diff options
Diffstat (limited to 'system')
| -rw-r--r-- | system/core/Input.php | 21 | ||||
| -rw-r--r-- | system/database/DB_driver.php | 5 | ||||
| -rw-r--r-- | system/database/DB_query_builder.php | 2 |
3 files changed, 16 insertions, 12 deletions
diff --git a/system/core/Input.php b/system/core/Input.php index 81555df9a..0c6025d1e 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -150,17 +150,22 @@ class CI_Input { * Internal method used to retrieve values from global arrays. * * @param array &$array $_GET, $_POST, $_COOKIE, $_SERVER, etc. - * @param string $index Index for item to be fetched from $array + * @param mixed $index Index for item to be fetched from $array * @param bool $xss_clean Whether to apply XSS filtering * @return mixed */ protected function _fetch_from_array(&$array, $index = NULL, $xss_clean = NULL) { + is_bool($xss_clean) OR $xss_clean = $this->_enable_xss; + // If $index is NULL, it means that the whole $array is requested - if ($index === NULL) + isset($index) OR $index = array_keys($array); + + // allow fetching multiple keys at once + if (is_array($index)) { $output = array(); - foreach (array_keys($array) as $key) + foreach ($index as $key) { $output[$key] = $this->_fetch_from_array($array, $key, $xss_clean); } @@ -168,8 +173,6 @@ class CI_Input { return $output; } - is_bool($xss_clean) OR $xss_clean = $this->_enable_xss; - if (isset($array[$index])) { $value = $array[$index]; @@ -210,7 +213,7 @@ class CI_Input { /** * Fetch an item from the GET array * - * @param string $index Index for item to be fetched from $_GET + * @param mixed $index Index for item to be fetched from $_GET * @param bool $xss_clean Whether to apply XSS filtering * @return mixed */ @@ -224,7 +227,7 @@ class CI_Input { /** * Fetch an item from the POST array * - * @param string $index Index for item to be fetched from $_POST + * @param mixed $index Index for item to be fetched from $_POST * @param bool $xss_clean Whether to apply XSS filtering * @return mixed */ @@ -270,7 +273,7 @@ class CI_Input { /** * Fetch an item from the COOKIE array * - * @param string $index Index for item to be fetched from $_COOKIE + * @param mixed $index Index for item to be fetched from $_COOKIE * @param bool $xss_clean Whether to apply XSS filtering * @return mixed */ @@ -284,7 +287,7 @@ class CI_Input { /** * Fetch an item from the SERVER array * - * @param string $index Index for item to be fetched from $_SERVER + * @param mixed $index Index for item to be fetched from $_SERVER * @param bool $xss_clean Whether to apply XSS filtering * @return mixed */ diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php index 0b4707370..7c3df42b8 100644 --- a/system/database/DB_driver.php +++ b/system/database/DB_driver.php @@ -1461,7 +1461,7 @@ abstract class CI_DB_driver { */ protected function _has_operator($str) { - return (bool) preg_match('/(<|>|!|=|\sIS\s|\sEXISTS|\sBETWEEN|\sLIKE|\sIN\s*\(|\s)/i', trim($str)); + return (bool) preg_match('/(<|>|!|=|\sIS NULL|\sIS NOT NULL|\sEXISTS|\sBETWEEN|\sLIKE|\sIN\s*\(|\s)/i', trim($str)); } // -------------------------------------------------------------------- @@ -1485,7 +1485,8 @@ abstract class CI_DB_driver { '\s*(?:<|>|!)?=\s*', // =, <=, >=, != '\s*<>?\s*', // <, <> '\s*>\s*', // > - '\s+IS(?:\sNOT)?(?:\sNULL)?', // IS[ NOT] NULL + '\s+IS NULL', // IS NULL + '\s+IS NOT NULL', // IS NOT NULL '\s+EXISTS\s*\([^\)]+\)', // EXISTS(sql) '\s+NOT EXISTS\s*\([^\)]+\)', // NOT EXISTS(sql) '\s+BETWEEN\s+\S+\s+AND\s+\S+', // BETWEEN value AND value diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index c7326cd35..1c0aed693 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -672,7 +672,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { // value appears not to have been set, assign the test to IS NULL $k .= ' IS NULL'; } - elseif (preg_match('/\s*(!?=|<>)\s*$/i', $k, $match, PREG_OFFSET_CAPTURE)) + elseif (preg_match('/\s*(!?=|<>|IS(?:\s+NOT)?)\s*$/i', $k, $match, PREG_OFFSET_CAPTURE)) { $k = substr($k, 0, $match[0][1]).($match[1][0] === '=' ? ' IS NULL' : ' IS NOT NULL'); } |