3 files changed, 18 insertions, 3 deletions

diff --git a/system/libraries/Email.php b/system/libraries/Email.php
index 11ee29041..46ffaa1d4 100644
--- a/system/libraries/Email.php
+++ b/system/libraries/Email.php
@@ -2140,7 +2140,7 @@ class CI_Email {
 
 		if (in_array('headers', $include, TRUE))
 		{
-			$raw_data = $this->_header_str."\n";
+			$raw_data = htmlspecialchars($this->_header_str)."\n";
 		}
 
 		if (in_array('subject', $include, TRUE))
diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php
index 1ed50844c..40ba01202 100644
--- a/system/libraries/Form_validation.php
+++ b/system/libraries/Form_validation.php
@@ -1405,7 +1405,7 @@ class CI_Form_validation {
 	 */
 	public function valid_base64($str)
 	{
-		return ! preg_match('/[^a-zA-Z0-9\/\+=]/', $str);
+		return (base64_encode(base64_decode($str)) === $str);
 	}
 
 	// --------------------------------------------------------------------
diff --git a/system/libraries/Upload.php b/system/libraries/Upload.php
index 7c48b4294..5861df584 100644
--- a/system/libraries/Upload.php
+++ b/system/libraries/Upload.php
@@ -136,6 +136,13 @@ class CI_Upload {
 	public $file_ext		= '';
 
 	/**
+	 * Force filename extension to lowercase
+	 *
+	 * @var	string
+	 */
+	public $file_ext_tolower		= FALSE;
+
+	/**
 	 * Upload path
 	 *
 	 * @var	string
@@ -294,6 +301,7 @@ class CI_Upload {
 					'file_type'			=> '',
 					'file_size'			=> NULL,
 					'file_ext'			=> '',
+					'file_ext_tolower' => FALSE,
 					'upload_path'			=> '',
 					'overwrite'			=> FALSE,
 					'encrypt_name'			=> FALSE,
@@ -965,7 +973,14 @@ class CI_Upload {
 	public function get_extension($filename)
 	{
 		$x = explode('.', $filename);
-		return (count($x) !== 1) ? '.'.end($x) : '';
+
+		if (count($x) === 1)
+		{
+		    return '';
+		}
+
+		$ext = ($this->file_ext_tolower) ? strtolower(end($x)) : end($x);
+		return '.'.$ext;
 	}
 
 	// --------------------------------------------------------------------