summaryrefslogtreecommitdiffstats
path: root/system
diff options
context:
space:
mode:
Diffstat (limited to 'system')
-rw-r--r--system/core/Common.php20
-rw-r--r--system/core/Config.php34
-rw-r--r--system/core/Exceptions.php4
-rw-r--r--system/core/Hooks.php4
-rw-r--r--system/core/Output.php188
-rw-r--r--system/core/Security.php13
-rw-r--r--system/core/URI.php8
-rw-r--r--system/database/DB_driver.php80
-rw-r--r--system/database/DB_forge.php2
-rw-r--r--system/database/DB_query_builder.php155
-rw-r--r--system/database/drivers/cubrid/cubrid_driver.php17
-rw-r--r--system/database/drivers/interbase/interbase_driver.php17
-rw-r--r--system/database/drivers/mssql/mssql_driver.php34
-rw-r--r--system/database/drivers/mysql/mysql_driver.php29
-rw-r--r--system/database/drivers/mysql/mysql_forge.php2
-rw-r--r--system/database/drivers/mysqli/mysqli_driver.php20
-rw-r--r--system/database/drivers/oci8/oci8_driver.php13
-rw-r--r--system/database/drivers/odbc/odbc_driver.php17
-rw-r--r--system/database/drivers/pdo/pdo_driver.php13
-rw-r--r--system/database/drivers/postgre/postgre_driver.php32
-rw-r--r--system/database/drivers/sqlite/sqlite_driver.php17
-rw-r--r--system/database/drivers/sqlite3/sqlite3_driver.php17
-rw-r--r--system/database/drivers/sqlsrv/sqlsrv_driver.php16
-rw-r--r--system/helpers/date_helper.php178
-rw-r--r--system/helpers/download_helper.php2
-rw-r--r--system/helpers/file_helper.php1
-rw-r--r--system/helpers/form_helper.php10
-rw-r--r--system/helpers/security_helper.php6
-rw-r--r--system/helpers/url_helper.php37
-rw-r--r--system/language/english/migration_lang.php2
-rw-r--r--system/libraries/Cache/drivers/Cache_file.php2
-rw-r--r--system/libraries/Calendar.php4
-rw-r--r--system/libraries/Email.php14
-rw-r--r--system/libraries/Form_validation.php46
-rw-r--r--system/libraries/Ftp.php2
-rw-r--r--system/libraries/Javascript.php2
-rw-r--r--system/libraries/Migration.php2
-rw-r--r--system/libraries/Pagination.php172
-rw-r--r--system/libraries/Profiler.php6
-rw-r--r--system/libraries/Upload.php16
-rw-r--r--system/libraries/Xmlrpc.php2
-rw-r--r--system/libraries/Xmlrpcs.php2
-rw-r--r--system/libraries/Zip.php2
43 files changed, 731 insertions, 529 deletions
diff --git a/system/core/Common.php b/system/core/Common.php
index 1708653e7..c309d4192 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -431,6 +431,7 @@ if ( ! function_exists('set_status_header'))
300 => 'Multiple Choices',
301 => 'Moved Permanently',
302 => 'Found',
+ 303 => 'See Other',
304 => 'Not Modified',
305 => 'Use Proxy',
307 => 'Temporary Redirect',
@@ -462,18 +463,23 @@ if ( ! function_exists('set_status_header'))
505 => 'HTTP Version Not Supported'
);
- if ($code == '' OR ! is_numeric($code))
+ if (empty($code) OR ! is_numeric($code))
{
show_error('Status codes must be numeric', 500);
}
- elseif (isset($stati[$code]) && $text === '')
- {
- $text = $stati[$code];
- }
- if ($text === '')
+ is_int($code) OR $code = (int) $code;
+
+ if (empty($text))
{
- show_error('No status text available. Please check your status code number or supply your own message text.', 500);
+ if (isset($stati[$code]))
+ {
+ $text = $stati[$code];
+ }
+ else
+ {
+ show_error('No status text available. Please check your status code number or supply your own message text.', 500);
+ }
}
$server_protocol = isset($_SERVER['SERVER_PROTOCOL']) ? $_SERVER['SERVER_PROTOCOL'] : FALSE;
diff --git a/system/core/Config.php b/system/core/Config.php
index 3de1bcb96..4b4e5a7ba 100644
--- a/system/core/Config.php
+++ b/system/core/Config.php
@@ -225,25 +225,39 @@ class CI_Config {
* Site URL
* Returns base_url . index_page [. uri_string]
*
- * @param string the URI string
+ * @param mixed the URI string or an array of segments
* @return string
*/
public function site_url($uri = '')
{
- if ($uri === '')
+ if (empty($uri))
{
return $this->slash_item('base_url').$this->item('index_page');
}
+ $uri = $this->_uri_string($uri);
+
if ($this->item('enable_query_strings') === FALSE)
{
$suffix = ($this->item('url_suffix') === FALSE) ? '' : $this->item('url_suffix');
- return $this->slash_item('base_url').$this->slash_item('index_page').$this->_uri_string($uri).$suffix;
+
+ if ($suffix !== '' && ($offset = strpos($uri, '?')) !== FALSE)
+ {
+ $uri = substr($uri, 0, $offset).$suffix.substr($uri, $offset);
+ }
+ else
+ {
+ $uri .= $suffix;
+ }
+
+ return $this->slash_item('base_url').$this->slash_item('index_page').$uri;
}
- else
+ elseif (strpos($uri, '?') === FALSE)
{
- return $this->slash_item('base_url').$this->item('index_page').'?'.$this->_uri_string($uri);
+ $uri = '?'.$uri;
}
+
+ return $this->slash_item('base_url').$this->item('index_page').$uri;
}
// -------------------------------------------------------------
@@ -280,15 +294,7 @@ class CI_Config {
}
elseif (is_array($uri))
{
- $i = 0;
- $str = '';
- foreach ($uri as $key => $val)
- {
- $prefix = ($i === 0) ? '' : '&';
- $str .= $prefix.$key.'='.$val;
- $i++;
- }
- return $str;
+ return http_build_query($uri);
}
return $uri;
diff --git a/system/core/Exceptions.php b/system/core/Exceptions.php
index 8c32085fe..bd9178dbd 100644
--- a/system/core/Exceptions.php
+++ b/system/core/Exceptions.php
@@ -143,7 +143,7 @@ class CI_Exceptions {
ob_end_flush();
}
ob_start();
- include(APPPATH.'views/errors/'.$template.'.php');
+ include(VIEWPATH.'errors/'.$template.'.php');
$buffer = ob_get_contents();
ob_end_clean();
return $buffer;
@@ -177,7 +177,7 @@ class CI_Exceptions {
ob_end_flush();
}
ob_start();
- include(APPPATH.'views/errors/error_php.php');
+ include(VIEWPATH.'errors/error_php.php');
$buffer = ob_get_contents();
ob_end_clean();
echo $buffer;
diff --git a/system/core/Hooks.php b/system/core/Hooks.php
index 29fd88201..afbf4b453 100644
--- a/system/core/Hooks.php
+++ b/system/core/Hooks.php
@@ -39,7 +39,7 @@
class CI_Hooks {
/**
- * Determines wether hooks are enabled
+ * Determines whether hooks are enabled
*
* @var bool
*/
@@ -53,7 +53,7 @@ class CI_Hooks {
public $hooks = array();
/**
- * Determines wether hook is in progress, used to prevent infinte loops
+ * Determines whether hook is in progress, used to prevent infinte loops
*
* @var bool
*/
diff --git a/system/core/Output.php b/system/core/Output.php
index 5588ffe8e..5ec8c4bc0 100644
--- a/system/core/Output.php
+++ b/system/core/Output.php
@@ -67,7 +67,14 @@ class CI_Output {
public $mimes = array();
/**
- * Determines wether profiler is enabled
+ * Mime-type for the current page
+ *
+ * @var string
+ */
+ protected $mime_type = 'text/html';
+
+ /**
+ * Determines whether profiler is enabled
*
* @var book
*/
@@ -78,7 +85,7 @@ class CI_Output {
*
* @var bool
*/
- protected $_zlib_oc = FALSE;
+ protected $_zlib_oc = FALSE;
/**
* List of profiler sections
@@ -174,7 +181,7 @@ class CI_Output {
* how to permit header data to be saved with the cache data...
*
* @param string
- * @param bool
+ * @param bool
* @return void
*/
public function set_header($header, $replace = TRUE)
@@ -218,6 +225,8 @@ class CI_Output {
}
}
+ $this->mime_type = $mime_type;
+
if (empty($charset))
{
$charset = config_item('charset');
@@ -292,6 +301,12 @@ class CI_Output {
*/
public function set_profiler_sections($sections)
{
+ if (isset($sections['query_toggle_count']))
+ {
+ $this->_profiler_sections['query_toggle_count'] = (int) $sections['query_toggle_count'];
+ unset($sections['query_toggle_count']);
+ }
+
foreach ($sections as $section => $enable)
{
$this->_profiler_sections[$section] = ($enable !== FALSE);
@@ -327,7 +342,7 @@ class CI_Output {
* with any server headers and profile data. It also stops the
* benchmark timer so the page rendering speed and memory usage can be shown.
*
- * @param string
+ * @param string
* @return mixed
*/
public function _display($output = '')
@@ -353,6 +368,15 @@ class CI_Output {
// --------------------------------------------------------------------
+ // Is minify requested?
+ if ($CFG->item('minify_output') === TRUE)
+ {
+ $output = $this->minify($output, $this->mime_type);
+ }
+
+
+ // --------------------------------------------------------------------
+
// Do we need to write a cache file? Only if the controller does not have its
// own _output() method and we are not dealing with a cache file, which we
// can determine by the existence of the $CI object above
@@ -450,7 +474,7 @@ class CI_Output {
/**
* Write a Cache File
*
- * @param string
+ * @param string
* @return void
*/
public function _write_cache($output)
@@ -493,6 +517,9 @@ class CI_Output {
@chmod($cache_path, FILE_WRITE_MODE);
log_message('debug', 'Cache file written: '.$cache_path);
+
+ // Send HTTP cache-control headers to browser to match file cache settings.
+ $this->set_cache_header($_SERVER['REQUEST_TIME'], $expire);
}
// --------------------------------------------------------------------
@@ -500,8 +527,8 @@ class CI_Output {
/**
* Update/serve a cached file
*
- * @param object config class
- * @param object uri class
+ * @param object config class
+ * @param object uri class
* @return bool
*/
public function _display_cache(&$CFG, &$URI)
@@ -530,13 +557,22 @@ class CI_Output {
return FALSE;
}
- // Has the file expired? If so we'll delete it.
- if (time() >= trim(str_replace('TS--->', '', $match[1])) && is_really_writable($cache_path))
+ $last_modified = filemtime($cache_path);
+ $expire = trim(str_replace('TS--->', '', $match[1]));
+
+ // Has the file expired?
+ if ($_SERVER['REQUEST_TIME'] >= $expire && is_really_writable($cache_path))
{
+ // If so we'll delete it.
@unlink($filepath);
log_message('debug', 'Cache file has expired. File deleted.');
return FALSE;
}
+ else
+ {
+ // Or else send the HTTP cache control headers.
+ $this->set_cache_header($last_modified, $expire);
+ }
// Display the cache
$this->_display(str_replace($match[0], '', $cache));
@@ -544,6 +580,140 @@ class CI_Output {
return TRUE;
}
+ // --------------------------------------------------------------------
+
+ /**
+ * Set the HTTP headers to match the server-side file cache settings
+ * in order to reduce bandwidth.
+ *
+ * @param int timestamp of when the page was last modified
+ * @param int timestamp of when should the requested page expire from cache
+ * @return void
+ */
+ public function set_cache_header($last_modified, $expiration)
+ {
+ $max_age = $expiration - $_SERVER['REQUEST_TIME'];
+
+ if (isset($_SERVER['HTTP_IF_MODIFIED_SINCE']) && $last_modified <= strtotime($_SERVER['HTTP_IF_MODIFIED_SINCE']))
+ {
+ $this->set_status_header(304);
+ exit;
+ }
+ else
+ {
+ header('Pragma: public');
+ header('Cache-Control: max-age=' . $max_age . ', public');
+ header('Expires: '.gmdate('D, d M Y H:i:s', $expiration).' GMT');
+ header('Last-modified: '.gmdate('D, d M Y H:i:s', $last_modified).' GMT');
+ }
+ }
+
+ // --------------------------------------------------------------------
+
+ /**
+ * Reduce excessive size of HTML content.
+ *
+ * @param string
+ * @param string
+ * @return string
+ */
+ public function minify($output, $type = 'text/html')
+ {
+ switch ($type)
+ {
+ case 'text/html':
+
+ $size_before = strlen($output);
+
+ if ($size_before === 0)
+ {
+ return '';
+ }
+
+ // Find all the <pre>,<code>,<textarea>, and <javascript> tags
+ // We'll want to return them to this unprocessed state later.
+ preg_match_all('{<pre.+</pre>}msU', $output, $pres_clean);
+ preg_match_all('{<code.+</code>}msU', $output, $codes_clean);
+ preg_match_all('{<textarea.+</textarea>}msU', $output, $textareas_clean);
+ preg_match_all('{<script.+</script>}msU', $output, $javascript_clean);
+
+ // Minify the CSS in all the <style> tags.
+ preg_match_all('{<style.+</style>}msU', $output, $style_clean);
+ foreach ($style_clean[0] as $s)
+ {
+ $output = str_replace($s, $this->minify($s, 'text/css'), $output);
+ }
+
+ // Minify the javascript in <script> tags.
+ foreach ($javascript_clean[0] as $s)
+ {
+ $javascript_mini[] = $this->minify($s, 'text/javascript');
+ }
+
+ // Replace multiple spaces with a single space.
+ $output = preg_replace('!\s{2,}!', ' ', $output);
+
+ // Remove comments (non-MSIE conditionals)
+ $output = preg_replace('{\s*<!--[^\[].*-->\s*}msU', '', $output);
+
+ // Remove spaces around block-level elements.
+ $output = preg_replace('/\s*(<\/?(html|head|title|meta|script|link|style|body|h[1-6]|div|p|br)[^>]*>)\s*/is', '$1', $output);
+
+ // Replace mangled <pre> etc. tags with unprocessed ones.
+
+ if ( ! empty($pres_clean))
+ {
+ preg_match_all('{<pre.+</pre>}msU', $output, $pres_messed);
+ $output = str_replace($pres_messed[0], $pres_clean[0], $output);
+ }
+
+ if ( ! empty($codes_clean))
+ {
+ preg_match_all('{<code.+</code>}msU', $output, $codes_messed);
+ $output = str_replace($codes_messed[0], $codes_clean[0], $output);
+ }
+
+ if ( ! empty($codes_clean))
+ {
+ preg_match_all('{<textarea.+</textarea>}msU', $output, $textareas_messed);
+ $output = str_replace($textareas_messed[0], $textareas_clean[0], $output);
+ }
+
+ if (isset($javascript_mini))
+ {
+ preg_match_all('{<script.+</script>}msU', $output, $javascript_messed);
+ $output = str_replace($javascript_messed[0], $javascript_mini, $output);
+ }
+
+ $size_removed = $size_before - strlen($output);
+ $savings_percent = round(($size_removed / $size_before * 100));
+
+ log_message('debug', 'Minifier shaved '.($size_removed / 1000).'KB ('.$savings_percent.'%) off final HTML output.');
+
+ break;
+
+ case 'text/css':
+
+ //Remove CSS comments
+ $output = preg_replace('!/\*[^*]*\*+([^/][^*]*\*+)*/!', '', $output);
+
+ // Remove spaces around curly brackets, colons,
+ // semi-colons, parenthesis, commas
+ $output = preg_replace('!\s*(:|;|,|}|{|\(|\))\s*!', '$1', $output);
+
+ break;
+
+ case 'text/javascript':
+
+ // Currently leaves JavaScript untouched.
+ break;
+
+ default: break;
+ }
+
+ return $output;
+ }
+
}
/* End of file Output.php */
diff --git a/system/core/Security.php b/system/core/Security.php
index 4593a1090..227217e75 100644
--- a/system/core/Security.php
+++ b/system/core/Security.php
@@ -561,6 +561,19 @@ class CI_Security {
// ----------------------------------------------------------------
/**
+ * Strip Image Tags
+ *
+ * @param string
+ * @return string
+ */
+ public function strip_image_tags($str)
+ {
+ return preg_replace(array('#<img\s+.*?src\s*=\s*["\'](.+?)["\'].*?\>#', '#<img\s+.*?src\s*=\s*(.+?).*?\>#'), '\\1', $str);
+ }
+
+ // ----------------------------------------------------------------
+
+ /**
* Compact Exploded Words
*
* Callback function for xss_clean() to remove whitespace from
diff --git a/system/core/URI.php b/system/core/URI.php
index a997525ee..6a8b1a5ac 100644
--- a/system/core/URI.php
+++ b/system/core/URI.php
@@ -278,7 +278,7 @@ class CI_URI {
{
// preg_quote() in PHP 5.3 escapes -, so the str_replace() and addition of - to preg_quote() is to maintain backwards
// compatibility as many are unaware of how characters in the permitted_uri_chars will be parsed as a regex pattern
- if ( ! preg_match('|^['.str_replace(array('\\-', '\-'), '-', preg_quote($this->config->item('permitted_uri_chars'), '-')).']+$|i', $str))
+ if ( ! preg_match('|^['.str_replace(array('\\-', '\-'), '-', preg_quote($this->config->item('permitted_uri_chars'), '-')).']+$|i', urldecode($str)))
{
show_error('The URI you submitted has disallowed characters.', 400);
}
@@ -302,9 +302,11 @@ class CI_URI {
*/
public function _remove_url_suffix()
{
- if ($this->config->item('url_suffix') !== '')
+ $suffix = (string) $this->config->item('url_suffix');
+
+ if ($suffix !== '' && ($offset = strrpos($this->uri_string, $suffix)) !== FALSE)
{
- $this->uri_string = preg_replace('|'.preg_quote($this->config->item('url_suffix')).'$|', '', $this->uri_string);
+ $this->uri_string = substr_replace($this->uri_string, '', $offset, strlen($suffix));
}
}
diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php
index d056bdb90..739b25187 100644
--- a/system/database/DB_driver.php
+++ b/system/database/DB_driver.php
@@ -295,7 +295,7 @@ abstract class CI_DB_driver {
* @param array An array of binding data
* @return mixed
*/
- public function query($sql, $binds = FALSE, $return_object = TRUE)
+ public function query($sql, $binds = FALSE, $return_object = NULL)
{
if ($sql === '')
{
@@ -303,6 +303,10 @@ abstract class CI_DB_driver {
return ($this->db_debug) ? $this->display_error('db_invalid_query') : FALSE;
}
+ elseif ( ! is_bool($return_object))
+ {
+ $return_object = ! $this->is_write_type($sql);
+ }
// Verify table prefix and replace if necessary
if ($this->dbprefix !== '' && $this->swap_pre !== '' && $this->dbprefix !== $this->swap_pre)
@@ -319,7 +323,7 @@ abstract class CI_DB_driver {
// Is query caching enabled? If the query is a "read type"
// we will load the caching class and return the previously
// cached query if it exists
- if ($this->cache_on === TRUE && stripos($sql, 'SELECT') !== FALSE && $this->_cache_init())
+ if ($this->cache_on === TRUE && $return_object === TRUE && $this->_cache_init())
{
$this->load_rdriver();
if (FALSE !== ($cache = $this->CACHE->read($sql)))
@@ -328,7 +332,7 @@ abstract class CI_DB_driver {
}
}
- // Save the query for debugging
+ // Save the query for debugging
if ($this->save_queries === TRUE)
{
$this->queries[] = $sql;
@@ -352,7 +356,7 @@ abstract class CI_DB_driver {
$error = $this->error();
// Log errors
- log_message('error', 'Query error: '.$error['message']);
+ log_message('error', 'Query error: '.$error['message'].' - Invalid query: '.$sql);
if ($this->db_debug)
{
@@ -381,12 +385,10 @@ abstract class CI_DB_driver {
// Increment the query counter
$this->query_count++;
- // Was the query a "write" type?
- // If so we'll simply return true
- if ($this->is_write_type($sql) === TRUE)
+ // Will we have a result object instantiated? If not - we'll simply return TRUE
+ if ($return_object !== TRUE)
{
- // If caching is enabled we'll auto-cleanup any
- // existing files related to this particular URI
+ // If caching is enabled we'll auto-cleanup any existing files related to this particular URI
if ($this->cache_on === TRUE && $this->cache_autodel === TRUE && $this->_cache_init())
{
$this->CACHE->delete();
@@ -396,8 +398,6 @@ abstract class CI_DB_driver {
}
// Return TRUE if we don't need to create a result object
- // Currently only the Oracle driver uses this when stored
- // procedures are used
if ($return_object !== TRUE)
{
return TRUE;
@@ -1086,6 +1086,20 @@ abstract class CI_DB_driver {
// --------------------------------------------------------------------
/**
+ * Returns the SQL string operator
+ *
+ * @param string
+ * @return string
+ */
+ protected function _get_operator($str)
+ {
+ return preg_match('/(=|!|<|>| IS NULL| IS NOT NULL| BETWEEN)/i', $str, $match)
+ ? $match[1] : FALSE;
+ }
+
+ // --------------------------------------------------------------------
+
+ /**
* Enables a native PHP function to be run, using a platform agnostic wrapper.
*
* @param string the function name
@@ -1267,7 +1281,7 @@ abstract class CI_DB_driver {
if (isset($call['file']) && strpos($call['file'], BASEPATH.'database') === FALSE)
{
// Found it - use a relative path for safety
- $message[] = 'Filename: '.str_replace(array(BASEPATH, APPPATH), '', $call['file']);
+ $message[] = 'Filename: '.str_replace(array(APPPATH, BASEPATH), '', $call['file']);
$message[] = 'Line Number: '.$call['line'];
break;
}
@@ -1336,39 +1350,21 @@ abstract class CI_DB_driver {
// Convert tabs or multiple spaces into single spaces
$item = preg_replace('/\s+/', ' ', $item);
- static $preg_ec = array();
-
- if (empty($preg_ec))
+ // If the item has an alias declaration we remove it and set it aside.
+ // Note: strripos() is used in order to support spaces in table names
+ if ($offset = strripos($item, ' AS '))
{
- if (is_array($this->_escape_char))
- {
- $preg_ec = array(preg_quote($this->_escape_char[0]), preg_quote($this->_escape_char[1]));
- }
- else
- {
- $preg_ec[0] = $preg_ec[1] = preg_quote($this->_escape_char);
- }
+ $alias = ($protect_identifiers)
+ ? substr($item, $offset, 4).$this->escape_identifiers(substr($item, $offset + 4))
+ : substr($item, $offset);
+ $item = substr($item, 0, $offset);
}
-
- // If the item has an alias declaration we remove it and set it aside.
- // Basically we remove everything to the right of the first space
- preg_match('/^(('.$preg_ec[0].'[^'.$preg_ec[1].']+'.$preg_ec[1].')|([^'.$preg_ec[0].'][^\s]+))( AS)*(.+)*$/i', $item, $matches);
-
- if (isset($matches[4]))
+ elseif ($offset = strrpos($item, ' '))
{
- $item = $matches[1];
-
- // Escape the alias, if needed
- if ($protect_identifiers === TRUE)
- {
- $alias = empty($matches[5])
- ? ' '.$this->escape_identifiers(ltrim($matches[4]))
- : $matches[4].' '.$this->escape_identifiers(ltrim($matches[5]));
- }
- else
- {
- $alias = $matches[4].$matches[5];
- }
+ $alias = ($protect_identifiers)
+ ? ' '.$this->escape_identifiers(substr($item, $offset + 1))
+ : substr($item, $offset);
+ $item = substr($item, 0, $offset);
}
else
{
diff --git a/system/database/DB_forge.php b/system/database/DB_forge.php
index 9b7639289..91f9d560c 100644
--- a/system/database/DB_forge.php
+++ b/system/database/DB_forge.php
@@ -231,7 +231,7 @@ abstract class CI_DB_forge {
if (($result = $this->db->query($sql)) !== FALSE && ! empty($this->db->data_cache['table_names']))
{
- $this->db->data_cache['table_names'][] = $$this->db->dbprefix.$table;
+ $this->db->data_cache['table_names'][] = $this->db->dbprefix.$table;
}
return $result;
diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php
index 488b294e4..3982885e8 100644
--- a/system/database/DB_query_builder.php
+++ b/system/database/DB_query_builder.php
@@ -324,10 +324,10 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
* @param string
* @param string the join condition
* @param string the type of join
- * @param string wether not to try to escape identifiers
+ * @param string whether not to try to escape identifiers
* @return object
*/
- public function join($table, $cond, $type = '', $escape = TRUE)
+ public function join($table, $cond, $type = '', $escape = NULL)
{
if ($type !== '')
{
@@ -347,6 +347,8 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
// in the protect_identifiers to know whether to add a table prefix
$this->_track_aliases($table);
+ is_bool($escape) OR $escape = $this->_protect_identifiers;
+
// Split multiple conditions
if ($escape === TRUE && preg_match_all('/\sAND\s|\sOR\s/i', $cond, $m, PREG_SET_ORDER | PREG_OFFSET_CAPTURE))
{
@@ -366,12 +368,20 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
$newcond .= $m[0][$i][0];
}
- $cond = $newcond;
+ $cond = ' ON '.$newcond;
}
// Split apart the condition and protect the identifiers
elseif ($escape === TRUE && preg_match('/([\[\w\.-]+)([\W\s]+)(.+)/i', $cond, $match))
{
- $cond = $this->protect_identifiers($match[1]).$match[2].$this->protect_identifiers($match[3]);
+ $cond = ' ON '.$this->protect_identifiers($match[1]).$match[2].$this->protect_identifiers($match[3]);
+ }
+ elseif ( ! $this->_has_operator($cond))
+ {
+ $cond = ' USING ('.($escape ? $this->escape_identifiers($cond) : $cond).')';
+ }
+ else
+ {
+ $cond = ' ON '.$cond;
}
// Do we want to escape the table name?
@@ -381,7 +391,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
}
// Assemble the JOIN statement
- $this->qb_join[] = $join = $type.'JOIN '.$this->protect_identifiers($table, TRUE, NULL, FALSE).' ON '.$cond;
+ $this->qb_join[] = $join = $type.'JOIN '.$table.$cond;
if ($this->qb_caching === TRUE)
{
@@ -405,7 +415,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
* @param bool
* @return object
*/
- public function where($key, $value = NULL, $escape = TRUE)
+ public function where($key, $value = NULL, $escape = NULL)
{
return $this->_where($key, $value, 'AND ', $escape);
}
@@ -423,7 +433,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
* @param bool
* @return object
*/
- public function or_where($key, $value = NULL, $escape = TRUE)
+ public function or_where($key, $value = NULL, $escape = NULL)
{
return $this->_where($key, $value, 'OR ', $escape);
}
@@ -443,23 +453,26 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
*/
protected function _where($key, $value = NULL, $type = 'AND ', $escape = NULL)
{
- $type = $this->_group_get_type($type);
-
if ( ! is_array($key))
{
$key = array($key => $value);
}
// If the escape value was not set will will base it on the global setting
- $escape = $this->_protect_identifiers;
+ is_bool($escape) OR $escape = $this->_protect_identifiers;
foreach ($key as $k => $v)
{
- $prefix = (count($this->qb_where) === 0 && count($this->qb_cache_where) === 0) ? '' : $type;
+ $prefix = (count($this->qb_where) === 0 && count($this->qb_cache_where) === 0)
+ ? $this->_group_get_type('')
+ : $this->_group_get_type($type);
- $k = $this->_has_operator($k)
- ? $this->protect_identifiers(substr($k, 0, strpos(rtrim($k), ' ')), FALSE, $escape).strchr(rtrim($k), ' ')
- : $this->protect_identifiers($k, FALSE, $escape);
+ if ($escape === TRUE)
+ {
+ $k = (($op = $this->_get_operator($k)) !== FALSE)
+ ? $this->escape_identifiers(trim(substr($k, 0, strpos($k, $op)))).' '.strstr($k, $op)
+ : $this->escape_identifiers(trim($k));
+ }
if (is_null($v) && ! $this->_has_operator($k))
{
@@ -504,9 +517,9 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
* @param array The values searched on
* @return object
*/
- public function where_in($key = NULL, $values = NULL)
+ public function where_in($key = NULL, $values = NULL, $escape = NULL)
{
- return $this->_where_in($key, $values);
+ return $this->_where_in($key, $values, FALSE, 'AND ', $escape);
}
// --------------------------------------------------------------------
@@ -521,9 +534,9 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
* @param array The values searched on
* @return object
*/
- public function or_where_in($key = NULL, $values = NULL)
+ public function or_where_in($key = NULL, $values = NULL, $escape = NULL)
{
- return $this->_where_in($key, $values, FALSE, 'OR ');
+ return $this->_where_in($key, $values, FALSE, 'OR ', $escape);
}
// --------------------------------------------------------------------
@@ -538,9 +551,9 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
* @param array The values searched on
* @return object
*/
- public function where_not_in($key = NULL, $values = NULL)
+ public function where_not_in($key = NULL, $values = NULL, $escape = NULL)
{
- return $this->_where_in($key, $values, TRUE);
+ return $this->_where_in($key, $values, TRUE, 'AND ', $escape);
}
// --------------------------------------------------------------------
@@ -555,9 +568,9 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
* @param array The values searched on
* @return object
*/
- public function or_where_not_in($key = NULL, $values = NULL)
+ public function or_where_not_in($key = NULL, $values = NULL, $escape = NULL)
{
- return $this->_where_in($key, $values, TRUE, 'OR ');
+ return $this->_where_in($key, $values, TRUE, 'OR ', $escape);
}
// --------------------------------------------------------------------
@@ -573,20 +586,20 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
* @param string
* @return object
*/
- protected function _where_in($key = NULL, $values = NULL, $not = FALSE, $type = 'AND ')
+ protected function _where_in($key = NULL, $values = NULL, $not = FALSE, $type = 'AND ', $escape = NULL)
{
if ($key === NULL OR $values === NULL)
{
return $this;
}
- $type = $this->_group_get_type($type);
-
if ( ! is_array($values))
{
$values = array($values);
}
+ is_bool($escape) OR $escape = $this->_protect_identifiers;
+
$not = ($not) ? ' NOT' : '';
foreach ($values as $value)
@@ -594,8 +607,13 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
$this->qb_wherein[] = $this->escape($value);
}
- $prefix = (count($this->qb_where) === 0) ? '' : $type;
- $this->qb_where[] = $where_in = $prefix.$this->protect_identifiers($key).$not.' IN ('.implode(', ', $this->qb_wherein).') ';
+ if ($escape === TRUE)
+ {
+ $key = $this->escape_identifiers(trim($key));
+ }
+
+ $prefix = (count($this->qb_where) === 0) ? $this->_group_get_type('') : $this->_group_get_type($type);
+ $this->qb_where[] = $where_in = $prefix.$key.$not.' IN ('.implode(', ', $this->qb_wherein).') ';
if ($this->qb_caching === TRUE)
{
@@ -690,8 +708,6 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
*/
protected function _like($field, $match = '', $type = 'AND ', $side = 'both', $not = '')
{
- $type = $this->_group_get_type($type);
-
if ( ! is_array($field))
{
$field = array($field => $match);
@@ -700,7 +716,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
foreach ($field as $k => $v)
{
$k = $this->protect_identifiers($k);
- $prefix = (count($this->qb_like) === 0) ? '' : $type;
+ $prefix = (count($this->qb_like) === 0) ? $this->_group_get_type('') : $this->_group_get_type($type);
$v = $this->escape_like_str($v);
if ($side === 'none')
@@ -886,7 +902,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
* @param bool
* @return object
*/
- public function having($key, $value = '', $escape = TRUE)
+ public function having($key, $value = '', $escape = NULL)
{
return $this->_having($key, $value, 'AND ', $escape);
}
@@ -903,7 +919,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
* @param bool
* @return object
*/
- public function or_having($key, $value = '', $escape = TRUE)
+ public function or_having($key, $value = '', $escape = NULL)
{
return $this->_having($key, $value, 'OR ', $escape);
}
@@ -921,21 +937,22 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
* @param bool
* @return object
*/
- protected function _having($key, $value = '', $type = 'AND ', $escape = TRUE)
+ protected function _having($key, $value = '', $type = 'AND ', $escape = NULL)
{
if ( ! is_array($key))
{
$key = array($key => $value);
}
+ is_bool($escape) OR $escape = $this->_protect_identifiers;
+
foreach ($key as $k => $v)
{
$prefix = (count($this->qb_having) === 0) ? '' : $type;
- if ($escape === TRUE)
- {
- $k = $this->protect_identifiers($k);
- }
+ $k = $this->_has_operator($k)
+ ? $this->protect_identifiers(substr($k, 0, strpos(rtrim($k), ' ')), FALSE, $escape).strchr(rtrim($k), ' ')
+ : $this->protect_identifiers($k, FALSE, $escape);
if ( ! $this->_has_operator($k))
{
@@ -968,7 +985,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
* @param bool enable field name escaping
* @return object
*/
- public function order_by($orderby, $direction = '', $escape = TRUE)
+ public function order_by($orderby, $direction = '', $escape = NULL)
{
if (strtolower($direction) === 'random')
{
@@ -980,8 +997,9 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
$direction = in_array(strtoupper(trim($direction)), array('ASC', 'DESC'), TRUE) ? ' '.$direction : ' ASC';
}
+ is_bool($escape) OR $escape = $this->_protect_identifiers;
- if ((strpos($orderby, ',') !== FALSE) && $escape === TRUE)
+ if ($escape === TRUE && strpos($orderby, ',') !== FALSE)
{
$temp = array();
foreach (explode(',', $orderby) as $part)
@@ -1028,12 +1046,8 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
*/
public function limit($value, $offset = NULL)
{
- $this->qb_limit = (int) $value;
-
- if ( ! empty($offset))
- {
- $this->qb_offset = (int) $offset;
- }
+ is_null($value) OR $this->qb_limit = (int) $value;
+ empty($offset) OR $this->qb_offset = (int) $offset;
return $this;
}
@@ -1048,21 +1062,40 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
*/
public function offset($offset)
{
- $this->qb_offset = (int) $offset;
+ empty($offset) OR $this->qb_offset = (int) $offset;
return $this;
}
// --------------------------------------------------------------------
/**
- * The "set" function. Allows key/value pairs to be set for inserting or updating
+ * Limit string
+ *
+ * Generates a platform-specific LIMIT clause
+ *
+ * @param string the sql query string
+ * @param int the number of rows to limit the query to
+ * @param int the offset value
+ * @return string
+ */
+ protected function _limit($sql, $limit, $offset)
+ {
+ return $sql.' LIMIT '.($offset ? $offset.', ' : '').$limit;
+ }
+
+ // --------------------------------------------------------------------
+
+ /**
+ * The "set" function.
+ *
+ * Allows key/value pairs to be set for inserting or updating
*
* @param mixed
* @param string
* @param bool
* @return object
*/
- public function set($key, $value = '', $escape = TRUE)
+ public function set($key, $value = '', $escape = NULL)
{
$key = $this->_object_to_array($key);
@@ -1071,16 +1104,12 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
$key = array($key => $value);
}
+ is_bool($escape) OR $escape = $this->_protect_identifiers;
+
foreach ($key as $k => $v)
{
- if ($escape === FALSE)
- {
- $this->qb_set[$this->protect_identifiers($k)] = $v;
- }
- else
- {
- $this->qb_set[$this->protect_identifiers($k, FALSE, TRUE)] = $this->escape($v);
- }
+ $this->qb_set[$this->protect_identifiers($k, FALSE, $escape)] = ($escape)
+ ? $this->escape($v) : $v;
}
return $this;
@@ -1189,7 +1218,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
* @param string the offset clause
* @return object
*/
- public function get_where($table = '', $where = null, $limit = null, $offset = null)
+ public function get_where($table = '', $where = NULL, $limit = NULL, $offset = NULL)
{
if ($table !== '')
{
@@ -1286,7 +1315,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
* @param bool
* @return object
*/
- public function set_insert_batch($key, $value = '', $escape = TRUE)
+ public function set_insert_batch($key, $value = '', $escape = NULL)
{
$key = $this->_object_to_array_batch($key);
@@ -1295,6 +1324,8 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
$key = array($key => $value);
}
+ is_bool($escape) OR $escape = $this->_protect_identifiers;
+
$keys = array_keys($this->_object_to_array(current($key)));
sort($keys);
@@ -1326,7 +1357,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
foreach ($keys as $k)
{
- $this->qb_keys[] = $this->protect_identifiers($k);
+ $this->qb_keys[] = $this->protect_identifiers($k, FALSE, $escape);
}
return $this;
@@ -1725,7 +1756,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
* @param bool
* @return object
*/
- public function set_update_batch($key, $index = '', $escape = TRUE)
+ public function set_update_batch($key, $index = '', $escape = NULL)
{
$key = $this->_object_to_array_batch($key);
@@ -1734,6 +1765,8 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
// @todo error
}
+ is_bool($escape) OR $escape = $this->_protect_identifiers;
+
foreach ($key as $k => $v)
{
$index_set = FALSE;
@@ -1745,7 +1778,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
$index_set = TRUE;
}
- $clean[$this->protect_identifiers($k2)] = ($escape === FALSE) ? $v2 : $this->escape($v2);
+ $clean[$this->protect_identifiers($k2, FALSE, $escape)] = ($escape === FALSE) ? $v2 : $this->escape($v2);
}
if ($index_set === FALSE)
diff --git a/system/database/drivers/cubrid/cubrid_driver.php b/system/database/drivers/cubrid/cubrid_driver.php
index 6b67b7546..7496ee42f 100644
--- a/system/database/drivers/cubrid/cubrid_driver.php
+++ b/system/database/drivers/cubrid/cubrid_driver.php
@@ -437,23 +437,6 @@ class CI_DB_cubrid_driver extends CI_DB {
// --------------------------------------------------------------------
/**
- * Limit string
- *
- * Generates a platform-specific LIMIT clause
- *
- * @param string the sql query string
- * @param int the number of rows to limit the query to
- * @param int the offset value
- * @return string
- */
- protected function _limit($sql, $limit, $offset)
- {
- return $sql.'LIMIT '.($offset == 0 ? '' : $offset.', ').$limit;
- }
-
- // --------------------------------------------------------------------
-
- /**
* Close DB Connection
*
* @return void
diff --git a/system/database/drivers/interbase/interbase_driver.php b/system/database/drivers/interbase/interbase_driver.php
index 5a03607ee..38d30962c 100644
--- a/system/database/drivers/interbase/interbase_driver.php
+++ b/system/database/drivers/interbase/interbase_driver.php
@@ -235,7 +235,7 @@ class CI_DB_interbase_driver extends CI_DB {
* @param int $inc_by
* @return int
*/
- public function insert_id($generator_name, $inc_by=0)
+ public function insert_id($generator_name, $inc_by = 0)
{
//If a generator hasn't been used before it will return 0
return ibase_gen_id('"'.$generator_name.'"', $inc_by);
@@ -257,7 +257,8 @@ class CI_DB_interbase_driver extends CI_DB {
if ($prefix_limit !== FALSE && $this->dbprefix !== '')
{
- return $sql.' AND "RDB$RELATION_NAME" LIKE \''.$this->escape_like_str($this->dbprefix)."%' ".sprintf($this->_like_escape_str, $this->_like_escape_chr);
+ return $sql.' AND "RDB$RELATION_NAME" LIKE \''.$this->escape_like_str($this->dbprefix)."%' "
+ .sprintf($this->_like_escape_str, $this->_like_escape_chr);
}
return $sql;
@@ -275,7 +276,7 @@ class CI_DB_interbase_driver extends CI_DB {
*/
protected function _list_columns($table = '')
{
- return 'SELECT "RDB$FIELD_NAME" FROM "RDB$RELATION_FIELDS" WHERE "RDB$RELATION_NAME" = \''.$this->escape_str($table)."'";
+ return 'SELECT "RDB$FIELD_NAME" FROM "RDB$RELATION_FIELDS" WHERE "RDB$RELATION_NAME" = '.$this->escape($table);
}
// --------------------------------------------------------------------
@@ -290,10 +291,7 @@ class CI_DB_interbase_driver extends CI_DB {
*/
protected function _field_data($table)
{
- // Need to find a more efficient way to do this
- // but Interbase/Firebird seems to lack the
- // limit clause
- return 'SELECT * FROM '.$table;
+ return $this->_limit('SELECT * FROM '.$this->protect_identifiers($table), 1, NULL);
}
// --------------------------------------------------------------------
@@ -361,7 +359,6 @@ class CI_DB_interbase_driver extends CI_DB {
.(count($orderby) > 0 ? ' ORDER BY '.implode(', ', $orderby) : '');
}
-
// --------------------------------------------------------------------
/**
@@ -421,12 +418,12 @@ class CI_DB_interbase_driver extends CI_DB {
if (stripos($this->version(), 'firebird') !== FALSE)
{
$select = 'FIRST '. (int) $limit
- .($offset > 0 ? ' SKIP '. (int) $offset : '');
+ .($offset ? ' SKIP '. (int) $offset : '');
}
else
{
$select = 'ROWS '
- .($offset > 0 ? (int) $offset.' TO '.($limit + $offset) : (int) $limit);
+ .($offset ? (int) $offset.' TO '.($limit + $offset) : (int) $limit);
}
return preg_replace('`SELECT`i', 'SELECT '.$select, $sql);
diff --git a/system/database/drivers/mssql/mssql_driver.php b/system/database/drivers/mssql/mssql_driver.php
index 47dc55844..7634be2bb 100644
--- a/system/database/drivers/mssql/mssql_driver.php
+++ b/system/database/drivers/mssql/mssql_driver.php
@@ -124,7 +124,7 @@ class CI_DB_mssql_driver extends CI_DB {
// Determine how identifiers are escaped
$query = $this->query('SELECT CASE WHEN (@@OPTIONS | 256) = @@OPTIONS THEN 1 ELSE 0 END AS qi');
$query = $query->row_array();
- $this->_quoted_identifier = empty($query) ? FALSE : (bool) $query->qi;
+ $this->_quoted_identifier = empty($query) ? FALSE : (bool) $query['qi'];
$this->_escape_char = ($this->_quoted_identifier) ? '"' : array('[', ']');
return $conn_id;
@@ -288,7 +288,7 @@ class CI_DB_mssql_driver extends CI_DB {
*/
public function insert_id()
{
- $query = (self::_parse_major_version($this->version()) > 7)
+ $query = version_compare($this->version(), '8', '>=')
? 'SELECT SCOPE_IDENTITY() AS last_id'
: 'SELECT @@IDENTITY AS last_id';
@@ -300,23 +300,6 @@ class CI_DB_mssql_driver extends CI_DB {
// --------------------------------------------------------------------
/**
- * Parse major version
- *
- * Grabs the major version number from the
- * database server version string passed in.
- *
- * @param string $version
- * @return int major version number
- */
- protected function _parse_major_version($version)
- {
- preg_match('/([0-9]+)\.([0-9]+)\.([0-9]+)/', $version, $ver_info);
- return $ver_info[1]; // return the major version b/c that's all we're interested in.
- }
-
- // --------------------------------------------------------------------
-
- /**
* Version number query string
*
* @return string
@@ -338,16 +321,17 @@ class CI_DB_mssql_driver extends CI_DB {
*/
protected function _list_tables($prefix_limit = FALSE)
{
- $sql = "SELECT name FROM sysobjects WHERE type = 'U' ORDER BY name";
+ $sql = 'SELECT '.$this->escape_identifiers('name')
+ .' FROM '.$this->escape_identifiers('sysobjects')
+ .' WHERE '.$this->escape_identifiers('type')." = 'U'";
- // for future compatibility
if ($prefix_limit !== FALSE AND $this->dbprefix !== '')
{
- //$sql .= " LIKE '".$this->escape_like_str($this->dbprefix)."%' ".sprintf($this->_like_escape_str, $this->_like_escape_chr);
- return FALSE; // not currently supported
+ $sql .= ' AND '.$this->escape_identifiers('name')." LIKE '".$this->escape_like_str($this->dbprefix)."%' "
+ .sprintf($this->_like_escape_str, $this->_like_escape_chr);
}
- return $sql;
+ return $sql.' ORDER BY '.$this->escape_identifiers('name');
}
// --------------------------------------------------------------------
@@ -377,7 +361,7 @@ class CI_DB_mssql_driver extends CI_DB {
*/
protected function _field_data($table)
{
- return 'SELECT TOP 1 * FROM '.$table;
+ return 'SELECT TOP 1 * FROM '.$this->protect_identifiers($table);
}
// --------------------------------------------------------------------
diff --git a/system/database/drivers/mysql/mysql_driver.php b/system/database/drivers/mysql/mysql_driver.php
index 8938d22b5..d11f015a6 100644
--- a/system/database/drivers/mysql/mysql_driver.php
+++ b/system/database/drivers/mysql/mysql_driver.php
@@ -64,6 +64,12 @@ class CI_DB_mysql_driver extends CI_DB {
*/
public $delete_hack = TRUE;
+ /**
+ * Constructor
+ *
+ * @param array
+ * @return void
+ */
public function __construct($params)
{
parent::__construct($params);
@@ -74,6 +80,8 @@ class CI_DB_mysql_driver extends CI_DB {
}
}
+ // --------------------------------------------------------------------
+
/**
* Non-persistent database connection
*
@@ -335,7 +343,7 @@ class CI_DB_mysql_driver extends CI_DB {
*/
protected function _list_tables($prefix_limit = FALSE)
{
- $sql = 'SHOW TABLES FROM '.$this->_escape_char.$this->database.$this->_escape_char;
+ $sql = 'SHOW TABLES FROM '.$this->escape_identifiers($this->database);
if ($prefix_limit !== FALSE && $this->dbprefix !== '')
{
@@ -355,7 +363,7 @@ class CI_DB_mysql_driver extends CI_DB {
* @param string the table name
* @return string
*/
- public function _list_columns($table = '')
+ protected function _list_columns($table = '')
{
return 'SHOW COLUMNS FROM '.$this->protect_identifiers($table, TRUE, NULL, FALSE);
}
@@ -453,23 +461,6 @@ class CI_DB_mysql_driver extends CI_DB {
// --------------------------------------------------------------------
/**
- * Limit string
- *
- * Generates a platform-specific LIMIT clause
- *
- * @param string the sql query string
- * @param int the number of rows to limit the query to
- * @param int the offset value
- * @return string
- */
- protected function _limit($sql, $limit, $offset)
- {
- return $sql.' LIMIT '.($offset == 0 ? '' : $offset.', ').$limit;
- }
-
- // --------------------------------------------------------------------
-
- /**
* Close DB Connection
*
* @return void
diff --git a/system/database/drivers/mysql/mysql_forge.php b/system/database/drivers/mysql/mysql_forge.php
index d22454d84..2ac75bad2 100644
--- a/system/database/drivers/mysql/mysql_forge.php
+++ b/system/database/drivers/mysql/mysql_forge.php
@@ -62,7 +62,7 @@ class CI_DB_mysql_forge extends CI_DB_forge {
$sql .= "\n\t".$this->db->escape_identifiers($field);
- empty($attributes['NAME']) OR ' '.$this->db->escape_identifiers($attributes['NAME']).' ';
+ empty($attributes['NAME']) OR $sql .= ' '.$this->db->escape_identifiers($attributes['NAME']).' ';
if ( ! empty($attributes['TYPE']))
{
diff --git a/system/database/drivers/mysqli/mysqli_driver.php b/system/database/drivers/mysqli/mysqli_driver.php
index d3fb77a22..d1581bf1a 100644
--- a/system/database/drivers/mysqli/mysqli_driver.php
+++ b/system/database/drivers/mysqli/mysqli_driver.php
@@ -335,7 +335,7 @@ class CI_DB_mysqli_driver extends CI_DB {
*/
protected function _list_tables($prefix_limit = FALSE)
{
- $sql = 'SHOW TABLES FROM '.$this->_escape_char.$this->database.$this->_escape_char;
+ $sql = 'SHOW TABLES FROM '.$this->escape_identifiers($this->database);
if ($prefix_limit !== FALSE && $this->dbprefix !== '')
{
@@ -455,24 +455,6 @@ class CI_DB_mysqli_driver extends CI_DB {
// --------------------------------------------------------------------
/**
- * Limit string
- *
- * Generates a platform-specific LIMIT clause
- *
- * @param string the sql query string
- * @param int the number of rows to limit the query to
- * @param int the offset value
- * @return string
- */
- protected function _limit($sql, $limit, $offset)
- {
- return $sql.' LIMIT '.$limit
- .($offset > 0 ? ' OFFSET '.$offset : '');
- }
-
- // --------------------------------------------------------------------
-
- /**
* Close DB Connection
*
* @return void
diff --git a/system/database/drivers/oci8/oci8_driver.php b/system/database/drivers/oci8/oci8_driver.php
index e78091614..67bb0403b 100644
--- a/system/database/drivers/oci8/oci8_driver.php
+++ b/system/database/drivers/oci8/oci8_driver.php
@@ -66,6 +66,8 @@ class CI_DB_oci8_driver extends CI_DB {
protected $_count_string = 'SELECT COUNT(1) AS ';
protected $_random_keyword = ' ASC'; // not currently supported
+ protected $_reserved_identifiers = array('*', 'rownum');
+
// Set "auto commit" by default
public $commit_mode = OCI_COMMIT_ON_SUCCESS;
@@ -464,11 +466,12 @@ class CI_DB_oci8_driver extends CI_DB {
*/
protected function _list_tables($prefix_limit = FALSE)
{
- $sql = 'SELECT TABLE_NAME FROM ALL_TABLES';
+ $sql = 'SELECT "TABLE_NAME" FROM "ALL_TABLES"';
if ($prefix_limit !== FALSE && $this->dbprefix !== '')
{
- return $sql." WHERE TABLE_NAME LIKE '".$this->escape_like_str($this->dbprefix)."%' ".sprintf($this->_like_escape_str, $this->_like_escape_chr);
+ return $sql.' WHERE "TABLE_NAME" LIKE \''.$this->escape_like_str($this->dbprefix)."%' "
+ .sprintf($this->_like_escape_str, $this->_like_escape_chr);
}
return $sql;
@@ -486,7 +489,7 @@ class CI_DB_oci8_driver extends CI_DB {
*/
protected function _list_columns($table = '')
{
- return 'SELECT COLUMN_NAME FROM all_tab_columns WHERE table_name = \''.$table.'\'';
+ return 'SELECT "COLUMN_NAME" FROM "all_tab_columns" WHERE "TABLE_NAME" = '.$this->escape($table);
}
// --------------------------------------------------------------------
@@ -501,7 +504,7 @@ class CI_DB_oci8_driver extends CI_DB {
*/
protected function _field_data($table)
{
- return 'SELECT * FROM '.$table.' WHERE rownum = 1';
+ return 'SELECT * FROM '.$this->protect_identifiers($table).' WHERE rownum = 1';
}
// --------------------------------------------------------------------
@@ -634,7 +637,7 @@ class CI_DB_oci8_driver extends CI_DB {
{
$this->limit_used = TRUE;
return 'SELECT * FROM (SELECT inner_query.*, rownum rnum FROM ('.$sql.') inner_query WHERE rownum < '.($offset + $limit).')'
- .($offset !== 0 ? ' WHERE rnum >= '.$offset : '');
+ .($offset ? ' WHERE rnum >= '.$offset : '');
}
// --------------------------------------------------------------------
diff --git a/system/database/drivers/odbc/odbc_driver.php b/system/database/drivers/odbc/odbc_driver.php
index 222c311c0..bd5759289 100644
--- a/system/database/drivers/odbc/odbc_driver.php
+++ b/system/database/drivers/odbc/odbc_driver.php
@@ -331,23 +331,6 @@ class CI_DB_odbc_driver extends CI_DB {
// --------------------------------------------------------------------
/**
- * Limit string
- *
- * Generates a platform-specific LIMIT clause
- *
- * @param string the sql query string
- * @param int the number of rows to limit the query to
- * @param int the offset value
- * @return string
- */
- protected function _limit($sql, $limit, $offset)
- {
- return $sql.($offset == 0 ? '' : $offset.', ').$limit;
- }
-
- // --------------------------------------------------------------------
-
- /**
* Close DB Connection
*
* @return void
diff --git a/system/database/drivers/pdo/pdo_driver.php b/system/database/drivers/pdo/pdo_driver.php
index e25013a52..a3ad46900 100644
--- a/system/database/drivers/pdo/pdo_driver.php
+++ b/system/database/drivers/pdo/pdo_driver.php
@@ -599,19 +599,12 @@ class CI_DB_pdo_driver extends CI_DB {
*/
protected function _limit($sql, $limit, $offset)
{
- if ($this->pdodriver === 'cubrid' OR $this->pdodriver === 'sqlite')
+ if ($this->pdodriver === 'pgsql')
{
- $offset = ($offset == 0) ? '' : $offset.', ';
-
- return $sql.'LIMIT '.$offset.$limit;
+ return $sql.' LIMIT '.$limit.($offset ? ' OFFSET '.$offset : '');
}
- else
- {
- $sql .= 'LIMIT '.$limit;
- $sql .= ($offset > 0) ? ' OFFSET '.$offset : '';
- return $sql;
- }
+ return $sql.' LIMIT '.($offset ? $offset.', ' : '').$limit;
}
}
diff --git a/system/database/drivers/postgre/postgre_driver.php b/system/database/drivers/postgre/postgre_driver.php
index ad9ac9000..e73122bc7 100644
--- a/system/database/drivers/postgre/postgre_driver.php
+++ b/system/database/drivers/postgre/postgre_driver.php
@@ -399,11 +399,13 @@ class CI_DB_postgre_driver extends CI_DB {
*/
protected function _list_tables($prefix_limit = FALSE)
{
- $sql = "SELECT table_name FROM information_schema.tables WHERE table_schema = 'public'";
+ $sql = 'SELECT "table_name" FROM "information_schema"."tables" WHERE "table_schema" = \'public\'';
if ($prefix_limit !== FALSE && $this->dbprefix !== '')
{
- return $sql." AND table_name LIKE '".$this->escape_like_str($this->dbprefix)."%' ".sprintf($this->_like_escape_str, $this->_like_escape_chr);
+ return $sql.' AND "table_name" LIKE \''
+ .$this->escape_like_str($this->dbprefix)."%' "
+ .sprintf($this->_like_escape_str, $this->_like_escape_chr);
}
return $sql;
@@ -421,7 +423,7 @@ class CI_DB_postgre_driver extends CI_DB {
*/
protected function _list_columns($table = '')
{
- return "SELECT column_name FROM information_schema.columns WHERE table_name = '".$table."'";
+ return 'SELECT "column_name" FROM "information_schema"."columns" WHERE "table_name" = '.$this->escape($table);
}
// --------------------------------------------------------------------
@@ -580,7 +582,7 @@ class CI_DB_postgre_driver extends CI_DB {
*/
protected function _limit($sql, $limit, $offset)
{
- return $sql.' LIMIT '.$limit.($offset == 0 ? '' : ' OFFSET '.$offset);
+ return $sql.' LIMIT '.$limit.($offset ? ' OFFSET '.$offset : '');
}
// --------------------------------------------------------------------
@@ -593,31 +595,31 @@ class CI_DB_postgre_driver extends CI_DB {
* @param mixed
* @param mixed
* @param string
+ * @param mixed
* @return object
- *
*/
protected function _where($key, $value = NULL, $type = 'AND ', $escape = NULL)
{
- $type = $this->_group_get_type($type);
-
if ( ! is_array($key))
{
$key = array($key => $value);
}
// If the escape value was not set will will base it on the global setting
- if ( ! is_bool($escape))
- {
- $escape = $this->_protect_identifiers;
- }
+ is_bool($escape) OR $escape = $this->_protect_identifiers;
foreach ($key as $k => $v)
{
- $prefix = (count($this->qb_where) === 0 && count($this->qb_cache_where) === 0) ? '' : $type;
+ $prefix = (count($this->qb_where) === 0 && count($this->qb_cache_where) === 0)
+ ? $this->_group_get_type('')
+ : $this->_group_get_type($type);
- $k = $this->_has_operator($k)
- ? $this->protect_identifiers(substr($k, 0, strpos(rtrim($k), ' ')), FALSE, $escape).strchr(rtrim($k), ' ')
- : $this->protect_identifiers($k, FALSE, $escape);
+ if ($escape === TRUE)
+ {
+ $k = (($op = $this->_get_operator($k)) !== FALSE)
+ ? $this->escape_identifiers(trim(substr($k, 0, strpos($k, $op)))).' '.strstr($k, $op)
+ : $this->escape_identifiers(trim($k));
+ }
if (is_null($v) && ! $this->_has_operator($k))
{
diff --git a/system/database/drivers/sqlite/sqlite_driver.php b/system/database/drivers/sqlite/sqlite_driver.php
index 3305f6030..87be7a54a 100644
--- a/system/database/drivers/sqlite/sqlite_driver.php
+++ b/system/database/drivers/sqlite/sqlite_driver.php
@@ -360,23 +360,6 @@ class CI_DB_sqlite_driver extends CI_DB {
// --------------------------------------------------------------------
/**
- * Limit string
- *
- * Generates a platform-specific LIMIT clause
- *
- * @param string the sql query string
- * @param int the number of rows to limit the query to
- * @param int the offset value
- * @return string
- */
- protected function _limit($sql, $limit, $offset)
- {
- return $sql.'LIMIT '.($offset == 0 ? '' : $offset.', ').$limit;
- }
-
- // --------------------------------------------------------------------
-
- /**
* Close DB Connection
*
* @return void
diff --git a/system/database/drivers/sqlite3/sqlite3_driver.php b/system/database/drivers/sqlite3/sqlite3_driver.php
index bed61891b..1c6533f22 100644
--- a/system/database/drivers/sqlite3/sqlite3_driver.php
+++ b/system/database/drivers/sqlite3/sqlite3_driver.php
@@ -353,23 +353,6 @@ class CI_DB_sqlite3_driver extends CI_DB {
// --------------------------------------------------------------------
/**
- * Limit string
- *
- * Generates a platform-specific LIMIT clause
- *
- * @param string the sql query string
- * @param int the number of rows to limit the query to
- * @param int the offset value
- * @return string
- */
- protected function _limit($sql, $limit, $offset)
- {
- return $sql.' LIMIT '.($offset ? $offset.',' : '').$limit;
- }
-
- // --------------------------------------------------------------------
-
- /**
* Close DB Connection
*
* @return void
diff --git a/system/database/drivers/sqlsrv/sqlsrv_driver.php b/system/database/drivers/sqlsrv/sqlsrv_driver.php
index 825c02452..4fdc4aae0 100644
--- a/system/database/drivers/sqlsrv/sqlsrv_driver.php
+++ b/system/database/drivers/sqlsrv/sqlsrv_driver.php
@@ -91,7 +91,7 @@ class CI_DB_sqlsrv_driver extends CI_DB {
// Determine how identifiers are escaped
$query = $this->query('SELECT CASE WHEN (@@OPTIONS | 256) = @@OPTIONS THEN 1 ELSE 0 END AS qi');
$query = $query->row_array();
- $this->_quoted_identifier = empty($query) ? FALSE : (bool) $query->qi;
+ $this->_quoted_identifier = empty($query) ? FALSE : (bool) $query['qi'];
$this->_escape_char = ($this->_quoted_identifier) ? '"' : array('[', ']');
return $conn_id;
@@ -284,7 +284,17 @@ class CI_DB_sqlsrv_driver extends CI_DB {
*/
protected function _list_tables($prefix_limit = FALSE)
{
- return "SELECT name FROM sysobjects WHERE type = 'U' ORDER BY name";
+ $sql = 'SELECT '.$this->escape_identifiers('name')
+ .' FROM '.$this->escape_identifiers('sysobjects')
+ .' WHERE '.$this->escape_identifiers('type')." = 'U'";
+
+ if ($prefix_limit === TRUE && $this->dbprefix !== '')
+ {
+ $sql .= ' AND '.$this->escape_identifiers('name')." LIKE '".$this->escape_like_str($this->dbprefix)."%' "
+ .sprintf($this->_escape_like_str, $this->_escape_like_chr);
+ }
+
+ return $sql.' ORDER BY '.$this->escape_identifiers('name');
}
// --------------------------------------------------------------------
@@ -314,7 +324,7 @@ class CI_DB_sqlsrv_driver extends CI_DB {
*/
protected function _field_data($table)
{
- return 'SELECT TOP 1 * FROM '.$table;
+ return 'SELECT TOP 1 * FROM '.$this->protect_identifiers($table);
}
// --------------------------------------------------------------------
diff --git a/system/helpers/date_helper.php b/system/helpers/date_helper.php
index d5036f645..fc790c585 100644
--- a/system/helpers/date_helper.php
+++ b/system/helpers/date_helper.php
@@ -93,8 +93,10 @@ if ( ! function_exists('mdate'))
{
return '';
}
-
- $time = ($time === '') ? now() : $time;
+ elseif (empty($time))
+ {
+ $time = now();
+ }
$datestr = str_replace(
'%\\',
@@ -122,24 +124,19 @@ if ( ! function_exists('standard_date'))
function standard_date($fmt = 'DATE_RFC822', $time = '')
{
$formats = array(
- 'DATE_ATOM' => '%Y-%m-%dT%H:%i:%s%O',
- 'DATE_COOKIE' => '%l, %d-%M-%y %H:%i:%s UTC',
- 'DATE_ISO8601' => '%Y-%m-%dT%H:%i:%s%O',
- 'DATE_RFC822' => '%D, %d %M %y %H:%i:%s %O',
- 'DATE_RFC850' => '%l, %d-%M-%y %H:%i:%s UTC',
- 'DATE_RFC1036' => '%D, %d %M %y %H:%i:%s %O',
- 'DATE_RFC1123' => '%D, %d %M %Y %H:%i:%s %O',
- 'DATE_RFC2822' => '%D, %d %M %Y %H:%i:%s %O',
- 'DATE_RSS' => '%D, %d %M %Y %H:%i:%s %O',
- 'DATE_W3C' => '%Y-%m-%dT%H:%i:%s%O'
- );
-
- if ( ! isset($formats[$fmt]))
- {
- return FALSE;
- }
-
- return mdate($formats[$fmt], $time);
+ 'DATE_ATOM' => '%Y-%m-%dT%H:%i:%s%O',
+ 'DATE_COOKIE' => '%l, %d-%M-%y %H:%i:%s UTC',
+ 'DATE_ISO8601' => '%Y-%m-%dT%H:%i:%s%O',
+ 'DATE_RFC822' => '%D, %d %M %y %H:%i:%s %O',
+ 'DATE_RFC850' => '%l, %d-%M-%y %H:%i:%s UTC',
+ 'DATE_RFC1036' => '%D, %d %M %y %H:%i:%s %O',
+ 'DATE_RFC1123' => '%D, %d %M %Y %H:%i:%s %O',
+ 'DATE_RFC2822' => '%D, %d %M %Y %H:%i:%s %O',
+ 'DATE_RSS' => '%D, %d %M %Y %H:%i:%s %O',
+ 'DATE_W3C' => '%Y-%m-%dT%H:%i:%s%O'
+ );
+
+ return isset($formats[$fmt]) ? mdate($formats[$fmt], $time) : FALSE;
}
}
@@ -163,20 +160,9 @@ if ( ! function_exists('timespan'))
$CI =& get_instance();
$CI->lang->load('date');
- if ( ! is_numeric($seconds))
- {
- $seconds = 1;
- }
-
- if ( ! is_numeric($time))
- {
- $time = time();
- }
-
- if ( ! is_numeric($units))
- {
- $units = 7;
- }
+ is_numeric($seconds) OR $seconds = 1;
+ is_numeric($time) OR $time = time();
+ is_numeric($units) OR $units = 7;
$seconds = ($time <= $seconds) ? 1 : $time - $seconds;
@@ -185,7 +171,7 @@ if ( ! function_exists('timespan'))
if ($years > 0)
{
- $str[] = $years.' '.$CI->lang->line((($years > 1) ? 'date_years' : 'date_year'));
+ $str[] = $years.' '.$CI->lang->line($years > 1 ? 'date_years' : 'date_year');
}
$seconds -= $years * 31557600;
@@ -195,7 +181,7 @@ if ( ! function_exists('timespan'))
{
if ($months > 0)
{
- $str[] = $months.' '.$CI->lang->line((($months > 1) ? 'date_months' : 'date_month'));
+ $str[] = $months.' '.$CI->lang->line($months > 1 ? 'date_months' : 'date_month');
}
$seconds -= $months * 2629743;
@@ -207,7 +193,7 @@ if ( ! function_exists('timespan'))
{
if ($weeks > 0)
{
- $str[] = $weeks.' '.$CI->lang->line((($weeks > 1) ? 'date_weeks' : 'date_week'));
+ $str[] = $weeks.' '.$CI->lang->line($weeks > 1 ? 'date_weeks' : 'date_week');
}
$seconds -= $weeks * 604800;
@@ -219,7 +205,7 @@ if ( ! function_exists('timespan'))
{
if ($days > 0)
{
- $str[] = $days.' '.$CI->lang->line((($days > 1) ? 'date_days' : 'date_day'));
+ $str[] = $days.' '.$CI->lang->line($days > 1 ? 'date_days' : 'date_day');
}
$seconds -= $days * 86400;
@@ -231,7 +217,7 @@ if ( ! function_exists('timespan'))
{
if ($hours > 0)
{
- $str[] = $hours.' '.$CI->lang->line((($hours > 1) ? 'date_hours' : 'date_hour'));
+ $str[] = $hours.' '.$CI->lang->line($hours > 1 ? 'date_hours' : 'date_hour');
}
$seconds -= $hours * 3600;
@@ -243,7 +229,7 @@ if ( ! function_exists('timespan'))
{
if ($minutes > 0)
{
- $str[] = $minutes.' '.$CI->lang->line((($minutes > 1) ? 'date_minutes' : 'date_minute'));
+ $str[] = $minutes.' '.$CI->lang->line($minutes > 1 ? 'date_minutes' : 'date_minute');
}
$seconds -= $minutes * 60;
@@ -251,7 +237,7 @@ if ( ! function_exists('timespan'))
if (count($str) === 0)
{
- $str[] = $seconds.' '.$CI->lang->line((($seconds > 1) ? 'date_seconds' : 'date_second'));
+ $str[] = $seconds.' '.$CI->lang->line($seconds > 1 ? 'date_seconds' : 'date_second');
}
return implode(', ', $str);
@@ -278,12 +264,16 @@ if ( ! function_exists('days_in_month'))
{
return 0;
}
-
- if ( ! is_numeric($year) OR strlen($year) !== 4)
+ elseif ( ! is_numeric($year) OR strlen($year) !== 4)
{
$year = date('Y');
}
+ if ($year >= 1970)
+ {
+ return (int) date('t', mktime(12, 0, 0, $month, 1, $year));
+ }
+
if ($month == 2)
{
if ($year % 400 === 0 OR ($year % 4 === 0 && $year % 100 !== 0))
@@ -314,13 +304,13 @@ if ( ! function_exists('local_to_gmt'))
$time = time();
}
- return gmmktime(
- date('H', $time),
- date('i', $time),
- date('s', $time),
- date('m', $time),
- date('d', $time),
- date('Y', $time)
+ return mktime(
+ gmdate('G', $time),
+ gmdate('i', $time),
+ gmdate('s', $time),
+ gmdate('n', $time),
+ gmdate('j', $time),
+ gmdate('Y', $time)
);
}
}
@@ -350,12 +340,7 @@ if ( ! function_exists('gmt_to_local'))
$time += timezones($timezone) * 3600;
- if ($dst === TRUE)
- {
- $time += 3600;
- }
-
- return $time;
+ return ($dst === TRUE) ? $time + 3600 : $time;
}
}
@@ -405,7 +390,7 @@ if ( ! function_exists('unix_to_human'))
*/
function unix_to_human($time = '', $seconds = FALSE, $fmt = 'us')
{
- $r = date('Y', $time).'-'.date('m', $time).'-'.date('d', $time).' ';
+ $r = date('Y', $time).'-'.date('m', $time).'-'.date('d', $time).' ';
if ($fmt === 'us')
{
@@ -423,7 +408,7 @@ if ( ! function_exists('unix_to_human'))
if ($fmt === 'us')
{
- $r .= ' '.date('A', $time);
+ return $r.' '.date('A', $time);
}
return $r;
@@ -451,51 +436,33 @@ if ( ! function_exists('human_to_unix'))
$datestr = preg_replace('/\040+/', ' ', trim($datestr));
- if ( ! preg_match('/^[0-9]{2,4}\-[0-9]{1,2}\-[0-9]{1,2}\s[0-9]{1,2}:[0-9]{1,2}(?::[0-9]{1,2})?(?:\s[AP]M)?$/i', $datestr))
+ if ( ! preg_match('/^(\d{2}|\d{4})\-[0-9]{1,2}\-[0-9]{1,2}\s[0-9]{1,2}:[0-9]{1,2}(?::[0-9]{1,2})?(?:\s[AP]M)?$/i', $datestr))
{
return FALSE;
}
$split = explode(' ', $datestr);
- $ex = explode('-', $split['0']);
-
- $year = (strlen($ex[0]) === 2) ? '20'.$ex[0] : $ex[0];
- $month = (strlen($ex[1]) === 1) ? '0'.$ex[1] : $ex[1];
- $day = (strlen($ex[2]) === 1) ? '0'.$ex[2] : $ex[2];
+ list($year, $month, $day) = explode('-', $split[0]);
$ex = explode(':', $split['1']);
- $hour = (strlen($ex[0]) === 1) ? '0'.$ex[0] : $ex[0];
- $min = (strlen($ex[1]) === 1) ? '0'.$ex[1] : $ex[1];
-
- if (isset($ex[2]) && preg_match('/[0-9]{1,2}/', $ex[2]))
- {
- $sec = (strlen($ex[2]) === 1) ? '0'.$ex[2] : $ex[2];
- }
- else
- {
- // Unless specified, seconds get set to zero.
- $sec = '00';
- }
+ $hour = (int) $ex[0];
+ $min = (int) $ex[1];
+ $sec = ( ! empty($ex[2]) && preg_match('/[0-9]{1,2}/', $ex[2]))
+ ? (int) $ex[2] : 0;
if (isset($split[2]))
{
$ampm = strtolower($split[2]);
- if (substr($ampm, 0, 1) === 'p' && $hour < 12)
+ if ($ampm[0] === 'p' && $hour < 12)
{
$hour += 12;
}
-
- if (substr($ampm, 0, 1) === 'a' && $hour == 12)
- {
- $hour = '00';
- }
-
- if (strlen($hour) === 1)
+ elseif ($ampm[0] === 'a' && $hour === 12)
{
- $hour = '0'.$hour;
+ $hour = 0;
}
}
@@ -521,9 +488,13 @@ if ( ! function_exists('nice_date'))
{
return 'Unknown';
}
+ elseif (empty($format))
+ {
+ $format = 'U';
+ }
// Date like: YYYYMM
- if (preg_match('/^\d{6}$/', $bad_date))
+ if (preg_match('/^\d{6}$/i', $bad_date))
{
if (in_array(substr($bad_date, 0, 2), array('19', '20')))
{
@@ -540,20 +511,15 @@ if ( ! function_exists('nice_date'))
}
// Date Like: YYYYMMDD
- if (preg_match('/^\d{8}$/', $bad_date))
+ if (preg_match('/^(\d{2})\d{2}(\d{4})$/i', $bad_date, $matches))
{
- $month = substr($bad_date, 0, 2);
- $day = substr($bad_date, 2, 2);
- $year = substr($bad_date, 4, 4);
-
- return date($format, strtotime($month.'/01/'.$year));
+ return date($format, strtotime($matches[1].'/01/'.$matches[2]));
}
// Date Like: MM-DD-YYYY __or__ M-D-YYYY (or anything in between)
- if (preg_match('/^\d{1,2}-\d{1,2}-\d{4}$/', $bad_date))
+ if (preg_match('/^(\d{1,2})-(\d{1,2})-(\d{4})$/i', $bad_date, $matches))
{
- list($m, $d, $y) = explode('-', $bad_date);
- return date($format, strtotime($y.'-'.$m.'-'.$d));
+ return date($format, strtotime($matches[3].'-'.$matches[1].'-'.$matches[2]));
}
// Any other kind of string, when converted into UNIX time,
@@ -581,9 +547,10 @@ if ( ! function_exists('timezone_menu'))
* @param string timezone
* @param string classname
* @param string menu name
+ * @param mixed attributes
* @return string
*/
- function timezone_menu($default = 'UTC', $class = '', $name = 'timezones')
+ function timezone_menu($default = 'UTC', $class = '', $name = 'timezones', $attributes = '')
{
$CI =& get_instance();
$CI->lang->load('date');
@@ -597,7 +564,22 @@ if ( ! function_exists('timezone_menu'))
$menu .= ' class="'.$class.'"';
}
- $menu .= ">\n";
+ // Generate a string from the attributes submitted, if any
+ if (is_array($attributes))
+ {
+ $atts = '';
+ foreach ($attributes as $key => $val)
+ {
+ $atts .= ' '.$key.'="'.$val.'"';
+ }
+ $attributes = $atts;
+ }
+ elseif (is_string($attributes) && strlen($attributes) > 0)
+ {
+ $attributes = ' '.$attributes;
+ }
+
+ $menu .= $attributes.">\n";
foreach (timezones() as $key => $val)
{
@@ -675,8 +657,6 @@ if ( ! function_exists('timezones'))
return $zones;
}
- $tz = ($tz === 'GMT') ? 'UTC' : $tz;
-
return isset($zones[$tz]) ? $zones[$tz] : 0;
}
}
diff --git a/system/helpers/download_helper.php b/system/helpers/download_helper.php
index 5efbc4930..09c4de578 100644
--- a/system/helpers/download_helper.php
+++ b/system/helpers/download_helper.php
@@ -46,7 +46,7 @@ if ( ! function_exists('force_download'))
*
* @param string filename
* @param mixed the data to be downloaded
- * @param bool wether to try and send the actual file MIME type
+ * @param bool whether to try and send the actual file MIME type
* @return void
*/
function force_download($filename = '', $data = '', $set_mime = FALSE)
diff --git a/system/helpers/file_helper.php b/system/helpers/file_helper.php
index be616f62d..7270ee32c 100644
--- a/system/helpers/file_helper.php
+++ b/system/helpers/file_helper.php
@@ -47,6 +47,7 @@ if ( ! function_exists('read_file'))
* This function is DEPRECATED and should be removed in
* CodeIgniter 3.1+. Use file_get_contents() instead.
*
+ * @deprecated
* @param string path to file
* @return string
*/
diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php
index 984634315..0c5d55037 100644
--- a/system/helpers/form_helper.php
+++ b/system/helpers/form_helper.php
@@ -62,9 +62,11 @@ if ( ! function_exists('form_open'))
{
$action = $CI->config->site_url($action);
}
-
- // If no action is provided then set to the current url
- $action OR $action = $CI->config->site_url($CI->uri->uri_string());
+ elseif ( ! $action)
+ {
+ // If no action is provided then set to the current url
+ $action = $CI->config->site_url($CI->uri->uri_string());
+ }
$form = '<form action="'.$action.'"'._attributes_to_string($attributes, TRUE).">\n";
@@ -76,7 +78,7 @@ if ( ! function_exists('form_open'))
if (is_array($hidden) && count($hidden) > 0)
{
- $form .= sprintf('<div style="display:none;">%s</div>', form_hidden($hidden));
+ $form .= '<div style="display:none;">'.form_hidden($hidden).'</div>';
}
return $form;
diff --git a/system/helpers/security_helper.php b/system/helpers/security_helper.php
index 3e6e91435..0e8e9f93d 100644
--- a/system/helpers/security_helper.php
+++ b/system/helpers/security_helper.php
@@ -80,6 +80,7 @@ if ( ! function_exists('do_hash'))
* This function is DEPRECATED and should be removed in
* CodeIgniter 3.1+. Use hash() instead.
*
+ * @deprecated
* @param string
* @param string
* @return string
@@ -107,7 +108,8 @@ if ( ! function_exists('strip_image_tags'))
*/
function strip_image_tags($str)
{
- return preg_replace(array('#<img\s+.*?src\s*=\s*["\'](.+?)["\'].*?\>#', '#<img\s+.*?src\s*=\s*(.+?).*?\>#'), '\\1', $str);
+ $CI =& get_instance();
+ return $CI->security->strip_image_tags($str);
}
}
@@ -123,7 +125,7 @@ if ( ! function_exists('encode_php_tags'))
*/
function encode_php_tags($str)
{
- return str_replace(array('<?php', '<?PHP', '<?', '?>'), array('&lt;?php', '&lt;?PHP', '&lt;?', '?&gt;'), $str);
+ return str_replace(array('<?', '?>'), array('&lt;?', '?&gt;'), $str);
}
}
diff --git a/system/helpers/url_helper.php b/system/helpers/url_helper.php
index 2bd41b04d..39e6343a6 100644
--- a/system/helpers/url_helper.php
+++ b/system/helpers/url_helper.php
@@ -199,26 +199,33 @@ if ( ! function_exists('anchor_popup'))
if ($attributes === FALSE)
{
- return '<a href="javascript:void(0);" onclick="window.open(\''.$site_url."', '_blank');\">".$title.'</a>';
+ return '<a href="'.$site_url.'" onclick="window.open(\''.$site_url."', '_blank'); return false;\">".$title.'</a>';
}
if ( ! is_array($attributes))
{
- $attributes = array();
+ $attributes = array($attributes);
+
+ // Ref: http://www.w3schools.com/jsref/met_win_open.asp
+ $window_name = '_blank';
+ }
+ elseif ( ! empty($attributes['window_name']))
+ {
+ $window_name = $attributes['window_name'];
+ unset($attributes['window_name']);
}
- foreach (array('width' => '800', 'height' => '600', 'scrollbars' => 'yes', 'status' => 'yes', 'resizable' => 'yes', 'screenx' => '0', 'screeny' => '0', ) as $key => $val)
+ foreach (array('width' => '800', 'height' => '600', 'scrollbars' => 'yes', 'status' => 'yes', 'resizable' => 'yes', 'screenx' => '0', 'screeny' => '0') as $key => $val)
{
$atts[$key] = isset($attributes[$key]) ? $attributes[$key] : $val;
unset($attributes[$key]);
}
- if ($attributes !== '')
- {
- $attributes = _parse_attributes($attributes);
- }
+ $attributes = empty($attributes) ? '' : _parse_attributes($attributes);
- return '<a href="javascript:void(0);" onclick="window.open(\''.$site_url."', '_blank', '"._parse_attributes($atts, TRUE)."');\"".$attributes.'>'.$title.'</a>';
+ return '<a href="'.$site_url
+ .'" onclick="window.open(\''.$site_url."', '".$window_name."', '"._parse_attributes($atts, TRUE)."'); return false;\""
+ .$attributes.'>'.$title.'</a>';
}
}
@@ -519,7 +526,7 @@ if ( ! function_exists('redirect'))
* @param int
* @return string
*/
- function redirect($uri = '', $method = 'auto', $http_response_code = 302)
+ function redirect($uri = '', $method = 'auto', $code = NULL)
{
if ( ! preg_match('#^https?://#i', $uri))
{
@@ -531,14 +538,22 @@ if ( ! function_exists('redirect'))
{
$method = 'refresh';
}
+ elseif ($method !== 'refresh' && (empty($code) OR ! is_numeric($code)))
+ {
+ // Reference: http://en.wikipedia.org/wiki/Post/Redirect/Get
+ $code = (isset($_SERVER['REQUEST_METHOD'], $_SERVER['SERVER_PROTOCOL'])
+ && $_SERVER['REQUEST_METHOD'] === 'POST'
+ && $_SERVER['SERVER_PROTOCOL'] === 'HTTP/1.1')
+ ? 303 : 302;
+ }
- switch($method)
+ switch ($method)
{
case 'refresh':
header('Refresh:0;url='.$uri);
break;
default:
- header('Location: '.$uri, TRUE, $http_response_code);
+ header('Location: '.$uri, TRUE, $code);
break;
}
exit;
diff --git a/system/language/english/migration_lang.php b/system/language/english/migration_lang.php
index 9e3e18807..af920660c 100644
--- a/system/language/english/migration_lang.php
+++ b/system/language/english/migration_lang.php
@@ -26,7 +26,7 @@
*/
$lang['migration_none_found'] = "No migrations were found.";
-$lang['migration_not_found'] = "This migration could not be found.";
+$lang['migration_not_found'] = "No migration could be found with the version number: %d.";
$lang['migration_multiple_version'] = "This are multiple migrations with the same version number: %d.";
$lang['migration_class_doesnt_exist'] = "The migration class \"%s\" could not be found.";
$lang['migration_missing_up_method'] = "The migration class \"%s\" is missing an 'up' method.";
diff --git a/system/libraries/Cache/drivers/Cache_file.php b/system/libraries/Cache/drivers/Cache_file.php
index 08231963e..37d77c268 100644
--- a/system/libraries/Cache/drivers/Cache_file.php
+++ b/system/libraries/Cache/drivers/Cache_file.php
@@ -73,7 +73,7 @@ class CI_Cache_file extends CI_Driver {
$data = unserialize(file_get_contents($this->_cache_path.$id));
- if (time() > $data['time'] + $data['ttl'])
+ if ($data['ttl'] > 0 && time() > $data['time'] + $data['ttl'])
{
unlink($this->_cache_path.$id);
return FALSE;
diff --git a/system/libraries/Calendar.php b/system/libraries/Calendar.php
index 969a7610a..a49f171b9 100644
--- a/system/libraries/Calendar.php
+++ b/system/libraries/Calendar.php
@@ -155,7 +155,7 @@ class CI_Calendar {
public function generate($year = '', $month = '', $data = array())
{
// Set and validate the supplied month/year
- if ($year === '')
+ if (empty($year))
{
$year = date('Y', $this->local_time);
}
@@ -168,7 +168,7 @@ class CI_Calendar {
$year = '20'.$year;
}
- if ($month === '')
+ if (empty($month))
{
$month = date('m', $this->local_time);
}
diff --git a/system/libraries/Email.php b/system/libraries/Email.php
index 09f217530..dd5477e05 100644
--- a/system/libraries/Email.php
+++ b/system/libraries/Email.php
@@ -247,7 +247,7 @@ class CI_Email {
$name = $replyto;
}
- if (strncmp($name, '"', 1) !== 0)
+ if (strpos($name, '"') !== 0)
{
$name = '"'.$name.'"';
}
@@ -606,7 +606,7 @@ class CI_Email {
foreach ($this->_base_charsets as $charset)
{
- if (strncmp($charset, $this->charset, strlen($charset)) === 0)
+ if (strpos($charset, $this->charset) === 0)
{
$this->_encoding = '7bit';
}
@@ -651,7 +651,7 @@ class CI_Email {
protected function _set_date()
{
$timezone = date('Z');
- $operator = (strncmp($timezone, '-', 1) === 0) ? '-' : '+';
+ $operator = ($timezone[0] === '-') ? '-' : '+';
$timezone = abs($timezone);
$timezone = floor($timezone/3600) * 100 + ($timezone % 3600) / 60;
@@ -1481,7 +1481,7 @@ class CI_Email {
$this->_set_error_message($reply);
- if (strncmp($reply, '250', 3) !== 0)
+ if (strpos($reply, '250') !== 0)
{
$this->_set_error_message('lang:email_smtp_error', $reply);
return FALSE;
@@ -1637,7 +1637,7 @@ class CI_Email {
$reply = $this->_get_smtp_data();
- if (strncmp($reply, '334', 3) !== 0)
+ if (strpos($reply, '334') !== 0)
{
$this->_set_error_message('lang:email_failed_smtp_login', $reply);
return FALSE;
@@ -1647,7 +1647,7 @@ class CI_Email {
$reply = $this->_get_smtp_data();
- if (strncmp($reply, '334', 3) !== 0)
+ if (strpos($reply, '334') !== 0)
{
$this->_set_error_message('lang:email_smtp_auth_un', $reply);
return FALSE;
@@ -1657,7 +1657,7 @@ class CI_Email {
$reply = $this->_get_smtp_data();
- if (strncmp($reply, '235', 3) !== 0)
+ if (strpos($reply, '235') !== 0)
{
$this->_set_error_message('lang:email_smtp_auth_pw', $reply);
return FALSE;
diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php
index 6cbe032c7..8e03e91f3 100644
--- a/system/libraries/Form_validation.php
+++ b/system/libraries/Form_validation.php
@@ -571,8 +571,7 @@ class CI_Form_validation {
{
foreach ($postdata as $key => $val)
{
- $this->_execute($row, $rules, $val, $cycles);
- $cycles++;
+ $this->_execute($row, $rules, $val, $key);
}
return;
@@ -649,7 +648,12 @@ class CI_Form_validation {
}
else
{
- $postdata = $this->_field_data[$row['field']]['postdata'];
+ // If we get an array field, but it's not expected - then it is most likely
+ // somebody messing with the form on the client side, so we'll just consider
+ // it an empty field
+ $postdata = is_array($this->_field_data[$row['field']]['postdata'])
+ ? NULL
+ : $this->_field_data[$row['field']]['postdata'];
}
// Is the rule a callback?
@@ -993,15 +997,19 @@ class CI_Form_validation {
* Minimum Length
*
* @param string
- * @param int
+ * @param string
* @return bool
*/
public function min_length($str, $val)
{
- if (preg_match('/[^0-9]/', $val))
+ if ( ! is_numeric($val))
{
return FALSE;
}
+ else
+ {
+ $val = (int) $val;
+ }
return (MB_ENABLED === TRUE)
? ($val <= mb_strlen($str))
@@ -1014,15 +1022,19 @@ class CI_Form_validation {
* Max Length
*
* @param string
- * @param int
+ * @param string
* @return bool
*/
public function max_length($str, $val)
{
- if (preg_match('/[^0-9]/', $val))
+ if ( ! is_numeric($val))
{
return FALSE;
}
+ else
+ {
+ $val = (int) $val;
+ }
return (MB_ENABLED === TRUE)
? ($val >= mb_strlen($str))
@@ -1035,15 +1047,19 @@ class CI_Form_validation {
* Exact Length
*
* @param string
- * @param int
+ * @param string
* @return bool
*/
public function exact_length($str, $val)
{
- if (preg_match('/[^0-9]/', $val))
+ if ( ! is_numeric($val))
{
return FALSE;
}
+ else
+ {
+ $val = (int) $val;
+ }
return (MB_ENABLED === TRUE)
? (mb_strlen($str) === $val)
@@ -1113,7 +1129,7 @@ class CI_Form_validation {
*/
public function alpha($str)
{
- return (bool) preg_match('/^[a-z]+$/i', $str);
+ return ctype_alpha($str);
}
// --------------------------------------------------------------------
@@ -1126,7 +1142,7 @@ class CI_Form_validation {
*/
public function alpha_numeric($str)
{
- return (bool) preg_match('/^[a-z0-9]+$/i', $str);
+ return ctype_alnum((string) $str);
}
// --------------------------------------------------------------------
@@ -1248,7 +1264,7 @@ class CI_Form_validation {
*/
public function is_natural($str)
{
- return (bool) preg_match('/^[0-9]+$/', $str);
+ return ctype_digit((string) $str);
}
// --------------------------------------------------------------------
@@ -1261,7 +1277,7 @@ class CI_Form_validation {
*/
public function is_natural_no_zero($str)
{
- return ($str !== 0 && preg_match('/^[0-9]+$/', $str));
+ return ($str != 0 && ctype_digit((string) $str));
}
// --------------------------------------------------------------------
@@ -1344,7 +1360,7 @@ class CI_Form_validation {
*/
public function strip_image_tags($str)
{
- return $this->CI->input->strip_image_tags($str);
+ return $this->CI->security->strip_image_tags($str);
}
// --------------------------------------------------------------------
@@ -1370,7 +1386,7 @@ class CI_Form_validation {
*/
public function encode_php_tags($str)
{
- return str_replace(array('<?php', '<?PHP', '<?', '?>'), array('&lt;?php', '&lt;?PHP', '&lt;?', '?&gt;'), $str);
+ return str_replace(array('<?', '?>'), array('&lt;?', '?&gt;'), $str);
}
// --------------------------------------------------------------------
diff --git a/system/libraries/Ftp.php b/system/libraries/Ftp.php
index 461e884fb..76f5e151a 100644
--- a/system/libraries/Ftp.php
+++ b/system/libraries/Ftp.php
@@ -445,7 +445,7 @@ class CI_FTP {
* Set file permissions
*
* @param string the file path
- * @param string the permissions
+ * @param int the permissions
* @return bool
*/
public function chmod($path, $perm)
diff --git a/system/libraries/Javascript.php b/system/libraries/Javascript.php
index 98fec61d3..5c8b09217 100644
--- a/system/libraries/Javascript.php
+++ b/system/libraries/Javascript.php
@@ -620,7 +620,7 @@ class CI_Javascript {
$this->_javascript_location = $this->CI->config->item('javascript_location');
}
- if ($relative === TRUE OR strncmp($external_file, 'http://', 7) === 0 OR strncmp($external_file, 'https://', 8) === 0)
+ if ($relative === TRUE OR strpos($external_file, 'http://') === 0 OR strpos($external_file, 'https://') === 0)
{
$str = $this->_open_script($external_file);
}
diff --git a/system/libraries/Migration.php b/system/libraries/Migration.php
index 4391b235d..3a1e7a0ad 100644
--- a/system/libraries/Migration.php
+++ b/system/libraries/Migration.php
@@ -179,7 +179,7 @@ class CI_Migration {
// We now prepare to actually DO the migrations
// But first let's make sure that everything is the way it should be
- for ($i = $start; $i !== $stop; $i += $step)
+ for ($i = $start; $i != $stop; $i += $step)
{
$f = glob(sprintf($this->_migration_path.'%03d_*.php', $i));
diff --git a/system/libraries/Pagination.php b/system/libraries/Pagination.php
index cdec736ff..75745dd48 100644
--- a/system/libraries/Pagination.php
+++ b/system/libraries/Pagination.php
@@ -36,39 +36,40 @@
*/
class CI_Pagination {
- public $base_url = ''; // The page we are linking to
- public $prefix = ''; // A custom prefix added to the path.
- public $suffix = ''; // A custom suffix added to the path.
- public $total_rows = 0; // Total number of items (database results)
- public $per_page = 10; // Max number of items you want shown per page
- public $num_links = 2; // Number of "digit" links to show before/after the currently viewed page
- public $cur_page = 0; // The current page being viewed
- public $use_page_numbers = FALSE; // Use page number for segment instead of offset
- public $first_link = '&lsaquo; First';
- public $next_link = '&gt;';
- public $prev_link = '&lt;';
- public $last_link = 'Last &rsaquo;';
- public $uri_segment = 3;
- public $full_tag_open = '';
- public $full_tag_close = '';
- public $first_tag_open = '';
- public $first_tag_close = '&nbsp;';
- public $last_tag_open = '&nbsp;';
- public $last_tag_close = '';
- public $first_url = ''; // Alternative URL for the First Page.
- public $cur_tag_open = '&nbsp;<strong>';
- public $cur_tag_close = '</strong>';
- public $next_tag_open = '&nbsp;';
- public $next_tag_close = '&nbsp;';
- public $prev_tag_open = '&nbsp;';
- public $prev_tag_close = '';
- public $num_tag_open = '&nbsp;';
- public $num_tag_close = '';
- public $page_query_string = FALSE;
- public $query_string_segment = 'per_page';
- public $display_pages = TRUE;
- public $anchor_class = '';
- public $attr_rel = TRUE;
+ protected $base_url = ''; // The page we are linking to
+ protected $prefix = ''; // A custom prefix added to the path.
+ protected $suffix = ''; // A custom suffix added to the path.
+ protected $total_rows = 0; // Total number of items (database results)
+ protected $per_page = 10; // Max number of items you want shown per page
+ protected $num_links = 2; // Number of "digit" links to show before/after the currently viewed page
+ protected $cur_page = 0; // The current page being viewed
+ protected $use_page_numbers = FALSE; // Use page number for segment instead of offset
+ protected $first_link = '&lsaquo; First';
+ protected $next_link = '&gt;';
+ protected $prev_link = '&lt;';
+ protected $last_link = 'Last &rsaquo;';
+ protected $uri_segment = 3;
+ protected $full_tag_open = '';
+ protected $full_tag_close = '';
+ protected $first_tag_open = '';
+ protected $first_tag_close = '&nbsp;';
+ protected $last_tag_open = '&nbsp;';
+ protected $last_tag_close = '';
+ protected $first_url = ''; // Alternative URL for the First Page.
+ protected $cur_tag_open = '&nbsp;<strong>';
+ protected $cur_tag_close = '</strong>';
+ protected $next_tag_open = '&nbsp;';
+ protected $next_tag_close = '&nbsp;';
+ protected $prev_tag_open = '&nbsp;';
+ protected $prev_tag_close = '';
+ protected $num_tag_open = '&nbsp;';
+ protected $num_tag_close = '';
+ protected $page_query_string = FALSE;
+ protected $query_string_segment = 'per_page';
+ protected $display_pages = TRUE;
+ protected $_attributes = '';
+ protected $_link_types = array();
+ protected $reuse_query_string = FALSE;
/**
* Constructor
@@ -92,15 +93,29 @@ class CI_Pagination {
*/
public function initialize($params = array())
{
+ $attributes = array();
+
+ if (isset($params['attributes']) && is_array($params['attributes']))
+ {
+ $attributes = $params['attributes'];
+ unset($params['attributes']);
+ }
+
+ // Deprecated legacy support for the anchor_class option
+ // Should be removed in CI 3.1+
+ if (isset($params['anchor_class']))
+ {
+ empty($params['anchor_class']) OR $attributes['class'] = $params['anchor_class'];
+ unset($params['anchor_class']);
+ }
+
+ $this->_parse_attributes($attributes);
+
if (count($params) > 0)
{
foreach ($params as $key => $val)
{
- if ($key === 'anchor_class')
- {
- $this->anchor_class = ($val) ? 'class="'.$val.'" ' : '';
- }
- elseif (isset($this->$key))
+ if (isset($this->$key))
{
$this->$key = $val;
}
@@ -208,29 +223,46 @@ class CI_Pagination {
// And here we go...
$output = '';
+ $query_string = '';
+
+ // Add anything in the query string back to the links
+ // Note: Nothing to do with query_string_segment or any other query string options
+ if ($this->reuse_query_string === TRUE)
+ {
+ $get = $CI->input->get();
+
+ // Unset the controll, method, old-school routing options
+ unset($get['c'], $get['m'], $get[$this->query_string_segment]);
+
+ // Put everything else onto the end
+ $query_string = (strpos($this->base_url, '&amp;') !== FALSE ? '&amp;' : '?') . http_build_query($get, '', '&amp;');
+
+ // Add this after the suffix to put it into more links easily
+ $this->suffix .= $query_string;
+ }
// Render the "First" link
if ($this->first_link !== FALSE && $this->cur_page > ($this->num_links + 1))
{
$first_url = ($this->first_url === '') ? $this->base_url : $this->first_url;
- $output .= $this->first_tag_open.'<a '.$this->anchor_class.'href="'.$first_url.'"'.$this->_attr_rel('start').'>'
+ $output .= $this->first_tag_open.'<a href="'.$first_url.'"'.$this->_attributes.$this->_attr_rel('start').'>'
.$this->first_link.'</a>'.$this->first_tag_close;
}
// Render the "previous" link
- if ($this->prev_link !== FALSE && $this->cur_page !== 1)
+ if ($this->prev_link !== FALSE && $this->cur_page !== 1)
{
$i = ($this->use_page_numbers) ? $uri_page_number - 1 : $uri_page_number - $this->per_page;
if ($i === $base_page && $this->first_url !== '')
{
- $output .= $this->prev_tag_open.'<a '.$this->anchor_class.'href="'.$this->first_url.'"'.$this->_attr_rel('prev').'>'
+ $output .= $this->prev_tag_open.'<a href="'.$this->first_url.$query_string.'"'.$this->_attributes.$this->_attr_rel('prev').'>'
.$this->prev_link.'</a>'.$this->prev_tag_close;
}
else
{
- $i = ($i === $base_page) ? '' : $this->prefix.$i.$this->suffix;
- $output .= $this->prev_tag_open.'<a '.$this->anchor_class.'href="'.$this->base_url.$i.'"'.$this->_attr_rel('prev').'>'
+ $append = ($i === $base_page) ? $query_string : $this->prefix.$i.$this->suffix;
+ $output .= $this->prev_tag_open.'<a href="'.$this->base_url.$append.'"'.$this->_attributes.$this->_attr_rel('prev').'>'
.$this->prev_link.'</a>'.$this->prev_tag_close;
}
@@ -243,7 +275,6 @@ class CI_Pagination {
for ($loop = $start -1; $loop <= $end; $loop++)
{
$i = ($this->use_page_numbers) ? $loop : ($loop * $this->per_page) - $this->per_page;
-
if ($i >= $base_page)
{
if ($this->cur_page === $loop)
@@ -253,17 +284,15 @@ class CI_Pagination {
else
{
$n = ($i === $base_page) ? '' : $i;
-
- if ($n === '' && $this->first_url !== '')
+ if ($n === '' && ! empty($this->first_url))
{
- $output .= $this->num_tag_open.'<a '.$this->anchor_class.'href="'.$this->first_url.'"'.$this->_attr_rel('start').'>'
+ $output .= $this->num_tag_open.'<a href="'.$this->first_url.$query_string.'"'.$this->_attributes.$this->_attr_rel('start').'>'
.$loop.'</a>'.$this->num_tag_close;
}
else
{
- $n = ($n === '') ? '' : $this->prefix.$n.$this->suffix;
-
- $output .= $this->num_tag_open.'<a '.$this->anchor_class.'href="'.$this->base_url.$n.'"'.$this->_attr_rel().'>'
+ $append = ($n === '') ? $query_string : $this->prefix.$n.$this->suffix;
+ $output .= $this->num_tag_open.'<a href="'.$this->base_url.$append.'"'.$this->_attributes.$this->_attr_rel('start').'>'
.$loop.'</a>'.$this->num_tag_close;
}
}
@@ -276,8 +305,8 @@ class CI_Pagination {
{
$i = ($this->use_page_numbers) ? $this->cur_page + 1 : $this->cur_page * $this->per_page;
- $output .= $this->next_tag_open.'<a '.$this->anchor_class.'href="'.$this->base_url.$this->prefix.$i.$this->suffix.'"'.$this->_attr_rel('next').'>'
- .$this->next_link.'</a>'.$this->next_tag_close;
+ $output .= $this->next_tag_open.'<a href="'.$this->base_url.$this->prefix.$i.$this->suffix.'"'.$this->_attributes
+ .$this->_attr_rel('next').'>'.$this->next_link.'</a>'.$this->next_tag_close;
}
// Render the "Last" link
@@ -285,7 +314,7 @@ class CI_Pagination {
{
$i = ($this->use_page_numbers) ? $num_pages : ($num_pages * $this->per_page) - $this->per_page;
- $output .= $this->last_tag_open.'<a '.$this->anchor_class.'href="'.$this->base_url.$this->prefix.$i.$this->suffix.'"'.$this->_attr_rel().'>'
+ $output .= $this->last_tag_open.'<a href="'.$this->base_url.$this->prefix.$i.$this->suffix.'"'.$this->_attributes.'>'
.$this->last_link.'</a>'.$this->last_tag_close;
}
@@ -300,23 +329,44 @@ class CI_Pagination {
// --------------------------------------------------------------------
/**
+ * Parse attributes
+ *
+ * @param array
+ * @return void
+ */
+ protected function _parse_attributes($attributes)
+ {
+ isset($attributes['rel']) OR $attributes['rel'] = TRUE;
+ $this->_link_types = ($attributes['rel'])
+ ? array('start' => 'start', 'prev' => 'prev', 'next' => 'next')
+ : array();
+ unset($attributes['rel']);
+
+ $this->_attributes = '';
+ foreach ($attributes as $key => $value)
+ {
+ $this->_attributes .= ' '.$key.'="'.$value.'"';
+ }
+ }
+
+ // --------------------------------------------------------------------
+
+ /**
* Add "rel" attribute
*
+ * @link http://www.w3.org/TR/html5/links.html#linkTypes
* @param string
* @return string
*/
- protected function _attr_rel($value = '')
+ protected function _attr_rel($type)
{
- if (empty($this->attr_rel) OR ($this->attr_rel === TRUE && empty($value)))
- {
- return '';
- }
- elseif ( ! is_bool($this->attr_rel))
+ if (isset($this->_link_types[$type]))
{
- $value = $this->attr_rel;
+ unset($this->_link_types[$type]);
+ return ' rel="'.$type.'"';
}
- return ' rel="'.$value.'"';
+ return '';
}
}
diff --git a/system/libraries/Profiler.php b/system/libraries/Profiler.php
index d96088c14..1e961f6df 100644
--- a/system/libraries/Profiler.php
+++ b/system/libraries/Profiler.php
@@ -116,6 +116,12 @@ class CI_Profiler {
*/
public function set_sections($config)
{
+ if (isset($config['query_toggle_count']))
+ {
+ $this->_query_toggle_count = (int) $config['query_toggle_count'];
+ unset($config['query_toggle_count']);
+ }
+
foreach ($config as $method => $enable)
{
if (in_array($method, $this->_available_sections))
diff --git a/system/libraries/Upload.php b/system/libraries/Upload.php
index c96daaf15..d381440cd 100644
--- a/system/libraries/Upload.php
+++ b/system/libraries/Upload.php
@@ -59,6 +59,7 @@ class CI_Upload {
public $error_msg = array();
public $mimes = array();
public $remove_spaces = TRUE;
+ public $detect_mime = TRUE;
public $xss_clean = FALSE;
public $temp_prefix = 'temp_file_';
public $client_name = '';
@@ -116,6 +117,7 @@ class CI_Upload {
'image_size_str' => '',
'error_msg' => array(),
'remove_spaces' => TRUE,
+ 'detect_mime' => TRUE,
'xss_clean' => FALSE,
'temp_prefix' => 'temp_file_',
'client_name' => ''
@@ -209,7 +211,13 @@ class CI_Upload {
// Set the uploaded data as class variables
$this->file_temp = $_FILES[$field]['tmp_name'];
$this->file_size = $_FILES[$field]['size'];
- $this->_file_mime_type($_FILES[$field]);
+
+ // Skip MIME type detection?
+ if ($this->detect_mime !== FALSE)
+ {
+ $this->_file_mime_type($_FILES[$field]);
+ }
+
$this->file_type = preg_replace('/^(.+?);.*$/', '\\1', $this->file_type);
$this->file_type = strtolower(trim(stripslashes($this->file_type), '"'));
$this->file_name = $this->_prep_filename($_FILES[$field]['name']);
@@ -990,7 +998,7 @@ class CI_Upload {
*/
if (function_exists('finfo_file'))
{
- $finfo = finfo_open(FILEINFO_MIME);
+ $finfo = @finfo_open(FILEINFO_MIME);
if (is_resource($finfo)) // It is possible that a FALSE value is returned, if there is no magic MIME database file found on the system
{
$mime = @finfo_file($finfo, $file['tmp_name']);
@@ -1021,7 +1029,9 @@ class CI_Upload {
*/
if (DIRECTORY_SEPARATOR !== '\\')
{
- $cmd = 'file --brief --mime '.escapeshellarg($file['tmp_name']).' 2>&1';
+ $cmd = function_exists('escapeshellarg')
+ ? 'file --brief --mime '.escapeshellarg($file['tmp_name']).' 2>&1'
+ : 'file --brief --mime '.$file['tmp_name'].' 2>&1';
if (function_exists('exec'))
{
diff --git a/system/libraries/Xmlrpc.php b/system/libraries/Xmlrpc.php
index 6f3542333..eac4ac118 100644
--- a/system/libraries/Xmlrpc.php
+++ b/system/libraries/Xmlrpc.php
@@ -778,7 +778,7 @@ class XML_RPC_Message extends CI_Xmlrpc
}
// Check for HTTP 200 Response
- if (strncmp($data, 'HTTP', 4) === 0 && ! preg_match('/^HTTP\/[0-9\.]+ 200 /', $data))
+ if (strpos($data, 'HTTP') === 0 && ! preg_match('/^HTTP\/[0-9\.]+ 200 /', $data))
{
$errstr = substr($data, 0, strpos($data, "\n")-1);
return new XML_RPC_Response(0, $this->xmlrpcerr['http_error'], $this->xmlrpcstr['http_error'].' ('.$errstr.')');
diff --git a/system/libraries/Xmlrpcs.php b/system/libraries/Xmlrpcs.php
index be930b0f9..e81f2ca9a 100644
--- a/system/libraries/Xmlrpcs.php
+++ b/system/libraries/Xmlrpcs.php
@@ -303,7 +303,7 @@ class CI_Xmlrpcs extends CI_Xmlrpc
$methName = $m->method_name;
// Check to see if it is a system call
- $system_call = (strncmp($methName, 'system', 5) === 0);
+ $system_call = (strpos($methName, 'system') === 0);
if ($this->xss_clean === FALSE)
{
diff --git a/system/libraries/Zip.php b/system/libraries/Zip.php
index e0dc637ad..5c4c257f8 100644
--- a/system/libraries/Zip.php
+++ b/system/libraries/Zip.php
@@ -40,7 +40,7 @@
* @author EllisLab Dev Team
* @link http://codeigniter.com/user_guide/libraries/zip.html
*/
-class CI_Zip {
+class CI_Zip {
/**
* Zip data in string form