diff options
Diffstat (limited to 'system/core/Common.php')
| -rw-r--r-- | system/core/Common.php | 558 |
1 files changed, 342 insertions, 216 deletions
diff --git a/system/core/Common.php b/system/core/Common.php index aeb784bbe..7feb16bfd 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -1,4 +1,4 @@ -<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +<?php /** * CodeIgniter * @@ -24,6 +24,7 @@ * @since Version 1.0 * @filesource */ +defined('BASEPATH') OR exit('No direct script access allowed'); /** * Common Functions @@ -31,7 +32,7 @@ * Loads the base classes and executes the request. * * @package CodeIgniter - * @subpackage codeigniter + * @subpackage CodeIgniter * @category Common Functions * @author EllisLab Dev Team * @link http://codeigniter.com/user_guide/ @@ -39,25 +40,25 @@ // ------------------------------------------------------------------------ -/** - * Determines if the current version of PHP is greater then the supplied value - * - * Since there are a few places where we conditionally test for PHP > 5 - * we'll set a static variable. - * - * @param string - * @return bool TRUE if the current version is $version or higher - */ if ( ! function_exists('is_php')) { - function is_php($version = '5.0.0') + /** + * Determines if the current version of PHP is greater then the supplied value + * + * Since there are a few places where we conditionally test for PHP > 5.3 + * we'll set a static variable. + * + * @param string + * @return bool TRUE if the current version is $version or higher + */ + function is_php($version = '5.3.0') { static $_is_php; $version = (string) $version; if ( ! isset($_is_php[$version])) { - $_is_php[$version] = (version_compare(PHP_VERSION, $version) < 0) ? FALSE : TRUE; + $_is_php[$version] = (version_compare(PHP_VERSION, $version) >= 0); } return $_is_php[$version]; @@ -66,18 +67,18 @@ if ( ! function_exists('is_php')) // ------------------------------------------------------------------------ -/** - * Tests for file writability - * - * is_writable() returns TRUE on Windows servers when you really can't write to - * the file, based on the read-only attribute. is_writable() is also unreliable - * on Unix servers if safe_mode is on. - * - * @param string - * @return void - */ if ( ! function_exists('is_really_writable')) { + /** + * Tests for file writability + * + * is_writable() returns TRUE on Windows servers when you really can't write to + * the file, based on the read-only attribute. is_writable() is also unreliable + * on Unix servers if safe_mode is on. + * + * @param string + * @return void + */ function is_really_writable($file) { // If we're on a Unix server with safe_mode off we call is_writable @@ -114,20 +115,20 @@ if ( ! function_exists('is_really_writable')) // ------------------------------------------------------------------------ -/** - * Class registry - * - * This function acts as a singleton. If the requested class does not - * exist it is instantiated and set to a static variable. If it has - * previously been instantiated the variable is returned. - * - * @param string the class name being requested - * @param string the directory where the class should be found - * @param string the class name prefix - * @return object - */ if ( ! function_exists('load_class')) { + /** + * Class registry + * + * This function acts as a singleton. If the requested class does not + * exist it is instantiated and set to a static variable. If it has + * previously been instantiated the variable is returned. + * + * @param string the class name being requested + * @param string the directory where the class should be found + * @param string the class name prefix + * @return object + */ function &load_class($class, $directory = 'libraries', $prefix = 'CI_') { static $_classes = array(); @@ -150,7 +151,7 @@ if ( ! function_exists('load_class')) if (class_exists($name) === FALSE) { - require($path.$directory.'/'.$class.'.php'); + require_once($path.$directory.'/'.$class.'.php'); } break; @@ -164,7 +165,7 @@ if ( ! function_exists('load_class')) if (class_exists($name) === FALSE) { - require(APPPATH.$directory.'/'.config_item('subclass_prefix').$class.'.php'); + require_once(APPPATH.$directory.'/'.config_item('subclass_prefix').$class.'.php'); } } @@ -172,7 +173,7 @@ if ( ! function_exists('load_class')) if ($name === FALSE) { // Note: We use exit() rather then show_error() in order to avoid a - // self-referencing loop with the Excptions class + // self-referencing loop with the Exceptions class set_status_header(503); exit('Unable to locate the specified class: '.$class.'.php'); } @@ -187,20 +188,20 @@ if ( ! function_exists('load_class')) // -------------------------------------------------------------------- -/** - * Keeps track of which libraries have been loaded. This function is - * called by the load_class() function above - * - * @param string - * @return array - */ if ( ! function_exists('is_loaded')) { + /** + * Keeps track of which libraries have been loaded. This function is + * called by the load_class() function above + * + * @param string + * @return array + */ function &is_loaded($class = '') { static $_is_loaded = array(); - if ($class != '') + if ($class !== '') { $_is_loaded[strtolower($class)] = $class; } @@ -211,17 +212,17 @@ if ( ! function_exists('is_loaded')) // ------------------------------------------------------------------------ -/** - * Loads the main config.php file - * - * This function lets us grab the config file even if the Config class - * hasn't been instantiated yet - * - * @param array - * @return array - */ if ( ! function_exists('get_config')) { + /** + * Loads the main config.php file + * + * This function lets us grab the config file even if the Config class + * hasn't been instantiated yet + * + * @param array + * @return array + */ function &get_config($replace = array()) { static $_config; @@ -231,21 +232,25 @@ if ( ! function_exists('get_config')) return $_config[0]; } - // Is the config file in the environment folder? - if ( ! defined('ENVIRONMENT') OR ! file_exists($file_path = APPPATH.'config/'.ENVIRONMENT.'/config.php')) + $file_path = APPPATH.'config/config.php'; + $found = FALSE; + if (file_exists($file_path)) { - $file_path = APPPATH.'config/config.php'; + $found = TRUE; + require($file_path); } - // Fetch the config file - if ( ! file_exists($file_path)) + // Is the config file in the environment folder? + if (defined('ENVIRONMENT') && file_exists($file_path = APPPATH.'config/'.ENVIRONMENT.'/config.php')) + { + require($file_path); + } + elseif ( ! $found) { set_status_header(503); exit('The configuration file does not exist.'); } - require($file_path); - // Does the $config array exist in the file? if ( ! isset($config) OR ! is_array($config)) { @@ -271,14 +276,14 @@ if ( ! function_exists('get_config')) // ------------------------------------------------------------------------ -/** - * Returns the specified config item - * - * @param string - * @return mixed - */ if ( ! function_exists('config_item')) { + /** + * Returns the specified config item + * + * @param string + * @return mixed + */ function config_item($item) { static $_config_item = array(); @@ -300,22 +305,66 @@ if ( ! function_exists('config_item')) // ------------------------------------------------------------------------ -/** - * Error Handler - * - * This function lets us invoke the exception class and - * display errors using the standard error template located - * in application/errors/errors.php - * This function will send the error page directly to the - * browser and exit. - * - * @param string - * @param int - * @param string - * @return void - */ +if ( ! function_exists('get_mimes')) +{ + /** + * Returns the MIME types array from config/mimes.php + * + * @return array + */ + function &get_mimes() + { + static $_mimes = array(); + + if (defined('ENVIRONMENT') && is_file(APPPATH.'config/'.ENVIRONMENT.'/mimes.php')) + { + $_mimes = include(APPPATH.'config/'.ENVIRONMENT.'/mimes.php'); + } + elseif (is_file(APPPATH.'config/mimes.php')) + { + $_mimes = include(APPPATH.'config/mimes.php'); + } + + return $_mimes; + } +} + +// ------------------------------------------------------------------------ + +if ( ! function_exists('is_https')) +{ + /** + * Is HTTPS? + * + * Determines if the application is accessed via an encrypted + * (HTTPS) connection. + * + * @return bool + */ + function is_https() + { + return ( ! empty($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) !== 'off'); + } +} + +// ------------------------------------------------------------------------ + if ( ! function_exists('show_error')) { + /** + * Error Handler + * + * This function lets us invoke the exception class and + * display errors using the standard error template located + * in application/errors/errors.php + * This function will send the error page directly to the + * browser and exit. + * + * @param string + * @param int + * @param string + * @return void + */ function show_error($message, $status_code = 500, $heading = 'An Error Was Encountered') { $_error =& load_class('Exceptions', 'core'); @@ -326,19 +375,19 @@ if ( ! function_exists('show_error')) // ------------------------------------------------------------------------ -/** - * 404 Page Handler - * - * This function is similar to the show_error() function above - * However, instead of the standard error template it displays - * 404 errors. - * - * @param string - * @param bool - * @return void - */ if ( ! function_exists('show_404')) { + /** + * 404 Page Handler + * + * This function is similar to the show_error() function above + * However, instead of the standard error template it displays + * 404 errors. + * + * @param string + * @param bool + * @return void + */ function show_404($page = '', $log_error = TRUE) { $_error =& load_class('Exceptions', 'core'); @@ -349,102 +398,107 @@ if ( ! function_exists('show_404')) // ------------------------------------------------------------------------ -/** - * Error Logging Interface - * - * We use this as a simple mechanism to access the logging - * class and send messages to be logged. - * - * @param string - * @param string - * @param bool - * @return void - */ if ( ! function_exists('log_message')) { + /** + * Error Logging Interface + * + * We use this as a simple mechanism to access the logging + * class and send messages to be logged. + * + * @param string + * @param string + * @param bool + * @return void + */ function log_message($level = 'error', $message, $php_error = FALSE) { static $_log; - if (config_item('log_threshold') == 0) + if (config_item('log_threshold') === 0) { return; } - $_log =& load_class('Log'); + $_log =& load_class('Log', 'core'); $_log->write_log($level, $message, $php_error); } } // ------------------------------------------------------------------------ -/** - * Set HTTP Status Header - * - * @param int the status code - * @param string - * @return void - */ if ( ! function_exists('set_status_header')) { + /** + * Set HTTP Status Header + * + * @param int the status code + * @param string + * @return void + */ function set_status_header($code = 200, $text = '') { $stati = array( - 200 => 'OK', - 201 => 'Created', - 202 => 'Accepted', - 203 => 'Non-Authoritative Information', - 204 => 'No Content', - 205 => 'Reset Content', - 206 => 'Partial Content', - - 300 => 'Multiple Choices', - 301 => 'Moved Permanently', - 302 => 'Found', - 304 => 'Not Modified', - 305 => 'Use Proxy', - 307 => 'Temporary Redirect', - - 400 => 'Bad Request', - 401 => 'Unauthorized', - 403 => 'Forbidden', - 404 => 'Not Found', - 405 => 'Method Not Allowed', - 406 => 'Not Acceptable', - 407 => 'Proxy Authentication Required', - 408 => 'Request Timeout', - 409 => 'Conflict', - 410 => 'Gone', - 411 => 'Length Required', - 412 => 'Precondition Failed', - 413 => 'Request Entity Too Large', - 414 => 'Request-URI Too Long', - 415 => 'Unsupported Media Type', - 416 => 'Requested Range Not Satisfiable', - 417 => 'Expectation Failed', - 422 => 'Unprocessable Entity', - - 500 => 'Internal Server Error', - 501 => 'Not Implemented', - 502 => 'Bad Gateway', - 503 => 'Service Unavailable', - 504 => 'Gateway Timeout', - 505 => 'HTTP Version Not Supported' - ); - - if ($code == '' OR ! is_numeric($code)) + 200 => 'OK', + 201 => 'Created', + 202 => 'Accepted', + 203 => 'Non-Authoritative Information', + 204 => 'No Content', + 205 => 'Reset Content', + 206 => 'Partial Content', + + 300 => 'Multiple Choices', + 301 => 'Moved Permanently', + 302 => 'Found', + 303 => 'See Other', + 304 => 'Not Modified', + 305 => 'Use Proxy', + 307 => 'Temporary Redirect', + + 400 => 'Bad Request', + 401 => 'Unauthorized', + 403 => 'Forbidden', + 404 => 'Not Found', + 405 => 'Method Not Allowed', + 406 => 'Not Acceptable', + 407 => 'Proxy Authentication Required', + 408 => 'Request Timeout', + 409 => 'Conflict', + 410 => 'Gone', + 411 => 'Length Required', + 412 => 'Precondition Failed', + 413 => 'Request Entity Too Large', + 414 => 'Request-URI Too Long', + 415 => 'Unsupported Media Type', + 416 => 'Requested Range Not Satisfiable', + 417 => 'Expectation Failed', + 422 => 'Unprocessable Entity', + + 500 => 'Internal Server Error', + 501 => 'Not Implemented', + 502 => 'Bad Gateway', + 503 => 'Service Unavailable', + 504 => 'Gateway Timeout', + 505 => 'HTTP Version Not Supported' + ); + + if (empty($code) OR ! is_numeric($code)) { show_error('Status codes must be numeric', 500); } - if (isset($stati[$code]) && $text == '') - { - $text = $stati[$code]; - } + is_int($code) OR $code = (int) $code; - if ($text == '') + if (empty($text)) { - show_error('No status text available. Please check your status code number or supply your own message text.', 500); + if (isset($stati[$code])) + { + $text = $stati[$code]; + } + else + { + show_error('No status text available. Please check your status code number or supply your own message text.', 500); + } } $server_protocol = isset($_SERVER['SERVER_PROTOCOL']) ? $_SERVER['SERVER_PROTOCOL'] : FALSE; @@ -453,63 +507,49 @@ if ( ! function_exists('set_status_header')) { header('Status: '.$code.' '.$text, TRUE); } - elseif ($server_protocol === 'HTTP/1.0') - { - header('HTTP/1.0 '.$code.' '.$text, TRUE, $code); - } else { - header('HTTP/1.1 '.$code.' '.$text, TRUE, $code); + header(($server_protocol ? $server_protocol : 'HTTP/1.1').' '.$code.' '.$text, TRUE, $code); } } } // -------------------------------------------------------------------- -/** - * Exception Handler - * - * This is the custom exception handler that is declaired at the top - * of Codeigniter.php. The main reason we use this is to permit - * PHP errors to be logged in our own log files since the user may - * not have access to server logs. Since this function - * effectively intercepts PHP errors, however, we also need - * to display errors based on the current error_reporting level. - * We do that with the use of a PHP error template. - * - * @param int - * @param string - * @param string - * @param int - * @return void - */ if ( ! function_exists('_exception_handler')) { + /** + * Exception Handler + * + * This is the custom exception handler that is declaired at the top + * of Codeigniter.php. The main reason we use this is to permit + * PHP errors to be logged in our own log files since the user may + * not have access to server logs. Since this function + * effectively intercepts PHP errors, however, we also need + * to display errors based on the current error_reporting level. + * We do that with the use of a PHP error template. + * + * @param int + * @param string + * @param string + * @param int + * @return void + */ function _exception_handler($severity, $message, $filepath, $line) { - // We don't bother with "strict" notices since they tend to fill up - // the log file with excess information that isn't normally very helpful. - // For example, if you are running PHP 5 and you use version 4 style - // class functions (without prefixes like "public", "private", etc.) - // you'll get notices telling you that these have been deprecated. - if ($severity == E_STRICT) - { - return; - } - $_error =& load_class('Exceptions', 'core'); - // Should we display the error? We'll get the current error_reporting + // Should we ignore the error? We'll get the current error_reporting // level and add its bits with the severity bits to find out. - if (($severity & error_reporting()) == $severity) + if (($severity & error_reporting()) !== $severity) { - $_error->show_php_error($severity, $message, $filepath, $line); + return; } - // Should we log the error? No? We're done... - if (config_item('log_threshold') == 0) + // Should we display the error? + if ((bool) ini_get('display_errors') === TRUE) { - return; + $_error->show_php_error($severity, $message, $filepath, $line); } $_error->log_exception($severity, $message, $filepath, $line); @@ -518,18 +558,18 @@ if ( ! function_exists('_exception_handler')) // -------------------------------------------------------------------- -/** - * Remove Invisible Characters - * - * This prevents sandwiching null characters - * between ascii characters, like Java\0script. - * - * @param string - * @param bool - * @return string - */ if ( ! function_exists('remove_invisible_characters')) { + /** + * Remove Invisible Characters + * + * This prevents sandwiching null characters + * between ascii characters, like Java\0script. + * + * @param string + * @param bool + * @return string + */ function remove_invisible_characters($str, $url_encoded = TRUE) { $non_displayables = array(); @@ -556,14 +596,14 @@ if ( ! function_exists('remove_invisible_characters')) // ------------------------------------------------------------------------ -/** - * Returns HTML escaped variable - * - * @param mixed - * @return mixed - */ if ( ! function_exists('html_escape')) { + /** + * Returns HTML escaped variable + * + * @param mixed + * @return mixed + */ function html_escape($var) { return is_array($var) @@ -572,5 +612,91 @@ if ( ! function_exists('html_escape')) } } +// ------------------------------------------------------------------------ + +if ( ! function_exists('_stringify_attributes')) +{ + /** + * Stringify attributes for use in HTML tags. + * + * Helper function used to convert a string, array, or object + * of attributes to a string. + * + * @param mixed string, array, object + * @param bool + * @return string + */ + function _stringify_attributes($attributes, $js = FALSE) + { + $atts = NULL; + + if (empty($attributes)) + { + return $atts; + } + + if (is_string($attributes)) + { + return ' '.$attributes; + } + + $attributes = (array) $attributes; + + foreach ($attributes as $key => $val) + { + $atts .= ($js) ? $key.'='.$val.',' : ' '.$key.'="'.$val.'"'; + } + + return rtrim($atts, ','); + } +} + +// ------------------------------------------------------------------------ + +if ( ! function_exists('function_usable')) +{ + /** + * Function usable + * + * Executes a function_exists() check, and if the Suhosin PHP + * extension is loaded - checks whether the function that is + * checked might be disabled in there as well. + * + * This is useful as function_exists() will return FALSE for + * functions disabled via the *disable_functions* php.ini + * setting, but not for *suhosin.executor.func.blacklist* and + * *suhosin.executor.disable_eval*. These settings will just + * terminate script execution if a disabled function is executed. + * + * @link http://www.hardened-php.net/suhosin/ + * @param string $function_name Function to check for + * @return bool TRUE if the function exists and is safe to call, + * FALSE otherwise. + */ + function function_usable($function_name) + { + static $_suhosin_func_blacklist; + + if (function_exists($function_name)) + { + if ( ! isset($_suhosin_func_blacklist)) + { + $_suhosin_func_blacklist = extension_loaded('suhosin') + ? array() + : explode(',', trim(@ini_get('suhosin.executor.func.blacklist'))); + + if ( ! in_array('eval', $_suhosin_func_blacklist, TRUE) && @ini_get('suhosin.executor.disable_eval')) + { + $_suhosin_func_blacklist[] = 'eval'; + } + } + + return in_array($function_name, $_suhosin_func_blacklist, TRUE); + } + + return FALSE; + } +} + /* End of file Common.php */ /* Location: ./system/core/Common.php */
\ No newline at end of file |