOT TOUCH! + OPENSSL_RAW_DATA, $iv ); } @@ -890,7 +907,7 @@ class CI_Encryption { * Byte-safe strlen() * * @param string $str - * @return integer + * @return int */ protected static function strlen($str) { @@ -913,9 +930,6 @@ class CI_Encryption { { if (self::$func_override) { - // mb_substr($str, $start, null, '8bit') returns an empty - // string on PHP 5.3 - isset($length) OR $length = ($start >= 0 ? self::strlen($str) - $start : -$start); return mb_substr($str, $start, $length, '8bit'); } diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php index d9ecc45f9..7be0b949d 100644 --- a/system/libraries/Form_validation.php +++ b/system/libraries/Form_validation.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Validation * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/form_validation.html + * @link https://codeigniter.com/user_guide/libraries/form_validation.html */ class CI_Form_validation { @@ -164,7 +164,7 @@ class CI_Form_validation { * @param array $errors * @return CI_Form_validation */ - public function set_rules($field, $label = '', $rules = array(), $errors = array()) + public function set_rules($field, $label = null, $rules = null, $errors = array()) { // No reason to set rules if we have no POST data // or a validation array has not been specified @@ -197,6 +197,10 @@ class CI_Form_validation { return $this; } + elseif ( ! isset($rules)) + { + throw new BadMethodCallException('Form_validation: set_rules() called without a $rules parameter'); + } // No fields or no rules? Nothing to do... if ( ! is_string($field) OR $field === '' OR empty($rules)) @@ -211,7 +215,7 @@ class CI_Form_validation { return $this; } - $rules = explode('|', $rules); + $rules = preg_split('/\|(?![^\[]*\])/', $rules); } // If the field label wasn't passed we use the field name @@ -415,12 +419,9 @@ class CI_Form_validation { */ public function run($group = '') { - // Do we even have any data to process? Mm? - $validation_array = empty($this->validation_data) ? $_POST : $this->validation_data; - if (count($validation_array) === 0) - { - return FALSE; - } + $validation_array = empty($this->validation_data) + ? $_POST + : $this->validation_data; // Does the _field_data array containing the validation rules exist? // If not, we look to see if they were assigned via a config file @@ -453,7 +454,7 @@ class CI_Form_validation { $this->CI->lang->load('form_validation'); // Cycle through the rules for each field and match the corresponding $validation_data item - foreach ($this->_field_data as $field => $row) + foreach ($this->_field_data as $field => &$row) { // Fetch the data from the validation_data array item and cache it in the _field_data array. // Depending on whether the field name is an array or a string will determine where we get it from. @@ -470,7 +471,7 @@ class CI_Form_validation { // Execute validation rules // Note: A second foreach (for now) is required in order to avoid false-positives // for rules like 'matches', which correlate to other validation fields. - foreach ($this->_field_data as $field => $row) + foreach ($this->_field_data as $field => &$row) { // Don't try to validate if we have no rules set if (empty($row['rules'])) @@ -478,7 +479,7 @@ class CI_Form_validation { continue; } - $this->_execute($row, $row['rules'], $this->_field_data[$field]['postdata']); + $this->_execute($row, $row['rules'], $row['postdata']); } // Did we end up with any errors? @@ -489,7 +490,7 @@ class CI_Form_validation { } // Now we need to re-set the POST data with the new, processed data - $this->_reset_post_array(); + empty($this->validation_data) && $this->_reset_post_array(); return ($total_errors === 0); } @@ -497,6 +498,63 @@ class CI_Form_validation { // -------------------------------------------------------------------- /** + * Prepare rules + * + * Re-orders the provided rules in order of importance, so that + * they can easily be executed later without weird checks ... + * + * "Callbacks" are given the highest priority (always called), + * followed by 'required' (called if callbacks didn't fail), + * and then every next rule depends on the previous one passing. + * + * @param array $rules + * @return array + */ + protected function _prepare_rules($rules) + { + $new_rules = array(); + $callbacks = array(); + + foreach ($rules as &$rule) + { + // Let 'required' always be the first (non-callback) rule + if ($rule === 'required') + { + array_unshift($new_rules, 'required'); + } + // 'isset' is a kind of a weird alias for 'required' ... + elseif ($rule === 'isset' && (empty($new_rules) OR $new_rules[0] !== 'required')) + { + array_unshift($new_rules, 'isset'); + } + // The old/classic 'callback_'-prefixed rules + elseif (is_string($rule) && strncmp('callback_', $rule, 9) === 0) + { + $callbacks[] = $rule; + } + // Proper callables + elseif (is_callable($rule)) + { + $callbacks[] = $rule; + } + // "Named" callables; i.e. array('name' => $callable) + elseif (is_array($rule) && isset($rule[0], $rule[1]) && is_callable($rule[1])) + { + $callbacks[] = $rule; + } + // Everything else goes at the end of the queue + else + { + $new_rules[] = $rule; + } + } + + return array_merge($callbacks, $new_rules); + } + + // -------------------------------------------------------------------- + + /** * Traverse a multidimensional $_POST array index until the data is found * * @param array @@ -530,10 +588,7 @@ class CI_Form_validation { { if ($row['is_array'] === FALSE) { - if (isset($_POST[$row['field']])) - { - $_POST[$row['field']] = $row['postdata']; - } + isset($_POST[$field]) && $_POST[$field] = $row['postdata']; } else { @@ -553,20 +608,7 @@ class CI_Form_validation { } } - if (is_array($row['postdata'])) - { - $array = array(); - foreach ($row['postdata'] as $k => $v) - { - $array[$k] = $v; - } - - $post_ref = $array; - } - else - { - $post_ref = $row['postdata']; - } + $post_ref = $row['postdata']; } } } @@ -586,7 +628,10 @@ class CI_Form_validation { protected function _execute($row, $rules, $postdata = NULL, $cycles = 0) { // If the $_POST data is an array we will run a recursive call - if (is_array($postdata)) + // + // Note: We MUST check if the array is empty or not! + // Otherwise empty arrays will always pass validation. + if (is_array($postdata) && ! empty($postdata)) { foreach ($postdata as $key => $val) { @@ -596,84 +641,7 @@ class CI_Form_validation { return; } - // If the field is blank, but NOT required, no further tests are necessary - $callback = FALSE; - if ( ! in_array('required', $rules) && ($postdata === NULL OR $postdata === '')) - { - // Before we bail out, does the rule contain a callback? - foreach ($rules as &$rule) - { - if (is_string($rule)) - { - if (strncmp($rule, 'callback_', 9) === 0) - { - $callback = TRUE; - $rules = array(1 => $rule); - break; - } - } - elseif (is_callable($rule)) - { - $callback = TRUE; - $rules = array(1 => $rule); - break; - } - elseif (is_array($rule) && isset($rule[0], $rule[1]) && is_callable($rule[1])) - { - $callback = TRUE; - $rules = array(array($rule[0], $rule[1])); - break; - } - } - - if ( ! $callback) - { - return; - } - } - - // Isset Test. Typically this rule will only apply to checkboxes. - if (($postdata === NULL OR $postdata === '') && ! $callback) - { - if (in_array('isset', $rules, TRUE) OR in_array('required', $rules)) - { - // Set the message type - $type = in_array('required', $rules) ? 'required' : 'isset'; - - // Check if a custom message is defined - if (isset($this->_field_data[$row['field']]['errors'][$type])) - { - $line = $this->_field_data[$row['field']]['errors'][$type]; - } - elseif (isset($this->_error_messages[$type])) - { - $line = $this->_error_messages[$type]; - } - elseif (FALSE === ($line = $this->CI->lang->line('form_validation_'.$type)) - // DEPRECATED support for non-prefixed keys - && FALSE === ($line = $this->CI->lang->line($type, FALSE))) - { - $line = 'The field was not set'; - } - - // Build the error message - $message = $this->_build_error_msg($line, $this->_translate_fieldname($row['label'])); - - // Save the error message - $this->_field_data[$row['field']]['error'] = $message; - - if ( ! isset($this->_error_array[$row['field']])) - { - $this->_error_array[$row['field']] = $message; - } - } - - return; - } - - // -------------------------------------------------------------------- - - // Cycle through each rule and run it + $rules = $this->_prepare_rules($rules); foreach ($rules as $rule) { $_in_array = FALSE; @@ -732,6 +700,17 @@ class CI_Form_validation { $param = $match[2]; } + // Ignore empty, non-required inputs with a few exceptions ... + if ( + ($postdata === NULL OR $postdata === '') + && $callback === FALSE + && $callable === FALSE + && ! in_array($rule, array('required', 'isset', 'matches'), TRUE) + ) + { + continue; + } + // Call the function that corresponds to the rule if ($callback OR $callable !== FALSE) { @@ -770,12 +749,6 @@ class CI_Form_validation { { $this->_field_data[$row['field']]['postdata'] = is_bool($result) ? $postdata : $result; } - - // If the field isn't required and we just processed a callback we'll move on... - if ( ! in_array('required', $rules, TRUE) && $result !== FALSE) - { - continue; - } } elseif ( ! method_exists($this, $rule)) { @@ -823,23 +796,9 @@ class CI_Form_validation { { $line = $this->CI->lang->line('form_validation_error_message_not_set').'(Anonymous function)'; } - // Check if a custom message is defined - elseif (isset($this->_field_data[$row['field']]['errors'][$rule])) - { - $line = $this->_field_data[$row['field']]['errors'][$rule]; - } - elseif ( ! isset($this->_error_messages[$rule])) - { - if (FALSE === ($line = $this->CI->lang->line('form_validation_'.$rule)) - // DEPRECATED support for non-prefixed keys - && FALSE === ($line = $this->CI->lang->line($rule, FALSE))) - { - $line = $this->CI->lang->line('form_validation_error_message_not_set').'('.$rule.')'; - } - } else { - $line = $this->_error_messages[$rule]; + $line = $this->_get_error_message($rule, $row['field']); } // Is the parameter we are inserting into the error message the name @@ -868,6 +827,40 @@ class CI_Form_validation { // -------------------------------------------------------------------- /** + * Get the error message for the rule + * + * @param string $rule The rule name + * @param string $field The field name + * @return string + */ + protected function _get_error_message($rule, $field) + { + // check if a custom message is defined through validation config row. + if (isset($this->_field_data[$field]['errors'][$rule])) + { + return $this->_field_data[$field]['errors'][$rule]; + } + // check if a custom message has been set using the set_message() function + elseif (isset($this->_error_messages[$rule])) + { + return $this->_error_messages[$rule]; + } + elseif (FALSE !== ($line = $this->CI->lang->line('form_validation_'.$rule))) + { + return $line; + } + // DEPRECATED support for non-prefixed keys, lang file again + elseif (FALSE !== ($line = $this->CI->lang->line($rule, FALSE))) + { + return $line; + } + + return $this->CI->lang->line('form_validation_error_message_not_set').'('.$rule.')'; + } + + // -------------------------------------------------------------------- + + /** * Translate a field name * * @param string the field name @@ -1065,7 +1058,9 @@ class CI_Form_validation { */ public function required($str) { - return is_array($str) ? (bool) count($str) : (trim($str) !== ''); + return is_array($str) + ? (empty($str) === FALSE) + : (trim($str) !== ''); } // -------------------------------------------------------------------- @@ -1209,7 +1204,7 @@ class CI_Form_validation { { return FALSE; } - elseif ( ! in_array($matches[1], array('http', 'https'), TRUE)) + elseif ( ! in_array(strtolower($matches[1]), array('http', 'https'), TRUE)) { return FALSE; } @@ -1217,18 +1212,15 @@ class CI_Form_validation { $str = $matches[2]; } - $str = 'http://'.$str; - - // There's a bug affecting PHP 5.2.13, 5.3.2 that considers the - // underscore to be a valid hostname character instead of a dash. - // Reference: https://bugs.php.net/bug.php?id=51192 - if (version_compare(PHP_VERSION, '5.2.13', '==') OR version_compare(PHP_VERSION, '5.3.2', '==')) + // PHP 7 accepts IPv6 addresses within square brackets as hostnames, + // but it appears that the PR that came in with https://bugs.php.net/bug.php?id=68039 + // was never merged into a PHP 5 branch ... https://3v4l.org/8PsSN + if (preg_match('/^\[([^\]]+)\]/', $str, $matches) && ! is_php('7') && filter_var($matches[1], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6) !== FALSE) { - sscanf($str, 'http://%[^/]', $host); - $str = substr_replace($str, strtr($host, array('_' => '-', '-' => '_')), 7, strlen($host)); + $str = 'ipv6.host'.substr($str, strlen($matches[1]) + 2); } - return (filter_var($str, FILTER_VALIDATE_URL) !== FALSE); + return (filter_var('http://'.$str, FILTER_VALIDATE_URL) !== FALSE); } // -------------------------------------------------------------------- @@ -1241,9 +1233,9 @@ class CI_Form_validation { */ public function valid_email($str) { - if (function_exists('idn_to_ascii') && $atpos = strpos($str, '@')) + if (function_exists('idn_to_ascii') && sscanf($str, '%[^@]@%s', $name, $domain) === 2) { - $str = substr($str, 0, ++$atpos).idn_to_ascii(substr($str, $atpos)); + $str = $name.'@'.idn_to_ascii($domain); } return (bool) filter_var($str, FILTER_VALIDATE_EMAIL); @@ -1292,6 +1284,31 @@ class CI_Form_validation { // -------------------------------------------------------------------- /** + * Validate MAC address + * + * @param string $mac + * @return bool + */ + public function valid_mac($mac) + { + if ( ! is_php('5.5')) + { + // Most common format, with either dash or colon delimiters + if (preg_match('#\A[0-9a-f]{2}(?<delimiter>[:-])([0-9a-f]{2}(?P=delimiter)){4}[0-9a-f]{2}\z#i', $mac)) + { + return TRUE; + } + + // The less common format; e.g. 0123.4567.89ab + return (bool) preg_match('#((\A|\.)[0-9a-f]{4}){3}\z#i', $mac); + } + + return (bool) filter_var($mac, FILTER_VALIDATE_MAC); + } + + // -------------------------------------------------------------------- + + /** * Alpha * * @param string @@ -1496,37 +1513,6 @@ class CI_Form_validation { // -------------------------------------------------------------------- /** - * Prep data for form - * - * This function allows HTML to be safely shown in a form. - * Special characters are converted. - * - * @param string - * @return string - */ - public function prep_for_form($data = '') - { - if ($this->_safe_form_data === FALSE OR empty($data)) - { - return $data; - } - - if (is_array($data)) - { - foreach ($data as $key => $val) - { - $data[$key] = $this->prep_for_form($val); - } - - return $data; - } - - return str_replace(array("'", '"', '<', '>'), array(''', '"', '<', '>'), stripslashes($data)); - } - - // -------------------------------------------------------------------- - - /** * Prep URL * * @param string @@ -1534,12 +1520,7 @@ class CI_Form_validation { */ public function prep_url($str = '') { - if ($str === 'http://' OR $str === '') - { - return ''; - } - - if (strpos($str, 'http://') !== 0 && strpos($str, 'https://') !== 0) + if ($str !== '' && stripos($str, 'http://') !== 0 && stripos($str, 'https://') !== 0) { return 'http://'.$str; } @@ -1586,7 +1567,6 @@ class CI_Form_validation { public function reset_validation() { $this->_field_data = array(); - $this->_config_rules = array(); $this->_error_array = array(); $this->_error_messages = array(); $this->error_string = ''; diff --git a/system/libraries/Ftp.php b/system/libraries/Ftp.php index 2d345c294..86e5b8f33 100644 --- a/system/libraries/Ftp.php +++ b/system/libraries/Ftp.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Libraries * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/ftp.html + * @link https://codeigniter.com/user_guide/libraries/ftp.html */ class CI_FTP { @@ -486,7 +486,7 @@ class CI_FTP { { for ($i = 0, $c = count($list); $i < $c; $i++) { - // If we can't delete the item it's probaly a directory, + // If we can't delete the item it's probably a directory, // so we'll recursively call delete_dir() if ( ! preg_match('#/\.\.?$#', $list[$i]) && ! @ftp_delete($this->conn_id, $list[$i])) { diff --git a/system/libraries/Image_lib.php b/system/libraries/Image_lib.php index e813efd89..8b5a1adb0 100644 --- a/system/libraries/Image_lib.php +++ b/system/libraries/Image_lib.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Image_lib * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/image_lib.html + * @link https://codeigniter.com/user_guide/libraries/image_lib.html */ class CI_Image_lib { @@ -392,6 +392,16 @@ class CI_Image_lib { $this->initialize($props); } + /** + * A work-around for some improperly formatted, but + * usable JPEGs; known to be produced by Samsung + * smartphones' front-facing cameras. + * + * @see https://github.com/bcit-ci/CodeIgniter/issues/4967 + * @see https://bugs.php.net/bug.php?id=72404 + */ + ini_set('gd.jpeg_ignore_warning', 1); + log_message('info', 'Image Lib Class Initialized'); } @@ -456,7 +466,7 @@ class CI_Image_lib { { if (property_exists($this, $key)) { - if (in_array($key, array('wm_font_color', 'wm_shadow_color'))) + if (in_array($key, array('wm_font_color', 'wm_shadow_color'), TRUE)) { if (preg_match('/^#?([0-9a-f]{3}|[0-9a-f]{6})$/i', $val, $matches)) { @@ -478,6 +488,10 @@ class CI_Image_lib { continue; } } + elseif (in_array($key, array('width', 'height'), TRUE) && ! ctype_digit((string) $val)) + { + continue; + } $this->$key = $val; } @@ -540,37 +554,30 @@ class CI_Image_lib { */ if ($this->new_image === '') { - $this->dest_image = $this->source_image; + $this->dest_image = $this->source_image; $this->dest_folder = $this->source_folder; } - elseif (strpos($this->new_image, '/') === FALSE) + elseif (strpos($this->new_image, '/') === FALSE && strpos($this->new_image, '\\') === FALSE) { + $this->dest_image = $this->new_image; $this->dest_folder = $this->source_folder; - $this->dest_image = $this->new_image; } else { - if (strpos($this->new_image, '/') === FALSE && strpos($this->new_image, '\\') === FALSE) - { - $full_dest_path = str_replace('\\', '/', realpath($this->new_image)); - } - else - { - $full_dest_path = $this->new_image; - } - // Is there a file name? - if ( ! preg_match('#\.(jpg|jpeg|gif|png)$#i', $full_dest_path)) + if ( ! preg_match('#\.(jpg|jpeg|gif|png)$#i', $this->new_image)) { - $this->dest_folder = $full_dest_path.'/'; - $this->dest_image = $this->source_image; + $this->dest_image = $this->source_image; + $this->dest_folder = $this->new_image; } else { - $x = explode('/', $full_dest_path); - $this->dest_image = end($x); - $this->dest_folder = str_replace($this->dest_image, '', $full_dest_path); + $x = explode('/', str_replace('\\', '/', $this->new_image)); + $this->dest_image = end($x); + $this->dest_folder = str_replace($this->dest_image, '', $this->new_image); } + + $this->dest_folder = realpath($this->dest_folder).'/'; } /* Compile the finalized filenames/paths @@ -862,27 +869,28 @@ class CI_Image_lib { if ($action === 'crop') { - $cmd .= ' -crop '.$this->width.'x'.$this->height.'+'.$this->x_axis.'+'.$this->y_axis.' "'.$this->full_src_path.'" "'.$this->full_dst_path .'" 2>&1'; + $cmd .= ' -crop '.$this->width.'x'.$this->height.'+'.$this->x_axis.'+'.$this->y_axis; } elseif ($action === 'rotate') { - $angle = ($this->rotation_angle === 'hor' OR $this->rotation_angle === 'vrt') - ? '-flop' : '-rotate '.$this->rotation_angle; - - $cmd .= ' '.$angle.' "'.$this->full_src_path.'" "'.$this->full_dst_path.'" 2>&1'; + $cmd .= ($this->rotation_angle === 'hor' OR $this->rotation_angle === 'vrt') + ? ' -flop' + : ' -rotate '.$this->rotation_angle; } else // Resize { if($this->maintain_ratio === TRUE) { - $cmd .= ' -resize '.$this->width.'x'.$this->height.' "'.$this->full_src_path.'" "'.$this->full_dst_path.'" 2>&1'; + $cmd .= ' -resize '.$this->width.'x'.$this->height; } else { - $cmd .= ' -resize '.$this->width.'x'.$this->height.'\! "'.$this->full_src_path.'" "'.$this->full_dst_path.'" 2>&1'; + $cmd .= ' -resize '.$this->width.'x'.$this->height.'\!'; } } + $cmd .= ' '.escapeshellarg($this->full_src_path).' '.escapeshellarg($this->full_dst_path).' 2>&1'; + $retval = 1; // exec() might be disabled if (function_usable('exec')) @@ -1196,7 +1204,7 @@ class CI_Image_lib { } // Build the finalized image - if ($wm_img_type === 3 && function_exists('imagealphablending')) + if ($wm_img_type === 3) { @imagealphablending($src_img, TRUE); } @@ -1641,25 +1649,31 @@ class CI_Image_lib { } $vals = getimagesize($path); + if ($vals === FALSE) + { + $this->set_error('imglib_invalid_image'); + return FALSE; + } + $types = array(1 => 'gif', 2 => 'jpeg', 3 => 'png'); - $mime = (isset($types[$vals[2]])) ? 'image/'.$types[$vals[2]] : 'image/jpg'; + $mime = isset($types[$vals[2]]) ? 'image/'.$types[$vals[2]] : 'image/jpg'; if ($return === TRUE) { return array( - 'width' => $vals[0], - 'height' => $vals[1], - 'image_type' => $vals[2], - 'size_str' => $vals[3], - 'mime_type' => $mime - ); - } - - $this->orig_width = $vals[0]; - $this->orig_height = $vals[1]; - $this->image_type = $vals[2]; - $this->size_str = $vals[3]; - $this->mime_type = $mime; + 'width' => $vals[0], + 'height' => $vals[1], + 'image_type' => $vals[2], + 'size_str' => $vals[3], + 'mime_type' => $mime + ); + } + + $this->orig_width = $vals[0]; + $this->orig_height = $vals[1]; + $this->image_type = $vals[2]; + $this->size_str = $vals[3]; + $this->mime_type = $mime; return TRUE; } diff --git a/system/libraries/Javascript.php b/system/libraries/Javascript.php deleted file mode 100644 index 4cc628692..000000000 --- a/system/libraries/Javascript.php +++ /dev/null @@ -1,856 +0,0 @@ -<?php -/** - * CodeIgniter - * - * An open source application development framework for PHP - * - * This content is released under the MIT License (MIT) - * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology - * - * Permission is hereby granted, free of charge, to any person obtaining a copy - * of this software and associated documentation files (the "Software"), to deal - * in the Software without restriction, including without limitation the rights - * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell - * copies of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included in - * all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, - * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN - * THE SOFTWARE. - * - * @package CodeIgniter - * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) - * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com - * @since Version 1.0.0 - * @filesource - */ -defined('BASEPATH') OR exit('No direct script access allowed'); - -/** - * Javascript Class - * - * @package CodeIgniter - * @subpackage Libraries - * @category Javascript - * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/javascript.html - * @deprecated 3.0.0 This was never a good idea in the first place. - */ -class CI_Javascript { - - /** - * JavaScript location - * - * @var string - */ - protected $_javascript_location = 'js'; - - // -------------------------------------------------------------------- - - /** - * Constructor - * - * @param array $params - * @return void - */ - public function __construct($params = array()) - { - $defaults = array('js_library_driver' => 'jquery', 'autoload' => TRUE); - - foreach ($defaults as $key => $val) - { - if (isset($params[$key]) && $params[$key] !== '') - { - $defaults[$key] = $params[$key]; - } - } - - extract($defaults); - - $this->CI =& get_instance(); - - // load the requested js library - $this->CI->load->library('Javascript/'.$js_library_driver, array('autoload' => $autoload)); - // make js to refer to current library - $this->js =& $this->CI->$js_library_driver; - - log_message('info', 'Javascript Class Initialized and loaded. Driver used: '.$js_library_driver); - } - - // -------------------------------------------------------------------- - // Event Code - // -------------------------------------------------------------------- - - /** - * Blur - * - * Outputs a javascript library blur event - * - * @param string The element to attach the event to - * @param string The code to execute - * @return string - */ - public function blur($element = 'this', $js = '') - { - return $this->js->_blur($element, $js); - } - - // -------------------------------------------------------------------- - - /** - * Change - * - * Outputs a javascript library change event - * - * @param string The element to attach the event to - * @param string The code to execute - * @return string - */ - public function change($element = 'this', $js = '') - { - return $this->js->_change($element, $js); - } - - // -------------------------------------------------------------------- - - /** - * Click - * - * Outputs a javascript library click event - * - * @param string The element to attach the event to - * @param string The code to execute - * @param bool whether or not to return false - * @return string - */ - public function click($element = 'this', $js = '', $ret_false = TRUE) - { - return $this->js->_click($element, $js, $ret_false); - } - - // -------------------------------------------------------------------- - - /** - * Double Click - * - * Outputs a javascript library dblclick event - * - * @param string The element to attach the event to - * @param string The code to execute - * @return string - */ - public function dblclick($element = 'this', $js = '') - { - return $this->js->_dblclick($element, $js); - } - - // -------------------------------------------------------------------- - - /** - * Error - * - * Outputs a javascript library error event - * - * @param string The element to attach the event to - * @param string The code to execute - * @return string - */ - public function error($element = 'this', $js = '') - { - return $this->js->_error($element, $js); - } - - // -------------------------------------------------------------------- - - /** - * Focus - * - * Outputs a javascript library focus event - * - * @param string The element to attach the event to - * @param string The code to execute - * @return string - */ - public function focus($element = 'this', $js = '') - { - return $this->js->_focus($element, $js); - } - - // -------------------------------------------------------------------- - - /** - * Hover - * - * Outputs a javascript library hover event - * - * @param string - element - * @param string - Javascript code for mouse over - * @param string - Javascript code for mouse out - * @return string - */ - public function hover($element = 'this', $over = '', $out = '') - { - return $this->js->_hover($element, $over, $out); - } - - // -------------------------------------------------------------------- - - /** - * Keydown - * - * Outputs a javascript library keydown event - * - * @param string The element to attach the event to - * @param string The code to execute - * @return string - */ - public function keydown($element = 'this', $js = '') - { - return $this->js->_keydown($element, $js); - } - - // -------------------------------------------------------------------- - - /** - * Keyup - * - * Outputs a javascript library keydown event - * - * @param string The element to attach the event to - * @param string The code to execute - * @return string - */ - public function keyup($element = 'this', $js = '') - { - return $this->js->_keyup($element, $js); - } - - // -------------------------------------------------------------------- - - /** - * Load - * - * Outputs a javascript library load event - * - * @param string The element to attach the event to - * @param string The code to execute - * @return string - */ - public function load($element = 'this', $js = '') - { - return $this->js->_load($element, $js); - } - - // -------------------------------------------------------------------- - - /** - * Mousedown - * - * Outputs a javascript library mousedown event - * - * @param string The element to attach the event to - * @param string The code to execute - * @return string - */ - public function mousedown($element = 'this', $js = '') - { - return $this->js->_mousedown($element, $js); - } - - // -------------------------------------------------------------------- - - /** - * Mouse Out - * - * Outputs a javascript library mouseout event - * - * @param string The element to attach the event to - * @param string The code to execute - * @return string - */ - public function mouseout($element = 'this', $js = '') - { - return $this->js->_mouseout($element, $js); - } - - // -------------------------------------------------------------------- - - /** - * Mouse Over - * - * Outputs a javascript library mouseover event - * - * @param string The element to attach the event to - * @param string The code to execute - * @return string - */ - public function mouseover($element = 'this', $js = '') - { - return $this->js->_mouseover($element, $js); - } - - // -------------------------------------------------------------------- - - /** - * Mouseup - * - * Outputs a javascript library mouseup event - * - * @param string The element to attach the event to - * @param string The code to execute - * @return string - */ - public function mouseup($element = 'this', $js = '') - { - return $this->js->_mouseup($element, $js); - } - - // -------------------------------------------------------------------- - - /** - * Output - * - * Outputs the called javascript to the screen - * - * @param string The code to output - * @return string - */ - public function output($js) - { - return $this->js->_output($js); - } - - // -------------------------------------------------------------------- - - /** - * Ready - * - * Outputs a javascript library mouseup event - * - * @param string $js Code to execute - * @return string - */ - public function ready($js) - { - return $this->js->_document_ready($js); - } - - // -------------------------------------------------------------------- - - /** - * Resize - * - * Outputs a javascript library resize event - * - * @param string The element to attach the event to - * @param string The code to execute - * @return string - */ - public function resize($element = 'this', $js = '') - { - return $this->js->_resize($element, $js); - } - - // -------------------------------------------------------------------- - - /** - * Scroll - * - * Outputs a javascript library scroll event - * - * @param string The element to attach the event to - * @param string The code to execute - * @return string - */ - public function scroll($element = 'this', $js = '') - { - return $this->js->_scroll($element, $js); - } - - // -------------------------------------------------------------------- - - /** - * Unload - * - * Outputs a javascript library unload event - * - * @param string The element to attach the event to - * @param string The code to execute - * @return string - */ - public function unload($element = 'this', $js = '') - { - return $this->js->_unload($element, $js); - } - - // -------------------------------------------------------------------- - // Effects - // -------------------------------------------------------------------- - - /** - * Add Class - * - * Outputs a javascript library addClass event - * - * @param string - element - * @param string - Class to add - * @return string - */ - public function addClass($element = 'this', $class = '') - { - return $this->js->_addClass($element, $class); - } - - // -------------------------------------------------------------------- - - /** - * Animate - * - * Outputs a javascript library animate event - * - * @param string $element = 'this' - * @param array $params = array() - * @param mixed $speed 'slow', 'normal', 'fast', or time in milliseconds - * @param string $extra - * @return string - */ - public function animate($element = 'this', $params = array(), $speed = '', $extra = '') - { - return $this->js->_animate($element, $params, $speed, $extra); - } - - // -------------------------------------------------------------------- - - /** - * Fade In - * - * Outputs a javascript library hide event - * - * @param string - element - * @param string - One of 'slow', 'normal', 'fast', or time in milliseconds - * @param string - Javascript callback function - * @return string - */ - public function fadeIn($element = 'this', $speed = '', $callback = '') - { - return $this->js->_fadeIn($element, $speed, $callback); - } - - // -------------------------------------------------------------------- - - /** - * Fade Out - * - * Outputs a javascript library hide event - * - * @param string - element - * @param string - One of 'slow', 'normal', 'fast', or time in milliseconds - * @param string - Javascript callback function - * @return string - */ - public function fadeOut($element = 'this', $speed = '', $callback = '') - { - return $this->js->_fadeOut($element, $speed, $callback); - } - // -------------------------------------------------------------------- - - /** - * Slide Up - * - * Outputs a javascript library slideUp event - * - * @param string - element - * @param string - One of 'slow', 'normal', 'fast', or time in milliseconds - * @param string - Javascript callback function - * @return string - */ - public function slideUp($element = 'this', $speed = '', $callback = '') - { - return $this->js->_slideUp($element, $speed, $callback); - - } - - // -------------------------------------------------------------------- - - /** - * Remove Class - * - * Outputs a javascript library removeClass event - * - * @param string - element - * @param string - Class to add - * @return string - */ - public function removeClass($element = 'this', $class = '') - { - return $this->js->_removeClass($element, $class); - } - - // -------------------------------------------------------------------- - - /** - * Slide Down - * - * Outputs a javascript library slideDown event - * - * @param string - element - * @param string - One of 'slow', 'normal', 'fast', or time in milliseconds - * @param string - Javascript callback function - * @return string - */ - public function slideDown($element = 'this', $speed = '', $callback = '') - { - return $this->js->_slideDown($element, $speed, $callback); - } - - // -------------------------------------------------------------------- - - /** - * Slide Toggle - * - * Outputs a javascript library slideToggle event - * - * @param string - element - * @param string - One of 'slow', 'normal', 'fast', or time in milliseconds - * @param string - Javascript callback function - * @return string - */ - public function slideToggle($element = 'this', $speed = '', $callback = '') - { - return $this->js->_slideToggle($element, $speed, $callback); - - } - - // -------------------------------------------------------------------- - - /** - * Hide - * - * Outputs a javascript library hide action - * - * @param string - element - * @param string - One of 'slow', 'normal', 'fast', or time in milliseconds - * @param string - Javascript callback function - * @return string - */ - public function hide($element = 'this', $speed = '', $callback = '') - { - return $this->js->_hide($element, $speed, $callback); - } - - // -------------------------------------------------------------------- - - /** - * Toggle - * - * Outputs a javascript library toggle event - * - * @param string - element - * @return string - */ - public function toggle($element = 'this') - { - return $this->js->_toggle($element); - - } - - // -------------------------------------------------------------------- - - /** - * Toggle Class - * - * Outputs a javascript library toggle class event - * - * @param string $element = 'this' - * @param string $class = '' - * @return string - */ - public function toggleClass($element = 'this', $class = '') - { - return $this->js->_toggleClass($element, $class); - } - - // -------------------------------------------------------------------- - - /** - * Show - * - * Outputs a javascript library show event - * - * @param string - element - * @param string - One of 'slow', 'normal', 'fast', or time in milliseconds - * @param string - Javascript callback function - * @return string - */ - public function show($element = 'this', $speed = '', $callback = '') - { - return $this->js->_show($element, $speed, $callback); - } - - // -------------------------------------------------------------------- - - /** - * Compile - * - * gather together all script needing to be output - * - * @param string $view_var - * @param bool $script_tags - * @return string - */ - public function compile($view_var = 'script_foot', $script_tags = TRUE) - { - $this->js->_compile($view_var, $script_tags); - } - - // -------------------------------------------------------------------- - - /** - * Clear Compile - * - * Clears any previous javascript collected for output - * - * @return void - */ - public function clear_compile() - { - $this->js->_clear_compile(); - } - - // -------------------------------------------------------------------- - - /** - * External - * - * Outputs a <script> tag with the source as an external js file - * - * @param string $external_file - * @param bool $relative - * @return string - */ - public function external($external_file = '', $relative = FALSE) - { - if ($external_file !== '') - { - $this->_javascript_location = $external_file; - } - elseif ($this->CI->config->item('javascript_location') !== '') - { - $this->_javascript_location = $this->CI->config->item('javascript_location'); - } - - if ($relative === TRUE OR strpos($external_file, 'http://') === 0 OR strpos($external_file, 'https://') === 0) - { - $str = $this->_open_script($external_file); - } - elseif (strpos($this->_javascript_location, 'http://') !== FALSE) - { - $str = $this->_open_script($this->_javascript_location.$external_file); - } - else - { - $str = $this->_open_script($this->CI->config->slash_item('base_url').$this->_javascript_location.$external_file); - } - - return $str.$this->_close_script(); - } - - // -------------------------------------------------------------------- - - /** - * Inline - * - * Outputs a <script> tag - * - * @param string The element to attach the event to - * @param bool If a CDATA section should be added - * @return string - */ - public function inline($script, $cdata = TRUE) - { - return $this->_open_script() - . ($cdata ? "\n// <![CDATA[\n".$script."\n// ]]>\n" : "\n".$script."\n") - . $this->_close_script(); - } - - // -------------------------------------------------------------------- - - /** - * Open Script - * - * Outputs an opening <script> - * - * @param string - * @return string - */ - protected function _open_script($src = '') - { - return '<script type="text/javascript" charset="'.strtolower($this->CI->config->item('charset')).'"' - .($src === '' ? '>' : ' src="'.$src.'">'); - } - - // -------------------------------------------------------------------- - - /** - * Close Script - * - * Outputs an closing </script> - * - * @param string - * @return string - */ - protected function _close_script($extra = "\n") - { - return '</script>'.$extra; - } - - // -------------------------------------------------------------------- - // AJAX-Y STUFF - still a testbed - // -------------------------------------------------------------------- - - /** - * Update - * - * Outputs a javascript library slideDown event - * - * @param string - element - * @param string - One of 'slow', 'normal', 'fast', or time in milliseconds - * @param string - Javascript callback function - * @return string - */ - public function update($element = 'this', $speed = '', $callback = '') - { - return $this->js->_updater($element, $speed, $callback); - } - - // -------------------------------------------------------------------- - - /** - * Generate JSON - * - * Can be passed a database result or associative array and returns a JSON formatted string - * - * @param mixed result set or array - * @param bool match array types (defaults to objects) - * @return string a json formatted string - */ - public function generate_json($result = NULL, $match_array_type = FALSE) - { - // JSON data can optionally be passed to this function - // either as a database result object or an array, or a user supplied array - if ($result !== NULL) - { - if (is_object($result)) - { - $json_result = is_callable(array($result, 'result_array')) ? $result->result_array() : (array) $result; - } - elseif (is_array($result)) - { - $json_result = $result; - } - else - { - return $this->_prep_args($result); - } - } - else - { - return 'null'; - } - - $json = array(); - $_is_assoc = TRUE; - - if ( ! is_array($json_result) && empty($json_result)) - { - show_error('Generate JSON Failed - Illegal key, value pair.'); - } - elseif ($match_array_type) - { - $_is_assoc = $this->_is_associative_array($json_result); - } - - foreach ($json_result as $k => $v) - { - if ($_is_assoc) - { - $json[] = $this->_prep_args($k, TRUE).':'.$this->generate_json($v, $match_array_type); - } - else - { - $json[] = $this->generate_json($v, $match_array_type); - } - } - - $json = implode(',', $json); - - return $_is_assoc ? '{'.$json.'}' : '['.$json.']'; - - } - - // -------------------------------------------------------------------- - - /** - * Is associative array - * - * Checks for an associative array - * - * @param array - * @return bool - */ - protected function _is_associative_array($arr) - { - foreach (array_keys($arr) as $key => $val) - { - if ($key !== $val) - { - return TRUE; - } - } - - return FALSE; - } - - // -------------------------------------------------------------------- - - /** - * Prep Args - * - * Ensures a standard json value and escapes values - * - * @param mixed $result - * @param bool $is_key = FALSE - * @return string - */ - protected function _prep_args($result, $is_key = FALSE) - { - if ($result === NULL) - { - return 'null'; - } - elseif (is_bool($result)) - { - return ($result === TRUE) ? 'true' : 'false'; - } - elseif (is_string($result) OR $is_key) - { - return '"'.str_replace(array('\\', "\t", "\n", "\r", '"', '/'), array('\\\\', '\\t', '\\n', "\\r", '\"', '\/'), $result).'"'; - } - elseif (is_scalar($result)) - { - return $result; - } - } - -} diff --git a/system/libraries/Javascript/Jquery.php b/system/libraries/Javascript/Jquery.php deleted file mode 100644 index 11f2d2361..000000000 --- a/system/libraries/Javascript/Jquery.php +++ /dev/null @@ -1,1076 +0,0 @@ -<?php -/** - * CodeIgniter - * - * An open source application development framework for PHP - * - * This content is released under the MIT License (MIT) - * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology - * - * Permission is hereby granted, free of charge, to any person obtaining a copy - * of this software and associated documentation files (the "Software"), to deal - * in the Software without restriction, including without limitation the rights - * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell - * copies of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included in - * all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, - * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN - * THE SOFTWARE. - * - * @package CodeIgniter - * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) - * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com - * @since Version 1.0.0 - * @filesource - */ -defined('BASEPATH') OR exit('No direct script access allowed'); - -/** - * Jquery Class - * - * @package CodeIgniter - * @subpackage Libraries - * @category Loader - * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/javascript.html - */ -class CI_Jquery extends CI_Javascript { - - /** - * JavaScript directory location - * - * @var string - */ - protected $_javascript_folder = 'js'; - - /** - * JQuery code for load - * - * @var array - */ - public $jquery_code_for_load = array(); - - /** - * JQuery code for compile - * - * @var array - */ - public $jquery_code_for_compile = array(); - - /** - * JQuery corner active flag - * - * @var bool - */ - public $jquery_corner_active = FALSE; - - /** - * JQuery table sorter active flag - * - * @var bool - */ - public $jquery_table_sorter_active = FALSE; - - /** - * JQuery table sorter pager active - * - * @var bool - */ - public $jquery_table_sorter_pager_active = FALSE; - - /** - * JQuery AJAX image - * - * @var string - */ - public $jquery_ajax_img = ''; - - // -------------------------------------------------------------------- - - /** - * Constructor - * - * @param array $params - * @return void - */ - public function __construct($params) - { - $this->CI =& get_instance(); - extract($params); - - if ($autoload === TRUE) - { - $this->script(); - } - - log_message('info', 'Jquery Class Initialized'); - } - - // -------------------------------------------------------------------- - // Event Code - // -------------------------------------------------------------------- - - /** - * Blur - * - * Outputs a jQuery blur event - * - * @param string The element to attach the event to - * @param string The code to execute - * @return string - */ - protected function _blur($element = 'this', $js = '') - { - return $this->_add_event($element, $js, 'blur'); - } - - // -------------------------------------------------------------------- - - /** - * Change - * - * Outputs a jQuery change event - * - * @param string The element to attach the event to - * @param string The code to execute - * @return string - */ - protected function _change($element = 'this', $js = '') - { - return $this->_add_event($element, $js, 'change'); - } - - // -------------------------------------------------------------------- - - /** - * Click - * - * Outputs a jQuery click event - * - * @param string The element to attach the event to - * @param string The code to execute - * @param bool whether or not to return false - * @return string - */ - protected function _click($element = 'this', $js = '', $ret_false = TRUE) - { - is_array($js) OR $js = array($js); - - if ($ret_false) - { - $js[] = 'return false;'; - } - - return $this->_add_event($element, $js, 'click'); - } - - // -------------------------------------------------------------------- - - /** - * Double Click - * - * Outputs a jQuery dblclick event - * - * @param string The element to attach the event to - * @param string The code to execute - * @return string - */ - protected function _dblclick($element = 'this', $js = '') - { - return $this->_add_event($element, $js, 'dblclick'); - } - - // -------------------------------------------------------------------- - - /** - * Error - * - * Outputs a jQuery error event - * - * @param string The element to attach the event to - * @param string The code to execute - * @return string - */ - protected function _error($element = 'this', $js = '') - { - return $this->_add_event($element, $js, 'error'); - } - - // -------------------------------------------------------------------- - - /** - * Focus - * - * Outputs a jQuery focus event - * - * @param string The element to attach the event to - * @param string The code to execute - * @return string - */ - protected function _focus($element = 'this', $js = '') - { - return $this->_add_event($element, $js, 'focus'); - } - - // -------------------------------------------------------------------- - - /** - * Hover - * - * Outputs a jQuery hover event - * - * @param string - element - * @param string - Javascript code for mouse over - * @param string - Javascript code for mouse out - * @return string - */ - protected function _hover($element = 'this', $over = '', $out = '') - { - $event = "\n\t$(".$this->_prep_element($element).").hover(\n\t\tfunction()\n\t\t{\n\t\t\t{$over}\n\t\t}, \n\t\tfunction()\n\t\t{\n\t\t\t{$out}\n\t\t});\n"; - - $this->jquery_code_for_compile[] = $event; - - return $event; - } - - // -------------------------------------------------------------------- - - /** - * Keydown - * - * Outputs a jQuery keydown event - * - * @param string The element to attach the event to - * @param string The code to execute - * @return string - */ - protected function _keydown($element = 'this', $js = '') - { - return $this->_add_event($element, $js, 'keydown'); - } - - // -------------------------------------------------------------------- - - /** - * Keyup - * - * Outputs a jQuery keydown event - * - * @param string The element to attach the event to - * @param string The code to execute - * @return string - */ - protected function _keyup($element = 'this', $js = '') - { - return $this->_add_event($element, $js, 'keyup'); - } - - // -------------------------------------------------------------------- - - /** - * Load - * - * Outputs a jQuery load event - * - * @param string The element to attach the event to - * @param string The code to execute - * @return string - */ - protected function _load($element = 'this', $js = '') - { - return $this->_add_event($element, $js, 'load'); - } - - // -------------------------------------------------------------------- - - /** - * Mousedown - * - * Outputs a jQuery mousedown event - * - * @param string The element to attach the event to - * @param string The code to execute - * @return string - */ - protected function _mousedown($element = 'this', $js = '') - { - return $this->_add_event($element, $js, 'mousedown'); - } - - // -------------------------------------------------------------------- - - /** - * Mouse Out - * - * Outputs a jQuery mouseout event - * - * @param string The element to attach the event to - * @param string The code to execute - * @return string - */ - protected function _mouseout($element = 'this', $js = '') - { - return $this->_add_event($element, $js, 'mouseout'); - } - - // -------------------------------------------------------------------- - - /** - * Mouse Over - * - * Outputs a jQuery mouseover event - * - * @param string The element to attach the event to - * @param string The code to execute - * @return string - */ - protected function _mouseover($element = 'this', $js = '') - { - return $this->_add_event($element, $js, 'mouseover'); - } - - // -------------------------------------------------------------------- - - /** - * Mouseup - * - * Outputs a jQuery mouseup event - * - * @param string The element to attach the event to - * @param string The code to execute - * @return string - */ - protected function _mouseup($element = 'this', $js = '') - { - return $this->_add_event($element, $js, 'mouseup'); - } - - // -------------------------------------------------------------------- - - /** - * Output - * - * Outputs script directly - * - * @param array $array_js = array() - * @return void - */ - protected function _output($array_js = array()) - { - if ( ! is_array($array_js)) - { - $array_js = array($array_js); - } - - foreach ($array_js as $js) - { - $this->jquery_code_for_compile[] = "\t".$js."\n"; - } - } - - // -------------------------------------------------------------------- - - /** - * Resize - * - * Outputs a jQuery resize event - * - * @param string The element to attach the event to - * @param string The code to execute - * @return string - */ - protected function _resize($element = 'this', $js = '') - { - return $this->_add_event($element, $js, 'resize'); - } - - // -------------------------------------------------------------------- - - /** - * Scroll - * - * Outputs a jQuery scroll event - * - * @param string The element to attach the event to - * @param string The code to execute - * @return string - */ - protected function _scroll($element = 'this', $js = '') - { - return $this->_add_event($element, $js, 'scroll'); - } - - // -------------------------------------------------------------------- - - /** - * Unload - * - * Outputs a jQuery unload event - * - * @param string The element to attach the event to - * @param string The code to execute - * @return string - */ - protected function _unload($element = 'this', $js = '') - { - return $this->_add_event($element, $js, 'unload'); - } - - // -------------------------------------------------------------------- - // Effects - // -------------------------------------------------------------------- - - /** - * Add Class - * - * Outputs a jQuery addClass event - * - * @param string $element - * @param string $class - * @return string - */ - protected function _addClass($element = 'this', $class = '') - { - $element = $this->_prep_element($element); - return '$('.$element.').addClass("'.$class.'");'; - } - - // -------------------------------------------------------------------- - - /** - * Animate - * - * Outputs a jQuery animate event - * - * @param string $element - * @param array $params - * @param string $speed 'slow', 'normal', 'fast', or time in milliseconds - * @param string $extra - * @return string - */ - protected function _animate($element = 'this', $params = array(), $speed = '', $extra = '') - { - $element = $this->_prep_element($element); - $speed = $this->_validate_speed($speed); - - $animations = "\t\t\t"; - - foreach ($params as $param => $value) - { - $animations .= $param.": '".$value."', "; - } - - $animations = substr($animations, 0, -2); // remove the last ", " - - if ($speed !== '') - { - $speed = ', '.$speed; - } - - if ($extra !== '') - { - $extra = ', '.$extra; - } - - return "$({$element}).animate({\n$animations\n\t\t}".$speed.$extra.');'; - } - - // -------------------------------------------------------------------- - - /** - * Fade In - * - * Outputs a jQuery hide event - * - * @param string - element - * @param string - One of 'slow', 'normal', 'fast', or time in milliseconds - * @param string - Javascript callback function - * @return string - */ - protected function _fadeIn($element = 'this', $speed = '', $callback = '') - { - $element = $this->_prep_element($element); - $speed = $this->_validate_speed($speed); - - if ($callback !== '') - { - $callback = ", function(){\n{$callback}\n}"; - } - - return "$({$element}).fadeIn({$speed}{$callback});"; - } - - // -------------------------------------------------------------------- - - /** - * Fade Out - * - * Outputs a jQuery hide event - * - * @param string - element - * @param string - One of 'slow', 'normal', 'fast', or time in milliseconds - * @param string - Javascript callback function - * @return string - */ - protected function _fadeOut($element = 'this', $speed = '', $callback = '') - { - $element = $this->_prep_element($element); - $speed = $this->_validate_speed($speed); - - if ($callback !== '') - { - $callback = ", function(){\n{$callback}\n}"; - } - - return '$('.$element.').fadeOut('.$speed.$callback.');'; - } - - // -------------------------------------------------------------------- - - /** - * Hide - * - * Outputs a jQuery hide action - * - * @param string - element - * @param string - One of 'slow', 'normal', 'fast', or time in milliseconds - * @param string - Javascript callback function - * @return string - */ - protected function _hide($element = 'this', $speed = '', $callback = '') - { - $element = $this->_prep_element($element); - $speed = $this->_validate_speed($speed); - - if ($callback !== '') - { - $callback = ", function(){\n{$callback}\n}"; - } - - return "$({$element}).hide({$speed}{$callback});"; - } - - // -------------------------------------------------------------------- - - /** - * Remove Class - * - * Outputs a jQuery remove class event - * - * @param string $element - * @param string $class - * @return string - */ - protected function _removeClass($element = 'this', $class = '') - { - $element = $this->_prep_element($element); - return '$('.$element.').removeClass("'.$class.'");'; - } - - // -------------------------------------------------------------------- - - /** - * Slide Up - * - * Outputs a jQuery slideUp event - * - * @param string - element - * @param string - One of 'slow', 'normal', 'fast', or time in milliseconds - * @param string - Javascript callback function - * @return string - */ - protected function _slideUp($element = 'this', $speed = '', $callback = '') - { - $element = $this->_prep_element($element); - $speed = $this->_validate_speed($speed); - - if ($callback !== '') - { - $callback = ", function(){\n{$callback}\n}"; - } - - return '$('.$element.').slideUp('.$speed.$callback.');'; - } - - // -------------------------------------------------------------------- - - /** - * Slide Down - * - * Outputs a jQuery slideDown event - * - * @param string - element - * @param string - One of 'slow', 'normal', 'fast', or time in milliseconds - * @param string - Javascript callback function - * @return string - */ - protected function _slideDown($element = 'this', $speed = '', $callback = '') - { - $element = $this->_prep_element($element); - $speed = $this->_validate_speed($speed); - - if ($callback !== '') - { - $callback = ", function(){\n{$callback}\n}"; - } - - return '$('.$element.').slideDown('.$speed.$callback.');'; - } - - // -------------------------------------------------------------------- - - /** - * Slide Toggle - * - * Outputs a jQuery slideToggle event - * - * @param string - element - * @param string - One of 'slow', 'normal', 'fast', or time in milliseconds - * @param string - Javascript callback function - * @return string - */ - protected function _slideToggle($element = 'this', $speed = '', $callback = '') - { - $element = $this->_prep_element($element); - $speed = $this->_validate_speed($speed); - - if ($callback !== '') - { - $callback = ", function(){\n{$callback}\n}"; - } - - return '$('.$element.').slideToggle('.$speed.$callback.');'; - } - - // -------------------------------------------------------------------- - - /** - * Toggle - * - * Outputs a jQuery toggle event - * - * @param string - element - * @return string - */ - protected function _toggle($element = 'this') - { - $element = $this->_prep_element($element); - return '$('.$element.').toggle();'; - } - - // -------------------------------------------------------------------- - - /** - * Toggle Class - * - * Outputs a jQuery toggle class event - * - * @param string $element - * @param string $class - * @return string - */ - protected function _toggleClass($element = 'this', $class = '') - { - $element = $this->_prep_element($element); - return '$('.$element.').toggleClass("'.$class.'");'; - } - - // -------------------------------------------------------------------- - - /** - * Show - * - * Outputs a jQuery show event - * - * @param string - element - * @param string - One of 'slow', 'normal', 'fast', or time in milliseconds - * @param string - Javascript callback function - * @return string - */ - protected function _show($element = 'this', $speed = '', $callback = '') - { - $element = $this->_prep_element($element); - $speed = $this->_validate_speed($speed); - - if ($callback !== '') - { - $callback = ", function(){\n{$callback}\n}"; - } - - return '$('.$element.').show('.$speed.$callback.');'; - } - - // -------------------------------------------------------------------- - - /** - * Updater - * - * An Ajax call that populates the designated DOM node with - * returned content - * - * @param string The element to attach the event to - * @param string the controller to run the call against - * @param string optional parameters - * @return string - */ - - protected function _updater($container = 'this', $controller = '', $options = '') - { - $container = $this->_prep_element($container); - $controller = (strpos('://', $controller) === FALSE) ? $controller : $this->CI->config->site_url($controller); - - // ajaxStart and ajaxStop are better choices here... but this is a stop gap - if ($this->CI->config->item('javascript_ajax_img') === '') - { - $loading_notifier = 'Loading...'; - } - else - { - $loading_notifier = '<img src="'.$this->CI->config->slash_item('base_url').$this->CI->config->item('javascript_ajax_img').'" alt="Loading" />'; - } - - $updater = '$('.$container.").empty();\n" // anything that was in... get it out - ."\t\t$(".$container.').prepend("'.$loading_notifier."\");\n"; // to replace with an image - - $request_options = ''; - if ($options !== '') - { - $request_options .= ', {' - .(is_array($options) ? "'".implode("', '", $options)."'" : "'".str_replace(':', "':'", $options)."'") - .'}'; - } - - return $updater."\t\t$($container).load('$controller'$request_options);"; - } - - // -------------------------------------------------------------------- - // Pre-written handy stuff - // -------------------------------------------------------------------- - - /** - * Zebra tables - * - * @param string $class - * @param string $odd - * @param string $hover - * @return string - */ - protected function _zebraTables($class = '', $odd = 'odd', $hover = '') - { - $class = ($class !== '') ? '.'.$class : ''; - $zebra = "\t\$(\"table{$class} tbody tr:nth-child(even)\").addClass(\"{$odd}\");"; - - $this->jquery_code_for_compile[] = $zebra; - - if ($hover !== '') - { - $hover = $this->hover("table{$class} tbody tr", "$(this).addClass('hover');", "$(this).removeClass('hover');"); - } - - return $zebra; - } - - // -------------------------------------------------------------------- - // Plugins - // -------------------------------------------------------------------- - - /** - * Corner Plugin - * - * @link http://www.malsup.com/jquery/corner/ - * @param string $element - * @param string $corner_style - * @return string - */ - public function corner($element = '', $corner_style = '') - { - // may want to make this configurable down the road - $corner_location = '/plugins/jquery.corner.js'; - - if ($corner_style !== '') - { - $corner_style = '"'.$corner_style.'"'; - } - - return '$('.$this->_prep_element($element).').corner('.$corner_style.');'; - } - - // -------------------------------------------------------------------- - - /** - * Modal window - * - * Load a thickbox modal window - * - * @param string $src - * @param bool $relative - * @return void - */ - public function modal($src, $relative = FALSE) - { - $this->jquery_code_for_load[] = $this->external($src, $relative); - } - - // -------------------------------------------------------------------- - - /** - * Effect - * - * Load an Effect library - * - * @param string $src - * @param bool $relative - * @return void - */ - public function effect($src, $relative = FALSE) - { - $this->jquery_code_for_load[] = $this->external($src, $relative); - } - - // -------------------------------------------------------------------- - - /** - * Plugin - * - * Load a plugin library - * - * @param string $src - * @param bool $relative - * @return void - */ - public function plugin($src, $relative = FALSE) - { - $this->jquery_code_for_load[] = $this->external($src, $relative); - } - - // -------------------------------------------------------------------- - - /** - * UI - * - * Load a user interface library - * - * @param string $src - * @param bool $relative - * @return void - */ - public function ui($src, $relative = FALSE) - { - $this->jquery_code_for_load[] = $this->external($src, $relative); - } - - // -------------------------------------------------------------------- - - /** - * Sortable - * - * Creates a jQuery sortable - * - * @param string $element - * @param array $options - * @return string - */ - public function sortable($element, $options = array()) - { - if (count($options) > 0) - { - $sort_options = array(); - foreach ($options as $k=>$v) - { - $sort_options[] = "\n\t\t".$k.': '.$v; - } - $sort_options = implode(',', $sort_options); - } - else - { - $sort_options = ''; - } - - return '$('.$this->_prep_element($element).').sortable({'.$sort_options."\n\t});"; - } - - // -------------------------------------------------------------------- - - /** - * Table Sorter Plugin - * - * @param string table name - * @param string plugin location - * @return string - */ - public function tablesorter($table = '', $options = '') - { - $this->jquery_code_for_compile[] = "\t$(".$this->_prep_element($table).').tablesorter('.$options.");\n"; - } - - // -------------------------------------------------------------------- - // Class functions - // -------------------------------------------------------------------- - - /** - * Add Event - * - * Constructs the syntax for an event, and adds to into the array for compilation - * - * @param string The element to attach the event to - * @param string The code to execute - * @param string The event to pass - * @return string - */ - protected function _add_event($element, $js, $event) - { - if (is_array($js)) - { - $js = implode("\n\t\t", $js); - } - - $event = "\n\t$(".$this->_prep_element($element).').'.$event."(function(){\n\t\t{$js}\n\t});\n"; - $this->jquery_code_for_compile[] = $event; - return $event; - } - - // -------------------------------------------------------------------- - - /** - * Compile - * - * As events are specified, they are stored in an array - * This function compiles them all for output on a page - * - * @param string $view_var - * @param bool $script_tags - * @return void - */ - protected function _compile($view_var = 'script_foot', $script_tags = TRUE) - { - // External references - $external_scripts = implode('', $this->jquery_code_for_load); - $this->CI->load->vars(array('library_src' => $external_scripts)); - - if (count($this->jquery_code_for_compile) === 0) - { - // no inline references, let's just return - return; - } - - // Inline references - $script = '$(document).ready(function() {'."\n" - .implode('', $this->jquery_code_for_compile) - .'});'; - - $output = ($script_tags === FALSE) ? $script : $this->inline($script); - - $this->CI->load->vars(array($view_var => $output)); - } - - // -------------------------------------------------------------------- - - /** - * Clear Compile - * - * Clears the array of script events collected for output - * - * @return void - */ - protected function _clear_compile() - { - $this->jquery_code_for_compile = array(); - } - - // -------------------------------------------------------------------- - - /** - * Document Ready - * - * A wrapper for writing document.ready() - * - * @param array $js - * @return void - */ - protected function _document_ready($js) - { - is_array($js) OR $js = array($js); - - foreach ($js as $script) - { - $this->jquery_code_for_compile[] = $script; - } - } - - // -------------------------------------------------------------------- - - /** - * Script Tag - * - * Outputs the script tag that loads the jquery.js file into an HTML document - * - * @param string $library_src - * @param bool $relative - * @return string - */ - public function script($library_src = '', $relative = FALSE) - { - $library_src = $this->external($library_src, $relative); - $this->jquery_code_for_load[] = $library_src; - return $library_src; - } - - // -------------------------------------------------------------------- - - /** - * Prep Element - * - * Puts HTML element in quotes for use in jQuery code - * unless the supplied element is the Javascript 'this' - * object, in which case no quotes are added - * - * @param string - * @return string - */ - protected function _prep_element($element) - { - if ($element !== 'this') - { - $element = '"'.$element.'"'; - } - - return $element; - } - - // -------------------------------------------------------------------- - - /** - * Validate Speed - * - * Ensures the speed parameter is valid for jQuery - * - * @param string - * @return string - */ - protected function _validate_speed($speed) - { - if (in_array($speed, array('slow', 'normal', 'fast'))) - { - return '"'.$speed.'"'; - } - elseif (preg_match('/[^0-9]/', $speed)) - { - return ''; - } - - return $speed; - } - -} diff --git a/system/libraries/Javascript/index.html b/system/libraries/Javascript/index.html deleted file mode 100644 index b702fbc39..000000000 --- a/system/libraries/Javascript/index.html +++ /dev/null @@ -1,11 +0,0 @@ -<!DOCTYPE html> -<html> -<head> - <title>403 Forbidden</title> -</head> -<body> - -<p>Directory access is forbidden.</p> - -</body> -</html> diff --git a/system/libraries/Migration.php b/system/libraries/Migration.php index 45a3cbbce..2a87d9d7c 100644 --- a/system/libraries/Migration.php +++ b/system/libraries/Migration.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -96,9 +96,9 @@ class CI_Migration { /** * Migration basename regex * - * @var bool + * @var string */ - protected $_migration_regex = NULL; + protected $_migration_regex; /** * Error message @@ -217,31 +217,66 @@ class CI_Migration { if ($target_version > $current_version) { - // Moving Up $method = 'up'; } - else + elseif ($target_version < $current_version) { - // Moving Down, apply in reverse order $method = 'down'; + // We need this so that migrations are applied in reverse order krsort($migrations); } - - if (empty($migrations)) + else { + // Well, there's nothing to migrate then ... return TRUE; } - $previous = FALSE; - - // Validate all available migrations, and run the ones within our target range + // Validate all available migrations within our target range. + // + // Unfortunately, we'll have to use another loop to run them + // in order to avoid leaving the procedure in a broken state. + // + // See https://github.com/bcit-ci/CodeIgniter/issues/4539 + $pending = array(); foreach ($migrations as $number => $file) { + // Ignore versions out of our range. + // + // Because we've previously sorted the $migrations array depending on the direction, + // we can safely break the loop once we reach $target_version ... + if ($method === 'up') + { + if ($number <= $current_version) + { + continue; + } + elseif ($number > $target_version) + { + break; + } + } + else + { + if ($number > $current_version) + { + continue; + } + elseif ($number <= $target_version) + { + break; + } + } + // Check for sequence gaps - if ($this->_migration_type === 'sequential' && $previous !== FALSE && abs($number - $previous) > 1) + if ($this->_migration_type === 'sequential') { - $this->_error_string = sprintf($this->lang->line('migration_sequence_gap'), $number); - return FALSE; + if (isset($previous) && abs($number - $previous) > 1) + { + $this->_error_string = sprintf($this->lang->line('migration_sequence_gap'), $number); + return FALSE; + } + + $previous = $number; } include_once($file); @@ -253,27 +288,24 @@ class CI_Migration { $this->_error_string = sprintf($this->lang->line('migration_class_doesnt_exist'), $class); return FALSE; } + elseif ( ! is_callable(array($class, $method))) + { + $this->_error_string = sprintf($this->lang->line('migration_missing_'.$method.'_method'), $class); + return FALSE; + } - $previous = $number; + $pending[$number] = array($class, $method); + } - // Run migrations that are inside the target range - if ( - ($method === 'up' && $number > $current_version && $number <= $target_version) OR - ($method === 'down' && $number <= $current_version && $number > $target_version) - ) - { - $instance = new $class(); - if ( ! is_callable(array($instance, $method))) - { - $this->_error_string = sprintf($this->lang->line('migration_missing_'.$method.'_method'), $class); - return FALSE; - } + // Now just run the necessary migrations + foreach ($pending as $number => $migration) + { + log_message('debug', 'Migrating '.$method.' from version '.$current_version.' to version '.$number); - log_message('debug', 'Migrating '.$method.' from version '.$current_version.' to version '.$number); - call_user_func(array($instance, $method)); - $current_version = $number; - $this->_update_version($current_version); - } + $migration[0] = new $migration[0]; + call_user_func($migration); + $current_version = $number; + $this->_update_version($current_version); } // This is necessary when moving down, since the the last migration applied @@ -285,7 +317,6 @@ class CI_Migration { } log_message('debug', 'Finished migrating to '.$current_version); - return $current_version; } diff --git a/system/libraries/Pagination.php b/system/libraries/Pagination.php index 5b3aa01f4..f26f8a4ed 100644 --- a/system/libraries/Pagination.php +++ b/system/libraries/Pagination.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Pagination * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/pagination.html + * @link https://codeigniter.com/user_guide/libraries/pagination.html */ class CI_Pagination { @@ -428,7 +428,7 @@ class CI_Pagination { { $get = $this->CI->input->get(); - // Unset the controll, method, old-school routing options + // Unset the control, method, old-school routing options unset($get['c'], $get['m'], $get[$this->query_string_segment]); } else @@ -497,7 +497,7 @@ class CI_Pagination { { $this->cur_page = $this->CI->input->get($this->query_string_segment); } - else + elseif (empty($this->cur_page)) { // Default to the last segment number if one hasn't been defined. if ($this->uri_segment === 0) @@ -513,6 +513,10 @@ class CI_Pagination { $this->cur_page = str_replace(array($this->prefix, $this->suffix), '', $this->cur_page); } } + else + { + $this->cur_page = (string) $this->cur_page; + } // If something isn't quite right, back to the default base page. if ( ! ctype_digit($this->cur_page) OR ($this->use_page_numbers && (int) $this->cur_page === 0)) @@ -571,7 +575,7 @@ class CI_Pagination { { $i = ($this->use_page_numbers) ? $uri_page_number - 1 : $uri_page_number - $this->per_page; - $attributes = sprintf('%s %s="%d"', $this->_attributes, $this->data_page_attr, (int) $i); + $attributes = sprintf('%s %s="%d"', $this->_attributes, $this->data_page_attr, ($this->cur_page - 1)); if ($i === $base_page) { @@ -592,11 +596,11 @@ class CI_Pagination { if ($this->display_pages !== FALSE) { // Write the digit links - for ($loop = $start -1; $loop <= $end; $loop++) + for ($loop = $start - 1; $loop <= $end; $loop++) { $i = ($this->use_page_numbers) ? $loop : ($loop * $this->per_page) - $this->per_page; - $attributes = sprintf('%s %s="%d"', $this->_attributes, $this->data_page_attr, (int) $i); + $attributes = sprintf('%s %s="%d"', $this->_attributes, $this->data_page_attr, $loop); if ($i >= $base_page) { @@ -614,7 +618,7 @@ class CI_Pagination { else { $append = $this->prefix.$i.$this->suffix; - $output .= $this->num_tag_open.'<a href="'.$base_url.$append.'"'.$attributes.$this->_attr_rel('start').'>' + $output .= $this->num_tag_open.'<a href="'.$base_url.$append.'"'.$attributes.'>' .$loop.'</a>'.$this->num_tag_close; } } @@ -626,7 +630,7 @@ class CI_Pagination { { $i = ($this->use_page_numbers) ? $this->cur_page + 1 : $this->cur_page * $this->per_page; - $attributes = sprintf('%s %s="%d"', $this->_attributes, $this->data_page_attr, (int) $i); + $attributes = sprintf('%s %s="%d"', $this->_attributes, $this->data_page_attr, $this->cur_page + 1); $output .= $this->next_tag_open.'<a href="'.$base_url.$this->prefix.$i.$this->suffix.'"'.$attributes .$this->_attr_rel('next').'>'.$this->next_link.'</a>'.$this->next_tag_close; @@ -637,7 +641,7 @@ class CI_Pagination { { $i = ($this->use_page_numbers) ? $num_pages : ($num_pages * $this->per_page) - $this->per_page; - $attributes = sprintf('%s %s="%d"', $this->_attributes, $this->data_page_attr, (int) $i); + $attributes = sprintf('%s %s="%d"', $this->_attributes, $this->data_page_attr, $num_pages); $output .= $this->last_tag_open.'<a href="'.$base_url.$this->prefix.$i.$this->suffix.'"'.$attributes.'>' .$this->last_link.'</a>'.$this->last_tag_close; diff --git a/system/libraries/Parser.php b/system/libraries/Parser.php index 57981af95..fdd958b22 100644 --- a/system/libraries/Parser.php +++ b/system/libraries/Parser.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Parser * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/parser.html + * @link https://codeigniter.com/user_guide/libraries/parser.html */ class CI_Parser { diff --git a/system/libraries/Profiler.php b/system/libraries/Profiler.php index 1e464d8b0..e9e03cfe0 100644 --- a/system/libraries/Profiler.php +++ b/system/libraries/Profiler.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -50,7 +50,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Libraries * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/general/profiling.html + * @link https://codeigniter.com/user_guide/general/profiling.html */ class CI_Profiler { @@ -314,12 +314,14 @@ class CI_Profiler { foreach ($_GET as $key => $val) { - is_int($key) OR $key = "'".$key."'"; + is_int($key) OR $key = "'".htmlspecialchars($key, ENT_QUOTES, config_item('charset'))."'"; + $val = (is_array($val) OR is_object($val)) + ? '<pre>'.htmlspecialchars(print_r($val, TRUE), ENT_QUOTES, config_item('charset')) + : htmlspecialchars($val, ENT_QUOTES, config_item('charset')); $output .= '<tr><td style="width:50%;color:#000;background-color:#ddd;padding:5px;">$_GET[' .$key.'] </td><td style="width:50%;padding:5px;color:#cd6e00;font-weight:normal;background-color:#ddd;">' - .((is_array($val) OR is_object($val)) ? '<pre>'.htmlspecialchars(stripslashes(print_r($val, TRUE))).'</pre>' : htmlspecialchars(stripslashes($val))) - ."</td></tr>\n"; + .$val."</td></tr>\n"; } $output .= "</table>\n"; @@ -352,36 +354,26 @@ class CI_Profiler { foreach ($_POST as $key => $val) { - is_int($key) OR $key = "'".$key."'"; + is_int($key) OR $key = "'".htmlspecialchars($key, ENT_QUOTES, config_item('charset'))."'"; + $val = (is_array($val) OR is_object($val)) + ? '<pre>'.htmlspecialchars(print_r($val, TRUE), ENT_QUOTES, config_item('charset')) + : htmlspecialchars($val, ENT_QUOTES, config_item('charset')); $output .= '<tr><td style="width:50%;padding:5px;color:#000;background-color:#ddd;">$_POST[' - .$key.'] </td><td style="width:50%;padding:5px;color:#009900;font-weight:normal;background-color:#ddd;">'; - - if (is_array($val) OR is_object($val)) - { - $output .= '<pre>'.htmlspecialchars(stripslashes(print_r($val, TRUE))).'</pre>'; - } - else - { - $output .= htmlspecialchars(stripslashes($val)); - } - - $output .= "</td></tr>\n"; + .$key.'] </td><td style="width:50%;padding:5px;color:#009900;font-weight:normal;background-color:#ddd;">' + .$val."</td></tr>\n"; } foreach ($_FILES as $key => $val) { - is_int($key) OR $key = "'".$key."'"; + is_int($key) OR $key = "'".htmlspecialchars($key, ENT_QUOTES, config_item('charset'))."'"; + $val = (is_array($val) OR is_object($val)) + ? '<pre>'.htmlspecialchars(print_r($val, TRUE), ENT_QUOTES, config_item('charset')) + : htmlspecialchars($val, ENT_QUOTES, config_item('charset')); $output .= '<tr><td style="width:50%;padding:5px;color:#000;background-color:#ddd;">$_FILES[' - .$key.'] </td><td style="width:50%;padding:5px;color:#009900;font-weight:normal;background-color:#ddd;">'; - - if (is_array($val) OR is_object($val)) - { - $output .= '<pre>'.htmlspecialchars(stripslashes(print_r($val, TRUE))).'</pre>'; - } - - $output .= "</td></tr>\n"; + .$key.'] </td><td style="width:50%;padding:5px;color:#009900;font-weight:normal;background-color:#ddd;">' + .$val."</td></tr>\n"; } $output .= "</table>\n"; @@ -465,7 +457,7 @@ class CI_Profiler { foreach (array('HTTP_ACCEPT', 'HTTP_USER_AGENT', 'HTTP_CONNECTION', 'SERVER_PORT', 'SERVER_NAME', 'REMOTE_ADDR', 'SERVER_SOFTWARE', 'HTTP_ACCEPT_LANGUAGE', 'SCRIPT_NAME', 'REQUEST_METHOD',' HTTP_HOST', 'REMOTE_HOST', 'CONTENT_TYPE', 'SERVER_PROTOCOL', 'QUERY_STRING', 'HTTP_ACCEPT_ENCODING', 'HTTP_X_FORWARDED_FOR', 'HTTP_DNT') as $header) { - $val = isset($_SERVER[$header]) ? $_SERVER[$header] : ''; + $val = isset($_SERVER[$header]) ? htmlspecialchars($_SERVER[$header], ENT_QUOTES, config_item('charset')) : ''; $output .= '<tr><td style="vertical-align:top;width:50%;padding:5px;color:#900;background-color:#ddd;">' .$header.' </td><td style="width:50%;padding:5px;color:#000;background-color:#ddd;">'.$val."</td></tr>\n"; } diff --git a/system/libraries/Session/Session.php b/system/libraries/Session/Session.php index 05a470d86..3e4865cd1 100644 --- a/system/libraries/Session/Session.php +++ b/system/libraries/Session/Session.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 2.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Sessions * @author Andrey Andreev - * @link http://codeigniter.com/user_guide/libraries/sessions.html + * @link https://codeigniter.com/user_guide/libraries/sessions.html */ class CI_Session { @@ -57,6 +57,7 @@ class CI_Session { protected $_driver = 'files'; protected $_config; + protected $_sid_regexp; // ------------------------------------------------------------------------ @@ -91,6 +92,7 @@ class CI_Session { // Note: BC workaround elseif (config_item('sess_use_database')) { + log_message('debug', 'Session: "sess_driver" is empty; using BC fallback to "sess_use_database".'); $this->_driver = 'database'; } @@ -98,27 +100,12 @@ class CI_Session { // Configuration ... $this->_configure($params); + $this->_config['_sid_regexp'] = $this->_sid_regexp; $class = new $class($this->_config); if ($class instanceof SessionHandlerInterface) { - if (is_php('5.4')) - { - session_set_save_handler($class, TRUE); - } - else - { - session_set_save_handler( - array($class, 'open'), - array($class, 'close'), - array($class, 'read'), - array($class, 'write'), - array($class, 'destroy'), - array($class, 'gc') - ); - - register_shutdown_function('session_write_close'); - } + session_set_save_handler($class, TRUE); } else { @@ -130,7 +117,7 @@ class CI_Session { if (isset($_COOKIE[$this->_config['cookie_name']]) && ( ! is_string($_COOKIE[$this->_config['cookie_name']]) - OR ! preg_match('/^[0-9a-f]{40}$/', $_COOKIE[$this->_config['cookie_name']]) + OR ! preg_match('#\A'.$this->_sid_regexp.'\z#', $_COOKIE[$this->_config['cookie_name']]) ) ) { @@ -187,9 +174,6 @@ class CI_Session { */ protected function _ci_load_classes($driver) { - // PHP 5.4 compatibility - interface_exists('SessionHandlerInterface', FALSE) OR require_once(BASEPATH.'libraries/Session/SessionHandlerInterface.php'); - $prefix = config_item('subclass_prefix'); if ( ! class_exists('CI_Session_driver', FALSE)) @@ -231,7 +215,7 @@ class CI_Session { } } - if ( ! class_exists($prefix.$class) && file_exists($file_path = APPPATH.'libraries/Session/drivers/'.$prefix.$class.'.php')) + if ( ! class_exists($prefix.$class, FALSE) && file_exists($file_path = APPPATH.'libraries/Session/drivers/'.$prefix.$class.'.php')) { require_once($file_path); if (class_exists($prefix.$class, FALSE)) @@ -314,8 +298,82 @@ class CI_Session { ini_set('session.use_strict_mode', 1); ini_set('session.use_cookies', 1); ini_set('session.use_only_cookies', 1); - ini_set('session.hash_function', 1); - ini_set('session.hash_bits_per_character', 4); + + $this->_configure_sid_length(); + } + + // ------------------------------------------------------------------------ + + /** + * Configure session ID length + * + * To make life easier, we used to force SHA-1 and 4 bits per + * character on everyone. And of course, someone was unhappy. + * + * Then PHP 7.1 broke backwards-compatibility because ext/session + * is such a mess that nobody wants to touch it with a pole stick, + * and the one guy who does, nobody has the energy to argue with. + * + * So we were forced to make changes, and OF COURSE something was + * going to break and now we have this pile of shit. -- Narf + * + * @return void + */ + protected function _configure_sid_length() + { + if (PHP_VERSION_ID < 70100) + { + $hash_function = ini_get('session.hash_function'); + if (ctype_digit($hash_function)) + { + if ($hash_function !== '1') + { + ini_set('session.hash_function', 1); + } + + $bits = 160; + } + elseif ( ! in_array($hash_function, hash_algos(), TRUE)) + { + ini_set('session.hash_function', 1); + $bits = 160; + } + elseif (($bits = strlen(hash($hash_function, 'dummy', false)) * 4) < 160) + { + ini_set('session.hash_function', 1); + $bits = 160; + } + + $bits_per_character = (int) ini_get('session.hash_bits_per_character'); + $sid_length = (int) ceil($bits / $bits_per_character); + } + else + { + $bits_per_character = (int) ini_get('session.sid_bits_per_character'); + $sid_length = (int) ini_get('session.sid_length'); + if (($bits = $sid_length * $bits_per_character) < 160) + { + // Add as many more characters as necessary to reach at least 160 bits + $sid_length += (int) ceil((160 % $bits) / $bits_per_character); + ini_set('session.sid_length', $sid_length); + } + } + + // Yes, 4,5,6 are the only known possible values as of 2016-10-27 + switch ($bits_per_character) + { + case 4: + $this->_sid_regexp = '[0-9a-f]'; + break; + case 5: + $this->_sid_regexp = '[0-9a-v]'; + break; + case 6: + $this->_sid_regexp = '[0-9a-zA-Z,-]'; + break; + } + + $this->_sid_regexp .= '{'.$sid_length.'}'; } // ------------------------------------------------------------------------ @@ -584,6 +642,24 @@ class CI_Session { // ------------------------------------------------------------------------ /** + * __isset() + * + * @param string $key 'session_id' or a session data key + * @return bool + */ + public function __isset($key) + { + if ($key === 'session_id') + { + return (session_status() === PHP_SESSION_ACTIVE); + } + + return isset($_SESSION[$key]); + } + + // ------------------------------------------------------------------------ + + /** * __set() * * @param string $key Session data key @@ -711,7 +787,7 @@ class CI_Session { * * Legacy CI_Session compatibility method * - * @param mixed $data Session data key(s) + * @param mixed $key Session data key(s) * @return void */ public function unset_userdata($key) diff --git a/system/libraries/Session/SessionHandlerInterface.php b/system/libraries/Session/SessionHandlerInterface.php deleted file mode 100644 index 9dab5ac07..000000000 --- a/system/libraries/Session/SessionHandlerInterface.php +++ /dev/null @@ -1,59 +0,0 @@ -<?php -/** - * CodeIgniter - * - * An open source application development framework for PHP - * - * This content is released under the MIT License (MIT) - * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology - * - * Permission is hereby granted, free of charge, to any person obtaining a copy - * of this software and associated documentation files (the "Software"), to deal - * in the Software without restriction, including without limitation the rights - * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell - * copies of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included in - * all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, - * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN - * THE SOFTWARE. - * - * @package CodeIgniter - * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) - * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com - * @since Version 3.0.0 - * @filesource - */ -defined('BASEPATH') OR exit('No direct script access allowed'); - -/** - * SessionHandlerInterface - * - * PHP 5.4 compatibility interface - * - * @package CodeIgniter - * @subpackage Libraries - * @category Sessions - * @author Andrey Andreev - * @link http://codeigniter.com/user_guide/libraries/sessions.html - */ -interface SessionHandlerInterface { - - public function open($save_path, $name); - public function close(); - public function read($session_id); - public function write($session_id, $session_data); - public function destroy($session_id); - public function gc($maxlifetime); -} diff --git a/system/libraries/Session/Session_driver.php b/system/libraries/Session/Session_driver.php index 47376da5b..f32f14ae0 100644 --- a/system/libraries/Session/Session_driver.php +++ b/system/libraries/Session/Session_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Sessions * @author Andrey Andreev - * @link http://codeigniter.com/user_guide/libraries/sessions.html + * @link https://codeigniter.com/user_guide/libraries/sessions.html */ abstract class CI_Session_driver implements SessionHandlerInterface { @@ -74,6 +74,18 @@ abstract class CI_Session_driver implements SessionHandlerInterface { */ protected $_session_id; + /** + * Success and failure return values + * + * Necessary due to a bug in all PHP 5 versions where return values + * from userspace handlers are not handled properly. PHP 7 fixes the + * bug, so we need to return different values depending on the version. + * + * @see https://wiki.php.net/rfc/session.user.return-value + * @var mixed + */ + protected $_success, $_failure; + // ------------------------------------------------------------------------ /** @@ -85,6 +97,17 @@ abstract class CI_Session_driver implements SessionHandlerInterface { public function __construct(&$params) { $this->_config =& $params; + + if (is_php('7')) + { + $this->_success = TRUE; + $this->_failure = FALSE; + } + else + { + $this->_success = 0; + $this->_failure = -1; + } } // ------------------------------------------------------------------------ @@ -145,4 +168,24 @@ abstract class CI_Session_driver implements SessionHandlerInterface { return TRUE; } + // ------------------------------------------------------------------------ + + /** + * Fail + * + * Drivers other than the 'files' one don't (need to) use the + * session.save_path INI setting, but that leads to confusing + * error messages emitted by PHP when open() or write() fail, + * as the message contains session.save_path ... + * To work around the problem, the drivers will call this method + * so that the INI is set just in time for the error message to + * be properly generated. + * + * @return mixed + */ + protected function _fail() + { + ini_set('session.save_path', config_item('sess_save_path')); + return $this->_failure; + } } diff --git a/system/libraries/Session/drivers/Session_database_driver.php b/system/libraries/Session/drivers/Session_database_driver.php index 1d01c2923..31f5a4663 100644 --- a/system/libraries/Session/drivers/Session_database_driver.php +++ b/system/libraries/Session/drivers/Session_database_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Sessions * @author Andrey Andreev - * @link http://codeigniter.com/user_guide/libraries/sessions.html + * @link https://codeigniter.com/user_guide/libraries/sessions.html */ class CI_Session_database_driver extends CI_Session_driver implements SessionHandlerInterface { @@ -109,7 +109,10 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan } // Note: BC work-around for the old 'sess_table_name' setting, should be removed in the future. - isset($this->_config['save_path']) OR $this->_config['save_path'] = config_item('sess_table_name'); + if ( ! isset($this->_config['save_path']) && ($this->_config['save_path'] = config_item('sess_table_name'))) + { + log_message('debug', 'Session: "sess_save_path" is empty; using BC fallback to "sess_table_name".'); + } } // ------------------------------------------------------------------------ @@ -125,9 +128,12 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan */ public function open($save_path, $name) { - return empty($this->_db->conn_id) - ? (bool) $this->_db->db_connect() - : TRUE; + if (empty($this->_db->conn_id) && ! $this->_db->db_connect()) + { + return $this->_fail(); + } + + return $this->_success; } // ------------------------------------------------------------------------ @@ -144,6 +150,9 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan { if ($this->_get_lock($session_id) !== FALSE) { + // Prevent previous QB calls from messing with our queries + $this->_db->reset_query(); + // Needed by write() to detect session_regenerate_id() calls $this->_session_id = $session_id; @@ -157,8 +166,12 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan $this->_db->where('ip_address', $_SERVER['REMOTE_ADDR']); } - if (($result = $this->_db->get()->row()) === NULL) + if ( ! ($result = $this->_db->get()) OR ($result = $result->row()) === NULL) { + // PHP7 will reuse the same SessionHandler object after + // ID regeneration, so we need to explicitly set this to + // FALSE instead of relying on the default ... + $this->_row_exists = FALSE; $this->_fingerprint = md5(''); return ''; } @@ -192,21 +205,24 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan */ public function write($session_id, $session_data) { + // Prevent previous QB calls from messing with our queries + $this->_db->reset_query(); + + if ($this->_lock === FALSE) + { + return $this->_fail(); + } // Was the ID regenerated? - if ($session_id !== $this->_session_id) + elseif ($session_id !== $this->_session_id) { if ( ! $this->_release_lock() OR ! $this->_get_lock($session_id)) { - return FALSE; + return $this->_fail(); } $this->_row_exists = FALSE; $this->_session_id = $session_id; } - elseif ($this->_lock === FALSE) - { - return FALSE; - } if ($this->_row_exists === FALSE) { @@ -220,10 +236,11 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan if ($this->_db->insert($this->_config['save_path'], $insert_data)) { $this->_fingerprint = md5($session_data); - return $this->_row_exists = TRUE; + $this->_row_exists = TRUE; + return $this->_success; } - return FALSE; + return $this->_fail(); } $this->_db->where('id', $session_id); @@ -243,10 +260,10 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan if ($this->_db->update($this->_config['save_path'], $update_data)) { $this->_fingerprint = md5($session_data); - return TRUE; + return $this->_success; } - return FALSE; + return $this->_fail(); } // ------------------------------------------------------------------------ @@ -260,9 +277,9 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan */ public function close() { - return ($this->_lock) - ? $this->_release_lock() - : TRUE; + return ($this->_lock && ! $this->_release_lock()) + ? $this->_fail() + : $this->_success; } // ------------------------------------------------------------------------ @@ -279,18 +296,28 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan { if ($this->_lock) { + // Prevent previous QB calls from messing with our queries + $this->_db->reset_query(); + $this->_db->where('id', $session_id); if ($this->_config['match_ip']) { $this->_db->where('ip_address', $_SERVER['REMOTE_ADDR']); } - return $this->_db->delete($this->_config['save_path']) - ? ($this->close() && $this->_cookie_destroy()) - : FALSE; + if ( ! $this->_db->delete($this->_config['save_path'])) + { + return $this->_fail(); + } } - return ($this->close() && $this->_cookie_destroy()); + if ($this->close() === $this->_success) + { + $this->_cookie_destroy(); + return $this->_success; + } + + return $this->_fail(); } // ------------------------------------------------------------------------ @@ -305,7 +332,12 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan */ public function gc($maxlifetime) { - return $this->_db->delete($this->_config['save_path'], 'timestamp < '.(time() - $maxlifetime)); + // Prevent previous QB calls from messing with our queries + $this->_db->reset_query(); + + return ($this->_db->delete($this->_config['save_path'], 'timestamp < '.(time() - $maxlifetime))) + ? $this->_success + : $this->_fail(); } // ------------------------------------------------------------------------ @@ -322,7 +354,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan { if ($this->_platform === 'mysql') { - $arg = $session_id.($this->_config['match_ip'] ? '_'.$_SERVER['REMOTE_ADDR'] : ''); + $arg = md5($session_id.($this->_config['match_ip'] ? '_'.$_SERVER['REMOTE_ADDR'] : '')); if ($this->_db->query("SELECT GET_LOCK('".$arg."', 300) AS ci_session_lock")->row()->ci_session_lock) { $this->_lock = $arg; @@ -385,5 +417,4 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan return parent::_release_lock(); } - } diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php index 45da91c46..6016e094e 100644 --- a/system/libraries/Session/drivers/Session_files_driver.php +++ b/system/libraries/Session/drivers/Session_files_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Sessions * @author Andrey Andreev - * @link http://codeigniter.com/user_guide/libraries/sessions.html + * @link https://codeigniter.com/user_guide/libraries/sessions.html */ class CI_Session_files_driver extends CI_Session_driver implements SessionHandlerInterface { @@ -76,6 +76,20 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle */ protected $_file_new; + /** + * Validate SID regular expression + * + * @var string + */ + protected $_sid_regexp; + + /** + * mbstring.func_override flag + * + * @var bool + */ + protected static $func_override; + // ------------------------------------------------------------------------ /** @@ -95,8 +109,13 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle } else { + log_message('debug', 'Session: "sess_save_path" is empty; using "session.save_path" value from php.ini.'); $this->_config['save_path'] = rtrim(ini_get('session.save_path'), '/\\'); } + + $this->_sid_regexp = $this->_config['_sid_regexp']; + + isset(self::$func_override) OR self::$func_override = (extension_loaded('mbstring') && ini_get('mbstring.func_override')); } // ------------------------------------------------------------------------ @@ -129,7 +148,7 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle .$name // we'll use the session cookie name as a prefix to avoid collisions .($this->_config['match_ip'] ? md5($_SERVER['REMOTE_ADDR']) : ''); - return TRUE; + return $this->_success; } // ------------------------------------------------------------------------ @@ -148,21 +167,12 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle // which re-reads session data if ($this->_file_handle === NULL) { - // Just using fopen() with 'c+b' mode would be perfect, but it is only - // available since PHP 5.2.6 and we have to set permissions for new files, - // so we'd have to hack around this ... - if (($this->_file_new = ! file_exists($this->_file_path.$session_id)) === TRUE) - { - if (($this->_file_handle = fopen($this->_file_path.$session_id, 'w+b')) === FALSE) - { - log_message('error', "Session: File '".$this->_file_path.$session_id."' doesn't exist and cannot be created."); - return FALSE; - } - } - elseif (($this->_file_handle = fopen($this->_file_path.$session_id, 'r+b')) === FALSE) + $this->_file_new = ! file_exists($this->_file_path.$session_id); + + if (($this->_file_handle = fopen($this->_file_path.$session_id, 'c+b')) === FALSE) { log_message('error', "Session: Unable to open file '".$this->_file_path.$session_id."'."); - return FALSE; + return $this->_failure; } if (flock($this->_file_handle, LOCK_EX) === FALSE) @@ -170,7 +180,7 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle log_message('error', "Session: Unable to obtain lock for file '".$this->_file_path.$session_id."'."); fclose($this->_file_handle); $this->_file_handle = NULL; - return FALSE; + return $this->_failure; } // Needed by write() to detect session_regenerate_id() calls @@ -183,13 +193,19 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle return ''; } } + // We shouldn't need this, but apparently we do ... + // See https://github.com/bcit-ci/CodeIgniter/issues/4039 + elseif ($this->_file_handle === FALSE) + { + return $this->_failure; + } else { rewind($this->_file_handle); } $session_data = ''; - for ($read = 0, $length = filesize($this->_file_path.$session_id); $read < $length; $read += strlen($buffer)) + for ($read = 0, $length = filesize($this->_file_path.$session_id); $read < $length; $read += self::strlen($buffer)) { if (($buffer = fread($this->_file_handle, $length - $read)) === FALSE) { @@ -218,20 +234,20 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle { // If the two IDs don't match, we have a session_regenerate_id() call // and we need to close the old handle and open a new one - if ($session_id !== $this->_session_id && ( ! $this->close() OR $this->read($session_id) === FALSE)) + if ($session_id !== $this->_session_id && ($this->close() === $this->_failure OR $this->read($session_id) === $this->_failure)) { - return FALSE; + return $this->_failure; } if ( ! is_resource($this->_file_handle)) { - return FALSE; + return $this->_failure; } elseif ($this->_fingerprint === md5($session_data)) { - return ($this->_file_new) - ? TRUE - : touch($this->_file_path.$session_id); + return ( ! $this->_file_new && ! touch($this->_file_path.$session_id)) + ? $this->_failure + : $this->_success; } if ( ! $this->_file_new) @@ -254,12 +270,12 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle { $this->_fingerprint = md5(substr($session_data, 0, $written)); log_message('error', 'Session: Unable to write data.'); - return FALSE; + return $this->_failure; } } $this->_fingerprint = md5($session_data); - return TRUE; + return $this->_success; } // ------------------------------------------------------------------------ @@ -279,10 +295,9 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle fclose($this->_file_handle); $this->_file_handle = $this->_file_new = $this->_session_id = NULL; - return TRUE; } - return TRUE; + return $this->_success; } // ------------------------------------------------------------------------ @@ -297,21 +312,33 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle */ public function destroy($session_id) { - if ($this->close()) + if ($this->close() === $this->_success) { - return file_exists($this->_file_path.$session_id) - ? (unlink($this->_file_path.$session_id) && $this->_cookie_destroy()) - : TRUE; + if (file_exists($this->_file_path.$session_id)) + { + $this->_cookie_destroy(); + return unlink($this->_file_path.$session_id) + ? $this->_success + : $this->_failure; + } + + return $this->_success; } elseif ($this->_file_path !== NULL) { clearstatcache(); - return file_exists($this->_file_path.$session_id) - ? (unlink($this->_file_path.$session_id) && $this->_cookie_destroy()) - : TRUE; + if (file_exists($this->_file_path.$session_id)) + { + $this->_cookie_destroy(); + return unlink($this->_file_path.$session_id) + ? $this->_success + : $this->_failure; + } + + return $this->_success; } - return FALSE; + return $this->_failure; } // ------------------------------------------------------------------------ @@ -329,15 +356,18 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle if ( ! is_dir($this->_config['save_path']) OR ($directory = opendir($this->_config['save_path'])) === FALSE) { log_message('debug', "Session: Garbage collector couldn't list files under directory '".$this->_config['save_path']."'."); - return FALSE; + return $this->_failure; } $ts = time() - $maxlifetime; + $pattern = ($this->_config['match_ip'] === TRUE) + ? '[0-9a-f]{32}' + : ''; + $pattern = sprintf( - '/^%s[0-9a-f]{%d}$/', - preg_quote($this->_config['cookie_name'], '/'), - ($this->_config['match_ip'] === TRUE ? 72 : 40) + '#\A%s'.$pattern.$this->_sid_regexp.'\z#', + preg_quote($this->_config['cookie_name']) ); while (($file = readdir($directory)) !== FALSE) @@ -356,7 +386,21 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle closedir($directory); - return TRUE; + return $this->_success; } + // -------------------------------------------------------------------- + + /** + * Byte-safe strlen() + * + * @param string $str + * @return int + */ + protected static function strlen($str) + { + return (self::$func_override) + ? mb_strlen($str, '8bit') + : strlen($str); + } } diff --git a/system/libraries/Session/drivers/Session_memcached_driver.php b/system/libraries/Session/drivers/Session_memcached_driver.php index 97b860588..2556bf0f7 100644 --- a/system/libraries/Session/drivers/Session_memcached_driver.php +++ b/system/libraries/Session/drivers/Session_memcached_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Sessions * @author Andrey Andreev - * @link http://codeigniter.com/user_guide/libraries/sessions.html + * @link https://codeigniter.com/user_guide/libraries/sessions.html */ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHandlerInterface { @@ -117,7 +117,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa { $this->_memcached = NULL; log_message('error', 'Session: Invalid Memcached save path format: '.$this->_config['save_path']); - return FALSE; + return $this->_fail(); } foreach ($matches as $match) @@ -142,10 +142,10 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa if (empty($server_list)) { log_message('error', 'Session: Memcached server pool is empty.'); - return FALSE; + return $this->_fail(); } - return TRUE; + return $this->_success; } // ------------------------------------------------------------------------ @@ -170,7 +170,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa return $session_data; } - return FALSE; + return $this->_fail(); } // ------------------------------------------------------------------------ @@ -186,40 +186,44 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa */ public function write($session_id, $session_data) { - if ( ! isset($this->_memcached)) + if ( ! isset($this->_memcached, $this->_lock_key)) { - return FALSE; + return $this->_fail(); } // Was the ID regenerated? elseif ($session_id !== $this->_session_id) { if ( ! $this->_release_lock() OR ! $this->_get_lock($session_id)) { - return FALSE; + return $this->_fail(); } $this->_fingerprint = md5(''); $this->_session_id = $session_id; } - if (isset($this->_lock_key)) + $key = $this->_key_prefix.$session_id; + + $this->_memcached->replace($this->_lock_key, time(), 300); + if ($this->_fingerprint !== ($fingerprint = md5($session_data))) { - $this->_memcached->replace($this->_lock_key, time(), 300); - if ($this->_fingerprint !== ($fingerprint = md5($session_data))) + if ($this->_memcached->set($key, $session_data, $this->_config['expiration'])) { - if ($this->_memcached->set($this->_key_prefix.$session_id, $session_data, $this->_config['expiration'])) - { - $this->_fingerprint = $fingerprint; - return TRUE; - } - - return FALSE; + $this->_fingerprint = $fingerprint; + return $this->_success; } - return $this->_memcached->touch($this->_key_prefix.$session_id, $this->_config['expiration']); + return $this->_fail(); + } + elseif ( + $this->_memcached->touch($key, $this->_config['expiration']) + OR ($this->_memcached->getResultCode() === Memcached::RES_NOTFOUND && $this->_memcached->set($key, $session_data, $this->_config['expiration'])) + ) + { + return $this->_success; } - return FALSE; + return $this->_fail(); } // ------------------------------------------------------------------------ @@ -235,17 +239,17 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa { if (isset($this->_memcached)) { - isset($this->_lock_key) && $this->_memcached->delete($this->_lock_key); + $this->_release_lock(); if ( ! $this->_memcached->quit()) { - return FALSE; + return $this->_fail(); } $this->_memcached = NULL; - return TRUE; + return $this->_success; } - return FALSE; + return $this->_fail(); } // ------------------------------------------------------------------------ @@ -263,10 +267,11 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa if (isset($this->_memcached, $this->_lock_key)) { $this->_memcached->delete($this->_key_prefix.$session_id); - return $this->_cookie_destroy(); + $this->_cookie_destroy(); + return $this->_success; } - return FALSE; + return $this->_fail(); } // ------------------------------------------------------------------------ @@ -282,7 +287,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa public function gc($maxlifetime) { // Not necessary, Memcached takes care of that. - return TRUE; + return $this->_success; } // ------------------------------------------------------------------------ @@ -297,9 +302,17 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa */ protected function _get_lock($session_id) { - if (isset($this->_lock_key)) + // PHP 7 reuses the SessionHandler object on regeneration, + // so we need to check here if the lock key is for the + // correct session ID. + if ($this->_lock_key === $this->_key_prefix.$session_id.':lock') { - return $this->_memcached->replace($this->_lock_key, time(), 300); + if ( ! $this->_memcached->replace($this->_lock_key, time(), 300)) + { + return ($this->_memcached->getResultCode() === Memcached::RES_NOTFOUND) + ? $this->_memcached->set($this->_lock_key, time(), 300) + : FALSE; + } } // 30 attempts to obtain a lock, in case another request already has it @@ -359,5 +372,4 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa return TRUE; } - } diff --git a/system/libraries/Session/drivers/Session_redis_driver.php b/system/libraries/Session/drivers/Session_redis_driver.php index b098cc441..5313de04c 100644 --- a/system/libraries/Session/drivers/Session_redis_driver.php +++ b/system/libraries/Session/drivers/Session_redis_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Sessions * @author Andrey Andreev - * @link http://codeigniter.com/user_guide/libraries/sessions.html + * @link https://codeigniter.com/user_guide/libraries/sessions.html */ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandlerInterface { @@ -69,6 +69,13 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle */ protected $_lock_key; + /** + * Key exists flag + * + * @var bool + */ + protected $_key_exists = FALSE; + // ------------------------------------------------------------------------ /** @@ -85,27 +92,40 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle { log_message('error', 'Session: No Redis save path configured.'); } - elseif (preg_match('#(?:tcp://)?([^:?]+)(?:\:(\d+))?(\?.+)?#', $this->_config['save_path'], $matches)) + elseif (preg_match('#^unix://([^\?]+)(?<options>\?.+)?$#', $this->_config['save_path'], $matches)) + { + $save_path = array('path' => $matches[1]); + } + elseif (preg_match('#(?:tcp://)?([^:?]+)(?:\:(\d+))?(?<options>\?.+)?#', $this->_config['save_path'], $matches)) { - isset($matches[3]) OR $matches[3] = ''; // Just to avoid undefined index notices below - $this->_config['save_path'] = array( - 'host' => $matches[1], - 'port' => empty($matches[2]) ? NULL : $matches[2], - 'password' => preg_match('#auth=([^\s&]+)#', $matches[3], $match) ? $match[1] : NULL, - 'database' => preg_match('#database=(\d+)#', $matches[3], $match) ? (int) $match[1] : NULL, - 'timeout' => preg_match('#timeout=(\d+\.\d+)#', $matches[3], $match) ? (float) $match[1] : NULL + $save_path = array( + 'host' => $matches[1], + 'port' => empty($matches[2]) ? NULL : $matches[2], + 'timeout' => NULL // We always pass this to Redis::connect(), so it needs to exist ); - - preg_match('#prefix=([^\s&]+)#', $matches[3], $match) && $this->_key_prefix = $match[1]; } else { log_message('error', 'Session: Invalid Redis save path format: '.$this->_config['save_path']); } - if ($this->_config['match_ip'] === TRUE) + if (isset($save_path)) { - $this->_key_prefix .= $_SERVER['REMOTE_ADDR'].':'; + if (isset($matches['options'])) + { + $save_path['password'] = preg_match('#auth=([^\s&]+)#', $matches['options'], $match) ? $match[1] : NULL; + $save_path['database'] = preg_match('#database=(\d+)#', $matches['options'], $match) ? (int) $match[1] : NULL; + $save_path['timeout'] = preg_match('#timeout=(\d+\.\d+)#', $matches['options'], $match) ? (float) $match[1] : NULL; + + preg_match('#prefix=([^\s&]+)#', $matches['options'], $match) && $this->_key_prefix = $match[1]; + } + + $this->_config['save_path'] = $save_path; + + if ($this->_config['match_ip'] === TRUE) + { + $this->_key_prefix .= $_SERVER['REMOTE_ADDR'].':'; + } } } @@ -124,29 +144,40 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle { if (empty($this->_config['save_path'])) { - return FALSE; + return $this->_fail(); } $redis = new Redis(); - if ( ! $redis->connect($this->_config['save_path']['host'], $this->_config['save_path']['port'], $this->_config['save_path']['timeout'])) - { - log_message('error', 'Session: Unable to connect to Redis with the configured settings.'); - } - elseif (isset($this->_config['save_path']['password']) && ! $redis->auth($this->_config['save_path']['password'])) - { - log_message('error', 'Session: Unable to authenticate to Redis instance.'); - } - elseif (isset($this->_config['save_path']['database']) && ! $redis->select($this->_config['save_path']['database'])) + $connected = isset($this->_config['save_path']['path']) + ? $redis->connect($this->_config['save_path']['path']) + : $redis->connect( + $this->_config['save_path']['host'], + $this->_config['save_path']['port'], + $this->_config['save_path']['timeout'] + ); + + if ($connected) { - log_message('error', 'Session: Unable to select Redis database with index '.$this->_config['save_path']['database']); + if (isset($this->_config['save_path']['password']) && ! $redis->auth($this->_config['save_path']['password'])) + { + log_message('error', 'Session: Unable to authenticate to Redis instance.'); + } + elseif (isset($this->_config['save_path']['database']) && ! $redis->select($this->_config['save_path']['database'])) + { + log_message('error', 'Session: Unable to select Redis database with index '.$this->_config['save_path']['database']); + } + else + { + $this->_redis = $redis; + return $this->_success; + } } else { - $this->_redis = $redis; - return TRUE; + log_message('error', 'Session: Unable to connect to Redis with the configured settings.'); } - return FALSE; + return $this->_fail(); } // ------------------------------------------------------------------------ @@ -166,12 +197,17 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle // Needed by write() to detect session_regenerate_id() calls $this->_session_id = $session_id; - $session_data = (string) $this->_redis->get($this->_key_prefix.$session_id); + $session_data = $this->_redis->get($this->_key_prefix.$session_id); + + is_string($session_data) + ? $this->_key_exists = TRUE + : $session_data = ''; + $this->_fingerprint = md5($session_data); return $session_data; } - return FALSE; + return $this->_fail(); } // ------------------------------------------------------------------------ @@ -187,40 +223,38 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle */ public function write($session_id, $session_data) { - if ( ! isset($this->_redis)) + if ( ! isset($this->_redis, $this->_lock_key)) { - return FALSE; + return $this->_fail(); } // Was the ID regenerated? elseif ($session_id !== $this->_session_id) { if ( ! $this->_release_lock() OR ! $this->_get_lock($session_id)) { - return FALSE; + return $this->_fail(); } - $this->_fingerprint = md5(''); + $this->_key_exists = FALSE; $this->_session_id = $session_id; } - if (isset($this->_lock_key)) + $this->_redis->setTimeout($this->_lock_key, 300); + if ($this->_fingerprint !== ($fingerprint = md5($session_data)) OR $this->_key_exists === FALSE) { - $this->_redis->setTimeout($this->_lock_key, 300); - if ($this->_fingerprint !== ($fingerprint = md5($session_data))) + if ($this->_redis->set($this->_key_prefix.$session_id, $session_data, $this->_config['expiration'])) { - if ($this->_redis->set($this->_key_prefix.$session_id, $session_data, $this->_config['expiration'])) - { - $this->_fingerprint = $fingerprint; - return TRUE; - } - - return FALSE; + $this->_fingerprint = $fingerprint; + $this->_key_exists = TRUE; + return $this->_success; } - return $this->_redis->setTimeout($this->_key_prefix.$session_id, $this->_config['expiration']); + return $this->_fail(); } - return FALSE; + return ($this->_redis->setTimeout($this->_key_prefix.$session_id, $this->_config['expiration'])) + ? $this->_success + : $this->_fail(); } // ------------------------------------------------------------------------ @@ -239,10 +273,10 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle try { if ($this->_redis->ping() === '+PONG') { - isset($this->_lock_key) && $this->_redis->delete($this->_lock_key); - if ( ! $this->_redis->close()) + $this->_release_lock(); + if ($this->_redis->close() === FALSE) { - return FALSE; + return $this->_fail(); } } } @@ -252,10 +286,10 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle } $this->_redis = NULL; - return TRUE; + return $this->_success; } - return TRUE; + return $this->_success; } // ------------------------------------------------------------------------ @@ -277,10 +311,11 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle log_message('debug', 'Session: Redis::delete() expected to return 1, got '.var_export($result, TRUE).' instead.'); } - return $this->_cookie_destroy(); + $this->_cookie_destroy(); + return $this->_success; } - return FALSE; + return $this->_fail(); } // ------------------------------------------------------------------------ @@ -296,7 +331,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle public function gc($maxlifetime) { // Not necessary, Redis takes care of that. - return TRUE; + return $this->_success; } // ------------------------------------------------------------------------ @@ -311,7 +346,10 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle */ protected function _get_lock($session_id) { - if (isset($this->_lock_key)) + // PHP 7 reuses the SessionHandler object on regeneration, + // so we need to check here if the lock key is for the + // correct session ID. + if ($this->_lock_key === $this->_key_prefix.$session_id.':lock') { return $this->_redis->setTimeout($this->_lock_key, 300); } diff --git a/system/libraries/Table.php b/system/libraries/Table.php index 2d9823093..dc309890b 100644 --- a/system/libraries/Table.php +++ b/system/libraries/Table.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.3.1 * @filesource */ @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category HTML Tables * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/table.html + * @link https://codeigniter.com/user_guide/libraries/table.html */ class CI_Table { @@ -277,6 +277,7 @@ class CI_Table { public function set_caption($caption) { $this->caption = $caption; + return $this; } // -------------------------------------------------------------------- @@ -426,6 +427,7 @@ class CI_Table { $this->rows = array(); $this->heading = array(); $this->auto_heading = TRUE; + $this->caption = NULL; return $this; } diff --git a/system/libraries/Trackback.php b/system/libraries/Trackback.php index 23bdbbd58..55e9a0ee6 100644 --- a/system/libraries/Trackback.php +++ b/system/libraries/Trackback.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Trackbacks * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/trackback.html + * @link https://codeigniter.com/user_guide/libraries/trackback.html */ class CI_Trackback { @@ -370,7 +370,7 @@ class CI_Trackback { { $url = trim($url); - if (strpos($url, 'http') !== 0) + if (stripos($url, 'http') !== 0) { $url = 'http://'.$url; } diff --git a/system/libraries/Typography.php b/system/libraries/Typography.php index 3b6cb1645..b25d8fdaa 100644 --- a/system/libraries/Typography.php +++ b/system/libraries/Typography.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Helpers * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/typography.html + * @link https://codeigniter.com/user_guide/libraries/typography.html */ class CI_Typography { @@ -241,7 +241,7 @@ class CI_Typography { // Clean up stray paragraph tags that appear before block level elements '#<p></p><('.$this->block_elements.')#' => '<$1', - // Clean up stray non-breaking spaces preceeding block elements + // Clean up stray non-breaking spaces preceding block elements '#( \s*)+<('.$this->block_elements.')#' => ' <$2', // Replace the temporary markers we added earlier diff --git a/system/libraries/Unit_test.php b/system/libraries/Unit_test.php index 3f986f3e8..38e0fbd24 100644 --- a/system/libraries/Unit_test.php +++ b/system/libraries/Unit_test.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.3.1 * @filesource */ @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category UnitTesting * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/unit_testing.html + * @link https://codeigniter.com/user_guide/libraries/unit_testing.html */ class CI_Unit_test { @@ -154,7 +154,6 @@ class CI_Unit_test { if (in_array($expected, array('is_object', 'is_string', 'is_bool', 'is_true', 'is_false', 'is_int', 'is_numeric', 'is_float', 'is_double', 'is_array', 'is_null', 'is_resource'), TRUE)) { - $expected = str_replace('is_double', 'is_float', $expected); $result = $expected($test); $extype = str_replace(array('true', 'false'), 'bool', str_replace('is_', '', $expected)); } @@ -291,7 +290,7 @@ class CI_Unit_test { { continue; } - elseif (in_array($key, array('test_name', 'test_datatype', 'test_res_datatype', 'result'), TRUE)) + elseif (in_array($key, array('test_name', 'test_datatype', 'res_datatype', 'result'), TRUE)) { if (FALSE !== ($line = $CI->lang->line(strtolower('ut_'.$val), FALSE))) { diff --git a/system/libraries/Upload.php b/system/libraries/Upload.php index 8a2dec76a..3a1731e58 100644 --- a/system/libraries/Upload.php +++ b/system/libraries/Upload.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Uploads * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/file_uploading.html + * @link https://codeigniter.com/user_guide/libraries/file_uploading.html */ class CI_Upload { @@ -286,7 +286,7 @@ class CI_Upload { /** * Constructor * - * @param array $props + * @param array $config * @return void */ public function __construct($config = array()) @@ -526,6 +526,12 @@ class CI_Upload { $this->file_name = preg_replace('/\s+/', '_', $this->file_name); } + if ($this->file_ext_tolower && ($ext_length = strlen($this->file_ext))) + { + // file_ext was previously lower-cased by a get_extension() call + $this->file_name = substr($this->file_name, 0, -$ext_length).$this->file_ext; + } + /* * Validate the file name * This function appends an number onto the end of @@ -595,7 +601,7 @@ class CI_Upload { 'file_type' => $this->file_type, 'file_path' => $this->upload_path, 'full_path' => $this->upload_path.$this->file_name, - 'raw_name' => str_replace($this->file_ext, '', $this->file_name), + 'raw_name' => substr($this->file_name, 0, -strlen($this->file_ext)), 'orig_name' => $this->orig_name, 'client_name' => $this->client_name, 'file_ext' => $this->file_ext, @@ -1077,16 +1083,27 @@ class CI_Upload { return FALSE; } - if (memory_get_usage() && ($memory_limit = ini_get('memory_limit'))) + if (memory_get_usage() && ($memory_limit = ini_get('memory_limit')) > 0) { - $memory_limit *= 1024 * 1024; - - // There was a bug/behavioural change in PHP 5.2, where numbers over one million get output - // into scientific notation. number_format() ensures this number is an integer - // http://bugs.php.net/bug.php?id=43053 - - $memory_limit = number_format(ceil(filesize($file) + $memory_limit), 0, '.', ''); + $memory_limit = str_split($memory_limit, strspn($memory_limit, '1234567890')); + if ( ! empty($memory_limit[1])) + { + switch ($memory_limit[1][0]) + { + case 'g': + case 'G': + $memory_limit[0] *= 1024 * 1024 * 1024; + break; + case 'm': + case 'M': + $memory_limit[0] *= 1024 * 1024; + break; + default: + break; + } + } + $memory_limit = (int) ceil(filesize($file) + $memory_limit[0]); ini_set('memory_limit', $memory_limit); // When an integer is used, the value is measured in bytes. - PHP.net } @@ -1201,10 +1218,13 @@ class CI_Upload { // We'll need this to validate the MIME info string (e.g. text/plain; charset=us-ascii) $regexp = '/^([a-z\-]+\/[a-z0-9\-\.\+]+)(;\s.+)?$/'; - /* Fileinfo extension - most reliable method + /** + * Fileinfo extension - most reliable method * - * Unfortunately, prior to PHP 5.3 - it's only available as a PECL extension and the - * more convenient FILEINFO_MIME_TYPE flag doesn't exist. + * Apparently XAMPP, CentOS, cPanel and who knows what + * other PHP distribution channels EXPLICITLY DISABLE + * ext/fileinfo, which is otherwise enabled by default + * since PHP 5.3 ... */ if (function_exists('finfo_file')) { @@ -1239,9 +1259,7 @@ class CI_Upload { */ if (DIRECTORY_SEPARATOR !== '\\') { - $cmd = function_exists('escapeshellarg') - ? 'file --brief --mime '.escapeshellarg($file['tmp_name']).' 2>&1' - : 'file --brief --mime '.$file['tmp_name'].' 2>&1'; + $cmd = 'file --brief --mime '.escapeshellarg($file['tmp_name']).' 2>&1'; if (function_usable('exec')) { @@ -1258,7 +1276,7 @@ class CI_Upload { } } - if ( ! ini_get('safe_mode') && function_usable('shell_exec')) + if (function_usable('shell_exec')) { $mime = @shell_exec($cmd); if (strlen($mime) > 0) diff --git a/system/libraries/User_agent.php b/system/libraries/User_agent.php index 53d932a53..cda3ef0a0 100644 --- a/system/libraries/User_agent.php +++ b/system/libraries/User_agent.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category User Agent * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/user_agent.html + * @link https://codeigniter.com/user_guide/libraries/user_agent.html */ class CI_User_agent { @@ -173,13 +173,11 @@ class CI_User_agent { */ public function __construct() { + $this->_load_agent_file(); + if (isset($_SERVER['HTTP_USER_AGENT'])) { $this->agent = trim($_SERVER['HTTP_USER_AGENT']); - } - - if ($this->agent !== NULL && $this->_load_agent_file()) - { $this->_compile_data(); } diff --git a/system/libraries/Xmlrpc.php b/system/libraries/Xmlrpc.php index 55555f56f..e025c4508 100644 --- a/system/libraries/Xmlrpc.php +++ b/system/libraries/Xmlrpc.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -51,7 +51,7 @@ if ( ! function_exists('xml_parser_create')) * @subpackage Libraries * @category XML-RPC * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/xmlrpc.html + * @link https://codeigniter.com/user_guide/libraries/xmlrpc.html */ class CI_Xmlrpc { @@ -238,7 +238,7 @@ class CI_Xmlrpc { public $result; /** - * XML-RPC Reponse + * XML-RPC Response * * @var array */ @@ -352,7 +352,7 @@ class CI_Xmlrpc { */ public function server($url, $port = 80, $proxy = FALSE, $proxy_port = 8080) { - if (strpos($url, 'http') !== 0) + if (stripos($url, 'http') !== 0) { $url = 'http://'.$url; } @@ -559,7 +559,7 @@ class CI_Xmlrpc { * * @category XML-RPC * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/xmlrpc.html + * @link https://codeigniter.com/user_guide/libraries/xmlrpc.html */ class XML_RPC_Client extends CI_Xmlrpc { @@ -735,6 +735,8 @@ class XML_RPC_Client extends CI_Xmlrpc .'Content-Length: '.strlen($msg->payload).$r.$r .$msg->payload; + stream_set_timeout($fp, $this->timeout); // set timeout for subsequent operations + for ($written = $timestamp = 0, $length = strlen($op); $written < $length; $written += $result) { if (($result = fwrite($fp, substr($op, $written))) === FALSE) @@ -753,9 +755,6 @@ class XML_RPC_Client extends CI_Xmlrpc $result = FALSE; break; } - - usleep(250000); - continue; } else { @@ -781,7 +780,7 @@ class XML_RPC_Client extends CI_Xmlrpc * * @category XML-RPC * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/xmlrpc.html + * @link https://codeigniter.com/user_guide/libraries/xmlrpc.html */ class XML_RPC_Response { @@ -837,9 +836,7 @@ class XML_RPC_Response { // error $this->errno = $code; - $this->errstr = htmlspecialchars($fstr, - (is_php('5.4') ? ENT_XML1 | ENT_NOQUOTES : ENT_NOQUOTES), - 'UTF-8'); + $this->errstr = htmlspecialchars($fstr, ENT_XML1 | ENT_NOQUOTES, 'UTF-8'); } elseif ( ! is_object($val)) { @@ -1030,7 +1027,7 @@ class XML_RPC_Response * * @category XML-RPC * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/xmlrpc.html + * @link https://codeigniter.com/user_guide/libraries/xmlrpc.html */ class XML_RPC_Message extends CI_Xmlrpc { @@ -1649,7 +1646,7 @@ class XML_RPC_Message extends CI_Xmlrpc * * @category XML-RPC * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/xmlrpc.html + * @link https://codeigniter.com/user_guide/libraries/xmlrpc.html */ class XML_RPC_Values extends CI_Xmlrpc { diff --git a/system/libraries/Xmlrpcs.php b/system/libraries/Xmlrpcs.php index 00d1feca6..21de937c8 100644 --- a/system/libraries/Xmlrpcs.php +++ b/system/libraries/Xmlrpcs.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -56,7 +56,7 @@ if ( ! class_exists('CI_Xmlrpc', FALSE)) * @subpackage Libraries * @category XML-RPC * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/xmlrpc.html + * @link https://codeigniter.com/user_guide/libraries/xmlrpc.html */ class CI_Xmlrpcs extends CI_Xmlrpc { @@ -339,11 +339,11 @@ class CI_Xmlrpcs extends CI_Xmlrpc { //------------------------------------- $method_parts = explode('.', $this->methods[$methName]['function']); - $objectCall = (isset($method_parts[1]) && $method_parts[1] !== ''); + $objectCall = ! empty($method_parts[1]); if ($system_call === TRUE) { - if ( ! is_callable(array($this,$method_parts[1]))) + if ( ! is_callable(array($this, $method_parts[1]))) { return new XML_RPC_Response(0, $this->xmlrpcerr['unknown_method'], $this->xmlrpcstr['unknown_method']); } @@ -400,11 +400,11 @@ class CI_Xmlrpcs extends CI_Xmlrpc { } elseif ($this->object === FALSE) { - return get_instance()->$method_parts[1]($m); + return get_instance()->{$method_parts[1]}($m); } else { - return $this->object->$method_parts[1]($m); + return $this->object->{$method_parts[1]}($m); } } else diff --git a/system/libraries/Zip.php b/system/libraries/Zip.php index 3e98ac568..d6974b13a 100644 --- a/system/libraries/Zip.php +++ b/system/libraries/Zip.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -28,10 +28,10 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -50,7 +50,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Encryption * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/zip.html + * @link https://codeigniter.com/user_guide/libraries/zip.html */ class CI_Zip { @@ -106,12 +106,21 @@ class CI_Zip { public $compression_level = 2; /** + * mbstring.func_override flag + * + * @var bool + */ + protected static $func_override; + + /** * Initialize zip compression class * * @return void */ public function __construct() { + isset(self::$func_override) OR self::$func_override = (extension_loaded('mbstring') && ini_get('mbstring.func_override')); + $this->now = time(); log_message('info', 'Zip Compression Class Initialized'); } @@ -182,7 +191,7 @@ class CI_Zip { .pack('V', 0) // crc32 .pack('V', 0) // compressed filesize .pack('V', 0) // uncompressed filesize - .pack('v', strlen($dir)) // length of pathname + .pack('v', self::strlen($dir)) // length of pathname .pack('v', 0) // extra field length .$dir // below is "data descriptor" segment @@ -197,7 +206,7 @@ class CI_Zip { .pack('V',0) // crc32 .pack('V',0) // compressed filesize .pack('V',0) // uncompressed filesize - .pack('v', strlen($dir)) // length of pathname + .pack('v', self::strlen($dir)) // length of pathname .pack('v', 0) // extra field length .pack('v', 0) // file comment length .pack('v', 0) // disk number start @@ -206,7 +215,7 @@ class CI_Zip { .pack('V', $this->offset) // relative offset of local header .$dir; - $this->offset = strlen($this->zipdata); + $this->offset = self::strlen($this->zipdata); $this->entries++; } @@ -255,10 +264,10 @@ class CI_Zip { { $filepath = str_replace('\\', '/', $filepath); - $uncompressed_size = strlen($data); + $uncompressed_size = self::strlen($data); $crc32 = crc32($data); - $gzdata = substr(gzcompress($data, $this->compression_level), 2, -4); - $compressed_size = strlen($gzdata); + $gzdata = self::substr(gzcompress($data, $this->compression_level), 2, -4); + $compressed_size = self::strlen($gzdata); $this->zipdata .= "\x50\x4b\x03\x04\x14\x00\x00\x00\x08\x00" @@ -267,7 +276,7 @@ class CI_Zip { .pack('V', $crc32) .pack('V', $compressed_size) .pack('V', $uncompressed_size) - .pack('v', strlen($filepath)) // length of filename + .pack('v', self::strlen($filepath)) // length of filename .pack('v', 0) // extra field length .$filepath .$gzdata; // "file data" segment @@ -279,7 +288,7 @@ class CI_Zip { .pack('V', $crc32) .pack('V', $compressed_size) .pack('V', $uncompressed_size) - .pack('v', strlen($filepath)) // length of filename + .pack('v', self::strlen($filepath)) // length of filename .pack('v', 0) // extra field length .pack('v', 0) // file comment length .pack('v', 0) // disk number start @@ -288,7 +297,7 @@ class CI_Zip { .pack('V', $this->offset) // relative offset of local header .$filepath; - $this->offset = strlen($this->zipdata); + $this->offset = self::strlen($this->zipdata); $this->entries++; $this->file_num++; } @@ -401,8 +410,8 @@ class CI_Zip { .$this->directory."\x50\x4b\x05\x06\x00\x00\x00\x00" .pack('v', $this->entries) // total # of entries "on this disk" .pack('v', $this->entries) // total # of entries overall - .pack('V', strlen($this->directory)) // size of central dir - .pack('V', strlen($this->zipdata)) // offset to start of central dir + .pack('V', self::strlen($this->directory)) // size of central dir + .pack('V', self::strlen($this->zipdata)) // offset to start of central dir ."\x00\x00"; // .zip file comment length } @@ -425,9 +434,9 @@ class CI_Zip { flock($fp, LOCK_EX); - for ($result = $written = 0, $data = $this->get_zip(), $length = strlen($data); $written < $length; $written += $result) + for ($result = $written = 0, $data = $this->get_zip(), $length = self::strlen($data); $written < $length; $written += $result) { - if (($result = fwrite($fp, substr($data, $written))) === FALSE) + if (($result = fwrite($fp, self::substr($data, $written))) === FALSE) { break; } @@ -481,4 +490,40 @@ class CI_Zip { return $this; } + // -------------------------------------------------------------------- + + /** + * Byte-safe strlen() + * + * @param string $str + * @return int + */ + protected static function strlen($str) + { + return (self::$func_override) + ? mb_strlen($str, '8bit') + : strlen($str); + } + + // -------------------------------------------------------------------- + + /** + * Byte-safe substr() + * + * @param string $str + * @param int $start + * @param int $length + * @return string + */ + protected static function substr($str, $start, $length = NULL) + { + if (self::$func_override) + { + return mb_substr($str, $start, $length, '8bit'); + } + + return isset($length) + ? substr($str, $start, $length) + : substr($str, $start); + } } |