diff options
Diffstat (limited to 'system/helpers')
| -rw-r--r-- | system/helpers/array_helper.php | 3 | ||||
| -rw-r--r-- | system/helpers/captcha_helper.php | 3 | ||||
| -rw-r--r-- | system/helpers/cookie_helper.php | 3 | ||||
| -rw-r--r-- | system/helpers/date_helper.php | 20 | ||||
| -rw-r--r-- | system/helpers/directory_helper.php | 3 | ||||
| -rw-r--r-- | system/helpers/download_helper.php | 3 | ||||
| -rw-r--r-- | system/helpers/email_helper.php | 3 | ||||
| -rw-r--r-- | system/helpers/file_helper.php | 3 | ||||
| -rw-r--r-- | system/helpers/form_helper.php | 87 | ||||
| -rw-r--r-- | system/helpers/html_helper.php | 3 | ||||
| -rw-r--r-- | system/helpers/inflector_helper.php | 3 | ||||
| -rw-r--r-- | system/helpers/language_helper.php | 3 | ||||
| -rw-r--r-- | system/helpers/number_helper.php | 3 | ||||
| -rw-r--r-- | system/helpers/path_helper.php | 3 | ||||
| -rw-r--r-- | system/helpers/security_helper.php | 3 | ||||
| -rw-r--r-- | system/helpers/smiley_helper.php | 3 | ||||
| -rw-r--r-- | system/helpers/string_helper.php | 3 | ||||
| -rw-r--r-- | system/helpers/text_helper.php | 3 | ||||
| -rw-r--r-- | system/helpers/typography_helper.php | 3 | ||||
| -rw-r--r-- | system/helpers/url_helper.php | 3 | ||||
| -rw-r--r-- | system/helpers/xml_helper.php | 3 |
21 files changed, 94 insertions, 70 deletions
diff --git a/system/helpers/array_helper.php b/system/helpers/array_helper.php index ed2fe3c4a..0e66e4b77 100644 --- a/system/helpers/array_helper.php +++ b/system/helpers/array_helper.php @@ -1,4 +1,4 @@ -<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +<?php /** * CodeIgniter * @@ -24,6 +24,7 @@ * @since Version 1.0 * @filesource */ +defined('BASEPATH') OR exit('No direct script access allowed'); /** * CodeIgniter Array Helpers diff --git a/system/helpers/captcha_helper.php b/system/helpers/captcha_helper.php index 3aac14db8..e9b167fa9 100644 --- a/system/helpers/captcha_helper.php +++ b/system/helpers/captcha_helper.php @@ -1,4 +1,4 @@ -<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +<?php /** * CodeIgniter * @@ -24,6 +24,7 @@ * @since Version 1.0 * @filesource */ +defined('BASEPATH') OR exit('No direct script access allowed'); /** * CodeIgniter CAPTCHA Helper diff --git a/system/helpers/cookie_helper.php b/system/helpers/cookie_helper.php index f396c76b0..02841409d 100644 --- a/system/helpers/cookie_helper.php +++ b/system/helpers/cookie_helper.php @@ -1,4 +1,4 @@ -<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +<?php /** * CodeIgniter * @@ -24,6 +24,7 @@ * @since Version 1.0 * @filesource */ +defined('BASEPATH') OR exit('No direct script access allowed'); /** * CodeIgniter Cookie Helpers diff --git a/system/helpers/date_helper.php b/system/helpers/date_helper.php index 5d9251526..0fa400d7e 100644 --- a/system/helpers/date_helper.php +++ b/system/helpers/date_helper.php @@ -1,4 +1,4 @@ -<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +<?php /** * CodeIgniter * @@ -24,6 +24,7 @@ * @since Version 1.0 * @filesource */ +defined('BASEPATH') OR exit('No direct script access allowed'); /** * CodeIgniter Date Helpers @@ -449,20 +450,13 @@ if ( ! function_exists('human_to_unix')) return FALSE; } - $split = explode(' ', $datestr); + sscanf($datestr, '%d-%d-%d %s %s', $year, $month, $day, $time, $ampm); + sscanf($time, '%d:%d:%d', $hour, $min, $sec); + isset($sec) OR $sec = 0; - list($year, $month, $day) = explode('-', $split[0]); - - $ex = explode(':', $split['1']); - - $hour = (int) $ex[0]; - $min = (int) $ex[1]; - $sec = ( ! empty($ex[2]) && preg_match('/[0-9]{1,2}/', $ex[2])) - ? (int) $ex[2] : 0; - - if (isset($split[2])) + if (isset($ampm)) { - $ampm = strtolower($split[2]); + $ampm = strtolower($ampm); if ($ampm[0] === 'p' && $hour < 12) { diff --git a/system/helpers/directory_helper.php b/system/helpers/directory_helper.php index 7d6b6770e..7223a2911 100644 --- a/system/helpers/directory_helper.php +++ b/system/helpers/directory_helper.php @@ -1,4 +1,4 @@ -<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +<?php /** * CodeIgniter * @@ -24,6 +24,7 @@ * @since Version 1.0 * @filesource */ +defined('BASEPATH') OR exit('No direct script access allowed'); /** * CodeIgniter Directory Helpers diff --git a/system/helpers/download_helper.php b/system/helpers/download_helper.php index 2c26a36d5..8fe66e222 100644 --- a/system/helpers/download_helper.php +++ b/system/helpers/download_helper.php @@ -1,4 +1,4 @@ -<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +<?php /** * CodeIgniter * @@ -24,6 +24,7 @@ * @since Version 1.0 * @filesource */ +defined('BASEPATH') OR exit('No direct script access allowed'); /** * CodeIgniter Download Helpers diff --git a/system/helpers/email_helper.php b/system/helpers/email_helper.php index 2a63b36c9..6f5d17255 100644 --- a/system/helpers/email_helper.php +++ b/system/helpers/email_helper.php @@ -1,4 +1,4 @@ -<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +<?php /** * CodeIgniter * @@ -24,6 +24,7 @@ * @since Version 1.0 * @filesource */ +defined('BASEPATH') OR exit('No direct script access allowed'); /** * CodeIgniter Email Helpers diff --git a/system/helpers/file_helper.php b/system/helpers/file_helper.php index 8f23a3d54..6383007ba 100644 --- a/system/helpers/file_helper.php +++ b/system/helpers/file_helper.php @@ -1,4 +1,4 @@ -<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +<?php /** * CodeIgniter * @@ -24,6 +24,7 @@ * @since Version 1.0 * @filesource */ +defined('BASEPATH') OR exit('No direct script access allowed'); /** * CodeIgniter File Helpers diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index 622622c0e..e7bea92cc 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -1,4 +1,4 @@ -<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +<?php /** * CodeIgniter * @@ -22,7 +22,9 @@ * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 + * @filesource */ +defined('BASEPATH') OR exit('No direct script access allowed'); /** * CodeIgniter Form Helpers @@ -124,9 +126,9 @@ if ( ! function_exists('form_hidden')) * Generates hidden fields. You can pass a simple key/value string or * an associative array with multiple values. * - * @param mixed - * @param string - * @param bool + * @param mixed $name Field name + * @param string $value Field value + * @param bool $recursing * @return string */ function form_hidden($name, $value = '', $recursing = FALSE) @@ -149,7 +151,7 @@ if ( ! function_exists('form_hidden')) if ( ! is_array($value)) { - $form .= '<input type="hidden" name="'.$name.'" value="'.html_escape($value)."\" />\n"; + $form .= '<input type="hidden" name="'.$name.'" value="'.form_prep($value)."\" />\n"; } else { @@ -243,9 +245,9 @@ if ( ! function_exists('form_textarea')) /** * Textarea field * - * @param mixed - * @param string - * @param string + * @param mixed $data + * @param string $value + * @param string $extra * @return string */ function form_textarea($data = '', $value = '', $extra = '') @@ -263,7 +265,7 @@ if ( ! function_exists('form_textarea')) } $name = is_array($data) ? $data['name'] : $data; - return '<textarea '._parse_form_attributes($data, $defaults).$extra.'>'.html_escape($val)."</textarea>\n"; + return '<textarea '._parse_form_attributes($data, $defaults).$extra.'>'.form_prep($val, TRUE)."</textarea>\n"; } } @@ -298,10 +300,10 @@ if ( ! function_exists('form_dropdown')) /** * Drop-down Menu * - * @param mixed $name = '' - * @param mixed $options = array() - * @param mixed $selected = array() - * @param mixed $extra = array() + * @param mixed $name + * @param mixed $options + * @param mixed $selected + * @param mixed $extra * @return string */ function form_dropdown($name = '', $options = array(), $selected = array(), $extra = '') @@ -349,7 +351,7 @@ if ( ! function_exists('form_dropdown')) foreach ($val as $optgroup_key => $optgroup_val) { $sel = in_array($optgroup_key, $selected) ? ' selected="selected"' : ''; - $form .= '<option value="'.html_escape($optgroup_key).'"'.$sel.'>' + $form .= '<option value="'.form_prep($optgroup_key).'"'.$sel.'>' .(string) $optgroup_val."</option>\n"; } @@ -357,7 +359,7 @@ if ( ! function_exists('form_dropdown')) } else { - $form .= '<option value="'.html_escape($key).'"' + $form .= '<option value="'.form_prep($key).'"' .(in_array($key, $selected) ? ' selected="selected"' : '').'>' .(string) $val."</option>\n"; } @@ -600,17 +602,28 @@ if ( ! function_exists('form_prep')) * * Formats text so that it can be safely placed in a form field in the event it has HTML tags. * - * @todo Remove in version 3.1+. - * @deprecated 3.0.0 This function has been broken for a long time - * and is now just an alias for html_escape(). It's - * second argument is ignored. - * @param string $str = '' - * @param string $field_name = '' - * @return string + * @param string|string[] $str Value to escape + * @param bool $is_textarea Whether we're escaping for a textarea element + * @return string|string[] Escaped values */ - function form_prep($str = '', $field_name = '') + function form_prep($str = '', $is_textarea = FALSE) { - return html_escape($str); + if (is_array($str)) + { + foreach (array_keys($str) as $key) + { + $str[$key] = form_prep($str[$key], $is_textarea); + } + + return $str; + } + + if ($is_textarea === TRUE) + { + return str_replace(array('<', '>'), array('<', '>'), stripslashes($str)); + } + + return str_replace(array("'", '"'), array(''', '"'), stripslashes($str)); } } @@ -625,23 +638,21 @@ if ( ! function_exists('set_value')) * re-populate an input field or textarea. If Form Validation * is active it retrieves the info from the validation class * - * @param string - * @param string - * @return mixed + * @param string $field Field name + * @param string $default Default value + * @param bool $is_textarea Whether the field is a textarea element + * @return string */ - function set_value($field = '', $default = '') + function set_value($field = '', $default = '', $is_textarea = FALSE) { if (FALSE === ($OBJ =& _get_validation_object())) { - if ( ! isset($_POST[$field])) - { - return html_escape($default); - } - - return html_escape($_POST[$field]); + return isset($_POST[$field]) + ? form_prep($_POST[$field], $is_textarea) + : form_prep($default, $is_textarea); } - return html_escape($OBJ->set_value($field, $default)); + return form_prep($OBJ->set_value($field, $default), $is_textarea); } } @@ -862,8 +873,8 @@ if ( ! function_exists('_parse_form_attributes')) * * Helper function used by some of the form helpers * - * @param array - * @param array + * @param array $attributes List of attributes + * @param array $default Default values * @return string */ function _parse_form_attributes($attributes, $default) @@ -891,7 +902,7 @@ if ( ! function_exists('_parse_form_attributes')) { if ($key === 'value') { - $val = html_escape($val); + $val = form_prep($val); } elseif ($key === 'name' && ! strlen($default['name'])) { diff --git a/system/helpers/html_helper.php b/system/helpers/html_helper.php index 2372e8174..404392f06 100644 --- a/system/helpers/html_helper.php +++ b/system/helpers/html_helper.php @@ -1,4 +1,4 @@ -<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +<?php /** * CodeIgniter * @@ -24,6 +24,7 @@ * @since Version 1.0 * @filesource */ +defined('BASEPATH') OR exit('No direct script access allowed'); /** * CodeIgniter HTML Helpers diff --git a/system/helpers/inflector_helper.php b/system/helpers/inflector_helper.php index 647d840e4..6f1086a00 100644 --- a/system/helpers/inflector_helper.php +++ b/system/helpers/inflector_helper.php @@ -1,4 +1,4 @@ -<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +<?php /** * CodeIgniter * @@ -24,6 +24,7 @@ * @since Version 1.0 * @filesource */ +defined('BASEPATH') OR exit('No direct script access allowed'); /** * CodeIgniter Inflector Helpers diff --git a/system/helpers/language_helper.php b/system/helpers/language_helper.php index bd567ed79..658be6de7 100644 --- a/system/helpers/language_helper.php +++ b/system/helpers/language_helper.php @@ -1,4 +1,4 @@ -<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +<?php /** * CodeIgniter * @@ -24,6 +24,7 @@ * @since Version 1.0 * @filesource */ +defined('BASEPATH') OR exit('No direct script access allowed'); /** * CodeIgniter Language Helpers diff --git a/system/helpers/number_helper.php b/system/helpers/number_helper.php index e49f2f7a0..b93096543 100644 --- a/system/helpers/number_helper.php +++ b/system/helpers/number_helper.php @@ -1,4 +1,4 @@ -<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +<?php /** * CodeIgniter * @@ -24,6 +24,7 @@ * @since Version 1.0 * @filesource */ +defined('BASEPATH') OR exit('No direct script access allowed'); /** * CodeIgniter Number Helpers diff --git a/system/helpers/path_helper.php b/system/helpers/path_helper.php index 166fef065..5a798b118 100644 --- a/system/helpers/path_helper.php +++ b/system/helpers/path_helper.php @@ -1,4 +1,4 @@ -<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +<?php /** * CodeIgniter * @@ -24,6 +24,7 @@ * @since Version 1.0 * @filesource */ +defined('BASEPATH') OR exit('No direct script access allowed'); /** * CodeIgniter Path Helpers diff --git a/system/helpers/security_helper.php b/system/helpers/security_helper.php index 8bbd06684..898a49c80 100644 --- a/system/helpers/security_helper.php +++ b/system/helpers/security_helper.php @@ -1,4 +1,4 @@ -<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +<?php /** * CodeIgniter * @@ -24,6 +24,7 @@ * @since Version 1.0 * @filesource */ +defined('BASEPATH') OR exit('No direct script access allowed'); /** * CodeIgniter Security Helpers diff --git a/system/helpers/smiley_helper.php b/system/helpers/smiley_helper.php index b6b2afcf4..6ae8937ee 100644 --- a/system/helpers/smiley_helper.php +++ b/system/helpers/smiley_helper.php @@ -1,4 +1,4 @@ -<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +<?php /** * CodeIgniter * @@ -24,6 +24,7 @@ * @since Version 1.0 * @filesource */ +defined('BASEPATH') OR exit('No direct script access allowed'); /** * CodeIgniter Smiley Helpers diff --git a/system/helpers/string_helper.php b/system/helpers/string_helper.php index c5c493452..c895d5767 100644 --- a/system/helpers/string_helper.php +++ b/system/helpers/string_helper.php @@ -1,4 +1,4 @@ -<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +<?php /** * CodeIgniter * @@ -24,6 +24,7 @@ * @since Version 1.0 * @filesource */ +defined('BASEPATH') OR exit('No direct script access allowed'); /** * CodeIgniter String Helpers diff --git a/system/helpers/text_helper.php b/system/helpers/text_helper.php index 89602fc28..cce659231 100644 --- a/system/helpers/text_helper.php +++ b/system/helpers/text_helper.php @@ -1,4 +1,4 @@ -<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +<?php /** * CodeIgniter * @@ -24,6 +24,7 @@ * @since Version 1.0 * @filesource */ +defined('BASEPATH') OR exit('No direct script access allowed'); /** * CodeIgniter Text Helpers diff --git a/system/helpers/typography_helper.php b/system/helpers/typography_helper.php index 96bedd026..48f1f1147 100644 --- a/system/helpers/typography_helper.php +++ b/system/helpers/typography_helper.php @@ -1,4 +1,4 @@ -<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +<?php /** * CodeIgniter * @@ -24,6 +24,7 @@ * @since Version 1.0 * @filesource */ +defined('BASEPATH') OR exit('No direct script access allowed'); /** * CodeIgniter Typography Helpers diff --git a/system/helpers/url_helper.php b/system/helpers/url_helper.php index dc77246dc..8e9cb7b03 100644 --- a/system/helpers/url_helper.php +++ b/system/helpers/url_helper.php @@ -1,4 +1,4 @@ -<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +<?php /** * CodeIgniter * @@ -24,6 +24,7 @@ * @since Version 1.0 * @filesource */ +defined('BASEPATH') OR exit('No direct script access allowed'); /** * CodeIgniter URL Helpers diff --git a/system/helpers/xml_helper.php b/system/helpers/xml_helper.php index 1431777d2..c3dfdcddb 100644 --- a/system/helpers/xml_helper.php +++ b/system/helpers/xml_helper.php @@ -1,4 +1,4 @@ -<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +<?php /** * CodeIgniter * @@ -24,6 +24,7 @@ * @since Version 1.0 * @filesource */ +defined('BASEPATH') OR exit('No direct script access allowed'); /** * CodeIgniter XML Helpers |