14 files changed, 174 insertions, 674 deletions
diff --git a/system/helpers/captcha_helper.php b/system/helpers/captcha_helper.php
index 9fcbd1b2d..9f707524a 100644
--- a/system/helpers/captcha_helper.php
+++ b/system/helpers/captcha_helper.php
@@ -55,13 +55,10 @@ if ( ! function_exists('create_captcha'))
 	/**
 	 * Create CAPTCHA
 	 *
-	 * @param	array	$data		Data for the CAPTCHA
-	 * @param	string	$img_path	Path to create the image in (deprecated)
-	 * @param	string	$img_url	URL to the CAPTCHA image folder (deprecated)
-	 * @param	string	$font_path	Server path to font (deprecated)
-	 * @return	string
+	 * @param	array	$data	Data for the CAPTCHA
+	 * @return	array
 	 */
-	function create_captcha($data = '', $img_path = '', $img_url = '', $font_path = '')
+	function create_captcha($data)
 	{
 		$defaults = array(
 			'word'		=> '',
@@ -69,10 +66,12 @@ if ( ! function_exists('create_captcha'))
 			'img_url'	=> '',
 			'img_width'	=> '150',
 			'img_height'	=> '30',
+			'img_alt'	=> 'captcha',
+			'img_class'	=> '',
 			'font_path'	=> '',
+			'font_size'	=> 16,
 			'expiration'	=> 7200,
 			'word_length'	=> 8,
-			'font_size'	=> 16,
 			'img_id'	=> '',
 			'pool'		=> '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ',
 			'colors'	=> array(
@@ -83,6 +82,8 @@ if ( ! function_exists('create_captcha'))
 			)
 		);
 
+		$now = microtime(TRUE);
+
 		foreach ($defaults as $key => $val)
 		{
 			if ( ! is_array($data) && empty($$key))
@@ -103,7 +104,7 @@ if ( ! function_exists('create_captcha'))
 
 		if ($img_path === '' OR $img_url === '')
 		{
-			log_message('error', 'create_captcha(): $img_path and $img_url are required.');
+			log_message('error', 'create_captcha(): img_path and img_url are required.');
 			return FALSE;
 		}
 
@@ -113,23 +114,41 @@ if ( ! function_exists('create_captcha'))
 			return FALSE;
 		}
 
-		// -----------------------------------
-		// Remove old images
-		// -----------------------------------
+		if ($img_url !== '' OR $img_path !== '')
+		{
+			if ($img_path === '' OR $img_url === '')
+			{
+				log_message('error', 'create_captcha(): $img_path and $img_url are required.');
+				return FALSE;
+			}
 
-		$now = microtime(TRUE);
+			if ( ! is_dir($img_path) OR ! is_really_writable($img_path))
+			{
+				log_message('error', "create_captcha(): '{$img_path}' is not a dir, nor is it writable.");
+				return FALSE;
+			}
 
-		$current_dir = @opendir($img_path);
-		while ($filename = @readdir($current_dir))
-		{
-			if (in_array(substr($filename, -4), array('.jpg', '.png'))
-				&& (str_replace(array('.jpg', '.png'), '', $filename) + $expiration) < $now)
+			/**
+			 * Remove old images
+			 */
+			$current_dir = @opendir($img_path);
+			while ($filename = @readdir($current_dir))
 			{
-				@unlink($img_path.$filename);
+				if (preg_match('#^(?<ts>\d{10})\.png$#', $filename, $match) && ($match['ts'] + $expiration) < $now)
+				{
+					@unlink($img_path.$filename);
+				}
 			}
-		}
 
-		@closedir($current_dir);
+			@closedir($current_dir);
+
+			// This variable will later be used later to determine whether we write to disk or output a data:image URI
+			$img_filename = $now.'.png';
+		}
+		else
+		{
+			$img_filename = NULL;
+		}
 
 		// -----------------------------------
 		// Do we have a "word" yet?
@@ -239,8 +258,8 @@ if ( ! function_exists('create_captcha'))
 		// Determine angle and position
 		// -----------------------------------
 		$length	= strlen($word);
-		$angle	= ($length >= 6) ? mt_rand(-($length-6), ($length-6)) : 0;
-		$x_axis	= mt_rand(6, (360/$length)-16);
+		$angle	= ($length >= 6) ? mt_rand(-($length - 6), ($length - 6)) : 0;
+		$x_axis	= mt_rand(6, (360 / $length)-16);
 		$y_axis = ($angle >= 0) ? mt_rand($img_height, $img_width) : mt_rand(6, $img_height);
 
 		// Create image
@@ -328,24 +347,34 @@ if ( ! function_exists('create_captcha'))
 		// -----------------------------------
 		//  Generate the image
 		// -----------------------------------
-		$img_url = rtrim($img_url, '/').'/';
 
-		if (function_exists('imagejpeg'))
+		if (isset($img_filename))
 		{
-			$img_filename = $now.'.jpg';
-			imagejpeg($im, $img_path.$img_filename);
-		}
-		elseif (function_exists('imagepng'))
-		{
-			$img_filename = $now.'.png';
+			$img_src = rtrim($img_url, '/').'/'.$img_filename;
 			imagepng($im, $img_path.$img_filename);
 		}
 		else
 		{
-			return FALSE;
+			// I don't see an easier way to get the image contents without writing to file
+			$buffer = fopen('php://memory', 'wb+');
+			imagepng($im, $buffer);
+			rewind($buffer);
+			$img_src = '';
+
+			// fread() will return an empty string (not FALSE) after the entire contents are read
+			while (strlen($read = fread($buffer, 4096)))
+			{
+				$img_src .= $read;
+			}
+
+			fclose($buffer);
+			$img_src = 'data:image/png;base64,'.base64_encode($img_src);
 		}
 
-		$img = '<img '.($img_id === '' ? '' : 'id="'.$img_id.'"').' src="'.$img_url.$img_filename.'" style="width: '.$img_width.'px; height: '.$img_height .'px; border: 0;" alt=" " />';
+		$img_class = trim($img_class);
+		$img_class = (bool) strlen($img_class) ? 'class="'.$img_class.'" ' : '';
+
+		$img = '<img '.($img_id === '' ? '' : 'id="'.$img_id.'"').' src="'.$img_src.'" style="width: '.$img_width.'px; height: '.$img_height .'px; border: 0;" '.$img_class.'alt="'.$img_alt.'" />';
 		ImageDestroy($im);
 
 		return array('word' => $word, 'time' => $now, 'image' => $img, 'filename' => $img_filename);
diff --git a/system/helpers/cookie_helper.php b/system/helpers/cookie_helper.php
index abe492f8e..0325e3db3 100644
--- a/system/helpers/cookie_helper.php
+++ b/system/helpers/cookie_helper.php
@@ -60,7 +60,7 @@ if ( ! function_exists('set_cookie'))
 	 *
 	 * @param	mixed
 	 * @param	string	the value of the cookie
-	 * @param	string	the number of seconds until expiration
+	 * @param	int	the number of seconds until expiration
 	 * @param	string	the cookie domain.  Usually:  .yourdomain.com
 	 * @param	string	the cookie path
 	 * @param	string	the cookie prefix
@@ -68,10 +68,10 @@ if ( ! function_exists('set_cookie'))
 	 * @param	bool	true makes the cookie accessible via http(s) only (no javascript)
 	 * @return	void
 	 */
-	function set_cookie($name, $value = '', $expire = '', $domain = '', $path = '/', $prefix = '', $secure = NULL, $httponly = NULL)
+	function set_cookie($name, $value = '', $expire = 0, $domain = '', $path = '/', $prefix = '', $secure = NULL, $httponly = NULL, $samesite = NULL)
 	{
 		// Set the config file options
-		get_instance()->input->set_cookie($name, $value, $expire, $domain, $path, $prefix, $secure, $httponly);
+		get_instance()->input->set_cookie($name, $value, $expire, $domain, $path, $prefix, $secure, $httponly, $samesite);
 	}
 }
 
@@ -86,9 +86,8 @@ if ( ! function_exists('get_cookie'))
 	 * @param	bool
 	 * @return	mixed
 	 */
-	function get_cookie($index, $xss_clean = NULL)
+	function get_cookie($index, $xss_clean = FALSE)
 	{
-		is_bool($xss_clean) OR $xss_clean = (config_item('global_xss_filtering') === TRUE);
 		$prefix = isset($_COOKIE[$index]) ? '' : config_item('cookie_prefix');
 		return get_instance()->input->cookie($prefix.$index, $xss_clean);
 	}
diff --git a/system/helpers/date_helper.php b/system/helpers/date_helper.php
index 5b2f3e099..6ea9d82bd 100644
--- a/system/helpers/date_helper.php
+++ b/system/helpers/date_helper.php
@@ -123,46 +123,6 @@ if ( ! function_exists('mdate'))
 
 // ------------------------------------------------------------------------
 
-if ( ! function_exists('standard_date'))
-{
-	/**
-	 * Standard Date
-	 *
-	 * Returns a date formatted according to the submitted standard.
-	 *
-	 * As of PHP 5.2, the DateTime extension provides constants that
-	 * serve for the exact same purpose and are used with date().
-	 *
-	 * @todo	Remove in version 3.1+.
-	 * @deprecated	3.0.0	Use PHP's native date() instead.
-	 * @link	https://www.php.net/manual/en/class.datetime.php#datetime.constants.types
-	 *
-	 * @example	date(DATE_RFC822, now()); // default
-	 * @example	date(DATE_W3C, $time); // a different format and time
-	 *
-	 * @param	string	$fmt = 'DATE_RFC822'	the chosen format
-	 * @param	int	$time = NULL		Unix timestamp
-	 * @return	string
-	 */
-	function standard_date($fmt = 'DATE_RFC822', $time = NULL)
-	{
-		if (empty($time))
-		{
-			$time = now();
-		}
-
-		// Procedural style pre-defined constants from the DateTime extension
-		if (strpos($fmt, 'DATE_') !== 0 OR defined($fmt) === FALSE)
-		{
-			return FALSE;
-		}
-
-		return date(constant($fmt), $time);
-	}
-}
-
-// ------------------------------------------------------------------------
-
 if ( ! function_exists('timespan'))
 {
 	/**
@@ -491,72 +451,6 @@ if ( ! function_exists('human_to_unix'))
 
 // ------------------------------------------------------------------------
 
-if ( ! function_exists('nice_date'))
-{
-	/**
-	 * Turns many "reasonably-date-like" strings into something
-	 * that is actually useful. This only works for dates after unix epoch.
-	 *
-	 * @deprecated	3.1.3	Use DateTime::createFromFormat($input_format, $input)->format($output_format);
-	 * @param	string	The terribly formatted date-like string
-	 * @param	string	Date format to return (same as php date function)
-	 * @return	string
-	 */
-	function nice_date($bad_date = '', $format = FALSE)
-	{
-		if (empty($bad_date))
-		{
-			return 'Unknown';
-		}
-		elseif (empty($format))
-		{
-			$format = 'U';
-		}
-
-		// Date like: YYYYMM
-		if (preg_match('/^\d{6}$/i', $bad_date))
-		{
-			if (in_array(substr($bad_date, 0, 2), array('19', '20')))
-			{
-				$year  = substr($bad_date, 0, 4);
-				$month = substr($bad_date, 4, 2);
-			}
-			else
-			{
-				$month  = substr($bad_date, 0, 2);
-				$year   = substr($bad_date, 2, 4);
-			}
-
-			return date($format, strtotime($year.'-'.$month.'-01'));
-		}
-
-		// Date Like: YYYYMMDD
-		if (preg_match('/^\d{8}$/i', $bad_date, $matches))
-		{
-			return DateTime::createFromFormat('Ymd', $bad_date)->format($format);
-		}
-
-		// Date Like: MM-DD-YYYY __or__ M-D-YYYY (or anything in between)
-		if (preg_match('/^(\d{1,2})-(\d{1,2})-(\d{4})$/i', $bad_date, $matches))
-		{
-			return date($format, strtotime($matches[3].'-'.$matches[1].'-'.$matches[2]));
-		}
-
-		// Any other kind of string, when converted into UNIX time,
-		// produces "0 seconds after epoc..." is probably bad...
-		// return "Invalid Date".
-		if (date('U', strtotime($bad_date)) === '0')
-		{
-			return 'Invalid Date';
-		}
-
-		// It's probably a valid-ish date format already
-		return date($format, strtotime($bad_date));
-	}
-}
-
-// ------------------------------------------------------------------------
-
 if ( ! function_exists('timezone_menu'))
 {
 	/**
diff --git a/system/helpers/download_helper.php b/system/helpers/download_helper.php
index 9b361c4bd..2c72c563a 100644
--- a/system/helpers/download_helper.php
+++ b/system/helpers/download_helper.php
@@ -57,7 +57,7 @@ if ( ! function_exists('force_download'))
 	 *
 	 * Generates headers that force a download to happen
 	 *
-	 * @param	string	filename
+	 * @param	mixed	filename (or an array of local file path => destination filename)
 	 * @param	mixed	the data to be downloaded
 	 * @param	bool	whether to try and send the actual file MIME type
 	 * @return	void
@@ -70,14 +70,34 @@ if ( ! function_exists('force_download'))
 		}
 		elseif ($data === NULL)
 		{
-			if ( ! @is_file($filename) OR ($filesize = @filesize($filename)) === FALSE)
+			// Is $filename an array as ['local source path' => 'destination filename']?
+			if (is_array($filename))
 			{
-				return;
+				if (count($filename) !== 1)
+				{
+					return;
+				}
+
+				reset($filename);
+				$filepath = key($filename);
+				$filename = current($filename);
+
+				if (is_int($filepath))
+				{
+					return;
+				}
+			}
+			else
+			{
+				$filepath = $filename;
+				$filename = explode('/', str_replace(DIRECTORY_SEPARATOR, '/', $filename));
+				$filename = end($filename);
 			}
 
-			$filepath = $filename;
-			$filename = explode('/', str_replace(DIRECTORY_SEPARATOR, '/', $filename));
-			$filename = end($filename);
+			if ( ! @is_file($filepath) OR ($filesize = @filesize($filepath)) === FALSE)
+			{
+				return;
+			}
 		}
 		else
 		{
@@ -122,20 +142,23 @@ if ( ! function_exists('force_download'))
 			$filename = implode('.', $x);
 		}
 
-		if ($data === NULL && ($fp = @fopen($filepath, 'rb')) === FALSE)
-		{
-			return;
-		}
-
 		// Clean output buffer
 		if (ob_get_level() !== 0 && @ob_end_clean() === FALSE)
 		{
 			@ob_clean();
 		}
 
+		// RFC 6266 allows for multibyte filenames, but only in UTF-8,
+		// so we have to make it conditional ...
+		$charset = strtoupper(config_item('charset'));
+		$utf8_filename = ($charset !== 'UTF-8')
+			? get_instance()->utf8->convert_to_utf8($filename, $charset)
+			: $filename;
+		isset($utf8_filename[0]) && $utf8_filename = " filename*=UTF-8''".rawurlencode($utf8_filename);
+
 		// Generate the server headers
 		header('Content-Type: '.$mime);
-		header('Content-Disposition: attachment; filename="'.$filename.'"');
+		header('Content-Disposition: attachment; filename="'.$filename.'";'.$utf8_filename);
 		header('Expires: 0');
 		header('Content-Transfer-Encoding: binary');
 		header('Content-Length: '.$filesize);
@@ -147,13 +170,12 @@ if ( ! function_exists('force_download'))
 			exit($data);
 		}
 
-		// Flush 1MB chunks of data
-		while ( ! feof($fp) && ($data = fread($fp, 1048576)) !== FALSE)
+		// Flush the file
+		if (@readfile($filepath) === FALSE)
 		{
-			echo $data;
+			return;
 		}
 
-		fclose($fp);
 		exit;
 	}
 }
diff --git a/system/helpers/email_helper.php b/system/helpers/email_helper.php
deleted file mode 100644
index ec0c4207e..000000000
--- a/system/helpers/email_helper.php
+++ /dev/null
@@ -1,85 +0,0 @@
-<?php
-/**
- * CodeIgniter
- *
- * An open source application development framework for PHP
- *
- * This content is released under the MIT License (MIT)
- *
- * Copyright (c) 2019 - 2022, CodeIgniter Foundation
- *
- * Permission is hereby granted, free of charge, to any person obtaining a copy
- * of this software and associated documentation files (the "Software"), to deal
- * in the Software without restriction, including without limitation the rights
- * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
- * copies of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be included in
- * all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
- * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
- * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
- * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
- * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
- * THE SOFTWARE.
- *
- * @package	CodeIgniter
- * @author	EllisLab Dev Team
- * @copyright	Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/)
- * @copyright	Copyright (c) 2014 - 2019, British Columbia Institute of Technology (https://bcit.ca/)
- * @copyright	Copyright (c) 2019 - 2022, CodeIgniter Foundation (https://codeigniter.com/)
- * @license	https://opensource.org/licenses/MIT	MIT License
- * @link	https://codeigniter.com
- * @since	Version 1.0.0
- * @filesource
- */
-defined('BASEPATH') OR exit('No direct script access allowed');
-
-/**
- * CodeIgniter Email Helpers
- *
- * @package		CodeIgniter
- * @subpackage	Helpers
- * @category	Helpers
- * @author		EllisLab Dev Team
- * @link		https://codeigniter.com/userguide3/helpers/email_helper.html
- */
-
-// ------------------------------------------------------------------------
-
-if ( ! function_exists('valid_email'))
-{
-	/**
-	 * Validate email address
-	 *
-	 * @deprecated	3.0.0	Use PHP's filter_var() instead
-	 * @param	string	$email
-	 * @return	bool
-	 */
-	function valid_email($email)
-	{
-		return (bool) filter_var($email, FILTER_VALIDATE_EMAIL);
-	}
-}
-
-// ------------------------------------------------------------------------
-
-if ( ! function_exists('send_email'))
-{
-	/**
-	 * Send an email
-	 *
-	 * @deprecated	3.0.0	Use PHP's mail() instead
-	 * @param	string	$recipient
-	 * @param	string	$subject
-	 * @param	string	$message
-	 * @return	bool
-	 */
-	function send_email($recipient, $subject, $message)
-	{
-		return mail($recipient, $subject, $message);
-	}
-}
diff --git a/system/helpers/file_helper.php b/system/helpers/file_helper.php
index a2adaf296..a751f771e 100644
--- a/system/helpers/file_helper.php
+++ b/system/helpers/file_helper.php
@@ -50,26 +50,6 @@ defined('BASEPATH') OR exit('No direct script access allowed');
 
 // ------------------------------------------------------------------------
 
-if ( ! function_exists('read_file'))
-{
-	/**
-	 * Read File
-	 *
-	 * Opens the file specified in the path and returns it as a string.
-	 *
-	 * @todo	Remove in version 3.1+.
-	 * @deprecated	3.0.0	It is now just an alias for PHP's native file_get_contents().
-	 * @param	string	$file	Path to file
-	 * @return	string	File contents
-	 */
-	function read_file($file)
-	{
-		return @file_get_contents($file);
-	}
-}
-
-// ------------------------------------------------------------------------
-
 if ( ! function_exists('write_file'))
 {
 	/**
@@ -248,8 +228,9 @@ if ( ! function_exists('get_dir_file_info'))
 				}
 				elseif ($file[0] !== '.')
 				{
-					$_filedata[$file] = get_file_info($source_dir.$file);
-					$_filedata[$file]['relative_path'] = $relative_path;
+					$filedata = get_dir_file_info($source_dir.$file);
+					$filedata['relative_path'] = $relative_path;
+					$_filedata[] = $filedata;
 				}
 			}
 
diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php
index ba74ff5ef..191fc7e6d 100644
--- a/system/helpers/form_helper.php
+++ b/system/helpers/form_helper.php
@@ -274,11 +274,10 @@ if ( ! function_exists('form_upload'))
 	 * Identical to the input function but adds the "file" type
 	 *
 	 * @param	mixed
-	 * @param	string
 	 * @param	mixed
 	 * @return	string
 	 */
-	function form_upload($data = '', $value = '', $extra = '')
+	function form_upload($data = '', $extra = '')
 	{
 		$defaults = array('type' => 'file', 'name' => '');
 		is_array($data) OR $data = array('name' => $data);
@@ -677,25 +676,6 @@ if ( ! function_exists('form_close'))
 
 // ------------------------------------------------------------------------
 
-if ( ! function_exists('form_prep'))
-{
-	/**
-	 * Form Prep
-	 *
-	 * Formats text so that it can be safely placed in a form field in the event it has HTML tags.
-	 *
-	 * @deprecated	3.0.0	An alias for html_escape()
-	 * @param	string|string[]	$str		Value to escape
-	 * @return	string|string[]	Escaped values
-	 */
-	function form_prep($str)
-	{
-		return html_escape($str, TRUE);
-	}
-}
-
-// ------------------------------------------------------------------------
-
 if ( ! function_exists('set_value'))
 {
 	/**
diff --git a/system/helpers/html_helper.php b/system/helpers/html_helper.php
index 93ecb1d35..98998c7c4 100644
--- a/system/helpers/html_helper.php
+++ b/system/helpers/html_helper.php
@@ -229,7 +229,7 @@ if ( ! function_exists('doctype'))
 	 * @param	string	type	The doctype to be generated
 	 * @return	string
 	 */
-	function doctype($type = 'xhtml1-strict')
+	function doctype($type = 'html5')
 	{
 		static $doctypes;
 
@@ -360,51 +360,32 @@ if ( ! function_exists('meta'))
 			$name = array($name);
 		}
 
+		$allowed_types = array('charset', 'http-equiv', 'name', 'property');
 		$str = '';
 		foreach ($name as $meta)
 		{
-			$type		= (isset($meta['type']) && $meta['type'] !== 'name')	? 'http-equiv' : 'name';
-			$name		= isset($meta['name'])					? $meta['name'] : '';
-			$content	= isset($meta['content'])				? $meta['content'] : '';
-			$newline	= isset($meta['newline'])				? $meta['newline'] : "\n";
+			// This is to preserve BC with pre-3.1 versions where only
+			// 'http-equiv' (default) and 'name' were supported.
+			if (isset($meta['type']))
+			{
+				if ($meta['type'] === 'equiv')
+				{
+					$meta['type'] = 'http-equiv';
+				}
+				elseif ( ! in_array($meta['type'], $allowed_types, TRUE))
+				{
+					$meta['type'] = 'name';
+				}
+			}
 
-			$str .= '<meta '.$type.'="'.$name.'" content="'.$content.'" />'.$newline;
+			$type    = isset($meta['type'])    ? $meta['type']    : 'name';
+			$name    = isset($meta['name'])    ? $meta['name']    : '';
+			$content = isset($meta['content']) ? $meta['content'] : '';
+			$newline = isset($meta['newline']) ? $meta['newline'] : "\n";
+
+			$str .= '<meta '.$type.'="'.$name.($type === 'charset' ? '' : '" content="'.$content).'" />'.$newline;
 		}
 
 		return $str;
 	}
 }
-
-// ------------------------------------------------------------------------
-
-if ( ! function_exists('br'))
-{
-	/**
-	 * Generates HTML BR tags based on number supplied
-	 *
-	 * @deprecated	3.0.0	Use str_repeat() instead
-	 * @param	int	$count	Number of times to repeat the tag
-	 * @return	string
-	 */
-	function br($count = 1)
-	{
-		return str_repeat('<br />', $count);
-	}
-}
-
-// ------------------------------------------------------------------------
-
-if ( ! function_exists('nbs'))
-{
-	/**
-	 * Generates non-breaking space entities based on number supplied
-	 *
-	 * @deprecated	3.0.0	Use str_repeat() instead
-	 * @param	int
-	 * @return	string
-	 */
-	function nbs($num = 1)
-	{
-		return str_repeat('&nbsp;', $num);
-	}
-}
diff --git a/system/helpers/index.html b/system/helpers/index.html
index b702fbc39..bcb7cae34 100644
--- a/system/helpers/index.html
+++ b/system/helpers/index.html
@@ -1,5 +1,5 @@
 <!DOCTYPE html>
-<html>
+<html lang="en">
 <head>
 	<title>403 Forbidden</title>
 </head>
diff --git a/system/helpers/inflector_helper.php b/system/helpers/inflector_helper.php
index 91a5d84ff..75e98c817 100644
--- a/system/helpers/inflector_helper.php
+++ b/system/helpers/inflector_helper.php
@@ -286,3 +286,42 @@ if ( ! function_exists('is_countable'))
 		return word_is_countable($word);
 	}
 }
+
+// ------------------------------------------------------------------------
+
+if ( ! function_exists('ordinal_format'))
+{
+	/**
+	 * Returns the English ordinal numeral for a given number
+	 *
+	 * @param  int    $number
+	 * @return string
+	 */
+	function ordinal_format($number)
+	{
+		if ( ! ctype_digit((string) $number) OR $number < 1)
+		{
+			return $number;
+		}
+
+		$last_digit = array(
+			0 => 'th',
+			1 => 'st',
+			2 => 'nd',
+			3 => 'rd',
+			4 => 'th',
+			5 => 'th',
+			6 => 'th',
+			7 => 'th',
+			8 => 'th',
+			9 => 'th'
+		);
+
+		if (($number % 100) >= 11 && ($number % 100) <= 13)
+		{
+			return $number.'th';
+		}
+
+		return $number.$last_digit[$number % 10];
+	}
+}
diff --git a/system/helpers/security_helper.php b/system/helpers/security_helper.php
index dc2b1a43a..54851a094 100644
--- a/system/helpers/security_helper.php
+++ b/system/helpers/security_helper.php
@@ -81,30 +81,6 @@ if ( ! function_exists('sanitize_filename'))
 	}
 }
 
-// --------------------------------------------------------------------
-
-if ( ! function_exists('do_hash'))
-{
-	/**
-	 * Hash encode a string
-	 *
-	 * @todo	Remove in version 3.1+.
-	 * @deprecated	3.0.0	Use PHP's native hash() instead.
-	 * @param	string	$str
-	 * @param	string	$type = 'sha1'
-	 * @return	string
-	 */
-	function do_hash($str, $type = 'sha1')
-	{
-		if ( ! in_array(strtolower($type), hash_algos()))
-		{
-			$type = 'md5';
-		}
-
-		return hash($type, $str);
-	}
-}
-
 // ------------------------------------------------------------------------
 
 if ( ! function_exists('strip_image_tags'))
diff --git a/system/helpers/smiley_helper.php b/system/helpers/smiley_helper.php
deleted file mode 100644
index 091e6decc..000000000
--- a/system/helpers/smiley_helper.php
+++ /dev/null
@@ -1,256 +0,0 @@
-<?php
-/**
- * CodeIgniter
- *
- * An open source application development framework for PHP
- *
- * This content is released under the MIT License (MIT)
- *
- * Copyright (c) 2019 - 2022, CodeIgniter Foundation
- *
- * Permission is hereby granted, free of charge, to any person obtaining a copy
- * of this software and associated documentation files (the "Software"), to deal
- * in the Software without restriction, including without limitation the rights
- * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
- * copies of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be included in
- * all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
- * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
- * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
- * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
- * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
- * THE SOFTWARE.
- *
- * @package	CodeIgniter
- * @author	EllisLab Dev Team
- * @copyright	Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/)
- * @copyright	Copyright (c) 2014 - 2019, British Columbia Institute of Technology (https://bcit.ca/)
- * @copyright	Copyright (c) 2019 - 2022, CodeIgniter Foundation (https://codeigniter.com/)
- * @license	https://opensource.org/licenses/MIT	MIT License
- * @link	https://codeigniter.com
- * @since	Version 1.0.0
- * @filesource
- */
-defined('BASEPATH') OR exit('No direct script access allowed');
-
-/**
- * CodeIgniter Smiley Helpers
- *
- * @package		CodeIgniter
- * @subpackage	Helpers
- * @category	Helpers
- * @author		EllisLab Dev Team
- * @link		https://codeigniter.com/userguide3/helpers/smiley_helper.html
- * @deprecated	3.0.0	This helper is too specific for CI.
- */
-
-// ------------------------------------------------------------------------
-
-if ( ! function_exists('smiley_js'))
-{
-	/**
-	 * Smiley Javascript
-	 *
-	 * Returns the javascript required for the smiley insertion.  Optionally takes
-	 * an array of aliases to loosely couple the smiley array to the view.
-	 *
-	 * @param	mixed	alias name or array of alias->field_id pairs
-	 * @param	string	field_id if alias name was passed in
-	 * @param	bool
-	 * @return	array
-	 */
-	function smiley_js($alias = '', $field_id = '', $inline = TRUE)
-	{
-		static $do_setup = TRUE;
-		$r = '';
-
-		if ($alias !== '' && ! is_array($alias))
-		{
-			$alias = array($alias => $field_id);
-		}
-
-		if ($do_setup === TRUE)
-		{
-			$do_setup = FALSE;
-			$m = array();
-
-			if (is_array($alias))
-			{
-				foreach ($alias as $name => $id)
-				{
-					$m[] = '"'.$name.'" : "'.$id.'"';
-				}
-			}
-
-			$m = '{'.implode(',', $m).'}';
-
-			$r .= <<<EOF
-			var smiley_map = {$m};
-
-			function insert_smiley(smiley, field_id) {
-				var el = document.getElementById(field_id), newStart;
-
-				if ( ! el && smiley_map[field_id]) {
-					el = document.getElementById(smiley_map[field_id]);
-
-					if ( ! el)
-						return false;
-				}
-
-				el.focus();
-				smiley = " " + smiley;
-
-				if ('selectionStart' in el) {
-					newStart = el.selectionStart + smiley.length;
-
-					el.value = el.value.substr(0, el.selectionStart) +
-									smiley +
-									el.value.substr(el.selectionEnd, el.value.length);
-					el.setSelectionRange(newStart, newStart);
-				}
-				else if (document.selection) {
-					document.selection.createRange().text = smiley;
-				}
-			}
-EOF;
-		}
-		elseif (is_array($alias))
-		{
-			foreach ($alias as $name => $id)
-			{
-				$r .= 'smiley_map["'.$name.'"] = "'.$id."\";\n";
-			}
-		}
-
-		return ($inline)
-			? '<script type="text/javascript" charset="utf-8">/*<![CDATA[ */'.$r.'// ]]></script>'
-			: $r;
-	}
-}
-
-// ------------------------------------------------------------------------
-
-if ( ! function_exists('get_clickable_smileys'))
-{
-	/**
-	 * Get Clickable Smileys
-	 *
-	 * Returns an array of image tag links that can be clicked to be inserted
-	 * into a form field.
-	 *
-	 * @param	string	the URL to the folder containing the smiley images
-	 * @param	array
-	 * @return	array
-	 */
-	function get_clickable_smileys($image_url, $alias = '')
-	{
-		// For backward compatibility with js_insert_smiley
-		if (is_array($alias))
-		{
-			$smileys = $alias;
-		}
-		elseif (FALSE === ($smileys = _get_smiley_array()))
-		{
-			return FALSE;
-		}
-
-		// Add a trailing slash to the file path if needed
-		$image_url = rtrim($image_url, '/').'/';
-
-		$used = array();
-		foreach ($smileys as $key => $val)
-		{
-			// Keep duplicates from being used, which can happen if the
-			// mapping array contains multiple identical replacements. For example:
-			// :-) and :) might be replaced with the same image so both smileys
-			// will be in the array.
-			if (isset($used[$smileys[$key][0]]))
-			{
-				continue;
-			}
-
-			$link[] = '<a href="javascript:void(0);" onclick="insert_smiley(\''.$key.'\', \''.$alias.'\')"><img src="'.$image_url.$smileys[$key][0].'" alt="'.$smileys[$key][3].'" style="width: '.$smileys[$key][1].'; height: '.$smileys[$key][2].'; border: 0;" /></a>';
-			$used[$smileys[$key][0]] = TRUE;
-		}
-
-		return $link;
-	}
-}
-
-// ------------------------------------------------------------------------
-
-if ( ! function_exists('parse_smileys'))
-{
-	/**
-	 * Parse Smileys
-	 *
-	 * Takes a string as input and swaps any contained smileys for the actual image
-	 *
-	 * @param	string	the text to be parsed
-	 * @param	string	the URL to the folder containing the smiley images
-	 * @param	array
-	 * @return	string
-	 */
-	function parse_smileys($str = '', $image_url = '', $smileys = NULL)
-	{
-		if ($image_url === '' OR ( ! is_array($smileys) && FALSE === ($smileys = _get_smiley_array())))
-		{
-			return $str;
-		}
-
-		// Add a trailing slash to the file path if needed
-		$image_url = rtrim($image_url, '/').'/';
-
-		foreach ($smileys as $key => $val)
-		{
-			$str = str_replace($key, '<img src="'.$image_url.$smileys[$key][0].'" alt="'.$smileys[$key][3].'" style="width: '.$smileys[$key][1].'; height: '.$smileys[$key][2].'; border: 0;" />', $str);
-		}
-
-		return $str;
-	}
-}
-
-// ------------------------------------------------------------------------
-
-if ( ! function_exists('_get_smiley_array'))
-{
-	/**
-	 * Get Smiley Array
-	 *
-	 * Fetches the config/smiley.php file
-	 *
-	 * @return	mixed
-	 */
-	function _get_smiley_array()
-	{
-		static $_smileys;
-
-		if ( ! is_array($_smileys))
-		{
-			if (file_exists(APPPATH.'config/smileys.php'))
-			{
-				include(APPPATH.'config/smileys.php');
-			}
-
-			if (file_exists(APPPATH.'config/'.ENVIRONMENT.'/smileys.php'))
-			{
-				include(APPPATH.'config/'.ENVIRONMENT.'/smileys.php');
-			}
-
-			if (empty($smileys) OR ! is_array($smileys))
-			{
-				$_smileys = array();
-				return FALSE;
-			}
-
-			$_smileys = $smileys;
-		}
-
-		return $_smileys;
-	}
-}
diff --git a/system/helpers/string_helper.php b/system/helpers/string_helper.php
index 7370f39f3..0cd87e915 100644
--- a/system/helpers/string_helper.php
+++ b/system/helpers/string_helper.php
@@ -50,33 +50,6 @@ defined('BASEPATH') OR exit('No direct script access allowed');
 
 // ------------------------------------------------------------------------
 
-if ( ! function_exists('trim_slashes'))
-{
-	/**
-	 * Trim Slashes
-	 *
-	 * Removes any leading/trailing slashes from a string:
-	 *
-	 * /this/that/theother/
-	 *
-	 * becomes:
-	 *
-	 * this/that/theother
-	 *
-	 * @todo	Remove in version 3.1+.
-	 * @deprecated	3.0.0	This is just an alias for PHP's native trim()
-	 *
-	 * @param	string
-	 * @return	string
-	 */
-	function trim_slashes($str)
-	{
-		return trim($str, '/');
-	}
-}
-
-// ------------------------------------------------------------------------
-
 if ( ! function_exists('strip_slashes'))
 {
 	/**
@@ -198,7 +171,7 @@ if ( ! function_exists('random_string'))
 	/**
 	 * Create a "Random" String
 	 *
-	 * @param	string	type of random string.  basic, alpha, alnum, numeric, nozero, unique, md5, encrypt and sha1
+	 * @param	string	type of random string.  basic, alpha, alnum, numeric, nozero, md5 and sha1
 	 * @param	int	number of characters
 	 * @return	string
 	 */
@@ -228,10 +201,8 @@ if ( ! function_exists('random_string'))
 						break;
 				}
 				return substr(str_shuffle(str_repeat($pool, ceil($len / strlen($pool)))), 0, $len);
-			case 'unique': // todo: remove in 3.1+
 			case 'md5':
 				return md5(uniqid(mt_rand()));
-			case 'encrypt': // todo: remove in 3.1+
 			case 'sha1':
 				return sha1(uniqid(mt_rand(), TRUE));
 		}
@@ -283,23 +254,3 @@ if ( ! function_exists('alternator'))
 		return $args[($i++ % count($args))];
 	}
 }
-
-// ------------------------------------------------------------------------
-
-if ( ! function_exists('repeater'))
-{
-	/**
-	 * Repeater function
-	 *
-	 * @todo	Remove in version 3.1+.
-	 * @deprecated	3.0.0	This is just an alias for PHP's native str_repeat()
-	 *
-	 * @param	string	$data	String to repeat
-	 * @param	int	$num	Number of repeats
-	 * @return	string
-	 */
-	function repeater($data, $num = 1)
-	{
-		return ($num > 0) ? str_repeat($data, $num) : '';
-	}
-}
diff --git a/system/helpers/url_helper.php b/system/helpers/url_helper.php
index d1d7ec135..e3c9bc0a4 100644
--- a/system/helpers/url_helper.php
+++ b/system/helpers/url_helper.php
@@ -212,7 +212,7 @@ if ( ! function_exists('anchor_popup'))
 		{
 			$attributes = array($attributes);
 
-			// Ref: http://www.w3schools.com/jsref/met_win_open.asp
+			// Ref: https://www.w3schools.com/jsref/met_win_open.asp
 			$window_name = '_blank';
 		}
 		elseif ( ! empty($attributes['window_name']))
@@ -444,7 +444,7 @@ if ( ! function_exists('prep_url'))
 	 */
 	function prep_url($str = '')
 	{
-		if ($str === 'http://' OR $str === '')
+		if ($str === '')
 		{
 			return '';
 		}
@@ -471,31 +471,20 @@ if ( ! function_exists('url_title'))
 	 * human-friendly URL string with a "separator" string
 	 * as the word separator.
 	 *
-	 * @todo	Remove old 'dash' and 'underscore' usage in 3.1+.
 	 * @param	string	$str		Input string
-	 * @param	string	$separator	Word separator
-	 *			(usually '-' or '_')
+	 * @param	string	$separator	Word separator (usually '-' or '_')
 	 * @param	bool	$lowercase	Whether to transform the output string to lowercase
 	 * @return	string
 	 */
 	function url_title($str, $separator = '-', $lowercase = FALSE)
 	{
-		if ($separator === 'dash')
-		{
-			$separator = '-';
-		}
-		elseif ($separator === 'underscore')
-		{
-			$separator = '_';
-		}
-
 		$q_separator = preg_quote($separator, '#');
 
 		$trans = array(
 			'&.+?;'			=> '',
 			'[^\w\d _-]'		=> '',
 			'\s+'			=> $separator,
-			'('.$q_separator.')+'	=> $separator
+			'('.$q_separator.')+'	=> $separator,
 		);
 
 		$str = strip_tags($str);
@@ -547,7 +536,7 @@ if ( ! function_exists('redirect'))
 			if (isset($_SERVER['SERVER_PROTOCOL'], $_SERVER['REQUEST_METHOD']) && $_SERVER['SERVER_PROTOCOL'] === 'HTTP/1.1')
 			{
 				$code = ($_SERVER['REQUEST_METHOD'] !== 'GET')
-					? 303	// reference: http://en.wikipedia.org/wiki/Post/Redirect/Get
+					? 303	// reference: https://en.wikipedia.org/wiki/Post/Redirect/Get
 					: 307;
 			}
 			else