From 98c347de9f62a3427170f9f73a692d159765e8cf Mon Sep 17 00:00:00 2001 From: Nick Busey Date: Thu, 2 Feb 2012 11:07:03 -0700 Subject: Adding equal to greater than, equal to less than form validators. --- system/language/english/form_validation_lang.php | 48 ++++++++--------- system/libraries/Form_validation.php | 38 +++++++++++++- .../source/libraries/form_validation.rst | 60 ++++++++++++---------- 3 files changed, 94 insertions(+), 52 deletions(-) diff --git a/system/language/english/form_validation_lang.php b/system/language/english/form_validation_lang.php index 6afa37a29..2ee2cb9dd 100644 --- a/system/language/english/form_validation_lang.php +++ b/system/language/english/form_validation_lang.php @@ -25,29 +25,31 @@ * @filesource */ -$lang['required'] = "The %s field is required."; -$lang['isset'] = "The %s field must have a value."; -$lang['valid_email'] = "The %s field must contain a valid email address."; -$lang['valid_emails'] = "The %s field must contain all valid email addresses."; -$lang['valid_url'] = "The %s field must contain a valid URL."; -$lang['valid_ip'] = "The %s field must contain a valid IP."; -$lang['min_length'] = "The %s field must be at least %s characters in length."; -$lang['max_length'] = "The %s field cannot exceed %s characters in length."; -$lang['exact_length'] = "The %s field must be exactly %s characters in length."; -$lang['alpha'] = "The %s field may only contain alphabetical characters."; -$lang['alpha_numeric'] = "The %s field may only contain alpha-numeric characters."; -$lang['alpha_dash'] = "The %s field may only contain alpha-numeric characters, underscores, and dashes."; -$lang['numeric'] = "The %s field must contain only numbers."; -$lang['is_numeric'] = "The %s field must contain only numeric characters."; -$lang['integer'] = "The %s field must contain an integer."; -$lang['regex_match'] = "The %s field is not in the correct format."; -$lang['matches'] = "The %s field does not match the %s field."; -$lang['is_unique'] = "The %s field must contain a unique value."; -$lang['is_natural'] = "The %s field must contain only positive numbers."; -$lang['is_natural_no_zero'] = "The %s field must contain a number greater than zero."; -$lang['decimal'] = "The %s field must contain a decimal number."; -$lang['less_than'] = "The %s field must contain a number less than %s."; -$lang['greater_than'] = "The %s field must contain a number greater than %s."; +$lang['required'] = "The %s field is required."; +$lang['isset'] = "The %s field must have a value."; +$lang['valid_email'] = "The %s field must contain a valid email address."; +$lang['valid_emails'] = "The %s field must contain all valid email addresses."; +$lang['valid_url'] = "The %s field must contain a valid URL."; +$lang['valid_ip'] = "The %s field must contain a valid IP."; +$lang['min_length'] = "The %s field must be at least %s characters in length."; +$lang['max_length'] = "The %s field cannot exceed %s characters in length."; +$lang['exact_length'] = "The %s field must be exactly %s characters in length."; +$lang['alpha'] = "The %s field may only contain alphabetical characters."; +$lang['alpha_numeric'] = "The %s field may only contain alpha-numeric characters."; +$lang['alpha_dash'] = "The %s field may only contain alpha-numeric characters, underscores, and dashes."; +$lang['numeric'] = "The %s field must contain only numbers."; +$lang['is_numeric'] = "The %s field must contain only numeric characters."; +$lang['integer'] = "The %s field must contain an integer."; +$lang['regex_match'] = "The %s field is not in the correct format."; +$lang['matches'] = "The %s field does not match the %s field."; +$lang['is_unique'] = "The %s field must contain a unique value."; +$lang['is_natural'] = "The %s field must contain only positive numbers."; +$lang['is_natural_no_zero'] = "The %s field must contain a number greater than zero."; +$lang['decimal'] = "The %s field must contain a decimal number."; +$lang['less_than'] = "The %s field must contain a number less than %s."; +$lang['equal_to_less_than'] = "The %s field must contain a number equal to or less than %s."; +$lang['greater_than'] = "The %s field must contain a number greater than %s."; +$lang['equal_to_greater_than'] = "The %s field must contain a number equal to or greater than %s."; /* End of file form_validation_lang.php */ diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php index 0a6a2af0d..1b2907a08 100644 --- a/system/libraries/Form_validation.php +++ b/system/libraries/Form_validation.php @@ -1116,7 +1116,7 @@ class CI_Form_validation { // -------------------------------------------------------------------- /** - * Greather than + * Greater than * * @param string * @return bool @@ -1130,6 +1130,24 @@ class CI_Form_validation { return $str > $min; } + // -------------------------------------------------------------------- + + /** + * Equal to or Greater than + * + * @access public + * @param string + * @return bool + */ + function equal_to_greater_than($str, $min) + { + if ( ! is_numeric($str)) + { + return FALSE; + } + return $str >= $min; + } + // -------------------------------------------------------------------- /** @@ -1149,6 +1167,24 @@ class CI_Form_validation { // -------------------------------------------------------------------- + /** + * Equal to or Less than + * + * @access public + * @param string + * @return bool + */ + function equal_to_less_than($str, $max) + { + if ( ! is_numeric($str)) + { + return FALSE; + } + return $str <= $max; + } + + // -------------------------------------------------------------------- + /** * Is a Natural number (0,1,2,3, etc.) * diff --git a/user_guide_src/source/libraries/form_validation.rst b/user_guide_src/source/libraries/form_validation.rst index e7875bc22..185850b5a 100644 --- a/user_guide_src/source/libraries/form_validation.rst +++ b/user_guide_src/source/libraries/form_validation.rst @@ -823,34 +823,38 @@ Rule Reference The following is a list of all the native rules that are available to use: -======================= ========== ============================================================================================= ======================= -Rule Parameter Description Example -======================= ========== ============================================================================================= ======================= -**required** No Returns FALSE if the form element is empty. -**matches** Yes Returns FALSE if the form element does not match the one in the parameter. matches[form_item] -**is_unique** Yes Returns FALSE if the form element is not unique to the is_unique[table.field] - table and field name in the parameter. is_unique[table.field] -**max_length** Yes Returns FALSE if the form element is longer then the parameter value. max_length[12] -**exact_length** Yes Returns FALSE if the form element is not exactly the parameter value. exact_length[8] -**greater_than** Yes Returns FALSE if the form element is less than the parameter value or not numeric. greater_than[8] -**less_than** Yes Returns FALSE if the form element is greater than the parameter value or not numeric. less_than[8] -**alpha** No Returns FALSE if the form element contains anything other than alphabetical characters. -**alpha_numeric** No Returns FALSE if the form element contains anything other than alpha-numeric characters. -**alpha_dash** No Returns FALSE if the form element contains anything other than alpha-numeric characters, - underscores or dashes. -**numeric** No Returns FALSE if the form element contains anything other than numeric characters. -**integer** No Returns FALSE if the form element contains anything other than an integer. -**decimal** Yes Returns FALSE if the form element is not exactly the parameter value. -**is_natural** No Returns FALSE if the form element contains anything other than a natural number: - 0, 1, 2, 3, etc. -**is_natural_no_zero** No Returns FALSE if the form element contains anything other than a natural - number, but not zero: 1, 2, 3, etc. -**is_unique** Yes Returns FALSE if the form element is not unique in a database table. is_unique[table.field] -**valid_email** No Returns FALSE if the form element does not contain a valid email address. -**valid_emails** No Returns FALSE if any value provided in a comma separated list is not a valid email. -**valid_ip** No Returns FALSE if the supplied IP is not valid. -**valid_base64** No Returns FALSE if the supplied string contains anything other than valid Base64 characters. -======================= ========== ============================================================================================= ======================= +========================= ========== ============================================================================================= ======================= +Rule Parameter Description Example +========================= ========== ============================================================================================= ======================= +**required** No Returns FALSE if the form element is empty. +**matches** Yes Returns FALSE if the form element does not match the one in the parameter. matches[form_item] +**is_unique** Yes Returns FALSE if the form element is not unique to the is_unique[table.field] + table and field name in the parameter. is_unique[table.field] +**max_length** Yes Returns FALSE if the form element is longer then the parameter value. max_length[12] +**exact_length** Yes Returns FALSE if the form element is not exactly the parameter value. exact_length[8] +**greater_than** Yes Returns FALSE if the form element is less than the parameter value or not numeric. greater_than[8] +**equal_to_greater_than** Yes Returns FALSE if the form element is not equal to or less than the parameter value, greater_than[8] + or not numeric. +**less_than** Yes Returns FALSE if the form element is greater than the parameter value or not numeric. less_than[8] +**equal_to_less_than** Yes Returns FALSE if the form element is not equal to or greater than the parameter value, less_than[8] + or not numeric. +**alpha** No Returns FALSE if the form element contains anything other than alphabetical characters. +**alpha_numeric** No Returns FALSE if the form element contains anything other than alpha-numeric characters. +**alpha_dash** No Returns FALSE if the form element contains anything other than alpha-numeric characters, + underscores or dashes. +**numeric** No Returns FALSE if the form element contains anything other than numeric characters. +**integer** No Returns FALSE if the form element contains anything other than an integer. +**decimal** Yes Returns FALSE if the form element is not exactly the parameter value. +**is_natural** No Returns FALSE if the form element contains anything other than a natural number: + 0, 1, 2, 3, etc. +**is_natural_no_zero** No Returns FALSE if the form element contains anything other than a natural + number, but not zero: 1, 2, 3, etc. +**is_unique** Yes Returns FALSE if the form element is not unique in a database table. is_unique[table.field] +**valid_email** No Returns FALSE if the form element does not contain a valid email address. +**valid_emails** No Returns FALSE if any value provided in a comma separated list is not a valid email. +**valid_ip** No Returns FALSE if the supplied IP is not valid. +**valid_base64** No Returns FALSE if the supplied string contains anything other than valid Base64 characters. +========================= ========== ============================================================================================= ======================= .. note:: These rules can also be called as discrete functions. For example:: -- cgit v1.2.3-24-g4f1b From c1931667cbc614a704f536beb882931af82241cd Mon Sep 17 00:00:00 2001 From: Nick Busey Date: Mon, 6 Feb 2012 17:55:58 -0700 Subject: Renaming equal_to_greater_than to greater_than_equal_to, equal_to_less_than to less_than_equal_to --- system/language/english/form_validation_lang.php | 4 ++-- system/libraries/Form_validation.php | 4 ++-- user_guide_src/source/libraries/form_validation.rst | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/system/language/english/form_validation_lang.php b/system/language/english/form_validation_lang.php index 2ee2cb9dd..7fa6934f5 100644 --- a/system/language/english/form_validation_lang.php +++ b/system/language/english/form_validation_lang.php @@ -47,9 +47,9 @@ $lang['is_natural'] = "The %s field must contain only positive numbers."; $lang['is_natural_no_zero'] = "The %s field must contain a number greater than zero."; $lang['decimal'] = "The %s field must contain a decimal number."; $lang['less_than'] = "The %s field must contain a number less than %s."; -$lang['equal_to_less_than'] = "The %s field must contain a number equal to or less than %s."; +$lang['less_than_equal_to'] = "The %s field must contain a number equal to or less than %s."; $lang['greater_than'] = "The %s field must contain a number greater than %s."; -$lang['equal_to_greater_than'] = "The %s field must contain a number equal to or greater than %s."; +$lang['greater_than_equal_to'] = "The %s field must contain a number equal to or greater than %s."; /* End of file form_validation_lang.php */ diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php index 1b2907a08..3ee3cf9df 100644 --- a/system/libraries/Form_validation.php +++ b/system/libraries/Form_validation.php @@ -1139,7 +1139,7 @@ class CI_Form_validation { * @param string * @return bool */ - function equal_to_greater_than($str, $min) + function greater_than_equal_to($str, $min) { if ( ! is_numeric($str)) { @@ -1174,7 +1174,7 @@ class CI_Form_validation { * @param string * @return bool */ - function equal_to_less_than($str, $max) + function less_than_equal_to($str, $max) { if ( ! is_numeric($str)) { diff --git a/user_guide_src/source/libraries/form_validation.rst b/user_guide_src/source/libraries/form_validation.rst index 185850b5a..0ca6e767b 100644 --- a/user_guide_src/source/libraries/form_validation.rst +++ b/user_guide_src/source/libraries/form_validation.rst @@ -833,10 +833,10 @@ Rule Parameter Description **max_length** Yes Returns FALSE if the form element is longer then the parameter value. max_length[12] **exact_length** Yes Returns FALSE if the form element is not exactly the parameter value. exact_length[8] **greater_than** Yes Returns FALSE if the form element is less than the parameter value or not numeric. greater_than[8] -**equal_to_greater_than** Yes Returns FALSE if the form element is not equal to or less than the parameter value, greater_than[8] +**greater_than_equal_to** Yes Returns FALSE if the form element is not equal to or less than the parameter value, greater_than[8] or not numeric. **less_than** Yes Returns FALSE if the form element is greater than the parameter value or not numeric. less_than[8] -**equal_to_less_than** Yes Returns FALSE if the form element is not equal to or greater than the parameter value, less_than[8] +**less_than_equal_to** Yes Returns FALSE if the form element is not equal to or greater than the parameter value, less_than[8] or not numeric. **alpha** No Returns FALSE if the form element contains anything other than alphabetical characters. **alpha_numeric** No Returns FALSE if the form element contains anything other than alpha-numeric characters. -- cgit v1.2.3-24-g4f1b From d5c0172e02b99278f4928897c1489cd628a50e2d Mon Sep 17 00:00:00 2001 From: John Crepezzi Date: Tue, 7 Feb 2012 19:06:46 -0500 Subject: Fix #1009 documentation fixed --- system/language/english/form_validation_lang.php | 6 +++--- user_guide_src/source/libraries/form_validation.rst | 10 ++++++---- 2 files changed, 9 insertions(+), 7 deletions(-) diff --git a/system/language/english/form_validation_lang.php b/system/language/english/form_validation_lang.php index 7fa6934f5..ea589618a 100644 --- a/system/language/english/form_validation_lang.php +++ b/system/language/english/form_validation_lang.php @@ -47,10 +47,10 @@ $lang['is_natural'] = "The %s field must contain only positive numbers."; $lang['is_natural_no_zero'] = "The %s field must contain a number greater than zero."; $lang['decimal'] = "The %s field must contain a decimal number."; $lang['less_than'] = "The %s field must contain a number less than %s."; -$lang['less_than_equal_to'] = "The %s field must contain a number equal to or less than %s."; +$lang['less_than_equal_to'] = "The %s field must contain a number less than or equal to %s."; $lang['greater_than'] = "The %s field must contain a number greater than %s."; -$lang['greater_than_equal_to'] = "The %s field must contain a number equal to or greater than %s."; +$lang['greater_than_equal_to'] = "The %s field must contain a number greater than or equal to %s."; /* End of file form_validation_lang.php */ -/* Location: ./system/language/english/form_validation_lang.php */ \ No newline at end of file +/* Location: ./system/language/english/form_validation_lang.php */ diff --git a/user_guide_src/source/libraries/form_validation.rst b/user_guide_src/source/libraries/form_validation.rst index 0ca6e767b..684051db5 100644 --- a/user_guide_src/source/libraries/form_validation.rst +++ b/user_guide_src/source/libraries/form_validation.rst @@ -832,11 +832,13 @@ Rule Parameter Description table and field name in the parameter. is_unique[table.field] **max_length** Yes Returns FALSE if the form element is longer then the parameter value. max_length[12] **exact_length** Yes Returns FALSE if the form element is not exactly the parameter value. exact_length[8] -**greater_than** Yes Returns FALSE if the form element is less than the parameter value or not numeric. greater_than[8] -**greater_than_equal_to** Yes Returns FALSE if the form element is not equal to or less than the parameter value, greater_than[8] +**greater_than** Yes Returns FALSE if the form element is less than or equal to the parameter value or not greater_than[8] + numeric. +**greater_than_equal_to** Yes Returns FALSE if the form element is less than the parameter value, greater_than_equal_to[8] or not numeric. -**less_than** Yes Returns FALSE if the form element is greater than the parameter value or not numeric. less_than[8] -**less_than_equal_to** Yes Returns FALSE if the form element is not equal to or greater than the parameter value, less_than[8] +**less_than** Yes Returns FALSE if the form element is greater than or equal to the parameter value or less_than[8] + not numeric. +**less_than_equal_to** Yes Returns FALSE if the form element is greater than the parameter value, less_than_equal_to[8] or not numeric. **alpha** No Returns FALSE if the form element contains anything other than alphabetical characters. **alpha_numeric** No Returns FALSE if the form element contains anything other than alpha-numeric characters. -- cgit v1.2.3-24-g4f1b From 67ccdc02e1b66750b0e13eadcfacc47f01c1de67 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 27 Feb 2012 23:57:58 +0200 Subject: Do not create a CSRF cookie if CSRF protection is not enabled --- system/core/Security.php | 39 ++++++++++++++++++++------------------- 1 file changed, 20 insertions(+), 19 deletions(-) diff --git a/system/core/Security.php b/system/core/Security.php index 1007f61f4..688aeba33 100755 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -25,8 +25,6 @@ * @filesource */ -// ------------------------------------------------------------------------ - /** * Security Class * @@ -106,23 +104,27 @@ class CI_Security { public function __construct() { - // CSRF config - foreach(array('csrf_expire', 'csrf_token_name', 'csrf_cookie_name') as $key) + // Is CSRF protection enabled? + if (config_item('csrf_protection') === TRUE) { - if (FALSE !== ($val = config_item($key))) + // CSRF config + foreach (array('csrf_expire', 'csrf_token_name', 'csrf_cookie_name') as $key) { - $this->{'_'.$key} = $val; + if (FALSE !== ($val = config_item($key))) + { + $this->{'_'.$key} = $val; + } } - } - // Append application specific cookie prefix - if (config_item('cookie_prefix')) - { - $this->_csrf_cookie_name = config_item('cookie_prefix').$this->_csrf_cookie_name; - } + // Append application specific cookie prefix + if (config_item('cookie_prefix')) + { + $this->_csrf_cookie_name = config_item('cookie_prefix').$this->_csrf_cookie_name; + } - // Set the CSRF hash - $this->_csrf_set_hash(); + // Set the CSRF hash + $this->_csrf_set_hash(); + } log_message('debug', 'Security Class Initialized'); } @@ -189,7 +191,7 @@ class CI_Security { $expire = time() + $this->_csrf_expire; $secure_cookie = (bool) config_item('cookie_secure'); - if ($secure_cookie && ( ! isset($_SERVER['HTTPS']) OR $_SERVER['HTTPS'] == 'off' OR ! $_SERVER['HTTPS'])) + if ($secure_cookie && (empty($_SERVER['HTTPS']) OR $_SERVER['HTTPS'] === 'off')) { return FALSE; } @@ -358,7 +360,7 @@ class CI_Security { foreach ($words as $word) { - $word = implode("\s*", str_split($word)) . "\s*"; + $word = implode('\s*', str_split($word)).'\s*'; // We only want to do this when it is followed by a non-word character // That way valid stuff like "dealer to" does not become "dealerto" @@ -425,7 +427,6 @@ class CI_Security { '\\1\\2(\\3)', $str); - // Final clean up // This adds a bit of extra precaution in case // something got through the above filters @@ -601,7 +602,7 @@ class CI_Security { } // find occurrences of illegal attribute strings with quotes (042 and 047 are octal quotes) - preg_match_all('/('.implode('|', $evil_attributes).')\s*=\s*(\042|\047)([^\\2]*?)(\\2)/is', $str, $matches, PREG_SET_ORDER); + preg_match_all('/('.implode('|', $evil_attributes).')\s*=\s*(\042|\047)([^\\2]*?)(\\2)/is', $str, $matches, PREG_SET_ORDER); foreach ($matches as $attr) { @@ -633,7 +634,7 @@ class CI_Security { { return '<'.$matches[1].$matches[2].$matches[3] // encode opening brace // encode captured opening or closing brace to prevent recursive vectors: - . str_replace(array('>', '<'), array('>', '<'), $matches[4]); + .str_replace(array('>', '<'), array('>', '<'), $matches[4]); } // -------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From 04ae0672aa9b9f8e590201e8c3817f307800e2c6 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 27 Feb 2012 23:59:18 +0200 Subject: Add changelog entry --- user_guide_src/source/changelog.rst | 1 + 1 file changed, 1 insertion(+) diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index dc6b29516..7916c4e98 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -108,6 +108,7 @@ Bug fixes for 3.0 - Fixed a possible bug in ``CI_Input::is_ajax_request()`` where some clients might not send the X-Requested-With HTTP header value exactly as 'XmlHttpRequest'. - Fixed a bug (#1039) - MySQL's _backup() method failed due to a table name not being escaped. - Fixed a bug (#1070) - CI_DB_driver::initialize() didn't set a character set if a database is not selected. +- Fixed a bug (#499) - a CSRF cookie was created even with CSRF protection being disabled. Version 2.1.0 ============= -- cgit v1.2.3-24-g4f1b From a10c8e17bbd1eb75aed1bb74523449f81ee393a2 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 29 Feb 2012 18:56:12 +0200 Subject: Add strtolower to the HTTPS check --- system/core/Security.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/system/core/Security.php b/system/core/Security.php index 688aeba33..6f25fb5bb 100755 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -191,7 +191,7 @@ class CI_Security { $expire = time() + $this->_csrf_expire; $secure_cookie = (bool) config_item('cookie_secure'); - if ($secure_cookie && (empty($_SERVER['HTTPS']) OR $_SERVER['HTTPS'] === 'off')) + if ($secure_cookie && (empty($_SERVER['HTTPS']) OR strtolower($_SERVER['HTTPS']) === 'off')) { return FALSE; } -- cgit v1.2.3-24-g4f1b From ef7474c6ca9887283c964e17c450ca09559643c4 Mon Sep 17 00:00:00 2001 From: Ryan Dial Date: Thu, 1 Mar 2012 16:11:36 -0500 Subject: compile binds before caching the query, otherwise the cached query will never match the unbound query. updated changlog to mention bug fix. --- system/database/DB_driver.php | 12 ++++++------ user_guide/changelog.html | 1 + 2 files changed, 7 insertions(+), 6 deletions(-) diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php index 4dfb584f2..6161f149b 100644 --- a/system/database/DB_driver.php +++ b/system/database/DB_driver.php @@ -265,6 +265,12 @@ class CI_DB_driver { $sql = preg_replace("/(\W)".$this->swap_pre."(\S+?)/", "\\1".$this->dbprefix."\\2", $sql); } + // Compile binds if needed + if ($binds !== FALSE) + { + $sql = $this->compile_binds($sql, $binds); + } + // Is query caching enabled? If the query is a "read type" // we will load the caching class and return the previously // cached query if it exists @@ -280,12 +286,6 @@ class CI_DB_driver { } } - // Compile binds if needed - if ($binds !== FALSE) - { - $sql = $this->compile_binds($sql, $binds); - } - // Save the query for debugging if ($this->save_queries == TRUE) { diff --git a/user_guide/changelog.html b/user_guide/changelog.html index 76a0bcb19..b87e61ba8 100644 --- a/user_guide/changelog.html +++ b/user_guide/changelog.html @@ -79,6 +79,7 @@ Change Log
  • Fixed a bug - form_open() compared $action against site_url() instead of base_url()
  • Fixed a bug - CI_Upload::_file_mime_type() could've failed if mime_content_type() is used for the detection and returns FALSE.
  • Fixed a bug (#538) - Windows paths were ignored when using the Image Manipulation Class to create a new file.
    • +
  • Fixed a bug - When database caching was enabled, $this->db->query() checked the cache before binding variables which resulted in cached queries never being found.
    • -- cgit v1.2.3-24-g4f1b From 2f8473c031e8a1fa62a5556e013e293c297c41da Mon Sep 17 00:00:00 2001 From: Brenderous Date: Fri, 2 Mar 2012 20:29:38 -0700 Subject: Just a grammar fix. Changed "...as the code these file contain will be minimized" to "...as the code these files contain will be minimized". --- user_guide_src/source/overview/at_a_glance.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/user_guide_src/source/overview/at_a_glance.rst b/user_guide_src/source/overview/at_a_glance.rst index 31f0b4dd9..6dcfdbb14 100644 --- a/user_guide_src/source/overview/at_a_glance.rst +++ b/user_guide_src/source/overview/at_a_glance.rst @@ -41,7 +41,7 @@ CodeIgniter Uses M-V-C CodeIgniter uses the Model-View-Controller approach, which allows great separation between logic and presentation. This is particularly good for projects in which designers are working with your template files, as the -code these file contain will be minimized. We describe MVC in more +code these files contain will be minimized. We describe MVC in more detail on its own page. CodeIgniter Generates Clean URLs -- cgit v1.2.3-24-g4f1b From 3722e50439fd88281f8730fd329b41812cd19963 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 3 Mar 2012 15:04:38 +0200 Subject: Fix MySQL/MySQLi field_data() --- system/database/drivers/mysql/mysql_driver.php | 31 +++++++++++++++++++----- system/database/drivers/mysqli/mysqli_driver.php | 31 +++++++++++++++++++----- 2 files changed, 50 insertions(+), 12 deletions(-) diff --git a/system/database/drivers/mysql/mysql_driver.php b/system/database/drivers/mysql/mysql_driver.php index 84f7791c7..7fd08a6ed 100644 --- a/system/database/drivers/mysql/mysql_driver.php +++ b/system/database/drivers/mysql/mysql_driver.php @@ -404,16 +404,35 @@ class CI_DB_mysql_driver extends CI_DB { // -------------------------------------------------------------------- /** - * Field data query - * - * Generates a platform-specific query so that the column data can be retrieved + * Returns an object with field data * * @param string the table name - * @return string + * @return object */ - public function _field_data($table) + public function field_data($table = '') { - return 'DESCRIBE '.$table; + if ($table == '') + { + return ($this->db_debug) ? $this->display_error('db_field_param_missing') : FALSE; + } + + $query = $this->query('DESCRIBE '.$this->_protect_identifiers($table, TRUE, NULL, FALSE)); + $query = $query->result_object(); + + $retval = array(); + for ($i = 0, $c = count($query); $i < $c; $i++) + { + preg_match('/([a-z]+)(\(\d+\))?/', $query[$i]->Type, $matches); + + $retval[$i] = new stdClass(); + $retval[$i]->name = $query[$i]->Field; + $retval[$i]->type = empty($matches[1]) ? NULL : $matches[1]; + $retval[$i]->default = $query[$i]->Default; + $retval[$i]->max_length = empty($matches[2]) ? NULL : preg_replace('/[^\d]/', '', $matches[2]); + $retval[$i]->primary_key = (int) ($query[$i]->Key === 'PRI'); + } + + return $retval; } // -------------------------------------------------------------------- diff --git a/system/database/drivers/mysqli/mysqli_driver.php b/system/database/drivers/mysqli/mysqli_driver.php index 19353944d..25b6ceca1 100644 --- a/system/database/drivers/mysqli/mysqli_driver.php +++ b/system/database/drivers/mysqli/mysqli_driver.php @@ -405,16 +405,35 @@ class CI_DB_mysqli_driver extends CI_DB { // -------------------------------------------------------------------- /** - * Field data query - * - * Generates a platform-specific query so that the column data can be retrieved + * Returns an object with field data * * @param string the table name - * @return string + * @return object */ - protected function _field_data($table) + public function field_data($table = '') { - return 'DESCRIBE '.$table; + if ($table == '') + { + return ($this->db_debug) ? $this->display_error('db_field_param_missing') : FALSE; + } + + $query = $this->query('DESCRIBE '.$this->_protect_identifiers($table, TRUE, NULL, FALSE)); + $query = $query->result_object(); + + $retval = array(); + for ($i = 0, $c = count($query); $i < $c; $i++) + { + preg_match('/([a-z]+)(\(\d+\))?/', $query[$i]->Type, $matches); + + $retval[$i] = new stdClass(); + $retval[$i]->name = $query[$i]->Field; + $retval[$i]->type = empty($matches[1]) ? NULL : $matches[1]; + $retval[$i]->default = $query[$i]->Default; + $retval[$i]->max_length = empty($matches[2]) ? NULL : preg_replace('/[^\d]/', '', $matches[2]); + $retval[$i]->primary_key = (int) ($query[$i]->Key === 'PRI'); + } + + return $retval; } // -------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From 3edd88eee84886fc6ba3e1fc25beda3c424370bc Mon Sep 17 00:00:00 2001 From: tubalmartin Date: Sat, 3 Mar 2012 22:10:34 +0100 Subject: An even better url_title helper. Tests: http://codepad.org/tuJgvkyN Changelog entry added for 2.1.1 --- system/helpers/url_helper.php | 27 +++++++-------------------- user_guide/changelog.html | 5 +++++ 2 files changed, 12 insertions(+), 20 deletions(-) diff --git a/system/helpers/url_helper.php b/system/helpers/url_helper.php index 9f4b85248..cdb6dae9c 100644 --- a/system/helpers/url_helper.php +++ b/system/helpers/url_helper.php @@ -478,27 +478,14 @@ if ( ! function_exists('url_title')) { function url_title($str, $separator = 'dash', $lowercase = FALSE) { - if ($separator == 'dash') - { - $search = '_'; - $replace = '-'; - } - else - { - $search = '-'; - $replace = '_'; - } + $replace = $separator == 'dash' ? '-' : '_'; $trans = array( - '&\#\d+?;' => '', - '&\S+?;' => '', - '\s+' => $replace, - '[^a-z0-9\-\._]' => '', - $replace.'+' => $replace, - $replace.'$' => $replace, - '^'.$replace => $replace, - '\.+$' => '' - ); + '&.+?;' => '', + '[^a-z0-9 _-]' => '', + '\s+' => $replace, + $replace.'+' => $replace + ); $str = strip_tags($str); @@ -512,7 +499,7 @@ if ( ! function_exists('url_title')) $str = strtolower($str); } - return trim(stripslashes($str)); + return trim($str, $replace); } } diff --git a/user_guide/changelog.html b/user_guide/changelog.html index b87e61ba8..b85dc8d52 100644 --- a/user_guide/changelog.html +++ b/user_guide/changelog.html @@ -71,6 +71,11 @@ Change Log
  • Further improved MIME type detection in the File Uploading Library.
    • +
  • Helpers +
      +
    • url_title() performance and output improved.
      • +
    +

    • Bug fixes for 2.1.1

    -- cgit v1.2.3-24-g4f1b From 010f1f4b315c8f5aef2e0b4c6571e4c4752f56c6 Mon Sep 17 00:00:00 2001 From: tubalmartin Date: Sat, 3 Mar 2012 22:24:31 +0100 Subject: Fixed a bug - CI_Upload::_file_mime_type() could've failed if popen() is used for the detection. --- system/libraries/Upload.php | 2 +- user_guide/changelog.html | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/system/libraries/Upload.php b/system/libraries/Upload.php index 91fbf66ca..b0490de30 100644 --- a/system/libraries/Upload.php +++ b/system/libraries/Upload.php @@ -1095,7 +1095,7 @@ class CI_Upload { $proc = @popen($cmd, 'r'); if (is_resource($proc)) { - $mime = @fread($test, 512); + $mime = @fread($proc, 512); @pclose($proc); if ($mime !== FALSE) { diff --git a/user_guide/changelog.html b/user_guide/changelog.html index b87e61ba8..cf693685b 100644 --- a/user_guide/changelog.html +++ b/user_guide/changelog.html @@ -78,6 +78,7 @@ Change Log
  • Fixed a bug (#697) - A wrong array key was used in the Upload library to check for mime-types.
  • Fixed a bug - form_open() compared $action against site_url() instead of base_url()
  • Fixed a bug - CI_Upload::_file_mime_type() could've failed if mime_content_type() is used for the detection and returns FALSE.
    • +
  • Fixed a bug - CI_Upload::_file_mime_type() could've failed if popen() is used for the detection.
  • Fixed a bug (#538) - Windows paths were ignored when using the Image Manipulation Class to create a new file.
  • Fixed a bug - When database caching was enabled, $this->db->query() checked the cache before binding variables which resulted in cached queries never being found.
    • -- cgit v1.2.3-24-g4f1b From 69dcfbc0f45097e5471858e2ef8d6c92096bc1e7 Mon Sep 17 00:00:00 2001 From: tubalmartin Date: Sun, 4 Mar 2012 14:17:52 +0100 Subject: Removed changelog entry --- user_guide/changelog.html | 1 - 1 file changed, 1 deletion(-) diff --git a/user_guide/changelog.html b/user_guide/changelog.html index cf693685b..b87e61ba8 100644 --- a/user_guide/changelog.html +++ b/user_guide/changelog.html @@ -78,7 +78,6 @@ Change Log
  • Fixed a bug (#697) - A wrong array key was used in the Upload library to check for mime-types.
  • Fixed a bug - form_open() compared $action against site_url() instead of base_url()
  • Fixed a bug - CI_Upload::_file_mime_type() could've failed if mime_content_type() is used for the detection and returns FALSE.
    • -
  • Fixed a bug - CI_Upload::_file_mime_type() could've failed if popen() is used for the detection.
  • Fixed a bug (#538) - Windows paths were ignored when using the Image Manipulation Class to create a new file.
  • Fixed a bug - When database caching was enabled, $this->db->query() checked the cache before binding variables which resulted in cached queries never being found.
    • -- cgit v1.2.3-24-g4f1b From f8f04ce990a46f1967cd58def4929c476f4595a5 Mon Sep 17 00:00:00 2001 From: Phil Sturgeon Date: Sun, 4 Mar 2012 14:21:12 +0000 Subject: Fixed conflicts. --- system/helpers/form_helper.php | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index bed2cb297..6efef2324 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -22,7 +22,6 @@ * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 - * @filesource */ // ------------------------------------------------------------------------ @@ -72,8 +71,8 @@ if ( ! function_exists('form_open')) $form = '
    \n"; - // Add CSRF field if enabled, but leave it out for GET requests and requests to external websites - if ($CI->config->item('csrf_protection') === TRUE AND ! (strpos($action, $CI->config->site_url()) === FALSE OR strpos($form, 'method="get"'))) + // Add CSRF field if enabled, but leave it out for GET requests and requests to external websites + if ($CI->config->item('csrf_protection') === TRUE AND ! (strpos($action, $CI->config->base_url()) === FALSE OR strpos($form, 'method="get"'))) { $hidden[$CI->security->get_csrf_token_name()] = $CI->security->get_csrf_hash(); } -- cgit v1.2.3-24-g4f1b From 099c478b2ebafd0a1b74e76221ed06c214e195f4 Mon Sep 17 00:00:00 2001 From: JonoB Date: Sun, 4 Mar 2012 14:37:30 +0000 Subject: Allow users to specify an array for validation, instead of alway using the $_POST array --- system/libraries/Form_validation.php | 67 ++++++++++++++++++---- user_guide_src/source/changelog.rst | 1 + .../source/libraries/form_validation.rst | 35 ++++++++++- 3 files changed, 88 insertions(+), 15 deletions(-) diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php index 5069a44c1..b3efe82cf 100644 --- a/system/libraries/Form_validation.php +++ b/system/libraries/Form_validation.php @@ -47,7 +47,8 @@ class CI_Form_validation { protected $_error_suffix = '

    '; protected $error_string = ''; protected $_safe_form_data = FALSE; - + protected $validation_data = array(); + /** * Constructor */ @@ -84,8 +85,9 @@ class CI_Form_validation { */ public function set_rules($field, $label = '', $rules = '') { - // No reason to set rules if we have no POST data - if (count($_POST) === 0) + // No reason to set rules if we have no POST data + // or a validation array has not been specified + if (count($_POST) === 0 && count($this->validation_data) === 0) { return $this; } @@ -159,13 +161,31 @@ class CI_Form_validation { return $this; } + // -------------------------------------------------------------------- + + /** + * By default, form validation uses the $_POST array to validate + * + * If an array is set through this method, then this array will + * be used instead of the $_POST array + * + * @param array $data + */ + public function set_data($data = '') + { + if ( ! empty($data) && is_array($data)) + { + $this->validation_data = $data; + } + } + // -------------------------------------------------------------------- /** * Set Error Message * * Lets users set their own error messages on the fly. Note: The key - * name has to match the function name that it corresponds to. + * name has to match the function name that it corresponds to. * * @param string * @param string @@ -300,10 +320,14 @@ class CI_Form_validation { public function run($group = '') { // Do we even have any data to process? Mm? - if (count($_POST) === 0) + $validation_array = ( ! empty($this->validation_data)) ? $this->validation_data : $_POST; + if (count($validation_array) === 0) { return FALSE; } + + // Clear any previous validation data + $this->_reset_validation(); // Does the _field_data array containing the validation rules exist? // If not, we look to see if they were assigned via a config file @@ -342,18 +366,18 @@ class CI_Form_validation { // corresponding $_POST item and test for errors foreach ($this->_field_data as $field => $row) { - // Fetch the data from the corresponding $_POST array and cache it in the _field_data array. + // Fetch the data from the corresponding $_POST or validation array and cache it in the _field_data array. // Depending on whether the field name is an array or a string will determine where we get it from. if ($row['is_array'] === TRUE) { - $this->_field_data[$field]['postdata'] = $this->_reduce_array($_POST, $row['keys']); + $this->_field_data[$field]['postdata'] = $this->_reduce_array($validation_array, $row['keys']); } else { - if (isset($_POST[$field]) AND $_POST[$field] != "") + if (isset($validation_array[$field]) AND $validation_array[$field] != "") { - $this->_field_data[$field]['postdata'] = $_POST[$field]; + $this->_field_data[$field]['postdata'] = $validation_array[$field]; } } @@ -867,12 +891,13 @@ class CI_Form_validation { */ public function matches($str, $field) { - if ( ! isset($_POST[$field])) + $validation_array = ( ! empty($this->validation_data)) ? $this->validation_data : $_POST; + if ( ! isset($validation_array[$field])) { return FALSE; } - return ($str === $_POST[$field]); + return ($str === $validation_array[$field]); } // -------------------------------------------------------------------- @@ -1282,7 +1307,25 @@ class CI_Form_validation { { return str_replace(array(''), array('<?php', '<?PHP', '<?', '?>'), $str); } - + + // -------------------------------------------------------------------- + + /** + * Reset validation vars + * + * Prevents subsequent validation routines from being affected by the + * results of any previous validation routine due to the CI singleton. + * + * @return void + */ + protected function _reset_validation() + { + $this->_field_data = array(); + $this->_config_rules = array(); + $this->_error_array = array(); + $this->_error_messages = array(); + $this->error_string = ''; + } } /* End of file Form_validation.php */ diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index 2ada9ee67..2158104f9 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -83,6 +83,7 @@ Release Date: Not Released - Removed SHA1 function in the :doc:`Encryption Library `. - Added $config['csrf_regeneration'] to the CSRF protection in the :doc:`Security library `, which makes token regeneration optional. - Added function error_array() to return all error messages as an array in the Form_validation class. + - Added function set_data() to Form_validation library, which can be used in place of the default $_POST array. - Changed the Session library to select only one row when using database sessions. - Core diff --git a/user_guide_src/source/libraries/form_validation.rst b/user_guide_src/source/libraries/form_validation.rst index 09a192bb0..2fe315dba 100644 --- a/user_guide_src/source/libraries/form_validation.rst +++ b/user_guide_src/source/libraries/form_validation.rst @@ -579,7 +579,27 @@ must supply it as an array to the function. Example:: For more info please see the :ref:`using-arrays-as-field-names` section below. -.. _saving-groups: +Validating An Array (Other Than The $_POST Array) +================================================= + +Sometimes you may want to validate an array that does not originate from $_POST data. + +In this case, you can specify the array to be validated:: + + $data = array( + 'username' => 'johndoe', + 'password' => 'mypassword', + 'passconf' => 'mypassword' + )); + + $this->form_validation->set_data($data); + +Creating validation rules, running the validation and retrieving error messages works the same whether you are +validating $_POST data or an array. + +For more info please see the :ref:`function-reference` section below. + +-.. _saving-groups: ************************************************ Saving Sets of Validation Rules to a Config File @@ -930,6 +950,16 @@ $this->form_validation->set_message(); Permits you to set custom error messages. See :ref:`setting-error-messages` +$this->form_validation->set_data(); +======================================== + + .. php:method:: set_data ($data = '') + + :param array $data: The data to validate + + Permits you to set an array for validation, instead of using the default + $_POST array. + $this->form_validation->error_array(); ======================================== @@ -1019,5 +1049,4 @@ This function is identical to the **set_checkbox()** function above. :: /> - /> - + /> \ No newline at end of file -- cgit v1.2.3-24-g4f1b From 1a6971030718e2e92e6fc80750f7a14faf035257 Mon Sep 17 00:00:00 2001 From: tubalmartin Date: Sun, 4 Mar 2012 16:01:11 +0100 Subject: Allow developers to use any string as a separator, not just dashes or underscores. Backwards compatible when using 'dash' or 'underscore' as string separator. Tests: http://codepad.org/DWcxVH5r --- system/helpers/url_helper.php | 29 +++++++++++++++++++---------- 1 file changed, 19 insertions(+), 10 deletions(-) diff --git a/system/helpers/url_helper.php b/system/helpers/url_helper.php index cdb6dae9c..f1e8c6ac6 100644 --- a/system/helpers/url_helper.php +++ b/system/helpers/url_helper.php @@ -466,25 +466,34 @@ if ( ! function_exists('prep_url')) * Create URL Title * * Takes a "title" string as input and creates a - * human-friendly URL string with either a dash - * or an underscore as the word separator. + * human-friendly URL string with a "separator" string + * as the word separator. * * @access public * @param string the string - * @param string the separator: dash, or underscore + * @param string the separator * @return string */ if ( ! function_exists('url_title')) { - function url_title($str, $separator = 'dash', $lowercase = FALSE) + function url_title($str, $separator = '-', $lowercase = FALSE) { - $replace = $separator == 'dash' ? '-' : '_'; + if ($separator == 'dash') + { + $separator = '-'; + } + else if ($separator == 'underscore') + { + $separator = '_'; + } + + $q_separator = preg_quote($separator); $trans = array( - '&.+?;' => '', - '[^a-z0-9 _-]' => '', - '\s+' => $replace, - $replace.'+' => $replace + '&.+?;' => '', + '[^a-z0-9 _-]' => '', + '\s+' => $separator, + '('.$q_separator.')+' => $separator ); $str = strip_tags($str); @@ -499,7 +508,7 @@ if ( ! function_exists('url_title')) $str = strtolower($str); } - return trim($str, $replace); + return trim($str, $separator); } } -- cgit v1.2.3-24-g4f1b From a67ddc61937d178231607f66f2af3ef729f208d4 Mon Sep 17 00:00:00 2001 From: tubalmartin Date: Sun, 4 Mar 2012 16:18:04 +0100 Subject: User guide updated --- user_guide/helpers/url_helper.html | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/user_guide/helpers/url_helper.html b/user_guide/helpers/url_helper.html index 76ec32ab2..c23c5ac92 100644 --- a/user_guide/helpers/url_helper.html +++ b/user_guide/helpers/url_helper.html @@ -231,11 +231,11 @@ $url_title = url_title($title);
    -

    The second parameter determines the word delimiter. By default dashes are used. Options are: dash, or underscore:

    +

    The second parameter determines the word delimiter. By default dashes are used.

    $title = "What's wrong with CSS?";

    -$url_title = url_title($title, 'underscore');
    +$url_title = url_title($title, '_');

    // Produces: Whats_wrong_with_CSS     @@ -244,7 +244,7 @@ $url_title = url_title($title, 'underscore');
    $title = "What's wrong with CSS?";

    -$url_title = url_title($title, 'underscore', TRUE);
    +$url_title = url_title($title, '_', TRUE);

    // Produces: whats_wrong_with_css     -- cgit v1.2.3-24-g4f1b From 6f6897cdce965e1cf54deb40ce93ba9be281108f Mon Sep 17 00:00:00 2001 From: tubalmartin Date: Sun, 4 Mar 2012 16:24:04 +0100 Subject: Changelog updated --- user_guide/changelog.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/user_guide/changelog.html b/user_guide/changelog.html index b85dc8d52..613c4e65d 100644 --- a/user_guide/changelog.html +++ b/user_guide/changelog.html @@ -73,7 +73,7 @@ Change Log
  • Helpers
      -
    • url_title() performance and output improved.
      • +
    • url_title() performance and output improved. You can now use any string as the word delimiter. Backwards compatible with 'dash' or 'underscore' as words delimiters.
    • -- cgit v1.2.3-24-g4f1b From c8da4fe74d9cb0d456a18316fa9a0879d50e33f4 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sun, 4 Mar 2012 19:20:33 +0200 Subject: Fix indentation for changes from pull #1121 --- system/libraries/Form_validation.php | 49 +++++++++++----------- .../source/libraries/form_validation.rst | 18 ++++---- 2 files changed, 33 insertions(+), 34 deletions(-) diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php index b3efe82cf..1c0089d85 100644 --- a/system/libraries/Form_validation.php +++ b/system/libraries/Form_validation.php @@ -48,10 +48,7 @@ class CI_Form_validation { protected $error_string = ''; protected $_safe_form_data = FALSE; protected $validation_data = array(); - - /** - * Constructor - */ + public function __construct($rules = array()) { $this->CI =& get_instance(); @@ -85,7 +82,7 @@ class CI_Form_validation { */ public function set_rules($field, $label = '', $rules = '') { - // No reason to set rules if we have no POST data + // No reason to set rules if we have no POST data // or a validation array has not been specified if (count($_POST) === 0 && count($this->validation_data) === 0) { @@ -162,23 +159,24 @@ class CI_Form_validation { } // -------------------------------------------------------------------- - + /** * By default, form validation uses the $_POST array to validate - * + * * If an array is set through this method, then this array will * be used instead of the $_POST array - * - * @param array $data + * + * @param array $data + * @return void */ public function set_data($data = '') { if ( ! empty($data) && is_array($data)) { - $this->validation_data = $data; + $this->validation_data = $data; } } - + // -------------------------------------------------------------------- /** @@ -325,7 +323,7 @@ class CI_Form_validation { { return FALSE; } - + // Clear any previous validation data $this->_reset_validation(); @@ -891,7 +889,7 @@ class CI_Form_validation { */ public function matches($str, $field) { - $validation_array = ( ! empty($this->validation_data)) ? $this->validation_data : $_POST; + $validation_array = ( ! empty($this->validation_data)) ? $this->validation_data : $_POST; if ( ! isset($validation_array[$field])) { return FALSE; @@ -1307,25 +1305,26 @@ class CI_Form_validation { { return str_replace(array(''), array('<?php', '<?PHP', '<?', '?>'), $str); } - + // -------------------------------------------------------------------- - - /** - * Reset validation vars - * - * Prevents subsequent validation routines from being affected by the + + /** + * Reset validation vars + * + * Prevents subsequent validation routines from being affected by the * results of any previous validation routine due to the CI singleton. - * - * @return void - */ - protected function _reset_validation() - { + * + * @return void + */ + protected function _reset_validation() + { $this->_field_data = array(); $this->_config_rules = array(); $this->_error_array = array(); $this->_error_messages = array(); $this->error_string = ''; - } + } + } /* End of file Form_validation.php */ diff --git a/user_guide_src/source/libraries/form_validation.rst b/user_guide_src/source/libraries/form_validation.rst index 2fe315dba..0d8218374 100644 --- a/user_guide_src/source/libraries/form_validation.rst +++ b/user_guide_src/source/libraries/form_validation.rst @@ -579,20 +579,20 @@ must supply it as an array to the function. Example:: For more info please see the :ref:`using-arrays-as-field-names` section below. -Validating An Array (Other Than The $_POST Array) -================================================= +Validating an Array (other than $_POST) +======================================= Sometimes you may want to validate an array that does not originate from $_POST data. In this case, you can specify the array to be validated:: - $data = array( - 'username' => 'johndoe', - 'password' => 'mypassword', - 'passconf' => 'mypassword' - )); + $data = array( + 'username' => 'johndoe', + 'password' => 'mypassword', + 'passconf' => 'mypassword' + ); - $this->form_validation->set_data($data); + $this->form_validation->set_data($data); Creating validation rules, running the validation and retrieving error messages works the same whether you are validating $_POST data or an array. @@ -1049,4 +1049,4 @@ This function is identical to the **set_checkbox()** function above. :: /> - /> \ No newline at end of file + /> -- cgit v1.2.3-24-g4f1b From 8af2fdfda32303b8e2766d1fc873d1111baeb57e Mon Sep 17 00:00:00 2001 From: JonoB Date: Mon, 5 Mar 2012 09:51:27 +0000 Subject: Removed reset_validation() method from run() method --- system/libraries/Form_validation.php | 9 +++++---- user_guide_src/source/changelog.rst | 1 + user_guide_src/source/libraries/form_validation.rst | 11 +++++++++++ 3 files changed, 17 insertions(+), 4 deletions(-) diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php index eb6031697..cdb3d3d62 100644 --- a/system/libraries/Form_validation.php +++ b/system/libraries/Form_validation.php @@ -165,6 +165,10 @@ class CI_Form_validation { * * If an array is set through this method, then this array will * be used instead of the $_POST array + * + * Note that if you are validating multiple arrays, then the + * reset_validation() function should be called after validating + * each array due to the limitations of CI's singleton * * @param array $data * @return void @@ -324,9 +328,6 @@ class CI_Form_validation { return FALSE; } - // Clear any previous validation data - $this->_reset_validation(); - // Does the _field_data array containing the validation rules exist? // If not, we look to see if they were assigned via a config file if (count($this->_field_data) === 0) @@ -1352,7 +1353,7 @@ class CI_Form_validation { * * @return void */ - protected function _reset_validation() + public function reset_validation() { $this->_field_data = array(); $this->_config_rules = array(); diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index e96076164..21675bd16 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -84,6 +84,7 @@ Release Date: Not Released - Added $config['csrf_regeneration'] to the CSRF protection in the :doc:`Security library `, which makes token regeneration optional. - Added function error_array() to return all error messages as an array in the Form_validation class. - Added function set_data() to Form_validation library, which can be used in place of the default $_POST array. + - Added function reset_validation() to form validation library, which resets internal validation variables in case of multiple validation routines. - Changed the Session library to select only one row when using database sessions. - Core diff --git a/user_guide_src/source/libraries/form_validation.rst b/user_guide_src/source/libraries/form_validation.rst index 0d6a49e79..5aa64d032 100644 --- a/user_guide_src/source/libraries/form_validation.rst +++ b/user_guide_src/source/libraries/form_validation.rst @@ -597,6 +597,9 @@ In this case, you can specify the array to be validated:: Creating validation rules, running the validation and retrieving error messages works the same whether you are validating $_POST data or an array. +**Important Note:** If you want to validate more than one array during a single execution, then you should +call the reset_validation() function before setting up rules and validating the new array. + For more info please see the :ref:`function-reference` section below. -.. _saving-groups: @@ -966,6 +969,14 @@ $this->form_validation->set_data(); Permits you to set an array for validation, instead of using the default $_POST array. +$this->form_validation->reset_validation(); +======================================== + + .. php:method:: reset_validation () + + Permits you to reset the validation when you validate more than one array. + This function should be called before validating each new array. + $this->form_validation->error_array(); ======================================== -- cgit v1.2.3-24-g4f1b From cc5af53346397846f2035dc2bf6a2c2f9b0cd4ab Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 5 Mar 2012 14:02:15 +0200 Subject: Fix issue #1125 --- system/database/drivers/odbc/odbc_result.php | 36 +++++++++++++++++++++++++++- 1 file changed, 35 insertions(+), 1 deletion(-) diff --git a/system/database/drivers/odbc/odbc_result.php b/system/database/drivers/odbc/odbc_result.php index 572e110ca..2d5b50a8d 100644 --- a/system/database/drivers/odbc/odbc_result.php +++ b/system/database/drivers/odbc/odbc_result.php @@ -245,8 +245,42 @@ class CI_DB_odbc_result extends CI_DB_result { return $rs_assoc; } -} + // -------------------------------------------------------------------- + + /** + * Query result. Array version. + * + * @return array + */ + public function result_array() + { + if (count($this->result_array) > 0) + { + return $this->result_array; + } + elseif (($c = count($this->result_object)) > 0) + { + for ($i = 0; $i < $c; $i++) + { + $this->result_array[$i] = (array) $this->result_object[$i]; + } + } + elseif ($this->result_id === FALSE) + { + return array(); + } + else + { + while ($row = $this->_fetch_assoc()) + { + $this->result_array[] = $row; + } + } + return $this->result_array; + } + +} /* End of file odbc_result.php */ /* Location: ./system/database/drivers/odbc/odbc_result.php */ -- cgit v1.2.3-24-g4f1b From 8af76666474c42b45518c08bec16b4f8d700dd3c Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 5 Mar 2012 14:33:41 +0200 Subject: Partially fix issue #306 --- system/database/drivers/odbc/odbc_driver.php | 7 +++---- user_guide_src/source/changelog.rst | 1 + 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/system/database/drivers/odbc/odbc_driver.php b/system/database/drivers/odbc/odbc_driver.php index 779b0c62f..a6e08cf2f 100644 --- a/system/database/drivers/odbc/odbc_driver.php +++ b/system/database/drivers/odbc/odbc_driver.php @@ -287,12 +287,11 @@ class CI_DB_odbc_driver extends CI_DB { /** * Insert ID * - * @access public - * @return integer + * @return bool */ - function insert_id() + public function insert_id() { - return @odbc_insert_id($this->conn_id); + return ($this->db->db_debug) ? $this->db->display_error('db_unsuported_feature') : FALSE; } // -------------------------------------------------------------------- diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index 81be64b4d..0de85a46b 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -137,6 +137,7 @@ Bug fixes for 3.0 - Fixed a bug in Oracle's :doc:`Database Forge Class ` method _create_table() where it failed with AUTO_INCREMENT as it's not supported. - Fixed a bug (#1080) - When using the SMTP protocol, the :doc:`Email Library ` send() method was returning TRUE even if the connection/authentication against the server failed. - Fixed a bug (#499) - a CSRF cookie was created even with CSRF protection being disabled. +- Fixed a bug (#306) - ODBC's insert_id() method was calling non-existent function odbc_insert_id(), which resulted in a fatal error. Version 2.1.1 ============= -- cgit v1.2.3-24-g4f1b From 57bdeb61bf199d1ae3ceaede4e9a9af8290ce715 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 5 Mar 2012 15:59:16 +0200 Subject: Removed oci8-specific stuff from DB_driver.php and added a constructor to DB_result to handle initialization --- system/database/DB_driver.php | 22 ++-------------------- system/database/DB_result.php | 6 ++++++ system/database/drivers/oci8/oci8_result.php | 15 ++++++++++++--- user_guide_src/source/changelog.rst | 2 ++ 4 files changed, 22 insertions(+), 23 deletions(-) diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php index e403efb9f..a61450d4c 100644 --- a/system/database/DB_driver.php +++ b/system/database/DB_driver.php @@ -77,12 +77,6 @@ class CI_DB_driver { var $_protect_identifiers = TRUE; var $_reserved_identifiers = array('*'); // Identifiers that should NOT be escaped - // These are use with Oracle - var $stmt_id; - var $curs_id; - var $limit_used; - - /** * Constructor. Accepts one parameter containing the database * connection settings. @@ -396,21 +390,9 @@ class CI_DB_driver { } // Load and instantiate the result driver + $driver = $this->load_rdriver(); + $RES = new $driver($this); - $driver = $this->load_rdriver(); - $RES = new $driver(); - $RES->conn_id = $this->conn_id; - $RES->result_id = $this->result_id; - - if ($this->dbdriver == 'oci8') - { - $RES->stmt_id = $this->stmt_id; - $RES->curs_id = NULL; - $RES->limit_used = $this->limit_used; - $this->stmt_id = FALSE; - } - - // oci8 vars must be set before calling this $RES->num_rows = $RES->num_rows(); // Is query caching enabled? If so, we'll serialize the diff --git a/system/database/DB_result.php b/system/database/DB_result.php index 730443222..61aa56121 100644 --- a/system/database/DB_result.php +++ b/system/database/DB_result.php @@ -47,6 +47,12 @@ class CI_DB_result { public $num_rows = 0; public $row_data = NULL; + public function __construct(&$driver_object) + { + $this->conn_id = $driver_object->conn_id; + $this->result_id = $driver_object->result_id; + } + /** * Query result. Acts as a wrapper function for the following functions. * diff --git a/system/database/drivers/oci8/oci8_result.php b/system/database/drivers/oci8/oci8_result.php index 0f69fa9ef..383b9f1a0 100644 --- a/system/database/drivers/oci8/oci8_result.php +++ b/system/database/drivers/oci8/oci8_result.php @@ -38,9 +38,18 @@ */ class CI_DB_oci8_result extends CI_DB_result { - var $stmt_id; - var $curs_id; - var $limit_used; + public $stmt_id; + public $curs_id; + public $limit_used; + + public function __construct(&$driver_object) + { + parent::__construct($driver_object); + $this->stmt_id = $driver_object->stmt_id; + $this->curs_id = $driver_object->curs_id; + $this->limit_used = $driver_object->limit_used; + $driver_object->stmt_id = FALSE; + } /** * Number of rows in the result set. diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index 0de85a46b..533746065 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -62,6 +62,7 @@ Release Date: Not Released - pg_version() is now used to get the database version number, when possible. - Added db_set_charset() support. - Added _optimize_table() support for the :doc:`Database Utility Class ` (rebuilds table indexes). + - Added a constructor to the DB_result class and moved all driver-specific properties and logic out of the base DB_driver class to allow better abstraction. - Libraries @@ -138,6 +139,7 @@ Bug fixes for 3.0 - Fixed a bug (#1080) - When using the SMTP protocol, the :doc:`Email Library ` send() method was returning TRUE even if the connection/authentication against the server failed. - Fixed a bug (#499) - a CSRF cookie was created even with CSRF protection being disabled. - Fixed a bug (#306) - ODBC's insert_id() method was calling non-existent function odbc_insert_id(), which resulted in a fatal error. +- Fixed a bug in Oracle's DB_result class where the cursor id passed to it was always NULL. Version 2.1.1 ============= -- cgit v1.2.3-24-g4f1b From fdb75418c9c4b87e9d7f15f1b59fe8d55739c8f3 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 5 Mar 2012 16:32:17 +0200 Subject: Add a note to the num_rows() documentation --- user_guide_src/source/database/results.rst | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/user_guide_src/source/database/results.rst b/user_guide_src/source/database/results.rst index 4f93c794d..90d2efce3 100644 --- a/user_guide_src/source/database/results.rst +++ b/user_guide_src/source/database/results.rst @@ -150,6 +150,12 @@ is the variable that the query result object is assigned to:: echo $query->num_rows(); +..note:: + Not all database drivers have a native way of getting the total + number of rows for a result set. When this is the case, all of + the data is prefetched and count() is manually called on the + resulting array in order to achieve the same functionality. + $query->num_fields() ===================== @@ -182,5 +188,4 @@ Example:: $row = $query2->row(); echo $row->name; - $query2->free_result();// The $query2 result object will no longer be available - + $query2->free_result(); // The $query2 result object will no longer be available -- cgit v1.2.3-24-g4f1b From 69bb408cefe7ae496353f0d81692699f6ef83353 Mon Sep 17 00:00:00 2001 From: Timothy Warren Date: Mon, 5 Mar 2012 12:49:55 -0500 Subject: Fixed note in documentation --- user_guide_src/source/database/results.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/user_guide_src/source/database/results.rst b/user_guide_src/source/database/results.rst index 90d2efce3..865345762 100644 --- a/user_guide_src/source/database/results.rst +++ b/user_guide_src/source/database/results.rst @@ -150,7 +150,7 @@ is the variable that the query result object is assigned to:: echo $query->num_rows(); -..note:: +.. note:: Not all database drivers have a native way of getting the total number of rows for a result set. When this is the case, all of the data is prefetched and count() is manually called on the -- cgit v1.2.3-24-g4f1b From d3c1ccf1fa5f4a38cfc9b8f5e3eba8bb23c83cdd Mon Sep 17 00:00:00 2001 From: Hamza Bhatti Date: Mon, 5 Mar 2012 22:58:56 +0400 Subject: Fix issue #64 Modify regular expression to be able to handle SQL bracket delimiters for column names that contain special characters or SQL keywords. Signed-off-by: Hamza Bhatti --- system/database/DB_active_rec.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/system/database/DB_active_rec.php b/system/database/DB_active_rec.php index eaae23f30..f648e5591 100644 --- a/system/database/DB_active_rec.php +++ b/system/database/DB_active_rec.php @@ -341,7 +341,7 @@ class CI_DB_active_record extends CI_DB_driver { $this->_track_aliases($table); // Strip apart the condition and protect the identifiers - if (preg_match('/([\w\.]+)([\W\s]+)(.+)/', $cond, $match)) + if (preg_match('/([\[\w\.]+)([\W\s]+)(.+)/', $cond, $match)) { $cond = $this->_protect_identifiers($match[1]).$match[2].$this->_protect_identifiers($match[3]); } -- cgit v1.2.3-24-g4f1b From 2eee0aaacc1b4aff6e1137954dfe1a09c491cdb6 Mon Sep 17 00:00:00 2001 From: Hamza Bhatti Date: Mon, 5 Mar 2012 23:23:31 +0400 Subject: Add changelog entry (bug fix for issue #64) Signed-off-by: Hamza Bhatti --- user_guide_src/source/changelog.rst | 1 + 1 file changed, 1 insertion(+) diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index 533746065..2f525b10a 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -158,6 +158,7 @@ Release Date: Not Released Bug fixes for 2.1.1 ------------------- +- Fixed a bug (#64) - Regular expression in DB_active_rec.php failed to handle queries containing SQL bracket delimiters in the join condition. - Fixed a bug (#697) - A wrong array key was used in the Upload library to check for mime-types. - Fixed a bug - form_open() compared $action against site_url() instead of base_url(). - Fixed a bug - CI_Upload::_file_mime_type() could've failed if mime_content_type() is used for the detection and returns FALSE. -- cgit v1.2.3-24-g4f1b From 567474528e0c1a4e305dbe8787b83e526b46eb02 Mon Sep 17 00:00:00 2001 From: Phil Sturgeon Date: Mon, 5 Mar 2012 19:38:08 +0000 Subject: Moved change log entry from 2.1.1 to 3.0. --- user_guide_src/source/changelog.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index 2f525b10a..683dd5516 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -140,6 +140,7 @@ Bug fixes for 3.0 - Fixed a bug (#499) - a CSRF cookie was created even with CSRF protection being disabled. - Fixed a bug (#306) - ODBC's insert_id() method was calling non-existent function odbc_insert_id(), which resulted in a fatal error. - Fixed a bug in Oracle's DB_result class where the cursor id passed to it was always NULL. +- Fixed a bug (#64) - Regular expression in DB_active_rec.php failed to handle queries containing SQL bracket delimiters in the join condition. Version 2.1.1 ============= @@ -158,7 +159,6 @@ Release Date: Not Released Bug fixes for 2.1.1 ------------------- -- Fixed a bug (#64) - Regular expression in DB_active_rec.php failed to handle queries containing SQL bracket delimiters in the join condition. - Fixed a bug (#697) - A wrong array key was used in the Upload library to check for mime-types. - Fixed a bug - form_open() compared $action against site_url() instead of base_url(). - Fixed a bug - CI_Upload::_file_mime_type() could've failed if mime_content_type() is used for the detection and returns FALSE. -- cgit v1.2.3-24-g4f1b From dc8dc745557c2f256abad50d32f5aae85e996b1e Mon Sep 17 00:00:00 2001 From: SammyK Date: Mon, 5 Mar 2012 16:38:29 -0600 Subject: Fixed bug for PostgreSQL driver where setting a limit() on update() or delete() would throw a syntax error from Postgres. --- system/database/drivers/postgre/postgre_driver.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/system/database/drivers/postgre/postgre_driver.php b/system/database/drivers/postgre/postgre_driver.php index df0f50da5..3fdcfa79e 100644 --- a/system/database/drivers/postgre/postgre_driver.php +++ b/system/database/drivers/postgre/postgre_driver.php @@ -587,7 +587,7 @@ class CI_DB_postgre_driver extends CI_DB { $valstr[] = $key." = ".$val; } - $limit = ( ! $limit) ? '' : ' LIMIT '.$limit; + $limit = ''; $orderby = (count($orderby) >= 1)?' ORDER BY '.implode(", ", $orderby):''; @@ -647,7 +647,7 @@ class CI_DB_postgre_driver extends CI_DB { $conditions .= implode("\n", $like); } - $limit = ( ! $limit) ? '' : ' LIMIT '.$limit; + $limit = ''; return "DELETE FROM ".$table.$conditions.$limit; } -- cgit v1.2.3-24-g4f1b From 1bf8eebec1d2eb71f4553c9ec8ae82402b869887 Mon Sep 17 00:00:00 2001 From: SammyK Date: Mon, 5 Mar 2012 16:56:06 -0600 Subject: Removed order_by() from PostgreSQL driver too. --- system/database/drivers/postgre/postgre_driver.php | 10 +--------- 1 file changed, 1 insertion(+), 9 deletions(-) diff --git a/system/database/drivers/postgre/postgre_driver.php b/system/database/drivers/postgre/postgre_driver.php index 3fdcfa79e..5b248e9bc 100644 --- a/system/database/drivers/postgre/postgre_driver.php +++ b/system/database/drivers/postgre/postgre_driver.php @@ -587,16 +587,10 @@ class CI_DB_postgre_driver extends CI_DB { $valstr[] = $key." = ".$val; } - $limit = ''; - - $orderby = (count($orderby) >= 1)?' ORDER BY '.implode(", ", $orderby):''; - $sql = "UPDATE ".$table." SET ".implode(', ', $valstr); $sql .= ($where != '' AND count($where) >=1) ? " WHERE ".implode(" ", $where) : ''; - $sql .= $orderby.$limit; - return $sql; } @@ -647,9 +641,7 @@ class CI_DB_postgre_driver extends CI_DB { $conditions .= implode("\n", $like); } - $limit = ''; - - return "DELETE FROM ".$table.$conditions.$limit; + return "DELETE FROM ".$table.$conditions; } // -------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From 92d68cc37dd8644563bfcc7199fec29e89ecc1ba Mon Sep 17 00:00:00 2001 From: SammyK Date: Mon, 5 Mar 2012 17:27:56 -0600 Subject: Updated changelog --- user_guide_src/source/changelog.rst | 1 + 1 file changed, 1 insertion(+) diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index 683dd5516..e376497c9 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -63,6 +63,7 @@ Release Date: Not Released - Added db_set_charset() support. - Added _optimize_table() support for the :doc:`Database Utility Class ` (rebuilds table indexes). - Added a constructor to the DB_result class and moved all driver-specific properties and logic out of the base DB_driver class to allow better abstraction. + - Removed limit() and order_by() support for UPDATE and DELETE queries in PostgreSQL driver. Postgres does not support those features. - Libraries -- cgit v1.2.3-24-g4f1b From 9c68c3173c84041b1ee77929e540a4a4382edeee Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 6 Mar 2012 10:34:58 +0200 Subject: Fix issue #1125 ... for real --- system/database/drivers/odbc/odbc_result.php | 35 ++++++++++++++++++++++++++++ 1 file changed, 35 insertions(+) diff --git a/system/database/drivers/odbc/odbc_result.php b/system/database/drivers/odbc/odbc_result.php index 2d5b50a8d..de2c58cb9 100644 --- a/system/database/drivers/odbc/odbc_result.php +++ b/system/database/drivers/odbc/odbc_result.php @@ -280,6 +280,41 @@ class CI_DB_odbc_result extends CI_DB_result { return $this->result_array; } + // -------------------------------------------------------------------- + + /** + * Query result. Object version. + * + * @return array + */ + public function result_object() + { + if (count($this->result_object) > 0) + { + return $this->result_object; + } + elseif (($c = count($this->result_array)) > 0) + { + for ($i = 0; $i < $c; $i++) + { + $this->result_object[$i] = (object) $this->result_array[$i]; + } + } + elseif ($this->result_id === FALSE) + { + return array(); + } + else + { + while ($row = $this->_fetch_object()) + { + $this->result_object[] = $row; + } + } + + return $this->result_object; + } + } /* End of file odbc_result.php */ -- cgit v1.2.3-24-g4f1b From 6b83123dce4a78e06f6eedc7cb1b2bb78d2294f0 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 6 Mar 2012 11:16:57 +0200 Subject: Fixed a bug in CI_Session::_unserialize() --- system/libraries/Session.php | 10 ++++++---- user_guide_src/source/changelog.rst | 1 + 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/system/libraries/Session.php b/system/libraries/Session.php index dd50a91e1..104b88810 100644 --- a/system/libraries/Session.php +++ b/system/libraries/Session.php @@ -454,7 +454,7 @@ class CI_Session { */ public function userdata($item) { - return ( ! isset($this->userdata[$item])) ? FALSE : $this->userdata[$item]; + return isset($this->userdata[$item]) ? $this->userdata[$item] : FALSE; } // -------------------------------------------------------------------- @@ -729,7 +729,7 @@ class CI_Session { */ protected function _unserialize($data) { - $data = @unserialize(strip_slashes($data)); + $data = @unserialize(strip_slashes(trim($data))); if (is_array($data)) { @@ -737,9 +737,11 @@ class CI_Session { return $data; } - return (is_string($data)) ? str_replace('{{slash}}', '\\', $data) : $data; + return is_string($data) ? str_replace('{{slash}}', '\\', $data) : $data; } + // -------------------------------------------------------------------- + /** * Unescape slashes * @@ -779,7 +781,7 @@ class CI_Session { { $expire = $this->now - $this->sess_expiration; - $this->CI->db->where("last_activity < {$expire}"); + $this->CI->db->where('last_activity < '.$expire); $this->CI->db->delete($this->sess_table_name); log_message('debug', 'Session garbage collection performed.'); diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index e376497c9..663e204e1 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -142,6 +142,7 @@ Bug fixes for 3.0 - Fixed a bug (#306) - ODBC's insert_id() method was calling non-existent function odbc_insert_id(), which resulted in a fatal error. - Fixed a bug in Oracle's DB_result class where the cursor id passed to it was always NULL. - Fixed a bug (#64) - Regular expression in DB_active_rec.php failed to handle queries containing SQL bracket delimiters in the join condition. +- Fixed a bug in the :doc:`Session Library ` where a PHP E_NOTICE error was triggered by _unserialize() due to results from databases such as MSSQL and Oracle being space-padded on the right. Version 2.1.1 ============= -- cgit v1.2.3-24-g4f1b From 883f80f7ed758f384847af3db0082f9fb6e525ee Mon Sep 17 00:00:00 2001 From: JonoB Date: Mon, 5 Mar 2012 09:51:27 +0000 Subject: Removed reset_validation() method from run() method --- system/libraries/Form_validation.php | 9 +++++---- user_guide_src/source/changelog.rst | 1 + user_guide_src/source/libraries/form_validation.rst | 11 +++++++++++ 3 files changed, 17 insertions(+), 4 deletions(-) diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php index eb6031697..cdb3d3d62 100644 --- a/system/libraries/Form_validation.php +++ b/system/libraries/Form_validation.php @@ -165,6 +165,10 @@ class CI_Form_validation { * * If an array is set through this method, then this array will * be used instead of the $_POST array + * + * Note that if you are validating multiple arrays, then the + * reset_validation() function should be called after validating + * each array due to the limitations of CI's singleton * * @param array $data * @return void @@ -324,9 +328,6 @@ class CI_Form_validation { return FALSE; } - // Clear any previous validation data - $this->_reset_validation(); - // Does the _field_data array containing the validation rules exist? // If not, we look to see if they were assigned via a config file if (count($this->_field_data) === 0) @@ -1352,7 +1353,7 @@ class CI_Form_validation { * * @return void */ - protected function _reset_validation() + public function reset_validation() { $this->_field_data = array(); $this->_config_rules = array(); diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index 683dd5516..6c8344248 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -85,6 +85,7 @@ Release Date: Not Released - Added $config['csrf_regeneration'] to the CSRF protection in the :doc:`Security library `, which makes token regeneration optional. - Added function error_array() to return all error messages as an array in the Form_validation class. - Added function set_data() to Form_validation library, which can be used in place of the default $_POST array. + - Added function reset_validation() to form validation library, which resets internal validation variables in case of multiple validation routines. - Changed the Session library to select only one row when using database sessions. - Core diff --git a/user_guide_src/source/libraries/form_validation.rst b/user_guide_src/source/libraries/form_validation.rst index 0d6a49e79..5aa64d032 100644 --- a/user_guide_src/source/libraries/form_validation.rst +++ b/user_guide_src/source/libraries/form_validation.rst @@ -597,6 +597,9 @@ In this case, you can specify the array to be validated:: Creating validation rules, running the validation and retrieving error messages works the same whether you are validating $_POST data or an array. +**Important Note:** If you want to validate more than one array during a single execution, then you should +call the reset_validation() function before setting up rules and validating the new array. + For more info please see the :ref:`function-reference` section below. -.. _saving-groups: @@ -966,6 +969,14 @@ $this->form_validation->set_data(); Permits you to set an array for validation, instead of using the default $_POST array. +$this->form_validation->reset_validation(); +======================================== + + .. php:method:: reset_validation () + + Permits you to reset the validation when you validate more than one array. + This function should be called before validating each new array. + $this->form_validation->error_array(); ======================================== -- cgit v1.2.3-24-g4f1b From f5e8e1c61e4ed82db42d82d01c4e52b767effa78 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 6 Mar 2012 13:11:27 +0200 Subject: Changed rewrite_short_tags to have no effect on PHP 5.4 --- system/core/Loader.php | 2 +- user_guide_src/source/changelog.rst | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/system/core/Loader.php b/system/core/Loader.php index 12daaa928..20cf7ef33 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -833,7 +833,7 @@ class CI_Loader { // If the PHP installation does not support short tags we'll // do a little string replacement, changing the short tags // to standard PHP echo statements. - if ((bool) @ini_get('short_open_tag') === FALSE AND config_item('rewrite_short_tags') == TRUE) + if ( ! is_php('5.4') && (bool) @ini_get('short_open_tag') === FALSE && config_item('rewrite_short_tags') == TRUE) { echo eval('?>'.preg_replace('/;*\s*\?>/', '; ?>', str_replace('load->vars(). - is_loaded() function from system/core/Commons.php now returns a reference. + - $config['rewrite_short_tags'] now has no effect when using PHP 5.4 as *