diff options
| -rw-r--r-- | system/libraries/Form_validation.php | 5 | ||||
| -rw-r--r-- | tests/codeigniter/libraries/Form_validation_test.php | 10 | ||||
| -rw-r--r-- | user_guide_src/source/changelog.rst | 10 |
3 files changed, 23 insertions, 2 deletions
diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php index 296ddb92a..09d6c9a97 100644 --- a/system/libraries/Form_validation.php +++ b/system/libraries/Form_validation.php @@ -583,7 +583,10 @@ class CI_Form_validation { protected function _execute($row, $rules, $postdata = NULL, $cycles = 0) { // If the $_POST data is an array we will run a recursive call - if (is_array($postdata)) + // + // Note: We MUST check if the array is empty or not! + // Otherwise empty arrays will always pass validation. + if (is_array($postdata) && ! empty($postdata)) { foreach ($postdata as $key => $val) { diff --git a/tests/codeigniter/libraries/Form_validation_test.php b/tests/codeigniter/libraries/Form_validation_test.php index f455b9146..3537eb355 100644 --- a/tests/codeigniter/libraries/Form_validation_test.php +++ b/tests/codeigniter/libraries/Form_validation_test.php @@ -28,6 +28,16 @@ class Form_validation_test extends CI_TestCase { $this->form_validation = new CI_Form_validation(); } + public function test_empty_array_input() + { + $this->assertFalse( + $this->run_rules( + array(array('field' => 'foo', 'label' => 'Foo Label', 'rules' => 'required')), + array('foo' => array()) + ) + ); + } + public function test_rule_required() { $rules = array(array('field' => 'foo', 'label' => 'foo_label', 'rules' => 'required')); diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index 938df9a8b..2a9ccd57a 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -31,6 +31,14 @@ Version 3.0.6 Release Date: Not Released +- General Changes + + - Added a destructor to :doc:`Cache Library <libraries/caching>` 'memcached' driver to ensure that Memcache(d) connections are properly closed. + +Bug fixes for 3.0.6 +------------------- + +- Fixed a bug (#4516) - :doc:`Form Validation Library <libraries/form_validation>` always accepted empty array inputs. Version 3.0.5 ============= @@ -76,7 +84,7 @@ Bug fixes for 3.0.5 - Fixed a bug (#4475) - :doc:`Security Library <libraries/security>` method ``strip_image_tags()`` preserves only the first URL character from non-quoted *src* attributes. - Fixed a bug where :doc:`Profiler Library <general/profiling>` didn't apply ``htmlspecialchars()`` to all displayed inputs. - Fixed a bug (#4277) - :doc:`Cache Library <libraries/caching>` triggered fatal errors if accessing the Memcache(d) and/or Redis driver and they are not available on the system. -- Fixed a bug where :doc:`Cache Library <libraries/caching>` method ``is_supported()`` logged an error message on when it returns ``FALSE`` for the APC and Wincache drivers. +- Fixed a bug where :doc:`Cache Library <libraries/caching>` method ``is_supported()`` logged an error message when it returns ``FALSE`` for the APC and Wincache drivers. Version 3.0.4 ============= |