diff options
Diffstat (limited to 'system/core')
-rw-r--r-- | system/core/Benchmark.php | 4 | ||||
-rw-r--r-- | system/core/CodeIgniter.php | 68 | ||||
-rw-r--r-- | system/core/Common.php | 28 | ||||
-rw-r--r-- | system/core/Config.php | 21 | ||||
-rw-r--r-- | system/core/Controller.php | 6 | ||||
-rw-r--r-- | system/core/Exceptions.php | 6 | ||||
-rw-r--r-- | system/core/Hooks.php | 4 | ||||
-rw-r--r-- | system/core/Input.php | 24 | ||||
-rw-r--r-- | system/core/Lang.php | 2 | ||||
-rw-r--r-- | system/core/Loader.php | 60 | ||||
-rw-r--r-- | system/core/Model.php | 2 | ||||
-rw-r--r-- | system/core/Output.php | 20 | ||||
-rw-r--r-- | system/core/Router.php | 26 | ||||
-rw-r--r-- | system/core/Security.php | 104 | ||||
-rw-r--r-- | system/core/URI.php | 14 | ||||
-rw-r--r-- | system/core/Utf8.php | 2 |
16 files changed, 196 insertions, 195 deletions
diff --git a/system/core/Benchmark.php b/system/core/Benchmark.php index 515550e9f..3686c2d73 100644 --- a/system/core/Benchmark.php +++ b/system/core/Benchmark.php @@ -1,4 +1,4 @@ -<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); /** * CodeIgniter * @@ -19,7 +19,7 @@ * CodeIgniter Benchmark Class * * This class enables you to mark points and calculate the time difference - * between them. Memory consumption can also be displayed. + * between them. Memory consumption can also be displayed. * * @package CodeIgniter * @subpackage Libraries diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index 03b25ab9e..b6f5e872c 100644 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -1,4 +1,4 @@ -<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); /** * CodeIgniter * @@ -29,28 +29,28 @@ /* * ------------------------------------------------------ - * Define the CodeIgniter Version + * Define the CodeIgniter Version * ------------------------------------------------------ */ define('CI_VERSION', '2.0.2'); /* * ------------------------------------------------------ - * Define the CodeIgniter Branch (Core = TRUE, Reactor = FALSE) + * Define the CodeIgniter Branch (Core = TRUE, Reactor = FALSE) * ------------------------------------------------------ */ define('CI_CORE', FALSE); /* * ------------------------------------------------------ - * Load the global functions + * Load the global functions * ------------------------------------------------------ */ require(BASEPATH.'core/Common.php'); /* * ------------------------------------------------------ - * Load the framework constants + * Load the framework constants * ------------------------------------------------------ */ if (defined('ENVIRONMENT') AND file_exists(APPPATH.'config/'.ENVIRONMENT.'/constants.php')) @@ -64,7 +64,7 @@ /* * ------------------------------------------------------ - * Define a custom error handler so we can log PHP errors + * Define a custom error handler so we can log PHP errors * ------------------------------------------------------ */ set_error_handler('_exception_handler'); @@ -76,7 +76,7 @@ /* * ------------------------------------------------------ - * Set the subclass_prefix + * Set the subclass_prefix * ------------------------------------------------------ * * Normally the "subclass_prefix" is set in the config file. @@ -85,7 +85,7 @@ * "libraries" folder. Since CI allows config items to be * overriden via data set in the main index. php file, * before proceeding we need to know if a subclass_prefix - * override exists. If so, we will set this value now, + * override exists. If so, we will set this value now, * before any classes are loaded * Note: Since the config file data is cached it doesn't * hurt to load it here. @@ -97,7 +97,7 @@ /* * ------------------------------------------------------ - * Set a liberal script execution time limit + * Set a liberal script execution time limit * ------------------------------------------------------ */ if (function_exists("set_time_limit") == TRUE AND @ini_get("safe_mode") == 0) @@ -107,7 +107,7 @@ /* * ------------------------------------------------------ - * Start the timer... tick tock tick tock... + * Start the timer... tick tock tick tock... * ------------------------------------------------------ */ $BM =& load_class('Benchmark', 'core'); @@ -116,21 +116,21 @@ /* * ------------------------------------------------------ - * Instantiate the hooks class + * Instantiate the hooks class * ------------------------------------------------------ */ $EXT =& load_class('Hooks', 'core'); /* * ------------------------------------------------------ - * Is there a "pre_system" hook? + * Is there a "pre_system" hook? * ------------------------------------------------------ */ $EXT->_call_hook('pre_system'); /* * ------------------------------------------------------ - * Instantiate the config class + * Instantiate the config class * ------------------------------------------------------ */ $CFG =& load_class('Config', 'core'); @@ -143,7 +143,7 @@ /* * ------------------------------------------------------ - * Instantiate the UTF-8 class + * Instantiate the UTF-8 class * ------------------------------------------------------ * * Note: Order here is rather important as the UTF-8 @@ -157,14 +157,14 @@ /* * ------------------------------------------------------ - * Instantiate the URI class + * Instantiate the URI class * ------------------------------------------------------ */ $URI =& load_class('URI', 'core'); /* * ------------------------------------------------------ - * Instantiate the routing class and set the routing + * Instantiate the routing class and set the routing * ------------------------------------------------------ */ $RTR =& load_class('Router', 'core'); @@ -178,14 +178,14 @@ /* * ------------------------------------------------------ - * Instantiate the output class + * Instantiate the output class * ------------------------------------------------------ */ $OUT =& load_class('Output', 'core'); /* * ------------------------------------------------------ - * Is there a valid cache file? If so, we're done... + * Is there a valid cache file? If so, we're done... * ------------------------------------------------------ */ if ($EXT->_call_hook('cache_override') === FALSE) @@ -205,21 +205,21 @@ /* * ------------------------------------------------------ - * Load the Input class and sanitize globals + * Load the Input class and sanitize globals * ------------------------------------------------------ */ $IN =& load_class('Input', 'core'); /* * ------------------------------------------------------ - * Load the Language class + * Load the Language class * ------------------------------------------------------ */ $LANG =& load_class('Lang', 'core'); /* * ------------------------------------------------------ - * Load the app controller and local controller + * Load the app controller and local controller * ------------------------------------------------------ * */ @@ -252,14 +252,14 @@ /* * ------------------------------------------------------ - * Security check + * Security check * ------------------------------------------------------ * - * None of the functions in the app controller or the - * loader class can be called via the URI, nor can - * controller functions that begin with an underscore + * None of the functions in the app controller or the + * loader class can be called via the URI, nor can + * controller functions that begin with an underscore */ - $class = $RTR->fetch_class(); + $class = $RTR->fetch_class(); $method = $RTR->fetch_method(); if ( ! class_exists($class) @@ -272,14 +272,14 @@ /* * ------------------------------------------------------ - * Is there a "pre_controller" hook? + * Is there a "pre_controller" hook? * ------------------------------------------------------ */ $EXT->_call_hook('pre_controller'); /* * ------------------------------------------------------ - * Instantiate the requested controller + * Instantiate the requested controller * ------------------------------------------------------ */ // Mark a start point so we can benchmark the controller @@ -289,14 +289,14 @@ /* * ------------------------------------------------------ - * Is there a "post_controller_constructor" hook? + * Is there a "post_controller_constructor" hook? * ------------------------------------------------------ */ $EXT->_call_hook('post_controller_constructor'); /* * ------------------------------------------------------ - * Call the requested method + * Call the requested method * ------------------------------------------------------ */ // Is there a "remap" function? If so, we call it instead @@ -345,14 +345,14 @@ /* * ------------------------------------------------------ - * Is there a "post_controller" hook? + * Is there a "post_controller" hook? * ------------------------------------------------------ */ $EXT->_call_hook('post_controller'); /* * ------------------------------------------------------ - * Send the final rendered output to the browser + * Send the final rendered output to the browser * ------------------------------------------------------ */ if ($EXT->_call_hook('display_override') === FALSE) @@ -362,14 +362,14 @@ /* * ------------------------------------------------------ - * Is there a "post_system" hook? + * Is there a "post_system" hook? * ------------------------------------------------------ */ $EXT->_call_hook('post_system'); /* * ------------------------------------------------------ - * Close the DB connection if one exists + * Close the DB connection if one exists * ------------------------------------------------------ */ if (class_exists('CI_DB') AND isset($CI->db)) diff --git a/system/core/Common.php b/system/core/Common.php index d1e8e77e9..eb9e14425 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -1,4 +1,4 @@ -<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); /** * CodeIgniter * @@ -58,7 +58,7 @@ * Tests for file writability * * is_writable() returns TRUE on Windows servers when you really can't write to - * the file, based on the read-only attribute. is_writable() is also unreliable + * the file, based on the read-only attribute. is_writable() is also unreliable * on Unix servers if safe_mode is on. * * @access private @@ -73,7 +73,7 @@ } // For windows servers and safe_mode "on" installations we'll actually - // write a file then read it. Bah... + // write a file then read it. Bah... if (is_dir($file)) { $file = rtrim($file, '/').'/'.md5(mt_rand(1,100).mt_rand(1,100)); @@ -102,8 +102,8 @@ /** * Class registry * -* This function acts as a singleton. If the requested class does not -* exist it is instantiated and set to a static variable. If it has +* This function acts as a singleton. If the requested class does not +* exist it is instantiated and set to a static variable. If it has * previously been instantiated the variable is returned. * * @access public @@ -116,7 +116,7 @@ { static $_classes = array(); - // Does the class exist? If so, we're done... + // Does the class exist? If so, we're done... if (isset($_classes[$class])) { return $_classes[$class]; @@ -141,7 +141,7 @@ } } - // Is the request a class extension? If so we load it too + // Is the request a class extension? If so we load it too if (file_exists(APPPATH.$directory.'/'.config_item('subclass_prefix').$class.'.php')) { $name = config_item('subclass_prefix').$class; @@ -170,7 +170,7 @@ // -------------------------------------------------------------------- /** -* Keeps track of which libraries have been loaded. This function is +* Keeps track of which libraries have been loaded. This function is * called by the load_class() function above * * @access public @@ -399,7 +399,7 @@ if ($text == '') { - show_error('No status text available. Please check your status code number or supply your own message text.', 500); + show_error('No status text available. Please check your status code number or supply your own message text.', 500); } $server_protocol = (isset($_SERVER['SERVER_PROTOCOL'])) ? $_SERVER['SERVER_PROTOCOL'] : FALSE; @@ -424,7 +424,7 @@ * Exception Handler * * This is the custom exception handler that is declaired at the top -* of Codeigniter.php. The main reason we use this is to permit +* of Codeigniter.php. The main reason we use this is to permit * PHP errors to be logged in our own log files since the user may * not have access to server logs. Since this function * effectively intercepts PHP errors, however, we also need @@ -455,7 +455,7 @@ $_error->show_php_error($severity, $message, $filepath, $line); } - // Should we log the error? No? We're done... + // Should we log the error? No? We're done... if (config_item('log_threshold') == 0) { return; @@ -479,16 +479,16 @@ function remove_invisible_characters($str, $url_encoded = TRUE) { $non_displayables = array(); - + // every control character except newline (dec 10) // carriage return (dec 13), and horizontal tab (dec 09) - + if ($url_encoded) { $non_displayables[] = '/%0[0-8bcef]/'; // url encoded 00-08, 11, 12, 14, 15 $non_displayables[] = '/%1[0-9a-f]/'; // url encoded 16-31 } - + $non_displayables[] = '/[\x00-\x08\x0B\x0C\x0E-\x1F\x7F]+/S'; // 00-08, 11, 12, 14-31, 127 do diff --git a/system/core/Config.php b/system/core/Config.php index 4493ff266..fa71f4d3d 100644 --- a/system/core/Config.php +++ b/system/core/Config.php @@ -1,4 +1,4 @@ -<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); /** * CodeIgniter * @@ -37,11 +37,11 @@ class CI_Config { * * Sets the $config data from the primary config.php file as a class variable * - * @access public - * @param string the config file name - * @param boolean if configuration values should be loaded into their own section - * @param boolean true if errors should just return false, false if an error message should be displayed - * @return boolean if the file was successfully loaded or not + * @access public + * @param string the config file name + * @param boolean if configuration values should be loaded into their own section + * @param boolean true if errors should just return false, false if an error message should be displayed + * @return boolean if the file was successfully loaded or not */ function __construct() { @@ -74,8 +74,8 @@ class CI_Config { * * @access public * @param string the config file name - * @param boolean if configuration values should be loaded into their own section - * @param boolean true if errors should just return false, false if an error message should be displayed + * @param boolean if configuration values should be loaded into their own section + * @param boolean true if errors should just return false, false if an error message should be displayed * @return boolean if the file was loaded correctly */ function load($file = '', $use_sections = FALSE, $fail_gracefully = FALSE) @@ -144,6 +144,7 @@ class CI_Config { $loaded = TRUE; log_message('debug', 'Config file loaded: '.$file_path); + break; } if ($loaded === FALSE) @@ -304,7 +305,7 @@ class CI_Config { * Assign to Config * * This function is called by the front controller (CodeIgniter.php) - * after the Config class is instantiated. It permits config items + * after the Config class is instantiated. It permits config items * to be assigned or overriden by variables contained in the index.php file * * @access private @@ -326,4 +327,4 @@ class CI_Config { // END CI_Config class /* End of file Config.php */ -/* Location: ./system/core/Config.php */
\ No newline at end of file +/* Location: ./system/core/Config.php */ diff --git a/system/core/Controller.php b/system/core/Controller.php index ec86b7920..107d3f346 100644 --- a/system/core/Controller.php +++ b/system/core/Controller.php @@ -1,4 +1,4 @@ -<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); /** * CodeIgniter * @@ -37,7 +37,7 @@ class CI_Controller { public function __construct() { self::$instance =& $this; - + // Assign all the class objects that were instantiated by the // bootstrap file (CodeIgniter.php) to local class variables // so that CI can run as one big super object. @@ -49,7 +49,7 @@ class CI_Controller { $this->load =& load_class('Loader', 'core'); $this->load->set_base_classes()->ci_autoloader(); - + log_message('debug', "Controller Class Initialized"); } diff --git a/system/core/Exceptions.php b/system/core/Exceptions.php index bff86a92f..2503c907f 100644 --- a/system/core/Exceptions.php +++ b/system/core/Exceptions.php @@ -1,4 +1,4 @@ -<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); /** * CodeIgniter * @@ -54,7 +54,7 @@ class CI_Exceptions { public function __construct() { $this->ob_level = ob_get_level(); - // Note: Do not log messages from this constructor. + // Note: Do not log messages from this constructor. } // -------------------------------------------------------------------- @@ -75,7 +75,7 @@ class CI_Exceptions { { $severity = ( ! isset($this->levels[$severity])) ? $severity : $this->levels[$severity]; - log_message('error', 'Severity: '.$severity.' --> '.$message. ' '.$filepath.' '.$line, TRUE); + log_message('error', 'Severity: '.$severity.' --> '.$message. ' '.$filepath.' '.$line, TRUE); } // -------------------------------------------------------------------- diff --git a/system/core/Hooks.php b/system/core/Hooks.php index fd6380f0a..ffb3258d8 100644 --- a/system/core/Hooks.php +++ b/system/core/Hooks.php @@ -1,4 +1,4 @@ -<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); /** * CodeIgniter * @@ -67,7 +67,7 @@ class CI_Hooks { if (defined('ENVIRONMENT') AND is_file(APPPATH.'config/'.ENVIRONMENT.'/hooks.php')) { - include(APPPATH.'config/'.ENVIRONMENT.'/hooks.php'); + include(APPPATH.'config/'.ENVIRONMENT.'/hooks.php'); } elseif (is_file(APPPATH.'config/hooks.php')) { diff --git a/system/core/Input.php b/system/core/Input.php index dc7612e64..89eda56b0 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -1,4 +1,4 @@ -<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); /** * CodeIgniter * @@ -36,7 +36,7 @@ class CI_Input { var $_enable_csrf = FALSE; // Set automatically based on config setting protected $headers = array(); - + /** * Constructor @@ -147,7 +147,7 @@ class CI_Input { } return $post; } - + return $this->_fetch_from_array($_POST, $index, $xss_clean); } @@ -201,7 +201,7 @@ class CI_Input { * @param mixed * @param string the value of the cookie * @param string the number of seconds until expiration - * @param string the cookie domain. Usually: .yourdomain.com + * @param string the cookie domain. Usually: .yourdomain.com * @param string the cookie path * @param string the cookie prefix * @param bool true makes the cookie secure @@ -402,9 +402,9 @@ class CI_Input { function _sanitize_globals() { // It would be "wrong" to unset any of these GLOBALS. - $protected = array('_SERVER', '_GET', '_POST', '_FILES', '_REQUEST', + $protected = array('_SERVER', '_GET', '_POST', '_FILES', '_REQUEST', '_SESSION', '_ENV', 'GLOBALS', 'HTTP_RAW_POST_DATA', - 'system_folder', 'application_folder', 'BM', 'EXT', + 'system_folder', 'application_folder', 'BM', 'EXT', 'CFG', 'URI', 'RTR', 'OUT', 'IN'); // Unset globals for securiy. @@ -523,7 +523,7 @@ class CI_Input { { $str = $this->uni->clean_string($str); } - + // Remove control characters $str = remove_invisible_characters($str); @@ -579,7 +579,7 @@ class CI_Input { /** * Request Headers * - * In Apache, you can simply call apache_request_headers(), however for + * In Apache, you can simply call apache_request_headers(), however for * people running other webservers the function is undefined. * * @return array @@ -609,10 +609,10 @@ class CI_Input { { $key = str_replace('_', ' ', strtolower($key)); $key = str_replace(' ', '-', ucwords($key)); - + $this->headers[$key] = $val; } - + return $this->headers; } @@ -633,7 +633,7 @@ class CI_Input { { $this->request_headers(); } - + if ( ! isset($this->headers[$index])) { return FALSE; @@ -644,7 +644,7 @@ class CI_Input { return $this->security->xss_clean($this->headers[$index]); } - return $this->headers[$index]; + return $this->headers[$index]; } // -------------------------------------------------------------------- diff --git a/system/core/Lang.php b/system/core/Lang.php index 170e6c725..79eb443a0 100644 --- a/system/core/Lang.php +++ b/system/core/Lang.php @@ -1,4 +1,4 @@ -<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); /** * CodeIgniter * diff --git a/system/core/Loader.php b/system/core/Loader.php index 721c196cc..87f05d86e 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -1,4 +1,4 @@ -<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); /** * CodeIgniter * @@ -40,7 +40,7 @@ class CI_Loader { protected $_ci_loaded_files = array(); protected $_ci_models = array(); protected $_ci_helpers = array(); - protected $_ci_varmap = array('unit_test' => 'unit', + protected $_ci_varmap = array('unit_test' => 'unit', 'user_agent' => 'agent'); /** @@ -50,29 +50,29 @@ class CI_Loader { */ public function __construct() { - $this->_ci_ob_level = ob_get_level(); + $this->_ci_ob_level = ob_get_level(); $this->_ci_library_paths = array(APPPATH, BASEPATH); $this->_ci_helper_paths = array(APPPATH, BASEPATH); $this->_ci_model_paths = array(APPPATH); $this->_ci_view_paths = array(APPPATH.'views/' => TRUE); - + log_message('debug', "Loader Class Initialized"); } // -------------------------------------------------------------------- - + /** * Set _base_classes variable * * This method is called once in CI_Controller. * - * @param array + * @param array * @return object */ public function set_base_classes() { $this->_base_classes =& is_loaded(); - + return $this; } @@ -96,7 +96,7 @@ class CI_Loader { { return $this->_ci_classes[$class]; } - + return FALSE; } @@ -260,7 +260,7 @@ class CI_Loader { return DB($params, $active_record); } - // Initialize the db variable. Needed to prevent + // Initialize the db variable. Needed to prevent // reference errors with some configurations $CI->db = ''; @@ -323,11 +323,11 @@ class CI_Loader { /** * Load View * - * This function is used to load a "view" file. It has three parameters: + * This function is used to load a "view" file. It has three parameters: * * 1. The name of the "view" file to be included. * 2. An associative array of data to be extracted for use in the view. - * 3. TRUE/FALSE - whether to return the data or load it. In + * 3. TRUE/FALSE - whether to return the data or load it. In * some cases it's advantageous to be able to return data so that * a developer can process it in some way. * @@ -538,13 +538,13 @@ class CI_Loader { * Prepends a parent path to the library, model, helper, and config path arrays * * @param string - * @param boolean + * @param boolean * @return void */ public function add_package_path($path, $view_cascade=TRUE) { $path = rtrim($path, '/').'/'; - + array_unshift($this->_ci_library_paths, $path); array_unshift($this->_ci_model_paths, $path); array_unshift($this->_ci_helper_paths, $path); @@ -604,7 +604,7 @@ class CI_Loader { unset($this->{$var}[$key]); } } - + if (isset($this->_ci_view_paths[$path.'views/'])) { unset($this->_ci_view_paths[$path.'views/']); @@ -643,7 +643,7 @@ class CI_Loader { { $$_ci_val = ( ! isset($_ci_data[$_ci_val])) ? FALSE : $_ci_data[$_ci_val]; } - + $file_exists = FALSE; // Set the path to the requested file @@ -665,11 +665,11 @@ class CI_Loader { $file_exists = TRUE; break; } - + if ( ! $cascade) { break; - } + } } } @@ -710,9 +710,9 @@ class CI_Loader { * We buffer the output for two reasons: * 1. Speed. You get a significant speed boost. * 2. So that the final rendered template can be - * post-processed by the output class. Why do we - * need post processing? For one thing, in order to - * show the elapsed page load time. Unless we + * post-processed by the output class. Why do we + * need post processing? For one thing, in order to + * show the elapsed page load time. Unless we * can intercept the content right before it's sent to * the browser and then stop the timer it won't be accurate. */ @@ -809,11 +809,11 @@ class CI_Loader { show_error("Unable to load the requested class: ".$class); } - // Safety: Was the class already loaded by a previous call? + // Safety: Was the class already loaded by a previous call? if (in_array($subclass, $this->_ci_loaded_files)) { // Before we deem this to be a duplicate request, let's see - // if a custom object name is being supplied. If so, we'll + // if a custom object name is being supplied. If so, we'll // return a new instance of the object if ( ! is_null($object_name)) { @@ -842,17 +842,17 @@ class CI_Loader { { $filepath = $path.'libraries/'.$subdir.$class.'.php'; - // Does the file exist? No? Bummer... + // Does the file exist? No? Bummer... if ( ! file_exists($filepath)) { continue; } - // Safety: Was the class already loaded by a previous call? + // Safety: Was the class already loaded by a previous call? if (in_array($filepath, $this->_ci_loaded_files)) { // Before we deem this to be a duplicate request, let's see - // if a custom object name is being supplied. If so, we'll + // if a custom object name is being supplied. If so, we'll // return a new instance of the object if ( ! is_null($object_name)) { @@ -875,7 +875,7 @@ class CI_Loader { } // END FOREACH - // One last attempt. Maybe the library is in a subdirectory, but it wasn't specified? + // One last attempt. Maybe the library is in a subdirectory, but it wasn't specified? if ($subdir == '') { $path = strtolower($class).'/'.$class; @@ -903,7 +903,7 @@ class CI_Loader { */ protected function _ci_init_class($class, $prefix = '', $config = FALSE, $object_name = NULL) { - // Is there an associated config file for this class? Note: these should always be lowercase + // Is there an associated config file for this class? Note: these should always be lowercase if ($config === NULL) { // Fetch the config paths containing any package paths @@ -970,7 +970,7 @@ class CI_Loader { } // Set the variable name we will assign the class to - // Was a custom class name supplied? If so we'll use it + // Was a custom class name supplied? If so we'll use it $class = strtolower($class); if (is_null($object_name)) @@ -1005,7 +1005,7 @@ class CI_Loader { * The config/autoload.php file contains an array that permits sub-systems, * libraries, and helpers to be loaded automatically. * - * This function is public, as it's used in the CI_Controller class. + * This function is public, as it's used in the CI_Controller class. * However, there is no reason you should ever needs to use it. * * @param array @@ -1021,7 +1021,7 @@ class CI_Loader { { include_once(APPPATH.'config/autoload.php'); } - + if ( ! isset($autoload)) { diff --git a/system/core/Model.php b/system/core/Model.php index 8566a0b66..61c71b672 100644 --- a/system/core/Model.php +++ b/system/core/Model.php @@ -1,4 +1,4 @@ -<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); /** * CodeIgniter * diff --git a/system/core/Output.php b/system/core/Output.php index 05ace919c..562dbb86b 100644 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -1,4 +1,4 @@ -<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); /** * CodeIgniter * @@ -44,7 +44,7 @@ class CI_Output { // Get mime types for later if (defined('ENVIRONMENT') AND file_exists(APPPATH.'config/'.ENVIRONMENT.'/mimes.php')) { - include APPPATH.'config/'.ENVIRONMENT.'/mimes.php'; + include APPPATH.'config/'.ENVIRONMENT.'/mimes.php'; } else { @@ -122,7 +122,7 @@ class CI_Output { * * Lets you set a server header which will be outputted with the final display. * - * Note: If a file is cached, headers will not be sent. We need to figure out + * Note: If a file is cached, headers will not be sent. We need to figure out * how to permit header data to be saved with the cache data... * * @access public @@ -261,7 +261,7 @@ class CI_Output { * $this->final_output * * This function sends the finalized output data to the browser along - * with any server headers and profile data. It also stops the + * with any server headers and profile data. It also stops the * benchmark timer so the page rendering speed and memory usage can be shown. * * @access public @@ -269,7 +269,7 @@ class CI_Output { */ function _display($output = '') { - // Note: We use globals because we can't use $CI =& get_instance() + // Note: We use globals because we can't use $CI =& get_instance() // since this function is sometimes called by the caching mechanism, // which happens before the CI super object is available. global $BM, $CFG; @@ -290,7 +290,7 @@ class CI_Output { // -------------------------------------------------------------------- - // Do we need to write a cache file? Only if the controller does not have its + // Do we need to write a cache file? Only if the controller does not have its // own _output() method and we are not dealing with a cache file, which we // can determine by the existence of the $CI object above if ($this->cache_expiration > 0 && isset($CI) && ! method_exists($CI, '_output')) @@ -368,7 +368,7 @@ class CI_Output { // we will remove them and add them back after we insert the profile data if (preg_match("|</body>.*?</html>|is", $output)) { - $output = preg_replace("|</body>.*?</html>|is", '', $output); + $output = preg_replace("|</body>.*?</html>|is", '', $output); $output .= $CI->profiler->run(); $output .= '</body></html>'; } @@ -381,14 +381,14 @@ class CI_Output { // -------------------------------------------------------------------- // Does the controller contain a function named _output()? - // If so send the output there. Otherwise, echo it. + // If so send the output there. Otherwise, echo it. if (method_exists($CI, '_output')) { $CI->_output($output); } else { - echo $output; // Send it to the browser! + echo $output; // Send it to the browser! } log_message('debug', "Final output sent to browser"); @@ -458,7 +458,7 @@ class CI_Output { { $cache_path = ($CFG->item('cache_path') == '') ? APPPATH.'cache/' : $CFG->item('cache_path'); - // Build the file path. The file name is an MD5 hash of the full URI + // Build the file path. The file name is an MD5 hash of the full URI $uri = $CFG->item('base_url'). $CFG->item('index_page'). $URI->uri_string; diff --git a/system/core/Router.php b/system/core/Router.php index 5e92a04b1..a76a7bd0a 100644 --- a/system/core/Router.php +++ b/system/core/Router.php @@ -1,4 +1,4 @@ -<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); /** * CodeIgniter * @@ -61,7 +61,7 @@ class CI_Router { */ function _set_routing() { - // Are query strings enabled in the config file? Normally CI doesn't utilize query strings + // Are query strings enabled in the config file? Normally CI doesn't utilize query strings // since URI segments are more search-engine friendly, but they can optionally be used. // If this feature is enabled, we will gather the directory/class/method a little differently $segments = array(); @@ -95,7 +95,7 @@ class CI_Router { { include(APPPATH.'config/routes.php'); } - + $this->routes = ( ! isset($route) OR ! is_array($route)) ? array() : $route; unset($route); @@ -103,7 +103,7 @@ class CI_Router { // the URI doesn't correlated to a valid controller. $this->default_controller = ( ! isset($this->routes['default_controller']) OR $this->routes['default_controller'] == '') ? FALSE : strtolower($this->routes['default_controller']); - // Were there any query string segments? If so, we'll validate them and bail out since we're done. + // Were there any query string segments? If so, we'll validate them and bail out since we're done. if (count($segments) > 0) { return $this->_validate_request($segments); @@ -212,7 +212,7 @@ class CI_Router { // -------------------------------------------------------------------- /** - * Validates the supplied segments. Attempts to determine the path to + * Validates the supplied segments. Attempts to determine the path to * the controller. * * @access private @@ -277,7 +277,7 @@ class CI_Router { // If we've gotten this far it means that the URI does not correlate to a valid - // controller class. We will now see if there is an override + // controller class. We will now see if there is an override if ( ! empty($this->routes['404_override'])) { $x = explode('/', $this->routes['404_override']); @@ -296,7 +296,7 @@ class CI_Router { // -------------------------------------------------------------------- /** - * Parse Routes + * Parse Routes * * This function matches any routes that may exist in * the config/routes.php file against the URI to @@ -310,7 +310,7 @@ class CI_Router { // Turn the segment array into a URI string $uri = implode('/', $this->uri->segments); - // Is there a literal match? If so we're done + // Is there a literal match? If so we're done if (isset($this->routes[$uri])) { return $this->_set_request(explode('/', $this->routes[$uri])); @@ -370,7 +370,7 @@ class CI_Router { // -------------------------------------------------------------------- /** - * Set the method name + * Set the method name * * @access public * @param string @@ -384,7 +384,7 @@ class CI_Router { // -------------------------------------------------------------------- /** - * Fetch the current method + * Fetch the current method * * @access public * @return string @@ -402,7 +402,7 @@ class CI_Router { // -------------------------------------------------------------------- /** - * Set the directory name + * Set the directory name * * @access public * @param string @@ -416,7 +416,7 @@ class CI_Router { // -------------------------------------------------------------------- /** - * Fetch the sub-directory (if any) that contains the requested controller class + * Fetch the sub-directory (if any) that contains the requested controller class * * @access public * @return string @@ -429,7 +429,7 @@ class CI_Router { // -------------------------------------------------------------------- /** - * Set the controller overrides + * Set the controller overrides * * @access public * @param array diff --git a/system/core/Security.php b/system/core/Security.php index 3617cadcc..f5bfafd9b 100644 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -1,4 +1,4 @@ -<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); /** * CodeIgniter * @@ -25,10 +25,10 @@ * @link http://codeigniter.com/user_guide/libraries/security.html */ class CI_Security { - + protected $_xss_hash = ''; protected $_csrf_hash = ''; - protected $_csrf_expire = 7200; // Two hours (in seconds) + protected $_csrf_expire = 7200; // Two hours (in seconds) protected $_csrf_token_name = 'ci_csrf_token'; protected $_csrf_cookie_name = 'ci_csrf_token'; @@ -52,7 +52,7 @@ class CI_Security { "vbscript\s*:" => '[removed]', // IE, surprise! "Redirect\s+302" => '[removed]' ); - + /** * Constructor */ @@ -95,7 +95,7 @@ class CI_Security { } // Do the tokens exist in both the _POST and _COOKIE arrays? - if ( ! isset($_POST[$this->_csrf_token_name]) OR + if ( ! isset($_POST[$this->_csrf_token_name]) OR ! isset($_COOKIE[$this->_csrf_cookie_name])) { $this->csrf_show_error(); @@ -107,7 +107,7 @@ class CI_Security { $this->csrf_show_error(); } - // We kill this since we're done and we don't want to + // We kill this since we're done and we don't want to // polute the _POST array unset($_POST[$this->_csrf_token_name]); @@ -117,7 +117,7 @@ class CI_Security { $this->csrf_set_cookie(); log_message('debug', "CSRF token verified "); - + return $this; } @@ -146,7 +146,7 @@ class CI_Security { setcookie($this->_csrf_cookie_name, $this->_csrf_hash, $expire, config_item('cookie_path'), config_item('cookie_domain'), $secure_cookie); log_message('debug', "CRSF cookie Set"); - + return $this; } @@ -165,9 +165,9 @@ class CI_Security { // -------------------------------------------------------------------- /** - * Get CSRF Hash + * Get CSRF Hash * - * Getter Method + * Getter Method * * @return string self::_csrf_hash */ @@ -196,14 +196,14 @@ class CI_Security { * XSS Clean * * Sanitizes data so that Cross Site Scripting Hacks can be - * prevented. This function does a fair amount of work but + * prevented. This function does a fair amount of work but * it is extremely thorough, designed to prevent even the - * most obscure XSS attempts. Nothing is ever 100% foolproof, + * most obscure XSS attempts. Nothing is ever 100% foolproof, * of course, but I haven't been able to get anything passed * the filter. * * Note: This function should only be used to deal with data - * upon submission. It's not something that should + * upon submission. It's not something that should * be used for general runtime processing. * * This function was based in part on some code and ideas I @@ -263,7 +263,7 @@ class CI_Security { */ $str = preg_replace_callback("/[a-z]+=([\'\"]).*?\\1/si", array($this, '_convert_attribute'), $str); - + $str = preg_replace_callback("/<\w+.*?(?=>|<|$)/si", array($this, '_decode_entity'), $str); /* @@ -276,7 +276,7 @@ class CI_Security { * * This prevents strings like this: ja vascript * NOTE: we deal with spaces between characters later. - * NOTE: preg_replace was found to be amazingly slow here on + * NOTE: preg_replace was found to be amazingly slow here on * large blocks of data, so we use str_replace. */ @@ -304,27 +304,27 @@ class CI_Security { */ if ($is_image === TRUE) { - // Images have a tendency to have the PHP short opening and - // closing tags every so often so we skip those and only + // Images have a tendency to have the PHP short opening and + // closing tags every so often so we skip those and only // do the long opening tags. $str = preg_replace('/<\?(php)/i', "<?\\1", $str); } else { - $str = str_replace(array('<?', '?'.'>'), array('<?', '?>'), $str); + $str = str_replace(array('<?', '?'.'>'), array('<?', '?>'), $str); } /* * Compact any exploded words * - * This corrects words like: j a v a s c r i p t + * This corrects words like: j a v a s c r i p t * These words are compacted back to their correct state. */ $words = array( - 'javascript', 'expression', 'vbscript', 'script', + 'javascript', 'expression', 'vbscript', 'script', 'applet', 'alert', 'document', 'write', 'cookie', 'window' ); - + foreach ($words as $word) { $temp = ''; @@ -341,8 +341,8 @@ class CI_Security { /* * Remove disallowed Javascript in links or img tags - * We used to do some version comparisons and use of stripos for PHP5, - * but it is dog slow compared to these simplified non-capturing + * We used to do some version comparisons and use of stripos for PHP5, + * but it is dog slow compared to these simplified non-capturing * preg_match(), especially if the pattern exists in the string */ do @@ -388,7 +388,7 @@ class CI_Security { * * Similar to above, only instead of looking for * tags it looks for PHP and JavaScript commands - * that are disallowed. Rather than removing the + * that are disallowed. Rather than removing the * code, it simply converts the parenthesis to entities * rendering the code un-executable. * @@ -405,11 +405,11 @@ class CI_Security { /* * Images are Handled in a Special Way - * - Essentially, we want to know that after all of the character - * conversion is done whether any unwanted, likely XSS, code was found. + * - Essentially, we want to know that after all of the character + * conversion is done whether any unwanted, likely XSS, code was found. * If not, we return TRUE, as the image is clean. - * However, if the string post-conversion does not matched the - * string post-removal of XSS, then it fails, as there was unwanted XSS + * However, if the string post-conversion does not matched the + * string post-removal of XSS, then it fails, as there was unwanted XSS * code found and removed/changed during processing. */ @@ -457,7 +457,7 @@ class CI_Security { * * In some versions of PHP the native function does not work * when UTF-8 is the specified character set, so this gives us - * a work-around. More info here: + * a work-around. More info here: * http://bugs.php.net/bug.php?id=25670 * * NOTE: html_entity_decode() has a bug in some PHP versions when UTF-8 is the @@ -475,10 +475,10 @@ class CI_Security { // The reason we are not using html_entity_decode() by itself is because // while it is not technically correct to leave out the semicolon // at the end of an entity most browsers will still interpret the entity - // correctly. html_entity_decode() does not convert entities without + // correctly. html_entity_decode() does not convert entities without // semicolons, so we are left with our own little solution here. Bummer. - if (function_exists('html_entity_decode') && + if (function_exists('html_entity_decode') && (strtolower($charset) != 'utf-8')) { $str = html_entity_decode($str, ENT_COMPAT, $charset); @@ -542,7 +542,7 @@ class CI_Security { "%3b", // ; "%3d" // = ); - + if ( ! $relative_path) { $bad[] = './'; @@ -570,7 +570,7 @@ class CI_Security { } // -------------------------------------------------------------------- - + /* * Remove Evil HTML Attributes (like evenhandlers and style) * @@ -578,7 +578,7 @@ class CI_Security { * - Everything up until a space * For example, everything between the pipes: * <a |style=document.write('hello');alert('world');| class=link> - * - Everything inside the quotes + * - Everything inside the quotes * For example, everything between the pipes: * <a |style="document.write('hello'); alert('world');"| class="link"> * @@ -594,12 +594,12 @@ class CI_Security { if ($is_image === TRUE) { /* - * Adobe Photoshop puts XML metadata into JFIF images, + * Adobe Photoshop puts XML metadata into JFIF images, * including namespacing, so we have to allow this for images. */ unset($evil_attributes[array_search('xmlns', $evil_attributes)]); } - + do { $str = preg_replace( "#<(/?[^><]+?)([^A-Za-z\-])(".implode('|', $evil_attributes).")(\s*=\s*)([\"][^>]*?[\"]|[\'][^>]*?[\']|[^>]*?)([\s><])([><]*)#i", @@ -607,10 +607,10 @@ class CI_Security { $str, -1, $count ); } while ($count); - + return $str; } - + // -------------------------------------------------------------------- /** @@ -627,7 +627,7 @@ class CI_Security { $str = '<'.$matches[1].$matches[2].$matches[3]; // encode captured opening or closing brace to prevent recursive vectors - $str .= str_replace(array('>', '<'), array('>', '<'), + $str .= str_replace(array('>', '<'), array('>', '<'), $matches[4]); return $str; @@ -649,7 +649,7 @@ class CI_Security { protected function _js_link_removal($match) { $attributes = $this->_filter_attributes(str_replace(array('<', '>'), '', $match[1])); - + return str_replace($match[1], preg_replace("#href=.*?(alert\(|alert&\#40;|javascript\:|livescript\:|mocha\:|charset\=|window\.|document\.|\.cookie|<script|<xss|base64\s*,)#si", "", $attributes), $match[0]); } @@ -669,7 +669,7 @@ class CI_Security { protected function _js_img_removal($match) { $attributes = $this->_filter_attributes(str_replace(array('<', '>'), '', $match[1])); - + return str_replace($match[1], preg_replace("#src=.*?(alert\(|alert&\#40;|javascript\:|livescript\:|mocha\:|charset\=|window\.|document\.|\.cookie|<script|<xss|base64\s*,)#si", "", $attributes), $match[0]); } @@ -729,13 +729,13 @@ class CI_Security { } // -------------------------------------------------------------------- - + /** * Validate URL entities * * Called by xss_clean() * - * @param string + * @param string * @return string */ protected function _validate_entities($str) @@ -743,15 +743,15 @@ class CI_Security { /* * Protect GET variables in URLs */ - + // 901119URL5918AMP18930PROTECT8198 - + $str = preg_replace('|\&([a-z\_0-9\-]+)\=([a-z\_0-9\-]+)|i', $this->xss_hash()."\\1=\\2", $str); /* * Validate standard character entities * - * Add a semicolon if missing. We do this to enable + * Add a semicolon if missing. We do this to enable * the conversion of entities to ASCII later. * */ @@ -769,7 +769,7 @@ class CI_Security { * Un-Protect GET variables in URLs */ $str = str_replace($this->xss_hash(), '&', $str); - + return $str; } @@ -794,7 +794,7 @@ class CI_Security { { $str = preg_replace("#".$key."#i", $val, $str); } - + return $str; } @@ -809,16 +809,16 @@ class CI_Security { { if ($this->_csrf_hash == '') { - // If the cookie exists we will use it's value. + // If the cookie exists we will use it's value. // We don't necessarily want to regenerate it with - // each page load since a page could contain embedded + // each page load since a page could contain embedded // sub-pages causing this feature to fail - if (isset($_COOKIE[$this->_csrf_cookie_name]) && + if (isset($_COOKIE[$this->_csrf_cookie_name]) && $_COOKIE[$this->_csrf_cookie_name] != '') { return $this->_csrf_hash = $_COOKIE[$this->_csrf_cookie_name]; } - + return $this->_csrf_hash = md5(uniqid(rand(), TRUE)); } diff --git a/system/core/URI.php b/system/core/URI.php index d56548654..94fac59ac 100644 --- a/system/core/URI.php +++ b/system/core/URI.php @@ -1,4 +1,4 @@ -<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); /** * CodeIgniter * @@ -36,7 +36,7 @@ class CI_URI { /** * Constructor * - * Simply globalizes the $RTR object. The front + * Simply globalizes the $RTR object. The front * loads the Router class early on so it's not available * normally as other classes are. * @@ -85,7 +85,7 @@ class CI_URI { } // No PATH_INFO?... What about QUERY_STRING? - $path = (isset($_SERVER['QUERY_STRING'])) ? $_SERVER['QUERY_STRING'] : @getenv('QUERY_STRING'); + $path = (isset($_SERVER['QUERY_STRING'])) ? $_SERVER['QUERY_STRING'] : @getenv('QUERY_STRING'); if (trim($path, '/') != '') { $this->_set_uri_string($path); @@ -251,7 +251,7 @@ class CI_URI { */ function _remove_url_suffix() { - if ($this->config->item('url_suffix') != "") + if ($this->config->item('url_suffix') != "") { $this->uri_string = preg_replace("|".preg_quote($this->config->item('url_suffix'))."$|", "", $this->uri_string); } @@ -285,7 +285,7 @@ class CI_URI { * Re-index Segments * * This function re-indexes the $this->segment array so that it - * starts at 1 rather than 0. Doing so makes it simpler to + * starts at 1 rather than 0. Doing so makes it simpler to * use functions like $this->uri->segment(n) since there is * a 1:1 relationship between the segment array and the actual segments. * @@ -323,7 +323,7 @@ class CI_URI { * Fetch a URI "routed" Segment * * This function returns the re-routed URI segment (assuming routing rules are used) - * based on the number provided. If there is no routing this function returns the + * based on the number provided. If there is no routing this function returns the * same result as $this->segment() * * @access public @@ -425,7 +425,7 @@ class CI_URI { $i = 0; $lastval = ''; - $retval = array(); + $retval = array(); foreach ($segments as $seg) { if ($i % 2) diff --git a/system/core/Utf8.php b/system/core/Utf8.php index 2a27d1f35..738d7e9d8 100644 --- a/system/core/Utf8.php +++ b/system/core/Utf8.php @@ -1,4 +1,4 @@ -<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); /** * CodeIgniter * |