diff options
Diffstat (limited to 'system/core')
-rwxr-xr-x | system/core/Benchmark.php | 2 | ||||
-rwxr-xr-x | system/core/CodeIgniter.php | 2 | ||||
-rw-r--r-- | system/core/Common.php | 2 | ||||
-rwxr-xr-x | system/core/Config.php | 2 | ||||
-rw-r--r-- | system/core/Controller.php | 2 | ||||
-rwxr-xr-x | system/core/Exceptions.php | 2 | ||||
-rwxr-xr-x | system/core/Hooks.php | 2 | ||||
-rwxr-xr-x | system/core/Input.php | 50 | ||||
-rwxr-xr-x | system/core/Lang.php | 2 | ||||
-rw-r--r-- | system/core/Loader.php | 15 | ||||
-rwxr-xr-x | system/core/Model.php | 2 | ||||
-rwxr-xr-x | system/core/Output.php | 2 | ||||
-rwxr-xr-x | system/core/Router.php | 2 | ||||
-rwxr-xr-x | system/core/Security.php | 45 | ||||
-rwxr-xr-x | system/core/URI.php | 6 | ||||
-rw-r--r-- | system/core/Utf8.php | 2 |
16 files changed, 68 insertions, 72 deletions
diff --git a/system/core/Benchmark.php b/system/core/Benchmark.php index f4dfd3dab..f6b634deb 100755 --- a/system/core/Benchmark.php +++ b/system/core/Benchmark.php @@ -2,7 +2,7 @@ /** * CodeIgniter * - * An open source application development framework for PHP 5.1.6 or newer + * An open source application development framework for PHP 5.2.4 or newer * * NOTICE OF LICENSE * diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index 7af3c485d..a79a69590 100755 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -2,7 +2,7 @@ /** * CodeIgniter * - * An open source application development framework for PHP 5.1.6 or newer + * An open source application development framework for PHP 5.2.4 or newer * * NOTICE OF LICENSE * diff --git a/system/core/Common.php b/system/core/Common.php index 491979350..f20acafd4 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -2,7 +2,7 @@ /** * CodeIgniter * - * An open source application development framework for PHP 5.1.6 or newer + * An open source application development framework for PHP 5.2.4 or newer * * NOTICE OF LICENSE * diff --git a/system/core/Config.php b/system/core/Config.php index 68417435d..1e149d005 100755 --- a/system/core/Config.php +++ b/system/core/Config.php @@ -2,7 +2,7 @@ /** * CodeIgniter * - * An open source application development framework for PHP 5.1.6 or newer + * An open source application development framework for PHP 5.2.4 or newer * * NOTICE OF LICENSE * diff --git a/system/core/Controller.php b/system/core/Controller.php index 0dc131701..05e1bf5bf 100644 --- a/system/core/Controller.php +++ b/system/core/Controller.php @@ -2,7 +2,7 @@ /** * CodeIgniter * - * An open source application development framework for PHP 5.1.6 or newer + * An open source application development framework for PHP 5.2.4 or newer * * NOTICE OF LICENSE * diff --git a/system/core/Exceptions.php b/system/core/Exceptions.php index bf9901252..d7282b1f3 100755 --- a/system/core/Exceptions.php +++ b/system/core/Exceptions.php @@ -2,7 +2,7 @@ /** * CodeIgniter * - * An open source application development framework for PHP 5.1.6 or newer + * An open source application development framework for PHP 5.2.4 or newer * * NOTICE OF LICENSE * diff --git a/system/core/Hooks.php b/system/core/Hooks.php index e1ac58e6e..493822f36 100755 --- a/system/core/Hooks.php +++ b/system/core/Hooks.php @@ -2,7 +2,7 @@ /** * CodeIgniter * - * An open source application development framework for PHP 5.1.6 or newer + * An open source application development framework for PHP 5.2.4 or newer * * NOTICE OF LICENSE * diff --git a/system/core/Input.php b/system/core/Input.php index ee15f4013..901b4147e 100755 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -2,7 +2,7 @@ /** * CodeIgniter * - * An open source application development framework for PHP 5.1.6 or newer + * An open source application development framework for PHP 5.2.4 or newer * * NOTICE OF LICENSE * @@ -366,36 +366,7 @@ class CI_Input { */ public function valid_ip($ip) { - // if php version >= 5.2, use filter_var to check validate ip. - if (function_exists('filter_var')) - { - return (bool) filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4); - } - - $ip_segments = explode('.', $ip); - - // Always 4 segments needed - if (count($ip_segments) !== 4) - { - return FALSE; - } - // IP can not start with 0 - if ($ip_segments[0][0] == '0') - { - return FALSE; - } - // Check each segment - foreach ($ip_segments as $segment) - { - // IP segments must be digits and can not be - // longer than 3 digits or greater then 255 - if ($segment == '' OR preg_match('/[^0-9]/', $segment) OR $segment > 255 OR strlen($segment) > 3) - { - return FALSE; - } - } - - return TRUE; + return (bool) filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4); } // -------------------------------------------------------------------- @@ -699,6 +670,23 @@ class CI_Input { return (php_sapi_name() === 'cli' OR defined('STDIN')); } + // -------------------------------------------------------------------- + + /** + * Get Request Method + * + * Return the Request Method + * + * @param bool uppercase or lowercase + * @return bool + */ + public function method($upper = FALSE) + { + return ($upper) + ? strtoupper($this->server('REQUEST_METHOD')) + : strtolower($this->server('REQUEST_METHOD')); + } + } /* End of file Input.php */ diff --git a/system/core/Lang.php b/system/core/Lang.php index c40a6856e..9ef76f4d6 100755 --- a/system/core/Lang.php +++ b/system/core/Lang.php @@ -2,7 +2,7 @@ /** * CodeIgniter * - * An open source application development framework for PHP 5.1.6 or newer + * An open source application development framework for PHP 5.2.4 or newer * * NOTICE OF LICENSE * diff --git a/system/core/Loader.php b/system/core/Loader.php index 12daaa928..9b9cc2fef 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -2,7 +2,7 @@ /** * CodeIgniter * - * An open source application development framework for PHP 5.1.6 or newer + * An open source application development framework for PHP 5.2.4 or newer * * NOTICE OF LICENSE * @@ -615,13 +615,22 @@ class CI_Loader { * * Loads a driver library * - * @param string the name of the class + * @param mixed the name of the class or array of classes * @param mixed the optional parameters * @param string an optional object name * @return void */ public function driver($library = '', $params = NULL, $object_name = NULL) { + if (is_array($library)) + { + foreach ($library as $driver) + { + $this->driver($driver); + } + return FALSE; + } + if ( ! class_exists('CI_Driver_Library')) { // we aren't instantiating an object here, that'll be done by the Library itself @@ -833,7 +842,7 @@ class CI_Loader { // If the PHP installation does not support short tags we'll // do a little string replacement, changing the short tags // to standard PHP echo statements. - if ((bool) @ini_get('short_open_tag') === FALSE AND config_item('rewrite_short_tags') == TRUE) + if ( ! is_php('5.4') && (bool) @ini_get('short_open_tag') === FALSE && config_item('rewrite_short_tags') == TRUE) { echo eval('?>'.preg_replace('/;*\s*\?>/', '; ?>', str_replace('<?=', '<?php echo ', file_get_contents($_ci_path)))); } diff --git a/system/core/Model.php b/system/core/Model.php index a595a6ae2..49b8d34e4 100755 --- a/system/core/Model.php +++ b/system/core/Model.php @@ -2,7 +2,7 @@ /** * CodeIgniter * - * An open source application development framework for PHP 5.1.6 or newer + * An open source application development framework for PHP 5.2.4 or newer * * NOTICE OF LICENSE * diff --git a/system/core/Output.php b/system/core/Output.php index abd8a0ea9..faebbbe72 100755 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -2,7 +2,7 @@ /** * CodeIgniter * - * An open source application development framework for PHP 5.1.6 or newer + * An open source application development framework for PHP 5.2.4 or newer * * NOTICE OF LICENSE * diff --git a/system/core/Router.php b/system/core/Router.php index d21319565..b251abb4b 100755 --- a/system/core/Router.php +++ b/system/core/Router.php @@ -2,7 +2,7 @@ /** * CodeIgniter * - * An open source application development framework for PHP 5.1.6 or newer + * An open source application development framework for PHP 5.2.4 or newer * * NOTICE OF LICENSE * diff --git a/system/core/Security.php b/system/core/Security.php index 1007f61f4..cd8a61028 100755 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -2,7 +2,7 @@ /** * CodeIgniter * - * An open source application development framework for PHP 5.1.6 or newer + * An open source application development framework for PHP 5.2.4 or newer * * NOTICE OF LICENSE * @@ -25,8 +25,6 @@ * @filesource */ -// ------------------------------------------------------------------------ - /** * Security Class * @@ -106,23 +104,27 @@ class CI_Security { public function __construct() { - // CSRF config - foreach(array('csrf_expire', 'csrf_token_name', 'csrf_cookie_name') as $key) + // Is CSRF protection enabled? + if (config_item('csrf_protection') === TRUE) { - if (FALSE !== ($val = config_item($key))) + // CSRF config + foreach (array('csrf_expire', 'csrf_token_name', 'csrf_cookie_name') as $key) { - $this->{'_'.$key} = $val; + if (FALSE !== ($val = config_item($key))) + { + $this->{'_'.$key} = $val; + } } - } - // Append application specific cookie prefix - if (config_item('cookie_prefix')) - { - $this->_csrf_cookie_name = config_item('cookie_prefix').$this->_csrf_cookie_name; - } + // Append application specific cookie prefix + if (config_item('cookie_prefix')) + { + $this->_csrf_cookie_name = config_item('cookie_prefix').$this->_csrf_cookie_name; + } - // Set the CSRF hash - $this->_csrf_set_hash(); + // Set the CSRF hash + $this->_csrf_set_hash(); + } log_message('debug', 'Security Class Initialized'); } @@ -136,8 +138,8 @@ class CI_Security { */ public function csrf_verify() { - // If no POST data exists we will set the CSRF cookie - if (count($_POST) === 0) + // If it's not a POST request we will set the CSRF cookie + if (strtoupper($_SERVER['REQUEST_METHOD']) !== 'POST') { return $this->csrf_set_cookie(); } @@ -189,7 +191,7 @@ class CI_Security { $expire = time() + $this->_csrf_expire; $secure_cookie = (bool) config_item('cookie_secure'); - if ($secure_cookie && ( ! isset($_SERVER['HTTPS']) OR $_SERVER['HTTPS'] == 'off' OR ! $_SERVER['HTTPS'])) + if ($secure_cookie && (empty($_SERVER['HTTPS']) OR strtolower($_SERVER['HTTPS']) === 'off')) { return FALSE; } @@ -358,7 +360,7 @@ class CI_Security { foreach ($words as $word) { - $word = implode("\s*", str_split($word)) . "\s*"; + $word = implode('\s*', str_split($word)).'\s*'; // We only want to do this when it is followed by a non-word character // That way valid stuff like "dealer to" does not become "dealerto" @@ -425,7 +427,6 @@ class CI_Security { '\\1\\2(\\3)', $str); - // Final clean up // This adds a bit of extra precaution in case // something got through the above filters @@ -601,7 +602,7 @@ class CI_Security { } // find occurrences of illegal attribute strings with quotes (042 and 047 are octal quotes) - preg_match_all('/('.implode('|', $evil_attributes).')\s*=\s*(\042|\047)([^\\2]*?)(\\2)/is', $str, $matches, PREG_SET_ORDER); + preg_match_all('/('.implode('|', $evil_attributes).')\s*=\s*(\042|\047)([^\\2]*?)(\\2)/is', $str, $matches, PREG_SET_ORDER); foreach ($matches as $attr) { @@ -633,7 +634,7 @@ class CI_Security { { return '<'.$matches[1].$matches[2].$matches[3] // encode opening brace // encode captured opening or closing brace to prevent recursive vectors: - . str_replace(array('>', '<'), array('>', '<'), $matches[4]); + .str_replace(array('>', '<'), array('>', '<'), $matches[4]); } // -------------------------------------------------------------------- diff --git a/system/core/URI.php b/system/core/URI.php index b28ee198b..4a2e87c2a 100755 --- a/system/core/URI.php +++ b/system/core/URI.php @@ -2,7 +2,7 @@ /** * CodeIgniter * - * An open source application development framework for PHP 5.1.6 or newer + * An open source application development framework for PHP 5.2.4 or newer * * NOTICE OF LICENSE * @@ -444,9 +444,7 @@ class CI_URI { return array(); } - return function_exists('array_fill_keys') - ? array_fill_keys($default, FALSE) - : array_combine($default, array_fill(0, count($default), FALSE)); + return array_fill_keys($default, FALSE); } $segments = array_slice($this->$segment_array(), ($n - 1)); diff --git a/system/core/Utf8.php b/system/core/Utf8.php index 0e180d36f..ba3567453 100644 --- a/system/core/Utf8.php +++ b/system/core/Utf8.php @@ -2,7 +2,7 @@ /** * CodeIgniter * - * An open source application development framework for PHP 5.1.6 or newer + * An open source application development framework for PHP 5.2.4 or newer * * NOTICE OF LICENSE * |