summaryrefslogtreecommitdiffstats
path: root/system
diff options
context:
space:
mode:
Diffstat (limited to 'system')
-rw-r--r--system/core/Loader.php15
-rw-r--r--system/database/DB_active_rec.php2
-rw-r--r--system/helpers/form_helper.php4
-rw-r--r--system/helpers/html_helper.php4
-rw-r--r--system/libraries/Cart.php12
-rw-r--r--system/libraries/Email.php118
6 files changed, 88 insertions, 67 deletions
diff --git a/system/core/Loader.php b/system/core/Loader.php
index 721c196cc..7c8b298ac 100644
--- a/system/core/Loader.php
+++ b/system/core/Loader.php
@@ -389,6 +389,21 @@ class CI_Loader {
// --------------------------------------------------------------------
/**
+ * Get Variable
+ *
+ * Check if a variable is set and retrieve it.
+ *
+ * @param array
+ * @return void
+ */
+ public function get_var($key)
+ {
+ return isset($this->_ci_cached_vars[$key]) ? $this->_ci_cached_vars[$key] : NULL;
+ }
+
+ // --------------------------------------------------------------------
+
+ /**
* Load Helper
*
* This function loads the specified helper file.
diff --git a/system/database/DB_active_rec.php b/system/database/DB_active_rec.php
index bc11ff436..0a25b3cb5 100644
--- a/system/database/DB_active_rec.php
+++ b/system/database/DB_active_rec.php
@@ -790,7 +790,7 @@ class CI_DB_active_record extends CI_DB_driver {
if ($v != '')
{
- $v = ' '.$this->escape_str($v);
+ $v = ' '.$this->escape($v);
}
$this->ar_having[] = $prefix.$k.$v;
diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php
index 2925d3c7c..5720a06ec 100644
--- a/system/helpers/form_helper.php
+++ b/system/helpers/form_helper.php
@@ -64,8 +64,8 @@ if ( ! function_exists('form_open'))
$form .= '>';
- // CSRF
- if ($CI->config->item('csrf_protection') === TRUE)
+ // Add CSRF field if enabled, but leave it out for GET requests and requests to external websites
+ if ($CI->config->item('csrf_protection') === TRUE AND ! (strpos($action, $CI->config->site_url()) === FALSE OR strpos($form, 'method="get"')))
{
$hidden[$CI->security->get_csrf_token_name()] = $CI->security->get_csrf_hash();
}
diff --git a/system/helpers/html_helper.php b/system/helpers/html_helper.php
index 080f622dd..b64b60650 100644
--- a/system/helpers/html_helper.php
+++ b/system/helpers/html_helper.php
@@ -124,6 +124,10 @@ if ( ! function_exists('_list'))
}
$attributes = $atts;
}
+ elseif (is_string($attributes) AND strlen($attributes) > 0)
+ {
+ $attributes = ' '. $attributes;
+ }
// Write the opening list tag
$out .= "<".$type.$attributes.">\n";
diff --git a/system/libraries/Cart.php b/system/libraries/Cart.php
index 7f65b48b9..ab5a70c98 100644
--- a/system/libraries/Cart.php
+++ b/system/libraries/Cart.php
@@ -99,7 +99,7 @@ class CI_Cart {
$save_cart = FALSE;
if (isset($items['id']))
{
- if ($this->_insert($items) == TRUE)
+ if (($rowid = $this->_insert($items)))
{
$save_cart = TRUE;
}
@@ -110,7 +110,7 @@ class CI_Cart {
{
if (is_array($val) AND isset($val['id']))
{
- if ($this->_insert($val) == TRUE)
+ if ($this->_insert($val))
{
$save_cart = TRUE;
}
@@ -122,7 +122,7 @@ class CI_Cart {
if ($save_cart == TRUE)
{
$this->_save_cart();
- return TRUE;
+ return isset($rowid) ? $rowid : TRUE;
}
return FALSE;
@@ -244,7 +244,7 @@ class CI_Cart {
}
// Woot!
- return TRUE;
+ return $rowid;
}
// --------------------------------------------------------------------
@@ -374,6 +374,7 @@ class CI_Cart {
// Lets add up the individual prices and set the cart sub-total
$total = 0;
+ $items = 0;
foreach ($this->_cart_contents as $key => $val)
{
// We make sure the array contains the proper indexes
@@ -383,13 +384,14 @@ class CI_Cart {
}
$total += ($val['price'] * $val['qty']);
+ $items += $val['qty'];
// Set the subtotal
$this->_cart_contents[$key]['subtotal'] = ($this->_cart_contents[$key]['price'] * $this->_cart_contents[$key]['qty']);
}
// Set the cart total and total items.
- $this->_cart_contents['total_items'] = count($this->_cart_contents);
+ $this->_cart_contents['total_items'] = $items;
$this->_cart_contents['cart_total'] = $total;
// Is our cart empty? If so we delete it from the session
diff --git a/system/libraries/Email.php b/system/libraries/Email.php
index cd89f8f3d..9b3bc75e1 100644
--- a/system/libraries/Email.php
+++ b/system/libraries/Email.php
@@ -405,12 +405,12 @@ class CI_Email {
/**
* Add a Header Item
*
- * @access private
+ * @access protected
* @param string
* @param string
* @return void
*/
- private function _set_header($header, $value)
+ protected function _set_header($header, $value)
{
$this->_headers[$header] = $value;
}
@@ -420,11 +420,11 @@ class CI_Email {
/**
* Convert a String to an Array
*
- * @access private
+ * @access protected
* @param string
* @return array
*/
- private function _str_to_array($email)
+ protected function _str_to_array($email)
{
if ( ! is_array($email))
{
@@ -577,10 +577,10 @@ class CI_Email {
/**
* Set Message Boundary
*
- * @access private
+ * @access protected
* @return void
*/
- private function _set_boundaries()
+ protected function _set_boundaries()
{
$this->_alt_boundary = "B_ALT_".uniqid(''); // multipart/alternative
$this->_atc_boundary = "B_ATC_".uniqid(''); // attachment boundary
@@ -591,10 +591,10 @@ class CI_Email {
/**
* Get the Message ID
*
- * @access private
+ * @access protected
* @return string
*/
- private function _get_message_id()
+ protected function _get_message_id()
{
$from = $this->_headers['Return-Path'];
$from = str_replace(">", "", $from);
@@ -608,11 +608,11 @@ class CI_Email {
/**
* Get Mail Protocol
*
- * @access private
+ * @access protected
* @param bool
* @return string
*/
- private function _get_protocol($return = TRUE)
+ protected function _get_protocol($return = TRUE)
{
$this->protocol = strtolower($this->protocol);
$this->protocol = ( ! in_array($this->protocol, $this->_protocols, TRUE)) ? 'mail' : $this->protocol;
@@ -628,11 +628,11 @@ class CI_Email {
/**
* Get Mail Encoding
*
- * @access private
+ * @access protected
* @param bool
* @return string
*/
- private function _get_encoding($return = TRUE)
+ protected function _get_encoding($return = TRUE)
{
$this->_encoding = ( ! in_array($this->_encoding, $this->_bit_depths)) ? '8bit' : $this->_encoding;
@@ -655,10 +655,10 @@ class CI_Email {
/**
* Get content type (text/html/attachment)
*
- * @access private
+ * @access protected
* @return string
*/
- private function _get_content_type()
+ protected function _get_content_type()
{
if ($this->mailtype == 'html' && count($this->_attach_name) == 0)
{
@@ -683,10 +683,10 @@ class CI_Email {
/**
* Set RFC 822 Date
*
- * @access private
+ * @access protected
* @return string
*/
- private function _set_date()
+ protected function _set_date()
{
$timezone = date("Z");
$operator = (strncmp($timezone, '-', 1) == 0) ? '-' : '+';
@@ -701,10 +701,10 @@ class CI_Email {
/**
* Mime message
*
- * @access private
+ * @access protected
* @return string
*/
- private function _get_mime_message()
+ protected function _get_mime_message()
{
return "This is a multi-part message in MIME format.".$this->newline."Your email application may not support this format.";
}
@@ -802,10 +802,10 @@ class CI_Email {
* If the user hasn't specified his own alternative message
* it creates one by stripping the HTML
*
- * @access private
+ * @access protected
* @return string
*/
- private function _get_alt_message()
+ protected function _get_alt_message()
{
if ($this->alt_message != "")
{
@@ -941,11 +941,11 @@ class CI_Email {
/**
* Build final headers
*
- * @access private
+ * @access protected
* @param string
* @return string
*/
- private function _build_headers()
+ protected function _build_headers()
{
$this->_set_header('X-Sender', $this->clean_email($this->_headers['From']));
$this->_set_header('X-Mailer', $this->useragent);
@@ -959,10 +959,10 @@ class CI_Email {
/**
* Write Headers as a string
*
- * @access private
+ * @access protected
* @return void
*/
- private function _write_headers()
+ protected function _write_headers()
{
if ($this->protocol == 'mail')
{
@@ -994,10 +994,10 @@ class CI_Email {
/**
* Build Final Body and attachments
*
- * @access private
+ * @access protected
* @return void
*/
- private function _build_message()
+ protected function _build_message()
{
if ($this->wordwrap === TRUE AND $this->mailtype != 'html')
{
@@ -1177,12 +1177,12 @@ class CI_Email {
* Prepares string for Quoted-Printable Content-Transfer-Encoding
* Refer to RFC 2045 http://www.ietf.org/rfc/rfc2045.txt
*
- * @access private
+ * @access protected
* @param string
* @param integer
* @return string
*/
- private function _prep_quoted_printable($str, $charlim = '')
+ protected function _prep_quoted_printable($str, $charlim = '')
{
// Set the character limit
// Don't allow over 76, as that will make servers and MUAs barf
@@ -1275,7 +1275,7 @@ class CI_Email {
* @param bool // set to TRUE for processing From: headers
* @return str
*/
- private function _prep_q_encoding($str, $from = FALSE)
+ protected function _prep_q_encoding($str, $from = FALSE)
{
$str = str_replace(array("\r", "\n"), array('', ''), $str);
@@ -1440,10 +1440,10 @@ class CI_Email {
/**
* Unwrap special elements
*
- * @access private
+ * @access protected
* @return void
*/
- private function _unwrap_specials()
+ protected function _unwrap_specials()
{
$this->_finalbody = preg_replace_callback("/\{unwrap\}(.*?)\{\/unwrap\}/si", array($this, '_remove_nl_callback'), $this->_finalbody);
}
@@ -1453,10 +1453,10 @@ class CI_Email {
/**
* Strip line-breaks via callback
*
- * @access private
+ * @access protected
* @return string
*/
- private function _remove_nl_callback($matches)
+ protected function _remove_nl_callback($matches)
{
if (strpos($matches[1], "\r") !== FALSE OR strpos($matches[1], "\n") !== FALSE)
{
@@ -1471,10 +1471,10 @@ class CI_Email {
/**
* Spool mail to the mail server
*
- * @access private
+ * @access protected
* @return bool
*/
- private function _spool_email()
+ protected function _spool_email()
{
$this->_unwrap_specials();
@@ -1516,10 +1516,10 @@ class CI_Email {
/**
* Send using mail()
*
- * @access private
+ * @access protected
* @return bool
*/
- private function _send_with_mail()
+ protected function _send_with_mail()
{
if ($this->_safe_mode == TRUE)
{
@@ -1553,10 +1553,10 @@ class CI_Email {
/**
* Send using Sendmail
*
- * @access private
+ * @access protected
* @return bool
*/
- private function _send_with_sendmail()
+ protected function _send_with_sendmail()
{
$fp = @popen($this->mailpath . " -oi -f ".$this->clean_email($this->_headers['From'])." -t", 'w');
@@ -1591,10 +1591,10 @@ class CI_Email {
/**
* Send using SMTP
*
- * @access private
+ * @access protected
* @return bool
*/
- private function _send_with_smtp()
+ protected function _send_with_smtp()
{
if ($this->smtp_host == '')
{
@@ -1660,11 +1660,11 @@ class CI_Email {
/**
* SMTP Connect
*
- * @access private
+ * @access protected
* @param string
* @return string
*/
- private function _smtp_connect()
+ protected function _smtp_connect()
{
$this->_smtp_connect = fsockopen($this->smtp_host,
$this->smtp_port,
@@ -1687,12 +1687,12 @@ class CI_Email {
/**
* Send SMTP command
*
- * @access private
+ * @access protected
* @param string
* @param string
* @return string
*/
- private function _send_command($cmd, $data = '')
+ protected function _send_command($cmd, $data = '')
{
switch ($cmd)
{
@@ -1754,10 +1754,10 @@ class CI_Email {
/**
* SMTP Authenticate
*
- * @access private
+ * @access protected
* @return bool
*/
- private function _smtp_authenticate()
+ protected function _smtp_authenticate()
{
if ( ! $this->_smtp_auth)
{
@@ -1808,10 +1808,10 @@ class CI_Email {
/**
* Send SMTP data
*
- * @access private
+ * @access protected
* @return bool
*/
- private function _send_data($data)
+ protected function _send_data($data)
{
if ( ! fwrite($this->_smtp_connect, $data . $this->newline))
{
@@ -1829,10 +1829,10 @@ class CI_Email {
/**
* Get SMTP data
*
- * @access private
+ * @access protected
* @return string
*/
- private function _get_smtp_data()
+ protected function _get_smtp_data()
{
$data = "";
@@ -1854,10 +1854,10 @@ class CI_Email {
/**
* Get Hostname
*
- * @access private
+ * @access protected
* @return string
*/
- private function _get_hostname()
+ protected function _get_hostname()
{
return (isset($_SERVER['SERVER_NAME'])) ? $_SERVER['SERVER_NAME'] : 'localhost.localdomain';
}
@@ -1867,10 +1867,10 @@ class CI_Email {
/**
* Get IP
*
- * @access private
+ * @access protected
* @return string
*/
- private function _get_ip()
+ protected function _get_ip()
{
if ($this->_IP !== FALSE)
{
@@ -1933,11 +1933,11 @@ class CI_Email {
/**
* Set Message
*
- * @access private
+ * @access protected
* @param string
* @return string
*/
- private function _set_error_message($msg, $val = '')
+ protected function _set_error_message($msg, $val = '')
{
$CI =& get_instance();
$CI->lang->load('email');
@@ -1957,11 +1957,11 @@ class CI_Email {
/**
* Mime Types
*
- * @access private
+ * @access protected
* @param string
* @return string
*/
- private function _mime_types($ext = "")
+ protected function _mime_types($ext = "")
{
$mimes = array( 'hqx' => 'application/mac-binhex40',
'cpt' => 'application/mac-compactpro',