summaryrefslogtreecommitdiffstats
path: root/system/core/CodeIgniter.php
diff options
context:
space:
mode:
Diffstat (limited to 'system/core/CodeIgniter.php')
-rw-r--r--system/core/CodeIgniter.php13
1 files changed, 4 insertions, 9 deletions
diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php
index ee1e9b9c9..633be7fab 100644
--- a/system/core/CodeIgniter.php
+++ b/system/core/CodeIgniter.php
@@ -256,17 +256,14 @@ defined('BASEPATH') OR exit('No direct script access allowed');
* Security check
* ------------------------------------------------------
*
- * None of the functions in the app controller or the
+ * None of the methods in the app controller or the
* loader class can be called via the URI, nor can
- * controller functions that begin with an underscore
+ * controller functions that begin with an underscore.
*/
$class = $RTR->fetch_class();
$method = $RTR->fetch_method();
- if ( ! class_exists($class)
- OR strpos($method, '_') === 0
- OR in_array(strtolower($method), array_map('strtolower', get_class_methods('CI_Controller')))
- )
+ if ( ! class_exists($class) OR $method[0] === '_' OR method_exists('CI_Controller', $method))
{
if ( ! empty($RTR->routes['404_override']))
{
@@ -325,9 +322,7 @@ defined('BASEPATH') OR exit('No direct script access allowed');
}
else
{
- // is_callable() returns TRUE on some versions of PHP 5 for private and protected
- // methods, so we'll use this workaround for consistent behavior
- if ( ! in_array(strtolower($method), array_map('strtolower', get_class_methods($CI))))
+ if ( ! is_callable(array($CI, $method)))
{
// Check and see if we are using a 404 override and use it.
if ( ! empty($RTR->routes['404_override']))