summaryrefslogtreecommitdiffstats
path: root/system
diff options
context:
space:
mode:
Diffstat (limited to 'system')
-rw-r--r--system/core/Common.php8
-rw-r--r--system/core/Exceptions.php1
-rw-r--r--system/database/DB_driver.php2
-rw-r--r--system/database/DB_forge.php4
-rw-r--r--system/database/drivers/ibase/ibase_forge.php2
-rw-r--r--system/database/drivers/pdo/subdrivers/pdo_firebird_forge.php2
-rw-r--r--system/database/drivers/pdo/subdrivers/pdo_sqlite_forge.php4
-rw-r--r--system/database/drivers/sqlite/sqlite_forge.php4
-rw-r--r--system/database/drivers/sqlite3/sqlite3_forge.php4
-rw-r--r--system/helpers/captcha_helper.php3
-rw-r--r--system/helpers/inflector_helper.php33
-rw-r--r--system/libraries/Encryption.php2
-rw-r--r--system/libraries/Session/Session.php36
-rw-r--r--system/libraries/Session/drivers/Session_files_driver.php45
-rw-r--r--system/libraries/Table.php1
-rw-r--r--system/libraries/Xmlrpc.php5
16 files changed, 128 insertions, 28 deletions
diff --git a/system/core/Common.php b/system/core/Common.php
index 2c7651943..91c585f7d 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -544,13 +544,18 @@ if ( ! function_exists('set_status_header'))
416 => 'Requested Range Not Satisfiable',
417 => 'Expectation Failed',
422 => 'Unprocessable Entity',
+ 426 => 'Upgrade Required',
+ 428 => 'Precondition Required',
+ 429 => 'Too Many Requests',
+ 431 => 'Request Header Fields Too Large',
500 => 'Internal Server Error',
501 => 'Not Implemented',
502 => 'Bad Gateway',
503 => 'Service Unavailable',
504 => 'Gateway Timeout',
- 505 => 'HTTP Version Not Supported'
+ 505 => 'HTTP Version Not Supported',
+ 511 => 'Network Authentication Required',
);
if (isset($stati[$code]))
@@ -656,6 +661,7 @@ if ( ! function_exists('_exception_handler'))
$_error =& load_class('Exceptions', 'core');
$_error->log_exception('error', 'Exception: '.$exception->getMessage(), $exception->getFile(), $exception->getLine());
+ is_cli() OR set_status_header(500);
// Should we display the error?
if (str_ireplace(array('off', 'none', 'no', 'false', 'null'), '', ini_get('display_errors')))
{
diff --git a/system/core/Exceptions.php b/system/core/Exceptions.php
index a1c6a1970..4e10f2831 100644
--- a/system/core/Exceptions.php
+++ b/system/core/Exceptions.php
@@ -207,7 +207,6 @@ class CI_Exceptions {
}
else
{
- set_status_header(500);
$templates_path .= 'html'.DIRECTORY_SEPARATOR;
}
diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php
index 848516adc..7ae52a307 100644
--- a/system/database/DB_driver.php
+++ b/system/database/DB_driver.php
@@ -980,7 +980,7 @@ abstract class CI_DB_driver {
*/
public function compile_binds($sql, $binds)
{
- if (empty($binds) OR empty($this->bind_marker) OR strpos($sql, $this->bind_marker) === FALSE)
+ if (empty($this->bind_marker) OR strpos($sql, $this->bind_marker) === FALSE)
{
return $sql;
}
diff --git a/system/database/DB_forge.php b/system/database/DB_forge.php
index 826aa1ebf..ed6f4b672 100644
--- a/system/database/DB_forge.php
+++ b/system/database/DB_forge.php
@@ -184,7 +184,7 @@ abstract class CI_DB_forge {
{
return ($this->db->db_debug) ? $this->db->display_error('db_unsupported_feature') : FALSE;
}
- elseif ( ! $this->db->query(sprintf($this->_create_database, $db_name, $this->db->char_set, $this->db->dbcollat)))
+ elseif ( ! $this->db->query(sprintf($this->_create_database, $this->db->escape_identifiers($db_name), $this->db->char_set, $this->db->dbcollat)))
{
return ($this->db->db_debug) ? $this->db->display_error('db_unable_to_drop') : FALSE;
}
@@ -211,7 +211,7 @@ abstract class CI_DB_forge {
{
return ($this->db->db_debug) ? $this->db->display_error('db_unsupported_feature') : FALSE;
}
- elseif ( ! $this->db->query(sprintf($this->_drop_database, $db_name)))
+ elseif ( ! $this->db->query(sprintf($this->_drop_database, $this->db->escape_identifiers($db_name))))
{
return ($this->db->db_debug) ? $this->db->display_error('db_unable_to_drop') : FALSE;
}
diff --git a/system/database/drivers/ibase/ibase_forge.php b/system/database/drivers/ibase/ibase_forge.php
index 9c358c365..b35cc3749 100644
--- a/system/database/drivers/ibase/ibase_forge.php
+++ b/system/database/drivers/ibase/ibase_forge.php
@@ -111,7 +111,7 @@ class CI_DB_ibase_forge extends CI_DB_forge {
* @param string $db_name (ignored)
* @return bool
*/
- public function drop_database($db_name = '')
+ public function drop_database($db_name)
{
if ( ! ibase_drop_db($this->conn_id))
{
diff --git a/system/database/drivers/pdo/subdrivers/pdo_firebird_forge.php b/system/database/drivers/pdo/subdrivers/pdo_firebird_forge.php
index 256fa1413..50df76905 100644
--- a/system/database/drivers/pdo/subdrivers/pdo_firebird_forge.php
+++ b/system/database/drivers/pdo/subdrivers/pdo_firebird_forge.php
@@ -97,7 +97,7 @@ class CI_DB_pdo_firebird_forge extends CI_DB_pdo_forge {
* @param string $db_name (ignored)
* @return bool
*/
- public function drop_database($db_name = '')
+ public function drop_database($db_name)
{
if ( ! ibase_drop_db($this->conn_id))
{
diff --git a/system/database/drivers/pdo/subdrivers/pdo_sqlite_forge.php b/system/database/drivers/pdo/subdrivers/pdo_sqlite_forge.php
index f6f9bb481..b124bcad1 100644
--- a/system/database/drivers/pdo/subdrivers/pdo_sqlite_forge.php
+++ b/system/database/drivers/pdo/subdrivers/pdo_sqlite_forge.php
@@ -101,7 +101,7 @@ class CI_DB_pdo_sqlite_forge extends CI_DB_pdo_forge {
* @param string $db_name (ignored)
* @return bool
*/
- public function create_database($db_name = '')
+ public function create_database($db_name)
{
// In SQLite, a database is created when you connect to the database.
// We'll return TRUE so that an error isn't generated
@@ -116,7 +116,7 @@ class CI_DB_pdo_sqlite_forge extends CI_DB_pdo_forge {
* @param string $db_name (ignored)
* @return bool
*/
- public function drop_database($db_name = '')
+ public function drop_database($db_name)
{
// In SQLite, a database is dropped when we delete a file
if (file_exists($this->db->database))
diff --git a/system/database/drivers/sqlite/sqlite_forge.php b/system/database/drivers/sqlite/sqlite_forge.php
index 8a1659430..3ad3477e4 100644
--- a/system/database/drivers/sqlite/sqlite_forge.php
+++ b/system/database/drivers/sqlite/sqlite_forge.php
@@ -75,7 +75,7 @@ class CI_DB_sqlite_forge extends CI_DB_forge {
* @param string $db_name (ignored)
* @return bool
*/
- public function create_database($db_name = '')
+ public function create_database($db_name)
{
// In SQLite, a database is created when you connect to the database.
// We'll return TRUE so that an error isn't generated
@@ -90,7 +90,7 @@ class CI_DB_sqlite_forge extends CI_DB_forge {
* @param string $db_name (ignored)
* @return bool
*/
- public function drop_database($db_name = '')
+ public function drop_database($db_name)
{
if ( ! file_exists($this->db->database) OR ! @unlink($this->db->database))
{
diff --git a/system/database/drivers/sqlite3/sqlite3_forge.php b/system/database/drivers/sqlite3/sqlite3_forge.php
index 43cbe33e5..c45472f54 100644
--- a/system/database/drivers/sqlite3/sqlite3_forge.php
+++ b/system/database/drivers/sqlite3/sqlite3_forge.php
@@ -87,7 +87,7 @@ class CI_DB_sqlite3_forge extends CI_DB_forge {
* @param string $db_name
* @return bool
*/
- public function create_database($db_name = '')
+ public function create_database($db_name)
{
// In SQLite, a database is created when you connect to the database.
// We'll return TRUE so that an error isn't generated
@@ -102,7 +102,7 @@ class CI_DB_sqlite3_forge extends CI_DB_forge {
* @param string $db_name (ignored)
* @return bool
*/
- public function drop_database($db_name = '')
+ public function drop_database($db_name)
{
// In SQLite, a database is dropped when we delete a file
if (file_exists($this->db->database))
diff --git a/system/helpers/captcha_helper.php b/system/helpers/captcha_helper.php
index 3c1e006f8..f2ff4dccf 100644
--- a/system/helpers/captcha_helper.php
+++ b/system/helpers/captcha_helper.php
@@ -110,7 +110,8 @@ if ( ! function_exists('create_captcha'))
$current_dir = @opendir($img_path);
while ($filename = @readdir($current_dir))
{
- if (substr($filename, -4) === '.jpg' && (str_replace('.jpg', '', $filename) + $expiration) < $now)
+ if (in_array(substr($filename, -4), array('.jpg', '.png'))
+ && (str_replace(array('.jpg', '.png'), '', $filename) + $expiration) < $now)
{
@unlink($img_path.$filename);
}
diff --git a/system/helpers/inflector_helper.php b/system/helpers/inflector_helper.php
index c064d8de4..6dc3b5030 100644
--- a/system/helpers/inflector_helper.php
+++ b/system/helpers/inflector_helper.php
@@ -238,8 +238,37 @@ if ( ! function_exists('is_countable'))
return ! in_array(
strtolower($word),
array(
- 'equipment', 'information', 'rice', 'money',
- 'species', 'series', 'fish', 'meta'
+ 'audio',
+ 'bison',
+ 'chassis',
+ 'compensation',
+ 'coreopsis',
+ 'data',
+ 'deer',
+ 'education',
+ 'emoji',
+ 'equipment',
+ 'fish',
+ 'furniture',
+ 'gold',
+ 'information',
+ 'knowledge',
+ 'love',
+ 'rain',
+ 'money',
+ 'moose',
+ 'nutrition',
+ 'offspring',
+ 'plankton',
+ 'pokemon',
+ 'police',
+ 'rice',
+ 'series',
+ 'sheep',
+ 'species',
+ 'swine',
+ 'traffic',
+ 'wheat',
)
);
}
diff --git a/system/libraries/Encryption.php b/system/libraries/Encryption.php
index 06284c2ed..545081b3b 100644
--- a/system/libraries/Encryption.php
+++ b/system/libraries/Encryption.php
@@ -907,7 +907,7 @@ class CI_Encryption {
* Byte-safe strlen()
*
* @param string $str
- * @return integer
+ * @return int
*/
protected static function strlen($str)
{
diff --git a/system/libraries/Session/Session.php b/system/libraries/Session/Session.php
index 3b391a8ef..5aac12f36 100644
--- a/system/libraries/Session/Session.php
+++ b/system/libraries/Session/Session.php
@@ -57,6 +57,7 @@ class CI_Session {
protected $_driver = 'files';
protected $_config;
+ protected $_sid_regexp;
// ------------------------------------------------------------------------
@@ -99,6 +100,7 @@ class CI_Session {
// Configuration ...
$this->_configure($params);
+ $this->_config['_sid_regexp'] = $this->_sid_regexp;
$class = new $class($this->_config);
if ($class instanceof SessionHandlerInterface)
@@ -131,7 +133,7 @@ class CI_Session {
if (isset($_COOKIE[$this->_config['cookie_name']])
&& (
! is_string($_COOKIE[$this->_config['cookie_name']])
- OR ! preg_match('/^[0-9a-f]{40}$/', $_COOKIE[$this->_config['cookie_name']])
+ OR ! preg_match('#\A'.$this->_sid_regexp.'\z#', $_COOKIE[$this->_config['cookie_name']])
)
)
{
@@ -315,8 +317,36 @@ class CI_Session {
ini_set('session.use_strict_mode', 1);
ini_set('session.use_cookies', 1);
ini_set('session.use_only_cookies', 1);
- ini_set('session.hash_function', 1);
- ini_set('session.hash_bits_per_character', 4);
+
+ if (PHP_VERSION_ID < 70100)
+ {
+ if ((int) ini_get('session.hash_function') === 0)
+ {
+ ini_set('session.hash_function', 1);
+ ini_set('session.hash_bits_per_character', $bits_per_character = 4);
+ }
+ else
+ {
+ $bits_per_character = (int) ini_get('session.hash_bits_per_character');
+ }
+ }
+ elseif ((int) ini_get('session.sid_length') < 40 && ($bits_per_character = (int) ini_get('session.sid_bits_per_character')) === 4)
+ {
+ ini_set('session.sid_length', 40);
+ }
+
+ switch ($bits_per_character)
+ {
+ case 4:
+ $this->_sid_regexp = '[0-9a-f]{40,}';
+ break;
+ case 5:
+ $this->_sid_regexp = '[0-9a-v]{40,}';
+ break;
+ case 6:
+ $this->_sid_regexp = '[0-9a-zA-Z,-]{40,}';
+ break;
+ }
}
// ------------------------------------------------------------------------
diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php
index bf4df8b20..37315d3cd 100644
--- a/system/libraries/Session/drivers/Session_files_driver.php
+++ b/system/libraries/Session/drivers/Session_files_driver.php
@@ -76,6 +76,20 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle
*/
protected $_file_new;
+ /**
+ * Validate SID regular expression
+ *
+ * @var string
+ */
+ protected $_sid_regexp;
+
+ /**
+ * mbstring.func_override flag
+ *
+ * @var bool
+ */
+ protected static $func_override;
+
// ------------------------------------------------------------------------
/**
@@ -98,6 +112,10 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle
log_message('debug', 'Session: "sess_save_path" is empty; using "session.save_path" value from php.ini.');
$this->_config['save_path'] = rtrim(ini_get('session.save_path'), '/\\');
}
+
+ $this->_sid_regexp = $this->_config['_sid_regexp'];
+
+ isset(self::$func_override) OR self::$func_override = (extension_loaded('mbstring') && ini_get('mbstring.func_override'));
}
// ------------------------------------------------------------------------
@@ -187,7 +205,7 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle
}
$session_data = '';
- for ($read = 0, $length = filesize($this->_file_path.$session_id); $read < $length; $read += strlen($buffer))
+ for ($read = 0, $length = filesize($this->_file_path.$session_id); $read < $length; $read += self::strlen($buffer))
{
if (($buffer = fread($this->_file_handle, $length - $read)) === FALSE)
{
@@ -343,10 +361,13 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle
$ts = time() - $maxlifetime;
+ $pattern = ($this->_config['match_ip'] === TRUE)
+ ? '[0-9a-f]{32}'
+ : '';
+
$pattern = sprintf(
- '/^%s[0-9a-f]{%d}$/',
- preg_quote($this->_config['cookie_name'], '/'),
- ($this->_config['match_ip'] === TRUE ? 72 : 40)
+ '#\A%s'.$pattern.$this->_sid_regexp.'\z#',
+ preg_quote($this->_config['cookie_name'])
);
while (($file = readdir($directory)) !== FALSE)
@@ -368,4 +389,18 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle
return $this->_success;
}
-} \ No newline at end of file
+ // --------------------------------------------------------------------
+
+ /**
+ * Byte-safe strlen()
+ *
+ * @param string $str
+ * @return int
+ */
+ protected static function strlen($str)
+ {
+ return (self::$func_override)
+ ? mb_strlen($str, '8bit')
+ : strlen($str);
+ }
+}
diff --git a/system/libraries/Table.php b/system/libraries/Table.php
index 3bce294d8..f2fa434d9 100644
--- a/system/libraries/Table.php
+++ b/system/libraries/Table.php
@@ -277,6 +277,7 @@ class CI_Table {
public function set_caption($caption)
{
$this->caption = $caption;
+ return $this;
}
// --------------------------------------------------------------------
diff --git a/system/libraries/Xmlrpc.php b/system/libraries/Xmlrpc.php
index 181a104d0..7186646da 100644
--- a/system/libraries/Xmlrpc.php
+++ b/system/libraries/Xmlrpc.php
@@ -735,6 +735,8 @@ class XML_RPC_Client extends CI_Xmlrpc
.'Content-Length: '.strlen($msg->payload).$r.$r
.$msg->payload;
+ stream_set_timeout($fp, $this->timeout); // set timeout for subsequent operations
+
for ($written = $timestamp = 0, $length = strlen($op); $written < $length; $written += $result)
{
if (($result = fwrite($fp, substr($op, $written))) === FALSE)
@@ -753,9 +755,6 @@ class XML_RPC_Client extends CI_Xmlrpc
$result = FALSE;
break;
}
-
- usleep(250000);
- continue;
}
else
{