diff options
| -rw-r--r-- | system/core/CodeIgniter.php | 2 | ||||
| -rw-r--r-- | system/core/Hooks.php | 2 | ||||
| -rw-r--r-- | system/core/Loader.php | 2 | ||||
| -rw-r--r-- | system/core/URI.php | 15 | ||||
| -rw-r--r-- | system/libraries/Session/Session.php | 2 | ||||
| -rw-r--r-- | tests/codeigniter/core/Lang_test.php | 26 | ||||
| -rw-r--r-- | tests/codeigniter/core/Loader_test.php | 49 | ||||
| -rw-r--r-- | user_guide_src/source/changelog.rst | 2 | ||||
| -rw-r--r-- | user_guide_src/source/conf.py | 4 | ||||
| -rw-r--r-- | user_guide_src/source/general/security.rst | 12 | ||||
| -rw-r--r-- | user_guide_src/source/installation/upgrade_300.rst | 2 | ||||
| -rw-r--r-- | user_guide_src/source/tutorial/static_pages.rst | 2 |
12 files changed, 98 insertions, 22 deletions
diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index d830c1829..b38166b60 100644 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -55,7 +55,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @var string * */ - define('CI_VERSION', '3.0-dev'); + define('CI_VERSION', '3.0.0'); /* * ------------------------------------------------------ diff --git a/system/core/Hooks.php b/system/core/Hooks.php index 08479b133..3b4fb2250 100644 --- a/system/core/Hooks.php +++ b/system/core/Hooks.php @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Libraries * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/encryption.html + * @link http://codeigniter.com/user_guide/general/hooks.html */ class CI_Hooks { diff --git a/system/core/Loader.php b/system/core/Loader.php index 254ad0d6d..007378ee2 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -1118,7 +1118,7 @@ class CI_Loader { } else { - log_message('debug', APPPATH.'libraries/'.$file_path.$subclass.'.php exists, but does not declare '.$subclass); + log_message('debug', $path.' exists, but does not declare '.$subclass); } } } diff --git a/system/core/URI.php b/system/core/URI.php index e96749456..2211e3665 100644 --- a/system/core/URI.php +++ b/system/core/URI.php @@ -205,13 +205,16 @@ class CI_URI { $query = isset($uri['query']) ? $uri['query'] : ''; $uri = isset($uri['path']) ? $uri['path'] : ''; - if (strpos($uri, $_SERVER['SCRIPT_NAME']) === 0) + if (isset($_SERVER['SCRIPT_NAME'][0])) { - $uri = (string) substr($uri, strlen($_SERVER['SCRIPT_NAME'])); - } - elseif (strpos($uri, dirname($_SERVER['SCRIPT_NAME'])) === 0) - { - $uri = (string) substr($uri, strlen(dirname($_SERVER['SCRIPT_NAME']))); + if (strpos($uri, $_SERVER['SCRIPT_NAME']) === 0) + { + $uri = (string) substr($uri, strlen($_SERVER['SCRIPT_NAME'])); + } + elseif (strpos($uri, dirname($_SERVER['SCRIPT_NAME'])) === 0) + { + $uri = (string) substr($uri, strlen(dirname($_SERVER['SCRIPT_NAME']))); + } } // This section ensures that even on servers that require the URI to be in the query string (Nginx) a correct diff --git a/system/libraries/Session/Session.php b/system/libraries/Session/Session.php index bb457c659..0549fef66 100644 --- a/system/libraries/Session/Session.php +++ b/system/libraries/Session/Session.php @@ -869,7 +869,7 @@ class CI_Session { public function set_tempdata($data, $value = NULL, $ttl = 300) { $this->set_userdata($data, $value); - $this->mark_as_temp($data, $ttl); + $this->mark_as_temp(is_array($data) ? array_keys($data) : $data, $ttl); } // ------------------------------------------------------------------------ diff --git a/tests/codeigniter/core/Lang_test.php b/tests/codeigniter/core/Lang_test.php index 929bc2ffd..d2dd7598a 100644 --- a/tests/codeigniter/core/Lang_test.php +++ b/tests/codeigniter/core/Lang_test.php @@ -49,6 +49,32 @@ class Lang_test extends CI_TestCase { // -------------------------------------------------------------------- + public function test_multiple_file_load() + { + // Multiple files + $this->ci_vfs_clone('system/language/english/profiler_lang.php'); + $files = array( + 0 => 'profiler', + 1 => 'nonexistent' + ); + $this->setExpectedException( + 'RuntimeException', + 'CI Error: Unable to load the requested language file: language/english/nonexistent_lang.php' + ); + $this->lang->load($files, 'english'); + } + + // -------------------------------------------------------------------- + + public function test_alternative_path_load() + { + // Alternative Path + $this->ci_vfs_clone('system/language/english/profiler_lang.php'); + $this->assertTrue($this->lang->load('profiler', 'english', FALSE, TRUE, 'vfs://system/')); + } + + // -------------------------------------------------------------------- + /** * @depends test_load */ diff --git a/tests/codeigniter/core/Loader_test.php b/tests/codeigniter/core/Loader_test.php index 9e2092e05..cfaf6c74b 100644 --- a/tests/codeigniter/core/Loader_test.php +++ b/tests/codeigniter/core/Loader_test.php @@ -22,6 +22,9 @@ class Loader_test extends CI_TestCase { public function test_library() { + // Test getting CI_Loader object + $this->assertInstanceOf('CI_Loader', $this->load->library(NULL)); + // Create library in VFS $lib = 'unit_test_lib'; $class = 'CI_'.ucfirst($lib); @@ -35,6 +38,13 @@ class Loader_test extends CI_TestCase { $this->assertTrue(class_exists($class), $class.' does not exist'); $this->assertAttributeInstanceOf($class, $lib, $this->ci_obj); + // Create library in VFS + $lib = array('unit_test_lib' => 'unit_test_lib'); + + // Test loading as an array (int). + $this->assertInstanceOf('CI_Loader', $this->load->library($lib)); + $this->assertTrue(class_exists($class), $class.' does not exist'); + // Test a string given to params $this->assertInstanceOf('CI_Loader', $this->load->library($lib, ' ')); @@ -319,6 +329,24 @@ class Loader_test extends CI_TestCase { // -------------------------------------------------------------------- + public function test_clear_vars() + { + $key1 = 'foo'; + $val1 = 'bar'; + $key2 = 'boo'; + $val2 = 'hoo'; + $this->assertInstanceOf('CI_Loader', $this->load->vars(array($key1 => $val1))); + $this->assertInstanceOf('CI_Loader', $this->load->vars($key2, $val2)); + $this->assertEquals($val1, $this->load->get_var($key1)); + $this->assertEquals(array($key1 => $val1, $key2 => $val2), $this->load->get_vars()); + + $this->assertInstanceOf('CI_Loader', $this->load->clear_vars()); + $this->assertEquals('', $this->load->get_var($key1)); + $this->assertEquals('', $this->load->get_var($key2)); + } + + // -------------------------------------------------------------------- + public function test_helper() { // Create helper in VFS @@ -443,6 +471,24 @@ class Loader_test extends CI_TestCase { // -------------------------------------------------------------------- + public function test_remove_package_path() + { + $dir = 'third-party'; + $path = APPPATH.$dir.'/'; + $path2 = APPPATH.'another/'; + $paths = $this->load->get_package_paths(TRUE); + + $this->assertInstanceOf('CI_Loader', $this->load->add_package_path($path)); + $this->assertInstanceOf('CI_Loader', $this->load->remove_package_path($path)); + $this->assertEquals($paths, $this->load->get_package_paths(TRUE)); + + $this->assertInstanceOf('CI_Loader', $this->load->add_package_path($path2)); + $this->assertInstanceOf('CI_Loader', $this->load->remove_package_path()); + $this->assertNotContains($path2, $this->load->get_package_paths(TRUE)); + } + + // -------------------------------------------------------------------- + public function test_load_config() { $cfg = 'someconfig'; @@ -511,5 +557,4 @@ class Loader_test extends CI_TestCase { // Verify config calls $this->assertEquals($cfg['config'], $this->ci_obj->config->loaded); } - -}
\ No newline at end of file +} diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index a1b15105f..45780ddb3 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -565,7 +565,7 @@ Release Date: Not Released - Changed the library constructor to try to create the **log_path** directory if it doesn't exist. - Added support for microseconds ("u" date format character) in ``$config['log_date_format']``. - - Added `compatibility layers <general/compatibility_functions>` for: + - Added :doc:`compatibility layers <general/compatibility_functions>` for: - `Multibyte String <http://php.net/mbstring>`_ (limited support). - `Hash <http://php.net/hash>`_ (``hash_equals()``, ``hash_pbkdf2()``). diff --git a/user_guide_src/source/conf.py b/user_guide_src/source/conf.py index d65fe0dfd..93d70b2e4 100644 --- a/user_guide_src/source/conf.py +++ b/user_guide_src/source/conf.py @@ -48,9 +48,9 @@ copyright = u'2014 - 2015, British Columbia Institute of Technology' # built documents. # # The short X.Y version. -version = '3.0' +version = '3.0.0' # The full version, including alpha/beta/rc tags. -release = '3.0-dev' +release = '3.0.0' # The language for content autogenerated by Sphinx. Refer to documentation # for a list of supported languages. diff --git a/user_guide_src/source/general/security.rst b/user_guide_src/source/general/security.rst index efc821f2b..fcfe4c24b 100644 --- a/user_guide_src/source/general/security.rst +++ b/user_guide_src/source/general/security.rst @@ -143,11 +143,15 @@ with that. Please read below. feature, just randomly generate a new, one-time (this is also important) password and send that instead. -- DO NOT put artificial limits on your users' passwords. +- DO NOT put unnecessary limits on your users' passwords. - There's no point in forcing a rule that a password can only be up to - a number of characters, or that it can't contain a certain set of - special characters. + If you're using a hashing algorithm other than BCrypt (which has a limit + of 72 characters), you should set a relatively high limit on password + lengths in order to mitigate DoS attacks - say, 1024 characters. + + Other than that however, there's no point in forcing a rule that a + password can only be up to a number of characters, or that it can't + contain a certain set of special characters. Not only does this **reduce** security instead of improving it, but there's literally no reason to do it. No technical limitations and diff --git a/user_guide_src/source/installation/upgrade_300.rst b/user_guide_src/source/installation/upgrade_300.rst index 7e3479740..a3d712482 100644 --- a/user_guide_src/source/installation/upgrade_300.rst +++ b/user_guide_src/source/installation/upgrade_300.rst @@ -2,8 +2,6 @@ Upgrading from 2.2.x to 3.0.0 ############################# -.. note:: These upgrade notes are for a version that is yet to be released. - Before performing an update you should take your site offline by replacing the index.php file with a static one. ************************************* diff --git a/user_guide_src/source/tutorial/static_pages.rst b/user_guide_src/source/tutorial/static_pages.rst index 210d9f8d6..0c75d5a34 100644 --- a/user_guide_src/source/tutorial/static_pages.rst +++ b/user_guide_src/source/tutorial/static_pages.rst @@ -64,7 +64,7 @@ following code. </head> <body> - <h1>CodeIgniter Tutorial</h1> + <h1><?php echo $title ?></h1> The header contains the basic HTML code that you'll want to display before loading the main view, together with a heading. It will also |