summaryrefslogtreecommitdiffstats
path: root/system/core
diff options
context:
space:
mode:
Diffstat (limited to 'system/core')
-rw-r--r--[-rwxr-xr-x]system/core/Benchmark.php21
-rw-r--r--[-rwxr-xr-x]system/core/CodeIgniter.php74
-rw-r--r--system/core/Common.php442
-rw-r--r--[-rwxr-xr-x]system/core/Config.php57
-rw-r--r--system/core/Controller.php22
-rw-r--r--[-rwxr-xr-x]system/core/Exceptions.php61
-rw-r--r--[-rwxr-xr-x]system/core/Hooks.php44
-rw-r--r--[-rwxr-xr-x]system/core/Input.php385
-rw-r--r--[-rwxr-xr-x]system/core/Lang.php50
-rw-r--r--system/core/Loader.php160
-rw-r--r--[-rwxr-xr-x]system/core/Model.php12
-rw-r--r--[-rwxr-xr-x]system/core/Output.php111
-rw-r--r--[-rwxr-xr-x]system/core/Router.php62
-rw-r--r--[-rwxr-xr-x]system/core/Security.php176
-rw-r--r--[-rwxr-xr-x]system/core/URI.php113
-rw-r--r--system/core/Utf8.php12
16 files changed, 950 insertions, 852 deletions
diff --git a/system/core/Benchmark.php b/system/core/Benchmark.php
index f4dfd3dab..2fabdf46e 100755..100644
--- a/system/core/Benchmark.php
+++ b/system/core/Benchmark.php
@@ -2,7 +2,7 @@
/**
* CodeIgniter
*
- * An open source application development framework for PHP 5.1.6 or newer
+ * An open source application development framework for PHP 5.2.4 or newer
*
* NOTICE OF LICENSE
*
@@ -25,13 +25,11 @@
* @filesource
*/
-// ------------------------------------------------------------------------
-
/**
* CodeIgniter Benchmark Class
*
* This class enables you to mark points and calculate the time difference
- * between them. Memory consumption can also be displayed.
+ * between them. Memory consumption can also be displayed.
*
* @package CodeIgniter
* @subpackage Libraries
@@ -46,7 +44,7 @@ class CI_Benchmark {
*
* @var array
*/
- public $marker = array();
+ public $marker = array();
// --------------------------------------------------------------------
@@ -61,7 +59,7 @@ class CI_Benchmark {
*/
public function mark($name)
{
- $this->marker[$name] = microtime();
+ $this->marker[$name] = microtime(TRUE);
}
// --------------------------------------------------------------------
@@ -81,7 +79,7 @@ class CI_Benchmark {
*/
public function elapsed_time($point1 = '', $point2 = '', $decimals = 4)
{
- if ($point1 == '')
+ if ($point1 === '')
{
return '{elapsed_time}';
}
@@ -93,13 +91,10 @@ class CI_Benchmark {
if ( ! isset($this->marker[$point2]))
{
- $this->marker[$point2] = microtime();
+ $this->marker[$point2] = microtime(TRUE);
}
- list($sm, $ss) = explode(' ', $this->marker[$point1]);
- list($em, $es) = explode(' ', $this->marker[$point2]);
-
- return number_format(($em + $es) - ($sm + $ss), $decimals);
+ return number_format($this->marker[$point2] - $this->marker[$point1], $decimals);
}
// --------------------------------------------------------------------
@@ -122,4 +117,4 @@ class CI_Benchmark {
}
/* End of file Benchmark.php */
-/* Location: ./system/core/Benchmark.php */
+/* Location: ./system/core/Benchmark.php */ \ No newline at end of file
diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php
index 7af3c485d..8159b19f5 100755..100644
--- a/system/core/CodeIgniter.php
+++ b/system/core/CodeIgniter.php
@@ -2,7 +2,7 @@
/**
* CodeIgniter
*
- * An open source application development framework for PHP 5.1.6 or newer
+ * An open source application development framework for PHP 5.2.4 or newer
*
* NOTICE OF LICENSE
*
@@ -25,15 +25,13 @@
* @filesource
*/
-// ------------------------------------------------------------------------
-
/**
* System Initialization File
*
* Loads the base classes and executes the request.
*
* @package CodeIgniter
- * @subpackage codeigniter
+ * @subpackage CodeIgniter
* @category Front-controller
* @author EllisLab Dev Team
* @link http://codeigniter.com/user_guide/
@@ -42,7 +40,7 @@
/**
* CodeIgniter Version
*
- * @var string
+ * @var string
*
*/
define('CI_VERSION', '3.0-dev');
@@ -75,9 +73,9 @@
*/
set_error_handler('_exception_handler');
- if ( ! is_php('5.3'))
+ if ( ! is_php('5.4'))
{
- @set_magic_quotes_runtime(0); // Kill magic quotes
+ @ini_set('magic_quotes_runtime', 0); // Kill magic quotes
}
/*
@@ -96,24 +94,13 @@
* Note: Since the config file data is cached it doesn't
* hurt to load it here.
*/
- if (isset($assign_to_config['subclass_prefix']) && $assign_to_config['subclass_prefix'] != '')
+ if ( ! empty($assign_to_config['subclass_prefix']))
{
get_config(array('subclass_prefix' => $assign_to_config['subclass_prefix']));
}
/*
* ------------------------------------------------------
- * Set a liberal script execution time limit
- * ------------------------------------------------------
- */
- if (function_exists('set_time_limit') && @ini_get('safe_mode') == 0
- && php_sapi_name() !== 'cli') // Do not override the Time Limit value if running from Command Line
- {
- @set_time_limit(300);
- }
-
-/*
- * ------------------------------------------------------
* Start the timer... tick tock tick tock...
* ------------------------------------------------------
*/
@@ -133,7 +120,7 @@
* Is there a "pre_system" hook?
* ------------------------------------------------------
*/
- $EXT->_call_hook('pre_system');
+ $EXT->call_hook('pre_system');
/*
* ------------------------------------------------------
@@ -155,7 +142,7 @@
*
* Note: Order here is rather important as the UTF-8
* class needs to be used very early on, but it cannot
- * properly determine if UTf-8 can be supported until
+ * properly determine if UTF-8 can be supported until
* after the Config class is instantiated.
*
*/
@@ -194,8 +181,8 @@
* Is there a valid cache file? If so, we're done...
* ------------------------------------------------------
*/
- if ($EXT->_call_hook('cache_override') === FALSE
- && $OUT->_display_cache($CFG, $URI) == TRUE)
+ if ($EXT->call_hook('cache_override') === FALSE
+ && $OUT->_display_cache($CFG, $URI) === TRUE)
{
exit;
}
@@ -230,6 +217,13 @@
// Load the base controller class
require BASEPATH.'core/Controller.php';
+ /**
+ * Reference to the CI_Controller method.
+ *
+ * Returns current CI instance object
+ *
+ * @return object
+ */
function &get_instance()
{
return CI_Controller::get_instance();
@@ -275,12 +269,12 @@
{
$x = explode('/', $RTR->routes['404_override'], 2);
$class = $x[0];
- $method = (isset($x[1]) ? $x[1] : 'index');
+ $method = isset($x[1]) ? $x[1] : 'index';
if ( ! class_exists($class))
{
if ( ! file_exists(APPPATH.'controllers/'.$class.'.php'))
{
- show_404("{$class}/{$method}");
+ show_404($class.'/'.$method);
}
include_once(APPPATH.'controllers/'.$class.'.php');
@@ -288,7 +282,7 @@
}
else
{
- show_404("{$class}/{$method}");
+ show_404($class.'/'.$method);
}
}
@@ -297,7 +291,7 @@
* Is there a "pre_controller" hook?
* ------------------------------------------------------
*/
- $EXT->_call_hook('pre_controller');
+ $EXT->call_hook('pre_controller');
/*
* ------------------------------------------------------
@@ -314,7 +308,7 @@
* Is there a "post_controller_constructor" hook?
* ------------------------------------------------------
*/
- $EXT->_call_hook('post_controller_constructor');
+ $EXT->call_hook('post_controller_constructor');
/*
* ------------------------------------------------------
@@ -337,12 +331,12 @@
{
$x = explode('/', $RTR->routes['404_override'], 2);
$class = $x[0];
- $method = (isset($x[1]) ? $x[1] : 'index');
+ $method = isset($x[1]) ? $x[1] : 'index';
if ( ! class_exists($class))
{
if ( ! file_exists(APPPATH.'controllers/'.$class.'.php'))
{
- show_404("{$class}/{$method}");
+ show_404($class.'/'.$method);
}
include_once(APPPATH.'controllers/'.$class.'.php');
@@ -352,7 +346,7 @@
}
else
{
- show_404("{$class}/{$method}");
+ show_404($class.'/'.$method);
}
}
@@ -369,14 +363,14 @@
* Is there a "post_controller" hook?
* ------------------------------------------------------
*/
- $EXT->_call_hook('post_controller');
+ $EXT->call_hook('post_controller');
/*
* ------------------------------------------------------
* Send the final rendered output to the browser
* ------------------------------------------------------
*/
- if ($EXT->_call_hook('display_override') === FALSE)
+ if ($EXT->call_hook('display_override') === FALSE)
{
$OUT->_display();
}
@@ -386,17 +380,7 @@
* Is there a "post_system" hook?
* ------------------------------------------------------
*/
- $EXT->_call_hook('post_system');
-
-/*
- * ------------------------------------------------------
- * Close the DB connection if one exists
- * ------------------------------------------------------
- */
- if (class_exists('CI_DB') && isset($CI->db))
- {
- $CI->db->close();
- }
+ $EXT->call_hook('post_system');
/* End of file CodeIgniter.php */
-/* Location: ./system/core/CodeIgniter.php */
+/* Location: ./system/core/CodeIgniter.php */ \ No newline at end of file
diff --git a/system/core/Common.php b/system/core/Common.php
index 225227d17..1708653e7 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -2,7 +2,7 @@
/**
* CodeIgniter
*
- * An open source application development framework for PHP 5.1.6 or newer
+ * An open source application development framework for PHP 5.2.4 or newer
*
* NOTICE OF LICENSE
*
@@ -25,15 +25,13 @@
* @filesource
*/
-// ------------------------------------------------------------------------
-
/**
* Common Functions
*
* Loads the base classes and executes the request.
*
* @package CodeIgniter
- * @subpackage codeigniter
+ * @subpackage CodeIgniter
* @category Common Functions
* @author EllisLab Dev Team
* @link http://codeigniter.com/user_guide/
@@ -41,26 +39,25 @@
// ------------------------------------------------------------------------
-/**
-* Determines if the current version of PHP is greater then the supplied value
-*
-* Since there are a few places where we conditionally test for PHP > 5
-* we'll set a static variable.
-*
-* @access public
-* @param string
-* @return bool TRUE if the current version is $version or higher
-*/
if ( ! function_exists('is_php'))
{
- function is_php($version = '5.0.0')
+ /**
+ * Determines if the current version of PHP is greater then the supplied value
+ *
+ * Since there are a few places where we conditionally test for PHP > 5.3
+ * we'll set a static variable.
+ *
+ * @param string
+ * @return bool TRUE if the current version is $version or higher
+ */
+ function is_php($version = '5.3.0')
{
static $_is_php;
- $version = (string)$version;
+ $version = (string) $version;
if ( ! isset($_is_php[$version]))
{
- $_is_php[$version] = (version_compare(PHP_VERSION, $version) < 0) ? FALSE : TRUE;
+ $_is_php[$version] = (version_compare(PHP_VERSION, $version) >= 0);
}
return $_is_php[$version];
@@ -69,22 +66,22 @@ if ( ! function_exists('is_php'))
// ------------------------------------------------------------------------
-/**
- * Tests for file writability
- *
- * is_writable() returns TRUE on Windows servers when you really can't write to
- * the file, based on the read-only attribute. is_writable() is also unreliable
- * on Unix servers if safe_mode is on.
- *
- * @access public
- * @return void
- */
if ( ! function_exists('is_really_writable'))
{
+ /**
+ * Tests for file writability
+ *
+ * is_writable() returns TRUE on Windows servers when you really can't write to
+ * the file, based on the read-only attribute. is_writable() is also unreliable
+ * on Unix servers if safe_mode is on.
+ *
+ * @param string
+ * @return void
+ */
function is_really_writable($file)
{
// If we're on a Unix server with safe_mode off we call is_writable
- if (DIRECTORY_SEPARATOR === '/' AND @ini_get('safe_mode') == FALSE)
+ if (DIRECTORY_SEPARATOR === '/' && (bool) @ini_get('safe_mode') === FALSE)
{
return is_writable($file);
}
@@ -117,21 +114,20 @@ if ( ! function_exists('is_really_writable'))
// ------------------------------------------------------------------------
-/**
-* Class registry
-*
-* This function acts as a singleton. If the requested class does not
-* exist it is instantiated and set to a static variable. If it has
-* previously been instantiated the variable is returned.
-*
-* @access public
-* @param string the class name being requested
-* @param string the directory where the class should be found
-* @param string the class name prefix
-* @return object
-*/
if ( ! function_exists('load_class'))
{
+ /**
+ * Class registry
+ *
+ * This function acts as a singleton. If the requested class does not
+ * exist it is instantiated and set to a static variable. If it has
+ * previously been instantiated the variable is returned.
+ *
+ * @param string the class name being requested
+ * @param string the directory where the class should be found
+ * @param string the class name prefix
+ * @return object
+ */
function &load_class($class, $directory = 'libraries', $prefix = 'CI_')
{
static $_classes = array();
@@ -191,20 +187,20 @@ if ( ! function_exists('load_class'))
// --------------------------------------------------------------------
-/**
-* Keeps track of which libraries have been loaded. This function is
-* called by the load_class() function above
-*
-* @access public
-* @return array
-*/
if ( ! function_exists('is_loaded'))
{
+ /**
+ * Keeps track of which libraries have been loaded. This function is
+ * called by the load_class() function above
+ *
+ * @param string
+ * @return array
+ */
function &is_loaded($class = '')
{
static $_is_loaded = array();
- if ($class != '')
+ if ($class !== '')
{
$_is_loaded[strtolower($class)] = $class;
}
@@ -215,17 +211,17 @@ if ( ! function_exists('is_loaded'))
// ------------------------------------------------------------------------
-/**
-* Loads the main config.php file
-*
-* This function lets us grab the config file even if the Config class
-* hasn't been instantiated yet
-*
-* @access private
-* @return array
-*/
if ( ! function_exists('get_config'))
{
+ /**
+ * Loads the main config.php file
+ *
+ * This function lets us grab the config file even if the Config class
+ * hasn't been instantiated yet
+ *
+ * @param array
+ * @return array
+ */
function &get_config($replace = array())
{
static $_config;
@@ -235,21 +231,25 @@ if ( ! function_exists('get_config'))
return $_config[0];
}
- // Is the config file in the environment folder?
- if ( ! defined('ENVIRONMENT') OR ! file_exists($file_path = APPPATH.'config/'.ENVIRONMENT.'/config.php'))
+ $file_path = APPPATH.'config/config.php';
+ $found = FALSE;
+ if (file_exists($file_path))
{
- $file_path = APPPATH.'config/config.php';
+ $found = TRUE;
+ require($file_path);
}
- // Fetch the config file
- if ( ! file_exists($file_path))
+ // Is the config file in the environment folder?
+ if (defined('ENVIRONMENT') && file_exists($file_path = APPPATH.'config/'.ENVIRONMENT.'/config.php'))
+ {
+ require($file_path);
+ }
+ elseif ( ! $found)
{
set_status_header(503);
exit('The configuration file does not exist.');
}
- require($file_path);
-
// Does the $config array exist in the file?
if ( ! isset($config) OR ! is_array($config))
{
@@ -275,14 +275,14 @@ if ( ! function_exists('get_config'))
// ------------------------------------------------------------------------
-/**
-* Returns the specified config item
-*
-* @access public
-* @return mixed
-*/
if ( ! function_exists('config_item'))
{
+ /**
+ * Returns the specified config item
+ *
+ * @param string
+ * @return mixed
+ */
function config_item($item)
{
static $_config_item = array();
@@ -304,20 +304,48 @@ if ( ! function_exists('config_item'))
// ------------------------------------------------------------------------
-/**
-* Error Handler
-*
-* This function lets us invoke the exception class and
-* display errors using the standard error template located
-* in application/errors/errors.php
-* This function will send the error page directly to the
-* browser and exit.
-*
-* @access public
-* @return void
-*/
+if ( ! function_exists('get_mimes'))
+{
+ /**
+ * Returns the MIME types array from config/mimes.php
+ *
+ * @return array
+ */
+ function &get_mimes()
+ {
+ static $_mimes = array();
+
+ if (defined('ENVIRONMENT') && is_file(APPPATH.'config/'.ENVIRONMENT.'/mimes.php'))
+ {
+ $_mimes = include(APPPATH.'config/'.ENVIRONMENT.'/mimes.php');
+ }
+ elseif (is_file(APPPATH.'config/mimes.php'))
+ {
+ $_mimes = include(APPPATH.'config/mimes.php');
+ }
+
+ return $_mimes;
+ }
+}
+
+// ------------------------------------------------------------------------
+
if ( ! function_exists('show_error'))
{
+ /**
+ * Error Handler
+ *
+ * This function lets us invoke the exception class and
+ * display errors using the standard error template located
+ * in application/errors/errors.php
+ * This function will send the error page directly to the
+ * browser and exit.
+ *
+ * @param string
+ * @param int
+ * @param string
+ * @return void
+ */
function show_error($message, $status_code = 500, $heading = 'An Error Was Encountered')
{
$_error =& load_class('Exceptions', 'core');
@@ -328,18 +356,19 @@ if ( ! function_exists('show_error'))
// ------------------------------------------------------------------------
-/**
-* 404 Page Handler
-*
-* This function is similar to the show_error() function above
-* However, instead of the standard error template it displays
-* 404 errors.
-*
-* @access public
-* @return void
-*/
if ( ! function_exists('show_404'))
{
+ /**
+ * 404 Page Handler
+ *
+ * This function is similar to the show_error() function above
+ * However, instead of the standard error template it displays
+ * 404 errors.
+ *
+ * @param string
+ * @param bool
+ * @return void
+ */
function show_404($page = '', $log_error = TRUE)
{
$_error =& load_class('Exceptions', 'core');
@@ -350,22 +379,24 @@ if ( ! function_exists('show_404'))
// ------------------------------------------------------------------------
-/**
-* Error Logging Interface
-*
-* We use this as a simple mechanism to access the logging
-* class and send messages to be logged.
-*
-* @access public
-* @return void
-*/
if ( ! function_exists('log_message'))
{
+ /**
+ * Error Logging Interface
+ *
+ * We use this as a simple mechanism to access the logging
+ * class and send messages to be logged.
+ *
+ * @param string
+ * @param string
+ * @param bool
+ * @return void
+ */
function log_message($level = 'error', $message, $php_error = FALSE)
{
static $_log;
- if (config_item('log_threshold') == 0)
+ if (config_item('log_threshold') === 0)
{
return;
}
@@ -377,134 +408,125 @@ if ( ! function_exists('log_message'))
// ------------------------------------------------------------------------
-/**
- * Set HTTP Status Header
- *
- * @access public
- * @param int the status code
- * @param string
- * @return void
- */
if ( ! function_exists('set_status_header'))
{
+ /**
+ * Set HTTP Status Header
+ *
+ * @param int the status code
+ * @param string
+ * @return void
+ */
function set_status_header($code = 200, $text = '')
{
$stati = array(
- 200 => 'OK',
- 201 => 'Created',
- 202 => 'Accepted',
- 203 => 'Non-Authoritative Information',
- 204 => 'No Content',
- 205 => 'Reset Content',
- 206 => 'Partial Content',
-
- 300 => 'Multiple Choices',
- 301 => 'Moved Permanently',
- 302 => 'Found',
- 304 => 'Not Modified',
- 305 => 'Use Proxy',
- 307 => 'Temporary Redirect',
-
- 400 => 'Bad Request',
- 401 => 'Unauthorized',
- 403 => 'Forbidden',
- 404 => 'Not Found',
- 405 => 'Method Not Allowed',
- 406 => 'Not Acceptable',
- 407 => 'Proxy Authentication Required',
- 408 => 'Request Timeout',
- 409 => 'Conflict',
- 410 => 'Gone',
- 411 => 'Length Required',
- 412 => 'Precondition Failed',
- 413 => 'Request Entity Too Large',
- 414 => 'Request-URI Too Long',
- 415 => 'Unsupported Media Type',
- 416 => 'Requested Range Not Satisfiable',
- 417 => 'Expectation Failed',
- 422 => 'Unprocessable Entity',
-
- 500 => 'Internal Server Error',
- 501 => 'Not Implemented',
- 502 => 'Bad Gateway',
- 503 => 'Service Unavailable',
- 504 => 'Gateway Timeout',
- 505 => 'HTTP Version Not Supported'
- );
+ 200 => 'OK',
+ 201 => 'Created',
+ 202 => 'Accepted',
+ 203 => 'Non-Authoritative Information',
+ 204 => 'No Content',
+ 205 => 'Reset Content',
+ 206 => 'Partial Content',
+
+ 300 => 'Multiple Choices',
+ 301 => 'Moved Permanently',
+ 302 => 'Found',
+ 304 => 'Not Modified',
+ 305 => 'Use Proxy',
+ 307 => 'Temporary Redirect',
+
+ 400 => 'Bad Request',
+ 401 => 'Unauthorized',
+ 403 => 'Forbidden',
+ 404 => 'Not Found',
+ 405 => 'Method Not Allowed',
+ 406 => 'Not Acceptable',
+ 407 => 'Proxy Authentication Required',
+ 408 => 'Request Timeout',
+ 409 => 'Conflict',
+ 410 => 'Gone',
+ 411 => 'Length Required',
+ 412 => 'Precondition Failed',
+ 413 => 'Request Entity Too Large',
+ 414 => 'Request-URI Too Long',
+ 415 => 'Unsupported Media Type',
+ 416 => 'Requested Range Not Satisfiable',
+ 417 => 'Expectation Failed',
+ 422 => 'Unprocessable Entity',
+
+ 500 => 'Internal Server Error',
+ 501 => 'Not Implemented',
+ 502 => 'Bad Gateway',
+ 503 => 'Service Unavailable',
+ 504 => 'Gateway Timeout',
+ 505 => 'HTTP Version Not Supported'
+ );
if ($code == '' OR ! is_numeric($code))
{
show_error('Status codes must be numeric', 500);
}
-
- if (isset($stati[$code]) AND $text == '')
+ elseif (isset($stati[$code]) && $text === '')
{
$text = $stati[$code];
}
- if ($text == '')
+ if ($text === '')
{
show_error('No status text available. Please check your status code number or supply your own message text.', 500);
}
- $server_protocol = (isset($_SERVER['SERVER_PROTOCOL'])) ? $_SERVER['SERVER_PROTOCOL'] : FALSE;
+ $server_protocol = isset($_SERVER['SERVER_PROTOCOL']) ? $_SERVER['SERVER_PROTOCOL'] : FALSE;
if (strpos(php_sapi_name(), 'cgi') === 0)
{
- header("Status: {$code} {$text}", TRUE);
+ header('Status: '.$code.' '.$text, TRUE);
}
- elseif ($server_protocol == 'HTTP/1.1' OR $server_protocol == 'HTTP/1.0')
+ elseif ($server_protocol === 'HTTP/1.0')
{
- header($server_protocol." {$code} {$text}", TRUE, $code);
+ header('HTTP/1.0 '.$code.' '.$text, TRUE, $code);
}
else
{
- header("HTTP/1.1 {$code} {$text}", TRUE, $code);
+ header('HTTP/1.1 '.$code.' '.$text, TRUE, $code);
}
}
}
// --------------------------------------------------------------------
-/**
-* Exception Handler
-*
-* This is the custom exception handler that is declaired at the top
-* of Codeigniter.php. The main reason we use this is to permit
-* PHP errors to be logged in our own log files since the user may
-* not have access to server logs. Since this function
-* effectively intercepts PHP errors, however, we also need
-* to display errors based on the current error_reporting level.
-* We do that with the use of a PHP error template.
-*
-* @access private
-* @return void
-*/
if ( ! function_exists('_exception_handler'))
{
+ /**
+ * Exception Handler
+ *
+ * This is the custom exception handler that is declaired at the top
+ * of Codeigniter.php. The main reason we use this is to permit
+ * PHP errors to be logged in our own log files since the user may
+ * not have access to server logs. Since this function
+ * effectively intercepts PHP errors, however, we also need
+ * to display errors based on the current error_reporting level.
+ * We do that with the use of a PHP error template.
+ *
+ * @param int
+ * @param string
+ * @param string
+ * @param int
+ * @return void
+ */
function _exception_handler($severity, $message, $filepath, $line)
{
- // We don't bother with "strict" notices since they tend to fill up
- // the log file with excess information that isn't normally very helpful.
- // For example, if you are running PHP 5 and you use version 4 style
- // class functions (without prefixes like "public", "private", etc.)
- // you'll get notices telling you that these have been deprecated.
- if ($severity == E_STRICT)
- {
- return;
- }
-
$_error =& load_class('Exceptions', 'core');
// Should we display the error? We'll get the current error_reporting
// level and add its bits with the severity bits to find out.
- if (($severity & error_reporting()) == $severity)
+ if (($severity & error_reporting()) === $severity)
{
$_error->show_php_error($severity, $message, $filepath, $line);
}
- // Should we log the error? No? We're done...
- if (config_item('log_threshold') == 0)
+ // Should we log the error? No? We're done...
+ if (config_item('log_threshold') === 0)
{
return;
}
@@ -515,18 +537,18 @@ if ( ! function_exists('_exception_handler'))
// --------------------------------------------------------------------
-/**
- * Remove Invisible Characters
- *
- * This prevents sandwiching null characters
- * between ascii characters, like Java\0script.
- *
- * @access public
- * @param string
- * @return string
- */
if ( ! function_exists('remove_invisible_characters'))
{
+ /**
+ * Remove Invisible Characters
+ *
+ * This prevents sandwiching null characters
+ * between ascii characters, like Java\0script.
+ *
+ * @param string
+ * @param bool
+ * @return string
+ */
function remove_invisible_characters($str, $url_encoded = TRUE)
{
$non_displayables = array();
@@ -553,27 +575,21 @@ if ( ! function_exists('remove_invisible_characters'))
// ------------------------------------------------------------------------
-/**
-* Returns HTML escaped variable
-*
-* @access public
-* @param mixed
-* @return mixed
-*/
if ( ! function_exists('html_escape'))
{
+ /**
+ * Returns HTML escaped variable
+ *
+ * @param mixed
+ * @return mixed
+ */
function html_escape($var)
{
- if (is_array($var))
- {
- return array_map('html_escape', $var);
- }
- else
- {
- return htmlspecialchars($var, ENT_QUOTES, config_item('charset'));
- }
+ return is_array($var)
+ ? array_map('html_escape', $var)
+ : htmlspecialchars($var, ENT_QUOTES, config_item('charset'));
}
}
/* End of file Common.php */
-/* Location: ./system/core/Common.php */
+/* Location: ./system/core/Common.php */ \ No newline at end of file
diff --git a/system/core/Config.php b/system/core/Config.php
index 68417435d..3de1bcb96 100755..100644
--- a/system/core/Config.php
+++ b/system/core/Config.php
@@ -2,7 +2,7 @@
/**
* CodeIgniter
*
- * An open source application development framework for PHP 5.1.6 or newer
+ * An open source application development framework for PHP 5.2.4 or newer
*
* NOTICE OF LICENSE
*
@@ -25,8 +25,6 @@
* @filesource
*/
-// ------------------------------------------------------------------------
-
/**
* CodeIgniter Config Class
*
@@ -45,30 +43,27 @@ class CI_Config {
*
* @var array
*/
- public $config = array();
+ public $config = array();
+
/**
* List of all loaded config files
*
* @var array
*/
- public $is_loaded = array();
+ public $is_loaded = array();
+
/**
* List of paths to search when trying to load a config file.
* This must be public as it's used by the Loader class.
*
* @var array
*/
- public $_config_paths = array(APPPATH);
+ public $_config_paths = array(APPPATH);
/**
* Constructor
*
* Sets the $config data from the primary config.php file as a class variable
- *
- * @param string the config file name
- * @param boolean if configuration values should be loaded into their own section
- * @param boolean true if errors should just return false, false if an error message should be displayed
- * @return boolean if the file was successfully loaded or not
*/
public function __construct()
{
@@ -76,13 +71,13 @@ class CI_Config {
log_message('debug', 'Config Class Initialized');
// Set the base_url automatically if none was provided
- if ($this->config['base_url'] == '')
+ if (empty($this->config['base_url']))
{
if (isset($_SERVER['HTTP_HOST']))
{
- $base_url = ! empty($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) !== 'off' ? 'https' : 'http';
- $base_url .= '://'. $_SERVER['HTTP_HOST']
- . str_replace(basename($_SERVER['SCRIPT_NAME']), '', $_SERVER['SCRIPT_NAME']);
+ $base_url = ( ! empty($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) !== 'off') ? 'https' : 'http';
+ $base_url .= '://'.$_SERVER['HTTP_HOST']
+ .str_replace(basename($_SERVER['SCRIPT_NAME']), '', $_SERVER['SCRIPT_NAME']);
}
else
{
@@ -99,13 +94,13 @@ class CI_Config {
* Load Config File
*
* @param string the config file name
- * @param boolean if configuration values should be loaded into their own section
- * @param boolean true if errors should just return false, false if an error message should be displayed
- * @return boolean if the file was loaded correctly
+ * @param bool if configuration values should be loaded into their own section
+ * @param bool true if errors should just return false, false if an error message should be displayed
+ * @return bool if the file was loaded correctly
*/
public function load($file = '', $use_sections = FALSE, $fail_gracefully = FALSE)
{
- $file = ($file == '') ? 'config' : str_replace('.php', '', $file);
+ $file = ($file === '') ? 'config' : str_replace('.php', '', $file);
$found = $loaded = FALSE;
foreach ($this->_config_paths as $path)
@@ -188,10 +183,8 @@ class CI_Config {
/**
* Fetch a config file item
*
- *
* @param string the config item name
* @param string the index name
- * @param bool
* @return string
*/
public function item($item, $index = '')
@@ -210,7 +203,6 @@ class CI_Config {
* Fetch a config file item - adds slash after item (if item is not empty)
*
* @param string the config item name
- * @param bool
* @return string
*/
public function slash_item($item)
@@ -219,7 +211,7 @@ class CI_Config {
{
return FALSE;
}
- elseif (trim($this->config[$item]) == '')
+ elseif (trim($this->config[$item]) === '')
{
return '';
}
@@ -238,14 +230,14 @@ class CI_Config {
*/
public function site_url($uri = '')
{
- if ($uri == '')
+ if ($uri === '')
{
return $this->slash_item('base_url').$this->item('index_page');
}
- if ($this->item('enable_query_strings') == FALSE)
+ if ($this->item('enable_query_strings') === FALSE)
{
- $suffix = ($this->item('url_suffix') == FALSE) ? '' : $this->item('url_suffix');
+ $suffix = ($this->item('url_suffix') === FALSE) ? '' : $this->item('url_suffix');
return $this->slash_item('base_url').$this->slash_item('index_page').$this->_uri_string($uri).$suffix;
}
else
@@ -260,8 +252,8 @@ class CI_Config {
* Base URL
* Returns base_url [. uri_string]
*
- * @param string $uri
- * @return string
+ * @param string $uri
+ * @return string
*/
public function base_url($uri = '')
{
@@ -273,12 +265,12 @@ class CI_Config {
/**
* Build URI string for use in Config::site_url() and Config::base_url()
*
- * @param mixed $uri
- * @return string
+ * @param mixed $uri
+ * @return string
*/
protected function _uri_string($uri)
{
- if ($this->item('enable_query_strings') == FALSE)
+ if ($this->item('enable_query_strings') === FALSE)
{
if (is_array($uri))
{
@@ -351,7 +343,8 @@ class CI_Config {
}
}
}
+
}
/* End of file Config.php */
-/* Location: ./system/core/Config.php */
+/* Location: ./system/core/Config.php */ \ No newline at end of file
diff --git a/system/core/Controller.php b/system/core/Controller.php
index 0dc131701..491414807 100644
--- a/system/core/Controller.php
+++ b/system/core/Controller.php
@@ -2,7 +2,7 @@
/**
* CodeIgniter
*
- * An open source application development framework for PHP 5.1.6 or newer
+ * An open source application development framework for PHP 5.2.4 or newer
*
* NOTICE OF LICENSE
*
@@ -25,8 +25,6 @@
* @filesource
*/
-// ------------------------------------------------------------------------
-
/**
* CodeIgniter Application Controller Class
*
@@ -41,8 +39,18 @@
*/
class CI_Controller {
+ /**
+ * Reference to the global CI instance
+ *
+ * @var object
+ */
private static $instance;
+ /**
+ * Set up controller properties and methods
+ *
+ * @return void
+ */
public function __construct()
{
self::$instance =& $this;
@@ -60,11 +68,17 @@ class CI_Controller {
log_message('debug', 'Controller Class Initialized');
}
+ /**
+ * Return the CI object
+ *
+ * @return object
+ */
public static function &get_instance()
{
return self::$instance;
}
+
}
/* End of file Controller.php */
-/* Location: ./system/core/Controller.php */
+/* Location: ./system/core/Controller.php */ \ No newline at end of file
diff --git a/system/core/Exceptions.php b/system/core/Exceptions.php
index bf9901252..8c32085fe 100755..100644
--- a/system/core/Exceptions.php
+++ b/system/core/Exceptions.php
@@ -2,7 +2,7 @@
/**
* CodeIgniter
*
- * An open source application development framework for PHP 5.1.6 or newer
+ * An open source application development framework for PHP 5.2.4 or newer
*
* NOTICE OF LICENSE
*
@@ -25,8 +25,6 @@
* @filesource
*/
-// ------------------------------------------------------------------------
-
/**
* Exceptions Class
*
@@ -38,39 +36,38 @@
*/
class CI_Exceptions {
- public $action;
- public $severity;
- public $message;
- public $filename;
- public $line;
-
/**
* Nesting level of the output buffering mechanism
*
- * @var int
+ * @var int
*/
public $ob_level;
/**
* List if available error levels
*
- * @var array
+ * @var array
*/
public $levels = array(
- E_ERROR => 'Error',
- E_WARNING => 'Warning',
- E_PARSE => 'Parsing Error',
- E_NOTICE => 'Notice',
- E_CORE_ERROR => 'Core Error',
- E_CORE_WARNING => 'Core Warning',
- E_COMPILE_ERROR => 'Compile Error',
- E_COMPILE_WARNING => 'Compile Warning',
- E_USER_ERROR => 'User Error',
- E_USER_WARNING => 'User Warning',
- E_USER_NOTICE => 'User Notice',
- E_STRICT => 'Runtime Notice'
- );
+ E_ERROR => 'Error',
+ E_WARNING => 'Warning',
+ E_PARSE => 'Parsing Error',
+ E_NOTICE => 'Notice',
+ E_CORE_ERROR => 'Core Error',
+ E_CORE_WARNING => 'Core Warning',
+ E_COMPILE_ERROR => 'Compile Error',
+ E_COMPILE_WARNING => 'Compile Warning',
+ E_USER_ERROR => 'User Error',
+ E_USER_WARNING => 'User Warning',
+ E_USER_NOTICE => 'User Notice',
+ E_STRICT => 'Runtime Notice'
+ );
+ /**
+ * Initialize execption class
+ *
+ * @return void
+ */
public function __construct()
{
$this->ob_level = ob_get_level();
@@ -92,7 +89,7 @@ class CI_Exceptions {
*/
public function log_exception($severity, $message, $filepath, $line)
{
- $severity = ( ! isset($this->levels[$severity])) ? $severity : $this->levels[$severity];
+ $severity = isset($this->levels[$severity]) ? $this->levels[$severity] : $severity;
log_message('error', 'Severity: '.$severity.' --> '.$message. ' '.$filepath.' '.$line, TRUE);
}
@@ -132,21 +129,21 @@ class CI_Exceptions {
* @param string the heading
* @param string the message
* @param string the template name
- * @param int the status code
+ * @param int the status code
* @return string
*/
public function show_error($heading, $message, $template = 'error_general', $status_code = 500)
{
set_status_header($status_code);
- $message = '<p>'.implode('</p><p>', ( ! is_array($message)) ? array($message) : $message).'</p>';
+ $message = '<p>'.implode('</p><p>', is_array($message) ? $message : array($message)).'</p>';
if (ob_get_level() > $this->ob_level + 1)
{
ob_end_flush();
}
ob_start();
- include(APPPATH.'errors/'.$template.'.php');
+ include(APPPATH.'views/errors/'.$template.'.php');
$buffer = ob_get_contents();
ob_end_clean();
return $buffer;
@@ -163,9 +160,9 @@ class CI_Exceptions {
* @param string the error line number
* @return string
*/
- function show_php_error($severity, $message, $filepath, $line)
+ public function show_php_error($severity, $message, $filepath, $line)
{
- $severity = ( ! isset($this->levels[$severity])) ? $severity : $this->levels[$severity];
+ $severity = isset($this->levels[$severity]) ? $this->levels[$severity] : $severity;
$filepath = str_replace('\\', '/', $filepath);
// For safety reasons we do not show the full file path
@@ -180,7 +177,7 @@ class CI_Exceptions {
ob_end_flush();
}
ob_start();
- include(APPPATH.'errors/'.'error_php.php');
+ include(APPPATH.'views/errors/error_php.php');
$buffer = ob_get_contents();
ob_end_clean();
echo $buffer;
@@ -189,4 +186,4 @@ class CI_Exceptions {
}
/* End of file Exceptions.php */
-/* Location: ./system/core/Exceptions.php */
+/* Location: ./system/core/Exceptions.php */ \ No newline at end of file
diff --git a/system/core/Hooks.php b/system/core/Hooks.php
index e1ac58e6e..29fd88201 100755..100644
--- a/system/core/Hooks.php
+++ b/system/core/Hooks.php
@@ -2,7 +2,7 @@
/**
* CodeIgniter
*
- * An open source application development framework for PHP 5.1.6 or newer
+ * An open source application development framework for PHP 5.2.4 or newer
*
* NOTICE OF LICENSE
*
@@ -25,8 +25,6 @@
* @filesource
*/
-// ------------------------------------------------------------------------
-
/**
* CodeIgniter Hooks Class
*
@@ -45,46 +43,42 @@ class CI_Hooks {
*
* @var bool
*/
- public $enabled = FALSE;
+ public $enabled = FALSE;
+
/**
* List of all hooks set in config/hooks.php
*
* @var array
*/
- public $hooks = array();
+ public $hooks = array();
+
/**
* Determines wether hook is in progress, used to prevent infinte loops
*
* @var bool
*/
- public $in_progress = FALSE;
-
- public function __construct()
- {
- $this->_initialize();
- log_message('debug', 'Hooks Class Initialized');
- }
-
- // --------------------------------------------------------------------
+ public $in_progress = FALSE;
/**
* Initialize the Hooks Preferences
*
* @return void
*/
- private function _initialize()
+ public function __construct()
{
$CFG =& load_class('Config', 'core');
+ log_message('debug', 'Hooks Class Initialized');
+
// If hooks are not enabled in the config file
// there is nothing else to do
- if ($CFG->item('enable_hooks') == FALSE)
+ if ($CFG->item('enable_hooks') === FALSE)
{
return;
}
// Grab the "hooks" definition file.
- if (defined('ENVIRONMENT') AND is_file(APPPATH.'config/'.ENVIRONMENT.'/hooks.php'))
+ if (defined('ENVIRONMENT') && is_file(APPPATH.'config/'.ENVIRONMENT.'/hooks.php'))
{
include(APPPATH.'config/'.ENVIRONMENT.'/hooks.php');
}
@@ -113,14 +107,14 @@ class CI_Hooks {
* @param string the hook name
* @return mixed
*/
- public function _call_hook($which = '')
+ public function call_hook($which = '')
{
if ( ! $this->enabled OR ! isset($this->hooks[$which]))
{
return FALSE;
}
- if (isset($this->hooks[$which][0]) AND is_array($this->hooks[$which][0]))
+ if (isset($this->hooks[$which][0]) && is_array($this->hooks[$which][0]))
{
foreach ($this->hooks[$which] as $val)
{
@@ -158,7 +152,7 @@ class CI_Hooks {
// If the script being called happens to have the same
// hook call within it a loop can happen
- if ($this->in_progress == TRUE)
+ if ($this->in_progress === TRUE)
{
return;
}
@@ -167,7 +161,7 @@ class CI_Hooks {
// Set file path
// -----------------------------------
- if ( ! isset($data['filepath']) OR ! isset($data['filename']))
+ if ( ! isset($data['filepath'], $data['filename']))
{
return FALSE;
}
@@ -187,12 +181,12 @@ class CI_Hooks {
$function = FALSE;
$params = '';
- if (isset($data['class']) AND $data['class'] != '')
+ if ( ! empty($data['class']))
{
$class = $data['class'];
}
- if (isset($data['function']))
+ if ( ! empty($data['function']))
{
$function = $data['function'];
}
@@ -202,7 +196,7 @@ class CI_Hooks {
$params = $data['params'];
}
- if ($class === FALSE AND $function === FALSE)
+ if ($class === FALSE && $function === FALSE)
{
return FALSE;
}
@@ -244,4 +238,4 @@ class CI_Hooks {
}
/* End of file Hooks.php */
-/* Location: ./system/core/Hooks.php */
+/* Location: ./system/core/Hooks.php */ \ No newline at end of file
diff --git a/system/core/Input.php b/system/core/Input.php
index 3339d97c5..162e40c85 100755..100644
--- a/system/core/Input.php
+++ b/system/core/Input.php
@@ -2,7 +2,7 @@
/**
* CodeIgniter
*
- * An open source application development framework for PHP 5.1.6 or newer
+ * An open source application development framework for PHP 5.2.4 or newer
*
* NOTICE OF LICENSE
*
@@ -25,8 +25,6 @@
* @filesource
*/
-// ------------------------------------------------------------------------
-
/**
* Input Class
*
@@ -45,51 +43,59 @@ class CI_Input {
*
* @var string
*/
- public $ip_address = FALSE;
+ public $ip_address = FALSE;
+
/**
* user agent (web browser) being used by the current user
*
* @var string
*/
- public $user_agent = FALSE;
+ public $user_agent = FALSE;
+
/**
* If FALSE, then $_GET will be set to an empty array
*
* @var bool
*/
- protected $_allow_get_array = TRUE;
+ protected $_allow_get_array = TRUE;
+
/**
* If TRUE, then newlines are standardized
*
* @var bool
*/
- protected $_standardize_newlines = TRUE;
+ protected $_standardize_newlines = TRUE;
+
/**
* Determines whether the XSS filter is always active when GET, POST or COOKIE data is encountered
* Set automatically based on config setting
*
* @var bool
*/
- protected $_enable_xss = FALSE;
+ protected $_enable_xss = FALSE;
+
/**
* Enables a CSRF cookie token to be set.
* Set automatically based on config setting
*
* @var bool
*/
- protected $_enable_csrf = FALSE;
+ protected $_enable_csrf = FALSE;
+
/**
* List of all HTTP request headers
*
* @var array
*/
- protected $headers = array();
+ protected $headers = array();
/**
* Constructor
*
* Sets whether to globally enable the XSS processing
* and whether to allow the $_GET array
+ *
+ * @return void
*/
public function __construct()
{
@@ -129,7 +135,7 @@ class CI_Input {
{
if ( ! isset($array[$index]))
{
- return FALSE;
+ return NULL;
}
if ($xss_clean === TRUE)
@@ -143,16 +149,16 @@ class CI_Input {
// --------------------------------------------------------------------
/**
- * Fetch an item from the GET array
- *
- * @param string
- * @param bool
- * @return string
- */
+ * Fetch an item from the GET array
+ *
+ * @param string
+ * @param bool
+ * @return string
+ */
public function get($index = NULL, $xss_clean = FALSE)
{
// Check if a field has been provided
- if ($index === NULL AND ! empty($_GET))
+ if ($index === NULL && ! empty($_GET))
{
$get = array();
@@ -170,16 +176,16 @@ class CI_Input {
// --------------------------------------------------------------------
/**
- * Fetch an item from the POST array
- *
- * @param string
- * @param bool
- * @return string
- */
+ * Fetch an item from the POST array
+ *
+ * @param string
+ * @param bool
+ * @return string
+ */
public function post($index = NULL, $xss_clean = FALSE)
{
// Check if a field has been provided
- if ($index === NULL AND ! empty($_POST))
+ if ($index === NULL && ! empty($_POST))
{
$post = array();
@@ -198,28 +204,28 @@ class CI_Input {
// --------------------------------------------------------------------
/**
- * Fetch an item from either the GET array or the POST
- *
- * @param string The index key
- * @param bool XSS cleaning
- * @return string
- */
+ * Fetch an item from either the GET array or the POST
+ *
+ * @param string The index key
+ * @param bool XSS cleaning
+ * @return string
+ */
public function get_post($index = '', $xss_clean = FALSE)
{
- return ( ! isset($_POST[$index]))
- ? $this->get($index, $xss_clean)
- : $this->post($index, $xss_clean);
+ return isset($_POST[$index])
+ ? $this->post($index, $xss_clean)
+ : $this->get($index, $xss_clean);
}
// --------------------------------------------------------------------
/**
- * Fetch an item from the COOKIE array
- *
- * @param string
- * @param bool
- * @return string
- */
+ * Fetch an item from the COOKIE array
+ *
+ * @param string
+ * @param bool
+ * @return string
+ */
public function cookie($index = '', $xss_clean = FALSE)
{
return $this->_fetch_from_array($_COOKIE, $index, $xss_clean);
@@ -228,26 +234,27 @@ class CI_Input {
// ------------------------------------------------------------------------
/**
- * Set cookie
- *
- * Accepts six parameter, or you can submit an associative
- * array in the first parameter containing all the values.
- *
- * @param mixed
- * @param string the value of the cookie
- * @param string the number of seconds until expiration
- * @param string the cookie domain. Usually: .yourdomain.com
- * @param string the cookie path
- * @param string the cookie prefix
- * @param bool true makes the cookie secure
- * @return void
- */
- public function set_cookie($name = '', $value = '', $expire = '', $domain = '', $path = '/', $prefix = '', $secure = FALSE)
+ * Set cookie
+ *
+ * Accepts seven parameters, or you can submit an associative
+ * array in the first parameter containing all the values.
+ *
+ * @param mixed
+ * @param string the value of the cookie
+ * @param string the number of seconds until expiration
+ * @param string the cookie domain. Usually: .yourdomain.com
+ * @param string the cookie path
+ * @param string the cookie prefix
+ * @param bool true makes the cookie secure
+ * @param bool true makes the cookie accessible via http(s) only (no javascript)
+ * @return void
+ */
+ public function set_cookie($name = '', $value = '', $expire = '', $domain = '', $path = '/', $prefix = '', $secure = FALSE, $httponly = FALSE)
{
if (is_array($name))
{
// always leave 'name' in last place, as the loop will break otherwise, due to $$item
- foreach (array('value', 'expire', 'domain', 'path', 'prefix', 'secure', 'name') as $item)
+ foreach (array('value', 'expire', 'domain', 'path', 'prefix', 'secure', 'httponly', 'name') as $item)
{
if (isset($name[$item]))
{
@@ -256,23 +263,31 @@ class CI_Input {
}
}
- if ($prefix == '' AND config_item('cookie_prefix') != '')
+ if ($prefix === '' && config_item('cookie_prefix') !== '')
{
$prefix = config_item('cookie_prefix');
}
- if ($domain == '' AND config_item('cookie_domain') != '')
+
+ if ($domain == '' && config_item('cookie_domain') != '')
{
$domain = config_item('cookie_domain');
}
- if ($path == '/' AND config_item('cookie_path') != '/')
+
+ if ($path === '/' && config_item('cookie_path') !== '/')
{
$path = config_item('cookie_path');
}
- if ($secure == FALSE AND config_item('cookie_secure') != FALSE)
+
+ if ($secure === FALSE && config_item('cookie_secure') !== FALSE)
{
$secure = config_item('cookie_secure');
}
+ if ($httponly === FALSE && config_item('cookie_httponly') !== FALSE)
+ {
+ $httponly = config_item('cookie_httponly');
+ }
+
if ( ! is_numeric($expire))
{
$expire = time() - 86500;
@@ -282,18 +297,18 @@ class CI_Input {
$expire = ($expire > 0) ? time() + $expire : 0;
}
- setcookie($prefix.$name, $value, $expire, $path, $domain, $secure);
+ setcookie($prefix.$name, $value, $expire, $path, $domain, $secure, $httponly);
}
// --------------------------------------------------------------------
/**
- * Fetch an item from the SERVER array
- *
- * @param string
- * @param bool
- * @return string
- */
+ * Fetch an item from the SERVER array
+ *
+ * @param string
+ * @param bool
+ * @return string
+ */
public function server($index = '', $xss_clean = FALSE)
{
return $this->_fetch_from_array($_SERVER, $index, $xss_clean);
@@ -302,10 +317,10 @@ class CI_Input {
// --------------------------------------------------------------------
/**
- * Fetch the IP Address
- *
- * @return string
- */
+ * Fetch the IP Address
+ *
+ * @return string
+ */
public function ip_address()
{
if ($this->ip_address !== FALSE)
@@ -320,11 +335,11 @@ class CI_Input {
$this->ip_address = in_array($_SERVER['REMOTE_ADDR'], $proxies) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR'];
}
- elseif ( ! $this->server('HTTP_CLIENT_IP') AND $this->server('REMOTE_ADDR'))
+ elseif ( ! $this->server('HTTP_CLIENT_IP') && $this->server('REMOTE_ADDR'))
{
$this->ip_address = $_SERVER['REMOTE_ADDR'];
}
- elseif ($this->server('REMOTE_ADDR') AND $this->server('HTTP_CLIENT_IP'))
+ elseif ($this->server('REMOTE_ADDR') && $this->server('HTTP_CLIENT_IP'))
{
$this->ip_address = $_SERVER['HTTP_CLIENT_IP'];
}
@@ -359,54 +374,37 @@ class CI_Input {
// --------------------------------------------------------------------
/**
- * Validate IP Address
- *
- * Updated version suggested by Geert De Deckere
- *
- * @param string
- * @return bool
- */
- public function valid_ip($ip)
+ * Validate IP Address
+ *
+ * @param string
+ * @param string 'ipv4' or 'ipv6'
+ * @return bool
+ */
+ public function valid_ip($ip, $which = '')
{
- // if php version >= 5.2, use filter_var to check validate ip.
- if (function_exists('filter_var'))
+ switch (strtolower($which))
{
- return (bool) filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4);
+ case 'ipv4':
+ $which = FILTER_FLAG_IPV4;
+ break;
+ case 'ipv6':
+ $which = FILTER_FLAG_IPV6;
+ break;
+ default:
+ $which = NULL;
+ break;
}
- $ip_segments = explode('.', $ip);
-
- // Always 4 segments needed
- if (count($ip_segments) !== 4)
- {
- return FALSE;
- }
- // IP can not start with 0
- if ($ip_segments[0][0] == '0')
- {
- return FALSE;
- }
- // Check each segment
- foreach ($ip_segments as $segment)
- {
- // IP segments must be digits and can not be
- // longer than 3 digits or greater then 255
- if ($segment == '' OR preg_match('/[^0-9]/', $segment) OR $segment > 255 OR strlen($segment) > 3)
- {
- return FALSE;
- }
- }
-
- return TRUE;
+ return (bool) filter_var($ip, FILTER_VALIDATE_IP, $which);
}
// --------------------------------------------------------------------
/**
- * User Agent
- *
- * @return string
- */
+ * User Agent
+ *
+ * @return string
+ */
public function user_agent()
{
if ($this->user_agent !== FALSE)
@@ -414,44 +412,51 @@ class CI_Input {
return $this->user_agent;
}
- return $this->user_agent = ( ! isset($_SERVER['HTTP_USER_AGENT'])) ? FALSE : $_SERVER['HTTP_USER_AGENT'];
+ return $this->user_agent = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : FALSE;
}
// --------------------------------------------------------------------
/**
- * Sanitize Globals
- *
- * This function does the following:
- *
- * - Unsets $_GET data (if query strings are not enabled)
- * - Unsets all globals if register_globals is enabled
- * - Standardizes newline characters to \n
- *
- * @return void
- */
+ * Sanitize Globals
+ *
+ * This function does the following:
+ *
+ * - Unsets $_GET data (if query strings are not enabled)
+ * - Unsets all globals if register_globals is enabled
+ * - Standardizes newline characters to \n
+ *
+ * @return void
+ */
protected function _sanitize_globals()
{
// It would be "wrong" to unset any of these GLOBALS.
- $protected = array('_SERVER', '_GET', '_POST', '_FILES', '_REQUEST',
- '_SESSION', '_ENV', 'GLOBALS', 'HTTP_RAW_POST_DATA',
- 'system_folder', 'application_folder', 'BM', 'EXT',
- 'CFG', 'URI', 'RTR', 'OUT', 'IN'
- );
+ $protected = array(
+ '_SERVER',
+ '_GET',
+ '_POST',
+ '_FILES',
+ '_REQUEST',
+ '_SESSION',
+ '_ENV',
+ 'GLOBALS',
+ 'HTTP_RAW_POST_DATA',
+ 'system_folder',
+ 'application_folder',
+ 'BM',
+ 'EXT',
+ 'CFG',
+ 'URI',
+ 'RTR',
+ 'OUT',
+ 'IN'
+ );
// Unset globals for securiy.
// This is effectively the same as register_globals = off
foreach (array($_GET, $_POST, $_COOKIE) as $global)
{
- if ( ! is_array($global))
- {
- if ( ! in_array($global, $protected))
- {
- global $$global;
- $$global = NULL;
- }
- }
- else
+ if (is_array($global))
{
foreach ($global as $key => $val)
{
@@ -462,26 +467,28 @@ class CI_Input {
}
}
}
+ elseif ( ! in_array($global, $protected))
+ {
+ global $$global;
+ $$global = NULL;
+ }
}
// Is $_GET data allowed? If not we'll set the $_GET to an empty array
- if ($this->_allow_get_array == FALSE)
+ if ($this->_allow_get_array === FALSE)
{
$_GET = array();
}
- else
+ elseif (is_array($_GET) && count($_GET) > 0)
{
- if (is_array($_GET) AND count($_GET) > 0)
+ foreach ($_GET as $key => $val)
{
- foreach ($_GET as $key => $val)
- {
- $_GET[$this->_clean_input_keys($key)] = $this->_clean_input_data($val);
- }
+ $_GET[$this->_clean_input_keys($key)] = $this->_clean_input_data($val);
}
}
// Clean $_POST Data
- if (is_array($_POST) AND count($_POST) > 0)
+ if (is_array($_POST) && count($_POST) > 0)
{
foreach ($_POST as $key => $val)
{
@@ -490,7 +497,7 @@ class CI_Input {
}
// Clean $_COOKIE Data
- if (is_array($_COOKIE) AND count($_COOKIE) > 0)
+ if (is_array($_COOKIE) && count($_COOKIE) > 0)
{
// Also get rid of specially treated cookies that might be set by a server
// or silly application, that are of no use to a CI application anyway
@@ -511,7 +518,7 @@ class CI_Input {
$_SERVER['PHP_SELF'] = strip_tags($_SERVER['PHP_SELF']);
// CSRF Protection check
- if ($this->_enable_csrf == TRUE)
+ if ($this->_enable_csrf === TRUE)
{
$this->security->csrf_verify();
}
@@ -522,14 +529,14 @@ class CI_Input {
// --------------------------------------------------------------------
/**
- * Clean Input Data
- *
- * This is a helper function. It escapes data and
- * standardizes newline characters to \n
- *
- * @param string
- * @return string
- */
+ * Clean Input Data
+ *
+ * This is a helper function. It escapes data and
+ * standardizes newline characters to \n
+ *
+ * @param string
+ * @return string
+ */
protected function _clean_input_data($str)
{
if (is_array($str))
@@ -568,7 +575,7 @@ class CI_Input {
}
// Standardize newlines if needed
- if ($this->_standardize_newlines == TRUE AND strpos($str, "\r") !== FALSE)
+ if ($this->_standardize_newlines === TRUE && strpos($str, "\r") !== FALSE)
{
return str_replace(array("\r\n", "\r", "\r\n\n"), PHP_EOL, $str);
}
@@ -579,15 +586,15 @@ class CI_Input {
// --------------------------------------------------------------------
/**
- * Clean Keys
- *
- * This is a helper function. To prevent malicious users
- * from trying to exploit keys we make sure that keys are
- * only named with alpha-numeric text and a few other items.
- *
- * @param string
- * @return string
- */
+ * Clean Keys
+ *
+ * This is a helper function. To prevent malicious users
+ * from trying to exploit keys we make sure that keys are
+ * only named with alpha-numeric text and a few other items.
+ *
+ * @param string
+ * @return string
+ */
protected function _clean_input_keys($str)
{
if ( ! preg_match('/^[a-z0-9:_\/-]+$/i', $str))
@@ -613,7 +620,7 @@ class CI_Input {
* In Apache, you can simply call apache_request_headers(), however for
* people running other webservers the function is undefined.
*
- * @param bool XSS cleaning
+ * @param bool XSS cleaning
* @return array
*/
public function request_headers($xss_clean = FALSE)
@@ -625,7 +632,7 @@ class CI_Input {
}
else
{
- $headers['Content-Type'] = (isset($_SERVER['CONTENT_TYPE'])) ? $_SERVER['CONTENT_TYPE'] : @getenv('CONTENT_TYPE');
+ $headers['Content-Type'] = isset($_SERVER['CONTENT_TYPE']) ? $_SERVER['CONTENT_TYPE'] : @getenv('CONTENT_TYPE');
foreach ($_SERVER as $key => $val)
{
@@ -655,9 +662,9 @@ class CI_Input {
*
* Returns the value of a single member of the headers class member
*
- * @param string array key for $this->headers
- * @param boolean XSS Clean or not
- * @return mixed FALSE on failure, string on success
+ * @param string array key for $this->headers
+ * @param bool XSS Clean or not
+ * @return mixed FALSE on failure, string on success
*/
public function get_request_header($index, $xss_clean = FALSE)
{
@@ -668,15 +675,12 @@ class CI_Input {
if ( ! isset($this->headers[$index]))
{
- return FALSE;
+ return NULL;
}
- if ($xss_clean === TRUE)
- {
- return $this->security->xss_clean($this->headers[$index]);
- }
-
- return $this->headers[$index];
+ return ($xss_clean === TRUE)
+ ? $this->security->xss_clean($this->headers[$index])
+ : $this->headers[$index];
}
// --------------------------------------------------------------------
@@ -686,11 +690,11 @@ class CI_Input {
*
* Test to see if a request contains the HTTP_X_REQUESTED_WITH header
*
- * @return boolean
+ * @return bool
*/
public function is_ajax_request()
{
- return ($this->server('HTTP_X_REQUESTED_WITH') === 'XMLHttpRequest');
+ return ( ! empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) === 'xmlhttprequest');
}
// --------------------------------------------------------------------
@@ -700,14 +704,31 @@ class CI_Input {
*
* Test to see if a request was made from the command line
*
- * @return boolean
+ * @return bool
*/
public function is_cli_request()
{
- return (php_sapi_name() === 'cli') or defined('STDIN');
+ return (php_sapi_name() === 'cli' OR defined('STDIN'));
+ }
+
+ // --------------------------------------------------------------------
+
+ /**
+ * Get Request Method
+ *
+ * Return the Request Method
+ *
+ * @param bool uppercase or lowercase
+ * @return bool
+ */
+ public function method($upper = FALSE)
+ {
+ return ($upper)
+ ? strtoupper($this->server('REQUEST_METHOD'))
+ : strtolower($this->server('REQUEST_METHOD'));
}
}
/* End of file Input.php */
-/* Location: ./system/core/Input.php */
+/* Location: ./system/core/Input.php */ \ No newline at end of file
diff --git a/system/core/Lang.php b/system/core/Lang.php
index c40a6856e..3001f1b13 100755..100644
--- a/system/core/Lang.php
+++ b/system/core/Lang.php
@@ -2,7 +2,7 @@
/**
* CodeIgniter
*
- * An open source application development framework for PHP 5.1.6 or newer
+ * An open source application development framework for PHP 5.2.4 or newer
*
* NOTICE OF LICENSE
*
@@ -25,8 +25,6 @@
* @filesource
*/
-// ------------------------------------------------------------------------
-
/**
* Language Class
*
@@ -43,14 +41,20 @@ class CI_Lang {
*
* @var array
*/
- public $language = array();
+ public $language = array();
+
/**
* List of loaded language files
*
* @var array
*/
- public $is_loaded = array();
+ public $is_loaded = array();
+ /**
+ * Initialize language class
+ *
+ * @return void
+ */
public function __construct()
{
log_message('debug', 'Language Class Initialized');
@@ -61,39 +65,37 @@ class CI_Lang {
/**
* Load a language file
*
- * @param mixed the name of the language file to be loaded. Can be an array
+ * @param mixed the name of the language file to be loaded
* @param string the language (english, etc.)
* @param bool return loaded array of translations
* @param bool add suffix to $langfile
* @param string alternative path to look for language file
* @return mixed
*/
- public function load($langfile = '', $idiom = '', $return = FALSE, $add_suffix = TRUE, $alt_path = '')
+ public function load($langfile, $idiom = '', $return = FALSE, $add_suffix = TRUE, $alt_path = '')
{
$langfile = str_replace('.php', '', $langfile);
- if ($add_suffix == TRUE)
+ if ($add_suffix === TRUE)
{
- $langfile = str_replace('_lang.', '', $langfile).'_lang';
+ $langfile = str_replace('_lang', '', $langfile).'_lang';
}
$langfile .= '.php';
- if (in_array($langfile, $this->is_loaded, TRUE))
+ if ($idiom === '')
{
- return;
+ $config =& get_config();
+ $idiom = ( ! empty($config['language'])) ? $config['language'] : 'english';
}
- $config =& get_config();
-
- if ($idiom == '')
+ if ($return === FALSE && isset($this->is_loaded[$langfile]) && $this->is_loaded[$langfile] === $idiom)
{
- $deft_lang = ( ! isset($config['language'])) ? 'english' : $config['language'];
- $idiom = ($deft_lang == '') ? 'english' : $deft_lang;
+ return;
}
// Determine where the language file is and load it
- if ($alt_path != '' && file_exists($alt_path.'language/'.$idiom.'/'.$langfile))
+ if ($alt_path !== '' && file_exists($alt_path.'language/'.$idiom.'/'.$langfile))
{
include($alt_path.'language/'.$idiom.'/'.$langfile);
}
@@ -121,17 +123,21 @@ class CI_Lang {
if ( ! isset($lang) OR ! is_array($lang))
{
log_message('error', 'Language file contains no data: language/'.$idiom.'/'.$langfile);
+
+ if ($return === TRUE)
+ {
+ return array();
+ }
return;
}
- if ($return == TRUE)
+ if ($return === TRUE)
{
return $lang;
}
- $this->is_loaded[] = $langfile;
+ $this->is_loaded[$langfile] = $idiom;
$this->language = array_merge($this->language, $lang);
- unset($lang);
log_message('debug', 'Language file loaded: language/'.$idiom.'/'.$langfile);
return TRUE;
@@ -147,7 +153,7 @@ class CI_Lang {
*/
public function line($line = '')
{
- $value = ($line == '' OR ! isset($this->language[$line])) ? FALSE : $this->language[$line];
+ $value = ($line === '' OR ! isset($this->language[$line])) ? FALSE : $this->language[$line];
// Because killer robots like unicorns!
if ($value === FALSE)
@@ -161,4 +167,4 @@ class CI_Lang {
}
/* End of file Lang.php */
-/* Location: ./system/core/Lang.php */
+/* Location: ./system/core/Lang.php */ \ No newline at end of file
diff --git a/system/core/Loader.php b/system/core/Loader.php
index 12daaa928..09e948714 100644
--- a/system/core/Loader.php
+++ b/system/core/Loader.php
@@ -2,7 +2,7 @@
/**
* CodeIgniter
*
- * An open source application development framework for PHP 5.1.6 or newer
+ * An open source application development framework for PHP 5.2.4 or newer
*
* NOTICE OF LICENSE
*
@@ -25,8 +25,6 @@
* @filesource
*/
-// ------------------------------------------------------------------------
-
/**
* Loader Class
*
@@ -34,8 +32,8 @@
*
* @package CodeIgniter
* @subpackage Libraries
- * @author EllisLab Dev Team
* @category Loader
+ * @author EllisLab Dev Team
* @link http://codeigniter.com/user_guide/libraries/loader.html
*/
class CI_Loader {
@@ -47,80 +45,93 @@ class CI_Loader {
* @var int
*/
protected $_ci_ob_level;
+
/**
* List of paths to load views from
*
* @var array
*/
- protected $_ci_view_paths = array();
+ protected $_ci_view_paths = array();
+
/**
* List of paths to load libraries from
*
* @var array
*/
- protected $_ci_library_paths = array();
+ protected $_ci_library_paths = array();
+
/**
* List of paths to load models from
*
* @var array
*/
- protected $_ci_model_paths = array();
+ protected $_ci_model_paths = array();
+
/**
* List of paths to load helpers from
*
* @var array
*/
- protected $_ci_helper_paths = array();
+ protected $_ci_helper_paths = array();
+
/**
* List of loaded base classes
*
* @var array
*/
- protected $_base_classes = array(); // Set by the controller class
+ protected $_base_classes = array(); // Set by the controller class
+
/**
* List of cached variables
*
* @var array
*/
- protected $_ci_cached_vars = array();
+ protected $_ci_cached_vars = array();
+
/**
* List of loaded classes
*
* @var array
*/
- protected $_ci_classes = array();
+ protected $_ci_classes = array();
+
/**
* List of loaded files
*
* @var array
*/
- protected $_ci_loaded_files = array();
+ protected $_ci_loaded_files = array();
+
/**
* List of loaded models
*
* @var array
*/
- protected $_ci_models = array();
+ protected $_ci_models = array();
+
/**
* List of loaded helpers
*
* @var array
*/
- protected $_ci_helpers = array();
+ protected $_ci_helpers = array();
+
/**
* List of class name mappings
*
* @var array
*/
- protected $_ci_varmap = array(
- 'unit_test' => 'unit',
- 'user_agent' => 'agent'
- );
+ protected $_ci_varmap = array(
+ 'unit_test' => 'unit',
+ 'user_agent' => 'agent'
+ );
/**
* Constructor
*
* Sets the path to the view files and gets the initial output buffering level
+ *
+ * @return void
*/
public function __construct()
{
@@ -140,7 +151,6 @@ class CI_Loader {
*
* This method is called once in CI_Controller.
*
- * @param array
* @return object
*/
public function initialize()
@@ -170,12 +180,7 @@ class CI_Loader {
*/
public function is_loaded($class)
{
- if (isset($this->_ci_classes[$class]))
- {
- return $this->_ci_classes[$class];
- }
-
- return FALSE;
+ return isset($this->_ci_classes[$class]) ? $this->_ci_classes[$class] : FALSE;
}
// --------------------------------------------------------------------
@@ -203,7 +208,7 @@ class CI_Loader {
return;
}
- if ($library == '' OR isset($this->_base_classes[$library]))
+ if ($library === '' OR isset($this->_base_classes[$library]))
{
return FALSE;
}
@@ -239,7 +244,7 @@ class CI_Loader {
return;
}
- if ($model == '')
+ if ($model === '')
{
return;
}
@@ -256,7 +261,7 @@ class CI_Loader {
$model = substr($model, $last_slash);
}
- if ($name == '')
+ if (empty($name))
{
$name = $model;
}
@@ -281,7 +286,7 @@ class CI_Loader {
continue;
}
- if ($db_conn !== FALSE AND ! class_exists('CI_DB'))
+ if ($db_conn !== FALSE && ! class_exists('CI_DB'))
{
if ($db_conn === TRUE)
{
@@ -315,16 +320,16 @@ class CI_Loader {
*
* @param string the DB credentials
* @param bool whether to return the DB object
- * @param bool whether to enable active record (this allows us to override the config setting)
+ * @param bool whether to enable query builder (this allows us to override the config setting)
* @return object
*/
- public function database($params = '', $return = FALSE, $active_record = NULL)
+ public function database($params = '', $return = FALSE, $query_builder = NULL)
{
// Grab the super object
$CI =& get_instance();
// Do we even need to load the database class?
- if (class_exists('CI_DB') AND $return == FALSE AND $active_record == NULL AND isset($CI->db) AND is_object($CI->db))
+ if (class_exists('CI_DB') && $return === FALSE && $query_builder === NULL && isset($CI->db) && is_object($CI->db))
{
return FALSE;
}
@@ -333,7 +338,7 @@ class CI_Loader {
if ($return === TRUE)
{
- return DB($params, $active_record);
+ return DB($params, $query_builder);
}
// Initialize the db variable. Needed to prevent
@@ -341,7 +346,7 @@ class CI_Loader {
$CI->db = '';
// Load the DB class
- $CI->db =& DB($params, $active_record);
+ $CI->db =& DB($params, $query_builder);
}
// --------------------------------------------------------------------
@@ -399,13 +404,13 @@ class CI_Loader {
/**
* Load View
*
- * This function is used to load a "view" file. It has three parameters:
+ * This function is used to load a "view" file. It has three parameters:
*
* 1. The name of the "view" file to be included.
* 2. An associative array of data to be extracted for use in the view.
- * 3. TRUE/FALSE - whether to return the data or load it. In
- * some cases it's advantageous to be able to return data so that
- * a developer can process it in some way.
+ * 3. TRUE/FALSE - whether to return the data or load it. In
+ * some cases it's advantageous to be able to return data so that
+ * a developer can process it in some way.
*
* @param string
* @param array
@@ -447,14 +452,14 @@ class CI_Loader {
*/
public function vars($vars = array(), $val = '')
{
- if ($val != '' AND is_string($vars))
+ if ($val !== '' && is_string($vars))
{
$vars = array($vars => $val);
}
$vars = $this->_ci_object_to_array($vars);
- if (is_array($vars) AND count($vars) > 0)
+ if (is_array($vars) && count($vars) > 0)
{
foreach ($vars as $key => $val)
{
@@ -615,20 +620,29 @@ class CI_Loader {
*
* Loads a driver library
*
- * @param string the name of the class
+ * @param mixed the name of the class or array of classes
* @param mixed the optional parameters
* @param string an optional object name
* @return void
*/
public function driver($library = '', $params = NULL, $object_name = NULL)
{
+ if (is_array($library))
+ {
+ foreach ($library as $driver)
+ {
+ $this->driver($driver);
+ }
+ return FALSE;
+ }
+
if ( ! class_exists('CI_Driver_Library'))
{
// we aren't instantiating an object here, that'll be done by the Library itself
require BASEPATH.'libraries/Driver.php';
}
- if ($library == '')
+ if ($library === '')
{
return FALSE;
}
@@ -651,7 +665,7 @@ class CI_Loader {
* Prepends a parent path to the library, model, helper, and config path arrays
*
* @param string
- * @param boolean
+ * @param bool
* @return void
*/
public function add_package_path($path, $view_cascade=TRUE)
@@ -666,7 +680,7 @@ class CI_Loader {
// Add config file path
$config =& $this->_ci_get_component('config');
- array_unshift($config->_config_paths, $path);
+ array_push($config->_config_paths, $path);
}
// --------------------------------------------------------------------
@@ -692,21 +706,21 @@ class CI_Loader {
* Remove a path from the library, model, and helper path arrays if it exists
* If no path is provided, the most recently added path is removed.
*
- * @param type
+ * @param string
* @param bool
- * @return type
+ * @return void
*/
public function remove_package_path($path = '', $remove_config_path = TRUE)
{
$config =& $this->_ci_get_component('config');
- if ($path == '')
+ if ($path === '')
{
array_shift($this->_ci_library_paths);
array_shift($this->_ci_model_paths);
array_shift($this->_ci_helper_paths);
array_shift($this->_ci_view_paths);
- array_shift($config->_config_paths);
+ array_pop($config->_config_paths);
}
else
{
@@ -755,13 +769,13 @@ class CI_Loader {
// Set the default data variables
foreach (array('_ci_view', '_ci_vars', '_ci_path', '_ci_return') as $_ci_val)
{
- $$_ci_val = ( ! isset($_ci_data[$_ci_val])) ? FALSE : $_ci_data[$_ci_val];
+ $$_ci_val = isset($_ci_data[$_ci_val]) ? $_ci_data[$_ci_val] : FALSE;
}
$file_exists = FALSE;
// Set the path to the requested file
- if ($_ci_path != '')
+ if (is_string($_ci_path) && $_ci_path !== '')
{
$_ci_x = explode('/', $_ci_path);
$_ci_file = end($_ci_x);
@@ -769,7 +783,7 @@ class CI_Loader {
else
{
$_ci_ext = pathinfo($_ci_view, PATHINFO_EXTENSION);
- $_ci_file = ($_ci_ext == '') ? $_ci_view.'.php' : $_ci_view;
+ $_ci_file = ($_ci_ext === '') ? $_ci_view.'.php' : $_ci_view;
foreach ($this->_ci_view_paths as $view_file => $cascade)
{
@@ -833,7 +847,7 @@ class CI_Loader {
// If the PHP installation does not support short tags we'll
// do a little string replacement, changing the short tags
// to standard PHP echo statements.
- if ((bool) @ini_get('short_open_tag') === FALSE AND config_item('rewrite_short_tags') == TRUE)
+ if ( ! is_php('5.4') && (bool) @ini_get('short_open_tag') === FALSE && config_item('rewrite_short_tags') === TRUE)
{
echo eval('?>'.preg_replace('/;*\s*\?>/', '; ?>', str_replace('<?=', '<?php echo ', file_get_contents($_ci_path))));
}
@@ -986,7 +1000,7 @@ class CI_Loader {
} // END FOREACH
// One last attempt. Maybe the library is in a subdirectory, but it wasn't specified?
- if ($subdir == '')
+ if ($subdir === '')
{
$path = strtolower($class).'/'.$class;
return $this->_ci_load_class($path, $params);
@@ -994,7 +1008,7 @@ class CI_Loader {
// If we got this far we were unable to find the requested class.
// We do not issue errors if the load call failed due to a duplicate request
- if ($is_duplicate == FALSE)
+ if ($is_duplicate === FALSE)
{
log_message('error', 'Unable to load the requested class: '.$class);
show_error('Unable to load the requested class: '.$class);
@@ -1010,11 +1024,11 @@ class CI_Loader {
* @param string
* @param bool
* @param string an optional object name
- * @return null
+ * @return void
*/
protected function _ci_init_class($class, $prefix = '', $config = FALSE, $object_name = NULL)
{
- // Is there an associated config file for this class? Note: these should always be lowercase
+ // Is there an associated config file for this class? Note: these should always be lowercase
if ($config === NULL)
{
// Fetch the config paths containing any package paths
@@ -1029,31 +1043,31 @@ class CI_Loader {
// We test for both uppercase and lowercase, for servers that
// are case-sensitive with regard to file names. Check for environment
// first, global next
- if (defined('ENVIRONMENT') AND file_exists($path .'config/'.ENVIRONMENT.'/'.strtolower($class).'.php'))
+ if (defined('ENVIRONMENT') && file_exists($path.'config/'.ENVIRONMENT.'/'.strtolower($class).'.php'))
{
- include($path .'config/'.ENVIRONMENT.'/'.strtolower($class).'.php');
+ include($path.'config/'.ENVIRONMENT.'/'.strtolower($class).'.php');
break;
}
- elseif (defined('ENVIRONMENT') AND file_exists($path .'config/'.ENVIRONMENT.'/'.ucfirst(strtolower($class)).'.php'))
+ elseif (defined('ENVIRONMENT') && file_exists($path.'config/'.ENVIRONMENT.'/'.ucfirst(strtolower($class)).'.php'))
{
- include($path .'config/'.ENVIRONMENT.'/'.ucfirst(strtolower($class)).'.php');
+ include($path.'config/'.ENVIRONMENT.'/'.ucfirst(strtolower($class)).'.php');
break;
}
- elseif (file_exists($path .'config/'.strtolower($class).'.php'))
+ elseif (file_exists($path.'config/'.strtolower($class).'.php'))
{
- include($path .'config/'.strtolower($class).'.php');
+ include($path.'config/'.strtolower($class).'.php');
break;
}
- elseif (file_exists($path .'config/'.ucfirst(strtolower($class)).'.php'))
+ elseif (file_exists($path.'config/'.ucfirst(strtolower($class)).'.php'))
{
- include($path .'config/'.ucfirst(strtolower($class)).'.php');
+ include($path.'config/'.ucfirst(strtolower($class)).'.php');
break;
}
}
}
}
- if ($prefix == '')
+ if ($prefix === '')
{
if (class_exists('CI_'.$class))
{
@@ -1086,7 +1100,7 @@ class CI_Loader {
if (is_null($object_name))
{
- $classvar = ( ! isset($this->_ci_varmap[$class])) ? $class : $this->_ci_varmap[$class];
+ $classvar = isset($this->_ci_varmap[$class]) ? $this->_ci_varmap[$class] : $class;
}
else
{
@@ -1104,7 +1118,7 @@ class CI_Loader {
}
else
{
- $CI->$classvar = new $name;
+ $CI->$classvar = new $name();
}
}
@@ -1116,12 +1130,11 @@ class CI_Loader {
* The config/autoload.php file contains an array that permits sub-systems,
* libraries, and helpers to be loaded automatically.
*
- * @param array
* @return void
*/
protected function _ci_autoloader()
{
- if (defined('ENVIRONMENT') AND file_exists(APPPATH.'config/'.ENVIRONMENT.'/autoload.php'))
+ if (defined('ENVIRONMENT') && file_exists(APPPATH.'config/'.ENVIRONMENT.'/autoload.php'))
{
include(APPPATH.'config/'.ENVIRONMENT.'/autoload.php');
}
@@ -1157,14 +1170,14 @@ class CI_Loader {
// Autoload helpers and languages
foreach (array('helper', 'language') as $type)
{
- if (isset($autoload[$type]) AND count($autoload[$type]) > 0)
+ if (isset($autoload[$type]) && count($autoload[$type]) > 0)
{
$this->$type($autoload[$type]);
}
}
// Load libraries
- if (isset($autoload['libraries']) AND count($autoload['libraries']) > 0)
+ if (isset($autoload['libraries']) && count($autoload['libraries']) > 0)
{
// Load the database driver.
if (in_array('database', $autoload['libraries']))
@@ -1199,7 +1212,7 @@ class CI_Loader {
*/
protected function _ci_object_to_array($object)
{
- return (is_object($object)) ? get_object_vars($object) : $object;
+ return is_object($object) ? get_object_vars($object) : $object;
}
// --------------------------------------------------------------------
@@ -1243,7 +1256,8 @@ class CI_Loader {
return $filename;
}
}
+
}
/* End of file Loader.php */
-/* Location: ./system/core/Loader.php */
+/* Location: ./system/core/Loader.php */ \ No newline at end of file
diff --git a/system/core/Model.php b/system/core/Model.php
index a595a6ae2..9bc9f879f 100755..100644
--- a/system/core/Model.php
+++ b/system/core/Model.php
@@ -2,7 +2,7 @@
/**
* CodeIgniter
*
- * An open source application development framework for PHP 5.1.6 or newer
+ * An open source application development framework for PHP 5.2.4 or newer
*
* NOTICE OF LICENSE
*
@@ -25,8 +25,6 @@
* @filesource
*/
-// ------------------------------------------------------------------------
-
/**
* CodeIgniter Model Class
*
@@ -38,6 +36,11 @@
*/
class CI_Model {
+ /**
+ * Initialize CI_Model Class
+ *
+ * @return void
+ */
public function __construct()
{
log_message('debug', 'Model Class Initialized');
@@ -56,7 +59,8 @@ class CI_Model {
$CI =& get_instance();
return $CI->$key;
}
+
}
/* End of file Model.php */
-/* Location: ./system/core/Model.php */
+/* Location: ./system/core/Model.php */ \ No newline at end of file
diff --git a/system/core/Output.php b/system/core/Output.php
index abd8a0ea9..5588ffe8e 100755..100644
--- a/system/core/Output.php
+++ b/system/core/Output.php
@@ -2,7 +2,7 @@
/**
* CodeIgniter
*
- * An open source application development framework for PHP 5.1.6 or newer
+ * An open source application development framework for PHP 5.2.4 or newer
*
* NOTICE OF LICENSE
*
@@ -25,8 +25,6 @@
* @filesource
*/
-// ------------------------------------------------------------------------
-
/**
* Output Class
*
@@ -45,66 +43,69 @@ class CI_Output {
*
* @var string
*/
- protected $final_output;
+ public $final_output;
+
/**
* Cache expiration time
*
* @var int
*/
- protected $cache_expiration = 0;
+ public $cache_expiration = 0;
+
/**
* List of server headers
*
* @var array
*/
- protected $headers = array();
+ public $headers = array();
+
/**
* List of mime types
*
* @var array
*/
- protected $mime_types = array();
+ public $mimes = array();
+
/**
* Determines wether profiler is enabled
*
* @var book
*/
- protected $enable_profiler = FALSE;
+ public $enable_profiler = FALSE;
+
/**
* Determines if output compression is enabled
*
* @var bool
*/
- protected $_zlib_oc = FALSE;
+ protected $_zlib_oc = FALSE;
+
/**
* List of profiler sections
*
* @var array
*/
- protected $_profiler_sections = array();
+ protected $_profiler_sections = array();
+
/**
* Whether or not to parse variables like {elapsed_time} and {memory_usage}
*
* @var bool
*/
- protected $parse_exec_vars = TRUE;
+ public $parse_exec_vars = TRUE;
+ /**
+ * Set up Output class
+ *
+ * @return void
+ */
public function __construct()
{
- $this->_zlib_oc = @ini_get('zlib.output_compression');
+ $this->_zlib_oc = (bool) @ini_get('zlib.output_compression');
// Get mime types for later
- if (defined('ENVIRONMENT') AND file_exists(APPPATH.'config/'.ENVIRONMENT.'/mimes.php'))
- {
- include APPPATH.'config/'.ENVIRONMENT.'/mimes.php';
- }
- else
- {
- include APPPATH.'config/mimes.php';
- }
-
+ $this->mimes =& get_mimes();
- $this->mime_types = $mimes;
log_message('debug', 'Output Class Initialized');
}
@@ -169,7 +170,7 @@ class CI_Output {
*
* Lets you set a server header which will be outputted with the final display.
*
- * Note: If a file is cached, headers will not be sent. We need to figure out
+ * Note: If a file is cached, headers will not be sent. We need to figure out
* how to permit header data to be saved with the cache data...
*
* @param string
@@ -182,7 +183,7 @@ class CI_Output {
// but it will not modify the content-length header to compensate for
// the reduction, causing the browser to hang waiting for more data.
// We'll just skip content-length in those cases.
- if ($this->_zlib_oc && strncasecmp($header, 'content-length', 14) == 0)
+ if ($this->_zlib_oc && strncasecmp($header, 'content-length', 14) === 0)
{
return;
}
@@ -199,16 +200,16 @@ class CI_Output {
* @param string extension of the file we're outputting
* @return void
*/
- public function set_content_type($mime_type)
+ public function set_content_type($mime_type, $charset = NULL)
{
if (strpos($mime_type, '/') === FALSE)
{
$extension = ltrim($mime_type, '.');
// Is this extension supported?
- if (isset($this->mime_types[$extension]))
+ if (isset($this->mimes[$extension]))
{
- $mime_type =& $this->mime_types[$extension];
+ $mime_type =& $this->mimes[$extension];
if (is_array($mime_type))
{
@@ -217,7 +218,13 @@ class CI_Output {
}
}
- $header = 'Content-Type: '.$mime_type;
+ if (empty($charset))
+ {
+ $charset = config_item('charset');
+ }
+
+ $header = 'Content-Type: '.$mime_type
+ .(empty($charset) ? NULL : '; charset='.strtolower($charset));
$this->headers[] = array($header, TRUE);
return $this;
@@ -226,10 +233,30 @@ class CI_Output {
// --------------------------------------------------------------------
/**
+ * Get Current Content Type Header
+ *
+ * @return string 'text/html', if not already set
+ */
+ public function get_content_type()
+ {
+ for ($i = 0, $c = count($this->headers); $i < $c; $i++)
+ {
+ if (preg_match('/^Content-Type:\s(.+)$/', $this->headers[$i][0], $matches))
+ {
+ return $matches[1];
+ }
+ }
+
+ return 'text/html';
+ }
+
+ // --------------------------------------------------------------------
+
+ /**
* Set HTTP Status Header
* moved to Common procedural functions in 1.7.2
*
- * @param int the status code
+ * @param int the status code
* @param string
* @return void
*/
@@ -249,7 +276,7 @@ class CI_Output {
*/
public function enable_profiler($val = TRUE)
{
- $this->enable_profiler = (is_bool($val)) ? $val : TRUE;
+ $this->enable_profiler = is_bool($val) ? $val : TRUE;
return $this;
}
@@ -267,7 +294,7 @@ class CI_Output {
{
foreach ($sections as $section => $enable)
{
- $this->_profiler_sections[$section] = ($enable !== FALSE) ? TRUE : FALSE;
+ $this->_profiler_sections[$section] = ($enable !== FALSE);
}
return $this;
@@ -278,12 +305,12 @@ class CI_Output {
/**
* Set Cache
*
- * @param integer
+ * @param int
* @return void
*/
public function cache($time)
{
- $this->cache_expiration = ( ! is_numeric($time)) ? 0 : $time;
+ $this->cache_expiration = is_numeric($time) ? $time : 0;
return $this;
}
@@ -297,7 +324,7 @@ class CI_Output {
* $this->final_output
*
* This function sends the finalized output data to the browser along
- * with any server headers and profile data. It also stops the
+ * with any server headers and profile data. It also stops the
* benchmark timer so the page rendering speed and memory usage can be shown.
*
* @param string
@@ -319,7 +346,7 @@ class CI_Output {
// --------------------------------------------------------------------
// Set the output data
- if ($output == '')
+ if ($output === '')
{
$output =& $this->final_output;
}
@@ -343,7 +370,7 @@ class CI_Output {
if ($this->parse_exec_vars === TRUE)
{
- $memory = ( ! function_exists('memory_get_usage')) ? '0' : round(memory_get_usage()/1024/1024, 2).'MB';
+ $memory = round(memory_get_usage() / 1024 / 1024, 2).'MB';
$output = str_replace(array('{elapsed_time}', '{memory_usage}'), array($elapsed, $memory), $output);
}
@@ -351,7 +378,7 @@ class CI_Output {
// --------------------------------------------------------------------
// Is compression requested?
- if ($CFG->item('compress_output') === TRUE && $this->_zlib_oc == FALSE
+ if ($CFG->item('compress_output') === TRUE && $this->_zlib_oc === FALSE
&& extension_loaded('zlib')
&& isset($_SERVER['HTTP_ACCEPT_ENCODING']) && strpos($_SERVER['HTTP_ACCEPT_ENCODING'], 'gzip') !== FALSE)
{
@@ -386,7 +413,7 @@ class CI_Output {
// Do we need to generate profile data?
// If so, load the Profile class and run it.
- if ($this->enable_profiler == TRUE)
+ if ($this->enable_profiler === TRUE)
{
$CI->load->library('profiler');
if ( ! empty($this->_profiler_sections))
@@ -430,7 +457,7 @@ class CI_Output {
{
$CI =& get_instance();
$path = $CI->config->item('cache_path');
- $cache_path = ($path == '') ? APPPATH.'cache/' : $path;
+ $cache_path = ($path === '') ? APPPATH.'cache/' : $path;
if ( ! is_dir($cache_path) OR ! is_really_writable($cache_path))
{
@@ -475,11 +502,11 @@ class CI_Output {
*
* @param object config class
* @param object uri class
- * @return void
+ * @return bool
*/
public function _display_cache(&$CFG, &$URI)
{
- $cache_path = ($CFG->item('cache_path') == '') ? APPPATH.'cache/' : $CFG->item('cache_path');
+ $cache_path = ($CFG->item('cache_path') === '') ? APPPATH.'cache/' : $CFG->item('cache_path');
// Build the file path. The file name is an MD5 hash of the full URI
$uri = $CFG->item('base_url').$CFG->item('index_page').$URI->uri_string;
@@ -520,4 +547,4 @@ class CI_Output {
}
/* End of file Output.php */
-/* Location: ./system/core/Output.php */
+/* Location: ./system/core/Output.php */ \ No newline at end of file
diff --git a/system/core/Router.php b/system/core/Router.php
index d21319565..5bc053045 100755..100644
--- a/system/core/Router.php
+++ b/system/core/Router.php
@@ -2,7 +2,7 @@
/**
* CodeIgniter
*
- * An open source application development framework for PHP 5.1.6 or newer
+ * An open source application development framework for PHP 5.2.4 or newer
*
* NOTICE OF LICENSE
*
@@ -25,8 +25,6 @@
* @filesource
*/
-// ------------------------------------------------------------------------
-
/**
* Router Class
*
@@ -34,8 +32,8 @@
*
* @package CodeIgniter
* @subpackage Libraries
- * @author EllisLab Dev Team
* @category Libraries
+ * @author EllisLab Dev Team
* @link http://codeigniter.com/user_guide/general/routing.html
*/
class CI_Router {
@@ -46,36 +44,42 @@ class CI_Router {
* @var object
*/
public $config;
+
/**
* List of routes
*
* @var array
*/
- public $routes = array();
+ public $routes = array();
+
/**
* List of error routes
*
* @var array
*/
- public $error_routes = array();
+ public $error_routes = array();
+
/**
* Current class name
*
* @var string
*/
- public $class = '';
+ public $class = '';
+
/**
* Current method name
*
* @var string
*/
- public $method = 'index';
+ public $method = 'index';
+
/**
* Sub-directory that contains the requested controller class
*
* @var string
*/
- public $directory = '';
+ public $directory = '';
+
/**
* Default controller (and method if specific)
*
@@ -87,6 +91,8 @@ class CI_Router {
* Constructor
*
* Runs the route mapping function.
+ *
+ * @return void
*/
public function __construct()
{
@@ -111,7 +117,7 @@ class CI_Router {
// since URI segments are more search-engine friendly, but they can optionally be used.
// If this feature is enabled, we will gather the directory/class/method a little differently
$segments = array();
- if ($this->config->item('enable_query_strings') === TRUE AND isset($_GET[$this->config->item('controller_trigger')]))
+ if ($this->config->item('enable_query_strings') === TRUE && isset($_GET[$this->config->item('controller_trigger')]))
{
if (isset($_GET[$this->config->item('directory_trigger')]))
{
@@ -133,7 +139,7 @@ class CI_Router {
}
// Load the routes.php file.
- if (defined('ENVIRONMENT') AND is_file(APPPATH.'config/'.ENVIRONMENT.'/routes.php'))
+ if (defined('ENVIRONMENT') && is_file(APPPATH.'config/'.ENVIRONMENT.'/routes.php'))
{
include(APPPATH.'config/'.ENVIRONMENT.'/routes.php');
}
@@ -147,7 +153,7 @@ class CI_Router {
// Set the default controller so we can display it in the event
// the URI doesn't correlated to a valid controller.
- $this->default_controller = ( ! isset($this->routes['default_controller']) OR $this->routes['default_controller'] == '') ? FALSE : strtolower($this->routes['default_controller']);
+ $this->default_controller = empty($this->routes['default_controller']) ? FALSE : strtolower($this->routes['default_controller']);
// Were there any query string segments? If so, we'll validate them and bail out since we're done.
if (count($segments) > 0)
@@ -213,7 +219,6 @@ class CI_Router {
* input, and sets the current class/method
*
* @param array
- * @param bool
* @return void
*/
protected function _set_request($segments = array())
@@ -248,8 +253,8 @@ class CI_Router {
// --------------------------------------------------------------------
/**
- * Validates the supplied segments. Attempts to determine the path to
- * the controller.
+ * Validates the supplied segments.
+ * Attempts to determine the path to the controller.
*
* @param array
* @return array
@@ -340,7 +345,7 @@ class CI_Router {
// --------------------------------------------------------------------
/**
- * Parse Routes
+ * Parse Routes
*
* This function matches any routes that may exist in
* the config/routes.php file against the URI to
@@ -369,7 +374,7 @@ class CI_Router {
if (preg_match('#^'.$key.'$#', $uri))
{
// Do we have a back-reference?
- if (strpos($val, '$') !== FALSE AND strpos($key, '(') !== FALSE)
+ if (strpos($val, '$') !== FALSE && strpos($key, '(') !== FALSE)
{
$val = preg_replace('#^'.$key.'$#', $val, $uri);
}
@@ -411,7 +416,7 @@ class CI_Router {
// --------------------------------------------------------------------
/**
- * Set the method name
+ * Set the method name
*
* @param string
* @return void
@@ -424,24 +429,19 @@ class CI_Router {
// --------------------------------------------------------------------
/**
- * Fetch the current method
+ * Fetch the current method
*
* @return string
*/
public function fetch_method()
{
- if ($this->method == $this->fetch_class())
- {
- return 'index';
- }
-
- return $this->method;
+ return ($this->method === $this->fetch_class()) ? 'index' : $this->method;
}
// --------------------------------------------------------------------
/**
- * Set the directory name
+ * Set the directory name
*
* @param string
* @return void
@@ -454,7 +454,7 @@ class CI_Router {
// --------------------------------------------------------------------
/**
- * Fetch the sub-directory (if any) that contains the requested controller class
+ * Fetch the sub-directory (if any) that contains the requested controller class
*
* @return string
*/
@@ -466,10 +466,10 @@ class CI_Router {
// --------------------------------------------------------------------
/**
- * Set the controller overrides
+ * Set the controller overrides
*
* @param array
- * @return null
+ * @return void
*/
public function _set_overrides($routing)
{
@@ -483,7 +483,7 @@ class CI_Router {
$this->set_directory($routing['directory']);
}
- if (isset($routing['controller']) AND $routing['controller'] != '')
+ if ( ! empty($routing['controller']))
{
$this->set_class($routing['controller']);
}
@@ -498,4 +498,4 @@ class CI_Router {
}
/* End of file Router.php */
-/* Location: ./system/core/Router.php */
+/* Location: ./system/core/Router.php */ \ No newline at end of file
diff --git a/system/core/Security.php b/system/core/Security.php
index 1007f61f4..4593a1090 100755..100644
--- a/system/core/Security.php
+++ b/system/core/Security.php
@@ -2,7 +2,7 @@
/**
* CodeIgniter
*
- * An open source application development framework for PHP 5.1.6 or newer
+ * An open source application development framework for PHP 5.2.4 or newer
*
* NOTICE OF LICENSE
*
@@ -25,8 +25,6 @@
* @filesource
*/
-// ------------------------------------------------------------------------
-
/**
* Security Class
*
@@ -43,14 +41,14 @@ class CI_Security {
*
* @var string
*/
- protected $_xss_hash = '';
+ protected $_xss_hash = '';
/**
* Random Hash for Cross Site Request Forgery Protection Cookie
*
* @var string
*/
- protected $_csrf_hash = '';
+ protected $_csrf_hash = '';
/**
* Expiration time for Cross Site Request Forgery Protection Cookie
@@ -58,39 +56,39 @@ class CI_Security {
*
* @var int
*/
- protected $_csrf_expire = 7200;
+ protected $_csrf_expire = 7200;
/**
* Token name for Cross Site Request Forgery Protection Cookie
*
* @var string
*/
- protected $_csrf_token_name = 'ci_csrf_token';
+ protected $_csrf_token_name = 'ci_csrf_token';
/**
* Cookie name for Cross Site Request Forgery Protection Cookie
*
* @var string
*/
- protected $_csrf_cookie_name = 'ci_csrf_token';
+ protected $_csrf_cookie_name = 'ci_csrf_token';
/**
* List of never allowed strings
*
* @var array
*/
- protected $_never_allowed_str = array(
- 'document.cookie' => '[removed]',
- 'document.write' => '[removed]',
- '.parentNode' => '[removed]',
- '.innerHTML' => '[removed]',
- 'window.location' => '[removed]',
- '-moz-binding' => '[removed]',
- '<!--' => '&lt;!--',
- '-->' => '--&gt;',
- '<![CDATA[' => '&lt;![CDATA[',
- '<comment>' => '&lt;comment&gt;'
- );
+ protected $_never_allowed_str = array(
+ 'document.cookie' => '[removed]',
+ 'document.write' => '[removed]',
+ '.parentNode' => '[removed]',
+ '.innerHTML' => '[removed]',
+ 'window.location' => '[removed]',
+ '-moz-binding' => '[removed]',
+ '<!--' => '&lt;!--',
+ '-->' => '--&gt;',
+ '<![CDATA[' => '&lt;![CDATA[',
+ '<comment>' => '&lt;comment&gt;'
+ );
/**
* List of never allowed regex replacement
@@ -98,31 +96,41 @@ class CI_Security {
* @var array
*/
protected $_never_allowed_regex = array(
- 'javascript\s*:',
- 'expression\s*(\(|&\#40;)', // CSS and IE
- 'vbscript\s*:', // IE, surprise!
- 'Redirect\s+302'
- );
+ 'javascript\s*:',
+ 'expression\s*(\(|&\#40;)', // CSS and IE
+ 'vbscript\s*:', // IE, surprise!
+ 'Redirect\s+302',
+ "([\"'])?data\s*:[^\\1]*?base64[^\\1]*?,[^\\1]*?\\1?"
+ );
+ /**
+ * Initialize security class
+ *
+ * @return void
+ */
public function __construct()
{
- // CSRF config
- foreach(array('csrf_expire', 'csrf_token_name', 'csrf_cookie_name') as $key)
+ // Is CSRF protection enabled?
+ if (config_item('csrf_protection') === TRUE)
{
- if (FALSE !== ($val = config_item($key)))
+ // CSRF config
+ foreach (array('csrf_expire', 'csrf_token_name', 'csrf_cookie_name') as $key)
{
- $this->{'_'.$key} = $val;
+ if (FALSE !== ($val = config_item($key)))
+ {
+ $this->{'_'.$key} = $val;
+ }
}
- }
- // Append application specific cookie prefix
- if (config_item('cookie_prefix'))
- {
- $this->_csrf_cookie_name = config_item('cookie_prefix').$this->_csrf_cookie_name;
- }
+ // Append application specific cookie prefix
+ if (config_item('cookie_prefix'))
+ {
+ $this->_csrf_cookie_name = config_item('cookie_prefix').$this->_csrf_cookie_name;
+ }
- // Set the CSRF hash
- $this->_csrf_set_hash();
+ // Set the CSRF hash
+ $this->_csrf_set_hash();
+ }
log_message('debug', 'Security Class Initialized');
}
@@ -136,8 +144,8 @@ class CI_Security {
*/
public function csrf_verify()
{
- // If no POST data exists we will set the CSRF cookie
- if (count($_POST) === 0)
+ // If it's not a POST request we will set the CSRF cookie
+ if (strtoupper($_SERVER['REQUEST_METHOD']) !== 'POST')
{
return $this->csrf_set_cookie();
}
@@ -154,7 +162,7 @@ class CI_Security {
// Do the tokens exist in both the _POST and _COOKIE arrays?
if ( ! isset($_POST[$this->_csrf_token_name]) OR ! isset($_COOKIE[$this->_csrf_cookie_name])
- OR $_POST[$this->_csrf_token_name] != $_COOKIE[$this->_csrf_cookie_name]) // Do the tokens match?
+ OR $_POST[$this->_csrf_token_name] !== $_COOKIE[$this->_csrf_cookie_name]) // Do the tokens match?
{
$this->csrf_show_error();
}
@@ -183,18 +191,27 @@ class CI_Security {
* Set Cross Site Request Forgery Protection Cookie
*
* @return object
+ * @codeCoverageIgnore
*/
public function csrf_set_cookie()
{
$expire = time() + $this->_csrf_expire;
$secure_cookie = (bool) config_item('cookie_secure');
- if ($secure_cookie && ( ! isset($_SERVER['HTTPS']) OR $_SERVER['HTTPS'] == 'off' OR ! $_SERVER['HTTPS']))
+ if ($secure_cookie && (empty($_SERVER['HTTPS']) OR strtolower($_SERVER['HTTPS']) === 'off'))
{
return FALSE;
}
- setcookie($this->_csrf_cookie_name, $this->_csrf_hash, $expire, config_item('cookie_path'), config_item('cookie_domain'), $secure_cookie);
+ setcookie(
+ $this->_csrf_cookie_name,
+ $this->_csrf_hash,
+ $expire,
+ config_item('cookie_path'),
+ config_item('cookie_domain'),
+ $secure_cookie,
+ config_item('cookie_httponly')
+ );
log_message('debug', 'CRSF cookie Set');
return $this;
@@ -352,13 +369,14 @@ class CI_Security {
* These words are compacted back to their correct state.
*/
$words = array(
- 'javascript', 'expression', 'vbscript', 'script',
- 'applet', 'alert', 'document', 'write', 'cookie', 'window'
- );
+ 'javascript', 'expression', 'vbscript', 'script', 'base64',
+ 'applet', 'alert', 'document', 'write', 'cookie', 'window'
+ );
+
foreach ($words as $word)
{
- $word = implode("\s*", str_split($word)) . "\s*";
+ $word = implode('\s*', str_split($word)).'\s*';
// We only want to do this when it is followed by a non-word character
// That way valid stuff like "dealer to" does not become "dealerto"
@@ -390,7 +408,7 @@ class CI_Security {
$str = preg_replace('#<(/*)(script|xss)(.*?)\>#si', '[removed]', $str);
}
}
- while($original != $str);
+ while($original !== $str);
unset($original);
@@ -425,7 +443,6 @@ class CI_Security {
'\\1\\2&#40;\\3&#41;',
$str);
-
// Final clean up
// This adds a bit of extra precaution in case
// something got through the above filters
@@ -458,7 +475,7 @@ class CI_Security {
*/
public function xss_hash()
{
- if ($this->_xss_hash == '')
+ if ($this->_xss_hash === '')
{
mt_srand();
$this->_xss_hash = md5(time() + mt_rand(0, 1999999999));
@@ -513,23 +530,23 @@ class CI_Security {
public function sanitize_filename($str, $relative_path = FALSE)
{
$bad = array(
- '../', '<!--', '-->', '<', '>',
- "'", '"', '&', '$', '#',
- '{', '}', '[', ']', '=',
- ';', '?', '%20', '%22',
- '%3c', // <
- '%253c', // <
- '%3e', // >
- '%0e', // >
- '%28', // (
- '%29', // )
- '%2528', // (
- '%26', // &
- '%24', // $
- '%3f', // ?
- '%3b', // ;
- '%3d' // =
- );
+ '../', '<!--', '-->', '<', '>',
+ "'", '"', '&', '$', '#',
+ '{', '}', '[', ']', '=',
+ ';', '?', '%20', '%22',
+ '%3c', // <
+ '%253c', // <
+ '%3e', // >
+ '%0e', // >
+ '%28', // (
+ '%29', // )
+ '%2528', // (
+ '%26', // &
+ '%24', // $
+ '%3f', // ?
+ '%3b', // ;
+ '%3d' // =
+ );
if ( ! $relative_path)
{
@@ -549,8 +566,8 @@ class CI_Security {
* Callback function for xss_clean() to remove whitespace from
* things like j a v a s c r i p t
*
- * @param type
- * @return type
+ * @param array
+ * @return string
*/
protected function _compact_exploded_words($matches)
{
@@ -559,8 +576,8 @@ class CI_Security {
// --------------------------------------------------------------------
- /*
- * Remove Evil HTML Attributes (like evenhandlers and style)
+ /**
+ * Remove Evil HTML Attributes (like event handlers and style)
*
* It removes the evil attribute and either:
* - Everything up until a space
@@ -593,15 +610,16 @@ class CI_Security {
$attribs = array();
// find occurrences of illegal attribute strings without quotes
- preg_match_all('/('.implode('|', $evil_attributes).')\s*=\s*([^\s]*)/is', $str, $matches, PREG_SET_ORDER);
+ preg_match_all('/('.implode('|', $evil_attributes).')\s*=\s*([^\s>]*)/is', $str, $matches, PREG_SET_ORDER);
foreach ($matches as $attr)
{
+
$attribs[] = preg_quote($attr[0], '/');
}
// find occurrences of illegal attribute strings with quotes (042 and 047 are octal quotes)
- preg_match_all('/('.implode('|', $evil_attributes).')\s*=\s*(\042|\047)([^\\2]*?)(\\2)/is', $str, $matches, PREG_SET_ORDER);
+ preg_match_all('/('.implode('|', $evil_attributes).')\s*=\s*(\042|\047)([^\\2]*?)(\\2)/is', $str, $matches, PREG_SET_ORDER);
foreach ($matches as $attr)
{
@@ -611,7 +629,7 @@ class CI_Security {
// replace illegal attribute strings that are inside an html tag
if (count($attribs) > 0)
{
- $str = preg_replace('/<(\/?[^><]+?)([^A-Za-z\-])('.implode('|', $attribs).')([\s><])([><]*)/i', '<$1$2$4$5', $str, -1, $count);
+ $str = preg_replace('/<(\/?[^><]+?)([^A-Za-z<>\-])(.*?)('.implode('|', $attribs).')(.*?)([\s><])([><]*)/i', '<$1 $3$5$6$7', $str, -1, $count);
}
} while ($count);
@@ -633,7 +651,7 @@ class CI_Security {
{
return '&lt;'.$matches[1].$matches[2].$matches[3] // encode opening brace
// encode captured opening or closing brace to prevent recursive vectors:
- . str_replace(array('>', '<'), array('&gt;', '&lt;'), $matches[4]);
+ .str_replace(array('>', '<'), array('&gt;', '&lt;'), $matches[4]);
}
// --------------------------------------------------------------------
@@ -652,7 +670,7 @@ class CI_Security {
protected function _js_link_removal($match)
{
return str_replace($match[1],
- preg_replace('#href=.*?(alert\(|alert&\#40;|javascript\:|livescript\:|mocha\:|charset\=|window\.|document\.|\.cookie|<script|<xss|base64\s*,)#si',
+ preg_replace('#href=.*?(alert\(|alert&\#40;|javascript\:|livescript\:|mocha\:|charset\=|window\.|document\.|\.cookie|<script|<xss|data\s*:)#si',
'',
$this->_filter_attributes(str_replace(array('<', '>'), '', $match[1]))
),
@@ -792,7 +810,7 @@ class CI_Security {
foreach ($this->_never_allowed_regex as $regex)
{
- $str = preg_replace('#'.$regex.'#i', '[removed]', $str);
+ $str = preg_replace('#'.$regex.'#is', '[removed]', $str);
}
return $str;
@@ -807,14 +825,14 @@ class CI_Security {
*/
protected function _csrf_set_hash()
{
- if ($this->_csrf_hash == '')
+ if ($this->_csrf_hash === '')
{
// If the cookie exists we will use it's value.
// We don't necessarily want to regenerate it with
// each page load since a page could contain embedded
// sub-pages causing this feature to fail
if (isset($_COOKIE[$this->_csrf_cookie_name]) &&
- $_COOKIE[$this->_csrf_cookie_name] != '')
+ preg_match('#^[0-9a-f]{32}$#iS', $_COOKIE[$this->_csrf_cookie_name]) === 1)
{
return $this->_csrf_hash = $_COOKIE[$this->_csrf_cookie_name];
}
@@ -829,4 +847,4 @@ class CI_Security {
}
/* End of file Security.php */
-/* Location: ./system/core/Security.php */
+/* Location: ./system/core/Security.php */ \ No newline at end of file
diff --git a/system/core/URI.php b/system/core/URI.php
index b28ee198b..a575bc36e 100755..100644
--- a/system/core/URI.php
+++ b/system/core/URI.php
@@ -2,7 +2,7 @@
/**
* CodeIgniter
*
- * An open source application development framework for PHP 5.1.6 or newer
+ * An open source application development framework for PHP 5.2.4 or newer
*
* NOTICE OF LICENSE
*
@@ -25,8 +25,6 @@
* @filesource
*/
-// ------------------------------------------------------------------------
-
/**
* URI Class
*
@@ -45,26 +43,29 @@ class CI_URI {
*
* @var array
*/
- public $keyval = array();
+ public $keyval = array();
+
/**
* Current uri string
*
* @var string
*/
public $uri_string;
+
/**
* List of uri segments
*
* @var array
*/
- public $segments = array();
+ public $segments = array();
+
/**
* Re-indexed list of uri segments
* Starts at 1 instead of 0
*
* @var array
*/
- public $rsegments = array();
+ public $rsegments = array();
/**
* Constructor
@@ -72,6 +73,8 @@ class CI_URI {
* Simply globalizes the $RTR object. The front
* loads the Router class early on so it's not available
* normally as other classes are.
+ *
+ * @return void
*/
public function __construct()
{
@@ -93,7 +96,7 @@ class CI_URI {
if (strtoupper($this->config->item('uri_protocol')) === 'AUTO')
{
// Is the request coming from the command line?
- if (php_sapi_name() === 'cli' OR defined('STDIN'))
+ if ($this->_is_cli_request())
{
$this->_set_uri_string($this->_parse_cli_args());
return;
@@ -108,8 +111,8 @@ class CI_URI {
// Is there a PATH_INFO variable?
// Note: some servers seem to have trouble with getenv() so we'll test it two ways
- $path = (isset($_SERVER['PATH_INFO'])) ? $_SERVER['PATH_INFO'] : @getenv('PATH_INFO');
- if (trim($path, '/') != '' && $path !== '/'.SELF)
+ $path = isset($_SERVER['PATH_INFO']) ? $_SERVER['PATH_INFO'] : @getenv('PATH_INFO');
+ if (trim($path, '/') !== '' && $path !== '/'.SELF)
{
$this->_set_uri_string($path);
return;
@@ -117,14 +120,14 @@ class CI_URI {
// No PATH_INFO?... What about QUERY_STRING?
$path = (isset($_SERVER['QUERY_STRING'])) ? $_SERVER['QUERY_STRING'] : @getenv('QUERY_STRING');
- if (trim($path, '/') != '')
+ if (trim($path, '/') !== '')
{
$this->_set_uri_string($path);
return;
}
// As a last ditch effort lets try using the $_GET array
- if (is_array($_GET) && count($_GET) === 1 && trim(key($_GET), '/') != '')
+ if (is_array($_GET) && count($_GET) === 1 && trim(key($_GET), '/') !== '')
{
$this->_set_uri_string(key($_GET));
return;
@@ -148,7 +151,7 @@ class CI_URI {
return;
}
- $path = (isset($_SERVER[$uri])) ? $_SERVER[$uri] : @getenv($uri);
+ $path = isset($_SERVER[$uri]) ? $_SERVER[$uri] : @getenv($uri);
$this->_set_uri_string($path);
}
@@ -181,7 +184,7 @@ class CI_URI {
*/
protected function _detect_uri()
{
- if ( ! isset($_SERVER['REQUEST_URI']) OR ! isset($_SERVER['SCRIPT_NAME']))
+ if ( ! isset($_SERVER['REQUEST_URI'], $_SERVER['SCRIPT_NAME']))
{
return '';
}
@@ -215,7 +218,7 @@ class CI_URI {
$_GET = array();
}
- if ($uri == '/' OR empty($uri))
+ if ($uri === '/' OR empty($uri))
{
return '/';
}
@@ -229,6 +232,20 @@ class CI_URI {
// --------------------------------------------------------------------
/**
+ * Is cli Request?
+ *
+ * Duplicate of function from the Input class to test to see if a request was made from the command line
+ *
+ * @return bool
+ */
+ protected function _is_cli_request()
+ {
+ return (php_sapi_name() === 'cli') OR defined('STDIN');
+ }
+
+ // --------------------------------------------------------------------
+
+ /**
* Parse cli arguments
*
* Take each command line argument and assume it is a URI segment.
@@ -238,7 +255,7 @@ class CI_URI {
protected function _parse_cli_args()
{
$args = array_slice($_SERVER['argv'], 1);
- return $args ? '/' . implode('/', $args) : '';
+ return $args ? '/'.implode('/', $args) : '';
}
// --------------------------------------------------------------------
@@ -253,7 +270,7 @@ class CI_URI {
*/
public function _filter_uri($str)
{
- if ($str != '' && $this->config->item('permitted_uri_chars') != '' && $this->config->item('enable_query_strings') == FALSE)
+ if ($str !== '' && $this->config->item('permitted_uri_chars') != '' && $this->config->item('enable_query_strings') === FALSE)
{
// preg_quote() in PHP 5.3 escapes -, so the str_replace() and addition of - to preg_quote() is to maintain backwards
// compatibility as many are unaware of how characters in the permitted_uri_chars will be parsed as a regex pattern
@@ -281,7 +298,7 @@ class CI_URI {
*/
public function _remove_url_suffix()
{
- if ($this->config->item('url_suffix') != '')
+ if ($this->config->item('url_suffix') !== '')
{
$this->uri_string = preg_replace('|'.preg_quote($this->config->item('url_suffix')).'$|', '', $this->uri_string);
}
@@ -304,7 +321,7 @@ class CI_URI {
// Filter segments for security
$val = trim($this->_filter_uri($val));
- if ($val != '')
+ if ($val !== '')
{
$this->segments[] = $val;
}
@@ -312,6 +329,7 @@ class CI_URI {
}
// --------------------------------------------------------------------
+
/**
* Re-index Segments
*
@@ -339,13 +357,13 @@ class CI_URI {
*
* This function returns the URI segment based on the number provided.
*
- * @param integer
- * @param bool
+ * @param int
+ * @param mixed
* @return string
*/
- public function segment($n, $no_result = FALSE)
+ public function segment($n, $no_result = NULL)
{
- return ( ! isset($this->segments[$n])) ? $no_result : $this->segments[$n];
+ return isset($this->segments[$n]) ? $this->segments[$n] : $no_result;
}
// --------------------------------------------------------------------
@@ -354,16 +372,16 @@ class CI_URI {
* Fetch a URI "routed" Segment
*
* This function returns the re-routed URI segment (assuming routing rules are used)
- * based on the number provided. If there is no routing this function returns the
+ * based on the number provided. If there is no routing this function returns the
* same result as $this->segment()
*
- * @param integer
- * @param bool
+ * @param int
+ * @param mixed
* @return string
*/
- public function rsegment($n, $no_result = FALSE)
+ public function rsegment($n, $no_result = NULL)
{
- return ( ! isset($this->rsegments[$n])) ? $no_result : $this->rsegments[$n];
+ return isset($this->rsegments[$n]) ? $this->rsegments[$n] : $no_result;
}
// --------------------------------------------------------------------
@@ -384,7 +402,7 @@ class CI_URI {
* gender => male
* )
*
- * @param integer the starting segment number
+ * @param int the starting segment number
* @param array an array of default values
* @return array
*/
@@ -392,10 +410,13 @@ class CI_URI {
{
return $this->_uri_to_assoc($n, $default, 'segment');
}
+
+ // --------------------------------------------------------------------
+
/**
* Identical to above only it uses the re-routed segment array
*
- * @param integer the starting segment number
+ * @param int the starting segment number
* @param array an array of default values
* @return array
*/
@@ -409,7 +430,7 @@ class CI_URI {
/**
* Generate a key value pair from the URI string or Re-routed URI string
*
- * @param integer the starting segment number
+ * @param int the starting segment number
* @param array an array of default values
* @param string which array we should use
* @return array
@@ -439,14 +460,9 @@ class CI_URI {
if ($this->$total_segments() < $n)
{
- if (count($default) === 0)
- {
- return array();
- }
-
- return function_exists('array_fill_keys')
- ? array_fill_keys($default, FALSE)
- : array_combine($default, array_fill(0, count($default), FALSE));
+ return (count($default) === 0)
+ ? array()
+ : array_fill_keys($default, NULL);
}
$segments = array_slice($this->$segment_array(), ($n - 1));
@@ -461,7 +477,7 @@ class CI_URI {
}
else
{
- $retval[$seg] = FALSE;
+ $retval[$seg] = NULL;
$lastval = $seg;
}
@@ -474,7 +490,7 @@ class CI_URI {
{
if ( ! array_key_exists($val, $retval))
{
- $retval[$val] = FALSE;
+ $retval[$val] = NULL;
}
}
}
@@ -489,14 +505,13 @@ class CI_URI {
/**
* Generate a URI string from an associative array
*
- *
* @param array an associative array of key/values
* @return array
*/
public function assoc_to_uri($array)
{
$temp = array();
- foreach ((array)$array as $key => $val)
+ foreach ((array) $array as $key => $val)
{
$temp[] = $key;
$temp[] = $val;
@@ -510,7 +525,7 @@ class CI_URI {
/**
* Fetch a URI Segment and add a trailing slash
*
- * @param integer
+ * @param int
* @param string
* @return string
*/
@@ -524,7 +539,7 @@ class CI_URI {
/**
* Fetch a URI Segment and add a trailing slash
*
- * @param integer
+ * @param int
* @param string
* @return string
*/
@@ -538,7 +553,7 @@ class CI_URI {
/**
* Fetch a URI Segment and add a trailing slash - helper function
*
- * @param integer
+ * @param int
* @param string
* @param string
* @return string
@@ -588,7 +603,7 @@ class CI_URI {
/**
* Total number of segments
*
- * @return integer
+ * @return int
*/
public function total_segments()
{
@@ -600,7 +615,7 @@ class CI_URI {
/**
* Total number of routed segments
*
- * @return integer
+ * @return int
*/
public function total_rsegments()
{
@@ -629,10 +644,10 @@ class CI_URI {
*/
public function ruri_string()
{
- return '/'.implode('/', $this->rsegment_array());
+ return implode('/', $this->rsegment_array());
}
}
/* End of file URI.php */
-/* Location: ./system/core/URI.php */
+/* Location: ./system/core/URI.php */ \ No newline at end of file
diff --git a/system/core/Utf8.php b/system/core/Utf8.php
index 0e180d36f..0a7ec501c 100644
--- a/system/core/Utf8.php
+++ b/system/core/Utf8.php
@@ -2,7 +2,7 @@
/**
* CodeIgniter
*
- * An open source application development framework for PHP 5.1.6 or newer
+ * An open source application development framework for PHP 5.2.4 or newer
*
* NOTICE OF LICENSE
*
@@ -25,8 +25,6 @@
* @filesource
*/
-// ------------------------------------------------------------------------
-
/**
* Utf8 Class
*
@@ -44,6 +42,8 @@ class CI_Utf8 {
* Constructor
*
* Determines if UTF-8 support is to be enabled
+ *
+ * @return void
*/
public function __construct()
{
@@ -54,7 +54,7 @@ class CI_Utf8 {
if (
@preg_match('/./u', 'é') === 1 // PCRE must support UTF-8
&& function_exists('iconv') // iconv must be installed
- && @ini_get('mbstring.func_overload') != 1 // Multibyte string function overloading cannot be enabled
+ && (bool) @ini_get('mbstring.func_overload') !== TRUE // Multibyte string function overloading cannot be enabled
&& $CFG->item('charset') === 'UTF-8' // Application charset must be UTF-8
)
{
@@ -126,7 +126,7 @@ class CI_Utf8 {
* Attempts to convert a string to UTF-8
*
* @param string
- * @param string - input encoding
+ * @param string input encoding
* @return string
*/
public function convert_to_utf8($str, $encoding)
@@ -161,4 +161,4 @@ class CI_Utf8 {
}
/* End of file Utf8.php */
-/* Location: ./system/core/Utf8.php */
+/* Location: ./system/core/Utf8.php */ \ No newline at end of file