summaryrefslogtreecommitdiffstats
path: root/system
diff options
context:
space:
mode:
Diffstat (limited to 'system')
-rw-r--r--system/core/CodeIgniter.php2
-rw-r--r--system/core/Common.php99
-rw-r--r--system/core/Config.php14
-rw-r--r--system/core/Hooks.php2
-rw-r--r--system/core/Input.php50
-rw-r--r--system/core/Loader.php52
-rw-r--r--system/core/Log.php9
-rw-r--r--system/core/Security.php39
-rw-r--r--system/core/URI.php68
-rw-r--r--system/core/compat/hash.php51
-rw-r--r--system/core/compat/index.html3
-rw-r--r--system/core/compat/mbstring.php2
-rw-r--r--system/core/index.html3
-rw-r--r--system/database/DB.php6
-rw-r--r--system/database/DB_driver.php9
-rw-r--r--system/database/DB_query_builder.php12
-rw-r--r--system/database/drivers/cubrid/cubrid_driver.php4
-rw-r--r--system/database/drivers/cubrid/index.html3
-rw-r--r--system/database/drivers/ibase/index.html3
-rw-r--r--system/database/drivers/index.html3
-rw-r--r--system/database/drivers/mssql/index.html3
-rw-r--r--system/database/drivers/mysql/index.html3
-rw-r--r--system/database/drivers/mysql/mysql_driver.php4
-rw-r--r--system/database/drivers/mysqli/index.html3
-rw-r--r--system/database/drivers/mysqli/mysqli_driver.php4
-rw-r--r--system/database/drivers/oci8/index.html3
-rw-r--r--system/database/drivers/oci8/oci8_driver.php4
-rw-r--r--system/database/drivers/odbc/index.html3
-rw-r--r--system/database/drivers/pdo/index.html3
-rw-r--r--system/database/drivers/pdo/pdo_driver.php4
-rw-r--r--system/database/drivers/pdo/subdrivers/index.html3
-rw-r--r--system/database/drivers/postgre/index.html3
-rw-r--r--system/database/drivers/postgre/postgre_driver.php4
-rw-r--r--system/database/drivers/sqlite/index.html3
-rw-r--r--system/database/drivers/sqlite3/index.html3
-rw-r--r--system/database/drivers/sqlsrv/index.html3
-rw-r--r--system/database/drivers/sqlsrv/sqlsrv_driver.php4
-rw-r--r--system/database/index.html3
-rw-r--r--system/fonts/index.html3
-rw-r--r--system/helpers/index.html3
-rw-r--r--system/index.html3
-rw-r--r--system/language/english/index.html3
-rw-r--r--system/language/index.html3
-rw-r--r--system/libraries/Cache/drivers/Cache_redis.php10
-rw-r--r--system/libraries/Cache/drivers/Cache_wincache.php2
-rw-r--r--system/libraries/Cache/drivers/index.html3
-rw-r--r--system/libraries/Cache/index.html3
-rw-r--r--system/libraries/Calendar.php6
-rw-r--r--system/libraries/Email.php2
-rw-r--r--system/libraries/Encryption.php2
-rw-r--r--system/libraries/Form_validation.php14
-rw-r--r--system/libraries/Javascript/index.html3
-rw-r--r--system/libraries/Session/Session.php12
-rw-r--r--system/libraries/Session/drivers/Session_database_driver.php8
-rw-r--r--system/libraries/Session/drivers/Session_files_driver.php10
-rw-r--r--system/libraries/Session/drivers/Session_memcached_driver.php34
-rw-r--r--system/libraries/Session/drivers/Session_redis_driver.php44
-rw-r--r--system/libraries/Session/drivers/index.html3
-rw-r--r--system/libraries/Session/index.html3
-rw-r--r--system/libraries/Xmlrpcs.php29
-rw-r--r--system/libraries/Zip.php2
-rw-r--r--system/libraries/index.html3
62 files changed, 372 insertions, 330 deletions
diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php
index d830c1829..ddf322749 100644
--- a/system/core/CodeIgniter.php
+++ b/system/core/CodeIgniter.php
@@ -55,7 +55,7 @@ defined('BASEPATH') OR exit('No direct script access allowed');
* @var string
*
*/
- define('CI_VERSION', '3.0-dev');
+ define('CI_VERSION', '3.0.1-dev');
/*
* ------------------------------------------------------
diff --git a/system/core/Common.php b/system/core/Common.php
index 9f509745f..f28272b5b 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -492,59 +492,63 @@ if ( ! function_exists('set_status_header'))
*/
function set_status_header($code = 200, $text = '')
{
- $stati = array(
- 200 => 'OK',
- 201 => 'Created',
- 202 => 'Accepted',
- 203 => 'Non-Authoritative Information',
- 204 => 'No Content',
- 205 => 'Reset Content',
- 206 => 'Partial Content',
-
- 300 => 'Multiple Choices',
- 301 => 'Moved Permanently',
- 302 => 'Found',
- 303 => 'See Other',
- 304 => 'Not Modified',
- 305 => 'Use Proxy',
- 307 => 'Temporary Redirect',
-
- 400 => 'Bad Request',
- 401 => 'Unauthorized',
- 403 => 'Forbidden',
- 404 => 'Not Found',
- 405 => 'Method Not Allowed',
- 406 => 'Not Acceptable',
- 407 => 'Proxy Authentication Required',
- 408 => 'Request Timeout',
- 409 => 'Conflict',
- 410 => 'Gone',
- 411 => 'Length Required',
- 412 => 'Precondition Failed',
- 413 => 'Request Entity Too Large',
- 414 => 'Request-URI Too Long',
- 415 => 'Unsupported Media Type',
- 416 => 'Requested Range Not Satisfiable',
- 417 => 'Expectation Failed',
- 422 => 'Unprocessable Entity',
-
- 500 => 'Internal Server Error',
- 501 => 'Not Implemented',
- 502 => 'Bad Gateway',
- 503 => 'Service Unavailable',
- 504 => 'Gateway Timeout',
- 505 => 'HTTP Version Not Supported'
- );
+ if (is_cli())
+ {
+ return;
+ }
if (empty($code) OR ! is_numeric($code))
{
show_error('Status codes must be numeric', 500);
}
- is_int($code) OR $code = (int) $code;
-
if (empty($text))
{
+ is_int($code) OR $code = (int) $code;
+ $stati = array(
+ 200 => 'OK',
+ 201 => 'Created',
+ 202 => 'Accepted',
+ 203 => 'Non-Authoritative Information',
+ 204 => 'No Content',
+ 205 => 'Reset Content',
+ 206 => 'Partial Content',
+
+ 300 => 'Multiple Choices',
+ 301 => 'Moved Permanently',
+ 302 => 'Found',
+ 303 => 'See Other',
+ 304 => 'Not Modified',
+ 305 => 'Use Proxy',
+ 307 => 'Temporary Redirect',
+
+ 400 => 'Bad Request',
+ 401 => 'Unauthorized',
+ 403 => 'Forbidden',
+ 404 => 'Not Found',
+ 405 => 'Method Not Allowed',
+ 406 => 'Not Acceptable',
+ 407 => 'Proxy Authentication Required',
+ 408 => 'Request Timeout',
+ 409 => 'Conflict',
+ 410 => 'Gone',
+ 411 => 'Length Required',
+ 412 => 'Precondition Failed',
+ 413 => 'Request Entity Too Large',
+ 414 => 'Request-URI Too Long',
+ 415 => 'Unsupported Media Type',
+ 416 => 'Requested Range Not Satisfiable',
+ 417 => 'Expectation Failed',
+ 422 => 'Unprocessable Entity',
+
+ 500 => 'Internal Server Error',
+ 501 => 'Not Implemented',
+ 502 => 'Bad Gateway',
+ 503 => 'Service Unavailable',
+ 504 => 'Gateway Timeout',
+ 505 => 'HTTP Version Not Supported'
+ );
+
if (isset($stati[$code]))
{
$text = $stati[$code];
@@ -737,6 +741,11 @@ if ( ! function_exists('html_escape'))
*/
function html_escape($var, $double_encode = TRUE)
{
+ if (empty($var))
+ {
+ return $var;
+ }
+
if (is_array($var))
{
return array_map('html_escape', $var, array_fill(0, count($var), $double_encode));
diff --git a/system/core/Config.php b/system/core/Config.php
index a191a7727..d07000ac9 100644
--- a/system/core/Config.php
+++ b/system/core/Config.php
@@ -123,10 +123,9 @@ class CI_Config {
foreach ($this->_config_paths as $path)
{
- foreach (array($file, ENVIRONMENT.'/'.$file) as $location)
+ foreach (array($file, ENVIRONMENT.DIRECTORY_SEPARATOR.$file) as $location)
{
$file_path = $path.'config/'.$location.'.php';
-
if (in_array($file_path, $this->is_loaded, TRUE))
{
return TRUE;
@@ -165,14 +164,13 @@ class CI_Config {
$loaded = TRUE;
log_message('debug', 'Config file loaded: '.$file_path);
}
-
- if ($loaded === TRUE)
- {
- return TRUE;
- }
}
- if ($fail_gracefully === TRUE)
+ if ($loaded === TRUE)
+ {
+ return TRUE;
+ }
+ elseif ($fail_gracefully === TRUE)
{
return FALSE;
}
diff --git a/system/core/Hooks.php b/system/core/Hooks.php
index 08479b133..3b4fb2250 100644
--- a/system/core/Hooks.php
+++ b/system/core/Hooks.php
@@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed');
* @subpackage Libraries
* @category Libraries
* @author EllisLab Dev Team
- * @link http://codeigniter.com/user_guide/libraries/encryption.html
+ * @link http://codeigniter.com/user_guide/general/hooks.html
*/
class CI_Hooks {
diff --git a/system/core/Input.php b/system/core/Input.php
index fae3b6c08..12332cf51 100644
--- a/system/core/Input.php
+++ b/system/core/Input.php
@@ -55,7 +55,7 @@ class CI_Input {
*
* @var string
*/
- public $ip_address = FALSE;
+ protected $ip_address = FALSE;
/**
* Allow GET array flag
@@ -104,14 +104,28 @@ class CI_Input {
protected $headers = array();
/**
- * Input stream data
+ * Raw input stream data
+ *
+ * Holds a cache of php://input contents
+ *
+ * @var string
+ */
+ protected $_raw_input_stream;
+
+ /**
+ * Parsed input stream data
*
* Parsed from php://input at runtime
*
* @see CI_Input::input_stream()
* @var array
*/
- protected $_input_stream = NULL;
+ protected $_input_stream;
+
+ protected $security;
+ protected $uni;
+
+ // --------------------------------------------------------------------
/**
* Class constructor
@@ -313,7 +327,8 @@ class CI_Input {
// so we'll need to check if we have already done that first.
if ( ! is_array($this->_input_stream))
{
- parse_str(file_get_contents('php://input'), $this->_input_stream);
+ // $this->raw_input_stream will trigger __get().
+ parse_str($this->raw_input_stream, $this->_input_stream);
is_array($this->_input_stream) OR $this->_input_stream = array();
}
@@ -475,9 +490,9 @@ class CI_Input {
)
);
- for ($i = 0; $i < 8; $i++)
+ for ($j = 0; $j < 8; $j++)
{
- $ip[$i] = intval($ip[$i], 16);
+ $ip[$j] = intval($ip[$j], 16);
}
$sprintf = '%016b%016b%016b%016b%016b%016b%016b%016b';
@@ -846,4 +861,27 @@ class CI_Input {
: strtolower($this->server('REQUEST_METHOD'));
}
+ // ------------------------------------------------------------------------
+
+ /**
+ * Magic __get()
+ *
+ * Allows read access to protected properties
+ *
+ * @param string $name
+ * @return mixed
+ */
+ public function __get($name)
+ {
+ if ($name === 'raw_input_stream')
+ {
+ isset($this->_raw_input_stream) OR $this->_raw_input_stream = file_get_contents('php://input');
+ return $this->_raw_input_stream;
+ }
+ elseif ($name === 'ip_address')
+ {
+ return $this->ip_address;
+ }
+ }
+
}
diff --git a/system/core/Loader.php b/system/core/Loader.php
index b2eeb3b1d..9205ad1b6 100644
--- a/system/core/Loader.php
+++ b/system/core/Loader.php
@@ -1079,17 +1079,26 @@ class CI_Loader {
log_message('debug', $library_name.' class already loaded. Second attempt ignored.');
return;
}
- elseif (file_exists(APPPATH.'libraries/'.$file_path.$library_name.'.php'))
+
+ $paths = $this->_ci_library_paths;
+ array_pop($paths); // BASEPATH
+ array_pop($paths); // APPPATH (needs to be the first path checked)
+ array_unshift($paths, APPPATH);
+
+ foreach ($paths as $path)
{
- // Override
- include_once(APPPATH.'libraries/'.$file_path.$library_name.'.php');
- if (class_exists($prefix.$library_name, FALSE))
- {
- return $this->_ci_init_library($library_name, $prefix, $params, $object_name);
- }
- else
+ if (file_exists($path = $path.'libraries/'.$file_path.$library_name.'.php'))
{
- log_message('debug', APPPATH.'libraries/'.$file_path.$library_name.'.php exists, but does not declare '.$prefix.$library_name);
+ // Override
+ include_once($path);
+ if (class_exists($prefix.$library_name, FALSE))
+ {
+ return $this->_ci_init_library($library_name, $prefix, $params, $object_name);
+ }
+ else
+ {
+ log_message('debug', $path.' exists, but does not declare '.$prefix.$library_name);
+ }
}
}
@@ -1097,16 +1106,20 @@ class CI_Loader {
// Check for extensions
$subclass = config_item('subclass_prefix').$library_name;
- if (file_exists(APPPATH.'libraries/'.$file_path.$subclass.'.php'))
+ foreach ($paths as $path)
{
- include_once(APPPATH.'libraries/'.$file_path.$subclass.'.php');
- if (class_exists($subclass, FALSE))
+ if (file_exists($path = $path.'libraries/'.$file_path.$subclass.'.php'))
{
- $prefix = config_item('subclass_prefix');
- }
- else
- {
- log_message('debug', APPPATH.'libraries/'.$file_path.$subclass.'.php exists, but does not declare '.$subclass);
+ include_once($path);
+ if (class_exists($subclass, FALSE))
+ {
+ $prefix = config_item('subclass_prefix');
+ break;
+ }
+ else
+ {
+ log_message('debug', $path.' exists, but does not declare '.$subclass);
+ }
}
}
@@ -1294,10 +1307,7 @@ class CI_Loader {
}
// Load all other libraries
- foreach ($autoload['libraries'] as $item)
- {
- $this->library($item);
- }
+ $this->library($autoload['libraries']);
}
// Autoload models
diff --git a/system/core/Log.php b/system/core/Log.php
index 833316273..e8cb401f5 100644
--- a/system/core/Log.php
+++ b/system/core/Log.php
@@ -70,13 +70,6 @@ class CI_Log {
protected $_threshold = 1;
/**
- * Highest level of logging
- *
- * @var int
- */
- protected $_threshold_max = 0;
-
- /**
* Array of threshold levels to log
*
* @var array
@@ -139,7 +132,7 @@ class CI_Log {
}
elseif (is_array($config['log_threshold']))
{
- $this->_threshold = $this->_threshold_max;
+ $this->_threshold = 0;
$this->_threshold_array = array_flip($config['log_threshold']);
}
diff --git a/system/core/Security.php b/system/core/Security.php
index 7c18c7406..9cef42439 100644
--- a/system/core/Security.php
+++ b/system/core/Security.php
@@ -639,7 +639,7 @@ class CI_Security {
$str_compare = $str;
// Decode standard entities, avoiding false positives
- if ($c = preg_match_all('/&[a-z]{2,}(?![a-z;])/i', $str, $matches))
+ if (preg_match_all('/&[a-z]{2,}(?![a-z;])/i', $str, $matches))
{
if ( ! isset($_entities))
{
@@ -656,7 +656,7 @@ class CI_Security {
{
$_entities[':'] = '&colon;';
$_entities['('] = '&lpar;';
- $_entities[')'] = '&rpar';
+ $_entities[')'] = '&rpar;';
$_entities["\n"] = '&newline;';
$_entities["\t"] = '&tab;';
}
@@ -664,11 +664,11 @@ class CI_Security {
$replace = array();
$matches = array_unique(array_map('strtolower', $matches[0]));
- for ($i = 0; $i < $c; $i++)
+ foreach ($matches as &$match)
{
- if (($char = array_search($matches[$i].';', $_entities, TRUE)) !== FALSE)
+ if (($char = array_search($match.';', $_entities, TRUE)) !== FALSE)
{
- $replace[$matches[$i]] = $char;
+ $replace[$match] = $char;
}
}
@@ -772,7 +772,7 @@ class CI_Security {
*/
protected function _remove_evil_attributes($str, $is_image)
{
- $evil_attributes = array('on\w*', 'style', 'xmlns', 'formaction', 'form', 'xlink:href');
+ $evil_attributes = array('on\w*', 'style', 'xmlns', 'formaction', 'form', 'xlink:href', 'FSCommand', 'seekSegmentTime');
if ($is_image === TRUE)
{
@@ -784,30 +784,15 @@ class CI_Security {
}
do {
- $count = 0;
- $attribs = array();
+ $count = $temp_count = 0;
- // find occurrences of illegal attribute strings with quotes (042 and 047 are octal quotes)
- preg_match_all('/(?<!\w)('.implode('|', $evil_attributes).')\s*=\s*(\042|\047)([^\\2]*?)(\\2)/is', $str, $matches, PREG_SET_ORDER);
-
- foreach ($matches as $attr)
- {
- $attribs[] = preg_quote($attr[0], '/');
- }
+ // replace occurrences of illegal attribute strings with quotes (042 and 047 are octal quotes)
+ $str = preg_replace('/(<[^>]+)(?<!\w)('.implode('|', $evil_attributes).')\s*=\s*(\042|\047)([^\\2]*?)(\\2)/is', '$1[removed]', $str, -1, $temp_count);
+ $count += $temp_count;
// find occurrences of illegal attribute strings without quotes
- preg_match_all('/(?<!\w)('.implode('|', $evil_attributes).')\s*=\s*([^\s>]*)/is', $str, $matches, PREG_SET_ORDER);
-
- foreach ($matches as $attr)
- {
- $attribs[] = preg_quote($attr[0], '/');
- }
-
- // replace illegal attribute strings that are inside an html tag
- if (count($attribs) > 0)
- {
- $str = preg_replace('/(<?)(\/?[^><]+?)([^A-Za-z<>\-])(.*?)('.implode('|', $attribs).')(.*?)([\s><]?)([><]*)/i', '$1$2 $4$6$7$8', $str, -1, $count);
- }
+ $str = preg_replace('/(<[^>]+)(?<!\w)('.implode('|', $evil_attributes).')\s*=\s*([^\s>]*)/is', '$1[removed]', $str, -1, $temp_count);
+ $count += $temp_count;
}
while ($count);
diff --git a/system/core/URI.php b/system/core/URI.php
index 9bc34ace7..2211e3665 100644
--- a/system/core/URI.php
+++ b/system/core/URI.php
@@ -107,37 +107,34 @@ class CI_URI {
$this->_permitted_uri_chars = $this->config->item('permitted_uri_chars');
// If it's a CLI request, ignore the configuration
- if (is_cli() OR ($protocol = strtoupper($this->config->item('uri_protocol'))) === 'CLI')
+ if (is_cli())
{
- $this->_set_uri_string($this->_parse_argv());
+ $uri = $this->_parse_argv();
}
- elseif ($protocol === 'AUTO')
+ else
{
- // Is there a PATH_INFO variable? This should be the easiest solution.
- if (isset($_SERVER['PATH_INFO']))
- {
- $this->_set_uri_string($_SERVER['PATH_INFO']);
- }
- // No PATH_INFO? Let's try REQUST_URI or QUERY_STRING then
- elseif (($uri = $this->_parse_request_uri()) !== '' OR ($uri = $this->_parse_query_string()) !== '')
- {
- $this->_set_uri_string($uri);
- }
- // As a last ditch effor, let's try using the $_GET array
- elseif (is_array($_GET) && count($_GET) === 1 && trim(key($_GET), '/') !== '')
+ $protocol = $this->config->item('uri_protocol');
+ empty($protocol) && $protocol = 'REQUEST_URI';
+
+ switch ($protocol)
{
- $this->_set_uri_string(key($_GET));
+ case 'AUTO': // For BC purposes only
+ case 'REQUEST_URI':
+ $uri = $this->_parse_request_uri();
+ break;
+ case 'QUERY_STRING':
+ $uri = $this->_parse_query_string();
+ break;
+ case 'PATH_INFO':
+ default:
+ $uri = isset($_SERVER[$protocol])
+ ? $_SERVER[$protocol]
+ : $this->_parse_request_uri();
+ break;
}
}
- elseif (method_exists($this, ($method = '_parse_'.strtolower($protocol))))
- {
- $this->_set_uri_string($this->$method());
- }
- else
- {
- $uri = isset($_SERVER[$protocol]) ? $_SERVER[$protocol] : @getenv($protocol);
- $this->_set_uri_string($uri);
- }
+
+ $this->_set_uri_string($uri);
}
log_message('info', 'URI Class Initialized');
@@ -206,15 +203,18 @@ class CI_URI {
$uri = parse_url($_SERVER['REQUEST_URI']);
$query = isset($uri['query']) ? $uri['query'] : '';
- $uri = isset($uri['path']) ? rawurldecode($uri['path']) : '';
+ $uri = isset($uri['path']) ? $uri['path'] : '';
- if (strpos($uri, $_SERVER['SCRIPT_NAME']) === 0)
- {
- $uri = (string) substr($uri, strlen($_SERVER['SCRIPT_NAME']));
- }
- elseif (strpos($uri, dirname($_SERVER['SCRIPT_NAME'])) === 0)
+ if (isset($_SERVER['SCRIPT_NAME'][0]))
{
- $uri = (string) substr($uri, strlen(dirname($_SERVER['SCRIPT_NAME'])));
+ if (strpos($uri, $_SERVER['SCRIPT_NAME']) === 0)
+ {
+ $uri = (string) substr($uri, strlen($_SERVER['SCRIPT_NAME']));
+ }
+ elseif (strpos($uri, dirname($_SERVER['SCRIPT_NAME'])) === 0)
+ {
+ $uri = (string) substr($uri, strlen(dirname($_SERVER['SCRIPT_NAME'])));
+ }
}
// This section ensures that even on servers that require the URI to be in the query string (Nginx) a correct
@@ -222,7 +222,7 @@ class CI_URI {
if (trim($uri, '/') === '' && strncmp($query, '/', 1) === 0)
{
$query = explode('?', $query, 2);
- $uri = rawurldecode($query[0]);
+ $uri = $query[0];
$_SERVER['QUERY_STRING'] = isset($query[1]) ? $query[1] : '';
}
else
@@ -262,7 +262,7 @@ class CI_URI {
{
$uri = explode('?', $uri, 2);
$_SERVER['QUERY_STRING'] = isset($uri[1]) ? $uri[1] : '';
- $uri = rawurldecode($uri[0]);
+ $uri = $uri[0];
}
parse_str($_SERVER['QUERY_STRING'], $_GET);
diff --git a/system/core/compat/hash.php b/system/core/compat/hash.php
index 477535dca..15954559c 100644
--- a/system/core/compat/hash.php
+++ b/system/core/compat/hash.php
@@ -174,9 +174,56 @@ if ( ! function_exists('hash_pbkdf2'))
}
$hash_length = strlen(hash($algo, NULL, TRUE));
- if (empty($length))
+ empty($length) && $length = $hash_length;
+
+ // Pre-hash password inputs longer than the algorithm's block size
+ // (i.e. prepare HMAC key) to mitigate potential DoS attacks.
+ static $block_sizes;
+ empty($block_sizes) && $block_sizes = array(
+ 'gost' => 32,
+ 'haval128,3' => 128,
+ 'haval160,3' => 128,
+ 'haval192,3' => 128,
+ 'haval224,3' => 128,
+ 'haval256,3' => 128,
+ 'haval128,4' => 128,
+ 'haval160,4' => 128,
+ 'haval192,4' => 128,
+ 'haval224,4' => 128,
+ 'haval256,4' => 128,
+ 'haval128,5' => 128,
+ 'haval160,5' => 128,
+ 'haval192,5' => 128,
+ 'haval224,5' => 128,
+ 'haval256,5' => 128,
+ 'md2' => 16,
+ 'md4' => 64,
+ 'md5' => 64,
+ 'ripemd128' => 64,
+ 'ripemd160' => 64,
+ 'ripemd256' => 64,
+ 'ripemd320' => 64,
+ 'salsa10' => 64,
+ 'salsa20' => 64,
+ 'sha1' => 64,
+ 'sha224' => 64,
+ 'sha256' => 64,
+ 'sha384' => 128,
+ 'sha512' => 128,
+ 'snefru' => 32,
+ 'snefru256' => 32,
+ 'tiger128,3' => 64,
+ 'tiger160,3' => 64,
+ 'tiger192,3' => 64,
+ 'tiger128,4' => 64,
+ 'tiger160,4' => 64,
+ 'tiger192,4' => 64,
+ 'whirlpool' => 64
+ );
+
+ if (isset($block_sizes[$algo]) && strlen($password) > $block_sizes[$algo])
{
- $length = $hash_length;
+ $password = hash($algo, $password, TRUE);
}
$hash = '';
diff --git a/system/core/compat/index.html b/system/core/compat/index.html
index c942a79ce..b702fbc39 100644
--- a/system/core/compat/index.html
+++ b/system/core/compat/index.html
@@ -1,3 +1,4 @@
+<!DOCTYPE html>
<html>
<head>
<title>403 Forbidden</title>
@@ -7,4 +8,4 @@
<p>Directory access is forbidden.</p>
</body>
-</html> \ No newline at end of file
+</html>
diff --git a/system/core/compat/mbstring.php b/system/core/compat/mbstring.php
index ddb2bae47..e335c85f7 100644
--- a/system/core/compat/mbstring.php
+++ b/system/core/compat/mbstring.php
@@ -92,7 +92,7 @@ if ( ! function_exists('mb_strpos'))
* WARNING: This function WILL fall-back to strpos()
* if iconv is not available!
*
- * @link http://php.net/mb_strpos()
+ * @link http://php.net/mb_strpos
* @param string $haystack
* @param string $needle
* @param int $offset
diff --git a/system/core/index.html b/system/core/index.html
index c942a79ce..b702fbc39 100644
--- a/system/core/index.html
+++ b/system/core/index.html
@@ -1,3 +1,4 @@
+<!DOCTYPE html>
<html>
<head>
<title>403 Forbidden</title>
@@ -7,4 +8,4 @@
<p>Directory access is forbidden.</p>
</body>
-</html> \ No newline at end of file
+</html>
diff --git a/system/database/DB.php b/system/database/DB.php
index 8ea7ca6fa..0c7cf54b3 100644
--- a/system/database/DB.php
+++ b/system/database/DB.php
@@ -213,10 +213,6 @@ function &DB($params = '', $query_builder_override = NULL)
}
}
- if ($DB->autoinit === TRUE)
- {
- $DB->initialize();
- }
-
+ $DB->initialize();
return $DB;
}
diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php
index bbe65b410..3d35c2d70 100644
--- a/system/database/DB_driver.php
+++ b/system/database/DB_driver.php
@@ -124,15 +124,6 @@ abstract class CI_DB_driver {
public $dbcollat = 'utf8_general_ci';
/**
- * Auto-init flag
- *
- * Whether to automatically initialize the DB connection.
- *
- * @var bool
- */
- public $autoinit = TRUE;
-
- /**
* Encryption flag/data
*
* @var mixed
diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php
index 79cbfb3ad..a77ed57d0 100644
--- a/system/database/DB_query_builder.php
+++ b/system/database/DB_query_builder.php
@@ -925,6 +925,9 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
? $this->_group_get_type('') : $this->_group_get_type($type);
$v = $this->escape_like_str($v);
+
+ // lowercase $side for in case of UPPERCASE string
+ $side = strtolower($side);
if ($side === 'none')
{
@@ -1353,9 +1356,10 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
* returned by an Query Builder query.
*
* @param string
+ * @param bool the reset clause
* @return int
*/
- public function count_all_results($table = '')
+ public function count_all_results($table = '', $reset = TRUE)
{
if ($table !== '')
{
@@ -1366,7 +1370,11 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
$result = ($this->qb_distinct === TRUE)
? $this->query($this->_count_string.$this->protect_identifiers('numrows')."\nFROM (\n".$this->_compile_select()."\n) CI_count_all_results")
: $this->query($this->_compile_select($this->_count_string.$this->protect_identifiers('numrows')));
- $this->_reset_select();
+
+ if ($reset === TRUE)
+ {
+ $this->_reset_select();
+ }
if ($result->num_rows() === 0)
{
diff --git a/system/database/drivers/cubrid/cubrid_driver.php b/system/database/drivers/cubrid/cubrid_driver.php
index 402117978..f80b4db54 100644
--- a/system/database/drivers/cubrid/cubrid_driver.php
+++ b/system/database/drivers/cubrid/cubrid_driver.php
@@ -163,10 +163,6 @@ class CI_DB_cubrid_driver extends CI_DB {
{
return $this->data_cache['version'];
}
- elseif ( ! $this->conn_id)
- {
- $this->initialize();
- }
return ( ! $this->conn_id OR ($version = cubrid_get_server_info($this->conn_id)) === FALSE)
? FALSE
diff --git a/system/database/drivers/cubrid/index.html b/system/database/drivers/cubrid/index.html
index c942a79ce..b702fbc39 100644
--- a/system/database/drivers/cubrid/index.html
+++ b/system/database/drivers/cubrid/index.html
@@ -1,3 +1,4 @@
+<!DOCTYPE html>
<html>
<head>
<title>403 Forbidden</title>
@@ -7,4 +8,4 @@
<p>Directory access is forbidden.</p>
</body>
-</html> \ No newline at end of file
+</html>
diff --git a/system/database/drivers/ibase/index.html b/system/database/drivers/ibase/index.html
index c942a79ce..b702fbc39 100644
--- a/system/database/drivers/ibase/index.html
+++ b/system/database/drivers/ibase/index.html
@@ -1,3 +1,4 @@
+<!DOCTYPE html>
<html>
<head>
<title>403 Forbidden</title>
@@ -7,4 +8,4 @@
<p>Directory access is forbidden.</p>
</body>
-</html> \ No newline at end of file
+</html>
diff --git a/system/database/drivers/index.html b/system/database/drivers/index.html
index c942a79ce..b702fbc39 100644
--- a/system/database/drivers/index.html
+++ b/system/database/drivers/index.html
@@ -1,3 +1,4 @@
+<!DOCTYPE html>
<html>
<head>
<title>403 Forbidden</title>
@@ -7,4 +8,4 @@
<p>Directory access is forbidden.</p>
</body>
-</html> \ No newline at end of file
+</html>
diff --git a/system/database/drivers/mssql/index.html b/system/database/drivers/mssql/index.html
index c942a79ce..b702fbc39 100644
--- a/system/database/drivers/mssql/index.html
+++ b/system/database/drivers/mssql/index.html
@@ -1,3 +1,4 @@
+<!DOCTYPE html>
<html>
<head>
<title>403 Forbidden</title>
@@ -7,4 +8,4 @@
<p>Directory access is forbidden.</p>
</body>
-</html> \ No newline at end of file
+</html>
diff --git a/system/database/drivers/mysql/index.html b/system/database/drivers/mysql/index.html
index c942a79ce..b702fbc39 100644
--- a/system/database/drivers/mysql/index.html
+++ b/system/database/drivers/mysql/index.html
@@ -1,3 +1,4 @@
+<!DOCTYPE html>
<html>
<head>
<title>403 Forbidden</title>
@@ -7,4 +8,4 @@
<p>Directory access is forbidden.</p>
</body>
-</html> \ No newline at end of file
+</html>
diff --git a/system/database/drivers/mysql/mysql_driver.php b/system/database/drivers/mysql/mysql_driver.php
index f8e9b6d61..df0f24920 100644
--- a/system/database/drivers/mysql/mysql_driver.php
+++ b/system/database/drivers/mysql/mysql_driver.php
@@ -223,10 +223,6 @@ class CI_DB_mysql_driver extends CI_DB {
{
return $this->data_cache['version'];
}
- elseif ( ! $this->conn_id)
- {
- $this->initialize();
- }
if ( ! $this->conn_id OR ($version = mysql_get_server_info($this->conn_id)) === FALSE)
{
diff --git a/system/database/drivers/mysqli/index.html b/system/database/drivers/mysqli/index.html
index c942a79ce..b702fbc39 100644
--- a/system/database/drivers/mysqli/index.html
+++ b/system/database/drivers/mysqli/index.html
@@ -1,3 +1,4 @@
+<!DOCTYPE html>
<html>
<head>
<title>403 Forbidden</title>
@@ -7,4 +8,4 @@
<p>Directory access is forbidden.</p>
</body>
-</html> \ No newline at end of file
+</html>
diff --git a/system/database/drivers/mysqli/mysqli_driver.php b/system/database/drivers/mysqli/mysqli_driver.php
index 22a8ba678..e953db052 100644
--- a/system/database/drivers/mysqli/mysqli_driver.php
+++ b/system/database/drivers/mysqli/mysqli_driver.php
@@ -204,10 +204,6 @@ class CI_DB_mysqli_driver extends CI_DB {
{
return $this->data_cache['version'];
}
- elseif ( ! $this->conn_id)
- {
- $this->initialize();
- }
return $this->data_cache['version'] = $this->conn_id->server_info;
}
diff --git a/system/database/drivers/oci8/index.html b/system/database/drivers/oci8/index.html
index c942a79ce..b702fbc39 100644
--- a/system/database/drivers/oci8/index.html
+++ b/system/database/drivers/oci8/index.html
@@ -1,3 +1,4 @@
+<!DOCTYPE html>
<html>
<head>
<title>403 Forbidden</title>
@@ -7,4 +8,4 @@
<p>Directory access is forbidden.</p>
</body>
-</html> \ No newline at end of file
+</html>
diff --git a/system/database/drivers/oci8/oci8_driver.php b/system/database/drivers/oci8/oci8_driver.php
index b87b41112..4010995a1 100644
--- a/system/database/drivers/oci8/oci8_driver.php
+++ b/system/database/drivers/oci8/oci8_driver.php
@@ -243,10 +243,6 @@ class CI_DB_oci8_driver extends CI_DB {
{
return $this->data_cache['version'];
}
- elseif ( ! $this->conn_id)
- {
- $this->initialize();
- }
if ( ! $this->conn_id OR ($version = oci_server_version($this->conn_id)) === FALSE)
{
diff --git a/system/database/drivers/odbc/index.html b/system/database/drivers/odbc/index.html
index c942a79ce..b702fbc39 100644
--- a/system/database/drivers/odbc/index.html
+++ b/system/database/drivers/odbc/index.html
@@ -1,3 +1,4 @@
+<!DOCTYPE html>
<html>
<head>
<title>403 Forbidden</title>
@@ -7,4 +8,4 @@
<p>Directory access is forbidden.</p>
</body>
-</html> \ No newline at end of file
+</html>
diff --git a/system/database/drivers/pdo/index.html b/system/database/drivers/pdo/index.html
index c942a79ce..b702fbc39 100644
--- a/system/database/drivers/pdo/index.html
+++ b/system/database/drivers/pdo/index.html
@@ -1,3 +1,4 @@
+<!DOCTYPE html>
<html>
<head>
<title>403 Forbidden</title>
@@ -7,4 +8,4 @@
<p>Directory access is forbidden.</p>
</body>
-</html> \ No newline at end of file
+</html>
diff --git a/system/database/drivers/pdo/pdo_driver.php b/system/database/drivers/pdo/pdo_driver.php
index 68aeb0eef..cc77e9568 100644
--- a/system/database/drivers/pdo/pdo_driver.php
+++ b/system/database/drivers/pdo/pdo_driver.php
@@ -156,10 +156,6 @@ class CI_DB_pdo_driver extends CI_DB {
{
return $this->data_cache['version'];
}
- elseif ( ! $this->conn_id)
- {
- $this->initialize();
- }
// Not all subdrivers support the getAttribute() method
try
diff --git a/system/database/drivers/pdo/subdrivers/index.html b/system/database/drivers/pdo/subdrivers/index.html
index c942a79ce..b702fbc39 100644
--- a/system/database/drivers/pdo/subdrivers/index.html
+++ b/system/database/drivers/pdo/subdrivers/index.html
@@ -1,3 +1,4 @@
+<!DOCTYPE html>
<html>
<head>
<title>403 Forbidden</title>
@@ -7,4 +8,4 @@
<p>Directory access is forbidden.</p>
</body>
-</html> \ No newline at end of file
+</html>
diff --git a/system/database/drivers/postgre/index.html b/system/database/drivers/postgre/index.html
index c942a79ce..b702fbc39 100644
--- a/system/database/drivers/postgre/index.html
+++ b/system/database/drivers/postgre/index.html
@@ -1,3 +1,4 @@
+<!DOCTYPE html>
<html>
<head>
<title>403 Forbidden</title>
@@ -7,4 +8,4 @@
<p>Directory access is forbidden.</p>
</body>
-</html> \ No newline at end of file
+</html>
diff --git a/system/database/drivers/postgre/postgre_driver.php b/system/database/drivers/postgre/postgre_driver.php
index 3f3e3f018..7be07c3bf 100644
--- a/system/database/drivers/postgre/postgre_driver.php
+++ b/system/database/drivers/postgre/postgre_driver.php
@@ -213,10 +213,6 @@ class CI_DB_postgre_driver extends CI_DB {
{
return $this->data_cache['version'];
}
- elseif ( ! $this->conn_id)
- {
- $this->initialize();
- }
if ( ! $this->conn_id OR ($pg_version = pg_version($this->conn_id)) === FALSE)
{
diff --git a/system/database/drivers/sqlite/index.html b/system/database/drivers/sqlite/index.html
index c942a79ce..b702fbc39 100644
--- a/system/database/drivers/sqlite/index.html
+++ b/system/database/drivers/sqlite/index.html
@@ -1,3 +1,4 @@
+<!DOCTYPE html>
<html>
<head>
<title>403 Forbidden</title>
@@ -7,4 +8,4 @@
<p>Directory access is forbidden.</p>
</body>
-</html> \ No newline at end of file
+</html>
diff --git a/system/database/drivers/sqlite3/index.html b/system/database/drivers/sqlite3/index.html
index c942a79ce..b702fbc39 100644
--- a/system/database/drivers/sqlite3/index.html
+++ b/system/database/drivers/sqlite3/index.html
@@ -1,3 +1,4 @@
+<!DOCTYPE html>
<html>
<head>
<title>403 Forbidden</title>
@@ -7,4 +8,4 @@
<p>Directory access is forbidden.</p>
</body>
-</html> \ No newline at end of file
+</html>
diff --git a/system/database/drivers/sqlsrv/index.html b/system/database/drivers/sqlsrv/index.html
index c942a79ce..b702fbc39 100644
--- a/system/database/drivers/sqlsrv/index.html
+++ b/system/database/drivers/sqlsrv/index.html
@@ -1,3 +1,4 @@
+<!DOCTYPE html>
<html>
<head>
<title>403 Forbidden</title>
@@ -7,4 +8,4 @@
<p>Directory access is forbidden.</p>
</body>
-</html> \ No newline at end of file
+</html>
diff --git a/system/database/drivers/sqlsrv/sqlsrv_driver.php b/system/database/drivers/sqlsrv/sqlsrv_driver.php
index 8f17c8f96..16f77fab2 100644
--- a/system/database/drivers/sqlsrv/sqlsrv_driver.php
+++ b/system/database/drivers/sqlsrv/sqlsrv_driver.php
@@ -292,10 +292,6 @@ class CI_DB_sqlsrv_driver extends CI_DB {
{
return $this->data_cache['version'];
}
- elseif ( ! $this->conn_id)
- {
- $this->initialize();
- }
if ( ! $this->conn_id OR ($info = sqlsrv_server_info($this->conn_id)) === FALSE)
{
diff --git a/system/database/index.html b/system/database/index.html
index c942a79ce..b702fbc39 100644
--- a/system/database/index.html
+++ b/system/database/index.html
@@ -1,3 +1,4 @@
+<!DOCTYPE html>
<html>
<head>
<title>403 Forbidden</title>
@@ -7,4 +8,4 @@
<p>Directory access is forbidden.</p>
</body>
-</html> \ No newline at end of file
+</html>
diff --git a/system/fonts/index.html b/system/fonts/index.html
index c942a79ce..b702fbc39 100644
--- a/system/fonts/index.html
+++ b/system/fonts/index.html
@@ -1,3 +1,4 @@
+<!DOCTYPE html>
<html>
<head>
<title>403 Forbidden</title>
@@ -7,4 +8,4 @@
<p>Directory access is forbidden.</p>
</body>
-</html> \ No newline at end of file
+</html>
diff --git a/system/helpers/index.html b/system/helpers/index.html
index c942a79ce..b702fbc39 100644
--- a/system/helpers/index.html
+++ b/system/helpers/index.html
@@ -1,3 +1,4 @@
+<!DOCTYPE html>
<html>
<head>
<title>403 Forbidden</title>
@@ -7,4 +8,4 @@
<p>Directory access is forbidden.</p>
</body>
-</html> \ No newline at end of file
+</html>
diff --git a/system/index.html b/system/index.html
index c942a79ce..b702fbc39 100644
--- a/system/index.html
+++ b/system/index.html
@@ -1,3 +1,4 @@
+<!DOCTYPE html>
<html>
<head>
<title>403 Forbidden</title>
@@ -7,4 +8,4 @@
<p>Directory access is forbidden.</p>
</body>
-</html> \ No newline at end of file
+</html>
diff --git a/system/language/english/index.html b/system/language/english/index.html
index c942a79ce..b702fbc39 100644
--- a/system/language/english/index.html
+++ b/system/language/english/index.html
@@ -1,3 +1,4 @@
+<!DOCTYPE html>
<html>
<head>
<title>403 Forbidden</title>
@@ -7,4 +8,4 @@
<p>Directory access is forbidden.</p>
</body>
-</html> \ No newline at end of file
+</html>
diff --git a/system/language/index.html b/system/language/index.html
index c942a79ce..b702fbc39 100644
--- a/system/language/index.html
+++ b/system/language/index.html
@@ -1,3 +1,4 @@
+<!DOCTYPE html>
<html>
<head>
<title>403 Forbidden</title>
@@ -7,4 +8,4 @@
<p>Directory access is forbidden.</p>
</body>
-</html> \ No newline at end of file
+</html>
diff --git a/system/libraries/Cache/drivers/Cache_redis.php b/system/libraries/Cache/drivers/Cache_redis.php
index f2a41cc67..a35fbf6d2 100644
--- a/system/libraries/Cache/drivers/Cache_redis.php
+++ b/system/libraries/Cache/drivers/Cache_redis.php
@@ -111,7 +111,7 @@ class CI_Cache_redis extends CI_Driver
{
if (is_array($data) OR is_object($data))
{
- if ( ! $this->_redis->sAdd('_ci_redis_serialized', $id))
+ if ( ! $this->_redis->sIsMember('_ci_redis_serialized', $id) && ! $this->_redis->sAdd('_ci_redis_serialized', $id))
{
return FALSE;
}
@@ -243,15 +243,13 @@ class CI_Cache_redis extends CI_Driver
*/
public function is_supported()
{
- if (extension_loaded('redis'))
- {
- return $this->_setup_redis();
- }
- else
+ if ( ! extension_loaded('redis'))
{
log_message('debug', 'The Redis extension must be loaded to use Redis cache.');
return FALSE;
}
+
+ return $this->_setup_redis();
}
// ------------------------------------------------------------------------
diff --git a/system/libraries/Cache/drivers/Cache_wincache.php b/system/libraries/Cache/drivers/Cache_wincache.php
index 528b2b9bf..9cc6ff016 100644
--- a/system/libraries/Cache/drivers/Cache_wincache.php
+++ b/system/libraries/Cache/drivers/Cache_wincache.php
@@ -194,7 +194,7 @@ class CI_Cache_wincache extends CI_Driver {
*/
public function is_supported()
{
- if ( ! extension_loaded('wincache'))
+ if ( ! extension_loaded('wincache') OR ! ini_get('wincache.ucenabled'))
{
log_message('debug', 'The Wincache PHP extension must be loaded to use Wincache Cache.');
return FALSE;
diff --git a/system/libraries/Cache/drivers/index.html b/system/libraries/Cache/drivers/index.html
index c942a79ce..b702fbc39 100644
--- a/system/libraries/Cache/drivers/index.html
+++ b/system/libraries/Cache/drivers/index.html
@@ -1,3 +1,4 @@
+<!DOCTYPE html>
<html>
<head>
<title>403 Forbidden</title>
@@ -7,4 +8,4 @@
<p>Directory access is forbidden.</p>
</body>
-</html> \ No newline at end of file
+</html>
diff --git a/system/libraries/Cache/index.html b/system/libraries/Cache/index.html
index c942a79ce..b702fbc39 100644
--- a/system/libraries/Cache/index.html
+++ b/system/libraries/Cache/index.html
@@ -1,3 +1,4 @@
+<!DOCTYPE html>
<html>
<head>
<title>403 Forbidden</title>
@@ -7,4 +8,4 @@
<p>Directory access is forbidden.</p>
</body>
-</html> \ No newline at end of file
+</html>
diff --git a/system/libraries/Calendar.php b/system/libraries/Calendar.php
index 014daac58..f6a0c39c4 100644
--- a/system/libraries/Calendar.php
+++ b/system/libraries/Calendar.php
@@ -130,11 +130,7 @@ class CI_Calendar {
public function __construct($config = array())
{
$this->CI =& get_instance();
-
- if ( ! in_array('calendar_lang.php', $this->CI->lang->is_loaded, TRUE))
- {
- $this->CI->lang->load('calendar');
- }
+ $this->CI->lang->load('calendar');
empty($config) OR $this->initialize($config);
diff --git a/system/libraries/Email.php b/system/libraries/Email.php
index 45c5c09b9..66b5803dd 100644
--- a/system/libraries/Email.php
+++ b/system/libraries/Email.php
@@ -405,7 +405,7 @@ class CI_Email {
* @param array $config = array()
* @return void
*/
- public function __construct($config = array())
+ public function __construct(array $config = array())
{
$this->charset = config_item('charset');
diff --git a/system/libraries/Encryption.php b/system/libraries/Encryption.php
index e3e68139a..f3e039881 100644
--- a/system/libraries/Encryption.php
+++ b/system/libraries/Encryption.php
@@ -121,7 +121,7 @@ class CI_Encryption {
);
/**
- * List of supported HMAC algorightms
+ * List of supported HMAC algorithms
*
* name => digest size pairs
*
diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php
index f161b40e7..05de59628 100644
--- a/system/libraries/Form_validation.php
+++ b/system/libraries/Form_validation.php
@@ -831,7 +831,7 @@ class CI_Form_validation {
// DEPRECATED support for non-prefixed keys
&& FALSE === ($line = $this->CI->lang->line($rule, FALSE)))
{
- $line = $this->CI->lang->line('form_validation_error_message_not_set');
+ $line = $this->CI->lang->line('form_validation_error_message_not_set').'('.$rule.')';
}
}
else
@@ -1151,9 +1151,7 @@ class CI_Form_validation {
return FALSE;
}
- return (MB_ENABLED === TRUE)
- ? ($val <= mb_strlen($str))
- : ($val <= strlen($str));
+ return ($val <= mb_strlen($str));
}
// --------------------------------------------------------------------
@@ -1172,9 +1170,7 @@ class CI_Form_validation {
return FALSE;
}
- return (MB_ENABLED === TRUE)
- ? ($val >= mb_strlen($str))
- : ($val >= strlen($str));
+ return ($val >= mb_strlen($str));
}
// --------------------------------------------------------------------
@@ -1193,9 +1189,7 @@ class CI_Form_validation {
return FALSE;
}
- return (MB_ENABLED === TRUE)
- ? (mb_strlen($str) === (int) $val)
- : (strlen($str) === (int) $val);
+ return (mb_strlen($str) === (int) $val);
}
// --------------------------------------------------------------------
diff --git a/system/libraries/Javascript/index.html b/system/libraries/Javascript/index.html
index c942a79ce..b702fbc39 100644
--- a/system/libraries/Javascript/index.html
+++ b/system/libraries/Javascript/index.html
@@ -1,3 +1,4 @@
+<!DOCTYPE html>
<html>
<head>
<title>403 Forbidden</title>
@@ -7,4 +8,4 @@
<p>Directory access is forbidden.</p>
</body>
-</html> \ No newline at end of file
+</html>
diff --git a/system/libraries/Session/Session.php b/system/libraries/Session/Session.php
index de9b1e829..0549fef66 100644
--- a/system/libraries/Session/Session.php
+++ b/system/libraries/Session/Session.php
@@ -94,10 +94,7 @@ class CI_Session {
$this->_driver = 'database';
}
- if (($class = $this->_ci_load_classes($this->_driver)) === FALSE)
- {
- return;
- }
+ $class = $this->_ci_load_classes($this->_driver);
// Configuration ...
$this->_configure($params);
@@ -230,8 +227,7 @@ class CI_Session {
if ( ! class_exists('CI_'.$class, FALSE) && ! class_exists($class, FALSE))
{
- log_message('error', "Session: Configured driver '".$driver."' was not found. Aborting.");
- return FALSE;
+ throw new UnexpectedValueException("Session: Configured driver '".$driver."' was not found. Aborting.");
}
}
@@ -314,7 +310,7 @@ class CI_Session {
$this->_config = $params;
// Security is king
- ini_set('session.use_trans_id', 0);
+ ini_set('session.use_trans_sid', 0);
ini_set('session.use_strict_mode', 1);
ini_set('session.use_cookies', 1);
ini_set('session.use_only_cookies', 1);
@@ -873,7 +869,7 @@ class CI_Session {
public function set_tempdata($data, $value = NULL, $ttl = 300)
{
$this->set_userdata($data, $value);
- $this->mark_as_temp($data, $ttl);
+ $this->mark_as_temp(is_array($data) ? array_keys($data) : $data, $ttl);
}
// ------------------------------------------------------------------------
diff --git a/system/libraries/Session/drivers/Session_database_driver.php b/system/libraries/Session/drivers/Session_database_driver.php
index 20cec00fd..1d01c2923 100644
--- a/system/libraries/Session/drivers/Session_database_driver.php
+++ b/system/libraries/Session/drivers/Session_database_driver.php
@@ -93,6 +93,10 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan
{
throw new Exception('Configured database connection is persistent. Aborting.');
}
+ elseif ($this->_db->cache_on)
+ {
+ throw new Exception('Configured database connection has cache enabled. Aborting.');
+ }
$db_driver = $this->_db->dbdriver.(empty($this->_db->subdriver) ? '' : '_'.$this->_db->subdriver);
if (strpos($db_driver, 'mysql') !== FALSE)
@@ -122,7 +126,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan
public function open($save_path, $name)
{
return empty($this->_db->conn_id)
- ? ( ! $this->_db->autoinit && $this->_db->db_connect())
+ ? (bool) $this->_db->db_connect()
: TRUE;
}
@@ -319,7 +323,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan
if ($this->_platform === 'mysql')
{
$arg = $session_id.($this->_config['match_ip'] ? '_'.$_SERVER['REMOTE_ADDR'] : '');
- if ($this->_db->query("SELECT GET_LOCK('".$arg."', 10) AS ci_session_lock")->row()->ci_session_lock)
+ if ($this->_db->query("SELECT GET_LOCK('".$arg."', 300) AS ci_session_lock")->row()->ci_session_lock)
{
$this->_lock = $arg;
return TRUE;
diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php
index 5852277e8..45da91c46 100644
--- a/system/libraries/Session/drivers/Session_files_driver.php
+++ b/system/libraries/Session/drivers/Session_files_driver.php
@@ -299,7 +299,9 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle
{
if ($this->close())
{
- return unlink($this->_file_path.$session_id) && $this->_cookie_destroy();
+ return file_exists($this->_file_path.$session_id)
+ ? (unlink($this->_file_path.$session_id) && $this->_cookie_destroy())
+ : TRUE;
}
elseif ($this->_file_path !== NULL)
{
@@ -324,7 +326,7 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle
*/
public function gc($maxlifetime)
{
- if ( ! is_dir($this->_config['save_path']) OR ($files = scandir($this->_config['save_path'])) === FALSE)
+ if ( ! is_dir($this->_config['save_path']) OR ($directory = opendir($this->_config['save_path'])) === FALSE)
{
log_message('debug', "Session: Garbage collector couldn't list files under directory '".$this->_config['save_path']."'.");
return FALSE;
@@ -338,7 +340,7 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle
($this->_config['match_ip'] === TRUE ? 72 : 40)
);
- foreach ($files as $file)
+ while (($file = readdir($directory)) !== FALSE)
{
// If the filename doesn't match this pattern, it's either not a session file or is not ours
if ( ! preg_match($pattern, $file)
@@ -352,6 +354,8 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle
unlink($this->_config['save_path'].DIRECTORY_SEPARATOR.$file);
}
+ closedir($directory);
+
return TRUE;
}
diff --git a/system/libraries/Session/drivers/Session_memcached_driver.php b/system/libraries/Session/drivers/Session_memcached_driver.php
index 600b8ca66..c7185ee44 100644
--- a/system/libraries/Session/drivers/Session_memcached_driver.php
+++ b/system/libraries/Session/drivers/Session_memcached_driver.php
@@ -204,7 +204,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa
if (isset($this->_lock_key))
{
- $this->_memcached->replace($this->_lock_key, time(), 5);
+ $this->_memcached->replace($this->_lock_key, time(), 300);
if ($this->_fingerprint !== ($fingerprint = md5($session_data)))
{
if ($this->_memcached->set($this->_key_prefix.$session_id, $session_data, $this->_config['expiration']))
@@ -299,34 +299,21 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa
{
if (isset($this->_lock_key))
{
- return $this->_memcached->replace($this->_lock_key, time(), 5);
+ return $this->_memcached->replace($this->_lock_key, time(), 300);
}
+ // 30 attempts to obtain a lock, in case another request already has it
$lock_key = $this->_key_prefix.$session_id.':lock';
- if ( ! ($ts = $this->_memcached->get($lock_key)))
- {
- if ( ! $this->_memcached->set($lock_key, TRUE, 5))
- {
- log_message('error', 'Session: Error while trying to obtain lock for '.$this->_key_prefix.$session_id);
- return FALSE;
- }
-
- $this->_lock_key = $lock_key;
- $this->_lock = TRUE;
- return TRUE;
- }
-
- // Another process has the lock, we'll try to wait for it to free itself ...
$attempt = 0;
- while ($attempt++ < 5)
+ do
{
- usleep(((time() - $ts) * 1000000) - 20000);
- if (($ts = $this->_memcached->get($lock_key)) < time())
+ if ($this->_memcached->get($lock_key))
{
+ sleep(1);
continue;
}
- if ( ! $this->_memcached->set($lock_key, time(), 5))
+ if ( ! $this->_memcached->set($lock_key, time(), 300))
{
log_message('error', 'Session: Error while trying to obtain lock for '.$this->_key_prefix.$session_id);
return FALSE;
@@ -335,10 +322,11 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa
$this->_lock_key = $lock_key;
break;
}
+ while ($attempt++ < 30);
- if ($attempt === 5)
+ if ($attempt === 30)
{
- log_message('error', 'Session: Unable to obtain lock for '.$this->_key_prefix.$session_id.' after 5 attempts, aborting.');
+ log_message('error', 'Session: Unable to obtain lock for '.$this->_key_prefix.$session_id.' after 30 attempts, aborting.');
return FALSE;
}
@@ -361,7 +349,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa
{
if ( ! $this->_memcached->delete($this->_lock_key) && $this->_memcached->getResultCode() !== Memcached::RES_NOTFOUND)
{
- log_message('error', 'Session: Error while trying to free lock for '.$this->_key_prefix.$session_id);
+ log_message('error', 'Session: Error while trying to free lock for '.$this->_lock_key);
return FALSE;
}
diff --git a/system/libraries/Session/drivers/Session_redis_driver.php b/system/libraries/Session/drivers/Session_redis_driver.php
index c3c75b3b6..1ce101daf 100644
--- a/system/libraries/Session/drivers/Session_redis_driver.php
+++ b/system/libraries/Session/drivers/Session_redis_driver.php
@@ -205,7 +205,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle
if (isset($this->_lock_key))
{
- $this->_redis->setTimeout($this->_lock_key, 5);
+ $this->_redis->setTimeout($this->_lock_key, 300);
if ($this->_fingerprint !== ($fingerprint = md5($session_data)))
{
if ($this->_redis->set($this->_key_prefix.$session_id, $session_data, $this->_config['expiration']))
@@ -272,7 +272,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle
{
if (isset($this->_redis, $this->_lock_key))
{
- if ($this->_redis->delete($this->_key_prefix.$session_id) !== 1)
+ if (($result = $this->_redis->delete($this->_key_prefix.$session_id)) !== 1)
{
log_message('debug', 'Session: Redis::delete() expected to return 1, got '.var_export($result, TRUE).' instead.');
}
@@ -313,40 +313,21 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle
{
if (isset($this->_lock_key))
{
- return $this->_redis->setTimeout($this->_lock_key, 5);
+ return $this->_redis->setTimeout($this->_lock_key, 300);
}
+ // 30 attempts to obtain a lock, in case another request already has it
$lock_key = $this->_key_prefix.$session_id.':lock';
- if (($ttl = $this->_redis->ttl($lock_key)) < 1)
- {
- if ( ! $this->_redis->setex($lock_key, 5, time()))
- {
- log_message('error', 'Session: Error while trying to obtain lock for '.$this->_key_prefix.$session_id);
- return FALSE;
- }
-
- $this->_lock_key = $lock_key;
-
- if ($ttl === -1)
- {
- log_message('debug', 'Session: Lock for '.$this->_key_prefix.$session_id.' had no TTL, overriding.');
- }
-
- $this->_lock = TRUE;
- return TRUE;
- }
-
- // Another process has the lock, we'll try to wait for it to free itself ...
$attempt = 0;
- while ($attempt++ < 5)
+ do
{
- usleep(($ttl * 1000000) - 20000);
if (($ttl = $this->_redis->ttl($lock_key)) > 0)
{
+ sleep(1);
continue;
}
- if ( ! $this->_redis->setex($lock_key, 5, time()))
+ if ( ! $this->_redis->setex($lock_key, 300, time()))
{
log_message('error', 'Session: Error while trying to obtain lock for '.$this->_key_prefix.$session_id);
return FALSE;
@@ -355,12 +336,17 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle
$this->_lock_key = $lock_key;
break;
}
+ while ($attempt++ < 30);
- if ($attempt === 5)
+ if ($attempt === 30)
{
- log_message('error', 'Session: Unable to obtain lock for '.$this->_key_prefix.$session_id.' after 5 attempts, aborting.');
+ log_message('error', 'Session: Unable to obtain lock for '.$this->_key_prefix.$session_id.' after 30 attempts, aborting.');
return FALSE;
}
+ elseif ($ttl === -1)
+ {
+ log_message('debug', 'Session: Lock for '.$this->_key_prefix.$session_id.' had no TTL, overriding.');
+ }
$this->_lock = TRUE;
return TRUE;
@@ -381,7 +367,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle
{
if ( ! $this->_redis->delete($this->_lock_key))
{
- log_message('error', 'Session: Error while trying to free lock for '.$this->_key_prefix.$session_id);
+ log_message('error', 'Session: Error while trying to free lock for '.$this->_lock_key);
return FALSE;
}
diff --git a/system/libraries/Session/drivers/index.html b/system/libraries/Session/drivers/index.html
index c942a79ce..b702fbc39 100644
--- a/system/libraries/Session/drivers/index.html
+++ b/system/libraries/Session/drivers/index.html
@@ -1,3 +1,4 @@
+<!DOCTYPE html>
<html>
<head>
<title>403 Forbidden</title>
@@ -7,4 +8,4 @@
<p>Directory access is forbidden.</p>
</body>
-</html> \ No newline at end of file
+</html>
diff --git a/system/libraries/Session/index.html b/system/libraries/Session/index.html
index c942a79ce..b702fbc39 100644
--- a/system/libraries/Session/index.html
+++ b/system/libraries/Session/index.html
@@ -1,3 +1,4 @@
+<!DOCTYPE html>
<html>
<head>
<title>403 Forbidden</title>
@@ -7,4 +8,4 @@
<p>Directory access is forbidden.</p>
</body>
-</html> \ No newline at end of file
+</html>
diff --git a/system/libraries/Xmlrpcs.php b/system/libraries/Xmlrpcs.php
index af7041337..00d1feca6 100644
--- a/system/libraries/Xmlrpcs.php
+++ b/system/libraries/Xmlrpcs.php
@@ -223,7 +223,7 @@ class CI_Xmlrpcs extends CI_Xmlrpc {
$CI =& get_instance();
if ($CI->input->method() === 'post')
{
- $data = http_build_query($CI->input->input_stream(NULL, FALSE));
+ $data = $CI->input->raw_input_stream;
}
}
@@ -233,14 +233,15 @@ class CI_Xmlrpcs extends CI_Xmlrpc {
$parser = xml_parser_create($this->xmlrpc_defencoding);
$parser_object = new XML_RPC_Message('filler');
-
- $parser_object->xh[$parser] = array(
- 'isf' => 0,
- 'isf_reason' => '',
- 'params' => array(),
- 'stack' => array(),
- 'valuestack' => array(),
- 'method' => ''
+ $pname = (string) $parser;
+
+ $parser_object->xh[$pname] = array(
+ 'isf' => 0,
+ 'isf_reason' => '',
+ 'params' => array(),
+ 'stack' => array(),
+ 'valuestack' => array(),
+ 'method' => ''
);
xml_set_object($parser, $parser_object);
@@ -263,7 +264,7 @@ class CI_Xmlrpcs extends CI_Xmlrpc {
xml_get_current_line_number($parser)));
xml_parser_free($parser);
}
- elseif ($parser_object->xh[$parser]['isf'])
+ elseif ($parser_object->xh[$pname]['isf'])
{
return new XML_RPC_Response(0, $this->xmlrpcerr['invalid_return'], $this->xmlrpcstr['invalid_return']);
}
@@ -271,17 +272,17 @@ class CI_Xmlrpcs extends CI_Xmlrpc {
{
xml_parser_free($parser);
- $m = new XML_RPC_Message($parser_object->xh[$parser]['method']);
+ $m = new XML_RPC_Message($parser_object->xh[$pname]['method']);
$plist = '';
- for ($i = 0, $c = count($parser_object->xh[$parser]['params']); $i < $c; $i++)
+ for ($i = 0, $c = count($parser_object->xh[$pname]['params']); $i < $c; $i++)
{
if ($this->debug === TRUE)
{
- $plist .= $i.' - '.print_r(get_object_vars($parser_object->xh[$parser]['params'][$i]), TRUE).";\n";
+ $plist .= $i.' - '.print_r(get_object_vars($parser_object->xh[$pname]['params'][$i]), TRUE).";\n";
}
- $m->addParam($parser_object->xh[$parser]['params'][$i]);
+ $m->addParam($parser_object->xh[$pname]['params'][$i]);
}
if ($this->debug === TRUE)
diff --git a/system/libraries/Zip.php b/system/libraries/Zip.php
index f2f17148b..3e98ac568 100644
--- a/system/libraries/Zip.php
+++ b/system/libraries/Zip.php
@@ -352,7 +352,7 @@ class CI_Zip {
// Set the original directory root for child dir's to use as relative
if ($root_path === NULL)
{
- $root_path = dirname($path).DIRECTORY_SEPARATOR;
+ $root_path = str_replace(array('\\', '/'), DIRECTORY_SEPARATOR, dirname($path)).DIRECTORY_SEPARATOR;
}
while (FALSE !== ($file = readdir($fp)))
diff --git a/system/libraries/index.html b/system/libraries/index.html
index c942a79ce..b702fbc39 100644
--- a/system/libraries/index.html
+++ b/system/libraries/index.html
@@ -1,3 +1,4 @@
+<!DOCTYPE html>
<html>
<head>
<title>403 Forbidden</title>
@@ -7,4 +8,4 @@
<p>Directory access is forbidden.</p>
</body>
-</html> \ No newline at end of file
+</html>