summaryrefslogtreecommitdiffstats
path: root/system/libraries
diff options
context:
space:
mode:
Diffstat (limited to 'system/libraries')
-rw-r--r--system/libraries/Email.php22
-rw-r--r--system/libraries/Form_validation.php2
-rw-r--r--system/libraries/Profiler.php2
-rw-r--r--system/libraries/Upload.php31
4 files changed, 38 insertions, 19 deletions
diff --git a/system/libraries/Email.php b/system/libraries/Email.php
index a745d331d..46ffaa1d4 100644
--- a/system/libraries/Email.php
+++ b/system/libraries/Email.php
@@ -739,7 +739,7 @@ class CI_Email {
*/
public function set_header($header, $value)
{
- $this->_headers[$header] = $value;
+ $this->_headers[$header] = str_replace(array("\n", "\r"), '', $value);
}
// --------------------------------------------------------------------
@@ -1236,7 +1236,7 @@ class CI_Email {
/**
* Build Final Body and attachments
*
- * @return void
+ * @return bool
*/
protected function _build_message()
{
@@ -1275,7 +1275,7 @@ class CI_Email {
if ($this->send_multipart === FALSE)
{
$hdr .= 'Content-Type: text/html; charset='.$this->charset.$this->newline
- .'Content-Transfer-Encoding: quoted-printable';
+ .'Content-Transfer-Encoding: quoted-printable'.$this->newline.$this->newline;
}
else
{
@@ -1401,7 +1401,7 @@ class CI_Email {
$body .= implode($this->newline, $attachment).$this->newline.'--'.$this->_atc_boundary.'--';
$this->_finalbody = ($this->_get_protocol() === 'mail') ? $body : $hdr.$body;
- return;
+ return TRUE;
}
// --------------------------------------------------------------------
@@ -1606,7 +1606,11 @@ class CI_Email {
return $result;
}
- $this->_build_message();
+ if ($this->_build_message() === FALSE)
+ {
+ return FALSE;
+ }
+
$result = $this->_spool_email();
if ($result && $auto_clear)
@@ -1665,7 +1669,11 @@ class CI_Email {
$this->_bcc_array = $bcc;
}
- $this->_build_message();
+ if ($this->_build_message() === FALSE)
+ {
+ return FALSE;
+ }
+
$this->_spool_email();
}
}
@@ -2132,7 +2140,7 @@ class CI_Email {
if (in_array('headers', $include, TRUE))
{
- $raw_data = $this->_header_str."\n";
+ $raw_data = htmlspecialchars($this->_header_str)."\n";
}
if (in_array('subject', $include, TRUE))
diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php
index 1ed50844c..40ba01202 100644
--- a/system/libraries/Form_validation.php
+++ b/system/libraries/Form_validation.php
@@ -1405,7 +1405,7 @@ class CI_Form_validation {
*/
public function valid_base64($str)
{
- return ! preg_match('/[^a-zA-Z0-9\/\+=]/', $str);
+ return (base64_encode(base64_decode($str)) === $str);
}
// --------------------------------------------------------------------
diff --git a/system/libraries/Profiler.php b/system/libraries/Profiler.php
index 3c7ce5406..0c60efb8b 100644
--- a/system/libraries/Profiler.php
+++ b/system/libraries/Profiler.php
@@ -447,7 +447,7 @@ class CI_Profiler {
.'&nbsp;&nbsp;(<span style="cursor: pointer;" onclick="var s=document.getElementById(\'ci_profiler_httpheaders_table\').style;s.display=s.display==\'none\'?\'\':\'none\';this.innerHTML=this.innerHTML==\''.$this->CI->lang->line('profiler_section_show').'\'?\''.$this->CI->lang->line('profiler_section_hide').'\':\''.$this->CI->lang->line('profiler_section_show').'\';">'.$this->CI->lang->line('profiler_section_show')."</span>)</legend>\n\n\n"
.'<table style="width:100%;display:none;" id="ci_profiler_httpheaders_table">'."\n";
- foreach (array('HTTP_ACCEPT', 'HTTP_USER_AGENT', 'HTTP_CONNECTION', 'SERVER_PORT', 'SERVER_NAME', 'REMOTE_ADDR', 'SERVER_SOFTWARE', 'HTTP_ACCEPT_LANGUAGE', 'SCRIPT_NAME', 'REQUEST_METHOD',' HTTP_HOST', 'REMOTE_HOST', 'CONTENT_TYPE', 'SERVER_PROTOCOL', 'QUERY_STRING', 'HTTP_ACCEPT_ENCODING', 'HTTP_X_FORWARDED_FOR') as $header)
+ foreach (array('HTTP_ACCEPT', 'HTTP_USER_AGENT', 'HTTP_CONNECTION', 'SERVER_PORT', 'SERVER_NAME', 'REMOTE_ADDR', 'SERVER_SOFTWARE', 'HTTP_ACCEPT_LANGUAGE', 'SCRIPT_NAME', 'REQUEST_METHOD',' HTTP_HOST', 'REMOTE_HOST', 'CONTENT_TYPE', 'SERVER_PROTOCOL', 'QUERY_STRING', 'HTTP_ACCEPT_ENCODING', 'HTTP_X_FORWARDED_FOR', 'HTTP_DNT') as $header)
{
$val = isset($_SERVER[$header]) ? $_SERVER[$header] : '';
$output .= '<tr><td style="vertical-align:top;width:50%;padding:5px;color:#900;background-color:#ddd;">'
diff --git a/system/libraries/Upload.php b/system/libraries/Upload.php
index 7c48b4294..85428044d 100644
--- a/system/libraries/Upload.php
+++ b/system/libraries/Upload.php
@@ -136,6 +136,13 @@ class CI_Upload {
public $file_ext = '';
/**
+ * Force filename extension to lowercase
+ *
+ * @var string
+ */
+ public $file_ext_tolower = FALSE;
+
+ /**
* Upload path
*
* @var string
@@ -294,6 +301,7 @@ class CI_Upload {
'file_type' => '',
'file_size' => NULL,
'file_ext' => '',
+ 'file_ext_tolower' => FALSE,
'upload_path' => '',
'overwrite' => FALSE,
'encrypt_name' => FALSE,
@@ -965,7 +973,14 @@ class CI_Upload {
public function get_extension($filename)
{
$x = explode('.', $filename);
- return (count($x) !== 1) ? '.'.end($x) : '';
+
+ if (count($x) === 1)
+ {
+ return '';
+ }
+
+ $ext = ($this->file_ext_tolower) ? strtolower(end($x)) : end($x);
+ return '.'.$ext;
}
// --------------------------------------------------------------------
@@ -1075,18 +1090,14 @@ class CI_Upload {
$CI =& get_instance();
$CI->lang->load('upload');
- if (is_array($msg))
+ if ( ! is_array($msg))
{
- foreach ($msg as $val)
- {
- $msg = ($CI->lang->line($val) === FALSE) ? $val : $CI->lang->line($val);
- $this->error_msg[] = $msg;
- log_message('error', $msg);
- }
+ $msg = array($msg);
}
- else
+
+ foreach ($msg as $val)
{
- $msg = ($CI->lang->line($msg) === FALSE) ? $msg : $CI->lang->line($msg);
+ $msg = ($CI->lang->line($val) === FALSE) ? $val : $CI->lang->line($val);
$this->error_msg[] = $msg;
log_message('error', $msg);
}