summaryrefslogtreecommitdiffstats
path: root/system
diff options
context:
space:
mode:
authorAndrey Andreev <narf@devilix.net>2017-09-25 18:44:51 +0200
committerAndrey Andreev <narf@devilix.net>2017-09-25 18:44:51 +0200
commite76217041ddcae80f11b50b44a7d409b6722ad40 (patch)
tree6f7dd444bfc5b4206a6e07169ad3c05b9b63fa4d /system
parent9c07c3697bab0bf43e10daf59068497dd3a0a9fd (diff)
parentcf728703b5852591c160cbd9566a0e508dd5759a (diff)
Merge branch '3.1-stable'
Diffstat (limited to 'system')
-rw-r--r--system/core/CodeIgniter.php4
-rw-r--r--system/core/Common.php34
-rw-r--r--system/core/Exceptions.php2
-rw-r--r--system/core/Input.php16
-rw-r--r--system/core/Loader.php76
-rw-r--r--system/core/Log.php10
-rw-r--r--system/core/Output.php105
-rw-r--r--system/core/Security.php6
-rw-r--r--system/core/compat/hash.php17
-rw-r--r--system/core/compat/mbstring.php2
-rw-r--r--system/core/compat/password.php8
-rw-r--r--system/database/DB_cache.php2
-rw-r--r--system/database/DB_driver.php7
-rw-r--r--system/database/DB_forge.php6
-rw-r--r--system/database/DB_query_builder.php71
-rw-r--r--system/database/drivers/cubrid/cubrid_driver.php4
-rw-r--r--system/database/drivers/ibase/ibase_driver.php4
-rw-r--r--system/database/drivers/ibase/ibase_forge.php2
-rw-r--r--system/database/drivers/mssql/mssql_driver.php6
-rw-r--r--system/database/drivers/mysql/mysql_driver.php4
-rw-r--r--system/database/drivers/mysqli/mysqli_driver.php4
-rw-r--r--system/database/drivers/mysqli/mysqli_result.php58
-rw-r--r--system/database/drivers/mysqli/mysqli_utility.php8
-rw-r--r--system/database/drivers/oci8/oci8_driver.php2
-rw-r--r--system/database/drivers/oci8/oci8_forge.php2
-rw-r--r--system/database/drivers/odbc/odbc_driver.php8
-rw-r--r--system/database/drivers/pdo/pdo_driver.php4
-rw-r--r--system/database/drivers/pdo/subdrivers/pdo_dblib_driver.php20
-rw-r--r--system/database/drivers/pdo/subdrivers/pdo_firebird_driver.php2
-rw-r--r--system/database/drivers/pdo/subdrivers/pdo_mysql_driver.php2
-rw-r--r--system/database/drivers/pdo/subdrivers/pdo_oci_forge.php2
-rw-r--r--system/database/drivers/pdo/subdrivers/pdo_odbc_driver.php4
-rw-r--r--system/database/drivers/pdo/subdrivers/pdo_pgsql_forge.php2
-rw-r--r--system/database/drivers/pdo/subdrivers/pdo_sqlsrv_driver.php4
-rw-r--r--system/database/drivers/postgre/postgre_driver.php8
-rw-r--r--system/database/drivers/postgre/postgre_forge.php2
-rw-r--r--system/database/drivers/sqlite3/sqlite3_driver.php4
-rw-r--r--system/database/drivers/sqlsrv/sqlsrv_driver.php6
-rw-r--r--system/helpers/cookie_helper.php2
-rw-r--r--system/helpers/form_helper.php10
-rw-r--r--system/helpers/html_helper.php2
-rw-r--r--system/helpers/inflector_helper.php1
-rw-r--r--system/helpers/string_helper.php4
-rw-r--r--system/helpers/text_helper.php7
-rw-r--r--system/libraries/Cache/drivers/Cache_apc.php48
-rw-r--r--system/libraries/Cache/drivers/Cache_memcached.php2
-rw-r--r--system/libraries/Email.php36
-rw-r--r--system/libraries/Encrypt.php59
-rw-r--r--system/libraries/Encryption.php10
-rw-r--r--system/libraries/Form_validation.php4
-rw-r--r--system/libraries/Ftp.php2
-rw-r--r--system/libraries/Image_lib.php12
-rw-r--r--system/libraries/Pagination.php2
-rw-r--r--system/libraries/Profiler.php22
-rw-r--r--system/libraries/Session/drivers/Session_database_driver.php10
-rw-r--r--system/libraries/Session/drivers/Session_files_driver.php8
-rw-r--r--system/libraries/Session/drivers/Session_memcached_driver.php5
-rw-r--r--system/libraries/Session/drivers/Session_redis_driver.php8
-rw-r--r--system/libraries/Table.php2
-rw-r--r--system/libraries/Typography.php2
-rw-r--r--system/libraries/Upload.php2
-rw-r--r--system/libraries/Xmlrpc.php38
-rw-r--r--system/libraries/Xmlrpcs.php4
-rw-r--r--system/libraries/Zip.php10
64 files changed, 479 insertions, 361 deletions
diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php
index 0edcf972d..0d03293f6 100644
--- a/system/core/CodeIgniter.php
+++ b/system/core/CodeIgniter.php
@@ -55,7 +55,7 @@ defined('BASEPATH') OR exit('No direct script access allowed');
* @var string
*
*/
- const CI_VERSION = '3.1.3';
+ const CI_VERSION = '3.1.6';
/*
* ------------------------------------------------------
@@ -434,7 +434,7 @@ if ( ! is_php('5.4'))
* ReflectionMethod::isConstructor() is the ONLY reliable check,
* knowing which method will be executed as a constructor.
*/
- elseif ( ! is_callable(array($class, $method)) && strcasecmp($class, $method) === 0)
+ elseif ( ! is_callable(array($class, $method)))
{
$reflection = new ReflectionMethod($class, $method);
if ( ! $reflection->isPublic() OR $reflection->isConstructor())
diff --git a/system/core/Common.php b/system/core/Common.php
index 7b3eb6a4e..d6a1fdb4e 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -135,7 +135,7 @@ if ( ! function_exists('load_class'))
*
* @param string the class name being requested
* @param string the directory where the class should be found
- * @param string an optional argument to pass to the class constructor
+ * @param mixed an optional argument to pass to the class constructor
* @return object
*/
function &load_class($class, $directory = 'libraries', $param = NULL)
@@ -319,17 +319,13 @@ if ( ! function_exists('get_mimes'))
if (empty($_mimes))
{
+ $_mimes = file_exists(APPPATH.'config/mimes.php')
+ ? include(APPPATH.'config/mimes.php')
+ : array();
+
if (file_exists(APPPATH.'config/'.ENVIRONMENT.'/mimes.php'))
{
- $_mimes = include(APPPATH.'config/'.ENVIRONMENT.'/mimes.php');
- }
- elseif (file_exists(APPPATH.'config/mimes.php'))
- {
- $_mimes = include(APPPATH.'config/mimes.php');
- }
- else
- {
- $_mimes = array();
+ $_mimes = array_merge($_mimes, include(APPPATH.'config/'.ENVIRONMENT.'/mimes.php'));
}
}
@@ -410,11 +406,6 @@ if ( ! function_exists('show_error'))
if ($status_code < 100)
{
$exit_status = $status_code + 9; // 9 is EXIT__AUTO_MIN
- if ($exit_status > 125) // 125 is EXIT__AUTO_MAX
- {
- $exit_status = 1; // EXIT_ERROR
- }
-
$status_code = 500;
}
else
@@ -571,12 +562,12 @@ if ( ! function_exists('set_status_header'))
if (strpos(PHP_SAPI, 'cgi') === 0)
{
header('Status: '.$code.' '.$text, TRUE);
+ return;
}
- else
- {
- $server_protocol = isset($_SERVER['SERVER_PROTOCOL']) ? $_SERVER['SERVER_PROTOCOL'] : 'HTTP/1.1';
- header($server_protocol.' '.$code.' '.$text, TRUE, $code);
- }
+
+ $server_protocol = (isset($_SERVER['SERVER_PROTOCOL']) && in_array($_SERVER['SERVER_PROTOCOL'], array('HTTP/1.0', 'HTTP/1.1', 'HTTP/2'), TRUE))
+ ? $_SERVER['SERVER_PROTOCOL'] : 'HTTP/1.1';
+ header($server_protocol.' '.$code.' '.$text, TRUE, $code);
}
}
@@ -724,6 +715,7 @@ if ( ! function_exists('remove_invisible_characters'))
{
$non_displayables[] = '/%0[0-8bcef]/i'; // url encoded 00-08, 11, 12, 14, 15
$non_displayables[] = '/%1[0-9a-f]/i'; // url encoded 16-31
+ $non_displayables[] = '/%7f/i'; // url encoded 127
}
$non_displayables[] = '/[\x00-\x08\x0B\x0C\x0E-\x1F\x7F]+/S'; // 00-08, 11, 12, 14-31, 127
@@ -827,7 +819,7 @@ if ( ! function_exists('function_usable'))
* terminate script execution if a disabled function is executed.
*
* The above described behavior turned out to be a bug in Suhosin,
- * but even though a fix was commited for 0.9.34 on 2012-02-12,
+ * but even though a fix was committed for 0.9.34 on 2012-02-12,
* that version is yet to be released. This function will therefore
* be just temporary, but would probably be kept for a few years.
*
diff --git a/system/core/Exceptions.php b/system/core/Exceptions.php
index 47d153f49..526909602 100644
--- a/system/core/Exceptions.php
+++ b/system/core/Exceptions.php
@@ -231,7 +231,7 @@ class CI_Exceptions {
* @param string $message Error message
* @param string $filepath File path
* @param int $line Line number
- * @return string Error page output
+ * @return void
*/
public function show_php_error($severity, $message, $filepath, $line)
{
diff --git a/system/core/Input.php b/system/core/Input.php
index d7cd29261..af4f87c1f 100644
--- a/system/core/Input.php
+++ b/system/core/Input.php
@@ -359,7 +359,7 @@ class CI_Input {
* @param bool $httponly Whether to only makes the cookie accessible via HTTP (no javascript)
* @return void
*/
- public function set_cookie($name, $value = '', $expire = '', $domain = '', $path = '/', $prefix = '', $secure = FALSE, $httponly = FALSE)
+ public function set_cookie($name, $value = '', $expire = '', $domain = '', $path = '/', $prefix = '', $secure = NULL, $httponly = NULL)
{
if (is_array($name))
{
@@ -388,15 +388,13 @@ class CI_Input {
$path = config_item('cookie_path');
}
- if ($secure === FALSE && config_item('cookie_secure') === TRUE)
- {
- $secure = config_item('cookie_secure');
- }
+ $secure = ($secure === NULL && config_item('cookie_secure') !== NULL)
+ ? (bool) config_item('cookie_secure')
+ : (bool) $secure;
- if ($httponly === FALSE && config_item('cookie_httponly') !== FALSE)
- {
- $httponly = config_item('cookie_httponly');
- }
+ $httponly = ($httponly === NULL && config_item('cookie_httponly') !== NULL)
+ ? (bool) config_item('cookie_httponly')
+ : (bool) $httponly;
if ( ! is_numeric($expire))
{
diff --git a/system/core/Loader.php b/system/core/Loader.php
index acfc739dd..085c5b51d 100644
--- a/system/core/Loader.php
+++ b/system/core/Loader.php
@@ -182,7 +182,7 @@ class CI_Loader {
* Loads and instantiates libraries.
* Designed to be called from application controllers.
*
- * @param string $library Library name
+ * @param mixed $library Library name
* @param array $params Optional parameters to pass to the library class constructor
* @param string $object_name An optional object name to assign to
* @return object
@@ -590,7 +590,7 @@ class CI_Loader {
{
$filename = basename($helper);
$filepath = ($filename === $helper) ? '' : substr($helper, 0, strlen($helper) - strlen($filename));
- $filename = strtolower(preg_replace('#(_helper)?(.php)?$#i', '', $filename)).'_helper';
+ $filename = strtolower(preg_replace('#(_helper)?(\.php)?$#i', '', $filename)).'_helper';
$helper = $filepath.$filename;
if (isset($this->_ci_helpers[$helper]))
@@ -1037,6 +1037,26 @@ class CI_Loader {
return $this->_ci_load_stock_library($class, $subdir, $params, $object_name);
}
+ // Safety: Was the class already loaded by a previous call?
+ if (class_exists($class, FALSE))
+ {
+ $property = $object_name;
+ if (empty($property))
+ {
+ $property = strtolower($class);
+ isset($this->_ci_varmap[$property]) && $property = $this->_ci_varmap[$property];
+ }
+
+ $CI =& get_instance();
+ if (isset($CI->$property))
+ {
+ log_message('debug', $class.' class already loaded. Second attempt ignored.');
+ return;
+ }
+
+ return $this->_ci_init_library($class, '', $params, $object_name);
+ }
+
// Let's search for the requested library file and load it.
foreach ($this->_ci_library_paths as $path)
{
@@ -1047,27 +1067,8 @@ class CI_Loader {
}
$filepath = $path.'libraries/'.$subdir.$class.'.php';
-
- // Safety: Was the class already loaded by a previous call?
- if (class_exists($class, FALSE))
- {
- // Before we deem this to be a duplicate request, let's see
- // if a custom object name is being supplied. If so, we'll
- // return a new instance of the object
- if ($object_name !== NULL)
- {
- $CI =& get_instance();
- if ( ! isset($CI->$object_name))
- {
- return $this->_ci_init_library($class, '', $params, $object_name);
- }
- }
-
- log_message('debug', $class.' class already loaded. Second attempt ignored.');
- return;
- }
// Does the file exist? No? Bummer...
- elseif ( ! file_exists($filepath))
+ if ( ! file_exists($filepath))
{
continue;
}
@@ -1112,16 +1113,17 @@ class CI_Loader {
$prefix = config_item('subclass_prefix');
}
- // Before we deem this to be a duplicate request, let's see
- // if a custom object name is being supplied. If so, we'll
- // return a new instance of the object
- if ($object_name !== NULL)
+ $property = $object_name;
+ if (empty($property))
{
- $CI =& get_instance();
- if ( ! isset($CI->$object_name))
- {
- return $this->_ci_init_library($library_name, $prefix, $params, $object_name);
- }
+ $property = strtolower($library_name);
+ isset($this->_ci_varmap[$property]) && $property = $this->_ci_varmap[$property];
+ }
+
+ $CI =& get_instance();
+ if ( ! isset($CI->$property))
+ {
+ return $this->_ci_init_library($library_name, $prefix, $params, $object_name);
}
log_message('debug', $library_name.' class already loaded. Second attempt ignored.');
@@ -1143,10 +1145,8 @@ class CI_Loader {
{
return $this->_ci_init_library($library_name, $prefix, $params, $object_name);
}
- else
- {
- log_message('debug', $path.' exists, but does not declare '.$prefix.$library_name);
- }
+
+ log_message('debug', $path.' exists, but does not declare '.$prefix.$library_name);
}
}
@@ -1164,10 +1164,8 @@ class CI_Loader {
$prefix = config_item('subclass_prefix');
break;
}
- else
- {
- log_message('debug', $path.' exists, but does not declare '.$subclass);
- }
+
+ log_message('debug', $path.' exists, but does not declare '.$subclass);
}
}
diff --git a/system/core/Log.php b/system/core/Log.php
index 3e11b35f5..d443aedb8 100644
--- a/system/core/Log.php
+++ b/system/core/Log.php
@@ -105,11 +105,11 @@ class CI_Log {
protected $_levels = array('ERROR' => 1, 'DEBUG' => 2, 'INFO' => 3, 'ALL' => 4);
/**
- * mbstring.func_override flag
+ * mbstring.func_overload flag
*
* @var bool
*/
- protected static $func_override;
+ protected static $func_overload;
// --------------------------------------------------------------------
@@ -122,7 +122,7 @@ class CI_Log {
{
$config =& get_config();
- isset(self::$func_override) OR self::$func_override = (extension_loaded('mbstring') && ini_get('mbstring.func_override'));
+ isset(self::$func_overload) OR self::$func_overload = (extension_loaded('mbstring') && ini_get('mbstring.func_overload'));
$this->_log_path = ($config['log_path'] !== '') ? $config['log_path'] : APPPATH.'logs/';
$this->_file_ext = (isset($config['log_file_extension']) && $config['log_file_extension'] !== '')
@@ -264,7 +264,7 @@ class CI_Log {
*/
protected static function strlen($str)
{
- return (self::$func_override)
+ return (self::$func_overload)
? mb_strlen($str, '8bit')
: strlen($str);
}
@@ -281,7 +281,7 @@ class CI_Log {
*/
protected static function substr($str, $start, $length = NULL)
{
- if (self::$func_override)
+ if (self::$func_overload)
{
// mb_substr($str, $start, null, '8bit') returns an empty
// string on PHP 5.3
diff --git a/system/core/Output.php b/system/core/Output.php
index 349955cd2..a3155fece 100644
--- a/system/core/Output.php
+++ b/system/core/Output.php
@@ -123,11 +123,11 @@ class CI_Output {
public $parse_exec_vars = TRUE;
/**
- * mbstring.func_override flag
+ * mbstring.func_overload flag
*
* @var bool
*/
- protected static $func_override;
+ protected static $func_overload;
/**
* Class constructor
@@ -145,7 +145,7 @@ class CI_Output {
&& extension_loaded('zlib')
);
- isset(self::$func_override) OR self::$func_override = (extension_loaded('mbstring') && ini_get('mbstring.func_override'));
+ isset(self::$func_overload) OR self::$func_overload = (extension_loaded('mbstring') && ini_get('mbstring.func_overload'));
// Get mime types for later
$this->mimes =& get_mimes();
@@ -586,62 +586,59 @@ class CI_Output {
return;
}
- if (flock($fp, LOCK_EX))
+ if ( ! flock($fp, LOCK_EX))
{
- // If output compression is enabled, compress the cache
- // itself, so that we don't have to do that each time
- // we're serving it
- if ($this->_compress_output === TRUE)
- {
- $output = gzencode($output);
+ log_message('error', 'Unable to secure a file lock for file at: '.$cache_path);
+ fclose($fp);
+ return;
+ }
- if ($this->get_header('content-type') === NULL)
- {
- $this->set_content_type($this->mime_type);
- }
+ // If output compression is enabled, compress the cache
+ // itself, so that we don't have to do that each time
+ // we're serving it
+ if ($this->_compress_output === TRUE)
+ {
+ $output = gzencode($output);
+
+ if ($this->get_header('content-type') === NULL)
+ {
+ $this->set_content_type($this->mime_type);
}
+ }
- $expire = time() + ($this->cache_expiration * 60);
+ $expire = time() + ($this->cache_expiration * 60);
- // Put together our serialized info.
- $cache_info = serialize(array(
- 'expire' => $expire,
- 'headers' => $this->headers
- ));
+ // Put together our serialized info.
+ $cache_info = serialize(array(
+ 'expire' => $expire,
+ 'headers' => $this->headers
+ ));
- $output = $cache_info.'ENDCI--->'.$output;
+ $output = $cache_info.'ENDCI--->'.$output;
- for ($written = 0, $length = self::strlen($output); $written < $length; $written += $result)
+ for ($written = 0, $length = self::strlen($output); $written < $length; $written += $result)
+ {
+ if (($result = fwrite($fp, self::substr($output, $written))) === FALSE)
{
- if (($result = fwrite($fp, self::substr($output, $written))) === FALSE)
- {
- break;
- }
+ break;
}
-
- flock($fp, LOCK_UN);
- }
- else
- {
- log_message('error', 'Unable to secure a file lock for file at: '.$cache_path);
- return;
}
+ flock($fp, LOCK_UN);
fclose($fp);
- if (is_int($result))
- {
- chmod($cache_path, 0640);
- log_message('debug', 'Cache file written: '.$cache_path);
-
- // Send HTTP cache-control headers to browser to match file cache settings.
- $this->set_cache_header($_SERVER['REQUEST_TIME'], $expire);
- }
- else
+ if ( ! is_int($result))
{
@unlink($cache_path);
log_message('error', 'Unable to write the complete cache content at: '.$cache_path);
+ return;
}
+
+ chmod($cache_path, 0640);
+ log_message('debug', 'Cache file written: '.$cache_path);
+
+ // Send HTTP cache-control headers to browser to match file cache settings.
+ $this->set_cache_header($_SERVER['REQUEST_TIME'], $expire);
}
// --------------------------------------------------------------------
@@ -708,11 +705,9 @@ class CI_Output {
log_message('debug', 'Cache file has expired. File deleted.');
return FALSE;
}
- else
- {
- // Or else send the HTTP cache control headers.
- $this->set_cache_header($last_modified, $expire);
- }
+
+ // Send the HTTP cache control headers
+ $this->set_cache_header($last_modified, $expire);
// Add headers from cache file.
foreach ($cache_info['headers'] as $header)
@@ -798,13 +793,11 @@ class CI_Output {
$this->set_status_header(304);
exit;
}
- else
- {
- header('Pragma: public');
- header('Cache-Control: max-age='.$max_age.', public');
- header('Expires: '.gmdate('D, d M Y H:i:s', $expiration).' GMT');
- header('Last-modified: '.gmdate('D, d M Y H:i:s', $last_modified).' GMT');
- }
+
+ header('Pragma: public');
+ header('Cache-Control: max-age='.$max_age.', public');
+ header('Expires: '.gmdate('D, d M Y H:i:s', $expiration).' GMT');
+ header('Last-modified: '.gmdate('D, d M Y H:i:s', $last_modified).' GMT');
}
// --------------------------------------------------------------------
@@ -817,7 +810,7 @@ class CI_Output {
*/
protected static function strlen($str)
{
- return (self::$func_override)
+ return (self::$func_overload)
? mb_strlen($str, '8bit')
: strlen($str);
}
@@ -834,7 +827,7 @@ class CI_Output {
*/
protected static function substr($str, $start, $length = NULL)
{
- if (self::$func_override)
+ if (self::$func_overload)
{
// mb_substr($str, $start, null, '8bit') returns an empty
// string on PHP 5.3
diff --git a/system/core/Security.php b/system/core/Security.php
index 585ed90ec..082ffa96b 100644
--- a/system/core/Security.php
+++ b/system/core/Security.php
@@ -354,9 +354,9 @@ class CI_Security {
// Is the string an array?
if (is_array($str))
{
- while (list($key) = each($str))
+ foreach ($str as $key => &$value)
{
- $str[$key] = $this->xss_clean($str[$key]);
+ $str[$key] = $this->xss_clean($value);
}
return $str;
@@ -869,7 +869,7 @@ class CI_Security {
// Each iteration filters a single attribute
do
{
- // Strip any non-alpha characters that may preceed an attribute.
+ // Strip any non-alpha characters that may precede an attribute.
// Browsers often parse these incorrectly and that has been a
// of numerous XSS issues we've had.
$matches['attributes'] = preg_replace('#^[^a-z]+#i', '', $matches['attributes']);
diff --git a/system/core/compat/hash.php b/system/core/compat/hash.php
index ba0198e10..c65203aaf 100644
--- a/system/core/compat/hash.php
+++ b/system/core/compat/hash.php
@@ -173,7 +173,9 @@ if ( ! function_exists('hash_pbkdf2'))
return FALSE;
}
- $hash_length = strlen(hash($algo, NULL, TRUE));
+ $hash_length = defined('MB_OVERLOAD_STRING')
+ ? mb_strlen(hash($algo, NULL, TRUE), '8bit')
+ : strlen(hash($algo, NULL, TRUE));
empty($length) && $length = $hash_length;
// Pre-hash password inputs longer than the algorithm's block size
@@ -221,14 +223,14 @@ if ( ! function_exists('hash_pbkdf2'))
'whirlpool' => 64
);
- if (isset($block_sizes[$algo]) && strlen($password) > $block_sizes[$algo])
+ if (isset($block_sizes[$algo], $password[$block_sizes[$algo]]))
{
$password = hash($algo, $password, TRUE);
}
$hash = '';
// Note: Blocks are NOT 0-indexed
- for ($bc = ceil($length / $hash_length), $bi = 1; $bi <= $bc; $bi++)
+ for ($bc = (int) ceil($length / $hash_length), $bi = 1; $bi <= $bc; $bi++)
{
$key = $derived_key = hash_hmac($algo, $salt.pack('N', $bi), $password, TRUE);
for ($i = 1; $i < $iterations; $i++)
@@ -240,6 +242,13 @@ if ( ! function_exists('hash_pbkdf2'))
}
// This is not RFC-compatible, but we're aiming for natural PHP compatibility
- return substr($raw_output ? $hash : bin2hex($hash), 0, $length);
+ if ( ! $raw_output)
+ {
+ $hash = bin2hex($hash);
+ }
+
+ return defined('MB_OVERLOAD_STRING')
+ ? mb_substr($hash, 0, $length, '8bit')
+ : substr($hash, 0, $length);
}
}
diff --git a/system/core/compat/mbstring.php b/system/core/compat/mbstring.php
index f466e1c34..1b2f2c63b 100644
--- a/system/core/compat/mbstring.php
+++ b/system/core/compat/mbstring.php
@@ -68,7 +68,7 @@ if ( ! function_exists('mb_strlen'))
* @link http://php.net/mb_strlen
* @param string $str
* @param string $encoding
- * @return string
+ * @return int
*/
function mb_strlen($str, $encoding = NULL)
{
diff --git a/system/core/compat/password.php b/system/core/compat/password.php
index b209cbe70..8176f0088 100644
--- a/system/core/compat/password.php
+++ b/system/core/compat/password.php
@@ -94,8 +94,8 @@ if ( ! function_exists('password_hash'))
*/
function password_hash($password, $algo, array $options = array())
{
- static $func_override;
- isset($func_override) OR $func_override = (extension_loaded('mbstring') && ini_get('mbstring.func_override'));
+ static $func_overload;
+ isset($func_overload) OR $func_overload = (extension_loaded('mbstring') && ini_get('mbstring.func_overload'));
if ($algo !== 1)
{
@@ -109,7 +109,7 @@ if ( ! function_exists('password_hash'))
return NULL;
}
- if (isset($options['salt']) && ($saltlen = ($func_override ? mb_strlen($options['salt'], '8bit') : strlen($options['salt']))) < 22)
+ if (isset($options['salt']) && ($saltlen = ($func_overload ? mb_strlen($options['salt'], '8bit') : strlen($options['salt']))) < 22)
{
trigger_error('password_hash(): Provided salt is too short: '.$saltlen.' expecting 22', E_USER_WARNING);
return NULL;
@@ -144,7 +144,7 @@ if ( ! function_exists('password_hash'))
is_php('5.4') && stream_set_chunk_size($fp, 16);
$options['salt'] = '';
- for ($read = 0; $read < 16; $read = ($func_override) ? mb_strlen($options['salt'], '8bit') : strlen($options['salt']))
+ for ($read = 0; $read < 16; $read = ($func_overload) ? mb_strlen($options['salt'], '8bit') : strlen($options['salt']))
{
if (($read = fread($fp, 16 - $read)) === FALSE)
{
diff --git a/system/database/DB_cache.php b/system/database/DB_cache.php
index b74c31924..7c8ee5fc9 100644
--- a/system/database/DB_cache.php
+++ b/system/database/DB_cache.php
@@ -143,7 +143,7 @@ class CI_DB_Cache {
$segment_two = ($this->CI->uri->segment(2) == FALSE) ? 'index' : $this->CI->uri->segment(2);
$filepath = $this->db->cachedir.$segment_one.'+'.$segment_two.'/'.md5($sql);
- if (FALSE === ($cachedata = @file_get_contents($filepath)))
+ if ( ! is_file($filepath) OR FALSE === ($cachedata = file_get_contents($filepath)))
{
return FALSE;
}
diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php
index 19afdd492..0b13a2f82 100644
--- a/system/database/DB_driver.php
+++ b/system/database/DB_driver.php
@@ -916,6 +916,7 @@ abstract class CI_DB_driver {
if ($this->_trans_begin())
{
+ $this->_trans_status = TRUE;
$this->_trans_depth++;
return TRUE;
}
@@ -1044,7 +1045,7 @@ abstract class CI_DB_driver {
*/
public function is_write_type($sql)
{
- return (bool) preg_match('/^\s*"?(SET|INSERT|UPDATE|DELETE|REPLACE|CREATE|DROP|TRUNCATE|LOAD|COPY|ALTER|RENAME|GRANT|REVOKE|LOCK|UNLOCK|REINDEX)\s/i', $sql);
+ return (bool) preg_match('/^\s*"?(SET|INSERT|UPDATE|DELETE|REPLACE|CREATE|DROP|TRUNCATE|LOAD|COPY|ALTER|RENAME|GRANT|REVOKE|LOCK|UNLOCK|REINDEX|MERGE)\s/i', $sql);
}
// --------------------------------------------------------------------
@@ -1173,14 +1174,14 @@ abstract class CI_DB_driver {
// --------------------------------------------------------------------
/**
- * Platform-dependant string escape
+ * Platform-dependent string escape
*
* @param string
* @return string
*/
protected function _escape_str($str)
{
- return str_replace("'", "''", remove_invisible_characters($str));
+ return str_replace("'", "''", remove_invisible_characters($str, FALSE));
}
// --------------------------------------------------------------------
diff --git a/system/database/DB_forge.php b/system/database/DB_forge.php
index 7289235c8..3cb02ca4e 100644
--- a/system/database/DB_forge.php
+++ b/system/database/DB_forge.php
@@ -488,7 +488,7 @@ abstract class CI_DB_forge {
*
* @param string $table Table name
* @param bool $if_exists Whether to add an IF EXISTS condition
- * @return string
+ * @return mixed (Returns a platform-specific DROP table string, or TRUE to indicate there's nothing to do)
*/
protected function _drop_table($table, $if_exists)
{
@@ -979,8 +979,8 @@ abstract class CI_DB_forge {
/**
* Process indexes
*
- * @param string $table
- * @return string
+ * @param string $table Table name
+ * @return string[] list of SQL statements
*/
protected function _process_indexes($table)
{
diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php
index ab19d97a2..81603bf31 100644
--- a/system/database/DB_query_builder.php
+++ b/system/database/DB_query_builder.php
@@ -215,6 +215,13 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
protected $qb_cache_join = array();
/**
+ * QB Cache aliased tables list
+ *
+ * @var array
+ */
+ protected $qb_cache_aliased_tables = array();
+
+ /**
* QB Cache WHERE data
*
* @var array
@@ -1396,13 +1403,11 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
// ORDER BY usage is often problematic here (most notably
// on Microsoft SQL Server) and ultimately unnecessary
// for selecting COUNT(*) ...
- if ( ! empty($this->qb_orderby))
- {
- $orderby = $this->qb_orderby;
- $this->qb_orderby = NULL;
- }
+ $qb_orderby = $this->qb_orderby;
+ $qb_cache_orderby = $this->qb_cache_orderby;
+ $this->qb_orderby = $this->qb_cache_orderby = NULL;
- $result = ($this->qb_distinct === TRUE OR ! empty($this->qb_groupby) OR ! empty($this->qb_cache_groupby))
+ $result = ($this->qb_distinct === TRUE OR ! empty($this->qb_groupby) OR ! empty($this->qb_cache_groupby) OR $this->qb_limit OR $this->qb_offset)
? $this->query($this->_count_string.$this->protect_identifiers('numrows')."\nFROM (\n".$this->_compile_select()."\n) CI_count_all_results")
: $this->query($this->_compile_select($this->_count_string.$this->protect_identifiers('numrows')));
@@ -1410,10 +1415,10 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
{
$this->_reset_select();
}
- // If we've previously reset the qb_orderby values, get them back
- elseif ( ! isset($this->qb_orderby))
+ else
{
- $this->qb_orderby = $orderby;
+ $this->qb_orderby = $qb_orderby;
+ $this->qb_cache_orderby = $qb_cache_orderby;
}
if ($result->num_rows() === 0)
@@ -2281,9 +2286,14 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
$table = trim(strrchr($table, ' '));
// Store the alias, if it doesn't already exist
- if ( ! in_array($table, $this->qb_aliased_tables))
+ if ( ! in_array($table, $this->qb_aliased_tables, TRUE))
{
$this->qb_aliased_tables[] = $table;
+ if ($this->qb_caching === TRUE && ! in_array($table, $this->qb_cache_aliased_tables, TRUE))
+ {
+ $this->qb_cache_aliased_tables[] = $table;
+ $this->qb_cache_exists[] = 'aliased_tables';
+ }
}
}
}
@@ -2441,7 +2451,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
*
* Escapes identifiers in GROUP BY statements at execution time.
*
- * Required so that aliases are tracked properly, regardless of wether
+ * Required so that aliases are tracked properly, regardless of whether
* group_by() is called prior to from(), join() and dbprefix is added
* only if needed.
*
@@ -2477,7 +2487,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
*
* Escapes identifiers in ORDER BY statements at execution time.
*
- * Required so that aliases are tracked properly, regardless of wether
+ * Required so that aliases are tracked properly, regardless of whether
* order_by() is called prior to from(), join() and dbprefix is added
* only if needed.
*
@@ -2485,26 +2495,27 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
*/
protected function _compile_order_by()
{
- if (is_array($this->qb_orderby) && count($this->qb_orderby) > 0)
+ if (empty($this->qb_orderby))
{
- for ($i = 0, $c = count($this->qb_orderby); $i < $c; $i++)
+ return '';
+ }
+
+ for ($i = 0, $c = count($this->qb_orderby); $i < $c; $i++)
+ {
+ if (is_string($this->qb_orderby[$i]))
{
- if ($this->qb_orderby[$i]['escape'] !== FALSE && ! $this->_is_literal($this->qb_orderby[$i]['field']))
- {
- $this->qb_orderby[$i]['field'] = $this->protect_identifiers($this->qb_orderby[$i]['field']);
- }
+ continue;
+ }
- $this->qb_orderby[$i] = $this->qb_orderby[$i]['field'].$this->qb_orderby[$i]['direction'];
+ if ($this->qb_orderby[$i]['escape'] !== FALSE && ! $this->_is_literal($this->qb_orderby[$i]['field']))
+ {
+ $this->qb_orderby[$i]['field'] = $this->protect_identifiers($this->qb_orderby[$i]['field']);
}
- return $this->qb_orderby = "\nORDER BY ".implode(', ', $this->qb_orderby);
- }
- elseif (is_string($this->qb_orderby))
- {
- return $this->qb_orderby;
+ $this->qb_orderby[$i] = $this->qb_orderby[$i]['field'].$this->qb_orderby[$i]['direction'];
}
- return '';
+ return "\nORDER BY ".implode(', ', $this->qb_orderby);
}
// --------------------------------------------------------------------
@@ -2625,7 +2636,8 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
'qb_cache_orderby' => array(),
'qb_cache_set' => array(),
'qb_cache_exists' => array(),
- 'qb_cache_no_escape' => array()
+ 'qb_cache_no_escape' => array(),
+ 'qb_cache_aliased_tables' => array()
));
return $this;
@@ -2676,13 +2688,6 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
$this->qb_no_escape = $qb_no_escape;
}
}
-
- // If we are "protecting identifiers" we need to examine the "from"
- // portion of the query to determine if there are any aliases
- if ($this->_protect_identifiers === TRUE && count($this->qb_cache_from) > 0)
- {
- $this->_track_aliases($this->qb_from);
- }
}
// --------------------------------------------------------------------
diff --git a/system/database/drivers/cubrid/cubrid_driver.php b/system/database/drivers/cubrid/cubrid_driver.php
index 257925d88..6e8aff7c6 100644
--- a/system/database/drivers/cubrid/cubrid_driver.php
+++ b/system/database/drivers/cubrid/cubrid_driver.php
@@ -250,7 +250,7 @@ class CI_DB_cubrid_driver extends CI_DB {
// --------------------------------------------------------------------
/**
- * Platform-dependant string escape
+ * Platform-dependent string escape
*
* @param string
* @return string
@@ -361,7 +361,7 @@ class CI_DB_cubrid_driver extends CI_DB {
* Error
*
* Returns an array containing code and message of the last
- * database error that has occured.
+ * database error that has occurred.
*
* @return array
*/
diff --git a/system/database/drivers/ibase/ibase_driver.php b/system/database/drivers/ibase/ibase_driver.php
index 106d5efac..3069d6699 100644
--- a/system/database/drivers/ibase/ibase_driver.php
+++ b/system/database/drivers/ibase/ibase_driver.php
@@ -294,7 +294,7 @@ class CI_DB_ibase_driver extends CI_DB {
* Error
*
* Returns an array containing code and message of the last
- * database error that has occured.
+ * database error that has occurred.
*
* @return array
*/
@@ -395,7 +395,7 @@ class CI_DB_ibase_driver extends CI_DB {
*/
protected function _insert_batch($table, $keys, $values)
{
- return ($this->db->db_debug) ? $this->db->display_error('db_unsupported_feature') : FALSE;
+ return ($this->db_debug) ? $this->display_error('db_unsupported_feature') : FALSE;
}
// --------------------------------------------------------------------
diff --git a/system/database/drivers/ibase/ibase_forge.php b/system/database/drivers/ibase/ibase_forge.php
index 44bb24e68..31352f128 100644
--- a/system/database/drivers/ibase/ibase_forge.php
+++ b/system/database/drivers/ibase/ibase_forge.php
@@ -91,7 +91,7 @@ class CI_DB_ibase_forge extends CI_DB_forge {
* Create database
*
* @param string $db_name
- * @return string
+ * @return bool
*/
public function create_database($db_name)
{
diff --git a/system/database/drivers/mssql/mssql_driver.php b/system/database/drivers/mssql/mssql_driver.php
index f0cfb2ff9..cb89f3b3f 100644
--- a/system/database/drivers/mssql/mssql_driver.php
+++ b/system/database/drivers/mssql/mssql_driver.php
@@ -352,7 +352,7 @@ class CI_DB_mssql_driver extends CI_DB {
* Error
*
* Returns an array containing code and message of the last
- * database error that has occured.
+ * database error that has occurred.
*
* @return array
*/
@@ -453,7 +453,7 @@ class CI_DB_mssql_driver extends CI_DB {
$sql = trim(substr($sql, 0, strrpos($sql, $orderby)));
// Get the fields to select from our subquery, so that we can avoid CI_rownum appearing in the actual results
- if (count($this->qb_select) === 0)
+ if (count($this->qb_select) === 0 OR strpos(implode(',', $this->qb_select), '*') !== FALSE)
{
$select = '*'; // Inevitable
}
@@ -500,7 +500,7 @@ class CI_DB_mssql_driver extends CI_DB {
return parent::_insert_batch($table, $keys, $values);
}
- return ($this->db->db_debug) ? $this->db->display_error('db_unsupported_feature') : FALSE;
+ return ($this->db_debug) ? $this->display_error('db_unsupported_feature') : FALSE;
}
// --------------------------------------------------------------------
diff --git a/system/database/drivers/mysql/mysql_driver.php b/system/database/drivers/mysql/mysql_driver.php
index 8f2dd744d..71dad676e 100644
--- a/system/database/drivers/mysql/mysql_driver.php
+++ b/system/database/drivers/mysql/mysql_driver.php
@@ -337,7 +337,7 @@ class CI_DB_mysql_driver extends CI_DB {
// --------------------------------------------------------------------
/**
- * Platform-dependant string escape
+ * Platform-dependent string escape
*
* @param string
* @return string
@@ -448,7 +448,7 @@ class CI_DB_mysql_driver extends CI_DB {
* Error
*
* Returns an array containing code and message of the last
- * database error that has occured.
+ * database error that has occurred.
*
* @return array
*/
diff --git a/system/database/drivers/mysqli/mysqli_driver.php b/system/database/drivers/mysqli/mysqli_driver.php
index 7e4290474..b59e89494 100644
--- a/system/database/drivers/mysqli/mysqli_driver.php
+++ b/system/database/drivers/mysqli/mysqli_driver.php
@@ -210,7 +210,7 @@ class CI_DB_mysqli_driver extends CI_DB {
$this->_mysqli->close();
$message = 'MySQLi was configured for an SSL connection, but got an unencrypted connection instead!';
log_message('error', $message);
- return ($this->db->db_debug) ? $this->db->display_error($message, '', TRUE) : FALSE;
+ return ($this->db_debug) ? $this->display_error($message, '', TRUE) : FALSE;
}
return $this->_mysqli;
@@ -381,7 +381,7 @@ class CI_DB_mysqli_driver extends CI_DB {
// --------------------------------------------------------------------
/**
- * Platform-dependant string escape
+ * Platform-dependent string escape
*
* @param string
* @return string
diff --git a/system/database/drivers/mysqli/mysqli_result.php b/system/database/drivers/mysqli/mysqli_result.php
index 929c2b455..0b3d9c2b4 100644
--- a/system/database/drivers/mysqli/mysqli_result.php
+++ b/system/database/drivers/mysqli/mysqli_result.php
@@ -112,9 +112,9 @@ class CI_DB_mysqli_result extends CI_DB_result {
{
$retval[$i] = new stdClass();
$retval[$i]->name = $field_data[$i]->name;
- $retval[$i]->type = $field_data[$i]->type;
+ $retval[$i]->type = static::_get_field_type($field_data[$i]->type);
$retval[$i]->max_length = $field_data[$i]->max_length;
- $retval[$i]->primary_key = (int) ($field_data[$i]->flags & 2);
+ $retval[$i]->primary_key = (int) ($field_data[$i]->flags & MYSQLI_PRI_KEY_FLAG);
$retval[$i]->default = $field_data[$i]->def;
}
@@ -124,6 +124,60 @@ class CI_DB_mysqli_result extends CI_DB_result {
// --------------------------------------------------------------------
/**
+ * Get field type
+ *
+ * Extracts field type info from the bitflags returned by
+ * mysqli_result::fetch_fields()
+ *
+ * @used-by CI_DB_mysqli_result::field_data()
+ * @param int $flags
+ * @return string
+ */
+ private static function _get_field_type($flags)
+ {
+ static $map;
+ isset($map) OR $map = array(
+ MYSQLI_TYPE_DECIMAL => 'decimal',
+ MYSQLI_TYPE_BIT => 'bit',
+ MYSQLI_TYPE_TINY => 'tinyint',
+ MYSQLI_TYPE_SHORT => 'smallint',
+ MYSQLI_TYPE_INT24 => 'mediumint',
+ MYSQLI_TYPE_LONG => 'int',
+ MYSQLI_TYPE_LONGLONG => 'bigint',
+ MYSQLI_TYPE_FLOAT => 'float',
+ MYSQLI_TYPE_DOUBLE => 'double',
+ MYSQLI_TYPE_TIMESTAMP => 'timestamp',
+ MYSQLI_TYPE_DATE => 'date',
+ MYSQLI_TYPE_TIME => 'time',
+ MYSQLI_TYPE_DATETIME => 'datetime',
+ MYSQLI_TYPE_YEAR => 'year',
+ MYSQLI_TYPE_NEWDATE => 'date',
+ MYSQLI_TYPE_INTERVAL => 'interval',
+ MYSQLI_TYPE_ENUM => 'enum',
+ MYSQLI_TYPE_SET => 'set',
+ MYSQLI_TYPE_TINY_BLOB => 'tinyblob',
+ MYSQLI_TYPE_MEDIUM_BLOB => 'mediumblob',
+ MYSQLI_TYPE_BLOB => 'blob',
+ MYSQLI_TYPE_LONG_BLOB => 'longblob',
+ MYSQLI_TYPE_STRING => 'char',
+ MYSQLI_TYPE_VAR_STRING => 'varchar',
+ MYSQLI_TYPE_GEOMETRY => 'geometry'
+ );
+
+ foreach ($map as $flag => $name)
+ {
+ if ($flags & $flag)
+ {
+ return $name;
+ }
+ }
+
+ return $flags;
+ }
+
+ // --------------------------------------------------------------------
+
+ /**
* Free the result
*
* @return void
diff --git a/system/database/drivers/mysqli/mysqli_utility.php b/system/database/drivers/mysqli/mysqli_utility.php
index 4a3dad4d1..1699b611f 100644
--- a/system/database/drivers/mysqli/mysqli_utility.php
+++ b/system/database/drivers/mysqli/mysqli_utility.php
@@ -155,9 +155,11 @@ class CI_DB_mysqli_utility extends CI_DB_utility {
while ($field = $query->result_id->fetch_field())
{
// Most versions of MySQL store timestamp as a string
- $is_int[$i] = in_array(strtolower($field->type),
- array('tinyint', 'smallint', 'mediumint', 'int', 'bigint'), //, 'timestamp'),
- TRUE);
+ $is_int[$i] = ($field->type & MYSQLI_TYPE_TINY)
+ OR ($field->type & MYSQLI_TYPE_SHORT)
+ OR ($field->type & MYSQLI_TYPE_INT24)
+ OR ($field->type & MYSQLI_TYPE_LONG)
+ OR ($field->type & MYSQLI_TYPE_LONGLONG);
// Create a string of field names
$field_str .= $this->db->escape_identifiers($field->name).', ';
diff --git a/system/database/drivers/oci8/oci8_driver.php b/system/database/drivers/oci8/oci8_driver.php
index c7f033019..fb2f6b31b 100644
--- a/system/database/drivers/oci8/oci8_driver.php
+++ b/system/database/drivers/oci8/oci8_driver.php
@@ -553,7 +553,7 @@ class CI_DB_oci8_driver extends CI_DB {
* Error
*
* Returns an array containing code and message of the last
- * database error that has occured.
+ * database error that has occurred.
*
* @return array
*/
diff --git a/system/database/drivers/oci8/oci8_forge.php b/system/database/drivers/oci8/oci8_forge.php
index 867a94341..724a76df4 100644
--- a/system/database/drivers/oci8/oci8_forge.php
+++ b/system/database/drivers/oci8/oci8_forge.php
@@ -124,7 +124,7 @@ class CI_DB_oci8_forge extends CI_DB_forge {
if ($alter_type === 'MODIFY' && ! empty($field[$i]['new_name']))
{
$sqls[] = $sql.' RENAME COLUMN '.$this->db->escape_identifiers($field[$i]['name'])
- .' '.$this->db->escape_identifiers($field[$i]['new_name']);
+ .' TO '.$this->db->escape_identifiers($field[$i]['new_name']);
}
$field[$i] = "\n\t".$field[$i]['_literal'];
diff --git a/system/database/drivers/odbc/odbc_driver.php b/system/database/drivers/odbc/odbc_driver.php
index 9f5a86fa0..ef982fc63 100644
--- a/system/database/drivers/odbc/odbc_driver.php
+++ b/system/database/drivers/odbc/odbc_driver.php
@@ -309,14 +309,14 @@ class CI_DB_odbc_driver extends CI_DB_driver {
// --------------------------------------------------------------------
/**
- * Platform-dependant string escape
+ * Platform-dependent string escape
*
* @param string
* @return string
*/
protected function _escape_str($str)
{
- $this->db->display_error('db_unsupported_feature');
+ $this->display_error('db_unsupported_feature');
}
// --------------------------------------------------------------------
@@ -340,7 +340,7 @@ class CI_DB_odbc_driver extends CI_DB_driver {
*/
public function insert_id()
{
- return ($this->db->db_debug) ? $this->db->display_error('db_unsupported_feature') : FALSE;
+ return ($this->db_debug) ? $this->display_error('db_unsupported_feature') : FALSE;
}
// --------------------------------------------------------------------
@@ -402,7 +402,7 @@ class CI_DB_odbc_driver extends CI_DB_driver {
* Error
*
* Returns an array containing code and message of the last
- * database error that has occured.
+ * database error that has occurred.
*
* @return array
*/
diff --git a/system/database/drivers/pdo/pdo_driver.php b/system/database/drivers/pdo/pdo_driver.php
index d816dcb64..6afc999c2 100644
--- a/system/database/drivers/pdo/pdo_driver.php
+++ b/system/database/drivers/pdo/pdo_driver.php
@@ -223,7 +223,7 @@ class CI_DB_pdo_driver extends CI_DB {
// --------------------------------------------------------------------
/**
- * Platform-dependant string escape
+ * Platform-dependent string escape
*
* @param string
* @return string
@@ -285,7 +285,7 @@ class CI_DB_pdo_driver extends CI_DB {
* Error
*
* Returns an array containing code and message of the last
- * database error that has occured.
+ * database error that has occurred.
*
* @return array
*/
diff --git a/system/database/drivers/pdo/subdrivers/pdo_dblib_driver.php b/system/database/drivers/pdo/subdrivers/pdo_dblib_driver.php
index 3249a1d7f..b9b86f784 100644
--- a/system/database/drivers/pdo/subdrivers/pdo_dblib_driver.php
+++ b/system/database/drivers/pdo/subdrivers/pdo_dblib_driver.php
@@ -284,7 +284,7 @@ class CI_DB_pdo_dblib_driver extends CI_DB_pdo_driver {
$sql = trim(substr($sql, 0, strrpos($sql, $orderby)));
// Get the fields to select from our subquery, so that we can avoid CI_rownum appearing in the actual results
- if (count($this->qb_select) === 0)
+ if (count($this->qb_select) === 0 OR strpos(implode(',', $this->qb_select), '*') !== FALSE)
{
$select = '*'; // Inevitable
}
@@ -331,7 +331,23 @@ class CI_DB_pdo_dblib_driver extends CI_DB_pdo_driver {
return parent::_insert_batch($table, $keys, $values);
}
- return ($this->db->db_debug) ? $this->db->display_error('db_unsupported_feature') : FALSE;
+ return ($this->db_debug) ? $this->display_error('db_unsupported_feature') : FALSE;
}
+ // --------------------------------------------------------------------
+
+ /**
+ * Database version number
+ *
+ * @return string
+ */
+ public function version()
+ {
+ if (isset($this->data_cache['version']))
+ {
+ return $this->data_cache['version'];
+ }
+
+ return $this->data_cache['version'] = $this->conn_id->query("SELECT SERVERPROPERTY('ProductVersion') AS ver")->fetchColumn(0);
+ }
}
diff --git a/system/database/drivers/pdo/subdrivers/pdo_firebird_driver.php b/system/database/drivers/pdo/subdrivers/pdo_firebird_driver.php
index aa5e7d6e7..cb93f19b7 100644
--- a/system/database/drivers/pdo/subdrivers/pdo_firebird_driver.php
+++ b/system/database/drivers/pdo/subdrivers/pdo_firebird_driver.php
@@ -274,6 +274,6 @@ class CI_DB_pdo_firebird_driver extends CI_DB_pdo_driver {
*/
protected function _insert_batch($table, $keys, $values)
{
- return ($this->db->db_debug) ? $this->db->display_error('db_unsupported_feature') : FALSE;
+ return ($this->db_debug) ? $this->display_error('db_unsupported_feature') : FALSE;
}
}
diff --git a/system/database/drivers/pdo/subdrivers/pdo_mysql_driver.php b/system/database/drivers/pdo/subdrivers/pdo_mysql_driver.php
index 66c15dac6..64b13d827 100644
--- a/system/database/drivers/pdo/subdrivers/pdo_mysql_driver.php
+++ b/system/database/drivers/pdo/subdrivers/pdo_mysql_driver.php
@@ -182,7 +182,7 @@ class CI_DB_pdo_mysql_driver extends CI_DB_pdo_driver {
{
$message = 'PDO_MYSQL was configured for an SSL connection, but got an unencrypted connection instead!';
log_message('error', $message);
- return ($this->db->db_debug) ? $this->db->display_error($message, '', TRUE) : FALSE;
+ return ($this->db_debug) ? $this->display_error($message, '', TRUE) : FALSE;
}
return $pdo;
diff --git a/system/database/drivers/pdo/subdrivers/pdo_oci_forge.php b/system/database/drivers/pdo/subdrivers/pdo_oci_forge.php
index c8983ee56..813207b8e 100644
--- a/system/database/drivers/pdo/subdrivers/pdo_oci_forge.php
+++ b/system/database/drivers/pdo/subdrivers/pdo_oci_forge.php
@@ -117,7 +117,7 @@ class CI_DB_pdo_oci_forge extends CI_DB_pdo_forge {
if ($alter_type === 'MODIFY' && ! empty($field[$i]['new_name']))
{
$sqls[] = $sql.' RENAME COLUMN '.$this->db->escape_identifiers($field[$i]['name'])
- .' '.$this->db->escape_identifiers($field[$i]['new_name']);
+ .' TO '.$this->db->escape_identifiers($field[$i]['new_name']);
}
}
}
diff --git a/system/database/drivers/pdo/subdrivers/pdo_odbc_driver.php b/system/database/drivers/pdo/subdrivers/pdo_odbc_driver.php
index f4a2f08f3..066dd9614 100644
--- a/system/database/drivers/pdo/subdrivers/pdo_odbc_driver.php
+++ b/system/database/drivers/pdo/subdrivers/pdo_odbc_driver.php
@@ -161,14 +161,14 @@ class CI_DB_pdo_odbc_driver extends CI_DB_pdo_driver {
// --------------------------------------------------------------------
/**
- * Platform-dependant string escape
+ * Platform-dependent string escape
*
* @param string
* @return string
*/
protected function _escape_str($str)
{
- $this->db->display_error('db_unsupported_feature');
+ $this->display_error('db_unsupported_feature');
}
// --------------------------------------------------------------------
diff --git a/system/database/drivers/pdo/subdrivers/pdo_pgsql_forge.php b/system/database/drivers/pdo/subdrivers/pdo_pgsql_forge.php
index 18e399dac..b00af4ad0 100644
--- a/system/database/drivers/pdo/subdrivers/pdo_pgsql_forge.php
+++ b/system/database/drivers/pdo/subdrivers/pdo_pgsql_forge.php
@@ -168,7 +168,7 @@ class CI_DB_pdo_pgsql_forge extends CI_DB_pdo_forge {
*/
protected function _attr_type(&$attributes)
{
- // Reset field lenghts for data types that don't support it
+ // Reset field lengths for data types that don't support it
if (isset($attributes['CONSTRAINT']) && stripos($attributes['TYPE'], 'int') !== FALSE)
{
$attributes['CONSTRAINT'] = NULL;
diff --git a/system/database/drivers/pdo/subdrivers/pdo_sqlsrv_driver.php b/system/database/drivers/pdo/subdrivers/pdo_sqlsrv_driver.php
index 1cf6c614d..a9fb4d14a 100644
--- a/system/database/drivers/pdo/subdrivers/pdo_sqlsrv_driver.php
+++ b/system/database/drivers/pdo/subdrivers/pdo_sqlsrv_driver.php
@@ -316,7 +316,7 @@ class CI_DB_pdo_sqlsrv_driver extends CI_DB_pdo_driver {
$sql = trim(substr($sql, 0, strrpos($sql, $orderby)));
// Get the fields to select from our subquery, so that we can avoid CI_rownum appearing in the actual results
- if (count($this->qb_select) === 0)
+ if (count($this->qb_select) === 0 OR strpos(implode(',', $this->qb_select), '*') !== FALSE)
{
$select = '*'; // Inevitable
}
@@ -363,7 +363,7 @@ class CI_DB_pdo_sqlsrv_driver extends CI_DB_pdo_driver {
return parent::_insert_batch($table, $keys, $values);
}
- return ($this->db->db_debug) ? $this->db->display_error('db_unsupported_feature') : FALSE;
+ return ($this->db_debug) ? $this->display_error('db_unsupported_feature') : FALSE;
}
}
diff --git a/system/database/drivers/postgre/postgre_driver.php b/system/database/drivers/postgre/postgre_driver.php
index cef464af4..bcdfc060a 100644
--- a/system/database/drivers/postgre/postgre_driver.php
+++ b/system/database/drivers/postgre/postgre_driver.php
@@ -130,9 +130,9 @@ class CI_DB_postgre_driver extends CI_DB {
*/
foreach (array('connect_timeout', 'options', 'sslmode', 'service') as $key)
{
- if (isset($this->$key) && is_string($this->key) && $this->key !== '')
+ if (isset($this->$key) && is_string($this->$key) && $this->$key !== '')
{
- $this->dsn .= $key."='".$this->key."' ";
+ $this->dsn .= $key."='".$this->$key."' ";
}
}
@@ -299,7 +299,7 @@ class CI_DB_postgre_driver extends CI_DB {
// --------------------------------------------------------------------
/**
- * Platform-dependant string escape
+ * Platform-dependent string escape
*
* @param string
* @return string
@@ -471,7 +471,7 @@ class CI_DB_postgre_driver extends CI_DB {
* Error
*
* Returns an array containing code and message of the last
- * database error that has occured.
+ * database error that has occurred.
*
* @return array
*/
diff --git a/system/database/drivers/postgre/postgre_forge.php b/system/database/drivers/postgre/postgre_forge.php
index f7bbf7441..cdbff4c4b 100644
--- a/system/database/drivers/postgre/postgre_forge.php
+++ b/system/database/drivers/postgre/postgre_forge.php
@@ -163,7 +163,7 @@ class CI_DB_postgre_forge extends CI_DB_forge {
*/
protected function _attr_type(&$attributes)
{
- // Reset field lenghts for data types that don't support it
+ // Reset field lengths for data types that don't support it
if (isset($attributes['CONSTRAINT']) && stripos($attributes['TYPE'], 'int') !== FALSE)
{
$attributes['CONSTRAINT'] = NULL;
diff --git a/system/database/drivers/sqlite3/sqlite3_driver.php b/system/database/drivers/sqlite3/sqlite3_driver.php
index 2d78a0f8a..d131baad7 100644
--- a/system/database/drivers/sqlite3/sqlite3_driver.php
+++ b/system/database/drivers/sqlite3/sqlite3_driver.php
@@ -168,7 +168,7 @@ class CI_DB_sqlite3_driver extends CI_DB {
// --------------------------------------------------------------------
/**
- * Platform-dependant string escape
+ * Platform-dependent string escape
*
* @param string
* @return string
@@ -291,7 +291,7 @@ class CI_DB_sqlite3_driver extends CI_DB {
* Error
*
* Returns an array containing code and message of the last
- * database error that has occured.
+ * database error that has occurred.
*
* @return array
*/
diff --git a/system/database/drivers/sqlsrv/sqlsrv_driver.php b/system/database/drivers/sqlsrv/sqlsrv_driver.php
index 10aad115f..4edcc7fb8 100644
--- a/system/database/drivers/sqlsrv/sqlsrv_driver.php
+++ b/system/database/drivers/sqlsrv/sqlsrv_driver.php
@@ -358,7 +358,7 @@ class CI_DB_sqlsrv_driver extends CI_DB {
* Error
*
* Returns an array containing code and message of the last
- * database error that has occured.
+ * database error that has occurred.
*
* @return array
*/
@@ -478,7 +478,7 @@ class CI_DB_sqlsrv_driver extends CI_DB {
$sql = trim(substr($sql, 0, strrpos($sql, $orderby)));
// Get the fields to select from our subquery, so that we can avoid CI_rownum appearing in the actual results
- if (count($this->qb_select) === 0)
+ if (count($this->qb_select) === 0 OR strpos(implode(',', $this->qb_select), '*') !== FALSE)
{
$select = '*'; // Inevitable
}
@@ -525,7 +525,7 @@ class CI_DB_sqlsrv_driver extends CI_DB {
return parent::_insert_batch($table, $keys, $values);
}
- return ($this->db->db_debug) ? $this->db->display_error('db_unsupported_feature') : FALSE;
+ return ($this->db_debug) ? $this->display_error('db_unsupported_feature') : FALSE;
}
// --------------------------------------------------------------------
diff --git a/system/helpers/cookie_helper.php b/system/helpers/cookie_helper.php
index bb90cba1e..b943edbae 100644
--- a/system/helpers/cookie_helper.php
+++ b/system/helpers/cookie_helper.php
@@ -67,7 +67,7 @@ if ( ! function_exists('set_cookie'))
* @param bool true makes the cookie accessible via http(s) only (no javascript)
* @return void
*/
- function set_cookie($name, $value = '', $expire = '', $domain = '', $path = '/', $prefix = '', $secure = FALSE, $httponly = FALSE)
+ function set_cookie($name, $value = '', $expire = '', $domain = '', $path = '/', $prefix = '', $secure = NULL, $httponly = NULL)
{
// Set the config file options
get_instance()->input->set_cookie($name, $value, $expire, $domain, $path, $prefix, $secure, $httponly);
diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php
index a49eea803..13f196318 100644
--- a/system/helpers/form_helper.php
+++ b/system/helpers/form_helper.php
@@ -597,7 +597,7 @@ if ( ! function_exists('form_label'))
*
* @param string The text to appear onscreen
* @param string The id the label applies to
- * @param array Additional attributes
+ * @param mixed Additional attributes
* @return string
*/
function form_label($label_text = '', $id = '', $attributes = array())
@@ -610,13 +610,7 @@ if ( ! function_exists('form_label'))
$label .= ' for="'.$id.'"';
}
- if (is_array($attributes) && count($attributes) > 0)
- {
- foreach ($attributes as $key => $val)
- {
- $label .= ' '.$key.'="'.$val.'"';
- }
- }
+ $label .= _attributes_to_string($attributes);
return $label.'>'.$label_text.'</label>';
}
diff --git a/system/helpers/html_helper.php b/system/helpers/html_helper.php
index de1b92cde..87a5f9b23 100644
--- a/system/helpers/html_helper.php
+++ b/system/helpers/html_helper.php
@@ -192,7 +192,7 @@ if ( ! function_exists('img'))
foreach ($src as $k => $v)
{
- if ($k === 'src' && ! preg_match('#^([a-z]+:)?//#i', $v))
+ if ($k === 'src' && ! preg_match('#^(data:[a-z,;])|(([a-z]+:)?(?<!data:)//)#i', $v))
{
if ($index_page === TRUE)
{
diff --git a/system/helpers/inflector_helper.php b/system/helpers/inflector_helper.php
index 26a5a5ca9..4a6805fbb 100644
--- a/system/helpers/inflector_helper.php
+++ b/system/helpers/inflector_helper.php
@@ -95,6 +95,7 @@ if ( ! function_exists('singular'))
'/(s)tatuses$/' => '\1\2tatus',
'/(c)hildren$/' => '\1\2hild',
'/(n)ews$/' => '\1\2ews',
+ '/(quiz)zes$/' => '\1',
'/([^us])s$/' => '\1'
);
diff --git a/system/helpers/string_helper.php b/system/helpers/string_helper.php
index 23608e5f4..93446b82f 100644
--- a/system/helpers/string_helper.php
+++ b/system/helpers/string_helper.php
@@ -195,9 +195,7 @@ if ( ! function_exists('reduce_multiples'))
if ( ! function_exists('random_string'))
{
/**
- * Create a Random String
- *
- * Useful for generating passwords or hashes.
+ * Create a "Random" String
*
* @param string type of random string. basic, alpha, alnum, numeric, nozero, unique, md5, encrypt and sha1
* @param int number of characters
diff --git a/system/helpers/text_helper.php b/system/helpers/text_helper.php
index 07c01c3af..217729b70 100644
--- a/system/helpers/text_helper.php
+++ b/system/helpers/text_helper.php
@@ -138,7 +138,10 @@ if ( ! function_exists('ascii_to_entities'))
function ascii_to_entities($str)
{
$out = '';
- for ($i = 0, $s = strlen($str) - 1, $count = 1, $temp = array(); $i <= $s; $i++)
+ $length = defined('MB_OVERLOAD_STRING')
+ ? mb_strlen($str, '8bit') - 1
+ : strlen($str) - 1;
+ for ($i = 0, $count = 1, $temp = array(); $i <= $length; $i++)
{
$ordinal = ord($str[$i]);
@@ -176,7 +179,7 @@ if ( ! function_exists('ascii_to_entities'))
$temp = array();
}
// If this is the last iteration, just output whatever we have
- elseif ($i === $s)
+ elseif ($i === $length)
{
$out .= '&#'.implode(';', $temp).';';
}
diff --git a/system/libraries/Cache/drivers/Cache_apc.php b/system/libraries/Cache/drivers/Cache_apc.php
index f2b61adb1..c873eb640 100644
--- a/system/libraries/Cache/drivers/Cache_apc.php
+++ b/system/libraries/Cache/drivers/Cache_apc.php
@@ -80,14 +80,7 @@ class CI_Cache_apc extends CI_Driver {
$success = FALSE;
$data = apc_fetch($id, $success);
- if ($success === TRUE)
- {
- return is_array($data)
- ? unserialize($data[0])
- : $data;
- }
-
- return FALSE;
+ return ($success === TRUE) ? $data : FALSE;
}
// ------------------------------------------------------------------------
@@ -98,18 +91,12 @@ class CI_Cache_apc extends CI_Driver {
* @param string $id Cache ID
* @param mixed $data Data to store
* @param int $ttl Length of time (in seconds) to cache the data
- * @param bool $raw Whether to store the raw value
+ * @param bool $raw Whether to store the raw value (unused)
* @return bool TRUE on success, FALSE on failure
*/
public function save($id, $data, $ttl = 60, $raw = FALSE)
{
- $ttl = (int) $ttl;
-
- return apc_store(
- $id,
- ($raw === TRUE ? $data : array(serialize($data), time(), $ttl)),
- $ttl
- );
+ return apc_store($id, $data, (int) $ttl);
}
// ------------------------------------------------------------------------
@@ -188,21 +175,30 @@ class CI_Cache_apc extends CI_Driver {
*/
public function get_metadata($id)
{
- $success = FALSE;
- $stored = apc_fetch($id, $success);
-
- if ($success === FALSE OR count($stored) !== 3)
+ $cache_info = apc_cache_info('user', FALSE);
+ if (empty($cache_info) OR empty($cache_info['cache_list']))
{
return FALSE;
}
- list($data, $time, $ttl) = $stored;
+ foreach ($cache_info['cache_list'] as &$entry)
+ {
+ if ($entry['info'] !== $id)
+ {
+ continue;
+ }
+
+ $success = FALSE;
+ $metadata = array(
+ 'expire' => ($entry['ttl'] ? $entry['mtime'] + $entry['ttl'] : 0),
+ 'mtime' => $entry['ttl'],
+ 'data' => apc_fetch($id, $success)
+ );
+
+ return ($success === TRUE) ? $metadata : FALSE;
+ }
- return array(
- 'expire' => $time + $ttl,
- 'mtime' => $time,
- 'data' => unserialize($data)
- );
+ return FALSE;
}
// ------------------------------------------------------------------------
diff --git a/system/libraries/Cache/drivers/Cache_memcached.php b/system/libraries/Cache/drivers/Cache_memcached.php
index 17e361107..b642a2c03 100644
--- a/system/libraries/Cache/drivers/Cache_memcached.php
+++ b/system/libraries/Cache/drivers/Cache_memcached.php
@@ -110,7 +110,7 @@ class CI_Cache_memcached extends CI_Driver {
if ($this->_memcached instanceof Memcache)
{
- // Third parameter is persistance and defaults to TRUE.
+ // Third parameter is persistence and defaults to TRUE.
$this->_memcached->addServer(
$cache_server['hostname'],
$cache_server['port'],
diff --git a/system/libraries/Email.php b/system/libraries/Email.php
index 117c4845f..0e9cf0574 100644
--- a/system/libraries/Email.php
+++ b/system/libraries/Email.php
@@ -375,11 +375,11 @@ class CI_Email {
);
/**
- * mbstring.func_override flag
+ * mbstring.func_overload flag
*
* @var bool
*/
- protected static $func_override;
+ protected static $func_overload;
// --------------------------------------------------------------------
@@ -397,7 +397,7 @@ class CI_Email {
$this->initialize($config);
$this->_safe_mode = ( ! is_php('5.4') && ini_get('safe_mode'));
- isset(self::$func_override) OR self::$func_override = (extension_loaded('mbstring') && ini_get('mbstring.func_override'));
+ isset(self::$func_overload) OR self::$func_overload = (extension_loaded('mbstring') && ini_get('mbstring.func_overload'));
log_message('info', 'Email Class Initialized');
}
@@ -913,18 +913,13 @@ class CI_Email {
/**
* Get Mail Protocol
*
- * @param bool
* @return mixed
*/
- protected function _get_protocol($return = TRUE)
+ protected function _get_protocol()
{
$this->protocol = strtolower($this->protocol);
in_array($this->protocol, $this->_protocols, TRUE) OR $this->protocol = 'mail';
-
- if ($return === TRUE)
- {
- return $this->protocol;
- }
+ return $this->protocol;
}
// --------------------------------------------------------------------
@@ -932,25 +927,21 @@ class CI_Email {
/**
* Get Mail Encoding
*
- * @param bool
* @return string
*/
- protected function _get_encoding($return = TRUE)
+ protected function _get_encoding()
{
in_array($this->_encoding, $this->_bit_depths) OR $this->_encoding = '8bit';
foreach ($this->_base_charsets as $charset)
{
- if (strpos($charset, $this->charset) === 0)
+ if (strpos($this->charset, $charset) === 0)
{
$this->_encoding = '7bit';
}
}
- if ($return === TRUE)
- {
- return $this->_encoding;
- }
+ return $this->_encoding;
}
// --------------------------------------------------------------------
@@ -1829,14 +1820,15 @@ class CI_Email {
{
$this->_unwrap_specials();
- $method = '_send_with_'.$this->_get_protocol();
+ $protocol = $this->_get_protocol();
+ $method = '_send_with_'.$protocol;
if ( ! $this->$method())
{
- $this->_set_error_message('lang:email_send_failure_'.($this->_get_protocol() === 'mail' ? 'phpmail' : $this->_get_protocol()));
+ $this->_set_error_message('lang:email_send_failure_'.($protocol === 'mail' ? 'phpmail' : $protocol));
return FALSE;
}
- $this->_set_error_message('lang:email_sent', $this->_get_protocol());
+ $this->_set_error_message('lang:email_sent', $protocol);
return TRUE;
}
@@ -2442,7 +2434,7 @@ class CI_Email {
*/
protected static function strlen($str)
{
- return (self::$func_override)
+ return (self::$func_overload)
? mb_strlen($str, '8bit')
: strlen($str);
}
@@ -2459,7 +2451,7 @@ class CI_Email {
*/
protected static function substr($str, $start, $length = NULL)
{
- if (self::$func_override)
+ if (self::$func_overload)
{
// mb_substr($str, $start, null, '8bit') returns an empty
// string on PHP 5.3
diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php
index 46f374726..ebcc6e8c6 100644
--- a/system/libraries/Encrypt.php
+++ b/system/libraries/Encrypt.php
@@ -122,7 +122,7 @@ class CI_Encrypt {
$key = config_item('encryption_key');
- if ( ! strlen($key))
+ if ( ! self::strlen($key))
{
show_error('In order to use the encryption class requires that you set an encryption key in your config file.');
}
@@ -252,7 +252,7 @@ class CI_Encrypt {
$string = $this->_xor_merge($string, $key);
$dec = '';
- for ($i = 0, $l = strlen($string); $i < $l; $i++)
+ for ($i = 0, $l = self::strlen($string); $i < $l; $i++)
{
$dec .= ($string[$i++] ^ $string[$i]);
}
@@ -275,7 +275,8 @@ class CI_Encrypt {
{
$hash = $this->hash($key);
$str = '';
- for ($i = 0, $ls = strlen($string), $lh = strlen($hash); $i < $ls; $i++)
+
+ for ($i = 0, $ls = self::strlen($string), $lh = self::strlen($hash); $i < $ls; $i++)
{
$str .= $string[$i] ^ $hash[($i % $lh)];
}
@@ -295,7 +296,7 @@ class CI_Encrypt {
public function mcrypt_encode($data, $key)
{
$init_size = mcrypt_get_iv_size($this->_get_cipher(), $this->_get_mode());
- $init_vect = mcrypt_create_iv($init_size, MCRYPT_RAND);
+ $init_vect = mcrypt_create_iv($init_size, MCRYPT_DEV_URANDOM);
return $this->_add_cipher_noise($init_vect.mcrypt_encrypt($this->_get_cipher(), $key, $data, $this->_get_mode(), $init_vect), $key);
}
@@ -313,13 +314,14 @@ class CI_Encrypt {
$data = $this->_remove_cipher_noise($data, $key);
$init_size = mcrypt_get_iv_size($this->_get_cipher(), $this->_get_mode());
- if ($init_size > strlen($data))
+ if ($init_size > self::strlen($data))
{
return FALSE;
}
- $init_vect = substr($data, 0, $init_size);
- $data = substr($data, $init_size);
+ $init_vect = self::substr($data, 0, $init_size);
+ $data = self::substr($data, $init_size);
+
return rtrim(mcrypt_decrypt($this->_get_cipher(), $key, $data, $this->_get_mode(), $init_vect), "\0");
}
@@ -339,7 +341,7 @@ class CI_Encrypt {
$key = $this->hash($key);
$str = '';
- for ($i = 0, $j = 0, $ld = strlen($data), $lk = strlen($key); $i < $ld; ++$i, ++$j)
+ for ($i = 0, $j = 0, $ld = self::strlen($data), $lk = self::strlen($key); $i < $ld; ++$i, ++$j)
{
if ($j >= $lk)
{
@@ -369,7 +371,7 @@ class CI_Encrypt {
$key = $this->hash($key);
$str = '';
- for ($i = 0, $j = 0, $ld = strlen($data), $lk = strlen($key); $i < $ld; ++$i, ++$j)
+ for ($i = 0, $j = 0, $ld = self::strlen($data), $lk = self::strlen($key); $i < $ld; ++$i, ++$j)
{
if ($j >= $lk)
{
@@ -477,4 +479,43 @@ class CI_Encrypt {
return hash($this->_hash_type, $str);
}
+ // --------------------------------------------------------------------
+
+ /**
+ * Byte-safe strlen()
+ *
+ * @param string $str
+ * @return int
+ */
+ protected static function strlen($str)
+ {
+ return defined('MB_OVERLOAD_STRING')
+ ? mb_strlen($str, '8bit')
+ : strlen($str);
+ }
+
+ // --------------------------------------------------------------------
+
+ /**
+ * Byte-safe substr()
+ *
+ * @param string $str
+ * @param int $start
+ * @param int $length
+ * @return string
+ */
+ protected static function substr($str, $start, $length = NULL)
+ {
+ if (defined('MB_OVERLOAD_STRING'))
+ {
+ // mb_substr($str, $start, null, '8bit') returns an empty
+ // string on PHP 5.3
+ isset($length) OR $length = ($start >= 0 ? self::strlen($str) - $start : -$start);
+ return mb_substr($str, $start, $length, '8bit');
+ }
+
+ return isset($length)
+ ? substr($str, $start, $length)
+ : substr($str, $start);
+ }
}
diff --git a/system/libraries/Encryption.php b/system/libraries/Encryption.php
index 74832ede6..c1e454dda 100644
--- a/system/libraries/Encryption.php
+++ b/system/libraries/Encryption.php
@@ -135,11 +135,11 @@ class CI_Encryption {
);
/**
- * mbstring.func_override flag
+ * mbstring.func_overload flag
*
* @var bool
*/
- protected static $func_override;
+ protected static $func_overload;
// --------------------------------------------------------------------
@@ -161,7 +161,7 @@ class CI_Encryption {
show_error('Encryption: Unable to find an available encryption driver.');
}
- isset(self::$func_override) OR self::$func_override = (extension_loaded('mbstring') && ini_get('mbstring.func_override'));
+ isset(self::$func_overload) OR self::$func_overload = (extension_loaded('mbstring') && ini_get('mbstring.func_overload'));
$this->initialize($params);
if ( ! isset($this->_key) && self::strlen($key = config_item('encryption_key')) > 0)
@@ -911,7 +911,7 @@ class CI_Encryption {
*/
protected static function strlen($str)
{
- return (self::$func_override)
+ return (self::$func_overload)
? mb_strlen($str, '8bit')
: strlen($str);
}
@@ -928,7 +928,7 @@ class CI_Encryption {
*/
protected static function substr($str, $start, $length = NULL)
{
- if (self::$func_override)
+ if (self::$func_overload)
{
// mb_substr($str, $start, null, '8bit') returns an empty
// string on PHP 5.3
diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php
index 4f679a17f..71d0e64b1 100644
--- a/system/libraries/Form_validation.php
+++ b/system/libraries/Form_validation.php
@@ -1229,9 +1229,9 @@ class CI_Form_validation {
*/
public function valid_email($str)
{
- if (function_exists('idn_to_ascii') && sscanf($str, '%[^@]@%s', $name, $domain) === 2)
+ if (function_exists('idn_to_ascii') && preg_match('#\A([^@]+)@(.+)\z#', $str, $matches))
{
- $str = $name.'@'.idn_to_ascii($domain);
+ $str = $matches[1].'@'.idn_to_ascii($matches[2]);
}
return (bool) filter_var($str, FILTER_VALIDATE_EMAIL);
diff --git a/system/libraries/Ftp.php b/system/libraries/Ftp.php
index ac960a419..86e5b8f33 100644
--- a/system/libraries/Ftp.php
+++ b/system/libraries/Ftp.php
@@ -486,7 +486,7 @@ class CI_FTP {
{
for ($i = 0, $c = count($list); $i < $c; $i++)
{
- // If we can't delete the item it's probaly a directory,
+ // If we can't delete the item it's probably a directory,
// so we'll recursively call delete_dir()
if ( ! preg_match('#/\.\.?$#', $list[$i]) && ! @ftp_delete($this->conn_id, $list[$i]))
{
diff --git a/system/libraries/Image_lib.php b/system/libraries/Image_lib.php
index 9ec44da0c..8786d9d02 100644
--- a/system/libraries/Image_lib.php
+++ b/system/libraries/Image_lib.php
@@ -392,6 +392,16 @@ class CI_Image_lib {
$this->initialize($props);
}
+ /**
+ * A work-around for some improperly formatted, but
+ * usable JPEGs; known to be produced by Samsung
+ * smartphones' front-facing cameras.
+ *
+ * @see https://github.com/bcit-ci/CodeIgniter/issues/4967
+ * @see https://bugs.php.net/bug.php?id=72404
+ */
+ ini_set('gd.jpeg_ignore_warning', 1);
+
log_message('info', 'Image Lib Class Initialized');
}
@@ -962,7 +972,7 @@ class CI_Image_lib {
$cmd_inner = 'pnmscale -xysize '.$this->width.' '.$this->height;
}
- $cmd = $this->library_path.$cmd_in.' '.$this->full_src_path.' | '.$cmd_inner.' | '.$cmd_out.' > '.$this->dest_folder.'netpbm.tmp';
+ $cmd = $this->library_path.$cmd_in.' '.escapeshellarg($this->full_src_path).' | '.$cmd_inner.' | '.$cmd_out.' > '.$this->dest_folder.'netpbm.tmp';
$retval = 1;
// exec() might be disabled
diff --git a/system/libraries/Pagination.php b/system/libraries/Pagination.php
index 1df5f9cd5..f26f8a4ed 100644
--- a/system/libraries/Pagination.php
+++ b/system/libraries/Pagination.php
@@ -428,7 +428,7 @@ class CI_Pagination {
{
$get = $this->CI->input->get();
- // Unset the controll, method, old-school routing options
+ // Unset the control, method, old-school routing options
unset($get['c'], $get['m'], $get[$this->query_string_segment]);
}
else
diff --git a/system/libraries/Profiler.php b/system/libraries/Profiler.php
index e9e03cfe0..cb3eaed75 100644
--- a/system/libraries/Profiler.php
+++ b/system/libraries/Profiler.php
@@ -316,7 +316,7 @@ class CI_Profiler {
{
is_int($key) OR $key = "'".htmlspecialchars($key, ENT_QUOTES, config_item('charset'))."'";
$val = (is_array($val) OR is_object($val))
- ? '<pre>'.htmlspecialchars(print_r($val, TRUE), ENT_QUOTES, config_item('charset'))
+ ? '<pre>'.htmlspecialchars(print_r($val, TRUE), ENT_QUOTES, config_item('charset')).'</pre>'
: htmlspecialchars($val, ENT_QUOTES, config_item('charset'));
$output .= '<tr><td style="width:50%;color:#000;background-color:#ddd;padding:5px;">&#36;_GET['
@@ -356,7 +356,7 @@ class CI_Profiler {
{
is_int($key) OR $key = "'".htmlspecialchars($key, ENT_QUOTES, config_item('charset'))."'";
$val = (is_array($val) OR is_object($val))
- ? '<pre>'.htmlspecialchars(print_r($val, TRUE), ENT_QUOTES, config_item('charset'))
+ ? '<pre>'.htmlspecialchars(print_r($val, TRUE), ENT_QUOTES, config_item('charset')).'</pre>'
: htmlspecialchars($val, ENT_QUOTES, config_item('charset'));
$output .= '<tr><td style="width:50%;padding:5px;color:#000;background-color:#ddd;">&#36;_POST['
@@ -368,7 +368,7 @@ class CI_Profiler {
{
is_int($key) OR $key = "'".htmlspecialchars($key, ENT_QUOTES, config_item('charset'))."'";
$val = (is_array($val) OR is_object($val))
- ? '<pre>'.htmlspecialchars(print_r($val, TRUE), ENT_QUOTES, config_item('charset'))
+ ? '<pre>'.htmlspecialchars(print_r($val, TRUE), ENT_QUOTES, config_item('charset')).'</pre>'
: htmlspecialchars($val, ENT_QUOTES, config_item('charset'));
$output .= '<tr><td style="width:50%;padding:5px;color:#000;background-color:#ddd;">&#36;_FILES['
@@ -484,13 +484,19 @@ class CI_Profiler {
foreach ($this->CI->config->config as $config => $val)
{
+ $pre = '';
+ $pre_close = '';
+
if (is_array($val) OR is_object($val))
{
$val = print_r($val, TRUE);
+
+ $pre = '<pre>' ;
+ $pre_close = '</pre>';
}
$output .= '<tr><td style="padding:5px;vertical-align:top;color:#900;background-color:#ddd;">'
- .$config.'&nbsp;&nbsp;</td><td style="padding:5px;color:#000;background-color:#ddd;">'.htmlspecialchars($val)."</td></tr>\n";
+ .$config.'&nbsp;&nbsp;</td><td style="padding:5px;color:#000;background-color:#ddd;">'.$pre.htmlspecialchars($val, ENT_QUOTES, config_item('charset')).$pre_close."</td></tr>\n";
}
return $output."</table>\n</fieldset>";
@@ -516,13 +522,19 @@ class CI_Profiler {
foreach ($this->CI->session->userdata() as $key => $val)
{
+ $pre = '';
+ $pre_close = '';
+
if (is_array($val) OR is_object($val))
{
$val = print_r($val, TRUE);
+
+ $pre = '<pre>' ;
+ $pre_close = '</pre>';
}
$output .= '<tr><td style="padding:5px;vertical-align:top;color:#900;background-color:#ddd;">'
- .$key.'&nbsp;&nbsp;</td><td style="padding:5px;color:#000;background-color:#ddd;">'.htmlspecialchars($val)."</td></tr>\n";
+ .$key.'&nbsp;&nbsp;</td><td style="padding:5px;color:#000;background-color:#ddd;">'.$pre.htmlspecialchars($val, ENT_QUOTES, config_item('charset')).$pre_close."</td></tr>\n";
}
return $output."</table>\n</fieldset>";
diff --git a/system/libraries/Session/drivers/Session_database_driver.php b/system/libraries/Session/drivers/Session_database_driver.php
index 31f5a4663..b519b782f 100644
--- a/system/libraries/Session/drivers/Session_database_driver.php
+++ b/system/libraries/Session/drivers/Session_database_driver.php
@@ -208,12 +208,8 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan
// Prevent previous QB calls from messing with our queries
$this->_db->reset_query();
- if ($this->_lock === FALSE)
- {
- return $this->_fail();
- }
// Was the ID regenerated?
- elseif ($session_id !== $this->_session_id)
+ if (isset($this->_session_id) && $session_id !== $this->_session_id)
{
if ( ! $this->_release_lock() OR ! $this->_get_lock($session_id))
{
@@ -223,6 +219,10 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan
$this->_row_exists = FALSE;
$this->_session_id = $session_id;
}
+ elseif ($this->_lock === FALSE)
+ {
+ return $this->_fail();
+ }
if ($this->_row_exists === FALSE)
{
diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php
index 6016e094e..8860ef667 100644
--- a/system/libraries/Session/drivers/Session_files_driver.php
+++ b/system/libraries/Session/drivers/Session_files_driver.php
@@ -84,11 +84,11 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle
protected $_sid_regexp;
/**
- * mbstring.func_override flag
+ * mbstring.func_overload flag
*
* @var bool
*/
- protected static $func_override;
+ protected static $func_overload;
// ------------------------------------------------------------------------
@@ -115,7 +115,7 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle
$this->_sid_regexp = $this->_config['_sid_regexp'];
- isset(self::$func_override) OR self::$func_override = (extension_loaded('mbstring') && ini_get('mbstring.func_override'));
+ isset(self::$func_overload) OR self::$func_overload = (extension_loaded('mbstring') && ini_get('mbstring.func_overload'));
}
// ------------------------------------------------------------------------
@@ -399,7 +399,7 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle
*/
protected static function strlen($str)
{
- return (self::$func_override)
+ return (self::$func_overload)
? mb_strlen($str, '8bit')
: strlen($str);
}
diff --git a/system/libraries/Session/drivers/Session_memcached_driver.php b/system/libraries/Session/drivers/Session_memcached_driver.php
index 2556bf0f7..5e90539d7 100644
--- a/system/libraries/Session/drivers/Session_memcached_driver.php
+++ b/system/libraries/Session/drivers/Session_memcached_driver.php
@@ -310,7 +310,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa
if ( ! $this->_memcached->replace($this->_lock_key, time(), 300))
{
return ($this->_memcached->getResultCode() === Memcached::RES_NOTFOUND)
- ? $this->_memcached->set($this->_lock_key, time(), 300)
+ ? $this->_memcached->add($this->_lock_key, time(), 300)
: FALSE;
}
}
@@ -326,7 +326,8 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa
continue;
}
- if ( ! $this->_memcached->set($lock_key, time(), 300))
+ $method = ($this->_memcached->getResultCode() === Memcached::RES_NOTFOUND) ? 'add' : 'set';
+ if ( ! $this->_memcached->$method($lock_key, time(), 300))
{
log_message('error', 'Session: Error while trying to obtain lock for '.$this->_key_prefix.$session_id);
return FALSE;
diff --git a/system/libraries/Session/drivers/Session_redis_driver.php b/system/libraries/Session/drivers/Session_redis_driver.php
index d260f7b82..a9e655a8c 100644
--- a/system/libraries/Session/drivers/Session_redis_driver.php
+++ b/system/libraries/Session/drivers/Session_redis_driver.php
@@ -51,7 +51,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle
/**
* phpRedis instance
*
- * @var resource
+ * @var Redis
*/
protected $_redis;
@@ -341,7 +341,11 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle
continue;
}
- if ( ! $this->_redis->setex($lock_key, 300, time()))
+ $result = ($ttl === -2)
+ ? $this->_redis->set($lock_key, time(), array('nx', 'ex' => 300))
+ : $this->_redis->setex($lock_key, 300, time());
+
+ if ( ! $result)
{
log_message('error', 'Session: Error while trying to obtain lock for '.$this->_key_prefix.$session_id);
return FALSE;
diff --git a/system/libraries/Table.php b/system/libraries/Table.php
index fef9bb039..50c5e358b 100644
--- a/system/libraries/Table.php
+++ b/system/libraries/Table.php
@@ -435,7 +435,7 @@ class CI_Table {
/**
* Set table data from a database result object
*
- * @param CI_DB_result $db_result Database result object
+ * @param CI_DB_result $object Database result object
* @return void
*/
protected function _set_from_db_result($object)
diff --git a/system/libraries/Typography.php b/system/libraries/Typography.php
index ce31ba317..b25d8fdaa 100644
--- a/system/libraries/Typography.php
+++ b/system/libraries/Typography.php
@@ -241,7 +241,7 @@ class CI_Typography {
// Clean up stray paragraph tags that appear before block level elements
'#<p></p><('.$this->block_elements.')#' => '<$1',
- // Clean up stray non-breaking spaces preceeding block elements
+ // Clean up stray non-breaking spaces preceding block elements
'#(&nbsp;\s*)+<('.$this->block_elements.')#' => ' <$2',
// Replace the temporary markers we added earlier
diff --git a/system/libraries/Upload.php b/system/libraries/Upload.php
index b37cc2f59..0ad8dd375 100644
--- a/system/libraries/Upload.php
+++ b/system/libraries/Upload.php
@@ -1312,7 +1312,7 @@ class CI_Upload {
}
}
- // Fall back to the deprecated mime_content_type(), if available (still better than $_FILES[$field]['type'])
+ // Fall back to mime_content_type(), if available (still better than $_FILES[$field]['type'])
if (function_exists('mime_content_type'))
{
$this->file_type = @mime_content_type($file['tmp_name']);
diff --git a/system/libraries/Xmlrpc.php b/system/libraries/Xmlrpc.php
index f043e0f90..6fa791864 100644
--- a/system/libraries/Xmlrpc.php
+++ b/system/libraries/Xmlrpc.php
@@ -238,7 +238,7 @@ class CI_Xmlrpc {
public $result;
/**
- * XML-RPC Reponse
+ * XML-RPC Response
*
* @var array
*/
@@ -460,7 +460,7 @@ class CI_Xmlrpc {
{
if (is_array($value[0]) && ($value[1] === 'struct' OR $value[1] === 'array'))
{
- while (list($k) = each($value[0]))
+ foreach (array_keys($value[0]) as $k)
{
$value[0][$k] = $this->values_parsing($value[0][$k]);
}
@@ -931,15 +931,15 @@ class XML_RPC_Response
if (is_array($array))
{
- while (list($key) = each($array))
+ foreach ($array as $key => &$value)
{
- if (is_array($array[$key]))
+ if (is_array($value))
{
- $array[$key] = $this->decode($array[$key]);
+ $array[$key] = $this->decode($value);
}
elseif ($this->xss_clean)
{
- $array[$key] = $CI->security->xss_clean($array[$key]);
+ $array[$key] = $CI->security->xss_clean($value);
}
}
@@ -993,10 +993,11 @@ class XML_RPC_Response
reset($xmlrpc_val->me['struct']);
$arr = array();
- while (list($key,$value) = each($xmlrpc_val->me['struct']))
+ foreach ($xmlrpc_val->me['struct'] as $key => &$value)
{
$arr[$key] = $this->xmlrpc_decoder($value);
}
+
return $arr;
}
}
@@ -1562,17 +1563,17 @@ class XML_RPC_Message extends CI_Xmlrpc
if ( ! empty($array))
{
- while (list($key) = each($array))
+ foreach ($array as $key => &$value)
{
- if (is_array($array[$key]))
+ if (is_array($value))
{
- $array[$key] = $this->output_parameters($array[$key]);
+ $array[$key] = $this->output_parameters($value);
}
elseif ($key !== 'bits' && $this->xss_clean)
{
// 'bits' is for the MetaWeblog API image bits
// @todo - this needs to be made more general purpose
- $array[$key] = $CI->security->xss_clean($array[$key]);
+ $array[$key] = $CI->security->xss_clean($value);
}
}
@@ -1632,7 +1633,7 @@ class XML_RPC_Message extends CI_Xmlrpc
reset($param->me['struct']);
$arr = array();
- while (list($key,$value) = each($param->me['struct']))
+ foreach ($param->me['struct'] as $key => &$value)
{
$arr[$key] = $this->decode_message($value);
}
@@ -1823,7 +1824,7 @@ class XML_RPC_Values extends CI_Xmlrpc
// struct
$rs .= "<struct>\n";
reset($val);
- while (list($key2, $val2) = each($val))
+ foreach ($val as $key2 => &$val2)
{
$rs .= "<member>\n<name>{$key2}</name>\n".$this->serializeval($val2)."</member>\n";
}
@@ -1884,11 +1885,9 @@ class XML_RPC_Values extends CI_Xmlrpc
*/
public function serializeval($o)
{
- $ar = $o->me;
- reset($ar);
-
- list($typ, $val) = each($ar);
- return "<value>\n".$this->serializedata($typ, $val)."</value>\n";
+ $array = $o->me;
+ list($value, $type) = array(reset($array), key($array));
+ return "<value>\n".$this->serializedata($type, $value)."</value>\n";
}
// --------------------------------------------------------------------
@@ -1900,8 +1899,7 @@ class XML_RPC_Values extends CI_Xmlrpc
*/
public function scalarval()
{
- reset($this->me);
- return current($this->me);
+ return reset($this->me);
}
// --------------------------------------------------------------------
diff --git a/system/libraries/Xmlrpcs.php b/system/libraries/Xmlrpcs.php
index 21de937c8..0274f13b6 100644
--- a/system/libraries/Xmlrpcs.php
+++ b/system/libraries/Xmlrpcs.php
@@ -584,7 +584,7 @@ class CI_Xmlrpcs extends CI_Xmlrpc {
return $this->multicall_error('nomethod');
}
- list($scalar_type, $scalar_value) = each($methName->me);
+ list($scalar_value, $scalar_type) = array(reset($methName->me), key($methName->me));
$scalar_type = $scalar_type === $this->xmlrpcI4 ? $this->xmlrpcInt : $scalar_type;
if ($methName->kindOf() !== 'scalar' OR $scalar_type !== 'string')
@@ -604,7 +604,7 @@ class CI_Xmlrpcs extends CI_Xmlrpc {
return $this->multicall_error('notarray');
}
- list($a, $b) = each($params->me);
+ list($b, $a) = array(reset($params->me), key($params->me));
$msg = new XML_RPC_Message($scalar_value);
for ($i = 0, $numParams = count($b); $i < $numParams; $i++)
diff --git a/system/libraries/Zip.php b/system/libraries/Zip.php
index 46f6c145d..2c71e1fbe 100644
--- a/system/libraries/Zip.php
+++ b/system/libraries/Zip.php
@@ -106,11 +106,11 @@ class CI_Zip {
public $compression_level = 2;
/**
- * mbstring.func_override flag
+ * mbstring.func_overload flag
*
* @var bool
*/
- protected static $func_override;
+ protected static $func_overload;
/**
* Initialize zip compression class
@@ -119,7 +119,7 @@ class CI_Zip {
*/
public function __construct()
{
- isset(self::$func_override) OR self::$func_override = (extension_loaded('mbstring') && ini_get('mbstring.func_override'));
+ isset(self::$func_overload) OR self::$func_overload = (extension_loaded('mbstring') && ini_get('mbstring.func_overload'));
$this->now = time();
log_message('info', 'Zip Compression Class Initialized');
@@ -500,7 +500,7 @@ class CI_Zip {
*/
protected static function strlen($str)
{
- return (self::$func_override)
+ return (self::$func_overload)
? mb_strlen($str, '8bit')
: strlen($str);
}
@@ -517,7 +517,7 @@ class CI_Zip {
*/
protected static function substr($str, $start, $length = NULL)
{
- if (self::$func_override)
+ if (self::$func_overload)
{
// mb_substr($str, $start, null, '8bit') returns an empty
// string on PHP 5.3