diff options
| -rw-r--r-- | system/helpers/download_helper.php | 26 | ||||
| -rw-r--r-- | system/libraries/Encrypt.php | 112 | ||||
| -rw-r--r-- | user_guide_src/source/general/urls.rst | 9 | ||||
| -rw-r--r-- | user_guide_src/source/tutorial/static_pages.rst | 2 |
4 files changed, 54 insertions, 95 deletions
diff --git a/system/helpers/download_helper.php b/system/helpers/download_helper.php index 4a1a79cc3..aea948d81 100644 --- a/system/helpers/download_helper.php +++ b/system/helpers/download_helper.php @@ -88,26 +88,20 @@ if ( ! function_exists('force_download')) { $mime = (is_array($mimes[$extension])) ? $mimes[$extension][0] : $mimes[$extension]; } - + // Generate the server headers - if (strpos($_SERVER['HTTP_USER_AGENT'], "MSIE") !== FALSE) + header('Content-Type: "'.$mime.'"'); + header('Content-Disposition: attachment; filename="'.$filename.'"'); + header('Expires: 0'); + header("Content-Transfer-Encoding: binary"); + header("Content-Length: ".strlen($data)); + header('Pragma: no-cache'); + + // Internet Explorer-specific headers. + if (isset($_SERVER['HTTP_USER_AGENT']) && strpos($_SERVER['HTTP_USER_AGENT'], "MSIE") !== FALSE) { - header('Content-Type: "'.$mime.'"'); - header('Content-Disposition: attachment; filename="'.$filename.'"'); - header('Expires: 0'); header('Cache-Control: must-revalidate, post-check=0, pre-check=0'); - header("Content-Transfer-Encoding: binary"); header('Pragma: public'); - header("Content-Length: ".strlen($data)); - } - else - { - header('Content-Type: "'.$mime.'"'); - header('Content-Disposition: attachment; filename="'.$filename.'"'); - header("Content-Transfer-Encoding: binary"); - header('Expires: 0'); - header('Pragma: no-cache'); - header("Content-Length: ".strlen($data)); } exit($data); diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index e297576e6..0b0618991 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -1,13 +1,13 @@ -<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); /** * CodeIgniter * * An open source application development framework for PHP 5.1.6 or newer * * NOTICE OF LICENSE - * + * * Licensed under the Open Software License version 3.0 - * + * * This source file is subject to the Open Software License (OSL 3.0) that is * bundled with this package in the files license.txt / license.rst. It is * also available through the world wide web at this URL: @@ -25,8 +25,6 @@ * @filesource */ -// ------------------------------------------------------------------------ - /** * CodeIgniter Encryption Class * @@ -46,15 +44,10 @@ class CI_Encrypt { protected $_mcrypt_cipher; protected $_mcrypt_mode; - /** - * Constructor - * - * Simply determines whether the mcrypt library exists. - */ public function __construct() { $this->_mcrypt_exists = ( ! function_exists('mcrypt_encrypt')) ? FALSE : TRUE; - log_message('debug', "Encrypt Class Initialized"); + log_message('debug', 'Encrypt Class Initialized'); } // -------------------------------------------------------------------- @@ -95,7 +88,7 @@ class CI_Encrypt { * Set the encryption key * * @param string - * @return void + * @return object */ public function set_key($key = '') { @@ -122,18 +115,8 @@ class CI_Encrypt { */ public function encode($string, $key = '') { - $key = $this->get_key($key); - - if ($this->_mcrypt_exists === TRUE) - { - $enc = $this->mcrypt_encode($string, $key); - } - else - { - $enc = $this->_xor_encode($string, $key); - } - - return base64_encode($enc); + $method = ($this->_mcrypt_exists === TRUE) ? 'mcrypt_encode' : '_xor_encode'; + return base64_encode($this->$method($string, $this->get_key($key))); } // -------------------------------------------------------------------- @@ -149,28 +132,13 @@ class CI_Encrypt { */ public function decode($string, $key = '') { - $key = $this->get_key($key); - if (preg_match('/[^a-zA-Z0-9\/\+=]/', $string)) { return FALSE; } - $dec = base64_decode($string); - - if ($this->_mcrypt_exists === TRUE) - { - if (($dec = $this->mcrypt_decode($dec, $key)) === FALSE) - { - return FALSE; - } - } - else - { - $dec = $this->_xor_decode($dec, $key); - } - - return $dec; + $method = ($this->_mcrypt_exists === TRUE) ? 'mcrypt_decode' : '_xor_decode'; + return $this->$method(base64_decode($string), $this->get_key($key)); } // -------------------------------------------------------------------- @@ -197,6 +165,10 @@ class CI_Encrypt { log_message('error', 'Encoding from legacy is available only when Mcrypt is in use.'); return FALSE; } + elseif (preg_match('/[^a-zA-Z0-9\/\+=]/', $string)) + { + return FALSE; + } // decode it first // set mode temporarily to what it was when string was encoded with the legacy @@ -205,14 +177,7 @@ class CI_Encrypt { $this->set_mode($legacy_mode); $key = $this->get_key($key); - - if (preg_match('/[^a-zA-Z0-9\/\+=]/', $string)) - { - return FALSE; - } - $dec = base64_decode($string); - if (($dec = $this->mcrypt_decode($dec, $key)) === FALSE) { return FALSE; @@ -242,17 +207,18 @@ class CI_Encrypt { protected function _xor_encode($string, $key) { $rand = ''; - while (strlen($rand) < 32) + do { $rand .= mt_rand(0, mt_getrandmax()); } + while (strlen($rand) < 32); $rand = $this->hash($rand); $enc = ''; - for ($i = 0; $i < strlen($string); $i++) + for ($i = 0, $ls = strlen($string), $lr = strlen($rand); $i < $ls; $i++) { - $enc .= substr($rand, ($i % strlen($rand)), 1).(substr($rand, ($i % strlen($rand)), 1) ^ substr($string, $i, 1)); + $enc .= $rand[($i % $lr)].($rand[($i % $lr)] ^ $string[$i]); } return $this->_xor_merge($enc, $key); @@ -275,9 +241,9 @@ class CI_Encrypt { $string = $this->_xor_merge($string, $key); $dec = ''; - for ($i = 0; $i < strlen($string); $i++) + for ($i = 0, $l = strlen($string); $i < $l; $i++) { - $dec .= (substr($string, $i++, 1) ^ substr($string, $i, 1)); + $dec .= ($string[$i++] ^ $string[$i]); } return $dec; @@ -298,9 +264,9 @@ class CI_Encrypt { { $hash = $this->hash($key); $str = ''; - for ($i = 0; $i < strlen($string); $i++) + for ($i = 0, $ls = strlen($string), $lh = strlen($hash); $i < $ls; $i++) { - $str .= substr($string, $i, 1) ^ substr($hash, ($i % strlen($hash)), 1); + $str .= $string[$i] ^ $hash[($i % $lh)]; } return $str; @@ -359,18 +325,17 @@ class CI_Encrypt { */ protected function _add_cipher_noise($data, $key) { - $keyhash = $this->hash($key); - $keylen = strlen($keyhash); + $key = $this->hash($key); $str = ''; - for ($i = 0, $j = 0, $len = strlen($data); $i < $len; ++$i, ++$j) + for ($i = 0, $j = 0, $ld = strlen($data), $lk = strlen($key); $i < $ld; ++$i, ++$j) { - if ($j >= $keylen) + if ($j >= $lk) { $j = 0; } - $str .= chr((ord($data[$i]) + ord($keyhash[$j])) % 256); + $str .= chr((ord($data[$i]) + ord($key[$j])) % 256); } return $str; @@ -389,22 +354,21 @@ class CI_Encrypt { */ protected function _remove_cipher_noise($data, $key) { - $keyhash = $this->hash($key); - $keylen = strlen($keyhash); + $key = $this->hash($key); $str = ''; - for ($i = 0, $j = 0, $len = strlen($data); $i < $len; ++$i, ++$j) + for ($i = 0, $j = 0, $ld = strlen($data), $lk = strlen($key); $i < $ld; ++$i, ++$j) { - if ($j >= $keylen) + if ($j >= $lk) { $j = 0; } - $temp = ord($data[$i]) - ord($keyhash[$j]); + $temp = ord($data[$i]) - ord($key[$j]); if ($temp < 0) { - $temp = $temp + 256; + $temp += 256; } $str .= chr($temp); @@ -435,7 +399,7 @@ class CI_Encrypt { * @param constant * @return string */ - function set_mode($mode) + public function set_mode($mode) { $this->_mcrypt_mode = $mode; return $this; @@ -452,7 +416,7 @@ class CI_Encrypt { { if ($this->_mcrypt_cipher == '') { - $this->_mcrypt_cipher = MCRYPT_RIJNDAEL_256; + return $this->_mcrypt_cipher = MCRYPT_RIJNDAEL_256; } return $this->_mcrypt_cipher; @@ -469,7 +433,7 @@ class CI_Encrypt { { if ($this->_mcrypt_mode == '') { - $this->_mcrypt_mode = MCRYPT_MODE_CBC; + return $this->_mcrypt_mode = MCRYPT_MODE_CBC; } return $this->_mcrypt_mode; @@ -481,11 +445,11 @@ class CI_Encrypt { * Set the Hash type * * @param string - * @return string + * @return void */ public function set_hash($type = 'sha1') { - $this->_hash_type = ($type != 'sha1' AND $type != 'md5') ? 'sha1' : $type; + $this->_hash_type = ($type !== 'sha1' && $type !== 'md5') ? 'sha1' : $type; } // -------------------------------------------------------------------- @@ -498,11 +462,9 @@ class CI_Encrypt { */ public function hash($str) { - return ($this->_hash_type == 'sha1') ? sha1($str) : md5($str); + return ($this->_hash_type === 'sha1') ? sha1($str) : md5($str); } } -// END CI_Encrypt class - /* End of file Encrypt.php */ -/* Location: ./system/libraries/Encrypt.php */
\ No newline at end of file +/* Location: ./system/libraries/Encrypt.php */ diff --git a/user_guide_src/source/general/urls.rst b/user_guide_src/source/general/urls.rst index 857078b1c..6b390b559 100644 --- a/user_guide_src/source/general/urls.rst +++ b/user_guide_src/source/general/urls.rst @@ -39,9 +39,10 @@ By default, the **index.php** file will be included in your URLs:: example.com/index.php/news/article/my_article -You can easily remove this file by using a .htaccess file with some -simple rules. Here is an example of such a file, using the "negative" -method in which everything is redirected except the specified items: +If your Apache server has mod_rewrite enabled, you can easily remove this +file by using a .htaccess file with some simple rules. Here is an example +of such a file, using the "negative" method in which everything is redirected +except the specified items: :: @@ -53,6 +54,8 @@ method in which everything is redirected except the specified items: In the above example, any HTTP request other than those for existing directories and existing files is treated as a request for your index.php file. +.. note:: Note: These specific rules might not work for all server configurations. + Adding a URL Suffix =================== diff --git a/user_guide_src/source/tutorial/static_pages.rst b/user_guide_src/source/tutorial/static_pages.rst index c7f737951..708eaeb7b 100644 --- a/user_guide_src/source/tutorial/static_pages.rst +++ b/user_guide_src/source/tutorial/static_pages.rst @@ -97,7 +97,7 @@ page actually exists: public function view($page = 'home') { - if ( ! file_exists('application/views/pages/'.$page.'.php')) + if ( ! file_exists(APPPATH.'/views/pages/'.$page.'.php')) { // Whoops, we don't have a page for that! show_404(); |