summaryrefslogtreecommitdiffstats
path: root/system
diff options
context:
space:
mode:
Diffstat (limited to 'system')
-rwxr-xr-xsystem/core/CodeIgniter.php2
-rw-r--r--system/core/Common.php30
-rwxr-xr-xsystem/core/Input.php8
-rwxr-xr-xsystem/core/Lang.php4
-rwxr-xr-xsystem/core/Loader.php2
-rwxr-xr-xsystem/core/Security.php38
-rwxr-xr-xsystem/core/URI.php4
-rw-r--r--system/database/DB_active_rec.php2
-rw-r--r--system/database/DB_driver.php19
-rw-r--r--system/database/drivers/mysql/mysql_result.php4
-rw-r--r--system/database/drivers/mysqli/mysqli_result.php4
-rw-r--r--system/database/drivers/oci8/oci8_driver.php1
-rw-r--r--system/database/drivers/odbc/odbc_driver.php2
-rw-r--r--system/helpers/date_helper.php172
-rw-r--r--system/helpers/form_helper.php7
-rw-r--r--system/helpers/typography_helper.php10
-rwxr-xr-x[-rw-r--r--]system/helpers/url_helper.php4
-rw-r--r--system/language/english/migration_lang.php2
-rw-r--r--system/libraries/Image_lib.php2
-rw-r--r--system/libraries/Migration.php2
20 files changed, 190 insertions, 129 deletions
diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php
index 0a1391d18..aca4fb23c 100755
--- a/system/core/CodeIgniter.php
+++ b/system/core/CodeIgniter.php
@@ -39,7 +39,7 @@
* @var string
*
*/
- define('CI_VERSION', '2.0.2');
+ define('CI_VERSION', '2.1.0-dev');
/**
* CodeIgniter Branch (Core = TRUE, Reactor = FALSE)
diff --git a/system/core/Common.php b/system/core/Common.php
index db9fbeb9f..d79375475 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -132,9 +132,9 @@ if ( ! function_exists('load_class'))
$name = FALSE;
- // Look for the class first in the native system/libraries folder
- // thenin the local application/libraries folder
- foreach (array(BASEPATH, APPPATH) as $path)
+ // Look for the class first in the local application/libraries folder
+ // then in the native system/libraries folder
+ foreach (array(APPPATH, BASEPATH) as $path)
{
if (file_exists($path.$directory.'/'.$class.'.php'))
{
@@ -536,5 +536,29 @@ if ( ! function_exists('remove_invisible_characters'))
}
}
+// ------------------------------------------------------------------------
+
+/**
+* Returns HTML escaped variable
+*
+* @access public
+* @param mixed
+* @return mixed
+*/
+if ( ! function_exists('html_escape'))
+{
+ function html_escape($var)
+ {
+ if (is_array($var))
+ {
+ return array_map('html_escape', $var);
+ }
+ else
+ {
+ return htmlspecialchars($var, ENT_QUOTES, config_item('charset'));
+ }
+ }
+}
+
/* End of file Common.php */
/* Location: ./system/core/Common.php */ \ No newline at end of file
diff --git a/system/core/Input.php b/system/core/Input.php
index 5a033e7b8..0dc2c4550 100755
--- a/system/core/Input.php
+++ b/system/core/Input.php
@@ -323,13 +323,13 @@ class CI_Input {
$this->ip_address = in_array($_SERVER['REMOTE_ADDR'], $proxies) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR'];
}
- elseif ($this->server('REMOTE_ADDR') AND $this->server('HTTP_CLIENT_IP'))
+ elseif (! $this->server('HTTP_CLIENT_IP') AND $this->server('REMOTE_ADDR'))
{
- $this->ip_address = $_SERVER['HTTP_CLIENT_IP'];
+ $this->ip_address = $_SERVER['REMOTE_ADDR'];
}
- elseif ($this->server('REMOTE_ADDR'))
+ elseif ($this->server('REMOTE_ADDR') AND $this->server('HTTP_CLIENT_IP'))
{
- $this->ip_address = $_SERVER['REMOTE_ADDR'];
+ $this->ip_address = $_SERVER['HTTP_CLIENT_IP'];
}
elseif ($this->server('HTTP_CLIENT_IP'))
{
diff --git a/system/core/Lang.php b/system/core/Lang.php
index 5ac671838..d61d1029a 100755
--- a/system/core/Lang.php
+++ b/system/core/Lang.php
@@ -112,7 +112,7 @@ class CI_Lang {
}
- if ( ! isset($lang))
+ if ( ! isset($lang) OR ! is_array($lang))
{
log_message('error', 'Language file contains no data: language/'.$idiom.'/'.$langfile);
return;
@@ -124,7 +124,7 @@ class CI_Lang {
}
$this->is_loaded[] = $langfile;
- $this->language = array_merge($this->language, $lang);
+ $this->language = $this->language + $lang;
unset($lang);
log_message('debug', 'Language file loaded: language/'.$idiom.'/'.$langfile);
diff --git a/system/core/Loader.php b/system/core/Loader.php
index 452dc0b4c..de0fc06d2 100755
--- a/system/core/Loader.php
+++ b/system/core/Loader.php
@@ -1106,7 +1106,7 @@ class CI_Loader {
* @param array
* @return void
*/
- private function _ci_autoloader()
+ protected function _ci_autoloader()
{
if (defined('ENVIRONMENT') AND file_exists(APPPATH.'config/'.ENVIRONMENT.'/autoload.php'))
{
diff --git a/system/core/Security.php b/system/core/Security.php
index dcc680a11..e99418bdd 100755
--- a/system/core/Security.php
+++ b/system/core/Security.php
@@ -33,6 +33,7 @@ class CI_Security {
* @access protected
*/
protected $_xss_hash = '';
+
/**
* Random Hash for Cross Site Request Forgery Protection Cookie
*
@@ -40,6 +41,7 @@ class CI_Security {
* @access protected
*/
protected $_csrf_hash = '';
+
/**
* Expiration time for Cross Site Request Forgery Protection Cookie
* Defaults to two hours (in seconds)
@@ -48,6 +50,7 @@ class CI_Security {
* @access protected
*/
protected $_csrf_expire = 7200;
+
/**
* Token name for Cross Site Request Forgery Protection Cookie
*
@@ -55,6 +58,7 @@ class CI_Security {
* @access protected
*/
protected $_csrf_token_name = 'ci_csrf_token';
+
/**
* Cookie name for Cross Site Request Forgery Protection Cookie
*
@@ -62,12 +66,14 @@ class CI_Security {
* @access protected
*/
protected $_csrf_cookie_name = 'ci_csrf_token';
+
/**
* List of never allowed strings
*
* @var array
* @access protected
*/
+
protected $_never_allowed_str = array(
'document.cookie' => '[removed]',
'document.write' => '[removed]',
@@ -80,7 +86,6 @@ class CI_Security {
'<![CDATA[' => '&lt;![CDATA['
);
- /* never allowed, regex replacement */
/**
* List of never allowed regex replacement
*
@@ -134,6 +139,16 @@ class CI_Security {
{
return $this->csrf_set_cookie();
}
+
+ // Check if URI has been whitelisted from CSRF checks
+ if ($exclude_uris = config_item('csrf_exclude_uris'))
+ {
+ $uri = load_class('URI', 'core');
+ if (in_array($uri->uri_string(), $exclude_uris))
+ {
+ return $this;
+ }
+ }
// Do the tokens exist in both the _POST and _COOKIE arrays?
if ( ! isset($_POST[$this->_csrf_token_name]) OR
@@ -156,9 +171,9 @@ class CI_Security {
unset($_COOKIE[$this->_csrf_cookie_name]);
$this->_csrf_set_hash();
$this->csrf_set_cookie();
-
- log_message('debug', "CSRF token verified ");
-
+
+ log_message('debug', "CSRF token verified");
+
return $this;
}
@@ -510,9 +525,17 @@ class CI_Security {
* @param string
* @return string
*/
- public function entity_decode($str, $charset='UTF-8')
+ public function entity_decode($str, $charset = NULL)
{
- if (stristr($str, '&') === FALSE) return $str;
+ if (stristr($str, '&') === FALSE)
+ {
+ return $str;
+ }
+
+ if (empty($charset))
+ {
+ $charset = config_item('charset');
+ }
// The reason we are not using html_entity_decode() by itself is because
// while it is not technically correct to leave out the semicolon
@@ -869,7 +892,6 @@ class CI_Security {
}
}
-// END Security Class
/* End of file Security.php */
-/* Location: ./system/libraries/Security.php */
+/* Location: ./system/libraries/Security.php */ \ No newline at end of file
diff --git a/system/core/URI.php b/system/core/URI.php
index a3ae20cc3..8946bc76b 100755
--- a/system/core/URI.php
+++ b/system/core/URI.php
@@ -175,7 +175,7 @@ class CI_URI {
* @access private
* @return string
*/
- private function _detect_uri()
+ protected function _detect_uri()
{
if ( ! isset($_SERVER['REQUEST_URI']) OR ! isset($_SERVER['SCRIPT_NAME']))
{
@@ -232,7 +232,7 @@ class CI_URI {
* @access private
* @return string
*/
- private function _parse_cli_args()
+ protected function _parse_cli_args()
{
$args = array_slice($_SERVER['argv'], 1);
diff --git a/system/database/DB_active_rec.php b/system/database/DB_active_rec.php
index 37d162bc1..89766e304 100644
--- a/system/database/DB_active_rec.php
+++ b/system/database/DB_active_rec.php
@@ -894,7 +894,7 @@ class CI_DB_active_record extends CI_DB_driver {
*/
public function offset($offset)
{
- $this->ar_offset = $offset;
+ $this->ar_offset = (int) $offset;
return $this;
}
diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php
index f9bf118fb..f3c6e41ad 100644
--- a/system/database/DB_driver.php
+++ b/system/database/DB_driver.php
@@ -251,9 +251,10 @@ class CI_DB_driver {
{
if ($sql == '')
{
+ log_message('error', 'Invalid query: '.$sql);
+
if ($this->db_debug)
{
- log_message('error', 'Invalid query: '.$sql);
return $this->display_error('db_invalid_query');
}
return FALSE;
@@ -306,21 +307,23 @@ class CI_DB_driver {
// This will trigger a rollback if transactions are being used
$this->_trans_status = FALSE;
+ // Grab the error number and message now, as we might run some
+ // additional queries before displaying the error
+ $error_no = $this->_error_number();
+ $error_msg = $this->_error_message();
+
+ // Log errors
+ log_message('error', 'Query error: '.$error_msg);
+
if ($this->db_debug)
{
- // grab the error number and message now, as we might run some
- // additional queries before displaying the error
- $error_no = $this->_error_number();
- $error_msg = $this->_error_message();
-
// We call this function in order to roll-back queries
// if transactions are enabled. If we don't call this here
// the error message will trigger an exit, causing the
// transactions to remain in limbo.
$this->trans_complete();
- // Log and display errors
- log_message('error', 'Query error: '.$error_msg);
+ // Display errors
return $this->display_error(
array(
'Error Number: '.$error_no,
diff --git a/system/database/drivers/mysql/mysql_result.php b/system/database/drivers/mysql/mysql_result.php
index 2d2905c98..6ceaf4b9b 100644
--- a/system/database/drivers/mysql/mysql_result.php
+++ b/system/database/drivers/mysql/mysql_result.php
@@ -86,10 +86,10 @@ class CI_DB_mysql_result extends CI_DB_result {
$retval = array();
while ($field = mysql_fetch_object($this->result_id))
{
- preg_match('/([a-zA-Z]+)\((\d+)\)/', $field->Type, $matches);
+ preg_match('/([a-zA-Z]+)(\((\d+)\))?/i', $field->Type, $matches);
$type = $matches[1];
- $length = (int)$matches[2];
+ $length = isset($matches[3]) ? (int) $matches[3] : NULL;
$F = new stdClass();
$F->name = $field->Field;
diff --git a/system/database/drivers/mysqli/mysqli_result.php b/system/database/drivers/mysqli/mysqli_result.php
index ac863056a..bbfb8481a 100644
--- a/system/database/drivers/mysqli/mysqli_result.php
+++ b/system/database/drivers/mysqli/mysqli_result.php
@@ -86,10 +86,10 @@ class CI_DB_mysqli_result extends CI_DB_result {
$retval = array();
while ($field = mysqli_fetch_object($this->result_id))
{
- preg_match('/([a-zA-Z]+)\((\d+)\)/', $field->Type, $matches);
+ preg_match('/([a-zA-Z]+)(\((\d+)\))?/i', $field->Type, $matches);
$type = $matches[1];
- $length = (int)$matches[2];
+ $length = isset($matches[3]) ? (int) $matches[3] : NULL;
$F = new stdClass();
$F->name = $field->Field;
diff --git a/system/database/drivers/oci8/oci8_driver.php b/system/database/drivers/oci8/oci8_driver.php
index 42cfaaefb..d4adfd528 100644
--- a/system/database/drivers/oci8/oci8_driver.php
+++ b/system/database/drivers/oci8/oci8_driver.php
@@ -404,6 +404,7 @@ class CI_DB_oci8_driver extends CI_DB {
}
$str = remove_invisible_characters($str);
+ $str = str_replace("'", "''", $str);
// escape LIKE condition wildcards
if ($like === TRUE)
diff --git a/system/database/drivers/odbc/odbc_driver.php b/system/database/drivers/odbc/odbc_driver.php
index 5e764e071..08cd27b6c 100644
--- a/system/database/drivers/odbc/odbc_driver.php
+++ b/system/database/drivers/odbc/odbc_driver.php
@@ -50,7 +50,7 @@ class CI_DB_odbc_driver extends CI_DB {
function CI_DB_odbc_driver($params)
{
- parent::CI_DB($params);
+ parent::CI_DB_driver($params);
$this->_random_keyword = ' RND('.time().')'; // database specific random keyword
}
diff --git a/system/helpers/date_helper.php b/system/helpers/date_helper.php
index 6c559bb25..e14bc2f94 100644
--- a/system/helpers/date_helper.php
+++ b/system/helpers/date_helper.php
@@ -54,10 +54,8 @@ if ( ! function_exists('now'))
return $system_time;
}
- else
- {
- return time();
- }
+
+ return time();
}
}
@@ -85,12 +83,18 @@ if ( ! function_exists('mdate'))
function mdate($datestr = '', $time = '')
{
if ($datestr == '')
- return '';
+ {
+ return '';
+ }
- if ($time == '')
- $time = now();
+ $time = ($time == '') ? now() : $time;
+
+ $datestr = str_replace(
+ '%\\',
+ '',
+ preg_replace("/([a-z]+?){1}/i", "\\\\\\1", $datestr)
+ );
- $datestr = str_replace('%\\', '', preg_replace("/([a-z]+?){1}/i", "\\\\\\1", $datestr));
return date($datestr, $time);
}
}
@@ -162,14 +166,7 @@ if ( ! function_exists('timespan'))
$time = time();
}
- if ($time <= $seconds)
- {
- $seconds = 1;
- }
- else
- {
- $seconds = $time - $seconds;
- }
+ $seconds = ($time <= $seconds) ? 1 : $time - $seconds;
$str = '';
$years = floor($seconds / 31536000);
@@ -303,9 +300,18 @@ if ( ! function_exists('local_to_gmt'))
function local_to_gmt($time = '')
{
if ($time == '')
+ {
$time = time();
-
- return mktime( gmdate("H", $time), gmdate("i", $time), gmdate("s", $time), gmdate("m", $time), gmdate("d", $time), gmdate("Y", $time));
+ }
+
+ return mktime(
+ gmdate("H", $time),
+ gmdate("i", $time),
+ gmdate("s", $time),
+ gmdate("m", $time),
+ gmdate("d", $time),
+ gmdate("Y", $time)
+ );
}
}
@@ -366,14 +372,14 @@ if ( ! function_exists('mysql_to_unix'))
$time = str_replace(' ', '', $time);
// YYYYMMDDHHMMSS
- return mktime(
- substr($time, 8, 2),
- substr($time, 10, 2),
- substr($time, 12, 2),
- substr($time, 4, 2),
- substr($time, 6, 2),
- substr($time, 0, 4)
- );
+ return mktime(
+ substr($time, 8, 2),
+ substr($time, 10, 2),
+ substr($time, 12, 2),
+ substr($time, 4, 2),
+ substr($time, 6, 2),
+ substr($time, 0, 4)
+ );
}
}
@@ -475,13 +481,19 @@ if ( ! function_exists('human_to_unix'))
$ampm = strtolower($split['2']);
if (substr($ampm, 0, 1) == 'p' AND $hour < 12)
- $hour = $hour + 12;
+ {
+ $hour = $hour + 12;
+ }
if (substr($ampm, 0, 1) == 'a' AND $hour == 12)
+ {
$hour = '00';
-
+ }
+
if (strlen($hour) == 1)
- $hour = '0'.$hour;
+ {
+ $hour = '0'.$hour;
+ }
}
return mktime($hour, $min, $sec, $month, $day, $year);
@@ -501,16 +513,16 @@ if ( ! function_exists('human_to_unix'))
*/
if ( ! function_exists('nice_date'))
{
- function nice_date($bad_date='', $format=false)
+ function nice_date($bad_date = '', $format = FALSE)
{
if (empty($bad_date))
{
return 'Unknown';
}
+
// Date like: YYYYMM
- if (preg_match('/^\d{6}$/',$bad_date))
+ if (preg_match('/^\d{6}$/', $bad_date))
{
- //echo $bad_date." ";
if (in_array(substr($bad_date, 0, 2),array('19', '20')))
{
$year = substr($bad_date, 0, 4);
@@ -521,8 +533,8 @@ if ( ! function_exists('nice_date'))
$month = substr($bad_date, 0, 2);
$year = substr($bad_date, 2, 4);
}
+
return date($format, strtotime($year . '-' . $month . '-01'));
-
}
// Date Like: YYYYMMDD
@@ -531,6 +543,7 @@ if ( ! function_exists('nice_date'))
$month = substr($bad_date, 0, 2);
$day = substr($bad_date, 2, 2);
$year = substr($bad_date, 4, 4);
+
return date($format, strtotime($month . '/01/' . $year));
}
@@ -574,8 +587,7 @@ if ( ! function_exists('timezone_menu'))
$CI =& get_instance();
$CI->lang->load('date');
- if ($default == 'GMT')
- $default = 'UTC';
+ $default = ($default == 'GMT') ? 'UTC' : $default;
$menu = '<select name="'.$name.'"';
@@ -618,60 +630,58 @@ if ( ! function_exists('timezones'))
// some items appear to be in the wrong order
$zones = array(
- 'UM12' => -12,
- 'UM11' => -11,
- 'UM10' => -10,
- 'UM95' => -9.5,
- 'UM9' => -9,
- 'UM8' => -8,
- 'UM7' => -7,
- 'UM6' => -6,
- 'UM5' => -5,
- 'UM45' => -4.5,
- 'UM4' => -4,
- 'UM35' => -3.5,
- 'UM3' => -3,
- 'UM2' => -2,
- 'UM1' => -1,
- 'UTC' => 0,
- 'UP1' => +1,
- 'UP2' => +2,
- 'UP3' => +3,
- 'UP35' => +3.5,
- 'UP4' => +4,
- 'UP45' => +4.5,
- 'UP5' => +5,
- 'UP55' => +5.5,
- 'UP575' => +5.75,
- 'UP6' => +6,
- 'UP65' => +6.5,
- 'UP7' => +7,
- 'UP8' => +8,
- 'UP875' => +8.75,
- 'UP9' => +9,
- 'UP95' => +9.5,
- 'UP10' => +10,
- 'UP105' => +10.5,
- 'UP11' => +11,
- 'UP115' => +11.5,
- 'UP12' => +12,
- 'UP1275' => +12.75,
- 'UP13' => +13,
- 'UP14' => +14
- );
+ 'UM12' => -12,
+ 'UM11' => -11,
+ 'UM10' => -10,
+ 'UM95' => -9.5,
+ 'UM9' => -9,
+ 'UM8' => -8,
+ 'UM7' => -7,
+ 'UM6' => -6,
+ 'UM5' => -5,
+ 'UM45' => -4.5,
+ 'UM4' => -4,
+ 'UM35' => -3.5,
+ 'UM3' => -3,
+ 'UM2' => -2,
+ 'UM1' => -1,
+ 'UTC' => 0,
+ 'UP1' => +1,
+ 'UP2' => +2,
+ 'UP3' => +3,
+ 'UP35' => +3.5,
+ 'UP4' => +4,
+ 'UP45' => +4.5,
+ 'UP5' => +5,
+ 'UP55' => +5.5,
+ 'UP575' => +5.75,
+ 'UP6' => +6,
+ 'UP65' => +6.5,
+ 'UP7' => +7,
+ 'UP8' => +8,
+ 'UP875' => +8.75,
+ 'UP9' => +9,
+ 'UP95' => +9.5,
+ 'UP10' => +10,
+ 'UP105' => +10.5,
+ 'UP11' => +11,
+ 'UP115' => +11.5,
+ 'UP12' => +12,
+ 'UP1275' => +12.75,
+ 'UP13' => +13,
+ 'UP14' => +14
+ );
if ($tz == '')
{
return $zones;
}
-
- if ($tz == 'GMT')
- $tz = 'UTC';
-
+
+ $tz = ($tz == 'GMT') ? 'UTC' : $tz;
+
return ( ! isset($zones[$tz])) ? 0 : $zones[$tz];
}
}
-
/* End of file date_helper.php */
/* Location: ./system/helpers/date_helper.php */ \ No newline at end of file
diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php
index d9305c00b..130daee6a 100644
--- a/system/helpers/form_helper.php
+++ b/system/helpers/form_helper.php
@@ -642,11 +642,8 @@ if ( ! function_exists('form_prep'))
{
return $str;
}
-
- $str = htmlspecialchars($str);
-
- // In case htmlspecialchars misses these.
- $str = str_replace(array("'", '"'), array("&#39;", "&quot;"), $str);
+
+ $str = html_escape($str);
if ($field_name != '')
{
diff --git a/system/helpers/typography_helper.php b/system/helpers/typography_helper.php
index 19b4eec03..82e686e53 100644
--- a/system/helpers/typography_helper.php
+++ b/system/helpers/typography_helper.php
@@ -39,9 +39,7 @@ if ( ! function_exists('nl2br_except_pre'))
function nl2br_except_pre($str)
{
$CI =& get_instance();
-
$CI->load->library('typography');
-
return $CI->typography->nl2br_except_pre($str);
}
}
@@ -82,9 +80,15 @@ if ( ! function_exists('auto_typography'))
*/
if ( ! function_exists('entity_decode'))
{
- function entity_decode($str, $charset='UTF-8')
+ function entity_decode($str, $charset = NULL)
{
global $SEC;
+
+ if (empty($charset))
+ {
+ $charset = config_item('charset');
+ }
+
return $SEC->entity_decode($str, $charset);
}
}
diff --git a/system/helpers/url_helper.php b/system/helpers/url_helper.php
index 9f4b85248..c524dddd1 100644..100755
--- a/system/helpers/url_helper.php
+++ b/system/helpers/url_helper.php
@@ -512,7 +512,7 @@ if ( ! function_exists('url_title'))
$str = strtolower($str);
}
- return trim(stripslashes($str));
+ return trim(trim(stripslashes($str)), $replace);
}
}
@@ -527,7 +527,7 @@ if ( ! function_exists('url_title'))
*
* @access public
* @param string the URL
- * @param string the method: location or redirect
+ * @param string the method: location or refresh
* @return string
*/
if ( ! function_exists('redirect'))
diff --git a/system/language/english/migration_lang.php b/system/language/english/migration_lang.php
index 4763ca243..94cb882fb 100644
--- a/system/language/english/migration_lang.php
+++ b/system/language/english/migration_lang.php
@@ -5,7 +5,7 @@ $lang['migration_not_found'] = "This migration could not be found.";
$lang['migration_multiple_version'] = "This are multiple migrations with the same version number: %d.";
$lang['migration_class_doesnt_exist'] = "The migration class \"%s\" could not be found.";
$lang['migration_missing_up_method'] = "The migration class \"%s\" is missing an 'up' method.";
-$lang['migration_missing_down_method'] = "The migration class \"%s\" is missing an 'up' method.";
+$lang['migration_missing_down_method'] = "The migration class \"%s\" is missing a 'down' method.";
$lang['migration_invalid_filename'] = "Migration \"%s\" has an invalid filename.";
diff --git a/system/libraries/Image_lib.php b/system/libraries/Image_lib.php
index 8902f524d..a8a0387d8 100644
--- a/system/libraries/Image_lib.php
+++ b/system/libraries/Image_lib.php
@@ -1334,7 +1334,7 @@ class CI_Image_lib {
return FALSE;
}
- $vals = @getimagesize($path);
+ $vals = getimagesize($path);
$types = array(1 => 'gif', 2 => 'jpeg', 3 => 'png');
diff --git a/system/libraries/Migration.php b/system/libraries/Migration.php
index 3943ec130..3734e18f5 100644
--- a/system/libraries/Migration.php
+++ b/system/libraries/Migration.php
@@ -57,7 +57,7 @@ class CI_Migration {
}
// If not set, set it
- $this->_migration_path == '' OR $this->_migration_path = APPPATH . 'migrations/';
+ $this->_migration_path == '' AND $this->_migration_path = APPPATH . 'migrations/';
// Add trailing slash if not set
$this->_migration_path = rtrim($this->_migration_path, '/').'/';