diff options
Diffstat (limited to 'system/core')
| -rwxr-xr-x | system/core/Benchmark.php | 2 | ||||
| -rwxr-xr-x | system/core/CodeIgniter.php | 2 | ||||
| -rw-r--r-- | system/core/Common.php | 33 | ||||
| -rwxr-xr-x | system/core/Config.php | 4 | ||||
| -rw-r--r-- | system/core/Controller.php | 2 | ||||
| -rwxr-xr-x | system/core/Exceptions.php | 2 | ||||
| -rwxr-xr-x | system/core/Hooks.php | 2 | ||||
| -rwxr-xr-x | system/core/Input.php | 50 | ||||
| -rwxr-xr-x | system/core/Lang.php | 2 | ||||
| -rw-r--r-- | system/core/Loader.php | 15 | ||||
| -rwxr-xr-x | system/core/Model.php | 2 | ||||
| -rwxr-xr-x | system/core/Output.php | 2 | ||||
| -rwxr-xr-x | system/core/Router.php | 2 | ||||
| -rwxr-xr-x | system/core/Security.php | 45 | ||||
| -rwxr-xr-x | system/core/URI.php | 24 | ||||
| -rw-r--r-- | system/core/Utf8.php | 2 |
16 files changed, 98 insertions, 93 deletions
diff --git a/system/core/Benchmark.php b/system/core/Benchmark.php index f4dfd3dab..f6b634deb 100755 --- a/system/core/Benchmark.php +++ b/system/core/Benchmark.php @@ -2,7 +2,7 @@ /** * CodeIgniter * - * An open source application development framework for PHP 5.1.6 or newer + * An open source application development framework for PHP 5.2.4 or newer * * NOTICE OF LICENSE * diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index 7af3c485d..a79a69590 100755 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -2,7 +2,7 @@ /** * CodeIgniter * - * An open source application development framework for PHP 5.1.6 or newer + * An open source application development framework for PHP 5.2.4 or newer * * NOTICE OF LICENSE * diff --git a/system/core/Common.php b/system/core/Common.php index 225227d17..f20acafd4 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -2,7 +2,7 @@ /** * CodeIgniter * - * An open source application development framework for PHP 5.1.6 or newer + * An open source application development framework for PHP 5.2.4 or newer * * NOTICE OF LICENSE * @@ -56,7 +56,7 @@ if ( ! function_exists('is_php')) function is_php($version = '5.0.0') { static $_is_php; - $version = (string)$version; + $version = (string) $version; if ( ! isset($_is_php[$version])) { @@ -84,7 +84,7 @@ if ( ! function_exists('is_really_writable')) function is_really_writable($file) { // If we're on a Unix server with safe_mode off we call is_writable - if (DIRECTORY_SEPARATOR === '/' AND @ini_get('safe_mode') == FALSE) + if (DIRECTORY_SEPARATOR === '/' && (bool) @ini_get('safe_mode') === FALSE) { return is_writable($file); } @@ -120,7 +120,7 @@ if ( ! function_exists('is_really_writable')) /** * Class registry * -* This function acts as a singleton. If the requested class does not +* This function acts as a singleton. If the requested class does not * exist it is instantiated and set to a static variable. If it has * previously been instantiated the variable is returned. * @@ -192,7 +192,7 @@ if ( ! function_exists('load_class')) // -------------------------------------------------------------------- /** -* Keeps track of which libraries have been loaded. This function is +* Keeps track of which libraries have been loaded. This function is * called by the load_class() function above * * @access public @@ -437,7 +437,7 @@ if ( ! function_exists('set_status_header')) show_error('Status codes must be numeric', 500); } - if (isset($stati[$code]) AND $text == '') + if (isset($stati[$code]) && $text == '') { $text = $stati[$code]; } @@ -447,19 +447,19 @@ if ( ! function_exists('set_status_header')) show_error('No status text available. Please check your status code number or supply your own message text.', 500); } - $server_protocol = (isset($_SERVER['SERVER_PROTOCOL'])) ? $_SERVER['SERVER_PROTOCOL'] : FALSE; + $server_protocol = isset($_SERVER['SERVER_PROTOCOL']) ? $_SERVER['SERVER_PROTOCOL'] : FALSE; if (strpos(php_sapi_name(), 'cgi') === 0) { - header("Status: {$code} {$text}", TRUE); + header('Status: '.$code.' '.$text, TRUE); } - elseif ($server_protocol == 'HTTP/1.1' OR $server_protocol == 'HTTP/1.0') + elseif ($server_protocol === 'HTTP/1.0') { - header($server_protocol." {$code} {$text}", TRUE, $code); + header('HTTP/1.0 '.$code.' '.$text, TRUE, $code); } else { - header("HTTP/1.1 {$code} {$text}", TRUE, $code); + header('HTTP/1.1 '.$code.' '.$text, TRUE, $code); } } } @@ -564,14 +564,9 @@ if ( ! function_exists('html_escape')) { function html_escape($var) { - if (is_array($var)) - { - return array_map('html_escape', $var); - } - else - { - return htmlspecialchars($var, ENT_QUOTES, config_item('charset')); - } + return is_array($var) + ? array_map('html_escape', $var) + : htmlspecialchars($var, ENT_QUOTES, config_item('charset')); } } diff --git a/system/core/Config.php b/system/core/Config.php index 68417435d..91826bd41 100755 --- a/system/core/Config.php +++ b/system/core/Config.php @@ -2,7 +2,7 @@ /** * CodeIgniter * - * An open source application development framework for PHP 5.1.6 or newer + * An open source application development framework for PHP 5.2.4 or newer * * NOTICE OF LICENSE * @@ -76,7 +76,7 @@ class CI_Config { log_message('debug', 'Config Class Initialized'); // Set the base_url automatically if none was provided - if ($this->config['base_url'] == '') + if (empty($this->config['base_url'])) { if (isset($_SERVER['HTTP_HOST'])) { diff --git a/system/core/Controller.php b/system/core/Controller.php index 0dc131701..05e1bf5bf 100644 --- a/system/core/Controller.php +++ b/system/core/Controller.php @@ -2,7 +2,7 @@ /** * CodeIgniter * - * An open source application development framework for PHP 5.1.6 or newer + * An open source application development framework for PHP 5.2.4 or newer * * NOTICE OF LICENSE * diff --git a/system/core/Exceptions.php b/system/core/Exceptions.php index bf9901252..d7282b1f3 100755 --- a/system/core/Exceptions.php +++ b/system/core/Exceptions.php @@ -2,7 +2,7 @@ /** * CodeIgniter * - * An open source application development framework for PHP 5.1.6 or newer + * An open source application development framework for PHP 5.2.4 or newer * * NOTICE OF LICENSE * diff --git a/system/core/Hooks.php b/system/core/Hooks.php index e1ac58e6e..493822f36 100755 --- a/system/core/Hooks.php +++ b/system/core/Hooks.php @@ -2,7 +2,7 @@ /** * CodeIgniter * - * An open source application development framework for PHP 5.1.6 or newer + * An open source application development framework for PHP 5.2.4 or newer * * NOTICE OF LICENSE * diff --git a/system/core/Input.php b/system/core/Input.php index ee15f4013..901b4147e 100755 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -2,7 +2,7 @@ /** * CodeIgniter * - * An open source application development framework for PHP 5.1.6 or newer + * An open source application development framework for PHP 5.2.4 or newer * * NOTICE OF LICENSE * @@ -366,36 +366,7 @@ class CI_Input { */ public function valid_ip($ip) { - // if php version >= 5.2, use filter_var to check validate ip. - if (function_exists('filter_var')) - { - return (bool) filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4); - } - - $ip_segments = explode('.', $ip); - - // Always 4 segments needed - if (count($ip_segments) !== 4) - { - return FALSE; - } - // IP can not start with 0 - if ($ip_segments[0][0] == '0') - { - return FALSE; - } - // Check each segment - foreach ($ip_segments as $segment) - { - // IP segments must be digits and can not be - // longer than 3 digits or greater then 255 - if ($segment == '' OR preg_match('/[^0-9]/', $segment) OR $segment > 255 OR strlen($segment) > 3) - { - return FALSE; - } - } - - return TRUE; + return (bool) filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4); } // -------------------------------------------------------------------- @@ -699,6 +670,23 @@ class CI_Input { return (php_sapi_name() === 'cli' OR defined('STDIN')); } + // -------------------------------------------------------------------- + + /** + * Get Request Method + * + * Return the Request Method + * + * @param bool uppercase or lowercase + * @return bool + */ + public function method($upper = FALSE) + { + return ($upper) + ? strtoupper($this->server('REQUEST_METHOD')) + : strtolower($this->server('REQUEST_METHOD')); + } + } /* End of file Input.php */ diff --git a/system/core/Lang.php b/system/core/Lang.php index c40a6856e..9ef76f4d6 100755 --- a/system/core/Lang.php +++ b/system/core/Lang.php @@ -2,7 +2,7 @@ /** * CodeIgniter * - * An open source application development framework for PHP 5.1.6 or newer + * An open source application development framework for PHP 5.2.4 or newer * * NOTICE OF LICENSE * diff --git a/system/core/Loader.php b/system/core/Loader.php index 12daaa928..9b9cc2fef 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -2,7 +2,7 @@ /** * CodeIgniter * - * An open source application development framework for PHP 5.1.6 or newer + * An open source application development framework for PHP 5.2.4 or newer * * NOTICE OF LICENSE * @@ -615,13 +615,22 @@ class CI_Loader { * * Loads a driver library * - * @param string the name of the class + * @param mixed the name of the class or array of classes * @param mixed the optional parameters * @param string an optional object name * @return void */ public function driver($library = '', $params = NULL, $object_name = NULL) { + if (is_array($library)) + { + foreach ($library as $driver) + { + $this->driver($driver); + } + return FALSE; + } + if ( ! class_exists('CI_Driver_Library')) { // we aren't instantiating an object here, that'll be done by the Library itself @@ -833,7 +842,7 @@ class CI_Loader { // If the PHP installation does not support short tags we'll // do a little string replacement, changing the short tags // to standard PHP echo statements. - if ((bool) @ini_get('short_open_tag') === FALSE AND config_item('rewrite_short_tags') == TRUE) + if ( ! is_php('5.4') && (bool) @ini_get('short_open_tag') === FALSE && config_item('rewrite_short_tags') == TRUE) { echo eval('?>'.preg_replace('/;*\s*\?>/', '; ?>', str_replace('<?=', '<?php echo ', file_get_contents($_ci_path)))); } diff --git a/system/core/Model.php b/system/core/Model.php index a595a6ae2..49b8d34e4 100755 --- a/system/core/Model.php +++ b/system/core/Model.php @@ -2,7 +2,7 @@ /** * CodeIgniter * - * An open source application development framework for PHP 5.1.6 or newer + * An open source application development framework for PHP 5.2.4 or newer * * NOTICE OF LICENSE * diff --git a/system/core/Output.php b/system/core/Output.php index abd8a0ea9..faebbbe72 100755 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -2,7 +2,7 @@ /** * CodeIgniter * - * An open source application development framework for PHP 5.1.6 or newer + * An open source application development framework for PHP 5.2.4 or newer * * NOTICE OF LICENSE * diff --git a/system/core/Router.php b/system/core/Router.php index d21319565..b251abb4b 100755 --- a/system/core/Router.php +++ b/system/core/Router.php @@ -2,7 +2,7 @@ /** * CodeIgniter * - * An open source application development framework for PHP 5.1.6 or newer + * An open source application development framework for PHP 5.2.4 or newer * * NOTICE OF LICENSE * diff --git a/system/core/Security.php b/system/core/Security.php index 1007f61f4..cd8a61028 100755 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -2,7 +2,7 @@ /** * CodeIgniter * - * An open source application development framework for PHP 5.1.6 or newer + * An open source application development framework for PHP 5.2.4 or newer * * NOTICE OF LICENSE * @@ -25,8 +25,6 @@ * @filesource */ -// ------------------------------------------------------------------------ - /** * Security Class * @@ -106,23 +104,27 @@ class CI_Security { public function __construct() { - // CSRF config - foreach(array('csrf_expire', 'csrf_token_name', 'csrf_cookie_name') as $key) + // Is CSRF protection enabled? + if (config_item('csrf_protection') === TRUE) { - if (FALSE !== ($val = config_item($key))) + // CSRF config + foreach (array('csrf_expire', 'csrf_token_name', 'csrf_cookie_name') as $key) { - $this->{'_'.$key} = $val; + if (FALSE !== ($val = config_item($key))) + { + $this->{'_'.$key} = $val; + } } - } - // Append application specific cookie prefix - if (config_item('cookie_prefix')) - { - $this->_csrf_cookie_name = config_item('cookie_prefix').$this->_csrf_cookie_name; - } + // Append application specific cookie prefix + if (config_item('cookie_prefix')) + { + $this->_csrf_cookie_name = config_item('cookie_prefix').$this->_csrf_cookie_name; + } - // Set the CSRF hash - $this->_csrf_set_hash(); + // Set the CSRF hash + $this->_csrf_set_hash(); + } log_message('debug', 'Security Class Initialized'); } @@ -136,8 +138,8 @@ class CI_Security { */ public function csrf_verify() { - // If no POST data exists we will set the CSRF cookie - if (count($_POST) === 0) + // If it's not a POST request we will set the CSRF cookie + if (strtoupper($_SERVER['REQUEST_METHOD']) !== 'POST') { return $this->csrf_set_cookie(); } @@ -189,7 +191,7 @@ class CI_Security { $expire = time() + $this->_csrf_expire; $secure_cookie = (bool) config_item('cookie_secure'); - if ($secure_cookie && ( ! isset($_SERVER['HTTPS']) OR $_SERVER['HTTPS'] == 'off' OR ! $_SERVER['HTTPS'])) + if ($secure_cookie && (empty($_SERVER['HTTPS']) OR strtolower($_SERVER['HTTPS']) === 'off')) { return FALSE; } @@ -358,7 +360,7 @@ class CI_Security { foreach ($words as $word) { - $word = implode("\s*", str_split($word)) . "\s*"; + $word = implode('\s*', str_split($word)).'\s*'; // We only want to do this when it is followed by a non-word character // That way valid stuff like "dealer to" does not become "dealerto" @@ -425,7 +427,6 @@ class CI_Security { '\\1\\2(\\3)', $str); - // Final clean up // This adds a bit of extra precaution in case // something got through the above filters @@ -601,7 +602,7 @@ class CI_Security { } // find occurrences of illegal attribute strings with quotes (042 and 047 are octal quotes) - preg_match_all('/('.implode('|', $evil_attributes).')\s*=\s*(\042|\047)([^\\2]*?)(\\2)/is', $str, $matches, PREG_SET_ORDER); + preg_match_all('/('.implode('|', $evil_attributes).')\s*=\s*(\042|\047)([^\\2]*?)(\\2)/is', $str, $matches, PREG_SET_ORDER); foreach ($matches as $attr) { @@ -633,7 +634,7 @@ class CI_Security { { return '<'.$matches[1].$matches[2].$matches[3] // encode opening brace // encode captured opening or closing brace to prevent recursive vectors: - . str_replace(array('>', '<'), array('>', '<'), $matches[4]); + .str_replace(array('>', '<'), array('>', '<'), $matches[4]); } // -------------------------------------------------------------------- diff --git a/system/core/URI.php b/system/core/URI.php index b28ee198b..48bb7ae3c 100755 --- a/system/core/URI.php +++ b/system/core/URI.php @@ -2,7 +2,7 @@ /** * CodeIgniter * - * An open source application development framework for PHP 5.1.6 or newer + * An open source application development framework for PHP 5.2.4 or newer * * NOTICE OF LICENSE * @@ -22,7 +22,6 @@ * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 - * @filesource */ // ------------------------------------------------------------------------ @@ -93,7 +92,7 @@ class CI_URI { if (strtoupper($this->config->item('uri_protocol')) === 'AUTO') { // Is the request coming from the command line? - if (php_sapi_name() === 'cli' OR defined('STDIN')) + if ($this->_is_cli_request()) { $this->_set_uri_string($this->_parse_cli_args()); return; @@ -227,6 +226,21 @@ class CI_URI { } // -------------------------------------------------------------------- + + /** + * Is cli Request? + * + * Duplicate of function from the Input class to test to see if a request was made from the command line + * + * @return boolean + */ + protected function _is_cli_request() + { + return (php_sapi_name() == 'cli') OR defined('STDIN'); + } + + + // -------------------------------------------------------------------- /** * Parse cli arguments @@ -444,9 +458,7 @@ class CI_URI { return array(); } - return function_exists('array_fill_keys') - ? array_fill_keys($default, FALSE) - : array_combine($default, array_fill(0, count($default), FALSE)); + return array_fill_keys($default, FALSE); } $segments = array_slice($this->$segment_array(), ($n - 1)); diff --git a/system/core/Utf8.php b/system/core/Utf8.php index 0e180d36f..ba3567453 100644 --- a/system/core/Utf8.php +++ b/system/core/Utf8.php @@ -2,7 +2,7 @@ /** * CodeIgniter * - * An open source application development framework for PHP 5.1.6 or newer + * An open source application development framework for PHP 5.2.4 or newer * * NOTICE OF LICENSE * |