diff options
-rw-r--r-- | system/database/DB_utility.php | 17 | ||||
-rw-r--r-- | system/database/drivers/mysql/mysql_driver.php | 4 | ||||
-rw-r--r-- | system/database/drivers/mysqli/mysqli_driver.php | 2 | ||||
-rw-r--r-- | system/database/drivers/oci8/oci8_driver.php | 4 | ||||
-rw-r--r-- | system/database/drivers/odbc/odbc_driver.php | 4 | ||||
-rw-r--r-- | system/database/drivers/postgre/postgre_driver.php | 4 | ||||
-rw-r--r-- | system/database/drivers/sqlite/sqlite_driver.php | 12 | ||||
-rw-r--r-- | system/helpers/form_helper.php | 18 | ||||
-rw-r--r-- | system/helpers/xml_helper.php | 9 | ||||
-rw-r--r-- | system/libraries/Router.php | 5 |
10 files changed, 58 insertions, 21 deletions
diff --git a/system/database/DB_utility.php b/system/database/DB_utility.php index d7018bf2b..9533ec607 100644 --- a/system/database/DB_utility.php +++ b/system/database/DB_utility.php @@ -133,7 +133,11 @@ class CI_DB_utility { } $query = $this->db->query($sql); - return current($query->result_array()); + $res = $query->result_array(); + + // Note: Due to a bug in current() that affects some versions + // of PHP we can not pass function call directly into it + return current($res); } // -------------------------------------------------------------------- @@ -159,7 +163,10 @@ class CI_DB_utility { $query = $this->db->query($sql); // Build the result array... - $res = current($query->result_array()); + // Note: Due to a bug in current() that affects some versions + // of PHP we can not pass function call directly into it + $res = $query->result_array(); + $res = current($res); $key = str_replace($this->db->database.'.', '', current($res)); $keys = array_keys($res); unset($res[$keys[0]]); @@ -190,7 +197,11 @@ class CI_DB_utility { } $query = $this->db->query($sql); - return current($query->result_array()); + + // Note: Due to a bug in current() that affects some versions + // of PHP we can not pass function call directly into it + $res = $query->result_array(); + return current($res); } // -------------------------------------------------------------------- diff --git a/system/database/drivers/mysql/mysql_driver.php b/system/database/drivers/mysql/mysql_driver.php index be7c672f7..1afc2062b 100644 --- a/system/database/drivers/mysql/mysql_driver.php +++ b/system/database/drivers/mysql/mysql_driver.php @@ -45,7 +45,7 @@ class CI_DB_mysql_driver extends CI_DB { */ function db_connect() { - return mysql_connect($this->hostname, $this->username, $this->password, TRUE); + return @mysql_connect($this->hostname, $this->username, $this->password, TRUE); } // -------------------------------------------------------------------- @@ -58,7 +58,7 @@ class CI_DB_mysql_driver extends CI_DB { */ function db_pconnect() { - return mysql_pconnect($this->hostname, $this->username, $this->password); + return @mysql_pconnect($this->hostname, $this->username, $this->password); } // -------------------------------------------------------------------- diff --git a/system/database/drivers/mysqli/mysqli_driver.php b/system/database/drivers/mysqli/mysqli_driver.php index 59420912f..3a0d3b562 100644 --- a/system/database/drivers/mysqli/mysqli_driver.php +++ b/system/database/drivers/mysqli/mysqli_driver.php @@ -47,7 +47,7 @@ class CI_DB_mysqli_driver extends CI_DB { */ function db_connect() { - return mysqli_connect($this->hostname, $this->username, $this->password); + return @mysqli_connect($this->hostname, $this->username, $this->password); } // -------------------------------------------------------------------- diff --git a/system/database/drivers/oci8/oci8_driver.php b/system/database/drivers/oci8/oci8_driver.php index c091edf64..551a670fe 100644 --- a/system/database/drivers/oci8/oci8_driver.php +++ b/system/database/drivers/oci8/oci8_driver.php @@ -62,7 +62,7 @@ class CI_DB_oci8_driver extends CI_DB { */ function db_connect() { - return ocilogon($this->username, $this->password, $this->hostname); + return @ocilogon($this->username, $this->password, $this->hostname); } // -------------------------------------------------------------------- @@ -75,7 +75,7 @@ class CI_DB_oci8_driver extends CI_DB { */ function db_pconnect() { - return ociplogon($this->username, $this->password, $this->hostname); + return @ociplogon($this->username, $this->password, $this->hostname); } // -------------------------------------------------------------------- diff --git a/system/database/drivers/odbc/odbc_driver.php b/system/database/drivers/odbc/odbc_driver.php index 09ca07ee4..4d1fac2ed 100644 --- a/system/database/drivers/odbc/odbc_driver.php +++ b/system/database/drivers/odbc/odbc_driver.php @@ -38,7 +38,7 @@ class CI_DB_odbc_driver extends CI_DB { */ function db_connect() { - return odbc_connect($this->database, $this->username, $this->password); + return @odbc_connect($this->database, $this->username, $this->password); } // -------------------------------------------------------------------- @@ -51,7 +51,7 @@ class CI_DB_odbc_driver extends CI_DB { */ function db_pconnect() { - return odbc_pconnect($this->database, $this->username, $this->password); + return @odbc_pconnect($this->database, $this->username, $this->password); } // -------------------------------------------------------------------- diff --git a/system/database/drivers/postgre/postgre_driver.php b/system/database/drivers/postgre/postgre_driver.php index 81aaafe14..68fde01b1 100644 --- a/system/database/drivers/postgre/postgre_driver.php +++ b/system/database/drivers/postgre/postgre_driver.php @@ -40,7 +40,7 @@ class CI_DB_postgre_driver extends CI_DB { { $port = ($this->port == '') ? '' : " port=".$this->port; - return pg_connect("host=".$this->hostname.$port." dbname=".$this->database." user=".$this->username." password=".$this->password); + return @pg_connect("host=".$this->hostname.$port." dbname=".$this->database." user=".$this->username." password=".$this->password); } // -------------------------------------------------------------------- @@ -55,7 +55,7 @@ class CI_DB_postgre_driver extends CI_DB { { $port = ($this->port == '') ? '' : " port=".$this->port; - return pg_pconnect("host=".$this->hostname.$port." dbname=".$this->database." user=".$this->username." password=".$this->password); + return @pg_pconnect("host=".$this->hostname.$port." dbname=".$this->database." user=".$this->username." password=".$this->password); } // -------------------------------------------------------------------- diff --git a/system/database/drivers/sqlite/sqlite_driver.php b/system/database/drivers/sqlite/sqlite_driver.php index ce3c57935..3f71b3536 100644 --- a/system/database/drivers/sqlite/sqlite_driver.php +++ b/system/database/drivers/sqlite/sqlite_driver.php @@ -40,14 +40,16 @@ class CI_DB_sqlite_driver extends CI_DB { */ function db_connect() { - if ( ! $conn_id = sqlite_open($this->database, 0666, $error)) + if ( ! $conn_id = @sqlite_open($this->database, 0666, $error)) { log_message('error', $error); if ($this->db_debug) { $this->display_error($error, '', TRUE); - } + } + + return FALSE; } return $conn_id; @@ -63,14 +65,16 @@ class CI_DB_sqlite_driver extends CI_DB { */ function db_pconnect() { - if ( ! $conn_id = sqlite_popen($this->database, 0666, $error)) + if ( ! $conn_id = @sqlite_popen($this->database, 0666, $error)) { log_message('error', $error); if ($this->db_debug) { $this->display_error($error, '', TRUE); - } + } + + return FALSE; } return $conn_id; diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index 6d10a9862..7d594d72c 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -335,8 +335,24 @@ function form_prep($str = '') { return ''; } + + $temp = '__TEMP_AMPERSANDS__'; + + // Replace entities to temporary markers so that + // htmlspecialchars won't mess them up + $str = preg_replace("/&#(\d+);/", "$temp\\1;", $str); + $str = preg_replace("/&(\w+);/", "$temp\\1;", $str); + + $str = htmlspecialchars($str); + + // In case htmlspecialchars misses these. + $str = str_replace(array("'", '"'), array("'", """), $str); + + // Decode the temp markers back to entities + $str = preg_replace("/$temp(\d+);/","&#\\1;",$str); + $str = preg_replace("/$temp(\w+);/","&\\1;",$str); - return str_replace(array("'", '"'), array("'", """), htmlspecialchars($str)); + return $str; } // ------------------------------------------------------------------------ diff --git a/system/helpers/xml_helper.php b/system/helpers/xml_helper.php index 4cc91f4ef..856722b32 100644 --- a/system/helpers/xml_helper.php +++ b/system/helpers/xml_helper.php @@ -36,15 +36,18 @@ */ function xml_convert($str) { - $temp = '__TEMP_AMPERSANDS'; - + $temp = '__TEMP_AMPERSANDS__'; + + // Replace entities to temporary markers so that + // ampersands won't get messed up $str = preg_replace("/&#(\d+);/", "$temp\\1;", $str); $str = preg_replace("/&(\w+);/", "$temp\\1;", $str); $str = str_replace(array("&","<",">","\"", "'", "-"), array("&", "<", ">", """, "'", "-"), $str); - + + // Decode the temp markers back to entities $str = preg_replace("/$temp(\d+);/","&#\\1;",$str); $str = preg_replace("/$temp(\w+);/","&\\1;", $str); diff --git a/system/libraries/Router.php b/system/libraries/Router.php index d4d1b2fdb..886433f37 100644 --- a/system/libraries/Router.php +++ b/system/libraries/Router.php @@ -295,7 +295,10 @@ class CI_Router { // can be unreliable in some environments if (is_array($_GET) AND count($_GET) == 1) { - return current(array_keys($_GET)); + // Note: Due to a bug in current() that affects some versions + // of PHP we can not pass function call directly into it + $keys = array_keys($_GET); + return current($keys); } // Is there a PATH_INFO variable? |