summaryrefslogtreecommitdiffstats
path: root/system
diff options
context:
space:
mode:
Diffstat (limited to 'system')
-rw-r--r--system/core/Router.php1
-rw-r--r--system/core/Security.php16
-rw-r--r--system/core/URI.php2
-rw-r--r--system/database/DB.php5
-rw-r--r--system/database/DB_driver.php74
-rw-r--r--system/database/DB_forge.php4
-rw-r--r--system/database/DB_query_builder.php2
-rw-r--r--system/database/DB_utility.php14
-rw-r--r--system/database/drivers/mssql/mssql_driver.php16
-rw-r--r--system/database/drivers/mysql/mysql_driver.php31
-rw-r--r--system/database/drivers/mysqli/mysqli_driver.php20
-rw-r--r--system/database/drivers/oci8/oci8_driver.php8
-rw-r--r--system/database/drivers/pdo/subdrivers/pdo_oci_driver.php23
-rw-r--r--system/database/drivers/postgre/postgre_driver.php20
-rw-r--r--system/helpers/captcha_helper.php3
-rw-r--r--system/helpers/form_helper.php41
-rw-r--r--system/helpers/string_helper.php3
-rw-r--r--system/libraries/Email.php31
-rw-r--r--system/libraries/Encryption.php5
-rw-r--r--system/libraries/Form_validation.php9
-rw-r--r--system/libraries/Session/Session_driver.php23
-rw-r--r--system/libraries/Session/drivers/Session_database_driver.php49
-rw-r--r--system/libraries/Session/drivers/Session_files_driver.php63
-rw-r--r--system/libraries/Session/drivers/Session_memcached_driver.php45
-rw-r--r--system/libraries/Session/drivers/Session_redis_driver.php35
25 files changed, 308 insertions, 235 deletions
diff --git a/system/core/Router.php b/system/core/Router.php
index a84be1f1d..ce41aa958 100644
--- a/system/core/Router.php
+++ b/system/core/Router.php
@@ -118,6 +118,7 @@ class CI_Router {
*
* Runs the route mapping function.
*
+ * @param array $routing
* @return void
*/
public function __construct($routing = NULL)
diff --git a/system/core/Security.php b/system/core/Security.php
index 36dea4cf2..e79bf8aff 100644
--- a/system/core/Security.php
+++ b/system/core/Security.php
@@ -593,6 +593,22 @@ class CI_Security {
return FALSE;
}
+ if (function_exists('random_bytes'))
+ {
+ try
+ {
+ // The cast is required to avoid TypeError
+ return random_bytes((int) $length);
+ }
+ catch (Exception $e)
+ {
+ // If random_bytes() can't do the job, we can't either ...
+ // There's no point in using fallbacks.
+ log_message('error', $e->getMessage());
+ return FALSE;
+ }
+ }
+
// Unfortunately, none of the following PRNGs is guaranteed to exist ...
if (defined('MCRYPT_DEV_URANDOM') && ($output = mcrypt_create_iv($length, MCRYPT_DEV_URANDOM)) !== FALSE)
{
diff --git a/system/core/URI.php b/system/core/URI.php
index 5b658f679..5179b401f 100644
--- a/system/core/URI.php
+++ b/system/core/URI.php
@@ -294,7 +294,7 @@ class CI_URI {
*
* Do some final cleaning of the URI and return it, currently only used in self::_parse_request_uri()
*
- * @param string $url
+ * @param string $uri
* @return string
*/
protected function _remove_relative_directory($uri)
diff --git a/system/database/DB.php b/system/database/DB.php
index 23de414b5..355d26fb5 100644
--- a/system/database/DB.php
+++ b/system/database/DB.php
@@ -192,10 +192,13 @@ function &DB($params = '', $query_builder_override = NULL)
// Load the DB driver
$driver_file = BASEPATH.'database/drivers/'.$params['dbdriver'].'/'.$params['dbdriver'].'_driver.php';
-
file_exists($driver_file) OR show_error('Invalid DB driver');
require_once($driver_file);
+ // Load the result classes as well
+ require_once(BASEPATH.'database/DB_result.php');
+ require_once(BASEPATH.'database/drivers/'.$params['dbdriver'].'/'.$params['dbdriver'].'_result.php');
+
// Instantiate the DB adapter
$driver = 'CI_DB_'.$params['dbdriver'].'_driver';
$DB = new $driver($params);
diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php
index 25e70ec3f..af6b9f399 100644
--- a/system/database/DB_driver.php
+++ b/system/database/DB_driver.php
@@ -380,7 +380,8 @@ abstract class CI_DB_driver {
/**
* Initialize Database Settings
*
- * @return bool
+ * @return void
+ * @throws RuntimeException In case of failure
*/
public function initialize()
{
@@ -392,7 +393,7 @@ abstract class CI_DB_driver {
*/
if ($this->conn_id)
{
- return TRUE;
+ return;
}
// ----------------------------------------------------------------
@@ -429,19 +430,9 @@ abstract class CI_DB_driver {
// We still don't have a connection?
if ( ! $this->conn_id)
{
- log_message('error', 'Unable to connect to the database');
-
- if ($this->db_debug)
- {
- $this->display_error('db_unable_to_connect');
- }
-
- return FALSE;
+ throw new RuntimeException('Unable to connect to the database.');
}
}
-
- // Now we set the character set and that's all
- return $this->db_set_charset($this->char_set);
}
// --------------------------------------------------------------------
@@ -505,26 +496,13 @@ abstract class CI_DB_driver {
// --------------------------------------------------------------------
/**
- * Set client character set
+ * Last error
*
- * @param string
- * @return bool
+ * @return array
*/
- public function db_set_charset($charset)
+ public function error()
{
- if (method_exists($this, '_db_set_charset') && ! $this->_db_set_charset($charset))
- {
- log_message('error', 'Unable to set database connection charset: '.$charset);
-
- if ($this->db_debug)
- {
- $this->display_error('db_unable_to_set_charset', $charset);
- }
-
- return FALSE;
- }
-
- return TRUE;
+ return array('code' => NULL, 'message' => NULL);
}
// --------------------------------------------------------------------
@@ -622,7 +600,6 @@ abstract class CI_DB_driver {
// cached query if it exists
if ($this->cache_on === TRUE && $return_object === TRUE && $this->_cache_init())
{
- $this->load_rdriver();
if (FALSE !== ($cache = $this->CACHE->read($sql)))
{
return $cache;
@@ -710,9 +687,9 @@ abstract class CI_DB_driver {
return TRUE;
}
- // Load and instantiate the result driver
- $driver = $this->load_rdriver();
- $RES = new $driver($this);
+ // Instantiate the driver-specific result class
+ $driver = 'CI_DB_'.$this->dbdriver.'_result';
+ $RES = new $driver($this);
// Is query caching enabled? If so, we'll serialize the
// result object and save it to a cache file.
@@ -742,26 +719,6 @@ abstract class CI_DB_driver {
// --------------------------------------------------------------------
/**
- * Load the result drivers
- *
- * @return string the name of the result class
- */
- public function load_rdriver()
- {
- $driver = 'CI_DB_'.$this->dbdriver.'_result';
-
- if ( ! class_exists($driver, FALSE))
- {
- require_once(BASEPATH.'database/DB_result.php');
- require_once(BASEPATH.'database/drivers/'.$this->dbdriver.'/'.$this->dbdriver.'_result.php');
- }
-
- return $driver;
- }
-
- // --------------------------------------------------------------------
-
- /**
* Simple Query
* This is a simplified version of the query() function. Internally
* we only use it when running transaction commands since they do
@@ -772,14 +729,7 @@ abstract class CI_DB_driver {
*/
public function simple_query($sql)
{
- if ( ! $this->conn_id)
- {
- if ( ! $this->initialize())
- {
- return FALSE;
- }
- }
-
+ empty($this->conn_id) && $this->initialize();
return $this->_execute($sql);
}
diff --git a/system/database/DB_forge.php b/system/database/DB_forge.php
index f9cf76a14..1546e40c0 100644
--- a/system/database/DB_forge.php
+++ b/system/database/DB_forge.php
@@ -780,10 +780,6 @@ abstract class CI_DB_forge {
case 'ENUM':
case 'SET':
$attributes['CONSTRAINT'] = $this->db->escape($attributes['CONSTRAINT']);
- $field['length'] = is_array($attributes['CONSTRAINT'])
- ? "('".implode("','", $attributes['CONSTRAINT'])."')"
- : '('.$attributes['CONSTRAINT'].')';
- break;
default:
$field['length'] = is_array($attributes['CONSTRAINT'])
? '('.implode(',', $attributes['CONSTRAINT']).')'
diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php
index cf1100d27..7a3d2f594 100644
--- a/system/database/DB_query_builder.php
+++ b/system/database/DB_query_builder.php
@@ -1379,7 +1379,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
$this->from($table);
}
- $result = ($this->qb_distinct === TRUE)
+ $result = ($this->qb_distinct === TRUE OR ! empty($this->qb_orderby))
? $this->query($this->_count_string.$this->protect_identifiers('numrows')."\nFROM (\n".$this->_compile_select()."\n) CI_count_all_results")
: $this->query($this->_compile_select($this->_count_string.$this->protect_identifiers('numrows')));
diff --git a/system/database/DB_utility.php b/system/database/DB_utility.php
index b51893e18..fcc56f24e 100644
--- a/system/database/DB_utility.php
+++ b/system/database/DB_utility.php
@@ -235,13 +235,8 @@ abstract class CI_DB_utility {
* @param string $enclosure Enclosure (default: ")
* @return string
*/
- public function csv_from_result($query, $delim = ',', $newline = "\n", $enclosure = '"')
+ public function csv_from_result(CI_DB_result $query, $delim = ',', $newline = "\n", $enclosure = '"')
{
- if ( ! is_object($query) OR ! method_exists($query, 'list_fields'))
- {
- show_error('You must submit a valid result object');
- }
-
$out = '';
// First generate the headings from the table column names
foreach ($query->list_fields() as $name)
@@ -274,13 +269,8 @@ abstract class CI_DB_utility {
* @param array $params Any preferences
* @return string
*/
- public function xml_from_result($query, $params = array())
+ public function xml_from_result(CI_DB_result $query, $params = array())
{
- if ( ! is_object($query) OR ! method_exists($query, 'list_fields'))
- {
- show_error('You must submit a valid result object');
- }
-
// Set our default values
foreach (array('root' => 'root', 'element' => 'element', 'newline' => "\n", 'tab' => "\t") as $key => $val)
{
diff --git a/system/database/drivers/mssql/mssql_driver.php b/system/database/drivers/mssql/mssql_driver.php
index 883973ae1..bf18babeb 100644
--- a/system/database/drivers/mssql/mssql_driver.php
+++ b/system/database/drivers/mssql/mssql_driver.php
@@ -108,6 +108,7 @@ class CI_DB_mssql_driver extends CI_DB {
*/
public function db_connect($persistent = FALSE)
{
+ ini_set('mssql.charset', $this->char_set);
$this->conn_id = ($persistent)
? mssql_pconnect($this->hostname, $this->username, $this->password)
: mssql_connect($this->hostname, $this->username, $this->password);
@@ -248,26 +249,13 @@ class CI_DB_mssql_driver extends CI_DB {
// --------------------------------------------------------------------
/**
- * Set client character set
- *
- * @param string $charset
- * @return bool
- */
- protected function _db_set_charset($charset)
- {
- return (ini_set('mssql.charset', $charset) !== FALSE);
- }
-
- // --------------------------------------------------------------------
-
- /**
* Version number query string
*
* @return string
*/
protected function _version()
{
- return 'SELECT @@VERSION AS ver';
+ return "SELECT SERVERPROPERTY('ProductVersion') AS ver";
}
// --------------------------------------------------------------------
diff --git a/system/database/drivers/mysql/mysql_driver.php b/system/database/drivers/mysql/mysql_driver.php
index 9c630d0d6..3fafe3fd8 100644
--- a/system/database/drivers/mysql/mysql_driver.php
+++ b/system/database/drivers/mysql/mysql_driver.php
@@ -147,12 +147,24 @@ class CI_DB_mysql_driver extends CI_DB {
: FALSE;
}
- if ($this->stricton && is_resource($this->conn_id))
+ if (is_resource($this->conn_id))
{
- $this->simple_query('SET SESSION sql_mode="STRICT_ALL_TABLES"');
+ if ( ! mysql_set_charset($this->char_set, $this->conn_id))
+ {
+ log_message('error', "Database: Unable to set the configured connection charset ('{$this->char_set}').");
+ $this->close();
+ return ($this->db->debug) ? $this->display_error('db_unable_to_set_charset', $this->char_set) : FALSE;
+ }
+
+ if ($this->stricton)
+ {
+ $this->simple_query('SET SESSION sql_mode="STRICT_ALL_TABLES"');
+ }
+
+ return $this->conn_id;
}
- return $this->conn_id;
+ return FALSE;
}
// --------------------------------------------------------------------
@@ -200,19 +212,6 @@ class CI_DB_mysql_driver extends CI_DB {
// --------------------------------------------------------------------
/**
- * Set client character set
- *
- * @param string $charset
- * @return bool
- */
- protected function _db_set_charset($charset)
- {
- return mysql_set_charset($charset, $this->conn_id);
- }
-
- // --------------------------------------------------------------------
-
- /**
* Database version number
*
* @return string
diff --git a/system/database/drivers/mysqli/mysqli_driver.php b/system/database/drivers/mysqli/mysqli_driver.php
index 827470078..847544780 100644
--- a/system/database/drivers/mysqli/mysqli_driver.php
+++ b/system/database/drivers/mysqli/mysqli_driver.php
@@ -173,6 +173,13 @@ class CI_DB_mysqli_driver extends CI_DB {
return ($this->db->db_debug) ? $this->db->display_error($message, '', TRUE) : FALSE;
}
+ if ( ! $mysqli->set_charset($this->char_set))
+ {
+ log_message('error', "Database: Unable to set the configured connection charset ('{$this->char_set}').");
+ $mysqli->close();
+ return ($this->db->db_debug) ? $this->display_error('db_unable_to_set_charset', $this->char_set) : FALSE;
+ }
+
return $mysqli;
}
@@ -224,19 +231,6 @@ class CI_DB_mysqli_driver extends CI_DB {
// --------------------------------------------------------------------
/**
- * Set client character set
- *
- * @param string $charset
- * @return bool
- */
- protected function _db_set_charset($charset)
- {
- return $this->conn_id->set_charset($charset);
- }
-
- // --------------------------------------------------------------------
-
- /**
* Database version number
*
* @return string
diff --git a/system/database/drivers/oci8/oci8_driver.php b/system/database/drivers/oci8/oci8_driver.php
index 916ddeb90..206924d06 100644
--- a/system/database/drivers/oci8/oci8_driver.php
+++ b/system/database/drivers/oci8/oci8_driver.php
@@ -252,12 +252,16 @@ class CI_DB_oci8_driver extends CI_DB {
return $this->data_cache['version'];
}
- if ( ! $this->conn_id OR ($version = oci_server_version($this->conn_id)) === FALSE)
+ if ( ! $this->conn_id OR ($version_string = oci_server_version($this->conn_id)) === FALSE)
{
return FALSE;
}
+ elseif (preg_match('#Release\s(\d+(?:\.\d+)+)#', $version_string, $match))
+ {
+ return $this->data_cache['version'] = $match[1];
+ }
- return $this->data_cache['version'] = $version;
+ return FALSE;
}
// --------------------------------------------------------------------
diff --git a/system/database/drivers/pdo/subdrivers/pdo_oci_driver.php b/system/database/drivers/pdo/subdrivers/pdo_oci_driver.php
index d17e311f7..4791ab157 100644
--- a/system/database/drivers/pdo/subdrivers/pdo_oci_driver.php
+++ b/system/database/drivers/pdo/subdrivers/pdo_oci_driver.php
@@ -130,6 +130,29 @@ class CI_DB_pdo_oci_driver extends CI_DB_pdo_driver {
// --------------------------------------------------------------------
/**
+ * Database version number
+ *
+ * @return string
+ */
+ public function version()
+ {
+ if (isset($this->data_cache['version']))
+ {
+ return $this->data_cache['version'];
+ }
+
+ $version_string = parent::version();
+ if (preg_match('#Release\s(?<version>\d+(?:\.\d+)+)#', $version_string, $match))
+ {
+ return $this->data_cache['version'] = $match[1];
+ }
+
+ return FALSE;
+ }
+
+ // --------------------------------------------------------------------
+
+ /**
* Show table query
*
* Generates a platform-specific query string so that the table names can be fetched
diff --git a/system/database/drivers/postgre/postgre_driver.php b/system/database/drivers/postgre/postgre_driver.php
index b1df326f7..2d4e5a5d5 100644
--- a/system/database/drivers/postgre/postgre_driver.php
+++ b/system/database/drivers/postgre/postgre_driver.php
@@ -163,6 +163,13 @@ class CI_DB_postgre_driver extends CI_DB {
return FALSE;
}
+ if (pg_set_client_encoding($this->conn_id, $this->char_set) !== 0)
+ {
+ log_message('error', "Database: Unable to set the configured connection charset ('{$this->char_set}').");
+ pg_close($this->conn_id);
+ return ($this->db->db_debug) ? $this->display_error('db_unable_to_set_charset', $this->char_set) : FALSE;
+ }
+
empty($this->schema) OR $this->simple_query('SET search_path TO '.$this->schema.',public');
}
@@ -190,19 +197,6 @@ class CI_DB_postgre_driver extends CI_DB {
// --------------------------------------------------------------------
/**
- * Set client character set
- *
- * @param string $charset
- * @return bool
- */
- protected function _db_set_charset($charset)
- {
- return (pg_set_client_encoding($this->conn_id, $charset) === 0);
- }
-
- // --------------------------------------------------------------------
-
- /**
* Database version number
*
* @return string
diff --git a/system/helpers/captcha_helper.php b/system/helpers/captcha_helper.php
index 85bcfb5a0..03c1dd852 100644
--- a/system/helpers/captcha_helper.php
+++ b/system/helpers/captcha_helper.php
@@ -171,7 +171,8 @@ if ( ! function_exists('create_captcha'))
$byte_index = $word_index = 0;
while ($word_index < $word_length)
{
- if (($rand_index = unpack('C', $bytes[$byte_index++])) > $rand_max)
+ list(, $rand_index) = unpack('C', $bytes[$byte_index++]);
+ if ($rand_index > $rand_max)
{
// Was this the last byte we have?
// If so, try to fetch more.
diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php
index fd807769a..37dafd913 100644
--- a/system/helpers/form_helper.php
+++ b/system/helpers/form_helper.php
@@ -769,12 +769,11 @@ if ( ! function_exists('set_checkbox'))
{
return $CI->form_validation->set_checkbox($field, $value, $default);
}
- elseif (($input = $CI->input->post($field, FALSE)) === NULL)
- {
- return ($default === TRUE) ? ' checked="checked"' : '';
- }
+ // Form inputs are always strings ...
$value = (string) $value;
+ $input = $CI->input->post($field, FALSE);
+
if (is_array($input))
{
// Note: in_array('', array(0)) returns TRUE, do not use it
@@ -789,7 +788,13 @@ if ( ! function_exists('set_checkbox'))
return '';
}
- return ($input === $value) ? ' checked="checked"' : '';
+ // Unchecked checkbox and radio inputs are not even submitted by browsers ...
+ if ($CI->input->method() === 'post')
+ {
+ return ($input === 'value') ? ' checked="checked"' : '';
+ }
+
+ return ($default === TRUE) ? ' checked="checked"' : '';
}
}
@@ -816,12 +821,32 @@ if ( ! function_exists('set_radio'))
{
return $CI->form_validation->set_radio($field, $value, $default);
}
- elseif (($input = $CI->input->post($field, FALSE)) === NULL)
+
+ // Form inputs are always strings ...
+ $value = (string) $value;
+ $input = $CI->input->post($field, FALSE);
+
+ if (is_array($input))
+ {
+ // Note: in_array('', array(0)) returns TRUE, do not use it
+ foreach ($input as &$v)
+ {
+ if ($value === $v)
+ {
+ return ' checked="checked"';
+ }
+ }
+
+ return '';
+ }
+
+ // Unchecked checkbox and radio inputs are not even submitted by browsers ...
+ if ($CI->input->method() === 'post')
{
- return ($default === TRUE) ? ' checked="checked"' : '';
+ return ($input === 'value') ? ' checked="checked"' : '';
}
- return ($input === (string) $value) ? ' checked="checked"' : '';
+ return ($default === TRUE) ? ' checked="checked"' : '';
}
}
diff --git a/system/helpers/string_helper.php b/system/helpers/string_helper.php
index 637835160..3138a04b3 100644
--- a/system/helpers/string_helper.php
+++ b/system/helpers/string_helper.php
@@ -270,7 +270,7 @@ if ( ! function_exists('alternator'))
* @param string (as many parameters as needed)
* @return string
*/
- function alternator($args)
+ function alternator()
{
static $i;
@@ -279,6 +279,7 @@ if ( ! function_exists('alternator'))
$i = 0;
return '';
}
+
$args = func_get_args();
return $args[($i++ % count($args))];
}
diff --git a/system/libraries/Email.php b/system/libraries/Email.php
index ebff7567a..034586ac9 100644
--- a/system/libraries/Email.php
+++ b/system/libraries/Email.php
@@ -1469,6 +1469,20 @@ class CI_Email {
*/
protected function _prep_quoted_printable($str)
{
+ // ASCII code numbers for "safe" characters that can always be
+ // used literally, without encoding, as described in RFC 2049.
+ // http://www.ietf.org/rfc/rfc2049.txt
+ static $ascii_safe_chars = array(
+ // ' ( ) + , - . / : = ?
+ 39, 40, 41, 43, 44, 45, 46, 47, 58, 61, 63,
+ // numbers
+ 48, 49, 50, 51, 52, 53, 54, 55, 56, 57,
+ // upper-case letters
+ 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78, 79, 80, 81, 82, 83, 84, 85, 86, 87, 88, 89, 90,
+ // lower-case letters
+ 97, 98, 99, 100, 101, 102, 103, 104, 105, 106, 107, 108, 109, 110, 111, 112, 113, 114, 115, 116, 117, 118, 119, 120, 121, 122
+ );
+
// We are intentionally wrapping so mail servers will encode characters
// properly and MUAs will behave, so {unwrap} must go!
$str = str_replace(array('{unwrap}', '{/unwrap}'), '', $str);
@@ -1516,14 +1530,25 @@ class CI_Email {
$ascii = ord($char);
// Convert spaces and tabs but only if it's the end of the line
- if ($i === ($length - 1) && ($ascii === 32 OR $ascii === 9))
+ if ($ascii === 32 OR $ascii === 9)
{
- $char = $escape.sprintf('%02s', dechex($ascii));
+ if ($i === ($length - 1))
+ {
+ $char = $escape.sprintf('%02s', dechex($ascii));
+ }
}
- elseif ($ascii === 61) // encode = signs
+ // DO NOT move this below the $ascii_safe_chars line!
+ //
+ // = (equals) signs are allowed by RFC2049, but must be encoded
+ // as they are the encoding delimiter!
+ elseif ($ascii === 61)
{
$char = $escape.strtoupper(sprintf('%02s', dechex($ascii))); // =3D
}
+ elseif ( ! in_array($ascii, $ascii_safe_chars, TRUE))
+ {
+ $char = $escape.strtoupper(sprintf('%02s', dechex($ascii)));
+ }
// If we're at the character limit, add the line to the output,
// reset our temp variable, and keep on chuggin'
diff --git a/system/libraries/Encryption.php b/system/libraries/Encryption.php
index f3e039881..151ce8dec 100644
--- a/system/libraries/Encryption.php
+++ b/system/libraries/Encryption.php
@@ -337,6 +337,11 @@ class CI_Encryption {
*/
public function create_key($length)
{
+ if (function_exists('random_bytes'))
+ {
+ return random_bytes((int) $length);
+ }
+
return ($this->_driver === 'mcrypt')
? mcrypt_create_iv($length, MCRYPT_DEV_URANDOM)
: openssl_random_pseudo_bytes($length);
diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php
index a158225ee..c2212585d 100644
--- a/system/libraries/Form_validation.php
+++ b/system/libraries/Form_validation.php
@@ -415,12 +415,9 @@ class CI_Form_validation {
*/
public function run($group = '')
{
- // Do we even have any data to process? Mm?
- $validation_array = empty($this->validation_data) ? $_POST : $this->validation_data;
- if (count($validation_array) === 0)
- {
- return FALSE;
- }
+ $validation_array = empty($this->validation_data)
+ ? $_POST
+ : $this->validation_data;
// Does the _field_data array containing the validation rules exist?
// If not, we look to see if they were assigned via a config file
diff --git a/system/libraries/Session/Session_driver.php b/system/libraries/Session/Session_driver.php
index 47376da5b..64b4bb511 100644
--- a/system/libraries/Session/Session_driver.php
+++ b/system/libraries/Session/Session_driver.php
@@ -74,6 +74,18 @@ abstract class CI_Session_driver implements SessionHandlerInterface {
*/
protected $_session_id;
+ /**
+ * Success and failure return values
+ *
+ * Necessary due to a bug in all PHP 5 versions where return values
+ * from userspace handlers are not handled properly. PHP 7 fixes the
+ * bug, so we need to return different values depending on the version.
+ *
+ * @see https://wiki.php.net/rfc/session.user.return-value
+ * @var mixed
+ */
+ protected $_success, $_failure;
+
// ------------------------------------------------------------------------
/**
@@ -85,6 +97,17 @@ abstract class CI_Session_driver implements SessionHandlerInterface {
public function __construct(&$params)
{
$this->_config =& $params;
+
+ if (is_php('7'))
+ {
+ $this->_success = TRUE;
+ $this->_failure = FALSE;
+ }
+ else
+ {
+ $this->_success = 0;
+ $this->_failure = -1;
+ }
}
// ------------------------------------------------------------------------
diff --git a/system/libraries/Session/drivers/Session_database_driver.php b/system/libraries/Session/drivers/Session_database_driver.php
index 72b39d12d..40a358fb8 100644
--- a/system/libraries/Session/drivers/Session_database_driver.php
+++ b/system/libraries/Session/drivers/Session_database_driver.php
@@ -125,9 +125,12 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan
*/
public function open($save_path, $name)
{
- return empty($this->_db->conn_id)
- ? (bool) $this->_db->db_connect()
- : TRUE;
+ if (empty($this->_db->conn_id) && ! $this->_db->db_connect())
+ {
+ return $this->_failure;
+ }
+
+ return $this->_success;
}
// ------------------------------------------------------------------------
@@ -201,7 +204,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan
{
if ( ! $this->_release_lock() OR ! $this->_get_lock($session_id))
{
- return FALSE;
+ return $this->_failure;
}
$this->_row_exists = FALSE;
@@ -209,7 +212,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan
}
elseif ($this->_lock === FALSE)
{
- return FALSE;
+ return $this->_failure;
}
if ($this->_row_exists === FALSE)
@@ -224,10 +227,11 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan
if ($this->_db->insert($this->_config['save_path'], $insert_data))
{
$this->_fingerprint = md5($session_data);
- return $this->_row_exists = TRUE;
+ $this->_row_exists = TRUE;
+ return $this->_success;
}
- return FALSE;
+ return $this->_failure;
}
$this->_db->where('id', $session_id);
@@ -247,10 +251,10 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan
if ($this->_db->update($this->_config['save_path'], $update_data))
{
$this->_fingerprint = md5($session_data);
- return TRUE;
+ return $this->_success;
}
- return FALSE;
+ return $this->_failure;
}
// ------------------------------------------------------------------------
@@ -264,9 +268,9 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan
*/
public function close()
{
- return ($this->_lock)
- ? $this->_release_lock()
- : TRUE;
+ return ($this->_lock && ! $this->_release_lock())
+ ? $this->_failure
+ : $this->_success;
}
// ------------------------------------------------------------------------
@@ -289,12 +293,19 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan
$this->_db->where('ip_address', $_SERVER['REMOTE_ADDR']);
}
- return $this->_db->delete($this->_config['save_path'])
- ? ($this->close() && $this->_cookie_destroy())
- : FALSE;
+ if ( ! $this->_db->delete($this->_config['save_path']))
+ {
+ return $this->_failure;
+ }
+ }
+
+ if ($this->close())
+ {
+ $this->_cookie_destroy();
+ return $this->_success;
}
- return ($this->close() && $this->_cookie_destroy());
+ return $this->_failure;
}
// ------------------------------------------------------------------------
@@ -309,7 +320,9 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan
*/
public function gc($maxlifetime)
{
- return $this->_db->delete($this->_config['save_path'], 'timestamp < '.(time() - $maxlifetime));
+ return ($this->_db->delete($this->_config['save_path'], 'timestamp < '.(time() - $maxlifetime)))
+ ? $this->_success
+ : $this->_failure;
}
// ------------------------------------------------------------------------
@@ -390,4 +403,4 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan
return parent::_release_lock();
}
-}
+} \ No newline at end of file
diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php
index 45da91c46..f0f055f87 100644
--- a/system/libraries/Session/drivers/Session_files_driver.php
+++ b/system/libraries/Session/drivers/Session_files_driver.php
@@ -129,7 +129,7 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle
.$name // we'll use the session cookie name as a prefix to avoid collisions
.($this->_config['match_ip'] ? md5($_SERVER['REMOTE_ADDR']) : '');
- return TRUE;
+ return $this->_success;
}
// ------------------------------------------------------------------------
@@ -156,13 +156,13 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle
if (($this->_file_handle = fopen($this->_file_path.$session_id, 'w+b')) === FALSE)
{
log_message('error', "Session: File '".$this->_file_path.$session_id."' doesn't exist and cannot be created.");
- return FALSE;
+ return $this->_failure;
}
}
elseif (($this->_file_handle = fopen($this->_file_path.$session_id, 'r+b')) === FALSE)
{
log_message('error', "Session: Unable to open file '".$this->_file_path.$session_id."'.");
- return FALSE;
+ return $this->_failure;
}
if (flock($this->_file_handle, LOCK_EX) === FALSE)
@@ -170,7 +170,7 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle
log_message('error', "Session: Unable to obtain lock for file '".$this->_file_path.$session_id."'.");
fclose($this->_file_handle);
$this->_file_handle = NULL;
- return FALSE;
+ return $this->_failure;
}
// Needed by write() to detect session_regenerate_id() calls
@@ -183,6 +183,12 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle
return '';
}
}
+ // We shouldn't need this, but apparently we do ...
+ // See https://github.com/bcit-ci/CodeIgniter/issues/4039
+ elseif ($this->_file_handler === FALSE)
+ {
+ return $this->_failure;
+ }
else
{
rewind($this->_file_handle);
@@ -220,18 +226,18 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle
// and we need to close the old handle and open a new one
if ($session_id !== $this->_session_id && ( ! $this->close() OR $this->read($session_id) === FALSE))
{
- return FALSE;
+ return $this->_failure;
}
if ( ! is_resource($this->_file_handle))
{
- return FALSE;
+ return $this->_failure;
}
elseif ($this->_fingerprint === md5($session_data))
{
- return ($this->_file_new)
- ? TRUE
- : touch($this->_file_path.$session_id);
+ return ( ! $this->_file_new && ! touch($this->_file_path.$session_id))
+ ? $this->_failure
+ : $this->_success;
}
if ( ! $this->_file_new)
@@ -254,12 +260,12 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle
{
$this->_fingerprint = md5(substr($session_data, 0, $written));
log_message('error', 'Session: Unable to write data.');
- return FALSE;
+ return $this->_failure;
}
}
$this->_fingerprint = md5($session_data);
- return TRUE;
+ return $this->_success;
}
// ------------------------------------------------------------------------
@@ -279,10 +285,9 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle
fclose($this->_file_handle);
$this->_file_handle = $this->_file_new = $this->_session_id = NULL;
- return TRUE;
}
- return TRUE;
+ return $this->_success;
}
// ------------------------------------------------------------------------
@@ -299,19 +304,31 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle
{
if ($this->close())
{
- return file_exists($this->_file_path.$session_id)
- ? (unlink($this->_file_path.$session_id) && $this->_cookie_destroy())
- : TRUE;
+ if (file_exists($this->_file_path.$session_id))
+ {
+ $this->_cookie_destroy();
+ return unlink($this->_file_path.$session_id)
+ ? $this->_success
+ : $this->_failure;
+ }
+
+ return $this->_success;
}
elseif ($this->_file_path !== NULL)
{
clearstatcache();
- return file_exists($this->_file_path.$session_id)
- ? (unlink($this->_file_path.$session_id) && $this->_cookie_destroy())
- : TRUE;
+ if (file_exists($this->_file_path.$session_id))
+ {
+ $this->_cookie_destroy();
+ return unlink($this->_file_path.$session_id)
+ ? $this->_success
+ : $this->_failure;
+ }
+
+ return $this->_success;
}
- return FALSE;
+ return $this->_failure;
}
// ------------------------------------------------------------------------
@@ -329,7 +346,7 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle
if ( ! is_dir($this->_config['save_path']) OR ($directory = opendir($this->_config['save_path'])) === FALSE)
{
log_message('debug', "Session: Garbage collector couldn't list files under directory '".$this->_config['save_path']."'.");
- return FALSE;
+ return $this->_failure;
}
$ts = time() - $maxlifetime;
@@ -356,7 +373,7 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle
closedir($directory);
- return TRUE;
+ return $this->_success;
}
-}
+} \ No newline at end of file
diff --git a/system/libraries/Session/drivers/Session_memcached_driver.php b/system/libraries/Session/drivers/Session_memcached_driver.php
index 97b860588..760239dfb 100644
--- a/system/libraries/Session/drivers/Session_memcached_driver.php
+++ b/system/libraries/Session/drivers/Session_memcached_driver.php
@@ -117,7 +117,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa
{
$this->_memcached = NULL;
log_message('error', 'Session: Invalid Memcached save path format: '.$this->_config['save_path']);
- return FALSE;
+ return $this->_failure;
}
foreach ($matches as $match)
@@ -142,10 +142,10 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa
if (empty($server_list))
{
log_message('error', 'Session: Memcached server pool is empty.');
- return FALSE;
+ return $this->_failure;
}
- return TRUE;
+ return $this->_success;
}
// ------------------------------------------------------------------------
@@ -170,7 +170,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa
return $session_data;
}
- return FALSE;
+ return $this->_failure;
}
// ------------------------------------------------------------------------
@@ -188,14 +188,14 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa
{
if ( ! isset($this->_memcached))
{
- return FALSE;
+ return $this->_failure;
}
// Was the ID regenerated?
elseif ($session_id !== $this->_session_id)
{
if ( ! $this->_release_lock() OR ! $this->_get_lock($session_id))
{
- return FALSE;
+ return $this->_failure;
}
$this->_fingerprint = md5('');
@@ -210,16 +210,18 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa
if ($this->_memcached->set($this->_key_prefix.$session_id, $session_data, $this->_config['expiration']))
{
$this->_fingerprint = $fingerprint;
- return TRUE;
+ return $this->_success;
}
- return FALSE;
+ return $this->_failure;
}
- return $this->_memcached->touch($this->_key_prefix.$session_id, $this->_config['expiration']);
+ return $this->_memcached->touch($this->_key_prefix.$session_id, $this->_config['expiration'])
+ ? $this->_success
+ : $this->_failure;
}
- return FALSE;
+ return $this->_failure;
}
// ------------------------------------------------------------------------
@@ -238,14 +240,14 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa
isset($this->_lock_key) && $this->_memcached->delete($this->_lock_key);
if ( ! $this->_memcached->quit())
{
- return FALSE;
+ return $this->_failure;
}
$this->_memcached = NULL;
- return TRUE;
+ return $this->_success;
}
- return FALSE;
+ return $this->_failure;
}
// ------------------------------------------------------------------------
@@ -263,10 +265,11 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa
if (isset($this->_memcached, $this->_lock_key))
{
$this->_memcached->delete($this->_key_prefix.$session_id);
- return $this->_cookie_destroy();
+ $this->_cookie_destroy();
+ return $this->_success;
}
- return FALSE;
+ return $this->_failure;
}
// ------------------------------------------------------------------------
@@ -282,7 +285,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa
public function gc($maxlifetime)
{
// Not necessary, Memcached takes care of that.
- return TRUE;
+ return $this->_success;
}
// ------------------------------------------------------------------------
@@ -299,7 +302,9 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa
{
if (isset($this->_lock_key))
{
- return $this->_memcached->replace($this->_lock_key, time(), 300);
+ return ($this->_memcached->replace($this->_lock_key, time(), 300))
+ ? $this->_success
+ : $this->_failure;
}
// 30 attempts to obtain a lock, in case another request already has it
@@ -316,7 +321,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa
if ( ! $this->_memcached->set($lock_key, time(), 300))
{
log_message('error', 'Session: Error while trying to obtain lock for '.$this->_key_prefix.$session_id);
- return FALSE;
+ return $this->_failure;
}
$this->_lock_key = $lock_key;
@@ -327,11 +332,11 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa
if ($attempt === 30)
{
log_message('error', 'Session: Unable to obtain lock for '.$this->_key_prefix.$session_id.' after 30 attempts, aborting.');
- return FALSE;
+ return $this->_failure;
}
$this->_lock = TRUE;
- return TRUE;
+ return $this->_success;
}
// ------------------------------------------------------------------------
diff --git a/system/libraries/Session/drivers/Session_redis_driver.php b/system/libraries/Session/drivers/Session_redis_driver.php
index 4fa6c28b3..2395df1b5 100644
--- a/system/libraries/Session/drivers/Session_redis_driver.php
+++ b/system/libraries/Session/drivers/Session_redis_driver.php
@@ -136,7 +136,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle
{
if (empty($this->_config['save_path']))
{
- return FALSE;
+ return $this->_failure;
}
$redis = new Redis();
@@ -161,7 +161,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle
else
{
$this->_redis = $redis;
- return TRUE;
+ return $this->_success;
}
}
else
@@ -169,7 +169,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle
log_message('error', 'Session: Unable to connect to Redis with the configured settings.');
}
- return FALSE;
+ return $this->_failure;
}
// ------------------------------------------------------------------------
@@ -194,7 +194,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle
return $session_data;
}
- return FALSE;
+ return $this->_failure;
}
// ------------------------------------------------------------------------
@@ -212,14 +212,14 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle
{
if ( ! isset($this->_redis))
{
- return FALSE;
+ return $this->_failure;
}
// Was the ID regenerated?
elseif ($session_id !== $this->_session_id)
{
if ( ! $this->_release_lock() OR ! $this->_get_lock($session_id))
{
- return FALSE;
+ return $this->_failure;
}
$this->_fingerprint = md5('');
@@ -234,16 +234,18 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle
if ($this->_redis->set($this->_key_prefix.$session_id, $session_data, $this->_config['expiration']))
{
$this->_fingerprint = $fingerprint;
- return TRUE;
+ return $this->_success;
}
- return FALSE;
+ return $this->_failure;
}
- return $this->_redis->setTimeout($this->_key_prefix.$session_id, $this->_config['expiration']);
+ return ($this->_redis->setTimeout($this->_key_prefix.$session_id, $this->_config['expiration']))
+ ? $this->_success
+ : $this->_failure;
}
- return FALSE;
+ return $this->_failure;
}
// ------------------------------------------------------------------------
@@ -265,7 +267,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle
isset($this->_lock_key) && $this->_redis->delete($this->_lock_key);
if ( ! $this->_redis->close())
{
- return FALSE;
+ return $this->_failure;
}
}
}
@@ -275,10 +277,10 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle
}
$this->_redis = NULL;
- return TRUE;
+ return $this->_success;
}
- return TRUE;
+ return $this->_success;
}
// ------------------------------------------------------------------------
@@ -300,10 +302,11 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle
log_message('debug', 'Session: Redis::delete() expected to return 1, got '.var_export($result, TRUE).' instead.');
}
- return $this->_cookie_destroy();
+ $this->_cookie_destroy();
+ return $this->_success;
}
- return FALSE;
+ return $this->_failure;
}
// ------------------------------------------------------------------------
@@ -319,7 +322,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle
public function gc($maxlifetime)
{
// Not necessary, Redis takes care of that.
- return TRUE;
+ return $this->_success;
}
// ------------------------------------------------------------------------