summaryrefslogtreecommitdiffstats
path: root/system
diff options
context:
space:
mode:
Diffstat (limited to 'system')
-rw-r--r--system/core/Log.php14
-rw-r--r--system/core/Output.php44
-rw-r--r--system/core/Router.php6
-rw-r--r--system/core/URI.php35
-rw-r--r--system/core/Utf8.php2
-rw-r--r--system/helpers/file_helper.php12
-rw-r--r--system/libraries/Email.php11
-rw-r--r--system/libraries/Xmlrpc.php10
-rw-r--r--system/libraries/Zip.php12
9 files changed, 108 insertions, 38 deletions
diff --git a/system/core/Log.php b/system/core/Log.php
index b2327b8f0..63fef2088 100644
--- a/system/core/Log.php
+++ b/system/core/Log.php
@@ -175,10 +175,18 @@ class CI_Log {
return FALSE;
}
- $message .= $level.' '.($level === 'INFO' ? ' -' : '-').' '.date($this->_date_fmt).' --> '.$msg."\n";
+ $message .= $level.' - '.date($this->_date_fmt).' --> '.$msg."\n";
flock($fp, LOCK_EX);
- fwrite($fp, $message);
+
+ for ($written = 0, $length = strlen($message); $written < $length; $written += $result)
+ {
+ if (($result = fwrite($fp, substr($message, $written))) === FALSE)
+ {
+ break;
+ }
+ }
+
flock($fp, LOCK_UN);
fclose($fp);
@@ -187,7 +195,7 @@ class CI_Log {
@chmod($filepath, FILE_WRITE_MODE);
}
- return TRUE;
+ return is_int($result);
}
}
diff --git a/system/core/Output.php b/system/core/Output.php
index 10332f0d8..a7680b3d0 100644
--- a/system/core/Output.php
+++ b/system/core/Output.php
@@ -542,17 +542,26 @@ class CI_Output {
return;
}
- $expire = time() + ($this->cache_expiration * 60);
-
- // Put together our serialized info.
- $cache_info = serialize(array(
- 'expire' => $expire,
- 'headers' => $this->headers
- ));
-
if (flock($fp, LOCK_EX))
{
- fwrite($fp, $cache_info.'ENDCI--->'.$output);
+ $expire = time() + ($this->cache_expiration * 60);
+
+ // Put together our serialized info.
+ $cache_info = serialize(array(
+ 'expire' => $expire,
+ 'headers' => $this->headers
+ ));
+
+ $output = $cache_info.'ENDCI--->'.$output;
+
+ for ($written = 0, $length = strlen($output); $written < $length; $written += $result)
+ {
+ if (($result = fwrite($fp, substr($output, $written))) === FALSE)
+ {
+ break;
+ }
+ }
+
flock($fp, LOCK_UN);
}
else
@@ -560,13 +569,22 @@ class CI_Output {
log_message('error', 'Unable to secure a file lock for file at: '.$cache_path);
return;
}
+
fclose($fp);
- @chmod($cache_path, FILE_WRITE_MODE);
- log_message('debug', 'Cache file written: '.$cache_path);
+ if (is_int($result))
+ {
+ @chmod($cache_path, FILE_WRITE_MODE);
+ log_message('debug', 'Cache file written: '.$cache_path);
- // Send HTTP cache-control headers to browser to match file cache settings.
- $this->set_cache_header($_SERVER['REQUEST_TIME'], $expire);
+ // Send HTTP cache-control headers to browser to match file cache settings.
+ $this->set_cache_header($_SERVER['REQUEST_TIME'], $expire);
+ }
+ else
+ {
+ @unlink($cache_path);
+ log_message('error', 'Unable to write the complete cache content at: '.$cache_path);
+ }
}
// --------------------------------------------------------------------
diff --git a/system/core/Router.php b/system/core/Router.php
index cb44a3ce9..71530ff07 100644
--- a/system/core/Router.php
+++ b/system/core/Router.php
@@ -154,16 +154,16 @@ class CI_Router {
{
if (isset($_GET[$this->config->item('directory_trigger')]) && is_string($_GET[$this->config->item('directory_trigger')]))
{
- $this->set_directory(trim($this->uri->_filter_uri($_GET[$this->config->item('directory_trigger')])));
+ $this->set_directory(trim($this->uri->filter_uri($_GET[$this->config->item('directory_trigger')])));
$segments[] = $this->directory;
}
- $this->set_class(trim($this->uri->_filter_uri($_GET[$this->config->item('controller_trigger')])));
+ $this->set_class(trim($this->uri->filter_uri($_GET[$this->config->item('controller_trigger')])));
$segments[] = $this->class;
if ( ! empty($_GET[$this->config->item('function_trigger')]) && is_string($_GET[$this->config->item('function_trigger')]))
{
- $this->set_method(trim($this->uri->_filter_uri($_GET[$this->config->item('function_trigger')])));
+ $this->set_method(trim($this->uri->filter_uri($_GET[$this->config->item('function_trigger')])));
$segments[] = $this->method;
}
}
diff --git a/system/core/URI.php b/system/core/URI.php
index 5e4c80a00..c83b7a74f 100644
--- a/system/core/URI.php
+++ b/system/core/URI.php
@@ -70,6 +70,15 @@ class CI_URI {
public $rsegments = array();
/**
+ * Permitted URI chars
+ *
+ * PCRE character group allowed in URI segments
+ *
+ * @var string
+ */
+ protected $_permitted_uri_chars;
+
+ /**
* Class constructor
*
* Simply globalizes the $RTR object. The front
@@ -81,6 +90,12 @@ class CI_URI {
public function __construct()
{
$this->config =& load_class('Config', 'core');
+
+ if ($this->config->item('enable_query_strings') !== TRUE OR is_cli())
+ {
+ $this->_permitted_uri_chars = $this->config->item('permitted_uri_chars');
+ }
+
log_message('debug', 'URI Class Initialized');
}
@@ -303,23 +318,19 @@ class CI_URI {
* @param string $str
* @return string
*/
- public function _filter_uri($str)
+ public function filter_uri($str)
{
- if ($str !== '' && $this->config->item('permitted_uri_chars') != '' && $this->config->item('enable_query_strings') === FALSE)
+ if ( ! empty($str) && ! empty($this->_permitted_uri_chars) && ! preg_match('/^['.$this->_permitted_uri_chars.']+$/i'.(UTF8_ENABLED ? 'u' : ''), $str))
{
- // preg_quote() in PHP 5.3 escapes -, so the str_replace() and addition of - to preg_quote() is to maintain backwards
- // compatibility as many are unaware of how characters in the permitted_uri_chars will be parsed as a regex pattern
- if ( ! preg_match('|^['.str_replace(array('\\-', '\-'), '-', preg_quote($this->config->item('permitted_uri_chars'), '-')).']+$|i', $str))
- {
- show_error('The URI you submitted has disallowed characters.', 400);
- }
+ show_error('The URI you submitted has disallowed characters.', 400);
}
// Convert programatic characters to entities and return
return str_replace(
- array('$', '(', ')', '%28', '%29'), // Bad
- array('&#36;', '&#40;', '&#41;', '&#40;', '&#41;'), // Good
- $str);
+ array('$', '(', ')', '%28', '%29'), // Bad
+ array('&#36;', '&#40;', '&#41;', '&#40;', '&#41;'), // Good
+ $str
+ );
}
// --------------------------------------------------------------------
@@ -365,7 +376,7 @@ class CI_URI {
foreach (explode('/', preg_replace('|/*(.+?)/*$|', '\\1', $this->uri_string)) as $val)
{
// Filter segments for security
- $val = trim($this->_filter_uri($val));
+ $val = trim($this->filter_uri($val));
if ($val !== '')
{
diff --git a/system/core/Utf8.php b/system/core/Utf8.php
index a78616d40..828a8aeba 100644
--- a/system/core/Utf8.php
+++ b/system/core/Utf8.php
@@ -66,7 +66,7 @@ class CI_Utf8 {
}
if (
- @preg_match('/./u', 'é') === 1 // PCRE must support UTF-8
+ defined('PREG_BAD_UTF8_ERROR') // PCRE must support UTF-8
&& function_exists('iconv') // iconv must be installed
&& MB_ENABLED === TRUE // mbstring must be enabled
&& $charset === 'UTF-8' // Application charset must be UTF-8
diff --git a/system/helpers/file_helper.php b/system/helpers/file_helper.php
index 4b45a62d0..0587740b1 100644
--- a/system/helpers/file_helper.php
+++ b/system/helpers/file_helper.php
@@ -79,11 +79,19 @@ if ( ! function_exists('write_file'))
}
flock($fp, LOCK_EX);
- fwrite($fp, $data);
+
+ for ($written = 0, $length = strlen($data); $written < $length; $written += $result)
+ {
+ if (($result = fwrite($fp, substr($data, $written))) === FALSE)
+ {
+ break;
+ }
+ }
+
flock($fp, LOCK_UN);
fclose($fp);
- return TRUE;
+ return is_int($result);
}
}
diff --git a/system/libraries/Email.php b/system/libraries/Email.php
index 7e80ffbca..f4efff882 100644
--- a/system/libraries/Email.php
+++ b/system/libraries/Email.php
@@ -2097,7 +2097,16 @@ class CI_Email {
*/
protected function _send_data($data)
{
- if ( ! fwrite($this->_smtp_connect, $data.$this->newline))
+ $data .= $this->newline;
+ for ($written = 0, $length = strlen($data); $written < $length; $written += $result)
+ {
+ if (($result = fwrite($this->_smtp_connect, substr($data, $written))) === FALSE)
+ {
+ break;
+ }
+ }
+
+ if ($result === FALSE)
{
$this->_set_error_message('lang:email_smtp_data_failure', $data);
return FALSE;
diff --git a/system/libraries/Xmlrpc.php b/system/libraries/Xmlrpc.php
index 2fd12599e..ab907e706 100644
--- a/system/libraries/Xmlrpc.php
+++ b/system/libraries/Xmlrpc.php
@@ -724,7 +724,15 @@ class XML_RPC_Client extends CI_Xmlrpc
.'Content-Length: '.strlen($msg->payload).$r.$r
.$msg->payload;
- if ( ! fwrite($fp, $op, strlen($op)))
+ for ($written = 0, $length = strlen($op); $written < $length; $written += $result)
+ {
+ if (($result = fwrite($fp, substr($op, $written))) === FALSE)
+ {
+ break;
+ }
+ }
+
+ if ($result === FALSE)
{
error_log($this->xmlrpcstr['http_error']);
return new XML_RPC_Response(0, $this->xmlrpcerr['http_error'], $this->xmlrpcstr['http_error']);
diff --git a/system/libraries/Zip.php b/system/libraries/Zip.php
index 250ee02cd..b10b0bb0f 100644
--- a/system/libraries/Zip.php
+++ b/system/libraries/Zip.php
@@ -403,11 +403,19 @@ class CI_Zip {
}
flock($fp, LOCK_EX);
- fwrite($fp, $this->get_zip());
+
+ for ($written = 0, $data = $this->get_zip(), $length = strlen($data); $written < $length; $written += $result)
+ {
+ if (($result = fwrite($fp, substr($data, $written))) === FALSE)
+ {
+ break;
+ }
+ }
+
flock($fp, LOCK_UN);
fclose($fp);
- return TRUE;
+ return is_int($result);
}
// --------------------------------------------------------------------
generated by cgit v1.2.3-24-g4f1b (git 2.32.0) at 2024-09-23 07:23:49 +0200