diff options
44 files changed, 562 insertions, 388 deletions
diff --git a/application/config/foreign_chars.php b/application/config/foreign_chars.php index b2374ae1a..b0c32cf96 100644 --- a/application/config/foreign_chars.php +++ b/application/config/foreign_chars.php @@ -80,8 +80,8 @@ $foreign_characters = array( '/ś|ŝ|ş|ș|š|ſ|σ|ς|с/' => 's', '/Ț|Ţ|Ť|Ŧ|τ|Т/' => 'T', '/ț|ţ|ť|ŧ|т/' => 't', - '/Ù|Ú|Û|Ũ|Ū|Ŭ|Ů|Ű|Ų|Ư|Ǔ|Ǖ|Ǘ|Ǚ|Ǜ|Ũ|Ủ|Ụ|Ừ|Ứ|Ữ|Ử|Ự|У/' => 'U', - '/ù|ú|û|ũ|ū|ŭ|ů|ű|ų|ư|ǔ|ǖ|ǘ|ǚ|ǜ|υ|ύ|ϋ|ủ|ụ|ừ|ứ|ữ|ử|ự|у/' => 'u', + '/Ù|Ú|Û|Ũ|Ū|Ŭ|Ů|Ű|Ų|Ư|Ǔ|Ǖ|Ǘ|Ǚ|Ǜ|Ũ|Ủ|Ụ|Ừ|Ứ|Ữ|Ử|Ự|У|Ъ/' => 'U', + '/ù|ú|û|ũ|ū|ŭ|ů|ű|ų|ư|ǔ|ǖ|ǘ|ǚ|ǜ|υ|ύ|ϋ|ủ|ụ|ừ|ứ|ữ|ử|ự|у|ъ/' => 'u', '/Ý|Ÿ|Ŷ|Υ|Ύ|Ϋ|Ỳ|Ỹ|Ỷ|Ỵ/' => 'Y', '/ý|ÿ|ŷ|ỳ|ỹ|ỷ|ỵ/' => 'y', '/В/' => 'V', diff --git a/application/config/mimes.php b/application/config/mimes.php index 6ff381279..32d10f6c1 100644 --- a/application/config/mimes.php +++ b/application/config/mimes.php @@ -49,7 +49,7 @@ return array( 'sea' => 'application/octet-stream', 'dll' => 'application/octet-stream', 'oda' => 'application/oda', - 'pdf' => array('application/pdf', 'application/x-download', 'binary/octet-stream'), + 'pdf' => array('application/pdf', 'application/force-download', 'application/x-download', 'binary/octet-stream'), 'ai' => array('application/pdf', 'application/postscript'), 'eps' => 'application/postscript', 'ps' => 'application/postscript', diff --git a/application/config/user_agents.php b/application/config/user_agents.php index db75c81c6..51aad099c 100644 --- a/application/config/user_agents.php +++ b/application/config/user_agents.php @@ -209,13 +209,15 @@ $mobiles = array( $robots = array( 'googlebot' => 'Googlebot', 'msnbot' => 'MSNBot', + 'baiduspider' => 'Baiduspider', 'bingbot' => 'Bing', 'slurp' => 'Inktomi Slurp', 'yahoo' => 'Yahoo', 'askjeeves' => 'AskJeeves', 'fastcrawler' => 'FastCrawler', 'infoseek' => 'InfoSeek Robot 1.0', - 'lycos' => 'Lycos' + 'lycos' => 'Lycos', + 'yandex' => 'YandexBot' ); /* End of file user_agents.php */ diff --git a/composer.json b/composer.json index e21aaed2e..0f98fe7a0 100644 --- a/composer.json +++ b/composer.json @@ -1,9 +1,10 @@ { - "name" : "ellislab/codeigniter", - "require": { - "php": ">=5.2.4" - }, - "require-dev": { - "mikey179/vfsStream": "*" - } + "description" : "Dependencies for CodeIgniter's testing environment", + "name" : "ellislab/codeigniter", + "require": { + "php": ">=5.2.4" + }, + "require-dev": { + "mikey179/vfsStream": "1.1.*" + } }
\ No newline at end of file diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index 7f76977b5..3fe5c0648 100644 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -241,12 +241,12 @@ defined('BASEPATH') OR exit('No direct script access allowed'); // Load the local application controller // Note: The Router class automatically validates the controller path using the router->_validate_request(). // If this include fails it means that the default controller in the Routes.php file is not resolving to something valid. - if ( ! file_exists(APPPATH.'controllers/'.$RTR->fetch_directory().$RTR->fetch_class().'.php')) + if ( ! file_exists(APPPATH.'controllers/'.$RTR->directory.$RTR->class.'.php')) { show_error('Unable to load your default controller. Please make sure the controller specified in your Routes.php file is valid.'); } - include(APPPATH.'controllers/'.$RTR->fetch_directory().$RTR->fetch_class().'.php'); + include(APPPATH.'controllers/'.$RTR->directory.$RTR->class.'.php'); // Set a mark point for benchmarking $BM->mark('loading_time:_base_classes_end'); @@ -260,8 +260,8 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * loader class can be called via the URI, nor can * controller functions that begin with an underscore. */ - $class = $RTR->fetch_class(); - $method = $RTR->fetch_method(); + $class = $RTR->class; + $method = $RTR->method; if ( ! class_exists($class, FALSE) OR $method[0] === '_' OR method_exists('CI_Controller', $method)) { diff --git a/system/core/Common.php b/system/core/Common.php index efa7a9380..93cd0a0ae 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -92,7 +92,7 @@ if ( ! function_exists('is_really_writable')) */ if (is_dir($file)) { - $file = rtrim($file, '/').'/'.md5(mt_rand(1,100).mt_rand(1,100)); + $file = rtrim($file, '/').'/'.md5(mt_rand()); if (($fp = @fopen($file, FOPEN_WRITE_CREATE)) === FALSE) { return FALSE; @@ -346,7 +346,20 @@ if ( ! function_exists('is_https')) */ function is_https() { - return (isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) === 'on'); + if ( ! empty($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) !== 'off') + { + return TRUE; + } + elseif (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https') + { + return TRUE; + } + elseif ( ! empty($_SERVER['HTTP_FRONT_END_HTTPS']) && strtolower($_SERVER['HTTP_FRONT_END_HTTPS']) !== 'off') + { + return TRUE; + } + + return FALSE; } } @@ -424,12 +437,12 @@ if ( ! function_exists('log_message')) * We use this as a simple mechanism to access the logging * class and send messages to be logged. * - * @param string - * @param string - * @param bool + * @param string the error level: 'error', 'debug' or 'info' + * @param string the error message + * @param bool whether the error is a native PHP error * @return void */ - function log_message($level = 'error', $message, $php_error = FALSE) + function log_message($level, $message, $php_error = FALSE) { static $_log, $_log_threshold; diff --git a/system/core/Input.php b/system/core/Input.php index 6690b7f2e..0ef81128e 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -790,31 +790,30 @@ class CI_Input { */ public function request_headers($xss_clean = FALSE) { + // If header is already defined, return it immediately + if ( ! empty($this->headers)) + { + return $this->headers; + } + // In Apache, you can simply call apache_request_headers() if (function_exists('apache_request_headers')) { - $headers = apache_request_headers(); + return $this->headers = apache_request_headers(); } - else - { - $headers['Content-Type'] = isset($_SERVER['CONTENT_TYPE']) ? $_SERVER['CONTENT_TYPE'] : @getenv('CONTENT_TYPE'); - foreach ($_SERVER as $key => $val) - { - if (sscanf($key, 'HTTP_%s', $header) === 1) - { - $headers[$header] = $this->_fetch_from_array($_SERVER, $key, $xss_clean); - } - } - } + $this->headers['Content-Type'] = isset($_SERVER['CONTENT_TYPE']) ? $_SERVER['CONTENT_TYPE'] : @getenv('CONTENT_TYPE'); - // take SOME_HEADER and turn it into Some-Header - foreach ($headers as $key => $val) + foreach ($_SERVER as $key => $val) { - $key = str_replace(array('_', '-'), ' ', strtolower($key)); - $key = str_replace(' ', '-', ucwords($key)); + if (sscanf($key, 'HTTP_%s', $header) === 1) + { + // take SOME_HEADER and turn it into Some-Header + $header = str_replace('_', ' ', strtolower($header)); + $header = str_replace(' ', '-', ucwords($header)); - $this->headers[$key] = $val; + $this->headers[$header] = $this->_fetch_from_array($_SERVER, $key, $xss_clean); + } } return $this->headers; diff --git a/system/core/Loader.php b/system/core/Loader.php index d4e63231c..70a6b6fa6 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -658,7 +658,7 @@ class CI_Loader { return FALSE; } - if ( ! class_exists('CI_Driver_Library')) + if ( ! class_exists('CI_Driver_Library', FALSE)) { // We aren't instantiating an object here, just making the base class available require BASEPATH.'libraries/Driver.php'; @@ -713,7 +713,7 @@ class CI_Loader { * * Return a list of all package paths. * - * @param bool $include_base Whether to include BASEPATH (default: TRUE) + * @param bool $include_base Whether to include BASEPATH (default: FALSE) * @return array */ public function get_package_paths($include_base = FALSE) @@ -955,7 +955,7 @@ class CI_Loader { // Is this a class extension request? if (file_exists($subclass)) { - $baseclass = BASEPATH.'libraries/'.$class.'.php'; + $baseclass = BASEPATH.'libraries/'.$subdir.$class.'.php'; if ( ! file_exists($baseclass)) { diff --git a/system/core/Log.php b/system/core/Log.php index a84d3dc22..e4d72b544 100644 --- a/system/core/Log.php +++ b/system/core/Log.php @@ -138,12 +138,12 @@ class CI_Log { * * Generally this function will be called using the global log_message() function * - * @param string the error level + * @param string the error level: 'error', 'debug' or 'info' * @param string the error message * @param bool whether the error is a native PHP error * @return bool */ - public function write_log($level = 'error', $msg, $php_error = FALSE) + public function write_log($level, $msg, $php_error = FALSE) { if ($this->_enabled === FALSE) { diff --git a/system/core/Output.php b/system/core/Output.php index 3320ae154..06d7a866b 100644 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -841,9 +841,8 @@ class CI_Output { $output = substr_replace($output, '', 0, $pos); // Remove closing tag and save it for later - $end_pos = strlen($output); $pos = strpos($output, '</'); - $closing_tag = substr($output, $pos, $end_pos); + $closing_tag = substr($output, $pos, strlen($output)); $output = substr_replace($output, '', $pos); } @@ -852,7 +851,16 @@ class CI_Output { // Remove spaces around curly brackets, colons, // semi-colons, parenthesis, commas - $output = preg_replace('!\s*(:|;|,|}|{|\(|\))\s*!i', '$1', $output); + $chunks = preg_split('/([\'|"]).+(?![^\\\]\\1)\\1/iU', $output, -1, PREG_SPLIT_OFFSET_CAPTURE); + for ($i = count($chunks) - 1; $i >= 0; $i--) + { + $output = substr_replace( + $output, + preg_replace('/\s*(:|;|,|}|{|\(|\))\s*/i', '$1', $chunks[$i][0]), + $chunks[$i][1], + strlen($chunks[$i][0]) + ); + } // Replace tabs with spaces // Replace carriage returns & multiple new lines with single new line diff --git a/system/core/Router.php b/system/core/Router.php index bb0ce16bd..c86ab9c20 100644 --- a/system/core/Router.php +++ b/system/core/Router.php @@ -119,16 +119,16 @@ class CI_Router { if (isset($_GET[$this->config->item('directory_trigger')]) && is_string($_GET[$this->config->item('directory_trigger')])) { $this->set_directory(trim($this->uri->_filter_uri($_GET[$this->config->item('directory_trigger')]))); - $segments[] = $this->fetch_directory(); + $segments[] = $this->directory; } $this->set_class(trim($this->uri->_filter_uri($_GET[$this->config->item('controller_trigger')]))); - $segments[] = $this->fetch_class(); + $segments[] = $this->class; if ( ! empty($_GET[$this->config->item('function_trigger')]) && is_string($_GET[$this->config->item('function_trigger')])) { $this->set_method(trim($this->uri->_filter_uri($_GET[$this->config->item('function_trigger')]))); - $segments[] = $this->fetch_method(); + $segments[] = $this->method; } } @@ -270,7 +270,7 @@ class CI_Router { empty($segments[1]) OR $segments[1] = str_replace('-', '_', $segments[1]); // Does the requested controller exist in the sub-folder? - if ( ! file_exists(APPPATH.'controllers/'.$this->fetch_directory().$segments[0].'.php')) + if ( ! file_exists(APPPATH.'controllers/'.$this->directory.$segments[0].'.php')) { if ( ! empty($this->routes['404_override'])) { @@ -279,7 +279,7 @@ class CI_Router { } else { - show_404($this->fetch_directory().$segments[0]); + show_404($this->directory.$segments[0]); } } } @@ -287,7 +287,7 @@ class CI_Router { { // Is the method being specified in the route? $segments = explode('/', $this->default_controller); - if ( ! file_exists(APPPATH.'controllers/'.$this->fetch_directory().$segments[0].'.php')) + if ( ! file_exists(APPPATH.'controllers/'.$this->directory.$segments[0].'.php')) { $this->directory = ''; } @@ -413,6 +413,7 @@ class CI_Router { /** * Fetch the current class * + * @deprecated 3.0.0 Read the 'class' property instead * @return string */ public function fetch_class() @@ -438,11 +439,12 @@ class CI_Router { /** * Fetch the current method * + * @deprecated 3.0.0 Read the 'method' property instead * @return string */ public function fetch_method() { - return ($this->method === $this->fetch_class()) ? 'index' : $this->method; + return $this->method; } // -------------------------------------------------------------------- @@ -466,6 +468,7 @@ class CI_Router { * Feches the sub-directory (if any) that contains the requested * controller class. * + * @deprecated 3.0.0 Read the 'directory' property instead * @return string */ public function fetch_directory() diff --git a/system/core/Security.php b/system/core/Security.php index 7aae54efc..196d61144 100644 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -488,8 +488,7 @@ class CI_Security { { if ($this->_xss_hash === '') { - mt_srand(); - $this->_xss_hash = md5(time() + mt_rand(0, 1999999999)); + $this->_xss_hash = md5(uniqid(mt_rand())); } return $this->_xss_hash; diff --git a/system/core/URI.php b/system/core/URI.php index b2286f032..bc086d223 100644 --- a/system/core/URI.php +++ b/system/core/URI.php @@ -720,7 +720,7 @@ class CI_URI { { global $RTR; - if (($dir = $RTR->fetch_directory()) === '/') + if (($dir = $RTR->directory) === '/') { $dir = ''; } diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php index 97021f125..593d78ba4 100644 --- a/system/database/DB_driver.php +++ b/system/database/DB_driver.php @@ -704,7 +704,7 @@ abstract class CI_DB_driver { { $driver = 'CI_DB_'.$this->dbdriver.'_result'; - if ( ! class_exists($driver)) + if ( ! class_exists($driver, FALSE)) { include_once(BASEPATH.'database/DB_result.php'); include_once(BASEPATH.'database/drivers/'.$this->dbdriver.'/'.$this->dbdriver.'_result.php'); @@ -816,7 +816,7 @@ abstract class CI_DB_driver { } // The query() function will set this flag to FALSE in the event that a query failed - if ($this->_trans_status === FALSE) + if ($this->_trans_status === FALSE OR $this->_trans_failure === TRUE) { $this->trans_rollback(); diff --git a/system/helpers/captcha_helper.php b/system/helpers/captcha_helper.php index 78e255a15..f3b9c6cc4 100644 --- a/system/helpers/captcha_helper.php +++ b/system/helpers/captcha_helper.php @@ -51,7 +51,7 @@ if ( ! function_exists('create_captcha')) */ function create_captcha($data = '', $img_path = '', $img_url = '', $font_path = '') { - $defaults = array('word' => '', 'img_path' => '', 'img_url' => '', 'img_width' => '150', 'img_height' => '30', 'font_path' => '', 'expiration' => 7200); + $defaults = array('word' => '', 'img_path' => '', 'img_url' => '', 'img_width' => '150', 'img_height' => '30', 'font_path' => '', 'expiration' => 7200, 'word_length' => 8, 'pool' => '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'); foreach ($defaults as $key => $val) { @@ -95,9 +95,8 @@ if ( ! function_exists('create_captcha')) if (empty($word)) { - $pool = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'; $word = ''; - for ($i = 0, $mt_rand_max = strlen($pool) - 1; $i < 8; $i++) + for ($i = 0, $mt_rand_max = strlen($pool) - 1; $i < $word_length; $i++) { $word .= $pool[mt_rand(0, $mt_rand_max)]; } diff --git a/system/libraries/Cache/drivers/Cache_memcached.php b/system/libraries/Cache/drivers/Cache_memcached.php index 246a7a264..4c35c5550 100644 --- a/system/libraries/Cache/drivers/Cache_memcached.php +++ b/system/libraries/Cache/drivers/Cache_memcached.php @@ -196,7 +196,7 @@ class CI_Cache_memcached extends CI_Driver { return FALSE; } - foreach ($this->_memcache_conf as $name => $cache_server) + foreach ($this->_memcache_conf as $cache_server) { if ( ! array_key_exists('hostname', $cache_server)) { @@ -260,4 +260,4 @@ class CI_Cache_memcached extends CI_Driver { } /* End of file Cache_memcached.php */ -/* Location: ./system/libraries/Cache/drivers/Cache_memcached.php */
\ No newline at end of file +/* Location: ./system/libraries/Cache/drivers/Cache_memcached.php */ diff --git a/system/libraries/Cart.php b/system/libraries/Cart.php index b7b0697fb..edc300bd7 100644 --- a/system/libraries/Cart.php +++ b/system/libraries/Cart.php @@ -51,7 +51,7 @@ class CI_Cart { * * @var string */ - public $product_name_rules = '\.\:\-_ a-z0-9'; + public $product_name_rules = '\w \-\.\:'; /** * only allow safe product names @@ -214,7 +214,7 @@ class CI_Cart { // Validate the product name. It can only be alpha-numeric, dashes, underscores, colons or periods. // Note: These can be user-specified by setting the $this->product_name_rules variable. - if ($this->product_name_safe && ! preg_match('/^['.$this->product_name_rules.']+$/i', $items['name'])) + if ($this->product_name_safe && ! preg_match('/^['.$this->product_name_rules.']+$/i'.(UTF8_ENABLED ? 'u' : ''), $items['name'])) { log_message('error', 'An invalid name was submitted as the product name: '.$items['name'].' The name can only contain alpha-numeric characters, dashes, underscores, colons, and spaces'); return FALSE; diff --git a/system/libraries/Email.php b/system/libraries/Email.php index a745d331d..46ffaa1d4 100644 --- a/system/libraries/Email.php +++ b/system/libraries/Email.php @@ -739,7 +739,7 @@ class CI_Email { */ public function set_header($header, $value) { - $this->_headers[$header] = $value; + $this->_headers[$header] = str_replace(array("\n", "\r"), '', $value); } // -------------------------------------------------------------------- @@ -1236,7 +1236,7 @@ class CI_Email { /** * Build Final Body and attachments * - * @return void + * @return bool */ protected function _build_message() { @@ -1275,7 +1275,7 @@ class CI_Email { if ($this->send_multipart === FALSE) { $hdr .= 'Content-Type: text/html; charset='.$this->charset.$this->newline - .'Content-Transfer-Encoding: quoted-printable'; + .'Content-Transfer-Encoding: quoted-printable'.$this->newline.$this->newline; } else { @@ -1401,7 +1401,7 @@ class CI_Email { $body .= implode($this->newline, $attachment).$this->newline.'--'.$this->_atc_boundary.'--'; $this->_finalbody = ($this->_get_protocol() === 'mail') ? $body : $hdr.$body; - return; + return TRUE; } // -------------------------------------------------------------------- @@ -1606,7 +1606,11 @@ class CI_Email { return $result; } - $this->_build_message(); + if ($this->_build_message() === FALSE) + { + return FALSE; + } + $result = $this->_spool_email(); if ($result && $auto_clear) @@ -1665,7 +1669,11 @@ class CI_Email { $this->_bcc_array = $bcc; } - $this->_build_message(); + if ($this->_build_message() === FALSE) + { + return FALSE; + } + $this->_spool_email(); } } @@ -2132,7 +2140,7 @@ class CI_Email { if (in_array('headers', $include, TRUE)) { - $raw_data = $this->_header_str."\n"; + $raw_data = htmlspecialchars($this->_header_str)."\n"; } if (in_array('subject', $include, TRUE)) diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index c6a1cb175..8ac5420de 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -244,7 +244,7 @@ class CI_Encrypt { $rand = ''; do { - $rand .= mt_rand(0, mt_getrandmax()); + $rand .= mt_rand(); } while (strlen($rand) < 32); diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php index 1ed50844c..40ba01202 100644 --- a/system/libraries/Form_validation.php +++ b/system/libraries/Form_validation.php @@ -1405,7 +1405,7 @@ class CI_Form_validation { */ public function valid_base64($str) { - return ! preg_match('/[^a-zA-Z0-9\/\+=]/', $str); + return (base64_encode(base64_decode($str)) === $str); } // -------------------------------------------------------------------- diff --git a/system/libraries/Parser.php b/system/libraries/Parser.php index 1c26bd2b2..7e843e710 100644 --- a/system/libraries/Parser.php +++ b/system/libraries/Parser.php @@ -38,14 +38,14 @@ defined('BASEPATH') OR exit('No direct script access allowed'); class CI_Parser { /** - * Left delimeter character for psuedo vars + * Left delimiter character for pseudo vars * * @var string */ public $l_delim = '{'; /** - * Right delimeter character for psuedo vars + * Right delimiter character for pseudo vars * * @var string */ @@ -228,4 +228,4 @@ class CI_Parser { } /* End of file Parser.php */ -/* Location: ./system/libraries/Parser.php */
\ No newline at end of file +/* Location: ./system/libraries/Parser.php */ diff --git a/system/libraries/Profiler.php b/system/libraries/Profiler.php index 470688fdc..0c60efb8b 100644 --- a/system/libraries/Profiler.php +++ b/system/libraries/Profiler.php @@ -405,7 +405,7 @@ class CI_Profiler { .'<fieldset id="ci_profiler_controller_info" style="border:1px solid #995300;padding:6px 10px 10px 10px;margin:20px 0 20px 0;background-color:#eee;">' ."\n" .'<legend style="color:#995300;"> '.$this->CI->lang->line('profiler_controller_info')." </legend>\n" - .'<div style="color:#995300;font-weight:normal;padding:4px 0 4px 0;">'.$this->CI->router->fetch_class().'/'.$this->CI->router->fetch_method() + .'<div style="color:#995300;font-weight:normal;padding:4px 0 4px 0;">'.$this->CI->router->class.'/'.$this->CI->router->method .'</div></fieldset>'; } @@ -447,7 +447,7 @@ class CI_Profiler { .' (<span style="cursor: pointer;" onclick="var s=document.getElementById(\'ci_profiler_httpheaders_table\').style;s.display=s.display==\'none\'?\'\':\'none\';this.innerHTML=this.innerHTML==\''.$this->CI->lang->line('profiler_section_show').'\'?\''.$this->CI->lang->line('profiler_section_hide').'\':\''.$this->CI->lang->line('profiler_section_show').'\';">'.$this->CI->lang->line('profiler_section_show')."</span>)</legend>\n\n\n" .'<table style="width:100%;display:none;" id="ci_profiler_httpheaders_table">'."\n"; - foreach (array('HTTP_ACCEPT', 'HTTP_USER_AGENT', 'HTTP_CONNECTION', 'SERVER_PORT', 'SERVER_NAME', 'REMOTE_ADDR', 'SERVER_SOFTWARE', 'HTTP_ACCEPT_LANGUAGE', 'SCRIPT_NAME', 'REQUEST_METHOD',' HTTP_HOST', 'REMOTE_HOST', 'CONTENT_TYPE', 'SERVER_PROTOCOL', 'QUERY_STRING', 'HTTP_ACCEPT_ENCODING', 'HTTP_X_FORWARDED_FOR') as $header) + foreach (array('HTTP_ACCEPT', 'HTTP_USER_AGENT', 'HTTP_CONNECTION', 'SERVER_PORT', 'SERVER_NAME', 'REMOTE_ADDR', 'SERVER_SOFTWARE', 'HTTP_ACCEPT_LANGUAGE', 'SCRIPT_NAME', 'REQUEST_METHOD',' HTTP_HOST', 'REMOTE_HOST', 'CONTENT_TYPE', 'SERVER_PROTOCOL', 'QUERY_STRING', 'HTTP_ACCEPT_ENCODING', 'HTTP_X_FORWARDED_FOR', 'HTTP_DNT') as $header) { $val = isset($_SERVER[$header]) ? $_SERVER[$header] : ''; $output .= '<tr><td style="vertical-align:top;width:50%;padding:5px;color:#900;background-color:#ddd;">' diff --git a/system/libraries/Session/drivers/Session_cookie.php b/system/libraries/Session/drivers/Session_cookie.php index 0e8644102..7174d63c8 100644 --- a/system/libraries/Session/drivers/Session_cookie.php +++ b/system/libraries/Session/drivers/Session_cookie.php @@ -641,7 +641,7 @@ class CI_Session_cookie extends CI_Session_driver { $new_sessid = ''; do { - $new_sessid .= mt_rand(0, mt_getrandmax()); + $new_sessid .= mt_rand(); } while (strlen($new_sessid) < 32); @@ -832,7 +832,6 @@ class CI_Session_cookie extends CI_Session_driver { $probability = ini_get('session.gc_probability'); $divisor = ini_get('session.gc_divisor'); - srand(time()); if ((mt_rand(0, $divisor) / $divisor) < $probability) { $expire = $this->now - $this->sess_expiration; diff --git a/system/libraries/Upload.php b/system/libraries/Upload.php index 1c14f99ed..85428044d 100644 --- a/system/libraries/Upload.php +++ b/system/libraries/Upload.php @@ -136,6 +136,13 @@ class CI_Upload { public $file_ext = ''; /** + * Force filename extension to lowercase + * + * @var string + */ + public $file_ext_tolower = FALSE; + + /** * Upload path * * @var string @@ -294,6 +301,7 @@ class CI_Upload { 'file_type' => '', 'file_size' => NULL, 'file_ext' => '', + 'file_ext_tolower' => FALSE, 'upload_path' => '', 'overwrite' => FALSE, 'encrypt_name' => FALSE, @@ -366,25 +374,25 @@ class CI_Upload { switch ($error) { - case 1: // UPLOAD_ERR_INI_SIZE + case UPLOAD_ERR_INI_SIZE: $this->set_error('upload_file_exceeds_limit'); break; - case 2: // UPLOAD_ERR_FORM_SIZE + case UPLOAD_ERR_FORM_SIZE: $this->set_error('upload_file_exceeds_form_limit'); break; - case 3: // UPLOAD_ERR_PARTIAL + case UPLOAD_ERR_PARTIAL: $this->set_error('upload_file_partial'); break; - case 4: // UPLOAD_ERR_NO_FILE + case UPLOAD_ERR_NO_FILE: $this->set_error('upload_no_file_selected'); break; - case 6: // UPLOAD_ERR_NO_TMP_DIR + case UPLOAD_ERR_NO_TMP_DIR: $this->set_error('upload_no_temp_directory'); break; - case 7: // UPLOAD_ERR_CANT_WRITE + case UPLOAD_ERR_CANT_WRITE: $this->set_error('upload_unable_to_write_file'); break; - case 8: // UPLOAD_ERR_EXTENSION + case UPLOAD_ERR_EXTENSION: $this->set_error('upload_stopped_by_extension'); break; default: @@ -604,7 +612,6 @@ class CI_Upload { { if ($this->encrypt_name === TRUE) { - mt_srand(); $filename = md5(uniqid(mt_rand())).$this->file_ext; } @@ -966,7 +973,14 @@ class CI_Upload { public function get_extension($filename) { $x = explode('.', $filename); - return (count($x) !== 1) ? '.'.end($x) : ''; + + if (count($x) === 1) + { + return ''; + } + + $ext = ($this->file_ext_tolower) ? strtolower(end($x)) : end($x); + return '.'.$ext; } // -------------------------------------------------------------------- @@ -1076,18 +1090,14 @@ class CI_Upload { $CI =& get_instance(); $CI->lang->load('upload'); - if (is_array($msg)) + if ( ! is_array($msg)) { - foreach ($msg as $val) - { - $msg = ($CI->lang->line($val) === FALSE) ? $val : $CI->lang->line($val); - $this->error_msg[] = $msg; - log_message('error', $msg); - } + $msg = array($msg); } - else + + foreach ($msg as $val) { - $msg = ($CI->lang->line($msg) === FALSE) ? $msg : $CI->lang->line($msg); + $msg = ($CI->lang->line($val) === FALSE) ? $val : $CI->lang->line($val); $this->error_msg[] = $msg; log_message('error', $msg); } diff --git a/tests/README.md b/tests/README.md index a5f89a2b1..3e32edc0c 100644 --- a/tests/README.md +++ b/tests/README.md @@ -17,6 +17,7 @@ format to facilitate clean api design. [see http://arrenbrecht.ch/testing/] PHP Unit >= 3.5.6 pear channel-discover pear.phpunit.de + pear channel-discover pear.symfony.com pear install phpunit/PHPUnit vfsStream diff --git a/tests/codeigniter/core/Loader_test.php b/tests/codeigniter/core/Loader_test.php index dea01a555..ac2656e75 100644 --- a/tests/codeigniter/core/Loader_test.php +++ b/tests/codeigniter/core/Loader_test.php @@ -147,6 +147,9 @@ class Loader_test extends CI_TestCase { public function test_driver() { + // Call the autoloader, to include system/libraries/Driver.php + class_exists('CI_Driver_Library', TRUE); + // Create driver in VFS $driver = 'unit_test_driver'; $dir = ucfirst($driver); @@ -220,7 +223,7 @@ class Loader_test extends CI_TestCase { // Test name conflict $obj = 'conflict'; - $this->ci_obj->$obj = new StdClass(); + $this->ci_obj->$obj = new stdClass(); $this->setExpectedException( 'RuntimeException', 'CI Error: The model name you are loading is the name of a resource that is already being used: '.$obj diff --git a/tests/mocks/ci_testcase.php b/tests/mocks/ci_testcase.php index f16492945..ad4fe5ac3 100644 --- a/tests/mocks/ci_testcase.php +++ b/tests/mocks/ci_testcase.php @@ -27,7 +27,7 @@ class CI_TestCase extends PHPUnit_Framework_TestCase { public function __construct() { parent::__construct(); - $this->ci_instance = new StdClass(); + $this->ci_instance = new stdClass(); } // -------------------------------------------------------------------- diff --git a/tests/mocks/core/common.php b/tests/mocks/core/common.php index 24d645ae3..0ccfe1ea4 100644 --- a/tests/mocks/core/common.php +++ b/tests/mocks/core/common.php @@ -178,7 +178,7 @@ if ( ! function_exists('is_loaded')) if ( ! function_exists('log_message')) { - function log_message($level = 'error', $message, $php_error = FALSE) + function log_message($level, $message, $php_error = FALSE) { return TRUE; } diff --git a/tests/mocks/database/db.php b/tests/mocks/database/db.php index 7e0030e15..968476dea 100644 --- a/tests/mocks/database/db.php +++ b/tests/mocks/database/db.php @@ -106,6 +106,7 @@ class Mock_Database_DB { $subdriver = self::$subdriver; $case->ci_vfs_create(array( 'DB_driver.php' => '', + 'DB_result.php' => '', 'DB_forge.php' => '', 'DB_query_builder.php' => '' ), '', $case->ci_base_root, 'database'); @@ -113,6 +114,7 @@ class Mock_Database_DB { { $case->ci_vfs_create(array( $driver.'_driver.php' => '', + $driver.'_result.php' => '', $driver.'_forge.php' => '' ), '', $case->ci_base_root, 'database/drivers/'.$driver); } diff --git a/user_guide_src/source/_themes/eldocs/layout.html b/user_guide_src/source/_themes/eldocs/layout.html index 51d61b849..7f2fe1a34 100644 --- a/user_guide_src/source/_themes/eldocs/layout.html +++ b/user_guide_src/source/_themes/eldocs/layout.html @@ -81,7 +81,7 @@ {%- block content %} <div id="table-contents"> <div class="toctree-wrapper compound"> - {{ toctree(collapse=true) }} + {{ toctree }} </div> </div> diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index 21d0bde63..369f40587 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -60,51 +60,72 @@ Release Date: Not Released - Helpers - :doc:`Date Helper <helpers/date_helper>` changes include: - - :php:func:`now()` now works with all timezone strings supported by PHP. - - Added an optional third parameter to :php:func:`timespan()` that constrains the number of time units displayed. - - Added an optional parameter to :php:func:`timezone_menu()` that allows more attributes to be added to the generated select tag. - - Deprecated ``standard_date()``, which now just uses the native ``date()`` with `DateTime constants <http://www.php.net/manual/en/class.datetime.php#datetime.constants.types>`_. - - Added function :php:func:`date_range()` that generates a list of dates between a specified period. + + - :php:func:`now()` now works with all timezone strings supported by PHP. + - Added an optional third parameter to :php:func:`timespan()` that constrains the number of time units displayed. + - Added an optional parameter to :php:func:`timezone_menu()` that allows more attributes to be added to the generated select tag. + - Deprecated ``standard_date()``, which now just uses the native ``date()`` with `DateTime constants <http://www.php.net/manual/en/class.datetime.php#datetime.constants.types>`_. + - Added function :php:func:`date_range()` that generates a list of dates between a specified period. + - :doc:`URL Helper <helpers/url_helper>` changes include: - - Deprecated *separator* options **dash** and **underscore** for function :php:func:`url_title()` (they are only aliases for '-' and '_' respectively). - - :php:func:`url_title()` will now trim extra dashes from beginning and end. - - :php:func:`anchor_popup()` will now fill the *href* attribute with the URL and its JS code will return FALSE instead. - - Added JS window name support to the :php:func:`anchor_popup()` function. - - Added support (auto-detection) for HTTP/1.1 response code 303 in :php:func:`redirect()`. - - Changed :php:func:`redirect()` to only choose the **refresh** method only on IIS servers, instead of all servers on Windows (when **auto** is used). - - Changed :php:func:`anchor()`, :php:func:`anchor_popup()`, and :php:func:`redirect()` to support protocol-relative URLs (e.g. *//ellislab.com/codeigniter*). + + - Deprecated *separator* options **dash** and **underscore** for function :php:func:`url_title()` (they are only aliases for '-' and '_' respectively). + - :php:func:`url_title()` will now trim extra dashes from beginning and end. + - :php:func:`anchor_popup()` will now fill the *href* attribute with the URL and its JS code will return FALSE instead. + - Added JS window name support to the :php:func:`anchor_popup()` function. + - Added support (auto-detection) for HTTP/1.1 response code 303 in :php:func:`redirect()`. + - Changed :php:func:`redirect()` to only choose the **refresh** method only on IIS servers, instead of all servers on Windows (when **auto** is used). + - Changed :php:func:`anchor()`, :php:func:`anchor_popup()`, and :php:func:`redirect()` to support protocol-relative URLs (e.g. *//ellislab.com/codeigniter*). + - :doc:`HTML Helper <helpers/html_helper>` changes include: - - Added more doctypes. - - Changed application and environment config files to be loaded in a cascade-like manner. - - The doctypes array is now cached and loaded only once. + + - Added more doctypes. + - Changed application and environment config files to be loaded in a cascade-like manner. + - The doctypes array is now cached and loaded only once. + - :doc:`Inflector Helper <helpers/inflector_helper>` changes include: - - Changed :php:func:`humanize()` to allow passing an input separator as its second parameter. - - Refactored :php:func:`plural()` and :php:func:`singular()` to avoid double pluralization and support more words. + + - Changed :php:func:`humanize()` to allow passing an input separator as its second parameter. + - Refactored :php:func:`plural()` and :php:func:`singular()` to avoid double pluralization and support more words. + - :doc:`Download Helper <helpers/download_helper>` changes include: - - Added an optional third parameter to :php:func:`force_download()` that enables/disables sending the actual file MIME type in the Content-Type header (disabled by default). - - Added a work-around in :php:func:`force_download()` for a bug Android <= 2.1, where the filename extension needs to be in uppercase. - - Added support for reading from an existing file path by passing NULL as the second parameter to :php:func:`force_download()` (useful for large files and/or safely transmitting binary data). + + - Added an optional third parameter to :php:func:`force_download()` that enables/disables sending the actual file MIME type in the Content-Type header (disabled by default). + - Added a work-around in :php:func:`force_download()` for a bug Android <= 2.1, where the filename extension needs to be in uppercase. + - Added support for reading from an existing file path by passing NULL as the second parameter to :php:func:`force_download()` (useful for large files and/or safely transmitting binary data). + - :doc:`Form Helper <helpers/form_helper>` changes include: - - :php:func:`form_dropdown()` will now also take an array for unity with other form helpers. - - :php:func:`form_prep()`'s second argument now only accepts a boolean value, which determines whether the value is escaped for a <textarea> or a regular <input> element. + + - :php:func:`form_dropdown()` will now also take an array for unity with other form helpers. + - :php:func:`form_prep()`'s second argument now only accepts a boolean value, which determines whether the value is escaped for a <textarea> or a regular <input> element. + - :doc:`Security Helper <helpers/security_helper>` changes include: - - :php:func:`do_hash()` now uses PHP's native ``hash()`` function (supporting more algorithms) and is deprecated. - - :php:func:`strip_image_tags()` is now an alias for the same method in the :doc:`Security Library <libraries/security>`. + + - :php:func:`do_hash()` now uses PHP's native ``hash()`` function (supporting more algorithms) and is deprecated. + - :php:func:`strip_image_tags()` is now an alias for the same method in the :doc:`Security Library <libraries/security>`. + - :doc:`Smiley Helper <helpers/smiley_helper>` changes include: - - Removed previously deprecated function ``js_insert_smiley()``. - - Changed application and environment config files to be loaded in a cascade-like manner. - - The smileys array is now cached and loaded only once. + + - Removed previously deprecated function ``js_insert_smiley()``. + - Changed application and environment config files to be loaded in a cascade-like manner. + - The smileys array is now cached and loaded only once. + - :doc:`File Helper <helpers/file_helper>` changes include: - - :php:func:`set_realpath()` can now also handle file paths as opposed to just directories. - - Added an optional paramater to :php:func:`delete_files()` to enable it to skip deleting files such as *.htaccess* and *index.html*. - - Deprecated function ``read_file()`` - it's just an alias for PHP's native ``file_get_contents()``. + + - :php:func:`set_realpath()` can now also handle file paths as opposed to just directories. + - Added an optional paramater to :php:func:`delete_files()` to enable it to skip deleting files such as *.htaccess* and *index.html*. + - Deprecated function ``read_file()`` - it's just an alias for PHP's native ``file_get_contents()``. + - :doc:`String Helper <helpers/string_helper>` changes include: - - Deprecated function ``repeater()`` - it's just an alias for PHP's native ``str_repeat()``. - - Deprecated function ``trim_slashes()`` - it's just an alias for PHP's native ``trim()`` (with a slash as its second argument). - - Deprecated randomization type options **unique** and **encrypt** for funcion :php:func:`random_string()` (they are only aliases for **md5** and **sha1** respectively). + + - Deprecated function ``repeater()`` - it's just an alias for PHP's native ``str_repeat()``. + - Deprecated function ``trim_slashes()`` - it's just an alias for PHP's native ``trim()`` (with a slash as its second argument). + - Deprecated randomization type options **unique** and **encrypt** for funcion :php:func:`random_string()` (they are only aliases for **md5** and **sha1** respectively). + - :doc:`Directory Helper <helpers/directory_helper>` :php:func:`directory_map()` will now append ``DIRECTORY_SEPARATOR`` to directory names in the returned array. - :doc:`Language Helper <helpers/language_helper>` :php:func:`lang()` now accepts an optional list of additional HTML attributes. - Deprecated the :doc:`Email Helper <helpers/email_helper>` as its ``valid_email()``, ``send_email()`` functions are now only aliases for PHP native functions ``filter_var()`` and ``mail()`` respectively. + - :doc:`CAPTCHA Helper <helpers/captcha_helper>` :php:func:`create_captcha` added word_length and pool options for setting length of randomly generated captcha word, and what characters to select from. - Database @@ -127,213 +148,281 @@ Release Date: Not Released - Added support for SQLite3 database driver. - Added Interbase/Firebird database support via the *ibase* driver. - Added ODBC support for ``create_database()``, ``drop_database()`` and ``drop_table()`` in :doc:`Database Forge <database/forge>`. + - :doc:`Query Builder <database/query_builder>` changes include: - - Renamed the Active Record class to Query Builder to remove confusion with the Active Record design pattern. - - Added the ability to insert objects with ``insert_batch()``. - - Added new methods that return the SQL string of queries without executing them: ``get_compiled_select()``, ``get_compiled_insert()``, ``get_compiled_update()``, ``get_compiled_delete()``. - - Added an optional parameter that allows to disable escaping (useful for custom fields) for methods ``join()``, ``order_by()``, ``where_in()``, ``or_where_in()``, ``where_not_in()``, ``or_where_not_in()``, ``insert()``, ``insert_batch()``. - - Added support for ``join()`` with multiple conditions. - - Added support for *USING* in ``join()``. - - Added seed values support for random ordering with ``order_by(seed, 'RANDOM')``. - - Changed ``limit()`` to ignore NULL values instead of always casting to integer. - - Changed ``offset()`` to ignore empty values instead of always casting to integer. - - Methods ``insert_batch()`` and ``update_batch()`` now return an integer representing the number of rows affected by them. + + - Renamed the Active Record class to Query Builder to remove confusion with the Active Record design pattern. + - Added the ability to insert objects with ``insert_batch()``. + - Added new methods that return the SQL string of queries without executing them: ``get_compiled_select()``, ``get_compiled_insert()``, ``get_compiled_update()``, ``get_compiled_delete()``. + - Added an optional parameter that allows to disable escaping (useful for custom fields) for methods ``join()``, ``order_by()``, ``where_in()``, ``or_where_in()``, ``where_not_in()``, ``or_where_not_in()``, ``insert()``, ``insert_batch()``. + - Added support for ``join()`` with multiple conditions. + - Added support for *USING* in ``join()``. + - Added seed values support for random ordering with ``order_by(seed, 'RANDOM')``. + - Changed ``limit()`` to ignore NULL values instead of always casting to integer. + - Changed ``offset()`` to ignore empty values instead of always casting to integer. + - Methods ``insert_batch()`` and ``update_batch()`` now return an integer representing the number of rows affected by them. + - :doc:`Database Results <database/results>` changes include: - - Added a constructor to the ``DB_result`` class and moved all driver-specific properties and logic out of the base ``DB_driver`` class to allow better abstraction. - - Added method ``unbuffered_row()`` for fetching a row without prefetching the whole result (consume less memory). - - Renamed former method ``_data_seek()`` to ``data_seek()`` and made it public. + + - Added a constructor to the ``DB_result`` class and moved all driver-specific properties and logic out of the base ``DB_driver`` class to allow better abstraction. + - Added method ``unbuffered_row()`` for fetching a row without prefetching the whole result (consume less memory). + - Renamed former method ``_data_seek()`` to ``data_seek()`` and made it public. + - Improved support for the MySQLi driver, including: - - OOP style of the PHP extension is now used, instead of the procedural aliases. - - Server version checking is now done via ``mysqli::$server_info`` instead of running an SQL query. - - Added persistent connections support for PHP >= 5.3. - - Added support for ``backup()`` in :doc:`Database Utilities <database/utilities>`. + + - OOP style of the PHP extension is now used, instead of the procedural aliases. + - Server version checking is now done via ``mysqli::$server_info`` instead of running an SQL query. + - Added persistent connections support for PHP >= 5.3. + - Added support for ``backup()`` in :doc:`Database Utilities <database/utilities>`. + - Improved support of the PDO driver, including: - - Added support for ``create_database()``, ``drop_database()`` and ``drop_table()`` in :doc:`Database Forge <database/forge>`. - - Added support for ``list_fields()`` in :doc:`Database Results <database/results>`. - - Subdrivers are now isolated from each other instead of being in one large class. + + - Added support for ``create_database()``, ``drop_database()`` and ``drop_table()`` in :doc:`Database Forge <database/forge>`. + - Added support for ``list_fields()`` in :doc:`Database Results <database/results>`. + - Subdrivers are now isolated from each other instead of being in one large class. + - Improved support of the PostgreSQL driver, including: - - ``pg_version()`` is now used to get the database version number, when possible. - - Added ``db_set_charset()`` support. - - Added support for ``optimize_table()`` in :doc:`Database Utilities <database/utilities>` (rebuilds table indexes). - - Added boolean data type support in ``escape()``. - - Added ``update_batch()`` support. - - Removed ``limit()`` and ``order_by()`` support for *UPDATE* and *DELETE* queries as PostgreSQL does not support those features. - - Added a work-around for dead persistent connections to be re-created after a database restart. - - Changed ``db_connect()`` to include the (new) **schema** value into Postgre's **search_path** session variable. + + - ``pg_version()`` is now used to get the database version number, when possible. + - Added ``db_set_charset()`` support. + - Added support for ``optimize_table()`` in :doc:`Database Utilities <database/utilities>` (rebuilds table indexes). + - Added boolean data type support in ``escape()``. + - Added ``update_batch()`` support. + - Removed ``limit()`` and ``order_by()`` support for *UPDATE* and *DELETE* queries as PostgreSQL does not support those features. + - Added a work-around for dead persistent connections to be re-created after a database restart. + - Changed ``db_connect()`` to include the (new) **schema** value into Postgre's **search_path** session variable. + - Improved support of the CUBRID driver, including: - - Added DSN string support. - - Added persistent connections support. - - Improved ``list_databases()`` in :doc:`Database Utility <database/utilities>` (until now only the currently used database was returned). + + - Added DSN string support. + - Added persistent connections support. + - Improved ``list_databases()`` in :doc:`Database Utility <database/utilities>` (until now only the currently used database was returned). + - Improved support of the MSSQL and SQLSRV drivers, including: - - Added random ordering support. - - Added support for ``optimize_table()`` in :doc:`Database Utility <database/utilities>`. - - Added escaping with *QUOTE_IDENTIFIER* setting detection. - - Added port handling support for UNIX-based systems (MSSQL driver). - - Added *OFFSET* support for SQL Server 2005 and above. - - Added ``db_set_charset()`` support (MSSQL driver). + + - Added random ordering support. + - Added support for ``optimize_table()`` in :doc:`Database Utility <database/utilities>`. + - Added escaping with *QUOTE_IDENTIFIER* setting detection. + - Added port handling support for UNIX-based systems (MSSQL driver). + - Added *OFFSET* support for SQL Server 2005 and above. + - Added ``db_set_charset()`` support (MSSQL driver). + - Improved support of the Oracle (OCI8) driver, including: - - Added DSN string support (Easy Connect and TNS). - - Added support for ``drop_table()`` in :doc:`Database Forge <database/forge>`. - - Added support for ``list_databases()`` in :doc:`Database Utilities <database/utilities>`. - - Generally improved for speed and cleaned up all of its components. - - ``num_rows()`` is now only called explicitly by the developer and no longer re-executes statements. + + - Added DSN string support (Easy Connect and TNS). + - Added support for ``drop_table()`` in :doc:`Database Forge <database/forge>`. + - Added support for ``list_databases()`` in :doc:`Database Utilities <database/utilities>`. + - Generally improved for speed and cleaned up all of its components. + - ``num_rows()`` is now only called explicitly by the developer and no longer re-executes statements. + - Improved support of the SQLite driver, including: - - Added support for ``replace()`` in :doc:`Query Builder <database/query_builder>`. - - Added support for ``drop_table()`` in :doc:`Database Forge <database/forge>`. + + - Added support for ``replace()`` in :doc:`Query Builder <database/query_builder>`. + - Added support for ``drop_table()`` in :doc:`Database Forge <database/forge>`. + - :doc:`Database Forge <database/forge>` changes include: - - Added an optional second parameter to ``drop_table()`` that allows adding the **IF EXISTS** condition, which is no longer the default. - - Added support for passing a custom database object to the loader. - - Deprecated ``add_column()``'s third method. *AFTER* clause should now be added to the field definition array instead. - - Added support for usage of the *FIRST* clause in ``add_column()`` for MySQL and CUBRID. - - Overall improved support for all of the drivers. + + - Added an optional second parameter to ``drop_table()`` that allows adding the **IF EXISTS** condition, which is no longer the default. + - Added support for passing a custom database object to the loader. + - Deprecated ``add_column()``'s third method. *AFTER* clause should now be added to the field definition array instead. + - Added support for usage of the *FIRST* clause in ``add_column()`` for MySQL and CUBRID. + - Overall improved support for all of the drivers. + - :doc:`Database Utility <database/utilities>` changes include: - - Added support for passing a custom database object to the loader. - - Modified the class to no longer extend :doc:`Database Forge <database/forge>`, which has been a deprecated behavior for awhile. - - Overall improved support for all of the drivers. - - Added *foreign_key_checks* option to MySQL/MySQLi backup, allowing statement to disable/re-enable foreign key checks to be inserted into the backup output. + + - Added support for passing a custom database object to the loader. + - Modified the class to no longer extend :doc:`Database Forge <database/forge>`, which has been a deprecated behavior for awhile. + - Overall improved support for all of the drivers. + - Added *foreign_key_checks* option to MySQL/MySQLi backup, allowing statement to disable/re-enable foreign key checks to be inserted into the backup output. - Libraries - :doc:`Session Library <libraries/sessions>` changes include: - - Library changed to :doc:`Driver <general/drivers>` with classic Cookie driver as default. - - Added Native PHP Session driver to work with ``$_SESSION``. - - Custom drivers can be added anywhere in package paths and be loaded with the library. - - Drivers interchangeable on the fly. - - New **tempdata** feature allows setting user data items with an expiration time. - - Added default ``$config['sess_driver']`` and ``$config['sess_valid_drivers']`` items to *config.php* file. - - Cookie driver now respects php.ini's *session.gc_probability* and *session.gc_divisor* settings. - - Cookie driver now uses HMAC authentication instead of the simple md5 checksum. - - The Cookie driver now also checks authentication on encrypted session data. - - Changed the Cookie driver to select only one row when using database sessions. - - Cookie driver now only writes to database at end of request when using database. - - Cookie driver now uses PHP functions for faster array manipulation when using database. - - Added ``all_flashdata()`` method to session class. Returns an associative array of only flashdata. - - Added ``has_userdata()`` method to verify existence of userdata item. - - Added ``tempdata()``, ``set_tempdata()``, and ``unset_tempdata()`` methods for manipulating tempdata. - - ``keep_flashdata()`` now accepts an array of keys. + + - Library changed to :doc:`Driver <general/drivers>` with classic Cookie driver as default. + - Added Native PHP Session driver to work with ``$_SESSION``. + - Custom drivers can be added anywhere in package paths and be loaded with the library. + - Drivers interchangeable on the fly. + - New **tempdata** feature allows setting user data items with an expiration time. + - Added default ``$config['sess_driver']`` and ``$config['sess_valid_drivers']`` items to *config.php* file. + - Cookie driver now respects php.ini's *session.gc_probability* and *session.gc_divisor* settings. + - Cookie driver now uses HMAC authentication instead of the simple md5 checksum. + - The Cookie driver now also checks authentication on encrypted session data. + - Changed the Cookie driver to select only one row when using database sessions. + - Cookie driver now only writes to database at end of request when using database. + - Cookie driver now uses PHP functions for faster array manipulation when using database. + - Added ``all_flashdata()`` method to session class. Returns an associative array of only flashdata. + - Added ``has_userdata()`` method to verify existence of userdata item. + - Added ``tempdata()``, ``set_tempdata()``, and ``unset_tempdata()`` methods for manipulating tempdata. + - ``keep_flashdata()`` now accepts an array of keys. + - :doc:`File Uploading Library <libraries/file_uploading>` changes include: - - Added **max_filename_increment** config setting. - - Added an **index** parameter to the ``data()`` method. - - Added the **min_width** and **min_height** options for images. - - Removed method ``clean_file_name()`` and its usage in favor of :doc:`Security Library <libraries/security>`'s ``sanitize_filename()``. + + - Added **max_filename_increment** config setting. + - Added an **index** parameter to the ``data()`` method. + - Added the **min_width** and **min_height** options for images. + - Removed method ``clean_file_name()`` and its usage in favor of :doc:`Security Library <libraries/security>`'s ``sanitize_filename()``. + - Added **file_ext_tolower** config setting. + - :doc:`Cart library <libraries/cart>` changes include: - - ``insert()`` now auto-increments quantity for an item when inserted twice instead of resetting it, this is the default behaviour of large e-commerce sites. - - *Product Name* strictness can be disabled by switching the ``$product_name_safe`` property to FALSE. - - Added method ``remove()`` to remove a cart item, updating with quantity of 0 seemed like a hack but has remained to retain compatibility. - - Added method ``get_item()`` to enable retrieving data for a single cart item. + + - ``insert()`` now auto-increments quantity for an item when inserted twice instead of resetting it, this is the default behaviour of large e-commerce sites. + - *Product Name* strictness can be disabled by switching the ``$product_name_safe`` property to FALSE. + - Added method ``remove()`` to remove a cart item, updating with quantity of 0 seemed like a hack but has remained to retain compatibility. + - Added method ``get_item()`` to enable retrieving data for a single cart item. + - Added unicode support for product names. + - :doc:`Image Manipulation library <libraries/image_lib>` changes include: - - The ``initialize()`` method now only sets existing class properties. - - Added support for 3-length hex color values for *wm_font_color* and *wm_shadow_color* properties, as well as validation for them. - - Class properties *wm_font_color*, *wm_shadow_color* and *wm_use_drop_shadow* are now protected, to avoid breaking the ``text_watermark()`` method if they are set manually after initialization. - - If property *maintain_ratio* is set to TRUE, ``image_reproportion()`` now doesn't need both width and height to be specified. - - Property *maintain_ratio* is now taken into account when resizing images using ImageMagick library. - - Added support for maintaining transparency for PNG images in method ``text_watermark()``. + + - The ``initialize()`` method now only sets existing class properties. + - Added support for 3-length hex color values for *wm_font_color* and *wm_shadow_color* properties, as well as validation for them. + - Class properties *wm_font_color*, *wm_shadow_color* and *wm_use_drop_shadow* are now protected, to avoid breaking the ``text_watermark()`` method if they are set manually after initialization. + - If property *maintain_ratio* is set to TRUE, ``image_reproportion()`` now doesn't need both width and height to be specified. + - Property *maintain_ratio* is now taken into account when resizing images using ImageMagick library. + - Added support for maintaining transparency for PNG images in method ``text_watermark()``. + - :doc:`Form Validation library <libraries/form_validation>` changes include: - - Added method ``error_array()`` to return all error messages as an array. - - Added method ``set_data()`` to set an alternative data array to be validated instead of the default ``$_POST``. - - Added method ``reset_validation()`` which resets internal validation variables in case of multiple validation routines. - - Added support for setting error delimiters in the config file via ``$config['error_prefix']`` and ``$config['error_suffix']``. - - Internal method ``_execute()`` now considers input data to be invalid if a specified rule is not found. - - Removed method ``is_numeric()`` as it exists as a native PHP function and ``_execute()`` will find and use that (the **is_numeric** rule itself is deprecated since 1.6.1). - - Native PHP functions used as rules can now accept an additional parameter, other than the data itself. - - Updated method ``set_rules()`` to accept an array of rules as well as a string. - - Fields that have empty rules set no longer run through validation (and therefore are not considered erroneous). - - Added rule **differs** to check if the value of a field differs from the value of another field. - - Added rule **valid_url**. - - Added support for named parameters in error messages. - - :doc:`Language <libraries/language>` line keys must now be prefixed with **form_validation_**. - - Added rule **alpha_numeric_spaces**. - - Added support for setting :doc:`Table <libraries/table>` class defaults in a config file. + + - Added method ``error_array()`` to return all error messages as an array. + - Added method ``set_data()`` to set an alternative data array to be validated instead of the default ``$_POST``. + - Added method ``reset_validation()`` which resets internal validation variables in case of multiple validation routines. + - Added support for setting error delimiters in the config file via ``$config['error_prefix']`` and ``$config['error_suffix']``. + - Internal method ``_execute()`` now considers input data to be invalid if a specified rule is not found. + - Removed method ``is_numeric()`` as it exists as a native PHP function and ``_execute()`` will find and use that (the **is_numeric** rule itself is deprecated since 1.6.1). + - Native PHP functions used as rules can now accept an additional parameter, other than the data itself. + - Updated method ``set_rules()`` to accept an array of rules as well as a string. + - Fields that have empty rules set no longer run through validation (and therefore are not considered erroneous). + - Added rule **differs** to check if the value of a field differs from the value of another field. + - Added rule **valid_url**. + - Added support for named parameters in error messages. + - :doc:`Language <libraries/language>` line keys must now be prefixed with **form_validation_**. + - Added rule **alpha_numeric_spaces**. + - :doc:`Caching Library <libraries/caching>` changes include: - - Added Wincache driver. - - Added Redis driver. - - Added a *key_prefix* option for cache IDs. + + - Added Wincache driver. + - Added Redis driver. + - Added a *key_prefix* option for cache IDs. + - :doc:`Email library <libraries/email>` changes include: - - Added custom filename to ``Email::attach()`` as ``$this->email->attach($filename, $disposition, $newname)``. - - Added possibility to send attachment as buffer string in ``Email::attach()`` as ``$this->email->attach($buffer, $disposition, $newname, $mime)``. - - Added dsn (delivery status notification) option. - - Renamed method _set_header() to set_header() and made it public to enable adding custom headers in the :doc:`Email Library <libraries/email>`. - - Successfully sent emails will automatically clear the parameters. - - Added a *return_path* parameter to the ``from()`` method. - - Removed the second parameter (character limit) from internal method ``_prep_quoted_printable()`` as it is never used. - - Internal method ``_prep_quoted_printable()`` will now utilize the native ``quoted_printable_encode()``, ``imap_8bit()`` functions (if available) when CRLF is set to "\r\n". - - Default charset now relies on the global ``$config['charset']`` setting. - - Removed unused protected method ``_get_ip()`` (:doc:`Input Library <libraries/input>`'s ``ip_address()`` should be used anyway). - - Internal method ``_prep_q_encoding()`` now utilizes PHP's *mbstring* and *iconv* extensions (when available) and no longer has a second (``$from``) argument. - - Added an optional parameter to ``print_debugger()`` to allow specifying which parts of the message should be printed ('headers', 'subject', 'body'). - - Added SMTP keepalive option to avoid opening the connection for each ``Email::send()``. Accessible as ``$smtp_keepalive``. + + - Added custom filename to ``Email::attach()`` as ``$this->email->attach($filename, $disposition, $newname)``. + - Added possibility to send attachment as buffer string in ``Email::attach()`` as ``$this->email->attach($buffer, $disposition, $newname, $mime)``. + - Added dsn (delivery status notification) option. + - Renamed method _set_header() to set_header() and made it public to enable adding custom headers in the :doc:`Email Library <libraries/email>`. + - Successfully sent emails will automatically clear the parameters. + - Added a *return_path* parameter to the ``from()`` method. + - Removed the second parameter (character limit) from internal method ``_prep_quoted_printable()`` as it is never used. + - Internal method ``_prep_quoted_printable()`` will now utilize the native ``quoted_printable_encode()``, ``imap_8bit()`` functions (if available) when CRLF is set to "\r\n". + - Default charset now relies on the global ``$config['charset']`` setting. + - Removed unused protected method ``_get_ip()`` (:doc:`Input Library <libraries/input>`'s ``ip_address()`` should be used anyway). + - Internal method ``_prep_q_encoding()`` now utilizes PHP's *mbstring* and *iconv* extensions (when available) and no longer has a second (``$from``) argument. + - Added an optional parameter to ``print_debugger()`` to allow specifying which parts of the message should be printed ('headers', 'subject', 'body'). + - Added SMTP keepalive option to avoid opening the connection for each ``Email::send()``. Accessible as ``$smtp_keepalive``. + - Public method ``set_header()`` now filters the input by removing all "\\r" and "\\n" characters. + - :doc:`Pagination Library <libraries/pagination>` changes include: - - Added support for the anchor "rel" attribute. - - Added support for setting custom attributes. - - Deprecated usage of the "anchor_class" setting (use the new "attributes" setting instead). - - Added $config['reuse_query_string'] to allow automatic repopulation of query string arguments, combined with normal URI segments. - - Removed the default `` `` from a number of the configuration variables. - - Added the ability to use a proxy with the :doc:`XML-RPC Library <libraries/xmlrpc>`. + + - Added support for the anchor "rel" attribute. + - Added support for setting custom attributes. + - Deprecated usage of the "anchor_class" setting (use the new "attributes" setting instead). + - Added $config['reuse_query_string'] to allow automatic repopulation of query string arguments, combined with normal URI segments. + - Removed the default `` `` from a number of the configuration variables. + - Added the ability to use a proxy with the :doc:`XML-RPC Library <libraries/xmlrpc>`. + - :doc:`Encryption Library <libraries/encryption>` changes include: - - Added support for hashing algorithms other than SHA1 and MD5. - - Removed previously deprecated ``sha1()`` method. + + - Added support for hashing algorithms other than SHA1 and MD5. + - Removed previously deprecated ``sha1()`` method. + - :doc:`Profiler Library <general/profiling>` changes include: - - Database object names are now being displayed. - - The sum of all queries running times in seconds is now being displayed. + + - Database object names are now being displayed. + - The sum of all queries running times in seconds is now being displayed. + - Added support for displaying the HTTP DNT ("Do Not Track") header. + - :doc:`Migration Library <libraries/migration>` changes include: - - Added support for timestamp-based migrations (enabled by default). - - Added ``$config['migration_type']`` to allow switching between *sequential* and *timestamp* migrations. + + - Added support for timestamp-based migrations (enabled by default). + - Added ``$config['migration_type']`` to allow switching between *sequential* and *timestamp* migrations. + - :doc:`User Agent Library <libraries/user_agent>` will now check if robots are pretending to be mobile clients (helps with e.g. Google indexing mobile website versions). + - Added support for setting :doc:`Table <libraries/table>` class defaults in a config file. - Core - :doc:`URI Library <libraries/uri>` changes include: - - Changed private methods to protected so that MY_URI can override them. - - Renamed internal method ``_parse_cli_args()`` to ``_parse_argv()``. - - Renamed internal method ``_detect_uri()`` to ``_parse_request_uri()``. - - Changed ``_parse_request_uri()`` to accept absolute URIs for compatibility with HTTP/1.1 as per `RFC2616 <http://www.ietf.org/rfc/rfc2616.txt>`. - - Added protected method ``_parse_query_string()`` to URI paths in the the **QUERY_STRING** value, like ``_parse_request_uri()`` does. - - Changed ``_fetch_uri_string()`` to try the **PATH_INFO** variable first when auto-detecting. - - Removed ``CI_CORE`` boolean constant from *CodeIgniter.php* (no longer Reactor and Core versions). + + - Changed private methods to protected so that MY_URI can override them. + - Renamed internal method ``_parse_cli_args()`` to ``_parse_argv()``. + - Renamed internal method ``_detect_uri()`` to ``_parse_request_uri()``. + - Changed ``_parse_request_uri()`` to accept absolute URIs for compatibility with HTTP/1.1 as per `RFC2616 <http://www.ietf.org/rfc/rfc2616.txt>`. + - Added protected method ``_parse_query_string()`` to URI paths in the the **QUERY_STRING** value, like ``_parse_request_uri()`` does. + - Changed ``_fetch_uri_string()`` to try the **PATH_INFO** variable first when auto-detecting. + - :doc:`Loader Library <libraries/loader>` changes include: - - Added method ``get_vars()`` to the Loader to retrieve all variables loaded with ``$this->load->vars()``. - - ``_ci_autoloader()`` is now a protected method. - - Added autoloading of drivers with ``$autoload['drivers']``. - - ``$config['rewrite_short_tags']`` now has no effect when using PHP 5.4 as ``<?=`` will always be available. - - Changed method ``config()`` to return whatever ``CI_Config::load()`` returns instead of always being void. - - Added support for model aliasing on autoload. + + - Added method ``get_vars()`` to the Loader to retrieve all variables loaded with ``$this->load->vars()``. + - ``_ci_autoloader()`` is now a protected method. + - Added autoloading of drivers with ``$autoload['drivers']``. + - ``$config['rewrite_short_tags']`` now has no effect when using PHP 5.4 as ``<?=`` will always be available. + - Changed method ``config()`` to return whatever ``CI_Config::load()`` returns instead of always being void. + - Added support for model aliasing on autoload. + - :doc:`Input Library <libraries/input>` changes include: - - Added ``method()`` to retrieve ``$_SERVER['REQUEST_METHOD']``. - - Added support for arrays and network addresses (e.g. 192.168.1.1/24) for use with the *proxy_ips* setting. - - Added method ``input_stream()`` to aid in using **php://input** stream data such as one passed via PUT, DELETE and PATCH requests. - - Changed method ``valid_ip()`` to use PHP's native ``filter_var()`` function. - - Changed internal method ``_sanitize_globals()`` to skip enforcing reversal of *register_globals* in PHP 5.4+, where this functionality no longer exists. - - Changed methods ``get()``, ``post()``, ``get_post()``, ``cookie()``, ``server()``, ``user_agent()`` to return NULL instead of FALSE when no value is found. - - Changed method ``_fetch_from_array()`` to parse array notation in field name. + + - Added ``method()`` to retrieve ``$_SERVER['REQUEST_METHOD']``. + - Added support for arrays and network addresses (e.g. 192.168.1.1/24) for use with the *proxy_ips* setting. + - Added method ``input_stream()`` to aid in using **php://input** stream data such as one passed via PUT, DELETE and PATCH requests. + - Changed method ``valid_ip()`` to use PHP's native ``filter_var()`` function. + - Changed internal method ``_sanitize_globals()`` to skip enforcing reversal of *register_globals* in PHP 5.4+, where this functionality no longer exists. + - Changed methods ``get()``, ``post()``, ``get_post()``, ``cookie()``, ``server()``, ``user_agent()`` to return NULL instead of FALSE when no value is found. + - Changed method ``_fetch_from_array()`` to parse array notation in field name. + - :doc:`Common functions <general/common_functions>` changes include: - - Added function :php:func:`get_mimes()` to return the *application/config/mimes.php* array. - - Added support for HTTP code 303 ("See Other") in :php:func:`set_status_header()`. - - Removed redundant conditional to determine HTTP server protocol in :php:func:`set_status_header()`. - - Changed ``_exception_handler()`` to respect php.ini *display_errors* setting. - - Added function :php:func:`is_https()` to check if a secure connection is used. - - Added function :php:func:`function_usable()` to check if a function exists and is not disabled by `Suhosin <http://www.hardened-php.net/suhosin/>`. - - Added support for HTTP-Only cookies with new config option *cookie_httponly* (default FALSE). - - Renamed method ``_call_hook()`` to ``call_hook()`` in the :doc:`Hooks Library <general/hooks>`. + + - Added function :php:func:`get_mimes()` to return the *application/config/mimes.php* array. + - Added support for HTTP code 303 ("See Other") in :php:func:`set_status_header()`. + - Removed redundant conditional to determine HTTP server protocol in :php:func:`set_status_header()`. + - Changed ``_exception_handler()`` to respect php.ini *display_errors* setting. + - Added function :php:func:`is_https()` to check if a secure connection is used. + - Added function :php:func:`function_usable()` to check if a function exists and is not disabled by `Suhosin <http://www.hardened-php.net/suhosin/>`. + - :doc:`Output Library <libraries/output>` changes include: - - Added a second argument to method ``set_content_type()`` that allows setting the document charset as well. - - Added methods ``get_content_type()`` and ``get_header()``. - - Added method ``delete_cache()``. - - ``$config['time_reference']`` now supports all timezone strings supported by PHP. + + - Added a second argument to method ``set_content_type()`` that allows setting the document charset as well. + - Added methods ``get_content_type()`` and ``get_header()``. + - Added method ``delete_cache()``. + - :doc:`Config Library <libraries/config>` changes include: - - Changed ``site_url()`` method to accept an array as well. - - Removed internal method ``_assign_to_config()`` and moved it's implementation in *CodeIgniter.php* instead. + + - Changed ``site_url()`` method to accept an array as well. + - Removed internal method ``_assign_to_config()`` and moved it's implementation in *CodeIgniter.php* instead. + - :doc:`Security Library <libraries/security>` changes include: - - Added method ``strip_image_tags()``. - - Added ``$config['csrf_regeneration']``, which makes token regeneration optional. - - Added ``$config['csrf_exclude_uris']``, which allows you list URIs which will not have the CSRF validation methods run. + + - Added method ``strip_image_tags()``. + - Added ``$config['csrf_regeneration']``, which makes token regeneration optional. + - Added ``$config['csrf_exclude_uris']``, which allows you list URIs which will not have the CSRF validation methods run. + - :doc:`URI Routing <general/routing>` changes include: - - Added possibility to route requests using callbacks. - - Added possibility to use dashes in the controller and method URI segments (translated to underscores). + + - Added possibility to route requests using callbacks. + - Added possibility to use dashes in the controller and method URI segments (translated to underscores). + - Deprecated methods ``fetch_directory()``, ``fetch_class()`` and ``fetch_method()`` in favor of their respective public properties. + - :doc:`Language Library <libraries/language>` changes include: - - Changed method ``load()`` to filter the language name with ``ctype_digit()``. - - Added an optional second parameter to method ``line()`` to disable error login for line keys that were not found. - - Language files are now loaded in a cascading style with the one in **system/** always loaded and overriden afterwards, if another one is found. + + - Changed method ``load()`` to filter the language name with ``ctype_digit()``. + - Added an optional second parameter to method ``line()`` to disable error login for line keys that were not found. + - Language files are now loaded in a cascading style with the one in **system/** always loaded and overriden afterwards, if another one is found. + + - Removed ``CI_CORE`` boolean constant from *CodeIgniter.php* (no longer Reactor and Core versions). - Log Library will now try to create the **log_path** directory if it doesn't exist. + - Added support for HTTP-Only cookies with new config option *cookie_httponly* (default FALSE). + - Renamed method ``_call_hook()`` to ``call_hook()`` in the :doc:`Hooks Library <general/hooks>`. + - ``$config['time_reference']`` now supports all timezone strings supported by PHP. + Bug fixes for 3.0 ------------------ @@ -488,9 +577,31 @@ Bug fixes for 3.0 - Fixed a bug (#2255) - :doc:`Email Library <libraries/email>` didn't apply ``smtp_timeout`` to socket reads and writes. - Fixed a bug (#2239) - :doc:`Email Library <libraries/email>` improperly handled the Subject when used with ``bcc_batch_mode`` resulting in E_WARNING messages and an empty Subject. - Fixed a bug (#2234) - :doc:`Query Builder <database/query_builder>` didn't reset JOIN cache for write-type queries. -- Fixed a bug (#2298) - :doc:`Database Results <database/results>` method `next_row()` kept returning the last row, allowing for infinite loops. +- Fixed a bug (#2298) - :doc:`Database Results <database/results>` method ``next_row()`` kept returning the last row, allowing for infinite loops. - Fixed a bug (#2236) - :doc:`Form Helper <helpers/form_helper>` function ``set_value()`` didn't parse array notation for keys if the rule was not present in the :doc:`Form Validation Library <libraries/form_validation>`. - Fixed a bug (#2353) - :doc:`Query Builder <database/query_builder>` erroneously prefixed literal strings with **dbprefix**. +- Fixed a bug (#78) - :doc:`Cart Library <libraries/cart>` didn't allow non-English letters in product names. +- Fixed a bug (#77) - :doc:`Database Class <database/index>` didn't properly handle the transaction "test mode" flag. +- Fixed a bug (#2380) - :doc:`URI Routing <general/routing>` method ``fetch_method()`` returned 'index' if the requested method name matches its controller name. +- Fixed a bug (#2388) - :doc:`Email Library <libraries/email>` used to ignore attachment errors, resulting in broken emails being sent. +- Fixed a bug (#2498) - :doc:`Form Validation Library <libraries/form_validation>` rule **valid_base64** only checked characters instead of actual validity. + +Version 2.1.4 +============= + +Release Date: July 8, 2013 + +- General Changes + + - Improved security in ``xss_clean()``. + +Bug fixes for 2.1.4 +------------------- + +- Fixed a bug (#1936) - :doc:`Migration Library <libraries/migration>` method ``latest()`` had a typo when retrieving language values. +- Fixed a bug (#2021) - :doc:`Migration Library <libraries/migration>` configuration file was mistakenly using Windows style line feeds. +- Fixed a bug (#1273) - ``E_NOTICE`` being generated by :doc:`Query Builder <database/query_builder>`'s ``set_update_batch()`` method. +- Fixed a bug (#2337) - :doc:`Email Library <libraries/email>` method ``print_debugger()`` didn't apply ``htmlspecialchars()`` to headers. Version 2.1.3 ============= @@ -498,6 +609,7 @@ Version 2.1.3 Release Date: October 8, 2012 - Core + - :doc:`Common function <general/common_functions>` ``is_loaded()`` now returns a reference. Bug fixes for 2.1.3 @@ -521,6 +633,7 @@ Version 2.1.2 Release Date: June 29, 2012 - General Changes + - Improved security in ``xss_clean()``. Version 2.1.1 @@ -529,14 +642,17 @@ Version 2.1.1 Release Date: June 12, 2012 - General Changes + - Fixed support for docx, xlsx files in mimes.php. - Libraries + - Further improved MIME type detection in the :doc:`File Uploading Library <libraries/file_uploading>`. - Added support for IPv6 to the :doc:`Input Library <libraries/input>`. - Added support for the IP format parameter to the :doc:`Form Validation Library <libraries/form_validation>`. - Helpers + - ``url_title()`` performance and output improved. You can now use any string as the word delimiter, but 'dash' and 'underscore' are still supported. Bug fixes for 2.1.1 @@ -592,7 +708,7 @@ Release Date: November 14, 2011 - Libraries - - Changed $this->cart->insert() in the :doc:`Cart + - Changed ``$this->cart->insert()`` in the :doc:`Cart Library <libraries/cart>` to return the Row ID if a single item was inserted successfully. - Added support to set an optional parameter in your callback rules @@ -602,8 +718,7 @@ Release Date: November 14, 2011 incremental updates to your database schema. - Driver children can be located in any package path. - Added max_filename_increment config setting for Upload library. - - Added is_unique to the :doc:`Form Validation - library <libraries/form_validation>`. + - Added ``is_unique`` to the :doc:`Form Validation library <libraries/form_validation>`. - Added $config['use_page_numbers'] to the :doc:`Pagination library <libraries/pagination>`, which enables real page numbers in the URI. - Added TLS and SSL Encryption for SMTP. @@ -1983,9 +2098,8 @@ Release Date: January 30, 2008 for the community to use in writing their own documentation. - Added titles to all user manual pages. - Added attributes into <html> of userguide for valid html. - - Added `Zip Encoding - Class <http://codeigniter.com/user_guide/libraries/zip>`_ to - the table of contents of the userguide. + - Added :doc:`Zip Encoding Class <libraries/zip>` + to the table of contents of the userguide. - Moved part of the userguide menu javascript to an external file. - Documented distinct() in :doc:`Active Record <./database/query_builder>`. diff --git a/user_guide_src/source/general/common_functions.rst b/user_guide_src/source/general/common_functions.rst index 79bd9b459..a133fdc6d 100644 --- a/user_guide_src/source/general/common_functions.rst +++ b/user_guide_src/source/general/common_functions.rst @@ -100,11 +100,11 @@ please see the :doc:`Error Handling <errors>` documentation. log_message() ============= -.. php:function:: log_message($level = 'error', $message, $php_error = FALSE) +.. php:function:: log_message($level, $message, $php_error = FALSE) - :param string $level: Log level + :param string $level: Log level: 'error', 'debug' or 'info' :param string $message: Message to log - :param bool $php_error: Whether we're loggin a native PHP error message + :param bool $php_error: Whether we're logging a native PHP error message :returns: void This function is an alias for ``CI_Log::write_log()``. For more info, diff --git a/user_guide_src/source/general/controllers.rst b/user_guide_src/source/general/controllers.rst index 8cfb012a0..04f23276d 100644 --- a/user_guide_src/source/general/controllers.rst +++ b/user_guide_src/source/general/controllers.rst @@ -214,7 +214,9 @@ Here is an example:: echo $output; } -.. note:: Please note that your ``_output()`` method will receive the +.. note:: + + Please note that your ``_output()`` method will receive the data in its finalized state. Benchmark and memory usage data will be rendered, cache files written (if you have caching enabled), and headers will be sent (if you use that diff --git a/user_guide_src/source/general/errors.rst b/user_guide_src/source/general/errors.rst index a247c1b9f..f12d992f8 100644 --- a/user_guide_src/source/general/errors.rst +++ b/user_guide_src/source/general/errors.rst @@ -77,11 +77,11 @@ optional second parameter to FALSE will skip logging. log_message() ============= -.. php:function:: log_message($level = 'error', $message, $php_error = FALSE) +.. php:function:: log_message($level, $message, $php_error = FALSE) - :param string $level: Log level + :param string $level: Log level: 'error', 'debug' or 'info' :param string $message: Message to log - :param bool $php_error: Whether we're loggin a native PHP error message + :param bool $php_error: Whether we're logging a native PHP error message :returns: void This function lets you write messages to your log files. You must supply diff --git a/user_guide_src/source/general/security.rst b/user_guide_src/source/general/security.rst index 984ca840b..3f93443bb 100644 --- a/user_guide_src/source/general/security.rst +++ b/user_guide_src/source/general/security.rst @@ -15,11 +15,12 @@ the following: - Alpha-numeric text (latin characters only) - Tilde: ~ +- Percent sign: % - Period: . - Colon: : - Underscore: \_ - Dash: - -- Pipe: | +- Space Register_globals ================= diff --git a/user_guide_src/source/helpers/captcha_helper.rst b/user_guide_src/source/helpers/captcha_helper.rst index 17462a8de..ca24e011f 100644 --- a/user_guide_src/source/helpers/captcha_helper.rst +++ b/user_guide_src/source/helpers/captcha_helper.rst @@ -62,7 +62,9 @@ Once loaded you can generate a captcha like this:: 'font_path' => './path/to/fonts/texb.ttf', 'img_width' => '150', 'img_height' => 30, - 'expiration' => 7200 + 'expiration' => 7200, + 'word_length' => 8, + 'pool' => '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ' ); $cap = create_captcha($vals); @@ -79,6 +81,7 @@ Once loaded you can generate a captcha like this:: - The **expiration** (in seconds) signifies how long an image will remain in the captcha folder before it will be deleted. The default is two hours. +- **word_length** defaults to 8, **pool** defaults to '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ' Adding a Database ----------------- diff --git a/user_guide_src/source/helpers/date_helper.rst b/user_guide_src/source/helpers/date_helper.rst index 3a3454edc..5dfee8b48 100644 --- a/user_guide_src/source/helpers/date_helper.rst +++ b/user_guide_src/source/helpers/date_helper.rst @@ -414,9 +414,9 @@ Note some of the location lists have been abridged for clarity and formatting. =========== ===================================================================== Time Zone Location =========== ===================================================================== -UM2 (UTC - 12:00) Baker/Howland Island -UM1 (UTC - 11:00) Samoa Time Zone, Niue -UM0 (UTC - 10:00) Hawaii-Aleutian Standard Time, Cook Islands +UM12 (UTC - 12:00) Baker/Howland Island +UM11 (UTC - 11:00) Samoa Time Zone, Niue +UM10 (UTC - 10:00) Hawaii-Aleutian Standard Time, Cook Islands UM95 (UTC - 09:30) Marquesas Islands UM9 (UTC - 09:00) Alaska Standard Time, Gambier Islands UM8 (UTC - 08:00) Pacific Standard Time, Clipperton Island @@ -428,7 +428,7 @@ UM4 (UTC - 04:00) Atlantic Standard Time, Eastern Caribbean UM35 (UTC - 03:30) Newfoundland Standard Time UM3 (UTC - 03:00) Argentina, Brazil, French Guiana, Uruguay UM2 (UTC - 02:00) South Georgia/South Sandwich Islands -UM (UTC -1:00) Azores, Cape Verde Islands +UM1 (UTC -1:00) Azores, Cape Verde Islands UTC (UTC) Greenwich Mean Time, Western European Time UP1 (UTC +1:00) Central European Time, West Africa Time UP2 (UTC +2:00) Central Africa Time, Eastern European Time @@ -452,6 +452,6 @@ UP11 (UTC +11:00) Magadan Time, Solomon Islands, Vanuatu UP115 (UTC +11:30) Norfolk Island UP12 (UTC +12:00) Fiji, Gilbert Islands, Kamchatka, New Zealand UP1275 (UTC +12:45) Chatham Islands Standard Time -UP1 (UTC +13:00) Phoenix Islands Time, Tonga +UP13 (UTC +13:00) Phoenix Islands Time, Tonga UP14 (UTC +14:00) Line Islands =========== =====================================================================
\ No newline at end of file diff --git a/user_guide_src/source/helpers/smiley_helper.rst b/user_guide_src/source/helpers/smiley_helper.rst index 13841e8bd..7069b465e 100644 --- a/user_guide_src/source/helpers/smiley_helper.rst +++ b/user_guide_src/source/helpers/smiley_helper.rst @@ -35,7 +35,7 @@ download and install the smiley images, then create a controller and the View as described. .. important:: Before you begin, please `download the smiley images - <http://codeigniter.com/download_files/smileys.zip>`_ + <http://ellislab.com/asset/ci_download_files/smileys.zip>`_ and put them in a publicly accessible place on your server. This helper also assumes you have the smiley replacement array located at `application/config/smileys.php` diff --git a/user_guide_src/source/installation/downloads.rst b/user_guide_src/source/installation/downloads.rst index 45a8f80a7..8d47ba3a5 100644 --- a/user_guide_src/source/installation/downloads.rst +++ b/user_guide_src/source/installation/downloads.rst @@ -2,62 +2,36 @@ Downloading CodeIgniter ####################### -- `CodeIgniter V 3.0.0 (Current - version) <http://codeigniter.com/downloads/>`_ -- `CodeIgniter V - 2.1.2 <http://codeigniter.com/download_files/reactor/CodeIgniter_2.1.2.zip>`_ -- `CodeIgniter V - 2.1.1 <http://codeigniter.com/download_files/reactor/CodeIgniter_2.1.1.zip>`_ -- `CodeIgniter V - 2.1.0 <http://codeigniter.com/download_files/reactor/CodeIgniter_2.1.0.zip>`_ -- `CodeIgniter V - 2.0.3 <http://codeigniter.com/download_files/reactor/CodeIgniter_2.0.3.zip>`_ -- `CodeIgniter V - 2.0.2 <http://codeigniter.com/download_files/reactor/CodeIgniter_2.0.2.zip>`_ -- `CodeIgniter V - 2.0.1 <http://codeigniter.com/download_files/reactor/CodeIgniter_2.0.1.zip>`_ -- `CodeIgniter V - 2.0.0 <http://codeigniter.com/download_files/reactor/CodeIgniter_2.0.0.zip>`_ -- `CodeIgniter V - 1.7.3 <http://codeigniter.com/download_files/CodeIgniter_1.7.3.zip>`_ -- `CodeIgniter V - 1.7.2 <http://codeigniter.com/download_files/CodeIgniter_1.7.2.zip>`_ -- `CodeIgniter V - 1.7.1 <http://codeigniter.com/download_files/CodeIgniter_1.7.1.zip>`_ -- `CodeIgniter V - 1.7.0 <http://codeigniter.com/download_files/CodeIgniter_1.7.0.zip>`_ -- `CodeIgniter V - 1.6.3 <http://codeigniter.com/download_files/CodeIgniter_1.6.3.zip>`_ -- `CodeIgniter V - 1.6.2 <http://codeigniter.com/download_files/CodeIgniter_1.6.2.zip>`_ -- `CodeIgniter V - 1.6.1 <http://codeigniter.com/download_files/CodeIgniter_1.6.1.zip>`_ -- `CodeIgniter V - 1.6.0 <http://codeigniter.com/download_files/CodeIgniter_1.6.0.zip>`_ -- `CodeIgniter V - 1.5.4 <http://codeigniter.com/download_files/CodeIgniter_1.5.4.zip>`_ -- `CodeIgniter V - 1.5.3 <http://codeigniter.com/download_files/CodeIgniter_1.5.3.zip>`_ -- `CodeIgniter V - 1.5.2 <http://codeigniter.com/download_files/CodeIgniter_1.5.2.zip>`_ -- `CodeIgniter V - 1.5.1 <http://codeigniter.com/download_files/CodeIgniter_1.5.1.zip>`_ -- `CodeIgniter V - 1.4.1 <http://codeigniter.com/download_files/CodeIgniter_1.4.1.zip>`_ -- `CodeIgniter V - 1.3.3 <http://codeigniter.com/download_files/CodeIgniter_1.3.3.zip>`_ -- `CodeIgniter V - 1.3.2 <http://codeigniter.com/download_files/CodeIgniter_1.3.2.zip>`_ -- `CodeIgniter V - 1.3.1 <http://codeigniter.com/download_files/CodeIgniter_1.3.1.zip>`_ -- `CodeIgniter V - 1.3 <http://codeigniter.com/download_files/CodeIgniter_1.3.zip>`_ -- `CodeIgniter V - 1.2 <http://codeigniter.com/download_files/CodeIgniter_1.2.zip>`_ -- `CodeIgniter V - 1.1 <http://codeigniter.com/download_files/CodeIgniter_1.1b.zip>`_ -- `CodeIgniter V - 1.0 <http://codeigniter.com/download_files/CodeIgniter_1.0b.zip>`_ +- `CodeIgniter v3.0.0 (Current version) <http://ellislab.com/codeigniter/download>`_ +- `CodeIgniter v2.1.4 <http://ellislab.com/asset/ci_download_files/CodeIgniter_2.1.4.zip>`_ +- `CodeIgniter v2.1.3 <http://ellislab.com/asset/ci_download_files/CodeIgniter_2.1.3.zip>`_ +- `CodeIgniter v2.1.2 <http://ellislab.com/asset/ci_download_files/CodeIgniter_2.1.2.zip>`_ +- `CodeIgniter v2.1.1 <http://ellislab.com/asset/ci_download_files/CodeIgniter_2.1.1.zip>`_ +- `CodeIgniter v2.1.0 <http://ellislab.com/asset/ci_download_files/CodeIgniter_2.1.0.zip>`_ +- `CodeIgniter v2.0.3 <http://ellislab.com/asset/ci_download_files/CodeIgniter_2.0.3.zip>`_ +- `CodeIgniter v2.0.2 <http://ellislab.com/asset/ci_download_files/CodeIgniter_2.0.2.zip>`_ +- `CodeIgniter v2.0.1 <http://ellislab.com/asset/ci_download_files/CodeIgniter_2.0.1.zip>`_ +- `CodeIgniter v2.0.0 <http://ellislab.com/asset/ci_download_files/CodeIgniter_2.0.0.zip>`_ +- `CodeIgniter v1.7.3 <http://ellislab.com/asset/ci_download_files/CodeIgniter_1.7.3.zip>`_ +- `CodeIgniter v1.7.2 <http://ellislab.com/asset/ci_download_files/CodeIgniter_1.7.2.zip>`_ +- `CodeIgniter v1.7.1 <http://ellislab.com/asset/ci_download_files/CodeIgniter_1.7.1.zip>`_ +- `CodeIgniter v1.7.0 <http://ellislab.com/asset/ci_download_files/CodeIgniter_1.7.0.zip>`_ +- `CodeIgniter v1.6.3 <http://ellislab.com/asset/ci_download_files/CodeIgniter_1.6.3.zip>`_ +- `CodeIgniter v1.6.2 <http://ellislab.com/asset/ci_download_files/CodeIgniter_1.6.2.zip>`_ +- `CodeIgniter v1.6.1 <http://ellislab.com/asset/ci_download_files/CodeIgniter_1.6.1.zip>`_ +- `CodeIgniter v1.6.0 <http://ellislab.com/asset/ci_download_files/CodeIgniter_1.6.0.zip>`_ +- `CodeIgniter v1.5.4 <http://ellislab.com/asset/ci_download_files/CodeIgniter_1.5.4.zip>`_ +- `CodeIgniter v1.5.3 <http://ellislab.com/asset/ci_download_files/CodeIgniter_1.5.3.zip>`_ +- `CodeIgniter v1.5.2 <http://ellislab.com/asset/ci_download_files/CodeIgniter_1.5.2.zip>`_ +- `CodeIgniter v1.5.1 <http://ellislab.com/asset/ci_download_files/CodeIgniter_1.5.1.zip>`_ +- `CodeIgniter v1.4.1 <http://ellislab.com/asset/ci_download_files/CodeIgniter_1.4.1.zip>`_ +- `CodeIgniter v1.3.3 <http://ellislab.com/asset/ci_download_files/CodeIgniter_1.3.3.zip>`_ +- `CodeIgniter v1.3.2 <http://ellislab.com/asset/ci_download_files/CodeIgniter_1.3.2.zip>`_ +- `CodeIgniter v1.3.1 <http://ellislab.com/asset/ci_download_files/CodeIgniter_1.3.1.zip>`_ +- `CodeIgniter v1.3 <http://ellislab.com/asset/ci_download_files/CodeIgniter_1.3.zip>`_ +- `CodeIgniter v1.2 <http://ellislab.com/asset/ci_download_files/CodeIgniter_1.2.zip>`_ +- `CodeIgniter v1.1 <http://ellislab.com/asset/ci_download_files/CodeIgniter_1.1b.zip>`_ +- `CodeIgniter v1.0 <http://ellislab.com/asset/ci_download_files/CodeIgniter_1.0b.zip>`_ ****** @@ -71,5 +45,4 @@ Please note that while every effort is made to keep this code base functional, we cannot guarantee the functionality of code taken from the develop branch. -Beginning with version 2.0.3, stable tags are also available via GitHub, -simply select the version from the Tags dropdown.
\ No newline at end of file +Beginning with version 2.0.3, stable versions are also available via `GitHub Releases <https://github.com/EllisLab/CodeIgniter/releases>`_.
\ No newline at end of file diff --git a/user_guide_src/source/installation/upgrade_214.rst b/user_guide_src/source/installation/upgrade_214.rst new file mode 100644 index 000000000..ba57e5976 --- /dev/null +++ b/user_guide_src/source/installation/upgrade_214.rst @@ -0,0 +1,14 @@ +############################# +Upgrading from 2.1.3 to 2.1.4 +############################# + +Before performing an update you should take your site offline by +replacing the index.php file with a static one. + +Step 1: Update your CodeIgniter files +===================================== + +Replace all files and directories in your "system" folder. + +.. note:: If you have any custom developed files in these folders please + make copies of them first.
\ No newline at end of file diff --git a/user_guide_src/source/installation/upgrade_300.rst b/user_guide_src/source/installation/upgrade_300.rst index 02841ab6e..b396d9acb 100644 --- a/user_guide_src/source/installation/upgrade_300.rst +++ b/user_guide_src/source/installation/upgrade_300.rst @@ -1,5 +1,5 @@ ############################# -Upgrading from 2.1.3 to 3.0.0 +Upgrading from 2.1.4 to 3.0.0 ############################# .. note:: These upgrade notes are for a version that is yet to be released. @@ -383,4 +383,22 @@ You should now put AFTER clause field names in the field definition array instea sooner rather than later. .. note:: This is for MySQL and CUBRID databases only! Other drivers don't support this - clause and will silently ignore it.
\ No newline at end of file + clause and will silently ignore it. + +URI Routing methods fetch_directory(), fetch_class(), fetch_method() +==================================================================== + +With properties ``CI_Router::$directory``, ``CI_Router::$class`` and ``CI_Router::$method`` +being public and their respective ``fetch_*()`` no longer doing anything else to just return +the properties - it doesn't make sense to keep them. + +Those are all internal, undocumented methods, but we've opted to deprecate them for now +in order to maintain backwards-compatibility just in case. If some of you have utilized them, +then you can now just access the properties instead:: + + $this->router->directory; + $this->router->class; + $this->router->method; + +.. note:: Those methods are still available, but you're strongly encouraged to remove their usage + sooner rather than later.
\ No newline at end of file diff --git a/user_guide_src/source/installation/upgrading.rst b/user_guide_src/source/installation/upgrading.rst index 4f276207c..6d2e788dd 100644 --- a/user_guide_src/source/installation/upgrading.rst +++ b/user_guide_src/source/installation/upgrading.rst @@ -5,7 +5,8 @@ Upgrading From a Previous Version Please read the upgrade notes corresponding to the version you are upgrading from. -- :doc:`Upgrading from 2.1.3 to 3.0.0 <upgrade_300>` +- :doc:`Upgrading from 2.1.4 to 3.0.0 <upgrade_300>` +- :doc:`Upgrading from 2.1.3 to 2.1.4 <upgrade_214>` - :doc:`Upgrading from 2.1.2 to 2.1.3 <upgrade_213>` - :doc:`Upgrading from 2.1.1 to 2.1.2 <upgrade_212>` - :doc:`Upgrading from 2.1.0 to 2.1.1 <upgrade_211>` diff --git a/user_guide_src/source/libraries/file_uploading.rst b/user_guide_src/source/libraries/file_uploading.rst index c7965ae11..a92d3af34 100644 --- a/user_guide_src/source/libraries/file_uploading.rst +++ b/user_guide_src/source/libraries/file_uploading.rst @@ -198,6 +198,7 @@ Preference Default Value Options Descripti **file_name** None Desired file name If set CodeIgniter will rename the uploaded file to this name. The extension provided in the file name must also be an allowed file type. If no extension is provided in the original file_name will be used. +**file_ext_tolower** FALSE TRUE/FALSE (boolean) If set to TRUE, the file extension will be forced to lower case **overwrite** FALSE TRUE/FALSE (boolean) If set to true, if a file with the same name as the one you are uploading exists, it will be overwritten. If set to false, a number will be appended to the filename if another with the same name exists. diff --git a/user_guide_src/source/libraries/xmlrpc.rst b/user_guide_src/source/libraries/xmlrpc.rst index b478a2ded..a43c48837 100644 --- a/user_guide_src/source/libraries/xmlrpc.rst +++ b/user_guide_src/source/libraries/xmlrpc.rst @@ -423,7 +423,7 @@ the Server. $parameters = $request->output_parameters(); $name = $parameters[0]['name']; $size = $parameters[1]['size']; - $size = $parameters[1]['shape']; + $shape = $parameters[1]['shape']; ************************** XML-RPC Function Reference |