diff options
68 files changed, 1202 insertions, 859 deletions
diff --git a/application/config/config.php b/application/config/config.php index 7da889f81..726e3a71c 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -359,6 +359,18 @@ $config['compress_output'] = FALSE; /* |-------------------------------------------------------------------------- +| Minify +|-------------------------------------------------------------------------- +| +| Removes extra characters (usually unnecessary spaces) from your +| output for faster page load speeds. Makes your outputted HTML source +| code less readable. +| +*/ +$config['minify_output'] = FALSE; + +/* +|-------------------------------------------------------------------------- | Master Time Reference |-------------------------------------------------------------------------- | @@ -398,5 +410,6 @@ $config['rewrite_short_tags'] = FALSE; $config['proxy_ips'] = ''; + /* End of file config.php */ /* Location: ./application/config/config.php */ diff --git a/application/config/database.php b/application/config/database.php index 19498735c..cb6ebad10 100644 --- a/application/config/database.php +++ b/application/config/database.php @@ -43,7 +43,7 @@ | ['password'] The password used to connect to the database | ['database'] The name of the database you want to connect to | ['dbdriver'] The database type. e.g.: mysql. Currently supported: -| cubrid, interbase, mssql, mysql, mysqli, oci8, +| cubrid, interbase, mssql, mysql, mysqli, oci8, | odbc, pdo, postgre, sqlite, sqlite3, sqlsrv | ['dbprefix'] You can add an optional prefix, which will be added | to the table name when using the Query Builder class @@ -84,7 +84,7 @@ $db['default'] = array( 'database' => '', 'dbdriver' => 'mysqli', 'dbprefix' => '', - 'pconnect' => FALSE, + 'pconnect' => TRUE, 'db_debug' => TRUE, 'cache_on' => FALSE, 'cachedir' => '', diff --git a/application/config/migration.php b/application/config/migration.php index 88e398243..7645ade7c 100644 --- a/application/config/migration.php +++ b/application/config/migration.php @@ -44,7 +44,7 @@ $config['migration_enabled'] = FALSE; | | This is the name of the table that will store the current migrations state. | When migrations runs it will store in a database table which migration -| level the system is at. It then compares the migration level in the this +| level the system is at. It then compares the migration level in this | table to the $config['migration_version'] if they are not the same it | will migrate up. This must be set. | diff --git a/application/config/mimes.php b/application/config/mimes.php index 15493af43..4b1d6a85d 100644 --- a/application/config/mimes.php +++ b/application/config/mimes.php @@ -68,7 +68,7 @@ return array( 'gtar' => 'application/x-gtar', 'gz' => 'application/x-gzip', 'gzip' => 'application/x-gzip', - 'php' => 'application/x-httpd-php', + 'php' => array('application/x-httpd-php', 'application/php', 'application/x-php', 'text/php', 'text/x-php', 'application/x-httpd-php-source'), 'php4' => 'application/x-httpd-php', 'php3' => 'application/x-httpd-php', 'phtml' => 'application/x-httpd-php', @@ -80,7 +80,8 @@ return array( 'tgz' => array('application/x-tar', 'application/x-gzip-compressed'), 'xhtml' => 'application/xhtml+xml', 'xht' => 'application/xhtml+xml', - 'zip' => array('application/x-zip', 'application/zip', 'application/x-zip-compressed'), + 'zip' => array('application/x-zip', 'application/zip', 'application/x-zip-compressed', 'application/s-compressed', 'multipart/x-zip'), + 'rar' => array('application/x-rar', 'application/rar', 'application/x-rar-compressed'), 'mid' => 'audio/midi', 'midi' => 'audio/midi', 'mpga' => 'audio/mpeg', diff --git a/system/core/Common.php b/system/core/Common.php index 1708653e7..c309d4192 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -431,6 +431,7 @@ if ( ! function_exists('set_status_header')) 300 => 'Multiple Choices', 301 => 'Moved Permanently', 302 => 'Found', + 303 => 'See Other', 304 => 'Not Modified', 305 => 'Use Proxy', 307 => 'Temporary Redirect', @@ -462,18 +463,23 @@ if ( ! function_exists('set_status_header')) 505 => 'HTTP Version Not Supported' ); - if ($code == '' OR ! is_numeric($code)) + if (empty($code) OR ! is_numeric($code)) { show_error('Status codes must be numeric', 500); } - elseif (isset($stati[$code]) && $text === '') - { - $text = $stati[$code]; - } - if ($text === '') + is_int($code) OR $code = (int) $code; + + if (empty($text)) { - show_error('No status text available. Please check your status code number or supply your own message text.', 500); + if (isset($stati[$code])) + { + $text = $stati[$code]; + } + else + { + show_error('No status text available. Please check your status code number or supply your own message text.', 500); + } } $server_protocol = isset($_SERVER['SERVER_PROTOCOL']) ? $_SERVER['SERVER_PROTOCOL'] : FALSE; diff --git a/system/core/Config.php b/system/core/Config.php index 3de1bcb96..4b4e5a7ba 100644 --- a/system/core/Config.php +++ b/system/core/Config.php @@ -225,25 +225,39 @@ class CI_Config { * Site URL * Returns base_url . index_page [. uri_string] * - * @param string the URI string + * @param mixed the URI string or an array of segments * @return string */ public function site_url($uri = '') { - if ($uri === '') + if (empty($uri)) { return $this->slash_item('base_url').$this->item('index_page'); } + $uri = $this->_uri_string($uri); + if ($this->item('enable_query_strings') === FALSE) { $suffix = ($this->item('url_suffix') === FALSE) ? '' : $this->item('url_suffix'); - return $this->slash_item('base_url').$this->slash_item('index_page').$this->_uri_string($uri).$suffix; + + if ($suffix !== '' && ($offset = strpos($uri, '?')) !== FALSE) + { + $uri = substr($uri, 0, $offset).$suffix.substr($uri, $offset); + } + else + { + $uri .= $suffix; + } + + return $this->slash_item('base_url').$this->slash_item('index_page').$uri; } - else + elseif (strpos($uri, '?') === FALSE) { - return $this->slash_item('base_url').$this->item('index_page').'?'.$this->_uri_string($uri); + $uri = '?'.$uri; } + + return $this->slash_item('base_url').$this->item('index_page').$uri; } // ------------------------------------------------------------- @@ -280,15 +294,7 @@ class CI_Config { } elseif (is_array($uri)) { - $i = 0; - $str = ''; - foreach ($uri as $key => $val) - { - $prefix = ($i === 0) ? '' : '&'; - $str .= $prefix.$key.'='.$val; - $i++; - } - return $str; + return http_build_query($uri); } return $uri; diff --git a/system/core/Exceptions.php b/system/core/Exceptions.php index 8c32085fe..bd9178dbd 100644 --- a/system/core/Exceptions.php +++ b/system/core/Exceptions.php @@ -143,7 +143,7 @@ class CI_Exceptions { ob_end_flush(); } ob_start(); - include(APPPATH.'views/errors/'.$template.'.php'); + include(VIEWPATH.'errors/'.$template.'.php'); $buffer = ob_get_contents(); ob_end_clean(); return $buffer; @@ -177,7 +177,7 @@ class CI_Exceptions { ob_end_flush(); } ob_start(); - include(APPPATH.'views/errors/error_php.php'); + include(VIEWPATH.'errors/error_php.php'); $buffer = ob_get_contents(); ob_end_clean(); echo $buffer; diff --git a/system/core/Hooks.php b/system/core/Hooks.php index 29fd88201..afbf4b453 100644 --- a/system/core/Hooks.php +++ b/system/core/Hooks.php @@ -39,7 +39,7 @@ class CI_Hooks { /** - * Determines wether hooks are enabled + * Determines whether hooks are enabled * * @var bool */ @@ -53,7 +53,7 @@ class CI_Hooks { public $hooks = array(); /** - * Determines wether hook is in progress, used to prevent infinte loops + * Determines whether hook is in progress, used to prevent infinte loops * * @var bool */ diff --git a/system/core/Output.php b/system/core/Output.php index 5588ffe8e..5ec8c4bc0 100644 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -67,7 +67,14 @@ class CI_Output { public $mimes = array(); /** - * Determines wether profiler is enabled + * Mime-type for the current page + * + * @var string + */ + protected $mime_type = 'text/html'; + + /** + * Determines whether profiler is enabled * * @var book */ @@ -78,7 +85,7 @@ class CI_Output { * * @var bool */ - protected $_zlib_oc = FALSE; + protected $_zlib_oc = FALSE; /** * List of profiler sections @@ -174,7 +181,7 @@ class CI_Output { * how to permit header data to be saved with the cache data... * * @param string - * @param bool + * @param bool * @return void */ public function set_header($header, $replace = TRUE) @@ -218,6 +225,8 @@ class CI_Output { } } + $this->mime_type = $mime_type; + if (empty($charset)) { $charset = config_item('charset'); @@ -292,6 +301,12 @@ class CI_Output { */ public function set_profiler_sections($sections) { + if (isset($sections['query_toggle_count'])) + { + $this->_profiler_sections['query_toggle_count'] = (int) $sections['query_toggle_count']; + unset($sections['query_toggle_count']); + } + foreach ($sections as $section => $enable) { $this->_profiler_sections[$section] = ($enable !== FALSE); @@ -327,7 +342,7 @@ class CI_Output { * with any server headers and profile data. It also stops the * benchmark timer so the page rendering speed and memory usage can be shown. * - * @param string + * @param string * @return mixed */ public function _display($output = '') @@ -353,6 +368,15 @@ class CI_Output { // -------------------------------------------------------------------- + // Is minify requested? + if ($CFG->item('minify_output') === TRUE) + { + $output = $this->minify($output, $this->mime_type); + } + + + // -------------------------------------------------------------------- + // Do we need to write a cache file? Only if the controller does not have its // own _output() method and we are not dealing with a cache file, which we // can determine by the existence of the $CI object above @@ -450,7 +474,7 @@ class CI_Output { /** * Write a Cache File * - * @param string + * @param string * @return void */ public function _write_cache($output) @@ -493,6 +517,9 @@ class CI_Output { @chmod($cache_path, FILE_WRITE_MODE); log_message('debug', 'Cache file written: '.$cache_path); + + // Send HTTP cache-control headers to browser to match file cache settings. + $this->set_cache_header($_SERVER['REQUEST_TIME'], $expire); } // -------------------------------------------------------------------- @@ -500,8 +527,8 @@ class CI_Output { /** * Update/serve a cached file * - * @param object config class - * @param object uri class + * @param object config class + * @param object uri class * @return bool */ public function _display_cache(&$CFG, &$URI) @@ -530,13 +557,22 @@ class CI_Output { return FALSE; } - // Has the file expired? If so we'll delete it. - if (time() >= trim(str_replace('TS--->', '', $match[1])) && is_really_writable($cache_path)) + $last_modified = filemtime($cache_path); + $expire = trim(str_replace('TS--->', '', $match[1])); + + // Has the file expired? + if ($_SERVER['REQUEST_TIME'] >= $expire && is_really_writable($cache_path)) { + // If so we'll delete it. @unlink($filepath); log_message('debug', 'Cache file has expired. File deleted.'); return FALSE; } + else + { + // Or else send the HTTP cache control headers. + $this->set_cache_header($last_modified, $expire); + } // Display the cache $this->_display(str_replace($match[0], '', $cache)); @@ -544,6 +580,140 @@ class CI_Output { return TRUE; } + // -------------------------------------------------------------------- + + /** + * Set the HTTP headers to match the server-side file cache settings + * in order to reduce bandwidth. + * + * @param int timestamp of when the page was last modified + * @param int timestamp of when should the requested page expire from cache + * @return void + */ + public function set_cache_header($last_modified, $expiration) + { + $max_age = $expiration - $_SERVER['REQUEST_TIME']; + + if (isset($_SERVER['HTTP_IF_MODIFIED_SINCE']) && $last_modified <= strtotime($_SERVER['HTTP_IF_MODIFIED_SINCE'])) + { + $this->set_status_header(304); + exit; + } + else + { + header('Pragma: public'); + header('Cache-Control: max-age=' . $max_age . ', public'); + header('Expires: '.gmdate('D, d M Y H:i:s', $expiration).' GMT'); + header('Last-modified: '.gmdate('D, d M Y H:i:s', $last_modified).' GMT'); + } + } + + // -------------------------------------------------------------------- + + /** + * Reduce excessive size of HTML content. + * + * @param string + * @param string + * @return string + */ + public function minify($output, $type = 'text/html') + { + switch ($type) + { + case 'text/html': + + $size_before = strlen($output); + + if ($size_before === 0) + { + return ''; + } + + // Find all the <pre>,<code>,<textarea>, and <javascript> tags + // We'll want to return them to this unprocessed state later. + preg_match_all('{<pre.+</pre>}msU', $output, $pres_clean); + preg_match_all('{<code.+</code>}msU', $output, $codes_clean); + preg_match_all('{<textarea.+</textarea>}msU', $output, $textareas_clean); + preg_match_all('{<script.+</script>}msU', $output, $javascript_clean); + + // Minify the CSS in all the <style> tags. + preg_match_all('{<style.+</style>}msU', $output, $style_clean); + foreach ($style_clean[0] as $s) + { + $output = str_replace($s, $this->minify($s, 'text/css'), $output); + } + + // Minify the javascript in <script> tags. + foreach ($javascript_clean[0] as $s) + { + $javascript_mini[] = $this->minify($s, 'text/javascript'); + } + + // Replace multiple spaces with a single space. + $output = preg_replace('!\s{2,}!', ' ', $output); + + // Remove comments (non-MSIE conditionals) + $output = preg_replace('{\s*<!--[^\[].*-->\s*}msU', '', $output); + + // Remove spaces around block-level elements. + $output = preg_replace('/\s*(<\/?(html|head|title|meta|script|link|style|body|h[1-6]|div|p|br)[^>]*>)\s*/is', '$1', $output); + + // Replace mangled <pre> etc. tags with unprocessed ones. + + if ( ! empty($pres_clean)) + { + preg_match_all('{<pre.+</pre>}msU', $output, $pres_messed); + $output = str_replace($pres_messed[0], $pres_clean[0], $output); + } + + if ( ! empty($codes_clean)) + { + preg_match_all('{<code.+</code>}msU', $output, $codes_messed); + $output = str_replace($codes_messed[0], $codes_clean[0], $output); + } + + if ( ! empty($codes_clean)) + { + preg_match_all('{<textarea.+</textarea>}msU', $output, $textareas_messed); + $output = str_replace($textareas_messed[0], $textareas_clean[0], $output); + } + + if (isset($javascript_mini)) + { + preg_match_all('{<script.+</script>}msU', $output, $javascript_messed); + $output = str_replace($javascript_messed[0], $javascript_mini, $output); + } + + $size_removed = $size_before - strlen($output); + $savings_percent = round(($size_removed / $size_before * 100)); + + log_message('debug', 'Minifier shaved '.($size_removed / 1000).'KB ('.$savings_percent.'%) off final HTML output.'); + + break; + + case 'text/css': + + //Remove CSS comments + $output = preg_replace('!/\*[^*]*\*+([^/][^*]*\*+)*/!', '', $output); + + // Remove spaces around curly brackets, colons, + // semi-colons, parenthesis, commas + $output = preg_replace('!\s*(:|;|,|}|{|\(|\))\s*!', '$1', $output); + + break; + + case 'text/javascript': + + // Currently leaves JavaScript untouched. + break; + + default: break; + } + + return $output; + } + } /* End of file Output.php */ diff --git a/system/core/Security.php b/system/core/Security.php index 4593a1090..227217e75 100644 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -561,6 +561,19 @@ class CI_Security { // ---------------------------------------------------------------- /** + * Strip Image Tags + * + * @param string + * @return string + */ + public function strip_image_tags($str) + { + return preg_replace(array('#<img\s+.*?src\s*=\s*["\'](.+?)["\'].*?\>#', '#<img\s+.*?src\s*=\s*(.+?).*?\>#'), '\\1', $str); + } + + // ---------------------------------------------------------------- + + /** * Compact Exploded Words * * Callback function for xss_clean() to remove whitespace from diff --git a/system/core/URI.php b/system/core/URI.php index a997525ee..6a8b1a5ac 100644 --- a/system/core/URI.php +++ b/system/core/URI.php @@ -278,7 +278,7 @@ class CI_URI { { // preg_quote() in PHP 5.3 escapes -, so the str_replace() and addition of - to preg_quote() is to maintain backwards // compatibility as many are unaware of how characters in the permitted_uri_chars will be parsed as a regex pattern - if ( ! preg_match('|^['.str_replace(array('\\-', '\-'), '-', preg_quote($this->config->item('permitted_uri_chars'), '-')).']+$|i', $str)) + if ( ! preg_match('|^['.str_replace(array('\\-', '\-'), '-', preg_quote($this->config->item('permitted_uri_chars'), '-')).']+$|i', urldecode($str))) { show_error('The URI you submitted has disallowed characters.', 400); } @@ -302,9 +302,11 @@ class CI_URI { */ public function _remove_url_suffix() { - if ($this->config->item('url_suffix') !== '') + $suffix = (string) $this->config->item('url_suffix'); + + if ($suffix !== '' && ($offset = strrpos($this->uri_string, $suffix)) !== FALSE) { - $this->uri_string = preg_replace('|'.preg_quote($this->config->item('url_suffix')).'$|', '', $this->uri_string); + $this->uri_string = substr_replace($this->uri_string, '', $offset, strlen($suffix)); } } diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php index d056bdb90..739b25187 100644 --- a/system/database/DB_driver.php +++ b/system/database/DB_driver.php @@ -295,7 +295,7 @@ abstract class CI_DB_driver { * @param array An array of binding data * @return mixed */ - public function query($sql, $binds = FALSE, $return_object = TRUE) + public function query($sql, $binds = FALSE, $return_object = NULL) { if ($sql === '') { @@ -303,6 +303,10 @@ abstract class CI_DB_driver { return ($this->db_debug) ? $this->display_error('db_invalid_query') : FALSE; } + elseif ( ! is_bool($return_object)) + { + $return_object = ! $this->is_write_type($sql); + } // Verify table prefix and replace if necessary if ($this->dbprefix !== '' && $this->swap_pre !== '' && $this->dbprefix !== $this->swap_pre) @@ -319,7 +323,7 @@ abstract class CI_DB_driver { // Is query caching enabled? If the query is a "read type" // we will load the caching class and return the previously // cached query if it exists - if ($this->cache_on === TRUE && stripos($sql, 'SELECT') !== FALSE && $this->_cache_init()) + if ($this->cache_on === TRUE && $return_object === TRUE && $this->_cache_init()) { $this->load_rdriver(); if (FALSE !== ($cache = $this->CACHE->read($sql))) @@ -328,7 +332,7 @@ abstract class CI_DB_driver { } } - // Save the query for debugging + // Save the query for debugging if ($this->save_queries === TRUE) { $this->queries[] = $sql; @@ -352,7 +356,7 @@ abstract class CI_DB_driver { $error = $this->error(); // Log errors - log_message('error', 'Query error: '.$error['message']); + log_message('error', 'Query error: '.$error['message'].' - Invalid query: '.$sql); if ($this->db_debug) { @@ -381,12 +385,10 @@ abstract class CI_DB_driver { // Increment the query counter $this->query_count++; - // Was the query a "write" type? - // If so we'll simply return true - if ($this->is_write_type($sql) === TRUE) + // Will we have a result object instantiated? If not - we'll simply return TRUE + if ($return_object !== TRUE) { - // If caching is enabled we'll auto-cleanup any - // existing files related to this particular URI + // If caching is enabled we'll auto-cleanup any existing files related to this particular URI if ($this->cache_on === TRUE && $this->cache_autodel === TRUE && $this->_cache_init()) { $this->CACHE->delete(); @@ -396,8 +398,6 @@ abstract class CI_DB_driver { } // Return TRUE if we don't need to create a result object - // Currently only the Oracle driver uses this when stored - // procedures are used if ($return_object !== TRUE) { return TRUE; @@ -1086,6 +1086,20 @@ abstract class CI_DB_driver { // -------------------------------------------------------------------- /** + * Returns the SQL string operator + * + * @param string + * @return string + */ + protected function _get_operator($str) + { + return preg_match('/(=|!|<|>| IS NULL| IS NOT NULL| BETWEEN)/i', $str, $match) + ? $match[1] : FALSE; + } + + // -------------------------------------------------------------------- + + /** * Enables a native PHP function to be run, using a platform agnostic wrapper. * * @param string the function name @@ -1267,7 +1281,7 @@ abstract class CI_DB_driver { if (isset($call['file']) && strpos($call['file'], BASEPATH.'database') === FALSE) { // Found it - use a relative path for safety - $message[] = 'Filename: '.str_replace(array(BASEPATH, APPPATH), '', $call['file']); + $message[] = 'Filename: '.str_replace(array(APPPATH, BASEPATH), '', $call['file']); $message[] = 'Line Number: '.$call['line']; break; } @@ -1336,39 +1350,21 @@ abstract class CI_DB_driver { // Convert tabs or multiple spaces into single spaces $item = preg_replace('/\s+/', ' ', $item); - static $preg_ec = array(); - - if (empty($preg_ec)) + // If the item has an alias declaration we remove it and set it aside. + // Note: strripos() is used in order to support spaces in table names + if ($offset = strripos($item, ' AS ')) { - if (is_array($this->_escape_char)) - { - $preg_ec = array(preg_quote($this->_escape_char[0]), preg_quote($this->_escape_char[1])); - } - else - { - $preg_ec[0] = $preg_ec[1] = preg_quote($this->_escape_char); - } + $alias = ($protect_identifiers) + ? substr($item, $offset, 4).$this->escape_identifiers(substr($item, $offset + 4)) + : substr($item, $offset); + $item = substr($item, 0, $offset); } - - // If the item has an alias declaration we remove it and set it aside. - // Basically we remove everything to the right of the first space - preg_match('/^(('.$preg_ec[0].'[^'.$preg_ec[1].']+'.$preg_ec[1].')|([^'.$preg_ec[0].'][^\s]+))( AS)*(.+)*$/i', $item, $matches); - - if (isset($matches[4])) + elseif ($offset = strrpos($item, ' ')) { - $item = $matches[1]; - - // Escape the alias, if needed - if ($protect_identifiers === TRUE) - { - $alias = empty($matches[5]) - ? ' '.$this->escape_identifiers(ltrim($matches[4])) - : $matches[4].' '.$this->escape_identifiers(ltrim($matches[5])); - } - else - { - $alias = $matches[4].$matches[5]; - } + $alias = ($protect_identifiers) + ? ' '.$this->escape_identifiers(substr($item, $offset + 1)) + : substr($item, $offset); + $item = substr($item, 0, $offset); } else { diff --git a/system/database/DB_forge.php b/system/database/DB_forge.php index 9b7639289..91f9d560c 100644 --- a/system/database/DB_forge.php +++ b/system/database/DB_forge.php @@ -231,7 +231,7 @@ abstract class CI_DB_forge { if (($result = $this->db->query($sql)) !== FALSE && ! empty($this->db->data_cache['table_names'])) { - $this->db->data_cache['table_names'][] = $$this->db->dbprefix.$table; + $this->db->data_cache['table_names'][] = $this->db->dbprefix.$table; } return $result; diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index 488b294e4..3982885e8 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -324,10 +324,10 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param string * @param string the join condition * @param string the type of join - * @param string wether not to try to escape identifiers + * @param string whether not to try to escape identifiers * @return object */ - public function join($table, $cond, $type = '', $escape = TRUE) + public function join($table, $cond, $type = '', $escape = NULL) { if ($type !== '') { @@ -347,6 +347,8 @@ abstract class CI_DB_query_builder extends CI_DB_driver { // in the protect_identifiers to know whether to add a table prefix $this->_track_aliases($table); + is_bool($escape) OR $escape = $this->_protect_identifiers; + // Split multiple conditions if ($escape === TRUE && preg_match_all('/\sAND\s|\sOR\s/i', $cond, $m, PREG_SET_ORDER | PREG_OFFSET_CAPTURE)) { @@ -366,12 +368,20 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $newcond .= $m[0][$i][0]; } - $cond = $newcond; + $cond = ' ON '.$newcond; } // Split apart the condition and protect the identifiers elseif ($escape === TRUE && preg_match('/([\[\w\.-]+)([\W\s]+)(.+)/i', $cond, $match)) { - $cond = $this->protect_identifiers($match[1]).$match[2].$this->protect_identifiers($match[3]); + $cond = ' ON '.$this->protect_identifiers($match[1]).$match[2].$this->protect_identifiers($match[3]); + } + elseif ( ! $this->_has_operator($cond)) + { + $cond = ' USING ('.($escape ? $this->escape_identifiers($cond) : $cond).')'; + } + else + { + $cond = ' ON '.$cond; } // Do we want to escape the table name? @@ -381,7 +391,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { } // Assemble the JOIN statement - $this->qb_join[] = $join = $type.'JOIN '.$this->protect_identifiers($table, TRUE, NULL, FALSE).' ON '.$cond; + $this->qb_join[] = $join = $type.'JOIN '.$table.$cond; if ($this->qb_caching === TRUE) { @@ -405,7 +415,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param bool * @return object */ - public function where($key, $value = NULL, $escape = TRUE) + public function where($key, $value = NULL, $escape = NULL) { return $this->_where($key, $value, 'AND ', $escape); } @@ -423,7 +433,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param bool * @return object */ - public function or_where($key, $value = NULL, $escape = TRUE) + public function or_where($key, $value = NULL, $escape = NULL) { return $this->_where($key, $value, 'OR ', $escape); } @@ -443,23 +453,26 @@ abstract class CI_DB_query_builder extends CI_DB_driver { */ protected function _where($key, $value = NULL, $type = 'AND ', $escape = NULL) { - $type = $this->_group_get_type($type); - if ( ! is_array($key)) { $key = array($key => $value); } // If the escape value was not set will will base it on the global setting - $escape = $this->_protect_identifiers; + is_bool($escape) OR $escape = $this->_protect_identifiers; foreach ($key as $k => $v) { - $prefix = (count($this->qb_where) === 0 && count($this->qb_cache_where) === 0) ? '' : $type; + $prefix = (count($this->qb_where) === 0 && count($this->qb_cache_where) === 0) + ? $this->_group_get_type('') + : $this->_group_get_type($type); - $k = $this->_has_operator($k) - ? $this->protect_identifiers(substr($k, 0, strpos(rtrim($k), ' ')), FALSE, $escape).strchr(rtrim($k), ' ') - : $this->protect_identifiers($k, FALSE, $escape); + if ($escape === TRUE) + { + $k = (($op = $this->_get_operator($k)) !== FALSE) + ? $this->escape_identifiers(trim(substr($k, 0, strpos($k, $op)))).' '.strstr($k, $op) + : $this->escape_identifiers(trim($k)); + } if (is_null($v) && ! $this->_has_operator($k)) { @@ -504,9 +517,9 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param array The values searched on * @return object */ - public function where_in($key = NULL, $values = NULL) + public function where_in($key = NULL, $values = NULL, $escape = NULL) { - return $this->_where_in($key, $values); + return $this->_where_in($key, $values, FALSE, 'AND ', $escape); } // -------------------------------------------------------------------- @@ -521,9 +534,9 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param array The values searched on * @return object */ - public function or_where_in($key = NULL, $values = NULL) + public function or_where_in($key = NULL, $values = NULL, $escape = NULL) { - return $this->_where_in($key, $values, FALSE, 'OR '); + return $this->_where_in($key, $values, FALSE, 'OR ', $escape); } // -------------------------------------------------------------------- @@ -538,9 +551,9 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param array The values searched on * @return object */ - public function where_not_in($key = NULL, $values = NULL) + public function where_not_in($key = NULL, $values = NULL, $escape = NULL) { - return $this->_where_in($key, $values, TRUE); + return $this->_where_in($key, $values, TRUE, 'AND ', $escape); } // -------------------------------------------------------------------- @@ -555,9 +568,9 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param array The values searched on * @return object */ - public function or_where_not_in($key = NULL, $values = NULL) + public function or_where_not_in($key = NULL, $values = NULL, $escape = NULL) { - return $this->_where_in($key, $values, TRUE, 'OR '); + return $this->_where_in($key, $values, TRUE, 'OR ', $escape); } // -------------------------------------------------------------------- @@ -573,20 +586,20 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param string * @return object */ - protected function _where_in($key = NULL, $values = NULL, $not = FALSE, $type = 'AND ') + protected function _where_in($key = NULL, $values = NULL, $not = FALSE, $type = 'AND ', $escape = NULL) { if ($key === NULL OR $values === NULL) { return $this; } - $type = $this->_group_get_type($type); - if ( ! is_array($values)) { $values = array($values); } + is_bool($escape) OR $escape = $this->_protect_identifiers; + $not = ($not) ? ' NOT' : ''; foreach ($values as $value) @@ -594,8 +607,13 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $this->qb_wherein[] = $this->escape($value); } - $prefix = (count($this->qb_where) === 0) ? '' : $type; - $this->qb_where[] = $where_in = $prefix.$this->protect_identifiers($key).$not.' IN ('.implode(', ', $this->qb_wherein).') '; + if ($escape === TRUE) + { + $key = $this->escape_identifiers(trim($key)); + } + + $prefix = (count($this->qb_where) === 0) ? $this->_group_get_type('') : $this->_group_get_type($type); + $this->qb_where[] = $where_in = $prefix.$key.$not.' IN ('.implode(', ', $this->qb_wherein).') '; if ($this->qb_caching === TRUE) { @@ -690,8 +708,6 @@ abstract class CI_DB_query_builder extends CI_DB_driver { */ protected function _like($field, $match = '', $type = 'AND ', $side = 'both', $not = '') { - $type = $this->_group_get_type($type); - if ( ! is_array($field)) { $field = array($field => $match); @@ -700,7 +716,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { foreach ($field as $k => $v) { $k = $this->protect_identifiers($k); - $prefix = (count($this->qb_like) === 0) ? '' : $type; + $prefix = (count($this->qb_like) === 0) ? $this->_group_get_type('') : $this->_group_get_type($type); $v = $this->escape_like_str($v); if ($side === 'none') @@ -886,7 +902,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param bool * @return object */ - public function having($key, $value = '', $escape = TRUE) + public function having($key, $value = '', $escape = NULL) { return $this->_having($key, $value, 'AND ', $escape); } @@ -903,7 +919,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param bool * @return object */ - public function or_having($key, $value = '', $escape = TRUE) + public function or_having($key, $value = '', $escape = NULL) { return $this->_having($key, $value, 'OR ', $escape); } @@ -921,21 +937,22 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param bool * @return object */ - protected function _having($key, $value = '', $type = 'AND ', $escape = TRUE) + protected function _having($key, $value = '', $type = 'AND ', $escape = NULL) { if ( ! is_array($key)) { $key = array($key => $value); } + is_bool($escape) OR $escape = $this->_protect_identifiers; + foreach ($key as $k => $v) { $prefix = (count($this->qb_having) === 0) ? '' : $type; - if ($escape === TRUE) - { - $k = $this->protect_identifiers($k); - } + $k = $this->_has_operator($k) + ? $this->protect_identifiers(substr($k, 0, strpos(rtrim($k), ' ')), FALSE, $escape).strchr(rtrim($k), ' ') + : $this->protect_identifiers($k, FALSE, $escape); if ( ! $this->_has_operator($k)) { @@ -968,7 +985,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param bool enable field name escaping * @return object */ - public function order_by($orderby, $direction = '', $escape = TRUE) + public function order_by($orderby, $direction = '', $escape = NULL) { if (strtolower($direction) === 'random') { @@ -980,8 +997,9 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $direction = in_array(strtoupper(trim($direction)), array('ASC', 'DESC'), TRUE) ? ' '.$direction : ' ASC'; } + is_bool($escape) OR $escape = $this->_protect_identifiers; - if ((strpos($orderby, ',') !== FALSE) && $escape === TRUE) + if ($escape === TRUE && strpos($orderby, ',') !== FALSE) { $temp = array(); foreach (explode(',', $orderby) as $part) @@ -1028,12 +1046,8 @@ abstract class CI_DB_query_builder extends CI_DB_driver { */ public function limit($value, $offset = NULL) { - $this->qb_limit = (int) $value; - - if ( ! empty($offset)) - { - $this->qb_offset = (int) $offset; - } + is_null($value) OR $this->qb_limit = (int) $value; + empty($offset) OR $this->qb_offset = (int) $offset; return $this; } @@ -1048,21 +1062,40 @@ abstract class CI_DB_query_builder extends CI_DB_driver { */ public function offset($offset) { - $this->qb_offset = (int) $offset; + empty($offset) OR $this->qb_offset = (int) $offset; return $this; } // -------------------------------------------------------------------- /** - * The "set" function. Allows key/value pairs to be set for inserting or updating + * Limit string + * + * Generates a platform-specific LIMIT clause + * + * @param string the sql query string + * @param int the number of rows to limit the query to + * @param int the offset value + * @return string + */ + protected function _limit($sql, $limit, $offset) + { + return $sql.' LIMIT '.($offset ? $offset.', ' : '').$limit; + } + + // -------------------------------------------------------------------- + + /** + * The "set" function. + * + * Allows key/value pairs to be set for inserting or updating * * @param mixed * @param string * @param bool * @return object */ - public function set($key, $value = '', $escape = TRUE) + public function set($key, $value = '', $escape = NULL) { $key = $this->_object_to_array($key); @@ -1071,16 +1104,12 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $key = array($key => $value); } + is_bool($escape) OR $escape = $this->_protect_identifiers; + foreach ($key as $k => $v) { - if ($escape === FALSE) - { - $this->qb_set[$this->protect_identifiers($k)] = $v; - } - else - { - $this->qb_set[$this->protect_identifiers($k, FALSE, TRUE)] = $this->escape($v); - } + $this->qb_set[$this->protect_identifiers($k, FALSE, $escape)] = ($escape) + ? $this->escape($v) : $v; } return $this; @@ -1189,7 +1218,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param string the offset clause * @return object */ - public function get_where($table = '', $where = null, $limit = null, $offset = null) + public function get_where($table = '', $where = NULL, $limit = NULL, $offset = NULL) { if ($table !== '') { @@ -1286,7 +1315,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param bool * @return object */ - public function set_insert_batch($key, $value = '', $escape = TRUE) + public function set_insert_batch($key, $value = '', $escape = NULL) { $key = $this->_object_to_array_batch($key); @@ -1295,6 +1324,8 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $key = array($key => $value); } + is_bool($escape) OR $escape = $this->_protect_identifiers; + $keys = array_keys($this->_object_to_array(current($key))); sort($keys); @@ -1326,7 +1357,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { foreach ($keys as $k) { - $this->qb_keys[] = $this->protect_identifiers($k); + $this->qb_keys[] = $this->protect_identifiers($k, FALSE, $escape); } return $this; @@ -1725,7 +1756,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param bool * @return object */ - public function set_update_batch($key, $index = '', $escape = TRUE) + public function set_update_batch($key, $index = '', $escape = NULL) { $key = $this->_object_to_array_batch($key); @@ -1734,6 +1765,8 @@ abstract class CI_DB_query_builder extends CI_DB_driver { // @todo error } + is_bool($escape) OR $escape = $this->_protect_identifiers; + foreach ($key as $k => $v) { $index_set = FALSE; @@ -1745,7 +1778,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $index_set = TRUE; } - $clean[$this->protect_identifiers($k2)] = ($escape === FALSE) ? $v2 : $this->escape($v2); + $clean[$this->protect_identifiers($k2, FALSE, $escape)] = ($escape === FALSE) ? $v2 : $this->escape($v2); } if ($index_set === FALSE) diff --git a/system/database/drivers/cubrid/cubrid_driver.php b/system/database/drivers/cubrid/cubrid_driver.php index 6b67b7546..7496ee42f 100644 --- a/system/database/drivers/cubrid/cubrid_driver.php +++ b/system/database/drivers/cubrid/cubrid_driver.php @@ -437,23 +437,6 @@ class CI_DB_cubrid_driver extends CI_DB { // -------------------------------------------------------------------- /** - * Limit string - * - * Generates a platform-specific LIMIT clause - * - * @param string the sql query string - * @param int the number of rows to limit the query to - * @param int the offset value - * @return string - */ - protected function _limit($sql, $limit, $offset) - { - return $sql.'LIMIT '.($offset == 0 ? '' : $offset.', ').$limit; - } - - // -------------------------------------------------------------------- - - /** * Close DB Connection * * @return void diff --git a/system/database/drivers/interbase/interbase_driver.php b/system/database/drivers/interbase/interbase_driver.php index 5a03607ee..38d30962c 100644 --- a/system/database/drivers/interbase/interbase_driver.php +++ b/system/database/drivers/interbase/interbase_driver.php @@ -235,7 +235,7 @@ class CI_DB_interbase_driver extends CI_DB { * @param int $inc_by * @return int */ - public function insert_id($generator_name, $inc_by=0) + public function insert_id($generator_name, $inc_by = 0) { //If a generator hasn't been used before it will return 0 return ibase_gen_id('"'.$generator_name.'"', $inc_by); @@ -257,7 +257,8 @@ class CI_DB_interbase_driver extends CI_DB { if ($prefix_limit !== FALSE && $this->dbprefix !== '') { - return $sql.' AND "RDB$RELATION_NAME" LIKE \''.$this->escape_like_str($this->dbprefix)."%' ".sprintf($this->_like_escape_str, $this->_like_escape_chr); + return $sql.' AND "RDB$RELATION_NAME" LIKE \''.$this->escape_like_str($this->dbprefix)."%' " + .sprintf($this->_like_escape_str, $this->_like_escape_chr); } return $sql; @@ -275,7 +276,7 @@ class CI_DB_interbase_driver extends CI_DB { */ protected function _list_columns($table = '') { - return 'SELECT "RDB$FIELD_NAME" FROM "RDB$RELATION_FIELDS" WHERE "RDB$RELATION_NAME" = \''.$this->escape_str($table)."'"; + return 'SELECT "RDB$FIELD_NAME" FROM "RDB$RELATION_FIELDS" WHERE "RDB$RELATION_NAME" = '.$this->escape($table); } // -------------------------------------------------------------------- @@ -290,10 +291,7 @@ class CI_DB_interbase_driver extends CI_DB { */ protected function _field_data($table) { - // Need to find a more efficient way to do this - // but Interbase/Firebird seems to lack the - // limit clause - return 'SELECT * FROM '.$table; + return $this->_limit('SELECT * FROM '.$this->protect_identifiers($table), 1, NULL); } // -------------------------------------------------------------------- @@ -361,7 +359,6 @@ class CI_DB_interbase_driver extends CI_DB { .(count($orderby) > 0 ? ' ORDER BY '.implode(', ', $orderby) : ''); } - // -------------------------------------------------------------------- /** @@ -421,12 +418,12 @@ class CI_DB_interbase_driver extends CI_DB { if (stripos($this->version(), 'firebird') !== FALSE) { $select = 'FIRST '. (int) $limit - .($offset > 0 ? ' SKIP '. (int) $offset : ''); + .($offset ? ' SKIP '. (int) $offset : ''); } else { $select = 'ROWS ' - .($offset > 0 ? (int) $offset.' TO '.($limit + $offset) : (int) $limit); + .($offset ? (int) $offset.' TO '.($limit + $offset) : (int) $limit); } return preg_replace('`SELECT`i', 'SELECT '.$select, $sql); diff --git a/system/database/drivers/mssql/mssql_driver.php b/system/database/drivers/mssql/mssql_driver.php index 47dc55844..7634be2bb 100644 --- a/system/database/drivers/mssql/mssql_driver.php +++ b/system/database/drivers/mssql/mssql_driver.php @@ -124,7 +124,7 @@ class CI_DB_mssql_driver extends CI_DB { // Determine how identifiers are escaped $query = $this->query('SELECT CASE WHEN (@@OPTIONS | 256) = @@OPTIONS THEN 1 ELSE 0 END AS qi'); $query = $query->row_array(); - $this->_quoted_identifier = empty($query) ? FALSE : (bool) $query->qi; + $this->_quoted_identifier = empty($query) ? FALSE : (bool) $query['qi']; $this->_escape_char = ($this->_quoted_identifier) ? '"' : array('[', ']'); return $conn_id; @@ -288,7 +288,7 @@ class CI_DB_mssql_driver extends CI_DB { */ public function insert_id() { - $query = (self::_parse_major_version($this->version()) > 7) + $query = version_compare($this->version(), '8', '>=') ? 'SELECT SCOPE_IDENTITY() AS last_id' : 'SELECT @@IDENTITY AS last_id'; @@ -300,23 +300,6 @@ class CI_DB_mssql_driver extends CI_DB { // -------------------------------------------------------------------- /** - * Parse major version - * - * Grabs the major version number from the - * database server version string passed in. - * - * @param string $version - * @return int major version number - */ - protected function _parse_major_version($version) - { - preg_match('/([0-9]+)\.([0-9]+)\.([0-9]+)/', $version, $ver_info); - return $ver_info[1]; // return the major version b/c that's all we're interested in. - } - - // -------------------------------------------------------------------- - - /** * Version number query string * * @return string @@ -338,16 +321,17 @@ class CI_DB_mssql_driver extends CI_DB { */ protected function _list_tables($prefix_limit = FALSE) { - $sql = "SELECT name FROM sysobjects WHERE type = 'U' ORDER BY name"; + $sql = 'SELECT '.$this->escape_identifiers('name') + .' FROM '.$this->escape_identifiers('sysobjects') + .' WHERE '.$this->escape_identifiers('type')." = 'U'"; - // for future compatibility if ($prefix_limit !== FALSE AND $this->dbprefix !== '') { - //$sql .= " LIKE '".$this->escape_like_str($this->dbprefix)."%' ".sprintf($this->_like_escape_str, $this->_like_escape_chr); - return FALSE; // not currently supported + $sql .= ' AND '.$this->escape_identifiers('name')." LIKE '".$this->escape_like_str($this->dbprefix)."%' " + .sprintf($this->_like_escape_str, $this->_like_escape_chr); } - return $sql; + return $sql.' ORDER BY '.$this->escape_identifiers('name'); } // -------------------------------------------------------------------- @@ -377,7 +361,7 @@ class CI_DB_mssql_driver extends CI_DB { */ protected function _field_data($table) { - return 'SELECT TOP 1 * FROM '.$table; + return 'SELECT TOP 1 * FROM '.$this->protect_identifiers($table); } // -------------------------------------------------------------------- diff --git a/system/database/drivers/mysql/mysql_driver.php b/system/database/drivers/mysql/mysql_driver.php index 8938d22b5..d11f015a6 100644 --- a/system/database/drivers/mysql/mysql_driver.php +++ b/system/database/drivers/mysql/mysql_driver.php @@ -64,6 +64,12 @@ class CI_DB_mysql_driver extends CI_DB { */ public $delete_hack = TRUE; + /** + * Constructor + * + * @param array + * @return void + */ public function __construct($params) { parent::__construct($params); @@ -74,6 +80,8 @@ class CI_DB_mysql_driver extends CI_DB { } } + // -------------------------------------------------------------------- + /** * Non-persistent database connection * @@ -335,7 +343,7 @@ class CI_DB_mysql_driver extends CI_DB { */ protected function _list_tables($prefix_limit = FALSE) { - $sql = 'SHOW TABLES FROM '.$this->_escape_char.$this->database.$this->_escape_char; + $sql = 'SHOW TABLES FROM '.$this->escape_identifiers($this->database); if ($prefix_limit !== FALSE && $this->dbprefix !== '') { @@ -355,7 +363,7 @@ class CI_DB_mysql_driver extends CI_DB { * @param string the table name * @return string */ - public function _list_columns($table = '') + protected function _list_columns($table = '') { return 'SHOW COLUMNS FROM '.$this->protect_identifiers($table, TRUE, NULL, FALSE); } @@ -453,23 +461,6 @@ class CI_DB_mysql_driver extends CI_DB { // -------------------------------------------------------------------- /** - * Limit string - * - * Generates a platform-specific LIMIT clause - * - * @param string the sql query string - * @param int the number of rows to limit the query to - * @param int the offset value - * @return string - */ - protected function _limit($sql, $limit, $offset) - { - return $sql.' LIMIT '.($offset == 0 ? '' : $offset.', ').$limit; - } - - // -------------------------------------------------------------------- - - /** * Close DB Connection * * @return void diff --git a/system/database/drivers/mysql/mysql_forge.php b/system/database/drivers/mysql/mysql_forge.php index d22454d84..2ac75bad2 100644 --- a/system/database/drivers/mysql/mysql_forge.php +++ b/system/database/drivers/mysql/mysql_forge.php @@ -62,7 +62,7 @@ class CI_DB_mysql_forge extends CI_DB_forge { $sql .= "\n\t".$this->db->escape_identifiers($field); - empty($attributes['NAME']) OR ' '.$this->db->escape_identifiers($attributes['NAME']).' '; + empty($attributes['NAME']) OR $sql .= ' '.$this->db->escape_identifiers($attributes['NAME']).' '; if ( ! empty($attributes['TYPE'])) { diff --git a/system/database/drivers/mysqli/mysqli_driver.php b/system/database/drivers/mysqli/mysqli_driver.php index d3fb77a22..d1581bf1a 100644 --- a/system/database/drivers/mysqli/mysqli_driver.php +++ b/system/database/drivers/mysqli/mysqli_driver.php @@ -335,7 +335,7 @@ class CI_DB_mysqli_driver extends CI_DB { */ protected function _list_tables($prefix_limit = FALSE) { - $sql = 'SHOW TABLES FROM '.$this->_escape_char.$this->database.$this->_escape_char; + $sql = 'SHOW TABLES FROM '.$this->escape_identifiers($this->database); if ($prefix_limit !== FALSE && $this->dbprefix !== '') { @@ -455,24 +455,6 @@ class CI_DB_mysqli_driver extends CI_DB { // -------------------------------------------------------------------- /** - * Limit string - * - * Generates a platform-specific LIMIT clause - * - * @param string the sql query string - * @param int the number of rows to limit the query to - * @param int the offset value - * @return string - */ - protected function _limit($sql, $limit, $offset) - { - return $sql.' LIMIT '.$limit - .($offset > 0 ? ' OFFSET '.$offset : ''); - } - - // -------------------------------------------------------------------- - - /** * Close DB Connection * * @return void diff --git a/system/database/drivers/oci8/oci8_driver.php b/system/database/drivers/oci8/oci8_driver.php index e78091614..67bb0403b 100644 --- a/system/database/drivers/oci8/oci8_driver.php +++ b/system/database/drivers/oci8/oci8_driver.php @@ -66,6 +66,8 @@ class CI_DB_oci8_driver extends CI_DB { protected $_count_string = 'SELECT COUNT(1) AS '; protected $_random_keyword = ' ASC'; // not currently supported + protected $_reserved_identifiers = array('*', 'rownum'); + // Set "auto commit" by default public $commit_mode = OCI_COMMIT_ON_SUCCESS; @@ -464,11 +466,12 @@ class CI_DB_oci8_driver extends CI_DB { */ protected function _list_tables($prefix_limit = FALSE) { - $sql = 'SELECT TABLE_NAME FROM ALL_TABLES'; + $sql = 'SELECT "TABLE_NAME" FROM "ALL_TABLES"'; if ($prefix_limit !== FALSE && $this->dbprefix !== '') { - return $sql." WHERE TABLE_NAME LIKE '".$this->escape_like_str($this->dbprefix)."%' ".sprintf($this->_like_escape_str, $this->_like_escape_chr); + return $sql.' WHERE "TABLE_NAME" LIKE \''.$this->escape_like_str($this->dbprefix)."%' " + .sprintf($this->_like_escape_str, $this->_like_escape_chr); } return $sql; @@ -486,7 +489,7 @@ class CI_DB_oci8_driver extends CI_DB { */ protected function _list_columns($table = '') { - return 'SELECT COLUMN_NAME FROM all_tab_columns WHERE table_name = \''.$table.'\''; + return 'SELECT "COLUMN_NAME" FROM "all_tab_columns" WHERE "TABLE_NAME" = '.$this->escape($table); } // -------------------------------------------------------------------- @@ -501,7 +504,7 @@ class CI_DB_oci8_driver extends CI_DB { */ protected function _field_data($table) { - return 'SELECT * FROM '.$table.' WHERE rownum = 1'; + return 'SELECT * FROM '.$this->protect_identifiers($table).' WHERE rownum = 1'; } // -------------------------------------------------------------------- @@ -634,7 +637,7 @@ class CI_DB_oci8_driver extends CI_DB { { $this->limit_used = TRUE; return 'SELECT * FROM (SELECT inner_query.*, rownum rnum FROM ('.$sql.') inner_query WHERE rownum < '.($offset + $limit).')' - .($offset !== 0 ? ' WHERE rnum >= '.$offset : ''); + .($offset ? ' WHERE rnum >= '.$offset : ''); } // -------------------------------------------------------------------- diff --git a/system/database/drivers/odbc/odbc_driver.php b/system/database/drivers/odbc/odbc_driver.php index 222c311c0..bd5759289 100644 --- a/system/database/drivers/odbc/odbc_driver.php +++ b/system/database/drivers/odbc/odbc_driver.php @@ -331,23 +331,6 @@ class CI_DB_odbc_driver extends CI_DB { // -------------------------------------------------------------------- /** - * Limit string - * - * Generates a platform-specific LIMIT clause - * - * @param string the sql query string - * @param int the number of rows to limit the query to - * @param int the offset value - * @return string - */ - protected function _limit($sql, $limit, $offset) - { - return $sql.($offset == 0 ? '' : $offset.', ').$limit; - } - - // -------------------------------------------------------------------- - - /** * Close DB Connection * * @return void diff --git a/system/database/drivers/pdo/pdo_driver.php b/system/database/drivers/pdo/pdo_driver.php index e25013a52..a3ad46900 100644 --- a/system/database/drivers/pdo/pdo_driver.php +++ b/system/database/drivers/pdo/pdo_driver.php @@ -599,19 +599,12 @@ class CI_DB_pdo_driver extends CI_DB { */ protected function _limit($sql, $limit, $offset) { - if ($this->pdodriver === 'cubrid' OR $this->pdodriver === 'sqlite') + if ($this->pdodriver === 'pgsql') { - $offset = ($offset == 0) ? '' : $offset.', '; - - return $sql.'LIMIT '.$offset.$limit; + return $sql.' LIMIT '.$limit.($offset ? ' OFFSET '.$offset : ''); } - else - { - $sql .= 'LIMIT '.$limit; - $sql .= ($offset > 0) ? ' OFFSET '.$offset : ''; - return $sql; - } + return $sql.' LIMIT '.($offset ? $offset.', ' : '').$limit; } } diff --git a/system/database/drivers/postgre/postgre_driver.php b/system/database/drivers/postgre/postgre_driver.php index ad9ac9000..e73122bc7 100644 --- a/system/database/drivers/postgre/postgre_driver.php +++ b/system/database/drivers/postgre/postgre_driver.php @@ -399,11 +399,13 @@ class CI_DB_postgre_driver extends CI_DB { */ protected function _list_tables($prefix_limit = FALSE) { - $sql = "SELECT table_name FROM information_schema.tables WHERE table_schema = 'public'"; + $sql = 'SELECT "table_name" FROM "information_schema"."tables" WHERE "table_schema" = \'public\''; if ($prefix_limit !== FALSE && $this->dbprefix !== '') { - return $sql." AND table_name LIKE '".$this->escape_like_str($this->dbprefix)."%' ".sprintf($this->_like_escape_str, $this->_like_escape_chr); + return $sql.' AND "table_name" LIKE \'' + .$this->escape_like_str($this->dbprefix)."%' " + .sprintf($this->_like_escape_str, $this->_like_escape_chr); } return $sql; @@ -421,7 +423,7 @@ class CI_DB_postgre_driver extends CI_DB { */ protected function _list_columns($table = '') { - return "SELECT column_name FROM information_schema.columns WHERE table_name = '".$table."'"; + return 'SELECT "column_name" FROM "information_schema"."columns" WHERE "table_name" = '.$this->escape($table); } // -------------------------------------------------------------------- @@ -580,7 +582,7 @@ class CI_DB_postgre_driver extends CI_DB { */ protected function _limit($sql, $limit, $offset) { - return $sql.' LIMIT '.$limit.($offset == 0 ? '' : ' OFFSET '.$offset); + return $sql.' LIMIT '.$limit.($offset ? ' OFFSET '.$offset : ''); } // -------------------------------------------------------------------- @@ -593,31 +595,31 @@ class CI_DB_postgre_driver extends CI_DB { * @param mixed * @param mixed * @param string + * @param mixed * @return object - * */ protected function _where($key, $value = NULL, $type = 'AND ', $escape = NULL) { - $type = $this->_group_get_type($type); - if ( ! is_array($key)) { $key = array($key => $value); } // If the escape value was not set will will base it on the global setting - if ( ! is_bool($escape)) - { - $escape = $this->_protect_identifiers; - } + is_bool($escape) OR $escape = $this->_protect_identifiers; foreach ($key as $k => $v) { - $prefix = (count($this->qb_where) === 0 && count($this->qb_cache_where) === 0) ? '' : $type; + $prefix = (count($this->qb_where) === 0 && count($this->qb_cache_where) === 0) + ? $this->_group_get_type('') + : $this->_group_get_type($type); - $k = $this->_has_operator($k) - ? $this->protect_identifiers(substr($k, 0, strpos(rtrim($k), ' ')), FALSE, $escape).strchr(rtrim($k), ' ') - : $this->protect_identifiers($k, FALSE, $escape); + if ($escape === TRUE) + { + $k = (($op = $this->_get_operator($k)) !== FALSE) + ? $this->escape_identifiers(trim(substr($k, 0, strpos($k, $op)))).' '.strstr($k, $op) + : $this->escape_identifiers(trim($k)); + } if (is_null($v) && ! $this->_has_operator($k)) { diff --git a/system/database/drivers/sqlite/sqlite_driver.php b/system/database/drivers/sqlite/sqlite_driver.php index 3305f6030..87be7a54a 100644 --- a/system/database/drivers/sqlite/sqlite_driver.php +++ b/system/database/drivers/sqlite/sqlite_driver.php @@ -360,23 +360,6 @@ class CI_DB_sqlite_driver extends CI_DB { // -------------------------------------------------------------------- /** - * Limit string - * - * Generates a platform-specific LIMIT clause - * - * @param string the sql query string - * @param int the number of rows to limit the query to - * @param int the offset value - * @return string - */ - protected function _limit($sql, $limit, $offset) - { - return $sql.'LIMIT '.($offset == 0 ? '' : $offset.', ').$limit; - } - - // -------------------------------------------------------------------- - - /** * Close DB Connection * * @return void diff --git a/system/database/drivers/sqlite3/sqlite3_driver.php b/system/database/drivers/sqlite3/sqlite3_driver.php index bed61891b..1c6533f22 100644 --- a/system/database/drivers/sqlite3/sqlite3_driver.php +++ b/system/database/drivers/sqlite3/sqlite3_driver.php @@ -353,23 +353,6 @@ class CI_DB_sqlite3_driver extends CI_DB { // -------------------------------------------------------------------- /** - * Limit string - * - * Generates a platform-specific LIMIT clause - * - * @param string the sql query string - * @param int the number of rows to limit the query to - * @param int the offset value - * @return string - */ - protected function _limit($sql, $limit, $offset) - { - return $sql.' LIMIT '.($offset ? $offset.',' : '').$limit; - } - - // -------------------------------------------------------------------- - - /** * Close DB Connection * * @return void diff --git a/system/database/drivers/sqlsrv/sqlsrv_driver.php b/system/database/drivers/sqlsrv/sqlsrv_driver.php index 825c02452..4fdc4aae0 100644 --- a/system/database/drivers/sqlsrv/sqlsrv_driver.php +++ b/system/database/drivers/sqlsrv/sqlsrv_driver.php @@ -91,7 +91,7 @@ class CI_DB_sqlsrv_driver extends CI_DB { // Determine how identifiers are escaped $query = $this->query('SELECT CASE WHEN (@@OPTIONS | 256) = @@OPTIONS THEN 1 ELSE 0 END AS qi'); $query = $query->row_array(); - $this->_quoted_identifier = empty($query) ? FALSE : (bool) $query->qi; + $this->_quoted_identifier = empty($query) ? FALSE : (bool) $query['qi']; $this->_escape_char = ($this->_quoted_identifier) ? '"' : array('[', ']'); return $conn_id; @@ -284,7 +284,17 @@ class CI_DB_sqlsrv_driver extends CI_DB { */ protected function _list_tables($prefix_limit = FALSE) { - return "SELECT name FROM sysobjects WHERE type = 'U' ORDER BY name"; + $sql = 'SELECT '.$this->escape_identifiers('name') + .' FROM '.$this->escape_identifiers('sysobjects') + .' WHERE '.$this->escape_identifiers('type')." = 'U'"; + + if ($prefix_limit === TRUE && $this->dbprefix !== '') + { + $sql .= ' AND '.$this->escape_identifiers('name')." LIKE '".$this->escape_like_str($this->dbprefix)."%' " + .sprintf($this->_escape_like_str, $this->_escape_like_chr); + } + + return $sql.' ORDER BY '.$this->escape_identifiers('name'); } // -------------------------------------------------------------------- @@ -314,7 +324,7 @@ class CI_DB_sqlsrv_driver extends CI_DB { */ protected function _field_data($table) { - return 'SELECT TOP 1 * FROM '.$table; + return 'SELECT TOP 1 * FROM '.$this->protect_identifiers($table); } // -------------------------------------------------------------------- diff --git a/system/helpers/date_helper.php b/system/helpers/date_helper.php index d5036f645..fc790c585 100644 --- a/system/helpers/date_helper.php +++ b/system/helpers/date_helper.php @@ -93,8 +93,10 @@ if ( ! function_exists('mdate')) { return ''; } - - $time = ($time === '') ? now() : $time; + elseif (empty($time)) + { + $time = now(); + } $datestr = str_replace( '%\\', @@ -122,24 +124,19 @@ if ( ! function_exists('standard_date')) function standard_date($fmt = 'DATE_RFC822', $time = '') { $formats = array( - 'DATE_ATOM' => '%Y-%m-%dT%H:%i:%s%O', - 'DATE_COOKIE' => '%l, %d-%M-%y %H:%i:%s UTC', - 'DATE_ISO8601' => '%Y-%m-%dT%H:%i:%s%O', - 'DATE_RFC822' => '%D, %d %M %y %H:%i:%s %O', - 'DATE_RFC850' => '%l, %d-%M-%y %H:%i:%s UTC', - 'DATE_RFC1036' => '%D, %d %M %y %H:%i:%s %O', - 'DATE_RFC1123' => '%D, %d %M %Y %H:%i:%s %O', - 'DATE_RFC2822' => '%D, %d %M %Y %H:%i:%s %O', - 'DATE_RSS' => '%D, %d %M %Y %H:%i:%s %O', - 'DATE_W3C' => '%Y-%m-%dT%H:%i:%s%O' - ); - - if ( ! isset($formats[$fmt])) - { - return FALSE; - } - - return mdate($formats[$fmt], $time); + 'DATE_ATOM' => '%Y-%m-%dT%H:%i:%s%O', + 'DATE_COOKIE' => '%l, %d-%M-%y %H:%i:%s UTC', + 'DATE_ISO8601' => '%Y-%m-%dT%H:%i:%s%O', + 'DATE_RFC822' => '%D, %d %M %y %H:%i:%s %O', + 'DATE_RFC850' => '%l, %d-%M-%y %H:%i:%s UTC', + 'DATE_RFC1036' => '%D, %d %M %y %H:%i:%s %O', + 'DATE_RFC1123' => '%D, %d %M %Y %H:%i:%s %O', + 'DATE_RFC2822' => '%D, %d %M %Y %H:%i:%s %O', + 'DATE_RSS' => '%D, %d %M %Y %H:%i:%s %O', + 'DATE_W3C' => '%Y-%m-%dT%H:%i:%s%O' + ); + + return isset($formats[$fmt]) ? mdate($formats[$fmt], $time) : FALSE; } } @@ -163,20 +160,9 @@ if ( ! function_exists('timespan')) $CI =& get_instance(); $CI->lang->load('date'); - if ( ! is_numeric($seconds)) - { - $seconds = 1; - } - - if ( ! is_numeric($time)) - { - $time = time(); - } - - if ( ! is_numeric($units)) - { - $units = 7; - } + is_numeric($seconds) OR $seconds = 1; + is_numeric($time) OR $time = time(); + is_numeric($units) OR $units = 7; $seconds = ($time <= $seconds) ? 1 : $time - $seconds; @@ -185,7 +171,7 @@ if ( ! function_exists('timespan')) if ($years > 0) { - $str[] = $years.' '.$CI->lang->line((($years > 1) ? 'date_years' : 'date_year')); + $str[] = $years.' '.$CI->lang->line($years > 1 ? 'date_years' : 'date_year'); } $seconds -= $years * 31557600; @@ -195,7 +181,7 @@ if ( ! function_exists('timespan')) { if ($months > 0) { - $str[] = $months.' '.$CI->lang->line((($months > 1) ? 'date_months' : 'date_month')); + $str[] = $months.' '.$CI->lang->line($months > 1 ? 'date_months' : 'date_month'); } $seconds -= $months * 2629743; @@ -207,7 +193,7 @@ if ( ! function_exists('timespan')) { if ($weeks > 0) { - $str[] = $weeks.' '.$CI->lang->line((($weeks > 1) ? 'date_weeks' : 'date_week')); + $str[] = $weeks.' '.$CI->lang->line($weeks > 1 ? 'date_weeks' : 'date_week'); } $seconds -= $weeks * 604800; @@ -219,7 +205,7 @@ if ( ! function_exists('timespan')) { if ($days > 0) { - $str[] = $days.' '.$CI->lang->line((($days > 1) ? 'date_days' : 'date_day')); + $str[] = $days.' '.$CI->lang->line($days > 1 ? 'date_days' : 'date_day'); } $seconds -= $days * 86400; @@ -231,7 +217,7 @@ if ( ! function_exists('timespan')) { if ($hours > 0) { - $str[] = $hours.' '.$CI->lang->line((($hours > 1) ? 'date_hours' : 'date_hour')); + $str[] = $hours.' '.$CI->lang->line($hours > 1 ? 'date_hours' : 'date_hour'); } $seconds -= $hours * 3600; @@ -243,7 +229,7 @@ if ( ! function_exists('timespan')) { if ($minutes > 0) { - $str[] = $minutes.' '.$CI->lang->line((($minutes > 1) ? 'date_minutes' : 'date_minute')); + $str[] = $minutes.' '.$CI->lang->line($minutes > 1 ? 'date_minutes' : 'date_minute'); } $seconds -= $minutes * 60; @@ -251,7 +237,7 @@ if ( ! function_exists('timespan')) if (count($str) === 0) { - $str[] = $seconds.' '.$CI->lang->line((($seconds > 1) ? 'date_seconds' : 'date_second')); + $str[] = $seconds.' '.$CI->lang->line($seconds > 1 ? 'date_seconds' : 'date_second'); } return implode(', ', $str); @@ -278,12 +264,16 @@ if ( ! function_exists('days_in_month')) { return 0; } - - if ( ! is_numeric($year) OR strlen($year) !== 4) + elseif ( ! is_numeric($year) OR strlen($year) !== 4) { $year = date('Y'); } + if ($year >= 1970) + { + return (int) date('t', mktime(12, 0, 0, $month, 1, $year)); + } + if ($month == 2) { if ($year % 400 === 0 OR ($year % 4 === 0 && $year % 100 !== 0)) @@ -314,13 +304,13 @@ if ( ! function_exists('local_to_gmt')) $time = time(); } - return gmmktime( - date('H', $time), - date('i', $time), - date('s', $time), - date('m', $time), - date('d', $time), - date('Y', $time) + return mktime( + gmdate('G', $time), + gmdate('i', $time), + gmdate('s', $time), + gmdate('n', $time), + gmdate('j', $time), + gmdate('Y', $time) ); } } @@ -350,12 +340,7 @@ if ( ! function_exists('gmt_to_local')) $time += timezones($timezone) * 3600; - if ($dst === TRUE) - { - $time += 3600; - } - - return $time; + return ($dst === TRUE) ? $time + 3600 : $time; } } @@ -405,7 +390,7 @@ if ( ! function_exists('unix_to_human')) */ function unix_to_human($time = '', $seconds = FALSE, $fmt = 'us') { - $r = date('Y', $time).'-'.date('m', $time).'-'.date('d', $time).' '; + $r = date('Y', $time).'-'.date('m', $time).'-'.date('d', $time).' '; if ($fmt === 'us') { @@ -423,7 +408,7 @@ if ( ! function_exists('unix_to_human')) if ($fmt === 'us') { - $r .= ' '.date('A', $time); + return $r.' '.date('A', $time); } return $r; @@ -451,51 +436,33 @@ if ( ! function_exists('human_to_unix')) $datestr = preg_replace('/\040+/', ' ', trim($datestr)); - if ( ! preg_match('/^[0-9]{2,4}\-[0-9]{1,2}\-[0-9]{1,2}\s[0-9]{1,2}:[0-9]{1,2}(?::[0-9]{1,2})?(?:\s[AP]M)?$/i', $datestr)) + if ( ! preg_match('/^(\d{2}|\d{4})\-[0-9]{1,2}\-[0-9]{1,2}\s[0-9]{1,2}:[0-9]{1,2}(?::[0-9]{1,2})?(?:\s[AP]M)?$/i', $datestr)) { return FALSE; } $split = explode(' ', $datestr); - $ex = explode('-', $split['0']); - - $year = (strlen($ex[0]) === 2) ? '20'.$ex[0] : $ex[0]; - $month = (strlen($ex[1]) === 1) ? '0'.$ex[1] : $ex[1]; - $day = (strlen($ex[2]) === 1) ? '0'.$ex[2] : $ex[2]; + list($year, $month, $day) = explode('-', $split[0]); $ex = explode(':', $split['1']); - $hour = (strlen($ex[0]) === 1) ? '0'.$ex[0] : $ex[0]; - $min = (strlen($ex[1]) === 1) ? '0'.$ex[1] : $ex[1]; - - if (isset($ex[2]) && preg_match('/[0-9]{1,2}/', $ex[2])) - { - $sec = (strlen($ex[2]) === 1) ? '0'.$ex[2] : $ex[2]; - } - else - { - // Unless specified, seconds get set to zero. - $sec = '00'; - } + $hour = (int) $ex[0]; + $min = (int) $ex[1]; + $sec = ( ! empty($ex[2]) && preg_match('/[0-9]{1,2}/', $ex[2])) + ? (int) $ex[2] : 0; if (isset($split[2])) { $ampm = strtolower($split[2]); - if (substr($ampm, 0, 1) === 'p' && $hour < 12) + if ($ampm[0] === 'p' && $hour < 12) { $hour += 12; } - - if (substr($ampm, 0, 1) === 'a' && $hour == 12) - { - $hour = '00'; - } - - if (strlen($hour) === 1) + elseif ($ampm[0] === 'a' && $hour === 12) { - $hour = '0'.$hour; + $hour = 0; } } @@ -521,9 +488,13 @@ if ( ! function_exists('nice_date')) { return 'Unknown'; } + elseif (empty($format)) + { + $format = 'U'; + } // Date like: YYYYMM - if (preg_match('/^\d{6}$/', $bad_date)) + if (preg_match('/^\d{6}$/i', $bad_date)) { if (in_array(substr($bad_date, 0, 2), array('19', '20'))) { @@ -540,20 +511,15 @@ if ( ! function_exists('nice_date')) } // Date Like: YYYYMMDD - if (preg_match('/^\d{8}$/', $bad_date)) + if (preg_match('/^(\d{2})\d{2}(\d{4})$/i', $bad_date, $matches)) { - $month = substr($bad_date, 0, 2); - $day = substr($bad_date, 2, 2); - $year = substr($bad_date, 4, 4); - - return date($format, strtotime($month.'/01/'.$year)); + return date($format, strtotime($matches[1].'/01/'.$matches[2])); } // Date Like: MM-DD-YYYY __or__ M-D-YYYY (or anything in between) - if (preg_match('/^\d{1,2}-\d{1,2}-\d{4}$/', $bad_date)) + if (preg_match('/^(\d{1,2})-(\d{1,2})-(\d{4})$/i', $bad_date, $matches)) { - list($m, $d, $y) = explode('-', $bad_date); - return date($format, strtotime($y.'-'.$m.'-'.$d)); + return date($format, strtotime($matches[3].'-'.$matches[1].'-'.$matches[2])); } // Any other kind of string, when converted into UNIX time, @@ -581,9 +547,10 @@ if ( ! function_exists('timezone_menu')) * @param string timezone * @param string classname * @param string menu name + * @param mixed attributes * @return string */ - function timezone_menu($default = 'UTC', $class = '', $name = 'timezones') + function timezone_menu($default = 'UTC', $class = '', $name = 'timezones', $attributes = '') { $CI =& get_instance(); $CI->lang->load('date'); @@ -597,7 +564,22 @@ if ( ! function_exists('timezone_menu')) $menu .= ' class="'.$class.'"'; } - $menu .= ">\n"; + // Generate a string from the attributes submitted, if any + if (is_array($attributes)) + { + $atts = ''; + foreach ($attributes as $key => $val) + { + $atts .= ' '.$key.'="'.$val.'"'; + } + $attributes = $atts; + } + elseif (is_string($attributes) && strlen($attributes) > 0) + { + $attributes = ' '.$attributes; + } + + $menu .= $attributes.">\n"; foreach (timezones() as $key => $val) { @@ -675,8 +657,6 @@ if ( ! function_exists('timezones')) return $zones; } - $tz = ($tz === 'GMT') ? 'UTC' : $tz; - return isset($zones[$tz]) ? $zones[$tz] : 0; } } diff --git a/system/helpers/download_helper.php b/system/helpers/download_helper.php index 5efbc4930..09c4de578 100644 --- a/system/helpers/download_helper.php +++ b/system/helpers/download_helper.php @@ -46,7 +46,7 @@ if ( ! function_exists('force_download')) * * @param string filename * @param mixed the data to be downloaded - * @param bool wether to try and send the actual file MIME type + * @param bool whether to try and send the actual file MIME type * @return void */ function force_download($filename = '', $data = '', $set_mime = FALSE) diff --git a/system/helpers/file_helper.php b/system/helpers/file_helper.php index be616f62d..7270ee32c 100644 --- a/system/helpers/file_helper.php +++ b/system/helpers/file_helper.php @@ -47,6 +47,7 @@ if ( ! function_exists('read_file')) * This function is DEPRECATED and should be removed in * CodeIgniter 3.1+. Use file_get_contents() instead. * + * @deprecated * @param string path to file * @return string */ diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index 984634315..0c5d55037 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -62,9 +62,11 @@ if ( ! function_exists('form_open')) { $action = $CI->config->site_url($action); } - - // If no action is provided then set to the current url - $action OR $action = $CI->config->site_url($CI->uri->uri_string()); + elseif ( ! $action) + { + // If no action is provided then set to the current url + $action = $CI->config->site_url($CI->uri->uri_string()); + } $form = '<form action="'.$action.'"'._attributes_to_string($attributes, TRUE).">\n"; @@ -76,7 +78,7 @@ if ( ! function_exists('form_open')) if (is_array($hidden) && count($hidden) > 0) { - $form .= sprintf('<div style="display:none;">%s</div>', form_hidden($hidden)); + $form .= '<div style="display:none;">'.form_hidden($hidden).'</div>'; } return $form; diff --git a/system/helpers/security_helper.php b/system/helpers/security_helper.php index 3e6e91435..0e8e9f93d 100644 --- a/system/helpers/security_helper.php +++ b/system/helpers/security_helper.php @@ -80,6 +80,7 @@ if ( ! function_exists('do_hash')) * This function is DEPRECATED and should be removed in * CodeIgniter 3.1+. Use hash() instead. * + * @deprecated * @param string * @param string * @return string @@ -107,7 +108,8 @@ if ( ! function_exists('strip_image_tags')) */ function strip_image_tags($str) { - return preg_replace(array('#<img\s+.*?src\s*=\s*["\'](.+?)["\'].*?\>#', '#<img\s+.*?src\s*=\s*(.+?).*?\>#'), '\\1', $str); + $CI =& get_instance(); + return $CI->security->strip_image_tags($str); } } @@ -123,7 +125,7 @@ if ( ! function_exists('encode_php_tags')) */ function encode_php_tags($str) { - return str_replace(array('<?php', '<?PHP', '<?', '?>'), array('<?php', '<?PHP', '<?', '?>'), $str); + return str_replace(array('<?', '?>'), array('<?', '?>'), $str); } } diff --git a/system/helpers/url_helper.php b/system/helpers/url_helper.php index 2bd41b04d..39e6343a6 100644 --- a/system/helpers/url_helper.php +++ b/system/helpers/url_helper.php @@ -199,26 +199,33 @@ if ( ! function_exists('anchor_popup')) if ($attributes === FALSE) { - return '<a href="javascript:void(0);" onclick="window.open(\''.$site_url."', '_blank');\">".$title.'</a>'; + return '<a href="'.$site_url.'" onclick="window.open(\''.$site_url."', '_blank'); return false;\">".$title.'</a>'; } if ( ! is_array($attributes)) { - $attributes = array(); + $attributes = array($attributes); + + // Ref: http://www.w3schools.com/jsref/met_win_open.asp + $window_name = '_blank'; + } + elseif ( ! empty($attributes['window_name'])) + { + $window_name = $attributes['window_name']; + unset($attributes['window_name']); } - foreach (array('width' => '800', 'height' => '600', 'scrollbars' => 'yes', 'status' => 'yes', 'resizable' => 'yes', 'screenx' => '0', 'screeny' => '0', ) as $key => $val) + foreach (array('width' => '800', 'height' => '600', 'scrollbars' => 'yes', 'status' => 'yes', 'resizable' => 'yes', 'screenx' => '0', 'screeny' => '0') as $key => $val) { $atts[$key] = isset($attributes[$key]) ? $attributes[$key] : $val; unset($attributes[$key]); } - if ($attributes !== '') - { - $attributes = _parse_attributes($attributes); - } + $attributes = empty($attributes) ? '' : _parse_attributes($attributes); - return '<a href="javascript:void(0);" onclick="window.open(\''.$site_url."', '_blank', '"._parse_attributes($atts, TRUE)."');\"".$attributes.'>'.$title.'</a>'; + return '<a href="'.$site_url + .'" onclick="window.open(\''.$site_url."', '".$window_name."', '"._parse_attributes($atts, TRUE)."'); return false;\"" + .$attributes.'>'.$title.'</a>'; } } @@ -519,7 +526,7 @@ if ( ! function_exists('redirect')) * @param int * @return string */ - function redirect($uri = '', $method = 'auto', $http_response_code = 302) + function redirect($uri = '', $method = 'auto', $code = NULL) { if ( ! preg_match('#^https?://#i', $uri)) { @@ -531,14 +538,22 @@ if ( ! function_exists('redirect')) { $method = 'refresh'; } + elseif ($method !== 'refresh' && (empty($code) OR ! is_numeric($code))) + { + // Reference: http://en.wikipedia.org/wiki/Post/Redirect/Get + $code = (isset($_SERVER['REQUEST_METHOD'], $_SERVER['SERVER_PROTOCOL']) + && $_SERVER['REQUEST_METHOD'] === 'POST' + && $_SERVER['SERVER_PROTOCOL'] === 'HTTP/1.1') + ? 303 : 302; + } - switch($method) + switch ($method) { case 'refresh': header('Refresh:0;url='.$uri); break; default: - header('Location: '.$uri, TRUE, $http_response_code); + header('Location: '.$uri, TRUE, $code); break; } exit; diff --git a/system/language/english/migration_lang.php b/system/language/english/migration_lang.php index 9e3e18807..af920660c 100644 --- a/system/language/english/migration_lang.php +++ b/system/language/english/migration_lang.php @@ -26,7 +26,7 @@ */ $lang['migration_none_found'] = "No migrations were found."; -$lang['migration_not_found'] = "This migration could not be found."; +$lang['migration_not_found'] = "No migration could be found with the version number: %d."; $lang['migration_multiple_version'] = "This are multiple migrations with the same version number: %d."; $lang['migration_class_doesnt_exist'] = "The migration class \"%s\" could not be found."; $lang['migration_missing_up_method'] = "The migration class \"%s\" is missing an 'up' method."; diff --git a/system/libraries/Cache/drivers/Cache_file.php b/system/libraries/Cache/drivers/Cache_file.php index 08231963e..37d77c268 100644 --- a/system/libraries/Cache/drivers/Cache_file.php +++ b/system/libraries/Cache/drivers/Cache_file.php @@ -73,7 +73,7 @@ class CI_Cache_file extends CI_Driver { $data = unserialize(file_get_contents($this->_cache_path.$id)); - if (time() > $data['time'] + $data['ttl']) + if ($data['ttl'] > 0 && time() > $data['time'] + $data['ttl']) { unlink($this->_cache_path.$id); return FALSE; diff --git a/system/libraries/Calendar.php b/system/libraries/Calendar.php index 969a7610a..a49f171b9 100644 --- a/system/libraries/Calendar.php +++ b/system/libraries/Calendar.php @@ -155,7 +155,7 @@ class CI_Calendar { public function generate($year = '', $month = '', $data = array()) { // Set and validate the supplied month/year - if ($year === '') + if (empty($year)) { $year = date('Y', $this->local_time); } @@ -168,7 +168,7 @@ class CI_Calendar { $year = '20'.$year; } - if ($month === '') + if (empty($month)) { $month = date('m', $this->local_time); } diff --git a/system/libraries/Email.php b/system/libraries/Email.php index 09f217530..dd5477e05 100644 --- a/system/libraries/Email.php +++ b/system/libraries/Email.php @@ -247,7 +247,7 @@ class CI_Email { $name = $replyto; } - if (strncmp($name, '"', 1) !== 0) + if (strpos($name, '"') !== 0) { $name = '"'.$name.'"'; } @@ -606,7 +606,7 @@ class CI_Email { foreach ($this->_base_charsets as $charset) { - if (strncmp($charset, $this->charset, strlen($charset)) === 0) + if (strpos($charset, $this->charset) === 0) { $this->_encoding = '7bit'; } @@ -651,7 +651,7 @@ class CI_Email { protected function _set_date() { $timezone = date('Z'); - $operator = (strncmp($timezone, '-', 1) === 0) ? '-' : '+'; + $operator = ($timezone[0] === '-') ? '-' : '+'; $timezone = abs($timezone); $timezone = floor($timezone/3600) * 100 + ($timezone % 3600) / 60; @@ -1481,7 +1481,7 @@ class CI_Email { $this->_set_error_message($reply); - if (strncmp($reply, '250', 3) !== 0) + if (strpos($reply, '250') !== 0) { $this->_set_error_message('lang:email_smtp_error', $reply); return FALSE; @@ -1637,7 +1637,7 @@ class CI_Email { $reply = $this->_get_smtp_data(); - if (strncmp($reply, '334', 3) !== 0) + if (strpos($reply, '334') !== 0) { $this->_set_error_message('lang:email_failed_smtp_login', $reply); return FALSE; @@ -1647,7 +1647,7 @@ class CI_Email { $reply = $this->_get_smtp_data(); - if (strncmp($reply, '334', 3) !== 0) + if (strpos($reply, '334') !== 0) { $this->_set_error_message('lang:email_smtp_auth_un', $reply); return FALSE; @@ -1657,7 +1657,7 @@ class CI_Email { $reply = $this->_get_smtp_data(); - if (strncmp($reply, '235', 3) !== 0) + if (strpos($reply, '235') !== 0) { $this->_set_error_message('lang:email_smtp_auth_pw', $reply); return FALSE; diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php index 6cbe032c7..8e03e91f3 100644 --- a/system/libraries/Form_validation.php +++ b/system/libraries/Form_validation.php @@ -571,8 +571,7 @@ class CI_Form_validation { { foreach ($postdata as $key => $val) { - $this->_execute($row, $rules, $val, $cycles); - $cycles++; + $this->_execute($row, $rules, $val, $key); } return; @@ -649,7 +648,12 @@ class CI_Form_validation { } else { - $postdata = $this->_field_data[$row['field']]['postdata']; + // If we get an array field, but it's not expected - then it is most likely + // somebody messing with the form on the client side, so we'll just consider + // it an empty field + $postdata = is_array($this->_field_data[$row['field']]['postdata']) + ? NULL + : $this->_field_data[$row['field']]['postdata']; } // Is the rule a callback? @@ -993,15 +997,19 @@ class CI_Form_validation { * Minimum Length * * @param string - * @param int + * @param string * @return bool */ public function min_length($str, $val) { - if (preg_match('/[^0-9]/', $val)) + if ( ! is_numeric($val)) { return FALSE; } + else + { + $val = (int) $val; + } return (MB_ENABLED === TRUE) ? ($val <= mb_strlen($str)) @@ -1014,15 +1022,19 @@ class CI_Form_validation { * Max Length * * @param string - * @param int + * @param string * @return bool */ public function max_length($str, $val) { - if (preg_match('/[^0-9]/', $val)) + if ( ! is_numeric($val)) { return FALSE; } + else + { + $val = (int) $val; + } return (MB_ENABLED === TRUE) ? ($val >= mb_strlen($str)) @@ -1035,15 +1047,19 @@ class CI_Form_validation { * Exact Length * * @param string - * @param int + * @param string * @return bool */ public function exact_length($str, $val) { - if (preg_match('/[^0-9]/', $val)) + if ( ! is_numeric($val)) { return FALSE; } + else + { + $val = (int) $val; + } return (MB_ENABLED === TRUE) ? (mb_strlen($str) === $val) @@ -1113,7 +1129,7 @@ class CI_Form_validation { */ public function alpha($str) { - return (bool) preg_match('/^[a-z]+$/i', $str); + return ctype_alpha($str); } // -------------------------------------------------------------------- @@ -1126,7 +1142,7 @@ class CI_Form_validation { */ public function alpha_numeric($str) { - return (bool) preg_match('/^[a-z0-9]+$/i', $str); + return ctype_alnum((string) $str); } // -------------------------------------------------------------------- @@ -1248,7 +1264,7 @@ class CI_Form_validation { */ public function is_natural($str) { - return (bool) preg_match('/^[0-9]+$/', $str); + return ctype_digit((string) $str); } // -------------------------------------------------------------------- @@ -1261,7 +1277,7 @@ class CI_Form_validation { */ public function is_natural_no_zero($str) { - return ($str !== 0 && preg_match('/^[0-9]+$/', $str)); + return ($str != 0 && ctype_digit((string) $str)); } // -------------------------------------------------------------------- @@ -1344,7 +1360,7 @@ class CI_Form_validation { */ public function strip_image_tags($str) { - return $this->CI->input->strip_image_tags($str); + return $this->CI->security->strip_image_tags($str); } // -------------------------------------------------------------------- @@ -1370,7 +1386,7 @@ class CI_Form_validation { */ public function encode_php_tags($str) { - return str_replace(array('<?php', '<?PHP', '<?', '?>'), array('<?php', '<?PHP', '<?', '?>'), $str); + return str_replace(array('<?', '?>'), array('<?', '?>'), $str); } // -------------------------------------------------------------------- diff --git a/system/libraries/Ftp.php b/system/libraries/Ftp.php index 461e884fb..76f5e151a 100644 --- a/system/libraries/Ftp.php +++ b/system/libraries/Ftp.php @@ -445,7 +445,7 @@ class CI_FTP { * Set file permissions * * @param string the file path - * @param string the permissions + * @param int the permissions * @return bool */ public function chmod($path, $perm) diff --git a/system/libraries/Javascript.php b/system/libraries/Javascript.php index 98fec61d3..5c8b09217 100644 --- a/system/libraries/Javascript.php +++ b/system/libraries/Javascript.php @@ -620,7 +620,7 @@ class CI_Javascript { $this->_javascript_location = $this->CI->config->item('javascript_location'); } - if ($relative === TRUE OR strncmp($external_file, 'http://', 7) === 0 OR strncmp($external_file, 'https://', 8) === 0) + if ($relative === TRUE OR strpos($external_file, 'http://') === 0 OR strpos($external_file, 'https://') === 0) { $str = $this->_open_script($external_file); } diff --git a/system/libraries/Migration.php b/system/libraries/Migration.php index 4391b235d..3a1e7a0ad 100644 --- a/system/libraries/Migration.php +++ b/system/libraries/Migration.php @@ -179,7 +179,7 @@ class CI_Migration { // We now prepare to actually DO the migrations // But first let's make sure that everything is the way it should be - for ($i = $start; $i !== $stop; $i += $step) + for ($i = $start; $i != $stop; $i += $step) { $f = glob(sprintf($this->_migration_path.'%03d_*.php', $i)); diff --git a/system/libraries/Pagination.php b/system/libraries/Pagination.php index cdec736ff..75745dd48 100644 --- a/system/libraries/Pagination.php +++ b/system/libraries/Pagination.php @@ -36,39 +36,40 @@ */ class CI_Pagination { - public $base_url = ''; // The page we are linking to - public $prefix = ''; // A custom prefix added to the path. - public $suffix = ''; // A custom suffix added to the path. - public $total_rows = 0; // Total number of items (database results) - public $per_page = 10; // Max number of items you want shown per page - public $num_links = 2; // Number of "digit" links to show before/after the currently viewed page - public $cur_page = 0; // The current page being viewed - public $use_page_numbers = FALSE; // Use page number for segment instead of offset - public $first_link = '‹ First'; - public $next_link = '>'; - public $prev_link = '<'; - public $last_link = 'Last ›'; - public $uri_segment = 3; - public $full_tag_open = ''; - public $full_tag_close = ''; - public $first_tag_open = ''; - public $first_tag_close = ' '; - public $last_tag_open = ' '; - public $last_tag_close = ''; - public $first_url = ''; // Alternative URL for the First Page. - public $cur_tag_open = ' <strong>'; - public $cur_tag_close = '</strong>'; - public $next_tag_open = ' '; - public $next_tag_close = ' '; - public $prev_tag_open = ' '; - public $prev_tag_close = ''; - public $num_tag_open = ' '; - public $num_tag_close = ''; - public $page_query_string = FALSE; - public $query_string_segment = 'per_page'; - public $display_pages = TRUE; - public $anchor_class = ''; - public $attr_rel = TRUE; + protected $base_url = ''; // The page we are linking to + protected $prefix = ''; // A custom prefix added to the path. + protected $suffix = ''; // A custom suffix added to the path. + protected $total_rows = 0; // Total number of items (database results) + protected $per_page = 10; // Max number of items you want shown per page + protected $num_links = 2; // Number of "digit" links to show before/after the currently viewed page + protected $cur_page = 0; // The current page being viewed + protected $use_page_numbers = FALSE; // Use page number for segment instead of offset + protected $first_link = '‹ First'; + protected $next_link = '>'; + protected $prev_link = '<'; + protected $last_link = 'Last ›'; + protected $uri_segment = 3; + protected $full_tag_open = ''; + protected $full_tag_close = ''; + protected $first_tag_open = ''; + protected $first_tag_close = ' '; + protected $last_tag_open = ' '; + protected $last_tag_close = ''; + protected $first_url = ''; // Alternative URL for the First Page. + protected $cur_tag_open = ' <strong>'; + protected $cur_tag_close = '</strong>'; + protected $next_tag_open = ' '; + protected $next_tag_close = ' '; + protected $prev_tag_open = ' '; + protected $prev_tag_close = ''; + protected $num_tag_open = ' '; + protected $num_tag_close = ''; + protected $page_query_string = FALSE; + protected $query_string_segment = 'per_page'; + protected $display_pages = TRUE; + protected $_attributes = ''; + protected $_link_types = array(); + protected $reuse_query_string = FALSE; /** * Constructor @@ -92,15 +93,29 @@ class CI_Pagination { */ public function initialize($params = array()) { + $attributes = array(); + + if (isset($params['attributes']) && is_array($params['attributes'])) + { + $attributes = $params['attributes']; + unset($params['attributes']); + } + + // Deprecated legacy support for the anchor_class option + // Should be removed in CI 3.1+ + if (isset($params['anchor_class'])) + { + empty($params['anchor_class']) OR $attributes['class'] = $params['anchor_class']; + unset($params['anchor_class']); + } + + $this->_parse_attributes($attributes); + if (count($params) > 0) { foreach ($params as $key => $val) { - if ($key === 'anchor_class') - { - $this->anchor_class = ($val) ? 'class="'.$val.'" ' : ''; - } - elseif (isset($this->$key)) + if (isset($this->$key)) { $this->$key = $val; } @@ -208,29 +223,46 @@ class CI_Pagination { // And here we go... $output = ''; + $query_string = ''; + + // Add anything in the query string back to the links + // Note: Nothing to do with query_string_segment or any other query string options + if ($this->reuse_query_string === TRUE) + { + $get = $CI->input->get(); + + // Unset the controll, method, old-school routing options + unset($get['c'], $get['m'], $get[$this->query_string_segment]); + + // Put everything else onto the end + $query_string = (strpos($this->base_url, '&') !== FALSE ? '&' : '?') . http_build_query($get, '', '&'); + + // Add this after the suffix to put it into more links easily + $this->suffix .= $query_string; + } // Render the "First" link if ($this->first_link !== FALSE && $this->cur_page > ($this->num_links + 1)) { $first_url = ($this->first_url === '') ? $this->base_url : $this->first_url; - $output .= $this->first_tag_open.'<a '.$this->anchor_class.'href="'.$first_url.'"'.$this->_attr_rel('start').'>' + $output .= $this->first_tag_open.'<a href="'.$first_url.'"'.$this->_attributes.$this->_attr_rel('start').'>' .$this->first_link.'</a>'.$this->first_tag_close; } // Render the "previous" link - if ($this->prev_link !== FALSE && $this->cur_page !== 1) + if ($this->prev_link !== FALSE && $this->cur_page !== 1) { $i = ($this->use_page_numbers) ? $uri_page_number - 1 : $uri_page_number - $this->per_page; if ($i === $base_page && $this->first_url !== '') { - $output .= $this->prev_tag_open.'<a '.$this->anchor_class.'href="'.$this->first_url.'"'.$this->_attr_rel('prev').'>' + $output .= $this->prev_tag_open.'<a href="'.$this->first_url.$query_string.'"'.$this->_attributes.$this->_attr_rel('prev').'>' .$this->prev_link.'</a>'.$this->prev_tag_close; } else { - $i = ($i === $base_page) ? '' : $this->prefix.$i.$this->suffix; - $output .= $this->prev_tag_open.'<a '.$this->anchor_class.'href="'.$this->base_url.$i.'"'.$this->_attr_rel('prev').'>' + $append = ($i === $base_page) ? $query_string : $this->prefix.$i.$this->suffix; + $output .= $this->prev_tag_open.'<a href="'.$this->base_url.$append.'"'.$this->_attributes.$this->_attr_rel('prev').'>' .$this->prev_link.'</a>'.$this->prev_tag_close; } @@ -243,7 +275,6 @@ class CI_Pagination { for ($loop = $start -1; $loop <= $end; $loop++) { $i = ($this->use_page_numbers) ? $loop : ($loop * $this->per_page) - $this->per_page; - if ($i >= $base_page) { if ($this->cur_page === $loop) @@ -253,17 +284,15 @@ class CI_Pagination { else { $n = ($i === $base_page) ? '' : $i; - - if ($n === '' && $this->first_url !== '') + if ($n === '' && ! empty($this->first_url)) { - $output .= $this->num_tag_open.'<a '.$this->anchor_class.'href="'.$this->first_url.'"'.$this->_attr_rel('start').'>' + $output .= $this->num_tag_open.'<a href="'.$this->first_url.$query_string.'"'.$this->_attributes.$this->_attr_rel('start').'>' .$loop.'</a>'.$this->num_tag_close; } else { - $n = ($n === '') ? '' : $this->prefix.$n.$this->suffix; - - $output .= $this->num_tag_open.'<a '.$this->anchor_class.'href="'.$this->base_url.$n.'"'.$this->_attr_rel().'>' + $append = ($n === '') ? $query_string : $this->prefix.$n.$this->suffix; + $output .= $this->num_tag_open.'<a href="'.$this->base_url.$append.'"'.$this->_attributes.$this->_attr_rel('start').'>' .$loop.'</a>'.$this->num_tag_close; } } @@ -276,8 +305,8 @@ class CI_Pagination { { $i = ($this->use_page_numbers) ? $this->cur_page + 1 : $this->cur_page * $this->per_page; - $output .= $this->next_tag_open.'<a '.$this->anchor_class.'href="'.$this->base_url.$this->prefix.$i.$this->suffix.'"'.$this->_attr_rel('next').'>' - .$this->next_link.'</a>'.$this->next_tag_close; + $output .= $this->next_tag_open.'<a href="'.$this->base_url.$this->prefix.$i.$this->suffix.'"'.$this->_attributes + .$this->_attr_rel('next').'>'.$this->next_link.'</a>'.$this->next_tag_close; } // Render the "Last" link @@ -285,7 +314,7 @@ class CI_Pagination { { $i = ($this->use_page_numbers) ? $num_pages : ($num_pages * $this->per_page) - $this->per_page; - $output .= $this->last_tag_open.'<a '.$this->anchor_class.'href="'.$this->base_url.$this->prefix.$i.$this->suffix.'"'.$this->_attr_rel().'>' + $output .= $this->last_tag_open.'<a href="'.$this->base_url.$this->prefix.$i.$this->suffix.'"'.$this->_attributes.'>' .$this->last_link.'</a>'.$this->last_tag_close; } @@ -300,23 +329,44 @@ class CI_Pagination { // -------------------------------------------------------------------- /** + * Parse attributes + * + * @param array + * @return void + */ + protected function _parse_attributes($attributes) + { + isset($attributes['rel']) OR $attributes['rel'] = TRUE; + $this->_link_types = ($attributes['rel']) + ? array('start' => 'start', 'prev' => 'prev', 'next' => 'next') + : array(); + unset($attributes['rel']); + + $this->_attributes = ''; + foreach ($attributes as $key => $value) + { + $this->_attributes .= ' '.$key.'="'.$value.'"'; + } + } + + // -------------------------------------------------------------------- + + /** * Add "rel" attribute * + * @link http://www.w3.org/TR/html5/links.html#linkTypes * @param string * @return string */ - protected function _attr_rel($value = '') + protected function _attr_rel($type) { - if (empty($this->attr_rel) OR ($this->attr_rel === TRUE && empty($value))) - { - return ''; - } - elseif ( ! is_bool($this->attr_rel)) + if (isset($this->_link_types[$type])) { - $value = $this->attr_rel; + unset($this->_link_types[$type]); + return ' rel="'.$type.'"'; } - return ' rel="'.$value.'"'; + return ''; } } diff --git a/system/libraries/Profiler.php b/system/libraries/Profiler.php index d96088c14..1e961f6df 100644 --- a/system/libraries/Profiler.php +++ b/system/libraries/Profiler.php @@ -116,6 +116,12 @@ class CI_Profiler { */ public function set_sections($config) { + if (isset($config['query_toggle_count'])) + { + $this->_query_toggle_count = (int) $config['query_toggle_count']; + unset($config['query_toggle_count']); + } + foreach ($config as $method => $enable) { if (in_array($method, $this->_available_sections)) diff --git a/system/libraries/Upload.php b/system/libraries/Upload.php index c96daaf15..d381440cd 100644 --- a/system/libraries/Upload.php +++ b/system/libraries/Upload.php @@ -59,6 +59,7 @@ class CI_Upload { public $error_msg = array(); public $mimes = array(); public $remove_spaces = TRUE; + public $detect_mime = TRUE; public $xss_clean = FALSE; public $temp_prefix = 'temp_file_'; public $client_name = ''; @@ -116,6 +117,7 @@ class CI_Upload { 'image_size_str' => '', 'error_msg' => array(), 'remove_spaces' => TRUE, + 'detect_mime' => TRUE, 'xss_clean' => FALSE, 'temp_prefix' => 'temp_file_', 'client_name' => '' @@ -209,7 +211,13 @@ class CI_Upload { // Set the uploaded data as class variables $this->file_temp = $_FILES[$field]['tmp_name']; $this->file_size = $_FILES[$field]['size']; - $this->_file_mime_type($_FILES[$field]); + + // Skip MIME type detection? + if ($this->detect_mime !== FALSE) + { + $this->_file_mime_type($_FILES[$field]); + } + $this->file_type = preg_replace('/^(.+?);.*$/', '\\1', $this->file_type); $this->file_type = strtolower(trim(stripslashes($this->file_type), '"')); $this->file_name = $this->_prep_filename($_FILES[$field]['name']); @@ -990,7 +998,7 @@ class CI_Upload { */ if (function_exists('finfo_file')) { - $finfo = finfo_open(FILEINFO_MIME); + $finfo = @finfo_open(FILEINFO_MIME); if (is_resource($finfo)) // It is possible that a FALSE value is returned, if there is no magic MIME database file found on the system { $mime = @finfo_file($finfo, $file['tmp_name']); @@ -1021,7 +1029,9 @@ class CI_Upload { */ if (DIRECTORY_SEPARATOR !== '\\') { - $cmd = 'file --brief --mime '.escapeshellarg($file['tmp_name']).' 2>&1'; + $cmd = function_exists('escapeshellarg') + ? 'file --brief --mime '.escapeshellarg($file['tmp_name']).' 2>&1' + : 'file --brief --mime '.$file['tmp_name'].' 2>&1'; if (function_exists('exec')) { diff --git a/system/libraries/Xmlrpc.php b/system/libraries/Xmlrpc.php index 6f3542333..eac4ac118 100644 --- a/system/libraries/Xmlrpc.php +++ b/system/libraries/Xmlrpc.php @@ -778,7 +778,7 @@ class XML_RPC_Message extends CI_Xmlrpc } // Check for HTTP 200 Response - if (strncmp($data, 'HTTP', 4) === 0 && ! preg_match('/^HTTP\/[0-9\.]+ 200 /', $data)) + if (strpos($data, 'HTTP') === 0 && ! preg_match('/^HTTP\/[0-9\.]+ 200 /', $data)) { $errstr = substr($data, 0, strpos($data, "\n")-1); return new XML_RPC_Response(0, $this->xmlrpcerr['http_error'], $this->xmlrpcstr['http_error'].' ('.$errstr.')'); diff --git a/system/libraries/Xmlrpcs.php b/system/libraries/Xmlrpcs.php index be930b0f9..e81f2ca9a 100644 --- a/system/libraries/Xmlrpcs.php +++ b/system/libraries/Xmlrpcs.php @@ -303,7 +303,7 @@ class CI_Xmlrpcs extends CI_Xmlrpc $methName = $m->method_name; // Check to see if it is a system call - $system_call = (strncmp($methName, 'system', 5) === 0); + $system_call = (strpos($methName, 'system') === 0); if ($this->xss_clean === FALSE) { diff --git a/system/libraries/Zip.php b/system/libraries/Zip.php index e0dc637ad..5c4c257f8 100644 --- a/system/libraries/Zip.php +++ b/system/libraries/Zip.php @@ -40,7 +40,7 @@ * @author EllisLab Dev Team * @link http://codeigniter.com/user_guide/libraries/zip.html */ -class CI_Zip { +class CI_Zip { /** * Zip data in string form diff --git a/tests/codeigniter/database/query_builder/get_test.php b/tests/codeigniter/database/query_builder/get_test.php index 699d2906a..156027537 100644 --- a/tests/codeigniter/database/query_builder/get_test.php +++ b/tests/codeigniter/database/query_builder/get_test.php @@ -41,7 +41,7 @@ class Get_test extends CI_TestCase { */ public function test_get_where() { - $job1 = $this->db->get('job', array('id' => 1))->result_array(); + $job1 = $this->db->get_where('job', array('id' => 1))->result_array(); // Dummy jobs contain 1 rows $this->assertCount(1, $job1); diff --git a/tests/codeigniter/helpers/date_helper_test.php b/tests/codeigniter/helpers/date_helper_test.php index 1d397ac81..4e01b1aa3 100644 --- a/tests/codeigniter/helpers/date_helper_test.php +++ b/tests/codeigniter/helpers/date_helper_test.php @@ -48,11 +48,9 @@ class Date_helper_test extends CI_TestCase { */ - $this->ci_set_config('time_reference', 'UTC'); - $this->assertEquals( - gmmktime(date('G'), date('i'), date('s'), date('n'), date('j'), date('Y')), - now() + mktime(gmdate('G'), gmdate('i'), gmdate('s'), gmdate('n'), gmdate('j'), gmdate('Y')), + now('UTC') ); } @@ -196,9 +194,9 @@ class Date_helper_test extends CI_TestCase { public function test_local_to_gmt() { $this->assertEquals( - gmmktime( - date('G', $this->time), date('i', $this->time), date('s', $this->time), - date('n', $this->time), date('j', $this->time), date('Y', $this->time) + mktime( + gmdate('G', $this->time), gmdate('i', $this->time), gmdate('s', $this->time), + gmdate('n', $this->time), gmdate('j', $this->time), gmdate('Y', $this->time) ), local_to_gmt($this->time) ); diff --git a/tests/mocks/autoloader.php b/tests/mocks/autoloader.php index e3ff7a8bd..be1c2220c 100644 --- a/tests/mocks/autoloader.php +++ b/tests/mocks/autoloader.php @@ -69,16 +69,21 @@ function autoload($class) } } - $file = isset($file) ? $file : $dir.$class.'.php'; + $file = (isset($file)) ? $file : $dir.$class.'.php'; if ( ! file_exists($file)) { $trace = debug_backtrace(); - // If the autoload call came from `class_exists` or `file_exists`, - // we skipped and return FALSE if ($trace[2]['function'] === 'class_exists' OR $trace[2]['function'] === 'file_exists') { + // If the autoload call came from `class_exists` or `file_exists`, + // we skipped and return FALSE + return FALSE; + } + elseif (($autoloader = spl_autoload_functions()) && end($autoloader) !== __FUNCTION__) + { + // If there was other custom autoloader, passed away return FALSE; } diff --git a/user_guide_src/source/_themes/eldocs/layout.html b/user_guide_src/source/_themes/eldocs/layout.html index 4b1a0221c..01db07cac 100644 --- a/user_guide_src/source/_themes/eldocs/layout.html +++ b/user_guide_src/source/_themes/eldocs/layout.html @@ -9,6 +9,9 @@ {%- if project == 'ExpressionEngine' %}{% set project_abbreviation = 'ee' %}{% set project_domain = 'expressionengine.com' %}{% endif -%} {%- if project == 'CodeIgniter' %}{% set project_abbreviation = 'ci' %}{% set project_domain = 'codeigniter.com' %}{% endif -%} {%- if project == 'MojoMotor' %}{% set project_abbreviation = 'mm' %}{% set project_domain = 'mojomotor.com' %}{% endif -%} +{%- set exclude_comments = ['index', 'license', 'changelog', + 'development/index', 'development/extension_hooks/index', + 'development/guidelines/template'] %} <html> <head> @@ -85,10 +88,6 @@ <div id="brand" class="{{ project_abbreviation }}"> <a href="http://{{ project_domain }}/"><img src="{{ pathto('_static/asset/img/' + project_abbreviation + '-logo.gif', 1) }}" alt="{{ project }}"></a> <p>{{ release }} User Guide</p> - {%- if show_source and has_source and sourcename %} - <p><a href="{{ pathto('_sources/' + sourcename, true)|e }}" - rel="nofollow">{{ _('Show Source') }}</a></p> - {%- endif %} </div><!-- /#brand --> <div id="header"> @@ -101,15 +100,16 @@ </form> <ul> {%- block rootrellink %} - <li><a href="{{ pathto(master_doc) }}">Home</a> {{ reldelim1 }}</li> - <li><a id="toc-link" href="{{ pathto(master_doc) }}">Table of Contents</a> {{ reldelim1 }}</li> + <li><a href="{{ pathto(master_doc) }}">User Guide Home</a>{%- if pagename != 'index' %} {{ reldelim1 }}{%- endif %}</li> {%- endblock %} {%- for parent in parents %} <li><a href="{{ parent.link|e }}" {% if loop.last %}{{ accesskey("U") }}{% endif %}>{{ parent.title }}</a> {{ reldelim1 }}</li> {%- endfor %} + {%- if pagename != 'index' %} <li><strong>{{ title }}</strong></li> + {%- endif %} </ul> </div><!-- /#header --> @@ -124,49 +124,9 @@ {%- block footer %} <div id="footer"> - <p class="top"> - {% if prev %} - <span class="prev">Previous Topic: <a href="{{ prev.link }}">{{ prev.title }}</a></span> - {% endif %} - {% if next %} - <span class="next">Next Topic: <a href="{{ next.link }}">{{ next.title }}</a></span> - {% endif %} - <a href="#header" title="Return to top">Return to top</a> - </p> - <p><a href="{{ project_url }}">{{ project }}</a> – Copyright © {{ copyright }}</a> – Last updated: {{ last_updated }}</p> + <p class="top"><a href="#header" title="Return to top">Return to top</a></p> + <p><a href="{{ project_url }}">{{ project }}</a> – Copyright © {{ copyright }}</a></p> </div><!-- /#footer --> {%- endblock %} - - <script src="{{ pathto('_static/asset/js/jquery-ui-min.js', 1) }}" type="text/javascript" charset="utf-8" async></script> - <script type="text/javascript" charset="utf-8"> - $('#toc-link').click(function(){ - $('#table-contents').animate({ left: '0' },1000); - return false; - }); - $('html').click(function(){ - if ($('#table-contents').css("left") == '0px'){ - $('#table-contents').animate({ left: '-520' },1000); - } - }); - $('#table-contents').click(function(event){ - event.stopPropagation(); - }); -/* $('*:not(#table-contents,#toc-link)').click(function(){ - if ($('#table-contents').css("left") == '0px'){ - $('#table-contents').animate({ left: '-520' },1000); - } - }); -/* $("#toc-link").click(function () { - $('#table-contents').show("slide", { direction: "left" }, 100); - event.stopPropagation(); - return false; - }); - $('*:not(#table-contents,#toc-link)').click(function () { - if ($('#table-contents').is(":visible")) { - $('#table-contents').hide("slide", { direction: "left" }, 100); - event.stopPropagation(); - } - }); */ - </script> </body> -</html>
\ No newline at end of file +</html> diff --git a/user_guide_src/source/_themes/eldocs/static/asset/css/common.css b/user_guide_src/source/_themes/eldocs/static/asset/css/common.css index 66768bac6..6cabda037 100644 --- a/user_guide_src/source/_themes/eldocs/static/asset/css/common.css +++ b/user_guide_src/source/_themes/eldocs/static/asset/css/common.css @@ -49,7 +49,9 @@ h1, h2, h3, h4, h5, h6, pre{ color: #094776; } h1{ font-size: 28px; } -h2{ font-size: 24px; } +h2{ font-size: 24px; font-weight: normal; } + +h1, h2, h3, h4, h5, h6{ margin-bottom: 20px; } h2, h3{ border-bottom: 2px solid #EEEEEE; padding: 0 0 3px; } @@ -73,6 +75,10 @@ p, dl, ul, ol{ margin: 20px 0; } li > ol{ margin: 0; margin-left: 40px; } dl > dd{ margin-left: 20px; } + + li > p { margin: 0; } + +#expressionengine-user-guide li em { font-style: normal; } p, li, dd, dt, pre{ line-height: 1.5; } @@ -141,39 +147,31 @@ img{ display: block; max-width: 100%; } fieldset{ border: 0; } .top{ float: right; } -.next{ padding: 0 20px 0 10px; } -.prev{ padding-right: 10px; } -.highlight-ci, +.admonition, .highlight-ee, +.highlight-ci, .highlight-rst, .highlight-bash, .highlight-perl, +.highlight-php, .cp-path, -.important, -.note{ - background-color: #F5FBFF; +.codeblock{ + background-color: #F9FEFF; border: 1px solid #C8DEF0; - margin: 20px 0 20px 20px; + -moz-box-shadow: 4px 4px 0 rgba(0,0,0,0.03); + -webkit-box-shadow: 4px 4px 0 rgba(0,0,0,0.03); + box-shadow: 4px 4px 0 rgba(0,0,0,0.03); + margin: 20px 0; padding: 10px 10px 8px; } - .highlight-ci, - .highlight-ee, - .highlight-rst, - .highlight-bash, - .highlight-perl{ - -moz-box-shadow: 4px 4px 0 rgba(0,0,0,0.03); - -webkit-box-shadow: 4px 4px 0 rgba(0,0,0,0.03); - box-shadow: 4px 4px 0 rgba(0,0,0,0.03); - } - - .cp-path{ background-color: #FFFDED; border-color: #D1CDB0; } - .important, .note{ background-color: #F2FFE8; border-color: #B9D3A6; } - .highlight-rst{ background-color: #F9FEFE; border-color: #AACFCF; } + .admonition p{ margin: 0; } + + .codeblock{ margin: 10px 0; } - .important p, - .note p{ margin: 0; } + .cp-path{ background-color: #FAFFF6; border-color: #D1CDB0; } + .important, .note{ background-color: #FFFFF2; border-color: #C8C8A5; } .admonition-title{ float: left; @@ -295,6 +293,43 @@ fieldset{ border: 0; } #footer p{ margin: 0; } +#comments, +#feedLink{ background: #FCFCFC; padding: 1px 40px 20px; } + + #comments{ border-top: 1px solid #CCCCCC; } + #comments h3{ margin: 20px 0; } + +.comments td.avatar{ min-width: 100px; } + +.comments td.column1, +.comments td.post{ background-color: #FFFFFF; padding: 10px; } + +.comments td.staffeven{ border-left: 10px solid #C8DEF0; } + +#comment_form p, +.comments p{ margin: 0; } + + .comments p{ margin-bottom: 10px; } + +#comment_form textarea{ + -moz-box-sizing: border-box; + -webkit-box-sizing: border-box; + box-sizing: border-box; + margin-bottom: 10px; + resize: none; + width: 100%; +} + +#comment_form input[type="submit"]{ margin-top: 10px; } + + #comment_form textarea:focus{ background-color: #FFFFF2; border: 1px solid #666666; outline: 0; } + + #commentFormInstructions{ font-size: 12px; margin: 20px 0; } + + #feedLink a{ font-size: 16px; } + + #feedLink a img{ float: left; margin-right: 5px; } + @media (max-width:800px){ #footer .top, #header form{ float: none; margin-bottom: 10px; } @@ -310,4 +345,4 @@ fieldset{ border: 0; } @media screen and (-webkit-min-device-pixel-ratio:0){ #header input[type="submit"]{ padding-bottom: 7px; } -}
\ No newline at end of file +} diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index 7748f9b37..c0fa9d7f7 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -30,9 +30,12 @@ Release Date: Not Released - Added support for 3gp, 3g2, mp4, wmv, f4v, vlc Video files to mimes.php. - Added support for m4a, aac, m4u, xspf, au, ac3, flac, ogg Audio files to mimes.php. - Added support for kmz and kml (Google Earth) files to mimes.php. - - Added support for ics Calendar files to mimes.php + - Added support for ics Calendar files to mimes.php. + - Added support for rar archives to mimes.php. - Updated support for xml ('application/xml') and xsl ('application/xml', 'text/xsl') files in mimes.php. - Updated support for doc files in mimes.php. + - Updated support for php files in mimes.php. + - Updated support for zip files in mimes.php. - Added some more doctypes. - Added Romanian and Greek characters in foreign_characters.php. - Changed logger to only chmod when file is first created. @@ -50,7 +53,11 @@ Release Date: Not Released - :doc:`Date Helper <helpers/date_helper>` function now() now works with all timezone strings supported by PHP. - ``create_captcha()`` accepts additional colors parameter, allowing for color customization. - - ``url_title()`` will now trim extra dashes from beginning and end. + - :doc:`URL Helper <helpers/url_helper>` changes include: + - ``url_title()`` will now trim extra dashes from beginning and end. + - ``anchor_popup()`` will now fill the "href" attribute with the URL and its JS code will return false instead. + - Added JS window name support to ``anchor_popup()`` function. + - Added support (auto-detection) for HTTP/1.1 response code 303 in ``redirect()``. - Added XHTML Basic 1.1 doctype to :doc:`HTML Helper <helpers/html_helper>`. - Changed ``humanize()`` to include a second param for the separator. - Refactored ``plural()`` and ``singular()`` to avoid double pluralization and support more words. @@ -64,6 +71,8 @@ Release Date: Not Released - ``set_realpath()`` can now also handle file paths as opposed to just directories. - Added an optional paramater to ``delete_files()`` to enable it to skip deleting files such as .htaccess and index.html. - ``read_file()`` is now a deprecated alias of ``file_get_contents()``. + - Added an optional parameter to :doc:`Date Helper <helpers/date_helper>` function ``timezone_menu()`` that allows more attributes to be added to the generated select tag. + - :doc:`Security Helper <helpers/security_helper>` function ``strip_image_tags()`` is now an alias for the same method in the :doc:`Security Library <libraries/security>`. - Database @@ -71,9 +80,11 @@ Release Date: Not Released - Renamed the Active Record class to Query Builder to remove confusion with the Active Record design pattern. - Added the ability to insert objects with insert_batch(). - Added new methods that return the SQL string of queries without executing them: get_compiled_select(), get_compiled_insert(), get_compiled_update(), get_compiled_delete(). - - Added an optional order_by() parameter that allows to disable escaping (useful for custom fields). - - Added an optional join() parameter that allows to disable escaping. + - Added an optional parameter that allows to disable escaping (useful for custom fields) for methods join(), order_by(), where_in(), or_where_in(), where_not_in(), or_where_not_in(). - Added support for join() with multiple conditions. + - Added support for USING in join(). + - Changed limit() to ignore NULL values instead of always casting to integer. + - Changed offset() to ignore empty values instead of always casting to integer. - Improved support for the MySQLi driver, including: - OOP style of the PHP extension is now used, instead of the procedural aliases. - Server version checking is now done via ``mysqli::$server_info`` instead of running an SQL query. @@ -140,6 +151,7 @@ Release Date: Not Released - If property maintain_ratio is set to TRUE, image_reproportion() now doesn't need both width and height to be specified. - Removed SHA1 function in the :doc:`Encryption Library <libraries/encryption>`. - Added $config['csrf_regeneration'] to the CSRF protection in the :doc:`Security library <libraries/security>`, which makes token regeneration optional. + - Added $config['csrf_exclude_uris'] to the CSRF protection in the :doc:`Security library <libraries/security>`, which allows you list URIs which will not have the CSRF validation functions run. - :doc:`Form Validation library <libraries/form_validation>` changes include: - Added method error_array() to return all error messages as an array. - Added method set_data() to set an alternative data array to be validated instead of the default $_POST. @@ -157,16 +169,20 @@ Release Date: Not Released - Added dsn (delivery status notification) option to the :doc:`Email Library <libraries/email>`. - Renamed method _set_header() to set_header() and made it public to enable adding custom headers in the :doc:`Email Library <libraries/email>`. - Added an "index" parameter to the data() method in the :doc:`Upload Library <libraries/file_uploading>`. - - Added support for the anchor "rel" attribute in the :doc:`Pagination Library <libraries/pagination>`. + - :doc:`Pagination Library <libraries/pagination>` changes include: + - Added support for the anchor "rel" attribute. + - Added support for setting custom attributes. + - Deprecated usage of the "anchor_class" setting (use the new "attributes" setting instead). + - Added $config['reuse_query_string'] to allow automatic repopulation of query string arguments, combined with normal URI segments. - Core - - Changed private functions in CI_URI to protected so MY_URI can override them. + - Changed private methods in the :doc:`URI Library <libraries/uri>` to protected so MY_URI can override them. - Removed CI_CORE boolean constant from CodeIgniter.php (no longer Reactor and Core versions). - - Added method get_vars() to CI_Loader to retrieve all variables loaded with $this->load->vars(). + - Added method get_vars() to the :doc:`Loader Library <libraries/loader>` to retrieve all variables loaded with $this->load->vars(). - is_loaded() function from system/core/Commons.php now returns a reference. - $config['rewrite_short_tags'] now has no effect when using PHP 5.4 as *<?=* will always be available. - - Added method() to CI_Input to retrieve $_SERVER['REQUEST_METHOD']. + - Added method() to the :doc:`Input Library <libraries/input>` to retrieve $_SERVER['REQUEST_METHOD']. - Modified valid_ip() to use PHP's filter_var() in the :doc:`Input Library <libraries/input>`. - Added support for HTTP-Only cookies with new config option ``cookie_httponly`` (default FALSE). - Renamed method _call_hook() to call_hook() in the :doc:`Hooks Library <general/hooks>`. @@ -174,6 +190,9 @@ Release Date: Not Released - Added get_mimes() function to system/core/Commons.php to return the config/mimes.php array. - Added a second argument to set_content_type() in the :doc:`Output Library <libraries/output>` that allows setting the document charset as well. - $config['time_reference'] now supports all timezone strings supported by PHP. + - Added support for HTTP code 303 ("See Other") in set_status_header(). + - Changed :doc:`Config Library <libraries/config>` method site_url() to accept an array as well. + - Added method ``strip_image_tags()`` to the :doc:`Security Library <libraries/security>`. Bug fixes for 3.0 ------------------ @@ -270,6 +289,15 @@ Bug fixes for 3.0 - Fixed a bug in protect_identifiers() where if passed along with the field names, operators got escaped as well. - Fixed a bug (#10) - :doc:`URI Library <libraries/uri>` internal method _detect_uri() failed with paths containing a colon. - Fixed a bug (#1387) - :doc:`Query Builder <database/query_builder>`'s from() method didn't escape table aliases. +- Fixed a bug (#520) - :doc:`Date Helper <helpers/date_helper>` function nice_date() failed when the optional second parameter is not passed. +- Fixed a bug (#167) - ``$config['permitted_uri_chars']`` didn't affect URL-encoded characters. +- Fixed a bug (#318) - :doc:`Profiling <general/profiling>` setting *query_toggle_count* was not settable as described in the manual. +- Fixed a bug (#938) - :doc:`Config Library <libraries/config>` method site_url() added a question mark to the URL string when query strings are enabled even if it already existed. +- Fixed a bug (#999) - :doc:`Config Library <libraries/config>` method site_url() always appended ``$config['url_suffix']`` to the end of the URL string, regardless of wether a query string exists in it. +- Fixed a bug where :doc:`URL Helper <helpers/url_helper>` function anchor_popup() ignored the attributes argument if it is not an array. +- Fixed a bug (#1328) - :doc:`Form Validation Library <libraries/form_validation>` didn't properly check the type of the form fields before processing them. +- Fixed a bug (#79) - :doc:`Form Validation Library <libraries/form_validation>` didn't properly validate array fields that use associative keys or have custom indexes. +- Fixed a bug (#427) - :doc:`Form Validation Library <libraries/form_validation>` method ``strip_image_tags()`` was an alias to a non-existent method. Version 2.1.1 ============= @@ -334,7 +362,7 @@ Release Date: November 14, 2011 injection. - Added additional option 'none' for the optional third argument for $this->db->like() in the :doc:`Database - Driver <database/active_record>`. + Driver <database/query_builder>`. - Added $this->db->insert_batch() support to the OCI8 (Oracle) driver. - Added failover if the main connections in the config should fail @@ -432,7 +460,6 @@ Release Date: August 20, 2011 - Added insert_batch() function to the PostgreSQL database driver. Thanks to epallerols for the patch. - Added "application/x-csv" to mimes.php. - - Added CSRF protection URI whitelisting. - Fixed a bug where :doc:`Email library <libraries/email>` attachments with a "." in the name would using invalid MIME-types. @@ -1609,27 +1636,27 @@ Release Date: January 30, 2008 - Active Record - Added protect_identifiers() in :doc:`Active - Record <./database/active_record>`. + Record <./database/query_builder>`. - All AR queries are backticked if appropriate to the database. - Added where_in(), or_where_in(), where_not_in(), or_where_not_in(), not_like() and or_not_like() to :doc:`Active - Record <./database/active_record>`. + Record <./database/query_builder>`. - Added support for limit() into update() and delete() statements in - :doc:`Active Record <./database/active_record>`. + :doc:`Active Record <./database/query_builder>`. - Added empty_table() and truncate_table() to :doc:`Active - Record <./database/active_record>`. + Record <./database/query_builder>`. - Added the ability to pass an array of tables to the delete() - statement in :doc:`Active Record <./database/active_record>`. + statement in :doc:`Active Record <./database/query_builder>`. - Added count_all_results() function to :doc:`Active - Record <./database/active_record>`. + Record <./database/query_builder>`. - Added select_max(), select_min(), select_avg() and - select_sum() to :doc:`Active Record <./database/active_record>`. + select_sum() to :doc:`Active Record <./database/query_builder>`. - Added the ability to use aliases with joins in :doc:`Active - Record <./database/active_record>`. + Record <./database/query_builder>`. - Added a third parameter to Active Record's like() clause to control where the wildcard goes. - Added a third parameter to set() in :doc:`Active - Record <./database/active_record>` that withholds escaping + Record <./database/query_builder>` that withholds escaping data. - Changed the behaviour of variables submitted to the where() clause with no values to auto set "IS NULL" @@ -1737,7 +1764,7 @@ Release Date: January 30, 2008 the table of contents of the userguide. - Moved part of the userguide menu javascript to an external file. - Documented distinct() in :doc:`Active - Record <./database/active_record>`. + Record <./database/query_builder>`. - Documented the timezones() function in the :doc:`Date Helper <./helpers/date_helper>`. - Documented unset_userdata in the :doc:`Session @@ -2313,9 +2340,9 @@ Release Date: April 11, 2006 function <./general/views>`: $this->load->view('my_view', $object); - Added getwhere function to :doc:`Active Record - class <./database/active_record>`. + class <./database/query_builder>`. - Added count_all function to :doc:`Active Record - class <./database/active_record>`. + class <./database/query_builder>`. - Added language file for scaffolding and fixed a scaffolding bug that occurs when there are no rows in the specified table. - Added :doc:`$this->db->last_query() <./database/queries>`, which @@ -2340,7 +2367,7 @@ Release Date: April 3, 2006 - Added support for :doc:`Models <general/models>`. - Redesigned the database libraries to support additional RDBMs (Postgres, MySQLi, etc.). -- Redesigned the :doc:`Active Record class <./database/active_record>` +- Redesigned the :doc:`Active Record class <./database/query_builder>` to enable more varied types of queries with simpler syntax, and advanced features like JOINs. - Added a feature to the database class that lets you run :doc:`custom @@ -2373,7 +2400,7 @@ Release Date: April 3, 2006 whether PHP 4 or 5 is being run, since PHP 5 allows a more graceful way to manage objects that utilizes a bit less resources. - Deprecated: $this->db->use_table() has been deprecated. Please read - the :doc:`Active Record <./database/active_record>` page for + the :doc:`Active Record <./database/query_builder>` page for information. - Deprecated: $this->db->smart_escape_str() has been deprecated. Please use this instead: $this->db->escape() diff --git a/user_guide_src/source/database/queries.rst b/user_guide_src/source/database/queries.rst index d23efecb3..11dd78392 100644 --- a/user_guide_src/source/database/queries.rst +++ b/user_guide_src/source/database/queries.rst @@ -21,11 +21,31 @@ this:: $this->db->simple_query(); =========================== -This is a simplified version of the $this->db->query() function. It ONLY -returns TRUE/FALSE on success or failure. It DOES NOT return a database -result set, nor does it set the query timer, or compile bind data, or -store your query for debugging. It simply lets you submit a query. Most -users will rarely use this function. +This is a simplified version of the $this->db->query() method. It DOES +NOT return a database result set, nor does it set the query timer, or +compile bind data, or store your query for debugging. It simply lets you +submit a query. Most users will rarely use this function. + +It returns whatever the database drivers' "execute" function returns. +That typically is TRUE/FALSE on success or failure for write type queries +such as INSERT, DELETE or UPDATE statements (which is what it really +should be used for) and a resource/object on success for queries with +fetchable results. + +:: + + if ($this->db->simple_query('YOUR QUERY')) + { + echo "Success!"; + } + else + { + echo "Query failed!"; + } + +.. note:: PostgreSQL's pg_exec() function always returns a resource on + success, even for write type queries. So take that in mind if + you're looking for a boolean value. *************************************** Working with Database prefixes manually diff --git a/user_guide_src/source/database/query_builder.rst b/user_guide_src/source/database/query_builder.rst index 54e8df6b5..b86a0c8db 100644 --- a/user_guide_src/source/database/query_builder.rst +++ b/user_guide_src/source/database/query_builder.rst @@ -603,9 +603,9 @@ Here is an example using an object:: /* class Myclass { - var $title = 'My Title'; - var $content = 'My Content'; - var $date = 'My Date'; + public $title = 'My Title'; + public $content = 'My Content'; + public $date = 'My Date'; } */ @@ -730,9 +730,9 @@ Or an object:: /* class Myclass { - var $title = 'My Title'; - var $content = 'My Content'; - var $date = 'My Date'; + public $title = 'My Title'; + public $content = 'My Content'; + public $date = 'My Date'; } */ @@ -766,9 +766,9 @@ Or you can supply an object:: /* class Myclass { - var $title = 'My Title'; - var $content = 'My Content'; - var $date = 'My Date'; + public $title = 'My Title'; + public $content = 'My Content'; + public $date = 'My Date'; } */ diff --git a/user_guide_src/source/database/results.rst b/user_guide_src/source/database/results.rst index ac4fc3733..d032f734e 100644 --- a/user_guide_src/source/database/results.rst +++ b/user_guide_src/source/database/results.rst @@ -139,13 +139,13 @@ parameter: .. note:: all the functions above will load the whole result into memory (prefetching) use unbuffered_row() for processing large result sets. unbuffered_row($type) -===== +===================== This function returns a single result row without prefetching the whole result in memory as row() does. If your query has more than one row, it returns the current row and moves the internal data pointer ahead. The result is returned as $type could be 'object' (default) or 'array' that will return an associative array. - +:: $query = $this->db->query("YOUR QUERY"); diff --git a/user_guide_src/source/general/models.rst b/user_guide_src/source/general/models.rst index 87f63e416..2e1e025ee 100644 --- a/user_guide_src/source/general/models.rst +++ b/user_guide_src/source/general/models.rst @@ -18,9 +18,9 @@ model class might look like:: class Blog_model extends CI_Model { - var $title = ''; - var $content = ''; - var $date = ''; + public $title = ''; + public $content = ''; + public $date = ''; function __construct() { diff --git a/user_guide_src/source/general/welcome.rst b/user_guide_src/source/general/welcome.rst new file mode 100644 index 000000000..b28c3bcc2 --- /dev/null +++ b/user_guide_src/source/general/welcome.rst @@ -0,0 +1,32 @@ +###################### +Welcome to CodeIgniter +###################### + +CodeIgniter is an Application Development Framework - a toolkit - for +people who build web sites using PHP. Its goal is to enable you to +develop projects much faster than you could if you were writing code +from scratch, by providing a rich set of libraries for commonly needed +tasks, as well as a simple interface and logical structure to access +these libraries. CodeIgniter lets you creatively focus on your project +by minimizing the amount of code needed for a given task. + +*********************** +Who is CodeIgniter For? +*********************** + +CodeIgniter is right for you if: + +- You want a framework with a small footprint. +- You need exceptional performance. +- You need broad compatibility with standard hosting accounts that run + a variety of PHP versions and configurations. +- You want a framework that requires nearly zero configuration. +- You want a framework that does not require you to use the command + line. +- You want a framework that does not require you to adhere to + restrictive coding rules. +- You are not interested in large-scale monolithic libraries like PEAR. +- You do not want to be forced to learn a templating language (although + a template parser is optionally available if you desire one). +- You eschew complexity, favoring simple solutions. +- You need clear, thorough documentation. diff --git a/user_guide_src/source/helpers/date_helper.rst b/user_guide_src/source/helpers/date_helper.rst index 1b7177fc2..5adfb18d2 100644 --- a/user_guide_src/source/helpers/date_helper.rst +++ b/user_guide_src/source/helpers/date_helper.rst @@ -87,35 +87,25 @@ contain the date as a Unix timestamp. Supported formats: -+----------------+------------------------+-----------------------------------+ -| Constant | Description | Example | -+================+========================+===================================+ -| DATE_ATOM | Atom | 2005-08-15T16:13:03+0000 | -+----------------+------------------------+-----------------------------------+ -| DATE_COOKIE | HTTP Cookies | Sun, 14 Aug 2005 16:13:03 UTC | -+----------------+------------------------+-----------------------------------+ -| DATE_ISO8601 | ISO-8601 | 2005-08-14T16:13:03+00:00 | -+----------------+------------------------+-----------------------------------+ -| DATE_RFC822 | RFC 822 | Sun, 14 Aug 05 16:13:03 UTC | -+----------------+------------------------+-----------------------------------+ -| DATE_RFC850 | RFC 850 | Sunday, 14-Aug-05 16:13:03 UTC | -+----------------+------------------------+-----------------------------------+ -| DATE_RFC1036 | RFC 1036 | Sunday, 14-Aug-05 16:13:03 UTC | -+----------------+------------------------+-----------------------------------+ -| DATE_RFC1123 | RFC 1123 | Sun, 14 Aug 2005 16:13:03 UTC | -+----------------+------------------------+-----------------------------------+ -| DATE_RFC2822 | RFC 2822 | Sun, 14 Aug 2005 16:13:03 +0000 | -+----------------+------------------------+-----------------------------------+ -| DATE_RSS | RSS | Sun, 14 Aug 2005 16:13:03 UTC | -+----------------+------------------------+-----------------------------------+ -| DATE_W3C | W3C | 2005-08-14T16:13:03+0000 | -+----------------+------------------------+-----------------------------------+ - +=============== ======================= ====================================== +Constant Description Example +=============== ======================= ====================================== +DATE_ATOM Atom 2005-08-15T16:13:03+0000 +DATE_COOKIE HTTP Cookies Sun, 14 Aug 2005 16:13:03 UTC +DATE_ISO8601 ISO-8601 2005-08-14T16:13:03+00:00 +DATE_RFC822 RFC 822 Sun, 14 Aug 05 16:13:03 UTC +DATE_RFC850 RFC 850 Sunday, 14-Aug-05 16:13:03 UTC +DATE_RFC1036 RFC 1036 Sunday, 14-Aug-05 16:13:03 UTC +DATE_RFC1123 RFC 1123 Sun, 14 Aug 2005 16:13:03 UTC +DATE_RFC2822 RFC 2822 Sun, 14 Aug 2005 16:13:03 +0000 +DATE_RSS RSS Sun, 14 Aug 2005 16:13:03 UTC +DATE_W3C W3C 2005-08-14T16:13:03+0000 +=============== ======================= ====================================== local_to_gmt() ============== -Takes a Unix timestamp as input and returns it as GMT. +Takes a Unix timestamp as input and returns it as GMT. .. php:method:: local_to_gmt($time = '') @@ -159,7 +149,7 @@ Example mysql_to_unix() =============== -Takes a MySQL Timestamp as input and returns it as Unix. +Takes a MySQL Timestamp as input and returns it as Unix. .. php:method:: mysql_to_unix($time = '') @@ -212,7 +202,7 @@ human_to_unix() The opposite of the above function. Takes a "human" time as input and returns it as Unix. This function is useful if you accept "human" formatted dates submitted via a form. Returns FALSE (boolean) if the -date string passed to it is not formatted as indicated above. +date string passed to it is not formatted as indicated above. .. php:method:: human_to_unix($datestr = '') @@ -235,9 +225,9 @@ them into something useful. It also accepts well-formed dates. The function will return a Unix timestamp by default. You can, optionally, pass a format string (the same type as the PHP date function -accepts) as the second parameter. +accepts) as the second parameter. -.. php:method:: nice_date($bad_date = '', $format = FALSE) +.. php:method:: nice_date($bad_date = '', $format = FALSE) :param integer $bad_date: The terribly formatted date-like string :param string $format: Date format to return (same as php date function) @@ -247,26 +237,28 @@ Example :: - $bad_time = 199605 // Should Produce: 1996-05-01 - $better_time = nice_date($bad_time,'Y-m-d'); - $bad_time = 9-11-2001 // Should Produce: 2001-09-11 - $better_time = nice_date($human,'Y-m-d'); + $bad_date = '199605'; + // Should Produce: 1996-05-01 + $better_date = nice_date($bad_date, 'Y-m-d'); + + $bad_date = '9-11-2001'; + // Should Produce: 2001-09-11 + $better_date = nice_date($bad_date, 'Y-m-d'); timespan() ========== Formats a unix timestamp so that is appears similar to this - :: 1 Year, 10 Months, 2 Weeks, 5 Days, 10 Hours, 16 Minutes The first parameter must contain a Unix timestamp. The second parameter must contain a timestamp that is greater that the first timestamp. If -the second parameter empty, the current time will be used. The third -parameter is optional and limits the number of time units to display. -The most common purpose for this function is to show how much time has -elapsed from some point in time in the past to now. +the second parameter empty, the current time will be used. The third +parameter is optional and limits the number of time units to display. +The most common purpose for this function is to show how much time has +elapsed from some point in time in the past to now. .. php:method:: timespan($seconds = 1, $time = '', $units = '') @@ -291,7 +283,7 @@ days_in_month() =============== Returns the number of days in a given month/year. Takes leap years into -account. +account. .. php:method:: days_in_month($month = 0, $year = '') @@ -388,14 +380,15 @@ allowed to set their local timezone value. The first parameter lets you set the "selected" state of the menu. For example, to set Pacific time as the default you will do this -.. php:method:: timezone_menu($default = 'UTC', $class = "", $name = 'timezones') +.. php:method:: timezone_menu($default = 'UTC', $class = '', $name = 'timezones', $attributes = '') :param string $default: timezone :param string $class: classname :param string $name: menu name + :param mixed $attributes: attributes :returns: string -Example: +Example: :: @@ -405,6 +398,8 @@ Please see the timezone reference below to see the values of this menu. The second parameter lets you set a CSS class name for the menu. +The fourth parameter lets you set one or more attributes on the generated select tag. + .. note:: The text contained in the menu is found in the following language file: `language/<your_lang>/date_lang.php` @@ -416,86 +411,47 @@ The following table indicates each timezone and its location. Note some of the location lists have been abridged for clarity and formatting. -+------------+----------------------------------------------------------------+ -| Time Zone | Location | -+============+================================================================+ -| UM12 | (UTC - 12:00) Baker/Howland Island | -+------------+----------------------------------------------------------------+ -| UM11 | (UTC - 11:00) Samoa Time Zone, Niue | -+------------+----------------------------------------------------------------+ -| UM10 | (UTC - 10:00) Hawaii-Aleutian Standard Time, Cook Islands | -+------------+----------------------------------------------------------------+ -| UM95 | (UTC - 09:30) Marquesas Islands | -+------------+----------------------------------------------------------------+ -| UM9 | (UTC - 09:00) Alaska Standard Time, Gambier Islands | -+------------+----------------------------------------------------------------+ -| UM8 | (UTC - 08:00) Pacific Standard Time, Clipperton Island | -+------------+----------------------------------------------------------------+ -| UM7 | (UTC - 11:00) Mountain Standard Time | -+------------+----------------------------------------------------------------+ -| UM6 | (UTC - 06:00) Central Standard Time | -+------------+----------------------------------------------------------------+ -| UM5 | (UTC - 05:00) Eastern Standard Time, Western Caribbean | -+------------+----------------------------------------------------------------+ -| UM45 | (UTC - 04:30) Venezuelan Standard Time | -+------------+----------------------------------------------------------------+ -| UM4 | (UTC - 04:00) Atlantic Standard Time, Eastern Caribbean | -+------------+----------------------------------------------------------------+ -| UM35 | (UTC - 03:30) Newfoundland Standard Time | -+------------+----------------------------------------------------------------+ -| UM3 | (UTC - 03:00) Argentina, Brazil, French Guiana, Uruguay | -+------------+----------------------------------------------------------------+ -| UM2 | (UTC - 02:00) South Georgia/South Sandwich Islands | -+------------+----------------------------------------------------------------+ -| UM1 | (UTC -1:00) Azores, Cape Verde Islands | -+------------+----------------------------------------------------------------+ -| UTC | (UTC) Greenwich Mean Time, Western European Time | -+------------+----------------------------------------------------------------+ -| UP1 | (UTC +1:00) Central European Time, West Africa Time | -+------------+----------------------------------------------------------------+ -| UP2 | (UTC +2:00) Central Africa Time, Eastern European Time | -+------------+----------------------------------------------------------------+ -| UP3 | (UTC +3:00) Moscow Time, East Africa Time | -+------------+----------------------------------------------------------------+ -| UP35 | (UTC +3:30) Iran Standard Time | -+------------+----------------------------------------------------------------+ -| UP4 | (UTC +4:00) Azerbaijan Standard Time, Samara Time | -+------------+----------------------------------------------------------------+ -| UP45 | (UTC +4:30) Afghanistan | -+------------+----------------------------------------------------------------+ -| UP5 | (UTC +5:00) Pakistan Standard Time, Yekaterinburg Time | -+------------+----------------------------------------------------------------+ -| UP55 | (UTC +5:30) Indian Standard Time, Sri Lanka Time | -+------------+----------------------------------------------------------------+ -| UP575 | (UTC +5:45) Nepal Time | -+------------+----------------------------------------------------------------+ -| UP6 | (UTC +6:00) Bangladesh Standard Time, Bhutan Time, Omsk Time | -+------------+----------------------------------------------------------------+ -| UP65 | (UTC +6:30) Cocos Islands, Myanmar | -+------------+----------------------------------------------------------------+ -| UP7 | (UTC +7:00) Krasnoyarsk Time, Cambodia, Laos, Thailand, Vietnam| -+------------+----------------------------------------------------------------+ -| UP8 | (UTC +8:00) Australian Western Standard Time, Beijing Time | -+------------+----------------------------------------------------------------+ -| UP875 | (UTC +8:45) Australian Central Western Standard Time | -+------------+----------------------------------------------------------------+ -| UP9 | (UTC +9:00) Japan Standard Time, Korea Standard Time, Yakutsk | -+------------+----------------------------------------------------------------+ -| UP95 | (UTC +9:30) Australian Central Standard Time | -+------------+----------------------------------------------------------------+ -| UP10 | (UTC +10:00) Australian Eastern Standard Time, Vladivostok Time| -+------------+----------------------------------------------------------------+ -| UP105 | (UTC +10:30) Lord Howe Island | -+------------+----------------------------------------------------------------+ -| UP11 | (UTC +11:00) Magadan Time, Solomon Islands, Vanuatu | -+------------+----------------------------------------------------------------+ -| UP115 | (UTC +11:30) Norfolk Island | -+------------+----------------------------------------------------------------+ -| UP12 | (UTC +12:00) Fiji, Gilbert Islands, Kamchatka, New Zealand | -+------------+----------------------------------------------------------------+ -| UP1275 | (UTC +12:45) Chatham Islands Standard Time | -+------------+----------------------------------------------------------------+ -| UP13 | (UTC +13:00) Phoenix Islands Time, Tonga | -+------------+----------------------------------------------------------------+ -| UP14 | (UTC +14:00) Line Islands | -+------------+----------------------------------------------------------------+ +=========== ===================================================================== +Time Zone Location +=========== ===================================================================== +UM2 (UTC - 12:00) Baker/Howland Island +UM1 (UTC - 11:00) Samoa Time Zone, Niue +UM0 (UTC - 10:00) Hawaii-Aleutian Standard Time, Cook Islands +UM95 (UTC - 09:30) Marquesas Islands +UM9 (UTC - 09:00) Alaska Standard Time, Gambier Islands +UM8 (UTC - 08:00) Pacific Standard Time, Clipperton Island +UM7 (UTC - 11:00) Mountain Standard Time +UM6 (UTC - 06:00) Central Standard Time +UM5 (UTC - 05:00) Eastern Standard Time, Western Caribbean +UM45 (UTC - 04:30) Venezuelan Standard Time +UM4 (UTC - 04:00) Atlantic Standard Time, Eastern Caribbean +UM35 (UTC - 03:30) Newfoundland Standard Time +UM3 (UTC - 03:00) Argentina, Brazil, French Guiana, Uruguay +UM2 (UTC - 02:00) South Georgia/South Sandwich Islands +UM (UTC -1:00) Azores, Cape Verde Islands +UTC (UTC) Greenwich Mean Time, Western European Time +UP1 (UTC +1:00) Central European Time, West Africa Time +UP2 (UTC +2:00) Central Africa Time, Eastern European Time +UP3 (UTC +3:00) Moscow Time, East Africa Time +UP35 (UTC +3:30) Iran Standard Time +UP4 (UTC +4:00) Azerbaijan Standard Time, Samara Time +UP45 (UTC +4:30) Afghanistan +UP5 (UTC +5:00) Pakistan Standard Time, Yekaterinburg Time +UP55 (UTC +5:30) Indian Standard Time, Sri Lanka Time +UP575 (UTC +5:45) Nepal Time +UP6 (UTC +6:00) Bangladesh Standard Time, Bhutan Time, Omsk Time +UP65 (UTC +6:30) Cocos Islands, Myanmar +UP7 (UTC +7:00) Krasnoyarsk Time, Cambodia, Laos, Thailand, Vietnam +UP8 (UTC +8:00) Australian Western Standard Time, Beijing Time +UP875 (UTC +8:45) Australian Central Western Standard Time +UP9 (UTC +9:00) Japan Standard Time, Korea Standard Time, Yakutsk +UP95 (UTC +9:30) Australian Central Standard Time +UP10 (UTC +10:00) Australian Eastern Standard Time, Vladivostok Time +UP105 (UTC +10:30) Lord Howe Island +UP11 (UTC +11:00) Magadan Time, Solomon Islands, Vanuatu +UP115 (UTC +11:30) Norfolk Island +UP12 (UTC +12:00) Fiji, Gilbert Islands, Kamchatka, New Zealand +UP1275 (UTC +12:45) Chatham Islands Standard Time +UP1 (UTC +13:00) Phoenix Islands Time, Tonga +UP14 (UTC +14:00) Line Islands +=========== =====================================================================
\ No newline at end of file diff --git a/user_guide_src/source/helpers/url_helper.rst b/user_guide_src/source/helpers/url_helper.rst index e6d51b22b..82db6a5b3 100644 --- a/user_guide_src/source/helpers/url_helper.rst +++ b/user_guide_src/source/helpers/url_helper.rst @@ -168,27 +168,35 @@ browser settings. Here is an example with attributes :: - $atts = array( - 'width' => '800', - 'height' => '600', - 'scrollbars' => 'yes', - 'status' => 'yes', - 'resizable' => 'yes', - 'screenx' => '0', - 'screeny' => '0' + $atts = array( + 'width' => '800', + 'height' => '600', + 'scrollbars' => 'yes', + 'status' => 'yes', + 'resizable' => 'yes', + 'screenx' => '0', + 'screeny' => '0', + 'window_name' => '_blank' ); echo anchor_popup('news/local/123', 'Click Me!', $atts); -Note: The above attributes are the function defaults so you only need to -set the ones that are different from what you need. If you want the -function to use all of its defaults simply pass an empty array in the -third parameter +.. note:: The above attributes are the function defaults so you only need to + set the ones that are different from what you need. If you want the + function to use all of its defaults simply pass an empty array in the + third parameter :: echo anchor_popup('news/local/123', 'Click Me!', array()); +.. note:: The 'window_name' is not really an attribute, but an argument to + the JavaScript `window.open() <http://www.w3schools.com/jsref/met_win_open.asp>` + method, which accepts either a window name or a window target. + +.. note:: Any other attribute than the listed above will be parsed as an + HTML attribute to the anchor tag. + mailto() ======== diff --git a/user_guide_src/source/index.rst b/user_guide_src/source/index.rst index 6cdeb2442..c89b41c74 100644 --- a/user_guide_src/source/index.rst +++ b/user_guide_src/source/index.rst @@ -1,34 +1,95 @@ -Welcome to CodeIgniter -====================== - -CodeIgniter is an Application Development Framework - a toolkit - for -people who build web sites using PHP. Its goal is to enable you to -develop projects much faster than you could if you were writing code -from scratch, by providing a rich set of libraries for commonly needed -tasks, as well as a simple interface and logical structure to access -these libraries. CodeIgniter lets you creatively focus on your project -by minimizing the amount of code needed for a given task. - -Who is CodeIgniter For? -======================= - -CodeIgniter is right for you if: - -- You want a framework with a small footprint. -- You need exceptional performance. -- You need broad compatibility with standard hosting accounts that run - a variety of PHP versions and configurations. -- You want a framework that requires nearly zero configuration. -- You want a framework that does not require you to use the command - line. -- You want a framework that does not require you to adhere to - restrictive coding rules. -- You are not interested in large-scale monolithic libraries like PEAR. -- You do not want to be forced to learn a templating language (although - a template parser is optionally available if you desire one). -- You eschew complexity, favoring simple solutions. -- You need clear, thorough documentation. +###################### +CodeIgniter User Guide +###################### +- :doc:`License Agreement <license>` +- :doc:`Change Log <changelog>` + +.. contents:: + :local: + :depth: 2 + +******* +Welcome +******* + +- :doc:`general/welcome` + +********** +Basic Info +********** + +- :doc:`general/requirements` +- :doc:`general/credits` + +************ +Installation +************ + +- :doc:`installation/downloads` +- :doc:`installation/index` +- :doc:`installation/upgrading` +- :doc:`installation/troubleshooting` + +************ +Introduction +************ + +- :doc:`overview/getting_started` +- :doc:`overview/at_a_glance` +- :doc:`overview/cheatsheets` +- :doc:`overview/features` +- :doc:`overview/appflow` +- :doc:`overview/mvc` +- :doc:`overview/goals` + +******** +Tutorial +******** + +- :doc:`tutorial/index` +- :doc:`tutorial/static_pages` +- :doc:`tutorial/news_section` +- :doc:`tutorial/create_news_items` +- :doc:`tutorial/conclusion` + +************** +General Topics +************** + +.. toctree:: + :glob: + :titlesonly: + + general/index + +***************** +Library Reference +***************** + +.. toctree:: + :glob: + :titlesonly: + + libraries/index + +**************** +Driver Reference +**************** + +- :doc:`libraries/caching` +- :doc:`database/index` +- :doc:`libraries/javascript` + +**************** +Helper Reference +**************** + +.. toctree:: + :glob: + :titlesonly: + + helpers/index .. toctree:: :glob: diff --git a/user_guide_src/source/installation/upgrade_300.rst b/user_guide_src/source/installation/upgrade_300.rst index c70737cff..14199092f 100644 --- a/user_guide_src/source/installation/upgrade_300.rst +++ b/user_guide_src/source/installation/upgrade_300.rst @@ -35,7 +35,7 @@ Move any entries that you might have listed there to `$autoload['libraries']` in Step 4: Update your config/database.php ======================================= -Due to 3.0.0's renaming of Active Record to Query Builder, inside your _config/database.php_, you will +Due to 3.0.0's renaming of Active Record to Query Builder, inside your `config/database.php`, you will need to rename the `$active_record` variable to `$query_builder`. $active_group = 'default'; @@ -45,4 +45,4 @@ need to rename the `$active_record` variable to `$query_builder`. Step 5: Move your errors folder =============================== -In version 3.0.0, the errors folder has been moved from _application/errors_ to _application/views/errors_.
\ No newline at end of file +In version 3.0.0, the errors folder has been moved from _application/errors* to _application/views/errors*.
\ No newline at end of file diff --git a/user_guide_src/source/libraries/config.rst b/user_guide_src/source/libraries/config.rst index 08d9c2905..694896353 100644 --- a/user_guide_src/source/libraries/config.rst +++ b/user_guide_src/source/libraries/config.rst @@ -175,7 +175,7 @@ This function retrieves the URL to your site, plus an optional path such as to a stylesheet or image. The two functions above are normally accessed via the corresponding -functions in the :doc:`URL Helper </helpers/url_helper>`. +functions in the :doc:`URL Helper <helpers/url_helper>`. $this->config->system_url(); ***************************** diff --git a/user_guide_src/source/libraries/email.rst b/user_guide_src/source/libraries/email.rst index f99eb91df..c5fa68004 100644 --- a/user_guide_src/source/libraries/email.rst +++ b/user_guide_src/source/libraries/email.rst @@ -183,7 +183,7 @@ accept HTML email. If you do not set your own message CodeIgniter will extract the message from your HTML email and strip the tags. $this->email->set_header() ------------------------ +-------------------------- Appends additional headers to the e-mail:: diff --git a/user_guide_src/source/libraries/encryption.rst b/user_guide_src/source/libraries/encryption.rst index 28bdca203..a38122203 100644 --- a/user_guide_src/source/libraries/encryption.rst +++ b/user_guide_src/source/libraries/encryption.rst @@ -26,7 +26,7 @@ key security so you may want to think carefully before using it for anything that requires high security, like storing credit card numbers. To take maximum advantage of the encryption algorithm, your key should -be 32 characters in length (128 bits). The key should be as random a +be 32 characters in length (256 bits). The key should be as random a string as you can concoct, with numbers and uppercase and lowercase letters. Your key should **not** be a simple text string. In order to be cryptographically secure it needs to be as random as possible. diff --git a/user_guide_src/source/libraries/file_uploading.rst b/user_guide_src/source/libraries/file_uploading.rst index 414d84f0b..65cd5c722 100644 --- a/user_guide_src/source/libraries/file_uploading.rst +++ b/user_guide_src/source/libraries/file_uploading.rst @@ -215,6 +215,9 @@ Preference Default Value Options Descripti that can not be discerned by the person uploading it. **remove_spaces** TRUE TRUE/FALSE (boolean) If set to TRUE, any spaces in the file name will be converted to underscores. This is recommended. +**detect_mime** TRUE TRUE/FALSE (boolean) If set to TRUE, a server side detection of the file type will be + performed to avoid code injection attacks. DO NOT disable this option + unless you have no other option as that would cause a security risk. ============================ ================= ======================= ====================================================================== Setting preferences in a config file diff --git a/user_guide_src/source/libraries/ftp.rst b/user_guide_src/source/libraries/ftp.rst index 20b11a5c8..05a3fdcc8 100644 --- a/user_guide_src/source/libraries/ftp.rst +++ b/user_guide_src/source/libraries/ftp.rst @@ -26,7 +26,7 @@ Usage Examples In this example a connection is opened to the FTP server, and a local file is read and uploaded in ASCII mode. The file permissions are set to -755. Note: Setting permissions requires PHP 5. +755. :: @@ -136,8 +136,7 @@ Example:: **Mode options are:** ascii, binary, and auto (the default). If auto is used it will base the mode on the file extension of the source file. -Permissions are available if you are running PHP 5 and can be passed as -an octal value in the fourth parameter. +If set, permissions have to be passed as an octal value. $this->ftp->download() ====================== diff --git a/user_guide_src/source/libraries/pagination.rst b/user_guide_src/source/libraries/pagination.rst index 560755fb6..7d750bd23 100644 --- a/user_guide_src/source/libraries/pagination.rst +++ b/user_guide_src/source/libraries/pagination.rst @@ -21,9 +21,9 @@ Here is a simple example showing how to create pagination in one of your $config['base_url'] = 'http://example.com/index.php/test/page/'; $config['total_rows'] = 200; - $config['per_page'] = 20; + $config['per_page'] = 20; - $this->pagination->initialize($config); + $this->pagination->initialize($config); echo $this->pagination->create_links(); @@ -112,6 +112,33 @@ the pagination link will become. Note that "per_page" is the default query string passed, however can be configured using $config['query_string_segment'] = 'your_string' +$config['reuse_query_string'] = FALSE; +====================================== + +By default your Query String arguments (nothing to do with other +query string options) will be ignored. Setting this config to +TRUE will add existing query string arguments back into the +URL after the URI segment and before the suffix + +:: + + http://example.com/index.php/test/page/20?query=search%term + +This helps you mix together normal :doc:`URI Segments <../general/urls>` +as well as query string arguments, which until 3.0 was not possible. + +$config['prefix'] = ''; +================================== + +A custom prefix added to the path. The prefix value will be right before +the offset segment. + +$config['suffix'] = ''; +================================== + +A custom suffix added to the path. The sufix value will be right after +the offset segment. + *********************** Adding Enclosing Markup *********************** @@ -247,34 +274,30 @@ adding:: $config['display_pages'] = FALSE; -****************************** -Adding a class to every anchor -****************************** +**************************** +Adding attributes to anchors +**************************** -If you want to add a class attribute to every link rendered by the -pagination class, you can set the config "anchor_class" equal to the -classname you want. +If you want to add an extra attribute to be added to every link rendered +by the pagination class, you can set them as key/value pairs in the +"attributes" config :: - $config['anchor_class'] = 'myclass'; // class="myclass" + // Produces: class="myclass" + $config['attributes'] = array('class' => 'myclass'); -********************************** -Changing the "rel" attribute value -********************************** +.. note:: Usage of the old method of setting classes via "anchor_class" + is deprecated. -By default, the rel attribute will be automatically put under the -following conditions: +***************************** +Disabling the "rel" attribute +***************************** -- rel="start" for the "first" link -- rel="prev" for the "previous" link -- rel="next" for the "next" link +By default the rel attribute is dynamically generated and appended to +the appropriate anchors. If for some reason you want to turn it off, +you can pass boolean FALSE as a regular attribute -If you want to disable the rel attribute, or change its value, you -can set the 'attr_rel' config option:: - - // Disable - $config['attr_rel'] = FALSE; +:: - // Use a custom value on all anchors - $config['attr_rel'] = 'custom_value'; // produces: rel="custom_value"
\ No newline at end of file + $config['attributes']['rel'] = FALSE;
\ No newline at end of file |