diff options
| -rw-r--r-- | readme.rst | 4 | ||||
| -rw-r--r-- | system/core/Common.php | 6 | ||||
| -rw-r--r-- | system/libraries/Session/drivers/Session_redis_driver.php | 5 | ||||
| -rw-r--r-- | system/libraries/Upload.php | 2 | ||||
| -rw-r--r-- | tests/codeigniter/core/Common_test.php | 12 | ||||
| -rw-r--r-- | user_guide_src/source/libraries/sessions.rst | 4 |
6 files changed, 23 insertions, 10 deletions
diff --git a/readme.rst b/readme.rst index 84ecc67f9..7a376322d 100644 --- a/readme.rst +++ b/readme.rst @@ -29,7 +29,7 @@ guide change log <https://github.com/bcit-ci/CodeIgniter/blob/develop/user_guide Server Requirements ******************* -PHP version 5.5 or newer is recommended. +PHP version 5.6 or newer is recommended. It should work on 5.2.4 as well, but we strongly advise you NOT to run such old versions of PHP, because of potential security and performance @@ -67,4 +67,4 @@ Acknowledgement *************** The CodeIgniter team would like to thank EllisLab, all the -contributors to the CodeIgniter project and you, the CodeIgniter user.
\ No newline at end of file +contributors to the CodeIgniter project and you, the CodeIgniter user. diff --git a/system/core/Common.php b/system/core/Common.php index b87ce4d62..d66649f59 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -355,7 +355,7 @@ if ( ! function_exists('is_https')) { return TRUE; } - elseif (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https') + elseif (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && strtolower($_SERVER['HTTP_X_FORWARDED_PROTO']) === 'https') { return TRUE; } @@ -716,8 +716,8 @@ if ( ! function_exists('remove_invisible_characters')) // carriage return (dec 13) and horizontal tab (dec 09) if ($url_encoded) { - $non_displayables[] = '/%0[0-8bcef]/'; // url encoded 00-08, 11, 12, 14, 15 - $non_displayables[] = '/%1[0-9a-f]/'; // url encoded 16-31 + $non_displayables[] = '/%0[0-8bcef]/i'; // url encoded 00-08, 11, 12, 14, 15 + $non_displayables[] = '/%1[0-9a-f]/i'; // url encoded 16-31 } $non_displayables[] = '/[\x00-\x08\x0B\x0C\x0E-\x1F\x7F]+/S'; // 00-08, 11, 12, 14-31, 127 diff --git a/system/libraries/Session/drivers/Session_redis_driver.php b/system/libraries/Session/drivers/Session_redis_driver.php index ad14cbfdc..d3a265958 100644 --- a/system/libraries/Session/drivers/Session_redis_driver.php +++ b/system/libraries/Session/drivers/Session_redis_driver.php @@ -99,8 +99,9 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle elseif (preg_match('#(?:tcp://)?([^:?]+)(?:\:(\d+))?(?<options>\?.+)?#', $this->_config['save_path'], $matches)) { $save_path = array( - 'host' => $matches[1], - 'port' => empty($matches[2]) ? NULL : $matches[2] + 'host' => $matches[1], + 'port' => empty($matches[2]) ? NULL : $matches[2], + 'timeout' => NULL // We always pass this to Redis::connect(), so it needs to exist ); } else diff --git a/system/libraries/Upload.php b/system/libraries/Upload.php index 7b94a230c..056f6de1e 100644 --- a/system/libraries/Upload.php +++ b/system/libraries/Upload.php @@ -601,7 +601,7 @@ class CI_Upload { 'file_type' => $this->file_type, 'file_path' => $this->upload_path, 'full_path' => $this->upload_path.$this->file_name, - 'raw_name' => substr($this->file_name, 0, strlen($this->file_name) - strlen($this->file_ext)), + 'raw_name' => substr($this->file_name, 0, -strlen($this->file_ext)), 'orig_name' => $this->orig_name, 'client_name' => $this->client_name, 'file_ext' => $this->file_ext, diff --git a/tests/codeigniter/core/Common_test.php b/tests/codeigniter/core/Common_test.php index 81a185eaf..ca19e5de0 100644 --- a/tests/codeigniter/core/Common_test.php +++ b/tests/codeigniter/core/Common_test.php @@ -54,4 +54,16 @@ class Common_test extends CI_TestCase { ); } + // ------------------------------------------------------------------------ + + public function test_remove_invisible_characters() + { + $raw_string = 'Here is a string containing invisible'.chr(0x08).' text %0e.'; + $removed_string = 'Here is a string containing invisible text %0e.'; + $this->assertEquals($removed_string, remove_invisible_characters($raw_string, FALSE)); + + $raw_string = 'Here is a string %0econtaining url_encoded invisible%1F text.'; + $removed_string = 'Here is a string containing url_encoded invisible text.'; + $this->assertEquals($removed_string, remove_invisible_characters($raw_string)); + } }
\ No newline at end of file diff --git a/user_guide_src/source/libraries/sessions.rst b/user_guide_src/source/libraries/sessions.rst index 9c9761bbf..082828c4e 100644 --- a/user_guide_src/source/libraries/sessions.rst +++ b/user_guide_src/source/libraries/sessions.rst @@ -906,7 +906,7 @@ Class Reference Gets a list of all ``$_SESSION`` that have been marked as "flashdata". - .. php:method:: umark_flash($key) + .. php:method:: unmark_flash($key) :param mixed $key: Key to be un-marked as flashdata, or an array of multiple keys :rtype: void @@ -971,7 +971,7 @@ Class Reference Gets a list of all ``$_SESSION`` that have been marked as "tempdata". - .. php:method:: umark_temp($key) + .. php:method:: unmark_temp($key) :param mixed $key: Key to be un-marked as tempdata, or an array of multiple keys :rtype: void |