diff options
Diffstat (limited to 'system/core')
| -rw-r--r-- | system/core/Loader.php | 8 | ||||
| -rw-r--r-- | system/core/Log.php | 4 | ||||
| -rw-r--r-- | system/core/Security.php | 9 |
3 files changed, 18 insertions, 3 deletions
diff --git a/system/core/Loader.php b/system/core/Loader.php index 62781a7bf..c742ae71a 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -936,6 +936,14 @@ class CI_Loader { */ if (is_array($_ci_vars)) { + foreach (array_keys($_ci_vars) as $key) + { + if (strncmp($key, '_ci_', 4) === 0) + { + unset($_ci_vars[$key]); + } + } + $this->_ci_cached_vars = array_merge($this->_ci_cached_vars, $_ci_vars); } extract($this->_ci_cached_vars); diff --git a/system/core/Log.php b/system/core/Log.php index 7c81d358b..1abdaa00e 100644 --- a/system/core/Log.php +++ b/system/core/Log.php @@ -191,6 +191,8 @@ class CI_Log { return FALSE; } + flock($fp, LOCK_EX); + // Instantiating DateTime with microseconds appended to initial date is needed for proper support of this format if (strpos($this->_date_fmt, 'u') !== FALSE) { @@ -206,8 +208,6 @@ class CI_Log { $message .= $this->_format_line($level, $date, $msg); - flock($fp, LOCK_EX); - for ($written = 0, $length = strlen($message); $written < $length; $written += $result) { if (($result = fwrite($fp, substr($message, $written))) === FALSE) diff --git a/system/core/Security.php b/system/core/Security.php index bad511dd3..d5305d1ca 100644 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -762,7 +762,14 @@ class CI_Security { */ public function strip_image_tags($str) { - return preg_replace(array('#<img[\s/]+.*?src\s*=\s*["\'](.+?)["\'].*?\>#', '#<img[\s/]+.*?src\s*=\s*(.+?).*?\>#'), '\\1', $str); + return preg_replace( + array( + '#<img[\s/]+.*?src\s*=\s*(["\'])([^\\1]+?)\\1.*?\>#i', + '#<img[\s/]+.*?src\s*=\s*?(([^\s"\'=<>`]+)).*?\>#i' + ), + '\\2', + $str + ); } // ---------------------------------------------------------------- |