diff options
Diffstat (limited to 'system/libraries')
-rw-r--r-- | system/libraries/Cache/drivers/Cache_memcached.php | 4 | ||||
-rw-r--r-- | system/libraries/Cart.php | 4 | ||||
-rw-r--r-- | system/libraries/Driver.php | 19 | ||||
-rw-r--r-- | system/libraries/Email.php | 55 | ||||
-rw-r--r-- | system/libraries/Form_validation.php | 21 | ||||
-rw-r--r-- | system/libraries/Image_lib.php | 2 | ||||
-rw-r--r-- | system/libraries/Javascript.php | 2 | ||||
-rw-r--r-- | system/libraries/Javascript/Jquery.php (renamed from system/libraries/javascript/Jquery.php) | 0 | ||||
-rw-r--r-- | system/libraries/Javascript/index.html (renamed from system/libraries/javascript/index.html) | 0 | ||||
-rw-r--r-- | system/libraries/Migration.php | 6 | ||||
-rw-r--r-- | system/libraries/Pagination.php | 198 | ||||
-rw-r--r-- | system/libraries/Profiler.php | 3 | ||||
-rw-r--r-- | system/libraries/Session/drivers/Session_cookie.php | 5 | ||||
-rw-r--r-- | system/libraries/Upload.php | 51 | ||||
-rw-r--r-- | system/libraries/User_agent.php | 13 | ||||
-rw-r--r-- | system/libraries/Xmlrpcs.php | 2 |
16 files changed, 223 insertions, 162 deletions
diff --git a/system/libraries/Cache/drivers/Cache_memcached.php b/system/libraries/Cache/drivers/Cache_memcached.php index 8096b2650..246a7a264 100644 --- a/system/libraries/Cache/drivers/Cache_memcached.php +++ b/system/libraries/Cache/drivers/Cache_memcached.php @@ -182,11 +182,11 @@ class CI_Cache_memcached extends CI_Driver { } } - if (class_exists('Memcached')) + if (class_exists('Memcached', FALSE)) { $this->_memcached = new Memcached(); } - elseif (class_exists('Memcache')) + elseif (class_exists('Memcache', FALSE)) { $this->_memcached = new Memcache(); } diff --git a/system/libraries/Cart.php b/system/libraries/Cart.php index 8734d7774..b7b0697fb 100644 --- a/system/libraries/Cart.php +++ b/system/libraries/Cart.php @@ -95,7 +95,7 @@ class CI_Cart { $config = is_array($params) ? $params : array(); // Load the Sessions class - $this->CI->load->library('session', $config); + $this->CI->load->driver('session', $config); // Grab the shopping cart array from the session table $this->_cart_contents = $this->CI->session->userdata('cart_contents'); @@ -365,7 +365,7 @@ class CI_Cart { */ protected function _save_cart() { - // Lets add up the individual prices and set the cart sub-total + // Let's add up the individual prices and set the cart sub-total $this->_cart_contents['total_items'] = $this->_cart_contents['cart_total'] = 0; foreach ($this->_cart_contents as $key => $val) { diff --git a/system/libraries/Driver.php b/system/libraries/Driver.php index bb7318991..ba15f81df 100644 --- a/system/libraries/Driver.php +++ b/system/libraries/Driver.php @@ -80,8 +80,7 @@ class CI_Driver_Library { public function load_driver($child) { // Get CodeIgniter instance and subclass prefix - $CI = get_instance(); - $prefix = (string) $CI->config->item('subclass_prefix'); + $prefix = config_item('subclass_prefix'); if ( ! isset($this->lib_name)) { @@ -102,11 +101,12 @@ class CI_Driver_Library { } // Get package paths and filename case variations to search + $CI = get_instance(); $paths = $CI->load->get_package_paths(TRUE); // Is there an extension? $class_name = $prefix.$child_name; - $found = class_exists($class_name); + $found = class_exists($class_name, FALSE); if ( ! $found) { // Check for subclass file @@ -126,8 +126,8 @@ class CI_Driver_Library { } // Include both sources and mark found - include($basepath); - include($file); + include_once($basepath); + include_once($file); $found = TRUE; break; } @@ -139,8 +139,7 @@ class CI_Driver_Library { { // Use standard class name $class_name = 'CI_'.$child_name; - $found = class_exists($class_name); - if ( ! $found) + if ( ! class_exists($class_name, FALSE)) { // Check package paths foreach ($paths as $path) @@ -150,7 +149,7 @@ class CI_Driver_Library { if (file_exists($file)) { // Include source - include($file); + include_once($file); break; } } @@ -158,9 +157,9 @@ class CI_Driver_Library { } // Did we finally find the class? - if ( ! class_exists($class_name)) + if ( ! class_exists($class_name, FALSE)) { - if (class_exists($child_name)) + if (class_exists($child_name, FALSE)) { $class_name = $child_name; } diff --git a/system/libraries/Email.php b/system/libraries/Email.php index 997757b0a..daa38484b 100644 --- a/system/libraries/Email.php +++ b/system/libraries/Email.php @@ -96,6 +96,13 @@ class CI_Email { public $smtp_timeout = 5; /** + * SMTP persistent connection + * + * @var bool + */ + public $smtp_keepalive = FALSE; + + /** * SMTP Encryption * * @var string NULL, 'tls' or 'ssl' @@ -403,6 +410,21 @@ class CI_Email { // -------------------------------------------------------------------- /** + * Destructor - Releases Resources + * + * @return void + */ + public function __destruct() + { + if (is_resource($this->_smtp_connect)) + { + $this->_send_command('quit'); + } + } + + // -------------------------------------------------------------------- + + /** * Initialize preferences * * @param array @@ -1183,8 +1205,11 @@ class CI_Email { { if ($this->protocol === 'mail') { - $this->_subject = $this->_headers['Subject']; - unset($this->_headers['Subject']); + if (isset($this->_headers['Subject'])) + { + $this->_subject = $this->_headers['Subject']; + unset($this->_headers['Subject']); + } } reset($this->_headers); @@ -1824,7 +1849,15 @@ class CI_Email { return FALSE; } - $this->_send_command('quit'); + if ($this->smtp_keepalive) + { + $this->_send_command('reset'); + } + else + { + $this->_send_command('quit'); + } + return TRUE; } @@ -1837,6 +1870,11 @@ class CI_Email { */ protected function _smtp_connect() { + if (is_resource($this->_smtp_connect)) + { + return TRUE; + } + $ssl = ($this->smtp_crypto === 'ssl') ? 'ssl://' : NULL; $this->_smtp_connect = fsockopen($ssl.$this->smtp_host, @@ -1851,6 +1889,7 @@ class CI_Email { return FALSE; } + stream_set_timeout($this->_smtp_connect, $this->smtp_timeout); $this->_set_error_message($this->_get_smtp_data()); if ($this->smtp_crypto === 'tls') @@ -1924,6 +1963,11 @@ class CI_Email { $this->_send_data('DATA'); $resp = 354; break; + case 'reset': + + $this->_send_data('RSET'); + $resp = 250; + break; case 'quit' : $this->_send_data('QUIT'); @@ -1973,6 +2017,11 @@ class CI_Email { $reply = $this->_get_smtp_data(); + if (strpos($reply, '503') !== 0) // Already authenticated + { + return TRUE; + } + if (strpos($reply, '334') !== 0) { $this->_set_error_message('lang:email_failed_smtp_login', $reply); diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php index bbd0b523e..172e799f6 100644 --- a/system/libraries/Form_validation.php +++ b/system/libraries/Form_validation.php @@ -356,7 +356,7 @@ class CI_Form_validation { */ public function error_string($prefix = '', $suffix = '') { - // No errrors, validation passes! + // No errors, validation passes! if (count($this->_error_array) === 0) { return ''; @@ -517,7 +517,7 @@ class CI_Form_validation { { if (isset($_POST[$row['field']])) { - $_POST[$row['field']] = $this->prep_for_form($row['postdata']); + $_POST[$row['field']] = $row['postdata']; } } else @@ -543,14 +543,14 @@ class CI_Form_validation { $array = array(); foreach ($row['postdata'] as $k => $v) { - $array[$k] = $this->prep_for_form($v); + $array[$k] = $v; } $post_ref = $array; } else { - $post_ref = $this->prep_for_form($row['postdata']); + $post_ref = $row['postdata']; } } } @@ -1232,6 +1232,19 @@ class CI_Form_validation { // -------------------------------------------------------------------- /** + * Alpha-numeric w/ spaces + * + * @param string + * @return bool + */ + public function alpha_numeric_spaces($str) + { + return (bool) preg_match('/^[A-Z0-9 ]+$/i', $str); + } + + // -------------------------------------------------------------------- + + /** * Alpha-numeric with underscores and dashes * * @param string diff --git a/system/libraries/Image_lib.php b/system/libraries/Image_lib.php index 6d5493696..0cec43fc4 100644 --- a/system/libraries/Image_lib.php +++ b/system/libraries/Image_lib.php @@ -810,7 +810,7 @@ class CI_Image_lib { imagedestroy($dst_img); imagedestroy($src_img); - // Set the file to 777 + // Set the file to 666 @chmod($this->full_dst_path, FILE_WRITE_MODE); return TRUE; diff --git a/system/libraries/Javascript.php b/system/libraries/Javascript.php index 7f1d85511..773a58384 100644 --- a/system/libraries/Javascript.php +++ b/system/libraries/Javascript.php @@ -69,7 +69,7 @@ class CI_Javascript { $this->CI =& get_instance(); // load the requested js library - $this->CI->load->library('javascript/'.$js_library_driver, array('autoload' => $autoload)); + $this->CI->load->library('Javascript/'.$js_library_driver, array('autoload' => $autoload)); // make js to refer to current library $this->js =& $this->CI->$js_library_driver; diff --git a/system/libraries/javascript/Jquery.php b/system/libraries/Javascript/Jquery.php index b6e0434b2..b6e0434b2 100644 --- a/system/libraries/javascript/Jquery.php +++ b/system/libraries/Javascript/Jquery.php diff --git a/system/libraries/javascript/index.html b/system/libraries/Javascript/index.html index c942a79ce..c942a79ce 100644 --- a/system/libraries/javascript/index.html +++ b/system/libraries/Javascript/index.html diff --git a/system/libraries/Migration.php b/system/libraries/Migration.php index fd915c382..cc6fe48f0 100644 --- a/system/libraries/Migration.php +++ b/system/libraries/Migration.php @@ -104,8 +104,8 @@ class CI_Migration { */ public function __construct($config = array()) { - # Only run this constructor on main library load - if (get_parent_class($this) !== FALSE) + // Only run this constructor on main library load + if ( ! in_array(get_class($this), array('CI_Migration', config_item('subclass_prefix').'Migration'), TRUE)) { return; } @@ -228,7 +228,7 @@ class CI_Migration { $class = 'Migration_'.ucfirst(strtolower($this->_get_migration_name(basename($file, '.php')))); // Validate the migration file structure - if ( ! class_exists($class)) + if ( ! class_exists($class, FALSE)) { $this->_error_string = sprintf($this->lang->line('migration_class_doesnt_exist'), $class); return FALSE; diff --git a/system/libraries/Pagination.php b/system/libraries/Pagination.php index d139980d8..10fb29dbd 100644 --- a/system/libraries/Pagination.php +++ b/system/libraries/Pagination.php @@ -133,7 +133,7 @@ class CI_Pagination { * * @var int */ - protected $uri_segment = 3; + protected $uri_segment = 0; /** * Full tag open @@ -318,11 +318,9 @@ class CI_Pagination { */ public function initialize($params = array()) { - $attributes = array(); - if (isset($params['attributes']) && is_array($params['attributes'])) { - $attributes = $params['attributes']; + $this->_parse_attributes($params['attributes']); unset($params['attributes']); } @@ -334,8 +332,6 @@ class CI_Pagination { unset($params['anchor_class']); } - $this->_parse_attributes($attributes); - if (count($params) > 0) { foreach ($params as $key => $val) @@ -372,45 +368,119 @@ class CI_Pagination { return ''; } - // Set the base page index for starting page number - $base_page = ($this->use_page_numbers) ? 1 : 0; + // Check the user defined number of links. + $this->num_links = (int) $this->num_links; + + if ($this->num_links < 1) + { + show_error('Your number of links must be a positive number.'); + } - // Determine the current page number. $CI =& get_instance(); - // See if we are using a prefix or suffix on links - if ($this->prefix !== '' OR $this->suffix !== '') + // Keep any existing query string items. + // Note: Has nothing to do with any other query string option. + if ($this->reuse_query_string === TRUE) { - $this->cur_page = (int) str_replace(array($this->prefix, $this->suffix), '', $CI->uri->rsegment($this->uri_segment)); + $get = $CI->input->get(); + + // Unset the controll, method, old-school routing options + unset($get['c'], $get['m'], $get[$this->query_string_segment]); + } + else + { + $get = array(); } + // Put together our base and first URLs. + $this->base_url = trim($this->base_url); + + $query_string = ''; + $query_string_sep = (strpos($this->base_url, '?') === FALSE) ? '?' : '&'; + + // Are we using query strings? if ($CI->config->item('enable_query_strings') === TRUE OR $this->page_query_string === TRUE) { - if ($CI->input->get($this->query_string_segment) != $base_page) + // If a custom first_url hasn't been specified, we'll create one from + // the base_url, but without the page item. + if ($this->first_url === '') { - $this->cur_page = (int) $CI->input->get($this->query_string_segment); + $this->first_url = $this->base_url; + + // If we saved any GET items earlier, make sure they're appended. + if ( ! empty($get)) + { + $this->first_url .= $query_string_sep.http_build_query($get); + } } + + // Add the page segment to the end of the query string, where the + // page number will be appended. + $this->base_url .= $query_string_sep.http_build_query(array_merge($get, array($this->query_string_segment => ''))); } - elseif ( ! $this->cur_page && $CI->uri->segment($this->uri_segment) !== $base_page) + else { - $this->cur_page = (int) $CI->uri->rsegment($this->uri_segment); + // Standard segment mode. + // Generate our saved query string to append later after the page number. + if ( ! empty($get)) + { + $query_string = $query_string_sep.http_build_query($get); + $this->suffix .= $query_string; + } + + // Does the base_url have the query string in it? + // If we're supposed to save it, remove it so we can append it later. + if ($this->reuse_query_string === TRUE && ($base_query_pos = strpos($this->base_url, '?')) !== FALSE) + { + $this->base_url = substr($this->base_url, 0, $base_query_pos); + } + + if ($this->first_url === '') + { + $this->first_url = $this->base_url.$query_string; + } + + $this->base_url = rtrim($this->base_url, '/').'/'; } - // Set current page to 1 if it's not valid or if using page numbers instead of offset - if ( ! is_numeric($this->cur_page) OR ($this->use_page_numbers && $this->cur_page === 0)) + // Determine the current page number. + $base_page = ($this->use_page_numbers) ? 1 : 0; + + // Are we using query strings? + if ($CI->config->item('enable_query_strings') === TRUE OR $this->page_query_string === TRUE) { - $this->cur_page = $base_page; + $this->cur_page = $CI->input->get($this->query_string_segment); } + else + { + // Default to the last segment number if one hasn't been defined. + if ($this->uri_segment === 0) + { + $this->uri_segment = count($CI->uri->segment_array()); + } - $this->num_links = (int) $this->num_links; + $this->cur_page = $CI->uri->segment($this->uri_segment); - if ($this->num_links < 1) + // Remove any specified prefix/suffix from the segment. + if ($this->prefix !== '' OR $this->suffix !== '') + { + $this->cur_page = str_replace(array($this->prefix, $this->suffix), '', $this->cur_page); + } + } + + // If something isn't quite right, back to the default base page. + if ( ! ctype_digit($this->cur_page) OR ($this->use_page_numbers && (int) $this->cur_page === 0)) { - show_error('Your number of links must be a positive number.'); + $this->cur_page = $base_page; + } + else + { + // Make sure we're using integers for comparisons later. + $this->cur_page = (int) $this->cur_page; } // Is the page number beyond the result range? - // If so we show the last page + // If so, we show the last page. if ($this->use_page_numbers) { if ($this->cur_page > $num_pages) @@ -425,80 +495,47 @@ class CI_Pagination { $uri_page_number = $this->cur_page; + // If we're using offset instead of page numbers, convert it + // to a page number, so we can generate the surrounding number links. if ( ! $this->use_page_numbers) { $this->cur_page = (int) floor(($this->cur_page/$this->per_page) + 1); } // Calculate the start and end numbers. These determine - // which number to start and end the digit links with + // which number to start and end the digit links with. $start = (($this->cur_page - $this->num_links) > 0) ? $this->cur_page - ($this->num_links - 1) : 1; $end = (($this->cur_page + $this->num_links) < $num_pages) ? $this->cur_page + $this->num_links : $num_pages; - // Is pagination being used over GET or POST? If get, add a per_page query - // string. If post, add a trailing slash to the base URL if needed - if ($CI->config->item('enable_query_strings') === TRUE OR $this->page_query_string === TRUE) - { - $segment = (strpos($this->base_url, '?')) ? '&' : '?'; - $this->base_url = rtrim($this->base_url).$segment.$this->query_string_segment.'='; - } - else - { - $this->base_url = rtrim($this->base_url, '/') .'/'; - } - // And here we go... $output = ''; - $query_string = ''; - - // Add anything in the query string back to the links - // Note: Nothing to do with query_string_segment or any other query string options - if ($this->reuse_query_string === TRUE) - { - $get = $CI->input->get(); - - // Unset the controll, method, old-school routing options - unset($get['c'], $get['m'], $get[$this->query_string_segment]); - if ( ! empty($get)) - { - // Put everything else onto the end - $query_string = (strpos($this->base_url, '?') !== FALSE ? '&' : '?') - .http_build_query($get, '', '&'); - - // Add this after the suffix to put it into more links easily - $this->suffix .= $query_string; - } - } - - // Render the "First" link + // Render the "First" link. if ($this->first_link !== FALSE && $this->cur_page > ($this->num_links + 1)) { - $first_url = ($this->first_url === '') ? $this->base_url : $this->first_url; - - // Take the general parameters, and squeeze this pagination-page attr in there for JS fw's + // Take the general parameters, and squeeze this pagination-page attr in for JS frameworks. $attributes = sprintf('%s %s="%d"', $this->_attributes, $this->data_page_attr, 1); - $output .= $this->first_tag_open.'<a href="'.$first_url.'"'.$attributes.$this->_attr_rel('start').'>' + $output .= $this->first_tag_open.'<a href="'.$this->first_url.'"'.$attributes.$this->_attr_rel('start').'>' .$this->first_link.'</a>'.$this->first_tag_close; } - // Render the "previous" link + // Render the "Previous" link. if ($this->prev_link !== FALSE && $this->cur_page !== 1) { $i = ($this->use_page_numbers) ? $uri_page_number - 1 : $uri_page_number - $this->per_page; - // Take the general parameters, and squeeze this pagination-page attr in there for JS fw's $attributes = sprintf('%s %s="%d"', $this->_attributes, $this->data_page_attr, (int) $i); - if ($i === $base_page && $this->first_url !== '') + if ($i === $base_page) { - $output .= $this->prev_tag_open.'<a href="'.$this->first_url.$query_string.'"'.$attributes.$this->_attr_rel('prev').'>' + // First page + $output .= $this->prev_tag_open.'<a href="'.$this->first_url.'"'.$attributes.$this->_attr_rel('prev').'>' .$this->prev_link.'</a>'.$this->prev_tag_close; } else { - $append = ($i === $base_page) ? $query_string : $this->prefix.$i.$this->suffix; + $append = $this->prefix.$i.$this->suffix; $output .= $this->prev_tag_open.'<a href="'.$this->base_url.$append.'"'.$attributes.$this->_attr_rel('prev').'>' .$this->prev_link.'</a>'.$this->prev_tag_close; } @@ -513,29 +550,26 @@ class CI_Pagination { { $i = ($this->use_page_numbers) ? $loop : ($loop * $this->per_page) - $this->per_page; - // Take the general parameters, and squeeze this pagination-page attr in there for JS fw's $attributes = sprintf('%s %s="%d"', $this->_attributes, $this->data_page_attr, (int) $i); if ($i >= $base_page) { if ($this->cur_page === $loop) { - $output .= $this->cur_tag_open.$loop.$this->cur_tag_close; // Current page + // Current page + $output .= $this->cur_tag_open.$loop.$this->cur_tag_close; + } + elseif ($i === $base_page) + { + // First page + $output .= $this->num_tag_open.'<a href="'.$this->first_url.'"'.$attributes.$this->_attr_rel('start').'>' + .$loop.'</a>'.$this->num_tag_close; } else { - $n = ($i === $base_page) ? '' : $i; - if ($n === '' && ! empty($this->first_url)) - { - $output .= $this->num_tag_open.'<a href="'.$this->first_url.$query_string.'"'.$attributes.$this->_attr_rel('start').'>' - .$loop.'</a>'.$this->num_tag_close; - } - else - { - $append = ($n === '') ? $query_string : $this->prefix.$n.$this->suffix; - $output .= $this->num_tag_open.'<a href="'.$this->base_url.$append.'"'.$attributes.$this->_attr_rel('start').'>' - .$loop.'</a>'.$this->num_tag_close; - } + $append = $this->prefix.$i.$this->suffix; + $output .= $this->num_tag_open.'<a href="'.$this->base_url.$append.'"'.$attributes.$this->_attr_rel('start').'>' + .$loop.'</a>'.$this->num_tag_close; } } } @@ -546,7 +580,6 @@ class CI_Pagination { { $i = ($this->use_page_numbers) ? $this->cur_page + 1 : $this->cur_page * $this->per_page; - // Take the general parameters, and squeeze this pagination-page attr in there for JS fw's $attributes = sprintf('%s %s="%d"', $this->_attributes, $this->data_page_attr, (int) $i); $output .= $this->next_tag_open.'<a href="'.$this->base_url.$this->prefix.$i.$this->suffix.'"'.$attributes @@ -558,7 +591,6 @@ class CI_Pagination { { $i = ($this->use_page_numbers) ? $num_pages : ($num_pages * $this->per_page) - $this->per_page; - // Take the general parameters, and squeeze this pagination-page attr in there for JS fw's $attributes = sprintf('%s %s="%d"', $this->_attributes, $this->data_page_attr, (int) $i); $output .= $this->last_tag_open.'<a href="'.$this->base_url.$this->prefix.$i.$this->suffix.'"'.$attributes.'>' diff --git a/system/libraries/Profiler.php b/system/libraries/Profiler.php index e93239901..470688fdc 100644 --- a/system/libraries/Profiler.php +++ b/system/libraries/Profiler.php @@ -238,6 +238,7 @@ class CI_Profiler { foreach ($dbs as $name => $db) { $hide_queries = (count($db->queries) > $this->_query_toggle_count) ? ' display:none' : ''; + $total_time = number_format(array_sum($db->query_times), 4).' '.$this->CI->lang->line('profiler_seconds'); $show_hide_js = '(<span style="cursor: pointer;" onclick="var s=document.getElementById(\'ci_profiler_queries_db_'.$count.'\').style;s.display=s.display==\'none\'?\'\':\'none\';this.innerHTML=this.innerHTML==\''.$this->CI->lang->line('profiler_section_hide').'\'?\''.$this->CI->lang->line('profiler_section_show').'\':\''.$this->CI->lang->line('profiler_section_hide').'\';">'.$this->CI->lang->line('profiler_section_hide').'</span>)'; @@ -250,7 +251,7 @@ class CI_Profiler { ."\n" .'<legend style="color:#0000FF;"> '.$this->CI->lang->line('profiler_database') .': '.$db->database.' ('.$name.') '.$this->CI->lang->line('profiler_queries') - .': '.count($db->queries).' '.$show_hide_js."</legend>\n\n\n" + .': '.count($db->queries).' ('.$total_time.') '.$show_hide_js."</legend>\n\n\n" .'<table style="width:100%;'.$hide_queries.'" id="ci_profiler_queries_db_'.$count."\">\n"; if (count($db->queries) === 0) diff --git a/system/libraries/Session/drivers/Session_cookie.php b/system/libraries/Session/drivers/Session_cookie.php index 474641642..057e5a1d1 100644 --- a/system/libraries/Session/drivers/Session_cookie.php +++ b/system/libraries/Session/drivers/Session_cookie.php @@ -602,6 +602,9 @@ class CI_Session_cookie extends CI_Session_driver { $set['user_data'] = $this->_serialize($userdata); } + // Reset query builder values. + $this->CI->db->reset_query(); + // Run the update query // Any time we change the session id, it gets updated immediately, // so our where clause below is always safe @@ -805,7 +808,7 @@ class CI_Session_cookie extends CI_Session_driver { { if (is_string($val)) { - $val= str_replace('{{slash}}', '\\', $val); + $val = str_replace('{{slash}}', '\\', $val); } } diff --git a/system/libraries/Upload.php b/system/libraries/Upload.php index 96bb17edc..1c14f99ed 100644 --- a/system/libraries/Upload.php +++ b/system/libraries/Upload.php @@ -430,7 +430,7 @@ class CI_Upload { } else { - // An extension was provided, lets have it! + // An extension was provided, let's have it! $this->file_ext = $this->get_extension($this->_file_name_override); } @@ -463,7 +463,8 @@ class CI_Upload { } // Sanitize the file name for security - $this->file_name = $this->clean_file_name($this->file_name); + $CI =& get_instance(); + $this->file_name = $CI->security->sanitize_filename($this->file_name); // Truncate the file name if it's too long if ($this->max_filename > 0) @@ -971,46 +972,6 @@ class CI_Upload { // -------------------------------------------------------------------- /** - * Clean the file name for security - * - * @param string $filename - * @return string - */ - public function clean_file_name($filename) - { - $bad = array( - '<!--', '-->', - "'", '"', - '<', '>', - '&', '$', - '=', - ';', - '?', - '/', - '!', - '#', - '%20', - '%22', - '%3c', // < - '%253c', // < - '%3e', // > - '%0e', // > - '%28', // ( - '%29', // ) - '%2528', // ( - '%26', // & - '%24', // $ - '%3f', // ? - '%3b', // ; - '%3d' // = - ); - - return stripslashes(str_replace($bad, '', $filename)); - } - - // -------------------------------------------------------------------- - - /** * Limit the File Name Length * * @param string $filename @@ -1089,7 +1050,7 @@ class CI_Upload { // <a, <body, <head, <html, <img, <plaintext, <pre, <script, <table, <title // title is basically just in SVG, but we filter it anyhow - // if its an image or no "triggers" detected in the first 256 bytes - we're good + // if it's an image or no "triggers" detected in the first 256 bytes - we're good return ! preg_match('/<(a|body|head|html|img|plaintext|pre|script|table|title)[\s>]/i', $opening_bytes); } @@ -1251,7 +1212,7 @@ class CI_Upload { * Notes: * - the DIRECTORY_SEPARATOR comparison ensures that we're not on a Windows system * - many system admins would disable the exec(), shell_exec(), popen() and similar functions - * due to security concerns, hence the function_exists() checks + * due to security concerns, hence the function_usable() checks */ if (DIRECTORY_SEPARATOR !== '\\') { @@ -1262,7 +1223,7 @@ class CI_Upload { if (function_usable('exec')) { /* This might look confusing, as $mime is being populated with all of the output when set in the second parameter. - * However, we only neeed the last line, which is the actual return value of exec(), and as such - it overwrites + * However, we only need the last line, which is the actual return value of exec(), and as such - it overwrites * anything that could already be set for $mime previously. This effectively makes the second parameter a dummy * value, which is only put to allow us to get the return status code. */ diff --git a/system/libraries/User_agent.php b/system/libraries/User_agent.php index 1f4b2fa52..2f6f81909 100644 --- a/system/libraries/User_agent.php +++ b/system/libraries/User_agent.php @@ -175,15 +175,18 @@ class CI_User_agent { */ protected function _load_agent_file() { - if (defined('ENVIRONMENT') && is_file(APPPATH.'config/'.ENVIRONMENT.'/user_agents.php')) + if (($found = file_exists(APPPATH.'config/user_agents.php'))) { - include(APPPATH.'config/'.ENVIRONMENT.'/user_agents.php'); + include(APPPATH.'config/user_agents.php'); } - elseif (is_file(APPPATH.'config/user_agents.php')) + + if (file_exists(APPPATH.'config/'.ENVIRONMENT.'/user_agents.php')) { - include(APPPATH.'config/user_agents.php'); + include(APPPATH.'config/'.ENVIRONMENT.'/user_agents.php'); + $found = TRUE; } - else + + if ($found !== TRUE) { return FALSE; } diff --git a/system/libraries/Xmlrpcs.php b/system/libraries/Xmlrpcs.php index 465a1967b..2d2e7f13b 100644 --- a/system/libraries/Xmlrpcs.php +++ b/system/libraries/Xmlrpcs.php @@ -31,7 +31,7 @@ if ( ! function_exists('xml_parser_create')) show_error('Your PHP installation does not support XML'); } -if ( ! class_exists('CI_Xmlrpc')) +if ( ! class_exists('CI_Xmlrpc', FALSE)) { show_error('You must load the Xmlrpc class before loading the Xmlrpcs class in order to create a server.'); } |