diff options
Diffstat (limited to 'system')
28 files changed, 339 insertions, 187 deletions
diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index 0a1391d18..aca4fb23c 100755 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -39,7 +39,7 @@ * @var string * */ - define('CI_VERSION', '2.0.2'); + define('CI_VERSION', '2.1.0-dev'); /** * CodeIgniter Branch (Core = TRUE, Reactor = FALSE) diff --git a/system/core/Common.php b/system/core/Common.php index db9fbeb9f..d79375475 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -132,9 +132,9 @@ if ( ! function_exists('load_class')) $name = FALSE; - // Look for the class first in the native system/libraries folder - // thenin the local application/libraries folder - foreach (array(BASEPATH, APPPATH) as $path) + // Look for the class first in the local application/libraries folder + // then in the native system/libraries folder + foreach (array(APPPATH, BASEPATH) as $path) { if (file_exists($path.$directory.'/'.$class.'.php')) { @@ -536,5 +536,29 @@ if ( ! function_exists('remove_invisible_characters')) } } +// ------------------------------------------------------------------------ + +/** +* Returns HTML escaped variable +* +* @access public +* @param mixed +* @return mixed +*/ +if ( ! function_exists('html_escape')) +{ + function html_escape($var) + { + if (is_array($var)) + { + return array_map('html_escape', $var); + } + else + { + return htmlspecialchars($var, ENT_QUOTES, config_item('charset')); + } + } +} + /* End of file Common.php */ /* Location: ./system/core/Common.php */
\ No newline at end of file diff --git a/system/core/Input.php b/system/core/Input.php index 5a033e7b8..f39371fb0 100755 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -110,13 +110,13 @@ class CI_Input { * * This is a helper function to retrieve values from global arrays * - * @access private + * @access protected * @param array * @param string * @param bool * @return string */ - function _fetch_from_array(&$array, $index = '', $xss_clean = FALSE) + protected function _fetch_from_array(&$array, $index = '', $xss_clean = FALSE) { if ( ! isset($array[$index])) { @@ -141,7 +141,7 @@ class CI_Input { * @param bool * @return string */ - function get($index = NULL, $xss_clean = FALSE) + public function get($index = NULL, $xss_clean = FALSE) { // Check if a field has been provided if ($index === NULL AND ! empty($_GET)) @@ -169,7 +169,7 @@ class CI_Input { * @param bool * @return string */ - function post($index = NULL, $xss_clean = FALSE) + public function post($index = NULL, $xss_clean = FALSE) { // Check if a field has been provided if ($index === NULL AND ! empty($_POST)) @@ -198,7 +198,7 @@ class CI_Input { * @param bool XSS cleaning * @return string */ - function get_post($index = '', $xss_clean = FALSE) + public function get_post($index = '', $xss_clean = FALSE) { if ( ! isset($_POST[$index]) ) { @@ -220,7 +220,7 @@ class CI_Input { * @param bool * @return string */ - function cookie($index = '', $xss_clean = FALSE) + public function cookie($index = '', $xss_clean = FALSE) { return $this->_fetch_from_array($_COOKIE, $index, $xss_clean); } @@ -243,7 +243,7 @@ class CI_Input { * @param bool true makes the cookie secure * @return void */ - function set_cookie($name = '', $value = '', $expire = '', $domain = '', $path = '/', $prefix = '', $secure = FALSE) + public function set_cookie($name = '', $value = '', $expire = '', $domain = '', $path = '/', $prefix = '', $secure = FALSE) { if (is_array($name)) { @@ -296,7 +296,7 @@ class CI_Input { * @param bool * @return string */ - function server($index = '', $xss_clean = FALSE) + public function server($index = '', $xss_clean = FALSE) { return $this->_fetch_from_array($_SERVER, $index, $xss_clean); } @@ -309,7 +309,7 @@ class CI_Input { * @access public * @return string */ - function ip_address() + public function ip_address() { if ($this->ip_address !== FALSE) { @@ -323,13 +323,13 @@ class CI_Input { $this->ip_address = in_array($_SERVER['REMOTE_ADDR'], $proxies) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR']; } - elseif ($this->server('REMOTE_ADDR') AND $this->server('HTTP_CLIENT_IP')) + elseif (! $this->server('HTTP_CLIENT_IP') AND $this->server('REMOTE_ADDR')) { - $this->ip_address = $_SERVER['HTTP_CLIENT_IP']; + $this->ip_address = $_SERVER['REMOTE_ADDR']; } - elseif ($this->server('REMOTE_ADDR')) + elseif ($this->server('REMOTE_ADDR') AND $this->server('HTTP_CLIENT_IP')) { - $this->ip_address = $_SERVER['REMOTE_ADDR']; + $this->ip_address = $_SERVER['HTTP_CLIENT_IP']; } elseif ($this->server('HTTP_CLIENT_IP')) { @@ -369,10 +369,16 @@ class CI_Input { * * @access public * @param string - * @return string + * @return bool */ - function valid_ip($ip) + public function valid_ip($ip) { + // if php version >= 5.2, use filter_var to check validate ip. + if (function_exists('filter_var')) + { + return (bool) filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4); + } + $ip_segments = explode('.', $ip); // Always 4 segments needed @@ -407,7 +413,7 @@ class CI_Input { * @access public * @return string */ - function user_agent() + public function user_agent() { if ($this->user_agent !== FALSE) { @@ -435,7 +441,7 @@ class CI_Input { * @access private * @return void */ - function _sanitize_globals() + private function _sanitize_globals() { // It would be "wrong" to unset any of these GLOBALS. $protected = array('_SERVER', '_GET', '_POST', '_FILES', '_REQUEST', @@ -536,7 +542,7 @@ class CI_Input { * @param string * @return string */ - function _clean_input_data($str) + private function _clean_input_data($str) { if (is_array($str)) { @@ -594,7 +600,7 @@ class CI_Input { * @param string * @return string */ - function _clean_input_keys($str) + private function _clean_input_keys($str) { if ( ! preg_match("/^[a-z0-9:_\/-]+$/i", $str)) { @@ -618,6 +624,7 @@ class CI_Input { * In Apache, you can simply call apache_request_headers(), however for * people running other webservers the function is undefined. * + * @access public * @param bool XSS cleaning * * @return array @@ -661,6 +668,7 @@ class CI_Input { * * Returns the value of a single member of the headers class member * + * @access public * @param string array key for $this->headers * @param boolean XSS Clean or not * @return mixed FALSE on failure, string on success @@ -692,6 +700,7 @@ class CI_Input { * * Test to see if a request contains the HTTP_X_REQUESTED_WITH header * + * @access public * @return boolean */ public function is_ajax_request() @@ -706,6 +715,7 @@ class CI_Input { * * Test to see if a request was made from the command line * + * @access public * @return boolean */ public function is_cli_request() diff --git a/system/core/Lang.php b/system/core/Lang.php index 5ac671838..d61d1029a 100755 --- a/system/core/Lang.php +++ b/system/core/Lang.php @@ -112,7 +112,7 @@ class CI_Lang { } - if ( ! isset($lang)) + if ( ! isset($lang) OR ! is_array($lang)) { log_message('error', 'Language file contains no data: language/'.$idiom.'/'.$langfile); return; @@ -124,7 +124,7 @@ class CI_Lang { } $this->is_loaded[] = $langfile; - $this->language = array_merge($this->language, $lang); + $this->language = $this->language + $lang; unset($lang); log_message('debug', 'Language file loaded: language/'.$idiom.'/'.$langfile); diff --git a/system/core/Loader.php b/system/core/Loader.php index 452dc0b4c..de0fc06d2 100755 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -1106,7 +1106,7 @@ class CI_Loader { * @param array * @return void */ - private function _ci_autoloader() + protected function _ci_autoloader() { if (defined('ENVIRONMENT') AND file_exists(APPPATH.'config/'.ENVIRONMENT.'/autoload.php')) { diff --git a/system/core/Security.php b/system/core/Security.php index dcc680a11..e99418bdd 100755 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -33,6 +33,7 @@ class CI_Security { * @access protected */ protected $_xss_hash = ''; + /** * Random Hash for Cross Site Request Forgery Protection Cookie * @@ -40,6 +41,7 @@ class CI_Security { * @access protected */ protected $_csrf_hash = ''; + /** * Expiration time for Cross Site Request Forgery Protection Cookie * Defaults to two hours (in seconds) @@ -48,6 +50,7 @@ class CI_Security { * @access protected */ protected $_csrf_expire = 7200; + /** * Token name for Cross Site Request Forgery Protection Cookie * @@ -55,6 +58,7 @@ class CI_Security { * @access protected */ protected $_csrf_token_name = 'ci_csrf_token'; + /** * Cookie name for Cross Site Request Forgery Protection Cookie * @@ -62,12 +66,14 @@ class CI_Security { * @access protected */ protected $_csrf_cookie_name = 'ci_csrf_token'; + /** * List of never allowed strings * * @var array * @access protected */ + protected $_never_allowed_str = array( 'document.cookie' => '[removed]', 'document.write' => '[removed]', @@ -80,7 +86,6 @@ class CI_Security { '<![CDATA[' => '<![CDATA[' ); - /* never allowed, regex replacement */ /** * List of never allowed regex replacement * @@ -134,6 +139,16 @@ class CI_Security { { return $this->csrf_set_cookie(); } + + // Check if URI has been whitelisted from CSRF checks + if ($exclude_uris = config_item('csrf_exclude_uris')) + { + $uri = load_class('URI', 'core'); + if (in_array($uri->uri_string(), $exclude_uris)) + { + return $this; + } + } // Do the tokens exist in both the _POST and _COOKIE arrays? if ( ! isset($_POST[$this->_csrf_token_name]) OR @@ -156,9 +171,9 @@ class CI_Security { unset($_COOKIE[$this->_csrf_cookie_name]); $this->_csrf_set_hash(); $this->csrf_set_cookie(); - - log_message('debug', "CSRF token verified "); - + + log_message('debug', "CSRF token verified"); + return $this; } @@ -510,9 +525,17 @@ class CI_Security { * @param string * @return string */ - public function entity_decode($str, $charset='UTF-8') + public function entity_decode($str, $charset = NULL) { - if (stristr($str, '&') === FALSE) return $str; + if (stristr($str, '&') === FALSE) + { + return $str; + } + + if (empty($charset)) + { + $charset = config_item('charset'); + } // The reason we are not using html_entity_decode() by itself is because // while it is not technically correct to leave out the semicolon @@ -869,7 +892,6 @@ class CI_Security { } } -// END Security Class /* End of file Security.php */ -/* Location: ./system/libraries/Security.php */ +/* Location: ./system/libraries/Security.php */
\ No newline at end of file diff --git a/system/core/URI.php b/system/core/URI.php index a3ae20cc3..8946bc76b 100755 --- a/system/core/URI.php +++ b/system/core/URI.php @@ -175,7 +175,7 @@ class CI_URI { * @access private * @return string */ - private function _detect_uri() + protected function _detect_uri() { if ( ! isset($_SERVER['REQUEST_URI']) OR ! isset($_SERVER['SCRIPT_NAME'])) { @@ -232,7 +232,7 @@ class CI_URI { * @access private * @return string */ - private function _parse_cli_args() + protected function _parse_cli_args() { $args = array_slice($_SERVER['argv'], 1); diff --git a/system/database/DB_active_rec.php b/system/database/DB_active_rec.php index 37d162bc1..7162e2ac5 100644 --- a/system/database/DB_active_rec.php +++ b/system/database/DB_active_rec.php @@ -872,11 +872,11 @@ class CI_DB_active_record extends CI_DB_driver { * @param integer the offset value * @return object */ - public function limit($value, $offset = '') + public function limit($value, $offset = NULL) { $this->ar_limit = (int) $value; - if ($offset != '') + if ( ! is_null($offset)) { $this->ar_offset = (int) $offset; } @@ -894,7 +894,7 @@ class CI_DB_active_record extends CI_DB_driver { */ public function offset($offset) { - $this->ar_offset = $offset; + $this->ar_offset = (int) $offset; return $this; } diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php index f3e824daa..300ca2977 100644 --- a/system/database/DB_driver.php +++ b/system/database/DB_driver.php @@ -251,9 +251,10 @@ class CI_DB_driver { { if ($sql == '') { + log_message('error', 'Invalid query: '.$sql); + if ($this->db_debug) { - log_message('error', 'Invalid query: '.$sql); return $this->display_error('db_invalid_query'); } return FALSE; @@ -306,21 +307,23 @@ class CI_DB_driver { // This will trigger a rollback if transactions are being used $this->_trans_status = FALSE; + // Grab the error number and message now, as we might run some + // additional queries before displaying the error + $error_no = $this->_error_number(); + $error_msg = $this->_error_message(); + + // Log errors + log_message('error', 'Query error: '.$error_msg); + if ($this->db_debug) { - // grab the error number and message now, as we might run some - // additional queries before displaying the error - $error_no = $this->_error_number(); - $error_msg = $this->_error_message(); - // We call this function in order to roll-back queries // if transactions are enabled. If we don't call this here // the error message will trigger an exit, causing the // transactions to remain in limbo. $this->trans_complete(); - // Log and display errors - log_message('error', 'Query error: '.$error_msg); + // Display errors return $this->display_error( array( 'Error Number: '.$error_no, diff --git a/system/database/drivers/mysql/mysql_result.php b/system/database/drivers/mysql/mysql_result.php index 2d2905c98..6ceaf4b9b 100644 --- a/system/database/drivers/mysql/mysql_result.php +++ b/system/database/drivers/mysql/mysql_result.php @@ -86,10 +86,10 @@ class CI_DB_mysql_result extends CI_DB_result { $retval = array(); while ($field = mysql_fetch_object($this->result_id)) { - preg_match('/([a-zA-Z]+)\((\d+)\)/', $field->Type, $matches); + preg_match('/([a-zA-Z]+)(\((\d+)\))?/i', $field->Type, $matches); $type = $matches[1]; - $length = (int)$matches[2]; + $length = isset($matches[3]) ? (int) $matches[3] : NULL; $F = new stdClass(); $F->name = $field->Field; diff --git a/system/database/drivers/mysqli/mysqli_result.php b/system/database/drivers/mysqli/mysqli_result.php index ac863056a..bbfb8481a 100644 --- a/system/database/drivers/mysqli/mysqli_result.php +++ b/system/database/drivers/mysqli/mysqli_result.php @@ -86,10 +86,10 @@ class CI_DB_mysqli_result extends CI_DB_result { $retval = array(); while ($field = mysqli_fetch_object($this->result_id)) { - preg_match('/([a-zA-Z]+)\((\d+)\)/', $field->Type, $matches); + preg_match('/([a-zA-Z]+)(\((\d+)\))?/i', $field->Type, $matches); $type = $matches[1]; - $length = (int)$matches[2]; + $length = isset($matches[3]) ? (int) $matches[3] : NULL; $F = new stdClass(); $F->name = $field->Field; diff --git a/system/database/drivers/oci8/oci8_driver.php b/system/database/drivers/oci8/oci8_driver.php index 42cfaaefb..1cf063ec1 100644 --- a/system/database/drivers/oci8/oci8_driver.php +++ b/system/database/drivers/oci8/oci8_driver.php @@ -79,7 +79,7 @@ class CI_DB_oci8_driver extends CI_DB { */ function db_connect() { - return @ocilogon($this->username, $this->password, $this->hostname); + return @ocilogon($this->username, $this->password, $this->hostname, $this->char_set); } // -------------------------------------------------------------------- @@ -92,7 +92,7 @@ class CI_DB_oci8_driver extends CI_DB { */ function db_pconnect() { - return @ociplogon($this->username, $this->password, $this->hostname); + return @ociplogon($this->username, $this->password, $this->hostname, $this->char_set); } // -------------------------------------------------------------------- @@ -136,7 +136,7 @@ class CI_DB_oci8_driver extends CI_DB { */ function db_set_charset($charset, $collation) { - // @todo - add support if needed + // this is done upon connect return TRUE; } @@ -404,6 +404,7 @@ class CI_DB_oci8_driver extends CI_DB { } $str = remove_invisible_characters($str); + $str = str_replace("'", "''", $str); // escape LIKE condition wildcards if ($like === TRUE) @@ -642,6 +643,34 @@ class CI_DB_oci8_driver extends CI_DB { // -------------------------------------------------------------------- /** + * Insert_batch statement + * + * Generates a platform-specific insert string from the supplied data + * + * @access public + * @param string the table name + * @param array the insert keys + * @param array the insert values + * @return string + */ + function _insert_batch($table, $keys, $values) + { + $keys = implode(', ', $keys); + $sql = "INSERT ALL\n"; + + for ($i = 0, $c = count($values); $i < $c; $i++) + { + $sql .= ' INTO ' . $table . ' (' . $keys . ') VALUES ' . $values[$i] . "\n"; + } + + $sql .= 'SELECT * FROM dual'; + + return $sql; + } + + // -------------------------------------------------------------------- + + /** * Update statement * * Generates a platform-specific update string from the supplied data @@ -775,4 +804,4 @@ class CI_DB_oci8_driver extends CI_DB { /* End of file oci8_driver.php */ -/* Location: ./system/database/drivers/oci8/oci8_driver.php */
\ No newline at end of file +/* Location: ./system/database/drivers/oci8/oci8_driver.php */ diff --git a/system/database/drivers/oci8/oci8_result.php b/system/database/drivers/oci8/oci8_result.php index 88531b436..2713f6f12 100644 --- a/system/database/drivers/oci8/oci8_result.php +++ b/system/database/drivers/oci8/oci8_result.php @@ -42,15 +42,18 @@ class CI_DB_oci8_result extends CI_DB_result { */ function num_rows() { - $rowcount = count($this->result_array()); - @ociexecute($this->stmt_id); - - if ($this->curs_id) + if ($this->num_rows === 0 && count($this->result_array()) > 0) { - @ociexecute($this->curs_id); + $this->num_rows = count($this->result_array()); + @ociexecute($this->stmt_id); + + if ($this->curs_id) + { + @ociexecute($this->curs_id); + } } - return $rowcount; + return $this->num_rows; } // -------------------------------------------------------------------- @@ -246,4 +249,4 @@ class CI_DB_oci8_result extends CI_DB_result { /* End of file oci8_result.php */ -/* Location: ./system/database/drivers/oci8/oci8_result.php */
\ No newline at end of file +/* Location: ./system/database/drivers/oci8/oci8_result.php */ diff --git a/system/database/drivers/odbc/odbc_driver.php b/system/database/drivers/odbc/odbc_driver.php index 5e764e071..08cd27b6c 100644 --- a/system/database/drivers/odbc/odbc_driver.php +++ b/system/database/drivers/odbc/odbc_driver.php @@ -50,7 +50,7 @@ class CI_DB_odbc_driver extends CI_DB { function CI_DB_odbc_driver($params) { - parent::CI_DB($params); + parent::CI_DB_driver($params); $this->_random_keyword = ' RND('.time().')'; // database specific random keyword } diff --git a/system/helpers/date_helper.php b/system/helpers/date_helper.php index 6c559bb25..e14bc2f94 100644 --- a/system/helpers/date_helper.php +++ b/system/helpers/date_helper.php @@ -54,10 +54,8 @@ if ( ! function_exists('now')) return $system_time; } - else - { - return time(); - } + + return time(); } } @@ -85,12 +83,18 @@ if ( ! function_exists('mdate')) function mdate($datestr = '', $time = '') { if ($datestr == '') - return ''; + { + return ''; + } - if ($time == '') - $time = now(); + $time = ($time == '') ? now() : $time; + + $datestr = str_replace( + '%\\', + '', + preg_replace("/([a-z]+?){1}/i", "\\\\\\1", $datestr) + ); - $datestr = str_replace('%\\', '', preg_replace("/([a-z]+?){1}/i", "\\\\\\1", $datestr)); return date($datestr, $time); } } @@ -162,14 +166,7 @@ if ( ! function_exists('timespan')) $time = time(); } - if ($time <= $seconds) - { - $seconds = 1; - } - else - { - $seconds = $time - $seconds; - } + $seconds = ($time <= $seconds) ? 1 : $time - $seconds; $str = ''; $years = floor($seconds / 31536000); @@ -303,9 +300,18 @@ if ( ! function_exists('local_to_gmt')) function local_to_gmt($time = '') { if ($time == '') + { $time = time(); - - return mktime( gmdate("H", $time), gmdate("i", $time), gmdate("s", $time), gmdate("m", $time), gmdate("d", $time), gmdate("Y", $time)); + } + + return mktime( + gmdate("H", $time), + gmdate("i", $time), + gmdate("s", $time), + gmdate("m", $time), + gmdate("d", $time), + gmdate("Y", $time) + ); } } @@ -366,14 +372,14 @@ if ( ! function_exists('mysql_to_unix')) $time = str_replace(' ', '', $time); // YYYYMMDDHHMMSS - return mktime( - substr($time, 8, 2), - substr($time, 10, 2), - substr($time, 12, 2), - substr($time, 4, 2), - substr($time, 6, 2), - substr($time, 0, 4) - ); + return mktime( + substr($time, 8, 2), + substr($time, 10, 2), + substr($time, 12, 2), + substr($time, 4, 2), + substr($time, 6, 2), + substr($time, 0, 4) + ); } } @@ -475,13 +481,19 @@ if ( ! function_exists('human_to_unix')) $ampm = strtolower($split['2']); if (substr($ampm, 0, 1) == 'p' AND $hour < 12) - $hour = $hour + 12; + { + $hour = $hour + 12; + } if (substr($ampm, 0, 1) == 'a' AND $hour == 12) + { $hour = '00'; - + } + if (strlen($hour) == 1) - $hour = '0'.$hour; + { + $hour = '0'.$hour; + } } return mktime($hour, $min, $sec, $month, $day, $year); @@ -501,16 +513,16 @@ if ( ! function_exists('human_to_unix')) */ if ( ! function_exists('nice_date')) { - function nice_date($bad_date='', $format=false) + function nice_date($bad_date = '', $format = FALSE) { if (empty($bad_date)) { return 'Unknown'; } + // Date like: YYYYMM - if (preg_match('/^\d{6}$/',$bad_date)) + if (preg_match('/^\d{6}$/', $bad_date)) { - //echo $bad_date." "; if (in_array(substr($bad_date, 0, 2),array('19', '20'))) { $year = substr($bad_date, 0, 4); @@ -521,8 +533,8 @@ if ( ! function_exists('nice_date')) $month = substr($bad_date, 0, 2); $year = substr($bad_date, 2, 4); } + return date($format, strtotime($year . '-' . $month . '-01')); - } // Date Like: YYYYMMDD @@ -531,6 +543,7 @@ if ( ! function_exists('nice_date')) $month = substr($bad_date, 0, 2); $day = substr($bad_date, 2, 2); $year = substr($bad_date, 4, 4); + return date($format, strtotime($month . '/01/' . $year)); } @@ -574,8 +587,7 @@ if ( ! function_exists('timezone_menu')) $CI =& get_instance(); $CI->lang->load('date'); - if ($default == 'GMT') - $default = 'UTC'; + $default = ($default == 'GMT') ? 'UTC' : $default; $menu = '<select name="'.$name.'"'; @@ -618,60 +630,58 @@ if ( ! function_exists('timezones')) // some items appear to be in the wrong order $zones = array( - 'UM12' => -12, - 'UM11' => -11, - 'UM10' => -10, - 'UM95' => -9.5, - 'UM9' => -9, - 'UM8' => -8, - 'UM7' => -7, - 'UM6' => -6, - 'UM5' => -5, - 'UM45' => -4.5, - 'UM4' => -4, - 'UM35' => -3.5, - 'UM3' => -3, - 'UM2' => -2, - 'UM1' => -1, - 'UTC' => 0, - 'UP1' => +1, - 'UP2' => +2, - 'UP3' => +3, - 'UP35' => +3.5, - 'UP4' => +4, - 'UP45' => +4.5, - 'UP5' => +5, - 'UP55' => +5.5, - 'UP575' => +5.75, - 'UP6' => +6, - 'UP65' => +6.5, - 'UP7' => +7, - 'UP8' => +8, - 'UP875' => +8.75, - 'UP9' => +9, - 'UP95' => +9.5, - 'UP10' => +10, - 'UP105' => +10.5, - 'UP11' => +11, - 'UP115' => +11.5, - 'UP12' => +12, - 'UP1275' => +12.75, - 'UP13' => +13, - 'UP14' => +14 - ); + 'UM12' => -12, + 'UM11' => -11, + 'UM10' => -10, + 'UM95' => -9.5, + 'UM9' => -9, + 'UM8' => -8, + 'UM7' => -7, + 'UM6' => -6, + 'UM5' => -5, + 'UM45' => -4.5, + 'UM4' => -4, + 'UM35' => -3.5, + 'UM3' => -3, + 'UM2' => -2, + 'UM1' => -1, + 'UTC' => 0, + 'UP1' => +1, + 'UP2' => +2, + 'UP3' => +3, + 'UP35' => +3.5, + 'UP4' => +4, + 'UP45' => +4.5, + 'UP5' => +5, + 'UP55' => +5.5, + 'UP575' => +5.75, + 'UP6' => +6, + 'UP65' => +6.5, + 'UP7' => +7, + 'UP8' => +8, + 'UP875' => +8.75, + 'UP9' => +9, + 'UP95' => +9.5, + 'UP10' => +10, + 'UP105' => +10.5, + 'UP11' => +11, + 'UP115' => +11.5, + 'UP12' => +12, + 'UP1275' => +12.75, + 'UP13' => +13, + 'UP14' => +14 + ); if ($tz == '') { return $zones; } - - if ($tz == 'GMT') - $tz = 'UTC'; - + + $tz = ($tz == 'GMT') ? 'UTC' : $tz; + return ( ! isset($zones[$tz])) ? 0 : $zones[$tz]; } } - /* End of file date_helper.php */ /* Location: ./system/helpers/date_helper.php */
\ No newline at end of file diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index d9305c00b..130daee6a 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -642,11 +642,8 @@ if ( ! function_exists('form_prep')) { return $str; } - - $str = htmlspecialchars($str); - - // In case htmlspecialchars misses these. - $str = str_replace(array("'", '"'), array("'", """), $str); + + $str = html_escape($str); if ($field_name != '') { diff --git a/system/helpers/string_helper.php b/system/helpers/string_helper.php index 9fa69f46c..dd8ffaddb 100644 --- a/system/helpers/string_helper.php +++ b/system/helpers/string_helper.php @@ -215,12 +215,9 @@ if ( ! function_exists('random_string')) case 'nozero' : $pool = '123456789'; break; } - - $str = ''; - for ($i=0; $i < $len; $i++) - { - $str .= substr($pool, mt_rand(0, strlen($pool) -1), 1); - } + + $str = substr(str_shuffle(str_repeat($pool, ceil($len/strlen($pool)))),0,$len); + return $str; break; case 'unique' : diff --git a/system/helpers/typography_helper.php b/system/helpers/typography_helper.php index 19b4eec03..82e686e53 100644 --- a/system/helpers/typography_helper.php +++ b/system/helpers/typography_helper.php @@ -39,9 +39,7 @@ if ( ! function_exists('nl2br_except_pre')) function nl2br_except_pre($str) { $CI =& get_instance(); - $CI->load->library('typography'); - return $CI->typography->nl2br_except_pre($str); } } @@ -82,9 +80,15 @@ if ( ! function_exists('auto_typography')) */ if ( ! function_exists('entity_decode')) { - function entity_decode($str, $charset='UTF-8') + function entity_decode($str, $charset = NULL) { global $SEC; + + if (empty($charset)) + { + $charset = config_item('charset'); + } + return $SEC->entity_decode($str, $charset); } } diff --git a/system/helpers/url_helper.php b/system/helpers/url_helper.php index 9f4b85248..c524dddd1 100644..100755 --- a/system/helpers/url_helper.php +++ b/system/helpers/url_helper.php @@ -512,7 +512,7 @@ if ( ! function_exists('url_title')) $str = strtolower($str); } - return trim(stripslashes($str)); + return trim(trim(stripslashes($str)), $replace); } } @@ -527,7 +527,7 @@ if ( ! function_exists('url_title')) * * @access public * @param string the URL - * @param string the method: location or redirect + * @param string the method: location or refresh * @return string */ if ( ! function_exists('redirect')) diff --git a/system/language/english/migration_lang.php b/system/language/english/migration_lang.php index 4763ca243..94cb882fb 100644 --- a/system/language/english/migration_lang.php +++ b/system/language/english/migration_lang.php @@ -5,7 +5,7 @@ $lang['migration_not_found'] = "This migration could not be found."; $lang['migration_multiple_version'] = "This are multiple migrations with the same version number: %d."; $lang['migration_class_doesnt_exist'] = "The migration class \"%s\" could not be found."; $lang['migration_missing_up_method'] = "The migration class \"%s\" is missing an 'up' method."; -$lang['migration_missing_down_method'] = "The migration class \"%s\" is missing an 'up' method."; +$lang['migration_missing_down_method'] = "The migration class \"%s\" is missing a 'down' method."; $lang['migration_invalid_filename'] = "Migration \"%s\" has an invalid filename."; diff --git a/system/libraries/Cache/drivers/Cache_file.php b/system/libraries/Cache/drivers/Cache_file.php index 6c37e7005..2a89faf09 100644 --- a/system/libraries/Cache/drivers/Cache_file.php +++ b/system/libraries/Cache/drivers/Cache_file.php @@ -107,7 +107,14 @@ class CI_Cache_file extends CI_Driver { */ public function delete($id) { - return unlink($this->_cache_path.$id); + if (file_exists($this->_cache_path.$id)) + { + return unlink($this->_cache_path.$id); + } + else + { + return FALSE; + } } // ------------------------------------------------------------------------ @@ -192,4 +199,4 @@ class CI_Cache_file extends CI_Driver { // End Class /* End of file Cache_file.php */ -/* Location: ./system/libraries/Cache/drivers/Cache_file.php */
\ No newline at end of file +/* Location: ./system/libraries/Cache/drivers/Cache_file.php */ diff --git a/system/libraries/Email.php b/system/libraries/Email.php index 28a3d17b4..c8cb8549e 100644 --- a/system/libraries/Email.php +++ b/system/libraries/Email.php @@ -138,6 +138,7 @@ class CI_Email { * Initialize the Email Data * * @access public + * @param bool * @return void */ public function clear($clear_attachments = FALSE) diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php index a34809e05..c78583f4f 100644 --- a/system/libraries/Form_validation.php +++ b/system/libraries/Form_validation.php @@ -1079,7 +1079,7 @@ class CI_Form_validation { * * @access public * @param string - * @return string + * @return bool */ public function valid_ip($ip) { diff --git a/system/libraries/Image_lib.php b/system/libraries/Image_lib.php index 8902f524d..a8a0387d8 100644 --- a/system/libraries/Image_lib.php +++ b/system/libraries/Image_lib.php @@ -1334,7 +1334,7 @@ class CI_Image_lib { return FALSE; } - $vals = @getimagesize($path); + $vals = getimagesize($path); $types = array(1 => 'gif', 2 => 'jpeg', 3 => 'png'); diff --git a/system/libraries/Migration.php b/system/libraries/Migration.php index 3943ec130..840cefe08 100644 --- a/system/libraries/Migration.php +++ b/system/libraries/Migration.php @@ -32,7 +32,9 @@ class CI_Migration { protected $_migration_enabled = FALSE; protected $_migration_path = NULL; protected $_migration_version = 0; - + protected $_migration_table = 'migrations'; + protected $_migration_auto_latest = FALSE; + protected $_error_string = ''; public function __construct($config = array()) @@ -57,7 +59,7 @@ class CI_Migration { } // If not set, set it - $this->_migration_path == '' OR $this->_migration_path = APPPATH . 'migrations/'; + $this->_migration_path == '' AND $this->_migration_path = APPPATH . 'migrations/'; // Add trailing slash if not set $this->_migration_path = rtrim($this->_migration_path, '/').'/'; @@ -68,16 +70,31 @@ class CI_Migration { // They'll probably be using dbforge $this->load->dbforge(); + // Make sure the migration table name was set. + if (empty($this->_migration_table)) + { + show_error('Migrations configuration file (migration.php) must have "migration_table" set.'); + } + // If the migrations table is missing, make it - if ( ! $this->db->table_exists('migrations')) + if ( ! $this->db->table_exists($this->_migration_table)) { $this->dbforge->add_field(array( 'version' => array('type' => 'INT', 'constraint' => 3), )); - $this->dbforge->create_table('migrations', TRUE); + $this->dbforge->create_table($this->_migration_table, TRUE); - $this->db->insert('migrations', array('version' => 0)); + $this->db->insert($this->_migration_table, array('version' => 0)); + } + + // Do we auto migrate to the latest migration? + if ( $this->_migration_auto_latest == TRUE ) + { + if ( ! $this->latest() ) + { + show_error($this->error_string()); + } } } @@ -299,7 +316,7 @@ class CI_Migration { */ protected function _get_version() { - $row = $this->db->get('migrations')->row(); + $row = $this->db->get($this->_migration_table)->row(); return $row ? $row->version : 0; } @@ -314,7 +331,7 @@ class CI_Migration { */ protected function _update_version($migrations) { - return $this->db->update('migrations', array( + return $this->db->update($this->_migration_table, array( 'version' => $migrations )); } diff --git a/system/libraries/Pagination.php b/system/libraries/Pagination.php index cc62e660b..eff754a1b 100644 --- a/system/libraries/Pagination.php +++ b/system/libraries/Pagination.php @@ -34,6 +34,7 @@ class CI_Pagination { var $per_page = 10; // Max number of items you want shown per page var $num_links = 2; // Number of "digit" links to show before/after the currently viewed page var $cur_page = 0; // The current page being viewed + var $use_page_numbers = FALSE; // Use page number for segment instead of offset var $first_link = '‹ First'; var $next_link = '>'; var $prev_link = '<'; @@ -128,12 +129,15 @@ class CI_Pagination { return ''; } + // Set the base page index for starting page number + $base_page = ($this->use_page_numbers) ? 1 : 0; + // Determine the current page number. $CI =& get_instance(); if ($CI->config->item('enable_query_strings') === TRUE OR $this->page_query_string === TRUE) { - if ($CI->input->get($this->query_string_segment) != 0) + if ($CI->input->get($this->query_string_segment) != $base_page) { $this->cur_page = $CI->input->get($this->query_string_segment); @@ -143,7 +147,7 @@ class CI_Pagination { } else { - if ($CI->uri->segment($this->uri_segment) != 0) + if ($CI->uri->segment($this->uri_segment) != $base_page) { $this->cur_page = $CI->uri->segment($this->uri_segment); @@ -151,6 +155,12 @@ class CI_Pagination { $this->cur_page = (int) $this->cur_page; } } + + // Set current page to 1 if using page numbers instead of offset + if ($this->use_page_numbers AND $this->cur_page == 0) + { + $this->cur_page = $base_page; + } $this->num_links = (int)$this->num_links; @@ -161,18 +171,32 @@ class CI_Pagination { if ( ! is_numeric($this->cur_page)) { - $this->cur_page = 0; + $this->cur_page = $base_page; } // Is the page number beyond the result range? // If so we show the last page - if ($this->cur_page > $this->total_rows) + if ($this->use_page_numbers) { - $this->cur_page = ($num_pages - 1) * $this->per_page; + if ($this->cur_page > $num_pages) + { + $this->cur_page = $num_pages; + } + } + else + { + if ($this->cur_page > $this->total_rows) + { + $this->cur_page = ($num_pages - 1) * $this->per_page; + } } $uri_page_number = $this->cur_page; - $this->cur_page = floor(($this->cur_page/$this->per_page) + 1); + + if ( ! $this->use_page_numbers) + { + $this->cur_page = floor(($this->cur_page/$this->per_page) + 1); + } // Calculate the start and end numbers. These determine // which number to start and end the digit links with @@ -203,9 +227,9 @@ class CI_Pagination { // Render the "previous" link if ($this->prev_link !== FALSE AND $this->cur_page != 1) { - $i = $uri_page_number - $this->per_page; + $i = ($this->use_page_numbers) ? $uri_page_number - 1 : $uri_page_number - $this->per_page; - if ($i == 0 && $this->first_url != '') + if (($i == 0 OR ($this->use_page_numbers && $i == 1)) AND $this->first_url != '') { $output .= $this->prev_tag_open.'<a '.$this->anchor_class.'href="'.$this->first_url.'">'.$this->prev_link.'</a>'.$this->prev_tag_close; } @@ -223,9 +247,9 @@ class CI_Pagination { // Write the digit links for ($loop = $start -1; $loop <= $end; $loop++) { - $i = ($loop * $this->per_page) - $this->per_page; + $i = ($this->use_page_numbers) ? $loop : ($loop * $this->per_page) - $this->per_page; - if ($i >= 0) + if ($i >= $base_page) { if ($this->cur_page == $loop) { @@ -233,7 +257,7 @@ class CI_Pagination { } else { - $n = ($i == 0) ? '' : $i; + $n = ($i == $base_page) ? '' : $i; if ($n == '' && $this->first_url != '') { @@ -253,13 +277,16 @@ class CI_Pagination { // Render the "next" link if ($this->next_link !== FALSE AND $this->cur_page < $num_pages) { - $output .= $this->next_tag_open.'<a '.$this->anchor_class.'href="'.$this->base_url.$this->prefix.($this->cur_page * $this->per_page).$this->suffix.'">'.$this->next_link.'</a>'.$this->next_tag_close; + $i = ($this->use_page_numbers) ? $this->cur_page + 1 : $this->cur_page * $this->per_page; + + $output .= $this->next_tag_open.'<a '.$this->anchor_class.'href="'.$this->base_url.$this->prefix.$i.$this->suffix.'">'.$this->next_link.'</a>'.$this->next_tag_close; } // Render the "Last" link if ($this->last_link !== FALSE AND ($this->cur_page + $this->num_links) < $num_pages) { - $i = (($num_pages * $this->per_page) - $this->per_page); + $i = ($this->use_page_numbers) ? $num_pages : ($num_pages * $this->per_page) - $this->per_page; + $output .= $this->last_tag_open.'<a '.$this->anchor_class.'href="'.$this->base_url.$this->prefix.$i.$this->suffix.'">'.$this->last_link.'</a>'.$this->last_tag_close; } diff --git a/system/libraries/Profiler.php b/system/libraries/Profiler.php index 330acce73..ac58129a9 100644 --- a/system/libraries/Profiler.php +++ b/system/libraries/Profiler.php @@ -506,7 +506,7 @@ class CI_Profiler { foreach ($this->CI->session->all_userdata() as $key => $val) { - if (is_array($val)) + if (is_array($val) || is_object($val)) { $val = print_r($val, TRUE); } diff --git a/system/libraries/Session.php b/system/libraries/Session.php index 2c8a80163..8ee08c5b2 100644 --- a/system/libraries/Session.php +++ b/system/libraries/Session.php @@ -317,7 +317,8 @@ class CI_Session { 'session_id' => md5(uniqid($sessid, TRUE)), 'ip_address' => $this->CI->input->ip_address(), 'user_agent' => substr($this->CI->input->user_agent(), 0, 120), - 'last_activity' => $this->now + 'last_activity' => $this->now, + 'user_data' => '' ); |