diff options
21 files changed, 90 insertions, 69 deletions
diff --git a/application/config/database.php b/application/config/database.php index d8566e8c3..77748959f 100644 --- a/application/config/database.php +++ b/application/config/database.php @@ -49,7 +49,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); | 'ssl_ca' - Path to the certificate authority file | 'ssl_capath' - Path to a directory containing trusted CA certificates in PEM format | 'ssl_cipher' - List of *allowed* ciphers to be used for the encryption, separated by colons (':') -| 'ssl_verify' - TRUE/FALSE; Whether verify the server certificate or not ('mysqli' only) +| 'ssl_verify' - TRUE/FALSE; Whether verify the server certificate or not | | ['compress'] Whether or not to use client compression (MySQL only) | ['stricton'] TRUE/FALSE - forces 'Strict Mode' connections diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php index b6ab71784..b4f16b905 100644 --- a/system/database/DB_driver.php +++ b/system/database/DB_driver.php @@ -142,7 +142,7 @@ abstract class CI_DB_driver { * * @var int */ - public $port = ''; + public $port = NULL; /** * Persistent connection flag @@ -1246,19 +1246,13 @@ abstract class CI_DB_driver { */ public function list_fields($table) { - // Is there a cached result? - if (isset($this->data_cache['field_names'][$table])) - { - return $this->data_cache['field_names'][$table]; - } - if (FALSE === ($sql = $this->_list_columns($table))) { return ($this->db_debug) ? $this->display_error('db_unsupported_function') : FALSE; } $query = $this->query($sql); - $this->data_cache['field_names'][$table] = array(); + $fields = array(); foreach ($query->result_array() as $row) { @@ -1280,10 +1274,10 @@ abstract class CI_DB_driver { } } - $this->data_cache['field_names'][$table][] = $row[$key]; + $fields[] = $row[$key]; } - return $this->data_cache['field_names'][$table]; + return $fields; } // -------------------------------------------------------------------- diff --git a/system/database/DB_forge.php b/system/database/DB_forge.php index dfc8a41b6..b086f7a81 100644 --- a/system/database/DB_forge.php +++ b/system/database/DB_forge.php @@ -348,7 +348,10 @@ abstract class CI_DB_forge { if (($result = $this->db->query($sql)) !== FALSE) { - isset($this->db->data_cache['table_names']) && $this->db->data_cache['table_names'][] = $table; + if (isset($this->db->data_cache['table_names'])) + { + $this->db->data_cache['table_names'][] = $table; + } // Most databases don't support creating indexes from within the CREATE TABLE statement if ( ! empty($this->keys)) @@ -724,7 +727,7 @@ abstract class CI_DB_forge { 'type' => isset($attributes['TYPE']) ? $attributes['TYPE'] : NULL, 'length' => '', 'unsigned' => '', - 'null' => '', + 'null' => NULL, 'unique' => '', 'default' => '', 'auto_increment' => '', diff --git a/system/database/drivers/mysqli/mysqli_driver.php b/system/database/drivers/mysqli/mysqli_driver.php index f67b52507..4f0c28e78 100644 --- a/system/database/drivers/mysqli/mysqli_driver.php +++ b/system/database/drivers/mysqli/mysqli_driver.php @@ -167,26 +167,28 @@ class CI_DB_mysqli_driver extends CI_DB { empty($this->encrypt['ssl_capath']) OR $ssl['capath'] = $this->encrypt['ssl_capath']; empty($this->encrypt['ssl_cipher']) OR $ssl['cipher'] = $this->encrypt['ssl_cipher']; - if ( ! empty($ssl)) + if (isset($this->encrypt['ssl_verify'])) { - if (isset($this->encrypt['ssl_verify'])) + $client_flags |= MYSQLI_CLIENT_SSL; + + if ($this->encrypt['ssl_verify']) + { + defined('MYSQLI_OPT_SSL_VERIFY_SERVER_CERT') && $this->_mysqli->options(MYSQLI_OPT_SSL_VERIFY_SERVER_CERT, TRUE); + } + // Apparently (when it exists), setting MYSQLI_OPT_SSL_VERIFY_SERVER_CERT + // to FALSE didn't do anything, so PHP 5.6.16 introduced yet another + // constant ... + // + // https://secure.php.net/ChangeLog-5.php#5.6.16 + // https://bugs.php.net/bug.php?id=68344 + elseif (defined('MYSQLI_CLIENT_SSL_DONT_VERIFY_SERVER_CERT')) { - if ($this->encrypt['ssl_verify']) - { - defined('MYSQLI_OPT_SSL_VERIFY_SERVER_CERT') && $this->_mysqli->options(MYSQLI_OPT_SSL_VERIFY_SERVER_CERT, TRUE); - } - // Apparently (when it exists), setting MYSQLI_OPT_SSL_VERIFY_SERVER_CERT - // to FALSE didn't do anything, so PHP 5.6.16 introduced yet another - // constant ... - // - // https://secure.php.net/ChangeLog-5.php#5.6.16 - // https://bugs.php.net/bug.php?id=68344 - elseif (defined('MYSQLI_CLIENT_SSL_DONT_VERIFY_SERVER_CERT')) - { - $client_flags |= MYSQLI_CLIENT_SSL_DONT_VERIFY_SERVER_CERT; - } + $client_flags |= MYSQLI_CLIENT_SSL_DONT_VERIFY_SERVER_CERT; } + } + if ( ! empty($ssl)) + { $client_flags |= MYSQLI_CLIENT_SSL; $this->_mysqli->ssl_set( isset($ssl['key']) ? $ssl['key'] : NULL, diff --git a/system/database/drivers/pdo/subdrivers/pdo_mysql_driver.php b/system/database/drivers/pdo/subdrivers/pdo_mysql_driver.php index 01ba15c1c..26bc30e14 100644 --- a/system/database/drivers/pdo/subdrivers/pdo_mysql_driver.php +++ b/system/database/drivers/pdo/subdrivers/pdo_mysql_driver.php @@ -167,6 +167,11 @@ class CI_DB_pdo_mysql_driver extends CI_DB_pdo_driver { empty($this->encrypt['ssl_capath']) OR $ssl[PDO::MYSQL_ATTR_SSL_CAPATH] = $this->encrypt['ssl_capath']; empty($this->encrypt['ssl_cipher']) OR $ssl[PDO::MYSQL_ATTR_SSL_CIPHER] = $this->encrypt['ssl_cipher']; + if (defined('PDO::MYSQL_ATTR_SSL_VERIFY_SERVER_CERT') && isset($this->encrypt['ssl_verify'])) + { + $ssl[PDO::MYSQL_ATTR_SSL_VERIFY_SERVER_CERT] = $this->encrypt['ssl_verify']; + } + // DO NOT use array_merge() here! // It re-indexes numeric keys and the PDO_MYSQL_ATTR_SSL_* constants are integers. empty($ssl) OR $this->options += $ssl; diff --git a/system/database/drivers/pdo/subdrivers/pdo_pgsql_forge.php b/system/database/drivers/pdo/subdrivers/pdo_pgsql_forge.php index d7b751999..ff7a11075 100644 --- a/system/database/drivers/pdo/subdrivers/pdo_pgsql_forge.php +++ b/system/database/drivers/pdo/subdrivers/pdo_pgsql_forge.php @@ -136,7 +136,7 @@ class CI_DB_pdo_pgsql_forge extends CI_DB_pdo_forge { if (isset($field[$i]['null'])) { $sqls[] = $sql.' ALTER COLUMN '.$this->db->escape_identifiers($field[$i]['name']) - .($field[$i]['null'] === TRUE ? ' DROP NOT NULL' : ' SET NOT NULL'); + .(trim($field[$i]['null']) === $this->_null ? ' DROP NOT NULL' : ' SET NOT NULL'); } if ( ! empty($field[$i]['new_name'])) diff --git a/system/database/drivers/pdo/subdrivers/pdo_sqlite_driver.php b/system/database/drivers/pdo/subdrivers/pdo_sqlite_driver.php index 396d10e61..f55d9a6c7 100644 --- a/system/database/drivers/pdo/subdrivers/pdo_sqlite_driver.php +++ b/system/database/drivers/pdo/subdrivers/pdo_sqlite_driver.php @@ -128,24 +128,18 @@ class CI_DB_pdo_sqlite_driver extends CI_DB_pdo_driver { */ public function list_fields($table) { - // Is there a cached result? - if (isset($this->data_cache['field_names'][$table])) - { - return $this->data_cache['field_names'][$table]; - } - if (($result = $this->query('PRAGMA TABLE_INFO('.$this->protect_identifiers($table, TRUE, NULL, FALSE).')')) === FALSE) { return FALSE; } - $this->data_cache['field_names'][$table] = array(); + $fields = array(); foreach ($result->result_array() as $row) { - $this->data_cache['field_names'][$table][] = $row['name']; + $fields[] = $row['name']; } - return $this->data_cache['field_names'][$table]; + return $fields; } // -------------------------------------------------------------------- diff --git a/system/database/drivers/postgre/postgre_forge.php b/system/database/drivers/postgre/postgre_forge.php index 418376ab4..353ddac99 100644 --- a/system/database/drivers/postgre/postgre_forge.php +++ b/system/database/drivers/postgre/postgre_forge.php @@ -131,7 +131,7 @@ class CI_DB_postgre_forge extends CI_DB_forge { if (isset($field[$i]['null'])) { $sqls[] = $sql.' ALTER COLUMN '.$this->db->escape_identifiers($field[$i]['name']) - .($field[$i]['null'] === TRUE ? ' DROP NOT NULL' : ' SET NOT NULL'); + .(trim($field[$i]['null']) === $this->_null ? ' DROP NOT NULL' : ' SET NOT NULL'); } if ( ! empty($field[$i]['new_name'])) diff --git a/system/database/drivers/sqlite3/sqlite3_driver.php b/system/database/drivers/sqlite3/sqlite3_driver.php index 14d8349f4..5d057ba5a 100644 --- a/system/database/drivers/sqlite3/sqlite3_driver.php +++ b/system/database/drivers/sqlite3/sqlite3_driver.php @@ -230,24 +230,18 @@ class CI_DB_sqlite3_driver extends CI_DB { */ public function list_fields($table) { - // Is there a cached result? - if (isset($this->data_cache['field_names'][$table])) - { - return $this->data_cache['field_names'][$table]; - } - if (($result = $this->query('PRAGMA TABLE_INFO('.$this->protect_identifiers($table, TRUE, NULL, FALSE).')')) === FALSE) { return FALSE; } - $this->data_cache['field_names'][$table] = array(); + $fields = array(); foreach ($result->result_array() as $row) { - $this->data_cache['field_names'][$table][] = $row['name']; + $fields[] = $row['name']; } - return $this->data_cache['field_names'][$table]; + return $fields; } // -------------------------------------------------------------------- diff --git a/system/helpers/inflector_helper.php b/system/helpers/inflector_helper.php index 04f2ac9d2..a36836b00 100644 --- a/system/helpers/inflector_helper.php +++ b/system/helpers/inflector_helper.php @@ -275,6 +275,17 @@ if ( ! function_exists('word_is_countable')) } } +// -------------------------------------------------------------------- + +if ( ! function_exists('is_countable')) +{ + function is_countable($word) + { + trigger_error('is_countable() is a native PHP function since version 7.3.0; use word_is_countable() instead', E_USER_WARNING); + return word_is_countable($word); + } +} + // ------------------------------------------------------------------------ if ( ! function_exists('ordinal_format')) diff --git a/system/language/english/form_validation_lang.php b/system/language/english/form_validation_lang.php index e7215a066..74a2512c4 100644 --- a/system/language/english/form_validation_lang.php +++ b/system/language/english/form_validation_lang.php @@ -44,6 +44,7 @@ $lang['form_validation_valid_emails'] = 'The {field} field must contain all val $lang['form_validation_valid_url'] = 'The {field} field must contain a valid URL.'; $lang['form_validation_valid_ip'] = 'The {field} field must contain a valid IP.'; $lang['form_validation_valid_mac'] = 'The {field} field must contain a valid MAC.'; +$lang['form_validation_valid_base64'] = 'The {field} field must contain a valid Base64 string.'; $lang['form_validation_min_length'] = 'The {field} field must be at least {param} characters in length.'; $lang['form_validation_max_length'] = 'The {field} field cannot exceed {param} characters in length.'; $lang['form_validation_exact_length'] = 'The {field} field must be exactly {param} characters in length.'; diff --git a/system/libraries/Session/Session_driver.php b/system/libraries/Session/Session_driver.php index ed0f0cd82..14ebdb09f 100644 --- a/system/libraries/Session/Session_driver.php +++ b/system/libraries/Session/Session_driver.php @@ -115,13 +115,13 @@ abstract class CI_Session_driver implements SessionHandlerInterface { /** * PHP 5.x validate ID * - * Enforces session.use_strict_mode on PHP 5.x (7+ does it by itself) + * Enforces session.use_strict_mode * * @return void */ public function php5_validate_id() { - if (PHP_VERSION_ID < 70000 && isset($_COOKIE[$this->_config['cookie_name']]) && ! $this->validateId($_COOKIE[$this->_config['cookie_name']])) + if (isset($_COOKIE[$this->_config['cookie_name']]) && ! $this->validateSessionId($_COOKIE[$this->_config['cookie_name']])) { unset($_COOKIE[$this->_config['cookie_name']]); } diff --git a/system/libraries/Session/drivers/Session_database_driver.php b/system/libraries/Session/drivers/Session_database_driver.php index c626093f9..734fe624f 100644 --- a/system/libraries/Session/drivers/Session_database_driver.php +++ b/system/libraries/Session/drivers/Session_database_driver.php @@ -353,7 +353,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan * @param string $id * @return bool */ - public function validateId($id) + public function validateSessionId($id) { // Prevent previous QB calls from messing with our queries $this->_db->reset_query(); diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php index a2d25cc8f..467059434 100644 --- a/system/libraries/Session/drivers/Session_files_driver.php +++ b/system/libraries/Session/drivers/Session_files_driver.php @@ -402,9 +402,11 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle * @param string $id * @return bool */ - public function validateId($id) + public function validateSessionId($id) { - return is_file($this->_file_path.$id); + $result = is_file($this->_file_path.$id); + clearstatcache(TRUE, $this->_file_path.$id); + return $result; } // -------------------------------------------------------------------- diff --git a/system/libraries/Session/drivers/Session_memcached_driver.php b/system/libraries/Session/drivers/Session_memcached_driver.php index 7e026ad52..ab54f029f 100644 --- a/system/libraries/Session/drivers/Session_memcached_driver.php +++ b/system/libraries/Session/drivers/Session_memcached_driver.php @@ -303,7 +303,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa * @param string $id * @return bool */ - public function validateId($id) + public function validateSessionId($id) { $this->_memcached->get($this->_key_prefix.$id); return ($this->_memcached->getResultCode() === Memcached::RES_SUCCESS); diff --git a/system/libraries/Session/drivers/Session_redis_driver.php b/system/libraries/Session/drivers/Session_redis_driver.php index 6020a9ef9..07511e555 100644 --- a/system/libraries/Session/drivers/Session_redis_driver.php +++ b/system/libraries/Session/drivers/Session_redis_driver.php @@ -347,7 +347,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle * @param string $id * @return bool */ - public function validateId($id) + public function validateSessionId($id) { return (bool) $this->_redis->exists($this->_key_prefix.$id); } diff --git a/system/libraries/Xmlrpc.php b/system/libraries/Xmlrpc.php index ffe0813f7..4e8c303c7 100644 --- a/system/libraries/Xmlrpc.php +++ b/system/libraries/Xmlrpc.php @@ -1211,7 +1211,7 @@ class XML_RPC_Message extends CI_Xmlrpc { echo '<pre>'; - if (count($this->xh[$pname]['headers'] > 0)) + if (count($this->xh[$pname]['headers']) > 0) { echo "---HEADERS---\n"; foreach ($this->xh[$pname]['headers'] as $header) diff --git a/tests/codeigniter/helpers/inflector_helper_test.php b/tests/codeigniter/helpers/inflector_helper_test.php index 8c4f9e51f..f4c524ef6 100644 --- a/tests/codeigniter/helpers/inflector_helper_test.php +++ b/tests/codeigniter/helpers/inflector_helper_test.php @@ -112,4 +112,4 @@ class Inflector_helper_test extends CI_TestCase { $this->assertEquals($expect, ordinal_format($str)); } } -}
\ No newline at end of file +} diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index 18a973ac5..e52571f9d 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -131,10 +131,25 @@ Release Date: Not Released Version 3.1.10 ============== +- General Changes + + - Added 'ssl_verify' support to the 'pdo/mysql' :doc:`Database <database/index> driver. + Bug fixes for 3.1.10 -------------------- - Fixed a bug (#5526) - :doc:`Session Library <libraries/sessions>` had a syntax error in its 'memcached' driver. +- Fixed a bug (#5542) - :doc:`Database Forge <database/forge>` method ``modify_column()`` always made fields ``NOT NULL`` when attempting to modify their nullable property under PostgreSQL. +- Fixed a bug (#5561) - :doc:`Database Library <database/index>` didn't allow SSL connection configuration with only the 'ssl_verify' option when using the 'mysqli' driver. +- Fixed a bug (#5545) - :doc:`Session Library <libraries/sessions>` crashed due to a caching-related error with the 'files' driver. +- Fixed a bug (#5571) - :doc:`XML-RPC Library <libraries/xmlrpc>` had a typo that triggered an ``E_WARNING`` message on PHP 7.2. +- Fixed a bug (#5587) - :doc:`Database Forge <database/forge>` method ``create_table()`` generated an ``E_WARNING`` message. +- Fixed a bug (#5590) - :doc:`Form Validation Library <libraries/form_validation>` rule **valid_base64** didn't have a default error message. +- Fixed a bug (#5624) - :doc:`Database Library <database/index>` methods ``list_fields()``, ``field_exists()`` returned incorrect results after tables are modified. +- Fixed a bug (#5627) - :doc:`Database <database/index>` driver 'mysqli' triggered an ``E_WARNING`` message if there's no ``'port'`` specified in the database configuration. +- Fixed a bug (#5651) - :doc:`Database Caching <database/caching>` could try to delete non-existent cache files due to a race condition. +- Fixed a bug (#5652) - :doc:`CAPTCHA Helper <helpers/captcha_helper>` function :php:func:`create_captcha()` didn't comply with CSS standards. +- Fixed a bug (#5605) - :doc:`Form Validation Library <libraries/form_validation>` didn't nullify array inputs that are expected to be strings. Version 3.1.9 ============= diff --git a/user_guide_src/source/installation/upgrade_3110.rst b/user_guide_src/source/installation/upgrade_3110.rst index a19f1e68e..0e3b7c676 100644 --- a/user_guide_src/source/installation/upgrade_3110.rst +++ b/user_guide_src/source/installation/upgrade_3110.rst @@ -12,3 +12,14 @@ Replace all files and directories in your *system/* directory. .. note:: If you have any custom developed files in these directories, please make copies of them first. + +Step 2: Check for calls to is_countable() +========================================== + + +PHP 7.3 introduces a native `is_countable() <https://secure.php.net/is_countable>`_ +function, which creates a name collision with the ``is_countable()`` function +we've had in our :doc:`Inflector Helpers <../helpers/inflector_helper>`. + +If you've been using the helper function in question, you should now rename +the calls to it to :php:func:`word_is_countable()`. diff --git a/user_guide_src/source/installation/upgrade_320.rst b/user_guide_src/source/installation/upgrade_320.rst index a9dc274c7..3eadd8caf 100644 --- a/user_guide_src/source/installation/upgrade_320.rst +++ b/user_guide_src/source/installation/upgrade_320.rst @@ -257,14 +257,3 @@ so that if you're using the :doc:`Web Page Caching <../general/caching>` feature, you'll be left with some old, garbage cache files. That shouldn't be a problem, but you may want to clear them. - -Step 13: Check for calls to is_countable() -========================================== - - -PHP 7.3 introduces a native `is_countable() <https://secure.php.net/is_countable>`_ -function, which creates a name collision with the ``is_countable()`` function -we've had in our :doc:`Inflector Helpers <../helpers/inflector_helper>`. - -If you've been using the helper function in question, you should now rename -the calls to it to :php:func:`word_is_countable()`. |