diff options
Diffstat (limited to 'system/core/CodeIgniter.php')
-rw-r--r-- | system/core/CodeIgniter.php | 13 |
1 files changed, 4 insertions, 9 deletions
diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index ee1e9b9c9..633be7fab 100644 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -256,17 +256,14 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * Security check * ------------------------------------------------------ * - * None of the functions in the app controller or the + * None of the methods in the app controller or the * loader class can be called via the URI, nor can - * controller functions that begin with an underscore + * controller functions that begin with an underscore. */ $class = $RTR->fetch_class(); $method = $RTR->fetch_method(); - if ( ! class_exists($class) - OR strpos($method, '_') === 0 - OR in_array(strtolower($method), array_map('strtolower', get_class_methods('CI_Controller'))) - ) + if ( ! class_exists($class) OR $method[0] === '_' OR method_exists('CI_Controller', $method)) { if ( ! empty($RTR->routes['404_override'])) { @@ -325,9 +322,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); } else { - // is_callable() returns TRUE on some versions of PHP 5 for private and protected - // methods, so we'll use this workaround for consistent behavior - if ( ! in_array(strtolower($method), array_map('strtolower', get_class_methods($CI)))) + if ( ! is_callable(array($CI, $method))) { // Check and see if we are using a 404 override and use it. if ( ! empty($RTR->routes['404_override'])) |