summaryrefslogtreecommitdiffstats
path: root/system
diff options
context:
space:
mode:
Diffstat (limited to 'system')
-rw-r--r--system/core/Common.php7
-rw-r--r--system/core/Config.php6
-rw-r--r--system/core/Security.php66
-rw-r--r--system/database/DB_driver.php115
-rw-r--r--system/database/DB_forge.php8
-rw-r--r--system/database/drivers/cubrid/cubrid_driver.php38
-rw-r--r--system/database/drivers/ibase/ibase_driver.php32
-rw-r--r--system/database/drivers/mssql/mssql_driver.php30
-rw-r--r--system/database/drivers/mysql/mysql_driver.php37
-rw-r--r--system/database/drivers/mysqli/mysqli_driver.php30
-rw-r--r--system/database/drivers/oci8/oci8_driver.php41
-rw-r--r--system/database/drivers/odbc/odbc_driver.php34
-rw-r--r--system/database/drivers/pdo/pdo_driver.php30
-rw-r--r--system/database/drivers/postgre/postgre_driver.php30
-rw-r--r--system/database/drivers/sqlite/sqlite_driver.php39
-rw-r--r--system/database/drivers/sqlite3/sqlite3_driver.php30
-rw-r--r--system/database/drivers/sqlsrv/sqlsrv_driver.php34
-rw-r--r--system/helpers/captcha_helper.php89
-rw-r--r--system/libraries/Email.php13
-rw-r--r--system/libraries/Session/drivers/Session_database_driver.php4
20 files changed, 316 insertions, 397 deletions
diff --git a/system/core/Common.php b/system/core/Common.php
index ad3ca9f93..3ab98cf6d 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -752,7 +752,12 @@ if ( ! function_exists('html_escape'))
if (is_array($var))
{
- return array_map('html_escape', $var, array_fill(0, count($var), $double_encode));
+ foreach (array_keys($var) as $key)
+ {
+ $var[$key] = html_escape($var[$key], $double_encode);
+ }
+
+ return $var;
}
return htmlspecialchars($var, ENT_QUOTES, config_item('charset'), $double_encode);
diff --git a/system/core/Config.php b/system/core/Config.php
index feea7c85a..0264776f9 100644
--- a/system/core/Config.php
+++ b/system/core/Config.php
@@ -88,11 +88,9 @@ class CI_Config {
// Set the base_url automatically if none was provided
if (empty($this->config['base_url']))
{
- // The regular expression is only a basic validation for a valid "Host" header.
- // It's not exhaustive, only checks for valid characters.
- if (isset($_SERVER['HTTP_HOST']) && preg_match('/^((\[[0-9a-f:]+\])|(\d{1,3}(\.\d{1,3}){3})|[a-z0-9\-\.]+)(:\d+)?$/i', $_SERVER['HTTP_HOST']))
+ if (isset($_SERVER['SERVER_ADDR']))
{
- $base_url = (is_https() ? 'https' : 'http').'://'.$_SERVER['HTTP_HOST']
+ $base_url = (is_https() ? 'https' : 'http').'://'.$_SERVER['SERVER_ADDR']
.substr($_SERVER['SCRIPT_NAME'], 0, strpos($_SERVER['SCRIPT_NAME'], basename($_SERVER['SCRIPT_FILENAME'])));
}
else
diff --git a/system/core/Security.php b/system/core/Security.php
index ab85e2239..36dea4cf2 100644
--- a/system/core/Security.php
+++ b/system/core/Security.php
@@ -803,43 +803,55 @@ class CI_Security {
// For other tags, see if their attributes are "evil" and strip those
elseif (isset($matches['attributes']))
{
- // We'll need to catch all attributes separately first
- $pattern = '#'
- .'([\s\042\047/=]*)' // non-attribute characters, excluding > (tag close) for obvious reasons
+ // We'll store the already fitlered attributes here
+ $attributes = array();
+
+ // Attribute-catching pattern
+ $attributes_pattern = '#'
.'(?<name>[^\s\042\047>/=]+)' // attribute characters
// optional attribute-value
.'(?:\s*=(?<value>[^\s\042\047=><`]+|\s*\042[^\042]*\042|\s*\047[^\047]*\047|\s*(?U:[^\s\042\047=><`]*)))' // attribute-value separator
.'#i';
- if ($count = preg_match_all($pattern, $matches['attributes'], $attributes, PREG_SET_ORDER | PREG_OFFSET_CAPTURE))
+ // Blacklist pattern for evil attribute names
+ $is_evil_pattern = '#^('.implode('|', $evil_attributes).')$#i';
+
+ // Each iteration filters a single attribute
+ do
{
- // Since we'll be using substr_replace() below, we
- // need to handle the attributes in reverse order,
- // so we don't damage the string.
- for ($i = $count - 1; $i > -1; $i--)
+ // Strip any non-alpha characters that may preceed an attribute.
+ // Browsers often parse these incorrectly and that has been a
+ // of numerous XSS issues we've had.
+ $matches['attributes'] = preg_replace('#^[^a-z]+#i', '', $matches['attributes']);
+
+ if ( ! preg_match($attributes_pattern, $matches['attributes'], $attribute, PREG_OFFSET_CAPTURE))
{
- if (
- // Is it indeed an "evil" attribute?
- preg_match('#^('.implode('|', $evil_attributes).')$#i', $attributes[$i]['name'][0])
- // Or an attribute not starting with a letter? Some parsers get confused by that
- OR ! ctype_alpha($attributes[$i]['name'][0][0])
- // Does it have an equals sign, but no value and not quoted? Strip that too!
- OR (trim($attributes[$i]['value'][0]) === '')
- )
- {
- $matches['attributes'] = substr_replace(
- $matches['attributes'],
- ' [removed]',
- $attributes[$i][0][1],
- strlen($attributes[$i][0][0])
- );
- }
+ // No (valid) attribute found? Discard everything else inside the tag
+ break;
}
- // Note: This will strip some non-space characters and/or
- // reduce multiple spaces between attributes.
- return '<'.$matches['slash'].$matches['tagName'].' '.trim($matches['attributes']).'>';
+ if (
+ // Is it indeed an "evil" attribute?
+ preg_match($is_evil_pattern, $attribute['name'][0])
+ // Or does it have an equals sign, but no value and not quoted? Strip that too!
+ OR (trim($attribute['value'][0]) === '')
+ )
+ {
+ $attributes[] = 'xss=removed';
+ }
+ else
+ {
+ $attributes[] = $attribute[0][0];
+ }
+
+ $matches['attributes'] = substr($matches['attributes'], $attribute[0][1] + strlen($attribute[0][0]));
}
+ while ($matches['attributes'] !== '');
+
+ $attributes = empty($attributes)
+ ? ''
+ : ' '.implode(' ', $attributes);
+ return '<'.$matches['slash'].$matches['tagName'].$attributes.'>';
}
return $matches[0];
diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php
index cc94edc16..0ea679432 100644
--- a/system/database/DB_driver.php
+++ b/system/database/DB_driver.php
@@ -668,7 +668,13 @@ abstract class CI_DB_driver {
{
do
{
+ $trans_depth = $this->_trans_depth;
$this->trans_complete();
+ if ($trans_depth === $this->_trans_depth)
+ {
+ log_message('error', 'Database: Failure during an automated transaction commit/rollback!');
+ break;
+ }
}
while ($this->_trans_depth !== 0);
}
@@ -813,24 +819,16 @@ abstract class CI_DB_driver {
* Start Transaction
*
* @param bool $test_mode = FALSE
- * @return void
+ * @return bool
*/
public function trans_start($test_mode = FALSE)
{
if ( ! $this->trans_enabled)
{
- return;
- }
-
- // When transactions are nested we only begin/commit/rollback the outermost ones
- if ($this->_trans_depth > 0)
- {
- $this->_trans_depth += 1;
- return;
+ return FALSE;
}
- $this->trans_begin($test_mode);
- $this->_trans_depth += 1;
+ return $this->trans_begin($test_mode);
}
// --------------------------------------------------------------------
@@ -847,17 +845,6 @@ abstract class CI_DB_driver {
return FALSE;
}
- // When transactions are nested we only begin/commit/rollback the outermost ones
- if ($this->_trans_depth > 1)
- {
- $this->_trans_depth -= 1;
- return TRUE;
- }
- else
- {
- $this->_trans_depth = 0;
- }
-
// The query() function will set this flag to FALSE in the event that a query failed
if ($this->_trans_status === FALSE OR $this->_trans_failure === TRUE)
{
@@ -875,8 +862,7 @@ abstract class CI_DB_driver {
return FALSE;
}
- $this->trans_commit();
- return TRUE;
+ return $this->trans_commit();
}
// --------------------------------------------------------------------
@@ -894,6 +880,87 @@ abstract class CI_DB_driver {
// --------------------------------------------------------------------
/**
+ * Begin Transaction
+ *
+ * @param bool $test_mode
+ * @return bool
+ */
+ public function trans_begin($test_mode = FALSE)
+ {
+ if ( ! $this->trans_enabled)
+ {
+ return FALSE;
+ }
+ // When transactions are nested we only begin/commit/rollback the outermost ones
+ elseif ($this->_trans_depth > 0)
+ {
+ $this->_trans_depth++;
+ return TRUE;
+ }
+
+ // Reset the transaction failure flag.
+ // If the $test_mode flag is set to TRUE transactions will be rolled back
+ // even if the queries produce a successful result.
+ $this->_trans_failure = ($test_mode === TRUE);
+
+ if ($this->_trans_begin())
+ {
+ $this->_trans_depth++;
+ return TRUE;
+ }
+
+ return FALSE;
+ }
+
+ // --------------------------------------------------------------------
+
+ /**
+ * Commit Transaction
+ *
+ * @return bool
+ */
+ public function trans_commit()
+ {
+ if ( ! $this->trans_enabled OR $this->_trans_depth === 0)
+ {
+ return FALSE;
+ }
+ // When transactions are nested we only begin/commit/rollback the outermost ones
+ elseif ($this->_trans_depth > 1 OR $this->_trans_commit())
+ {
+ $this->_trans_depth--;
+ return TRUE;
+ }
+
+ return FALSE;
+ }
+
+ // --------------------------------------------------------------------
+
+ /**
+ * Rollback Transaction
+ *
+ * @return bool
+ */
+ public function trans_rollback()
+ {
+ if ( ! $this->trans_enabled OR $this->_trans_depth === 0)
+ {
+ return FALSE;
+ }
+ // When transactions are nested we only begin/commit/rollback the outermost ones
+ elseif ($this->_trans_depth > 1 OR $this->_trans_rollback())
+ {
+ $this->_trans_depth--;
+ return TRUE;
+ }
+
+ return FALSE;
+ }
+
+ // --------------------------------------------------------------------
+
+ /**
* Compile Bindings
*
* @param string the sql statement
diff --git a/system/database/DB_forge.php b/system/database/DB_forge.php
index dde285598..f9cf76a14 100644
--- a/system/database/DB_forge.php
+++ b/system/database/DB_forge.php
@@ -239,7 +239,13 @@ abstract class CI_DB_forge {
*/
public function add_key($key, $primary = FALSE)
{
- if (is_array($key))
+ // DO NOT change this! This condition is only applicable
+ // for PRIMARY keys because you can only have one such,
+ // and therefore all fields you add to it will be included
+ // in the same, composite PRIMARY KEY.
+ //
+ // It's not the same for regular indexes.
+ if ($primary === TRUE && is_array($key))
{
foreach ($key as $one)
{
diff --git a/system/database/drivers/cubrid/cubrid_driver.php b/system/database/drivers/cubrid/cubrid_driver.php
index f80b4db54..65f4adb3f 100644
--- a/system/database/drivers/cubrid/cubrid_driver.php
+++ b/system/database/drivers/cubrid/cubrid_driver.php
@@ -187,25 +187,17 @@ class CI_DB_cubrid_driver extends CI_DB {
/**
* Begin Transaction
*
- * @param bool $test_mode
* @return bool
*/
- public function trans_begin($test_mode = FALSE)
+ protected function _trans_begin()
{
- // When transactions are nested we only begin/commit/rollback the outermost ones
- if ( ! $this->trans_enabled OR $this->_trans_depth > 0)
+ if (($autocommit = cubrid_get_autocommit($this->conn_id)) === NULL)
{
- return TRUE;
+ return FALSE;
}
-
- // Reset the transaction failure flag.
- // If the $test_mode flag is set to TRUE transactions will be rolled back
- // even if the queries produce a successful result.
- $this->_trans_failure = ($test_mode === TRUE);
-
- if (cubrid_get_autocommit($this->conn_id))
+ elseif ($autocommit === TRUE)
{
- cubrid_set_autocommit($this->conn_id, CUBRID_AUTOCOMMIT_FALSE);
+ return cubrid_set_autocommit($this->conn_id, CUBRID_AUTOCOMMIT_FALSE);
}
return TRUE;
@@ -218,19 +210,16 @@ class CI_DB_cubrid_driver extends CI_DB {
*
* @return bool
*/
- public function trans_commit()
+ protected function _trans_commit()
{
- // When transactions are nested we only begin/commit/rollback the outermost ones
- if ( ! $this->trans_enabled OR $this->_trans_depth > 0)
+ if ( ! cubrid_commit($this->conn_id))
{
- return TRUE;
+ return FALSE;
}
- cubrid_commit($this->conn_id);
-
if ($this->auto_commit && ! cubrid_get_autocommit($this->conn_id))
{
- cubrid_set_autocommit($this->conn_id, CUBRID_AUTOCOMMIT_TRUE);
+ return cubrid_set_autocommit($this->conn_id, CUBRID_AUTOCOMMIT_TRUE);
}
return TRUE;
@@ -243,16 +232,13 @@ class CI_DB_cubrid_driver extends CI_DB {
*
* @return bool
*/
- public function trans_rollback()
+ protected function _trans_rollback()
{
- // When transactions are nested we only begin/commit/rollback the outermost ones
- if ( ! $this->trans_enabled OR $this->_trans_depth > 0)
+ if ( ! cubrid_rollback($this->conn_id))
{
- return TRUE;
+ return FALSE;
}
- cubrid_rollback($this->conn_id);
-
if ($this->auto_commit && ! cubrid_get_autocommit($this->conn_id))
{
cubrid_set_autocommit($this->conn_id, CUBRID_AUTOCOMMIT_TRUE);
diff --git a/system/database/drivers/ibase/ibase_driver.php b/system/database/drivers/ibase/ibase_driver.php
index 529c320cd..82550d51b 100644
--- a/system/database/drivers/ibase/ibase_driver.php
+++ b/system/database/drivers/ibase/ibase_driver.php
@@ -134,24 +134,16 @@ class CI_DB_ibase_driver extends CI_DB {
/**
* Begin Transaction
*
- * @param bool $test_mode
* @return bool
*/
- public function trans_begin($test_mode = FALSE)
+ protected function _trans_begin()
{
- // When transactions are nested we only begin/commit/rollback the outermost ones
- if ( ! $this->trans_enabled OR $this->_trans_depth > 0)
+ if (($trans_handle = ibase_trans($this->conn_id)) === FALSE)
{
- return TRUE;
+ return FALSE;
}
- // Reset the transaction failure flag.
- // If the $test_mode flag is set to TRUE transactions will be rolled back
- // even if the queries produce a successful result.
- $this->_trans_failure = ($test_mode === TRUE);
-
- $this->_ibase_trans = ibase_trans($this->conn_id);
-
+ $this->_ibase_trans = $trans_handle;
return TRUE;
}
@@ -162,15 +154,15 @@ class CI_DB_ibase_driver extends CI_DB {
*
* @return bool
*/
- public function trans_commit()
+ protected function _trans_commit()
{
- // When transactions are nested we only begin/commit/rollback the outermost ones
- if ( ! $this->trans_enabled OR $this->_trans->depth > 0)
+ if (ibase_commit($this->_ibase_trans))
{
+ $this->_ibase_trans = NULL;
return TRUE;
}
- return ibase_commit($this->_ibase_trans);
+ return FALSE;
}
// --------------------------------------------------------------------
@@ -180,15 +172,15 @@ class CI_DB_ibase_driver extends CI_DB {
*
* @return bool
*/
- public function trans_rollback()
+ protected function _trans_rollback()
{
- // When transactions are nested we only begin/commit/rollback the outermost ones
- if ( ! $this->trans_enabled OR $this->_trans_depth > 0)
+ if (ibase_rollback($this->_ibase_trans))
{
+ $this->_ibase_trans = NULL;
return TRUE;
}
- return ibase_rollback($this->_ibase_trans);
+ return FALSE;
}
// --------------------------------------------------------------------
diff --git a/system/database/drivers/mssql/mssql_driver.php b/system/database/drivers/mssql/mssql_driver.php
index 05e5418c3..883973ae1 100644
--- a/system/database/drivers/mssql/mssql_driver.php
+++ b/system/database/drivers/mssql/mssql_driver.php
@@ -182,22 +182,10 @@ class CI_DB_mssql_driver extends CI_DB {
/**
* Begin Transaction
*
- * @param bool $test_mode
* @return bool
*/
- public function trans_begin($test_mode = FALSE)
+ protected function _trans_begin()
{
- // When transactions are nested we only begin/commit/rollback the outermost ones
- if ( ! $this->trans_enabled OR $this->_trans_depth > 0)
- {
- return TRUE;
- }
-
- // Reset the transaction failure flag.
- // If the $test_mode flag is set to TRUE transactions will be rolled back
- // even if the queries produce a successful result.
- $this->_trans_failure = ($test_mode === TRUE);
-
return $this->simple_query('BEGIN TRAN');
}
@@ -208,14 +196,8 @@ class CI_DB_mssql_driver extends CI_DB {
*
* @return bool
*/
- public function trans_commit()
+ protected function _trans_commit()
{
- // When transactions are nested we only begin/commit/rollback the outermost ones
- if ( ! $this->trans_enabled OR $this->_trans_depth > 0)
- {
- return TRUE;
- }
-
return $this->simple_query('COMMIT TRAN');
}
@@ -226,14 +208,8 @@ class CI_DB_mssql_driver extends CI_DB {
*
* @return bool
*/
- public function trans_rollback()
+ protected function _trans_rollback()
{
- // When transactions are nested we only begin/commit/rollback the outermost ones
- if ( ! $this->trans_enabled OR $this->_trans_depth > 0)
- {
- return TRUE;
- }
-
return $this->simple_query('ROLLBACK TRAN');
}
diff --git a/system/database/drivers/mysql/mysql_driver.php b/system/database/drivers/mysql/mysql_driver.php
index df0f24920..9c630d0d6 100644
--- a/system/database/drivers/mysql/mysql_driver.php
+++ b/system/database/drivers/mysql/mysql_driver.php
@@ -272,25 +272,12 @@ class CI_DB_mysql_driver extends CI_DB {
/**
* Begin Transaction
*
- * @param bool $test_mode
* @return bool
*/
- public function trans_begin($test_mode = FALSE)
+ protected function _trans_begin()
{
- // When transactions are nested we only begin/commit/rollback the outermost ones
- if ( ! $this->trans_enabled OR $this->_trans_depth > 0)
- {
- return TRUE;
- }
-
- // Reset the transaction failure flag.
- // If the $test_mode flag is set to TRUE transactions will be rolled back
- // even if the queries produce a successful result.
- $this->_trans_failure = ($test_mode === TRUE);
-
$this->simple_query('SET AUTOCOMMIT=0');
- $this->simple_query('START TRANSACTION'); // can also be BEGIN or BEGIN WORK
- return TRUE;
+ return $this->simple_query('START TRANSACTION'); // can also be BEGIN or BEGIN WORK
}
// --------------------------------------------------------------------
@@ -300,17 +287,15 @@ class CI_DB_mysql_driver extends CI_DB {
*
* @return bool
*/
- public function trans_commit()
+ protected function _trans_commit()
{
- // When transactions are nested we only begin/commit/rollback the outermost ones
- if ( ! $this->trans_enabled OR $this->_trans_depth > 0)
+ if ($this->simple_query('COMMIT'))
{
+ $this->simple_query('SET AUTOCOMMIT=1');
return TRUE;
}
- $this->simple_query('COMMIT');
- $this->simple_query('SET AUTOCOMMIT=1');
- return TRUE;
+ return FALSE;
}
// --------------------------------------------------------------------
@@ -320,17 +305,15 @@ class CI_DB_mysql_driver extends CI_DB {
*
* @return bool
*/
- public function trans_rollback()
+ protected function _trans_rollback()
{
- // When transactions are nested we only begin/commit/rollback the outermost ones
- if ( ! $this->trans_enabled OR $this->_trans_depth > 0)
+ if ($this->simple_query('ROLLBACK'))
{
+ $this->simple_query('SET AUTOCOMMIT=1');
return TRUE;
}
- $this->simple_query('ROLLBACK');
- $this->simple_query('SET AUTOCOMMIT=1');
- return TRUE;
+ return FALSE;
}
// --------------------------------------------------------------------
diff --git a/system/database/drivers/mysqli/mysqli_driver.php b/system/database/drivers/mysqli/mysqli_driver.php
index dd3cc77c6..827470078 100644
--- a/system/database/drivers/mysqli/mysqli_driver.php
+++ b/system/database/drivers/mysqli/mysqli_driver.php
@@ -291,22 +291,10 @@ class CI_DB_mysqli_driver extends CI_DB {
/**
* Begin Transaction
*
- * @param bool $test_mode
* @return bool
*/
- public function trans_begin($test_mode = FALSE)
+ protected function _trans_begin()
{
- // When transactions are nested we only begin/commit/rollback the outermost ones
- if ( ! $this->trans_enabled OR $this->_trans_depth > 0)
- {
- return TRUE;
- }
-
- // Reset the transaction failure flag.
- // If the $test_mode flag is set to TRUE transactions will be rolled back
- // even if the queries produce a successful result.
- $this->_trans_failure = ($test_mode === TRUE);
-
$this->conn_id->autocommit(FALSE);
return is_php('5.5')
? $this->conn_id->begin_transaction()
@@ -320,14 +308,8 @@ class CI_DB_mysqli_driver extends CI_DB {
*
* @return bool
*/
- public function trans_commit()
+ protected function _trans_commit()
{
- // When transactions are nested we only begin/commit/rollback the outermost ones
- if ( ! $this->trans_enabled OR $this->_trans_depth > 0)
- {
- return TRUE;
- }
-
if ($this->conn_id->commit())
{
$this->conn_id->autocommit(TRUE);
@@ -344,14 +326,8 @@ class CI_DB_mysqli_driver extends CI_DB {
*
* @return bool
*/
- public function trans_rollback()
+ protected function _trans_rollback()
{
- // When transactions are nested we only begin/commit/rollback the outermost ones
- if ( ! $this->trans_enabled OR $this->_trans_depth > 0)
- {
- return TRUE;
- }
-
if ($this->conn_id->rollback())
{
$this->conn_id->autocommit(TRUE);
diff --git a/system/database/drivers/oci8/oci8_driver.php b/system/database/drivers/oci8/oci8_driver.php
index f2e40da9b..916ddeb90 100644
--- a/system/database/drivers/oci8/oci8_driver.php
+++ b/system/database/drivers/oci8/oci8_driver.php
@@ -378,27 +378,10 @@ class CI_DB_oci8_driver extends CI_DB {
/**
* Begin Transaction
*
- * @param bool $test_mode
* @return bool
*/
- public function trans_begin($test_mode = FALSE)
+ protected function _trans_begin()
{
- if ( ! $this->trans_enabled)
- {
- return TRUE;
- }
-
- // When transactions are nested we only begin/commit/rollback the outermost ones
- if ($this->_trans_depth > 0)
- {
- return TRUE;
- }
-
- // Reset the transaction failure flag.
- // If the $test_mode flag is set to TRUE transactions will be rolled back
- // even if the queries produce a successful result.
- $this->_trans_failure = ($test_mode === TRUE);
-
$this->commit_mode = is_php('5.3.2') ? OCI_NO_AUTO_COMMIT : OCI_DEFAULT;
return TRUE;
}
@@ -410,20 +393,10 @@ class CI_DB_oci8_driver extends CI_DB {
*
* @return bool
*/
- public function trans_commit()
+ protected function _trans_commit()
{
- if ( ! $this->trans_enabled)
- {
- return TRUE;
- }
-
- // When transactions are nested we only begin/commit/rollback the outermost ones
- if ($this->_trans_depth > 0)
- {
- return TRUE;
- }
-
$this->commit_mode = OCI_COMMIT_ON_SUCCESS;
+
return oci_commit($this->conn_id);
}
@@ -434,14 +407,8 @@ class CI_DB_oci8_driver extends CI_DB {
*
* @return bool
*/
- public function trans_rollback()
+ protected function _trans_rollback()
{
- // When transactions are nested we only begin/commit/rollback the outermost ones
- if ( ! $this->trans_enabled OR $this->_trans_depth > 0)
- {
- return TRUE;
- }
-
$this->commit_mode = OCI_COMMIT_ON_SUCCESS;
return oci_rollback($this->conn_id);
}
diff --git a/system/database/drivers/odbc/odbc_driver.php b/system/database/drivers/odbc/odbc_driver.php
index f5d77a147..409284b44 100644
--- a/system/database/drivers/odbc/odbc_driver.php
+++ b/system/database/drivers/odbc/odbc_driver.php
@@ -143,22 +143,10 @@ class CI_DB_odbc_driver extends CI_DB {
/**
* Begin Transaction
*
- * @param bool $test_mode
* @return bool
*/
- public function trans_begin($test_mode = FALSE)
+ protected function _trans_begin()
{
- // When transactions are nested we only begin/commit/rollback the outermost ones
- if ( ! $this->trans_enabled OR $this->_trans_depth > 0)
- {
- return TRUE;
- }
-
- // Reset the transaction failure flag.
- // If the $test_mode flag is set to TRUE transactions will be rolled back
- // even if the queries produce a successful result.
- $this->_trans_failure = ($test_mode === TRUE);
-
return odbc_autocommit($this->conn_id, FALSE);
}
@@ -169,17 +157,15 @@ class CI_DB_odbc_driver extends CI_DB {
*
* @return bool
*/
- public function trans_commit()
+ protected function _trans_commit()
{
- // When transactions are nested we only begin/commit/rollback the outermost ones
- if ( ! $this->trans_enabled OR $this->_trans_depth > 0)
+ if (odbc_commit($this->conn_id))
{
+ odbc_autocommit($this->conn_id, TRUE);
return TRUE;
}
- $ret = odbc_commit($this->conn_id);
- odbc_autocommit($this->conn_id, TRUE);
- return $ret;
+ return FALSE;
}
// --------------------------------------------------------------------
@@ -189,17 +175,15 @@ class CI_DB_odbc_driver extends CI_DB {
*
* @return bool
*/
- public function trans_rollback()
+ protected function _trans_rollback()
{
- // When transactions are nested we only begin/commit/rollback the outermost ones
- if ( ! $this->trans_enabled OR $this->_trans_depth > 0)
+ if (odbc_rollback($this->conn_id))
{
+ odbc_autocommit($this->conn_id, TRUE);
return TRUE;
}
- $ret = odbc_rollback($this->conn_id);
- odbc_autocommit($this->conn_id, TRUE);
- return $ret;
+ return FALSE;
}
// --------------------------------------------------------------------
diff --git a/system/database/drivers/pdo/pdo_driver.php b/system/database/drivers/pdo/pdo_driver.php
index cc77e9568..8c5a5e7e3 100644
--- a/system/database/drivers/pdo/pdo_driver.php
+++ b/system/database/drivers/pdo/pdo_driver.php
@@ -186,22 +186,10 @@ class CI_DB_pdo_driver extends CI_DB {
/**
* Begin Transaction
*
- * @param bool $test_mode
* @return bool
*/
- public function trans_begin($test_mode = FALSE)
+ protected function _trans_begin()
{
- // When transactions are nested we only begin/commit/rollback the outermost ones
- if ( ! $this->trans_enabled OR $this->_trans_depth > 0)
- {
- return TRUE;
- }
-
- // Reset the transaction failure flag.
- // If the $test_mode flag is set to TRUE transactions will be rolled back
- // even if the queries produce a successful result.
- $this->_trans_failure = ($test_mode === TRUE);
-
return $this->conn_id->beginTransaction();
}
@@ -212,14 +200,8 @@ class CI_DB_pdo_driver extends CI_DB {
*
* @return bool
*/
- public function trans_commit()
+ protected function _trans_commit()
{
- // When transactions are nested we only begin/commit/rollback the outermost ones
- if ( ! $this->trans_enabled OR $this->_trans_depth > 0)
- {
- return TRUE;
- }
-
return $this->conn_id->commit();
}
@@ -230,14 +212,8 @@ class CI_DB_pdo_driver extends CI_DB {
*
* @return bool
*/
- public function trans_rollback()
+ protected function _trans_rollback()
{
- // When transactions are nested we only begin/commit/rollback the outermost ones
- if ( ! $this->trans_enabled OR $this->_trans_depth > 0)
- {
- return TRUE;
- }
-
return $this->conn_id->rollBack();
}
diff --git a/system/database/drivers/postgre/postgre_driver.php b/system/database/drivers/postgre/postgre_driver.php
index 7be07c3bf..b1df326f7 100644
--- a/system/database/drivers/postgre/postgre_driver.php
+++ b/system/database/drivers/postgre/postgre_driver.php
@@ -247,22 +247,10 @@ class CI_DB_postgre_driver extends CI_DB {
/**
* Begin Transaction
*
- * @param bool $test_mode
* @return bool
*/
- public function trans_begin($test_mode = FALSE)
+ protected function _trans_begin()
{
- // When transactions are nested we only begin/commit/rollback the outermost ones
- if ( ! $this->trans_enabled OR $this->_trans_depth > 0)
- {
- return TRUE;
- }
-
- // Reset the transaction failure flag.
- // If the $test_mode flag is set to TRUE transactions will be rolled back
- // even if the queries produce a successful result.
- $this->_trans_failure = ($test_mode === TRUE);
-
return (bool) pg_query($this->conn_id, 'BEGIN');
}
@@ -273,14 +261,8 @@ class CI_DB_postgre_driver extends CI_DB {
*
* @return bool
*/
- public function trans_commit()
+ protected function _trans_commit()
{
- // When transactions are nested we only begin/commit/rollback the outermost ones
- if ( ! $this->trans_enabled OR $this->_trans_depth > 0)
- {
- return TRUE;
- }
-
return (bool) pg_query($this->conn_id, 'COMMIT');
}
@@ -291,14 +273,8 @@ class CI_DB_postgre_driver extends CI_DB {
*
* @return bool
*/
- public function trans_rollback()
+ protected function _trans_rollback()
{
- // When transactions are nested we only begin/commit/rollback the outermost ones
- if ( ! $this->trans_enabled OR $this->_trans_depth > 0)
- {
- return TRUE;
- }
-
return (bool) pg_query($this->conn_id, 'ROLLBACK');
}
diff --git a/system/database/drivers/sqlite/sqlite_driver.php b/system/database/drivers/sqlite/sqlite_driver.php
index 9d9caa0b4..e000a8e50 100644
--- a/system/database/drivers/sqlite/sqlite_driver.php
+++ b/system/database/drivers/sqlite/sqlite_driver.php
@@ -122,24 +122,11 @@ class CI_DB_sqlite_driver extends CI_DB {
/**
* Begin Transaction
*
- * @param bool $test_mode
* @return bool
*/
- public function trans_begin($test_mode = FALSE)
+ protected function _trans_begin()
{
- // When transactions are nested we only begin/commit/rollback the outermost ones
- if ( ! $this->trans_enabled OR $this->_trans_depth > 0)
- {
- return TRUE;
- }
-
- // Reset the transaction failure flag.
- // If the $test_mode flag is set to TRUE transactions will be rolled back
- // even if the queries produce a successful result.
- $this->_trans_failure = ($test_mode === TRUE);
-
- $this->simple_query('BEGIN TRANSACTION');
- return TRUE;
+ return $this->simple_query('BEGIN TRANSACTION');
}
// --------------------------------------------------------------------
@@ -149,16 +136,9 @@ class CI_DB_sqlite_driver extends CI_DB {
*
* @return bool
*/
- public function trans_commit()
+ protected function _trans_commit()
{
- // When transactions are nested we only begin/commit/rollback the outermost ones
- if ( ! $this->trans_enabled OR $this->_trans_depth > 0)
- {
- return TRUE;
- }
-
- $this->simple_query('COMMIT');
- return TRUE;
+ return $this->simple_query('COMMIT');
}
// --------------------------------------------------------------------
@@ -168,16 +148,9 @@ class CI_DB_sqlite_driver extends CI_DB {
*
* @return bool
*/
- public function trans_rollback()
+ protected function _trans_rollback()
{
- // When transactions are nested we only begin/commit/rollback the outermost ones
- if ( ! $this->trans_enabled OR $this->_trans_depth > 0)
- {
- return TRUE;
- }
-
- $this->simple_query('ROLLBACK');
- return TRUE;
+ return $this->simple_query('ROLLBACK');
}
// --------------------------------------------------------------------
diff --git a/system/database/drivers/sqlite3/sqlite3_driver.php b/system/database/drivers/sqlite3/sqlite3_driver.php
index 31e37de91..73e453785 100644
--- a/system/database/drivers/sqlite3/sqlite3_driver.php
+++ b/system/database/drivers/sqlite3/sqlite3_driver.php
@@ -134,22 +134,10 @@ class CI_DB_sqlite3_driver extends CI_DB {
/**
* Begin Transaction
*
- * @param bool $test_mode
* @return bool
*/
- public function trans_begin($test_mode = FALSE)
+ protected function _trans_begin()
{
- // When transactions are nested we only begin/commit/rollback the outermost ones
- if ( ! $this->trans_enabled OR $this->_trans_depth > 0)
- {
- return TRUE;
- }
-
- // Reset the transaction failure flag.
- // If the $test_mode flag is set to TRUE transactions will be rolled back
- // even if the queries produce a successful result.
- $this->_trans_failure = ($test_mode === TRUE);
-
return $this->conn_id->exec('BEGIN TRANSACTION');
}
@@ -160,14 +148,8 @@ class CI_DB_sqlite3_driver extends CI_DB {
*
* @return bool
*/
- public function trans_commit()
+ protected function _trans_commit()
{
- // When transactions are nested we only begin/commit/rollback the outermost ones
- if ( ! $this->trans_enabled OR $this->_trans_depth > 0)
- {
- return TRUE;
- }
-
return $this->conn_id->exec('END TRANSACTION');
}
@@ -178,14 +160,8 @@ class CI_DB_sqlite3_driver extends CI_DB {
*
* @return bool
*/
- public function trans_rollback()
+ protected function _trans_rollback()
{
- // When transactions are nested we only begin/commit/rollback the outermost ones
- if ( ! $this->trans_enabled OR $this->_trans_depth > 0)
- {
- return TRUE;
- }
-
return $this->conn_id->exec('ROLLBACK');
}
diff --git a/system/database/drivers/sqlsrv/sqlsrv_driver.php b/system/database/drivers/sqlsrv/sqlsrv_driver.php
index 8d383b274..414669a4b 100644
--- a/system/database/drivers/sqlsrv/sqlsrv_driver.php
+++ b/system/database/drivers/sqlsrv/sqlsrv_driver.php
@@ -197,22 +197,10 @@ class CI_DB_sqlsrv_driver extends CI_DB {
/**
* Begin Transaction
*
- * @param bool $test_mode
* @return bool
*/
- public function trans_begin($test_mode = FALSE)
+ protected function _trans_begin()
{
- // When transactions are nested we only begin/commit/rollback the outermost ones
- if ( ! $this->trans_enabled OR $this->_trans_depth > 0)
- {
- return TRUE;
- }
-
- // Reset the transaction failure flag.
- // If the $test_mode flag is set to TRUE transactions will be rolled back
- // even if the queries produce a successful result.
- $this->_trans_failure = ($test_mode === TRUE);
-
return sqlsrv_begin_transaction($this->conn_id);
}
@@ -223,14 +211,8 @@ class CI_DB_sqlsrv_driver extends CI_DB {
*
* @return bool
*/
- public function trans_commit()
+ protected function _trans_commit()
{
- // When transactions are nested we only begin/commit/rollback the outermost ones
- if ( ! $this->trans_enabled OR $this->_trans_depth > 0)
- {
- return TRUE;
- }
-
return sqlsrv_commit($this->conn_id);
}
@@ -241,14 +223,8 @@ class CI_DB_sqlsrv_driver extends CI_DB {
*
* @return bool
*/
- public function trans_rollback()
+ protected function _trans_rollback()
{
- // When transactions are nested we only begin/commit/rollback the outermost ones
- if ( ! $this->trans_enabled OR $this->_trans_depth > 0)
- {
- return TRUE;
- }
-
return sqlsrv_rollback($this->conn_id);
}
@@ -275,9 +251,7 @@ class CI_DB_sqlsrv_driver extends CI_DB {
*/
public function insert_id()
{
- $query = $this->query('SELECT @@IDENTITY AS insert_id');
- $query = $query->row();
- return $query->insert_id;
+ return $this->query('SELECT SCOPE_IDENTITY() AS insert_id')->row()->insert_id;
}
// --------------------------------------------------------------------
diff --git a/system/helpers/captcha_helper.php b/system/helpers/captcha_helper.php
index 201987ac8..85bcfb5a0 100644
--- a/system/helpers/captcha_helper.php
+++ b/system/helpers/captcha_helper.php
@@ -125,9 +125,94 @@ if ( ! function_exists('create_captcha'))
if (empty($word))
{
$word = '';
- for ($i = 0, $mt_rand_max = strlen($pool) - 1; $i < $word_length; $i++)
+ $pool_length = strlen($pool);
+ $rand_max = $pool_length - 1;
+
+ // PHP7 or a suitable polyfill
+ if (function_exists('random_int'))
+ {
+ try
+ {
+ for ($i = 0; $i < $word_length; $i++)
+ {
+ $word .= $pool[random_int(0, $rand_max)];
+ }
+ }
+ catch (Exception $e)
+ {
+ // This means fallback to the next possible
+ // alternative to random_int()
+ $word = '';
+ }
+ }
+ }
+
+ if (empty($word))
+ {
+ // Nobody will have a larger character pool than
+ // 256 characters, but let's handle it just in case ...
+ //
+ // No, I do not care that the fallback to mt_rand() can
+ // handle it; if you trigger this, you're very obviously
+ // trying to break it. -- Narf
+ if ($pool_length > 256)
+ {
+ return FALSE;
+ }
+
+ // We'll try using the operating system's PRNG first,
+ // which we can access through CI_Security::get_random_bytes()
+ $security = get_instance()->security;
+
+ // To avoid numerous get_random_bytes() calls, we'll
+ // just try fetching as much bytes as we need at once.
+ if (($bytes = $security->get_random_bytes($pool_length)) !== FALSE)
+ {
+ $byte_index = $word_index = 0;
+ while ($word_index < $word_length)
+ {
+ if (($rand_index = unpack('C', $bytes[$byte_index++])) > $rand_max)
+ {
+ // Was this the last byte we have?
+ // If so, try to fetch more.
+ if ($byte_index === $pool_length)
+ {
+ // No failures should be possible if
+ // the first get_random_bytes() call
+ // didn't return FALSE, but still ...
+ for ($i = 0; $i < 5; $i++)
+ {
+ if (($bytes = $security->get_random_bytes($pool_length)) === FALSE)
+ {
+ continue;
+ }
+
+ $byte_index = 0;
+ break;
+ }
+
+ if ($bytes === FALSE)
+ {
+ // Sadly, this means fallback to mt_rand()
+ $word = '';
+ break;
+ }
+ }
+
+ continue;
+ }
+
+ $word .= $pool[$rand_index];
+ $word_index++;
+ }
+ }
+ }
+
+ if (empty($word))
+ {
+ for ($i = 0; $i < $word_length; $i++)
{
- $word .= $pool[mt_rand(0, $mt_rand_max)];
+ $word .= $pool[mt_rand(0, $rand_max)];
}
}
elseif ( ! is_string($word))
diff --git a/system/libraries/Email.php b/system/libraries/Email.php
index acf3629c3..ebff7567a 100644
--- a/system/libraries/Email.php
+++ b/system/libraries/Email.php
@@ -1563,11 +1563,10 @@ class CI_Email {
if ($this->charset === 'UTF-8')
{
- if (MB_ENABLED === TRUE)
- {
- return mb_encode_mimeheader($str, $this->charset, 'Q', $this->crlf);
- }
- elseif (ICONV_ENABLED === TRUE)
+ // Note: We used to have mb_encode_mimeheader() as the first choice
+ // here, but it turned out to be buggy and unreliable. DO NOT
+ // re-add it! -- Narf
+ if (ICONV_ENABLED === TRUE)
{
$output = @iconv_mime_encode('', $str,
array(
@@ -1590,6 +1589,10 @@ class CI_Email {
$chars = iconv_strlen($str, 'UTF-8');
}
+ elseif (MB_ENABLED === TRUE)
+ {
+ $chars = mb_strlen($str, 'UTF-8');
+ }
}
// We might already have this set for UTF-8
diff --git a/system/libraries/Session/drivers/Session_database_driver.php b/system/libraries/Session/drivers/Session_database_driver.php
index 1d01c2923..72b39d12d 100644
--- a/system/libraries/Session/drivers/Session_database_driver.php
+++ b/system/libraries/Session/drivers/Session_database_driver.php
@@ -159,6 +159,10 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan
if (($result = $this->_db->get()->row()) === NULL)
{
+ // PHP7 will reuse the same SessionHandler object after
+ // ID regeneration, so we need to explicitly set this to
+ // FALSE instead of relying on the default ...
+ $this->_row_exists = FALSE;
$this->_fingerprint = md5('');
return '';
}