diff options
Diffstat (limited to 'system')
47 files changed, 754 insertions, 585 deletions
diff --git a/system/core/Common.php b/system/core/Common.php index 57374b07d..981af4559 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -488,13 +488,9 @@ if ( ! function_exists('set_status_header')) { header('Status: '.$code.' '.$text, TRUE); } - elseif ($server_protocol === 'HTTP/1.0') - { - header('HTTP/1.0 '.$code.' '.$text, TRUE, $code); - } else { - header('HTTP/1.1 '.$code.' '.$text, TRUE, $code); + header(($server_protocol ? $server_protocol : 'HTTP/1.1').' '.$code.' '.$text, TRUE, $code); } } } @@ -524,18 +520,17 @@ if ( ! function_exists('_exception_handler')) { $_error =& load_class('Exceptions', 'core'); - // Should we display the error? We'll get the current error_reporting + // Should we ignore the error? We'll get the current error_reporting // level and add its bits with the severity bits to find out. - // And respect display_errors - if (($severity & error_reporting()) === $severity && (bool) ini_get('display_errors') === TRUE) + if (($severity & error_reporting()) !== $severity) { - $_error->show_php_error($severity, $message, $filepath, $line); + return; } - // Should we log the error? No? We're done... - if (config_item('log_threshold') === 0) + // Should we display the error? + if ((bool) ini_get('display_errors') === TRUE) { - return; + $_error->show_php_error($severity, $message, $filepath, $line); } $_error->log_exception($severity, $message, $filepath, $line); diff --git a/system/core/Config.php b/system/core/Config.php index 2f6a9e085..8e4f998ef 100644 --- a/system/core/Config.php +++ b/system/core/Config.php @@ -102,7 +102,7 @@ class CI_Config { { $file = ($file === '') ? 'config' : str_replace('.php', '', $file); $found = $loaded = FALSE; - + $check_locations = defined('ENVIRONMENT') ? array(ENVIRONMENT.'/'.$file, $file) : array($file); diff --git a/system/core/Input.php b/system/core/Input.php index 968a42a9a..82482f2aa 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -328,62 +328,113 @@ class CI_Input { return $this->ip_address; } - if (config_item('proxy_ips') != '' && $this->server('HTTP_X_FORWARDED_FOR') && $this->server('REMOTE_ADDR')) + $proxy_ips = config_item('proxy_ips'); + if ( ! empty($proxy_ips) && ! is_array($proxy_ips)) { - $has_ranges = strpos($proxies, '/') !== false; - $proxies = preg_split('/[\s,]/', config_item('proxy_ips'), -1, PREG_SPLIT_NO_EMPTY); - $proxies = is_array($proxies) ? $proxies : array($proxies); - - if ($has_ranges) - { - $long_ip = ip2long($_SERVER['REMOTE_ADDR']); - $bit_32 = 1 << 32; + $proxy_ips = explode(',', str_replace(' ', '', $proxy_ips)); + } + + $this->ip_address = $this->server('REMOTE_ADDR'); - // Go through each of the IP Addresses to check for and - // test against range notation - foreach($proxies as $ip) + if ($proxy_ips) + { + foreach (array('HTTP_X_FORWARDED_FOR', 'HTTP_CLIENT_IP', 'HTTP_X_CLIENT_IP', 'HTTP_X_CLUSTER_CLIENT_IP') as $header) + { + if (($spoof = $this->server($header)) !== NULL) { - list($address, $mask_length) = explode('/', $ip); + // Some proxies typically list the whole chain of IP + // addresses through which the client has reached us. + // e.g. client_ip, proxy_ip1, proxy_ip2, etc. + if (strpos($spoof, ',') !== FALSE) + { + $spoof = explode(',', $spoof, 2); + $spoof = $spoof[0]; + } - // Generate the bitmask for a 32 bit IP Address - $bitmask = $bit_32 - (1 << (32 - (int)$mask_length)); - if (($long_ip & $bitmask) == $address) + if ( ! $this->valid_ip($spoof)) + { + $spoof = NULL; + } + else { - $this->ip_address = $_SERVER['HTTP_X_FORWARDED_FOR']; break; } } - - } else { - $this->ip_address = in_array($_SERVER['REMOTE_ADDR'], $proxies) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR']; } - } - elseif ( ! $this->server('HTTP_CLIENT_IP') && $this->server('REMOTE_ADDR')) - { - $this->ip_address = $_SERVER['REMOTE_ADDR']; - } - elseif ($this->server('REMOTE_ADDR') && $this->server('HTTP_CLIENT_IP')) - { - $this->ip_address = $_SERVER['HTTP_CLIENT_IP']; - } - elseif ($this->server('HTTP_CLIENT_IP')) - { - $this->ip_address = $_SERVER['HTTP_CLIENT_IP']; - } - elseif ($this->server('HTTP_X_FORWARDED_FOR')) - { - $this->ip_address = $_SERVER['HTTP_X_FORWARDED_FOR']; - } - if ($this->ip_address === FALSE) - { - return $this->ip_address = '0.0.0.0'; - } + if ($spoof) + { + for ($i = 0, $c = count($proxy_ips); $i < $c; $i++) + { + // Check if we have an IP address or a subnet + if (strpos($proxy_ips[$i], '/') === FALSE) + { + // An IP address (and not a subnet) is specified. + // We can compare right away. + if ($proxy_ips[$i] === $this->ip_address) + { + $this->ip_address = $spoof; + break; + } + + continue; + } - if (strpos($this->ip_address, ',') !== FALSE) - { - $x = explode(',', $this->ip_address); - $this->ip_address = trim(end($x)); + // We have a subnet ... now the heavy lifting begins + isset($separator) OR $separator = $this->valid_ip($this->ip_address, 'ipv6') ? ':' : '.'; + + // If the proxy entry doesn't match the IP protocol - skip it + if (strpos($proxy_ips[$i], $separator) === FALSE) + { + continue; + } + + // Convert the REMOTE_ADDR IP address to binary, if needed + if ( ! isset($ip, $convert_func)) + { + if ($separator === ':') + { + // Make sure we're have the "full" IPv6 format + $ip = str_replace('::', str_repeat(':', 9 - substr_count($this->ip_address, ':')), $this->ip_address); + $convert_func = is_php('5.3') + ? function ($value) + { + return str_pad(base_convert($value, 16, 2), 16, '0', STR_PAD_LEFT); + } + : create_function('$value', 'return str_pad(base_convert($value, 16, 2), 16, "0", STR_PAD_LEFT);'); + } + else + { + $ip = $this->ip_address; + $convert_func = is_php('5.3') + ? function ($value) + { + return str_pad(decbin($value), 8, '0', STR_PAD_LEFT); + } + : create_function('$value', 'return str_pad(decbin($value), 8, "0", STR_PAD_LEFT);'); + } + + $ip = implode(array_map($convert_func, explode($separator, $ip))); + } + + // Split the netmask length off the network address + list($netaddr, $masklen) = explode('/', $proxy_ips[$i], 2); + + // Again, an IPv6 address is most likely in a compressed form + if ($separator === ':') + { + $netaddr = str_replace('::', str_repeat(':', 9 - substr_count($netaddr, ':')), $netaddr); + } + + // Convert to a binary form and finally compare + $netaddr = implode(array_map($convert_func, explode($separator, $netaddr))); + if (strncmp($ip, $netaddr, $masklen) === 0) + { + $this->ip_address = $spoof; + break; + } + } + } } if ( ! $this->valid_ip($this->ip_address)) @@ -541,7 +592,7 @@ class CI_Input { $_SERVER['PHP_SELF'] = strip_tags($_SERVER['PHP_SELF']); // CSRF Protection check - if ($this->_enable_csrf === TRUE) + if ($this->_enable_csrf === TRUE && ! $this->is_cli_request()) { $this->security->csrf_verify(); } diff --git a/system/core/Loader.php b/system/core/Loader.php index 242b19069..ed830e2dd 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -779,11 +779,11 @@ class CI_Loader { $_ci_ext = pathinfo($_ci_view, PATHINFO_EXTENSION); $_ci_file = ($_ci_ext === '') ? $_ci_view.'.php' : $_ci_view; - foreach ($this->_ci_view_paths as $view_file => $cascade) + foreach ($this->_ci_view_paths as $_ci_view_file => $cascade) { - if (file_exists($view_file.$_ci_file)) + if (file_exists($_ci_view_file.$_ci_file)) { - $_ci_path = $view_file.$_ci_file; + $_ci_path = $_ci_view_file.$_ci_file; $file_exists = TRUE; break; } diff --git a/system/core/Output.php b/system/core/Output.php index 9842f834d..052367ed6 100644 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -552,13 +552,13 @@ class CI_Output { fclose($fp); // Strip out the embedded timestamp - if ( ! preg_match('/\d+TS--->/', $cache, $match)) + if ( ! preg_match('/^(\d+)TS--->/', $cache, $match)) { return FALSE; } $last_modified = filemtime($cache_path); - $expire = str_replace('TS--->', '', $match[0]); + $expire = $match[1]; // Has the file expired? if ($_SERVER['REQUEST_TIME'] >= $expire && is_really_writable($cache_path)) diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php index d63a1d955..ea2a53eb2 100644 --- a/system/database/DB_driver.php +++ b/system/database/DB_driver.php @@ -51,6 +51,7 @@ abstract class CI_DB_driver { public $char_set = 'utf8'; public $dbcollat = 'utf8_general_ci'; public $autoinit = TRUE; // Whether to automatically initialize the DB + public $compress = TRUE; public $swap_pre = ''; public $port = ''; public $pconnect = FALSE; @@ -78,6 +79,10 @@ abstract class CI_DB_driver { protected $_protect_identifiers = TRUE; protected $_reserved_identifiers = array('*'); // Identifiers that should NOT be escaped + // clause and character used for LIKE escape sequences + protected $_like_escape_str = " ESCAPE '%s' "; + protected $_like_escape_chr = '!'; + /** * The syntax to count rows is slightly different across different * database engines, so this string appears in each driver and is @@ -669,7 +674,7 @@ abstract class CI_DB_driver { */ public function is_write_type($sql) { - return (bool) preg_match('/^\s*"?(SET|INSERT|UPDATE|DELETE|REPLACE|CREATE|DROP|TRUNCATE|LOAD DATA|COPY|ALTER|RENAME|GRANT|REVOKE|LOCK|UNLOCK|REINDEX)\s+/i', $sql); + return (bool) preg_match('/^\s*"?(SET|INSERT|UPDATE|DELETE|REPLACE|CREATE|DROP|TRUNCATE|LOAD|COPY|ALTER|RENAME|GRANT|REVOKE|LOCK|UNLOCK|REINDEX)\s+/i', $sql); } // -------------------------------------------------------------------- @@ -1343,7 +1348,7 @@ abstract class CI_DB_driver { } else { - $message = ( ! is_array($error)) ? array(str_replace('%s', $swap, $LANG->line($error))) : $error; + $message = is_array($error) ? $error : array(str_replace('%s', $swap, $LANG->line($error))); } // Find the most likely culprit of the error by going through @@ -1352,7 +1357,13 @@ abstract class CI_DB_driver { $trace = debug_backtrace(); foreach ($trace as $call) { - if (isset($call['file']) && strpos($call['file'], BASEPATH.'database') === FALSE) + // We'll need this on Windows, as APPPATH and BASEPATH will always use forward slashes + if (DIRECTORY_SEPARATOR !== '/') + { + $call['file'] = str_replace('\\', '/', $call['file']); + } + + if (isset($call['file'], $call['class']) && strpos($call['file'], BASEPATH.'database') === FALSE && strpos($call['class'], 'Loader') !== FALSE) { // Found it - use a relative path for safety $message[] = 'Filename: '.str_replace(array(APPPATH, BASEPATH), '', $call['file']); diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index 479b7f24a..54510ec2e 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -1522,19 +1522,18 @@ abstract class CI_DB_query_builder extends CI_DB_driver { // -------------------------------------------------------------------- /** - * From Tables + * FROM tables * - * This public function implicitly groups FROM tables so there is no confusion - * about operator precedence in harmony with SQL standards + * Groups tables in FROM clauses if needed, so there is no confusion + * about operator precedence. * - * @param array - * @return string + * Note: This is only used (and overriden) by MySQL and CUBRID. + * + * @return string */ - protected function _from_tables($tables) + protected function _from_tables() { - is_array($tables) OR $tables = array($tables); - - return (count($tables) === 1) ? $tables[0] : '('.implode(', ', $tables).')'; + return implode(', ', $this->qb_from); } // -------------------------------------------------------------------- @@ -2058,7 +2057,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { // Write the "FROM" portion of the query if (count($this->qb_from) > 0) { - $sql .= "\nFROM ".$this->_from_tables($this->qb_from); + $sql .= "\nFROM ".$this->_from_tables(); } // Write the "JOIN" portion of the query diff --git a/system/database/drivers/cubrid/cubrid_driver.php b/system/database/drivers/cubrid/cubrid_driver.php index a3d0287f5..01d0ee39e 100644 --- a/system/database/drivers/cubrid/cubrid_driver.php +++ b/system/database/drivers/cubrid/cubrid_driver.php @@ -45,10 +45,6 @@ class CI_DB_cubrid_driver extends CI_DB { // The character used for escaping - no need in CUBRID protected $_escape_char = '`'; - // clause and character used for LIKE escape sequences - not used in CUBRID - protected $_like_escape_str = ''; - protected $_like_escape_chr = ''; - protected $_random_keyword = ' RAND()'; // database specific random keyword // CUBRID-specific properties @@ -72,6 +68,8 @@ class CI_DB_cubrid_driver extends CI_DB { } } + // -------------------------------------------------------------------- + /** * Non-persistent database connection * @@ -431,6 +429,26 @@ class CI_DB_cubrid_driver extends CI_DB { // -------------------------------------------------------------------- /** + * FROM tables + * + * Groups tables in FROM clauses if needed, so there is no confusion + * about operator precedence. + * + * @return string + */ + protected function _from_tables() + { + if ( ! empty($this->qb_join) && count($this->qb_from) > 1) + { + return '('.implode(', ', $this->qb_from).')'; + } + + return implode(', ', $this->qb_from); + } + + // -------------------------------------------------------------------- + + /** * Close DB Connection * * @return void diff --git a/system/database/drivers/ibase/ibase_driver.php b/system/database/drivers/ibase/ibase_driver.php index c9027670d..ab1d1b88d 100644 --- a/system/database/drivers/ibase/ibase_driver.php +++ b/system/database/drivers/ibase/ibase_driver.php @@ -45,10 +45,6 @@ class CI_DB_ibase_driver extends CI_DB { // The character used to escape with protected $_escape_char = '"'; - // clause and character used for LIKE escape sequences - protected $_like_escape_str = " ESCAPE '%s' "; - protected $_like_escape_chr = '!'; - protected $_random_keyword = ' Random()'; // database specific random keyword // Keeps track of the resource for the current transaction @@ -306,22 +302,6 @@ class CI_DB_ibase_driver extends CI_DB { // -------------------------------------------------------------------- /** - * From Tables - * - * This public function implicitly groups FROM tables so there is no confusion - * about operator precedence in harmony with SQL standards - * - * @param array - * @return string - */ - protected function _from_tables($tables) - { - return is_array($tables) ? implode(', ', $tables) : $tables; - } - - // -------------------------------------------------------------------- - - /** * Update statement * * Generates a platform-specific update string from the supplied data diff --git a/system/database/drivers/mssql/mssql_driver.php b/system/database/drivers/mssql/mssql_driver.php index 1714704a8..a62ea94b3 100644 --- a/system/database/drivers/mssql/mssql_driver.php +++ b/system/database/drivers/mssql/mssql_driver.php @@ -45,10 +45,6 @@ class CI_DB_mssql_driver extends CI_DB { // The character used for escaping protected $_escape_char = '"'; - // clause and character used for LIKE escape sequences - protected $_like_escape_str = " ESCAPE '%s' "; - protected $_like_escape_chr = '!'; - protected $_random_keyword = ' NEWID()'; // MSSQL-specific properties @@ -366,22 +362,6 @@ class CI_DB_mssql_driver extends CI_DB { // -------------------------------------------------------------------- /** - * From Tables - * - * This function implicitly groups FROM tables so there is no confusion - * about operator precedence in harmony with SQL standards - * - * @param array - * @return string - */ - protected function _from_tables($tables) - { - return is_array($tables) ? implode(', ', $tables) : $tables; - } - - // -------------------------------------------------------------------- - - /** * Update statement * * Generates a platform-specific update string from the supplied data diff --git a/system/database/drivers/mysql/mysql_driver.php b/system/database/drivers/mysql/mysql_driver.php index 29db90408..7262591ee 100644 --- a/system/database/drivers/mysql/mysql_driver.php +++ b/system/database/drivers/mysql/mysql_driver.php @@ -45,10 +45,6 @@ class CI_DB_mysql_driver extends CI_DB { // The character used for escaping protected $_escape_char = '`'; - // clause and character used for LIKE escape sequences - not used in MySQL - protected $_like_escape_str = ''; - protected $_like_escape_chr = '\\'; - protected $_random_keyword = ' RAND()'; // database specific random keyword /** @@ -83,7 +79,14 @@ class CI_DB_mysql_driver extends CI_DB { */ public function db_connect() { - return @mysql_connect($this->hostname, $this->username, $this->password, TRUE); + if ($this->compress === TRUE) + { + return @mysql_connect($this->hostname, $this->username, $this->password, TRUE, MYSQL_CLIENT_COMPRESS); + } + else + { + return @mysql_connect($this->hostname, $this->username, $this->password, TRUE); + } } // -------------------------------------------------------------------- @@ -95,7 +98,14 @@ class CI_DB_mysql_driver extends CI_DB { */ public function db_pconnect() { - return @mysql_pconnect($this->hostname, $this->username, $this->password); + if ($this->compress === TRUE) + { + return @mysql_pconnect($this->hostname, $this->username, $this->password, MYSQL_CLIENT_COMPRESS); + } + else + { + return @mysql_pconnect($this->hostname, $this->username, $this->password); + } } // -------------------------------------------------------------------- @@ -455,6 +465,26 @@ class CI_DB_mysql_driver extends CI_DB { // -------------------------------------------------------------------- /** + * FROM tables + * + * Groups tables in FROM clauses if needed, so there is no confusion + * about operator precedence. + * + * @return string + */ + protected function _from_tables() + { + if ( ! empty($this->qb_join) && count($this->qb_from) > 1) + { + return '('.implode(', ', $this->qb_from).')'; + } + + return implode(', ', $this->qb_from); + } + + // -------------------------------------------------------------------- + + /** * Close DB Connection * * @return void diff --git a/system/database/drivers/mysqli/mysqli_driver.php b/system/database/drivers/mysqli/mysqli_driver.php index be61aab20..b5a1e26ed 100644 --- a/system/database/drivers/mysqli/mysqli_driver.php +++ b/system/database/drivers/mysqli/mysqli_driver.php @@ -45,10 +45,6 @@ class CI_DB_mysqli_driver extends CI_DB { // The character used for escaping protected $_escape_char = '`'; - // clause and character used for LIKE escape sequences - not used in MySQL - protected $_like_escape_str = ''; - protected $_like_escape_chr = '\\'; - protected $_random_keyword = ' RAND()'; // database specific random keyword /** @@ -65,6 +61,17 @@ class CI_DB_mysqli_driver extends CI_DB { */ public function db_connect() { + // Use MySQL client compression? + if ($this->compress === TRUE) + { + $port = empty($this->port) ? NULL : $this->port; + + $mysqli = new mysqli(); + @$mysqli->real_connect($this->hostname, $this->username, $this->password, $this->database, $port, NULL, MYSQLI_CLIENT_COMPRESS); + + return $mysqli; + } + return empty($this->port) ? @new mysqli($this->hostname, $this->username, $this->password, $this->database) : @new mysqli($this->hostname, $this->username, $this->password, $this->database, $this->port); @@ -85,6 +92,17 @@ class CI_DB_mysqli_driver extends CI_DB { return $this->db_connect(); } + // Use MySQL client compression? + if ($this->compress === TRUE) + { + $port = empty($this->port) ? NULL : $this->port; + + $mysqli = mysqli_init(); + $mysqli->real_connect('p:'.$this->hostname, $this->username, $this->password, $this->database, $port, NULL, MYSQLI_CLIENT_COMPRESS); + + return $mysqli; + } + return empty($this->port) ? @new mysqli('p:'.$this->hostname, $this->username, $this->password, $this->database) : @new mysqli('p:'.$this->hostname, $this->username, $this->password, $this->database, $this->port); @@ -400,6 +418,14 @@ class CI_DB_mysqli_driver extends CI_DB { */ public function error() { + if ( ! empty($this->conn_id->connect_errno)) + { + return array( + 'code' => $this->conn_id->connect_errno, + 'message' => is_php('5.2.9') ? $this->conn_id->connect_error : mysqli_connect_error() + ); + } + return array('code' => $this->conn_id->errno, 'message' => $this->conn_id->error); } @@ -449,6 +475,26 @@ class CI_DB_mysqli_driver extends CI_DB { // -------------------------------------------------------------------- /** + * FROM tables + * + * Groups tables in FROM clauses if needed, so there is no confusion + * about operator precedence. + * + * @return string + */ + protected function _from_tables() + { + if ( ! empty($this->qb_join) && count($this->qb_from) > 1) + { + return '('.implode(', ', $this->qb_from).')'; + } + + return implode(', ', $this->qb_from); + } + + // -------------------------------------------------------------------- + + /** * Close DB Connection * * @return void diff --git a/system/database/drivers/oci8/oci8_driver.php b/system/database/drivers/oci8/oci8_driver.php index 691247fee..72cbce5c1 100644 --- a/system/database/drivers/oci8/oci8_driver.php +++ b/system/database/drivers/oci8/oci8_driver.php @@ -54,10 +54,6 @@ class CI_DB_oci8_driver extends CI_DB { // The character used for excaping protected $_escape_char = '"'; - // clause and character used for LIKE escape sequences - protected $_like_escape_str = " ESCAPE '%s' "; - protected $_like_escape_chr = '!'; - /** * The syntax to count rows is slightly different across different * database engines, so this string appears in each driver and is @@ -547,22 +543,6 @@ class CI_DB_oci8_driver extends CI_DB { // -------------------------------------------------------------------- /** - * From Tables - * - * This function implicitly groups FROM tables so there is no confusion - * about operator precedence in harmony with SQL standards - * - * @param array - * @return string - */ - protected function _from_tables($tables) - { - return is_array($tables) ? implode(', ', $tables) : $tables; - } - - // -------------------------------------------------------------------- - - /** * Insert_batch statement * * Generates a platform-specific insert string from the supplied data diff --git a/system/database/drivers/odbc/odbc_driver.php b/system/database/drivers/odbc/odbc_driver.php index 8f0a474b0..c1f6ccfe2 100644 --- a/system/database/drivers/odbc/odbc_driver.php +++ b/system/database/drivers/odbc/odbc_driver.php @@ -45,9 +45,7 @@ class CI_DB_odbc_driver extends CI_DB { // the character used to excape - not necessary for ODBC protected $_escape_char = ''; - // clause and character used for LIKE escape sequences protected $_like_escape_str = " {escape '%s'} "; - protected $_like_escape_chr = '!'; protected $_random_keyword; @@ -291,22 +289,6 @@ class CI_DB_odbc_driver extends CI_DB { // -------------------------------------------------------------------- /** - * From Tables - * - * This function implicitly groups FROM tables so there is no confusion - * about operator precedence in harmony with SQL standards - * - * @param array - * @return string - */ - protected function _from_tables($tables) - { - return is_array($tables) ? implode(', ', $tables) : $tables; - } - - // -------------------------------------------------------------------- - - /** * Truncate statement * * Generates a platform-specific truncate string from the supplied data diff --git a/system/database/drivers/pdo/pdo_driver.php b/system/database/drivers/pdo/pdo_driver.php index 705b16560..0ffe3bc13 100644 --- a/system/database/drivers/pdo/pdo_driver.php +++ b/system/database/drivers/pdo/pdo_driver.php @@ -45,10 +45,6 @@ class CI_DB_pdo_driver extends CI_DB { // The character used to escaping protected $_escape_char = '"'; - // clause and character used for LIKE escape sequences - protected $_like_escape_str = " ESCAPE '%s' "; - protected $_like_escape_chr = '!'; - protected $_random_keyword; public $trans_enabled = FALSE; diff --git a/system/database/drivers/pdo/subdrivers/pdo_4d_driver.php b/system/database/drivers/pdo/subdrivers/pdo_4d_driver.php index e287f5c63..efc0500a5 100644 --- a/system/database/drivers/pdo/subdrivers/pdo_4d_driver.php +++ b/system/database/drivers/pdo/subdrivers/pdo_4d_driver.php @@ -130,22 +130,6 @@ class CI_DB_pdo_4d_driver extends CI_DB_pdo_driver { // -------------------------------------------------------------------- /** - * From Tables - * - * This function implicitly groups FROM tables so there is no confusion - * about operator precedence in harmony with SQL standards - * - * @param array - * @return string - */ - protected function _from_tables($tables) - { - return is_array($tables) ? implode(', ', $tables) : $tables; - } - - // -------------------------------------------------------------------- - - /** * Update statement * * Generates a platform-specific update string from the supplied data diff --git a/system/database/drivers/pdo/subdrivers/pdo_cubrid_driver.php b/system/database/drivers/pdo/subdrivers/pdo_cubrid_driver.php index 05eeacfe6..cb18a5c10 100644 --- a/system/database/drivers/pdo/subdrivers/pdo_cubrid_driver.php +++ b/system/database/drivers/pdo/subdrivers/pdo_cubrid_driver.php @@ -44,10 +44,6 @@ class CI_DB_pdo_cubrid_driver extends CI_DB_pdo_driver { protected $_escape_char = '`'; - // clause and character used for LIKE escape sequences - not used in CUBRID - protected $_like_escape_str = ''; - protected $_like_escape_chr = '\\'; - protected $_random_keyword = ' RAND()'; /** @@ -183,6 +179,26 @@ class CI_DB_pdo_cubrid_driver extends CI_DB_pdo_driver { return 'TRUNCATE '.$table; } + // -------------------------------------------------------------------- + + /** + * FROM tables + * + * Groups tables in FROM clauses if needed, so there is no confusion + * about operator precedence. + * + * @return string + */ + protected function _from_tables() + { + if ( ! empty($this->qb_join) && count($this->qb_from) > 1) + { + return '('.implode(', ', $this->qb_from).')'; + } + + return implode(', ', $this->qb_from); + } + } /* End of file pdo_cubrid_driver.php */ diff --git a/system/database/drivers/pdo/subdrivers/pdo_dblib_driver.php b/system/database/drivers/pdo/subdrivers/pdo_dblib_driver.php index 7060c9eb9..2346e683e 100644 --- a/system/database/drivers/pdo/subdrivers/pdo_dblib_driver.php +++ b/system/database/drivers/pdo/subdrivers/pdo_dblib_driver.php @@ -153,22 +153,6 @@ class CI_DB_pdo_dblib_driver extends CI_DB_pdo_driver { // -------------------------------------------------------------------- /** - * From Tables - * - * This function implicitly groups FROM tables so there is no confusion - * about operator precedence in harmony with SQL standards - * - * @param array - * @return string - */ - protected function _from_tables($tables) - { - return is_array($tables) ? implode(', ', $tables) : $tables; - } - - // -------------------------------------------------------------------- - - /** * Update statement * * Generates a platform-specific update string from the supplied data diff --git a/system/database/drivers/pdo/subdrivers/pdo_firebird_driver.php b/system/database/drivers/pdo/subdrivers/pdo_firebird_driver.php index c074a9a78..6fba764a9 100644 --- a/system/database/drivers/pdo/subdrivers/pdo_firebird_driver.php +++ b/system/database/drivers/pdo/subdrivers/pdo_firebird_driver.php @@ -139,22 +139,6 @@ class CI_DB_pdo_firebird_driver extends CI_DB_pdo_driver { // -------------------------------------------------------------------- /** - * From Tables - * - * This function implicitly groups FROM tables so there is no confusion - * about operator precedence in harmony with SQL standards - * - * @param array - * @return string - */ - protected function _from_tables($tables) - { - return is_array($tables) ? implode(', ', $tables) : $tables; - } - - // -------------------------------------------------------------------- - - /** * Update statement * * Generates a platform-specific update string from the supplied data diff --git a/system/database/drivers/pdo/subdrivers/pdo_ibm_driver.php b/system/database/drivers/pdo/subdrivers/pdo_ibm_driver.php index 832c03c96..399182e12 100644 --- a/system/database/drivers/pdo/subdrivers/pdo_ibm_driver.php +++ b/system/database/drivers/pdo/subdrivers/pdo_ibm_driver.php @@ -165,22 +165,6 @@ class CI_DB_pdo_ibm_driver extends CI_DB_pdo_driver { // -------------------------------------------------------------------- /** - * From Tables - * - * This function implicitly groups FROM tables so there is no confusion - * about operator precedence in harmony with SQL standards - * - * @param array - * @return string - */ - protected function _from_tables($tables) - { - return is_array($tables) ? implode(', ', $tables) : $tables; - } - - // -------------------------------------------------------------------- - - /** * Update statement * * Generates a platform-specific update string from the supplied data diff --git a/system/database/drivers/pdo/subdrivers/pdo_informix_driver.php b/system/database/drivers/pdo/subdrivers/pdo_informix_driver.php index a3efc63dc..028121540 100644 --- a/system/database/drivers/pdo/subdrivers/pdo_informix_driver.php +++ b/system/database/drivers/pdo/subdrivers/pdo_informix_driver.php @@ -159,22 +159,6 @@ class CI_DB_pdo_informix_driver extends CI_DB_pdo_driver { // -------------------------------------------------------------------- /** - * From Tables - * - * This function implicitly groups FROM tables so there is no confusion - * about operator precedence in harmony with SQL standards - * - * @param array - * @return string - */ - protected function _from_tables($tables) - { - return is_array($tables) ? implode(', ', $tables) : $tables; - } - - // -------------------------------------------------------------------- - - /** * Update statement * * Generates a platform-specific update string from the supplied data diff --git a/system/database/drivers/pdo/subdrivers/pdo_mysql_driver.php b/system/database/drivers/pdo/subdrivers/pdo_mysql_driver.php index 78afe246c..42446889a 100644 --- a/system/database/drivers/pdo/subdrivers/pdo_mysql_driver.php +++ b/system/database/drivers/pdo/subdrivers/pdo_mysql_driver.php @@ -44,10 +44,6 @@ class CI_DB_pdo_mysql_driver extends CI_DB_pdo_driver { protected $_escape_char = '`'; - // clause and character used for LIKE escape sequences - not used in MySQL - protected $_like_escape_str = ''; - protected $_like_escape_chr = '\\'; - protected $_random_keyword = ' RAND()'; /** @@ -211,6 +207,26 @@ class CI_DB_pdo_mysql_driver extends CI_DB_pdo_driver { return 'TRUNCATE '.$table; } + // -------------------------------------------------------------------- + + /** + * FROM tables + * + * Groups tables in FROM clauses if needed, so there is no confusion + * about operator precedence. + * + * @return string + */ + protected function _from_tables() + { + if ( ! empty($this->qb_join) && count($this->qb_from) > 1) + { + return '('.implode(', ', $this->qb_from).')'; + } + + return implode(', ', $this->qb_from); + } + } /* End of file pdo_mysql_driver.php */ diff --git a/system/database/drivers/pdo/subdrivers/pdo_oci_driver.php b/system/database/drivers/pdo/subdrivers/pdo_oci_driver.php index 56ec1bce1..d584d1f5b 100644 --- a/system/database/drivers/pdo/subdrivers/pdo_oci_driver.php +++ b/system/database/drivers/pdo/subdrivers/pdo_oci_driver.php @@ -146,22 +146,6 @@ class CI_DB_pdo_oci_driver extends CI_DB_pdo_driver { // -------------------------------------------------------------------- /** - * From Tables - * - * This function implicitly groups FROM tables so there is no confusion - * about operator precedence in harmony with SQL standards - * - * @param array - * @return string - */ - protected function _from_tables($tables) - { - return is_array($tables) ? implode(', ', $tables) : $tables; - } - - // -------------------------------------------------------------------- - - /** * Insert_batch statement * * @param string the table name diff --git a/system/database/drivers/pdo/subdrivers/pdo_odbc_driver.php b/system/database/drivers/pdo/subdrivers/pdo_odbc_driver.php index 392754ff7..e7ab3fd50 100644 --- a/system/database/drivers/pdo/subdrivers/pdo_odbc_driver.php +++ b/system/database/drivers/pdo/subdrivers/pdo_odbc_driver.php @@ -46,7 +46,6 @@ class CI_DB_pdo_odbc_driver extends CI_DB_pdo_driver { protected $_escape_char = ''; // clause and character used for LIKE escape sequences - protected $_like_escape_chr = '!'; protected $_like_escape_str = " {escape '%s'} "; protected $_random_keyword = ' RAND()'; @@ -157,22 +156,6 @@ class CI_DB_pdo_odbc_driver extends CI_DB_pdo_driver { // -------------------------------------------------------------------- /** - * From Tables - * - * This function implicitly groups FROM tables so there is no confusion - * about operator precedence in harmony with SQL standards - * - * @param array - * @return string - */ - protected function _from_tables($tables) - { - return is_array($tables) ? implode(', ', $tables) : $tables; - } - - // -------------------------------------------------------------------- - - /** * Update statement * * Generates a platform-specific update string from the supplied data diff --git a/system/database/drivers/pdo/subdrivers/pdo_pgsql_driver.php b/system/database/drivers/pdo/subdrivers/pdo_pgsql_driver.php index 9a476f143..2a687812a 100644 --- a/system/database/drivers/pdo/subdrivers/pdo_pgsql_driver.php +++ b/system/database/drivers/pdo/subdrivers/pdo_pgsql_driver.php @@ -142,22 +142,6 @@ class CI_DB_pdo_pgsql_driver extends CI_DB_pdo_driver { // -------------------------------------------------------------------- /** - * From Tables - * - * This function implicitly groups FROM tables so there is no confusion - * about operator precedence in harmony with SQL standards - * - * @param array - * @return string - */ - protected function _from_tables($tables) - { - return is_array($tables) ? implode(', ', $tables) : $tables; - } - - // -------------------------------------------------------------------- - - /** * Update statement * * Generates a platform-specific update string from the supplied data diff --git a/system/database/drivers/pdo/subdrivers/pdo_sqlsrv_driver.php b/system/database/drivers/pdo/subdrivers/pdo_sqlsrv_driver.php index f125b8f50..ee7c1d15a 100644 --- a/system/database/drivers/pdo/subdrivers/pdo_sqlsrv_driver.php +++ b/system/database/drivers/pdo/subdrivers/pdo_sqlsrv_driver.php @@ -182,22 +182,6 @@ class CI_DB_pdo_sqlsrv_driver extends CI_DB_pdo_driver { // -------------------------------------------------------------------- /** - * From Tables - * - * This function implicitly groups FROM tables so there is no confusion - * about operator precedence in harmony with SQL standards - * - * @param array - * @return string - */ - protected function _from_tables($tables) - { - return is_array($tables) ? implode(', ', $tables) : $tables; - } - - // -------------------------------------------------------------------- - - /** * Update statement * * Generates a platform-specific update string from the supplied data diff --git a/system/database/drivers/postgre/postgre_driver.php b/system/database/drivers/postgre/postgre_driver.php index 8c11c477b..2a91a8959 100644 --- a/system/database/drivers/postgre/postgre_driver.php +++ b/system/database/drivers/postgre/postgre_driver.php @@ -44,10 +44,6 @@ class CI_DB_postgre_driver extends CI_DB { protected $_escape_char = '"'; - // clause and character used for LIKE escape sequences - protected $_like_escape_str = " ESCAPE '%s' "; - protected $_like_escape_chr = '!'; - protected $_random_keyword = ' RANDOM()'; // database specific random keyword /** @@ -461,22 +457,6 @@ class CI_DB_postgre_driver extends CI_DB { // -------------------------------------------------------------------- /** - * From Tables - * - * This function implicitly groups FROM tables so there is no confusion - * about operator precedence in harmony with SQL standards - * - * @param array - * @return string - */ - protected function _from_tables($tables) - { - return is_array($tables) ? implode(', ', $tables) : $tables; - } - - // -------------------------------------------------------------------- - - /** * Update statement * * Generates a platform-specific update string from the supplied data diff --git a/system/database/drivers/sqlite/sqlite_driver.php b/system/database/drivers/sqlite/sqlite_driver.php index 19824dbbf..2744a63cf 100644 --- a/system/database/drivers/sqlite/sqlite_driver.php +++ b/system/database/drivers/sqlite/sqlite_driver.php @@ -45,10 +45,6 @@ class CI_DB_sqlite_driver extends CI_DB { // The character used to escape with - not needed for SQLite protected $_escape_char = '"'; - // clause and character used for LIKE escape sequences - protected $_like_escape_str = " ESCAPE '%s' "; - protected $_like_escape_chr = '!'; - protected $_random_keyword = ' Random()'; // database specific random keyword /** diff --git a/system/database/drivers/sqlite3/sqlite3_driver.php b/system/database/drivers/sqlite3/sqlite3_driver.php index cc35d319f..d03be15f5 100644 --- a/system/database/drivers/sqlite3/sqlite3_driver.php +++ b/system/database/drivers/sqlite3/sqlite3_driver.php @@ -46,10 +46,6 @@ class CI_DB_sqlite3_driver extends CI_DB { // The character used for escaping protected $_escape_char = '"'; - // clause and character used for LIKE escape sequences - protected $_like_escape_str = ' ESCAPE \'%s\' '; - protected $_like_escape_chr = '!'; - protected $_random_keyword = ' RANDOM()'; /** @@ -288,25 +284,16 @@ class CI_DB_sqlite3_driver extends CI_DB { // -------------------------------------------------------------------- /** - * The error message string + * Error * - * @return string - */ - protected function _error_message() - { - return $this->conn_id->lastErrorMsg(); - } - - // -------------------------------------------------------------------- - - /** - * The error message number + * Returns an array containing code and message of the last + * database error that has occured. * - * @return int + * @return array */ - protected function _error_number() + public function error() { - return $this->conn_id->lastErrorCode(); + return array('code' => $this->conn_id->lastErrorCode(), 'message' => $this->conn_id->lastErrorMsg()); } // -------------------------------------------------------------------- diff --git a/system/database/drivers/sqlsrv/sqlsrv_driver.php b/system/database/drivers/sqlsrv/sqlsrv_driver.php index bda450e88..a6739d192 100644 --- a/system/database/drivers/sqlsrv/sqlsrv_driver.php +++ b/system/database/drivers/sqlsrv/sqlsrv_driver.php @@ -45,10 +45,6 @@ class CI_DB_sqlsrv_driver extends CI_DB { // The character used for escaping protected $_escape_char = '"'; - // clause and character used for LIKE escape sequences - protected $_like_escape_str = " ESCAPE '%s' "; - protected $_like_escape_chr = '!'; - protected $_random_keyword = ' NEWID()'; // SQLSRV-specific properties @@ -362,22 +358,6 @@ class CI_DB_sqlsrv_driver extends CI_DB { // -------------------------------------------------------------------- /** - * From Tables - * - * This function implicitly groups FROM tables so there is no confusion - * about operator precedence in harmony with SQL standards - * - * @param array - * @return string - */ - protected function _from_tables($tables) - { - return is_array($tables) ? implode(', ', $tables) : $tables; - } - - // -------------------------------------------------------------------- - - /** * Update statement * * Generates a platform-specific update string from the supplied data diff --git a/system/helpers/captcha_helper.php b/system/helpers/captcha_helper.php index a4383c9d3..3aac14db8 100644 --- a/system/helpers/captcha_helper.php +++ b/system/helpers/captcha_helper.php @@ -80,8 +80,7 @@ if ( ! function_exists('create_captcha')) $current_dir = @opendir($img_path); while ($filename = @readdir($current_dir)) { - if ($filename !== '.' && $filename !== '..' && $filename !== 'index.html' - && (str_replace('.jpg', '', $filename) + $expiration) < $now) + if (substr($filename, -4) === '.jpg' && (str_replace('.jpg', '', $filename) + $expiration) < $now) { @unlink($img_path.$filename); } diff --git a/system/helpers/date_helper.php b/system/helpers/date_helper.php index a792f09a2..955d74542 100644 --- a/system/helpers/date_helper.php +++ b/system/helpers/date_helper.php @@ -657,5 +657,136 @@ if ( ! function_exists('timezones')) } } +// ------------------------------------------------------------------------ + +if ( ! function_exists('date_range')) +{ + /** + * Date range + * + * Returns a list of dates within a specified period. + * + * @param int unix_start UNIX timestamp of period start date + * @param int unix_end|days UNIX timestamp of period end date + * or interval in days. + * @param mixed is_unix Specifies wether the second parameter + * is a UNIX timestamp or a day interval + * - TRUE or 'unix' for a timestamp + * - FALSE or 'days' for an interval + * @param string date_format Output date format, same as in date() + * @return array + */ + function date_range($unix_start = '', $mixed = '', $is_unix = TRUE, $format = 'Y-m-d') + { + if ($unix_start == '' OR $mixed == '' OR $format == '') + { + return FALSE; + } + + $is_unix = ! ( ! $is_unix OR $is_unix === 'days'); + + // Validate input and try strtotime() on invalid timestamps/intervals, just in case + if ( ( ! preg_match('/^[0-9]+$/', $unix_start) && ($unix_start = @strtotime($unix_time)) === FALSE) + OR ( ! preg_match('/^[0-9]+$/', $mixed) && ($is_unix === FALSE OR ($mixed = @strtotime($mixed)) === FALSE)) + OR ($is_unix === TRUE && $mixed < $unix_start)) + { + return FALSE; + } + + if ($is_unix && ($unix_start == $mixed OR date($format, $unix_start) === date($format, $mixed))) + { + return array($start_date); + } + + $range = array(); + + /* NOTE: Even though the DateTime object has many useful features, it appears that + * it doesn't always handle properly timezones, when timestamps are passed + * directly to its constructor. Neither of the following gave proper results: + * + * new DateTime('<timestamp>') + * new DateTime('<timestamp>', '<timezone>') + * + * --- available in PHP 5.3: + * + * DateTime::createFromFormat('<format>', '<timestamp>') + * DateTime::createFromFormat('<format>', '<timestamp>', '<timezone') + * + * ... so we'll have to set the timestamp after the object is instantiated. + * Furthermore, in PHP 5.3 we can use DateTime::setTimestamp() to do that and + * given that we have UNIX timestamps - we should use it. + */ + $from = new DateTime(); + + if (is_php('5.3')) + { + $from->setTimestamp($unix_start); + if ($is_unix) + { + $arg = new DateTime(); + $arg->setTimestamp($mixed); + } + else + { + $arg = (int) $mixed; + } + + $period = new DatePeriod($from, new DateInterval('P1D'), $arg); + foreach ($period as $date) + { + $range[] = $date->format($format); + } + + /* If a period end date was passed to the DatePeriod constructor, it might not + * be in our results. Not sure if this is a bug or it's just possible because + * the end date might actually be less than 24 hours away from the previously + * generated DateTime object, but either way - we have to append it manually. + */ + if ( ! is_int($arg) && $range[count($range) - 1] !== $arg->format($format)) + { + $range[] = $arg->format($format); + } + + return $range; + } + + $from->setDate(date('Y', $unix_start), date('n', $unix_start), date('j', $unix_start)); + $from->setTime(date('G', $unix_start), date('i', $unix_start), date('s', $unix_start)); + if ($is_unix) + { + $arg = new DateTime(); + $arg->setDate(date('Y', $mixed), date('n', $mixed), date('j', $mixed)); + $arg->setTime(date('G', $mixed), date('i', $mixed), date('s', $mixed)); + } + else + { + $arg = (int) $mixed; + } + $range[] = $from->format($format); + + if (is_int($arg)) // Day intervals + { + do + { + $from->modify('+1 day'); + $range[] = $from->format($format); + } + while (--$arg > 0); + } + else // end date UNIX timestamp + { + for ($from->modify('+1 day'), $end_check = $arg->format('Ymd'); $from->format('Ymd') < $end_check; $from->modify('+1 day')) + { + $range[] = $from->format($format); + } + + // Our loop only appended dates prior to our end date + $range[] = $arg->format($format); + } + + return $range; + } +} + /* End of file date_helper.php */ /* Location: ./system/helpers/date_helper.php */
\ No newline at end of file diff --git a/system/helpers/directory_helper.php b/system/helpers/directory_helper.php index e7d3b5e8a..7d6b6770e 100644 --- a/system/helpers/directory_helper.php +++ b/system/helpers/directory_helper.php @@ -62,7 +62,7 @@ if ( ! function_exists('directory_map')) while (FALSE !== ($file = readdir($fp))) { // Remove '.', '..', and hidden files [optional] - if ( ! trim($file, '.') OR ($hidden === FALSE && $file[0] === '.')) + if ($file === '.' OR $file === '..' OR ($hidden === FALSE && $file[0] === '.')) { continue; } diff --git a/system/helpers/text_helper.php b/system/helpers/text_helper.php index 8a1f01b51..b592f3cc0 100644 --- a/system/helpers/text_helper.php +++ b/system/helpers/text_helper.php @@ -89,7 +89,8 @@ if ( ! function_exists('character_limiter')) return $str; } - $str = preg_replace('/\s+/', ' ', str_replace(array("\r\n", "\r", "\n"), ' ', $str)); + // a bit complicated, but faster than preg_replace with \s+ + $str = preg_replace('/ {2,}/', ' ', str_replace(array("\r", "\n", "\t", "\x0B", "\x0C"), ' ', $str)); if (strlen($str) <= $n) { diff --git a/system/helpers/url_helper.php b/system/helpers/url_helper.php index 57208c948..b1f5eccf1 100644 --- a/system/helpers/url_helper.php +++ b/system/helpers/url_helper.php @@ -534,7 +534,7 @@ if ( ! function_exists('redirect')) } // IIS environment likely? Use 'refresh' for better compatibility - if (DIRECTORY_SEPARATOR !== '/' && $method === 'auto') + if ($method === 'auto' && isset($_SERVER['SERVER_SOFTWARE']) && strpos($_SERVER['SERVER_SOFTWARE'], 'Microsoft-IIS') !== FALSE) { $method = 'refresh'; } diff --git a/system/language/english/date_lang.php b/system/language/english/date_lang.php index 229d33d2e..6683e4c69 100644 --- a/system/language/english/date_lang.php +++ b/system/language/english/date_lang.php @@ -25,20 +25,20 @@ * @filesource */ -$lang['date_year'] = "Year"; -$lang['date_years'] = "Years"; -$lang['date_month'] = "Month"; -$lang['date_months'] = "Months"; -$lang['date_week'] = "Week"; -$lang['date_weeks'] = "Weeks"; -$lang['date_day'] = "Day"; -$lang['date_days'] = "Days"; -$lang['date_hour'] = "Hour"; -$lang['date_hours'] = "Hours"; -$lang['date_minute'] = "Minute"; -$lang['date_minutes'] = "Minutes"; -$lang['date_second'] = "Second"; -$lang['date_seconds'] = "Seconds"; +$lang['date_year'] = 'Year'; +$lang['date_years'] = 'Years'; +$lang['date_month'] = 'Month'; +$lang['date_months'] = 'Months'; +$lang['date_week'] = 'Week'; +$lang['date_weeks'] = 'Weeks'; +$lang['date_day'] = 'Day'; +$lang['date_days'] = 'Days'; +$lang['date_hour'] = 'Hour'; +$lang['date_hours'] = 'Hours'; +$lang['date_minute'] = 'Minute'; +$lang['date_minutes'] = 'Minutes'; +$lang['date_second'] = 'Second'; +$lang['date_seconds'] = 'Seconds'; $lang['UM12'] = '(UTC -12:00) Baker/Howland Island'; $lang['UM11'] = '(UTC -11:00) Niue'; diff --git a/system/language/english/form_validation_lang.php b/system/language/english/form_validation_lang.php index 021776161..cf1b3b503 100644 --- a/system/language/english/form_validation_lang.php +++ b/system/language/english/form_validation_lang.php @@ -43,8 +43,8 @@ $lang['integer'] = 'The %s field must contain an integer.'; $lang['regex_match'] = 'The %s field is not in the correct format.'; $lang['matches'] = 'The %s field does not match the %s field.'; $lang['is_unique'] = 'The %s field must contain a unique value.'; -$lang['is_natural'] = 'The %s field must contain only positive numbers.'; -$lang['is_natural_no_zero'] = 'The %s field must contain a number greater than zero.'; +$lang['is_natural'] = 'The %s field must only contain digits.'; +$lang['is_natural_no_zero'] = 'The %s field must only contain digits and must be greater than zero.'; $lang['decimal'] = 'The %s field must contain a decimal number.'; $lang['less_than'] = 'The %s field must contain a number less than %s.'; $lang['less_than_equal_to'] = 'The %s field must contain a number less than or equal to %s.'; diff --git a/system/libraries/Driver.php b/system/libraries/Driver.php index 1d084c8e4..769d892dc 100644 --- a/system/libraries/Driver.php +++ b/system/libraries/Driver.php @@ -63,7 +63,7 @@ class CI_Driver_Library { * @return object Child class */ public function __get($child) - { + { // Try to load the driver return $this->load_driver($child); } @@ -284,4 +284,4 @@ class CI_Driver { } /* End of file Driver.php */ -/* Location: ./system/libraries/Driver.php */ +/* Location: ./system/libraries/Driver.php */
\ No newline at end of file diff --git a/system/libraries/Email.php b/system/libraries/Email.php index 8fd7a79e7..1b457aee4 100644 --- a/system/libraries/Email.php +++ b/system/libraries/Email.php @@ -188,7 +188,7 @@ class CI_Email { * @param string * @return object */ - public function from($from, $name = '') + public function from($from, $name = '', $return_path = '') { if (preg_match('/\<(.*)\>/', $from, $match)) { @@ -198,6 +198,10 @@ class CI_Email { if ($this->validate) { $this->validate_email($this->_str_to_array($from)); + if ($return_path) + { + $this->validate_email($this->_str_to_array($return_path)); + } } // prepare the display name @@ -216,7 +220,12 @@ class CI_Email { } $this->set_header('From', $name.' <'.$from.'>'); - $this->set_header('Return-Path', '<'.$from.'>'); + + if( ! $return_path) + { + $return_path = $from; + } + $this->set_header('Return-Path', '<'.$return_path.'>'); return $this; } @@ -971,7 +980,6 @@ class CI_Email { $this->_finalbody = $body.$this->_prep_quoted_printable($this->_body).$this->newline.$this->newline; - if ($this->_get_protocol() === 'mail') { $this->_header_str .= $hdr; @@ -1091,17 +1099,17 @@ class CI_Email { * Refer to RFC 2045 http://www.ietf.org/rfc/rfc2045.txt * * @param string - * @param int * @return string */ - protected function _prep_quoted_printable($str, $charlim = '') + protected function _prep_quoted_printable($str) { - // Set the character limit - // Don't allow over 76, as that will make servers and MUAs barf - // all over quoted-printable data - if ($charlim === '' OR $charlim > 76) + // RFC 2045 specifies CRLF as "\r\n". + // However, many developers choose to override that and violate + // the RFC rules due to (apparently) a bug in MS Exchange, + // which only works with "\n". + if ($this->crlf === "\r\n" && is_php('5.3')) { - $charlim = 76; + return quoted_printable_encode($str); } // Reduce multiple spaces & remove nulls @@ -1146,7 +1154,7 @@ class CI_Email { // If we're at the character limit, add the line to the output, // reset our temp variable, and keep on chuggin' - if ((strlen($temp) + strlen($char)) >= $charlim) + if ((strlen($temp) + strlen($char)) >= 76) { $output .= $temp.$escape.$this->crlf; $temp = ''; @@ -1228,7 +1236,7 @@ class CI_Email { // wrap each line with the shebang, charset, and transfer encoding // the preceding space on successive lines is required for header "folding" - return trim(preg_replace('/^(.*)$/m', ' =?'.$this->charset.'?Q?$1?=', $output.$temp)); + return trim(preg_replace('/^(.*?)(\r*)$/m', ' =?'.$this->charset.'?Q?$1?=$2', $output.$temp)); } // -------------------------------------------------------------------- @@ -1399,7 +1407,7 @@ class CI_Email { { // most documentation of sendmail using the "-f" flag lacks a space after it, however // we've encountered servers that seem to require it to be in place. - return mail($this->_recipients, $this->_subject, $this->_finalbody, $this->_header_str, '-f '.$this->clean_email($this->_headers['From'])); + return mail($this->_recipients, $this->_subject, $this->_finalbody, $this->_header_str, '-f '.$this->clean_email($this->_headers['Return-Path'])); } } @@ -1412,7 +1420,7 @@ class CI_Email { */ protected function _send_with_sendmail() { - $fp = @popen($this->mailpath.' -oi -f '.$this->clean_email($this->_headers['From']).' -t', 'w'); + $fp = @popen($this->mailpath.' -oi -f '.$this->clean_email($this->_headers['From']).' -t'.' -r '.$this->clean_email($this->_headers['Return-Path']), 'w'); if ($fp === FALSE OR $fp === NULL) { diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index 8ffd93aea..679609251 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -484,7 +484,7 @@ class CI_Encrypt { */ public function set_hash($type = 'sha1') { - $this->_hash_type = ($type !== 'sha1' && $type !== 'md5') ? 'sha1' : $type; + $this->_hash_type = in_array($type, hash_algos()) ? $type : 'sha1'; } // -------------------------------------------------------------------- @@ -497,7 +497,7 @@ class CI_Encrypt { */ public function hash($str) { - return ($this->_hash_type === 'sha1') ? sha1($str) : md5($str); + return hash($this->_hash_type, $str); } } diff --git a/system/libraries/Image_lib.php b/system/libraries/Image_lib.php index 899b995d4..ef4187847 100644 --- a/system/libraries/Image_lib.php +++ b/system/libraries/Image_lib.php @@ -1320,6 +1320,13 @@ class CI_Image_lib { imagestring($src_img, $this->wm_font_size, $x_shad, $y_shad, $this->wm_text, $drp_color); imagestring($src_img, $this->wm_font_size, $x_axis, $y_axis, $this->wm_text, $txt_color); } + + // We can preserve transparency for PNG images + if ($this->image_type === 3) + { + imagealphablending($src_img, FALSE); + imagesavealpha($src_img, TRUE); + } } // Output the final image diff --git a/system/libraries/Pagination.php b/system/libraries/Pagination.php index 5573f6407..e1e729bb0 100644 --- a/system/libraries/Pagination.php +++ b/system/libraries/Pagination.php @@ -52,20 +52,20 @@ class CI_Pagination { protected $full_tag_open = ''; protected $full_tag_close = ''; protected $first_tag_open = ''; - protected $first_tag_close = ' '; - protected $last_tag_open = ' '; + protected $first_tag_close = ''; + protected $last_tag_open = ''; protected $last_tag_close = ''; protected $first_url = ''; // Alternative URL for the First Page. - protected $cur_tag_open = ' <strong>'; + protected $cur_tag_open = '<strong>'; protected $cur_tag_close = '</strong>'; - protected $next_tag_open = ' '; - protected $next_tag_close = ' '; - protected $prev_tag_open = ' '; + protected $next_tag_open = ''; + protected $next_tag_close = ''; + protected $prev_tag_open = ''; protected $prev_tag_close = ''; - protected $num_tag_open = ' '; + protected $num_tag_open = ''; protected $num_tag_close = ''; protected $page_query_string = FALSE; - protected $query_string_segment = 'per_page'; + protected $query_string_segment = 'per_page'; protected $display_pages = TRUE; protected $_attributes = ''; protected $_link_types = array(); @@ -215,7 +215,8 @@ class CI_Pagination { // string. If post, add a trailing slash to the base URL if needed if ($CI->config->item('enable_query_strings') === TRUE OR $this->page_query_string === TRUE) { - $this->base_url = rtrim($this->base_url).'&'.$this->query_string_segment.'='; + $segment = (strpos($this->base_url, '?')) ? '&' : '?'; + $this->base_url = rtrim($this->base_url).$segment.$this->query_string_segment.'='; } else { diff --git a/system/libraries/Session/Session.php b/system/libraries/Session/Session.php index 1f24456a4..978506062 100755 --- a/system/libraries/Session/Session.php +++ b/system/libraries/Session/Session.php @@ -2,20 +2,31 @@ /** * CodeIgniter * - * An open source application development framework for PHP 5.1.6 or newer + * An open source application development framework for PHP 5.2.4 or newer + * + * NOTICE OF LICENSE + * + * Licensed under the Open Software License version 3.0 + * + * This source file is subject to the Open Software License (OSL 3.0) that is + * bundled with this package in the files license.txt / license.rst. It is + * also available through the world wide web at this URL: + * http://opensource.org/licenses/OSL-3.0 + * If you did not receive a copy of the license and are unable to obtain it + * through the world wide web, please send an email to + * licensing@ellislab.com so we can send you a copy immediately. * * @package CodeIgniter - * @author ExpressionEngine Dev Team - * @copyright Copyright (c) 2008 - 2010, EllisLab, Inc. - * @license http://codeigniter.com/user_guide/license.html + * @author EllisLab Dev Team + * @copyright Copyright (c) 2006 - 2012 EllisLab, Inc. + * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 2.0 * @filesource */ - /** - * CI_Session Class + * CodeIgniter Session Class * * The user interface defined by EllisLabs, now with puggable drivers to manage different storage mechanisms. * By default, the cookie session driver will load, but the 'sess_driver' config/param item (see above) can be @@ -35,12 +46,13 @@ * @package CodeIgniter * @subpackage Libraries * @category Sessions - * @author ExpressionEngine Dev Team + * @author EllisLab Dev Team * @link http://codeigniter.com/user_guide/libraries/sessions.html */ class CI_Session extends CI_Driver_Library { + public $params = array(); - protected $current = null; + protected $current = NULL; protected $userdata = array(); const FLASHDATA_KEY = 'flash'; @@ -57,22 +69,30 @@ class CI_Session extends CI_Driver_Library { * routines in its constructor, and manages flashdata aging. * * @param array Configuration parameters + * @return void */ public function __construct(array $params = array()) { + $CI =& get_instance(); + + // No sessions under CLI + if ($CI->input->is_cli_request()) + { + return; + } + log_message('debug', 'CI_Session Class Initialized'); // Get valid drivers list - $CI =& get_instance(); $this->valid_drivers = array( 'Session_native', 'Session_cookie' ); $key = 'sess_valid_drivers'; - $drivers = (isset($params[$key])) ? $params[$key] : $CI->config->item($key); + $drivers = isset($params[$key]) ? $params[$key] : $CI->config->item($key); if ($drivers) { - if ( ! is_array($drivers)) $drivers = array($drivers); + is_array($drivers) OR $drivers = array($drivers); // Add driver names to valid list foreach ($drivers as $driver) @@ -86,8 +106,12 @@ class CI_Session extends CI_Driver_Library { // Get driver to load $key = 'sess_driver'; - $driver = (isset($params[$key])) ? $params[$key] : $CI->config->item($key); - if ( ! $driver) $driver = 'cookie'; + $driver = isset($params[$key]) ? $params[$key] : $CI->config->item($key); + if ( ! $driver) + { + $driver = 'cookie'; + } + if ( ! in_array('session_'.strtolower($driver), array_map('strtolower', $this->valid_drivers))) { $this->valid_drivers[] = 'Session_'.$driver; @@ -111,6 +135,8 @@ class CI_Session extends CI_Driver_Library { log_message('debug', 'CI_Session routines successfully run'); } + // ------------------------------------------------------------------------ + /** * Loads session storage driver * @@ -125,6 +151,8 @@ class CI_Session extends CI_Driver_Library { return $this->current; } + // ------------------------------------------------------------------------ + /** * Select default session storage driver * @@ -142,7 +170,8 @@ class CI_Session extends CI_Driver_Library { if (isset($this->$child)) { // See if driver is already current - if ($this->$child !== $this->current) { + if ($this->$child !== $this->current) + { // Make driver current and sync userdata $this->current = $this->$child; $this->userdata =& $this->current->get_userdata(); @@ -156,6 +185,8 @@ class CI_Session extends CI_Driver_Library { } } + // ------------------------------------------------------------------------ + /** * Destroy the current session * @@ -167,19 +198,23 @@ class CI_Session extends CI_Driver_Library { $this->current->sess_destroy(); } + // ------------------------------------------------------------------------ + /** * Regenerate the current session * - * @param boolean Destroy session data flag (default: false) + * @param bool Destroy session data flag (default: false) * @return void */ - public function sess_regenerate($destroy = false) + public function sess_regenerate($destroy = FALSE) { // Call regenerate on driver and resync userdata $this->current->sess_regenerate($destroy); $this->userdata =& $this->current->get_userdata(); } + // ------------------------------------------------------------------------ + /** * Fetch a specific item from the session array * @@ -188,10 +223,11 @@ class CI_Session extends CI_Driver_Library { */ public function userdata($item) { - // Return value or NULL if not found - return ( ! isset($this->userdata[$item])) ? NULL : $this->userdata[$item]; + return isset($this->userdata[$item]) ? $this->userdata[$item] : NULL; } + // ------------------------------------------------------------------------ + /** * Fetch all session data * @@ -199,10 +235,11 @@ class CI_Session extends CI_Driver_Library { */ public function all_userdata() { - // Return entire array - return ( ! isset($this->userdata)) ? NULL : $this->userdata; + return isset($this->userdata) ? $this->userdata : NULL; } + // ------------------------------------------------------------------------ + /** * Fetch all flashdata * @@ -225,6 +262,8 @@ class CI_Session extends CI_Driver_Library { return $out; } + // ------------------------------------------------------------------------ + /** * Add or change data in the "userdata" array * @@ -253,6 +292,8 @@ class CI_Session extends CI_Driver_Library { $this->current->sess_save(); } + // ------------------------------------------------------------------------ + /** * Delete a session variable from the "userdata" array * @@ -270,7 +311,7 @@ class CI_Session extends CI_Driver_Library { // Unset each item name if (count($newdata) > 0) { - foreach ($newdata as $key => $val) + foreach (array_keys($newdata) as $key) { unset($this->userdata[$key]); } @@ -280,18 +321,21 @@ class CI_Session extends CI_Driver_Library { $this->current->sess_save(); } + // ------------------------------------------------------------------------ + /** * Determine if an item exists * * @param string Item name - * @return boolean + * @return bool */ public function has_userdata($item) { - // Check for item name return isset($this->userdata[$item]); } + // ------------------------------------------------------------------------ + /** * Add or change flashdata, only available until the next request * @@ -318,6 +362,8 @@ class CI_Session extends CI_Driver_Library { } } + // ------------------------------------------------------------------------ + /** * Keeps existing flashdata available to next request. * @@ -335,6 +381,8 @@ class CI_Session extends CI_Driver_Library { $this->set_userdata($new_flashdata_key, $value); } + // ------------------------------------------------------------------------ + /** * Fetch a specific flashdata item from the session array * @@ -348,13 +396,14 @@ class CI_Session extends CI_Driver_Library { return $this->userdata($flashdata_key); } + // ------------------------------------------------------------------------ + /** - * Add or change tempdata, only available - * until expiration + * Add or change tempdata, only available until expiration * * @param mixed Item name or array of items * @param string Item value or empty string - * @param int Item lifetime in seconds or 0 for default + * @param int Item lifetime in seconds or 0 for default * @return void */ public function set_tempdata($newdata = array(), $newval = '', $expire = 0) @@ -390,6 +439,8 @@ class CI_Session extends CI_Driver_Library { $this->set_userdata(self::EXPIRATION_KEY, $expirations); } + // ------------------------------------------------------------------------ + /** * Delete a temporary session variable from the "userdata" array * @@ -400,7 +451,7 @@ class CI_Session extends CI_Driver_Library { { // Get expirations list $expirations = $this->userdata(self::EXPIRATION_KEY); - if ( ! $expirations || ! count($expirations)) + if (empty($expirations)) { // Nothing to do return; @@ -415,7 +466,7 @@ class CI_Session extends CI_Driver_Library { // Prepend each item name and unset if (count($newdata) > 0) { - foreach ($newdata as $key => $val) + foreach (array_keys($newdata) as $key) { $tempdata_key = self::FLASHDATA_KEY.self::FLASHDATA_EXP.$key; unset($expirations[$tempdata_key]); @@ -427,6 +478,8 @@ class CI_Session extends CI_Driver_Library { $this->set_userdata(self::EXPIRATION_KEY, $expirations); } + // ------------------------------------------------------------------------ + /** * Fetch a specific tempdata item from the session array * @@ -440,17 +493,17 @@ class CI_Session extends CI_Driver_Library { return $this->userdata($tempdata_key); } + // ------------------------------------------------------------------------ + /** * Identifies flashdata as 'old' for removal * when _flashdata_sweep() runs. * - * @access protected * @return void */ protected function _flashdata_mark() { - $userdata = $this->all_userdata(); - foreach ($userdata as $name => $value) + foreach ($this->all_userdata() as $name => $value) { $parts = explode(self::FLASHDATA_NEW, $name); if (is_array($parts) && count($parts) === 2) @@ -462,16 +515,17 @@ class CI_Session extends CI_Driver_Library { } } + // ------------------------------------------------------------------------ + /** * Removes all flashdata marked as 'old' * - * @access protected * @return void */ protected function _flashdata_sweep() { $userdata = $this->all_userdata(); - foreach ($userdata as $key => $value) + foreach (array_keys($userdata) as $key) { if (strpos($key, self::FLASHDATA_OLD)) { @@ -480,17 +534,18 @@ class CI_Session extends CI_Driver_Library { } } + // ------------------------------------------------------------------------ + /** * Removes all expired tempdata * - * @access protected * @return void */ protected function _tempdata_sweep() { // Get expirations list $expirations = $this->userdata(self::EXPIRATION_KEY); - if ( ! $expirations || ! count($expirations)) + if (empty($expirations)) { // Nothing to do return; @@ -499,7 +554,7 @@ class CI_Session extends CI_Driver_Library { // Unset expired elements $now = time(); $userdata = $this->all_userdata(); - foreach ($userdata as $key => $value) + foreach (array_keys($userdata) as $key) { if (strpos($key, self::FLASHDATA_EXP) && $expirations[$key] < $now) { @@ -511,9 +566,10 @@ class CI_Session extends CI_Driver_Library { // Update expiration list $this->set_userdata(self::EXPIRATION_KEY, $expirations); } + } -// END CI_Session Class +// ------------------------------------------------------------------------ /** * CI_Session_driver Class @@ -535,9 +591,27 @@ class CI_Session extends CI_Driver_Library { * @package CodeIgniter * @subpackage Libraries * @category Sessions - * @author ExpressionEngine Dev Team + * @author EllisLab Dev Team */ abstract class CI_Session_driver extends CI_Driver { + + protected $CI; + + /** + * Constructor + * + * Gets the CI singleton, so that individual drivers + * don't have to do it separately. + * + * @return void + */ + public function __construct() + { + $this->CI =& get_instance(); + } + + // ------------------------------------------------------------------------ + /** * Decorate * @@ -555,6 +629,8 @@ abstract class CI_Session_driver extends CI_Driver { $this->initialize(); } + // ------------------------------------------------------------------------ + /** * __call magic method * @@ -571,6 +647,8 @@ abstract class CI_Session_driver extends CI_Driver { return parent::__call($method, $args); } + // ------------------------------------------------------------------------ + /** * Initialize driver * @@ -581,50 +659,56 @@ abstract class CI_Session_driver extends CI_Driver { // Overload this method to implement initialization } + // ------------------------------------------------------------------------ + /** * Save the session data * - * Data in the array has changed - perform any storage synchronization necessary - * The child class MUST implement this abstract method! + * Data in the array has changed - perform any storage synchronization + * necessary. The child class MUST implement this abstract method! * * @return void */ abstract public function sess_save(); + // ------------------------------------------------------------------------ + /** * Destroy the current session * - * Clean up storage for this session - it has been terminated + * Clean up storage for this session - it has been terminated. * The child class MUST implement this abstract method! * * @return void */ abstract public function sess_destroy(); + // ------------------------------------------------------------------------ + /** * Regenerate the current session * - * Regenerate the session id + * Regenerate the session ID. * The child class MUST implement this abstract method! * - * @param boolean Destroy session data flag (default: false) + * @param bool Destroy session data flag (default: false) * @return void */ - abstract public function sess_regenerate($destroy = false); + abstract public function sess_regenerate($destroy = FALSE); + + // ------------------------------------------------------------------------ /** * Get a reference to user data array * - * Give array access to the main CI_Session object + * Give array access to the main CI_Session object. * The child class MUST implement this abstract method! * * @return array Reference to userdata */ abstract public function &get_userdata(); -} -// END CI_Session_driver Class +} /* End of file Session.php */ -/* Location: ./system/libraries/Session/Session.php */ -?> +/* Location: ./system/libraries/Session/Session.php */
\ No newline at end of file diff --git a/system/libraries/Session/drivers/Session_cookie.php b/system/libraries/Session/drivers/Session_cookie.php index 69e5fde14..fb62c7ec4 100755 --- a/system/libraries/Session/drivers/Session_cookie.php +++ b/system/libraries/Session/drivers/Session_cookie.php @@ -37,6 +37,7 @@ * @link http://codeigniter.com/user_guide/libraries/sessions.html */ class CI_Session_cookie extends CI_Session_driver { + /** * Whether to encrypt the session cookie * @@ -157,13 +158,6 @@ class CI_Session_cookie extends CI_Session_driver { public $userdata = array(); /** - * Reference to CodeIgniter instance - * - * @var object - */ - public $CI; - - /** * Current time * * @var int @@ -192,14 +186,10 @@ class CI_Session_cookie extends CI_Session_driver { /** * Initialize session driver object * - * @access protected * @return void */ protected function initialize() { - // Set the super object to a local variable for use throughout the class - $this->CI =& get_instance(); - // Set all the session preferences, which can either be set // manually via the $params array or via the config file $prefs = array( @@ -220,16 +210,17 @@ class CI_Session_cookie extends CI_Session_driver { 'cookie_prefix', 'encryption_key' ); + foreach ($prefs as $key) { - $this->$key = isset($this->_parent->params[$key]) ? $this->_parent->params[$key] : - $this->CI->config->item($key); + $this->$key = isset($this->_parent->params[$key]) + ? $this->_parent->params[$key] + : $this->CI->config->item($key); } if ($this->encryption_key === '') { - show_error('In order to use the Cookie Session driver you are required to set an encryption key '. - 'in your config file.'); + show_error('In order to use the Cookie Session driver you are required to set an encryption key in your config file.'); } // Load the string helper so we can use the strip_slashes() function @@ -280,6 +271,8 @@ class CI_Session_cookie extends CI_Session_driver { $this->_sess_gc(); } + // ------------------------------------------------------------------------ + /** * Write the session data * @@ -298,6 +291,8 @@ class CI_Session_cookie extends CI_Session_driver { $this->_set_cookie(); } + // ------------------------------------------------------------------------ + /** * Destroy the current session * @@ -309,6 +304,7 @@ class CI_Session_cookie extends CI_Session_driver { if ($this->sess_use_database === TRUE && isset($this->userdata['session_id'])) { $this->CI->db->delete($this->sess_table_name, array('session_id' => $this->userdata['session_id'])); + $this->data_dirty = FALSE; } // Kill the cookie @@ -319,15 +315,17 @@ class CI_Session_cookie extends CI_Session_driver { $this->userdata = array(); } + // ------------------------------------------------------------------------ + /** * Regenerate the current session * * Regenerate the session id * - * @param boolean Destroy session data flag (default: false) + * @param bool Destroy session data flag (default: false) * @return void */ - public function sess_regenerate($destroy = false) + public function sess_regenerate($destroy = FALSE) { // Check destroy flag if ($destroy) @@ -339,25 +337,27 @@ class CI_Session_cookie extends CI_Session_driver { else { // Just force an update to recreate the id - $this->_sess_update(true); + $this->_sess_update(TRUE); } } + // ------------------------------------------------------------------------ + /** * Get a reference to user data array * - * @return array - Reference to userdata + * @return array Reference to userdata */ public function &get_userdata() { - // Return reference to array return $this->userdata; } + // ------------------------------------------------------------------------ + /** * Fetch the current session data if it exists * - * @access protected * @return bool */ protected function _sess_read() @@ -388,8 +388,7 @@ class CI_Session_cookie extends CI_Session_driver { // Does the md5 hash match? This is to prevent manipulation of session data in userspace if ($hash !== md5($session.$this->encryption_key)) { - log_message('error', 'The session cookie data did not match what was expected. '. - 'This could be a possible hacking attempt.'); + log_message('error', 'The session cookie data did not match what was expected. This could be a possible hacking attempt.'); $this->sess_destroy(); return FALSE; } @@ -399,8 +398,7 @@ class CI_Session_cookie extends CI_Session_driver { $session = $this->_unserialize($session); // Is the session data we unserialized an array with the correct format? - if ( ! is_array($session) || ! isset($session['session_id'], $session['ip_address'], $session['user_agent'], - $session['last_activity'])) + if ( ! is_array($session) OR ! isset($session['session_id'], $session['ip_address'], $session['user_agent'], $session['last_activity'])) { $this->sess_destroy(); return FALSE; @@ -422,7 +420,7 @@ class CI_Session_cookie extends CI_Session_driver { // Does the User Agent Match? if ($this->sess_match_useragent === TRUE && - trim($session['user_agent']) !== trim(substr($this->CI->input->user_agent(), 0, 120))) + trim($session['user_agent']) !== trim(substr($this->CI->input->user_agent(), 0, 120))) { $this->sess_destroy(); return FALSE; @@ -443,8 +441,19 @@ class CI_Session_cookie extends CI_Session_driver { $this->CI->db->where('user_agent', $session['user_agent']); } + // Is caching in effect? Turn it off + $db_cache = $this->CI->db->cache_on; + $this->CI->db->cache_off(); + $query = $this->CI->db->limit(1)->get($this->sess_table_name); + // Was caching in effect? + if ($db_cache) + { + // Turn it back on + $this->CI->db->cache_on(); + } + // No result? Kill it! if ($query->num_rows() === 0) { @@ -470,10 +479,11 @@ class CI_Session_cookie extends CI_Session_driver { return TRUE; } + // ------------------------------------------------------------------------ + /** * Create a new session * - * @access protected * @return void */ protected function _sess_create() @@ -497,11 +507,12 @@ class CI_Session_cookie extends CI_Session_driver { $this->_set_cookie(); } + // ------------------------------------------------------------------------ + /** * Update an existing session * - * @access protected - * @param boolean Force update flag (default: false) + * @param bool Force update flag (default: false) * @return void */ protected function _sess_update($force = FALSE) @@ -539,6 +550,8 @@ class CI_Session_cookie extends CI_Session_driver { $this->_set_cookie(); } + // ------------------------------------------------------------------------ + /** * Update database with current data * @@ -547,6 +560,8 @@ class CI_Session_cookie extends CI_Session_driver { * so it's guaranteed to update even when a fatal error * occurs. The first call makes the update and clears the * dirty flag so it won't happen twice. + * + * @return void */ public function _update_db() { @@ -583,6 +598,8 @@ class CI_Session_cookie extends CI_Session_driver { } } + // ------------------------------------------------------------------------ + /** * Generate a new session id * @@ -604,15 +621,16 @@ class CI_Session_cookie extends CI_Session_driver { return md5(uniqid($new_sessid, TRUE)); } + // ------------------------------------------------------------------------ + /** * Get the "now" time * - * @access protected * @return int Time */ protected function _get_time() { - if ($this->time_reference === 'local' || $this->time_reference === date_default_timezone_get()) + if ($this->time_reference === 'local' OR $this->time_reference === date_default_timezone_get()) { return time(); } @@ -623,36 +641,27 @@ class CI_Session_cookie extends CI_Session_driver { return mktime($hour, $minute, $second, $month, $day, $year); } + // ------------------------------------------------------------------------ + /** * Write the session cookie * - * @access protected * @return void */ protected function _set_cookie() { // Get userdata (only defaults if database) - if ($this->sess_use_database === TRUE) - { - $cookie_data = array_intersect_key($this->userdata, $this->defaults); - } - else - { - $cookie_data = $this->userdata; - } + $cookie_data = ($this->sess_use_database === TRUE) + ? array_intersect_key($this->userdata, $this->defaults) + : $this->userdata; // Serialize the userdata for the cookie $cookie_data = $this->_serialize($cookie_data); - if ($this->sess_encrypt_cookie === TRUE) - { - $cookie_data = $this->CI->encrypt->encode($cookie_data); - } - else - { + $cookie_data = ($this->sess_encrypt_cookie === TRUE) + ? $this->CI->encrypt->encode($cookie_data) // if encryption is not used, we provide an md5 hash to prevent userside tampering - $cookie_data = $cookie_data.md5($cookie_data.$this->encryption_key); - } + : $cookie_data.md5($cookie_data.$this->encryption_key); $expire = ($this->sess_expire_on_close === TRUE) ? 0 : $this->sess_expiration + time(); @@ -661,35 +670,35 @@ class CI_Session_cookie extends CI_Session_driver { $this->cookie_secure, $this->cookie_httponly); } + // ------------------------------------------------------------------------ + /** * Set a cookie with the system * * This abstraction of the setcookie call allows overriding for unit testing * - * @access protected - * @param string Cookie name - * @param string Cookie value - * @param int Expiration time - * @param string Cookie path - * @param string Cookie domain - * @param bool Secure connection flag - * @param bool HTTP protocol only flag - * @return void - */ - protected function _setcookie($name, $value = '', $expire = 0, $path = '', $domain = '', $secure = false, - $httponly = false) + * @param string Cookie name + * @param string Cookie value + * @param int Expiration time + * @param string Cookie path + * @param string Cookie domain + * @param bool Secure connection flag + * @param bool HTTP protocol only flag + * @return void + */ + protected function _setcookie($name, $value = '', $expire = 0, $path = '', $domain = '', $secure = FALSE, $httponly = FALSE) { - // Set the cookie setcookie($name, $value, $expire, $path, $domain, $secure, $httponly); } + // ------------------------------------------------------------------------ + /** * Serialize an array * * This function first converts any slashes found in the array to a temporary * marker, so when it gets unserialized the slashes will be preserved * - * @access protected * @param mixed Data to serialize * @return string Serialized data */ @@ -703,15 +712,17 @@ class CI_Session_cookie extends CI_Session_driver { { $data = str_replace('\\', '{{slash}}', $data); } + return serialize($data); } + // ------------------------------------------------------------------------ + /** * Escape slashes * * This function converts any slashes found into a temporary marker * - * @access protected * @param string Value * @param string Key * @return void @@ -724,13 +735,14 @@ class CI_Session_cookie extends CI_Session_driver { } } + // ------------------------------------------------------------------------ + /** * Unserialize * * This function unserializes a data string, then converts any * temporary slash markers back to actual slashes * - * @access protected * @param mixed Data to unserialize * @return mixed Unserialized data */ @@ -747,12 +759,13 @@ class CI_Session_cookie extends CI_Session_driver { return is_string($data) ? str_replace('{{slash}}', '\\', $data) : $data; } + // ------------------------------------------------------------------------ + /** * Unescape slashes * * This function converts any slash markers back into actual slashes * - * @access protected * @param string Value * @param string Key * @return void @@ -765,13 +778,14 @@ class CI_Session_cookie extends CI_Session_driver { } } + // ------------------------------------------------------------------------ + /** * Garbage collection * * This deletes expired session rows from database * if the probability percentage is met * - * @access protected * @return void */ protected function _sess_gc() @@ -793,7 +807,8 @@ class CI_Session_cookie extends CI_Session_driver { log_message('debug', 'Session garbage collection performed.'); } } + } /* End of file Session_cookie.php */ -/* Location: ./system/libraries/Session/drivers/Session_cookie.php */ +/* Location: ./system/libraries/Session/drivers/Session_cookie.php */
\ No newline at end of file diff --git a/system/libraries/Session/drivers/Session_native.php b/system/libraries/Session/drivers/Session_native.php index 8ba8e749a..8d5e51546 100755 --- a/system/libraries/Session/drivers/Session_native.php +++ b/system/libraries/Session/drivers/Session_native.php @@ -2,18 +2,29 @@ /** * CodeIgniter * - * An open source application development framework for PHP 5.1.6 or newer + * An open source application development framework for PHP 5.2.4 or newer + * + * NOTICE OF LICENSE + * + * Licensed under the Open Software License version 3.0 + * + * This source file is subject to the Open Software License (OSL 3.0) that is + * bundled with this package in the files license.txt / license.rst. It is + * also available through the world wide web at this URL: + * http://opensource.org/licenses/OSL-3.0 + * If you did not receive a copy of the license and are unable to obtain it + * through the world wide web, please send an email to + * licensing@ellislab.com so we can send you a copy immediately. * * @package CodeIgniter - * @author ExpressionEngine Dev Team - * @copyright Copyright (c) 2008 - 2010, EllisLab, Inc. - * @license http://codeigniter.com/user_guide/license.html + * @author EllisLab Dev Team + * @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/) + * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com - * @since Version 2.0 + * @since Version 1.0 * @filesource */ - /** * Native PHP session management driver * @@ -22,20 +33,19 @@ * @package CodeIgniter * @subpackage Libraries * @category Sessions - * @author ExpressionEngine Dev Team + * @author EllisLab Dev Team */ class CI_Session_native extends CI_Session_driver { + /** * Initialize session driver object * - * @access protected * @return void */ protected function initialize() { // Get config parameters $config = array(); - $CI =& get_instance(); $prefs = array( 'sess_cookie_name', 'sess_expire_on_close', @@ -47,10 +57,12 @@ class CI_Session_native extends CI_Session_driver { 'cookie_path', 'cookie_domain' ); + foreach ($prefs as $key) { - $config[$key] = isset($this->_parent->params[$key]) ? $this->_parent->params[$key] : - $CI->config->item($key); + $config[$key] = isset($this->_parent->params[$key]) + ? $this->_parent->params[$key] + : $this->CI->config->item($key); } // Set session name, if specified @@ -75,11 +87,13 @@ class CI_Session_native extends CI_Session_driver { // Default to 2 years if expiration is "0" $expire = ($config['sess_expiration'] == 0) ? (60*60*24*365*2) : $config['sess_expiration']; } + if ($config['cookie_path']) { // Use specified path $path = $config['cookie_path']; } + if ($config['cookie_domain']) { // Use specified domain @@ -98,14 +112,14 @@ class CI_Session_native extends CI_Session_driver { // Expired - destroy $destroy = TRUE; } - else if ($config['sess_match_ip'] == TRUE && isset($_SESSION['ip_address']) && - $_SESSION['ip_address'] != $CI->input->ip_address()) + elseif ($config['sess_match_ip'] === TRUE && isset($_SESSION['ip_address']) + && $_SESSION['ip_address'] !== $this->CI->input->ip_address()) { // IP doesn't match - destroy $destroy = TRUE; } - else if ($config['sess_match_useragent'] == TRUE && isset($_SESSION['user_agent']) && - $_SESSION['user_agent'] != trim(substr($CI->input->user_agent(), 0, 50))) + elseif ($config['sess_match_useragent'] === TRUE && isset($_SESSION['user_agent']) + && $_SESSION['user_agent'] !== trim(substr($this->CI->input->user_agent(), 0, 50))) { // Agent doesn't match - destroy $destroy = TRUE; @@ -120,8 +134,8 @@ class CI_Session_native extends CI_Session_driver { } // Check for update time - if ($config['sess_time_to_update'] && isset($_SESSION['last_activity']) && - ($_SESSION['last_activity'] + $config['sess_time_to_update']) < $now) + if ($config['sess_time_to_update'] && isset($_SESSION['last_activity']) + && ($_SESSION['last_activity'] + $config['sess_time_to_update']) < $now) { // Regenerate ID, but don't destroy session $this->sess_regenerate(FALSE); @@ -131,25 +145,27 @@ class CI_Session_native extends CI_Session_driver { $_SESSION['last_activity'] = $now; // Set matching values as required - if ($config['sess_match_ip'] == TRUE && !isset($_SESSION['ip_address'])) + if ($config['sess_match_ip'] === TRUE && ! isset($_SESSION['ip_address'])) { // Store user IP address - $_SESSION['ip_address'] = $CI->input->ip_address(); + $_SESSION['ip_address'] = $this->CI->input->ip_address(); } - if ($config['sess_match_useragent'] == TRUE && !isset($_SESSION['user_agent'])) + + if ($config['sess_match_useragent'] === TRUE && ! isset($_SESSION['user_agent'])) { // Store user agent string - $_SESSION['user_agent'] = trim(substr($CI->input->user_agent(), 0, 50)); + $_SESSION['user_agent'] = trim(substr($this->CI->input->user_agent(), 0, 50)); } // Make session ID available $_SESSION['session_id'] = session_id(); } + // ------------------------------------------------------------------------ + /** * Save the session data * - * @access public * @return void */ public function sess_save() @@ -157,10 +173,11 @@ class CI_Session_native extends CI_Session_driver { // Nothing to do - changes to $_SESSION are automatically saved } + // ------------------------------------------------------------------------ + /** * Destroy the current session * - * @access public * @return void */ public function sess_destroy() @@ -178,13 +195,14 @@ class CI_Session_native extends CI_Session_driver { session_destroy(); } + // ------------------------------------------------------------------------ + /** * Regenerate the current session * * Regenerate the session id * - * @access public - * @param boolean Destroy session data flag (default: FALSE) + * @param bool Destroy session data flag (default: FALSE) * @return void */ public function sess_regenerate($destroy = FALSE) @@ -194,10 +212,11 @@ class CI_Session_native extends CI_Session_driver { $_SESSION['session_id'] = session_id(); } + // ------------------------------------------------------------------------ + /** * Get a reference to user data array * - * @access public * @return array Reference to userdata */ public function &get_userdata() @@ -205,7 +224,8 @@ class CI_Session_native extends CI_Session_driver { // Just return reference to $_SESSION return $_SESSION; } + } /* End of file Session_native.php */ -/* Location: ./system/libraries/Session/drivers/Session_native.php */ +/* Location: ./system/libraries/Session/drivers/Session_native.php */
\ No newline at end of file diff --git a/system/libraries/Unit_test.php b/system/libraries/Unit_test.php index 70ad8dc41..c2c01758e 100644 --- a/system/libraries/Unit_test.php +++ b/system/libraries/Unit_test.php @@ -240,6 +240,11 @@ class CI_Unit_test { { foreach ($val as $k => $v) { + if ( ! in_array($k, $this->_test_items_visible)) + { + continue; + } + if (FALSE !== ($line = $CI->lang->line(strtolower('ut_'.$v)))) { $v = $line; diff --git a/system/libraries/Xmlrpc.php b/system/libraries/Xmlrpc.php index cbb91c40a..dc5d27f8c 100644..100755 --- a/system/libraries/Xmlrpc.php +++ b/system/libraries/Xmlrpc.php @@ -1317,15 +1317,15 @@ class XML_RPC_Values extends CI_Xmlrpc { $type = $type === '' ? 'string' : $type; - if ($this->xmlrpcTypes[$type] === 1) + if ($this->xmlrpcTypes[$type] == 1) { $this->addScalar($val,$type); } - elseif ($this->xmlrpcTypes[$type] === 2) + elseif ($this->xmlrpcTypes[$type] == 2) { $this->addArray($val); } - elseif ($this->xmlrpcTypes[$type] === 3) + elseif ($this->xmlrpcTypes[$type] == 3) { $this->addStruct($val); } @@ -1351,7 +1351,7 @@ class XML_RPC_Values extends CI_Xmlrpc return 0; } - if ($typeof !== 1) + if ($typeof != 1) { echo '<strong>XML_RPC_Values</strong>: not a scalar type (${typeof})<br />'; return 0; @@ -1359,7 +1359,7 @@ class XML_RPC_Values extends CI_Xmlrpc if ($type === $this->xmlrpcBoolean) { - $val = (int) (strcasecmp($val,'true') === 0 OR $val === 1 OR ($val === TRUE && strcasecmp($val, 'false'))); + $val = (int) (strcasecmp($val, 'true') === 0 OR $val === 1 OR ($val === TRUE && strcasecmp($val, 'false'))); } if ($this->mytype === 2) |