summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--index.php2
-rw-r--r--system/core/Common.php3
-rwxr-xr-xsystem/core/Input.php67
-rw-r--r--user_guide_src/source/changelog.rst1
4 files changed, 36 insertions, 37 deletions
diff --git a/index.php b/index.php
index 1712a7d66..a37826690 100644
--- a/index.php
+++ b/index.php
@@ -218,6 +218,7 @@ if (defined('ENVIRONMENT'))
{
if ( ! is_dir(BASEPATH.$application_folder.'/'))
{
+ header('HTTP/1.1 503 Service Unavailable.', TRUE, '503');
exit('Your application folder path does not appear to be set correctly. Please open the following file and correct this: '.SELF);
}
@@ -233,6 +234,7 @@ if (defined('ENVIRONMENT'))
{
if ( ! is_dir(APPPATH.'views/'))
{
+ header('HTTP/1.1 503 Service Unavailable.', TRUE, '503');
exit('Your view folder path does not appear to be set correctly. Please open the following file and correct this: '.SELF);
}
diff --git a/system/core/Common.php b/system/core/Common.php
index 2f9c4ff43..225227d17 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -177,6 +177,7 @@ if ( ! function_exists('load_class'))
{
// Note: We use exit() rather then show_error() in order to avoid a
// self-referencing loop with the Excptions class
+ set_status_header(503);
exit('Unable to locate the specified class: '.$class.'.php');
}
@@ -243,6 +244,7 @@ if ( ! function_exists('get_config'))
// Fetch the config file
if ( ! file_exists($file_path))
{
+ set_status_header(503);
exit('The configuration file does not exist.');
}
@@ -251,6 +253,7 @@ if ( ! function_exists('get_config'))
// Does the $config array exist in the file?
if ( ! isset($config) OR ! is_array($config))
{
+ set_status_header(503);
exit('Your config file does not appear to be formatted correctly.');
}
diff --git a/system/core/Input.php b/system/core/Input.php
index 7a16e51ab..ee15f4013 100755
--- a/system/core/Input.php
+++ b/system/core/Input.php
@@ -25,8 +25,6 @@
* @filesource
*/
-// ------------------------------------------------------------------------
-
/**
* Input Class
*
@@ -152,7 +150,7 @@ class CI_Input {
public function get($index = NULL, $xss_clean = FALSE)
{
// Check if a field has been provided
- if ($index === NULL AND ! empty($_GET))
+ if ($index === NULL && ! empty($_GET))
{
$get = array();
@@ -179,7 +177,7 @@ class CI_Input {
public function post($index = NULL, $xss_clean = FALSE)
{
// Check if a field has been provided
- if ($index === NULL AND ! empty($_POST))
+ if ($index === NULL && ! empty($_POST))
{
$post = array();
@@ -206,9 +204,9 @@ class CI_Input {
*/
public function get_post($index = '', $xss_clean = FALSE)
{
- return ( ! isset($_POST[$index]))
- ? $this->get($index, $xss_clean)
- : $this->post($index, $xss_clean);
+ return isset($_POST[$index])
+ ? $this->post($index, $xss_clean)
+ : $this->get($index, $xss_clean);
}
// --------------------------------------------------------------------
@@ -256,19 +254,19 @@ class CI_Input {
}
}
- if ($prefix == '' AND config_item('cookie_prefix') != '')
+ if ($prefix == '' && config_item('cookie_prefix') != '')
{
$prefix = config_item('cookie_prefix');
}
- if ($domain == '' AND config_item('cookie_domain') != '')
+ if ($domain == '' && config_item('cookie_domain') != '')
{
$domain = config_item('cookie_domain');
}
- if ($path == '/' AND config_item('cookie_path') != '/')
+ if ($path == '/' && config_item('cookie_path') !== '/')
{
$path = config_item('cookie_path');
}
- if ($secure == FALSE AND config_item('cookie_secure') != FALSE)
+ if ($secure == FALSE && config_item('cookie_secure') != FALSE)
{
$secure = config_item('cookie_secure');
}
@@ -320,11 +318,11 @@ class CI_Input {
$this->ip_address = in_array($_SERVER['REMOTE_ADDR'], $proxies) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR'];
}
- elseif ( ! $this->server('HTTP_CLIENT_IP') AND $this->server('REMOTE_ADDR'))
+ elseif ( ! $this->server('HTTP_CLIENT_IP') && $this->server('REMOTE_ADDR'))
{
$this->ip_address = $_SERVER['REMOTE_ADDR'];
}
- elseif ($this->server('REMOTE_ADDR') AND $this->server('HTTP_CLIENT_IP'))
+ elseif ($this->server('REMOTE_ADDR') && $this->server('HTTP_CLIENT_IP'))
{
$this->ip_address = $_SERVER['HTTP_CLIENT_IP'];
}
@@ -414,7 +412,7 @@ class CI_Input {
return $this->user_agent;
}
- return $this->user_agent = ( ! isset($_SERVER['HTTP_USER_AGENT'])) ? FALSE : $_SERVER['HTTP_USER_AGENT'];
+ return $this->user_agent = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : FALSE;
}
// --------------------------------------------------------------------
@@ -469,19 +467,16 @@ class CI_Input {
{
$_GET = array();
}
- else
+ elseif (is_array($_GET) && count($_GET) > 0)
{
- if (is_array($_GET) AND count($_GET) > 0)
+ foreach ($_GET as $key => $val)
{
- foreach ($_GET as $key => $val)
- {
- $_GET[$this->_clean_input_keys($key)] = $this->_clean_input_data($val);
- }
+ $_GET[$this->_clean_input_keys($key)] = $this->_clean_input_data($val);
}
}
// Clean $_POST Data
- if (is_array($_POST) AND count($_POST) > 0)
+ if (is_array($_POST) && count($_POST) > 0)
{
foreach ($_POST as $key => $val)
{
@@ -490,7 +485,7 @@ class CI_Input {
}
// Clean $_COOKIE Data
- if (is_array($_COOKIE) AND count($_COOKIE) > 0)
+ if (is_array($_COOKIE) && count($_COOKIE) > 0)
{
// Also get rid of specially treated cookies that might be set by a server
// or silly application, that are of no use to a CI application anyway
@@ -568,7 +563,7 @@ class CI_Input {
}
// Standardize newlines if needed
- if ($this->_standardize_newlines == TRUE AND strpos($str, "\r") !== FALSE)
+ if ($this->_standardize_newlines == TRUE && strpos($str, "\r") !== FALSE)
{
return str_replace(array("\r\n", "\r", "\r\n\n"), PHP_EOL, $str);
}
@@ -592,6 +587,7 @@ class CI_Input {
{
if ( ! preg_match('/^[a-z0-9:_\/-]+$/i', $str))
{
+ set_status_header(503);
exit('Disallowed Key Characters.');
}
@@ -624,7 +620,7 @@ class CI_Input {
}
else
{
- $headers['Content-Type'] = (isset($_SERVER['CONTENT_TYPE'])) ? $_SERVER['CONTENT_TYPE'] : @getenv('CONTENT_TYPE');
+ $headers['Content-Type'] = isset($_SERVER['CONTENT_TYPE']) ? $_SERVER['CONTENT_TYPE'] : @getenv('CONTENT_TYPE');
foreach ($_SERVER as $key => $val)
{
@@ -654,9 +650,9 @@ class CI_Input {
*
* Returns the value of a single member of the headers class member
*
- * @param string array key for $this->headers
- * @param boolean XSS Clean or not
- * @return mixed FALSE on failure, string on success
+ * @param string array key for $this->headers
+ * @param bool XSS Clean or not
+ * @return mixed FALSE on failure, string on success
*/
public function get_request_header($index, $xss_clean = FALSE)
{
@@ -670,12 +666,9 @@ class CI_Input {
return FALSE;
}
- if ($xss_clean === TRUE)
- {
- return $this->security->xss_clean($this->headers[$index]);
- }
-
- return $this->headers[$index];
+ return ($xss_clean === TRUE)
+ ? $this->security->xss_clean($this->headers[$index])
+ : $this->headers[$index];
}
// --------------------------------------------------------------------
@@ -685,11 +678,11 @@ class CI_Input {
*
* Test to see if a request contains the HTTP_X_REQUESTED_WITH header
*
- * @return boolean
+ * @return bool
*/
public function is_ajax_request()
{
- return ($this->server('HTTP_X_REQUESTED_WITH') === 'XMLHttpRequest');
+ return ( ! empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) === 'xmlhttprequest');
}
// --------------------------------------------------------------------
@@ -699,11 +692,11 @@ class CI_Input {
*
* Test to see if a request was made from the command line
*
- * @return boolean
+ * @return bool
*/
public function is_cli_request()
{
- return (php_sapi_name() === 'cli') or defined('STDIN');
+ return (php_sapi_name() === 'cli' OR defined('STDIN'));
}
}
diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst
index 4c1019961..b7484942b 100644
--- a/user_guide_src/source/changelog.rst
+++ b/user_guide_src/source/changelog.rst
@@ -101,6 +101,7 @@ Bug fixes for 3.0
- Fixed a bug (#904) - ``CI_Loader::initialize()`` caused a PHP Fatal error to be triggered if error level E_STRICT is used.
- Fixed a hosting edge case where an empty $_SERVER['HTTPS'] variable would evaluate to 'on'
- Fixed a bug (#154) - ``CI_Session::sess_update()`` caused the session to be destroyed on pages where multiple AJAX requests were executed at once.
+- Fixed a possible bug in ``CI_Input::is_ajax_request()`` where some clients might not send the X-Requested-With HTTP header value exactly as 'XmlHttpRequest'.
- Fixed a bug (#128) - :doc:`Language Library <libraries/language>` did not correctly keep track of loaded language files.
Version 2.1.0