diff options
Diffstat (limited to 'system/libraries')
| -rw-r--r-- | system/libraries/Cache/drivers/Cache_apc.php | 1 | ||||
| -rw-r--r-- | system/libraries/Cache/drivers/Cache_file.php | 2 | ||||
| -rw-r--r-- | system/libraries/Cart.php | 7 | ||||
| -rw-r--r-- | system/libraries/Email.php | 331 | ||||
| -rw-r--r-- | system/libraries/Encrypt.php | 112 | ||||
| -rw-r--r-- | system/libraries/Form_validation.php | 42 | ||||
| -rw-r--r-- | system/libraries/Image_lib.php | 441 | ||||
| -rw-r--r-- | system/libraries/Pagination.php | 2 | ||||
| -rw-r--r-- | system/libraries/Session.php | 133 | ||||
| -rw-r--r-- | system/libraries/Typography.php | 2 | ||||
| -rw-r--r-- | system/libraries/Upload.php | 121 |
11 files changed, 539 insertions, 655 deletions
diff --git a/system/libraries/Cache/drivers/Cache_apc.php b/system/libraries/Cache/drivers/Cache_apc.php index 93993d07a..a3dd46978 100644 --- a/system/libraries/Cache/drivers/Cache_apc.php +++ b/system/libraries/Cache/drivers/Cache_apc.php @@ -68,6 +68,7 @@ class CI_Cache_apc extends CI_Driver { */ public function save($id, $data, $ttl = 60) { + $ttl = (int) $ttl; return apc_store($id, array($data, time(), $ttl), $ttl); } diff --git a/system/libraries/Cache/drivers/Cache_file.php b/system/libraries/Cache/drivers/Cache_file.php index 4a81b0422..a960730d7 100644 --- a/system/libraries/Cache/drivers/Cache_file.php +++ b/system/libraries/Cache/drivers/Cache_file.php @@ -99,7 +99,7 @@ class CI_Cache_file extends CI_Driver { if (write_file($this->_cache_path.$id, serialize($contents))) { - @chmod($this->_cache_path.$id, 0777); + @chmod($this->_cache_path.$id, 0660); return TRUE; } diff --git a/system/libraries/Cart.php b/system/libraries/Cart.php index ba8d69be2..10b5362a5 100644 --- a/system/libraries/Cart.php +++ b/system/libraries/Cart.php @@ -329,13 +329,6 @@ class CI_Cart { return FALSE; } - // Is the new quantity different than what is already saved in the cart? - // If it's the same there's nothing to do - if ($this->_cart_contents[$items['rowid']]['qty'] == $items['qty']) - { - return FALSE; - } - // Is the quantity zero? If so we will remove the item from the cart. // If the quantity is greater than zero we are updating if ($items['qty'] == 0) diff --git a/system/libraries/Email.php b/system/libraries/Email.php index 922107e9f..c8a5b41af 100644 --- a/system/libraries/Email.php +++ b/system/libraries/Email.php @@ -25,8 +25,6 @@ * @filesource */ -// ------------------------------------------------------------------------ - /** * CodeIgniter Email Class * @@ -40,55 +38,55 @@ */ class CI_Email { - public $useragent = "CodeIgniter"; - public $mailpath = "/usr/sbin/sendmail"; // Sendmail path - public $protocol = "mail"; // mail/sendmail/smtp - public $smtp_host = ""; // SMTP Server. Example: mail.earthlink.net - public $smtp_user = ""; // SMTP Username - public $smtp_pass = ""; // SMTP Password - public $smtp_port = "25"; // SMTP Port - public $smtp_timeout = 5; // SMTP Timeout in seconds - public $smtp_crypto = ""; // SMTP Encryption. Can be null, tls or ssl. - public $wordwrap = TRUE; // TRUE/FALSE Turns word-wrap on/off - public $wrapchars = "76"; // Number of characters to wrap at. - public $mailtype = "text"; // text/html Defines email formatting - public $charset = "utf-8"; // Default char set: iso-8859-1 or us-ascii - public $multipart = "mixed"; // "mixed" (in the body) or "related" (separate) - public $alt_message = ''; // Alternative message for HTML emails - public $validate = FALSE; // TRUE/FALSE. Enables email validation - public $priority = "3"; // Default priority (1 - 5) - public $newline = "\n"; // Default newline. "\r\n" or "\n" (Use "\r\n" to comply with RFC 822) - public $crlf = "\n"; // The RFC 2045 compliant CRLF for quoted-printable is "\r\n". Apparently some servers, + public $useragent = 'CodeIgniter'; + public $mailpath = '/usr/sbin/sendmail'; // Sendmail path + public $protocol = 'mail'; // mail/sendmail/smtp + public $smtp_host = ''; // SMTP Server. Example: mail.earthlink.net + public $smtp_user = ''; // SMTP Username + public $smtp_pass = ''; // SMTP Password + public $smtp_port = 25; // SMTP Port + public $smtp_timeout = 5; // SMTP Timeout in seconds + public $smtp_crypto = ''; // SMTP Encryption. Can be null, tls or ssl. + public $wordwrap = TRUE; // TRUE/FALSE Turns word-wrap on/off + public $wrapchars = 76; // Number of characters to wrap at. + public $mailtype = 'text'; // text/html Defines email formatting + public $charset = 'utf-8'; // Default char set: iso-8859-1 or us-ascii + public $multipart = 'mixed'; // "mixed" (in the body) or "related" (separate) + public $alt_message = ''; // Alternative message for HTML emails + public $validate = FALSE; // TRUE/FALSE. Enables email validation + public $priority = 3; // Default priority (1 - 5) + public $newline = "\n"; // Default newline. "\r\n" or "\n" (Use "\r\n" to comply with RFC 822) + public $crlf = "\n"; // The RFC 2045 compliant CRLF for quoted-printable is "\r\n". Apparently some servers, // even on the receiving end think they need to muck with CRLFs, so using "\n", while // distasteful, is the only thing that seems to work for all environments. public $send_multipart = TRUE; // TRUE/FALSE - Yahoo does not like multipart alternative, so this is an override. Set to FALSE for Yahoo. - public $bcc_batch_mode = FALSE; // TRUE/FALSE Turns on/off Bcc batch feature + public $bcc_batch_mode = FALSE; // TRUE/FALSE - Turns on/off Bcc batch feature public $bcc_batch_size = 200; // If bcc_batch_mode = TRUE, sets max number of Bccs in each batch - private $_safe_mode = FALSE; - private $_subject = ""; - private $_body = ""; - private $_finalbody = ""; - private $_alt_boundary = ""; - private $_atc_boundary = ""; - private $_header_str = ""; - private $_smtp_connect = ""; - private $_encoding = "8bit"; - private $_IP = FALSE; - private $_smtp_auth = FALSE; - private $_replyto_flag = FALSE; - private $_debug_msg = array(); - private $_recipients = array(); - private $_cc_array = array(); - private $_bcc_array = array(); - private $_headers = array(); - private $_attach_name = array(); - private $_attach_type = array(); - private $_attach_disp = array(); - private $_protocols = array('mail', 'sendmail', 'smtp'); - private $_base_charsets = array('us-ascii', 'iso-2022-'); // 7-bit charsets (excluding language suffix) - private $_bit_depths = array('7bit', '8bit'); - private $_priorities = array('1 (Highest)', '2 (High)', '3 (Normal)', '4 (Low)', '5 (Lowest)'); + protected $_safe_mode = FALSE; + protected $_subject = ''; + protected $_body = ''; + protected $_finalbody = ''; + protected $_alt_boundary = ''; + protected $_atc_boundary = ''; + protected $_header_str = ''; + protected $_smtp_connect = ''; + protected $_encoding = '8bit'; + protected $_IP = FALSE; + protected $_smtp_auth = FALSE; + protected $_replyto_flag = FALSE; + protected $_debug_msg = array(); + protected $_recipients = array(); + protected $_cc_array = array(); + protected $_bcc_array = array(); + protected $_headers = array(); + protected $_attach_name = array(); + protected $_attach_type = array(); + protected $_attach_disp = array(); + protected $_protocols = array('mail', 'sendmail', 'smtp'); + protected $_base_charsets = array('us-ascii', 'iso-2022-'); // 7-bit charsets (excluding language suffix) + protected $_bit_depths = array('7bit', '8bit'); + protected $_priorities = array('1 (Highest)', '2 (High)', '3 (Normal)', '4 (Low)', '5 (Lowest)'); /** * Constructor - Sets Email Preferences @@ -103,11 +101,11 @@ class CI_Email { } else { - $this->_smtp_auth = ($this->smtp_user == '' AND $this->smtp_pass == '') ? FALSE : TRUE; - $this->_safe_mode = (bool) @ini_get("safe_mode"); + $this->_smtp_auth = ! ($this->smtp_user == '' && $this->smtp_pass == ''); + $this->_safe_mode = (bool) @ini_get('safe_mode'); } - log_message('debug', "Email Class Initialized"); + log_message('debug', 'Email Class Initialized'); } // -------------------------------------------------------------------- @@ -115,7 +113,6 @@ class CI_Email { /** * Initialize preferences * - * @access public * @param array * @return void */ @@ -139,8 +136,8 @@ class CI_Email { } $this->clear(); - $this->_smtp_auth = ($this->smtp_user == '' AND $this->smtp_pass == '') ? FALSE : TRUE; - $this->_safe_mode = (bool) @ini_get("safe_mode"); + $this->_smtp_auth = ! ($this->smtp_user == '' && $this->smtp_pass == ''); + $this->_safe_mode = (bool) @ini_get('safe_mode'); return $this; } @@ -150,17 +147,16 @@ class CI_Email { /** * Initialize the Email Data * - * @access public * @param bool - * @return void + * @return object */ public function clear($clear_attachments = FALSE) { - $this->_subject = ""; - $this->_body = ""; - $this->_finalbody = ""; - $this->_header_str = ""; - $this->_replyto_flag = FALSE; + $this->_subject = ''; + $this->_body = ''; + $this->_finalbody = ''; + $this->_header_str = ''; + $this->_replyto_flag = FALSE; $this->_recipients = array(); $this->_cc_array = array(); $this->_bcc_array = array(); @@ -185,14 +181,13 @@ class CI_Email { /** * Set FROM * - * @access public * @param string * @param string - * @return void + * @return object */ public function from($from, $name = '') { - if (preg_match( '/\<(.*)\>/', $from, $match)) + if (preg_match('/\<(.*)\>/', $from, $match)) { $from = $match[1]; } @@ -228,14 +223,13 @@ class CI_Email { /** * Set Reply-to * - * @access public * @param string * @param string - * @return void + * @return object */ public function reply_to($replyto, $name = '') { - if (preg_match( '/\<(.*)\>/', $replyto, $match)) + if (preg_match('/\<(.*)\>/', $replyto, $match)) { $replyto = $match[1]; } @@ -266,9 +260,8 @@ class CI_Email { /** * Set Recipients * - * @access public * @param string - * @return void + * @return object */ public function to($to) { @@ -282,17 +275,17 @@ class CI_Email { if ($this->_get_protocol() !== 'mail') { - $this->_set_header('To', implode(", ", $to)); + $this->_set_header('To', implode(', ', $to)); } switch ($this->_get_protocol()) { - case 'smtp' : + case 'smtp': $this->_recipients = $to; break; - case 'sendmail' : - case 'mail' : - $this->_recipients = implode(", ", $to); + case 'sendmail': + case 'mail': + $this->_recipients = implode(', ', $to); break; } @@ -304,9 +297,8 @@ class CI_Email { /** * Set CC * - * @access public * @param string - * @return void + * @return object */ public function cc($cc) { @@ -318,7 +310,7 @@ class CI_Email { $this->validate_email($cc); } - $this->_set_header('Cc', implode(", ", $cc)); + $this->_set_header('Cc', implode(', ', $cc)); if ($this->_get_protocol() === 'smtp') { @@ -333,10 +325,9 @@ class CI_Email { /** * Set BCC * - * @access public * @param string * @param string - * @return void + * @return object */ public function bcc($bcc, $limit = '') { @@ -360,7 +351,7 @@ class CI_Email { } else { - $this->_set_header('Bcc', implode(", ", $bcc)); + $this->_set_header('Bcc', implode(', ', $bcc)); } return $this; @@ -371,9 +362,8 @@ class CI_Email { /** * Set Email Subject * - * @access public * @param string - * @return void + * @return object */ public function subject($subject) { @@ -387,13 +377,12 @@ class CI_Email { /** * Set Body * - * @access public * @param string - * @return void + * @return object */ public function message($body) { - $this->_body = rtrim(str_replace("\r", "", $body)); + $this->_body = rtrim(str_replace("\r", '', $body)); /* strip slashes only if magic quotes is ON if we do it with magic quotes OFF, it strips real, user-inputted chars. @@ -414,9 +403,8 @@ class CI_Email { /** * Assign file attachments * - * @access public * @param string - * @return void + * @return object */ public function attach($filename, $disposition = '', $newname = NULL) { @@ -431,7 +419,6 @@ class CI_Email { /** * Add a Header Item * - * @access protected * @param string * @param string * @return void @@ -446,7 +433,6 @@ class CI_Email { /** * Convert a String to an Array * - * @access protected * @param string * @return array */ @@ -460,8 +446,7 @@ class CI_Email { } else { - $email = trim($email); - settype($email, "array"); + $email = (array) trim($email); } } return $email; @@ -472,9 +457,8 @@ class CI_Email { /** * Set Multipart Value * - * @access public * @param string - * @return void + * @return object */ public function set_alt_message($str = '') { @@ -487,9 +471,8 @@ class CI_Email { /** * Set Mailtype * - * @access public * @param string - * @return void + * @return object */ public function set_mailtype($type = 'text') { @@ -502,9 +485,8 @@ class CI_Email { /** * Set Wordwrap * - * @access public * @param bool - * @return void + * @return object */ public function set_wordwrap($wordwrap = TRUE) { @@ -517,13 +499,12 @@ class CI_Email { /** * Set Protocol * - * @access public * @param string - * @return void + * @return object */ public function set_protocol($protocol = 'mail') { - $this->protocol = ( ! in_array($protocol, $this->_protocols, TRUE)) ? 'mail' : strtolower($protocol); + $this->protocol = in_array($protocol, $this->_protocols, TRUE) ? strtolower($protocol) : 'mail'; return $this; } @@ -532,19 +513,12 @@ class CI_Email { /** * Set Priority * - * @access public - * @param integer - * @return void + * @param int + * @return object */ public function set_priority($n = 3) { - if ( ! is_numeric($n) OR $n < 1 OR $n > 5) - { - $this->priority = 3; - return; - } - - $this->priority = (int) $n; + $this->priority = preg_match('/^[1-5]$/', $n) ? (int) $n : 3; return $this; } @@ -553,9 +527,8 @@ class CI_Email { /** * Set Newline Character * - * @access public * @param string - * @return void + * @return object */ public function set_newline($newline = "\n") { @@ -568,13 +541,12 @@ class CI_Email { /** * Set CRLF * - * @access public * @param string - * @return void + * @return object */ public function set_crlf($crlf = "\n") { - $this->crlf = ($crlf !== "\n" AND $crlf !== "\r\n" AND $crlf !== "\r") ? "\n" : $crlf; + $this->crlf = ($crlf !== "\n" && $crlf !== "\r\n" && $crlf !== "\r") ? "\n" : $crlf; return $this; } @@ -583,13 +555,12 @@ class CI_Email { /** * Set Message Boundary * - * @access protected * @return void */ protected function _set_boundaries() { - $this->_alt_boundary = "B_ALT_".uniqid(''); // multipart/alternative - $this->_atc_boundary = "B_ATC_".uniqid(''); // attachment boundary + $this->_alt_boundary = 'B_ALT_'.uniqid(''); // multipart/alternative + $this->_atc_boundary = 'B_ATC_'.uniqid(''); // attachment boundary } // -------------------------------------------------------------------- @@ -597,14 +568,12 @@ class CI_Email { /** * Get the Message ID * - * @access protected * @return string */ protected function _get_message_id() { $from = str_replace(array('>', '<'), '', $this->_headers['Return-Path']); - - return "<".uniqid('').strstr($from, '@').">"; + return '<'.uniqid('').strstr($from, '@').'>'; } // -------------------------------------------------------------------- @@ -612,14 +581,13 @@ class CI_Email { /** * Get Mail Protocol * - * @access protected * @param bool - * @return string + * @return mixed */ protected function _get_protocol($return = TRUE) { $this->protocol = strtolower($this->protocol); - $this->protocol = ( ! in_array($this->protocol, $this->_protocols, TRUE)) ? 'mail' : $this->protocol; + in_array($this->protocol, $this->_protocols, TRUE) OR $this->protocol = 'mail'; if ($return == TRUE) { @@ -632,13 +600,12 @@ class CI_Email { /** * Get Mail Encoding * - * @access protected * @param bool * @return string */ protected function _get_encoding($return = TRUE) { - $this->_encoding = ( ! in_array($this->_encoding, $this->_bit_depths)) ? '8bit' : $this->_encoding; + in_array($this->_encoding, $this->_bit_depths) OR $this->_encoding = '8bit'; foreach ($this->_base_charsets as $charset) { @@ -659,7 +626,6 @@ class CI_Email { /** * Get content type (text/html/attachment) * - * @access protected * @return string */ protected function _get_content_type() @@ -687,17 +653,16 @@ class CI_Email { /** * Set RFC 822 Date * - * @access protected * @return string */ protected function _set_date() { - $timezone = date("Z"); + $timezone = date('Z'); $operator = (strncmp($timezone, '-', 1) === 0) ? '-' : '+'; $timezone = abs($timezone); $timezone = floor($timezone/3600) * 100 + ($timezone % 3600) / 60; - return sprintf("%s %s%04d", date("D, j M Y H:i:s"), $operator, $timezone); + return sprintf('%s %s%04d', date('D, j M Y H:i:s'), $operator, $timezone); } // -------------------------------------------------------------------- @@ -705,12 +670,11 @@ class CI_Email { /** * Mime message * - * @access protected * @return string */ protected function _get_mime_message() { - return "This is a multi-part message in MIME format.".$this->newline."Your email application may not support this format."; + return 'This is a multi-part message in MIME format.'.$this->newline.'Your email application may not support this format.'; } // -------------------------------------------------------------------- @@ -718,7 +682,6 @@ class CI_Email { /** * Validate Email Address * - * @access public * @param string * @return bool */ @@ -747,13 +710,12 @@ class CI_Email { /** * Email Validation * - * @access public * @param string * @return bool */ public function valid_email($address) { - return (bool) preg_match("/^([a-z0-9\+_\-]+)(\.[a-z0-9\+_\-]+)*@([a-z0-9\-]+\.)+[a-z]{2,6}$/ix", $address); + return (bool) preg_match('/^([a-z0-9\+_\-]+)(\.[a-z0-9\+_\-]+)*@([a-z0-9\-]+\.)+[a-z]{2,6}$/ix', $address); } // -------------------------------------------------------------------- @@ -761,7 +723,6 @@ class CI_Email { /** * Clean Extended Email Address: Joe Smith <joe@smith.com> * - * @access public * @param string * @return string */ @@ -776,7 +737,7 @@ class CI_Email { foreach ($email as $addy) { - $clean_email[] = (preg_match( '/\<(.*)\>/', $addy, $match)) ? $match[1] : $addy; + $clean_email[] = preg_match('/\<(.*)\>/', $addy, $match) ? $match[1] : $addy; } return $clean_email; @@ -792,12 +753,11 @@ class CI_Email { * If the user hasn't specified his own alternative message * it creates one by stripping the HTML * - * @access protected * @return string */ protected function _get_alt_message() { - if ($this->alt_message != "") + if ($this->alt_message != '') { return $this->word_wrap($this->alt_message, '76'); } @@ -818,9 +778,8 @@ class CI_Email { /** * Word Wrap * - * @access public * @param string - * @param integer + * @param int * @return string */ public function word_wrap($str, $charlim = '') @@ -911,8 +870,6 @@ class CI_Email { /** * Build final headers * - * @access protected - * @param string * @return string */ protected function _build_headers() @@ -929,7 +886,6 @@ class CI_Email { /** * Write Headers as a string * - * @access protected * @return void */ protected function _write_headers() @@ -964,12 +920,11 @@ class CI_Email { /** * Build Final Body and attachments * - * @access protected * @return void */ protected function _build_message() { - if ($this->wordwrap === TRUE AND $this->mailtype !== 'html') + if ($this->wordwrap === TRUE && $this->mailtype !== 'html') { $this->_body = $this->word_wrap($this->_body); } @@ -1131,9 +1086,8 @@ class CI_Email { * Prepares string for Quoted-Printable Content-Transfer-Encoding * Refer to RFC 2045 http://www.ietf.org/rfc/rfc2045.txt * - * @access protected * @param string - * @param integer + * @param int * @return string */ protected function _prep_quoted_printable($str, $charlim = '') @@ -1203,9 +1157,7 @@ class CI_Email { } // get rid of extra CRLF tacked onto the end - $output = substr($output, 0, strlen($this->crlf) * -1); - - return $output; + return substr($output, 0, strlen($this->crlf) * -1); } // -------------------------------------------------------------------- @@ -1216,10 +1168,9 @@ class CI_Email { * Performs "Q Encoding" on a string for use in email headers. It's related * but not identical to quoted-printable, so it has its own method * - * @access public - * @param str - * @param bool // set to TRUE for processing From: headers - * @return str + * @param string + * @param bool set to TRUE for processing From: headers + * @return string */ protected function _prep_q_encoding($str, $from = FALSE) { @@ -1275,9 +1226,7 @@ class CI_Email { // wrap each line with the shebang, charset, and transfer encoding // the preceding space on successive lines is required for header "folding" - $str = trim(preg_replace('/^(.*)$/m', ' =?'.$this->charset.'?Q?$1?=', $str)); - - return $str; + return trim(preg_replace('/^(.*)$/m', ' =?'.$this->charset.'?Q?$1?=', $str)); } // -------------------------------------------------------------------- @@ -1285,7 +1234,6 @@ class CI_Email { /** * Send Email * - * @access public * @return bool */ public function send() @@ -1295,9 +1243,9 @@ class CI_Email { $this->reply_to($this->_headers['From']); } - if (( ! isset($this->_recipients) AND ! isset($this->_headers['To'])) AND - ( ! isset($this->_bcc_array) AND ! isset($this->_headers['Bcc'])) AND - ( ! isset($this->_headers['Cc']))) + if ( ! isset($this->_recipients) && ! isset($this->_headers['To']) + && ! isset($this->_bcc_array) && ! isset($this->_headers['Bcc']) + && ! isset($this->_headers['Cc'])) { $this->_set_error_message('lang:email_no_recipients'); return FALSE; @@ -1305,44 +1253,40 @@ class CI_Email { $this->_build_headers(); - if ($this->bcc_batch_mode AND count($this->_bcc_array) > $this->bcc_batch_size) + if ($this->bcc_batch_mode && count($this->_bcc_array) > $this->bcc_batch_size) { return $this->batch_bcc_send(); } $this->_build_message(); - return $this->_spool_email(); } // -------------------------------------------------------------------- /** - * Batch Bcc Send. Sends groups of BCCs in batches + * Batch Bcc Send. Sends groups of BCCs in batches * - * @access public - * @return bool + * @return void */ public function batch_bcc_send() { - $float = $this->bcc_batch_size -1; - - $set = ""; - + $float = $this->bcc_batch_size - 1; + $set = ''; $chunk = array(); for ($i = 0, $c = count($this->_bcc_array); $i < $c; $i++) { if (isset($this->_bcc_array[$i])) { - $set .= ", ".$this->_bcc_array[$i]; + $set .= ', '.$this->_bcc_array[$i]; } if ($i == $float) { $chunk[] = substr($set, 1); $float += $this->bcc_batch_size; - $set = ""; + $set = ''; } if ($i === $c-1) @@ -1359,7 +1303,7 @@ class CI_Email { if ($this->protocol !== 'smtp') { - $this->_set_header('Bcc', implode(", ", $bcc)); + $this->_set_header('Bcc', implode(', ', $bcc)); } else { @@ -1376,7 +1320,6 @@ class CI_Email { /** * Unwrap special elements * - * @access protected * @return void */ protected function _unwrap_specials() @@ -1389,7 +1332,6 @@ class CI_Email { /** * Strip line-breaks via callback * - * @access protected * @return string */ protected function _remove_nl_callback($matches) @@ -1407,7 +1349,6 @@ class CI_Email { /** * Spool mail to the mail server * - * @access protected * @return bool */ protected function _spool_email() @@ -1429,7 +1370,6 @@ class CI_Email { /** * Send using mail() * - * @access protected * @return bool */ protected function _send_with_mail() @@ -1451,7 +1391,6 @@ class CI_Email { /** * Send using Sendmail * - * @access protected * @return bool */ protected function _send_with_sendmail() @@ -1484,7 +1423,6 @@ class CI_Email { /** * Send using SMTP * - * @access protected * @return bool */ protected function _send_with_smtp() @@ -1553,7 +1491,6 @@ class CI_Email { /** * SMTP Connect * - * @access protected * @param string * @return string */ @@ -1597,7 +1534,6 @@ class CI_Email { /** * Send SMTP command * - * @access protected * @param string * @param string * @return string @@ -1670,7 +1606,6 @@ class CI_Email { /** * SMTP Authenticate * - * @access protected * @return bool */ protected function _smtp_authenticate() @@ -1680,7 +1615,7 @@ class CI_Email { return TRUE; } - if ($this->smtp_user == "" AND $this->smtp_pass == "") + if ($this->smtp_user == '' && $this->smtp_pass == '') { $this->_set_error_message('lang:email_no_smtp_unpw'); return FALSE; @@ -1724,7 +1659,6 @@ class CI_Email { /** * Send SMTP data * - * @access protected * @return bool */ protected function _send_data($data) @@ -1743,7 +1677,6 @@ class CI_Email { /** * Get SMTP data * - * @access protected * @return string */ protected function _get_smtp_data() @@ -1768,12 +1701,11 @@ class CI_Email { /** * Get Hostname * - * @access protected * @return string */ protected function _get_hostname() { - return (isset($_SERVER['SERVER_NAME'])) ? $_SERVER['SERVER_NAME'] : 'localhost.localdomain'; + return isset($_SERVER['SERVER_NAME']) ? $_SERVER['SERVER_NAME'] : 'localhost.localdomain'; } // -------------------------------------------------------------------- @@ -1781,7 +1713,6 @@ class CI_Email { /** * Get IP * - * @access protected * @return string */ protected function _get_ip() @@ -1791,13 +1722,13 @@ class CI_Email { return $this->_IP; } - $cip = (isset($_SERVER['HTTP_CLIENT_IP']) AND $_SERVER['HTTP_CLIENT_IP'] != "") ? $_SERVER['HTTP_CLIENT_IP'] : FALSE; - $rip = (isset($_SERVER['REMOTE_ADDR']) AND $_SERVER['REMOTE_ADDR'] != "") ? $_SERVER['REMOTE_ADDR'] : FALSE; + $cip = ( ! empty($_SERVER['HTTP_CLIENT_IP'])) ? $_SERVER['HTTP_CLIENT_IP'] : FALSE; + $rip = ( ! empty($_SERVER['REMOTE_ADDR'])) ? $_SERVER['REMOTE_ADDR'] : FALSE; if ($cip) $this->_IP = $cip; elseif ($rip) $this->_IP = $rip; else { - $fip = (isset($_SERVER['HTTP_X_FORWARDED_FOR']) AND $_SERVER['HTTP_X_FORWARDED_FOR'] != "") ? $_SERVER['HTTP_X_FORWARDED_FOR'] : FALSE; + $fip = ( ! empty($_SERVER['HTTP_X_FORWARDED_FOR'])) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : FALSE; if ($fip) { $this->_IP = $fip; @@ -1810,7 +1741,7 @@ class CI_Email { $this->_IP = end($x); } - if ( ! preg_match( "/^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$/", $this->_IP)) + if ( ! preg_match('/^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$/', $this->_IP)) { $this->_IP = '0.0.0.0'; } @@ -1823,7 +1754,6 @@ class CI_Email { /** * Get Debug Message * - * @access public * @return string */ public function print_debugger() @@ -1838,8 +1768,7 @@ class CI_Email { } } - $msg .= "<pre>".$this->_header_str."\n".htmlspecialchars($this->_subject)."\n".htmlspecialchars($this->_finalbody).'</pre>'; - return $msg; + return $msg.'<pre>'.$this->_header_str."\n".htmlspecialchars($this->_subject)."\n".htmlspecialchars($this->_finalbody).'</pre>'; } // -------------------------------------------------------------------- @@ -1847,16 +1776,15 @@ class CI_Email { /** * Set Message * - * @access protected * @param string - * @return string + * @return void */ protected function _set_error_message($msg, $val = '') { $CI =& get_instance(); $CI->lang->load('email'); - if (substr($msg, 0, 5) !== 'lang:' || FALSE === ($line = $CI->lang->line(substr($msg, 5)))) + if (substr($msg, 0, 5) !== 'lang:' OR FALSE === ($line = $CI->lang->line(substr($msg, 5)))) { $this->_debug_msg[] = str_replace('%s', $val, $msg)."<br />"; } @@ -1871,13 +1799,13 @@ class CI_Email { /** * Mime Types * - * @access protected * @param string * @return string */ - protected function _mime_types($ext = "") + protected function _mime_types($ext = '') { - $mimes = array( 'hqx' => 'application/mac-binhex40', + $mimes = array( + 'hqx' => 'application/mac-binhex40', 'cpt' => 'application/mac-compactpro', 'doc' => 'application/msword', 'bin' => 'application/macbinary', @@ -1966,11 +1894,10 @@ class CI_Email { 'eml' => 'message/rfc822' ); - return ( ! isset($mimes[strtolower($ext)])) ? "application/x-unknown-content-type" : $mimes[strtolower($ext)]; + return isset($mimes[strtolower($ext)]) ? $mimes[strtolower($ext)] : 'application/x-unknown-content-type'; } } -// END CI_Email class /* End of file Email.php */ /* Location: ./system/libraries/Email.php */ diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index e297576e6..0b0618991 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -1,13 +1,13 @@ -<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); /** * CodeIgniter * * An open source application development framework for PHP 5.1.6 or newer * * NOTICE OF LICENSE - * + * * Licensed under the Open Software License version 3.0 - * + * * This source file is subject to the Open Software License (OSL 3.0) that is * bundled with this package in the files license.txt / license.rst. It is * also available through the world wide web at this URL: @@ -25,8 +25,6 @@ * @filesource */ -// ------------------------------------------------------------------------ - /** * CodeIgniter Encryption Class * @@ -46,15 +44,10 @@ class CI_Encrypt { protected $_mcrypt_cipher; protected $_mcrypt_mode; - /** - * Constructor - * - * Simply determines whether the mcrypt library exists. - */ public function __construct() { $this->_mcrypt_exists = ( ! function_exists('mcrypt_encrypt')) ? FALSE : TRUE; - log_message('debug', "Encrypt Class Initialized"); + log_message('debug', 'Encrypt Class Initialized'); } // -------------------------------------------------------------------- @@ -95,7 +88,7 @@ class CI_Encrypt { * Set the encryption key * * @param string - * @return void + * @return object */ public function set_key($key = '') { @@ -122,18 +115,8 @@ class CI_Encrypt { */ public function encode($string, $key = '') { - $key = $this->get_key($key); - - if ($this->_mcrypt_exists === TRUE) - { - $enc = $this->mcrypt_encode($string, $key); - } - else - { - $enc = $this->_xor_encode($string, $key); - } - - return base64_encode($enc); + $method = ($this->_mcrypt_exists === TRUE) ? 'mcrypt_encode' : '_xor_encode'; + return base64_encode($this->$method($string, $this->get_key($key))); } // -------------------------------------------------------------------- @@ -149,28 +132,13 @@ class CI_Encrypt { */ public function decode($string, $key = '') { - $key = $this->get_key($key); - if (preg_match('/[^a-zA-Z0-9\/\+=]/', $string)) { return FALSE; } - $dec = base64_decode($string); - - if ($this->_mcrypt_exists === TRUE) - { - if (($dec = $this->mcrypt_decode($dec, $key)) === FALSE) - { - return FALSE; - } - } - else - { - $dec = $this->_xor_decode($dec, $key); - } - - return $dec; + $method = ($this->_mcrypt_exists === TRUE) ? 'mcrypt_decode' : '_xor_decode'; + return $this->$method(base64_decode($string), $this->get_key($key)); } // -------------------------------------------------------------------- @@ -197,6 +165,10 @@ class CI_Encrypt { log_message('error', 'Encoding from legacy is available only when Mcrypt is in use.'); return FALSE; } + elseif (preg_match('/[^a-zA-Z0-9\/\+=]/', $string)) + { + return FALSE; + } // decode it first // set mode temporarily to what it was when string was encoded with the legacy @@ -205,14 +177,7 @@ class CI_Encrypt { $this->set_mode($legacy_mode); $key = $this->get_key($key); - - if (preg_match('/[^a-zA-Z0-9\/\+=]/', $string)) - { - return FALSE; - } - $dec = base64_decode($string); - if (($dec = $this->mcrypt_decode($dec, $key)) === FALSE) { return FALSE; @@ -242,17 +207,18 @@ class CI_Encrypt { protected function _xor_encode($string, $key) { $rand = ''; - while (strlen($rand) < 32) + do { $rand .= mt_rand(0, mt_getrandmax()); } + while (strlen($rand) < 32); $rand = $this->hash($rand); $enc = ''; - for ($i = 0; $i < strlen($string); $i++) + for ($i = 0, $ls = strlen($string), $lr = strlen($rand); $i < $ls; $i++) { - $enc .= substr($rand, ($i % strlen($rand)), 1).(substr($rand, ($i % strlen($rand)), 1) ^ substr($string, $i, 1)); + $enc .= $rand[($i % $lr)].($rand[($i % $lr)] ^ $string[$i]); } return $this->_xor_merge($enc, $key); @@ -275,9 +241,9 @@ class CI_Encrypt { $string = $this->_xor_merge($string, $key); $dec = ''; - for ($i = 0; $i < strlen($string); $i++) + for ($i = 0, $l = strlen($string); $i < $l; $i++) { - $dec .= (substr($string, $i++, 1) ^ substr($string, $i, 1)); + $dec .= ($string[$i++] ^ $string[$i]); } return $dec; @@ -298,9 +264,9 @@ class CI_Encrypt { { $hash = $this->hash($key); $str = ''; - for ($i = 0; $i < strlen($string); $i++) + for ($i = 0, $ls = strlen($string), $lh = strlen($hash); $i < $ls; $i++) { - $str .= substr($string, $i, 1) ^ substr($hash, ($i % strlen($hash)), 1); + $str .= $string[$i] ^ $hash[($i % $lh)]; } return $str; @@ -359,18 +325,17 @@ class CI_Encrypt { */ protected function _add_cipher_noise($data, $key) { - $keyhash = $this->hash($key); - $keylen = strlen($keyhash); + $key = $this->hash($key); $str = ''; - for ($i = 0, $j = 0, $len = strlen($data); $i < $len; ++$i, ++$j) + for ($i = 0, $j = 0, $ld = strlen($data), $lk = strlen($key); $i < $ld; ++$i, ++$j) { - if ($j >= $keylen) + if ($j >= $lk) { $j = 0; } - $str .= chr((ord($data[$i]) + ord($keyhash[$j])) % 256); + $str .= chr((ord($data[$i]) + ord($key[$j])) % 256); } return $str; @@ -389,22 +354,21 @@ class CI_Encrypt { */ protected function _remove_cipher_noise($data, $key) { - $keyhash = $this->hash($key); - $keylen = strlen($keyhash); + $key = $this->hash($key); $str = ''; - for ($i = 0, $j = 0, $len = strlen($data); $i < $len; ++$i, ++$j) + for ($i = 0, $j = 0, $ld = strlen($data), $lk = strlen($key); $i < $ld; ++$i, ++$j) { - if ($j >= $keylen) + if ($j >= $lk) { $j = 0; } - $temp = ord($data[$i]) - ord($keyhash[$j]); + $temp = ord($data[$i]) - ord($key[$j]); if ($temp < 0) { - $temp = $temp + 256; + $temp += 256; } $str .= chr($temp); @@ -435,7 +399,7 @@ class CI_Encrypt { * @param constant * @return string */ - function set_mode($mode) + public function set_mode($mode) { $this->_mcrypt_mode = $mode; return $this; @@ -452,7 +416,7 @@ class CI_Encrypt { { if ($this->_mcrypt_cipher == '') { - $this->_mcrypt_cipher = MCRYPT_RIJNDAEL_256; + return $this->_mcrypt_cipher = MCRYPT_RIJNDAEL_256; } return $this->_mcrypt_cipher; @@ -469,7 +433,7 @@ class CI_Encrypt { { if ($this->_mcrypt_mode == '') { - $this->_mcrypt_mode = MCRYPT_MODE_CBC; + return $this->_mcrypt_mode = MCRYPT_MODE_CBC; } return $this->_mcrypt_mode; @@ -481,11 +445,11 @@ class CI_Encrypt { * Set the Hash type * * @param string - * @return string + * @return void */ public function set_hash($type = 'sha1') { - $this->_hash_type = ($type != 'sha1' AND $type != 'md5') ? 'sha1' : $type; + $this->_hash_type = ($type !== 'sha1' && $type !== 'md5') ? 'sha1' : $type; } // -------------------------------------------------------------------- @@ -498,11 +462,9 @@ class CI_Encrypt { */ public function hash($str) { - return ($this->_hash_type == 'sha1') ? sha1($str) : md5($str); + return ($this->_hash_type === 'sha1') ? sha1($str) : md5($str); } } -// END CI_Encrypt class - /* End of file Encrypt.php */ -/* Location: ./system/libraries/Encrypt.php */
\ No newline at end of file +/* Location: ./system/libraries/Encrypt.php */ diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php index 0a6a2af0d..2ee734ae6 100644 --- a/system/libraries/Form_validation.php +++ b/system/libraries/Form_validation.php @@ -703,11 +703,11 @@ class CI_Form_validation { * * @param string the field name * @param string - * @return void + * @return string */ public function set_value($field = '', $default = '') { - if ( ! isset($this->_field_data[$field])) + if ( ! isset($this->_field_data[$field], $this->_field_data[$field]['postdata'])) { return $default; } @@ -736,13 +736,9 @@ class CI_Form_validation { */ public function set_select($field = '', $value = '', $default = FALSE) { - if ( ! isset($this->_field_data[$field]) OR ! isset($this->_field_data[$field]['postdata'])) + if ( ! isset($this->_field_data[$field], $this->_field_data[$field]['postdata'])) { - if ($default === TRUE AND count($this->_field_data) === 0) - { - return ' selected="selected"'; - } - return ''; + return ($default === TRUE && count($this->_field_data) === 0) ? ' selected="selected"' : ''; } $field = $this->_field_data[$field]['postdata']; @@ -754,12 +750,9 @@ class CI_Form_validation { return ''; } } - else + elseif (($field == '' OR $value == '') OR ($field != $value)) { - if (($field == '' OR $value == '') OR ($field != $value)) - { - return ''; - } + return ''; } return ' selected="selected"'; @@ -779,13 +772,9 @@ class CI_Form_validation { */ public function set_radio($field = '', $value = '', $default = FALSE) { - if ( ! isset($this->_field_data[$field]) OR ! isset($this->_field_data[$field]['postdata'])) + if ( ! isset($this->_field_data[$field], $this->_field_data[$field]['postdata'])) { - if ($default === TRUE AND count($this->_field_data) === 0) - { - return ' checked="checked"'; - } - return ''; + return ($default === TRUE && count($this->_field_data) === 0) ? ' checked="checked"' : ''; } $field = $this->_field_data[$field]['postdata']; @@ -869,9 +858,7 @@ class CI_Form_validation { return FALSE; } - $field = $_POST[$field]; - - return ($str === $field); + return ($str === $_POST[$field]); } // -------------------------------------------------------------------- @@ -908,7 +895,7 @@ class CI_Form_validation { */ public function min_length($str, $val) { - if (preg_match("/[^0-9]/", $val)) + if (preg_match('/[^0-9]/', $val)) { return FALSE; } @@ -932,7 +919,7 @@ class CI_Form_validation { */ public function max_length($str, $val) { - if (preg_match("/[^0-9]/", $val)) + if (preg_match('/[^0-9]/', $val)) { return FALSE; } @@ -956,7 +943,7 @@ class CI_Form_validation { */ public function exact_length($str, $val) { - if (preg_match("/[^0-9]/", $val)) + if (preg_match('/[^0-9]/', $val)) { return FALSE; } @@ -1170,7 +1157,7 @@ class CI_Form_validation { */ public function is_natural_no_zero($str) { - return ($str != 0 AND preg_match('/^[0-9]+$/', $str)); + return ($str != 0 && preg_match('/^[0-9]+$/', $str)); } // -------------------------------------------------------------------- @@ -1217,7 +1204,7 @@ class CI_Form_validation { return $data; } - return str_replace(array("'", '"', '<', '>'), array("'", """, '<', '>'), stripslashes($data)); + return str_replace(array("'", '"', '<', '>'), array(''', '"', '<', '>'), stripslashes($data)); } // -------------------------------------------------------------------- @@ -1283,7 +1270,6 @@ class CI_Form_validation { } } -// END Form Validation Class /* End of file Form_validation.php */ /* Location: ./system/libraries/Form_validation.php */ diff --git a/system/libraries/Image_lib.php b/system/libraries/Image_lib.php index c86224ffb..9826eabdd 100644 --- a/system/libraries/Image_lib.php +++ b/system/libraries/Image_lib.php @@ -25,8 +25,6 @@ * @filesource */ -// ------------------------------------------------------------------------ - /** * Image Manipulation class * @@ -88,12 +86,6 @@ class CI_Image_lib { protected $wm_use_drop_shadow = FALSE; public $wm_use_truetype = FALSE; - /** - * Constructor - * - * @param string - * @return void - */ public function __construct($props = array()) { if (count($props) > 0) @@ -101,7 +93,7 @@ class CI_Image_lib { $this->initialize($props); } - log_message('debug', "Image Lib Class Initialized"); + log_message('debug', 'Image Lib Class Initialized'); } // -------------------------------------------------------------------- @@ -158,9 +150,7 @@ class CI_Image_lib { */ public function initialize($props = array()) { - /* - * Convert array elements into class variables - */ + // Convert array elements into class variables if (count($props) > 0) { foreach ($props as $key => $val) @@ -195,25 +185,18 @@ class CI_Image_lib { } } - /* - * Is there a source image? - * - * If not, there's no reason to continue - * - */ + // Is there a source image? If not, there's no reason to continue if ($this->source_image == '') { $this->set_error('imglib_source_image_required'); return FALSE; } - /* - * Is getimagesize() Available? + /* Is getimagesize() available? * * We use it to determine the image properties (width/height). - * Note: We need to figure out how to determine image + * Note: We need to figure out how to determine image * properties using ImageMagick and NetPBM - * */ if ( ! function_exists('getimagesize')) { @@ -223,17 +206,15 @@ class CI_Image_lib { $this->image_library = strtolower($this->image_library); - /* - * Set the full server path + /* Set the full server path * * The source image may or may not contain a path. * Either way, we'll try use realpath to generate the * full server path in order to more reliably read it. - * */ - if (function_exists('realpath') AND @realpath($this->source_image) !== FALSE) + if (function_exists('realpath') && @realpath($this->source_image) !== FALSE) { - $full_source_path = str_replace("\\", "/", realpath($this->source_image)); + $full_source_path = str_replace('\\', '/', realpath($this->source_image)); } else { @@ -255,64 +236,58 @@ class CI_Image_lib { * * If the user has set a "new_image" name it means * we are making a copy of the source image. If not - * it means we are altering the original. We'll + * it means we are altering the original. We'll * set the destination filename and path accordingly. - * */ if ($this->new_image == '') { $this->dest_image = $this->source_image; $this->dest_folder = $this->source_folder; } + elseif (strpos($this->new_image, '/') === FALSE) + { + $this->dest_folder = $this->source_folder; + $this->dest_image = $this->new_image; + } else { - if (strpos($this->new_image, '/') === FALSE) + if (strpos($this->new_image, '/') === FALSE AND strpos($this->new_image, '\\') === FALSE) { - $this->dest_folder = $this->source_folder; - $this->dest_image = $this->new_image; + $full_dest_path = str_replace('\\', '/', realpath($this->new_image)); } else { - if (function_exists('realpath') AND @realpath($this->new_image) !== FALSE) - { - $full_dest_path = str_replace("\\", "/", realpath($this->new_image)); - } - else - { - $full_dest_path = $this->new_image; - } + $full_dest_path = $this->new_image; + } - // Is there a file name? - if ( ! preg_match("#\.(jpg|jpeg|gif|png)$#i", $full_dest_path)) - { - $this->dest_folder = $full_dest_path.'/'; - $this->dest_image = $this->source_image; - } - else - { - $x = explode('/', $full_dest_path); - $this->dest_image = end($x); - $this->dest_folder = str_replace($this->dest_image, '', $full_dest_path); - } + // Is there a file name? + if ( ! preg_match('#\.(jpg|jpeg|gif|png)$#i', $full_dest_path)) + { + $this->dest_folder = $full_dest_path.'/'; + $this->dest_image = $this->source_image; + } + else + { + $x = explode('/', $full_dest_path); + $this->dest_image = end($x); + $this->dest_folder = str_replace($this->dest_image, '', $full_dest_path); } } - /* - * Compile the finalized filenames/paths + /* Compile the finalized filenames/paths * * We'll create two master strings containing the * full server path to the source image and the * full server path to the destination image. * We'll also split the destination image name * so we can insert the thumbnail marker if needed. - * */ if ($this->create_thumb === FALSE OR $this->thumb_marker == '') { $this->thumb_marker = ''; } - $xp = $this->explode_name($this->dest_image); + $xp = $this->explode_name($this->dest_image); $filename = $xp['name']; $file_ext = $xp['ext']; @@ -320,54 +295,55 @@ class CI_Image_lib { $this->full_src_path = $this->source_folder.$this->source_image; $this->full_dst_path = $this->dest_folder.$filename.$this->thumb_marker.$file_ext; - /* - * Should we maintain image proportions? + /* Should we maintain image proportions? * * When creating thumbs or copies, the target width/height * might not be in correct proportion with the source - * image's width/height. We'll recalculate it here. - * + * image's width/height. We'll recalculate it here. */ - if ($this->maintain_ratio === TRUE && ($this->width != '' AND $this->height != '')) + if ($this->maintain_ratio === TRUE && ($this->width != 0 OR $this->height != 0)) { $this->image_reproportion(); } - /* - * Was a width and height specified? - * - * If the destination width/height was - * not submitted we will use the values - * from the actual file + /* Was a width and height specified? * + * If the destination width/height was not submitted we + * will use the values from the actual file */ if ($this->width == '') + { $this->width = $this->orig_width; + } if ($this->height == '') + { $this->height = $this->orig_height; + } // Set the quality - $this->quality = trim(str_replace("%", "", $this->quality)); + $this->quality = trim(str_replace('%', '', $this->quality)); - if ($this->quality == '' OR $this->quality == 0 OR ! is_numeric($this->quality)) + if ($this->quality == '' OR $this->quality == 0 OR ! preg_match('/^[0-9]+$/', $this->quality)) + { $this->quality = 90; + } // Set the x/y coordinates - $this->x_axis = ($this->x_axis == '' OR ! is_numeric($this->x_axis)) ? 0 : $this->x_axis; - $this->y_axis = ($this->y_axis == '' OR ! is_numeric($this->y_axis)) ? 0 : $this->y_axis; + $this->x_axis = ($this->x_axis == '' OR ! preg_match('/^[0-9]+$/', $this->x_axis)) ? 0 : $this->x_axis; + $this->y_axis = ($this->y_axis == '' OR ! preg_match('/^[0-9]+$/', $this->y_axis)) ? 0 : $this->y_axis; // Watermark-related Stuff... if ($this->wm_overlay_path != '') { - $this->wm_overlay_path = str_replace("\\", "/", realpath($this->wm_overlay_path)); + $this->wm_overlay_path = str_replace('\\', '/', realpath($this->wm_overlay_path)); } if ($this->wm_shadow_color != '') { $this->wm_use_drop_shadow = TRUE; } - elseif ($this->wm_use_drop_shadow == TRUE AND $this->wm_shadow_color == '') + elseif ($this->wm_use_drop_shadow == TRUE && $this->wm_shadow_color == '') { $this->wm_use_drop_shadow = FALSE; } @@ -392,7 +368,7 @@ class CI_Image_lib { */ public function resize() { - $protocol = (strtolower(substr($this->image_library, 0, -3)) === 'gd2') ? 'image_process_gd' : 'image_process_'.$this->image_library; + $protocol = ($this->image_library === 'gd2') ? 'image_process_gd' : 'image_process_'.$this->image_library; return $this->$protocol('resize'); } @@ -408,7 +384,7 @@ class CI_Image_lib { */ public function crop() { - $protocol = (strtolower(substr($this->image_library, 0, -3)) === 'gd2') ? 'image_process_gd' : 'image_process_'.$this->image_library; + $protocol = ($this->image_library === 'gd2') ? 'image_process_gd' : 'image_process_'.$this->image_library; return $this->$protocol('crop'); } @@ -445,22 +421,16 @@ class CI_Image_lib { $this->height = $this->orig_height; } - // Choose resizing function - if ($this->image_library == 'imagemagick' OR $this->image_library == 'netpbm') + if ($this->image_library === 'imagemagick' OR $this->image_library === 'netpbm') { $protocol = 'image_process_'.$this->image_library; return $this->$protocol('rotate'); } - if ($this->rotation_angle == 'hor' OR $this->rotation_angle == 'vrt') - { - return $this->image_mirror_gd(); - } - else - { - return $this->image_rotate_gd(); - } + return ($this->rotation_angle === 'hor' OR $this->rotation_angle === 'vrt') + ? $this->image_mirror_gd() + : $this->image_rotate_gd(); } // -------------------------------------------------------------------- @@ -479,9 +449,9 @@ class CI_Image_lib { // If the target width/height match the source, AND if the new file name is not equal to the old file name // we'll simply make a copy of the original with the new name... assuming dynamic rendering is off. - if ($this->dynamic_output === FALSE AND $this->orig_width == $this->width AND $this->orig_height == $this->height) + if ($this->dynamic_output === FALSE && $this->orig_width == $this->width && $this->orig_height == $this->height) { - if ($this->source_image != $this->new_image AND @copy($this->full_src_path, $this->full_dst_path)) + if ($this->source_image != $this->new_image && @copy($this->full_src_path, $this->full_dst_path)) { @chmod($this->full_dst_path, FILE_WRITE_MODE); } @@ -492,7 +462,7 @@ class CI_Image_lib { // Let's set up our values based on the action if ($action == 'crop') { - // Reassign the source width/height if cropping + // Reassign the source width/height if cropping $this->orig_width = $this->width; $this->orig_height = $this->height; @@ -516,14 +486,15 @@ class CI_Image_lib { return FALSE; } - // Create The Image - // - // old conditional which users report cause problems with shared GD libs who report themselves as "2.0 or greater" - // it appears that this is no longer the issue that it was in 2004, so we've removed it, retaining it in the comment - // below should that ever prove inaccurate. - // - // if ($this->image_library == 'gd2' AND function_exists('imagecreatetruecolor') AND $v2_override == FALSE) - if ($this->image_library == 'gd2' AND function_exists('imagecreatetruecolor')) + /* Create the image + * + * Old conditional which users report cause problems with shared GD libs who report themselves as "2.0 or greater" + * it appears that this is no longer the issue that it was in 2004, so we've removed it, retaining it in the comment + * below should that ever prove inaccurate. + * + * if ($this->image_library === 'gd2' && function_exists('imagecreatetruecolor') && $v2_override == FALSE) + */ + if ($this->image_library === 'gd2' && function_exists('imagecreatetruecolor')) { $create = 'imagecreatetruecolor'; $copy = 'imagecopyresampled'; @@ -544,21 +515,17 @@ class CI_Image_lib { $copy($dst_img, $src_img, 0, 0, $this->x_axis, $this->y_axis, $this->width, $this->height, $this->orig_width, $this->orig_height); - // Show the image + // Show the image if ($this->dynamic_output == TRUE) { $this->image_display_gd($dst_img); } - else + elseif ( ! $this->image_save_gd($dst_img)) // Or save it { - // Or save it - if ( ! $this->image_save_gd($dst_img)) - { - return FALSE; - } + return FALSE; } - // Kill the file handles + // Kill the file handles imagedestroy($dst_img); imagedestroy($src_img); @@ -587,42 +554,34 @@ class CI_Image_lib { return FALSE; } - if ( ! preg_match("/convert$/i", $this->library_path)) + if ( ! preg_match('/convert$/i', $this->library_path)) { $this->library_path = rtrim($this->library_path, '/').'/convert'; } // Execute the command - $cmd = $this->library_path." -quality ".$this->quality; + $cmd = $this->library_path.' -quality '.$this->quality; if ($action == 'crop') { - $cmd .= " -crop ".$this->width."x".$this->height."+".$this->x_axis."+".$this->y_axis." \"$this->full_src_path\" \"$this->full_dst_path\" 2>&1"; + $cmd .= ' -crop '.$this->width.'x'.$this->height.'+'.$this->x_axis.'+'.$this->y_axis.' "'.$this->full_src_path.'" "'.$this->full_dst_path .'" 2>&1'; } elseif ($action == 'rotate') { - switch ($this->rotation_angle) - { - case 'hor' : $angle = '-flop'; - break; - case 'vrt' : $angle = '-flip'; - break; - default : $angle = '-rotate '.$this->rotation_angle; - break; - } + $angle = ($this->rotation_angle === 'hor' OR $this->rotation_angle === 'vrt') + ? '-flop' : '-rotate '.$this->rotation_angle; - $cmd .= " ".$angle." \"$this->full_src_path\" \"$this->full_dst_path\" 2>&1"; + $cmd .= ' '.$angle.' "'.$this->full_src_path.'" "'.$this->full_dst_path.'" 2>&1'; } - else // Resize + else // Resize { - $cmd .= " -resize ".$this->width."x".$this->height." \"$this->full_src_path\" \"$this->full_dst_path\" 2>&1"; + $cmd .= ' -resize '.$this->width.'x'.$this->height.' "'.$this->full_src_path.'" "'.$this->full_dst_path.'" 2>&1'; } $retval = 1; - @exec($cmd, $output, $retval); - // Did it work? + // Did it work? if ($retval > 0) { $this->set_error('imglib_image_process_failed'); @@ -653,7 +612,7 @@ class CI_Image_lib { return FALSE; } - // Build the resizing command + // Build the resizing command switch ($this->image_type) { case 1 : @@ -700,10 +659,9 @@ class CI_Image_lib { $cmd = $this->library_path.$cmd_in.' '.$this->full_src_path.' | '.$cmd_inner.' | '.$cmd_out.' > '.$this->dest_folder.'netpbm.tmp'; $retval = 1; - @exec($cmd, $output, $retval); - // Did it work? + // Did it work? if ($retval > 0) { $this->set_error('imglib_image_process_failed'); @@ -714,7 +672,7 @@ class CI_Image_lib { // If you try manipulating the original it fails so // we have to rename the temp file. copy ($this->dest_folder.'netpbm.tmp', $this->full_dst_path); - unlink ($this->dest_folder.'netpbm.tmp'); + unlink($this->dest_folder.'netpbm.tmp'); @chmod($this->full_dst_path, FILE_WRITE_MODE); return TRUE; @@ -729,7 +687,7 @@ class CI_Image_lib { */ public function image_rotate_gd() { - // Create the image handle + // Create the image handle if ( ! ($src_img = $this->image_create_gd())) { return FALSE; @@ -742,29 +700,24 @@ class CI_Image_lib { $white = imagecolorallocate($src_img, 255, 255, 255); - // Rotate it! + // Rotate it! $dst_img = imagerotate($src_img, $this->rotation_angle, $white); - // Save the Image + // Show the image if ($this->dynamic_output == TRUE) { $this->image_display_gd($dst_img); } - else + elseif ( ! $this->image_save_gd($dst_img)) // ... or save it { - // Or save it - if ( ! $this->image_save_gd($dst_img)) - { - return FALSE; - } + return FALSE; } - // Kill the file handles + // Kill the file handles imagedestroy($dst_img); imagedestroy($src_img); // Set the file to 777 - @chmod($this->full_dst_path, FILE_WRITE_MODE); return TRUE; @@ -789,7 +742,7 @@ class CI_Image_lib { $width = $this->orig_width; $height = $this->orig_height; - if ($this->rotation_angle == 'hor') + if ($this->rotation_angle === 'hor') { for ($i = 0; $i < $height; $i++, $left = 0, $right = $width-1) { @@ -824,21 +777,17 @@ class CI_Image_lib { } } - // Show the image + // Show the image if ($this->dynamic_output == TRUE) { $this->image_display_gd($src_img); } - else + elseif ( ! $this->image_save_gd($src_img)) // ... or save it { - // Or save it - if ( ! $this->image_save_gd($src_img)) - { - return FALSE; - } + return FALSE; } - // Kill the file handles + // Kill the file handles imagedestroy($src_img); // Set the file to 777 @@ -860,14 +809,7 @@ class CI_Image_lib { */ public function watermark() { - if ($this->wm_type == 'overlay') - { - return $this->overlay_watermark(); - } - else - { - return $this->text_watermark(); - } + return ($this->wm_type === 'overlay') ? $this->overlay_watermark() : $this->text_watermark(); } // -------------------------------------------------------------------- @@ -885,28 +827,28 @@ class CI_Image_lib { return FALSE; } - // Fetch source image properties + // Fetch source image properties $this->get_image_properties(); - // Fetch watermark image properties - $props = $this->get_image_properties($this->wm_overlay_path, TRUE); + // Fetch watermark image properties + $props = $this->get_image_properties($this->wm_overlay_path, TRUE); $wm_img_type = $props['image_type']; - $wm_width = $props['width']; - $wm_height = $props['height']; + $wm_width = $props['width']; + $wm_height = $props['height']; - // Create two image resources + // Create two image resources $wm_img = $this->image_create_gd($this->wm_overlay_path, $wm_img_type); $src_img = $this->image_create_gd($this->full_src_path); // Reverse the offset if necessary // When the image is positioned at the bottom // we don't want the vertical offset to push it - // further down. We want the reverse, so we'll - // invert the offset. Same with the horizontal + // further down. We want the reverse, so we'll + // invert the offset. Same with the horizontal // offset when the image is at the right - $this->wm_vrt_alignment = strtoupper(substr($this->wm_vrt_alignment, 0, 1)); - $this->wm_hor_alignment = strtoupper(substr($this->wm_hor_alignment, 0, 1)); + $this->wm_vrt_alignment = strtoupper($this->wm_vrt_alignment[0]); + $this->wm_hor_alignment = strtoupper($this->wm_hor_alignment[0]); if ($this->wm_vrt_alignment == 'B') $this->wm_vrt_offset = $this->wm_vrt_offset * -1; @@ -914,34 +856,32 @@ class CI_Image_lib { if ($this->wm_hor_alignment == 'R') $this->wm_hor_offset = $this->wm_hor_offset * -1; - // Set the base x and y axis values + // Set the base x and y axis values $x_axis = $this->wm_hor_offset + $this->wm_padding; $y_axis = $this->wm_vrt_offset + $this->wm_padding; - // Set the vertical position - switch ($this->wm_vrt_alignment) + // Set the vertical position + if ($this->wm_vrt_alignment === 'M') { - case 'T': - break; - case 'M': $y_axis += ($this->orig_height / 2) - ($wm_height / 2); - break; - case 'B': $y_axis += $this->orig_height - $wm_height; - break; + $y_axis += ($this->orig_height / 2) - ($wm_height / 2); + } + elseif ($this->wm_vrt_alignment === 'B') + { + $y_axis += $this->orig_height - $wm_height; } - // Set the horizontal position - switch ($this->wm_hor_alignment) + // Set the horizontal position + if ($this->wm_hor_alignment === 'C') { - case 'L': - break; - case 'C': $x_axis += ($this->orig_width / 2) - ($wm_width / 2); - break; - case 'R': $x_axis += $this->orig_width - $wm_width; - break; + $x_axis += ($this->orig_width / 2) - ($wm_width / 2); + } + elseif ($this->wm_hor_alignment === 'R') + { + $x_axis += $this->orig_width - $wm_width; } // Build the finalized image - if ($wm_img_type == 3 AND function_exists('imagealphablending')) + if ($wm_img_type == 3 && function_exists('imagealphablending')) { @imagealphablending($src_img, TRUE); } @@ -963,12 +903,12 @@ class CI_Image_lib { imagecopymerge($src_img, $wm_img, $x_axis, $y_axis, 0, 0, $wm_width, $wm_height, $this->wm_opacity); } - // Output the image + // Output the image if ($this->dynamic_output == TRUE) { $this->image_display_gd($src_img); } - elseif ( ! $this->image_save_gd($src_img)) + elseif ( ! $this->image_save_gd($src_img)) // ... or save it { return FALSE; } @@ -993,20 +933,20 @@ class CI_Image_lib { return FALSE; } - if ($this->wm_use_truetype == TRUE AND ! file_exists($this->wm_font_path)) + if ($this->wm_use_truetype == TRUE && ! file_exists($this->wm_font_path)) { $this->set_error('imglib_missing_font'); return FALSE; } - // Fetch source image properties + // Fetch source image properties $this->get_image_properties(); // Reverse the vertical offset // When the image is positioned at the bottom // we don't want the vertical offset to push it - // further down. We want the reverse, so we'll - // invert the offset. Note: The horizontal + // further down. We want the reverse, so we'll + // invert the offset. Note: The horizontal // offset flips itself automatically if ($this->wm_vrt_alignment == 'B') @@ -1039,49 +979,39 @@ class CI_Image_lib { $x_axis = $this->wm_hor_offset + $this->wm_padding; $y_axis = $this->wm_vrt_offset + $this->wm_padding; - // Set verticle alignment if ($this->wm_use_drop_shadow == FALSE) $this->wm_shadow_distance = 0; $this->wm_vrt_alignment = strtoupper(substr($this->wm_vrt_alignment, 0, 1)); $this->wm_hor_alignment = strtoupper(substr($this->wm_hor_alignment, 0, 1)); - switch ($this->wm_vrt_alignment) + // Set verticle alignment + if ($this->wm_vrt_alignment === 'M') { - case 'T': - break; - case 'M': $y_axis += ($this->orig_height/2)+($fontheight/2); - break; - case 'B': $y_axis += ($this->orig_height - $fontheight - $this->wm_shadow_distance - ($fontheight/2)); - break; + $y_axis += ($this->orig_height / 2) + ($fontheight / 2); + } + elseif ($this->wm_vrt_alignment === 'B') + { + $y_axis += $this->orig_height - $fontheight - $this->wm_shadow_distance - ($fontheight / 2); } $x_shad = $x_axis + $this->wm_shadow_distance; $y_shad = $y_axis + $this->wm_shadow_distance; - // Set horizontal alignment - switch ($this->wm_hor_alignment) - { - case 'L': - break; - case 'R': - if ($this->wm_use_drop_shadow) - { - $x_shad += ($this->orig_width - $fontwidth*strlen($this->wm_text)); - $x_axis += ($this->orig_width - $fontwidth*strlen($this->wm_text)); - } - break; - case 'C': - if ($this->wm_use_drop_shadow) - { - $x_shad += floor(($this->orig_width - $fontwidth*strlen($this->wm_text))/2); - $x_axis += floor(($this->orig_width - $fontwidth*strlen($this->wm_text))/2); - } - break; - } - if ($this->wm_use_drop_shadow) { + // Set horizontal alignment + if ($this->wm_hor_alignment === 'R') + { + $x_shad += $this->orig_width - ($fontwidth * strlen($this->wm_text)); + $x_axis += $this->orig_width - ($fontwidth * strlen($this->wm_text)); + } + elseif ($this->wm_hor_alignment === 'C') + { + $x_shad += floor(($this->orig_width - ($fontwidth * strlen($this->wm_text))) / 2); + $x_axis += floor(($this->orig_width - ($fontwidth * strlen($this->wm_text))) / 2); + } + /* Set RGB values for text and shadow * * First character is #, so we don't really need it. @@ -1091,9 +1021,9 @@ class CI_Image_lib { $txt_color = str_split(substr($this->wm_font_color, 1, 6), 2); $txt_color = imagecolorclosest($src_img, hexdec($txt_color[0]), hexdec($txt_color[1]), hexdec($txt_color[2])); $drp_color = str_split(substr($this->wm_shadow_color, 1, 6), 2); - $drp_color = imagecolorclosest($src_img, hexdec($drp_color[0]), hexdec($drp_color[2]), hexdec($drp_color[3])); + $drp_color = imagecolorclosest($src_img, hexdec($drp_color[0]), hexdec($drp_color[1]), hexdec($drp_color[2])); - // Add the text to the source image + // Add the text to the source image if ($this->wm_use_truetype) { imagettftext($src_img, $this->wm_font_size, 0, $x_shad, $y_shad, $drp_color, $this->wm_font_path, $this->wm_text); @@ -1106,7 +1036,7 @@ class CI_Image_lib { } } - // Output the final image + // Output the final image if ($this->dynamic_output == TRUE) { $this->image_display_gd($src_img); @@ -1250,8 +1180,8 @@ class CI_Image_lib { */ public function image_display_gd($resource) { - header("Content-Disposition: filename={$this->source_image};"); - header("Content-Type: {$this->mime_type}"); + header('Content-Disposition: filename='.$this->source_image.';'); + header('Content-Type: '.$this->mime_type); header('Content-Transfer-Encoding: binary'); header('Last-Modified: '.gmdate('D, d M Y H:i:s', time()).' GMT'); @@ -1284,33 +1214,43 @@ class CI_Image_lib { */ public function image_reproportion() { - if ( ! is_numeric($this->width) OR ! is_numeric($this->height) OR $this->width == 0 OR $this->height == 0) - return; - - if ( ! is_numeric($this->orig_width) OR ! is_numeric($this->orig_height) OR $this->orig_width == 0 OR $this->orig_height == 0) - return; - - $new_width = ceil($this->orig_width*$this->height/$this->orig_height); - $new_height = ceil($this->width*$this->orig_height/$this->orig_width); - - $ratio = (($this->orig_height/$this->orig_width) - ($this->height/$this->width)); - - if ($this->master_dim != 'width' AND $this->master_dim != 'height') + if (($this->width == 0 && $this->height == 0) OR $this->orig_width == 0 OR $this->orig_height == 0 + OR ( ! preg_match('/^[0-9]+$/', $this->width) && ! preg_match('/^[0-9]+$/', $this->height)) + OR ! preg_match('/^[0-9]+$/', $this->orig_width) OR ! preg_match('/^[0-9]+$/', $this->orig_height)) { - $this->master_dim = ($ratio < 0) ? 'width' : 'height'; + return; } - if (($this->width != $new_width) AND ($this->height != $new_height)) + // Sanitize so we don't call preg_match() anymore + $this->width = (int) $this->width; + $this->height = (int) $this->height; + + if ($this->master_dim !== 'width' && $this->master_dim !== 'height') { - if ($this->master_dim == 'height') + if ($this->width > 0 && $this->height > 0) { - $this->width = $new_width; + $this->master_dim = ((($this->orig_height/$this->orig_width) - ($this->height/$this->width)) < 0) + ? 'width' : 'height'; } else { - $this->height = $new_height; + $this->master_dim = ($this->height === 0) ? 'width' : 'height'; } } + elseif (($this->master_dim === 'width' && $this->width === 0) + OR ($this->master_dim === 'height' && $this->height === 0)) + { + return; + } + + if ($this->master_dim === 'width') + { + $this->height = (int) ceil($this->width*$this->orig_height/$this->orig_width); + } + else + { + $this->width = (int) ceil($this->orig_width*$this->height/$this->orig_height); + } } // -------------------------------------------------------------------- @@ -1329,7 +1269,9 @@ class CI_Image_lib { // find a way to determine this using IM or NetPBM if ($path == '') + { $path = $this->full_src_path; + } if ( ! file_exists($path)) { @@ -1367,15 +1309,15 @@ class CI_Image_lib { * Size calculator * * This function takes a known width x height and - * recalculates it to a new size. Only one + * recalculates it to a new size. Only one * new variable needs to be known * * $props = array( - * 'width' => $width, - * 'height' => $height, - * 'new_width' => 40, - * 'new_height' => '' - * ); + * 'width' => $width, + * 'height' => $height, + * 'new_width' => 40, + * 'new_height' => '' + * ); * * @param array * @return array @@ -1419,7 +1361,7 @@ class CI_Image_lib { * * This is a helper function that extracts the extension * from the source_image. This function lets us deal with - * source_images with multiple periods, like: my.cool.jpg + * source_images with multiple periods, like: my.cool.jpg * It returns an associative array with two elements: * $array['ext'] = '.jpg'; * $array['name'] = 'my.cool'; @@ -1449,7 +1391,7 @@ class CI_Image_lib { /* As it is stated in the PHP manual, dl() is not always available * and even if so - it could generate an E_WARNING message on failure */ - return (function_exists('dl') AND @dl('gd.so')); + return (function_exists('dl') && @dl('gd.so')); } return TRUE; @@ -1467,9 +1409,7 @@ class CI_Image_lib { if (function_exists('gd_info')) { $gd_version = @gd_info(); - $gd_version = preg_replace("/\D/", "", $gd_version['GD Version']); - - return $gd_version; + return preg_replace('/\D/', '', $gd_version['GD Version']); } return FALSE; @@ -1516,11 +1456,10 @@ class CI_Image_lib { */ public function display_errors($open = '<p>', $close = '</p>') { - return (count($this->error_msg) > 0) ? $open . implode($close . $open, $this->error_msg) . $close : ''; + return (count($this->error_msg) > 0) ? $open.implode($close.$open, $this->error_msg).$close : ''; } } -// END Image_lib Class /* End of file Image_lib.php */ /* Location: ./system/libraries/Image_lib.php */ diff --git a/system/libraries/Pagination.php b/system/libraries/Pagination.php index c59151bad..35ac541e8 100644 --- a/system/libraries/Pagination.php +++ b/system/libraries/Pagination.php @@ -128,7 +128,7 @@ class CI_Pagination { } // Calculate the total number of pages - $num_pages = ceil($this->total_rows / $this->per_page); + $num_pages = (int) ceil($this->total_rows / $this->per_page); // Is there only one page? Hm... nothing more to do here then. if ($num_pages === 1) diff --git a/system/libraries/Session.php b/system/libraries/Session.php index 04103a4d9..66b39a6a2 100644 --- a/system/libraries/Session.php +++ b/system/libraries/Session.php @@ -25,8 +25,6 @@ * @filesource */ -// ------------------------------------------------------------------------ - /** * Session Class * @@ -67,7 +65,7 @@ class CI_Session { */ public function __construct($params = array()) { - log_message('debug', "Session Class Initialized"); + log_message('debug', 'Session Class Initialized'); // Set the super object to a local variable for use throughout the class $this->CI =& get_instance(); @@ -93,14 +91,14 @@ class CI_Session { $this->CI->load->library('encrypt'); } - // Are we using a database? If so, load it - if ($this->sess_use_database === TRUE AND $this->sess_table_name != '') + // Are we using a database? If so, load it + if ($this->sess_use_database === TRUE && $this->sess_table_name != '') { $this->CI->load->database(); } - // Set the "now" time. Can either be GMT or server time, based on the - // config prefs. We use this to set the "last activity" time + // Set the "now" time. Can either be GMT or server time, based on the + // config prefs. We use this to set the "last activity" time $this->now = $this->_get_time(); // Set the session length. If the session expiration is @@ -114,7 +112,7 @@ class CI_Session { $this->sess_cookie_name = $this->cookie_prefix.$this->sess_cookie_name; // Run the Session routine. If a session doesn't exist we'll - // create a new one. If it does, we'll update it. + // create a new one. If it does, we'll update it. if ( ! $this->sess_read()) { $this->sess_create(); @@ -133,7 +131,7 @@ class CI_Session { // Delete expired sessions if necessary $this->_sess_gc(); - log_message('debug', "Session routines successfully run"); + log_message('debug', 'Session routines successfully run'); } // -------------------------------------------------------------------- @@ -166,7 +164,7 @@ class CI_Session { $hash = substr($session, strlen($session)-32); // get last 32 chars $session = substr($session, 0, strlen($session)-32); - // Does the md5 hash match? This is to prevent manipulation of session data in userspace + // Does the md5 hash match? This is to prevent manipulation of session data in userspace if ($hash !== md5($session.$this->encryption_key)) { log_message('error', 'The session cookie data did not match what was expected. This could be a possible hacking attempt.'); @@ -179,7 +177,7 @@ class CI_Session { $session = $this->_unserialize($session); // Is the session data we unserialized an array with the correct format? - if ( ! is_array($session) OR ! isset($session['session_id']) OR ! isset($session['ip_address']) OR ! isset($session['user_agent']) OR ! isset($session['last_activity'])) + if ( ! is_array($session) OR ! isset($session['session_id'], $session['ip_address'], $session['user_agent'], $session['last_activity'])) { $this->sess_destroy(); return FALSE; @@ -192,15 +190,15 @@ class CI_Session { return FALSE; } - // Does the IP Match? - if ($this->sess_match_ip == TRUE AND $session['ip_address'] !== $this->CI->input->ip_address()) + // Does the IP match? + if ($this->sess_match_ip == TRUE && $session['ip_address'] !== $this->CI->input->ip_address()) { $this->sess_destroy(); return FALSE; } // Does the User Agent Match? - if ($this->sess_match_useragent == TRUE AND trim($session['user_agent']) !== trim(substr($this->CI->input->user_agent(), 0, 120))) + if ($this->sess_match_useragent == TRUE && trim($session['user_agent']) !== trim(substr($this->CI->input->user_agent(), 0, 120))) { $this->sess_destroy(); return FALSE; @@ -223,7 +221,7 @@ class CI_Session { $query = $this->CI->db->get($this->sess_table_name); - // No result? Kill it! + // No result? Kill it! if ($query->num_rows() === 0) { $this->sess_destroy(); @@ -232,7 +230,7 @@ class CI_Session { // Is there custom data? If so, add it to the main session array $row = $query->row(); - if (isset($row->user_data) AND $row->user_data != '') + if (isset($row->user_data) && $row->user_data != '') { $custom_data = $this->_unserialize($row->user_data); @@ -282,7 +280,7 @@ class CI_Session { $cookie_userdata[$val] = $this->userdata[$val]; } - // Did we find any custom data? If not, we turn the empty array into a string + // Did we find any custom data? If not, we turn the empty array into a string // since there's no reason to serialize and store an empty array in the DB if (count($custom_userdata) === 0) { @@ -298,7 +296,7 @@ class CI_Session { $this->CI->db->where('session_id', $this->userdata['session_id']); $this->CI->db->update($this->sess_table_name, array('last_activity' => $this->userdata['last_activity'], 'user_data' => $custom_userdata)); - // Write the cookie. Notice that we manually pass the cookie data array to the + // Write the cookie. Notice that we manually pass the cookie data array to the // _set_cookie() function. Normally that function will store $this->userdata, but // in this case that array contains custom data, which we do not want in the cookie. $this->_set_cookie($cookie_userdata); @@ -324,13 +322,12 @@ class CI_Session { $sessid .= $this->CI->input->ip_address(); $this->userdata = array( - 'session_id' => md5(uniqid($sessid, TRUE)), - 'ip_address' => $this->CI->input->ip_address(), - 'user_agent' => substr($this->CI->input->user_agent(), 0, 120), - 'last_activity' => $this->now, - 'user_data' => '' - ); - + 'session_id' => md5(uniqid($sessid, TRUE)), + 'ip_address' => $this->CI->input->ip_address(), + 'user_agent' => substr($this->CI->input->user_agent(), 0, 120), + 'last_activity' => $this->now, + 'user_data' => '' + ); // Save the data to the DB if needed if ($this->sess_use_database === TRUE) @@ -357,6 +354,35 @@ class CI_Session { return; } + // _set_cookie() will handle this for us if we aren't using database sessions + // by pushing all userdata to the cookie. + $cookie_data = NULL; + + /* Changing the session ID during an AJAX call causes problems, + * so we'll only update our last_activity + */ + if ($this->CI->input->is_ajax_request()) + { + $this->userdata['last_activity'] = $this->now; + + // Update the session ID and last_activity field in the DB if needed + if ($this->sess_use_database === TRUE) + { + // set cookie explicitly to only have our session data + $cookie_data = array(); + foreach (array('session_id','ip_address','user_agent','last_activity') as $val) + { + $cookie_data[$val] = $this->userdata[$val]; + } + + $this->CI->db->query($this->CI->db->update_string($this->sess_table_name, + array('last_activity' => $this->userdata['last_activity']), + array('session_id' => $this->userdata['session_id']))); + } + + return $this->_set_cookie($cookie_data); + } + // Save the old session id so we know which record to // update in the database if we need it $old_sessid = $this->userdata['session_id']; @@ -374,10 +400,6 @@ class CI_Session { $this->userdata['session_id'] = $new_sessid = md5(uniqid($new_sessid, TRUE)); $this->userdata['last_activity'] = $this->now; - // _set_cookie() will handle this for us if we aren't using database sessions - // by pushing all userdata to the cookie. - $cookie_data = NULL; - // Update the session ID and last_activity field in the DB if needed if ($this->sess_use_database === TRUE) { @@ -405,7 +427,7 @@ class CI_Session { public function sess_destroy() { // Kill the session DB row - if ($this->sess_use_database === TRUE AND isset($this->userdata['session_id'])) + if ($this->sess_use_database === TRUE && isset($this->userdata['session_id'])) { $this->CI->db->where('session_id', $this->userdata['session_id']); $this->CI->db->delete($this->sess_table_name); @@ -413,13 +435,13 @@ class CI_Session { // Kill the cookie setcookie( - $this->sess_cookie_name, - addslashes(serialize(array())), - ($this->now - 31500000), - $this->cookie_path, - $this->cookie_domain, - 0 - ); + $this->sess_cookie_name, + addslashes(serialize(array())), + ($this->now - 31500000), + $this->cookie_path, + $this->cookie_domain, + 0 + ); } // -------------------------------------------------------------------- @@ -535,7 +557,7 @@ class CI_Session { */ public function keep_flashdata($key) { - // 'old' flashdata gets removed. Here we mark all + // 'old' flashdata gets removed. Here we mark all // flashdata as 'new' to preserve it from _flashdata_sweep() // Note the function will return FALSE if the $key // provided cannot be found @@ -586,7 +608,6 @@ class CI_Session { * * @return void */ - protected function _flashdata_sweep() { $userdata = $this->all_userdata(); @@ -609,13 +630,9 @@ class CI_Session { */ protected function _get_time() { - if (strtolower($this->time_reference) === 'gmt') - { - $now = time(); - return mktime(gmdate('H', $now), gmdate('i', $now), gmdate('s', $now), gmdate('m', $now), gmdate('d', $now), gmdate('Y', $now)); - } - - return time(); + return (strtolower($this->time_reference) === 'gmt') + ? mktime(gmdate('H'), gmdate('i'), gmdate('s'), gmdate('m'), gmdate('d'), gmdate('Y')) + : time(); } // -------------------------------------------------------------------- @@ -649,13 +666,13 @@ class CI_Session { // Set the cookie setcookie( - $this->sess_cookie_name, - $cookie_data, - $expire, - $this->cookie_path, - $this->cookie_domain, - $this->cookie_secure - ); + $this->sess_cookie_name, + $cookie_data, + $expire, + $this->cookie_path, + $this->cookie_domain, + $this->cookie_secure + ); } // -------------------------------------------------------------------- @@ -687,8 +704,11 @@ class CI_Session { * * This function converts any slashes found into a temporary marker * + * @param string + * @param string + * @return void */ - function _escape_slashes(&$val, $key) + protected function _escape_slashes(&$val, $key) { if (is_string($val)) { @@ -725,6 +745,9 @@ class CI_Session { * * This function converts any slash markers back into actual slashes * + * @param string + * @param string + * @return void */ protected function _unescape_slashes(&$val, $key) { @@ -763,9 +786,7 @@ class CI_Session { } } - } -// END Session Class /* End of file Session.php */ /* Location: ./system/libraries/Session.php */ diff --git a/system/libraries/Typography.php b/system/libraries/Typography.php index 76f0d4fc5..46c73ef8b 100644 --- a/system/libraries/Typography.php +++ b/system/libraries/Typography.php @@ -144,7 +144,7 @@ class CI_Typography { $process = TRUE; $paragraph = FALSE; - for ($i = 1, $c = count($chunks); $i <= $c; $i++) + for ($i = 0, $c = count($chunks) - 1; $i <= $c; $i++) { // Are we dealing with a tag? If so, we'll skip the processing for this cycle. // Well also set the "process" flag which allows us to skip <pre> tags and a few other things. diff --git a/system/libraries/Upload.php b/system/libraries/Upload.php index 0c63886e7..ac29c1bdd 100644 --- a/system/libraries/Upload.php +++ b/system/libraries/Upload.php @@ -1,4 +1,4 @@ -<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); /** * CodeIgniter * @@ -593,16 +593,17 @@ class CI_Upload { /** * Verify that the filetype is allowed * + * @param bool * @return bool */ public function is_allowed_filetype($ignore_mime = FALSE) { - if ($this->allowed_types == '*') + if ($this->allowed_types === '*') { return TRUE; } - if (count($this->allowed_types) == 0 OR ! is_array($this->allowed_types)) + if ( ! is_array($this->allowed_types) OR count($this->allowed_types) === 0) { $this->set_error('upload_no_file_types'); return FALSE; @@ -618,12 +619,9 @@ class CI_Upload { // Images get some additional checks $image_types = array('gif', 'jpg', 'jpeg', 'png', 'jpe'); - if (in_array($ext, $image_types)) + if (in_array($ext, $image_types) && @getimagesize($this->file_temp) === FALSE) { - if (getimagesize($this->file_temp) === FALSE) - { - return FALSE; - } + return FALSE; } if ($ignore_mime === TRUE) @@ -640,7 +638,7 @@ class CI_Upload { return TRUE; } } - elseif ($mime == $this->file_type) + elseif ($mime === $this->file_type) { return TRUE; } @@ -960,7 +958,7 @@ class CI_Upload { } elseif (is_file(APPPATH.'config/mimes.php')) { - include(APPPATH.'config//mimes.php'); + include(APPPATH.'config/mimes.php'); } else { @@ -1026,47 +1024,104 @@ class CI_Upload { */ protected function _file_mime_type($file) { - // Use if the Fileinfo extension, if available (only versions above 5.3 support the FILEINFO_MIME_TYPE flag) - if ( (float) substr(phpversion(), 0, 3) >= 5.3 && function_exists('finfo_file')) + // We'll need this to validate the MIME info string (e.g. text/plain; charset=us-ascii) + $regexp = '/^([a-z\-]+\/[a-z0-9\-\.\+]+)(;\s.+)?$/'; + + /* Fileinfo extension - most reliable method + * + * Unfortunately, prior to PHP 5.3 - it's only available as a PECL extension and the + * more convenient FILEINFO_MIME_TYPE flag doesn't exist. + */ + if (function_exists('finfo_file')) { - $finfo = new finfo(FILEINFO_MIME_TYPE); - if ($finfo !== FALSE) // This is possible, if there is no magic MIME database file found on the system + $finfo = finfo_open(FILEINFO_MIME); + if (is_resource($finfo)) // It is possible that a FALSE value is returned, if there is no magic MIME database file found on the system { - $file_type = $finfo->file($file['tmp_name']); + $mime = @finfo_file($finfo, $file['tmp_name']); + finfo_close($finfo); /* According to the comments section of the PHP manual page, * it is possible that this function returns an empty string * for some files (e.g. if they don't exist in the magic MIME database) */ - if (strlen($file_type) > 1) + if (is_string($mime) && preg_match($regexp, $mime, $matches)) { - $this->file_type = $file_type; + $this->file_type = $matches[1]; return; } } } - // Fall back to the deprecated mime_content_type(), if available - if (function_exists('mime_content_type')) - { - $this->file_type = @mime_content_type($file['tmp_name']); - return; - } - - /* This is an ugly hack, but UNIX-type systems provide a native way to detect the file type, - * which is still more secure than depending on the value of $_FILES[$field]['type']. + /* This is an ugly hack, but UNIX-type systems provide a "native" way to detect the file type, + * which is still more secure than depending on the value of $_FILES[$field]['type'], and as it + * was reported in issue #750 (https://github.com/EllisLab/CodeIgniter/issues/750) - it's better + * than mime_content_type() as well, hence the attempts to try calling the command line with + * three different functions. * * Notes: - * - a 'W' in the substr() expression bellow, would mean that we're using Windows - * - many system admins would disable the exec() function due to security concerns, hence the function_exists() check + * - the DIRECTORY_SEPARATOR comparison ensures that we're not on a Windows system + * - many system admins would disable the exec(), shell_exec(), popen() and similar functions + * due to security concerns, hence the function_exists() checks */ - if (DIRECTORY_SEPARATOR !== '\\' && function_exists('exec')) + if (DIRECTORY_SEPARATOR !== '\\') + { + $cmd = 'file --brief --mime ' . escapeshellarg($file['tmp_name']) . ' 2>&1'; + + if (function_exists('exec')) + { + /* This might look confusing, as $mime is being populated with all of the output when set in the second parameter. + * However, we only neeed the last line, which is the actual return value of exec(), and as such - it overwrites + * anything that could already be set for $mime previously. This effectively makes the second parameter a dummy + * value, which is only put to allow us to get the return status code. + */ + $mime = @exec($cmd, $mime, $return_status); + if ($return_status === 0 && is_string($mime) && preg_match($regexp, $mime, $matches)) + { + $this->file_type = $matches[1]; + return; + } + } + + if ( (bool) @ini_get('safe_mode') === FALSE && function_exists('shell_exec')) + { + $mime = @shell_exec($cmd); + if (strlen($mime) > 0) + { + $mime = explode("\n", trim($mime)); + if (preg_match($regexp, $mime[(count($mime) - 1)], $matches)) + { + $this->file_type = $matches[1]; + return; + } + } + } + + if (function_exists('popen')) + { + $proc = @popen($cmd, 'r'); + if (is_resource($proc)) + { + $mime = @fread($test, 512); + @pclose($proc); + if ($mime !== FALSE) + { + $mime = explode("\n", trim($mime)); + if (preg_match($regexp, $mime[(count($mime) - 1)], $matches)) + { + $this->file_type = $matches[1]; + return; + } + } + } + } + } + + // Fall back to the deprecated mime_content_type(), if available (still better than $_FILES[$field]['type']) + if (function_exists('mime_content_type')) { - $output = array(); - @exec('file --brief --mime-type ' . escapeshellarg($file['tmp_path']), $output, $return_code); - if ($return_code === 0 && strlen($output[0]) > 0) // A return status code != 0 would mean failed execution + $this->file_type = @mime_content_type($file['tmp_name']); + if (strlen($this->file_type) > 0) // It's possible that mime_content_type() returns FALSE or an empty string { - $this->file_type = rtrim($output[0]); return; } } |