diff options
Diffstat (limited to 'system/libraries')
29 files changed, 408 insertions, 89 deletions
diff --git a/system/libraries/Calendar.php b/system/libraries/Calendar.php index a6bdae50a..fcfcf62ca 100644 --- a/system/libraries/Calendar.php +++ b/system/libraries/Calendar.php @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Libraries * @author EllisLab Dev Team - * @link https://codeigniter.com/user_guide/libraries/calendar.html + * @link https://codeigniter.com/userguide3/libraries/calendar.html */ class CI_Calendar { diff --git a/system/libraries/Email.php b/system/libraries/Email.php index 1912e0442..b01e44a63 100644 --- a/system/libraries/Email.php +++ b/system/libraries/Email.php @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Libraries * @author EllisLab Dev Team - * @link https://codeigniter.com/user_guide/libraries/email.html + * @link https://codeigniter.com/userguide3/libraries/email.html */ class CI_Email { @@ -389,7 +389,7 @@ class CI_Email { $this->charset = config_item('charset'); $this->initialize($config); - isset(self::$func_overload) OR self::$func_overload = (extension_loaded('mbstring') && ini_get('mbstring.func_overload')); + isset(self::$func_overload) OR self::$func_overload = ( ! is_php('8.0') && extension_loaded('mbstring') && @ini_get('mbstring.func_overload')); log_message('info', 'Email Class Initialized'); } diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index 7ed185f1b..df1af4cf4 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Libraries * @author EllisLab Dev Team - * @link https://codeigniter.com/user_guide/libraries/encryption.html + * @link https://codeigniter.com/userguide3/libraries/encryption.html */ class CI_Encrypt { @@ -198,7 +198,7 @@ class CI_Encrypt { * This allows for backwards compatibility and a method to transition to the * new encryption algorithms. * - * For more details, see https://codeigniter.com/user_guide/installation/upgrade_200.html#encryption + * For more details, see https://codeigniter.com/userguide3/installation/upgrade_200.html#encryption * * @param string * @param int (mcrypt mode constant) diff --git a/system/libraries/Encryption.php b/system/libraries/Encryption.php index fd858cb29..7d648dfa3 100644 --- a/system/libraries/Encryption.php +++ b/system/libraries/Encryption.php @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Libraries * @author Andrey Andreev - * @link https://codeigniter.com/user_guide/libraries/encryption.html + * @link https://codeigniter.com/userguide3/libraries/encryption.html */ class CI_Encryption { @@ -161,7 +161,7 @@ class CI_Encryption { show_error('Encryption: Unable to find an available encryption driver.'); } - isset(self::$func_overload) OR self::$func_overload = (extension_loaded('mbstring') && ini_get('mbstring.func_overload')); + isset(self::$func_overload) OR self::$func_overload = ( ! is_php('8.0') && extension_loaded('mbstring') && @ini_get('mbstring.func_overload')); $this->initialize($params); if ( ! isset($this->_key) && self::strlen($key = config_item('encryption_key')) > 0) @@ -476,7 +476,7 @@ class CI_Encryption { $iv = ($iv_size = openssl_cipher_iv_length($params['handle'])) ? $this->create_key($iv_size) - : NULL; + : ''; $data = openssl_encrypt( $data, @@ -585,7 +585,7 @@ class CI_Encryption { } else { - $iv = NULL; + $iv = ''; } if (mcrypt_generic_init($params['handle'], $params['key'], $iv) < 0) @@ -632,7 +632,7 @@ class CI_Encryption { } else { - $iv = NULL; + $iv = ''; } return empty($params['handle']) @@ -910,8 +910,8 @@ class CI_Encryption { protected static function strlen($str) { return (self::$func_overload) - ? mb_strlen($str, '8bit') - : strlen($str); + ? mb_strlen((string) $str, '8bit') + : strlen((string) $str); } // -------------------------------------------------------------------- diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php index de59ef9f7..043a97c6d 100644 --- a/system/libraries/Form_validation.php +++ b/system/libraries/Form_validation.php @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Validation * @author EllisLab Dev Team - * @link https://codeigniter.com/user_guide/libraries/form_validation.html + * @link https://codeigniter.com/userguide3/libraries/form_validation.html */ class CI_Form_validation { @@ -1062,7 +1062,7 @@ class CI_Form_validation { { return is_array($str) ? (empty($str) === FALSE) - : (trim($str) !== ''); + : (trim((string) $str) !== ''); } // -------------------------------------------------------------------- diff --git a/system/libraries/Ftp.php b/system/libraries/Ftp.php index 4f0f5dfb3..92644153a 100644 --- a/system/libraries/Ftp.php +++ b/system/libraries/Ftp.php @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Libraries * @author EllisLab Dev Team - * @link https://codeigniter.com/user_guide/libraries/ftp.html + * @link https://codeigniter.com/userguide3/libraries/ftp.html */ class CI_FTP { @@ -202,7 +202,7 @@ class CI_FTP { */ protected function _is_conn() { - if ( ! is_resource($this->conn_id)) + if ($this->conn_id !== FALSE) { if ($this->debug === TRUE) { diff --git a/system/libraries/Image_lib.php b/system/libraries/Image_lib.php index 0d9fa4420..6aeee1790 100644 --- a/system/libraries/Image_lib.php +++ b/system/libraries/Image_lib.php @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Image_lib * @author EllisLab Dev Team - * @link https://codeigniter.com/user_guide/libraries/image_lib.html + * @link https://codeigniter.com/userguide3/libraries/image_lib.html */ class CI_Image_lib { @@ -1474,15 +1474,16 @@ class CI_Image_lib { $this->set_error(array('imglib_unsupported_imagecreate', 'imglib_png_not_supported')); return FALSE; } + + return imagecreatefrompng($path); case 18: if ( ! function_exists('imagecreatefromwebp')) { $this->set_error(array('imglib_unsupported_imagecreate', 'imglib_webp_not_supported')); return FALSE; } - return imagecreatefromwebp($path); - return imagecreatefrompng($path); + return imagecreatefromwebp($path); default: $this->set_error(array('imglib_unsupported_imagecreate')); return FALSE; diff --git a/system/libraries/Migration.php b/system/libraries/Migration.php index 1b7808923..915d4e453 100644 --- a/system/libraries/Migration.php +++ b/system/libraries/Migration.php @@ -288,7 +288,7 @@ class CI_Migration { $this->_error_string = sprintf($this->lang->line('migration_class_doesnt_exist'), $class); return FALSE; } - elseif ( ! is_callable(array($class, $method))) + elseif ( ! method_exists($class, $method) OR ! (new ReflectionMethod($class, $method))->isPublic()) { $this->_error_string = sprintf($this->lang->line('migration_missing_'.$method.'_method'), $class); return FALSE; diff --git a/system/libraries/Pagination.php b/system/libraries/Pagination.php index 11d63fe50..20418c00a 100644 --- a/system/libraries/Pagination.php +++ b/system/libraries/Pagination.php @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Pagination * @author EllisLab Dev Team - * @link https://codeigniter.com/user_guide/libraries/pagination.html + * @link https://codeigniter.com/userguide3/libraries/pagination.html */ class CI_Pagination { diff --git a/system/libraries/Parser.php b/system/libraries/Parser.php index d3c6500ae..04476f1a2 100644 --- a/system/libraries/Parser.php +++ b/system/libraries/Parser.php @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Parser * @author EllisLab Dev Team - * @link https://codeigniter.com/user_guide/libraries/parser.html + * @link https://codeigniter.com/userguide3/libraries/parser.html */ class CI_Parser { diff --git a/system/libraries/Profiler.php b/system/libraries/Profiler.php index e3c4bd10a..5531f3366 100644 --- a/system/libraries/Profiler.php +++ b/system/libraries/Profiler.php @@ -50,7 +50,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Libraries * @author EllisLab Dev Team - * @link https://codeigniter.com/user_guide/general/profiling.html + * @link https://codeigniter.com/userguide3/general/profiling.html */ class CI_Profiler { diff --git a/system/libraries/Session/CI_Session_driver_interface.php b/system/libraries/Session/CI_Session_driver_interface.php new file mode 100644 index 000000000..a854e92af --- /dev/null +++ b/system/libraries/Session/CI_Session_driver_interface.php @@ -0,0 +1,58 @@ +<?php +/** + * CodeIgniter + * + * An open source application development framework for PHP + * + * This content is released under the MIT License (MIT) + * + * Copyright (c) 2022, CodeIgniter Foundation + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN + * THE SOFTWARE. + * + * @package CodeIgniter + * @author EllisLab Dev Team + * @copyright Copyright (c) 2022, CodeIgniter Foundation (https://codeigniter.com/) + * @license http://opensource.org/licenses/MIT MIT License + * @link https://codeigniter.com + * @since Version 3.0.0 + * @filesource + */ +defined('BASEPATH') OR exit('No direct script access allowed'); + +/** + * CI_Session_driver_interface + * + * A compatibility typeless SessionHandlerInterface alias + * + * @package CodeIgniter + * @subpackage Libraries + * @category Sessions + * @author Andrey Andreev + * @link https://codeigniter.com/userguide3/libraries/sessions.html + */ +interface CI_Session_driver_interface { + + public function open($save_path, $name); + public function close(); + public function read($session_id); + public function write($session_id, $session_data); + public function destroy($session_id); + public function gc($maxlifetime); +} diff --git a/system/libraries/Session/OldSessionWrapper.php b/system/libraries/Session/OldSessionWrapper.php new file mode 100644 index 000000000..5934b5218 --- /dev/null +++ b/system/libraries/Session/OldSessionWrapper.php @@ -0,0 +1,88 @@ +<?php +/** + * CodeIgniter + * + * An open source application development framework for PHP + * + * This content is released under the MIT License (MIT) + * + * Copyright (c) 2022, CodeIgniter Foundation + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN + * THE SOFTWARE. + * + * @package CodeIgniter + * @author EllisLab Dev Team + * @copyright Copyright (c) 2022, CodeIgniter Foundation (https://codeigniter.com/) + * @license http://opensource.org/licenses/MIT MIT License + * @link https://codeigniter.com + * @since Version 3.0.0 + * @filesource + */ +defined('BASEPATH') OR exit('No direct script access allowed'); + +/** + * OldSessionWrapper + * + * PHP 8 Session handler compatibility wrapper, pre-PHP8 version + * + * @package CodeIgniter + * @subpackage Libraries + * @category Sessions + * @author Andrey Andreev + * @link https://codeigniter.com/userguide3/libraries/sessions.html + */ +class CI_SessionWrapper implements SessionHandlerInterface { + + protected CI_Session_driver_interface $driver; + + public function __construct(CI_Session_driver_interface $driver) + { + $this->driver = $driver; + } + + public function open($save_path, $name) + { + return $this->driver->open($save_path, $name); + } + + public function close() + { + return $this->driver->close(); + } + + public function read($id) + { + return $this->driver->read($id); + } + + public function write($id, $data) + { + return $this->driver->write($id, $data); + } + + public function destroy($id) + { + return $this->driver->destroy($id); + } + + public function gc($maxlifetime) + { + return $this->driver->gc($maxlifetime); + } +} diff --git a/system/libraries/Session/PHP8SessionWrapper.php b/system/libraries/Session/PHP8SessionWrapper.php new file mode 100644 index 000000000..c6dfaf7e0 --- /dev/null +++ b/system/libraries/Session/PHP8SessionWrapper.php @@ -0,0 +1,90 @@ +<?php +/** + * CodeIgniter + * + * An open source application development framework for PHP + * + * This content is released under the MIT License (MIT) + * + * Copyright (c) 2022, CodeIgniter Foundation + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN + * THE SOFTWARE. + * + * @package CodeIgniter + * @author EllisLab Dev Team + * @copyright Copyright (c) 2022, CodeIgniter Foundation (https://codeigniter.com/) + * @license http://opensource.org/licenses/MIT MIT License + * @link https://codeigniter.com + * @since Version 3.0.0 + * @filesource + */ +defined('BASEPATH') OR exit('No direct script access allowed'); + +/** + * PHP8SessionWrapper + * + * PHP 8 Session handler compatibility wrapper + * + * @package CodeIgniter + * @subpackage Libraries + * @category Sessions + * @author Andrey Andreev + * @link https://codeigniter.com/userguide3/libraries/sessions.html + */ +class CI_SessionWrapper implements SessionHandlerInterface { + + protected CI_Session_driver_interface $driver; + + public function __construct(CI_Session_driver_interface $driver) + { + $this->driver = $driver; + } + + public function open(string $save_path, string $name): bool + { + return $this->driver->open($save_path, $name); + } + + public function close(): bool + { + return $this->driver->close(); + } + + #[\ReturnTypeWillChange] + public function read(string $id): mixed + { + return $this->driver->read($id); + } + + public function write(string $id, string $data): bool + { + return $this->driver->write($id, $data); + } + + public function destroy(string $id): bool + { + return $this->driver->destroy($id); + } + + #[\ReturnTypeWillChange] + public function gc(int $maxlifetime): mixed + { + return $this->driver->gc($maxlifetime); + } +} diff --git a/system/libraries/Session/Session.php b/system/libraries/Session/Session.php index dfd0f432e..f370f7f19 100644 --- a/system/libraries/Session/Session.php +++ b/system/libraries/Session/Session.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2019, British Columbia Institute of Technology + * Copyright (c) 2019 - 2022, CodeIgniter Foundation * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -30,6 +30,7 @@ * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) * @copyright Copyright (c) 2014 - 2019, British Columbia Institute of Technology (https://bcit.ca/) + * @copyright Copyright (c) 2019 - 2022, CodeIgniter Foundation (https://codeigniter.com/) * @license https://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com * @since Version 2.0.0 @@ -44,7 +45,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Sessions * @author Andrey Andreev - * @link https://codeigniter.com/user_guide/libraries/sessions.html + * @link https://codeigniter.com/userguide3/libraries/sessions.html */ class CI_Session { @@ -102,15 +103,24 @@ class CI_Session { $this->_configure($params); $this->_config['_sid_regexp'] = $this->_sid_regexp; - $class = new $class($this->_config); - if ($class instanceof SessionHandlerInterface) + $class = new $class($this->_config); + $wrapper = new CI_SessionWrapper($class); + if (is_php('5.4')) { session_set_save_handler($class, TRUE); } else { - log_message('error', "Session: Driver '".$this->_driver."' doesn't implement SessionHandlerInterface. Aborting."); - return; + session_set_save_handler( + array($class, 'open'), + array($class, 'close'), + array($class, 'read'), + array($class, 'write'), + array($class, 'destroy'), + array($class, 'gc') + ); + + register_shutdown_function('session_write_close'); } // Sanitize the cookie, because apparently PHP doesn't do that for userspace handlers @@ -144,15 +154,36 @@ class CI_Session { // unless it is being currently created or regenerated elseif (isset($_COOKIE[$this->_config['cookie_name']]) && $_COOKIE[$this->_config['cookie_name']] === session_id()) { - setcookie( - $this->_config['cookie_name'], - session_id(), - (empty($this->_config['cookie_lifetime']) ? 0 : time() + $this->_config['cookie_lifetime']), - $this->_config['cookie_path'], - $this->_config['cookie_domain'], - $this->_config['cookie_secure'], - TRUE - ); + $expires = empty($this->_config['cookie_lifetime']) ? 0 : time() + $this->_config['cookie_lifetime']; + if (is_php('7.3')) + { + setcookie( + $this->_config['cookie_name'], + session_id(), + array( + 'expires' => $expires, + 'path' => $this->_config['cookie_path'], + 'domain' => $this->_config['cookie_domain'], + 'secure' => $this->_config['cookie_secure'], + 'httponly' => TRUE, + 'samesite' => $this->_config['cookie_samesite'] + ) + ); + } + else + { + $header = 'Set-Cookie: '.$this->_config['cookie_name'].'='.session_id(); + $header .= empty($expires) ? '' : '; Expires='.gmdate('D, d-M-Y H:i:s T', $expires).'; Max-Age='.$this->_config['cookie_lifetime']; + $header .= '; Path='.$this->_config['cookie_path']; + $header .= ($this->_config['cookie_domain'] !== '' ? '; Domain='.$this->_config['cookie_domain'] : ''); + $header .= ($this->_config['cookie_secure'] ? '; Secure' : '').'; HttpOnly; SameSite='.$this->_config['cookie_samesite']; + header($header); + } + + if ( ! $this->_config['cookie_secure'] && $this->_config['cookie_samesite'] === 'None') + { + log_message('error', 'Session:', $this->_config['cookie_name'].' cookie sent with SameSite=None, but without Secure attribute.'); + } } $this->_ci_init_vars(); @@ -174,6 +205,10 @@ class CI_Session { */ protected function _ci_load_classes($driver) { + require_once(BASEPATH.'libraries/Session/CI_Session_driver_interface.php'); + $wrapper = is_php('8.0') ? 'PHP8SessionWrapper' : 'OldSessionWrapper'; + require_once(BASEPATH.'libraries/Session/'.$wrapper.'.php'); + $prefix = config_item('subclass_prefix'); if ( ! class_exists('CI_Session_driver', FALSE)) @@ -267,13 +302,43 @@ class CI_Session { isset($params['cookie_domain']) OR $params['cookie_domain'] = config_item('cookie_domain'); isset($params['cookie_secure']) OR $params['cookie_secure'] = (bool) config_item('cookie_secure'); - session_set_cookie_params( - $params['cookie_lifetime'], - $params['cookie_path'], - $params['cookie_domain'], - $params['cookie_secure'], - TRUE // HttpOnly; Yes, this is intentional and not configurable for security reasons - ); + isset($params['cookie_samesite']) OR $params['cookie_samesite'] = config_item('sess_samesite'); + if ( ! isset($params['cookie_samesite']) && is_php('7.3')) + { + $params['cookie_samesite'] = ini_get('session.cookie_samesite'); + } + + if (isset($params['cookie_samesite'])) + { + $params['cookie_samesite'] = ucfirst(strtolower($params['cookie_samesite'])); + in_array($params['cookie_samesite'], array('Lax', 'Strict', 'None'), TRUE) OR $params['cookie_samesite'] = 'Lax'; + } + else + { + $params['cookie_samesite'] = 'Lax'; + } + + if (is_php('7.3')) + { + session_set_cookie_params(array( + 'lifetime' => $params['cookie_lifetime'], + 'path' => $params['cookie_path'], + 'domain' => $params['cookie_domain'], + 'secure' => $params['cookie_secure'], + 'httponly' => $params['cookie_httponly'], + 'samesite' => $params['cookie_samesite'] + )); + } + else + { + session_set_cookie_params( + $params['cookie_lifetime'], + $params['cookie_path'], + $params['cookie_domain'], + $params['cookie_secure'], + TRUE // HttpOnly; Yes, this is intentional and not configurable for security reasons + ); + } if (empty($expiration)) { @@ -396,9 +461,7 @@ class CI_Session { { $_SESSION['__ci_vars'][$key] = 'old'; } - // Hacky, but 'old' will (implicitly) always be less than time() ;) - // DO NOT move this above the 'new' check! - elseif ($value < $current_time) + elseif ($value === 'old' || $value < $current_time) { unset($_SESSION[$key], $_SESSION['__ci_vars'][$key]); } @@ -706,7 +769,7 @@ class CI_Session { * * Legacy CI_Session compatibility method * - * @returns array + * @return array */ public function &get_userdata() { diff --git a/system/libraries/Session/Session_driver.php b/system/libraries/Session/Session_driver.php index dbc833739..b1b1b073e 100644 --- a/system/libraries/Session/Session_driver.php +++ b/system/libraries/Session/Session_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2019, British Columbia Institute of Technology + * Copyright (c) 2019 - 2022, CodeIgniter Foundation * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -30,6 +30,7 @@ * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) * @copyright Copyright (c) 2014 - 2019, British Columbia Institute of Technology (https://bcit.ca/) + * @copyright Copyright (c) 2019 - 2022, CodeIgniter Foundation (https://codeigniter.com/) * @license https://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com * @since Version 3.0.0 @@ -44,9 +45,9 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Sessions * @author Andrey Andreev - * @link https://codeigniter.com/user_guide/libraries/sessions.html + * @link https://codeigniter.com/userguide3/libraries/sessions.html */ -abstract class CI_Session_driver implements SessionHandlerInterface { +abstract class CI_Session_driver { protected $_config; @@ -139,14 +140,28 @@ abstract class CI_Session_driver implements SessionHandlerInterface { */ protected function _cookie_destroy() { + if ( ! is_php('7.3')) + { + $header = 'Set-Cookie: '.$this->_config['cookie_name'].'='; + $header .= '; Expires='.gmdate('D, d-M-Y H:i:s T', 1).'; Max-Age=-1'; + $header .= '; Path='.$this->_config['cookie_path']; + $header .= ($this->_config['cookie_domain'] !== '' ? '; Domain='.$this->_config['cookie_domain'] : ''); + $header .= ($this->_config['cookie_secure'] ? '; Secure' : '').'; HttpOnly; SameSite='.$this->_config['cookie_samesite']; + header($header); + return; + } + return setcookie( $this->_config['cookie_name'], NULL, - 1, - $this->_config['cookie_path'], - $this->_config['cookie_domain'], - $this->_config['cookie_secure'], - TRUE + array( + 'expires' => 1, + 'path' => $this->_config['cookie_path'], + 'domain' => $this->_config['cookie_domain'], + 'secure' => $this->_config['cookie_secure'], + 'httponly' => TRUE, + 'samesite' => $this->_config['cookie_samesite'] + ) ); } diff --git a/system/libraries/Session/drivers/Session_database_driver.php b/system/libraries/Session/drivers/Session_database_driver.php index 89afe3455..2f788a1a1 100644 --- a/system/libraries/Session/drivers/Session_database_driver.php +++ b/system/libraries/Session/drivers/Session_database_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2019, British Columbia Institute of Technology + * Copyright (c) 2019 - 2022, CodeIgniter Foundation * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -30,6 +30,7 @@ * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) * @copyright Copyright (c) 2014 - 2019, British Columbia Institute of Technology (https://bcit.ca/) + * @copyright Copyright (c) 2019 - 2022, CodeIgniter Foundation (https://codeigniter.com/) * @license https://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com * @since Version 3.0.0 @@ -44,9 +45,9 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Sessions * @author Andrey Andreev - * @link https://codeigniter.com/user_guide/libraries/sessions.html + * @link https://codeigniter.com/userguide3/libraries/sessions.html */ -class CI_Session_database_driver extends CI_Session_driver implements SessionHandlerInterface { +class CI_Session_database_driver extends CI_Session_driver implements CI_Session_driver_interface { /** * DB object diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php index d9966273b..4b7b9878b 100644 --- a/system/libraries/Session/drivers/Session_files_driver.php +++ b/system/libraries/Session/drivers/Session_files_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2019, British Columbia Institute of Technology + * Copyright (c) 2019 - 2022, CodeIgniter Foundation * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -30,6 +30,7 @@ * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) * @copyright Copyright (c) 2014 - 2019, British Columbia Institute of Technology (https://bcit.ca/) + * @copyright Copyright (c) 2019 - 2022, CodeIgniter Foundation (https://codeigniter.com/) * @license https://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com * @since Version 3.0.0 @@ -44,9 +45,9 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Sessions * @author Andrey Andreev - * @link https://codeigniter.com/user_guide/libraries/sessions.html + * @link https://codeigniter.com/userguide3/libraries/sessions.html */ -class CI_Session_files_driver extends CI_Session_driver implements SessionHandlerInterface { +class CI_Session_files_driver extends CI_Session_driver implements CI_Session_driver_interface { /** * Save path @@ -115,7 +116,7 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle $this->_sid_regexp = $this->_config['_sid_regexp']; - isset(self::$func_overload) OR self::$func_overload = (extension_loaded('mbstring') && ini_get('mbstring.func_overload')); + isset(self::$func_overload) OR self::$func_overload = ( ! is_php('8.0') && extension_loaded('mbstring') && @ini_get('mbstring.func_overload')); } // ------------------------------------------------------------------------ diff --git a/system/libraries/Session/drivers/Session_memcached_driver.php b/system/libraries/Session/drivers/Session_memcached_driver.php index 854adf821..d84a9df1d 100644 --- a/system/libraries/Session/drivers/Session_memcached_driver.php +++ b/system/libraries/Session/drivers/Session_memcached_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2019, British Columbia Institute of Technology + * Copyright (c) 2019 - 2022, CodeIgniter Foundation * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -30,6 +30,7 @@ * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) * @copyright Copyright (c) 2014 - 2019, British Columbia Institute of Technology (https://bcit.ca/) + * @copyright Copyright (c) 2019 - 2022, CodeIgniter Foundation (https://codeigniter.com/) * @license https://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com * @since Version 3.0.0 @@ -44,9 +45,9 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Sessions * @author Andrey Andreev - * @link https://codeigniter.com/user_guide/libraries/sessions.html + * @link https://codeigniter.com/userguide3/libraries/sessions.html */ -class CI_Session_memcached_driver extends CI_Session_driver implements SessionHandlerInterface { +class CI_Session_memcached_driver extends CI_Session_driver implements CI_Session_driver_interface { /** * Memcached instance diff --git a/system/libraries/Session/drivers/Session_redis_driver.php b/system/libraries/Session/drivers/Session_redis_driver.php index 1bbb13db5..fae024bee 100644 --- a/system/libraries/Session/drivers/Session_redis_driver.php +++ b/system/libraries/Session/drivers/Session_redis_driver.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2019, British Columbia Institute of Technology + * Copyright (c) 2019 - 2022, CodeIgniter Foundation * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -30,6 +30,7 @@ * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) * @copyright Copyright (c) 2014 - 2019, British Columbia Institute of Technology (https://bcit.ca/) + * @copyright Copyright (c) 2019 - 2022, CodeIgniter Foundation (https://codeigniter.com/) * @license https://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com * @since Version 3.0.0 @@ -44,9 +45,9 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Sessions * @author Andrey Andreev - * @link https://codeigniter.com/user_guide/libraries/sessions.html + * @link https://codeigniter.com/userguide3/libraries/sessions.html */ -class CI_Session_redis_driver extends CI_Session_driver implements SessionHandlerInterface { +class CI_Session_redis_driver extends CI_Session_driver implements CI_Session_driver_interface { /** * phpRedis instance @@ -137,7 +138,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle { $save_path = array('path' => $matches[1]); } - elseif (preg_match('#(?:tcp://)?([^:?]+)(?:\:(\d+))?(?<options>\?.+)?#', $this->_config['save_path'], $matches)) + elseif (preg_match('#(?:(?:tcp|tls)://)?([^:?]+)(?:\:(\d+))?(?<options>\?.+)?#', $this->_config['save_path'], $matches)) { $save_path = array( 'host' => $matches[1], diff --git a/system/libraries/Table.php b/system/libraries/Table.php index 055512698..98258b63d 100644 --- a/system/libraries/Table.php +++ b/system/libraries/Table.php @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category HTML Tables * @author EllisLab Dev Team - * @link https://codeigniter.com/user_guide/libraries/table.html + * @link https://codeigniter.com/userguide3/libraries/table.html */ class CI_Table { diff --git a/system/libraries/Trackback.php b/system/libraries/Trackback.php index 07f066d01..75ccae8f8 100644 --- a/system/libraries/Trackback.php +++ b/system/libraries/Trackback.php @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Trackbacks * @author EllisLab Dev Team - * @link https://codeigniter.com/user_guide/libraries/trackback.html + * @link https://codeigniter.com/userguide3/libraries/trackback.html */ class CI_Trackback { diff --git a/system/libraries/Typography.php b/system/libraries/Typography.php index e67138c1a..d919d484a 100644 --- a/system/libraries/Typography.php +++ b/system/libraries/Typography.php @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Helpers * @author EllisLab Dev Team - * @link https://codeigniter.com/user_guide/libraries/typography.html + * @link https://codeigniter.com/userguide3/libraries/typography.html */ class CI_Typography { diff --git a/system/libraries/Unit_test.php b/system/libraries/Unit_test.php index 631d583ba..55e3bfcb2 100644 --- a/system/libraries/Unit_test.php +++ b/system/libraries/Unit_test.php @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category UnitTesting * @author EllisLab Dev Team - * @link https://codeigniter.com/user_guide/libraries/unit_testing.html + * @link https://codeigniter.com/userguide3/libraries/unit_testing.html */ class CI_Unit_test { diff --git a/system/libraries/Upload.php b/system/libraries/Upload.php index 95f765b78..281ebef1a 100644 --- a/system/libraries/Upload.php +++ b/system/libraries/Upload.php @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Uploads * @author EllisLab Dev Team - * @link https://codeigniter.com/user_guide/libraries/file_uploading.html + * @link https://codeigniter.com/userguide3/libraries/file_uploading.html */ class CI_Upload { @@ -1227,7 +1227,7 @@ class CI_Upload { if (function_exists('finfo_file')) { $finfo = @finfo_open(FILEINFO_MIME); - if (is_resource($finfo)) // It is possible that a FALSE value is returned, if there is no magic MIME database file found on the system + if ($finfo !== FALSE) // It is possible that a FALSE value is returned, if there is no magic MIME database file found on the system { $mime = @finfo_file($finfo, $file['tmp_name']); finfo_close($finfo); diff --git a/system/libraries/User_agent.php b/system/libraries/User_agent.php index a70511fc3..c144db7a8 100644 --- a/system/libraries/User_agent.php +++ b/system/libraries/User_agent.php @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category User Agent * @author EllisLab Dev Team - * @link https://codeigniter.com/user_guide/libraries/user_agent.html + * @link https://codeigniter.com/userguide3/libraries/user_agent.html */ class CI_User_agent { @@ -498,7 +498,7 @@ class CI_User_agent { else { $referer_host = @parse_url($_SERVER['HTTP_REFERER'], PHP_URL_HOST); - $own_host = parse_url(config_item('base_url'), PHP_URL_HOST); + $own_host = parse_url((string) config_item('base_url'), PHP_URL_HOST); $this->referer = ($referer_host && $referer_host !== $own_host); } diff --git a/system/libraries/Xmlrpc.php b/system/libraries/Xmlrpc.php index 4e8c303c7..11d4400fe 100644 --- a/system/libraries/Xmlrpc.php +++ b/system/libraries/Xmlrpc.php @@ -51,7 +51,7 @@ if ( ! function_exists('xml_parser_create')) * @subpackage Libraries * @category XML-RPC * @author EllisLab Dev Team - * @link https://codeigniter.com/user_guide/libraries/xmlrpc.html + * @link https://codeigniter.com/userguide3/libraries/xmlrpc.html */ class CI_Xmlrpc { @@ -559,7 +559,7 @@ class CI_Xmlrpc { * * @category XML-RPC * @author EllisLab Dev Team - * @link https://codeigniter.com/user_guide/libraries/xmlrpc.html + * @link https://codeigniter.com/userguide3/libraries/xmlrpc.html */ class XML_RPC_Client extends CI_Xmlrpc { @@ -780,7 +780,7 @@ class XML_RPC_Client extends CI_Xmlrpc * * @category XML-RPC * @author EllisLab Dev Team - * @link https://codeigniter.com/user_guide/libraries/xmlrpc.html + * @link https://codeigniter.com/userguide3/libraries/xmlrpc.html */ class XML_RPC_Response { @@ -1028,7 +1028,7 @@ class XML_RPC_Response * * @category XML-RPC * @author EllisLab Dev Team - * @link https://codeigniter.com/user_guide/libraries/xmlrpc.html + * @link https://codeigniter.com/userguide3/libraries/xmlrpc.html */ class XML_RPC_Message extends CI_Xmlrpc { @@ -1647,7 +1647,7 @@ class XML_RPC_Message extends CI_Xmlrpc * * @category XML-RPC * @author EllisLab Dev Team - * @link https://codeigniter.com/user_guide/libraries/xmlrpc.html + * @link https://codeigniter.com/userguide3/libraries/xmlrpc.html */ class XML_RPC_Values extends CI_Xmlrpc { @@ -1912,7 +1912,7 @@ class XML_RPC_Values extends CI_Xmlrpc */ public function iso8601_encode($time, $utc = FALSE) { - return ($utc) ? strftime('%Y%m%dT%H:%i:%s', $time) : gmstrftime('%Y%m%dT%H:%i:%s', $time); + return ($utc) ? date('Ymd\TH:i:s', $time) : gmdate('Ymd\TH:i:s', $time); } } // END XML_RPC_Values Class diff --git a/system/libraries/Xmlrpcs.php b/system/libraries/Xmlrpcs.php index e70b80397..e20bf4836 100644 --- a/system/libraries/Xmlrpcs.php +++ b/system/libraries/Xmlrpcs.php @@ -56,7 +56,7 @@ if ( ! class_exists('CI_Xmlrpc', FALSE)) * @subpackage Libraries * @category XML-RPC * @author EllisLab Dev Team - * @link https://codeigniter.com/user_guide/libraries/xmlrpc.html + * @link https://codeigniter.com/userguide3/libraries/xmlrpc.html */ class CI_Xmlrpcs extends CI_Xmlrpc { @@ -348,7 +348,7 @@ class CI_Xmlrpcs extends CI_Xmlrpc { return new XML_RPC_Response(0, $this->xmlrpcerr['unknown_method'], $this->xmlrpcstr['unknown_method']); } } - elseif (($objectCall && ! is_callable(array($method_parts[0], $method_parts[1]))) + elseif (($objectCall && ( ! method_exists($method_parts[0], $method_parts[1]) OR ! (new ReflectionMethod($method_parts[0], $method_parts[1]))->isPublic())) OR ( ! $objectCall && ! is_callable($this->methods[$methName]['function'])) ) { diff --git a/system/libraries/Zip.php b/system/libraries/Zip.php index 4579e8c2b..f744493a9 100644 --- a/system/libraries/Zip.php +++ b/system/libraries/Zip.php @@ -50,7 +50,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Encryption * @author EllisLab Dev Team - * @link https://codeigniter.com/user_guide/libraries/zip.html + * @link https://codeigniter.com/userguide3/libraries/zip.html */ class CI_Zip { @@ -119,7 +119,7 @@ class CI_Zip { */ public function __construct() { - isset(self::$func_overload) OR self::$func_overload = (extension_loaded('mbstring') && ini_get('mbstring.func_overload')); + isset(self::$func_overload) OR self::$func_overload = ( ! is_php('8.0') && extension_loaded('mbstring') && @ini_get('mbstring.func_overload')); $this->now = time(); log_message('info', 'Zip Compression Class Initialized'); |