summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--application/config/routes.php2
-rwxr-xr-xsystem/core/Security.php4
-rw-r--r--system/database/DB_result.php13
-rw-r--r--user_guide_src/source/changelog.rst5
-rw-r--r--user_guide_src/source/database/results.rst20
5 files changed, 40 insertions, 4 deletions
diff --git a/application/config/routes.php b/application/config/routes.php
index 474bda969..001198615 100644
--- a/application/config/routes.php
+++ b/application/config/routes.php
@@ -64,7 +64,7 @@
|
*/
-$route['default_controller'] = "welcome";
+$route['default_controller'] = 'welcome';
$route['404_override'] = '';
/* End of file routes.php */
diff --git a/system/core/Security.php b/system/core/Security.php
index 81b6602ae..f953011eb 100755
--- a/system/core/Security.php
+++ b/system/core/Security.php
@@ -831,7 +831,7 @@ class CI_Security {
// each page load since a page could contain embedded
// sub-pages causing this feature to fail
if (isset($_COOKIE[$this->_csrf_cookie_name]) &&
- $_COOKIE[$this->_csrf_cookie_name] != '')
+ preg_match('#^[0-9a-f]{32}$#iS', $_COOKIE[$this->_csrf_cookie_name]) === 1)
{
return $this->_csrf_hash = $_COOKIE[$this->_csrf_cookie_name];
}
@@ -846,4 +846,4 @@ class CI_Security {
}
/* End of file Security.php */
-/* Location: ./system/core/Security.php */ \ No newline at end of file
+/* Location: ./system/core/Security.php */
diff --git a/system/database/DB_result.php b/system/database/DB_result.php
index 196febe2c..25b4fb911 100644
--- a/system/database/DB_result.php
+++ b/system/database/DB_result.php
@@ -371,6 +371,19 @@ class CI_DB_result {
// --------------------------------------------------------------------
/**
+ * Returns an unbuffered row and move pointer to next row
+ *
+ * @return mixed either a result object or array
+ */
+ public function unbuffered_row($type = 'object')
+ {
+ return ($type !== 'array') ? $this->_fetch_object() : $this->_fetch_assoc();
+
+ }
+
+ // --------------------------------------------------------------------
+
+ /**
* The following functions are normally overloaded by the identically named
* methods in the platform-specific driver -- except when query caching
* is used. When caching is enabled we do not load the other driver.
diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst
index f9979e37b..b28d4e543 100644
--- a/user_guide_src/source/changelog.rst
+++ b/user_guide_src/source/changelog.rst
@@ -103,6 +103,7 @@ Release Date: Not Released
- Added PDO support for create_database(), drop_database and drop_table() in :doc:`Database Forge <database/forge>`.
- Added MSSQL, SQLSRV support for optimize_table() in :doc:`Database Utility <database/utilities>`.
- Improved CUBRID support for list_databases() in :doc:`Database Utility <database/utilities>` (until now only the currently used database was returned).
+ - Added unbuffered_row() function for getting a row without prefetching whole result (consume less memory)
- Libraries
@@ -242,7 +243,9 @@ Bug fixes for 2.1.1
- Fixed a bug - form_open() compared $action against site_url() instead of base_url().
- Fixed a bug - CI_Upload::_file_mime_type() could've failed if mime_content_type() is used for the detection and returns FALSE.
- Fixed a bug (#538) - Windows paths were ignored when using the :doc:`Image Manipulation Library <libraries/image_lib>` to create a new file.
-- Fixed a bug - When database caching was enabled, $this->db->query() checked the cache before binding variables which resulted in cached queries never being found
+- Fixed a bug - When database caching was enabled, $this->db->query() checked the cache before binding variables which resulted in cached queries never being found.
+- Fixed a bug - CSRF cookie value was allowed to be any (non-empty) string before being written to the output, making code injection a risk.
+- Fixed a bug (#726) - PDO put a 'dbname' argument in it's connection string regardless of the database platform in use, which made it impossible to use SQLite.
Version 2.1.0
=============
diff --git a/user_guide_src/source/database/results.rst b/user_guide_src/source/database/results.rst
index 865345762..ac4fc3733 100644
--- a/user_guide_src/source/database/results.rst
+++ b/user_guide_src/source/database/results.rst
@@ -136,6 +136,26 @@ parameter:
| **$row = $query->next_row('array')**
| **$row = $query->previous_row('array')**
+.. note:: all the functions above will load the whole result into memory (prefetching) use unbuffered_row() for processing large result sets.
+
+unbuffered_row($type)
+=====
+
+This function returns a single result row without prefetching the whole result in memory as row() does.
+If your query has more than one row, it returns the current row and moves the internal data pointer ahead.
+The result is returned as $type could be 'object' (default) or 'array' that will return an associative array.
+
+
+
+ $query = $this->db->query("YOUR QUERY");
+
+ while ($row = $query->unbuffered_row())
+ {
+ echo $row->title;
+ echo $row->name;
+ echo $row->body;
+ }
+
***********************
Result Helper Functions
***********************