summaryrefslogtreecommitdiffstats
path: root/system/core
diff options
context:
space:
mode:
Diffstat (limited to 'system/core')
-rw-r--r--system/core/Config.php14
-rw-r--r--system/core/Loader.php2
-rw-r--r--system/core/Security.php14
3 files changed, 15 insertions, 15 deletions
diff --git a/system/core/Config.php b/system/core/Config.php
index 4b4e5a7ba..2f6a9e085 100644
--- a/system/core/Config.php
+++ b/system/core/Config.php
@@ -43,7 +43,7 @@ class CI_Config {
*
* @var array
*/
- public $config = array();
+ public $config = array();
/**
* List of all loaded config files
@@ -102,13 +102,13 @@ class CI_Config {
{
$file = ($file === '') ? 'config' : str_replace('.php', '', $file);
$found = $loaded = FALSE;
+
+ $check_locations = defined('ENVIRONMENT')
+ ? array(ENVIRONMENT.'/'.$file, $file)
+ : array($file);
foreach ($this->_config_paths as $path)
{
- $check_locations = defined('ENVIRONMENT')
- ? array(ENVIRONMENT.'/'.$file, $file)
- : array($file);
-
foreach ($check_locations as $location)
{
$file_path = $path.'config/'.$location.'.php';
@@ -172,7 +172,7 @@ class CI_Config {
{
return FALSE;
}
- show_error('The configuration file '.$file.'.php'.' does not exist.');
+ show_error('The configuration file '.$file.'.php does not exist.');
}
return TRUE;
@@ -271,7 +271,7 @@ class CI_Config {
*/
public function base_url($uri = '')
{
- return $this->slash_item('base_url').ltrim($this->_uri_string($uri),'/');
+ return $this->slash_item('base_url').ltrim($this->_uri_string($uri), '/');
}
// -------------------------------------------------------------
diff --git a/system/core/Loader.php b/system/core/Loader.php
index 94739c74a..d51ee0b34 100644
--- a/system/core/Loader.php
+++ b/system/core/Loader.php
@@ -820,7 +820,7 @@ class CI_Loader {
/*
* Extract and cache variables
*
- * You can either set variables using the dedicated $this->load_vars()
+ * You can either set variables using the dedicated $this->load->vars()
* function or via the second parameter of this function. We'll merge
* the two types and cache them so that views that are embedded within
* other views can have access to these variables.
diff --git a/system/core/Security.php b/system/core/Security.php
index 227217e75..b22d2cf19 100644
--- a/system/core/Security.php
+++ b/system/core/Security.php
@@ -395,20 +395,20 @@ class CI_Security {
if (preg_match('/<a/i', $str))
{
- $str = preg_replace_callback('#<a\s+([^>]*?)(>|$)#si', array($this, '_js_link_removal'), $str);
+ $str = preg_replace_callback('#<a\s+([^>]*?)(?:>|$)#si', array($this, '_js_link_removal'), $str);
}
if (preg_match('/<img/i', $str))
{
- $str = preg_replace_callback('#<img\s+([^>]*?)(\s?/?>|$)#si', array($this, '_js_img_removal'), $str);
+ $str = preg_replace_callback('#<img\s+([^>]*?)(?:\s?/?>|$)#si', array($this, '_js_img_removal'), $str);
}
- if (preg_match('/(script|xss)/i', $str))
+ if (preg_match('/script|xss/i', $str))
{
- $str = preg_replace('#<(/*)(script|xss)(.*?)\>#si', '[removed]', $str);
+ $str = preg_replace('#</*(?:script|xss).*?>#si', '[removed]', $str);
}
}
- while($original !== $str);
+ while ($original !== $str);
unset($original);
@@ -683,7 +683,7 @@ class CI_Security {
protected function _js_link_removal($match)
{
return str_replace($match[1],
- preg_replace('#href=.*?(alert\(|alert&\#40;|javascript\:|livescript\:|mocha\:|charset\=|window\.|document\.|\.cookie|<script|<xss|data\s*:)#si',
+ preg_replace('#href=.*?(?:alert\(|alert&\#40;|javascript:|livescript:|mocha:|charset=|window\.|document\.|\.cookie|<script|<xss|data\s*:)#si',
'',
$this->_filter_attributes(str_replace(array('<', '>'), '', $match[1]))
),
@@ -706,7 +706,7 @@ class CI_Security {
protected function _js_img_removal($match)
{
return str_replace($match[1],
- preg_replace('#src=.*?(alert\(|alert&\#40;|javascript\:|livescript\:|mocha\:|charset\=|window\.|document\.|\.cookie|<script|<xss|base64\s*,)#si',
+ preg_replace('#src=.*?(?:alert\(|alert&\#40;|javascript:|livescript:|mocha:|charset=|window\.|document\.|\.cookie|<script|<xss|base64\s*,)#si',
'',
$this->_filter_attributes(str_replace(array('<', '>'), '', $match[1]))
),