diff options
| -rw-r--r-- | application/config/config.php | 3 | ||||
| -rw-r--r-- | system/core/URI.php | 14 | ||||
| -rw-r--r-- | system/database/DB_driver.php | 30 | ||||
| -rw-r--r-- | system/database/DB_query_builder.php | 2 | ||||
| -rwxr-xr-x | system/libraries/Session/drivers/Session_cookie.php | 36 | ||||
| -rw-r--r-- | user_guide_src/source/changelog.rst | 1 | ||||
| -rw-r--r-- | user_guide_src/source/libraries/sessions.rst | 2 |
7 files changed, 44 insertions, 44 deletions
diff --git a/application/config/config.php b/application/config/config.php index 6867cee88..0562953b0 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -64,10 +64,9 @@ $config['index_page'] = 'index.php'; | | 'AUTO' Default - auto detects | 'CLI' or 'argv' Uses $_SERVER['argv'] (for php-cli only) -| 'REQUEST_URI' Uses $_SERVER['REQUEST_URI'] | 'PATH_INFO' Uses $_SERVER['PATH_INFO'] +| 'REQUEST_URI' Uses $_SERVER['REQUEST_URI'] | 'QUERY_STRING' Uses $_SERVER['QUERY_STRING'] -| 'ORIG_PATH_INFO' Uses $_SERVER['ORIG_PATH_INFO'] | */ $config['uri_protocol'] = 'AUTO'; diff --git a/system/core/URI.php b/system/core/URI.php index 3b7718fff..309c77630 100644 --- a/system/core/URI.php +++ b/system/core/URI.php @@ -102,23 +102,21 @@ class CI_URI { return; } - // Let's try the REQUEST_URI first, this will work in most situations - if (($uri = $this->_parse_request_uri()) !== '') + // Is there a PATH_INFO variable? This should be the easiest solution. + if (isset($_SERVER['PATH_INFO'])) { - $this->_set_uri_string($uri); + $this->_set_uri_string($_SERVER['PATH_INFO']); return; } - // Is there a PATH_INFO variable? - // Note: some servers seem to have trouble with getenv() so we'll test it two ways - $uri = isset($_SERVER['PATH_INFO']) ? $_SERVER['PATH_INFO'] : @getenv('PATH_INFO'); - if (trim($uri, '/') !== '' && $uri !== '/'.SELF) + // Let's try REQUEST_URI then, this will work in most situations + if (($uri = $this->_parse_request_uri()) !== '') { $this->_set_uri_string($uri); return; } - // No PATH_INFO?... What about QUERY_STRING? + // No REQUEST_URI either?... What about QUERY_STRING? if (($uri = $this->_parse_query_string()) !== '') { $this->_set_uri_string($uri); diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php index e8286aaa1..795ed6711 100644 --- a/system/database/DB_driver.php +++ b/system/database/DB_driver.php @@ -1080,43 +1080,19 @@ abstract class CI_DB_driver { */ public function update_string($table, $data, $where) { - if ($where === '') + if (empty($where)) { return FALSE; } + $this->where($where); + $fields = array(); foreach ($data as $key => $val) { $fields[$this->protect_identifiers($key)] = $this->escape($val); } - if ( ! is_array($where)) - { - $dest = array($where); - } - else - { - $dest = array(); - foreach ($where as $key => $val) - { - $prefix = (count($dest) === 0) ? '' : ' AND '; - $key = $this->protect_identifiers($key); - - if ($val !== '') - { - if ( ! $this->_has_operator($key)) - { - $key .= ' ='; - } - - $val = ' '.$this->escape($val); - } - - $dest[] = $prefix.$key.$val; - } - } - return $this->_update($this->protect_identifiers($table, TRUE, NULL, FALSE), $fields, $dest); } diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index a3585586e..cc43d834c 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -1575,7 +1575,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { } $sql = $this->_update($this->protect_identifiers($this->qb_from[0], TRUE, NULL, FALSE), $this->qb_set); - +var_dump($sql); $this->_reset_write(); return $this->query($sql); } diff --git a/system/libraries/Session/drivers/Session_cookie.php b/system/libraries/Session/drivers/Session_cookie.php index 2f1bf3531..8f527ace7 100755 --- a/system/libraries/Session/drivers/Session_cookie.php +++ b/system/libraries/Session/drivers/Session_cookie.php @@ -540,11 +540,25 @@ class CI_Session_cookie extends CI_Session_driver { // Check for database if ($this->sess_use_database === TRUE) { + $this->CI->db->where('session_id', $old_sessid); + + if ($this->sess_match_ip === TRUE) + { + $this->CI->db->where('ip_address', $this->CI->input->ip_address()); + } + + if ($this->sess_match_useragent === TRUE) + { + $this->CI->db->where('user_agent', trim(substr($this->CI->input->user_agent(), 0, 120))); + } + // Update the session ID and last_activity field in the DB - $this->CI->db->update($this->sess_table_name, array( - 'last_activity' => $this->now, - 'session_id' => $this->userdata['session_id'] - ), array('session_id' => $old_sessid)); + $this->CI->db->update($this->sess_table_name, + array( + 'last_activity' => $this->now, + 'session_id' => $this->userdata['session_id'] + ) + ); } // Write the cookie @@ -590,7 +604,19 @@ class CI_Session_cookie extends CI_Session_driver { // Run the update query // Any time we change the session id, it gets updated immediately, // so our where clause below is always safe - $this->CI->db->update($this->sess_table_name, $set, array('session_id' => $this->userdata['session_id'])); + $this->CI->db->where('session_id', $this->userdata['session_id']); + + if ($this->sess_match_ip === TRUE) + { + $this->CI->db->where('ip_address', $this->CI->input->ip_address()); + } + + if ($this->sess_match_useragent === TRUE) + { + $this->CI->db->where('user_agent', trim(substr($this->CI->input->user_agent(), 0, 120))); + } + + $this->CI->db->update($this->sess_table_name, $set); // Clear dirty flag to prevent double updates $this->data_dirty = FALSE; diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index e0b8c75e0..a6494e361 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -236,6 +236,7 @@ Release Date: Not Released - Renamed internal method ``_detect_uri()`` to ``_parse_request_uri()``. - Changed ``_parse_request_uri()`` to accept absolute URIs for compatibility with HTTP/1.1 as per `RFC2616 <http://www.ietf.org/rfc/rfc2616.txt>`. - Added protected method ``_parse_query_string()`` to URI paths in the the **QUERY_STRING** value, like ``_parse_request_uri()`` does. + - Changed ``_fetch_uri_string()`` to try the **PATH_INFO** variable first when auto-detecting. - Removed ``CI_CORE`` boolean constant from *CodeIgniter.php* (no longer Reactor and Core versions). - :doc:`Loader Library <libraries/loader>` changes include: - Added method ``get_vars()`` to the Loader to retrieve all variables loaded with ``$this->load->vars()``. diff --git a/user_guide_src/source/libraries/sessions.rst b/user_guide_src/source/libraries/sessions.rst index dd9e8cbb4..ee7fb0b1c 100644 --- a/user_guide_src/source/libraries/sessions.rst +++ b/user_guide_src/source/libraries/sessions.rst @@ -388,7 +388,7 @@ session class:: user_agent varchar(120) NOT NULL, last_activity int(10) unsigned DEFAULT 0 NOT NULL, user_data text NOT NULL, - PRIMARY KEY (session_id), + PRIMARY KEY (session_id, ip_address, user_agent), KEY `last_activity_idx` (`last_activity`) ); |