diff options
| -rw-r--r-- | application/config/routes.php | 2 | ||||
| -rwxr-xr-x | system/core/Security.php | 4 | ||||
| -rw-r--r-- | system/database/DB_result.php | 13 | ||||
| -rw-r--r-- | user_guide_src/source/changelog.rst | 5 | ||||
| -rw-r--r-- | user_guide_src/source/database/results.rst | 20 |
5 files changed, 40 insertions, 4 deletions
diff --git a/application/config/routes.php b/application/config/routes.php index 474bda969..001198615 100644 --- a/application/config/routes.php +++ b/application/config/routes.php @@ -64,7 +64,7 @@ | */ -$route['default_controller'] = "welcome"; +$route['default_controller'] = 'welcome'; $route['404_override'] = ''; /* End of file routes.php */ diff --git a/system/core/Security.php b/system/core/Security.php index 81b6602ae..f953011eb 100755 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -831,7 +831,7 @@ class CI_Security { // each page load since a page could contain embedded // sub-pages causing this feature to fail if (isset($_COOKIE[$this->_csrf_cookie_name]) && - $_COOKIE[$this->_csrf_cookie_name] != '') + preg_match('#^[0-9a-f]{32}$#iS', $_COOKIE[$this->_csrf_cookie_name]) === 1) { return $this->_csrf_hash = $_COOKIE[$this->_csrf_cookie_name]; } @@ -846,4 +846,4 @@ class CI_Security { } /* End of file Security.php */ -/* Location: ./system/core/Security.php */
\ No newline at end of file +/* Location: ./system/core/Security.php */ diff --git a/system/database/DB_result.php b/system/database/DB_result.php index 196febe2c..25b4fb911 100644 --- a/system/database/DB_result.php +++ b/system/database/DB_result.php @@ -371,6 +371,19 @@ class CI_DB_result { // -------------------------------------------------------------------- /** + * Returns an unbuffered row and move pointer to next row + * + * @return mixed either a result object or array + */ + public function unbuffered_row($type = 'object') + { + return ($type !== 'array') ? $this->_fetch_object() : $this->_fetch_assoc(); + + } + + // -------------------------------------------------------------------- + + /** * The following functions are normally overloaded by the identically named * methods in the platform-specific driver -- except when query caching * is used. When caching is enabled we do not load the other driver. diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index 933743c38..1ae3e5ea4 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -103,6 +103,7 @@ Release Date: Not Released - Added PDO support for create_database(), drop_database and drop_table() in :doc:`Database Forge <database/forge>`. - Added MSSQL, SQLSRV support for optimize_table() in :doc:`Database Utility <database/utilities>`. - Improved CUBRID support for list_databases() in :doc:`Database Utility <database/utilities>` (until now only the currently used database was returned). + - Added unbuffered_row() function for getting a row without prefetching whole result (consume less memory) - Libraries @@ -242,7 +243,9 @@ Bug fixes for 2.1.1 - Fixed a bug - form_open() compared $action against site_url() instead of base_url(). - Fixed a bug - CI_Upload::_file_mime_type() could've failed if mime_content_type() is used for the detection and returns FALSE. - Fixed a bug (#538) - Windows paths were ignored when using the :doc:`Image Manipulation Library <libraries/image_lib>` to create a new file. -- Fixed a bug - When database caching was enabled, $this->db->query() checked the cache before binding variables which resulted in cached queries never being found +- Fixed a bug - When database caching was enabled, $this->db->query() checked the cache before binding variables which resulted in cached queries never being found. +- Fixed a bug - CSRF cookie value was allowed to be any (non-empty) string before being written to the output, making code injection a risk. +- Fixed a bug (#726) - PDO put a 'dbname' argument in it's connection string regardless of the database platform in use, which made it impossible to use SQLite. Version 2.1.0 ============= diff --git a/user_guide_src/source/database/results.rst b/user_guide_src/source/database/results.rst index 865345762..ac4fc3733 100644 --- a/user_guide_src/source/database/results.rst +++ b/user_guide_src/source/database/results.rst @@ -136,6 +136,26 @@ parameter: | **$row = $query->next_row('array')** | **$row = $query->previous_row('array')** +.. note:: all the functions above will load the whole result into memory (prefetching) use unbuffered_row() for processing large result sets. + +unbuffered_row($type) +===== + +This function returns a single result row without prefetching the whole result in memory as row() does. +If your query has more than one row, it returns the current row and moves the internal data pointer ahead. +The result is returned as $type could be 'object' (default) or 'array' that will return an associative array. + + + + $query = $this->db->query("YOUR QUERY"); + + while ($row = $query->unbuffered_row()) + { + echo $row->title; + echo $row->name; + echo $row->body; + } + *********************** Result Helper Functions *********************** |