diff options
Diffstat (limited to 'system/libraries')
| -rw-r--r-- | system/libraries/Email.php | 22 | ||||
| -rw-r--r-- | system/libraries/Form_validation.php | 2 | ||||
| -rw-r--r-- | system/libraries/Profiler.php | 2 | ||||
| -rw-r--r-- | system/libraries/Upload.php | 31 |
4 files changed, 38 insertions, 19 deletions
diff --git a/system/libraries/Email.php b/system/libraries/Email.php index a745d331d..46ffaa1d4 100644 --- a/system/libraries/Email.php +++ b/system/libraries/Email.php @@ -739,7 +739,7 @@ class CI_Email { */ public function set_header($header, $value) { - $this->_headers[$header] = $value; + $this->_headers[$header] = str_replace(array("\n", "\r"), '', $value); } // -------------------------------------------------------------------- @@ -1236,7 +1236,7 @@ class CI_Email { /** * Build Final Body and attachments * - * @return void + * @return bool */ protected function _build_message() { @@ -1275,7 +1275,7 @@ class CI_Email { if ($this->send_multipart === FALSE) { $hdr .= 'Content-Type: text/html; charset='.$this->charset.$this->newline - .'Content-Transfer-Encoding: quoted-printable'; + .'Content-Transfer-Encoding: quoted-printable'.$this->newline.$this->newline; } else { @@ -1401,7 +1401,7 @@ class CI_Email { $body .= implode($this->newline, $attachment).$this->newline.'--'.$this->_atc_boundary.'--'; $this->_finalbody = ($this->_get_protocol() === 'mail') ? $body : $hdr.$body; - return; + return TRUE; } // -------------------------------------------------------------------- @@ -1606,7 +1606,11 @@ class CI_Email { return $result; } - $this->_build_message(); + if ($this->_build_message() === FALSE) + { + return FALSE; + } + $result = $this->_spool_email(); if ($result && $auto_clear) @@ -1665,7 +1669,11 @@ class CI_Email { $this->_bcc_array = $bcc; } - $this->_build_message(); + if ($this->_build_message() === FALSE) + { + return FALSE; + } + $this->_spool_email(); } } @@ -2132,7 +2140,7 @@ class CI_Email { if (in_array('headers', $include, TRUE)) { - $raw_data = $this->_header_str."\n"; + $raw_data = htmlspecialchars($this->_header_str)."\n"; } if (in_array('subject', $include, TRUE)) diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php index 1ed50844c..40ba01202 100644 --- a/system/libraries/Form_validation.php +++ b/system/libraries/Form_validation.php @@ -1405,7 +1405,7 @@ class CI_Form_validation { */ public function valid_base64($str) { - return ! preg_match('/[^a-zA-Z0-9\/\+=]/', $str); + return (base64_encode(base64_decode($str)) === $str); } // -------------------------------------------------------------------- diff --git a/system/libraries/Profiler.php b/system/libraries/Profiler.php index 3c7ce5406..0c60efb8b 100644 --- a/system/libraries/Profiler.php +++ b/system/libraries/Profiler.php @@ -447,7 +447,7 @@ class CI_Profiler { .' (<span style="cursor: pointer;" onclick="var s=document.getElementById(\'ci_profiler_httpheaders_table\').style;s.display=s.display==\'none\'?\'\':\'none\';this.innerHTML=this.innerHTML==\''.$this->CI->lang->line('profiler_section_show').'\'?\''.$this->CI->lang->line('profiler_section_hide').'\':\''.$this->CI->lang->line('profiler_section_show').'\';">'.$this->CI->lang->line('profiler_section_show')."</span>)</legend>\n\n\n" .'<table style="width:100%;display:none;" id="ci_profiler_httpheaders_table">'."\n"; - foreach (array('HTTP_ACCEPT', 'HTTP_USER_AGENT', 'HTTP_CONNECTION', 'SERVER_PORT', 'SERVER_NAME', 'REMOTE_ADDR', 'SERVER_SOFTWARE', 'HTTP_ACCEPT_LANGUAGE', 'SCRIPT_NAME', 'REQUEST_METHOD',' HTTP_HOST', 'REMOTE_HOST', 'CONTENT_TYPE', 'SERVER_PROTOCOL', 'QUERY_STRING', 'HTTP_ACCEPT_ENCODING', 'HTTP_X_FORWARDED_FOR') as $header) + foreach (array('HTTP_ACCEPT', 'HTTP_USER_AGENT', 'HTTP_CONNECTION', 'SERVER_PORT', 'SERVER_NAME', 'REMOTE_ADDR', 'SERVER_SOFTWARE', 'HTTP_ACCEPT_LANGUAGE', 'SCRIPT_NAME', 'REQUEST_METHOD',' HTTP_HOST', 'REMOTE_HOST', 'CONTENT_TYPE', 'SERVER_PROTOCOL', 'QUERY_STRING', 'HTTP_ACCEPT_ENCODING', 'HTTP_X_FORWARDED_FOR', 'HTTP_DNT') as $header) { $val = isset($_SERVER[$header]) ? $_SERVER[$header] : ''; $output .= '<tr><td style="vertical-align:top;width:50%;padding:5px;color:#900;background-color:#ddd;">' diff --git a/system/libraries/Upload.php b/system/libraries/Upload.php index 7c48b4294..85428044d 100644 --- a/system/libraries/Upload.php +++ b/system/libraries/Upload.php @@ -136,6 +136,13 @@ class CI_Upload { public $file_ext = ''; /** + * Force filename extension to lowercase + * + * @var string + */ + public $file_ext_tolower = FALSE; + + /** * Upload path * * @var string @@ -294,6 +301,7 @@ class CI_Upload { 'file_type' => '', 'file_size' => NULL, 'file_ext' => '', + 'file_ext_tolower' => FALSE, 'upload_path' => '', 'overwrite' => FALSE, 'encrypt_name' => FALSE, @@ -965,7 +973,14 @@ class CI_Upload { public function get_extension($filename) { $x = explode('.', $filename); - return (count($x) !== 1) ? '.'.end($x) : ''; + + if (count($x) === 1) + { + return ''; + } + + $ext = ($this->file_ext_tolower) ? strtolower(end($x)) : end($x); + return '.'.$ext; } // -------------------------------------------------------------------- @@ -1075,18 +1090,14 @@ class CI_Upload { $CI =& get_instance(); $CI->lang->load('upload'); - if (is_array($msg)) + if ( ! is_array($msg)) { - foreach ($msg as $val) - { - $msg = ($CI->lang->line($val) === FALSE) ? $val : $CI->lang->line($val); - $this->error_msg[] = $msg; - log_message('error', $msg); - } + $msg = array($msg); } - else + + foreach ($msg as $val) { - $msg = ($CI->lang->line($msg) === FALSE) ? $msg : $CI->lang->line($msg); + $msg = ($CI->lang->line($val) === FALSE) ? $val : $CI->lang->line($val); $this->error_msg[] = $msg; log_message('error', $msg); } |