summaryrefslogtreecommitdiffstats
path: root/system
diff options
context:
space:
mode:
Diffstat (limited to 'system')
-rw-r--r--system/core/CodeIgniter.php8
-rw-r--r--system/core/Common.php25
-rw-r--r--system/core/Input.php33
-rw-r--r--system/core/Loader.php6
-rw-r--r--system/core/Log.php4
-rw-r--r--system/core/Output.php14
-rw-r--r--system/core/Router.php17
-rw-r--r--system/core/Security.php3
-rw-r--r--system/core/URI.php2
-rw-r--r--system/database/DB_driver.php4
-rw-r--r--system/helpers/captcha_helper.php5
-rw-r--r--system/libraries/Cart.php4
-rw-r--r--system/libraries/Email.php22
-rw-r--r--system/libraries/Encrypt.php2
-rw-r--r--system/libraries/Form_validation.php2
-rw-r--r--system/libraries/Profiler.php4
-rw-r--r--system/libraries/Session/drivers/Session_cookie.php3
-rw-r--r--system/libraries/Upload.php32
18 files changed, 116 insertions, 74 deletions
diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php
index 7f76977b5..3fe5c0648 100644
--- a/system/core/CodeIgniter.php
+++ b/system/core/CodeIgniter.php
@@ -241,12 +241,12 @@ defined('BASEPATH') OR exit('No direct script access allowed');
// Load the local application controller
// Note: The Router class automatically validates the controller path using the router->_validate_request().
// If this include fails it means that the default controller in the Routes.php file is not resolving to something valid.
- if ( ! file_exists(APPPATH.'controllers/'.$RTR->fetch_directory().$RTR->fetch_class().'.php'))
+ if ( ! file_exists(APPPATH.'controllers/'.$RTR->directory.$RTR->class.'.php'))
{
show_error('Unable to load your default controller. Please make sure the controller specified in your Routes.php file is valid.');
}
- include(APPPATH.'controllers/'.$RTR->fetch_directory().$RTR->fetch_class().'.php');
+ include(APPPATH.'controllers/'.$RTR->directory.$RTR->class.'.php');
// Set a mark point for benchmarking
$BM->mark('loading_time:_base_classes_end');
@@ -260,8 +260,8 @@ defined('BASEPATH') OR exit('No direct script access allowed');
* loader class can be called via the URI, nor can
* controller functions that begin with an underscore.
*/
- $class = $RTR->fetch_class();
- $method = $RTR->fetch_method();
+ $class = $RTR->class;
+ $method = $RTR->method;
if ( ! class_exists($class, FALSE) OR $method[0] === '_' OR method_exists('CI_Controller', $method))
{
diff --git a/system/core/Common.php b/system/core/Common.php
index efa7a9380..93cd0a0ae 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -92,7 +92,7 @@ if ( ! function_exists('is_really_writable'))
*/
if (is_dir($file))
{
- $file = rtrim($file, '/').'/'.md5(mt_rand(1,100).mt_rand(1,100));
+ $file = rtrim($file, '/').'/'.md5(mt_rand());
if (($fp = @fopen($file, FOPEN_WRITE_CREATE)) === FALSE)
{
return FALSE;
@@ -346,7 +346,20 @@ if ( ! function_exists('is_https'))
*/
function is_https()
{
- return (isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) === 'on');
+ if ( ! empty($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) !== 'off')
+ {
+ return TRUE;
+ }
+ elseif (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https')
+ {
+ return TRUE;
+ }
+ elseif ( ! empty($_SERVER['HTTP_FRONT_END_HTTPS']) && strtolower($_SERVER['HTTP_FRONT_END_HTTPS']) !== 'off')
+ {
+ return TRUE;
+ }
+
+ return FALSE;
}
}
@@ -424,12 +437,12 @@ if ( ! function_exists('log_message'))
* We use this as a simple mechanism to access the logging
* class and send messages to be logged.
*
- * @param string
- * @param string
- * @param bool
+ * @param string the error level: 'error', 'debug' or 'info'
+ * @param string the error message
+ * @param bool whether the error is a native PHP error
* @return void
*/
- function log_message($level = 'error', $message, $php_error = FALSE)
+ function log_message($level, $message, $php_error = FALSE)
{
static $_log, $_log_threshold;
diff --git a/system/core/Input.php b/system/core/Input.php
index 6690b7f2e..0ef81128e 100644
--- a/system/core/Input.php
+++ b/system/core/Input.php
@@ -790,31 +790,30 @@ class CI_Input {
*/
public function request_headers($xss_clean = FALSE)
{
+ // If header is already defined, return it immediately
+ if ( ! empty($this->headers))
+ {
+ return $this->headers;
+ }
+
// In Apache, you can simply call apache_request_headers()
if (function_exists('apache_request_headers'))
{
- $headers = apache_request_headers();
+ return $this->headers = apache_request_headers();
}
- else
- {
- $headers['Content-Type'] = isset($_SERVER['CONTENT_TYPE']) ? $_SERVER['CONTENT_TYPE'] : @getenv('CONTENT_TYPE');
- foreach ($_SERVER as $key => $val)
- {
- if (sscanf($key, 'HTTP_%s', $header) === 1)
- {
- $headers[$header] = $this->_fetch_from_array($_SERVER, $key, $xss_clean);
- }
- }
- }
+ $this->headers['Content-Type'] = isset($_SERVER['CONTENT_TYPE']) ? $_SERVER['CONTENT_TYPE'] : @getenv('CONTENT_TYPE');
- // take SOME_HEADER and turn it into Some-Header
- foreach ($headers as $key => $val)
+ foreach ($_SERVER as $key => $val)
{
- $key = str_replace(array('_', '-'), ' ', strtolower($key));
- $key = str_replace(' ', '-', ucwords($key));
+ if (sscanf($key, 'HTTP_%s', $header) === 1)
+ {
+ // take SOME_HEADER and turn it into Some-Header
+ $header = str_replace('_', ' ', strtolower($header));
+ $header = str_replace(' ', '-', ucwords($header));
- $this->headers[$key] = $val;
+ $this->headers[$header] = $this->_fetch_from_array($_SERVER, $key, $xss_clean);
+ }
}
return $this->headers;
diff --git a/system/core/Loader.php b/system/core/Loader.php
index d4e63231c..70a6b6fa6 100644
--- a/system/core/Loader.php
+++ b/system/core/Loader.php
@@ -658,7 +658,7 @@ class CI_Loader {
return FALSE;
}
- if ( ! class_exists('CI_Driver_Library'))
+ if ( ! class_exists('CI_Driver_Library', FALSE))
{
// We aren't instantiating an object here, just making the base class available
require BASEPATH.'libraries/Driver.php';
@@ -713,7 +713,7 @@ class CI_Loader {
*
* Return a list of all package paths.
*
- * @param bool $include_base Whether to include BASEPATH (default: TRUE)
+ * @param bool $include_base Whether to include BASEPATH (default: FALSE)
* @return array
*/
public function get_package_paths($include_base = FALSE)
@@ -955,7 +955,7 @@ class CI_Loader {
// Is this a class extension request?
if (file_exists($subclass))
{
- $baseclass = BASEPATH.'libraries/'.$class.'.php';
+ $baseclass = BASEPATH.'libraries/'.$subdir.$class.'.php';
if ( ! file_exists($baseclass))
{
diff --git a/system/core/Log.php b/system/core/Log.php
index a84d3dc22..e4d72b544 100644
--- a/system/core/Log.php
+++ b/system/core/Log.php
@@ -138,12 +138,12 @@ class CI_Log {
*
* Generally this function will be called using the global log_message() function
*
- * @param string the error level
+ * @param string the error level: 'error', 'debug' or 'info'
* @param string the error message
* @param bool whether the error is a native PHP error
* @return bool
*/
- public function write_log($level = 'error', $msg, $php_error = FALSE)
+ public function write_log($level, $msg, $php_error = FALSE)
{
if ($this->_enabled === FALSE)
{
diff --git a/system/core/Output.php b/system/core/Output.php
index 3320ae154..06d7a866b 100644
--- a/system/core/Output.php
+++ b/system/core/Output.php
@@ -841,9 +841,8 @@ class CI_Output {
$output = substr_replace($output, '', 0, $pos);
// Remove closing tag and save it for later
- $end_pos = strlen($output);
$pos = strpos($output, '</');
- $closing_tag = substr($output, $pos, $end_pos);
+ $closing_tag = substr($output, $pos, strlen($output));
$output = substr_replace($output, '', $pos);
}
@@ -852,7 +851,16 @@ class CI_Output {
// Remove spaces around curly brackets, colons,
// semi-colons, parenthesis, commas
- $output = preg_replace('!\s*(:|;|,|}|{|\(|\))\s*!i', '$1', $output);
+ $chunks = preg_split('/([\'|"]).+(?![^\\\]\\1)\\1/iU', $output, -1, PREG_SPLIT_OFFSET_CAPTURE);
+ for ($i = count($chunks) - 1; $i >= 0; $i--)
+ {
+ $output = substr_replace(
+ $output,
+ preg_replace('/\s*(:|;|,|}|{|\(|\))\s*/i', '$1', $chunks[$i][0]),
+ $chunks[$i][1],
+ strlen($chunks[$i][0])
+ );
+ }
// Replace tabs with spaces
// Replace carriage returns & multiple new lines with single new line
diff --git a/system/core/Router.php b/system/core/Router.php
index bb0ce16bd..c86ab9c20 100644
--- a/system/core/Router.php
+++ b/system/core/Router.php
@@ -119,16 +119,16 @@ class CI_Router {
if (isset($_GET[$this->config->item('directory_trigger')]) && is_string($_GET[$this->config->item('directory_trigger')]))
{
$this->set_directory(trim($this->uri->_filter_uri($_GET[$this->config->item('directory_trigger')])));
- $segments[] = $this->fetch_directory();
+ $segments[] = $this->directory;
}
$this->set_class(trim($this->uri->_filter_uri($_GET[$this->config->item('controller_trigger')])));
- $segments[] = $this->fetch_class();
+ $segments[] = $this->class;
if ( ! empty($_GET[$this->config->item('function_trigger')]) && is_string($_GET[$this->config->item('function_trigger')]))
{
$this->set_method(trim($this->uri->_filter_uri($_GET[$this->config->item('function_trigger')])));
- $segments[] = $this->fetch_method();
+ $segments[] = $this->method;
}
}
@@ -270,7 +270,7 @@ class CI_Router {
empty($segments[1]) OR $segments[1] = str_replace('-', '_', $segments[1]);
// Does the requested controller exist in the sub-folder?
- if ( ! file_exists(APPPATH.'controllers/'.$this->fetch_directory().$segments[0].'.php'))
+ if ( ! file_exists(APPPATH.'controllers/'.$this->directory.$segments[0].'.php'))
{
if ( ! empty($this->routes['404_override']))
{
@@ -279,7 +279,7 @@ class CI_Router {
}
else
{
- show_404($this->fetch_directory().$segments[0]);
+ show_404($this->directory.$segments[0]);
}
}
}
@@ -287,7 +287,7 @@ class CI_Router {
{
// Is the method being specified in the route?
$segments = explode('/', $this->default_controller);
- if ( ! file_exists(APPPATH.'controllers/'.$this->fetch_directory().$segments[0].'.php'))
+ if ( ! file_exists(APPPATH.'controllers/'.$this->directory.$segments[0].'.php'))
{
$this->directory = '';
}
@@ -413,6 +413,7 @@ class CI_Router {
/**
* Fetch the current class
*
+ * @deprecated 3.0.0 Read the 'class' property instead
* @return string
*/
public function fetch_class()
@@ -438,11 +439,12 @@ class CI_Router {
/**
* Fetch the current method
*
+ * @deprecated 3.0.0 Read the 'method' property instead
* @return string
*/
public function fetch_method()
{
- return ($this->method === $this->fetch_class()) ? 'index' : $this->method;
+ return $this->method;
}
// --------------------------------------------------------------------
@@ -466,6 +468,7 @@ class CI_Router {
* Feches the sub-directory (if any) that contains the requested
* controller class.
*
+ * @deprecated 3.0.0 Read the 'directory' property instead
* @return string
*/
public function fetch_directory()
diff --git a/system/core/Security.php b/system/core/Security.php
index 7aae54efc..196d61144 100644
--- a/system/core/Security.php
+++ b/system/core/Security.php
@@ -488,8 +488,7 @@ class CI_Security {
{
if ($this->_xss_hash === '')
{
- mt_srand();
- $this->_xss_hash = md5(time() + mt_rand(0, 1999999999));
+ $this->_xss_hash = md5(uniqid(mt_rand()));
}
return $this->_xss_hash;
diff --git a/system/core/URI.php b/system/core/URI.php
index b2286f032..bc086d223 100644
--- a/system/core/URI.php
+++ b/system/core/URI.php
@@ -720,7 +720,7 @@ class CI_URI {
{
global $RTR;
- if (($dir = $RTR->fetch_directory()) === '/')
+ if (($dir = $RTR->directory) === '/')
{
$dir = '';
}
diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php
index 97021f125..593d78ba4 100644
--- a/system/database/DB_driver.php
+++ b/system/database/DB_driver.php
@@ -704,7 +704,7 @@ abstract class CI_DB_driver {
{
$driver = 'CI_DB_'.$this->dbdriver.'_result';
- if ( ! class_exists($driver))
+ if ( ! class_exists($driver, FALSE))
{
include_once(BASEPATH.'database/DB_result.php');
include_once(BASEPATH.'database/drivers/'.$this->dbdriver.'/'.$this->dbdriver.'_result.php');
@@ -816,7 +816,7 @@ abstract class CI_DB_driver {
}
// The query() function will set this flag to FALSE in the event that a query failed
- if ($this->_trans_status === FALSE)
+ if ($this->_trans_status === FALSE OR $this->_trans_failure === TRUE)
{
$this->trans_rollback();
diff --git a/system/helpers/captcha_helper.php b/system/helpers/captcha_helper.php
index 78e255a15..f3b9c6cc4 100644
--- a/system/helpers/captcha_helper.php
+++ b/system/helpers/captcha_helper.php
@@ -51,7 +51,7 @@ if ( ! function_exists('create_captcha'))
*/
function create_captcha($data = '', $img_path = '', $img_url = '', $font_path = '')
{
- $defaults = array('word' => '', 'img_path' => '', 'img_url' => '', 'img_width' => '150', 'img_height' => '30', 'font_path' => '', 'expiration' => 7200);
+ $defaults = array('word' => '', 'img_path' => '', 'img_url' => '', 'img_width' => '150', 'img_height' => '30', 'font_path' => '', 'expiration' => 7200, 'word_length' => 8, 'pool' => '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ');
foreach ($defaults as $key => $val)
{
@@ -95,9 +95,8 @@ if ( ! function_exists('create_captcha'))
if (empty($word))
{
- $pool = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
$word = '';
- for ($i = 0, $mt_rand_max = strlen($pool) - 1; $i < 8; $i++)
+ for ($i = 0, $mt_rand_max = strlen($pool) - 1; $i < $word_length; $i++)
{
$word .= $pool[mt_rand(0, $mt_rand_max)];
}
diff --git a/system/libraries/Cart.php b/system/libraries/Cart.php
index b7b0697fb..edc300bd7 100644
--- a/system/libraries/Cart.php
+++ b/system/libraries/Cart.php
@@ -51,7 +51,7 @@ class CI_Cart {
*
* @var string
*/
- public $product_name_rules = '\.\:\-_ a-z0-9';
+ public $product_name_rules = '\w \-\.\:';
/**
* only allow safe product names
@@ -214,7 +214,7 @@ class CI_Cart {
// Validate the product name. It can only be alpha-numeric, dashes, underscores, colons or periods.
// Note: These can be user-specified by setting the $this->product_name_rules variable.
- if ($this->product_name_safe && ! preg_match('/^['.$this->product_name_rules.']+$/i', $items['name']))
+ if ($this->product_name_safe && ! preg_match('/^['.$this->product_name_rules.']+$/i'.(UTF8_ENABLED ? 'u' : ''), $items['name']))
{
log_message('error', 'An invalid name was submitted as the product name: '.$items['name'].' The name can only contain alpha-numeric characters, dashes, underscores, colons, and spaces');
return FALSE;
diff --git a/system/libraries/Email.php b/system/libraries/Email.php
index a745d331d..46ffaa1d4 100644
--- a/system/libraries/Email.php
+++ b/system/libraries/Email.php
@@ -739,7 +739,7 @@ class CI_Email {
*/
public function set_header($header, $value)
{
- $this->_headers[$header] = $value;
+ $this->_headers[$header] = str_replace(array("\n", "\r"), '', $value);
}
// --------------------------------------------------------------------
@@ -1236,7 +1236,7 @@ class CI_Email {
/**
* Build Final Body and attachments
*
- * @return void
+ * @return bool
*/
protected function _build_message()
{
@@ -1275,7 +1275,7 @@ class CI_Email {
if ($this->send_multipart === FALSE)
{
$hdr .= 'Content-Type: text/html; charset='.$this->charset.$this->newline
- .'Content-Transfer-Encoding: quoted-printable';
+ .'Content-Transfer-Encoding: quoted-printable'.$this->newline.$this->newline;
}
else
{
@@ -1401,7 +1401,7 @@ class CI_Email {
$body .= implode($this->newline, $attachment).$this->newline.'--'.$this->_atc_boundary.'--';
$this->_finalbody = ($this->_get_protocol() === 'mail') ? $body : $hdr.$body;
- return;
+ return TRUE;
}
// --------------------------------------------------------------------
@@ -1606,7 +1606,11 @@ class CI_Email {
return $result;
}
- $this->_build_message();
+ if ($this->_build_message() === FALSE)
+ {
+ return FALSE;
+ }
+
$result = $this->_spool_email();
if ($result && $auto_clear)
@@ -1665,7 +1669,11 @@ class CI_Email {
$this->_bcc_array = $bcc;
}
- $this->_build_message();
+ if ($this->_build_message() === FALSE)
+ {
+ return FALSE;
+ }
+
$this->_spool_email();
}
}
@@ -2132,7 +2140,7 @@ class CI_Email {
if (in_array('headers', $include, TRUE))
{
- $raw_data = $this->_header_str."\n";
+ $raw_data = htmlspecialchars($this->_header_str)."\n";
}
if (in_array('subject', $include, TRUE))
diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php
index c6a1cb175..8ac5420de 100644
--- a/system/libraries/Encrypt.php
+++ b/system/libraries/Encrypt.php
@@ -244,7 +244,7 @@ class CI_Encrypt {
$rand = '';
do
{
- $rand .= mt_rand(0, mt_getrandmax());
+ $rand .= mt_rand();
}
while (strlen($rand) < 32);
diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php
index 1ed50844c..40ba01202 100644
--- a/system/libraries/Form_validation.php
+++ b/system/libraries/Form_validation.php
@@ -1405,7 +1405,7 @@ class CI_Form_validation {
*/
public function valid_base64($str)
{
- return ! preg_match('/[^a-zA-Z0-9\/\+=]/', $str);
+ return (base64_encode(base64_decode($str)) === $str);
}
// --------------------------------------------------------------------
diff --git a/system/libraries/Profiler.php b/system/libraries/Profiler.php
index 470688fdc..0c60efb8b 100644
--- a/system/libraries/Profiler.php
+++ b/system/libraries/Profiler.php
@@ -405,7 +405,7 @@ class CI_Profiler {
.'<fieldset id="ci_profiler_controller_info" style="border:1px solid #995300;padding:6px 10px 10px 10px;margin:20px 0 20px 0;background-color:#eee;">'
."\n"
.'<legend style="color:#995300;">&nbsp;&nbsp;'.$this->CI->lang->line('profiler_controller_info')."&nbsp;&nbsp;</legend>\n"
- .'<div style="color:#995300;font-weight:normal;padding:4px 0 4px 0;">'.$this->CI->router->fetch_class().'/'.$this->CI->router->fetch_method()
+ .'<div style="color:#995300;font-weight:normal;padding:4px 0 4px 0;">'.$this->CI->router->class.'/'.$this->CI->router->method
.'</div></fieldset>';
}
@@ -447,7 +447,7 @@ class CI_Profiler {
.'&nbsp;&nbsp;(<span style="cursor: pointer;" onclick="var s=document.getElementById(\'ci_profiler_httpheaders_table\').style;s.display=s.display==\'none\'?\'\':\'none\';this.innerHTML=this.innerHTML==\''.$this->CI->lang->line('profiler_section_show').'\'?\''.$this->CI->lang->line('profiler_section_hide').'\':\''.$this->CI->lang->line('profiler_section_show').'\';">'.$this->CI->lang->line('profiler_section_show')."</span>)</legend>\n\n\n"
.'<table style="width:100%;display:none;" id="ci_profiler_httpheaders_table">'."\n";
- foreach (array('HTTP_ACCEPT', 'HTTP_USER_AGENT', 'HTTP_CONNECTION', 'SERVER_PORT', 'SERVER_NAME', 'REMOTE_ADDR', 'SERVER_SOFTWARE', 'HTTP_ACCEPT_LANGUAGE', 'SCRIPT_NAME', 'REQUEST_METHOD',' HTTP_HOST', 'REMOTE_HOST', 'CONTENT_TYPE', 'SERVER_PROTOCOL', 'QUERY_STRING', 'HTTP_ACCEPT_ENCODING', 'HTTP_X_FORWARDED_FOR') as $header)
+ foreach (array('HTTP_ACCEPT', 'HTTP_USER_AGENT', 'HTTP_CONNECTION', 'SERVER_PORT', 'SERVER_NAME', 'REMOTE_ADDR', 'SERVER_SOFTWARE', 'HTTP_ACCEPT_LANGUAGE', 'SCRIPT_NAME', 'REQUEST_METHOD',' HTTP_HOST', 'REMOTE_HOST', 'CONTENT_TYPE', 'SERVER_PROTOCOL', 'QUERY_STRING', 'HTTP_ACCEPT_ENCODING', 'HTTP_X_FORWARDED_FOR', 'HTTP_DNT') as $header)
{
$val = isset($_SERVER[$header]) ? $_SERVER[$header] : '';
$output .= '<tr><td style="vertical-align:top;width:50%;padding:5px;color:#900;background-color:#ddd;">'
diff --git a/system/libraries/Session/drivers/Session_cookie.php b/system/libraries/Session/drivers/Session_cookie.php
index 0e8644102..7174d63c8 100644
--- a/system/libraries/Session/drivers/Session_cookie.php
+++ b/system/libraries/Session/drivers/Session_cookie.php
@@ -641,7 +641,7 @@ class CI_Session_cookie extends CI_Session_driver {
$new_sessid = '';
do
{
- $new_sessid .= mt_rand(0, mt_getrandmax());
+ $new_sessid .= mt_rand();
}
while (strlen($new_sessid) < 32);
@@ -832,7 +832,6 @@ class CI_Session_cookie extends CI_Session_driver {
$probability = ini_get('session.gc_probability');
$divisor = ini_get('session.gc_divisor');
- srand(time());
if ((mt_rand(0, $divisor) / $divisor) < $probability)
{
$expire = $this->now - $this->sess_expiration;
diff --git a/system/libraries/Upload.php b/system/libraries/Upload.php
index 82b46f094..85428044d 100644
--- a/system/libraries/Upload.php
+++ b/system/libraries/Upload.php
@@ -136,6 +136,13 @@ class CI_Upload {
public $file_ext = '';
/**
+ * Force filename extension to lowercase
+ *
+ * @var string
+ */
+ public $file_ext_tolower = FALSE;
+
+ /**
* Upload path
*
* @var string
@@ -294,6 +301,7 @@ class CI_Upload {
'file_type' => '',
'file_size' => NULL,
'file_ext' => '',
+ 'file_ext_tolower' => FALSE,
'upload_path' => '',
'overwrite' => FALSE,
'encrypt_name' => FALSE,
@@ -366,25 +374,25 @@ class CI_Upload {
switch ($error)
{
- case 1: // UPLOAD_ERR_INI_SIZE
+ case UPLOAD_ERR_INI_SIZE:
$this->set_error('upload_file_exceeds_limit');
break;
- case 2: // UPLOAD_ERR_FORM_SIZE
+ case UPLOAD_ERR_FORM_SIZE:
$this->set_error('upload_file_exceeds_form_limit');
break;
- case 3: // UPLOAD_ERR_PARTIAL
+ case UPLOAD_ERR_PARTIAL:
$this->set_error('upload_file_partial');
break;
- case 4: // UPLOAD_ERR_NO_FILE
+ case UPLOAD_ERR_NO_FILE:
$this->set_error('upload_no_file_selected');
break;
- case 6: // UPLOAD_ERR_NO_TMP_DIR
+ case UPLOAD_ERR_NO_TMP_DIR:
$this->set_error('upload_no_temp_directory');
break;
- case 7: // UPLOAD_ERR_CANT_WRITE
+ case UPLOAD_ERR_CANT_WRITE:
$this->set_error('upload_unable_to_write_file');
break;
- case 8: // UPLOAD_ERR_EXTENSION
+ case UPLOAD_ERR_EXTENSION:
$this->set_error('upload_stopped_by_extension');
break;
default:
@@ -604,7 +612,6 @@ class CI_Upload {
{
if ($this->encrypt_name === TRUE)
{
- mt_srand();
$filename = md5(uniqid(mt_rand())).$this->file_ext;
}
@@ -966,7 +973,14 @@ class CI_Upload {
public function get_extension($filename)
{
$x = explode('.', $filename);
- return (count($x) !== 1) ? '.'.end($x) : '';
+
+ if (count($x) === 1)
+ {
+ return '';
+ }
+
+ $ext = ($this->file_ext_tolower) ? strtolower(end($x)) : end($x);
+ return '.'.$ext;
}
// --------------------------------------------------------------------