summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--system/helpers/download_helper.php26
-rw-r--r--system/libraries/Encrypt.php112
-rw-r--r--user_guide_src/source/general/urls.rst9
-rw-r--r--user_guide_src/source/tutorial/static_pages.rst2
4 files changed, 54 insertions, 95 deletions
diff --git a/system/helpers/download_helper.php b/system/helpers/download_helper.php
index 4a1a79cc3..aea948d81 100644
--- a/system/helpers/download_helper.php
+++ b/system/helpers/download_helper.php
@@ -88,26 +88,20 @@ if ( ! function_exists('force_download'))
{
$mime = (is_array($mimes[$extension])) ? $mimes[$extension][0] : $mimes[$extension];
}
-
+
// Generate the server headers
- if (strpos($_SERVER['HTTP_USER_AGENT'], "MSIE") !== FALSE)
+ header('Content-Type: "'.$mime.'"');
+ header('Content-Disposition: attachment; filename="'.$filename.'"');
+ header('Expires: 0');
+ header("Content-Transfer-Encoding: binary");
+ header("Content-Length: ".strlen($data));
+ header('Pragma: no-cache');
+
+ // Internet Explorer-specific headers.
+ if (isset($_SERVER['HTTP_USER_AGENT']) && strpos($_SERVER['HTTP_USER_AGENT'], "MSIE") !== FALSE)
{
- header('Content-Type: "'.$mime.'"');
- header('Content-Disposition: attachment; filename="'.$filename.'"');
- header('Expires: 0');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
- header("Content-Transfer-Encoding: binary");
header('Pragma: public');
- header("Content-Length: ".strlen($data));
- }
- else
- {
- header('Content-Type: "'.$mime.'"');
- header('Content-Disposition: attachment; filename="'.$filename.'"');
- header("Content-Transfer-Encoding: binary");
- header('Expires: 0');
- header('Pragma: no-cache');
- header("Content-Length: ".strlen($data));
}
exit($data);
diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php
index e297576e6..0b0618991 100644
--- a/system/libraries/Encrypt.php
+++ b/system/libraries/Encrypt.php
@@ -1,13 +1,13 @@
-<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
+<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
/**
* CodeIgniter
*
* An open source application development framework for PHP 5.1.6 or newer
*
* NOTICE OF LICENSE
- *
+ *
* Licensed under the Open Software License version 3.0
- *
+ *
* This source file is subject to the Open Software License (OSL 3.0) that is
* bundled with this package in the files license.txt / license.rst. It is
* also available through the world wide web at this URL:
@@ -25,8 +25,6 @@
* @filesource
*/
-// ------------------------------------------------------------------------
-
/**
* CodeIgniter Encryption Class
*
@@ -46,15 +44,10 @@ class CI_Encrypt {
protected $_mcrypt_cipher;
protected $_mcrypt_mode;
- /**
- * Constructor
- *
- * Simply determines whether the mcrypt library exists.
- */
public function __construct()
{
$this->_mcrypt_exists = ( ! function_exists('mcrypt_encrypt')) ? FALSE : TRUE;
- log_message('debug', "Encrypt Class Initialized");
+ log_message('debug', 'Encrypt Class Initialized');
}
// --------------------------------------------------------------------
@@ -95,7 +88,7 @@ class CI_Encrypt {
* Set the encryption key
*
* @param string
- * @return void
+ * @return object
*/
public function set_key($key = '')
{
@@ -122,18 +115,8 @@ class CI_Encrypt {
*/
public function encode($string, $key = '')
{
- $key = $this->get_key($key);
-
- if ($this->_mcrypt_exists === TRUE)
- {
- $enc = $this->mcrypt_encode($string, $key);
- }
- else
- {
- $enc = $this->_xor_encode($string, $key);
- }
-
- return base64_encode($enc);
+ $method = ($this->_mcrypt_exists === TRUE) ? 'mcrypt_encode' : '_xor_encode';
+ return base64_encode($this->$method($string, $this->get_key($key)));
}
// --------------------------------------------------------------------
@@ -149,28 +132,13 @@ class CI_Encrypt {
*/
public function decode($string, $key = '')
{
- $key = $this->get_key($key);
-
if (preg_match('/[^a-zA-Z0-9\/\+=]/', $string))
{
return FALSE;
}
- $dec = base64_decode($string);
-
- if ($this->_mcrypt_exists === TRUE)
- {
- if (($dec = $this->mcrypt_decode($dec, $key)) === FALSE)
- {
- return FALSE;
- }
- }
- else
- {
- $dec = $this->_xor_decode($dec, $key);
- }
-
- return $dec;
+ $method = ($this->_mcrypt_exists === TRUE) ? 'mcrypt_decode' : '_xor_decode';
+ return $this->$method(base64_decode($string), $this->get_key($key));
}
// --------------------------------------------------------------------
@@ -197,6 +165,10 @@ class CI_Encrypt {
log_message('error', 'Encoding from legacy is available only when Mcrypt is in use.');
return FALSE;
}
+ elseif (preg_match('/[^a-zA-Z0-9\/\+=]/', $string))
+ {
+ return FALSE;
+ }
// decode it first
// set mode temporarily to what it was when string was encoded with the legacy
@@ -205,14 +177,7 @@ class CI_Encrypt {
$this->set_mode($legacy_mode);
$key = $this->get_key($key);
-
- if (preg_match('/[^a-zA-Z0-9\/\+=]/', $string))
- {
- return FALSE;
- }
-
$dec = base64_decode($string);
-
if (($dec = $this->mcrypt_decode($dec, $key)) === FALSE)
{
return FALSE;
@@ -242,17 +207,18 @@ class CI_Encrypt {
protected function _xor_encode($string, $key)
{
$rand = '';
- while (strlen($rand) < 32)
+ do
{
$rand .= mt_rand(0, mt_getrandmax());
}
+ while (strlen($rand) < 32);
$rand = $this->hash($rand);
$enc = '';
- for ($i = 0; $i < strlen($string); $i++)
+ for ($i = 0, $ls = strlen($string), $lr = strlen($rand); $i < $ls; $i++)
{
- $enc .= substr($rand, ($i % strlen($rand)), 1).(substr($rand, ($i % strlen($rand)), 1) ^ substr($string, $i, 1));
+ $enc .= $rand[($i % $lr)].($rand[($i % $lr)] ^ $string[$i]);
}
return $this->_xor_merge($enc, $key);
@@ -275,9 +241,9 @@ class CI_Encrypt {
$string = $this->_xor_merge($string, $key);
$dec = '';
- for ($i = 0; $i < strlen($string); $i++)
+ for ($i = 0, $l = strlen($string); $i < $l; $i++)
{
- $dec .= (substr($string, $i++, 1) ^ substr($string, $i, 1));
+ $dec .= ($string[$i++] ^ $string[$i]);
}
return $dec;
@@ -298,9 +264,9 @@ class CI_Encrypt {
{
$hash = $this->hash($key);
$str = '';
- for ($i = 0; $i < strlen($string); $i++)
+ for ($i = 0, $ls = strlen($string), $lh = strlen($hash); $i < $ls; $i++)
{
- $str .= substr($string, $i, 1) ^ substr($hash, ($i % strlen($hash)), 1);
+ $str .= $string[$i] ^ $hash[($i % $lh)];
}
return $str;
@@ -359,18 +325,17 @@ class CI_Encrypt {
*/
protected function _add_cipher_noise($data, $key)
{
- $keyhash = $this->hash($key);
- $keylen = strlen($keyhash);
+ $key = $this->hash($key);
$str = '';
- for ($i = 0, $j = 0, $len = strlen($data); $i < $len; ++$i, ++$j)
+ for ($i = 0, $j = 0, $ld = strlen($data), $lk = strlen($key); $i < $ld; ++$i, ++$j)
{
- if ($j >= $keylen)
+ if ($j >= $lk)
{
$j = 0;
}
- $str .= chr((ord($data[$i]) + ord($keyhash[$j])) % 256);
+ $str .= chr((ord($data[$i]) + ord($key[$j])) % 256);
}
return $str;
@@ -389,22 +354,21 @@ class CI_Encrypt {
*/
protected function _remove_cipher_noise($data, $key)
{
- $keyhash = $this->hash($key);
- $keylen = strlen($keyhash);
+ $key = $this->hash($key);
$str = '';
- for ($i = 0, $j = 0, $len = strlen($data); $i < $len; ++$i, ++$j)
+ for ($i = 0, $j = 0, $ld = strlen($data), $lk = strlen($key); $i < $ld; ++$i, ++$j)
{
- if ($j >= $keylen)
+ if ($j >= $lk)
{
$j = 0;
}
- $temp = ord($data[$i]) - ord($keyhash[$j]);
+ $temp = ord($data[$i]) - ord($key[$j]);
if ($temp < 0)
{
- $temp = $temp + 256;
+ $temp += 256;
}
$str .= chr($temp);
@@ -435,7 +399,7 @@ class CI_Encrypt {
* @param constant
* @return string
*/
- function set_mode($mode)
+ public function set_mode($mode)
{
$this->_mcrypt_mode = $mode;
return $this;
@@ -452,7 +416,7 @@ class CI_Encrypt {
{
if ($this->_mcrypt_cipher == '')
{
- $this->_mcrypt_cipher = MCRYPT_RIJNDAEL_256;
+ return $this->_mcrypt_cipher = MCRYPT_RIJNDAEL_256;
}
return $this->_mcrypt_cipher;
@@ -469,7 +433,7 @@ class CI_Encrypt {
{
if ($this->_mcrypt_mode == '')
{
- $this->_mcrypt_mode = MCRYPT_MODE_CBC;
+ return $this->_mcrypt_mode = MCRYPT_MODE_CBC;
}
return $this->_mcrypt_mode;
@@ -481,11 +445,11 @@ class CI_Encrypt {
* Set the Hash type
*
* @param string
- * @return string
+ * @return void
*/
public function set_hash($type = 'sha1')
{
- $this->_hash_type = ($type != 'sha1' AND $type != 'md5') ? 'sha1' : $type;
+ $this->_hash_type = ($type !== 'sha1' && $type !== 'md5') ? 'sha1' : $type;
}
// --------------------------------------------------------------------
@@ -498,11 +462,9 @@ class CI_Encrypt {
*/
public function hash($str)
{
- return ($this->_hash_type == 'sha1') ? sha1($str) : md5($str);
+ return ($this->_hash_type === 'sha1') ? sha1($str) : md5($str);
}
}
-// END CI_Encrypt class
-
/* End of file Encrypt.php */
-/* Location: ./system/libraries/Encrypt.php */ \ No newline at end of file
+/* Location: ./system/libraries/Encrypt.php */
diff --git a/user_guide_src/source/general/urls.rst b/user_guide_src/source/general/urls.rst
index 857078b1c..6b390b559 100644
--- a/user_guide_src/source/general/urls.rst
+++ b/user_guide_src/source/general/urls.rst
@@ -39,9 +39,10 @@ By default, the **index.php** file will be included in your URLs::
example.com/index.php/news/article/my_article
-You can easily remove this file by using a .htaccess file with some
-simple rules. Here is an example of such a file, using the "negative"
-method in which everything is redirected except the specified items:
+If your Apache server has mod_rewrite enabled, you can easily remove this
+file by using a .htaccess file with some simple rules. Here is an example
+of such a file, using the "negative" method in which everything is redirected
+except the specified items:
::
@@ -53,6 +54,8 @@ method in which everything is redirected except the specified items:
In the above example, any HTTP request other than those for existing
directories and existing files is treated as a request for your index.php file.
+.. note:: Note: These specific rules might not work for all server configurations.
+
Adding a URL Suffix
===================
diff --git a/user_guide_src/source/tutorial/static_pages.rst b/user_guide_src/source/tutorial/static_pages.rst
index c7f737951..708eaeb7b 100644
--- a/user_guide_src/source/tutorial/static_pages.rst
+++ b/user_guide_src/source/tutorial/static_pages.rst
@@ -97,7 +97,7 @@ page actually exists:
public function view($page = 'home')
{
- if ( ! file_exists('application/views/pages/'.$page.'.php'))
+ if ( ! file_exists(APPPATH.'/views/pages/'.$page.'.php'))
{
// Whoops, we don't have a page for that!
show_404();