summaryrefslogtreecommitdiffstats
path: root/system
diff options
context:
space:
mode:
Diffstat (limited to 'system')
-rw-r--r--system/libraries/Email.php34
-rwxr-xr-xsystem/libraries/Session/drivers/Session_cookie.php47
-rwxr-xr-xsystem/libraries/Session/drivers/Session_native.php20
3 files changed, 57 insertions, 44 deletions
diff --git a/system/libraries/Email.php b/system/libraries/Email.php
index 08057f2f7..bc9d62eb4 100644
--- a/system/libraries/Email.php
+++ b/system/libraries/Email.php
@@ -292,16 +292,7 @@ class CI_Email {
$this->set_header('To', implode(', ', $to));
}
- switch ($this->_get_protocol())
- {
- case 'smtp':
- $this->_recipients = $to;
- break;
- case 'sendmail':
- case 'mail':
- $this->_recipients = implode(', ', $to);
- break;
- }
+ $this->_recipients = $to;
return $this;
}
@@ -763,7 +754,7 @@ class CI_Email {
{
if ($this->alt_message !== '')
{
- return $this->word_wrap($this->alt_message, '76');
+ return $this->word_wrap($this->alt_message, 76);
}
$body = preg_match('/\<body.*?\>(.*)\<\/body\>/si', $this->_body, $match) ? $match[1] : $this->_body;
@@ -786,12 +777,12 @@ class CI_Email {
* @param int
* @return string
*/
- public function word_wrap($str, $charlim = '')
+ public function word_wrap($str, $charlim = NULL)
{
- // Se the character limit
- if ($charlim === '')
+ // Set the character limit, if not already present
+ if (empty($charlim))
{
- $charlim = ($this->wrapchars === '') ? 76 : $this->wrapchars;
+ $charlim = empty($this->wrapchars) ? 76 : $this->wrapchars;
}
// Reduce multiple spaces
@@ -1105,6 +1096,10 @@ class CI_Email {
*/
protected function _prep_quoted_printable($str)
{
+ // We are intentionally wrapping so mail servers will encode characters
+ // properly and MUAs will behave, so {unwrap} must go!
+ $str = str_replace(array('{unwrap}', '{/unwrap}'), '', $str);
+
// RFC 2045 specifies CRLF as "\r\n".
// However, many developers choose to override that and violate
// the RFC rules due to (apparently) a bug in MS Exchange,
@@ -1130,10 +1125,6 @@ class CI_Email {
$str = str_replace(array("\r\n", "\r"), "\n", $str);
}
- // We are intentionally wrapping so mail servers will encode characters
- // properly and MUAs will behave, so {unwrap} must go!
- $str = str_replace(array('{unwrap}', '{/unwrap}'), '', $str);
-
$escape = '=';
$output = '';
@@ -1408,6 +1399,11 @@ class CI_Email {
*/
protected function _send_with_mail()
{
+ if (is_array($this->_recipients))
+ {
+ $this->_recipients = implode(', ', $this->_recipients);
+ }
+
if ($this->_safe_mode === TRUE)
{
return mail($this->_recipients, $this->_subject, $this->_finalbody, $this->_header_str);
diff --git a/system/libraries/Session/drivers/Session_cookie.php b/system/libraries/Session/drivers/Session_cookie.php
index 5bb1f7aa6..8617aec2d 100755
--- a/system/libraries/Session/drivers/Session_cookie.php
+++ b/system/libraries/Session/drivers/Session_cookie.php
@@ -308,7 +308,7 @@ class CI_Session_cookie extends CI_Session_driver {
}
// Kill the cookie
- $this->_setcookie($this->sess_cookie_name, addslashes(serialize(array())), ($this->now - 31500000),
+ $this->_setcookie($this->sess_cookie_name, '', ($this->now - 31500000),
$this->cookie_path, $this->cookie_domain, 0);
// Kill session data
@@ -372,27 +372,31 @@ class CI_Session_cookie extends CI_Session_driver {
return FALSE;
}
+ $len = strlen($session) - 40;
+
+ if ($len < 0)
+ {
+ log_message('debug', 'The session cookie was not signed.');
+ return FALSE;
+ }
+
+ // Check cookie authentication
+ $hmac = substr($session, $len);
+ $session = substr($session, 0, $len);
+
+ if ($hmac !== hash_hmac('sha1', $session, $this->encryption_key))
+ {
+ log_message('error', 'The session cookie data did not match what was expected.');
+ $this->sess_destroy();
+ return FALSE;
+ }
+
// Check for encryption
if ($this->sess_encrypt_cookie === TRUE)
{
// Decrypt the cookie data
$session = $this->CI->encrypt->decode($session);
}
- else
- {
- // Encryption was not used, so we need to check the md5 hash in the last 32 chars
- $len = strlen($session)-32;
- $hash = substr($session, $len);
- $session = substr($session, 0, $len);
-
- // Does the md5 hash match? This is to prevent manipulation of session data in userspace
- if ($hash !== md5($session.$this->encryption_key))
- {
- log_message('error', 'The session cookie data did not match what was expected. This could be a possible hacking attempt.');
- $this->sess_destroy();
- return FALSE;
- }
- }
// Unserialize the session array
$session = $this->_unserialize($session);
@@ -658,10 +662,13 @@ class CI_Session_cookie extends CI_Session_driver {
// Serialize the userdata for the cookie
$cookie_data = $this->_serialize($cookie_data);
- $cookie_data = ($this->sess_encrypt_cookie === TRUE)
- ? $this->CI->encrypt->encode($cookie_data)
- // if encryption is not used, we provide an md5 hash to prevent userside tampering
- : $cookie_data.md5($cookie_data.$this->encryption_key);
+ if ($this->sess_encrypt_cookie === TRUE)
+ {
+ $cookie_data = $this->CI->encrypt->encode($cookie_data);
+ }
+
+ // Require message authentication
+ $cookie_data .= hash_hmac('sha1', $cookie_data, $this->encryption_key);
$expire = ($this->sess_expire_on_close === TRUE) ? 0 : $this->sess_expiration + time();
diff --git a/system/libraries/Session/drivers/Session_native.php b/system/libraries/Session/drivers/Session_native.php
index 6529d4c36..da744f39b 100755
--- a/system/libraries/Session/drivers/Session_native.php
+++ b/system/libraries/Session/drivers/Session_native.php
@@ -55,7 +55,9 @@ class CI_Session_native extends CI_Session_driver {
'sess_time_to_update',
'cookie_prefix',
'cookie_path',
- 'cookie_domain'
+ 'cookie_domain',
+ 'cookie_secure',
+ 'cookie_httponly'
);
foreach ($prefs as $key)
@@ -82,6 +84,9 @@ class CI_Session_native extends CI_Session_driver {
$expire = 7200;
$path = '/';
$domain = '';
+ $secure = (bool) $config['cookie_secure'];
+ $http_only = (bool) $config['cookie_httponly'];
+
if ($config['sess_expiration'] !== FALSE)
{
// Default to 2 years if expiration is "0"
@@ -99,7 +104,8 @@ class CI_Session_native extends CI_Session_driver {
// Use specified domain
$domain = $config['cookie_domain'];
}
- session_set_cookie_params($config['sess_expire_on_close'] ? 0 : $expire, $path, $domain);
+
+ session_set_cookie_params($config['sess_expire_on_close'] ? 0 : $expire, $path, $domain, $secure, $http_only);
// Start session
session_start();
@@ -137,8 +143,12 @@ class CI_Session_native extends CI_Session_driver {
if ($config['sess_time_to_update'] && isset($_SESSION['last_activity'])
&& ($_SESSION['last_activity'] + $config['sess_time_to_update']) < $now)
{
- // Regenerate ID, but don't destroy session
- $this->sess_regenerate(FALSE);
+ // Changing the session ID amidst a series of AJAX calls causes problems
+ if( ! $this->CI->input->is_ajax_request())
+ {
+ // Regenerate ID, but don't destroy session
+ $this->sess_regenerate(FALSE);
+ }
}
// Set activity time
@@ -189,7 +199,7 @@ class CI_Session_native extends CI_Session_driver {
{
// Clear session cookie
$params = session_get_cookie_params();
- setcookie($name, '', time() - 42000, $params['path'], $params['domain']);
+ setcookie($name, '', time() - 42000, $params['path'], $params['domain'], $params['secure'], $params['httponly']);
unset($_COOKIE[$name]);
}
session_destroy();