summaryrefslogtreecommitdiffstats
path: root/system/core
diff options
context:
space:
mode:
Diffstat (limited to 'system/core')
-rwxr-xr-xsystem/core/Benchmark.php2
-rwxr-xr-xsystem/core/CodeIgniter.php16
-rw-r--r--system/core/Common.php222
-rwxr-xr-xsystem/core/Config.php6
-rw-r--r--system/core/Controller.php2
-rwxr-xr-xsystem/core/Exceptions.php8
-rwxr-xr-xsystem/core/Hooks.php34
-rwxr-xr-xsystem/core/Input.php130
-rwxr-xr-xsystem/core/Lang.php2
-rw-r--r--system/core/Loader.php76
-rwxr-xr-xsystem/core/Model.php2
-rwxr-xr-xsystem/core/Output.php56
-rwxr-xr-xsystem/core/Router.php34
-rwxr-xr-xsystem/core/Security.php55
-rwxr-xr-xsystem/core/URI.php24
-rw-r--r--system/core/Utf8.php2
16 files changed, 346 insertions, 325 deletions
diff --git a/system/core/Benchmark.php b/system/core/Benchmark.php
index f4dfd3dab..f6b634deb 100755
--- a/system/core/Benchmark.php
+++ b/system/core/Benchmark.php
@@ -2,7 +2,7 @@
/**
* CodeIgniter
*
- * An open source application development framework for PHP 5.1.6 or newer
+ * An open source application development framework for PHP 5.2.4 or newer
*
* NOTICE OF LICENSE
*
diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php
index 7af3c485d..4885f310c 100755
--- a/system/core/CodeIgniter.php
+++ b/system/core/CodeIgniter.php
@@ -2,7 +2,7 @@
/**
* CodeIgniter
*
- * An open source application development framework for PHP 5.1.6 or newer
+ * An open source application development framework for PHP 5.2.4 or newer
*
* NOTICE OF LICENSE
*
@@ -133,7 +133,7 @@
* Is there a "pre_system" hook?
* ------------------------------------------------------
*/
- $EXT->_call_hook('pre_system');
+ $EXT->call_hook('pre_system');
/*
* ------------------------------------------------------
@@ -194,7 +194,7 @@
* Is there a valid cache file? If so, we're done...
* ------------------------------------------------------
*/
- if ($EXT->_call_hook('cache_override') === FALSE
+ if ($EXT->call_hook('cache_override') === FALSE
&& $OUT->_display_cache($CFG, $URI) == TRUE)
{
exit;
@@ -297,7 +297,7 @@
* Is there a "pre_controller" hook?
* ------------------------------------------------------
*/
- $EXT->_call_hook('pre_controller');
+ $EXT->call_hook('pre_controller');
/*
* ------------------------------------------------------
@@ -314,7 +314,7 @@
* Is there a "post_controller_constructor" hook?
* ------------------------------------------------------
*/
- $EXT->_call_hook('post_controller_constructor');
+ $EXT->call_hook('post_controller_constructor');
/*
* ------------------------------------------------------
@@ -369,14 +369,14 @@
* Is there a "post_controller" hook?
* ------------------------------------------------------
*/
- $EXT->_call_hook('post_controller');
+ $EXT->call_hook('post_controller');
/*
* ------------------------------------------------------
* Send the final rendered output to the browser
* ------------------------------------------------------
*/
- if ($EXT->_call_hook('display_override') === FALSE)
+ if ($EXT->call_hook('display_override') === FALSE)
{
$OUT->_display();
}
@@ -386,7 +386,7 @@
* Is there a "post_system" hook?
* ------------------------------------------------------
*/
- $EXT->_call_hook('post_system');
+ $EXT->call_hook('post_system');
/*
* ------------------------------------------------------
diff --git a/system/core/Common.php b/system/core/Common.php
index 2f9c4ff43..aeb784bbe 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -2,7 +2,7 @@
/**
* CodeIgniter
*
- * An open source application development framework for PHP 5.1.6 or newer
+ * An open source application development framework for PHP 5.2.4 or newer
*
* NOTICE OF LICENSE
*
@@ -25,8 +25,6 @@
* @filesource
*/
-// ------------------------------------------------------------------------
-
/**
* Common Functions
*
@@ -42,21 +40,20 @@
// ------------------------------------------------------------------------
/**
-* Determines if the current version of PHP is greater then the supplied value
-*
-* Since there are a few places where we conditionally test for PHP > 5
-* we'll set a static variable.
-*
-* @access public
-* @param string
-* @return bool TRUE if the current version is $version or higher
-*/
+ * Determines if the current version of PHP is greater then the supplied value
+ *
+ * Since there are a few places where we conditionally test for PHP > 5
+ * we'll set a static variable.
+ *
+ * @param string
+ * @return bool TRUE if the current version is $version or higher
+ */
if ( ! function_exists('is_php'))
{
function is_php($version = '5.0.0')
{
static $_is_php;
- $version = (string)$version;
+ $version = (string) $version;
if ( ! isset($_is_php[$version]))
{
@@ -76,7 +73,7 @@ if ( ! function_exists('is_php'))
* the file, based on the read-only attribute. is_writable() is also unreliable
* on Unix servers if safe_mode is on.
*
- * @access public
+ * @param string
* @return void
*/
if ( ! function_exists('is_really_writable'))
@@ -84,7 +81,7 @@ if ( ! function_exists('is_really_writable'))
function is_really_writable($file)
{
// If we're on a Unix server with safe_mode off we call is_writable
- if (DIRECTORY_SEPARATOR === '/' AND @ini_get('safe_mode') == FALSE)
+ if (DIRECTORY_SEPARATOR === '/' && (bool) @ini_get('safe_mode') === FALSE)
{
return is_writable($file);
}
@@ -118,18 +115,17 @@ if ( ! function_exists('is_really_writable'))
// ------------------------------------------------------------------------
/**
-* Class registry
-*
-* This function acts as a singleton. If the requested class does not
-* exist it is instantiated and set to a static variable. If it has
-* previously been instantiated the variable is returned.
-*
-* @access public
-* @param string the class name being requested
-* @param string the directory where the class should be found
-* @param string the class name prefix
-* @return object
-*/
+ * Class registry
+ *
+ * This function acts as a singleton. If the requested class does not
+ * exist it is instantiated and set to a static variable. If it has
+ * previously been instantiated the variable is returned.
+ *
+ * @param string the class name being requested
+ * @param string the directory where the class should be found
+ * @param string the class name prefix
+ * @return object
+ */
if ( ! function_exists('load_class'))
{
function &load_class($class, $directory = 'libraries', $prefix = 'CI_')
@@ -177,6 +173,7 @@ if ( ! function_exists('load_class'))
{
// Note: We use exit() rather then show_error() in order to avoid a
// self-referencing loop with the Excptions class
+ set_status_header(503);
exit('Unable to locate the specified class: '.$class.'.php');
}
@@ -191,12 +188,12 @@ if ( ! function_exists('load_class'))
// --------------------------------------------------------------------
/**
-* Keeps track of which libraries have been loaded. This function is
-* called by the load_class() function above
-*
-* @access public
-* @return array
-*/
+ * Keeps track of which libraries have been loaded. This function is
+ * called by the load_class() function above
+ *
+ * @param string
+ * @return array
+ */
if ( ! function_exists('is_loaded'))
{
function &is_loaded($class = '')
@@ -215,14 +212,14 @@ if ( ! function_exists('is_loaded'))
// ------------------------------------------------------------------------
/**
-* Loads the main config.php file
-*
-* This function lets us grab the config file even if the Config class
-* hasn't been instantiated yet
-*
-* @access private
-* @return array
-*/
+ * Loads the main config.php file
+ *
+ * This function lets us grab the config file even if the Config class
+ * hasn't been instantiated yet
+ *
+ * @param array
+ * @return array
+ */
if ( ! function_exists('get_config'))
{
function &get_config($replace = array())
@@ -243,6 +240,7 @@ if ( ! function_exists('get_config'))
// Fetch the config file
if ( ! file_exists($file_path))
{
+ set_status_header(503);
exit('The configuration file does not exist.');
}
@@ -251,6 +249,7 @@ if ( ! function_exists('get_config'))
// Does the $config array exist in the file?
if ( ! isset($config) OR ! is_array($config))
{
+ set_status_header(503);
exit('Your config file does not appear to be formatted correctly.');
}
@@ -273,11 +272,11 @@ if ( ! function_exists('get_config'))
// ------------------------------------------------------------------------
/**
-* Returns the specified config item
-*
-* @access public
-* @return mixed
-*/
+ * Returns the specified config item
+ *
+ * @param string
+ * @return mixed
+ */
if ( ! function_exists('config_item'))
{
function config_item($item)
@@ -302,17 +301,19 @@ if ( ! function_exists('config_item'))
// ------------------------------------------------------------------------
/**
-* Error Handler
-*
-* This function lets us invoke the exception class and
-* display errors using the standard error template located
-* in application/errors/errors.php
-* This function will send the error page directly to the
-* browser and exit.
-*
-* @access public
-* @return void
-*/
+ * Error Handler
+ *
+ * This function lets us invoke the exception class and
+ * display errors using the standard error template located
+ * in application/errors/errors.php
+ * This function will send the error page directly to the
+ * browser and exit.
+ *
+ * @param string
+ * @param int
+ * @param string
+ * @return void
+ */
if ( ! function_exists('show_error'))
{
function show_error($message, $status_code = 500, $heading = 'An Error Was Encountered')
@@ -326,15 +327,16 @@ if ( ! function_exists('show_error'))
// ------------------------------------------------------------------------
/**
-* 404 Page Handler
-*
-* This function is similar to the show_error() function above
-* However, instead of the standard error template it displays
-* 404 errors.
-*
-* @access public
-* @return void
-*/
+ * 404 Page Handler
+ *
+ * This function is similar to the show_error() function above
+ * However, instead of the standard error template it displays
+ * 404 errors.
+ *
+ * @param string
+ * @param bool
+ * @return void
+ */
if ( ! function_exists('show_404'))
{
function show_404($page = '', $log_error = TRUE)
@@ -348,14 +350,16 @@ if ( ! function_exists('show_404'))
// ------------------------------------------------------------------------
/**
-* Error Logging Interface
-*
-* We use this as a simple mechanism to access the logging
-* class and send messages to be logged.
-*
-* @access public
-* @return void
-*/
+ * Error Logging Interface
+ *
+ * We use this as a simple mechanism to access the logging
+ * class and send messages to be logged.
+ *
+ * @param string
+ * @param string
+ * @param bool
+ * @return void
+ */
if ( ! function_exists('log_message'))
{
function log_message($level = 'error', $message, $php_error = FALSE)
@@ -377,8 +381,7 @@ if ( ! function_exists('log_message'))
/**
* Set HTTP Status Header
*
- * @access public
- * @param int the status code
+ * @param int the status code
* @param string
* @return void
*/
@@ -434,7 +437,7 @@ if ( ! function_exists('set_status_header'))
show_error('Status codes must be numeric', 500);
}
- if (isset($stati[$code]) AND $text == '')
+ if (isset($stati[$code]) && $text == '')
{
$text = $stati[$code];
}
@@ -444,19 +447,19 @@ if ( ! function_exists('set_status_header'))
show_error('No status text available. Please check your status code number or supply your own message text.', 500);
}
- $server_protocol = (isset($_SERVER['SERVER_PROTOCOL'])) ? $_SERVER['SERVER_PROTOCOL'] : FALSE;
+ $server_protocol = isset($_SERVER['SERVER_PROTOCOL']) ? $_SERVER['SERVER_PROTOCOL'] : FALSE;
if (strpos(php_sapi_name(), 'cgi') === 0)
{
- header("Status: {$code} {$text}", TRUE);
+ header('Status: '.$code.' '.$text, TRUE);
}
- elseif ($server_protocol == 'HTTP/1.1' OR $server_protocol == 'HTTP/1.0')
+ elseif ($server_protocol === 'HTTP/1.0')
{
- header($server_protocol." {$code} {$text}", TRUE, $code);
+ header('HTTP/1.0 '.$code.' '.$text, TRUE, $code);
}
else
{
- header("HTTP/1.1 {$code} {$text}", TRUE, $code);
+ header('HTTP/1.1 '.$code.' '.$text, TRUE, $code);
}
}
}
@@ -464,19 +467,22 @@ if ( ! function_exists('set_status_header'))
// --------------------------------------------------------------------
/**
-* Exception Handler
-*
-* This is the custom exception handler that is declaired at the top
-* of Codeigniter.php. The main reason we use this is to permit
-* PHP errors to be logged in our own log files since the user may
-* not have access to server logs. Since this function
-* effectively intercepts PHP errors, however, we also need
-* to display errors based on the current error_reporting level.
-* We do that with the use of a PHP error template.
-*
-* @access private
-* @return void
-*/
+ * Exception Handler
+ *
+ * This is the custom exception handler that is declaired at the top
+ * of Codeigniter.php. The main reason we use this is to permit
+ * PHP errors to be logged in our own log files since the user may
+ * not have access to server logs. Since this function
+ * effectively intercepts PHP errors, however, we also need
+ * to display errors based on the current error_reporting level.
+ * We do that with the use of a PHP error template.
+ *
+ * @param int
+ * @param string
+ * @param string
+ * @param int
+ * @return void
+ */
if ( ! function_exists('_exception_handler'))
{
function _exception_handler($severity, $message, $filepath, $line)
@@ -518,8 +524,8 @@ if ( ! function_exists('_exception_handler'))
* This prevents sandwiching null characters
* between ascii characters, like Java\0script.
*
- * @access public
* @param string
+ * @param bool
* @return string
*/
if ( ! function_exists('remove_invisible_characters'))
@@ -551,26 +557,20 @@ if ( ! function_exists('remove_invisible_characters'))
// ------------------------------------------------------------------------
/**
-* Returns HTML escaped variable
-*
-* @access public
-* @param mixed
-* @return mixed
-*/
+ * Returns HTML escaped variable
+ *
+ * @param mixed
+ * @return mixed
+ */
if ( ! function_exists('html_escape'))
{
function html_escape($var)
{
- if (is_array($var))
- {
- return array_map('html_escape', $var);
- }
- else
- {
- return htmlspecialchars($var, ENT_QUOTES, config_item('charset'));
- }
+ return is_array($var)
+ ? array_map('html_escape', $var)
+ : htmlspecialchars($var, ENT_QUOTES, config_item('charset'));
}
}
/* End of file Common.php */
-/* Location: ./system/core/Common.php */
+/* Location: ./system/core/Common.php */ \ No newline at end of file
diff --git a/system/core/Config.php b/system/core/Config.php
index 66369115a..91826bd41 100755
--- a/system/core/Config.php
+++ b/system/core/Config.php
@@ -2,7 +2,7 @@
/**
* CodeIgniter
*
- * An open source application development framework for PHP 5.1.6 or newer
+ * An open source application development framework for PHP 5.2.4 or newer
*
* NOTICE OF LICENSE
*
@@ -76,11 +76,11 @@ class CI_Config {
log_message('debug', 'Config Class Initialized');
// Set the base_url automatically if none was provided
- if ($this->config['base_url'] == '')
+ if (empty($this->config['base_url']))
{
if (isset($_SERVER['HTTP_HOST']))
{
- $base_url = isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) !== 'off' ? 'https' : 'http';
+ $base_url = ! empty($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) !== 'off' ? 'https' : 'http';
$base_url .= '://'. $_SERVER['HTTP_HOST']
. str_replace(basename($_SERVER['SCRIPT_NAME']), '', $_SERVER['SCRIPT_NAME']);
}
diff --git a/system/core/Controller.php b/system/core/Controller.php
index 0dc131701..05e1bf5bf 100644
--- a/system/core/Controller.php
+++ b/system/core/Controller.php
@@ -2,7 +2,7 @@
/**
* CodeIgniter
*
- * An open source application development framework for PHP 5.1.6 or newer
+ * An open source application development framework for PHP 5.2.4 or newer
*
* NOTICE OF LICENSE
*
diff --git a/system/core/Exceptions.php b/system/core/Exceptions.php
index bf9901252..f36b31598 100755
--- a/system/core/Exceptions.php
+++ b/system/core/Exceptions.php
@@ -2,7 +2,7 @@
/**
* CodeIgniter
*
- * An open source application development framework for PHP 5.1.6 or newer
+ * An open source application development framework for PHP 5.2.4 or newer
*
* NOTICE OF LICENSE
*
@@ -25,8 +25,6 @@
* @filesource
*/
-// ------------------------------------------------------------------------
-
/**
* Exceptions Class
*
@@ -163,7 +161,7 @@ class CI_Exceptions {
* @param string the error line number
* @return string
*/
- function show_php_error($severity, $message, $filepath, $line)
+ public function show_php_error($severity, $message, $filepath, $line)
{
$severity = ( ! isset($this->levels[$severity])) ? $severity : $this->levels[$severity];
$filepath = str_replace('\\', '/', $filepath);
@@ -189,4 +187,4 @@ class CI_Exceptions {
}
/* End of file Exceptions.php */
-/* Location: ./system/core/Exceptions.php */
+/* Location: ./system/core/Exceptions.php */ \ No newline at end of file
diff --git a/system/core/Hooks.php b/system/core/Hooks.php
index e1ac58e6e..68e30ef0f 100755
--- a/system/core/Hooks.php
+++ b/system/core/Hooks.php
@@ -2,7 +2,7 @@
/**
* CodeIgniter
*
- * An open source application development framework for PHP 5.1.6 or newer
+ * An open source application development framework for PHP 5.2.4 or newer
*
* NOTICE OF LICENSE
*
@@ -25,8 +25,6 @@
* @filesource
*/
-// ------------------------------------------------------------------------
-
/**
* CodeIgniter Hooks Class
*
@@ -51,7 +49,7 @@ class CI_Hooks {
*
* @var array
*/
- public $hooks = array();
+ public $hooks = array();
/**
* Determines wether hook is in progress, used to prevent infinte loops
*
@@ -59,23 +57,17 @@ class CI_Hooks {
*/
public $in_progress = FALSE;
- public function __construct()
- {
- $this->_initialize();
- log_message('debug', 'Hooks Class Initialized');
- }
-
- // --------------------------------------------------------------------
-
/**
* Initialize the Hooks Preferences
*
* @return void
*/
- private function _initialize()
+ public function __construct()
{
$CFG =& load_class('Config', 'core');
+ log_message('debug', 'Hooks Class Initialized');
+
// If hooks are not enabled in the config file
// there is nothing else to do
if ($CFG->item('enable_hooks') == FALSE)
@@ -84,7 +76,7 @@ class CI_Hooks {
}
// Grab the "hooks" definition file.
- if (defined('ENVIRONMENT') AND is_file(APPPATH.'config/'.ENVIRONMENT.'/hooks.php'))
+ if (defined('ENVIRONMENT') && is_file(APPPATH.'config/'.ENVIRONMENT.'/hooks.php'))
{
include(APPPATH.'config/'.ENVIRONMENT.'/hooks.php');
}
@@ -113,14 +105,14 @@ class CI_Hooks {
* @param string the hook name
* @return mixed
*/
- public function _call_hook($which = '')
+ public function call_hook($which = '')
{
if ( ! $this->enabled OR ! isset($this->hooks[$which]))
{
return FALSE;
}
- if (isset($this->hooks[$which][0]) AND is_array($this->hooks[$which][0]))
+ if (isset($this->hooks[$which][0]) && is_array($this->hooks[$which][0]))
{
foreach ($this->hooks[$which] as $val)
{
@@ -167,7 +159,7 @@ class CI_Hooks {
// Set file path
// -----------------------------------
- if ( ! isset($data['filepath']) OR ! isset($data['filename']))
+ if ( ! isset($data['filepath'], $data['filename']))
{
return FALSE;
}
@@ -187,12 +179,12 @@ class CI_Hooks {
$function = FALSE;
$params = '';
- if (isset($data['class']) AND $data['class'] != '')
+ if ( ! empty($data['class']))
{
$class = $data['class'];
}
- if (isset($data['function']))
+ if ( ! empty($data['function']))
{
$function = $data['function'];
}
@@ -202,7 +194,7 @@ class CI_Hooks {
$params = $data['params'];
}
- if ($class === FALSE AND $function === FALSE)
+ if ($class === FALSE && $function === FALSE)
{
return FALSE;
}
@@ -244,4 +236,4 @@ class CI_Hooks {
}
/* End of file Hooks.php */
-/* Location: ./system/core/Hooks.php */
+/* Location: ./system/core/Hooks.php */ \ No newline at end of file
diff --git a/system/core/Input.php b/system/core/Input.php
index 7a16e51ab..6e6885992 100755
--- a/system/core/Input.php
+++ b/system/core/Input.php
@@ -2,7 +2,7 @@
/**
* CodeIgniter
*
- * An open source application development framework for PHP 5.1.6 or newer
+ * An open source application development framework for PHP 5.2.4 or newer
*
* NOTICE OF LICENSE
*
@@ -25,8 +25,6 @@
* @filesource
*/
-// ------------------------------------------------------------------------
-
/**
* Input Class
*
@@ -152,7 +150,7 @@ class CI_Input {
public function get($index = NULL, $xss_clean = FALSE)
{
// Check if a field has been provided
- if ($index === NULL AND ! empty($_GET))
+ if ($index === NULL && ! empty($_GET))
{
$get = array();
@@ -179,7 +177,7 @@ class CI_Input {
public function post($index = NULL, $xss_clean = FALSE)
{
// Check if a field has been provided
- if ($index === NULL AND ! empty($_POST))
+ if ($index === NULL && ! empty($_POST))
{
$post = array();
@@ -206,9 +204,9 @@ class CI_Input {
*/
public function get_post($index = '', $xss_clean = FALSE)
{
- return ( ! isset($_POST[$index]))
- ? $this->get($index, $xss_clean)
- : $this->post($index, $xss_clean);
+ return isset($_POST[$index])
+ ? $this->post($index, $xss_clean)
+ : $this->get($index, $xss_clean);
}
// --------------------------------------------------------------------
@@ -230,7 +228,7 @@ class CI_Input {
/**
* Set cookie
*
- * Accepts six parameter, or you can submit an associative
+ * Accepts seven parameters, or you can submit an associative
* array in the first parameter containing all the values.
*
* @param mixed
@@ -240,14 +238,15 @@ class CI_Input {
* @param string the cookie path
* @param string the cookie prefix
* @param bool true makes the cookie secure
+ * @param bool true makes the cookie accessible via http(s) only (no javascript)
* @return void
*/
- public function set_cookie($name = '', $value = '', $expire = '', $domain = '', $path = '/', $prefix = '', $secure = FALSE)
+ public function set_cookie($name = '', $value = '', $expire = '', $domain = '', $path = '/', $prefix = '', $secure = FALSE, $httponly = FALSE)
{
if (is_array($name))
{
// always leave 'name' in last place, as the loop will break otherwise, due to $$item
- foreach (array('value', 'expire', 'domain', 'path', 'prefix', 'secure', 'name') as $item)
+ foreach (array('value', 'expire', 'domain', 'path', 'prefix', 'secure', 'httponly', 'name') as $item)
{
if (isset($name[$item]))
{
@@ -256,22 +255,26 @@ class CI_Input {
}
}
- if ($prefix == '' AND config_item('cookie_prefix') != '')
+ if ($prefix == '' && config_item('cookie_prefix') != '')
{
$prefix = config_item('cookie_prefix');
}
- if ($domain == '' AND config_item('cookie_domain') != '')
+ if ($domain == '' && config_item('cookie_domain') != '')
{
$domain = config_item('cookie_domain');
}
- if ($path == '/' AND config_item('cookie_path') != '/')
+ if ($path == '/' && config_item('cookie_path') !== '/')
{
$path = config_item('cookie_path');
}
- if ($secure == FALSE AND config_item('cookie_secure') != FALSE)
+ if ($secure == FALSE && config_item('cookie_secure') != FALSE)
{
$secure = config_item('cookie_secure');
}
+ if ($httponly == FALSE && config_item('cookie_httponly') != FALSE)
+ {
+ $httponly = config_item('cookie_httponly');
+ }
if ( ! is_numeric($expire))
{
@@ -282,7 +285,7 @@ class CI_Input {
$expire = ($expire > 0) ? time() + $expire : 0;
}
- setcookie($prefix.$name, $value, $expire, $path, $domain, $secure);
+ setcookie($prefix.$name, $value, $expire, $path, $domain, $secure, $httponly);
}
// --------------------------------------------------------------------
@@ -320,11 +323,11 @@ class CI_Input {
$this->ip_address = in_array($_SERVER['REMOTE_ADDR'], $proxies) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR'];
}
- elseif ( ! $this->server('HTTP_CLIENT_IP') AND $this->server('REMOTE_ADDR'))
+ elseif ( ! $this->server('HTTP_CLIENT_IP') && $this->server('REMOTE_ADDR'))
{
$this->ip_address = $_SERVER['REMOTE_ADDR'];
}
- elseif ($this->server('REMOTE_ADDR') AND $this->server('HTTP_CLIENT_IP'))
+ elseif ($this->server('REMOTE_ADDR') && $this->server('HTTP_CLIENT_IP'))
{
$this->ip_address = $_SERVER['HTTP_CLIENT_IP'];
}
@@ -368,36 +371,7 @@ class CI_Input {
*/
public function valid_ip($ip)
{
- // if php version >= 5.2, use filter_var to check validate ip.
- if (function_exists('filter_var'))
- {
- return (bool) filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4);
- }
-
- $ip_segments = explode('.', $ip);
-
- // Always 4 segments needed
- if (count($ip_segments) !== 4)
- {
- return FALSE;
- }
- // IP can not start with 0
- if ($ip_segments[0][0] == '0')
- {
- return FALSE;
- }
- // Check each segment
- foreach ($ip_segments as $segment)
- {
- // IP segments must be digits and can not be
- // longer than 3 digits or greater then 255
- if ($segment == '' OR preg_match('/[^0-9]/', $segment) OR $segment > 255 OR strlen($segment) > 3)
- {
- return FALSE;
- }
- }
-
- return TRUE;
+ return (bool) filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4);
}
// --------------------------------------------------------------------
@@ -414,7 +388,7 @@ class CI_Input {
return $this->user_agent;
}
- return $this->user_agent = ( ! isset($_SERVER['HTTP_USER_AGENT'])) ? FALSE : $_SERVER['HTTP_USER_AGENT'];
+ return $this->user_agent = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : FALSE;
}
// --------------------------------------------------------------------
@@ -469,19 +443,16 @@ class CI_Input {
{
$_GET = array();
}
- else
+ elseif (is_array($_GET) && count($_GET) > 0)
{
- if (is_array($_GET) AND count($_GET) > 0)
+ foreach ($_GET as $key => $val)
{
- foreach ($_GET as $key => $val)
- {
- $_GET[$this->_clean_input_keys($key)] = $this->_clean_input_data($val);
- }
+ $_GET[$this->_clean_input_keys($key)] = $this->_clean_input_data($val);
}
}
// Clean $_POST Data
- if (is_array($_POST) AND count($_POST) > 0)
+ if (is_array($_POST) && count($_POST) > 0)
{
foreach ($_POST as $key => $val)
{
@@ -490,7 +461,7 @@ class CI_Input {
}
// Clean $_COOKIE Data
- if (is_array($_COOKIE) AND count($_COOKIE) > 0)
+ if (is_array($_COOKIE) && count($_COOKIE) > 0)
{
// Also get rid of specially treated cookies that might be set by a server
// or silly application, that are of no use to a CI application anyway
@@ -568,7 +539,7 @@ class CI_Input {
}
// Standardize newlines if needed
- if ($this->_standardize_newlines == TRUE AND strpos($str, "\r") !== FALSE)
+ if ($this->_standardize_newlines == TRUE && strpos($str, "\r") !== FALSE)
{
return str_replace(array("\r\n", "\r", "\r\n\n"), PHP_EOL, $str);
}
@@ -592,6 +563,7 @@ class CI_Input {
{
if ( ! preg_match('/^[a-z0-9:_\/-]+$/i', $str))
{
+ set_status_header(503);
exit('Disallowed Key Characters.');
}
@@ -624,7 +596,7 @@ class CI_Input {
}
else
{
- $headers['Content-Type'] = (isset($_SERVER['CONTENT_TYPE'])) ? $_SERVER['CONTENT_TYPE'] : @getenv('CONTENT_TYPE');
+ $headers['Content-Type'] = isset($_SERVER['CONTENT_TYPE']) ? $_SERVER['CONTENT_TYPE'] : @getenv('CONTENT_TYPE');
foreach ($_SERVER as $key => $val)
{
@@ -654,9 +626,9 @@ class CI_Input {
*
* Returns the value of a single member of the headers class member
*
- * @param string array key for $this->headers
- * @param boolean XSS Clean or not
- * @return mixed FALSE on failure, string on success
+ * @param string array key for $this->headers
+ * @param bool XSS Clean or not
+ * @return mixed FALSE on failure, string on success
*/
public function get_request_header($index, $xss_clean = FALSE)
{
@@ -670,12 +642,9 @@ class CI_Input {
return FALSE;
}
- if ($xss_clean === TRUE)
- {
- return $this->security->xss_clean($this->headers[$index]);
- }
-
- return $this->headers[$index];
+ return ($xss_clean === TRUE)
+ ? $this->security->xss_clean($this->headers[$index])
+ : $this->headers[$index];
}
// --------------------------------------------------------------------
@@ -685,11 +654,11 @@ class CI_Input {
*
* Test to see if a request contains the HTTP_X_REQUESTED_WITH header
*
- * @return boolean
+ * @return bool
*/
public function is_ajax_request()
{
- return ($this->server('HTTP_X_REQUESTED_WITH') === 'XMLHttpRequest');
+ return ( ! empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) === 'xmlhttprequest');
}
// --------------------------------------------------------------------
@@ -699,11 +668,28 @@ class CI_Input {
*
* Test to see if a request was made from the command line
*
- * @return boolean
+ * @return bool
*/
public function is_cli_request()
{
- return (php_sapi_name() === 'cli') or defined('STDIN');
+ return (php_sapi_name() === 'cli' OR defined('STDIN'));
+ }
+
+ // --------------------------------------------------------------------
+
+ /**
+ * Get Request Method
+ *
+ * Return the Request Method
+ *
+ * @param bool uppercase or lowercase
+ * @return bool
+ */
+ public function method($upper = FALSE)
+ {
+ return ($upper)
+ ? strtoupper($this->server('REQUEST_METHOD'))
+ : strtolower($this->server('REQUEST_METHOD'));
}
}
diff --git a/system/core/Lang.php b/system/core/Lang.php
index c40a6856e..9ef76f4d6 100755
--- a/system/core/Lang.php
+++ b/system/core/Lang.php
@@ -2,7 +2,7 @@
/**
* CodeIgniter
*
- * An open source application development framework for PHP 5.1.6 or newer
+ * An open source application development framework for PHP 5.2.4 or newer
*
* NOTICE OF LICENSE
*
diff --git a/system/core/Loader.php b/system/core/Loader.php
index 12daaa928..027ed20e5 100644
--- a/system/core/Loader.php
+++ b/system/core/Loader.php
@@ -2,7 +2,7 @@
/**
* CodeIgniter
*
- * An open source application development framework for PHP 5.1.6 or newer
+ * An open source application development framework for PHP 5.2.4 or newer
*
* NOTICE OF LICENSE
*
@@ -25,8 +25,6 @@
* @filesource
*/
-// ------------------------------------------------------------------------
-
/**
* Loader Class
*
@@ -281,7 +279,7 @@ class CI_Loader {
continue;
}
- if ($db_conn !== FALSE AND ! class_exists('CI_DB'))
+ if ($db_conn !== FALSE && ! class_exists('CI_DB'))
{
if ($db_conn === TRUE)
{
@@ -324,7 +322,7 @@ class CI_Loader {
$CI =& get_instance();
// Do we even need to load the database class?
- if (class_exists('CI_DB') AND $return == FALSE AND $active_record == NULL AND isset($CI->db) AND is_object($CI->db))
+ if (class_exists('CI_DB') && $return == FALSE && $active_record == NULL && isset($CI->db) && is_object($CI->db))
{
return FALSE;
}
@@ -399,13 +397,13 @@ class CI_Loader {
/**
* Load View
*
- * This function is used to load a "view" file. It has three parameters:
+ * This function is used to load a "view" file. It has three parameters:
*
* 1. The name of the "view" file to be included.
* 2. An associative array of data to be extracted for use in the view.
- * 3. TRUE/FALSE - whether to return the data or load it. In
- * some cases it's advantageous to be able to return data so that
- * a developer can process it in some way.
+ * 3. TRUE/FALSE - whether to return the data or load it. In
+ * some cases it's advantageous to be able to return data so that
+ * a developer can process it in some way.
*
* @param string
* @param array
@@ -447,14 +445,14 @@ class CI_Loader {
*/
public function vars($vars = array(), $val = '')
{
- if ($val != '' AND is_string($vars))
+ if ($val != '' && is_string($vars))
{
$vars = array($vars => $val);
}
$vars = $this->_ci_object_to_array($vars);
- if (is_array($vars) AND count($vars) > 0)
+ if (is_array($vars) && count($vars) > 0)
{
foreach ($vars as $key => $val)
{
@@ -615,13 +613,22 @@ class CI_Loader {
*
* Loads a driver library
*
- * @param string the name of the class
+ * @param mixed the name of the class or array of classes
* @param mixed the optional parameters
* @param string an optional object name
* @return void
*/
public function driver($library = '', $params = NULL, $object_name = NULL)
{
+ if (is_array($library))
+ {
+ foreach ($library as $driver)
+ {
+ $this->driver($driver);
+ }
+ return FALSE;
+ }
+
if ( ! class_exists('CI_Driver_Library'))
{
// we aren't instantiating an object here, that'll be done by the Library itself
@@ -651,7 +658,7 @@ class CI_Loader {
* Prepends a parent path to the library, model, helper, and config path arrays
*
* @param string
- * @param boolean
+ * @param bool
* @return void
*/
public function add_package_path($path, $view_cascade=TRUE)
@@ -692,9 +699,9 @@ class CI_Loader {
* Remove a path from the library, model, and helper path arrays if it exists
* If no path is provided, the most recently added path is removed.
*
- * @param type
+ * @param string
* @param bool
- * @return type
+ * @return void
*/
public function remove_package_path($path = '', $remove_config_path = TRUE)
{
@@ -755,7 +762,7 @@ class CI_Loader {
// Set the default data variables
foreach (array('_ci_view', '_ci_vars', '_ci_path', '_ci_return') as $_ci_val)
{
- $$_ci_val = ( ! isset($_ci_data[$_ci_val])) ? FALSE : $_ci_data[$_ci_val];
+ $$_ci_val = isset($_ci_data[$_ci_val]) ? $_ci_data[$_ci_val] : FALSE;
}
$file_exists = FALSE;
@@ -833,7 +840,7 @@ class CI_Loader {
// If the PHP installation does not support short tags we'll
// do a little string replacement, changing the short tags
// to standard PHP echo statements.
- if ((bool) @ini_get('short_open_tag') === FALSE AND config_item('rewrite_short_tags') == TRUE)
+ if ( ! is_php('5.4') && (bool) @ini_get('short_open_tag') === FALSE && config_item('rewrite_short_tags') == TRUE)
{
echo eval('?>'.preg_replace('/;*\s*\?>/', '; ?>', str_replace('<?=', '<?php echo ', file_get_contents($_ci_path))));
}
@@ -1010,11 +1017,11 @@ class CI_Loader {
* @param string
* @param bool
* @param string an optional object name
- * @return null
+ * @return void
*/
protected function _ci_init_class($class, $prefix = '', $config = FALSE, $object_name = NULL)
{
- // Is there an associated config file for this class? Note: these should always be lowercase
+ // Is there an associated config file for this class? Note: these should always be lowercase
if ($config === NULL)
{
// Fetch the config paths containing any package paths
@@ -1029,24 +1036,24 @@ class CI_Loader {
// We test for both uppercase and lowercase, for servers that
// are case-sensitive with regard to file names. Check for environment
// first, global next
- if (defined('ENVIRONMENT') AND file_exists($path .'config/'.ENVIRONMENT.'/'.strtolower($class).'.php'))
+ if (defined('ENVIRONMENT') && file_exists($path.'config/'.ENVIRONMENT.'/'.strtolower($class).'.php'))
{
- include($path .'config/'.ENVIRONMENT.'/'.strtolower($class).'.php');
+ include($path.'config/'.ENVIRONMENT.'/'.strtolower($class).'.php');
break;
}
- elseif (defined('ENVIRONMENT') AND file_exists($path .'config/'.ENVIRONMENT.'/'.ucfirst(strtolower($class)).'.php'))
+ elseif (defined('ENVIRONMENT') && file_exists($path.'config/'.ENVIRONMENT.'/'.ucfirst(strtolower($class)).'.php'))
{
- include($path .'config/'.ENVIRONMENT.'/'.ucfirst(strtolower($class)).'.php');
+ include($path.'config/'.ENVIRONMENT.'/'.ucfirst(strtolower($class)).'.php');
break;
}
- elseif (file_exists($path .'config/'.strtolower($class).'.php'))
+ elseif (file_exists($path.'config/'.strtolower($class).'.php'))
{
- include($path .'config/'.strtolower($class).'.php');
+ include($path.'config/'.strtolower($class).'.php');
break;
}
- elseif (file_exists($path .'config/'.ucfirst(strtolower($class)).'.php'))
+ elseif (file_exists($path.'config/'.ucfirst(strtolower($class)).'.php'))
{
- include($path .'config/'.ucfirst(strtolower($class)).'.php');
+ include($path.'config/'.ucfirst(strtolower($class)).'.php');
break;
}
}
@@ -1086,7 +1093,7 @@ class CI_Loader {
if (is_null($object_name))
{
- $classvar = ( ! isset($this->_ci_varmap[$class])) ? $class : $this->_ci_varmap[$class];
+ $classvar = isset($this->_ci_varmap[$class]) ? $this->_ci_varmap[$class] : $class;
}
else
{
@@ -1104,7 +1111,7 @@ class CI_Loader {
}
else
{
- $CI->$classvar = new $name;
+ $CI->$classvar = new $name();
}
}
@@ -1121,7 +1128,7 @@ class CI_Loader {
*/
protected function _ci_autoloader()
{
- if (defined('ENVIRONMENT') AND file_exists(APPPATH.'config/'.ENVIRONMENT.'/autoload.php'))
+ if (defined('ENVIRONMENT') && file_exists(APPPATH.'config/'.ENVIRONMENT.'/autoload.php'))
{
include(APPPATH.'config/'.ENVIRONMENT.'/autoload.php');
}
@@ -1157,14 +1164,14 @@ class CI_Loader {
// Autoload helpers and languages
foreach (array('helper', 'language') as $type)
{
- if (isset($autoload[$type]) AND count($autoload[$type]) > 0)
+ if (isset($autoload[$type]) && count($autoload[$type]) > 0)
{
$this->$type($autoload[$type]);
}
}
// Load libraries
- if (isset($autoload['libraries']) AND count($autoload['libraries']) > 0)
+ if (isset($autoload['libraries']) && count($autoload['libraries']) > 0)
{
// Load the database driver.
if (in_array('database', $autoload['libraries']))
@@ -1199,7 +1206,7 @@ class CI_Loader {
*/
protected function _ci_object_to_array($object)
{
- return (is_object($object)) ? get_object_vars($object) : $object;
+ return is_object($object) ? get_object_vars($object) : $object;
}
// --------------------------------------------------------------------
@@ -1243,7 +1250,8 @@ class CI_Loader {
return $filename;
}
}
+
}
/* End of file Loader.php */
-/* Location: ./system/core/Loader.php */
+/* Location: ./system/core/Loader.php */ \ No newline at end of file
diff --git a/system/core/Model.php b/system/core/Model.php
index a595a6ae2..49b8d34e4 100755
--- a/system/core/Model.php
+++ b/system/core/Model.php
@@ -2,7 +2,7 @@
/**
* CodeIgniter
*
- * An open source application development framework for PHP 5.1.6 or newer
+ * An open source application development framework for PHP 5.2.4 or newer
*
* NOTICE OF LICENSE
*
diff --git a/system/core/Output.php b/system/core/Output.php
index abd8a0ea9..3cb40626a 100755
--- a/system/core/Output.php
+++ b/system/core/Output.php
@@ -2,7 +2,7 @@
/**
* CodeIgniter
*
- * An open source application development framework for PHP 5.1.6 or newer
+ * An open source application development framework for PHP 5.2.4 or newer
*
* NOTICE OF LICENSE
*
@@ -25,8 +25,6 @@
* @filesource
*/
-// ------------------------------------------------------------------------
-
/**
* Output Class
*
@@ -45,37 +43,37 @@ class CI_Output {
*
* @var string
*/
- protected $final_output;
+ public $final_output;
/**
* Cache expiration time
*
* @var int
*/
- protected $cache_expiration = 0;
+ public $cache_expiration = 0;
/**
* List of server headers
*
* @var array
*/
- protected $headers = array();
+ public $headers = array();
/**
* List of mime types
*
* @var array
*/
- protected $mime_types = array();
+ public $mime_types = array();
/**
* Determines wether profiler is enabled
*
* @var book
*/
- protected $enable_profiler = FALSE;
+ public $enable_profiler = FALSE;
/**
* Determines if output compression is enabled
*
* @var bool
*/
- protected $_zlib_oc = FALSE;
+ protected $_zlib_oc = FALSE;
/**
* List of profiler sections
*
@@ -87,14 +85,14 @@ class CI_Output {
*
* @var bool
*/
- protected $parse_exec_vars = TRUE;
+ public $parse_exec_vars = TRUE;
public function __construct()
{
$this->_zlib_oc = @ini_get('zlib.output_compression');
// Get mime types for later
- if (defined('ENVIRONMENT') AND file_exists(APPPATH.'config/'.ENVIRONMENT.'/mimes.php'))
+ if (defined('ENVIRONMENT') && file_exists(APPPATH.'config/'.ENVIRONMENT.'/mimes.php'))
{
include APPPATH.'config/'.ENVIRONMENT.'/mimes.php';
}
@@ -226,10 +224,30 @@ class CI_Output {
// --------------------------------------------------------------------
/**
+ * Get Current Content Type Header
+ *
+ * @return string 'text/html', if not already set
+ */
+ public function get_content_type()
+ {
+ for ($i = 0, $c = count($this->headers); $i < $c; $i++)
+ {
+ if (preg_match('/^Content-Type:\s(.+)$/', $this->headers[$i][0], $matches))
+ {
+ return $matches[1];
+ }
+ }
+
+ return 'text/html';
+ }
+
+ // --------------------------------------------------------------------
+
+ /**
* Set HTTP Status Header
* moved to Common procedural functions in 1.7.2
*
- * @param int the status code
+ * @param int the status code
* @param string
* @return void
*/
@@ -249,7 +267,7 @@ class CI_Output {
*/
public function enable_profiler($val = TRUE)
{
- $this->enable_profiler = (is_bool($val)) ? $val : TRUE;
+ $this->enable_profiler = is_bool($val) ? $val : TRUE;
return $this;
}
@@ -267,7 +285,7 @@ class CI_Output {
{
foreach ($sections as $section => $enable)
{
- $this->_profiler_sections[$section] = ($enable !== FALSE) ? TRUE : FALSE;
+ $this->_profiler_sections[$section] = ($enable !== FALSE);
}
return $this;
@@ -278,12 +296,12 @@ class CI_Output {
/**
* Set Cache
*
- * @param integer
+ * @param int
* @return void
*/
public function cache($time)
{
- $this->cache_expiration = ( ! is_numeric($time)) ? 0 : $time;
+ $this->cache_expiration = is_numeric($time) ? $time : 0;
return $this;
}
@@ -297,7 +315,7 @@ class CI_Output {
* $this->final_output
*
* This function sends the finalized output data to the browser along
- * with any server headers and profile data. It also stops the
+ * with any server headers and profile data. It also stops the
* benchmark timer so the page rendering speed and memory usage can be shown.
*
* @param string
@@ -343,7 +361,7 @@ class CI_Output {
if ($this->parse_exec_vars === TRUE)
{
- $memory = ( ! function_exists('memory_get_usage')) ? '0' : round(memory_get_usage()/1024/1024, 2).'MB';
+ $memory = function_exists('memory_get_usage') ? round(memory_get_usage()/1024/1024, 2).'MB' : '0';
$output = str_replace(array('{elapsed_time}', '{memory_usage}'), array($elapsed, $memory), $output);
}
@@ -520,4 +538,4 @@ class CI_Output {
}
/* End of file Output.php */
-/* Location: ./system/core/Output.php */
+/* Location: ./system/core/Output.php */ \ No newline at end of file
diff --git a/system/core/Router.php b/system/core/Router.php
index d21319565..5477fed5d 100755
--- a/system/core/Router.php
+++ b/system/core/Router.php
@@ -2,7 +2,7 @@
/**
* CodeIgniter
*
- * An open source application development framework for PHP 5.1.6 or newer
+ * An open source application development framework for PHP 5.2.4 or newer
*
* NOTICE OF LICENSE
*
@@ -25,8 +25,6 @@
* @filesource
*/
-// ------------------------------------------------------------------------
-
/**
* Router Class
*
@@ -111,7 +109,7 @@ class CI_Router {
// since URI segments are more search-engine friendly, but they can optionally be used.
// If this feature is enabled, we will gather the directory/class/method a little differently
$segments = array();
- if ($this->config->item('enable_query_strings') === TRUE AND isset($_GET[$this->config->item('controller_trigger')]))
+ if ($this->config->item('enable_query_strings') === TRUE && isset($_GET[$this->config->item('controller_trigger')]))
{
if (isset($_GET[$this->config->item('directory_trigger')]))
{
@@ -133,7 +131,7 @@ class CI_Router {
}
// Load the routes.php file.
- if (defined('ENVIRONMENT') AND is_file(APPPATH.'config/'.ENVIRONMENT.'/routes.php'))
+ if (defined('ENVIRONMENT') && is_file(APPPATH.'config/'.ENVIRONMENT.'/routes.php'))
{
include(APPPATH.'config/'.ENVIRONMENT.'/routes.php');
}
@@ -147,7 +145,7 @@ class CI_Router {
// Set the default controller so we can display it in the event
// the URI doesn't correlated to a valid controller.
- $this->default_controller = ( ! isset($this->routes['default_controller']) OR $this->routes['default_controller'] == '') ? FALSE : strtolower($this->routes['default_controller']);
+ $this->default_controller = empty($this->routes['default_controller']) ? FALSE : strtolower($this->routes['default_controller']);
// Were there any query string segments? If so, we'll validate them and bail out since we're done.
if (count($segments) > 0)
@@ -248,8 +246,8 @@ class CI_Router {
// --------------------------------------------------------------------
/**
- * Validates the supplied segments. Attempts to determine the path to
- * the controller.
+ * Validates the supplied segments.
+ * Attempts to determine the path to the controller.
*
* @param array
* @return array
@@ -340,7 +338,7 @@ class CI_Router {
// --------------------------------------------------------------------
/**
- * Parse Routes
+ * Parse Routes
*
* This function matches any routes that may exist in
* the config/routes.php file against the URI to
@@ -369,7 +367,7 @@ class CI_Router {
if (preg_match('#^'.$key.'$#', $uri))
{
// Do we have a back-reference?
- if (strpos($val, '$') !== FALSE AND strpos($key, '(') !== FALSE)
+ if (strpos($val, '$') !== FALSE && strpos($key, '(') !== FALSE)
{
$val = preg_replace('#^'.$key.'$#', $val, $uri);
}
@@ -411,7 +409,7 @@ class CI_Router {
// --------------------------------------------------------------------
/**
- * Set the method name
+ * Set the method name
*
* @param string
* @return void
@@ -424,7 +422,7 @@ class CI_Router {
// --------------------------------------------------------------------
/**
- * Fetch the current method
+ * Fetch the current method
*
* @return string
*/
@@ -441,7 +439,7 @@ class CI_Router {
// --------------------------------------------------------------------
/**
- * Set the directory name
+ * Set the directory name
*
* @param string
* @return void
@@ -454,7 +452,7 @@ class CI_Router {
// --------------------------------------------------------------------
/**
- * Fetch the sub-directory (if any) that contains the requested controller class
+ * Fetch the sub-directory (if any) that contains the requested controller class
*
* @return string
*/
@@ -466,10 +464,10 @@ class CI_Router {
// --------------------------------------------------------------------
/**
- * Set the controller overrides
+ * Set the controller overrides
*
* @param array
- * @return null
+ * @return void
*/
public function _set_overrides($routing)
{
@@ -483,7 +481,7 @@ class CI_Router {
$this->set_directory($routing['directory']);
}
- if (isset($routing['controller']) AND $routing['controller'] != '')
+ if (isset($routing['controller']) && $routing['controller'] != '')
{
$this->set_class($routing['controller']);
}
@@ -498,4 +496,4 @@ class CI_Router {
}
/* End of file Router.php */
-/* Location: ./system/core/Router.php */
+/* Location: ./system/core/Router.php */ \ No newline at end of file
diff --git a/system/core/Security.php b/system/core/Security.php
index 1007f61f4..ac39ce97b 100755
--- a/system/core/Security.php
+++ b/system/core/Security.php
@@ -2,7 +2,7 @@
/**
* CodeIgniter
*
- * An open source application development framework for PHP 5.1.6 or newer
+ * An open source application development framework for PHP 5.2.4 or newer
*
* NOTICE OF LICENSE
*
@@ -25,8 +25,6 @@
* @filesource
*/
-// ------------------------------------------------------------------------
-
/**
* Security Class
*
@@ -106,23 +104,27 @@ class CI_Security {
public function __construct()
{
- // CSRF config
- foreach(array('csrf_expire', 'csrf_token_name', 'csrf_cookie_name') as $key)
+ // Is CSRF protection enabled?
+ if (config_item('csrf_protection') === TRUE)
{
- if (FALSE !== ($val = config_item($key)))
+ // CSRF config
+ foreach (array('csrf_expire', 'csrf_token_name', 'csrf_cookie_name') as $key)
{
- $this->{'_'.$key} = $val;
+ if (FALSE !== ($val = config_item($key)))
+ {
+ $this->{'_'.$key} = $val;
+ }
}
- }
- // Append application specific cookie prefix
- if (config_item('cookie_prefix'))
- {
- $this->_csrf_cookie_name = config_item('cookie_prefix').$this->_csrf_cookie_name;
- }
+ // Append application specific cookie prefix
+ if (config_item('cookie_prefix'))
+ {
+ $this->_csrf_cookie_name = config_item('cookie_prefix').$this->_csrf_cookie_name;
+ }
- // Set the CSRF hash
- $this->_csrf_set_hash();
+ // Set the CSRF hash
+ $this->_csrf_set_hash();
+ }
log_message('debug', 'Security Class Initialized');
}
@@ -136,8 +138,8 @@ class CI_Security {
*/
public function csrf_verify()
{
- // If no POST data exists we will set the CSRF cookie
- if (count($_POST) === 0)
+ // If it's not a POST request we will set the CSRF cookie
+ if (strtoupper($_SERVER['REQUEST_METHOD']) !== 'POST')
{
return $this->csrf_set_cookie();
}
@@ -189,12 +191,20 @@ class CI_Security {
$expire = time() + $this->_csrf_expire;
$secure_cookie = (bool) config_item('cookie_secure');
- if ($secure_cookie && ( ! isset($_SERVER['HTTPS']) OR $_SERVER['HTTPS'] == 'off' OR ! $_SERVER['HTTPS']))
+ if ($secure_cookie && (empty($_SERVER['HTTPS']) OR strtolower($_SERVER['HTTPS']) === 'off'))
{
return FALSE;
}
- setcookie($this->_csrf_cookie_name, $this->_csrf_hash, $expire, config_item('cookie_path'), config_item('cookie_domain'), $secure_cookie);
+ setcookie(
+ $this->_csrf_cookie_name,
+ $this->_csrf_hash,
+ $expire,
+ config_item('cookie_path'),
+ config_item('cookie_domain'),
+ $secure_cookie,
+ config_item('cookie_httponly')
+ );
log_message('debug', 'CRSF cookie Set');
return $this;
@@ -358,7 +368,7 @@ class CI_Security {
foreach ($words as $word)
{
- $word = implode("\s*", str_split($word)) . "\s*";
+ $word = implode('\s*', str_split($word)).'\s*';
// We only want to do this when it is followed by a non-word character
// That way valid stuff like "dealer to" does not become "dealerto"
@@ -425,7 +435,6 @@ class CI_Security {
'\\1\\2&#40;\\3&#41;',
$str);
-
// Final clean up
// This adds a bit of extra precaution in case
// something got through the above filters
@@ -601,7 +610,7 @@ class CI_Security {
}
// find occurrences of illegal attribute strings with quotes (042 and 047 are octal quotes)
- preg_match_all('/('.implode('|', $evil_attributes).')\s*=\s*(\042|\047)([^\\2]*?)(\\2)/is', $str, $matches, PREG_SET_ORDER);
+ preg_match_all('/('.implode('|', $evil_attributes).')\s*=\s*(\042|\047)([^\\2]*?)(\\2)/is', $str, $matches, PREG_SET_ORDER);
foreach ($matches as $attr)
{
@@ -633,7 +642,7 @@ class CI_Security {
{
return '&lt;'.$matches[1].$matches[2].$matches[3] // encode opening brace
// encode captured opening or closing brace to prevent recursive vectors:
- . str_replace(array('>', '<'), array('&gt;', '&lt;'), $matches[4]);
+ .str_replace(array('>', '<'), array('&gt;', '&lt;'), $matches[4]);
}
// --------------------------------------------------------------------
diff --git a/system/core/URI.php b/system/core/URI.php
index b28ee198b..48bb7ae3c 100755
--- a/system/core/URI.php
+++ b/system/core/URI.php
@@ -2,7 +2,7 @@
/**
* CodeIgniter
*
- * An open source application development framework for PHP 5.1.6 or newer
+ * An open source application development framework for PHP 5.2.4 or newer
*
* NOTICE OF LICENSE
*
@@ -22,7 +22,6 @@
* @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0)
* @link http://codeigniter.com
* @since Version 1.0
- * @filesource
*/
// ------------------------------------------------------------------------
@@ -93,7 +92,7 @@ class CI_URI {
if (strtoupper($this->config->item('uri_protocol')) === 'AUTO')
{
// Is the request coming from the command line?
- if (php_sapi_name() === 'cli' OR defined('STDIN'))
+ if ($this->_is_cli_request())
{
$this->_set_uri_string($this->_parse_cli_args());
return;
@@ -227,6 +226,21 @@ class CI_URI {
}
// --------------------------------------------------------------------
+
+ /**
+ * Is cli Request?
+ *
+ * Duplicate of function from the Input class to test to see if a request was made from the command line
+ *
+ * @return boolean
+ */
+ protected function _is_cli_request()
+ {
+ return (php_sapi_name() == 'cli') OR defined('STDIN');
+ }
+
+
+ // --------------------------------------------------------------------
/**
* Parse cli arguments
@@ -444,9 +458,7 @@ class CI_URI {
return array();
}
- return function_exists('array_fill_keys')
- ? array_fill_keys($default, FALSE)
- : array_combine($default, array_fill(0, count($default), FALSE));
+ return array_fill_keys($default, FALSE);
}
$segments = array_slice($this->$segment_array(), ($n - 1));
diff --git a/system/core/Utf8.php b/system/core/Utf8.php
index 0e180d36f..ba3567453 100644
--- a/system/core/Utf8.php
+++ b/system/core/Utf8.php
@@ -2,7 +2,7 @@
/**
* CodeIgniter
*
- * An open source application development framework for PHP 5.1.6 or newer
+ * An open source application development framework for PHP 5.2.4 or newer
*
* NOTICE OF LICENSE
*