summaryrefslogtreecommitdiffstats
path: root/system
diff options
context:
space:
mode:
authorFlorian Pritz <bluewind@xinu.at>2012-06-13 09:19:13 +0200
committerFlorian Pritz <bluewind@xinu.at>2012-06-13 09:19:13 +0200
commit0c8c0e3c9cd9942bd0512a940fe7790a666d00b7 (patch)
tree39fed6c67dba927ff293f16cd6df73aed7d9485a /system
parentf4c8edeb04b7c1d72058066f36aa432604a277c7 (diff)
parentd5e39ded4bbaaef528ebd0731c7c0a4968a8c438 (diff)
Merge tag '2.1.1'
Retagging 2.1.1 for final release Conflicts: user_guide/changelog.html user_guide/database/active_record.html user_guide/database/caching.html user_guide/database/call_function.html user_guide/database/configuration.html user_guide/database/connecting.html user_guide/database/examples.html user_guide/database/fields.html user_guide/database/forge.html user_guide/database/helpers.html user_guide/database/index.html user_guide/database/queries.html user_guide/database/results.html user_guide/database/table_data.html user_guide/database/transactions.html user_guide/database/utilities.html user_guide/doc_style/index.html user_guide/general/alternative_php.html user_guide/general/ancillary_classes.html user_guide/general/autoloader.html user_guide/general/caching.html user_guide/general/cli.html user_guide/general/common_functions.html user_guide/general/controllers.html user_guide/general/core_classes.html user_guide/general/creating_drivers.html user_guide/general/creating_libraries.html user_guide/general/credits.html user_guide/general/drivers.html user_guide/general/environments.html user_guide/general/errors.html user_guide/general/helpers.html user_guide/general/hooks.html user_guide/general/libraries.html user_guide/general/managing_apps.html user_guide/general/models.html user_guide/general/profiling.html user_guide/general/quick_reference.html user_guide/general/requirements.html user_guide/general/reserved_names.html user_guide/general/routing.html user_guide/general/security.html user_guide/general/styleguide.html user_guide/general/urls.html user_guide/general/views.html user_guide/helpers/array_helper.html user_guide/helpers/captcha_helper.html user_guide/helpers/cookie_helper.html user_guide/helpers/date_helper.html user_guide/helpers/directory_helper.html user_guide/helpers/download_helper.html user_guide/helpers/email_helper.html user_guide/helpers/file_helper.html user_guide/helpers/form_helper.html user_guide/helpers/html_helper.html user_guide/helpers/inflector_helper.html user_guide/helpers/language_helper.html user_guide/helpers/number_helper.html user_guide/helpers/path_helper.html user_guide/helpers/security_helper.html user_guide/helpers/smiley_helper.html user_guide/helpers/string_helper.html user_guide/helpers/text_helper.html user_guide/helpers/typography_helper.html user_guide/helpers/url_helper.html user_guide/helpers/xml_helper.html user_guide/index.html user_guide/installation/downloads.html user_guide/installation/index.html user_guide/installation/troubleshooting.html user_guide/installation/upgrade_120.html user_guide/installation/upgrade_130.html user_guide/installation/upgrade_131.html user_guide/installation/upgrade_132.html user_guide/installation/upgrade_133.html user_guide/installation/upgrade_140.html user_guide/installation/upgrade_141.html user_guide/installation/upgrade_150.html user_guide/installation/upgrade_152.html user_guide/installation/upgrade_153.html user_guide/installation/upgrade_154.html user_guide/installation/upgrade_160.html user_guide/installation/upgrade_161.html user_guide/installation/upgrade_162.html user_guide/installation/upgrade_163.html user_guide/installation/upgrade_170.html user_guide/installation/upgrade_171.html user_guide/installation/upgrade_172.html user_guide/installation/upgrade_200.html user_guide/installation/upgrade_201.html user_guide/installation/upgrade_202.html user_guide/installation/upgrade_203.html user_guide/installation/upgrade_210.html user_guide/installation/upgrade_b11.html user_guide/installation/upgrading.html user_guide/libraries/benchmark.html user_guide/libraries/caching.html user_guide/libraries/calendar.html user_guide/libraries/cart.html user_guide/libraries/config.html user_guide/libraries/email.html user_guide/libraries/encryption.html user_guide/libraries/file_uploading.html user_guide/libraries/form_validation.html user_guide/libraries/ftp.html user_guide/libraries/image_lib.html user_guide/libraries/input.html user_guide/libraries/javascript.html user_guide/libraries/language.html user_guide/libraries/loader.html user_guide/libraries/migration.html user_guide/libraries/output.html user_guide/libraries/pagination.html user_guide/libraries/parser.html user_guide/libraries/security.html user_guide/libraries/sessions.html user_guide/libraries/table.html user_guide/libraries/trackback.html user_guide/libraries/typography.html user_guide/libraries/unit_testing.html user_guide/libraries/uri.html user_guide/libraries/user_agent.html user_guide/libraries/xmlrpc.html user_guide/libraries/zip.html user_guide/license.html user_guide/overview/appflow.html user_guide/overview/at_a_glance.html user_guide/overview/cheatsheets.html user_guide/overview/features.html user_guide/overview/getting_started.html user_guide/overview/goals.html user_guide/overview/index.html user_guide/overview/mvc.html user_guide/toc.html user_guide/tutorial/conclusion.html user_guide/tutorial/create_news_items.html user_guide/tutorial/hard_coded_pages.html user_guide/tutorial/index.html user_guide/tutorial/news_section.html user_guide/tutorial/static_pages.html Signed-off-by: Florian Pritz <bluewind@xinu.at>
Diffstat (limited to 'system')
-rwxr-xr-xsystem/core/Input.php135
-rwxr-xr-xsystem/core/Security.php2
-rwxr-xr-xsystem/database/DB_active_rec.php12
-rwxr-xr-xsystem/database/DB_driver.php52
-rw-r--r--system/database/drivers/pdo/pdo_driver.php29
-rw-r--r--system/database/drivers/pdo/pdo_result.php13
-rwxr-xr-xsystem/helpers/form_helper.php2
-rwxr-xr-xsystem/helpers/url_helper.php36
-rw-r--r--system/language/english/migration_lang.php2
-rwxr-xr-xsystem/libraries/Driver.php2
-rwxr-xr-xsystem/libraries/Form_validation.php5
-rwxr-xr-xsystem/libraries/Image_lib.php4
-rwxr-xr-xsystem/libraries/Upload.php107
13 files changed, 316 insertions, 85 deletions
diff --git a/system/core/Input.php b/system/core/Input.php
index 9bfb5f1fb..3559d8607 100755
--- a/system/core/Input.php
+++ b/system/core/Input.php
@@ -365,18 +365,70 @@ class CI_Input {
/**
* Validate IP Address
*
+ * @access public
+ * @param string
+ * @param string ipv4 or ipv6
+ * @return bool
+ */
+ public function valid_ip($ip, $which = '')
+ {
+ $which = strtolower($which);
+
+ // First check if filter_var is available
+ if (is_callable('filter_var'))
+ {
+ switch ($which) {
+ case 'ipv4':
+ $flag = FILTER_FLAG_IPV4;
+ break;
+ case 'ipv6':
+ $flag = FILTER_FLAG_IPV6;
+ break;
+ default:
+ $flag = '';
+ break;
+ }
+
+ return (bool) filter_var($ip, FILTER_VALIDATE_IP, $flag);
+ }
+
+ if ($which !== 'ipv6' && $which !== 'ipv4')
+ {
+ if (strpos($ip, ':') !== FALSE)
+ {
+ $which = 'ipv6';
+ }
+ elseif (strpos($ip, '.') !== FALSE)
+ {
+ $which = 'ipv4';
+ }
+ else
+ {
+ return FALSE;
+ }
+ }
+
+ $func = '_valid_'.$which;
+ return $this->$func($ip);
+ }
+
+ // --------------------------------------------------------------------
+
+ /**
+ * Validate IPv4 Address
+ *
* Updated version suggested by Geert De Deckere
*
- * @access public
+ * @access protected
* @param string
- * @return string
+ * @return bool
*/
- function valid_ip($ip)
+ protected function _valid_ipv4($ip)
{
$ip_segments = explode('.', $ip);
// Always 4 segments needed
- if (count($ip_segments) != 4)
+ if (count($ip_segments) !== 4)
{
return FALSE;
}
@@ -385,6 +437,7 @@ class CI_Input {
{
return FALSE;
}
+
// Check each segment
foreach ($ip_segments as $segment)
{
@@ -402,6 +455,80 @@ class CI_Input {
// --------------------------------------------------------------------
/**
+ * Validate IPv6 Address
+ *
+ * @access protected
+ * @param string
+ * @return bool
+ */
+ protected function _valid_ipv6($str)
+ {
+ // 8 groups, separated by :
+ // 0-ffff per group
+ // one set of consecutive 0 groups can be collapsed to ::
+
+ $groups = 8;
+ $collapsed = FALSE;
+
+ $chunks = array_filter(
+ preg_split('/(:{1,2})/', $str, NULL, PREG_SPLIT_DELIM_CAPTURE)
+ );
+
+ // Rule out easy nonsense
+ if (current($chunks) == ':' OR end($chunks) == ':')
+ {
+ return FALSE;
+ }
+
+ // PHP supports IPv4-mapped IPv6 addresses, so we'll expect those as well
+ if (strpos(end($chunks), '.') !== FALSE)
+ {
+ $ipv4 = array_pop($chunks);
+
+ if ( ! $this->_valid_ipv4($ipv4))
+ {
+ return FALSE;
+ }
+
+ $groups--;
+ }
+
+ while ($seg = array_pop($chunks))
+ {
+ if ($seg[0] == ':')
+ {
+ if (--$groups == 0)
+ {
+ return FALSE; // too many groups
+ }
+
+ if (strlen($seg) > 2)
+ {
+ return FALSE; // long separator
+ }
+
+ if ($seg == '::')
+ {
+ if ($collapsed)
+ {
+ return FALSE; // multiple collapsed
+ }
+
+ $collapsed = TRUE;
+ }
+ }
+ elseif (preg_match("/[^0-9a-f]/i", $seg) OR strlen($seg) > 4)
+ {
+ return FALSE; // invalid segment
+ }
+ }
+
+ return $collapsed OR $groups == 1;
+ }
+
+ // --------------------------------------------------------------------
+
+ /**
* User Agent
*
* @access public
diff --git a/system/core/Security.php b/system/core/Security.php
index a3e227437..6f5ac1ed8 100755
--- a/system/core/Security.php
+++ b/system/core/Security.php
@@ -848,7 +848,7 @@ class CI_Security {
// each page load since a page could contain embedded
// sub-pages causing this feature to fail
if (isset($_COOKIE[$this->_csrf_cookie_name]) &&
- $_COOKIE[$this->_csrf_cookie_name] != '')
+ preg_match('#^[0-9a-f]{32}$#iS', $_COOKIE[$this->_csrf_cookie_name]) === 1)
{
return $this->_csrf_hash = $_COOKIE[$this->_csrf_cookie_name];
}
diff --git a/system/database/DB_active_rec.php b/system/database/DB_active_rec.php
index 7bab729f5..10febb1fc 100755
--- a/system/database/DB_active_rec.php
+++ b/system/database/DB_active_rec.php
@@ -255,7 +255,7 @@ class CI_DB_active_record extends CI_DB_driver {
*/
public function from($from)
{
- foreach ((array)$from as $val)
+ foreach ((array) $from as $val)
{
if (strpos($val, ',') !== FALSE)
{
@@ -660,8 +660,12 @@ class CI_DB_active_record extends CI_DB_driver {
$prefix = (count($this->ar_like) == 0) ? '' : $type;
$v = $this->escape_like_str($v);
-
- if ($side == 'before')
+
+ if ($side == 'none')
+ {
+ $like_statement = $prefix." $k $not LIKE '{$v}'";
+ }
+ elseif ($side == 'before')
{
$like_statement = $prefix." $k $not LIKE '%{$v}'";
}
@@ -1643,7 +1647,7 @@ class CI_DB_active_record extends CI_DB_driver {
if (strpos($table, " ") !== FALSE)
{
// if the alias is written with the AS keyword, remove it
- $table = preg_replace('/ AS /i', ' ', $table);
+ $table = preg_replace('/\s+AS\s+/i', ' ', $table);
// Grab the alias
$table = trim(strrchr($table, " "));
diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php
index 3680b85c2..858ec356d 100755
--- a/system/database/DB_driver.php
+++ b/system/database/DB_driver.php
@@ -265,6 +265,12 @@ class CI_DB_driver {
$sql = preg_replace("/(\W)".$this->swap_pre."(\S+?)/", "\\1".$this->dbprefix."\\2", $sql);
}
+ // Compile binds if needed
+ if ($binds !== FALSE)
+ {
+ $sql = $this->compile_binds($sql, $binds);
+ }
+
// Is query caching enabled? If the query is a "read type"
// we will load the caching class and return the previously
// cached query if it exists
@@ -280,12 +286,6 @@ class CI_DB_driver {
}
}
- // Compile binds if needed
- if ($binds !== FALSE)
- {
- $sql = $this->compile_binds($sql, $binds);
- }
-
// Save the query for debugging
if ($this->save_queries == TRUE)
{
@@ -1015,8 +1015,14 @@ class CI_DB_driver {
else
{
$args = (func_num_args() > 1) ? array_splice(func_get_args(), 1) : null;
-
- return call_user_func_array($function, $args);
+ if (is_null($args))
+ {
+ return call_user_func($function);
+ }
+ else
+ {
+ return call_user_func_array($function, $args);
+ }
}
}
@@ -1257,15 +1263,20 @@ class CI_DB_driver {
}
// Convert tabs or multiple spaces into single spaces
- $item = preg_replace('/[\t ]+/', ' ', $item);
+ $item = preg_replace('/\s+/', ' ', $item);
// If the item has an alias declaration we remove it and set it aside.
// Basically we remove everything to the right of the first space
- $alias = '';
- if (strpos($item, ' ') !== FALSE)
+ if (preg_match('/^([^\s]+) (AS )*(.+)$/i', $item, $matches))
+ {
+ $item = $matches[1];
+
+ // Escape the alias
+ $alias = ' '.$matches[2].$this->_escape_identifiers($matches[3]);
+ }
+ else
{
- $alias = strstr($item, " ");
- $item = substr($item, 0, - strlen($alias));
+ $alias = '';
}
// This is basically a bug fix for queries that use MAX, MIN, etc.
@@ -1382,9 +1393,20 @@ class CI_DB_driver {
return $item.$alias;
}
+ // --------------------------------------------------------------------
-}
+ /**
+ * Dummy method that allows Active Record class to be disabled
+ *
+ * This function is used extensively by every db driver.
+ *
+ * @return void
+ */
+ protected function _reset_select()
+ {
+ }
+}
/* End of file DB_driver.php */
-/* Location: ./system/database/DB_driver.php */
+/* Location: ./system/database/DB_driver.php */ \ No newline at end of file
diff --git a/system/database/drivers/pdo/pdo_driver.php b/system/database/drivers/pdo/pdo_driver.php
index 5de2079bb..952016848 100644
--- a/system/database/drivers/pdo/pdo_driver.php
+++ b/system/database/drivers/pdo/pdo_driver.php
@@ -51,23 +51,23 @@ class CI_DB_pdo_driver extends CI_DB {
function __construct($params)
{
parent::__construct($params);
-
+
// clause and character used for LIKE escape sequences
if (strpos($this->hostname, 'mysql') !== FALSE)
{
$this->_like_escape_str = '';
$this->_like_escape_chr = '';
-
+
//Prior to this version, the charset can't be set in the dsn
if(is_php('5.3.6'))
{
$this->hostname .= ";charset={$this->char_set}";
}
-
+
//Set the charset with the connection options
$this->options['PDO::MYSQL_ATTR_INIT_COMMAND'] = "SET NAMES {$this->char_set}";
}
- else if (strpos($this->hostname, 'odbc') !== FALSE)
+ elseif (strpos($this->hostname, 'odbc') !== FALSE)
{
$this->_like_escape_str = " {escape '%s'} ";
$this->_like_escape_chr = '!';
@@ -77,9 +77,9 @@ class CI_DB_pdo_driver extends CI_DB {
$this->_like_escape_str = " ESCAPE '%s' ";
$this->_like_escape_chr = '!';
}
-
- $this->hostname .= ";dbname=".$this->database;
-
+
+ empty($this->database) OR $this->hostname .= ';dbname='.$this->database;
+
$this->trans_enabled = FALSE;
$this->_random_keyword = ' RND('.time().')'; // database specific random keyword
@@ -94,7 +94,7 @@ class CI_DB_pdo_driver extends CI_DB {
function db_connect()
{
$this->options['PDO::ATTR_ERRMODE'] = PDO::ERRMODE_SILENT;
-
+
return new PDO($this->hostname, $this->username, $this->password, $this->options);
}
@@ -189,11 +189,20 @@ class CI_DB_pdo_driver extends CI_DB {
function _execute($sql)
{
$sql = $this->_prep_query($sql);
- $result_id = $this->conn_id->query($sql);
+ $result_id = $this->conn_id->prepare($sql);
+ $result_id->execute();
if (is_object($result_id))
{
- $this->affect_rows = $result_id->rowCount();
+ if (is_numeric(stripos($sql, 'SELECT')))
+ {
+ $this->affect_rows = count($result_id->fetchAll());
+ $result_id->execute();
+ }
+ else
+ {
+ $this->affect_rows = $result_id->rowCount();
+ }
}
else
{
diff --git a/system/database/drivers/pdo/pdo_result.php b/system/database/drivers/pdo/pdo_result.php
index 7f3058ff0..c05fbc908 100644
--- a/system/database/drivers/pdo/pdo_result.php
+++ b/system/database/drivers/pdo/pdo_result.php
@@ -34,7 +34,18 @@ class CI_DB_pdo_result extends CI_DB_result {
*/
function num_rows()
{
- return $this->result_id->rowCount();
+ if (is_numeric(stripos($this->result_id->queryString, 'SELECT')))
+ {
+ $dbh = $this->conn_id;
+ $query = $dbh->query($this->result_id->queryString);
+ $result = $query->fetchAll();
+ unset($dbh, $query);
+ return count($result);
+ }
+ else
+ {
+ return $this->result_id->rowCount();
+ }
}
// --------------------------------------------------------------------
diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php
index d9305c00b..8733ae053 100755
--- a/system/helpers/form_helper.php
+++ b/system/helpers/form_helper.php
@@ -65,7 +65,7 @@ if ( ! function_exists('form_open'))
$form .= '>';
// Add CSRF field if enabled, but leave it out for GET requests and requests to external websites
- if ($CI->config->item('csrf_protection') === TRUE AND ! (strpos($action, $CI->config->site_url()) === FALSE OR strpos($form, 'method="get"')))
+ if ($CI->config->item('csrf_protection') === TRUE AND ! (strpos($action, $CI->config->base_url()) === FALSE OR strpos($form, 'method="get"')))
{
$hidden[$CI->security->get_csrf_token_name()] = $CI->security->get_csrf_hash();
}
diff --git a/system/helpers/url_helper.php b/system/helpers/url_helper.php
index 9f4b85248..f1e8c6ac6 100755
--- a/system/helpers/url_helper.php
+++ b/system/helpers/url_helper.php
@@ -466,39 +466,35 @@ if ( ! function_exists('prep_url'))
* Create URL Title
*
* Takes a "title" string as input and creates a
- * human-friendly URL string with either a dash
- * or an underscore as the word separator.
+ * human-friendly URL string with a "separator" string
+ * as the word separator.
*
* @access public
* @param string the string
- * @param string the separator: dash, or underscore
+ * @param string the separator
* @return string
*/
if ( ! function_exists('url_title'))
{
- function url_title($str, $separator = 'dash', $lowercase = FALSE)
+ function url_title($str, $separator = '-', $lowercase = FALSE)
{
- if ($separator == 'dash')
+ if ($separator == 'dash')
{
- $search = '_';
- $replace = '-';
+ $separator = '-';
}
- else
+ else if ($separator == 'underscore')
{
- $search = '-';
- $replace = '_';
+ $separator = '_';
}
+
+ $q_separator = preg_quote($separator);
$trans = array(
- '&\#\d+?;' => '',
- '&\S+?;' => '',
- '\s+' => $replace,
- '[^a-z0-9\-\._]' => '',
- $replace.'+' => $replace,
- $replace.'$' => $replace,
- '^'.$replace => $replace,
- '\.+$' => ''
- );
+ '&.+?;' => '',
+ '[^a-z0-9 _-]' => '',
+ '\s+' => $separator,
+ '('.$q_separator.')+' => $separator
+ );
$str = strip_tags($str);
@@ -512,7 +508,7 @@ if ( ! function_exists('url_title'))
$str = strtolower($str);
}
- return trim(stripslashes($str));
+ return trim($str, $separator);
}
}
diff --git a/system/language/english/migration_lang.php b/system/language/english/migration_lang.php
index 4763ca243..f17530f00 100644
--- a/system/language/english/migration_lang.php
+++ b/system/language/english/migration_lang.php
@@ -5,7 +5,7 @@ $lang['migration_not_found'] = "This migration could not be found.";
$lang['migration_multiple_version'] = "This are multiple migrations with the same version number: %d.";
$lang['migration_class_doesnt_exist'] = "The migration class \"%s\" could not be found.";
$lang['migration_missing_up_method'] = "The migration class \"%s\" is missing an 'up' method.";
-$lang['migration_missing_down_method'] = "The migration class \"%s\" is missing an 'up' method.";
+$lang['migration_missing_down_method'] = "The migration class \"%s\" is missing an 'down' method.";
$lang['migration_invalid_filename'] = "Migration \"%s\" has an invalid filename.";
diff --git a/system/libraries/Driver.php b/system/libraries/Driver.php
index 9881c1eec..a199d45f0 100755
--- a/system/libraries/Driver.php
+++ b/system/libraries/Driver.php
@@ -30,7 +30,7 @@
class CI_Driver_Library {
protected $valid_drivers = array();
- protected static $lib_name;
+ protected $lib_name;
// The first time a child is used it won't exist, so we instantiate it
// subsequents calls will go straight to the proper child.
diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php
index a34809e05..9aab5da4b 100755
--- a/system/libraries/Form_validation.php
+++ b/system/libraries/Form_validation.php
@@ -1079,11 +1079,12 @@ class CI_Form_validation {
*
* @access public
* @param string
+ * @param string "ipv4" or "ipv6" to validate a specific ip format
* @return string
*/
- public function valid_ip($ip)
+ public function valid_ip($ip, $which = '')
{
- return $this->CI->input->valid_ip($ip);
+ return $this->CI->input->valid_ip($ip, $which);
}
// --------------------------------------------------------------------
diff --git a/system/libraries/Image_lib.php b/system/libraries/Image_lib.php
index 8902f524d..21ec2cb4b 100755
--- a/system/libraries/Image_lib.php
+++ b/system/libraries/Image_lib.php
@@ -104,7 +104,7 @@ class CI_Image_lib {
*/
function clear()
{
- $props = array('source_folder', 'dest_folder', 'source_image', 'full_src_path', 'full_dst_path', 'new_image', 'image_type', 'size_str', 'quality', 'orig_width', 'orig_height', 'rotation_angle', 'x_axis', 'y_axis', 'create_fnc', 'copy_fnc', 'wm_overlay_path', 'wm_use_truetype', 'dynamic_output', 'wm_font_size', 'wm_text', 'wm_vrt_alignment', 'wm_hor_alignment', 'wm_padding', 'wm_hor_offset', 'wm_vrt_offset', 'wm_font_color', 'wm_use_drop_shadow', 'wm_shadow_color', 'wm_shadow_distance', 'wm_opacity');
+ $props = array('source_folder', 'dest_folder', 'source_image', 'full_src_path', 'full_dst_path', 'new_image', 'image_type', 'size_str', 'quality', 'orig_width', 'orig_height', 'width', 'height', 'rotation_angle', 'x_axis', 'y_axis', 'create_fnc', 'copy_fnc', 'wm_overlay_path', 'wm_use_truetype', 'dynamic_output', 'wm_font_size', 'wm_text', 'wm_vrt_alignment', 'wm_hor_alignment', 'wm_padding', 'wm_hor_offset', 'wm_vrt_offset', 'wm_font_color', 'wm_use_drop_shadow', 'wm_shadow_color', 'wm_shadow_distance', 'wm_opacity');
foreach ($props as $val)
{
@@ -208,7 +208,7 @@ class CI_Image_lib {
}
else
{
- if (strpos($this->new_image, '/') === FALSE)
+ if (strpos($this->new_image, '/') === FALSE AND strpos($this->new_image, '\\') === FALSE)
{
$this->dest_folder = $this->source_folder;
$this->dest_image = $this->new_image;
diff --git a/system/libraries/Upload.php b/system/libraries/Upload.php
index 05511b5d3..0e5d73b19 100755
--- a/system/libraries/Upload.php
+++ b/system/libraries/Upload.php
@@ -868,6 +868,10 @@ class CI_Upload {
{
return TRUE; // its an image, no "triggers" detected in the first 256 bytes, we're good
}
+ else
+ {
+ return FALSE;
+ }
}
if (($data = @file_get_contents($file)) === FALSE)
@@ -1018,47 +1022,104 @@ class CI_Upload {
*/
protected function _file_mime_type($file)
{
- // Use if the Fileinfo extension, if available (only versions above 5.3 support the FILEINFO_MIME_TYPE flag)
- if ( (float) substr(phpversion(), 0, 3) >= 5.3 && function_exists('finfo_file'))
+ // We'll need this to validate the MIME info string (e.g. text/plain; charset=us-ascii)
+ $regexp = '/^([a-z\-]+\/[a-z0-9\-\.\+]+)(;\s.+)?$/';
+
+ /* Fileinfo extension - most reliable method
+ *
+ * Unfortunately, prior to PHP 5.3 - it's only available as a PECL extension and the
+ * more convenient FILEINFO_MIME_TYPE flag doesn't exist.
+ */
+ if (function_exists('finfo_file'))
{
- $finfo = new finfo(FILEINFO_MIME_TYPE);
- if ($finfo !== FALSE) // This is possible, if there is no magic MIME database file found on the system
+ $finfo = finfo_open(FILEINFO_MIME);
+ if (is_resource($finfo)) // It is possible that a FALSE value is returned, if there is no magic MIME database file found on the system
{
- $file_type = $finfo->file($file['tmp_name']);
+ $mime = @finfo_file($finfo, $file['tmp_name']);
+ finfo_close($finfo);
/* According to the comments section of the PHP manual page,
* it is possible that this function returns an empty string
* for some files (e.g. if they don't exist in the magic MIME database)
*/
- if (strlen($file_type) > 1)
+ if (is_string($mime) && preg_match($regexp, $mime, $matches))
{
- $this->file_type = $file_type;
+ $this->file_type = $matches[1];
return;
}
}
}
- // Fall back to the deprecated mime_content_type(), if available
- if (function_exists('mime_content_type'))
- {
- $this->file_type = @mime_content_type($file['tmp_name']);
- return;
- }
-
- /* This is an ugly hack, but UNIX-type systems provide a native way to detect the file type,
- * which is still more secure than depending on the value of $_FILES[$field]['type'].
+ /* This is an ugly hack, but UNIX-type systems provide a "native" way to detect the file type,
+ * which is still more secure than depending on the value of $_FILES[$field]['type'], and as it
+ * was reported in issue #750 (https://github.com/EllisLab/CodeIgniter/issues/750) - it's better
+ * than mime_content_type() as well, hence the attempts to try calling the command line with
+ * three different functions.
*
* Notes:
- * - a 'W' in the substr() expression bellow, would mean that we're using Windows
- * - many system admins would disable the exec() function due to security concerns, hence the function_exists() check
+ * - the DIRECTORY_SEPARATOR comparison ensures that we're not on a Windows system
+ * - many system admins would disable the exec(), shell_exec(), popen() and similar functions
+ * due to security concerns, hence the function_exists() checks
*/
- if (DIRECTORY_SEPARATOR !== '\\' && function_exists('exec'))
+ if (DIRECTORY_SEPARATOR !== '\\')
{
- $output = array();
- @exec('file --brief --mime-type ' . escapeshellarg($file['tmp_path']), $output, $return_code);
- if ($return_code === 0 && strlen($output[0]) > 0) // A return status code != 0 would mean failed execution
+ $cmd = 'file --brief --mime ' . escapeshellarg($file['tmp_name']) . ' 2>&1';
+
+ if (function_exists('exec'))
+ {
+ /* This might look confusing, as $mime is being populated with all of the output when set in the second parameter.
+ * However, we only neeed the last line, which is the actual return value of exec(), and as such - it overwrites
+ * anything that could already be set for $mime previously. This effectively makes the second parameter a dummy
+ * value, which is only put to allow us to get the return status code.
+ */
+ $mime = @exec($cmd, $mime, $return_status);
+ if ($return_status === 0 && is_string($mime) && preg_match($regexp, $mime, $matches))
+ {
+ $this->file_type = $matches[1];
+ return;
+ }
+ }
+
+ if ( (bool) @ini_get('safe_mode') === FALSE && function_exists('shell_exec'))
+ {
+ $mime = @shell_exec($cmd);
+ if (strlen($mime) > 0)
+ {
+ $mime = explode("\n", trim($mime));
+ if (preg_match($regexp, $mime[(count($mime) - 1)], $matches))
+ {
+ $this->file_type = $matches[1];
+ return;
+ }
+ }
+ }
+
+ if (function_exists('popen'))
+ {
+ $proc = @popen($cmd, 'r');
+ if (is_resource($proc))
+ {
+ $mime = @fread($proc, 512);
+ @pclose($proc);
+ if ($mime !== FALSE)
+ {
+ $mime = explode("\n", trim($mime));
+ if (preg_match($regexp, $mime[(count($mime) - 1)], $matches))
+ {
+ $this->file_type = $matches[1];
+ return;
+ }
+ }
+ }
+ }
+ }
+
+ // Fall back to the deprecated mime_content_type(), if available (still better than $_FILES[$field]['type'])
+ if (function_exists('mime_content_type'))
+ {
+ $this->file_type = @mime_content_type($file['tmp_name']);
+ if (strlen($this->file_type) > 0) // It's possible that mime_content_type() returns FALSE or an empty string
{
- $this->file_type = rtrim($output[0]);
return;
}
}
generated by cgit v1.2.3-24-g4f1b (git 2.32.0) at 2024-06-13 22:27:58 +0200