diff options
Diffstat (limited to 'system')
-rwxr-xr-x | system/core/Security.php | 12 | ||||
-rw-r--r-- | system/database/DB_active_rec.php | 6 | ||||
-rw-r--r-- | system/database/DB_driver.php | 19 | ||||
-rw-r--r-- | system/helpers/date_helper.php | 172 | ||||
-rw-r--r-- | system/helpers/form_helper.php | 7 | ||||
-rw-r--r-- | system/helpers/string_helper.php | 9 | ||||
-rw-r--r-- | system/helpers/typography_helper.php | 10 | ||||
-rw-r--r-- | system/language/english/migration_lang.php | 2 |
8 files changed, 128 insertions, 109 deletions
diff --git a/system/core/Security.php b/system/core/Security.php index 342455f27..e99418bdd 100755 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -525,9 +525,17 @@ class CI_Security { * @param string * @return string */ - public function entity_decode($str, $charset='UTF-8') + public function entity_decode($str, $charset = NULL) { - if (stristr($str, '&') === FALSE) return $str; + if (stristr($str, '&') === FALSE) + { + return $str; + } + + if (empty($charset)) + { + $charset = config_item('charset'); + } // The reason we are not using html_entity_decode() by itself is because // while it is not technically correct to leave out the semicolon diff --git a/system/database/DB_active_rec.php b/system/database/DB_active_rec.php index 37d162bc1..7162e2ac5 100644 --- a/system/database/DB_active_rec.php +++ b/system/database/DB_active_rec.php @@ -872,11 +872,11 @@ class CI_DB_active_record extends CI_DB_driver { * @param integer the offset value * @return object */ - public function limit($value, $offset = '') + public function limit($value, $offset = NULL) { $this->ar_limit = (int) $value; - if ($offset != '') + if ( ! is_null($offset)) { $this->ar_offset = (int) $offset; } @@ -894,7 +894,7 @@ class CI_DB_active_record extends CI_DB_driver { */ public function offset($offset) { - $this->ar_offset = $offset; + $this->ar_offset = (int) $offset; return $this; } diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php index f3e824daa..300ca2977 100644 --- a/system/database/DB_driver.php +++ b/system/database/DB_driver.php @@ -251,9 +251,10 @@ class CI_DB_driver { { if ($sql == '') { + log_message('error', 'Invalid query: '.$sql); + if ($this->db_debug) { - log_message('error', 'Invalid query: '.$sql); return $this->display_error('db_invalid_query'); } return FALSE; @@ -306,21 +307,23 @@ class CI_DB_driver { // This will trigger a rollback if transactions are being used $this->_trans_status = FALSE; + // Grab the error number and message now, as we might run some + // additional queries before displaying the error + $error_no = $this->_error_number(); + $error_msg = $this->_error_message(); + + // Log errors + log_message('error', 'Query error: '.$error_msg); + if ($this->db_debug) { - // grab the error number and message now, as we might run some - // additional queries before displaying the error - $error_no = $this->_error_number(); - $error_msg = $this->_error_message(); - // We call this function in order to roll-back queries // if transactions are enabled. If we don't call this here // the error message will trigger an exit, causing the // transactions to remain in limbo. $this->trans_complete(); - // Log and display errors - log_message('error', 'Query error: '.$error_msg); + // Display errors return $this->display_error( array( 'Error Number: '.$error_no, diff --git a/system/helpers/date_helper.php b/system/helpers/date_helper.php index 6c559bb25..e14bc2f94 100644 --- a/system/helpers/date_helper.php +++ b/system/helpers/date_helper.php @@ -54,10 +54,8 @@ if ( ! function_exists('now')) return $system_time; } - else - { - return time(); - } + + return time(); } } @@ -85,12 +83,18 @@ if ( ! function_exists('mdate')) function mdate($datestr = '', $time = '') { if ($datestr == '') - return ''; + { + return ''; + } - if ($time == '') - $time = now(); + $time = ($time == '') ? now() : $time; + + $datestr = str_replace( + '%\\', + '', + preg_replace("/([a-z]+?){1}/i", "\\\\\\1", $datestr) + ); - $datestr = str_replace('%\\', '', preg_replace("/([a-z]+?){1}/i", "\\\\\\1", $datestr)); return date($datestr, $time); } } @@ -162,14 +166,7 @@ if ( ! function_exists('timespan')) $time = time(); } - if ($time <= $seconds) - { - $seconds = 1; - } - else - { - $seconds = $time - $seconds; - } + $seconds = ($time <= $seconds) ? 1 : $time - $seconds; $str = ''; $years = floor($seconds / 31536000); @@ -303,9 +300,18 @@ if ( ! function_exists('local_to_gmt')) function local_to_gmt($time = '') { if ($time == '') + { $time = time(); - - return mktime( gmdate("H", $time), gmdate("i", $time), gmdate("s", $time), gmdate("m", $time), gmdate("d", $time), gmdate("Y", $time)); + } + + return mktime( + gmdate("H", $time), + gmdate("i", $time), + gmdate("s", $time), + gmdate("m", $time), + gmdate("d", $time), + gmdate("Y", $time) + ); } } @@ -366,14 +372,14 @@ if ( ! function_exists('mysql_to_unix')) $time = str_replace(' ', '', $time); // YYYYMMDDHHMMSS - return mktime( - substr($time, 8, 2), - substr($time, 10, 2), - substr($time, 12, 2), - substr($time, 4, 2), - substr($time, 6, 2), - substr($time, 0, 4) - ); + return mktime( + substr($time, 8, 2), + substr($time, 10, 2), + substr($time, 12, 2), + substr($time, 4, 2), + substr($time, 6, 2), + substr($time, 0, 4) + ); } } @@ -475,13 +481,19 @@ if ( ! function_exists('human_to_unix')) $ampm = strtolower($split['2']); if (substr($ampm, 0, 1) == 'p' AND $hour < 12) - $hour = $hour + 12; + { + $hour = $hour + 12; + } if (substr($ampm, 0, 1) == 'a' AND $hour == 12) + { $hour = '00'; - + } + if (strlen($hour) == 1) - $hour = '0'.$hour; + { + $hour = '0'.$hour; + } } return mktime($hour, $min, $sec, $month, $day, $year); @@ -501,16 +513,16 @@ if ( ! function_exists('human_to_unix')) */ if ( ! function_exists('nice_date')) { - function nice_date($bad_date='', $format=false) + function nice_date($bad_date = '', $format = FALSE) { if (empty($bad_date)) { return 'Unknown'; } + // Date like: YYYYMM - if (preg_match('/^\d{6}$/',$bad_date)) + if (preg_match('/^\d{6}$/', $bad_date)) { - //echo $bad_date." "; if (in_array(substr($bad_date, 0, 2),array('19', '20'))) { $year = substr($bad_date, 0, 4); @@ -521,8 +533,8 @@ if ( ! function_exists('nice_date')) $month = substr($bad_date, 0, 2); $year = substr($bad_date, 2, 4); } + return date($format, strtotime($year . '-' . $month . '-01')); - } // Date Like: YYYYMMDD @@ -531,6 +543,7 @@ if ( ! function_exists('nice_date')) $month = substr($bad_date, 0, 2); $day = substr($bad_date, 2, 2); $year = substr($bad_date, 4, 4); + return date($format, strtotime($month . '/01/' . $year)); } @@ -574,8 +587,7 @@ if ( ! function_exists('timezone_menu')) $CI =& get_instance(); $CI->lang->load('date'); - if ($default == 'GMT') - $default = 'UTC'; + $default = ($default == 'GMT') ? 'UTC' : $default; $menu = '<select name="'.$name.'"'; @@ -618,60 +630,58 @@ if ( ! function_exists('timezones')) // some items appear to be in the wrong order $zones = array( - 'UM12' => -12, - 'UM11' => -11, - 'UM10' => -10, - 'UM95' => -9.5, - 'UM9' => -9, - 'UM8' => -8, - 'UM7' => -7, - 'UM6' => -6, - 'UM5' => -5, - 'UM45' => -4.5, - 'UM4' => -4, - 'UM35' => -3.5, - 'UM3' => -3, - 'UM2' => -2, - 'UM1' => -1, - 'UTC' => 0, - 'UP1' => +1, - 'UP2' => +2, - 'UP3' => +3, - 'UP35' => +3.5, - 'UP4' => +4, - 'UP45' => +4.5, - 'UP5' => +5, - 'UP55' => +5.5, - 'UP575' => +5.75, - 'UP6' => +6, - 'UP65' => +6.5, - 'UP7' => +7, - 'UP8' => +8, - 'UP875' => +8.75, - 'UP9' => +9, - 'UP95' => +9.5, - 'UP10' => +10, - 'UP105' => +10.5, - 'UP11' => +11, - 'UP115' => +11.5, - 'UP12' => +12, - 'UP1275' => +12.75, - 'UP13' => +13, - 'UP14' => +14 - ); + 'UM12' => -12, + 'UM11' => -11, + 'UM10' => -10, + 'UM95' => -9.5, + 'UM9' => -9, + 'UM8' => -8, + 'UM7' => -7, + 'UM6' => -6, + 'UM5' => -5, + 'UM45' => -4.5, + 'UM4' => -4, + 'UM35' => -3.5, + 'UM3' => -3, + 'UM2' => -2, + 'UM1' => -1, + 'UTC' => 0, + 'UP1' => +1, + 'UP2' => +2, + 'UP3' => +3, + 'UP35' => +3.5, + 'UP4' => +4, + 'UP45' => +4.5, + 'UP5' => +5, + 'UP55' => +5.5, + 'UP575' => +5.75, + 'UP6' => +6, + 'UP65' => +6.5, + 'UP7' => +7, + 'UP8' => +8, + 'UP875' => +8.75, + 'UP9' => +9, + 'UP95' => +9.5, + 'UP10' => +10, + 'UP105' => +10.5, + 'UP11' => +11, + 'UP115' => +11.5, + 'UP12' => +12, + 'UP1275' => +12.75, + 'UP13' => +13, + 'UP14' => +14 + ); if ($tz == '') { return $zones; } - - if ($tz == 'GMT') - $tz = 'UTC'; - + + $tz = ($tz == 'GMT') ? 'UTC' : $tz; + return ( ! isset($zones[$tz])) ? 0 : $zones[$tz]; } } - /* End of file date_helper.php */ /* Location: ./system/helpers/date_helper.php */
\ No newline at end of file diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index d9305c00b..130daee6a 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -642,11 +642,8 @@ if ( ! function_exists('form_prep')) { return $str; } - - $str = htmlspecialchars($str); - - // In case htmlspecialchars misses these. - $str = str_replace(array("'", '"'), array("'", """), $str); + + $str = html_escape($str); if ($field_name != '') { diff --git a/system/helpers/string_helper.php b/system/helpers/string_helper.php index 9fa69f46c..dd8ffaddb 100644 --- a/system/helpers/string_helper.php +++ b/system/helpers/string_helper.php @@ -215,12 +215,9 @@ if ( ! function_exists('random_string')) case 'nozero' : $pool = '123456789'; break; } - - $str = ''; - for ($i=0; $i < $len; $i++) - { - $str .= substr($pool, mt_rand(0, strlen($pool) -1), 1); - } + + $str = substr(str_shuffle(str_repeat($pool, ceil($len/strlen($pool)))),0,$len); + return $str; break; case 'unique' : diff --git a/system/helpers/typography_helper.php b/system/helpers/typography_helper.php index 19b4eec03..82e686e53 100644 --- a/system/helpers/typography_helper.php +++ b/system/helpers/typography_helper.php @@ -39,9 +39,7 @@ if ( ! function_exists('nl2br_except_pre')) function nl2br_except_pre($str) { $CI =& get_instance(); - $CI->load->library('typography'); - return $CI->typography->nl2br_except_pre($str); } } @@ -82,9 +80,15 @@ if ( ! function_exists('auto_typography')) */ if ( ! function_exists('entity_decode')) { - function entity_decode($str, $charset='UTF-8') + function entity_decode($str, $charset = NULL) { global $SEC; + + if (empty($charset)) + { + $charset = config_item('charset'); + } + return $SEC->entity_decode($str, $charset); } } diff --git a/system/language/english/migration_lang.php b/system/language/english/migration_lang.php index 4763ca243..94cb882fb 100644 --- a/system/language/english/migration_lang.php +++ b/system/language/english/migration_lang.php @@ -5,7 +5,7 @@ $lang['migration_not_found'] = "This migration could not be found."; $lang['migration_multiple_version'] = "This are multiple migrations with the same version number: %d."; $lang['migration_class_doesnt_exist'] = "The migration class \"%s\" could not be found."; $lang['migration_missing_up_method'] = "The migration class \"%s\" is missing an 'up' method."; -$lang['migration_missing_down_method'] = "The migration class \"%s\" is missing an 'up' method."; +$lang['migration_missing_down_method'] = "The migration class \"%s\" is missing a 'down' method."; $lang['migration_invalid_filename'] = "Migration \"%s\" has an invalid filename."; |