diff options
Diffstat (limited to 'system')
26 files changed, 182 insertions, 189 deletions
diff --git a/system/core/Common.php b/system/core/Common.php index 90cc5b3a4..258cd4967 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -316,11 +316,11 @@ if ( ! function_exists('get_mimes')) { static $_mimes = array(); - if (is_file(APPPATH.'config/'.ENVIRONMENT.'/mimes.php')) + if (file_exists(APPPATH.'config/'.ENVIRONMENT.'/mimes.php')) { $_mimes = include(APPPATH.'config/'.ENVIRONMENT.'/mimes.php'); } - elseif (is_file(APPPATH.'config/mimes.php')) + elseif (file_exists(APPPATH.'config/mimes.php')) { $_mimes = include(APPPATH.'config/mimes.php'); } diff --git a/system/core/Hooks.php b/system/core/Hooks.php index 59759e02e..17f6a027e 100644 --- a/system/core/Hooks.php +++ b/system/core/Hooks.php @@ -81,11 +81,12 @@ class CI_Hooks { } // Grab the "hooks" definition file. - if (is_file(APPPATH.'config/'.ENVIRONMENT.'/hooks.php')) + if (file_exists(APPPATH.'config/'.ENVIRONMENT.'/hooks.php')) { include(APPPATH.'config/'.ENVIRONMENT.'/hooks.php'); } - elseif (is_file(APPPATH.'config/hooks.php')) + + if (file_exists(APPPATH.'config/hooks.php')) { include(APPPATH.'config/hooks.php'); } diff --git a/system/core/Loader.php b/system/core/Loader.php index bbd7a84b6..00ca35199 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -97,13 +97,6 @@ class CI_Loader { protected $_ci_classes = array(); /** - * List of loaded files - * - * @var array - */ - protected $_ci_loaded_files = array(); - - /** * List of loaded models * * @var array @@ -943,7 +936,6 @@ class CI_Loader { // Was the path included with the class name? // We look for a slash to determine this - $subdir = ''; if (($last_slash = strrpos($class, '/')) !== FALSE) { // Extract the path @@ -952,108 +944,92 @@ class CI_Loader { // Get the filename from the path $class = substr($class, $last_slash); } + else + { + $subdir = ''; + } + + $class = ucfirst($class); + $subclass = APPPATH.'libraries/'.$subdir.config_item('subclass_prefix').$class.'.php'; - // We'll test for both lowercase and capitalized versions of the file name - foreach (array(ucfirst($class), strtolower($class)) as $class) + // Is this a class extension request? + if (file_exists($subclass)) { - $subclass = APPPATH.'libraries/'.$subdir.config_item('subclass_prefix').$class.'.php'; + $baseclass = BASEPATH.'libraries/'.$class.'.php'; - // Is this a class extension request? - if (file_exists($subclass)) + if ( ! file_exists($baseclass)) { - $baseclass = BASEPATH.'libraries/'.ucfirst($class).'.php'; - - if ( ! file_exists($baseclass)) - { - log_message('error', 'Unable to load the requested class: '.$class); - show_error('Unable to load the requested class: '.$class); - } + log_message('error', 'Unable to load the requested class: '.$class); + show_error('Unable to load the requested class: '.$class); + } - // Safety: Was the class already loaded by a previous call? - if (in_array($subclass, $this->_ci_loaded_files)) + // Safety: Was the class already loaded by a previous call? + if (class_exists(config_item('subclass_prefix').$class, FALSE)) + { + // Before we deem this to be a duplicate request, let's see + // if a custom object name is being supplied. If so, we'll + // return a new instance of the object + if ($object_name !== NULL) { - // Before we deem this to be a duplicate request, let's see - // if a custom object name is being supplied. If so, we'll - // return a new instance of the object - if ($object_name !== NULL) + $CI =& get_instance(); + if ( ! isset($CI->$object_name)) { - $CI =& get_instance(); - if ( ! isset($CI->$object_name)) - { - return $this->_ci_init_class($class, config_item('subclass_prefix'), $params, $object_name); - } + return $this->_ci_init_class($class, config_item('subclass_prefix'), $params, $object_name); } - - $is_duplicate = TRUE; - log_message('debug', $class.' class already loaded. Second attempt ignored.'); - return; } - include_once($baseclass); - include_once($subclass); - $this->_ci_loaded_files[] = $subclass; - - return $this->_ci_init_class($class, config_item('subclass_prefix'), $params, $object_name); + log_message('debug', $class.' class already loaded. Second attempt ignored.'); + return; } - // Lets search for the requested library file and load it. - $is_duplicate = FALSE; - foreach ($this->_ci_library_paths as $path) - { - $filepath = $path.'libraries/'.$subdir.$class.'.php'; + include_once($baseclass); + include_once($subclass); - // Does the file exist? No? Bummer... - if ( ! file_exists($filepath)) - { - continue; - } + return $this->_ci_init_class($class, config_item('subclass_prefix'), $params, $object_name); + } + + // Lets search for the requested library file and load it. + foreach ($this->_ci_library_paths as $path) + { + $filepath = $path.'libraries/'.$subdir.$class.'.php'; - // Safety: Was the class already loaded by a previous call? - if (in_array($filepath, $this->_ci_loaded_files)) + // Safety: Was the class already loaded by a previous call? + if (class_exists($class, FALSE)) + { + // Before we deem this to be a duplicate request, let's see + // if a custom object name is being supplied. If so, we'll + // return a new instance of the object + if ($object_name !== NULL) { - // Before we deem this to be a duplicate request, let's see - // if a custom object name is being supplied. If so, we'll - // return a new instance of the object - if ($object_name !== NULL) + $CI =& get_instance(); + if ( ! isset($CI->$object_name)) { - $CI =& get_instance(); - if ( ! isset($CI->$object_name)) - { - return $this->_ci_init_class($class, '', $params, $object_name); - } + return $this->_ci_init_class($class, '', $params, $object_name); } - - $is_duplicate = TRUE; - log_message('debug', $class.' class already loaded. Second attempt ignored.'); - return; } - include_once($filepath); - $this->_ci_loaded_files[] = $filepath; - return $this->_ci_init_class($class, '', $params, $object_name); + log_message('debug', $class.' class already loaded. Second attempt ignored.'); + return; + } + // Does the file exist? No? Bummer... + elseif ( ! file_exists($filepath)) + { + continue; } - } // END FOREACH + + include_once($filepath); + return $this->_ci_init_class($class, '', $params, $object_name); + } // One last attempt. Maybe the library is in a subdirectory, but it wasn't specified? if ($subdir === '') { - $path = strtolower($class).'/'.$class; - return $this->_ci_load_class($path, $params, $object_name); - } - elseif (ucfirst($subdir) != $subdir) - { - // Lowercase subdir failed - retry capitalized - $path = ucfirst($subdir).$class; - return $this->_ci_load_class($path, $params, $object_name); + return $this->_ci_load_class($class.'/'.$class, $params, $object_name); } // If we got this far we were unable to find the requested class. - // We do not issue errors if the load call failed due to a duplicate request - if ($is_duplicate === FALSE) - { - log_message('error', 'Unable to load the requested class: '.$class); - show_error('Unable to load the requested class: '.$class); - } + log_message('error', 'Unable to load the requested class: '.$class); + show_error('Unable to load the requested class: '.$class); } // -------------------------------------------------------------------- diff --git a/system/core/Log.php b/system/core/Log.php index cd3c17e1e..f5d091e14 100644 --- a/system/core/Log.php +++ b/system/core/Log.php @@ -179,4 +179,4 @@ class CI_Log { } /* End of file Log.php */ -/* Location: ./system/libraries/Log.php */
\ No newline at end of file +/* Location: ./system/core/Log.php */
\ No newline at end of file diff --git a/system/core/Router.php b/system/core/Router.php index 4755b3712..bb0ce16bd 100644 --- a/system/core/Router.php +++ b/system/core/Router.php @@ -133,13 +133,14 @@ class CI_Router { } // Load the routes.php file. - if (is_file(APPPATH.'config/'.ENVIRONMENT.'/routes.php')) + if (file_exists(APPPATH.'config/routes.php')) { - include(APPPATH.'config/'.ENVIRONMENT.'/routes.php'); + include(APPPATH.'config/routes.php'); } - elseif (is_file(APPPATH.'config/routes.php')) + + if (file_exists(APPPATH.'config/'.ENVIRONMENT.'/routes.php')) { - include(APPPATH.'config/routes.php'); + include(APPPATH.'config/'.ENVIRONMENT.'/routes.php'); } $this->routes = (empty($route) OR ! is_array($route)) ? array() : $route; diff --git a/system/core/Security.php b/system/core/Security.php index a6cd14a5f..7aae54efc 100644 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -576,7 +576,15 @@ class CI_Security { } $str = remove_invisible_characters($str, FALSE); - return stripslashes(str_replace($bad, '', $str)); + + do + { + $old = $str; + $str = str_replace($bad, '', $str); + } + while ($old !== $str); + + return stripslashes($str); } // ---------------------------------------------------------------- diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index ac377d996..c7bc4a699 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -937,7 +937,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $this->qb_where[] = array('condition' => $like_statement, 'escape' => $escape); if ($this->qb_caching === TRUE) { - $this->qb_cache_where[] = $like_statement; + $this->qb_cache_where[] = array('condition' => $like_statement, 'escape' => $escape); $this->qb_cache_exists[] = 'where'; } } diff --git a/system/database/drivers/mssql/mssql_result.php b/system/database/drivers/mssql/mssql_result.php index ea3f8e4d1..b6e5f2b17 100644 --- a/system/database/drivers/mssql/mssql_result.php +++ b/system/database/drivers/mssql/mssql_result.php @@ -74,6 +74,7 @@ class CI_DB_mssql_result extends CI_DB_result { public function list_fields() { $field_names = array(); + mssql_field_seek($this->result_id, 0); while ($field = mssql_fetch_field($this->result_id)) { $field_names[] = $field->name; diff --git a/system/database/drivers/mysql/mysql_result.php b/system/database/drivers/mysql/mysql_result.php index 1ed2759b6..a2affcb58 100644 --- a/system/database/drivers/mysql/mysql_result.php +++ b/system/database/drivers/mysql/mysql_result.php @@ -89,6 +89,7 @@ class CI_DB_mysql_result extends CI_DB_result { public function list_fields() { $field_names = array(); + mysql_field_seek($this->result_id, 0); while ($field = mysql_fetch_field($this->result_id)) { $field_names[] = $field->name; diff --git a/system/database/drivers/mysqli/mysqli_result.php b/system/database/drivers/mysqli/mysqli_result.php index 4105f99f6..3fe05f9c5 100644 --- a/system/database/drivers/mysqli/mysqli_result.php +++ b/system/database/drivers/mysqli/mysqli_result.php @@ -74,6 +74,7 @@ class CI_DB_mysqli_result extends CI_DB_result { public function list_fields() { $field_names = array(); + $this->result_id->field_seek(0); while ($field = $this->result_id->fetch_field()) { $field_names[] = $field->name; diff --git a/system/helpers/captcha_helper.php b/system/helpers/captcha_helper.php index 83783324b..78e255a15 100644 --- a/system/helpers/captcha_helper.php +++ b/system/helpers/captcha_helper.php @@ -93,7 +93,7 @@ if ( ! function_exists('create_captcha')) // Do we have a "word" yet? // ----------------------------------- - if ($word === '') + if (empty($word)) { $pool = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'; $word = ''; @@ -102,6 +102,10 @@ if ( ! function_exists('create_captcha')) $word .= $pool[mt_rand(0, $mt_rand_max)]; } } + elseif ( ! is_string($word)) + { + $word = (string) $word; + } // ----------------------------------- // Determine angle and position diff --git a/system/helpers/download_helper.php b/system/helpers/download_helper.php index 7294d50c5..4fe6a0e88 100644 --- a/system/helpers/download_helper.php +++ b/system/helpers/download_helper.php @@ -58,7 +58,7 @@ if ( ! function_exists('force_download')) } elseif ($data === NULL) { - if (@is_file($filename) && @file_exists($filename) && ($filesize = @filesize($filename)) !== FALSE) + if (@is_file($filename) && ($filesize = @filesize($filename)) !== FALSE) { $filepath = $filename; $filename = explode('/', str_replace(DIRECTORY_SEPARATOR, '/', $filename)); diff --git a/system/helpers/html_helper.php b/system/helpers/html_helper.php index 7a71eb82b..80a27876f 100644 --- a/system/helpers/html_helper.php +++ b/system/helpers/html_helper.php @@ -238,26 +238,30 @@ if ( ! function_exists('doctype')) */ function doctype($type = 'xhtml1-strict') { - global $_doctypes; + static $doctypes; - if ( ! is_array($_doctypes)) + if ( ! is_array($doctypes)) { - if (is_file(APPPATH.'config/'.ENVIRONMENT.'/doctypes.php')) + if (file_exists(APPPATH.'config/doctypes.php')) { - include(APPPATH.'config/'.ENVIRONMENT.'/doctypes.php'); + include(APPPATH.'config/doctypes.php'); } - elseif (is_file(APPPATH.'config/doctypes.php')) + + if (file_exists(APPPATH.'config/'.ENVIRONMENT.'/doctypes.php')) { - include(APPPATH.'config/doctypes.php'); + include(APPPATH.'config/'.ENVIRONMENT.'/doctypes.php'); } - if ( ! is_array($_doctypes)) + if (empty($_doctypes) OR ! is_array($_doctypes)) { + $doctypes = array(); return FALSE; } + + $doctypes = $_doctypes; } - return isset($_doctypes[$type]) ? $_doctypes[$type] : FALSE; + return isset($doctypes[$type]) ? $doctypes[$type] : FALSE; } } diff --git a/system/helpers/smiley_helper.php b/system/helpers/smiley_helper.php index c2f50ec73..d9a693493 100644 --- a/system/helpers/smiley_helper.php +++ b/system/helpers/smiley_helper.php @@ -213,16 +213,30 @@ if ( ! function_exists('_get_smiley_array')) */ function _get_smiley_array() { - if (file_exists(APPPATH.'config/'.ENVIRONMENT.'/smileys.php')) - { - include(APPPATH.'config/'.ENVIRONMENT.'/smileys.php'); - } - elseif (file_exists(APPPATH.'config/smileys.php')) + static $_smileys; + + if ( ! is_array($smileys)) { - include(APPPATH.'config/smileys.php'); + if (file_exists(APPPATH.'config/smileys.php')) + { + include(APPPATH.'config/smileys.php'); + } + + if (file_exists(APPPATH.'config/'.ENVIRONMENT.'/smileys.php')) + { + include(APPPATH.'config/'.ENVIRONMENT.'/smileys.php'); + } + + if (empty($smileys) OR ! is_array($smileys)) + { + $_smileys = array(); + return FALSE; + } + + $_smileys = $smileys; } - return (isset($smileys) && is_array($smileys)) ? $smileys : FALSE; + return $_smileys; } } diff --git a/system/helpers/text_helper.php b/system/helpers/text_helper.php index c255c15a8..54db14f94 100644 --- a/system/helpers/text_helper.php +++ b/system/helpers/text_helper.php @@ -358,31 +358,35 @@ if ( ! function_exists('convert_accented_characters')) /** * Convert Accented Foreign Characters to ASCII * - * @param string the text string + * @param string $str Input string * @return string */ function convert_accented_characters($str) { - global $foreign_characters; + static $_foreign_characters; - if ( ! isset($foreign_characters) OR ! is_array($foreign_characters)) + if ( ! is_array($_foreign_characters)) { - if (is_file(APPPATH.'config/'.ENVIRONMENT.'/foreign_chars.php')) + if (file_exists(APPPATH.'config/foreign_chars.php')) { - include(APPPATH.'config/'.ENVIRONMENT.'/foreign_chars.php'); + include(APPPATH.'config/foreign_chars.php'); } - elseif (is_file(APPPATH.'config/foreign_chars.php')) + + if (file_exists(APPPATH.'config/'.ENVIRONMENT.'/foreign_chars.php')) { - include(APPPATH.'config/foreign_chars.php'); + include(APPPATH.'config/'.ENVIRONMENT.'/foreign_chars.php'); } - if ( ! isset($foreign_characters) OR ! is_array($foreign_characters)) + if (empty($foreign_characters) OR ! is_array($foreign_characters)) { + $_foreign_characters = array(); return $str; } + + $_foreign_characters = $foreign_characters; } - return preg_replace(array_keys($foreign_characters), array_values($foreign_characters), $str); + return preg_replace(array_keys($_foreign_characters), array_values($_foreign_characters), $str); } } diff --git a/system/helpers/url_helper.php b/system/helpers/url_helper.php index a6536cf81..d0fab3fe0 100644 --- a/system/helpers/url_helper.php +++ b/system/helpers/url_helper.php @@ -384,22 +384,23 @@ if ( ! function_exists('auto_link')) function auto_link($str, $type = 'both', $popup = FALSE) { // Find and replace any URLs. - if ($type !== 'email' && preg_match_all('#\b(([\w-]+://?|www\.)[^\s()<>]+(?:\([\w\d]+\)|([^[:punct:]\s]|/)))#', $str, $matches, PREG_OFFSET_CAPTURE)) + if ($type !== 'email' && preg_match_all('#(\w*://|www\.)[^\s()<>;]+\w#i', $str, $matches, PREG_OFFSET_CAPTURE | PREG_SET_ORDER)) { // Set our target HTML if using popup links. - $target = ($popup) ? 'target="_blank"' : ''; + $target = ($popup) ? ' target="_blank"' : ''; // We process the links in reverse order (last -> first) so that // the returned string offsets from preg_match_all() are not // moved as we add more HTML. - foreach (array_reverse($matches[0]) as $match) + foreach (array_reverse($matches) as $match) { - // $match is an array generated by the PREG_OFFSET_CAPTURE flag. - // $match[0] is the matched string, $match[1] is the string offset. - - $anchor = anchor($match[0], '', $target); - - $str = substr_replace($str, $anchor, $match[1], strlen($match[0])); + // $match[0] is the matched string/link + // $match[1] is either a protocol prefix or 'www.' + // + // With PREG_OFFSET_CAPTURE, both of the above is an array, + // where the actual value is held in [0] and its offset at the [1] index. + $a = '<a href="'.(strpos($match[1][0], '/') ? '' : 'http://').$match[0][0].'"'.$target.'>'.$match[0][0].'</a>'; + $str = substr_replace($str, $a, $match[0][1], strlen($match[0][0])); } } diff --git a/system/language/english/form_validation_lang.php b/system/language/english/form_validation_lang.php index 3fb007dd2..7c0277c25 100644 --- a/system/language/english/form_validation_lang.php +++ b/system/language/english/form_validation_lang.php @@ -37,6 +37,7 @@ $lang['form_validation_max_length'] = 'The {field} field cannot exceed {param} $lang['form_validation_exact_length'] = 'The {field} field must be exactly {param} characters in length.'; $lang['form_validation_alpha'] = 'The {field} field may only contain alphabetical characters.'; $lang['form_validation_alpha_numeric'] = 'The {field} field may only contain alpha-numeric characters.'; +$lang['form_validation_alpha_numeric_spaces'] = 'The {field} field may only contain alpha-numeric characters and spaces.'; $lang['form_validation_alpha_dash'] = 'The {field} field may only contain alpha-numeric characters, underscores, and dashes.'; $lang['form_validation_numeric'] = 'The {field} field must contain only numbers.'; $lang['form_validation_is_numeric'] = 'The {field} field must contain only numeric characters.'; diff --git a/system/libraries/Driver.php b/system/libraries/Driver.php index 4b35dce73..382420db0 100644 --- a/system/libraries/Driver.php +++ b/system/libraries/Driver.php @@ -80,8 +80,7 @@ class CI_Driver_Library { public function load_driver($child) { // Get CodeIgniter instance and subclass prefix - $CI = get_instance(); - $prefix = (string) $CI->config->item('subclass_prefix'); + $prefix = config_item('subclass_prefix'); if ( ! isset($this->lib_name)) { @@ -102,11 +101,12 @@ class CI_Driver_Library { } // Get package paths and filename case variations to search + $CI = get_instance(); $paths = $CI->load->get_package_paths(TRUE); // Is there an extension? $class_name = $prefix.$child_name; - $found = class_exists($class_name); + $found = class_exists($class_name, FALSE); if ( ! $found) { // Check for subclass file @@ -126,8 +126,8 @@ class CI_Driver_Library { } // Include both sources and mark found - include($basepath); - include($file); + include_once($basepath); + include_once($file); $found = TRUE; break; } @@ -139,8 +139,7 @@ class CI_Driver_Library { { // Use standard class name $class_name = 'CI_'.$child_name; - $found = class_exists($class_name); - if ( ! $found) + if ( ! class_exists($class_name, FALSE)) { // Check package paths foreach ($paths as $path) @@ -150,7 +149,7 @@ class CI_Driver_Library { if (file_exists($file)) { // Include source - include($file); + include_once($file); break; } } @@ -158,9 +157,9 @@ class CI_Driver_Library { } // Did we finally find the class? - if ( ! class_exists($class_name)) + if ( ! class_exists($class_name, FALSE)) { - if (class_exists($child_name)) + if (class_exists($child_name, FALSE)) { $class_name = $child_name; } diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php index bbd0b523e..1511d9add 100644 --- a/system/libraries/Form_validation.php +++ b/system/libraries/Form_validation.php @@ -1232,6 +1232,19 @@ class CI_Form_validation { // -------------------------------------------------------------------- /** + * Alpha-numeric w/ spaces + * + * @param string + * @return bool + */ + public function alpha_numeric_spaces($str) + { + return (bool) preg_match('/^[A-Z0-9 ]+$/i', $str); + } + + // -------------------------------------------------------------------- + + /** * Alpha-numeric with underscores and dashes * * @param string diff --git a/system/libraries/Javascript.php b/system/libraries/Javascript.php index 7f1d85511..773a58384 100644 --- a/system/libraries/Javascript.php +++ b/system/libraries/Javascript.php @@ -69,7 +69,7 @@ class CI_Javascript { $this->CI =& get_instance(); // load the requested js library - $this->CI->load->library('javascript/'.$js_library_driver, array('autoload' => $autoload)); + $this->CI->load->library('Javascript/'.$js_library_driver, array('autoload' => $autoload)); // make js to refer to current library $this->js =& $this->CI->$js_library_driver; diff --git a/system/libraries/javascript/Jquery.php b/system/libraries/Javascript/Jquery.php index b6e0434b2..b6e0434b2 100644 --- a/system/libraries/javascript/Jquery.php +++ b/system/libraries/Javascript/Jquery.php diff --git a/system/libraries/javascript/index.html b/system/libraries/Javascript/index.html index c942a79ce..c942a79ce 100644 --- a/system/libraries/javascript/index.html +++ b/system/libraries/Javascript/index.html diff --git a/system/libraries/Migration.php b/system/libraries/Migration.php index fd915c382..b673e9cb7 100644 --- a/system/libraries/Migration.php +++ b/system/libraries/Migration.php @@ -104,8 +104,8 @@ class CI_Migration { */ public function __construct($config = array()) { - # Only run this constructor on main library load - if (get_parent_class($this) !== FALSE) + // Only run this constructor on main library load + if ( ! in_array(get_class($this), array('CI_Migration', config_item('subclass_prefix').'Migration'), TRUE)) { return; } diff --git a/system/libraries/Session/drivers/Session_cookie.php b/system/libraries/Session/drivers/Session_cookie.php index 474641642..11bb32fe0 100644 --- a/system/libraries/Session/drivers/Session_cookie.php +++ b/system/libraries/Session/drivers/Session_cookie.php @@ -805,7 +805,7 @@ class CI_Session_cookie extends CI_Session_driver { { if (is_string($val)) { - $val= str_replace('{{slash}}', '\\', $val); + $val = str_replace('{{slash}}', '\\', $val); } } diff --git a/system/libraries/Upload.php b/system/libraries/Upload.php index 96bb17edc..814ea68a4 100644 --- a/system/libraries/Upload.php +++ b/system/libraries/Upload.php @@ -463,7 +463,8 @@ class CI_Upload { } // Sanitize the file name for security - $this->file_name = $this->clean_file_name($this->file_name); + $CI =& get_instance(); + $this->file_name = $CI->security->sanitize_filename($this->file_name); // Truncate the file name if it's too long if ($this->max_filename > 0) @@ -971,46 +972,6 @@ class CI_Upload { // -------------------------------------------------------------------- /** - * Clean the file name for security - * - * @param string $filename - * @return string - */ - public function clean_file_name($filename) - { - $bad = array( - '<!--', '-->', - "'", '"', - '<', '>', - '&', '$', - '=', - ';', - '?', - '/', - '!', - '#', - '%20', - '%22', - '%3c', // < - '%253c', // < - '%3e', // > - '%0e', // > - '%28', // ( - '%29', // ) - '%2528', // ( - '%26', // & - '%24', // $ - '%3f', // ? - '%3b', // ; - '%3d' // = - ); - - return stripslashes(str_replace($bad, '', $filename)); - } - - // -------------------------------------------------------------------- - - /** * Limit the File Name Length * * @param string $filename diff --git a/system/libraries/User_agent.php b/system/libraries/User_agent.php index 3fe2e0519..2f6f81909 100644 --- a/system/libraries/User_agent.php +++ b/system/libraries/User_agent.php @@ -175,15 +175,18 @@ class CI_User_agent { */ protected function _load_agent_file() { - if (is_file(APPPATH.'config/'.ENVIRONMENT.'/user_agents.php')) + if (($found = file_exists(APPPATH.'config/user_agents.php'))) { - include(APPPATH.'config/'.ENVIRONMENT.'/user_agents.php'); + include(APPPATH.'config/user_agents.php'); } - elseif (is_file(APPPATH.'config/user_agents.php')) + + if (file_exists(APPPATH.'config/'.ENVIRONMENT.'/user_agents.php')) { - include(APPPATH.'config/user_agents.php'); + include(APPPATH.'config/'.ENVIRONMENT.'/user_agents.php'); + $found = TRUE; } - else + + if ($found !== TRUE) { return FALSE; } |