summaryrefslogtreecommitdiffstats
path: root/system/core
diff options
context:
space:
mode:
Diffstat (limited to 'system/core')
-rw-r--r--system/core/CodeIgniter.php51
-rw-r--r--system/core/Common.php7
-rw-r--r--system/core/Loader.php15
-rw-r--r--system/core/Log.php3
-rw-r--r--system/core/Output.php3
-rw-r--r--system/core/Security.php32
-rw-r--r--system/core/compat/hash.php2
-rw-r--r--system/core/compat/password.php2
-rw-r--r--system/core/compat/standard.php48
9 files changed, 10 insertions, 153 deletions
diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php
index 97cac90ad..dfc90af2a 100644
--- a/system/core/CodeIgniter.php
+++ b/system/core/CodeIgniter.php
@@ -79,57 +79,6 @@ defined('BASEPATH') OR exit('No direct script access allowed');
*/
require_once(BASEPATH.'core/Common.php');
-
-/*
- * ------------------------------------------------------
- * Security procedures
- * ------------------------------------------------------
- */
-
-if ( ! is_php('5.4'))
-{
- ini_set('magic_quotes_runtime', 0);
-
- if ((bool) ini_get('register_globals'))
- {
- $_protected = array(
- '_SERVER',
- '_GET',
- '_POST',
- '_FILES',
- '_REQUEST',
- '_SESSION',
- '_ENV',
- '_COOKIE',
- 'GLOBALS',
- 'HTTP_RAW_POST_DATA',
- 'system_path',
- 'application_folder',
- 'view_folder',
- '_protected',
- '_registered'
- );
-
- $_registered = ini_get('variables_order');
- foreach (array('E' => '_ENV', 'G' => '_GET', 'P' => '_POST', 'C' => '_COOKIE', 'S' => '_SERVER') as $key => $superglobal)
- {
- if (strpos($_registered, $key) === FALSE)
- {
- continue;
- }
-
- foreach (array_keys($$superglobal) as $var)
- {
- if (isset($GLOBALS[$var]) && ! in_array($var, $_protected, TRUE))
- {
- $GLOBALS[$var] = NULL;
- }
- }
- }
- }
-}
-
-
/*
* ------------------------------------------------------
* Define a custom error handler so we can log PHP errors
diff --git a/system/core/Common.php b/system/core/Common.php
index 91c585f7d..48eb233c2 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -81,8 +81,7 @@ if ( ! function_exists('is_really_writable'))
* Tests for file writability
*
* is_writable() returns TRUE on Windows servers when you really can't write to
- * the file, based on the read-only attribute. is_writable() is also unreliable
- * on Unix servers if safe_mode is on.
+ * the file, based on the read-only attribute.
*
* @link https://bugs.php.net/bug.php?id=54709
* @param string
@@ -90,8 +89,8 @@ if ( ! function_exists('is_really_writable'))
*/
function is_really_writable($file)
{
- // If we're on a Unix server with safe_mode off we call is_writable
- if (DIRECTORY_SEPARATOR === '/' && (is_php('5.4') OR ! ini_get('safe_mode')))
+ // If we're on a UNIX-like server, just is_writable()
+ if (DIRECTORY_SEPARATOR === '/')
{
return is_writable($file);
}
diff --git a/system/core/Loader.php b/system/core/Loader.php
index 1111481b7..b52296499 100644
--- a/system/core/Loader.php
+++ b/system/core/Loader.php
@@ -954,7 +954,7 @@ class CI_Loader {
}
extract($this->_ci_cached_vars);
- /*
+ /**
* Buffer the output
*
* We buffer the output for two reasons:
@@ -967,18 +967,7 @@ class CI_Loader {
*/
ob_start();
- // If the PHP installation does not support short tags we'll
- // do a little string replacement, changing the short tags
- // to standard PHP echo statements.
- if ( ! is_php('5.4') && ! ini_get('short_open_tag') && config_item('rewrite_short_tags') === TRUE)
- {
- echo eval('?>'.preg_replace('/;*\s*\?>/', '; ?>', str_replace('<?=', '<?php echo ', file_get_contents($_ci_path))));
- }
- else
- {
- include($_ci_path); // include() vs include_once() allows for multiple views with the same name
- }
-
+ include($_ci_path); // include() vs include_once() allows for multiple views with the same name
log_message('info', 'File loaded: '.$_ci_path);
// Return the file data if requested
diff --git a/system/core/Log.php b/system/core/Log.php
index cf6c75a95..902162647 100644
--- a/system/core/Log.php
+++ b/system/core/Log.php
@@ -283,9 +283,6 @@ class CI_Log {
{
if (self::$func_override)
{
- // mb_substr($str, $start, null, '8bit') returns an empty
- // string on PHP 5.3
- isset($length) OR $length = ($start >= 0 ? self::strlen($str) - $start : -$start);
return mb_substr($str, $start, $length, '8bit');
}
diff --git a/system/core/Output.php b/system/core/Output.php
index 94a6340e7..febccdaef 100644
--- a/system/core/Output.php
+++ b/system/core/Output.php
@@ -836,9 +836,6 @@ class CI_Output {
{
if (self::$func_override)
{
- // mb_substr($str, $start, null, '8bit') returns an empty
- // string on PHP 5.3
- isset($length) OR $length = ($start >= 0 ? self::strlen($str) - $start : -$start);
return mb_substr($str, $start, $length, '8bit');
}
diff --git a/system/core/Security.php b/system/core/Security.php
index d0308c5f9..a80b52fd1 100644
--- a/system/core/Security.php
+++ b/system/core/Security.php
@@ -626,7 +626,7 @@ class CI_Security {
if (is_readable('/dev/urandom') && ($fp = fopen('/dev/urandom', 'rb')) !== FALSE)
{
// Try not to waste entropy ...
- is_php('5.4') && stream_set_chunk_size($fp, $length);
+ stream_set_chunk_size($fp, $length);
$output = fread($fp, $length);
fclose($fp);
if ($output !== FALSE)
@@ -671,26 +671,8 @@ class CI_Security {
static $_entities;
- isset($charset) OR $charset = $this->charset;
- $flag = is_php('5.4')
- ? ENT_COMPAT | ENT_HTML5
- : ENT_COMPAT;
-
- if ( ! isset($_entities))
- {
- $_entities = array_map('strtolower', get_html_translation_table(HTML_ENTITIES, $flag, $charset));
-
- // If we're not on PHP 5.4+, add the possibly dangerous HTML 5
- // entities to the array manually
- if ($flag === ENT_COMPAT)
- {
- $_entities[':'] = '&colon;';
- $_entities['('] = '&lpar;';
- $_entities[')'] = '&rpar;';
- $_entities["\n"] = '&NewLine;';
- $_entities["\t"] = '&Tab;';
- }
- }
+ isset($charset) OR $charset = $this->charset;
+ isset($_entities) OR $_entities = array_map('strtolower', get_html_translation_table(HTML_ENTITIES, ENT_COMPAT | ENT_HTML5, $charset));
do
{
@@ -715,14 +697,9 @@ class CI_Security {
// Decode numeric & UTF16 two byte entities
$str = html_entity_decode(
preg_replace('/(&#(?:x0*[0-9a-f]{2,5}(?![0-9a-f;])|(?:0*\d{2,4}(?![0-9;]))))/iS', '$1;', $str),
- $flag,
+ ENT_COMPAT | ENT_HTML5,
$charset
);
-
- if ($flag === ENT_COMPAT)
- {
- $str = str_replace(array_values($_entities), array_keys($_entities), $str);
- }
}
while ($str_compare !== $str);
return $str;
@@ -1074,5 +1051,4 @@ class CI_Security {
return $this->_csrf_hash;
}
-
}
diff --git a/system/core/compat/hash.php b/system/core/compat/hash.php
index d567d0f80..5fec4cc67 100644
--- a/system/core/compat/hash.php
+++ b/system/core/compat/hash.php
@@ -203,8 +203,6 @@ if ( ! function_exists('hash_pbkdf2'))
'ripemd160' => 64,
'ripemd256' => 64,
'ripemd320' => 64,
- 'salsa10' => 64,
- 'salsa20' => 64,
'sha1' => 64,
'sha224' => 64,
'sha256' => 64,
diff --git a/system/core/compat/password.php b/system/core/compat/password.php
index 1b5219e7b..e58422557 100644
--- a/system/core/compat/password.php
+++ b/system/core/compat/password.php
@@ -141,7 +141,7 @@ if ( ! function_exists('password_hash'))
}
// Try not to waste entropy ...
- is_php('5.4') && stream_set_chunk_size($fp, 16);
+ stream_set_chunk_size($fp, 16);
$options['salt'] = '';
for ($read = 0; $read < 16; $read = ($func_override) ? mb_strlen($options['salt'], '8bit') : strlen($options['salt']))
diff --git a/system/core/compat/standard.php b/system/core/compat/standard.php
index 6b7caa485..ca5046e56 100644
--- a/system/core/compat/standard.php
+++ b/system/core/compat/standard.php
@@ -132,51 +132,3 @@ if ( ! function_exists('array_column'))
return $result;
}
}
-
-// ------------------------------------------------------------------------
-
-if (is_php('5.4'))
-{
- return;
-}
-
-// ------------------------------------------------------------------------
-
-if ( ! function_exists('hex2bin'))
-{
- /**
- * hex2bin()
- *
- * @link http://php.net/hex2bin
- * @param string $data
- * @return string
- */
- function hex2bin($data)
- {
- if (in_array($type = gettype($data), array('array', 'double', 'object', 'resource'), TRUE))
- {
- if ($type === 'object' && method_exists($data, '__toString'))
- {
- $data = (string) $data;
- }
- else
- {
- trigger_error('hex2bin() expects parameter 1 to be string, '.$type.' given', E_USER_WARNING);
- return NULL;
- }
- }
-
- if (strlen($data) % 2 !== 0)
- {
- trigger_error('Hexadecimal input string must have an even length', E_USER_WARNING);
- return FALSE;
- }
- elseif ( ! preg_match('/^[0-9a-f]*$/i', $data))
- {
- trigger_error('Input string must be hexadecimal string', E_USER_WARNING);
- return FALSE;
- }
-
- return pack('H*', $data);
- }
-}