added improved check for controller method access so that CI does not attempt to load private or protected controller methods

added controller/method details to framework initiated 404 pages for logging

2 files changed, 7 insertions, 5 deletions

diff --git a/system/codeigniter/CodeIgniter.php b/system/codeigniter/CodeIgniter.php
index 8f9dbdf64..d1ef965cc 100644
--- a/system/codeigniter/CodeIgniter.php
+++ b/system/codeigniter/CodeIgniter.php
@@ -169,7 +169,7 @@ if ( ! class_exists($class)
 	OR in_array($method, get_class_methods('Controller'), TRUE)

 	)

 {

-	show_404();

+	show_404("{$class}/{$method}");

 }

 

 /*

@@ -214,9 +214,11 @@ else
 	}

 	else

 	{

-		if ( ! method_exists($CI, $method))

+		// is_callable() returns TRUE on some versions of PHP 5 for private and protected

+		// methods, so we'll use this workaround for consistent behavior

+		if (! in_array($method, get_class_methods($CI)))

 		{

-			show_404();

+			show_404("{$class}/{$method}");

 		}

 

 		// Call the requested method.

diff --git a/system/libraries/Router.php b/system/libraries/Router.php
index f6464a31d..d9dd6dd3f 100644
--- a/system/libraries/Router.php
+++ b/system/libraries/Router.php
@@ -204,7 +204,7 @@ class CI_Router {
 				// Does the requested controller exist in the sub-folder?

 				if ( ! file_exists(APPPATH.'controllers/'.$this->fetch_directory().$segments[0].EXT))

 				{

-					show_404();	

+					show_404($this->fetch_directory().$segments[0]);	

 				}

 			}

 			else

@@ -225,7 +225,7 @@ class CI_Router {
 		}

 	

 		// Can't find the requested controller...

-		show_404();	

+		show_404($segments[0]);	

 	}

 		

 	// --------------------------------------------------------------------