summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--system/database/DB_utility.php17
-rw-r--r--system/database/drivers/mysql/mysql_driver.php4
-rw-r--r--system/database/drivers/mysqli/mysqli_driver.php2
-rw-r--r--system/database/drivers/oci8/oci8_driver.php4
-rw-r--r--system/database/drivers/odbc/odbc_driver.php4
-rw-r--r--system/database/drivers/postgre/postgre_driver.php4
-rw-r--r--system/database/drivers/sqlite/sqlite_driver.php12
-rw-r--r--system/helpers/form_helper.php18
-rw-r--r--system/helpers/xml_helper.php9
-rw-r--r--system/libraries/Router.php5
10 files changed, 58 insertions, 21 deletions
diff --git a/system/database/DB_utility.php b/system/database/DB_utility.php
index d7018bf2b..9533ec607 100644
--- a/system/database/DB_utility.php
+++ b/system/database/DB_utility.php
@@ -133,7 +133,11 @@ class CI_DB_utility {
}
$query = $this->db->query($sql);
- return current($query->result_array());
+ $res = $query->result_array();
+
+ // Note: Due to a bug in current() that affects some versions
+ // of PHP we can not pass function call directly into it
+ return current($res);
}
// --------------------------------------------------------------------
@@ -159,7 +163,10 @@ class CI_DB_utility {
$query = $this->db->query($sql);
// Build the result array...
- $res = current($query->result_array());
+ // Note: Due to a bug in current() that affects some versions
+ // of PHP we can not pass function call directly into it
+ $res = $query->result_array();
+ $res = current($res);
$key = str_replace($this->db->database.'.', '', current($res));
$keys = array_keys($res);
unset($res[$keys[0]]);
@@ -190,7 +197,11 @@ class CI_DB_utility {
}
$query = $this->db->query($sql);
- return current($query->result_array());
+
+ // Note: Due to a bug in current() that affects some versions
+ // of PHP we can not pass function call directly into it
+ $res = $query->result_array();
+ return current($res);
}
// --------------------------------------------------------------------
diff --git a/system/database/drivers/mysql/mysql_driver.php b/system/database/drivers/mysql/mysql_driver.php
index be7c672f7..1afc2062b 100644
--- a/system/database/drivers/mysql/mysql_driver.php
+++ b/system/database/drivers/mysql/mysql_driver.php
@@ -45,7 +45,7 @@ class CI_DB_mysql_driver extends CI_DB {
*/
function db_connect()
{
- return mysql_connect($this->hostname, $this->username, $this->password, TRUE);
+ return @mysql_connect($this->hostname, $this->username, $this->password, TRUE);
}
// --------------------------------------------------------------------
@@ -58,7 +58,7 @@ class CI_DB_mysql_driver extends CI_DB {
*/
function db_pconnect()
{
- return mysql_pconnect($this->hostname, $this->username, $this->password);
+ return @mysql_pconnect($this->hostname, $this->username, $this->password);
}
// --------------------------------------------------------------------
diff --git a/system/database/drivers/mysqli/mysqli_driver.php b/system/database/drivers/mysqli/mysqli_driver.php
index 59420912f..3a0d3b562 100644
--- a/system/database/drivers/mysqli/mysqli_driver.php
+++ b/system/database/drivers/mysqli/mysqli_driver.php
@@ -47,7 +47,7 @@ class CI_DB_mysqli_driver extends CI_DB {
*/
function db_connect()
{
- return mysqli_connect($this->hostname, $this->username, $this->password);
+ return @mysqli_connect($this->hostname, $this->username, $this->password);
}
// --------------------------------------------------------------------
diff --git a/system/database/drivers/oci8/oci8_driver.php b/system/database/drivers/oci8/oci8_driver.php
index c091edf64..551a670fe 100644
--- a/system/database/drivers/oci8/oci8_driver.php
+++ b/system/database/drivers/oci8/oci8_driver.php
@@ -62,7 +62,7 @@ class CI_DB_oci8_driver extends CI_DB {
*/
function db_connect()
{
- return ocilogon($this->username, $this->password, $this->hostname);
+ return @ocilogon($this->username, $this->password, $this->hostname);
}
// --------------------------------------------------------------------
@@ -75,7 +75,7 @@ class CI_DB_oci8_driver extends CI_DB {
*/
function db_pconnect()
{
- return ociplogon($this->username, $this->password, $this->hostname);
+ return @ociplogon($this->username, $this->password, $this->hostname);
}
// --------------------------------------------------------------------
diff --git a/system/database/drivers/odbc/odbc_driver.php b/system/database/drivers/odbc/odbc_driver.php
index 09ca07ee4..4d1fac2ed 100644
--- a/system/database/drivers/odbc/odbc_driver.php
+++ b/system/database/drivers/odbc/odbc_driver.php
@@ -38,7 +38,7 @@ class CI_DB_odbc_driver extends CI_DB {
*/
function db_connect()
{
- return odbc_connect($this->database, $this->username, $this->password);
+ return @odbc_connect($this->database, $this->username, $this->password);
}
// --------------------------------------------------------------------
@@ -51,7 +51,7 @@ class CI_DB_odbc_driver extends CI_DB {
*/
function db_pconnect()
{
- return odbc_pconnect($this->database, $this->username, $this->password);
+ return @odbc_pconnect($this->database, $this->username, $this->password);
}
// --------------------------------------------------------------------
diff --git a/system/database/drivers/postgre/postgre_driver.php b/system/database/drivers/postgre/postgre_driver.php
index 81aaafe14..68fde01b1 100644
--- a/system/database/drivers/postgre/postgre_driver.php
+++ b/system/database/drivers/postgre/postgre_driver.php
@@ -40,7 +40,7 @@ class CI_DB_postgre_driver extends CI_DB {
{
$port = ($this->port == '') ? '' : " port=".$this->port;
- return pg_connect("host=".$this->hostname.$port." dbname=".$this->database." user=".$this->username." password=".$this->password);
+ return @pg_connect("host=".$this->hostname.$port." dbname=".$this->database." user=".$this->username." password=".$this->password);
}
// --------------------------------------------------------------------
@@ -55,7 +55,7 @@ class CI_DB_postgre_driver extends CI_DB {
{
$port = ($this->port == '') ? '' : " port=".$this->port;
- return pg_pconnect("host=".$this->hostname.$port." dbname=".$this->database." user=".$this->username." password=".$this->password);
+ return @pg_pconnect("host=".$this->hostname.$port." dbname=".$this->database." user=".$this->username." password=".$this->password);
}
// --------------------------------------------------------------------
diff --git a/system/database/drivers/sqlite/sqlite_driver.php b/system/database/drivers/sqlite/sqlite_driver.php
index ce3c57935..3f71b3536 100644
--- a/system/database/drivers/sqlite/sqlite_driver.php
+++ b/system/database/drivers/sqlite/sqlite_driver.php
@@ -40,14 +40,16 @@ class CI_DB_sqlite_driver extends CI_DB {
*/
function db_connect()
{
- if ( ! $conn_id = sqlite_open($this->database, 0666, $error))
+ if ( ! $conn_id = @sqlite_open($this->database, 0666, $error))
{
log_message('error', $error);
if ($this->db_debug)
{
$this->display_error($error, '', TRUE);
- }
+ }
+
+ return FALSE;
}
return $conn_id;
@@ -63,14 +65,16 @@ class CI_DB_sqlite_driver extends CI_DB {
*/
function db_pconnect()
{
- if ( ! $conn_id = sqlite_popen($this->database, 0666, $error))
+ if ( ! $conn_id = @sqlite_popen($this->database, 0666, $error))
{
log_message('error', $error);
if ($this->db_debug)
{
$this->display_error($error, '', TRUE);
- }
+ }
+
+ return FALSE;
}
return $conn_id;
diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php
index 6d10a9862..7d594d72c 100644
--- a/system/helpers/form_helper.php
+++ b/system/helpers/form_helper.php
@@ -335,8 +335,24 @@ function form_prep($str = '')
{
return '';
}
+
+ $temp = '__TEMP_AMPERSANDS__';
+
+ // Replace entities to temporary markers so that
+ // htmlspecialchars won't mess them up
+ $str = preg_replace("/&#(\d+);/", "$temp\\1;", $str);
+ $str = preg_replace("/&(\w+);/", "$temp\\1;", $str);
+
+ $str = htmlspecialchars($str);
+
+ // In case htmlspecialchars misses these.
+ $str = str_replace(array("'", '"'), array("'", """), $str);
+
+ // Decode the temp markers back to entities
+ $str = preg_replace("/$temp(\d+);/","&#\\1;",$str);
+ $str = preg_replace("/$temp(\w+);/","&\\1;",$str);
- return str_replace(array("'", '"'), array("'", """), htmlspecialchars($str));
+ return $str;
}
// ------------------------------------------------------------------------
diff --git a/system/helpers/xml_helper.php b/system/helpers/xml_helper.php
index 4cc91f4ef..856722b32 100644
--- a/system/helpers/xml_helper.php
+++ b/system/helpers/xml_helper.php
@@ -36,15 +36,18 @@
*/
function xml_convert($str)
{
- $temp = '__TEMP_AMPERSANDS';
-
+ $temp = '__TEMP_AMPERSANDS__';
+
+ // Replace entities to temporary markers so that
+ // ampersands won't get messed up
$str = preg_replace("/&#(\d+);/", "$temp\\1;", $str);
$str = preg_replace("/&(\w+);/", "$temp\\1;", $str);
$str = str_replace(array("&","<",">","\"", "'", "-"),
array("&amp;", "&lt;", "&gt;", "&quot;", "&#39;", "&#45;"),
$str);
-
+
+ // Decode the temp markers back to entities
$str = preg_replace("/$temp(\d+);/","&#\\1;",$str);
$str = preg_replace("/$temp(\w+);/","&\\1;", $str);
diff --git a/system/libraries/Router.php b/system/libraries/Router.php
index d4d1b2fdb..886433f37 100644
--- a/system/libraries/Router.php
+++ b/system/libraries/Router.php
@@ -295,7 +295,10 @@ class CI_Router {
// can be unreliable in some environments
if (is_array($_GET) AND count($_GET) == 1)
{
- return current(array_keys($_GET));
+ // Note: Due to a bug in current() that affects some versions
+ // of PHP we can not pass function call directly into it
+ $keys = array_keys($_GET);
+ return current($keys);
}
// Is there a PATH_INFO variable?