diff options
Diffstat (limited to 'system/libraries')
| -rw-r--r-- | system/libraries/Cart.php | 4 | ||||
| -rw-r--r-- | system/libraries/Email.php | 22 | ||||
| -rw-r--r-- | system/libraries/Encrypt.php | 2 | ||||
| -rw-r--r-- | system/libraries/Form_validation.php | 2 | ||||
| -rw-r--r-- | system/libraries/Profiler.php | 4 | ||||
| -rw-r--r-- | system/libraries/Session/drivers/Session_cookie.php | 3 | ||||
| -rw-r--r-- | system/libraries/Upload.php | 32 |
7 files changed, 45 insertions, 24 deletions
diff --git a/system/libraries/Cart.php b/system/libraries/Cart.php index b7b0697fb..edc300bd7 100644 --- a/system/libraries/Cart.php +++ b/system/libraries/Cart.php @@ -51,7 +51,7 @@ class CI_Cart { * * @var string */ - public $product_name_rules = '\.\:\-_ a-z0-9'; + public $product_name_rules = '\w \-\.\:'; /** * only allow safe product names @@ -214,7 +214,7 @@ class CI_Cart { // Validate the product name. It can only be alpha-numeric, dashes, underscores, colons or periods. // Note: These can be user-specified by setting the $this->product_name_rules variable. - if ($this->product_name_safe && ! preg_match('/^['.$this->product_name_rules.']+$/i', $items['name'])) + if ($this->product_name_safe && ! preg_match('/^['.$this->product_name_rules.']+$/i'.(UTF8_ENABLED ? 'u' : ''), $items['name'])) { log_message('error', 'An invalid name was submitted as the product name: '.$items['name'].' The name can only contain alpha-numeric characters, dashes, underscores, colons, and spaces'); return FALSE; diff --git a/system/libraries/Email.php b/system/libraries/Email.php index a745d331d..46ffaa1d4 100644 --- a/system/libraries/Email.php +++ b/system/libraries/Email.php @@ -739,7 +739,7 @@ class CI_Email { */ public function set_header($header, $value) { - $this->_headers[$header] = $value; + $this->_headers[$header] = str_replace(array("\n", "\r"), '', $value); } // -------------------------------------------------------------------- @@ -1236,7 +1236,7 @@ class CI_Email { /** * Build Final Body and attachments * - * @return void + * @return bool */ protected function _build_message() { @@ -1275,7 +1275,7 @@ class CI_Email { if ($this->send_multipart === FALSE) { $hdr .= 'Content-Type: text/html; charset='.$this->charset.$this->newline - .'Content-Transfer-Encoding: quoted-printable'; + .'Content-Transfer-Encoding: quoted-printable'.$this->newline.$this->newline; } else { @@ -1401,7 +1401,7 @@ class CI_Email { $body .= implode($this->newline, $attachment).$this->newline.'--'.$this->_atc_boundary.'--'; $this->_finalbody = ($this->_get_protocol() === 'mail') ? $body : $hdr.$body; - return; + return TRUE; } // -------------------------------------------------------------------- @@ -1606,7 +1606,11 @@ class CI_Email { return $result; } - $this->_build_message(); + if ($this->_build_message() === FALSE) + { + return FALSE; + } + $result = $this->_spool_email(); if ($result && $auto_clear) @@ -1665,7 +1669,11 @@ class CI_Email { $this->_bcc_array = $bcc; } - $this->_build_message(); + if ($this->_build_message() === FALSE) + { + return FALSE; + } + $this->_spool_email(); } } @@ -2132,7 +2140,7 @@ class CI_Email { if (in_array('headers', $include, TRUE)) { - $raw_data = $this->_header_str."\n"; + $raw_data = htmlspecialchars($this->_header_str)."\n"; } if (in_array('subject', $include, TRUE)) diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index c6a1cb175..8ac5420de 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -244,7 +244,7 @@ class CI_Encrypt { $rand = ''; do { - $rand .= mt_rand(0, mt_getrandmax()); + $rand .= mt_rand(); } while (strlen($rand) < 32); diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php index 1ed50844c..40ba01202 100644 --- a/system/libraries/Form_validation.php +++ b/system/libraries/Form_validation.php @@ -1405,7 +1405,7 @@ class CI_Form_validation { */ public function valid_base64($str) { - return ! preg_match('/[^a-zA-Z0-9\/\+=]/', $str); + return (base64_encode(base64_decode($str)) === $str); } // -------------------------------------------------------------------- diff --git a/system/libraries/Profiler.php b/system/libraries/Profiler.php index 470688fdc..0c60efb8b 100644 --- a/system/libraries/Profiler.php +++ b/system/libraries/Profiler.php @@ -405,7 +405,7 @@ class CI_Profiler { .'<fieldset id="ci_profiler_controller_info" style="border:1px solid #995300;padding:6px 10px 10px 10px;margin:20px 0 20px 0;background-color:#eee;">' ."\n" .'<legend style="color:#995300;"> '.$this->CI->lang->line('profiler_controller_info')." </legend>\n" - .'<div style="color:#995300;font-weight:normal;padding:4px 0 4px 0;">'.$this->CI->router->fetch_class().'/'.$this->CI->router->fetch_method() + .'<div style="color:#995300;font-weight:normal;padding:4px 0 4px 0;">'.$this->CI->router->class.'/'.$this->CI->router->method .'</div></fieldset>'; } @@ -447,7 +447,7 @@ class CI_Profiler { .' (<span style="cursor: pointer;" onclick="var s=document.getElementById(\'ci_profiler_httpheaders_table\').style;s.display=s.display==\'none\'?\'\':\'none\';this.innerHTML=this.innerHTML==\''.$this->CI->lang->line('profiler_section_show').'\'?\''.$this->CI->lang->line('profiler_section_hide').'\':\''.$this->CI->lang->line('profiler_section_show').'\';">'.$this->CI->lang->line('profiler_section_show')."</span>)</legend>\n\n\n" .'<table style="width:100%;display:none;" id="ci_profiler_httpheaders_table">'."\n"; - foreach (array('HTTP_ACCEPT', 'HTTP_USER_AGENT', 'HTTP_CONNECTION', 'SERVER_PORT', 'SERVER_NAME', 'REMOTE_ADDR', 'SERVER_SOFTWARE', 'HTTP_ACCEPT_LANGUAGE', 'SCRIPT_NAME', 'REQUEST_METHOD',' HTTP_HOST', 'REMOTE_HOST', 'CONTENT_TYPE', 'SERVER_PROTOCOL', 'QUERY_STRING', 'HTTP_ACCEPT_ENCODING', 'HTTP_X_FORWARDED_FOR') as $header) + foreach (array('HTTP_ACCEPT', 'HTTP_USER_AGENT', 'HTTP_CONNECTION', 'SERVER_PORT', 'SERVER_NAME', 'REMOTE_ADDR', 'SERVER_SOFTWARE', 'HTTP_ACCEPT_LANGUAGE', 'SCRIPT_NAME', 'REQUEST_METHOD',' HTTP_HOST', 'REMOTE_HOST', 'CONTENT_TYPE', 'SERVER_PROTOCOL', 'QUERY_STRING', 'HTTP_ACCEPT_ENCODING', 'HTTP_X_FORWARDED_FOR', 'HTTP_DNT') as $header) { $val = isset($_SERVER[$header]) ? $_SERVER[$header] : ''; $output .= '<tr><td style="vertical-align:top;width:50%;padding:5px;color:#900;background-color:#ddd;">' diff --git a/system/libraries/Session/drivers/Session_cookie.php b/system/libraries/Session/drivers/Session_cookie.php index 0e8644102..7174d63c8 100644 --- a/system/libraries/Session/drivers/Session_cookie.php +++ b/system/libraries/Session/drivers/Session_cookie.php @@ -641,7 +641,7 @@ class CI_Session_cookie extends CI_Session_driver { $new_sessid = ''; do { - $new_sessid .= mt_rand(0, mt_getrandmax()); + $new_sessid .= mt_rand(); } while (strlen($new_sessid) < 32); @@ -832,7 +832,6 @@ class CI_Session_cookie extends CI_Session_driver { $probability = ini_get('session.gc_probability'); $divisor = ini_get('session.gc_divisor'); - srand(time()); if ((mt_rand(0, $divisor) / $divisor) < $probability) { $expire = $this->now - $this->sess_expiration; diff --git a/system/libraries/Upload.php b/system/libraries/Upload.php index 82b46f094..85428044d 100644 --- a/system/libraries/Upload.php +++ b/system/libraries/Upload.php @@ -136,6 +136,13 @@ class CI_Upload { public $file_ext = ''; /** + * Force filename extension to lowercase + * + * @var string + */ + public $file_ext_tolower = FALSE; + + /** * Upload path * * @var string @@ -294,6 +301,7 @@ class CI_Upload { 'file_type' => '', 'file_size' => NULL, 'file_ext' => '', + 'file_ext_tolower' => FALSE, 'upload_path' => '', 'overwrite' => FALSE, 'encrypt_name' => FALSE, @@ -366,25 +374,25 @@ class CI_Upload { switch ($error) { - case 1: // UPLOAD_ERR_INI_SIZE + case UPLOAD_ERR_INI_SIZE: $this->set_error('upload_file_exceeds_limit'); break; - case 2: // UPLOAD_ERR_FORM_SIZE + case UPLOAD_ERR_FORM_SIZE: $this->set_error('upload_file_exceeds_form_limit'); break; - case 3: // UPLOAD_ERR_PARTIAL + case UPLOAD_ERR_PARTIAL: $this->set_error('upload_file_partial'); break; - case 4: // UPLOAD_ERR_NO_FILE + case UPLOAD_ERR_NO_FILE: $this->set_error('upload_no_file_selected'); break; - case 6: // UPLOAD_ERR_NO_TMP_DIR + case UPLOAD_ERR_NO_TMP_DIR: $this->set_error('upload_no_temp_directory'); break; - case 7: // UPLOAD_ERR_CANT_WRITE + case UPLOAD_ERR_CANT_WRITE: $this->set_error('upload_unable_to_write_file'); break; - case 8: // UPLOAD_ERR_EXTENSION + case UPLOAD_ERR_EXTENSION: $this->set_error('upload_stopped_by_extension'); break; default: @@ -604,7 +612,6 @@ class CI_Upload { { if ($this->encrypt_name === TRUE) { - mt_srand(); $filename = md5(uniqid(mt_rand())).$this->file_ext; } @@ -966,7 +973,14 @@ class CI_Upload { public function get_extension($filename) { $x = explode('.', $filename); - return (count($x) !== 1) ? '.'.end($x) : ''; + + if (count($x) === 1) + { + return ''; + } + + $ext = ($this->file_ext_tolower) ? strtolower(end($x)) : end($x); + return '.'.$ext; } // -------------------------------------------------------------------- |