From f9fbf1187516363a48fe2fe7bc33d00ae11f134f Mon Sep 17 00:00:00 2001 From: Ignasimg Date: Fri, 6 Feb 2015 09:21:07 +0100 Subject: Update Input.php Added support for json input stream. (Not tested) --- system/core/Input.php | 55 ++++++++++++++++++++++++++++++++++++++++++--------- 1 file changed, 46 insertions(+), 9 deletions(-) diff --git a/system/core/Input.php b/system/core/Input.php index 72425c1c1..3024fca78 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -103,6 +103,14 @@ class CI_Input { */ protected $headers = array(); + /** + * Raw input stream data + * + * @see CI_Input::input_stream() + * @var array + */ + protected $_raw_input_stream = NULL; + /** * Input stream data * @@ -111,7 +119,7 @@ class CI_Input { * @see CI_Input::input_stream() * @var array */ - protected $_input_stream = NULL; + protected $_input_stream = NULL; // Kept for backward compatible. /** * Class constructor @@ -298,6 +306,25 @@ class CI_Input { // ------------------------------------------------------------------------ + /** + * Fetch raw data from php://input stream + * + * Useful when data is not an array and might contain = and & symbols. + */ + public function raw_input_stream() + { + // Prior to PHP 5.6, the input stream can only be read once, + // so we'll need to check if we have already done that first. + if (is_null($this->_raw_input_stream)) + { + $this->_raw_input_stream = file_get_contents('php://input'); + } + + return $this->_raw_input_stream; + } + + // ------------------------------------------------------------------------ + /** * Fetch an item from the php://input stream * @@ -309,16 +336,26 @@ class CI_Input { */ public function input_stream($index = NULL, $xss_clean = NULL) { - // Prior to PHP 5.6, the input stream can only be read once, - // so we'll need to check if we have already done that first. - if ( ! is_array($this->_input_stream)) - { - parse_str(file_get_contents('php://input'), $this->_input_stream); - is_array($this->_input_stream) OR $this->_input_stream = array(); - } - + parse_str($this->raw_input_stream(), $this->_input_stream); return $this->_fetch_from_array($this->_input_stream, $index, $xss_clean); } + + // ------------------------------------------------------------------------ + + /** + * Fetch an item from the php://input stream + * + * Useful when you need to access input that's been send as raw json data' + * + * @param string $index Index for item to be fetched + * @param bool $xss_clean Whether to apply XSS filtering + * @return mixed + */ + public function json_input_stream($index = NULL, $xss_clean = NULL) + { + $json_input_stream = json_decode($this->raw_input_stream(), true); + return $this->_fetch_from_array($json_input_stream, $index, $xss_clean); + } // ------------------------------------------------------------------------ -- cgit v1.2.3-24-g4f1b From 8bd46fa3229814c6ffa629f2e764b3ff302c6fff Mon Sep 17 00:00:00 2001 From: kakysha Date: Mon, 9 Feb 2015 14:28:57 +0300 Subject: no more xss filtering on input --- user_guide_src/source/libraries/security.rst | 3 --- 1 file changed, 3 deletions(-) diff --git a/user_guide_src/source/libraries/security.rst b/user_guide_src/source/libraries/security.rst index 27e6e561b..ac56fc589 100644 --- a/user_guide_src/source/libraries/security.rst +++ b/user_guide_src/source/libraries/security.rst @@ -41,9 +41,6 @@ application/config/config.php file and setting this:: $config['global_xss_filtering'] = TRUE; -.. note:: If you use the form validation class, it gives you the option of - XSS filtering as well. - An optional second parameter, *is_image*, allows this function to be used to test images for potential XSS attacks, useful for file upload security. When this second parameter is set to TRUE, instead of -- cgit v1.2.3-24-g4f1b From 074a214ee829e2169058b7f07efdd44edcc3fc4f Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 9 Feb 2015 14:03:14 +0200 Subject: Fix #3579 --- system/core/Security.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/system/core/Security.php b/system/core/Security.php index 7c18c7406..ccb141260 100644 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -639,7 +639,7 @@ class CI_Security { $str_compare = $str; // Decode standard entities, avoiding false positives - if ($c = preg_match_all('/&[a-z]{2,}(?![a-z;])/i', $str, $matches)) + if (preg_match_all('/&[a-z]{2,}(?![a-z;])/i', $str, $matches)) { if ( ! isset($_entities)) { @@ -664,7 +664,7 @@ class CI_Security { $replace = array(); $matches = array_unique(array_map('strtolower', $matches[0])); - for ($i = 0; $i < $c; $i++) + for ($i = 0, $c = count($matches); $i < $c; $i++) { if (($char = array_search($matches[$i].';', $_entities, TRUE)) !== FALSE) { -- cgit v1.2.3-24-g4f1b From 8f0a8d601d822cfb5bf69aea0e1bc65439a64d79 Mon Sep 17 00:00:00 2001 From: Adrian Voicu Date: Mon, 9 Feb 2015 17:34:02 +0200 Subject: some missed explanation on set_value() ...sorry about that... --- user_guide_src/source/helpers/form_helper.rst | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/user_guide_src/source/helpers/form_helper.rst b/user_guide_src/source/helpers/form_helper.rst index 4706ee706..af266ff5a 100644 --- a/user_guide_src/source/helpers/form_helper.rst +++ b/user_guide_src/source/helpers/form_helper.rst @@ -571,10 +571,11 @@ The following functions are available: // Would produce: -.. php:function:: set_value($field[, $default = '']) +.. php:function:: set_value($field[, $default = ''[,$html_escape = TRUE]]) :param string $field: Field name :param string $default: Default value + :param bool $html_escape: Whether to turn off HTML escaping of the value :returns: Field value :rtype: string -- cgit v1.2.3-24-g4f1b From 6732fae6a8e6a18ca840f708ee8a8f14c45b6b01 Mon Sep 17 00:00:00 2001 From: Adrian Voicu Date: Mon, 9 Feb 2015 19:48:23 +0200 Subject: Update form_helper.rst --- user_guide_src/source/helpers/form_helper.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/user_guide_src/source/helpers/form_helper.rst b/user_guide_src/source/helpers/form_helper.rst index af266ff5a..9ddca89bc 100644 --- a/user_guide_src/source/helpers/form_helper.rst +++ b/user_guide_src/source/helpers/form_helper.rst @@ -571,7 +571,7 @@ The following functions are available: // Would produce: -.. php:function:: set_value($field[, $default = ''[,$html_escape = TRUE]]) +.. php:function:: set_value($field[, $default = ''[, $html_escape = TRUE]]) :param string $field: Field name :param string $default: Default value -- cgit v1.2.3-24-g4f1b From f1fde17a638154e285b8daba10c5a9301396033e Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 10 Feb 2015 12:50:35 +0200 Subject: [ci skip] Add a upgrade notes about default_controller, 404_override --- user_guide_src/source/installation/upgrade_300.rst | 63 +++++++++++++++++----- 1 file changed, 50 insertions(+), 13 deletions(-) diff --git a/user_guide_src/source/installation/upgrade_300.rst b/user_guide_src/source/installation/upgrade_300.rst index 8983f3d18..73ed0f4c3 100644 --- a/user_guide_src/source/installation/upgrade_300.rst +++ b/user_guide_src/source/installation/upgrade_300.rst @@ -212,26 +212,63 @@ is suitable for the command line. This of course requires another level of separ It is safe to move your old templates from _application/errors* to _application/views/errors/html*, but you'll have to copy the new _application/views/errors/cli* directory from the CodeIgniter archive. -******************************************************* -Step 9: Update your config/routes.php containing (:any) -******************************************************* +****************************************** +Step 9: Update your config/routes.php file +****************************************** -Historically, CodeIgniter has always provided the **:any** wildcard in routing, -with the intention of providing a way to match any character **within** an URI segment. +Routes containing :any +====================== + +Historically, CodeIgniter has always provided the **:any** wildcard in +routing, with the intention of providing a way to match any character +**within** an URI segment. + +However, the **:any** wildcard is actually just an alias for a regular +expression and used to be executed in that manner as **.+**. This is +considered a bug, as it also matches the / (forward slash) character, which +is the URI segment delimiter and that was never the intention. -However, the **:any** wildcard is actually just an alias for a regular expression -and used to be executed in that manner as **.+**. This is considered a bug, as it -also matches the / (forward slash) character, which is the URI segment delimiter -and that was never the intention. In CodeIgniter 3, the **:any** wildcard will now -represent **[^/]+**, so that it will not match a forward slash. +In CodeIgniter 3, the **:any** wildcard will now represent **[^/]+**, so +that it will not match a forward slash. -There are certainly many developers that have utilized this bug as an actual feature. -If you're one of them and want to match a forward slash, please use the **.+** -regular expression:: +There are certainly many developers that have utilized this bug as an actual +feature. If you're one of them and want to match a forward slash, please use +the **.+** regular expression:: (.+) // matches ANYTHING (:any) // matches any character, except for '/' +Directories and 'default_controller', '404_override' +==================================================== + +As you should know, the ``$route['default_controller']`` and +``$route['404_override']`` settings accept not only a controller name, but +also *controller/method* pairs. However, a bug in the routing logic has +made it possible for some users to use that as *directory/controller* +instead. + +As already said, this behavior was incidental and was never intended, nor +documented. If you've relied on it, your application will break with +CodeIgniter 3.0. + +Another notable change in version 3 is that 'default_controller' and +'404_override' are now applied *per directory*. To explain what this means, +let's take the following example:: + + $route['default_controller'] = 'main'; + +Now, assuming that your website is located at *example.com*, you already +know that if a user visits ``http://example.com/``, the above setting will +cause your 'Main' controller to be loaded. + +However, what happens if you have an *application/controllers/admin/* +directory and the user visits ``http://example.com/admin/``? +In CodeIgniter 3, the router will look for a 'Main' controller under the +admin/ directory as well. If not found, it will fallback to the parent +(*application/controllers/*) directory, like in version 2.x. + +The same rule applies to the '404_override' setting. + ************************************************************************* Step 10: Many functions now return NULL instead of FALSE on missing items ************************************************************************* -- cgit v1.2.3-24-g4f1b From 00025885b8042114c3b1859855656a94316b4e57 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 11 Feb 2015 16:23:46 +0200 Subject: Fix undefined variable notice in Session redis, memcached drivers --- system/libraries/Session/drivers/Session_memcached_driver.php | 2 +- system/libraries/Session/drivers/Session_redis_driver.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/system/libraries/Session/drivers/Session_memcached_driver.php b/system/libraries/Session/drivers/Session_memcached_driver.php index 600b8ca66..f1a6e2400 100644 --- a/system/libraries/Session/drivers/Session_memcached_driver.php +++ b/system/libraries/Session/drivers/Session_memcached_driver.php @@ -361,7 +361,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa { if ( ! $this->_memcached->delete($this->_lock_key) && $this->_memcached->getResultCode() !== Memcached::RES_NOTFOUND) { - log_message('error', 'Session: Error while trying to free lock for '.$this->_key_prefix.$session_id); + log_message('error', 'Session: Error while trying to free lock for '.$this->_lock_key); return FALSE; } diff --git a/system/libraries/Session/drivers/Session_redis_driver.php b/system/libraries/Session/drivers/Session_redis_driver.php index c3c75b3b6..1cc4d75d7 100644 --- a/system/libraries/Session/drivers/Session_redis_driver.php +++ b/system/libraries/Session/drivers/Session_redis_driver.php @@ -381,7 +381,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle { if ( ! $this->_redis->delete($this->_lock_key)) { - log_message('error', 'Session: Error while trying to free lock for '.$this->_key_prefix.$session_id); + log_message('error', 'Session: Error while trying to free lock for '.$this->_lock_key); return FALSE; } -- cgit v1.2.3-24-g4f1b From e263efa0631bde3e00427554571e243e3546fc22 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 12 Feb 2015 15:32:29 +0200 Subject: [ci skip] Correct db config docs about 'autoinit' --- user_guide_src/source/database/configuration.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/user_guide_src/source/database/configuration.rst b/user_guide_src/source/database/configuration.rst index 074725664..521eb6010 100644 --- a/user_guide_src/source/database/configuration.rst +++ b/user_guide_src/source/database/configuration.rst @@ -182,7 +182,7 @@ Explanation of Values: applications where you might run manually written queries, and need the prefix to still be customizable by the end user. **autoinit** Whether or not to automatically connect to the database when the library loads. If set to false, - the connection will take place prior to executing the first query. + you will have to manually connect via the ``$this->db->db_connect()`` method. **schema** The database schema, defaults to 'public'. Used by PostgreSQL and ODBC drivers. **encrypt** Whether or not to use an encrypted connection. **compress** Whether or not to use client compression (MySQL only). -- cgit v1.2.3-24-g4f1b From ed99086f04cb592d6ff44b3d40b5e0631cf3ddf5 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 13 Feb 2015 12:31:36 +0200 Subject: [ci skip] Fix a typo in the docs Close #3589 --- user_guide_src/source/tutorial/create_news_items.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/user_guide_src/source/tutorial/create_news_items.rst b/user_guide_src/source/tutorial/create_news_items.rst index 1f4a96dd3..461584723 100644 --- a/user_guide_src/source/tutorial/create_news_items.rst +++ b/user_guide_src/source/tutorial/create_news_items.rst @@ -88,7 +88,7 @@ Continuing down, you can see a condition that checks whether the form validation ran successfully. If it did not, the form is displayed, if it was submitted **and** passed all the rules, the model is called. After this, a view is loaded to display a success message. Create a view at -application/view/news/success.php and write a success message. +application/views/news/success.php and write a success message. Model ----- -- cgit v1.2.3-24-g4f1b From c02952d2e6ccf0ee227836683d33239c8ef4e2df Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 13 Feb 2015 13:04:38 +0200 Subject: Fix a typo in CI_Session --- system/libraries/Session/Session.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/system/libraries/Session/Session.php b/system/libraries/Session/Session.php index de9b1e829..f3b819af9 100644 --- a/system/libraries/Session/Session.php +++ b/system/libraries/Session/Session.php @@ -314,7 +314,7 @@ class CI_Session { $this->_config = $params; // Security is king - ini_set('session.use_trans_id', 0); + ini_set('session.use_trans_sid', 0); ini_set('session.use_strict_mode', 1); ini_set('session.use_cookies', 1); ini_set('session.use_only_cookies', 1); -- cgit v1.2.3-24-g4f1b From b7cea9cab71352516ec290b09495d456c8db3e64 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 14 Feb 2015 21:16:48 +0200 Subject: [ci skip] Add notes about session locks for Redis, Memcached --- user_guide_src/source/libraries/sessions.rst | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/user_guide_src/source/libraries/sessions.rst b/user_guide_src/source/libraries/sessions.rst index c8a1f1925..57c258519 100644 --- a/user_guide_src/source/libraries/sessions.rst +++ b/user_guide_src/source/libraries/sessions.rst @@ -630,6 +630,11 @@ also do the following, after creating the table:: Redis Driver ------------ +.. note:: Since Redis doesn't have a locking mechanism exposed, locks for + this driver are emulated by a separate value that is kept for up + to 5 seconds. You may experience issues if your page loads take + longer than that! + Redis is a storage engine typically used for caching and popular because of its high performance, which is also probably your reason to use the 'redis' session driver. @@ -663,6 +668,11 @@ sufficient:: Memcached Driver ---------------- +.. note:: Since Memcache doesn't have a locking mechanism exposed, locks + for this driver are emulated by a separate value that is kept for + up to 5 seconds. You may experience issues if your page loads take + longer than that! + The 'memcached' driver is very similar to the 'redis' one in all of its properties, except perhaps for availability, because PHP's `Memcached `_ extension is distributed via PECL and some -- cgit v1.2.3-24-g4f1b From dd35092476ec9525ba6f6352241847f040e65187 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sun, 15 Feb 2015 08:16:59 +0200 Subject: [ci skip] Fix a PHP7 BC break in a test that wouldn't even run --- tests/codeigniter/core/compat/password_test.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/codeigniter/core/compat/password_test.php b/tests/codeigniter/core/compat/password_test.php index c37c6ac0c..8a507d14a 100644 --- a/tests/codeigniter/core/compat/password_test.php +++ b/tests/codeigniter/core/compat/password_test.php @@ -132,7 +132,7 @@ class password_test extends CI_TestCase { $this->assertFalse(password_needs_rehash('$2y$10$MTIzNDU2Nzg5MDEyMzQ1Nej0NmcAWSLR.oP7XOR9HD/vjUuOj100y', PASSWORD_BCRYPT, array('cost' => 10, 'foo' => 3))); // invalid: different (lower) cost - $this->assertTrue(password_needs_rehash('$2y$10$MTIzNDU2Nzg5MDEyMzQ1Nej0NmcAWSLR.oP7XOR9HD/vjUuOj100y', PASSWORD_BCRYPT, array('cost' => 09))); + $this->assertTrue(password_needs_rehash('$2y$10$MTIzNDU2Nzg5MDEyMzQ1Nej0NmcAWSLR.oP7XOR9HD/vjUuOj100y', PASSWORD_BCRYPT, array('cost' => 9))); // invalid: different (higher) cost $this->assertTrue(password_needs_rehash('$2y$10$MTIzNDU2Nzg5MDEyMzQ1Nej0NmcAWSLR.oP7XOR9HD/vjUuOj100y', PASSWORD_BCRYPT, array('cost' => 11))); -- cgit v1.2.3-24-g4f1b From b68a811f1a09b8d6012b6782b36a988daf68a82e Mon Sep 17 00:00:00 2001 From: Tjoosten Date: Sun, 15 Feb 2015 22:44:24 +0100 Subject: add --- application/config/index.html | 3 ++- application/controllers/index.html | 3 ++- application/core/index.html | 3 ++- application/helpers/index.html | 3 ++- application/hooks/index.html | 3 ++- application/index.html | 3 ++- application/language/index.html | 3 ++- application/libraries/index.html | 3 ++- application/logs/index.html | 3 ++- application/models/index.html | 3 ++- application/third_party/index.html | 3 ++- application/views/index.html | 3 ++- system/core/compat/index.html | 3 ++- system/core/index.html | 3 ++- system/database/drivers/cubrid/index.html | 3 ++- system/database/drivers/ibase/index.html | 3 ++- system/database/drivers/mssql/index.html | 3 ++- system/database/drivers/mysql/index.html | 3 ++- system/database/drivers/mysqli/index.html | 3 ++- system/database/drivers/oci8/index.html | 3 ++- system/database/drivers/odbc/index.html | 3 ++- system/database/drivers/pdo/index.html | 3 ++- system/database/drivers/pdo/subdrivers/index.html | 3 ++- system/database/drivers/postgre/index.html | 3 ++- system/database/drivers/sqlite/index.html | 3 ++- system/database/drivers/sqlite3/index.html | 3 ++- system/database/drivers/sqlsrv/index.html | 3 ++- system/database/index.html | 3 ++- system/fonts/index.html | 3 ++- system/helpers/index.html | 3 ++- system/index.html | 3 ++- system/language/index.html | 3 ++- system/libraries/Cache/drivers/index.html | 3 ++- system/libraries/Cache/index.html | 3 ++- system/libraries/Javascript/index.html | 3 ++- system/libraries/Session/index.html | 3 ++- system/libraries/index.html | 3 ++- 37 files changed, 74 insertions(+), 37 deletions(-) diff --git a/application/config/index.html b/application/config/index.html index c942a79ce..b702fbc39 100644 --- a/application/config/index.html +++ b/application/config/index.html @@ -1,3 +1,4 @@ + 403 Forbidden @@ -7,4 +8,4 @@

Directory access is forbidden.

- \ No newline at end of file + diff --git a/application/controllers/index.html b/application/controllers/index.html index c942a79ce..b702fbc39 100644 --- a/application/controllers/index.html +++ b/application/controllers/index.html @@ -1,3 +1,4 @@ + 403 Forbidden @@ -7,4 +8,4 @@

Directory access is forbidden.

- \ No newline at end of file + diff --git a/application/core/index.html b/application/core/index.html index c942a79ce..b702fbc39 100644 --- a/application/core/index.html +++ b/application/core/index.html @@ -1,3 +1,4 @@ + 403 Forbidden @@ -7,4 +8,4 @@

Directory access is forbidden.

- \ No newline at end of file + diff --git a/application/helpers/index.html b/application/helpers/index.html index c942a79ce..b702fbc39 100644 --- a/application/helpers/index.html +++ b/application/helpers/index.html @@ -1,3 +1,4 @@ + 403 Forbidden @@ -7,4 +8,4 @@

Directory access is forbidden.

- \ No newline at end of file + diff --git a/application/hooks/index.html b/application/hooks/index.html index c942a79ce..b702fbc39 100644 --- a/application/hooks/index.html +++ b/application/hooks/index.html @@ -1,3 +1,4 @@ + 403 Forbidden @@ -7,4 +8,4 @@

Directory access is forbidden.

- \ No newline at end of file + diff --git a/application/index.html b/application/index.html index c942a79ce..b702fbc39 100644 --- a/application/index.html +++ b/application/index.html @@ -1,3 +1,4 @@ + 403 Forbidden @@ -7,4 +8,4 @@

Directory access is forbidden.

- \ No newline at end of file + diff --git a/application/language/index.html b/application/language/index.html index c942a79ce..b702fbc39 100644 --- a/application/language/index.html +++ b/application/language/index.html @@ -1,3 +1,4 @@ + 403 Forbidden @@ -7,4 +8,4 @@

Directory access is forbidden.

- \ No newline at end of file + diff --git a/application/libraries/index.html b/application/libraries/index.html index c942a79ce..b702fbc39 100644 --- a/application/libraries/index.html +++ b/application/libraries/index.html @@ -1,3 +1,4 @@ + 403 Forbidden @@ -7,4 +8,4 @@

Directory access is forbidden.

- \ No newline at end of file + diff --git a/application/logs/index.html b/application/logs/index.html index c942a79ce..b702fbc39 100644 --- a/application/logs/index.html +++ b/application/logs/index.html @@ -1,3 +1,4 @@ + 403 Forbidden @@ -7,4 +8,4 @@

Directory access is forbidden.

- \ No newline at end of file + diff --git a/application/models/index.html b/application/models/index.html index c942a79ce..b702fbc39 100644 --- a/application/models/index.html +++ b/application/models/index.html @@ -1,3 +1,4 @@ + 403 Forbidden @@ -7,4 +8,4 @@

Directory access is forbidden.

- \ No newline at end of file + diff --git a/application/third_party/index.html b/application/third_party/index.html index c942a79ce..b702fbc39 100644 --- a/application/third_party/index.html +++ b/application/third_party/index.html @@ -1,3 +1,4 @@ + 403 Forbidden @@ -7,4 +8,4 @@

Directory access is forbidden.

- \ No newline at end of file + diff --git a/application/views/index.html b/application/views/index.html index c942a79ce..b702fbc39 100644 --- a/application/views/index.html +++ b/application/views/index.html @@ -1,3 +1,4 @@ + 403 Forbidden @@ -7,4 +8,4 @@

Directory access is forbidden.

- \ No newline at end of file + diff --git a/system/core/compat/index.html b/system/core/compat/index.html index c942a79ce..b702fbc39 100644 --- a/system/core/compat/index.html +++ b/system/core/compat/index.html @@ -1,3 +1,4 @@ + 403 Forbidden @@ -7,4 +8,4 @@

Directory access is forbidden.

- \ No newline at end of file + diff --git a/system/core/index.html b/system/core/index.html index c942a79ce..b702fbc39 100644 --- a/system/core/index.html +++ b/system/core/index.html @@ -1,3 +1,4 @@ + 403 Forbidden @@ -7,4 +8,4 @@

Directory access is forbidden.

- \ No newline at end of file + diff --git a/system/database/drivers/cubrid/index.html b/system/database/drivers/cubrid/index.html index c942a79ce..b702fbc39 100644 --- a/system/database/drivers/cubrid/index.html +++ b/system/database/drivers/cubrid/index.html @@ -1,3 +1,4 @@ + 403 Forbidden @@ -7,4 +8,4 @@

Directory access is forbidden.

- \ No newline at end of file + diff --git a/system/database/drivers/ibase/index.html b/system/database/drivers/ibase/index.html index c942a79ce..b702fbc39 100644 --- a/system/database/drivers/ibase/index.html +++ b/system/database/drivers/ibase/index.html @@ -1,3 +1,4 @@ + 403 Forbidden @@ -7,4 +8,4 @@

Directory access is forbidden.

- \ No newline at end of file + diff --git a/system/database/drivers/mssql/index.html b/system/database/drivers/mssql/index.html index c942a79ce..b702fbc39 100644 --- a/system/database/drivers/mssql/index.html +++ b/system/database/drivers/mssql/index.html @@ -1,3 +1,4 @@ + 403 Forbidden @@ -7,4 +8,4 @@

Directory access is forbidden.

- \ No newline at end of file + diff --git a/system/database/drivers/mysql/index.html b/system/database/drivers/mysql/index.html index c942a79ce..b702fbc39 100644 --- a/system/database/drivers/mysql/index.html +++ b/system/database/drivers/mysql/index.html @@ -1,3 +1,4 @@ + 403 Forbidden @@ -7,4 +8,4 @@

Directory access is forbidden.

- \ No newline at end of file + diff --git a/system/database/drivers/mysqli/index.html b/system/database/drivers/mysqli/index.html index c942a79ce..b702fbc39 100644 --- a/system/database/drivers/mysqli/index.html +++ b/system/database/drivers/mysqli/index.html @@ -1,3 +1,4 @@ + 403 Forbidden @@ -7,4 +8,4 @@

Directory access is forbidden.

- \ No newline at end of file + diff --git a/system/database/drivers/oci8/index.html b/system/database/drivers/oci8/index.html index c942a79ce..b702fbc39 100644 --- a/system/database/drivers/oci8/index.html +++ b/system/database/drivers/oci8/index.html @@ -1,3 +1,4 @@ + 403 Forbidden @@ -7,4 +8,4 @@

Directory access is forbidden.

- \ No newline at end of file + diff --git a/system/database/drivers/odbc/index.html b/system/database/drivers/odbc/index.html index c942a79ce..b702fbc39 100644 --- a/system/database/drivers/odbc/index.html +++ b/system/database/drivers/odbc/index.html @@ -1,3 +1,4 @@ + 403 Forbidden @@ -7,4 +8,4 @@

Directory access is forbidden.

- \ No newline at end of file + diff --git a/system/database/drivers/pdo/index.html b/system/database/drivers/pdo/index.html index c942a79ce..b702fbc39 100644 --- a/system/database/drivers/pdo/index.html +++ b/system/database/drivers/pdo/index.html @@ -1,3 +1,4 @@ + 403 Forbidden @@ -7,4 +8,4 @@

Directory access is forbidden.

- \ No newline at end of file + diff --git a/system/database/drivers/pdo/subdrivers/index.html b/system/database/drivers/pdo/subdrivers/index.html index c942a79ce..b702fbc39 100644 --- a/system/database/drivers/pdo/subdrivers/index.html +++ b/system/database/drivers/pdo/subdrivers/index.html @@ -1,3 +1,4 @@ + 403 Forbidden @@ -7,4 +8,4 @@

Directory access is forbidden.

- \ No newline at end of file + diff --git a/system/database/drivers/postgre/index.html b/system/database/drivers/postgre/index.html index c942a79ce..b702fbc39 100644 --- a/system/database/drivers/postgre/index.html +++ b/system/database/drivers/postgre/index.html @@ -1,3 +1,4 @@ + 403 Forbidden @@ -7,4 +8,4 @@

Directory access is forbidden.

- \ No newline at end of file + diff --git a/system/database/drivers/sqlite/index.html b/system/database/drivers/sqlite/index.html index c942a79ce..b702fbc39 100644 --- a/system/database/drivers/sqlite/index.html +++ b/system/database/drivers/sqlite/index.html @@ -1,3 +1,4 @@ + 403 Forbidden @@ -7,4 +8,4 @@

Directory access is forbidden.

- \ No newline at end of file + diff --git a/system/database/drivers/sqlite3/index.html b/system/database/drivers/sqlite3/index.html index c942a79ce..b702fbc39 100644 --- a/system/database/drivers/sqlite3/index.html +++ b/system/database/drivers/sqlite3/index.html @@ -1,3 +1,4 @@ + 403 Forbidden @@ -7,4 +8,4 @@

Directory access is forbidden.

- \ No newline at end of file + diff --git a/system/database/drivers/sqlsrv/index.html b/system/database/drivers/sqlsrv/index.html index c942a79ce..b702fbc39 100644 --- a/system/database/drivers/sqlsrv/index.html +++ b/system/database/drivers/sqlsrv/index.html @@ -1,3 +1,4 @@ + 403 Forbidden @@ -7,4 +8,4 @@

Directory access is forbidden.

- \ No newline at end of file + diff --git a/system/database/index.html b/system/database/index.html index c942a79ce..b702fbc39 100644 --- a/system/database/index.html +++ b/system/database/index.html @@ -1,3 +1,4 @@ + 403 Forbidden @@ -7,4 +8,4 @@

Directory access is forbidden.

- \ No newline at end of file + diff --git a/system/fonts/index.html b/system/fonts/index.html index c942a79ce..b702fbc39 100644 --- a/system/fonts/index.html +++ b/system/fonts/index.html @@ -1,3 +1,4 @@ + 403 Forbidden @@ -7,4 +8,4 @@

Directory access is forbidden.

- \ No newline at end of file + diff --git a/system/helpers/index.html b/system/helpers/index.html index c942a79ce..b702fbc39 100644 --- a/system/helpers/index.html +++ b/system/helpers/index.html @@ -1,3 +1,4 @@ + 403 Forbidden @@ -7,4 +8,4 @@

Directory access is forbidden.

- \ No newline at end of file + diff --git a/system/index.html b/system/index.html index c942a79ce..b702fbc39 100644 --- a/system/index.html +++ b/system/index.html @@ -1,3 +1,4 @@ + 403 Forbidden @@ -7,4 +8,4 @@

Directory access is forbidden.

- \ No newline at end of file + diff --git a/system/language/index.html b/system/language/index.html index c942a79ce..b702fbc39 100644 --- a/system/language/index.html +++ b/system/language/index.html @@ -1,3 +1,4 @@ + 403 Forbidden @@ -7,4 +8,4 @@

Directory access is forbidden.

- \ No newline at end of file + diff --git a/system/libraries/Cache/drivers/index.html b/system/libraries/Cache/drivers/index.html index c942a79ce..b702fbc39 100644 --- a/system/libraries/Cache/drivers/index.html +++ b/system/libraries/Cache/drivers/index.html @@ -1,3 +1,4 @@ + 403 Forbidden @@ -7,4 +8,4 @@

Directory access is forbidden.

- \ No newline at end of file + diff --git a/system/libraries/Cache/index.html b/system/libraries/Cache/index.html index c942a79ce..b702fbc39 100644 --- a/system/libraries/Cache/index.html +++ b/system/libraries/Cache/index.html @@ -1,3 +1,4 @@ + 403 Forbidden @@ -7,4 +8,4 @@

Directory access is forbidden.

- \ No newline at end of file + diff --git a/system/libraries/Javascript/index.html b/system/libraries/Javascript/index.html index c942a79ce..b702fbc39 100644 --- a/system/libraries/Javascript/index.html +++ b/system/libraries/Javascript/index.html @@ -1,3 +1,4 @@ + 403 Forbidden @@ -7,4 +8,4 @@

Directory access is forbidden.

- \ No newline at end of file + diff --git a/system/libraries/Session/index.html b/system/libraries/Session/index.html index c942a79ce..b702fbc39 100644 --- a/system/libraries/Session/index.html +++ b/system/libraries/Session/index.html @@ -1,3 +1,4 @@ + 403 Forbidden @@ -7,4 +8,4 @@

Directory access is forbidden.

- \ No newline at end of file + diff --git a/system/libraries/index.html b/system/libraries/index.html index c942a79ce..b702fbc39 100644 --- a/system/libraries/index.html +++ b/system/libraries/index.html @@ -1,3 +1,4 @@ + 403 Forbidden @@ -7,4 +8,4 @@

Directory access is forbidden.

- \ No newline at end of file + -- cgit v1.2.3-24-g4f1b From aadd8bdbf248293a854b4e0361bd09155c815acd Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 16 Feb 2015 11:07:45 +0200 Subject: [ci skip] Fix a doc typo Close #3595 --- user_guide_src/source/tutorial/static_pages.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/user_guide_src/source/tutorial/static_pages.rst b/user_guide_src/source/tutorial/static_pages.rst index 36bcd2df9..8ba0486c1 100644 --- a/user_guide_src/source/tutorial/static_pages.rst +++ b/user_guide_src/source/tutorial/static_pages.rst @@ -74,7 +74,7 @@ includes the following code: © 2014 - + Adding logic to the controller ------------------------------ -- cgit v1.2.3-24-g4f1b From af8665d973e63ace812ab1d433ae8b8dce5922c4 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 17 Feb 2015 15:57:47 +0200 Subject: Fix #3572: CI_Security::_remove_evil_attributes() --- system/core/Security.php | 27 ++++++--------------------- tests/codeigniter/core/Security_test.php | 12 ++++++++++++ tests/mocks/core/security.php | 5 +++++ 3 files changed, 23 insertions(+), 21 deletions(-) diff --git a/system/core/Security.php b/system/core/Security.php index ccb141260..216f0e98b 100644 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -784,30 +784,15 @@ class CI_Security { } do { - $count = 0; - $attribs = array(); + $count = $temp_count = 0; - // find occurrences of illegal attribute strings with quotes (042 and 047 are octal quotes) - preg_match_all('/(?]+)(?]*)/is', $str, $matches, PREG_SET_ORDER); - - foreach ($matches as $attr) - { - $attribs[] = preg_quote($attr[0], '/'); - } - - // replace illegal attribute strings that are inside an html tag - if (count($attribs) > 0) - { - $str = preg_replace('/(<]+?)([^A-Za-z<>\-])(.*?)('.implode('|', $attribs).')(.*?)([\s><]?)([><]*)/i', '$1$2 $4$6$7$8', $str, -1, $count); - } + $str = preg_replace('/(<[^>]+)(?]*)/is', '$1[removed]', $str, -1, $temp_count); + $count += $temp_count; } while ($count); diff --git a/tests/codeigniter/core/Security_test.php b/tests/codeigniter/core/Security_test.php index 402422ff8..d967613b5 100644 --- a/tests/codeigniter/core/Security_test.php +++ b/tests/codeigniter/core/Security_test.php @@ -79,6 +79,18 @@ class Security_test extends CI_TestCase { // -------------------------------------------------------------------- + public function test_remove_evil_attributes() + { + $this->assertEquals('', $this->security->remove_evil_attributes('', false)); + $this->assertEquals('', $this->security->remove_evil_attributes('', false)); + $this->assertEquals('', $this->security->remove_evil_attributes('', false)); + $this->assertEquals('', $this->security->remove_evil_attributes('', false)); + $this->assertEquals('onOutsideOfTag=test', $this->security->remove_evil_attributes('onOutsideOfTag=test', false)); + $this->assertEquals('onNoTagAtAll = true', $this->security->remove_evil_attributes('onNoTagAtAll = true', false)); + } + + // -------------------------------------------------------------------- + public function test_xss_hash() { $this->assertEmpty($this->security->xss_hash); diff --git a/tests/mocks/core/security.php b/tests/mocks/core/security.php index a21fc5cb3..6cff85860 100644 --- a/tests/mocks/core/security.php +++ b/tests/mocks/core/security.php @@ -16,6 +16,11 @@ class Mock_Core_Security extends CI_Security { return isset($this->{'_'.$property}) ? $this->{'_'.$property} : NULL; } + public function remove_evil_attributes($str, $is_image) + { + return $this->_remove_evil_attributes($str, $is_image); + } + // Override inaccessible protected method public function __call($method, $params) { -- cgit v1.2.3-24-g4f1b From 48e79c7a71efc44000c62a57adb60505941586b2 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 17 Feb 2015 16:16:24 +0200 Subject: [ci skip] Add missing changelog entry from last commit --- user_guide_src/source/changelog.rst | 1 + 1 file changed, 1 insertion(+) diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index bc3ea34f6..aacd2ef94 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -768,6 +768,7 @@ Bug fixes for 3.0 - Fixed a bug (#3161) - :doc:`Cache Library ` methods `increment()`, `decrement()` didn't auto-create non-existent items when using redis and/or file storage. - Fixed a bug (#3189) - :doc:`Parser Library ` used double replacement on ``key->value`` pairs, exposing a potential template injection vulnerability. - Fixed a bug (#3573) - :doc:`Email Library ` violated `RFC5321 `_ by sending 'localhost.localdomain' as a hostname. +- Fixed a bug (#3572) - :doc:`CI_Security::_remove_evil_attributes()` failed for large-sized inputs due to *pcre.backtrack_limit* and didn't properly match HTML tags. Version 2.2.1 ============= -- cgit v1.2.3-24-g4f1b From 3cf58eaf15abaa1b5ab3e9ff671f174c9455b28f Mon Sep 17 00:00:00 2001 From: Ivan Tcholakov Date: Tue, 17 Feb 2015 20:03:09 +0200 Subject: Finishing PR #3596 --- application/cache/index.html | 3 ++- application/language/english/index.html | 3 ++- application/views/errors/cli/index.html | 3 ++- application/views/errors/html/index.html | 3 ++- application/views/errors/index.html | 3 ++- system/database/drivers/index.html | 3 ++- system/language/english/index.html | 3 ++- system/libraries/Session/drivers/index.html | 3 ++- 8 files changed, 16 insertions(+), 8 deletions(-) diff --git a/application/cache/index.html b/application/cache/index.html index c942a79ce..b702fbc39 100644 --- a/application/cache/index.html +++ b/application/cache/index.html @@ -1,3 +1,4 @@ + 403 Forbidden @@ -7,4 +8,4 @@

Directory access is forbidden.

- \ No newline at end of file + diff --git a/application/language/english/index.html b/application/language/english/index.html index c942a79ce..b702fbc39 100644 --- a/application/language/english/index.html +++ b/application/language/english/index.html @@ -1,3 +1,4 @@ + 403 Forbidden @@ -7,4 +8,4 @@

Directory access is forbidden.

- \ No newline at end of file + diff --git a/application/views/errors/cli/index.html b/application/views/errors/cli/index.html index c942a79ce..b702fbc39 100644 --- a/application/views/errors/cli/index.html +++ b/application/views/errors/cli/index.html @@ -1,3 +1,4 @@ + 403 Forbidden @@ -7,4 +8,4 @@

Directory access is forbidden.

- \ No newline at end of file + diff --git a/application/views/errors/html/index.html b/application/views/errors/html/index.html index c942a79ce..b702fbc39 100644 --- a/application/views/errors/html/index.html +++ b/application/views/errors/html/index.html @@ -1,3 +1,4 @@ + 403 Forbidden @@ -7,4 +8,4 @@

Directory access is forbidden.

- \ No newline at end of file + diff --git a/application/views/errors/index.html b/application/views/errors/index.html index c942a79ce..b702fbc39 100644 --- a/application/views/errors/index.html +++ b/application/views/errors/index.html @@ -1,3 +1,4 @@ + 403 Forbidden @@ -7,4 +8,4 @@

Directory access is forbidden.

- \ No newline at end of file + diff --git a/system/database/drivers/index.html b/system/database/drivers/index.html index c942a79ce..b702fbc39 100644 --- a/system/database/drivers/index.html +++ b/system/database/drivers/index.html @@ -1,3 +1,4 @@ + 403 Forbidden @@ -7,4 +8,4 @@

Directory access is forbidden.

- \ No newline at end of file + diff --git a/system/language/english/index.html b/system/language/english/index.html index c942a79ce..b702fbc39 100644 --- a/system/language/english/index.html +++ b/system/language/english/index.html @@ -1,3 +1,4 @@ + 403 Forbidden @@ -7,4 +8,4 @@

Directory access is forbidden.

- \ No newline at end of file + diff --git a/system/libraries/Session/drivers/index.html b/system/libraries/Session/drivers/index.html index c942a79ce..b702fbc39 100644 --- a/system/libraries/Session/drivers/index.html +++ b/system/libraries/Session/drivers/index.html @@ -1,3 +1,4 @@ + 403 Forbidden @@ -7,4 +8,4 @@

Directory access is forbidden.

- \ No newline at end of file + -- cgit v1.2.3-24-g4f1b From 0ae4e6c0bd95b7264bee735fb635f317c882bbef Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 18 Feb 2015 21:14:55 +0200 Subject: Fix #3593 Revert "fixes" for #167, #388, #705 (also #1326) as it turns out URL-decoding isn't compliant with the CGI/1.1 specification. RFC 3875: http://www.faqs.org/rfcs/rfc3875.html --- application/config/config.php | 13 +++--- system/core/URI.php | 53 ++++++++++------------ user_guide_src/source/changelog.rst | 4 +- .../source/installation/troubleshooting.rst | 5 +- 4 files changed, 34 insertions(+), 41 deletions(-) diff --git a/application/config/config.php b/application/config/config.php index 306fc2cae..7d5c24c84 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -37,17 +37,16 @@ $config['index_page'] = 'index.php'; |-------------------------------------------------------------------------- | | This item determines which server global should be used to retrieve the -| URI string. The default setting of 'AUTO' works for most servers. +| URI string. The default setting of 'REQUEST_URI' works for most servers. | If your links do not seem to work, try one of the other delicious flavors: | -| 'AUTO' Default - auto detects -| 'CLI' or 'argv' Uses $_SERVER['argv'] (for php-cli only) -| 'PATH_INFO' Uses $_SERVER['PATH_INFO'] -| 'REQUEST_URI' Uses $_SERVER['REQUEST_URI'] -| 'QUERY_STRING' Uses $_SERVER['QUERY_STRING'] +| 'REQUEST_URI' Uses $_SERVER['REQUEST_URI'] +| 'QUERY_STRING' Uses $_SERVER['QUERY_STRING'] +| 'PATH_INFO' Uses $_SERVER['PATH_INFO'] | +| WARNING: If you set this to 'PATH_INFO', URIs will always be URL-decoded! */ -$config['uri_protocol'] = 'AUTO'; +$config['uri_protocol'] = 'REQUEST_URI'; /* |-------------------------------------------------------------------------- diff --git a/system/core/URI.php b/system/core/URI.php index 9bc34ace7..e96749456 100644 --- a/system/core/URI.php +++ b/system/core/URI.php @@ -107,37 +107,34 @@ class CI_URI { $this->_permitted_uri_chars = $this->config->item('permitted_uri_chars'); // If it's a CLI request, ignore the configuration - if (is_cli() OR ($protocol = strtoupper($this->config->item('uri_protocol'))) === 'CLI') + if (is_cli()) { - $this->_set_uri_string($this->_parse_argv()); + $uri = $this->_parse_argv(); } - elseif ($protocol === 'AUTO') + else { - // Is there a PATH_INFO variable? This should be the easiest solution. - if (isset($_SERVER['PATH_INFO'])) - { - $this->_set_uri_string($_SERVER['PATH_INFO']); - } - // No PATH_INFO? Let's try REQUST_URI or QUERY_STRING then - elseif (($uri = $this->_parse_request_uri()) !== '' OR ($uri = $this->_parse_query_string()) !== '') - { - $this->_set_uri_string($uri); - } - // As a last ditch effor, let's try using the $_GET array - elseif (is_array($_GET) && count($_GET) === 1 && trim(key($_GET), '/') !== '') + $protocol = $this->config->item('uri_protocol'); + empty($protocol) && $protocol = 'REQUEST_URI'; + + switch ($protocol) { - $this->_set_uri_string(key($_GET)); + case 'AUTO': // For BC purposes only + case 'REQUEST_URI': + $uri = $this->_parse_request_uri(); + break; + case 'QUERY_STRING': + $uri = $this->_parse_query_string(); + break; + case 'PATH_INFO': + default: + $uri = isset($_SERVER[$protocol]) + ? $_SERVER[$protocol] + : $this->_parse_request_uri(); + break; } } - elseif (method_exists($this, ($method = '_parse_'.strtolower($protocol)))) - { - $this->_set_uri_string($this->$method()); - } - else - { - $uri = isset($_SERVER[$protocol]) ? $_SERVER[$protocol] : @getenv($protocol); - $this->_set_uri_string($uri); - } + + $this->_set_uri_string($uri); } log_message('info', 'URI Class Initialized'); @@ -206,7 +203,7 @@ class CI_URI { $uri = parse_url($_SERVER['REQUEST_URI']); $query = isset($uri['query']) ? $uri['query'] : ''; - $uri = isset($uri['path']) ? rawurldecode($uri['path']) : ''; + $uri = isset($uri['path']) ? $uri['path'] : ''; if (strpos($uri, $_SERVER['SCRIPT_NAME']) === 0) { @@ -222,7 +219,7 @@ class CI_URI { if (trim($uri, '/') === '' && strncmp($query, '/', 1) === 0) { $query = explode('?', $query, 2); - $uri = rawurldecode($query[0]); + $uri = $query[0]; $_SERVER['QUERY_STRING'] = isset($query[1]) ? $query[1] : ''; } else @@ -262,7 +259,7 @@ class CI_URI { { $uri = explode('?', $uri, 2); $_SERVER['QUERY_STRING'] = isset($uri[1]) ? $uri[1] : ''; - $uri = rawurldecode($uri[0]); + $uri = $uri[0]; } parse_str($_SERVER['QUERY_STRING'], $_GET); diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index aacd2ef94..3145e831a 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -459,7 +459,7 @@ Release Date: Not Released - Renamed internal method ``_detect_uri()`` to ``_parse_request_uri()``. - Changed ``_parse_request_uri()`` to accept absolute URIs for compatibility with HTTP/1.1 as per `RFC2616 `. - Added protected method ``_parse_query_string()`` to URI paths in the the **QUERY_STRING** value, like ``_parse_request_uri()`` does. - - Changed URI string detection logic to try the **PATH_INFO** variable first when auto-detecting. + - Changed URI string detection logic to always default to **REQUEST_URI** unless configured otherwise or under CLI. - Removed methods ``_remove_url_suffix()``, ``_explode_segments()`` and moved their logic into ``_set_uri_string()``. - Removed method ``_fetch_uri_string()`` and moved its logic into the class constructor. - Removed method ``_reindex_segments()``. @@ -660,7 +660,6 @@ Bug fixes for 3.0 - Fixed a bug (#10) - :doc:`URI Library ` internal method ``_detect_uri()`` failed with paths containing a colon. - Fixed a bug (#1387) - :doc:`Query Builder ` method ``from()`` didn't escape table aliases. - Fixed a bug (#520) - :doc:`Date Helper ` function :php:func:``nice_date()`` failed when the optional second parameter is not passed. -- Fixed a bug (#167) - ``$config['permitted_uri_chars']`` didn't affect URL-encoded characters. - Fixed a bug (#318) - :doc:`Profiling Library ` setting *query_toggle_count* was not settable as described in the manual. - Fixed a bug (#938) - :doc:`Config Library ` method ``site_url()`` added a question mark to the URL string when query strings are enabled even if it already existed. - Fixed a bug (#999) - :doc:`Config Library ` method ``site_url()`` always appended ``$config['url_suffix']`` to the end of the URL string, regardless of whether a query string exists in it. @@ -705,7 +704,6 @@ Bug fixes for 3.0 - Fixed a bug (#50) - :doc:`Session Library ` unnecessarily stripped slashed from serialized data, making it impossible to read objects in a namespace. - Fixed a bug (#658) - :doc:`Routing ` wildcard **:any** didn't work as advertised and matched multiple URI segments instead of all characters within a single segment. - Fixed a bug (#1938) - :doc:`Email Library ` removed multiple spaces inside a pre-formatted plain text message. -- Fixed a bug (#388, #705) - :doc:`URI Library ` didn't apply URL-decoding to URI segments that it got from **REQUEST_URI** and/or **QUERY_STRING**. - Fixed a bug (#122) - :doc:`URI Library ` method ``ruri_string()`` didn't include a directory if one is used. - Fixed a bug - :doc:`Routing Library ` didn't properly handle *default_controller* in a subdirectory when a method is also specified. - Fixed a bug (#953) - :doc:`post_controller_constructor hook ` wasn't called with a *404_override*. diff --git a/user_guide_src/source/installation/troubleshooting.rst b/user_guide_src/source/installation/troubleshooting.rst index 0dfd4083f..e874bb0ec 100644 --- a/user_guide_src/source/installation/troubleshooting.rst +++ b/user_guide_src/source/installation/troubleshooting.rst @@ -4,16 +4,15 @@ Troubleshooting If you find that no matter what you put in your URL only your default page is loading, it might be that your server does not support the -PATH_INFO variable needed to serve search-engine friendly URLs. As a +REQUEST_URI variable needed to serve search-engine friendly URLs. As a first step, open your application/config/config.php file and look for the URI Protocol information. It will recommend that you try a couple alternate settings. If it still doesn't work after you've tried this you'll need to force CodeIgniter to add a question mark to your URLs. To -do this open your application/config/config.php file and change this:: +do this open your **application/config/config.php** file and change this:: $config['index_page'] = "index.php"; To this:: $config['index_page'] = "index.php?"; - -- cgit v1.2.3-24-g4f1b From ff7563e3ffa522f35ec18c99273a9ce14a48e6db Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 18 Feb 2015 21:38:01 +0200 Subject: Fix #3603 --- user_guide_src/source/libraries/sessions.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/user_guide_src/source/libraries/sessions.rst b/user_guide_src/source/libraries/sessions.rst index 57c258519..9fc33247b 100644 --- a/user_guide_src/source/libraries/sessions.rst +++ b/user_guide_src/source/libraries/sessions.rst @@ -596,7 +596,7 @@ For MySQL:: `id` varchar(40) NOT NULL, `ip_address` varchar(45) NOT NULL, `timestamp` int(10) unsigned DEFAULT 0 NOT NULL, - `data` blob DEFAULT '' NOT NULL, + `data` blob NOT NULL, PRIMARY KEY (id), KEY `ci_sessions_timestamp` (`timestamp`) ); -- cgit v1.2.3-24-g4f1b From a8c964c5a1d48d9a70ed5826a086e9eba9963cc9 Mon Sep 17 00:00:00 2001 From: Ignasimg Date: Thu, 19 Feb 2015 01:26:06 +0100 Subject: documentation changes --- system/core/Input.php | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/system/core/Input.php b/system/core/Input.php index 3024fca78..f181c27ce 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -104,9 +104,9 @@ class CI_Input { protected $headers = array(); /** - * Raw input stream data + * Raw input stream data as received from php://input * - * @see CI_Input::input_stream() + * @see CI_Input::raw_input_stream() * @var array */ protected $_raw_input_stream = NULL; @@ -114,12 +114,12 @@ class CI_Input { /** * Input stream data * - * Parsed from php://input at runtime + * Parsed from raw_input_stream at runtime * * @see CI_Input::input_stream() * @var array */ - protected $_input_stream = NULL; // Kept for backward compatible. + protected $_input_stream = NULL; /** * Class constructor @@ -309,7 +309,7 @@ class CI_Input { /** * Fetch raw data from php://input stream * - * Useful when data is not an array and might contain = and & symbols. + * Useful when data is not an array. */ public function raw_input_stream() { @@ -326,7 +326,7 @@ class CI_Input { // ------------------------------------------------------------------------ /** - * Fetch an item from the php://input stream + * Fetch an item from the input stream * * Useful when you need to access PUT, DELETE or PATCH request data. * @@ -343,9 +343,9 @@ class CI_Input { // ------------------------------------------------------------------------ /** - * Fetch an item from the php://input stream + * Fetch an item from the input stream * - * Useful when you need to access input that's been send as raw json data' + * Useful when you need to access input that's been send as json' * * @param string $index Index for item to be fetched * @param bool $xss_clean Whether to apply XSS filtering -- cgit v1.2.3-24-g4f1b From c545c0147636d8592fdcb7e8ec2c6df09399d485 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 19 Feb 2015 11:36:10 +0200 Subject: Make set_status_header() a dummy under CLI Close #3605 --- system/core/Common.php | 5 +++++ user_guide_src/source/changelog.rst | 3 ++- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/system/core/Common.php b/system/core/Common.php index 9f509745f..7035c18ff 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -492,6 +492,11 @@ if ( ! function_exists('set_status_header')) */ function set_status_header($code = 200, $text = '') { + if (is_cli()) + { + return; + } + $stati = array( 200 => 'OK', 201 => 'Created', diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index 3145e831a..a904c827f 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -507,7 +507,8 @@ Release Date: Not Released - Changed internal function ``load_class()`` to accept a constructor parameter instead of (previously unused) class name prefix. - Removed default parameter value of :php:func:`is_php()`. - Added a second argument ``$double_encode`` to :php:func:`html_escape()`. - - Changed function ``config_item()`` to return NULL instead of FALSE when no value is found. + - Changed function :php:func:`config_item()` to return NULL instead of FALSE when no value is found. + - Changed function :php:func:`set_status_header()` to return immediately when run under CLI. - :doc:`Output Library ` changes include: -- cgit v1.2.3-24-g4f1b From 6c7c8917d853bcd4acdce930b9afa537b2fb8b95 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 19 Feb 2015 14:44:18 +0200 Subject: Remove 'autoinit' DB setting It doesn't make sense to do a load->database() call but not connect to the database. IIRC there was more stuff in CI_DB_driver::initialize() at some point, so that was probably the reason why the setting existed in the first place. However, now it only results in users making invalid bug reports because they don't understand the feature ... Examples during just the past 2 weeks: #3571 #3601 #3607 --- application/config/database.php | 2 -- system/database/DB.php | 5 ----- system/database/DB_driver.php | 10 +--------- system/database/drivers/cubrid/cubrid_driver.php | 4 ---- system/database/drivers/mysql/mysql_driver.php | 4 ---- system/database/drivers/mysqli/mysqli_driver.php | 4 ---- system/database/drivers/oci8/oci8_driver.php | 4 ---- system/database/drivers/pdo/pdo_driver.php | 4 ---- system/database/drivers/postgre/postgre_driver.php | 4 ---- system/database/drivers/sqlsrv/sqlsrv_driver.php | 4 ---- system/libraries/Session/drivers/Session_database_driver.php | 2 +- tests/mocks/database/db.php | 3 +-- user_guide_src/source/changelog.rst | 3 ++- user_guide_src/source/database/configuration.rst | 6 ------ 14 files changed, 5 insertions(+), 54 deletions(-) diff --git a/application/config/database.php b/application/config/database.php index 5ee2af438..925b3e504 100644 --- a/application/config/database.php +++ b/application/config/database.php @@ -39,7 +39,6 @@ defined('BASEPATH') OR exit('No direct script access allowed'); | multi-byte character set and are running versions lower than these. | Sites using Latin-1 or UTF-8 database character set and collation are unaffected. | ['swap_pre'] A default table prefix that should be swapped with the dbprefix -| ['autoinit'] Whether or not to automatically initialize the database. | ['encrypt'] Whether or not to use an encrypted connection. | ['compress'] Whether or not to use client compression (MySQL only) | ['stricton'] TRUE/FALSE - forces 'Strict Mode' connections @@ -78,7 +77,6 @@ $db['default'] = array( 'char_set' => 'utf8', 'dbcollat' => 'utf8_general_ci', 'swap_pre' => '', - 'autoinit' => TRUE, 'encrypt' => FALSE, 'compress' => FALSE, 'stricton' => FALSE, diff --git a/system/database/DB.php b/system/database/DB.php index 8ea7ca6fa..c9660e4bd 100644 --- a/system/database/DB.php +++ b/system/database/DB.php @@ -213,10 +213,5 @@ function &DB($params = '', $query_builder_override = NULL) } } - if ($DB->autoinit === TRUE) - { - $DB->initialize(); - } - return $DB; } diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php index bbe65b410..68e5a2833 100644 --- a/system/database/DB_driver.php +++ b/system/database/DB_driver.php @@ -123,15 +123,6 @@ abstract class CI_DB_driver { */ public $dbcollat = 'utf8_general_ci'; - /** - * Auto-init flag - * - * Whether to automatically initialize the DB connection. - * - * @var bool - */ - public $autoinit = TRUE; - /** * Encryption flag/data * @@ -381,6 +372,7 @@ abstract class CI_DB_driver { } } + $this->initialize(); log_message('info', 'Database Driver Class Initialized'); } diff --git a/system/database/drivers/cubrid/cubrid_driver.php b/system/database/drivers/cubrid/cubrid_driver.php index 402117978..f80b4db54 100644 --- a/system/database/drivers/cubrid/cubrid_driver.php +++ b/system/database/drivers/cubrid/cubrid_driver.php @@ -163,10 +163,6 @@ class CI_DB_cubrid_driver extends CI_DB { { return $this->data_cache['version']; } - elseif ( ! $this->conn_id) - { - $this->initialize(); - } return ( ! $this->conn_id OR ($version = cubrid_get_server_info($this->conn_id)) === FALSE) ? FALSE diff --git a/system/database/drivers/mysql/mysql_driver.php b/system/database/drivers/mysql/mysql_driver.php index f8e9b6d61..df0f24920 100644 --- a/system/database/drivers/mysql/mysql_driver.php +++ b/system/database/drivers/mysql/mysql_driver.php @@ -223,10 +223,6 @@ class CI_DB_mysql_driver extends CI_DB { { return $this->data_cache['version']; } - elseif ( ! $this->conn_id) - { - $this->initialize(); - } if ( ! $this->conn_id OR ($version = mysql_get_server_info($this->conn_id)) === FALSE) { diff --git a/system/database/drivers/mysqli/mysqli_driver.php b/system/database/drivers/mysqli/mysqli_driver.php index 22a8ba678..e953db052 100644 --- a/system/database/drivers/mysqli/mysqli_driver.php +++ b/system/database/drivers/mysqli/mysqli_driver.php @@ -204,10 +204,6 @@ class CI_DB_mysqli_driver extends CI_DB { { return $this->data_cache['version']; } - elseif ( ! $this->conn_id) - { - $this->initialize(); - } return $this->data_cache['version'] = $this->conn_id->server_info; } diff --git a/system/database/drivers/oci8/oci8_driver.php b/system/database/drivers/oci8/oci8_driver.php index b87b41112..4010995a1 100644 --- a/system/database/drivers/oci8/oci8_driver.php +++ b/system/database/drivers/oci8/oci8_driver.php @@ -243,10 +243,6 @@ class CI_DB_oci8_driver extends CI_DB { { return $this->data_cache['version']; } - elseif ( ! $this->conn_id) - { - $this->initialize(); - } if ( ! $this->conn_id OR ($version = oci_server_version($this->conn_id)) === FALSE) { diff --git a/system/database/drivers/pdo/pdo_driver.php b/system/database/drivers/pdo/pdo_driver.php index 68aeb0eef..cc77e9568 100644 --- a/system/database/drivers/pdo/pdo_driver.php +++ b/system/database/drivers/pdo/pdo_driver.php @@ -156,10 +156,6 @@ class CI_DB_pdo_driver extends CI_DB { { return $this->data_cache['version']; } - elseif ( ! $this->conn_id) - { - $this->initialize(); - } // Not all subdrivers support the getAttribute() method try diff --git a/system/database/drivers/postgre/postgre_driver.php b/system/database/drivers/postgre/postgre_driver.php index 3f3e3f018..7be07c3bf 100644 --- a/system/database/drivers/postgre/postgre_driver.php +++ b/system/database/drivers/postgre/postgre_driver.php @@ -213,10 +213,6 @@ class CI_DB_postgre_driver extends CI_DB { { return $this->data_cache['version']; } - elseif ( ! $this->conn_id) - { - $this->initialize(); - } if ( ! $this->conn_id OR ($pg_version = pg_version($this->conn_id)) === FALSE) { diff --git a/system/database/drivers/sqlsrv/sqlsrv_driver.php b/system/database/drivers/sqlsrv/sqlsrv_driver.php index 8f17c8f96..16f77fab2 100644 --- a/system/database/drivers/sqlsrv/sqlsrv_driver.php +++ b/system/database/drivers/sqlsrv/sqlsrv_driver.php @@ -292,10 +292,6 @@ class CI_DB_sqlsrv_driver extends CI_DB { { return $this->data_cache['version']; } - elseif ( ! $this->conn_id) - { - $this->initialize(); - } if ( ! $this->conn_id OR ($info = sqlsrv_server_info($this->conn_id)) === FALSE) { diff --git a/system/libraries/Session/drivers/Session_database_driver.php b/system/libraries/Session/drivers/Session_database_driver.php index 20cec00fd..f496b4fe0 100644 --- a/system/libraries/Session/drivers/Session_database_driver.php +++ b/system/libraries/Session/drivers/Session_database_driver.php @@ -122,7 +122,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan public function open($save_path, $name) { return empty($this->_db->conn_id) - ? ( ! $this->_db->autoinit && $this->_db->db_connect()) + ? (bool) $this->_db->db_connect() : TRUE; } diff --git a/tests/mocks/database/db.php b/tests/mocks/database/db.php index 968476dea..5216be2d7 100644 --- a/tests/mocks/database/db.php +++ b/tests/mocks/database/db.php @@ -56,8 +56,7 @@ class Mock_Database_DB { 'char_set' => 'utf8', 'dbcollat' => 'utf8_general_ci', 'swap_pre' => '', - 'autoinit' => TRUE, - 'stricton' => FALSE, + 'stricton' => FALSE ); $config = array_merge($this->config[$group], $params); diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index a904c827f..8f77f368f 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -155,6 +155,8 @@ Release Date: Not Released - DEPRECATED the 'mysql', 'sqlite', 'mssql' and 'pdo/dblib' (also known as 'pdo/mssql' or 'pdo/sybase') drivers. - Added **dsn** configuration setting for drivers that support DSN strings (PDO, PostgreSQL, Oracle, ODBC, CUBRID). - Added **schema** configuration setting (defaults to *public*) for drivers that might need it (currently used by PostgreSQL and ODBC). + - Added **save_queries** configuration setting to *application/config/database.php* (defaults to ``TRUE``). + - Removed **autoinit** configuration setting as it doesn't make sense to instantiate the database class but not connect to the database. - Added subdrivers support (currently only used by PDO). - Added an optional database name parameter to ``db_select()``. - Removed ``protect_identifiers()`` and renamed internal method ``_protect_identifiers()`` to it instead - it was just an alias. @@ -173,7 +175,6 @@ Release Date: Not Released - Added support for SQLite3 database driver. - Added Interbase/Firebird database support via the *ibase* driver. - Added ODBC support for ``create_database()``, ``drop_database()`` and ``drop_table()`` in :doc:`Database Forge `. - - Added **save_queries** configuration setting to *application/config/database.php* (defaults to ``TRUE``). - Added support to binding arrays as ``IN()`` sets in ``query()``. - :doc:`Query Builder ` changes include: diff --git a/user_guide_src/source/database/configuration.rst b/user_guide_src/source/database/configuration.rst index 521eb6010..d21c79e44 100644 --- a/user_guide_src/source/database/configuration.rst +++ b/user_guide_src/source/database/configuration.rst @@ -27,7 +27,6 @@ prototype:: 'char_set' => 'utf8', 'dbcollat' => 'utf8_general_ci', 'swap_pre' => '', - 'autoinit' => TRUE, 'encrypt' => FALSE, 'compress' => FALSE, 'stricton' => FALSE, @@ -70,7 +69,6 @@ These failovers can be specified by setting the failover for a connection like t 'char_set' => 'utf8', 'dbcollat' => 'utf8_general_ci', 'swap_pre' => '', - 'autoinit' => TRUE, 'encrypt' => FALSE, 'compress' => FALSE, 'stricton' => FALSE @@ -89,7 +87,6 @@ These failovers can be specified by setting the failover for a connection like t 'char_set' => 'utf8', 'dbcollat' => 'utf8_general_ci', 'swap_pre' => '', - 'autoinit' => TRUE, 'encrypt' => FALSE, 'compress' => FALSE, 'stricton' => FALSE @@ -120,7 +117,6 @@ example, to set up a "test" environment you would do this:: 'char_set' => 'utf8', 'dbcollat' => 'utf8_general_ci', 'swap_pre' => '', - 'autoinit' => TRUE, 'compress' => FALSE, 'encrypt' => FALSE, 'stricton' => FALSE, @@ -181,8 +177,6 @@ Explanation of Values: **swap_pre** A default table prefix that should be swapped with dbprefix. This is useful for distributed applications where you might run manually written queries, and need the prefix to still be customizable by the end user. -**autoinit** Whether or not to automatically connect to the database when the library loads. If set to false, - you will have to manually connect via the ``$this->db->db_connect()`` method. **schema** The database schema, defaults to 'public'. Used by PostgreSQL and ODBC drivers. **encrypt** Whether or not to use an encrypted connection. **compress** Whether or not to use client compression (MySQL only). -- cgit v1.2.3-24-g4f1b From 54fb6f68f1d793b9582dae455b2022e2ecfd3247 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 19 Feb 2015 15:13:39 +0200 Subject: test_db_failover is failing after 'autoinit' removal ... --- tests/codeigniter/database/DB_test.php | 3 +++ tests/mocks/database/db.php | 2 +- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/tests/codeigniter/database/DB_test.php b/tests/codeigniter/database/DB_test.php index d5c0dea08..0c3df3fc4 100644 --- a/tests/codeigniter/database/DB_test.php +++ b/tests/codeigniter/database/DB_test.php @@ -34,6 +34,9 @@ class DB_test extends CI_TestCase { // ------------------------------------------------------------------------ + /** + * @expectedException RuntimeException + */ public function test_db_failover() { $config = Mock_Database_DB::config(DB_DRIVER); diff --git a/tests/mocks/database/db.php b/tests/mocks/database/db.php index 5216be2d7..00dd884b0 100644 --- a/tests/mocks/database/db.php +++ b/tests/mocks/database/db.php @@ -133,7 +133,7 @@ class Mock_Database_DB { } catch (Exception $e) { - throw new InvalidArgumentException($e->getMessage()); + throw new RuntimeException($e->getMessage()); } return $db; -- cgit v1.2.3-24-g4f1b From 8b4886d42055569d974feddb44a6d355d0f9171b Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 19 Feb 2015 15:24:58 +0200 Subject: test_db_invalid fails too --- tests/codeigniter/database/DB_test.php | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) diff --git a/tests/codeigniter/database/DB_test.php b/tests/codeigniter/database/DB_test.php index 0c3df3fc4..546d5fab9 100644 --- a/tests/codeigniter/database/DB_test.php +++ b/tests/codeigniter/database/DB_test.php @@ -2,6 +2,9 @@ class DB_test extends CI_TestCase { + /** + * @expectedException InvalidArgumentException + */ public function test_db_invalid() { $connection = new Mock_Database_DB(array( @@ -34,17 +37,20 @@ class DB_test extends CI_TestCase { // ------------------------------------------------------------------------ - /** - * @expectedException RuntimeException - */ public function test_db_failover() { $config = Mock_Database_DB::config(DB_DRIVER); $connection = new Mock_Database_DB($config); - $db = Mock_Database_DB::DB($connection->set_dsn(DB_DRIVER.'_failover'), TRUE); - $this->assertTrue($db instanceof CI_DB); - $this->assertTrue($db instanceof CI_DB_Driver); + try + { + $db = Mock_Database_DB::DB($connection->set_dsn(DB_DRIVER.'_failover'), TRUE); + } + catch (RuntimeException $e) + { + $this->assertTrue($db instanceof CI_DB); + $this->assertTrue($db instanceof CI_DB_Driver); + } } } \ No newline at end of file -- cgit v1.2.3-24-g4f1b From 15170ff47c240c26f318108c5eb4bb919d322ec4 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 19 Feb 2015 16:00:40 +0200 Subject: OK, finally 'fix' this test --- tests/codeigniter/database/DB_test.php | 23 ++++++++++------------- 1 file changed, 10 insertions(+), 13 deletions(-) diff --git a/tests/codeigniter/database/DB_test.php b/tests/codeigniter/database/DB_test.php index 546d5fab9..d5a9369e6 100644 --- a/tests/codeigniter/database/DB_test.php +++ b/tests/codeigniter/database/DB_test.php @@ -2,9 +2,6 @@ class DB_test extends CI_TestCase { - /** - * @expectedException InvalidArgumentException - */ public function test_db_invalid() { $connection = new Mock_Database_DB(array( @@ -18,7 +15,7 @@ class DB_test extends CI_TestCase { ), )); - $this->setExpectedException('InvalidArgumentException', 'CI Error: Invalid DB driver'); + $this->setExpectedException('RuntimeException', 'CI Error: Invalid DB driver'); Mock_Database_DB::DB($connection->set_dsn('undefined'), TRUE); } @@ -37,20 +34,20 @@ class DB_test extends CI_TestCase { // ------------------------------------------------------------------------ +/* + This test is unusable, because whoever wrote it apparently thought that + an E_WARNING should equal an Exception and based the whole test suite + around that bogus assumption. + public function test_db_failover() { $config = Mock_Database_DB::config(DB_DRIVER); $connection = new Mock_Database_DB($config); + $db = Mock_Database_DB::DB($connection->set_dsn(DB_DRIVER.'_failover'), TRUE); - try - { - $db = Mock_Database_DB::DB($connection->set_dsn(DB_DRIVER.'_failover'), TRUE); - } - catch (RuntimeException $e) - { - $this->assertTrue($db instanceof CI_DB); - $this->assertTrue($db instanceof CI_DB_Driver); - } + $this->assertTrue($db instanceof CI_DB); + $this->assertTrue($db instanceof CI_DB_Driver); } +*/ } \ No newline at end of file -- cgit v1.2.3-24-g4f1b From 1a3675688c91797efbbfc764600965833548a937 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 19 Feb 2015 16:48:23 +0200 Subject: Fix postgre driver config --- system/database/DB.php | 1 + system/database/DB_driver.php | 1 - 2 files changed, 1 insertion(+), 1 deletion(-) diff --git a/system/database/DB.php b/system/database/DB.php index c9660e4bd..0c7cf54b3 100644 --- a/system/database/DB.php +++ b/system/database/DB.php @@ -213,5 +213,6 @@ function &DB($params = '', $query_builder_override = NULL) } } + $DB->initialize(); return $DB; } diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php index 68e5a2833..3d35c2d70 100644 --- a/system/database/DB_driver.php +++ b/system/database/DB_driver.php @@ -372,7 +372,6 @@ abstract class CI_DB_driver { } } - $this->initialize(); log_message('info', 'Database Driver Class Initialized'); } -- cgit v1.2.3-24-g4f1b From faf8fb3f88242a4c2b89d8cf61cb91d1b2b911fe Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 19 Feb 2015 17:15:06 +0200 Subject: Allow failures for ext/mysql on PHP 5.5+ --- .travis.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.travis.yml b/.travis.yml index 4f560442b..c98b45efb 100644 --- a/.travis.yml +++ b/.travis.yml @@ -31,6 +31,10 @@ matrix: allow_failures: - php: 5.2 - php: hhvm + - php: 5.5 + env: DB=mysql + - php: 5.6 + env: DB=mysql exclude: - php: hhvm env: DB=pgsql -- cgit v1.2.3-24-g4f1b From 03bafe99fe982dbff7adc9e7ef04c55ec3a32fcb Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 19 Feb 2015 17:22:14 +0200 Subject: Revert last commit & just ignore E_DEPRECATED --- .travis.yml | 4 ---- tests/codeigniter/database/DB_test.php | 8 ++++++++ 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/.travis.yml b/.travis.yml index c98b45efb..4f560442b 100644 --- a/.travis.yml +++ b/.travis.yml @@ -31,10 +31,6 @@ matrix: allow_failures: - php: 5.2 - php: hhvm - - php: 5.5 - env: DB=mysql - - php: 5.6 - env: DB=mysql exclude: - php: hhvm env: DB=pgsql diff --git a/tests/codeigniter/database/DB_test.php b/tests/codeigniter/database/DB_test.php index d5a9369e6..dc4fae986 100644 --- a/tests/codeigniter/database/DB_test.php +++ b/tests/codeigniter/database/DB_test.php @@ -26,6 +26,14 @@ class DB_test extends CI_TestCase { { $config = Mock_Database_DB::config(DB_DRIVER); $connection = new Mock_Database_DB($config); + + // E_DEPRECATED notices thrown by mysql_connect(), mysql_pconnect() + // on PHP 5.5+ cause the tests to fail + if (DB_DRIVER === 'mysql' && version_compare(PHP_VERSION, '5.5', '>=')) + { + error_reporting(E_ALL & ~E_DEPRECATED); + } + $db = Mock_Database_DB::DB($connection->set_dsn(DB_DRIVER), TRUE); $this->assertTrue($db instanceof CI_DB); -- cgit v1.2.3-24-g4f1b From c749bfbca99291fe64ca98d45a20d0735cb4e461 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 20 Feb 2015 15:14:14 +0200 Subject: [ci skip] Fix where_in() docs --- user_guide_src/source/database/query_builder.rst | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/user_guide_src/source/database/query_builder.rst b/user_guide_src/source/database/query_builder.rst index fa1e90353..9b4694710 100644 --- a/user_guide_src/source/database/query_builder.rst +++ b/user_guide_src/source/database/query_builder.rst @@ -1221,7 +1221,7 @@ Class Reference :param string $key: The field to search :param array $values: The values searched on - :param boolean $escape: Whether to escape values and identifiers + :param boolean $escape: Whether to escape identifiers :returns: DB_query_builder instance :rtype: object @@ -1232,7 +1232,7 @@ Class Reference :param string $key: The field to search :param array $values: The values searched on - :param boolean $escape: Whether to escape values and identifiers + :param boolean $escape: Whether to escape identifiers :returns: DB_query_builder instance :rtype: object @@ -1243,7 +1243,7 @@ Class Reference :param string $key: Name of field to examine :param array $values: Array of target values - :param boolean $escape: Whether to escape values and identifiers + :param boolean $escape: Whether to escape identifiers :returns: DB_query_builder instance :rtype: object @@ -1254,7 +1254,7 @@ Class Reference :param string $key: Name of field to examine :param array $values: Array of target values - :param boolean $escape: Whether to escape values and identifiers + :param boolean $escape: Whether to escape identifiers :returns: DB_query_builder instance :rtype: object -- cgit v1.2.3-24-g4f1b From cd99fb66967892900a1d2291c643058b1f9166c5 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 20 Feb 2015 15:50:48 +0200 Subject: [ci skip] Tiny detail in 3.0.0 upgrade path --- user_guide_src/source/installation/upgrade_300.rst | 2 +- user_guide_src/source/installation/upgrading.rst | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/user_guide_src/source/installation/upgrade_300.rst b/user_guide_src/source/installation/upgrade_300.rst index 73ed0f4c3..7cb94518d 100644 --- a/user_guide_src/source/installation/upgrade_300.rst +++ b/user_guide_src/source/installation/upgrade_300.rst @@ -1,5 +1,5 @@ ############################# -Upgrading from 2.2.1 to 3.0.0 +Upgrading from 2.2.x to 3.0.0 ############################# .. note:: These upgrade notes are for a version that is yet to be released. diff --git a/user_guide_src/source/installation/upgrading.rst b/user_guide_src/source/installation/upgrading.rst index ab36e9bfd..89e90e714 100644 --- a/user_guide_src/source/installation/upgrading.rst +++ b/user_guide_src/source/installation/upgrading.rst @@ -8,7 +8,7 @@ upgrading from. .. toctree:: :titlesonly: - Upgrading from 2.2.1 to 3.0.0 + Upgrading from 2.2.x to 3.0.0 Upgrading from 2.2.0 to 2.2.1 Upgrading from 2.1.4 to 2.2.0 Upgrading from 2.1.3 to 2.1.4 -- cgit v1.2.3-24-g4f1b From 0b5569f11b9eab01e3b1571eb6012308a3868f01 Mon Sep 17 00:00:00 2001 From: Ignasimg Date: Fri, 20 Feb 2015 17:56:55 +0100 Subject: Added support for raw_input_stream property. --- system/core/Input.php | 81 +++++++++++-------------------- user_guide_src/source/changelog.rst | 2 + user_guide_src/source/libraries/input.rst | 10 +++- 3 files changed, 38 insertions(+), 55 deletions(-) diff --git a/system/core/Input.php b/system/core/Input.php index f181c27ce..97884d309 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -103,22 +103,16 @@ class CI_Input { */ protected $headers = array(); - /** - * Raw input stream data as received from php://input - * - * @see CI_Input::raw_input_stream() - * @var array - */ protected $_raw_input_stream = NULL; /** - * Input stream data - * - * Parsed from raw_input_stream at runtime - * - * @see CI_Input::input_stream() - * @var array - */ + * Input stream data + * + * Parsed from php://input at runtime + * + * @see CI_Input::input_stream() + * @var array + */ protected $_input_stream = NULL; /** @@ -307,54 +301,35 @@ class CI_Input { // ------------------------------------------------------------------------ /** - * Fetch raw data from php://input stream - * - * Useful when data is not an array. - */ - public function raw_input_stream() + * Fetch an item from the php://input stream + * + * Useful when you need to access PUT, DELETE or PATCH request data. + * + * @param string $index Index for item to be fetched + * @param bool $xss_clean Whether to apply XSS filtering + * @return mixed + */ + public function input_stream($index = NULL, $xss_clean = NULL) { - // Prior to PHP 5.6, the input stream can only be read once, - // so we'll need to check if we have already done that first. - if (is_null($this->_raw_input_stream)) + // Prior to PHP 5.6, the input stream can only be read once, + // so we'll need to check if we have already done that first. + if ( ! is_array($this->_input_stream)) { - $this->_raw_input_stream = file_get_contents('php://input'); + parse_str($this->raw_input_stream, $this->_input_stream); + is_array($this->_input_stream) OR $this->_input_stream = array(); } - - return $this->_raw_input_stream; - } - - // ------------------------------------------------------------------------ - - /** - * Fetch an item from the input stream - * - * Useful when you need to access PUT, DELETE or PATCH request data. - * - * @param string $index Index for item to be fetched - * @param bool $xss_clean Whether to apply XSS filtering - * @return mixed - */ - public function input_stream($index = NULL, $xss_clean = NULL) - { - parse_str($this->raw_input_stream(), $this->_input_stream); return $this->_fetch_from_array($this->_input_stream, $index, $xss_clean); } - + // ------------------------------------------------------------------------ - /** - * Fetch an item from the input stream - * - * Useful when you need to access input that's been send as json' - * - * @param string $index Index for item to be fetched - * @param bool $xss_clean Whether to apply XSS filtering - * @return mixed - */ - public function json_input_stream($index = NULL, $xss_clean = NULL) + public function __get($name) { - $json_input_stream = json_decode($this->raw_input_stream(), true); - return $this->_fetch_from_array($json_input_stream, $index, $xss_clean); + if ($name === 'raw_input_stream') + { + isset($this->_raw_input_stream) OR $this->_raw_input_stream = file_get_contents('php://input'); + return $this->_raw_input_stream; + } } // ------------------------------------------------------------------------ diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index 5c5cd5e54..311aec20b 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -492,6 +492,8 @@ Release Date: Not Released - Added an option for ``_clean_input_keys()`` to return FALSE instead of terminating the whole script. - Deprecated the ``is_cli_request()`` method, it is now an alias for the new :php:func:`is_cli()` common function. - Added an ``$xss_clean`` parameter to method ``user_agent()`` and removed the ``$user_agent`` property. + - Added gettable property ``raw_input_stream`` to access the **php://input** data. + - Changed method ``input_stream()`` to obtain the data from ``raw_input_stream`` property. - :doc:`Common functions ` changes include: diff --git a/user_guide_src/source/libraries/input.rst b/user_guide_src/source/libraries/input.rst index 967f69d13..2b71b348a 100644 --- a/user_guide_src/source/libraries/input.rst +++ b/user_guide_src/source/libraries/input.rst @@ -91,8 +91,14 @@ the ``$_POST`` array, because it will always exist and you can try and access multiple variables without caring that you might only have one shot at all of the POST data. -CodeIgniter will take care of that for you, and you can access data -from the **php://input** stream at any time, just by calling the +CodeIgniter will take care of that for you, and you can read the data +from the **php://input** stream at any time, just by using the +``raw_input_stream`` property:: + + $this->input->raw_input_stream; + +Additionally if the input stream is formated in a query string fashion +you can access it's values, just by calling the ``input_stream()`` method:: $this->input->input_stream('key'); -- cgit v1.2.3-24-g4f1b From c519b26d78edb21fd189e73f0feb12690aa34f2d Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 21 Feb 2015 19:20:03 +0200 Subject: Fix #3610 --- system/libraries/Session/drivers/Session_files_driver.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php index 5852277e8..74528e9d2 100644 --- a/system/libraries/Session/drivers/Session_files_driver.php +++ b/system/libraries/Session/drivers/Session_files_driver.php @@ -299,7 +299,9 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle { if ($this->close()) { - return unlink($this->_file_path.$session_id) && $this->_cookie_destroy(); + return file_exists($this->_file_path.$session_id) + ? (unlink($this->_file_path.$session_id) && $this->_cookie_destroy()) + : TRUE; } elseif ($this->_file_path !== NULL) { -- cgit v1.2.3-24-g4f1b From 18c33eedd7b3cfb31f4bea728bc0fa43e15f4dbc Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 21 Feb 2015 19:43:40 +0200 Subject: [ci skip] Update static pages tutorial --- user_guide_src/source/tutorial/static_pages.rst | 105 ++++++++++++------------ 1 file changed, 52 insertions(+), 53 deletions(-) diff --git a/user_guide_src/source/tutorial/static_pages.rst b/user_guide_src/source/tutorial/static_pages.rst index 8ba0486c1..53f286473 100644 --- a/user_guide_src/source/tutorial/static_pages.rst +++ b/user_guide_src/source/tutorial/static_pages.rst @@ -11,12 +11,16 @@ static pages. A controller is simply a class that helps delegate work. It is the glue of your web application. For example, when a call is made to: -``http://example.com/news/latest/10`` We might imagine that there is a -controller named "news". The method being called on news would be -"latest". The news method's job could be to grab 10 news items, and -render them on the page. Very often in MVC, you'll see URL patterns that -match: -``http://example.com/[controller-class]/[controller-method]/[arguments]`` + + http://example.com/news/latest/10 + +We might imagine that there is a controller named "news". The method +being called on news would be "latest". The news method's job could be to +grab 10 news items, and render them on the page. Very often in MVC, +you'll see URL patterns that match: + + http://example.com/[controller-class]/[controller-method]/[arguments] + As URL schemes become more complex, this may change. But for now, this is all we will need to know. @@ -25,15 +29,13 @@ code. :: - - - CodeIgniter Tutorial - - + + + CodeIgniter Tutorial + + -

CodeIgniter Tutorial

+

CodeIgniter Tutorial

The header contains the basic HTML code that you'll want to display before loading the main view, together with a heading. It will also @@ -72,16 +74,16 @@ includes the following code: :: - © 2014 - - + © 2014 + + Adding logic to the controller ------------------------------ -Earlier you set up a controller with a view() method. The method accepts -one parameter, which is the name of the page to be loaded. The static -page templates will be located in the application/views/pages/ +Earlier you set up a controller with a ``view()`` method. The method +accepts one parameter, which is the name of the page to be loaded. The +static page templates will be located in the application/views/pages/ directory. In that directory, create two files named home.php and about.php. Within @@ -93,43 +95,40 @@ page actually exists: :: - load->view('templates/header', $data); - $this->load->view('pages/'.$page, $data); - $this->load->view('templates/footer', $data); - - } + public function view($page = 'home') + { + if ( ! file_exists(APPPATH.'/views/pages/'.$page.'.php')) + { + // Whoops, we don't have a page for that! + show_404(); + } + + $data['title'] = ucfirst($page); // Capitalize the first letter + + $this->load->view('templates/header', $data); + $this->load->view('pages/'.$page, $data); + $this->load->view('templates/footer', $data); + } Now, when the page does exist, it is loaded, including the header and footer, and displayed to the user. If the page doesn't exist, a "404 Page not found" error is shown. The first line in this method checks whether the page actually exists. -PHP's native file\_exists() function is used to check whether the file -is where it's expected to be. show\_404() is a built-in CodeIgniter +PHP's native ``file_exists()`` function is used to check whether the file +is where it's expected to be. ``show_404()`` is a built-in CodeIgniter function that renders the default error page. -In the header template, the $title variable was used to customize the +In the header template, the ``$title`` variable was used to customize the page title. The value of title is defined in this method, but instead of assigning the value to a variable, it is assigned to the title element in the $data array. The last thing that has to be done is loading the views in the order -they should be displayed. The second parameter in the view() method is -used to pass values to the view. Each value in the $data array is +they should be displayed. The second parameter in the ``view()`` method is +used to pass values to the view. Each value in the ``$data`` array is assigned to a variable with the name of its key. So the value of -$data['title'] in the controller is equivalent to $title in the view. +``$data['title']`` in the controller is equivalent to $title in the view. Routing ------- @@ -149,8 +148,8 @@ all other code that sets any element in the $route array. :: - $route['default_controller'] = 'pages/view'; - $route['(:any)'] = 'pages/view/$1'; + $route['default_controller'] = 'pages/view'; + $route['(:any)'] = 'pages/view/$1'; CodeIgniter reads its routing rules from top to bottom and routes the request to the first matching rule. Each rule is a regular expression @@ -163,8 +162,8 @@ More information about routing can be found in the URI Routing `documentation <../general/routing.html>`_. Here, the second rule in the $routes array matches **any** request using -the wildcard string (:any). and passes the parameter to the view() +the wildcard string (:any). and passes the parameter to the ``view()`` method of the pages class. -Now visit index.php/about. Did it get routed correctly to the view() +Now visit index.php/about. Did it get routed correctly to the ``view()`` method in the pages controller? Awesome! -- cgit v1.2.3-24-g4f1b From 42c01bdff6beb40c291eb236c891ab5ae13b4ba5 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 21 Feb 2015 19:44:05 +0200 Subject: [ci skip] Fix a changelog entry --- user_guide_src/source/changelog.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index 8f77f368f..b1c506715 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -768,7 +768,7 @@ Bug fixes for 3.0 - Fixed a bug (#3161) - :doc:`Cache Library ` methods `increment()`, `decrement()` didn't auto-create non-existent items when using redis and/or file storage. - Fixed a bug (#3189) - :doc:`Parser Library ` used double replacement on ``key->value`` pairs, exposing a potential template injection vulnerability. - Fixed a bug (#3573) - :doc:`Email Library ` violated `RFC5321 `_ by sending 'localhost.localdomain' as a hostname. -- Fixed a bug (#3572) - :doc:`CI_Security::_remove_evil_attributes()` failed for large-sized inputs due to *pcre.backtrack_limit* and didn't properly match HTML tags. +- Fixed a bug (#3572) - ``CI_Security::_remove_evil_attributes()`` failed for large-sized inputs due to *pcre.backtrack_limit* and didn't properly match HTML tags. Version 2.2.1 ============= -- cgit v1.2.3-24-g4f1b From 1701ad24e7b52df9e0dd51ef7a9a4bb9a99f28bf Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 21 Feb 2015 23:28:23 +0200 Subject: [ci skip] Fix wrong example link in news tutorial The current URI being 'news/' itself, combined with relative links ... --- user_guide_src/source/tutorial/news_section.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/user_guide_src/source/tutorial/news_section.rst b/user_guide_src/source/tutorial/news_section.rst index 80938de32..f436b2510 100644 --- a/user_guide_src/source/tutorial/news_section.rst +++ b/user_guide_src/source/tutorial/news_section.rst @@ -151,7 +151,7 @@ and add the next piece of code.
-

View article

+

View article

-- cgit v1.2.3-24-g4f1b From bc834c327407184867f363ad58a24e6733a85b66 Mon Sep 17 00:00:00 2001 From: Fieah Date: Sun, 22 Feb 2015 17:08:35 +0800 Subject: Cache: is_supported 1. Cache_redis: Standardize the style as other driver. 2. Cache_wincache: Also check wincache.ucenabled --- system/libraries/Cache/drivers/Cache_redis.php | 8 +++----- system/libraries/Cache/drivers/Cache_wincache.php | 2 +- 2 files changed, 4 insertions(+), 6 deletions(-) diff --git a/system/libraries/Cache/drivers/Cache_redis.php b/system/libraries/Cache/drivers/Cache_redis.php index f2a41cc67..5236556d9 100644 --- a/system/libraries/Cache/drivers/Cache_redis.php +++ b/system/libraries/Cache/drivers/Cache_redis.php @@ -243,15 +243,13 @@ class CI_Cache_redis extends CI_Driver */ public function is_supported() { - if (extension_loaded('redis')) - { - return $this->_setup_redis(); - } - else + if ( ! extension_loaded('redis')) { log_message('debug', 'The Redis extension must be loaded to use Redis cache.'); return FALSE; } + + return $this->_setup_redis(); } // ------------------------------------------------------------------------ diff --git a/system/libraries/Cache/drivers/Cache_wincache.php b/system/libraries/Cache/drivers/Cache_wincache.php index 528b2b9bf..9cc6ff016 100644 --- a/system/libraries/Cache/drivers/Cache_wincache.php +++ b/system/libraries/Cache/drivers/Cache_wincache.php @@ -194,7 +194,7 @@ class CI_Cache_wincache extends CI_Driver { */ public function is_supported() { - if ( ! extension_loaded('wincache')) + if ( ! extension_loaded('wincache') OR ! ini_get('wincache.ucenabled')) { log_message('debug', 'The Wincache PHP extension must be loaded to use Wincache Cache.'); return FALSE; -- cgit v1.2.3-24-g4f1b From b4ebb39d68797466cac74f4c2c61ea1908ce61cd Mon Sep 17 00:00:00 2001 From: Fieah Date: Sun, 22 Feb 2015 23:55:15 +0800 Subject: Common.php: set_status_header: Improve 1. Verify $code before define $stati 2. Only convert $code to int and define $stati when needed, possibly can save some memory. --- system/core/Common.php | 91 +++++++++++++++++++++++++------------------------- 1 file changed, 45 insertions(+), 46 deletions(-) diff --git a/system/core/Common.php b/system/core/Common.php index 7035c18ff..ee5a705b2 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -497,59 +497,58 @@ if ( ! function_exists('set_status_header')) return; } - $stati = array( - 200 => 'OK', - 201 => 'Created', - 202 => 'Accepted', - 203 => 'Non-Authoritative Information', - 204 => 'No Content', - 205 => 'Reset Content', - 206 => 'Partial Content', - - 300 => 'Multiple Choices', - 301 => 'Moved Permanently', - 302 => 'Found', - 303 => 'See Other', - 304 => 'Not Modified', - 305 => 'Use Proxy', - 307 => 'Temporary Redirect', - - 400 => 'Bad Request', - 401 => 'Unauthorized', - 403 => 'Forbidden', - 404 => 'Not Found', - 405 => 'Method Not Allowed', - 406 => 'Not Acceptable', - 407 => 'Proxy Authentication Required', - 408 => 'Request Timeout', - 409 => 'Conflict', - 410 => 'Gone', - 411 => 'Length Required', - 412 => 'Precondition Failed', - 413 => 'Request Entity Too Large', - 414 => 'Request-URI Too Long', - 415 => 'Unsupported Media Type', - 416 => 'Requested Range Not Satisfiable', - 417 => 'Expectation Failed', - 422 => 'Unprocessable Entity', - - 500 => 'Internal Server Error', - 501 => 'Not Implemented', - 502 => 'Bad Gateway', - 503 => 'Service Unavailable', - 504 => 'Gateway Timeout', - 505 => 'HTTP Version Not Supported' - ); - if (empty($code) OR ! is_numeric($code)) { show_error('Status codes must be numeric', 500); } - is_int($code) OR $code = (int) $code; - if (empty($text)) { + is_int($code) OR $code = (int) $code; + $stati = array( + 200 => 'OK', + 201 => 'Created', + 202 => 'Accepted', + 203 => 'Non-Authoritative Information', + 204 => 'No Content', + 205 => 'Reset Content', + 206 => 'Partial Content', + + 300 => 'Multiple Choices', + 301 => 'Moved Permanently', + 302 => 'Found', + 303 => 'See Other', + 304 => 'Not Modified', + 305 => 'Use Proxy', + 307 => 'Temporary Redirect', + + 400 => 'Bad Request', + 401 => 'Unauthorized', + 403 => 'Forbidden', + 404 => 'Not Found', + 405 => 'Method Not Allowed', + 406 => 'Not Acceptable', + 407 => 'Proxy Authentication Required', + 408 => 'Request Timeout', + 409 => 'Conflict', + 410 => 'Gone', + 411 => 'Length Required', + 412 => 'Precondition Failed', + 413 => 'Request Entity Too Large', + 414 => 'Request-URI Too Long', + 415 => 'Unsupported Media Type', + 416 => 'Requested Range Not Satisfiable', + 417 => 'Expectation Failed', + 422 => 'Unprocessable Entity', + + 500 => 'Internal Server Error', + 501 => 'Not Implemented', + 502 => 'Bad Gateway', + 503 => 'Service Unavailable', + 504 => 'Gateway Timeout', + 505 => 'HTTP Version Not Supported' + ); + if (isset($stati[$code])) { $text = $stati[$code]; -- cgit v1.2.3-24-g4f1b From abc8f00465beb4cb99cc533ab2dbf3cb4191cbbe Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 23 Feb 2015 08:38:06 +0200 Subject: [ci skip] Fix #3618 --- system/libraries/Session/drivers/Session_redis_driver.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/system/libraries/Session/drivers/Session_redis_driver.php b/system/libraries/Session/drivers/Session_redis_driver.php index 1cc4d75d7..5fbb5222c 100644 --- a/system/libraries/Session/drivers/Session_redis_driver.php +++ b/system/libraries/Session/drivers/Session_redis_driver.php @@ -272,7 +272,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle { if (isset($this->_redis, $this->_lock_key)) { - if ($this->_redis->delete($this->_key_prefix.$session_id) !== 1) + if (($result = $this->_redis->delete($this->_key_prefix.$session_id)) !== 1) { log_message('debug', 'Session: Redis::delete() expected to return 1, got '.var_export($result, TRUE).' instead.'); } -- cgit v1.2.3-24-g4f1b From f1ca865e0a7aea02061be5d59a49b2a222a27085 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 24 Feb 2015 20:25:16 +0200 Subject: [ci skip] Add a note about pbkdf2 in security guide --- user_guide_src/source/general/security.rst | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/user_guide_src/source/general/security.rst b/user_guide_src/source/general/security.rst index 0c58f96b4..efc821f2b 100644 --- a/user_guide_src/source/general/security.rst +++ b/user_guide_src/source/general/security.rst @@ -133,6 +133,10 @@ with that. Please read below. provides them for you as long as you're running at least PHP version 5.3.7 (and if you don't meet that requirement - please, upgrade). + If you're one of the really unlucky people who can't even upgrade to a + more recent PHP version, use `hash_pbkdf() `, + which we also provide in our compatibility layer. + - DO NOT ever display or send a password in plain-text format! Even to the password's owner, if you need a "Forgotten password" -- cgit v1.2.3-24-g4f1b From 7127f973a161a21a50819993b8cf5eda7b9cbeff Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 25 Feb 2015 18:39:30 +0200 Subject: Add PHP7 to automated builds Just read that Travis has added support for "nightly" PHP7. --- .travis.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.travis.yml b/.travis.yml index 4f560442b..26b194f6f 100644 --- a/.travis.yml +++ b/.travis.yml @@ -6,6 +6,7 @@ php: - 5.4 - 5.5 - 5.6 + - 7 - hhvm env: @@ -31,11 +32,14 @@ matrix: allow_failures: - php: 5.2 - php: hhvm + - php: 7 exclude: - php: hhvm env: DB=pgsql - php: hhvm env: DB=pdo/pgsql + - php: 7 + env: mysql - php: 5.2 env: DB=sqlite - php: 5.2 -- cgit v1.2.3-24-g4f1b From cae95883a03b686d24b1d62191f38723ae958960 Mon Sep 17 00:00:00 2001 From: Ignasimg Date: Thu, 26 Feb 2015 02:46:14 +0100 Subject: funny tabs & spaces added and removed. --- system/core/Input.php | 38 ++++++++++++++++++++------------------ 1 file changed, 20 insertions(+), 18 deletions(-) diff --git a/system/core/Input.php b/system/core/Input.php index 97884d309..14f3e1083 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -103,16 +103,16 @@ class CI_Input { */ protected $headers = array(); - protected $_raw_input_stream = NULL; + protected $_raw_input_stream; /** - * Input stream data - * - * Parsed from php://input at runtime - * - * @see CI_Input::input_stream() - * @var array - */ + * Input stream data + * + * Parsed from php://input at runtime + * + * @see CI_Input::input_stream() + * @var array + */ protected $_input_stream = NULL; /** @@ -301,23 +301,25 @@ class CI_Input { // ------------------------------------------------------------------------ /** - * Fetch an item from the php://input stream - * - * Useful when you need to access PUT, DELETE or PATCH request data. - * - * @param string $index Index for item to be fetched - * @param bool $xss_clean Whether to apply XSS filtering - * @return mixed - */ + * Fetch an item from the php://input stream + * + * Useful when you need to access PUT, DELETE or PATCH request data. + * + * @param string $index Index for item to be fetched + * @param bool $xss_clean Whether to apply XSS filtering + * @return mixed + */ public function input_stream($index = NULL, $xss_clean = NULL) { - // Prior to PHP 5.6, the input stream can only be read once, - // so we'll need to check if we have already done that first. + // Prior to PHP 5.6, the input stream can only be read once, + // so we'll need to check if we have already done that first. if ( ! is_array($this->_input_stream)) { + // $this->raw_input_stream will trigger __get(). parse_str($this->raw_input_stream, $this->_input_stream); is_array($this->_input_stream) OR $this->_input_stream = array(); } + return $this->_fetch_from_array($this->_input_stream, $index, $xss_clean); } -- cgit v1.2.3-24-g4f1b From 7325fce4f6ea6454c948539598d10eb319244939 Mon Sep 17 00:00:00 2001 From: Ignasimg Date: Thu, 26 Feb 2015 02:49:39 +0100 Subject: Update changelog.rst --- user_guide_src/source/changelog.rst | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index 311aec20b..9ed55809e 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -492,8 +492,7 @@ Release Date: Not Released - Added an option for ``_clean_input_keys()`` to return FALSE instead of terminating the whole script. - Deprecated the ``is_cli_request()`` method, it is now an alias for the new :php:func:`is_cli()` common function. - Added an ``$xss_clean`` parameter to method ``user_agent()`` and removed the ``$user_agent`` property. - - Added gettable property ``raw_input_stream`` to access the **php://input** data. - - Changed method ``input_stream()`` to obtain the data from ``raw_input_stream`` property. + - Added property ``$raw_input_stream`` to access **php://input** data. - :doc:`Common functions ` changes include: -- cgit v1.2.3-24-g4f1b From 54b42d6c00f25152b6502be4cf64f2fe342b5fb7 Mon Sep 17 00:00:00 2001 From: Ignasimg Date: Thu, 26 Feb 2015 03:16:12 +0100 Subject: Update input.rst --- user_guide_src/source/libraries/input.rst | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/user_guide_src/source/libraries/input.rst b/user_guide_src/source/libraries/input.rst index 2b71b348a..274e49af4 100644 --- a/user_guide_src/source/libraries/input.rst +++ b/user_guide_src/source/libraries/input.rst @@ -93,12 +93,12 @@ one shot at all of the POST data. CodeIgniter will take care of that for you, and you can read the data from the **php://input** stream at any time, just by using the -``raw_input_stream`` property:: +``$raw_input_stream`` property:: $this->input->raw_input_stream; -Additionally if the input stream is formated in a query string fashion -you can access it's values, just by calling the +Additionally if the input stream is form-encoded like $_POST you can +access its values by calling the ``input_stream()`` method:: $this->input->input_stream('key'); @@ -120,6 +120,12 @@ Class Reference .. php:class:: CI_Input + .. attribute:: $raw_input_stream + + Read only property that will return php://input data as is. + + The property can be read multiple times. + .. php:method:: post([$index = NULL[, $xss_clean = NULL]]) :param mixed $index: POST parameter name -- cgit v1.2.3-24-g4f1b From b5925ec58a43b85bffb0d3aea6032f0b909b1121 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 26 Feb 2015 10:06:54 +0200 Subject: Fix .travis.yml for PHP7 and try to fix a DB test --- .travis.yml | 2 +- tests/codeigniter/database/DB_driver_test.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.travis.yml b/.travis.yml index 26b194f6f..258ad76f1 100644 --- a/.travis.yml +++ b/.travis.yml @@ -39,7 +39,7 @@ matrix: - php: hhvm env: DB=pdo/pgsql - php: 7 - env: mysql + env: DB=mysql - php: 5.2 env: DB=sqlite - php: 5.2 diff --git a/tests/codeigniter/database/DB_driver_test.php b/tests/codeigniter/database/DB_driver_test.php index c04c42b09..26416d3fc 100644 --- a/tests/codeigniter/database/DB_driver_test.php +++ b/tests/codeigniter/database/DB_driver_test.php @@ -6,7 +6,7 @@ class DB_driver_test extends CI_TestCase { { $config = Mock_Database_DB::config(DB_DRIVER); sscanf(DB_DRIVER, '%[^/]/', $driver_name); - $driver = $this->$driver_name($config[DB_DRIVER]); + $driver = $this->{$driver_name}($config[DB_DRIVER]); $this->assertTrue($driver->initialize()); } -- cgit v1.2.3-24-g4f1b From ba213cd6f6be272d8e51b9eaf7d4039671458868 Mon Sep 17 00:00:00 2001 From: Fu Xu Date: Thu, 26 Feb 2015 20:01:31 +0800 Subject: fix wrong step count --- user_guide_src/source/installation/upgrade_300.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/user_guide_src/source/installation/upgrade_300.rst b/user_guide_src/source/installation/upgrade_300.rst index 7cb94518d..90d56c25c 100644 --- a/user_guide_src/source/installation/upgrade_300.rst +++ b/user_guide_src/source/installation/upgrade_300.rst @@ -795,7 +795,7 @@ It is now deprecated and scheduled for removal in CodeIgniter 3.1+. sooner rather than later. *********************************************************** -Step 18: Check your usage of Text helper highlight_phrase() +Step 20: Check your usage of Text helper highlight_phrase() *********************************************************** The default HTML tag used by :doc:`Text Helper <../helpers/text_helper>` function -- cgit v1.2.3-24-g4f1b From 1e35792cc2d231cba11c2faefd71717ab67a46d2 Mon Sep 17 00:00:00 2001 From: Ignasimg Date: Thu, 26 Feb 2015 18:02:45 +0100 Subject: Update Input.php --- system/core/Input.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/system/core/Input.php b/system/core/Input.php index 14f3e1083..a72c4ac1e 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -305,8 +305,8 @@ class CI_Input { * * Useful when you need to access PUT, DELETE or PATCH request data. * - * @param string $index Index for item to be fetched - * @param bool $xss_clean Whether to apply XSS filtering + * @param string $index Index for item to be fetched + * @param bool $xss_clean Whether to apply XSS filtering * @return mixed */ public function input_stream($index = NULL, $xss_clean = NULL) @@ -319,7 +319,7 @@ class CI_Input { parse_str($this->raw_input_stream, $this->_input_stream); is_array($this->_input_stream) OR $this->_input_stream = array(); } - + return $this->_fetch_from_array($this->_input_stream, $index, $xss_clean); } -- cgit v1.2.3-24-g4f1b From d0ac8b132390387d08bcaa5a20fbea35a350c9d3 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 27 Feb 2015 11:41:52 +0200 Subject: Fix an E_NOTICE caused by #3604 --- system/core/Input.php | 43 ++++++++++++++++++++++++++++++------------- 1 file changed, 30 insertions(+), 13 deletions(-) diff --git a/system/core/Input.php b/system/core/Input.php index c3382b4d9..3e792fc13 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -103,17 +103,26 @@ class CI_Input { */ protected $headers = array(); + /** + * Raw input stream data + * + * Holds a cache of php://input contents + * + * @var string + */ protected $_raw_input_stream; /** - * Input stream data + * Parsed input stream data * * Parsed from php://input at runtime * * @see CI_Input::input_stream() * @var array */ - protected $_input_stream = NULL; + protected $_input_stream; + + // -------------------------------------------------------------------- /** * Class constructor @@ -325,17 +334,6 @@ class CI_Input { // ------------------------------------------------------------------------ - public function __get($name) - { - if ($name === 'raw_input_stream') - { - isset($this->_raw_input_stream) OR $this->_raw_input_stream = file_get_contents('php://input'); - return $this->_raw_input_stream; - } - } - - // ------------------------------------------------------------------------ - /** * Set cookie * @@ -860,4 +858,23 @@ class CI_Input { : strtolower($this->server('REQUEST_METHOD')); } + // ------------------------------------------------------------------------ + + /** + * Magic __get() + * + * Allows read access to protected properties + * + * @param string $name + * @return mixed + */ + public function __get($name) + { + if ($name === 'raw_input_stream') + { + isset($this->_raw_input_stream) OR $this->_raw_input_stream = file_get_contents('php://input'); + return $this->_raw_input_stream; + } + } + } -- cgit v1.2.3-24-g4f1b From 88fd8e4548eb50d8307757b8e37333ded8f221e9 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 27 Feb 2015 11:43:01 +0200 Subject: Eh ... really fix that notice (#3604) --- system/core/Input.php | 2 ++ 1 file changed, 2 insertions(+) diff --git a/system/core/Input.php b/system/core/Input.php index 3e792fc13..484397d63 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -122,6 +122,8 @@ class CI_Input { */ protected $_input_stream; + protected $security; + // -------------------------------------------------------------------- /** -- cgit v1.2.3-24-g4f1b From 7d365dcc8bdf69534b54401cc862be105e1a8a28 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 27 Feb 2015 14:32:15 +0200 Subject: Fix #3633 --- system/core/Input.php | 1 + 1 file changed, 1 insertion(+) diff --git a/system/core/Input.php b/system/core/Input.php index 484397d63..be9f3c169 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -123,6 +123,7 @@ class CI_Input { protected $_input_stream; protected $security; + protected $uni; // -------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From 52caf59f244e0c1363ac0ce6ba61a7f5001603df Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 27 Feb 2015 15:09:34 +0200 Subject: Make CI_Input:: read-only as well --- system/core/Input.php | 6 +++++- tests/mocks/core/input.php | 8 ++++++++ 2 files changed, 13 insertions(+), 1 deletion(-) diff --git a/system/core/Input.php b/system/core/Input.php index be9f3c169..6be4b9a6c 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -55,7 +55,7 @@ class CI_Input { * * @var string */ - public $ip_address = FALSE; + protected $ip_address = FALSE; /** * Allow GET array flag @@ -878,6 +878,10 @@ class CI_Input { isset($this->_raw_input_stream) OR $this->_raw_input_stream = file_get_contents('php://input'); return $this->_raw_input_stream; } + elseif ($name === 'ip_address') + { + return $this->ip_address; + } } } diff --git a/tests/mocks/core/input.php b/tests/mocks/core/input.php index 0d1873849..40e27441f 100644 --- a/tests/mocks/core/input.php +++ b/tests/mocks/core/input.php @@ -38,4 +38,12 @@ class Mock_Core_Input extends CI_Input { return FALSE; } + public function __set($name, $value) + { + if ($name === 'ip_address') + { + $this->ip_address = $value; + } + } + } \ No newline at end of file -- cgit v1.2.3-24-g4f1b From 9187ed3516ba403d09fc88ebcf6ead7364f75c4d Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 28 Feb 2015 19:54:17 +0200 Subject: [ci skip] Formally deprecate 'global_xss_filtering' --- application/config/config.php | 3 +++ user_guide_src/source/changelog.rst | 1 + user_guide_src/source/installation/upgrade_300.rst | 16 ++++++++++++++++ user_guide_src/source/libraries/input.rst | 4 ++++ 4 files changed, 24 insertions(+) diff --git a/application/config/config.php b/application/config/config.php index 7d5c24c84..7be482b85 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -404,6 +404,9 @@ $config['standardize_newlines'] = FALSE; | Determines whether the XSS filter is always active when GET, POST or | COOKIE data is encountered | +| WARNING: This feature is DEPRECATED and currently available only +| for backwards compatibility purposes! +| */ $config['global_xss_filtering'] = FALSE; diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index 42eed8034..ef3d2af39 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -480,6 +480,7 @@ Release Date: Not Released - :doc:`Input Library ` changes include: + - Deprecated the ``$config['global_xss_filtering']`` setting. - Added ``method()`` to retrieve ``$_SERVER['REQUEST_METHOD']``. - Added support for arrays and network addresses (e.g. 192.168.1.1/24) for use with the *proxy_ips* setting. - Added method ``input_stream()`` to aid in using **php://input** stream data such as one passed via PUT, DELETE and PATCH requests. diff --git a/user_guide_src/source/installation/upgrade_300.rst b/user_guide_src/source/installation/upgrade_300.rst index 90d56c25c..2f806cccf 100644 --- a/user_guide_src/source/installation/upgrade_300.rst +++ b/user_guide_src/source/installation/upgrade_300.rst @@ -551,6 +551,22 @@ PHP's native ``hash()`` function. It is deprecated and scheduled for removal in .. note:: This function is still available, but you're strongly encouraged to remove its usage sooner rather than later. +The $config['global_xss_filtering'] setting +=========================================== + +As already explained above, XSS filtering should not be done on input data, +but on output instead. Therefore, the ``$config['global_xss_filtering']``, +which automatically filters *input* data, is considered a bad practice and +is now deprecated. + +Instead, you should manually escape any user-provided data via the +:php:func:`xss_clean()` function when you need to output it, or use a +library like `HTML Purifier `_ that does that +for you. + +.. note:: The setting is still available, but you're strongly encouraged to + remove its usage sooner rather than later. + File helper read_file() ======================= diff --git a/user_guide_src/source/libraries/input.rst b/user_guide_src/source/libraries/input.rst index 274e49af4..d9c6c2dd1 100644 --- a/user_guide_src/source/libraries/input.rst +++ b/user_guide_src/source/libraries/input.rst @@ -53,6 +53,10 @@ this:: Please refer to the :doc:`Security class ` documentation for information on using XSS Filtering in your application. +.. important:: The 'global_xss_filtering' setting is DEPRECATED and kept + solely for backwards-compatibility purposes. XSS escaping should + be performed on *output*, not *input*! + ******************* Accessing form data ******************* -- cgit v1.2.3-24-g4f1b From 43ba5a2da25ff1e0af527da92d89063a3f9d4263 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sun, 1 Mar 2015 18:17:28 +0200 Subject: [ci skip] Fix a typo in config.php --- application/config/config.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/application/config/config.php b/application/config/config.php index 7be482b85..cc1307ca9 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -203,7 +203,7 @@ $config['directory_trigger'] = 'd'; | 3 = Informational Messages | 4 = All Messages | -| You can also pass in a array with threshold levels to show individual error types +| You can also pass an array with threshold levels to show individual error types | | array(2) = Debug Messages, without Error Messages | -- cgit v1.2.3-24-g4f1b From 4b25348e06a7587c64b97811208352c5c9478ab8 Mon Sep 17 00:00:00 2001 From: Heesung Ahn Date: Sun, 1 Mar 2015 23:21:44 -0500 Subject: test_strip_omage_tags Signed-off-by:Heesung Ahn --- tests/codeigniter/core/Security_test.php | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/tests/codeigniter/core/Security_test.php b/tests/codeigniter/core/Security_test.php index d967613b5..bf1714622 100644 --- a/tests/codeigniter/core/Security_test.php +++ b/tests/codeigniter/core/Security_test.php @@ -126,5 +126,24 @@ class Security_test extends CI_TestCase { $this->assertEquals('foo', $safe_filename); } + + // -------------------------------------------------------------------- + public function test_strip_image_tags() + { + $imgtags = Array( + 'Smiley face', + '' + ); + + $urls = Array( + 'smiley.gif', + 'http://www.w3schools.com/images/w3schools_green.jpg' + ); + + for($i = 0; $i < count($imgtags); $i++) + { + $this->assertEquals($urls[$i], $this->security->strip_image_tags($imgtags[$i])); + } + } } \ No newline at end of file -- cgit v1.2.3-24-g4f1b From d829a5fe5cd8116f22d757e0aaa8b88d71576aa0 Mon Sep 17 00:00:00 2001 From: sv3tli0 Date: Mon, 2 Mar 2015 17:22:01 +0200 Subject: Small typo Missed variable.. --- user_guide_src/source/database/results.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/user_guide_src/source/database/results.rst b/user_guide_src/source/database/results.rst index a22c2e8c3..ac44566d3 100644 --- a/user_guide_src/source/database/results.rst +++ b/user_guide_src/source/database/results.rst @@ -102,7 +102,7 @@ You can also add a second String parameter, which is the name of a class to instantiate the row with:: $query = $this->db->query("SELECT * FROM users LIMIT 1;"); - $query->row(0, 'User'); + $row = $query->row(0, 'User'); echo $row->name; // access attributes echo $row->reverse_name(); // or methods defined on the 'User' class @@ -431,4 +431,4 @@ Class Reference :rtype: array Returns an array containing the field names in the - result set. \ No newline at end of file + result set. -- cgit v1.2.3-24-g4f1b From fd08d02b1984d8f27a5e447a5c9d5e190271ab5e Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 3 Mar 2015 12:36:11 +0200 Subject: Remove an unused var in CI_Log Was suggested as part of PR #3630, which was rejected due to numerous other changes --- system/core/Log.php | 9 +-------- 1 file changed, 1 insertion(+), 8 deletions(-) diff --git a/system/core/Log.php b/system/core/Log.php index 833316273..e8cb401f5 100644 --- a/system/core/Log.php +++ b/system/core/Log.php @@ -69,13 +69,6 @@ class CI_Log { */ protected $_threshold = 1; - /** - * Highest level of logging - * - * @var int - */ - protected $_threshold_max = 0; - /** * Array of threshold levels to log * @@ -139,7 +132,7 @@ class CI_Log { } elseif (is_array($config['log_threshold'])) { - $this->_threshold = $this->_threshold_max; + $this->_threshold = 0; $this->_threshold_array = array_flip($config['log_threshold']); } -- cgit v1.2.3-24-g4f1b From e1a5bb345b1b30ea777348efa9cade21c1f2e2fb Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 4 Mar 2015 13:33:39 +0200 Subject: Fix #3627: Keep timed locks for more than 5 seconds Emulated locks for Redis and Memcached now have a TTL of 300 seconds (the default HTTP request timeout value on many environments) and 30 attemps, each separated by sleep(1), are made by the blocked request to try and obtain a lock if it has been freed. Additionaly, the blocking time for MySQL's locks, which are also timed, is also set to 300 seconds. --- .../Session/drivers/Session_database_driver.php | 2 +- .../Session/drivers/Session_memcached_driver.php | 30 +++++----------- .../Session/drivers/Session_redis_driver.php | 40 +++++++--------------- user_guide_src/source/libraries/sessions.rst | 6 ++-- 4 files changed, 25 insertions(+), 53 deletions(-) diff --git a/system/libraries/Session/drivers/Session_database_driver.php b/system/libraries/Session/drivers/Session_database_driver.php index f496b4fe0..76c1cf34e 100644 --- a/system/libraries/Session/drivers/Session_database_driver.php +++ b/system/libraries/Session/drivers/Session_database_driver.php @@ -319,7 +319,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan if ($this->_platform === 'mysql') { $arg = $session_id.($this->_config['match_ip'] ? '_'.$_SERVER['REMOTE_ADDR'] : ''); - if ($this->_db->query("SELECT GET_LOCK('".$arg."', 10) AS ci_session_lock")->row()->ci_session_lock) + if ($this->_db->query("SELECT GET_LOCK('".$arg."', 300) AS ci_session_lock")->row()->ci_session_lock) { $this->_lock = $arg; return TRUE; diff --git a/system/libraries/Session/drivers/Session_memcached_driver.php b/system/libraries/Session/drivers/Session_memcached_driver.php index f1a6e2400..938a612d9 100644 --- a/system/libraries/Session/drivers/Session_memcached_driver.php +++ b/system/libraries/Session/drivers/Session_memcached_driver.php @@ -204,7 +204,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa if (isset($this->_lock_key)) { - $this->_memcached->replace($this->_lock_key, time(), 5); + $this->_memcached->replace($this->_lock_key, time(), 300); if ($this->_fingerprint !== ($fingerprint = md5($session_data))) { if ($this->_memcached->set($this->_key_prefix.$session_id, $session_data, $this->_config['expiration'])) @@ -299,34 +299,21 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa { if (isset($this->_lock_key)) { - return $this->_memcached->replace($this->_lock_key, time(), 5); + return $this->_memcached->replace($this->_lock_key, time(), 300); } + // 30 attempts to obtain a lock, in case another request already has it $lock_key = $this->_key_prefix.$session_id.':lock'; - if ( ! ($ts = $this->_memcached->get($lock_key))) - { - if ( ! $this->_memcached->set($lock_key, TRUE, 5)) - { - log_message('error', 'Session: Error while trying to obtain lock for '.$this->_key_prefix.$session_id); - return FALSE; - } - - $this->_lock_key = $lock_key; - $this->_lock = TRUE; - return TRUE; - } - - // Another process has the lock, we'll try to wait for it to free itself ... $attempt = 0; - while ($attempt++ < 5) + do { - usleep(((time() - $ts) * 1000000) - 20000); - if (($ts = $this->_memcached->get($lock_key)) < time()) + if ($this->_memcached->get($lock_key)) { + sleep(1); continue; } - if ( ! $this->_memcached->set($lock_key, time(), 5)) + if ( ! $this->_memcached->set($lock_key, time(), 300)) { log_message('error', 'Session: Error while trying to obtain lock for '.$this->_key_prefix.$session_id); return FALSE; @@ -335,8 +322,9 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa $this->_lock_key = $lock_key; break; } + while ($attempt++ < 30); - if ($attempt === 5) + if ($attempt === 30) { log_message('error', 'Session: Unable to obtain lock for '.$this->_key_prefix.$session_id.' after 5 attempts, aborting.'); return FALSE; diff --git a/system/libraries/Session/drivers/Session_redis_driver.php b/system/libraries/Session/drivers/Session_redis_driver.php index 5fbb5222c..1ce101daf 100644 --- a/system/libraries/Session/drivers/Session_redis_driver.php +++ b/system/libraries/Session/drivers/Session_redis_driver.php @@ -205,7 +205,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle if (isset($this->_lock_key)) { - $this->_redis->setTimeout($this->_lock_key, 5); + $this->_redis->setTimeout($this->_lock_key, 300); if ($this->_fingerprint !== ($fingerprint = md5($session_data))) { if ($this->_redis->set($this->_key_prefix.$session_id, $session_data, $this->_config['expiration'])) @@ -313,40 +313,21 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle { if (isset($this->_lock_key)) { - return $this->_redis->setTimeout($this->_lock_key, 5); + return $this->_redis->setTimeout($this->_lock_key, 300); } + // 30 attempts to obtain a lock, in case another request already has it $lock_key = $this->_key_prefix.$session_id.':lock'; - if (($ttl = $this->_redis->ttl($lock_key)) < 1) - { - if ( ! $this->_redis->setex($lock_key, 5, time())) - { - log_message('error', 'Session: Error while trying to obtain lock for '.$this->_key_prefix.$session_id); - return FALSE; - } - - $this->_lock_key = $lock_key; - - if ($ttl === -1) - { - log_message('debug', 'Session: Lock for '.$this->_key_prefix.$session_id.' had no TTL, overriding.'); - } - - $this->_lock = TRUE; - return TRUE; - } - - // Another process has the lock, we'll try to wait for it to free itself ... $attempt = 0; - while ($attempt++ < 5) + do { - usleep(($ttl * 1000000) - 20000); if (($ttl = $this->_redis->ttl($lock_key)) > 0) { + sleep(1); continue; } - if ( ! $this->_redis->setex($lock_key, 5, time())) + if ( ! $this->_redis->setex($lock_key, 300, time())) { log_message('error', 'Session: Error while trying to obtain lock for '.$this->_key_prefix.$session_id); return FALSE; @@ -355,12 +336,17 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle $this->_lock_key = $lock_key; break; } + while ($attempt++ < 30); - if ($attempt === 5) + if ($attempt === 30) { - log_message('error', 'Session: Unable to obtain lock for '.$this->_key_prefix.$session_id.' after 5 attempts, aborting.'); + log_message('error', 'Session: Unable to obtain lock for '.$this->_key_prefix.$session_id.' after 30 attempts, aborting.'); return FALSE; } + elseif ($ttl === -1) + { + log_message('debug', 'Session: Lock for '.$this->_key_prefix.$session_id.' had no TTL, overriding.'); + } $this->_lock = TRUE; return TRUE; diff --git a/user_guide_src/source/libraries/sessions.rst b/user_guide_src/source/libraries/sessions.rst index 9fc33247b..104adb631 100644 --- a/user_guide_src/source/libraries/sessions.rst +++ b/user_guide_src/source/libraries/sessions.rst @@ -632,8 +632,7 @@ Redis Driver .. note:: Since Redis doesn't have a locking mechanism exposed, locks for this driver are emulated by a separate value that is kept for up - to 5 seconds. You may experience issues if your page loads take - longer than that! + to 300 seconds. Redis is a storage engine typically used for caching and popular because of its high performance, which is also probably your reason to use the @@ -670,8 +669,7 @@ Memcached Driver .. note:: Since Memcache doesn't have a locking mechanism exposed, locks for this driver are emulated by a separate value that is kept for - up to 5 seconds. You may experience issues if your page loads take - longer than that! + up to 300 seconds. The 'memcached' driver is very similar to the 'redis' one in all of its properties, except perhaps for availability, because PHP's `Memcached -- cgit v1.2.3-24-g4f1b From 137aa20e0b0fd71ff8f672c57c07c4972c91c6a4 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 5 Mar 2015 11:36:25 +0200 Subject: Fix #3642 --- system/core/Config.php | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/system/core/Config.php b/system/core/Config.php index a191a7727..b9af8e3b2 100644 --- a/system/core/Config.php +++ b/system/core/Config.php @@ -126,7 +126,6 @@ class CI_Config { foreach (array($file, ENVIRONMENT.'/'.$file) as $location) { $file_path = $path.'config/'.$location.'.php'; - if (in_array($file_path, $this->is_loaded, TRUE)) { return TRUE; @@ -165,14 +164,13 @@ class CI_Config { $loaded = TRUE; log_message('debug', 'Config file loaded: '.$file_path); } - - if ($loaded === TRUE) - { - return TRUE; - } } - if ($fail_gracefully === TRUE) + if ($loaded === TRUE) + { + return TRUE; + } + elseif ($fail_gracefully === TRUE) { return FALSE; } -- cgit v1.2.3-24-g4f1b From 588a0e3774d1397b9cd0b5f9d0ba2f4793243267 Mon Sep 17 00:00:00 2001 From: Heesung Ahn Date: Thu, 5 Mar 2015 11:03:48 -0500 Subject: adding more img tags Signed-off-by:Heesung Ahn --- tests/codeigniter/core/Security_test.php | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/tests/codeigniter/core/Security_test.php b/tests/codeigniter/core/Security_test.php index bf1714622..c96eecf02 100644 --- a/tests/codeigniter/core/Security_test.php +++ b/tests/codeigniter/core/Security_test.php @@ -133,12 +133,24 @@ class Security_test extends CI_TestCase { { $imgtags = Array( 'Smiley face', - '' + 'Smiley face', + '', + '', + 'MD Logo', + '', + '', + '' ); $urls = Array( 'smiley.gif', - 'http://www.w3schools.com/images/w3schools_green.jpg' + 'smiley.gif', + 'http://www.w3schools.com/images/w3schools_green.jpg', + '/img/sunset.gif', + 'mdn-logo-sm.png', + '', + '', + '' ); for($i = 0; $i < count($imgtags); $i++) -- cgit v1.2.3-24-g4f1b From 7762c59b50b39f00660c820171a647ea6935a93e Mon Sep 17 00:00:00 2001 From: Master Yoda Date: Fri, 6 Mar 2015 16:08:59 -0800 Subject: Housekeeping. Corrected typo in user guide for sessions, corrected misepelled key in calendar language file, added two links & updated wording on the repo readme. Signed-off-by:Master Yoda --- readme.rst | 5 ++++- system/language/english/calendar_lang.php | 2 +- user_guide_src/source/libraries/sessions.rst | 2 +- 3 files changed, 6 insertions(+), 3 deletions(-) diff --git a/readme.rst b/readme.rst index dd59fd8c1..640dd241b 100644 --- a/readme.rst +++ b/readme.rst @@ -54,13 +54,16 @@ Resources ********* - `User Guide `_ +- `Language File Translations `_ - `Community Forums `_ - `Community Wiki `_ - `Community IRC `_ +Report security issues to our `Security Panel `_, thank you. + *************** Acknowledgement *************** -The EllisLab team and The Reactor Engineers would like to thank all the +The CodeIgniter team would like to thank EllisLab, all the contributors to the CodeIgniter project and you, the CodeIgniter user. \ No newline at end of file diff --git a/system/language/english/calendar_lang.php b/system/language/english/calendar_lang.php index 9d3352868..d7b98faac 100644 --- a/system/language/english/calendar_lang.php +++ b/system/language/english/calendar_lang.php @@ -74,7 +74,7 @@ $lang['cal_january'] = 'January'; $lang['cal_february'] = 'February'; $lang['cal_march'] = 'March'; $lang['cal_april'] = 'April'; -$lang['cal_mayl'] = 'May'; +$lang['cal_may'] = 'May'; $lang['cal_june'] = 'June'; $lang['cal_july'] = 'July'; $lang['cal_august'] = 'August'; diff --git a/user_guide_src/source/libraries/sessions.rst b/user_guide_src/source/libraries/sessions.rst index 9fc33247b..5a1b90537 100644 --- a/user_guide_src/source/libraries/sessions.rst +++ b/user_guide_src/source/libraries/sessions.rst @@ -363,7 +363,7 @@ To read a tempdata variable, again you can just access it through the .. important:: The ``userdata()`` method will NOT return tempdata items. -Or if you want to be sure that you're reading "flashdata" (and not any +Or if you want to be sure that you're reading "tempdata" (and not any other kind), you can also use the ``tempdata()`` method:: $this->session->tempdata('item'); -- cgit v1.2.3-24-g4f1b From ec7372da8462f4e37936da94f97240ee476c667e Mon Sep 17 00:00:00 2001 From: Mattias Hedman Date: Fri, 6 Mar 2015 17:18:13 -0800 Subject: removed ending S from csv_from_results and xml_from_results DButil Class reference section in userguide Signed-off-by: Mattias Hedman --- user_guide_src/source/database/utilities.rst | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/user_guide_src/source/database/utilities.rst b/user_guide_src/source/database/utilities.rst index bafa08ed5..cc4aeb018 100644 --- a/user_guide_src/source/database/utilities.rst +++ b/user_guide_src/source/database/utilities.rst @@ -295,7 +295,7 @@ Class Reference Repairs a database table. - .. php:method:: csv_from_results($query[, $delim = ','[, $newline = "\n"[, $enclosure = '"']]]) + .. php:method:: csv_from_result($query[, $delim = ','[, $newline = "\n"[, $enclosure = '"']]]) :param object $query: A database result object :param string $delim: The CSV field delimiter to use @@ -306,11 +306,11 @@ Class Reference Translates a database result object into a CSV document. - .. php:method:: xml_from_results($query[, $params = array()]) + .. php:method:: xml_from_result($query[, $params = array()]) :param object $query: A database result object :param array $params: An associative array of preferences :returns: The generated XML document as a string :rtype: string - Translates a database result object into an XML document. \ No newline at end of file + Translates a database result object into an XML document. -- cgit v1.2.3-24-g4f1b From c1dc446cc60f449eb4fa35bb2bbe8e95d3edc9f8 Mon Sep 17 00:00:00 2001 From: Master Yoda Date: Fri, 6 Mar 2015 22:22:24 -0800 Subject: Housekeeping. Corrected typo in user guide for sessions, corrected misepelled key in calendar language file, added two links & updated wording on the repo readme. Signed-off-by:Master Yoda --- system/libraries/Session/drivers/Session_memcached_driver.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/system/libraries/Session/drivers/Session_memcached_driver.php b/system/libraries/Session/drivers/Session_memcached_driver.php index 938a612d9..c7185ee44 100644 --- a/system/libraries/Session/drivers/Session_memcached_driver.php +++ b/system/libraries/Session/drivers/Session_memcached_driver.php @@ -326,7 +326,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa if ($attempt === 30) { - log_message('error', 'Session: Unable to obtain lock for '.$this->_key_prefix.$session_id.' after 5 attempts, aborting.'); + log_message('error', 'Session: Unable to obtain lock for '.$this->_key_prefix.$session_id.' after 30 attempts, aborting.'); return FALSE; } -- cgit v1.2.3-24-g4f1b From 54bf154629e4fffa5adce4283963f44b0a7e8ed7 Mon Sep 17 00:00:00 2001 From: Master Yoda Date: Sat, 7 Mar 2015 01:35:58 -0800 Subject: Housekeeping. Corrected typo in user guide for sessions, corrected misepelled key in calendar language file, added two links & updated wording on the repo readme. Signed-off-by:Master Yoda --- system/language/english/calendar_lang.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/system/language/english/calendar_lang.php b/system/language/english/calendar_lang.php index d7b98faac..9d3352868 100644 --- a/system/language/english/calendar_lang.php +++ b/system/language/english/calendar_lang.php @@ -74,7 +74,7 @@ $lang['cal_january'] = 'January'; $lang['cal_february'] = 'February'; $lang['cal_march'] = 'March'; $lang['cal_april'] = 'April'; -$lang['cal_may'] = 'May'; +$lang['cal_mayl'] = 'May'; $lang['cal_june'] = 'June'; $lang['cal_july'] = 'July'; $lang['cal_august'] = 'August'; -- cgit v1.2.3-24-g4f1b From e7a3096b9cbd7c95bf4240c5233c7d14eb112305 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sun, 8 Mar 2015 22:15:57 +0200 Subject: [ci skip] Update CI_Encryption docs Close #3647 --- user_guide_src/source/libraries/encryption.rst | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/user_guide_src/source/libraries/encryption.rst b/user_guide_src/source/libraries/encryption.rst index d445bf42f..5f0979da7 100644 --- a/user_guide_src/source/libraries/encryption.rst +++ b/user_guide_src/source/libraries/encryption.rst @@ -106,6 +106,18 @@ and set:: $config['encryption_key'] = 'YOUR KEY'; +You'll notice that the ``create_key()`` method outputs binary data, which +is hard to deal with (i.e. a copy-paste may damage it), so you may use +``bin2hex()``, ``hex2bin()`` or Base64-encoding to work with the key in +a more friendly manner. For example:: + + // Get a hex-encoded representation of the key: + $key = bin2hex($this->encryption->create_key(16)); + + // Put the same value in your config with hex2bin(), + // so that it is still passed as binary to the library: + $config['encryption_key'] = hex2bin(); + .. _ciphers-and-modes: Supported encryption ciphers and modes @@ -525,6 +537,15 @@ Class Reference Please refer to the :ref:`custom-parameters` secrion for information on the optional parameters. + .. php:method:: create_key($length) + + :param int $length: Output length + :returns: A pseudo-random cryptographic key with the specified length, or FALSE on failure + :rtype: string + + Creates a cryptographic key by fetching random data from + the operating system's sources (i.e. /dev/urandom). + .. php:method:: hkdf($key[, $digest = 'sha512'[, $salt = NULL[, $length = NULL[, $info = '']]]]) :param string $key: Input key material -- cgit v1.2.3-24-g4f1b From 8d6c8fecce7f1cb4bcd7a196ec77748d5e33e689 Mon Sep 17 00:00:00 2001 From: bjjay Date: Mon, 9 Mar 2015 13:46:06 +0800 Subject: Reduce once MB_ENABLED checking The checking is done in the compat file system/core/compat/mbstring.php --- system/libraries/Form_validation.php | 12 +++--------- 1 file changed, 3 insertions(+), 9 deletions(-) diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php index f161b40e7..9d1660258 100644 --- a/system/libraries/Form_validation.php +++ b/system/libraries/Form_validation.php @@ -1151,9 +1151,7 @@ class CI_Form_validation { return FALSE; } - return (MB_ENABLED === TRUE) - ? ($val <= mb_strlen($str)) - : ($val <= strlen($str)); + return ($val <= mb_strlen($str)); } // -------------------------------------------------------------------- @@ -1172,9 +1170,7 @@ class CI_Form_validation { return FALSE; } - return (MB_ENABLED === TRUE) - ? ($val >= mb_strlen($str)) - : ($val >= strlen($str)); + return ($val >= mb_strlen($str)); } // -------------------------------------------------------------------- @@ -1193,9 +1189,7 @@ class CI_Form_validation { return FALSE; } - return (MB_ENABLED === TRUE) - ? (mb_strlen($str) === (int) $val) - : (strlen($str) === (int) $val); + return (mb_strlen($str) === (int) $val); } // -------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From c7533fc1b25eda818b371967be97a26e275e55c5 Mon Sep 17 00:00:00 2001 From: Heesung Ahn Date: Mon, 9 Mar 2015 19:02:27 -0400 Subject: Update Security Unit test Signed-off-by:Heesung Ahn --- tests/codeigniter/core/Security_test.php | 94 +++++++++++++++++++++++++++++++- 1 file changed, 91 insertions(+), 3 deletions(-) diff --git a/tests/codeigniter/core/Security_test.php b/tests/codeigniter/core/Security_test.php index c96eecf02..7d415131b 100644 --- a/tests/codeigniter/core/Security_test.php +++ b/tests/codeigniter/core/Security_test.php @@ -45,7 +45,7 @@ class Security_test extends CI_TestCase { $this->assertInstanceOf('CI_Security', $this->security->csrf_verify()); } - + // -------------------------------------------------------------------- public function test_get_csrf_hash() @@ -70,13 +70,70 @@ class Security_test extends CI_TestCase { $this->assertEquals("Hello, i try to [removed]alert('Hack');[removed] your site", $harmless_string); } + + // -------------------------------------------------------------------- + + public function test_xss_clean_string_array() + { + $harm_strings = array( + "Hello, i try to your site", + "Simple clean string", + "Hello, i try to your site" + ); + + $harmless_strings = $this->security->xss_clean($harm_strings); + + $this->assertEquals("Hello, i try to [removed]alert('Hack');[removed] your site", $harmless_strings[0]); + $this->assertEquals("Simple clean string", $harmless_strings[1]); + $this->assertEquals("Hello, i try to [removed]alert('Hack');[removed] your site", $harmless_strings[2]); + } + + // -------------------------------------------------------------------- + + public function test_xss_clean_image_valid() + { + $harm_string = ''; + + $xss_clean_return = $this->security->xss_clean($harm_string, TRUE); + $this->assertTrue($xss_clean_return); + } + + // -------------------------------------------------------------------- + + public function test_xss_clean_image_invalid() + { + $harm_string = ''; + + $xss_clean_return = $this->security->xss_clean($harm_string, TRUE); + + $this->assertFalse($xss_clean_return); + } + + // -------------------------------------------------------------------- + public function test_xss_clean_entity_double_encoded() { $input = 'Clickhere'; $this->assertEquals('Clickhere', $this->security->xss_clean($input)); } - + + // -------------------------------------------------------------------- + + public function test_xss_clean_js_img_removal() + { + $input = 'Clickhere'; + $this->assertEquals('', $this->security->xss_clean($input)); + } + + // -------------------------------------------------------------------- + + public function test_xss_clean_sanitize_naughty_html() + { + $input = ''; + $this->assertEquals('<blink>', $this->security->xss_clean($input)); + } + // -------------------------------------------------------------------- public function test_remove_evil_attributes() @@ -101,7 +158,19 @@ class Security_test extends CI_TestCase { $this->assertTrue(preg_match('#^[0-9a-f]{32}$#iS', $this->security->xss_hash) === 1); } - // -------------------------------------------------------------------- + // -------------------------------------------------------------------- + + public function test_get_random_bytes() + { + $length = "invalid"; + $this->assertFalse($this->security->get_random_bytes($length)); + + + $length = 10; + $this->assertNotEmpty($this->security->get_random_bytes($length)); + } + + // -------------------------------------------------------------------- public function test_entity_decode() { @@ -158,4 +227,23 @@ class Security_test extends CI_TestCase { $this->assertEquals($urls[$i], $this->security->strip_image_tags($imgtags[$i])); } } + + // -------------------------------------------------------------------- + + public function test_csrf_set_hash() + { + // Set cookie for security test + $_COOKIE['ci_csrf_cookie'] = md5(uniqid(mt_rand(), TRUE)); + + // Set config for Security class + $this->ci_set_config('csrf_protection', TRUE); + $this->ci_set_config('csrf_token_name', 'ci_csrf_token'); + + // leave csrf_cookie_name as blank to test _csrf_set_hash function + $this->ci_set_config('csrf_cookie_name', ''); + + $this->security = new Mock_Core_Security(); + + $this->assertNotEmpty($this->security->get_csrf_hash()); + } } \ No newline at end of file -- cgit v1.2.3-24-g4f1b From 34eca8aa7ffbbacd18a54809a25e63db389eacd3 Mon Sep 17 00:00:00 2001 From: Heesung Ahn Date: Mon, 9 Mar 2015 19:36:29 -0400 Subject: Update Security Unit test Signed-off-by:Heesung Ahn --- tests/codeigniter/core/Security_test.php | 36 ++++++++++++++++---------------- 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/tests/codeigniter/core/Security_test.php b/tests/codeigniter/core/Security_test.php index 7d415131b..8faf1b58a 100644 --- a/tests/codeigniter/core/Security_test.php +++ b/tests/codeigniter/core/Security_test.php @@ -45,7 +45,7 @@ class Security_test extends CI_TestCase { $this->assertInstanceOf('CI_Security', $this->security->csrf_verify()); } - + // -------------------------------------------------------------------- public function test_get_csrf_hash() @@ -70,7 +70,7 @@ class Security_test extends CI_TestCase { $this->assertEquals("Hello, i try to [removed]alert('Hack');[removed] your site", $harmless_string); } - + // -------------------------------------------------------------------- public function test_xss_clean_string_array() @@ -87,9 +87,9 @@ class Security_test extends CI_TestCase { $this->assertEquals("Simple clean string", $harmless_strings[1]); $this->assertEquals("Hello, i try to [removed]alert('Hack');[removed] your site", $harmless_strings[2]); } - + // -------------------------------------------------------------------- - + public function test_xss_clean_image_valid() { $harm_string = ''; @@ -98,9 +98,9 @@ class Security_test extends CI_TestCase { $this->assertTrue($xss_clean_return); } - + // -------------------------------------------------------------------- - + public function test_xss_clean_image_invalid() { $harm_string = ''; @@ -109,31 +109,31 @@ class Security_test extends CI_TestCase { $this->assertFalse($xss_clean_return); } - + // -------------------------------------------------------------------- - + public function test_xss_clean_entity_double_encoded() { $input = 'Clickhere'; $this->assertEquals('Clickhere', $this->security->xss_clean($input)); } - + // -------------------------------------------------------------------- - + public function test_xss_clean_js_img_removal() { $input = 'Clickhere'; $this->assertEquals('', $this->security->xss_clean($input)); } - + // -------------------------------------------------------------------- - + public function test_xss_clean_sanitize_naughty_html() { $input = ''; $this->assertEquals('<blink>', $this->security->xss_clean($input)); } - + // -------------------------------------------------------------------- public function test_remove_evil_attributes() @@ -159,7 +159,7 @@ class Security_test extends CI_TestCase { } // -------------------------------------------------------------------- - + public function test_get_random_bytes() { $length = "invalid"; @@ -169,7 +169,7 @@ class Security_test extends CI_TestCase { $length = 10; $this->assertNotEmpty($this->security->get_random_bytes($length)); } - + // -------------------------------------------------------------------- public function test_entity_decode() @@ -195,7 +195,7 @@ class Security_test extends CI_TestCase { $this->assertEquals('foo', $safe_filename); } - + // -------------------------------------------------------------------- public function test_strip_image_tags() @@ -227,9 +227,9 @@ class Security_test extends CI_TestCase { $this->assertEquals($urls[$i], $this->security->strip_image_tags($imgtags[$i])); } } - + // -------------------------------------------------------------------- - + public function test_csrf_set_hash() { // Set cookie for security test -- cgit v1.2.3-24-g4f1b From a1525136a25404c40dff8383ec7ff1b4f5d3e68b Mon Sep 17 00:00:00 2001 From: Heesung Ahn Date: Tue, 10 Mar 2015 09:26:39 -0400 Subject: Fixed indentation Signed-off-by:Heesung Ahn --- tests/codeigniter/core/Security_test.php | 131 +++++++++++++++---------------- 1 file changed, 65 insertions(+), 66 deletions(-) diff --git a/tests/codeigniter/core/Security_test.php b/tests/codeigniter/core/Security_test.php index 8faf1b58a..7f467fb1b 100644 --- a/tests/codeigniter/core/Security_test.php +++ b/tests/codeigniter/core/Security_test.php @@ -73,44 +73,44 @@ class Security_test extends CI_TestCase { // -------------------------------------------------------------------- - public function test_xss_clean_string_array() + public function test_xss_clean_string_array() { - $harm_strings = array( - "Hello, i try to your site", - "Simple clean string", - "Hello, i try to your site" - ); + $harm_strings = array( + "Hello, i try to your site", + "Simple clean string", + "Hello, i try to your site" + ); $harmless_strings = $this->security->xss_clean($harm_strings); - - $this->assertEquals("Hello, i try to [removed]alert('Hack');[removed] your site", $harmless_strings[0]); - $this->assertEquals("Simple clean string", $harmless_strings[1]); - $this->assertEquals("Hello, i try to [removed]alert('Hack');[removed] your site", $harmless_strings[2]); + + $this->assertEquals("Hello, i try to [removed]alert('Hack');[removed] your site", $harmless_strings[0]); + $this->assertEquals("Simple clean string", $harmless_strings[1]); + $this->assertEquals("Hello, i try to [removed]alert('Hack');[removed] your site", $harmless_strings[2]); } - // -------------------------------------------------------------------- + // -------------------------------------------------------------------- - public function test_xss_clean_image_valid() + public function test_xss_clean_image_valid() { - $harm_string = ''; + $harm_string = ''; $xss_clean_return = $this->security->xss_clean($harm_string, TRUE); $this->assertTrue($xss_clean_return); } - // -------------------------------------------------------------------- + // -------------------------------------------------------------------- - public function test_xss_clean_image_invalid() + public function test_xss_clean_image_invalid() { - $harm_string = ''; + $harm_string = ''; $xss_clean_return = $this->security->xss_clean($harm_string, TRUE); $this->assertFalse($xss_clean_return); } - // -------------------------------------------------------------------- + // -------------------------------------------------------------------- public function test_xss_clean_entity_double_encoded() { @@ -118,17 +118,17 @@ class Security_test extends CI_TestCase { $this->assertEquals('Clickhere', $this->security->xss_clean($input)); } - // -------------------------------------------------------------------- + // -------------------------------------------------------------------- - public function test_xss_clean_js_img_removal() + public function test_xss_clean_js_img_removal() { $input = 'Clickhere'; $this->assertEquals('', $this->security->xss_clean($input)); } - // -------------------------------------------------------------------- + // -------------------------------------------------------------------- - public function test_xss_clean_sanitize_naughty_html() + public function test_xss_clean_sanitize_naughty_html() { $input = ''; $this->assertEquals('<blink>', $this->security->xss_clean($input)); @@ -158,19 +158,18 @@ class Security_test extends CI_TestCase { $this->assertTrue(preg_match('#^[0-9a-f]{32}$#iS', $this->security->xss_hash) === 1); } - // -------------------------------------------------------------------- - - public function test_get_random_bytes() - { - $length = "invalid"; - $this->assertFalse($this->security->get_random_bytes($length)); + // -------------------------------------------------------------------- + public function test_get_random_bytes() + { + $length = "invalid"; + $this->assertFalse($this->security->get_random_bytes($length)); - $length = 10; - $this->assertNotEmpty($this->security->get_random_bytes($length)); - } + $length = 10; + $this->assertNotEmpty($this->security->get_random_bytes($length)); + } - // -------------------------------------------------------------------- + // -------------------------------------------------------------------- public function test_entity_decode() { @@ -196,54 +195,54 @@ class Security_test extends CI_TestCase { $this->assertEquals('foo', $safe_filename); } - // -------------------------------------------------------------------- + // -------------------------------------------------------------------- public function test_strip_image_tags() { - $imgtags = Array( - 'Smiley face', - 'Smiley face', - '', - '', - 'MD Logo', - '', - '', - '' - ); - - $urls = Array( - 'smiley.gif', - 'smiley.gif', - 'http://www.w3schools.com/images/w3schools_green.jpg', - '/img/sunset.gif', - 'mdn-logo-sm.png', - '', - '', - '' - ); - - for($i = 0; $i < count($imgtags); $i++) - { - $this->assertEquals($urls[$i], $this->security->strip_image_tags($imgtags[$i])); - } + $imgtags = Array( + 'Smiley face', + 'Smiley face', + '', + '', + 'MD Logo', + '', + '', + '' + ); + + $urls = Array( + 'smiley.gif', + 'smiley.gif', + 'http://www.w3schools.com/images/w3schools_green.jpg', + '/img/sunset.gif', + 'mdn-logo-sm.png', + '', + '', + '' + ); + + for($i = 0; $i < count($imgtags); $i++) + { + $this->assertEquals($urls[$i], $this->security->strip_image_tags($imgtags[$i])); + } } - // -------------------------------------------------------------------- + // -------------------------------------------------------------------- - public function test_csrf_set_hash() + public function test_csrf_set_hash() { - // Set cookie for security test + // Set cookie for security test $_COOKIE['ci_csrf_cookie'] = md5(uniqid(mt_rand(), TRUE)); // Set config for Security class $this->ci_set_config('csrf_protection', TRUE); $this->ci_set_config('csrf_token_name', 'ci_csrf_token'); - - // leave csrf_cookie_name as blank to test _csrf_set_hash function + + // leave csrf_cookie_name as blank to test _csrf_set_hash function $this->ci_set_config('csrf_cookie_name', ''); $this->security = new Mock_Core_Security(); - - $this->assertNotEmpty($this->security->get_csrf_hash()); - } + + $this->assertNotEmpty($this->security->get_csrf_hash()); + } } \ No newline at end of file -- cgit v1.2.3-24-g4f1b From 0b1fd2cb717d217278b025e49d97819289600a9b Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 10 Mar 2015 20:00:19 +0200 Subject: Add array typehint to CI_Email::__construct() --- system/libraries/Email.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/system/libraries/Email.php b/system/libraries/Email.php index 45c5c09b9..66b5803dd 100644 --- a/system/libraries/Email.php +++ b/system/libraries/Email.php @@ -405,7 +405,7 @@ class CI_Email { * @param array $config = array() * @return void */ - public function __construct($config = array()) + public function __construct(array $config = array()) { $this->charset = config_item('charset'); -- cgit v1.2.3-24-g4f1b From 4fa5c4d30057525c9d16cf583aabbb5e6f8bb8bb Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 11 Mar 2015 18:57:00 +0200 Subject: [ci skip] Add a note about password storage in CI_Encryption docs I saw at least 2 occurrences of encryption instead of hashing being used for password storage during the past week ... --- user_guide_src/source/libraries/encryption.rst | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/user_guide_src/source/libraries/encryption.rst b/user_guide_src/source/libraries/encryption.rst index 5f0979da7..0c347604c 100644 --- a/user_guide_src/source/libraries/encryption.rst +++ b/user_guide_src/source/libraries/encryption.rst @@ -2,6 +2,11 @@ Encryption Library ################## +.. important:: DO NOT use this or any other *encryption* library for + user password storage! Passwords must be *hashed* instead, and you + should do that via PHP's own `Password Hashing extension + `_. + The Encryption Library provides two-way data encryption. To do so in a cryptographically secure way, it utilizes PHP extensions that are unfortunately not always available on all systems. -- cgit v1.2.3-24-g4f1b From b6d174649a6e3a975e077d6ffa9b91a48f291ca0 Mon Sep 17 00:00:00 2001 From: bjjay Date: Thu, 12 Mar 2015 10:31:14 +0800 Subject: Correct a comment link typo --- system/core/compat/mbstring.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/system/core/compat/mbstring.php b/system/core/compat/mbstring.php index ddb2bae47..e335c85f7 100644 --- a/system/core/compat/mbstring.php +++ b/system/core/compat/mbstring.php @@ -92,7 +92,7 @@ if ( ! function_exists('mb_strpos')) * WARNING: This function WILL fall-back to strpos() * if iconv is not available! * - * @link http://php.net/mb_strpos() + * @link http://php.net/mb_strpos * @param string $haystack * @param string $needle * @param int $offset -- cgit v1.2.3-24-g4f1b From 34b92c6c058a27fda4572f16af41340e0b46f4df Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 12 Mar 2015 12:42:00 +0200 Subject: Throw an exception on invalid session driver config --- system/libraries/Session/Session.php | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/system/libraries/Session/Session.php b/system/libraries/Session/Session.php index f3b819af9..54d31ee1a 100644 --- a/system/libraries/Session/Session.php +++ b/system/libraries/Session/Session.php @@ -94,10 +94,7 @@ class CI_Session { $this->_driver = 'database'; } - if (($class = $this->_ci_load_classes($this->_driver)) === FALSE) - { - return; - } + $class = $this->_ci_load_classes($this->_driver); // Configuration ... $this->_configure($params); @@ -230,8 +227,7 @@ class CI_Session { if ( ! class_exists('CI_'.$class, FALSE) && ! class_exists($class, FALSE)) { - log_message('error', "Session: Configured driver '".$driver."' was not found. Aborting."); - return FALSE; + throw new \UnexpectedValueException("Session: Configured driver '".$driver."' was not found. Aborting."); } } -- cgit v1.2.3-24-g4f1b From 875d5a1ca843b8169f0b4e8adf8d6f0eb7b4ee3c Mon Sep 17 00:00:00 2001 From: Adrian Voicu Date: Thu, 12 Mar 2015 16:42:50 +0200 Subject: additional info on heading() function ...worth mentioning... --- user_guide_src/source/helpers/html_helper.rst | 19 +++++++++++-------- 1 file changed, 11 insertions(+), 8 deletions(-) diff --git a/user_guide_src/source/helpers/html_helper.rst b/user_guide_src/source/helpers/html_helper.rst index d35be396a..1989c88ae 100644 --- a/user_guide_src/source/helpers/html_helper.rst +++ b/user_guide_src/source/helpers/html_helper.rst @@ -27,11 +27,11 @@ The following functions are available: .. php:function:: heading([$data = ''[, $h = '1'[, $attributes = '']]]) - :param string $data: Content - :param string $h: Heading level - :param array $attributes: HTML attributes - :returns: HTML heading tag - :rtype: string + :param string $data: Content + :param string $h: Heading level + :param array|string $attributes: HTML attributes + :returns: HTML heading tag + :rtype: string Lets you create HTML heading tags. The first parameter will contain the data, the second the size of the heading. Example:: @@ -41,15 +41,18 @@ The following functions are available: The above would produce:

Welcome!

Additionally, in order to add attributes to the heading tag such as HTML - classes, ids or inline styles, a third parameter is available:: + classes, ids or inline styles, a third parameter is available either + as a string or as an array:: - echo heading('Welcome!', 3, 'class="pink"') + echo heading('Welcome!', 3, 'class="pink"'); + echo heading('How are you?', 4, array('id'=>'question', 'class'=>'green'); The above code produces: .. code-block:: html

Welcome!

+

How are you?

.. php:function:: img([$src = ''[, $index_page = FALSE[, $attributes = '']]]) @@ -401,4 +404,4 @@ The following functions are available:     .. note:: This function is DEPRECATED. Use the native ``str_repeat()`` - in combination with `` `` instead. \ No newline at end of file + in combination with `` `` instead. -- cgit v1.2.3-24-g4f1b From 8e2f83d7b775d87827a58fbb55a35938eeb66173 Mon Sep 17 00:00:00 2001 From: Adrian Voicu Date: Thu, 12 Mar 2015 17:13:47 +0200 Subject: Update html_helper.rst --- user_guide_src/source/helpers/html_helper.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/user_guide_src/source/helpers/html_helper.rst b/user_guide_src/source/helpers/html_helper.rst index 1989c88ae..d5069cec4 100644 --- a/user_guide_src/source/helpers/html_helper.rst +++ b/user_guide_src/source/helpers/html_helper.rst @@ -52,7 +52,7 @@ The following functions are available: .. code-block:: html

Welcome!

-

How are you?

+

How are you?

.. php:function:: img([$src = ''[, $index_page = FALSE[, $attributes = '']]]) -- cgit v1.2.3-24-g4f1b From 0cfe1c3f389ff11a65cf014ea41672834d8719ac Mon Sep 17 00:00:00 2001 From: Adrian Voicu Date: Thu, 12 Mar 2015 22:11:06 +0200 Subject: Update html_helper.rst --- user_guide_src/source/helpers/html_helper.rst | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/user_guide_src/source/helpers/html_helper.rst b/user_guide_src/source/helpers/html_helper.rst index d5069cec4..955ffefc5 100644 --- a/user_guide_src/source/helpers/html_helper.rst +++ b/user_guide_src/source/helpers/html_helper.rst @@ -27,11 +27,11 @@ The following functions are available: .. php:function:: heading([$data = ''[, $h = '1'[, $attributes = '']]]) - :param string $data: Content - :param string $h: Heading level - :param array|string $attributes: HTML attributes - :returns: HTML heading tag - :rtype: string + :param string $data: Content + :param string $h: Heading level + :param mixed $attributes: HTML attributes + :returns: HTML heading tag + :rtype: string Lets you create HTML heading tags. The first parameter will contain the data, the second the size of the heading. Example:: @@ -45,7 +45,7 @@ The following functions are available: as a string or as an array:: echo heading('Welcome!', 3, 'class="pink"'); - echo heading('How are you?', 4, array('id'=>'question', 'class'=>'green'); + echo heading('How are you?', 4, array('id' => 'question', 'class' => 'green')); The above code produces: -- cgit v1.2.3-24-g4f1b From f67b6fd02fb3a683fa93ad59d8587beda3c9bb6a Mon Sep 17 00:00:00 2001 From: Adrian Voicu Date: Thu, 12 Mar 2015 22:13:08 +0200 Subject: Update html_helper.rst --- user_guide_src/source/helpers/html_helper.rst | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/user_guide_src/source/helpers/html_helper.rst b/user_guide_src/source/helpers/html_helper.rst index 955ffefc5..88611011c 100644 --- a/user_guide_src/source/helpers/html_helper.rst +++ b/user_guide_src/source/helpers/html_helper.rst @@ -31,7 +31,7 @@ The following functions are available: :param string $h: Heading level :param mixed $attributes: HTML attributes :returns: HTML heading tag - :rtype: string + :rtype: string Lets you create HTML heading tags. The first parameter will contain the data, the second the size of the heading. Example:: @@ -41,8 +41,8 @@ The following functions are available: The above would produce:

Welcome!

Additionally, in order to add attributes to the heading tag such as HTML - classes, ids or inline styles, a third parameter is available either - as a string or as an array:: + classes, ids or inline styles, a third parameter accepts either a string + or an array:: echo heading('Welcome!', 3, 'class="pink"'); echo heading('How are you?', 4, array('id' => 'question', 'class' => 'green')); -- cgit v1.2.3-24-g4f1b From cc778886ef9cc0b03c8a622163f1e80eaac340d3 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 13 Mar 2015 11:24:30 +0200 Subject: Close #3663 --- system/libraries/Form_validation.php | 2 +- user_guide_src/source/changelog.rst | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php index 9d1660258..05de59628 100644 --- a/system/libraries/Form_validation.php +++ b/system/libraries/Form_validation.php @@ -831,7 +831,7 @@ class CI_Form_validation { // DEPRECATED support for non-prefixed keys && FALSE === ($line = $this->CI->lang->line($rule, FALSE))) { - $line = $this->CI->lang->line('form_validation_error_message_not_set'); + $line = $this->CI->lang->line('form_validation_error_message_not_set').'('.$rule.')'; } } else diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index ef3d2af39..99e4de53a 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -362,6 +362,7 @@ Release Date: Not Released - Added support for custom error messages per field rule. - Added support for callable rules when they are passed as an array. - Added support for non-ASCII domains in **valid_email** rule, depending on the Intl extension. + - Changed the debug message about an error message not being set to include the rule name it is about. - :doc:`Caching Library ` changes include: -- cgit v1.2.3-24-g4f1b From 1d19520c7bc40280050b59e05a212ecedd9edd53 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 13 Mar 2015 11:25:29 +0200 Subject: [ci skip] Remove NS usage in CI_Session It was accidental --- system/libraries/Session/Session.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/system/libraries/Session/Session.php b/system/libraries/Session/Session.php index 54d31ee1a..bb457c659 100644 --- a/system/libraries/Session/Session.php +++ b/system/libraries/Session/Session.php @@ -227,7 +227,7 @@ class CI_Session { if ( ! class_exists('CI_'.$class, FALSE) && ! class_exists($class, FALSE)) { - throw new \UnexpectedValueException("Session: Configured driver '".$driver."' was not found. Aborting."); + throw new UnexpectedValueException("Session: Configured driver '".$driver."' was not found. Aborting."); } } -- cgit v1.2.3-24-g4f1b From 5f8c0c1f638c40f56251b1f805336dbd5f80e19f Mon Sep 17 00:00:00 2001 From: yaoshanliang <1329517386@qq.com> Date: Sat, 14 Mar 2015 12:44:18 +0800 Subject: add a judgment of whether reset select --- system/database/DB_query_builder.php | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index 79cbfb3ad..894d7ddb5 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -1355,7 +1355,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param string * @return int */ - public function count_all_results($table = '') + public function count_all_results($table = '', $reset = true) { if ($table !== '') { @@ -1366,7 +1366,10 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $result = ($this->qb_distinct === TRUE) ? $this->query($this->_count_string.$this->protect_identifiers('numrows')."\nFROM (\n".$this->_compile_select()."\n) CI_count_all_results") : $this->query($this->_compile_select($this->_count_string.$this->protect_identifiers('numrows'))); - $this->_reset_select(); + if($reset) + { + $this->_reset_select(); + } if ($result->num_rows() === 0) { -- cgit v1.2.3-24-g4f1b From 9971e7bc326df1a14e7bb17b1290e5fe5bfd5c60 Mon Sep 17 00:00:00 2001 From: yaoshanliang <1329517386@qq.com> Date: Sat, 14 Mar 2015 13:09:16 +0800 Subject: add a judgment of whether reset select --- system/database/DB_query_builder.php | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index 894d7ddb5..3d4a8576c 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -1366,10 +1366,11 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $result = ($this->qb_distinct === TRUE) ? $this->query($this->_count_string.$this->protect_identifiers('numrows')."\nFROM (\n".$this->_compile_select()."\n) CI_count_all_results") : $this->query($this->_compile_select($this->_count_string.$this->protect_identifiers('numrows'))); - if($reset) - { - $this->_reset_select(); - } + + if($reset) + { + $this->_reset_select(); + } if ($result->num_rows() === 0) { -- cgit v1.2.3-24-g4f1b From dd8c0ed8d595425cd935c2f4638c398d2a2d23e2 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 14 Mar 2015 17:01:36 +0200 Subject: [ci skip] Add a note about sess_save_path in config.php --- application/config/config.php | 2 ++ 1 file changed, 2 insertions(+) diff --git a/application/config/config.php b/application/config/config.php index cc1307ca9..f78371f13 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -330,6 +330,8 @@ $config['encryption_key'] = ''; | The location to save sessions to, driver dependant. | | For the 'files' driver, it's a path to a writable directory. +| WARNING: Only absolute paths are supported! +| | For the 'database' driver, it's a table name. | Please read up the manual for the format with other session drivers. | -- cgit v1.2.3-24-g4f1b From 0b2c833e75f900ed1d8889f5e6afb88d84630134 Mon Sep 17 00:00:00 2001 From: Oleg Filippov Date: Sat, 14 Mar 2015 17:10:02 +0200 Subject: Update user_agents.php Add Windows 10 --- application/config/user_agents.php | 1 + 1 file changed, 1 insertion(+) diff --git a/application/config/user_agents.php b/application/config/user_agents.php index 68d785365..6f3295a70 100644 --- a/application/config/user_agents.php +++ b/application/config/user_agents.php @@ -12,6 +12,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); */ $platforms = array( + 'windows nt 10.0' => 'Windows 10', 'windows nt 6.3' => 'Windows 8.1', 'windows nt 6.2' => 'Windows 8', 'windows nt 6.1' => 'Windows 7', -- cgit v1.2.3-24-g4f1b From 19c2847a7c24daa0c2999b77ce82ae199afadda9 Mon Sep 17 00:00:00 2001 From: yaoshanliang <1329517386@qq.com> Date: Sun, 15 Mar 2015 10:42:18 +0800 Subject: add changelog and documentation for adding an optional parameter to ``count_all_results()`` --- system/database/DB_query_builder.php | 11 ++++++----- user_guide_src/source/changelog.rst | 2 ++ 2 files changed, 8 insertions(+), 5 deletions(-) diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index 3d4a8576c..facaf0e4c 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -1353,9 +1353,10 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * returned by an Query Builder query. * * @param string + * @param bool TRUE: resets QB values; FALSE: leave QB vaules alone * @return int */ - public function count_all_results($table = '', $reset = true) + public function count_all_results($table = '', $reset = TRUE) { if ($table !== '') { @@ -1367,10 +1368,10 @@ abstract class CI_DB_query_builder extends CI_DB_driver { ? $this->query($this->_count_string.$this->protect_identifiers('numrows')."\nFROM (\n".$this->_compile_select()."\n) CI_count_all_results") : $this->query($this->_compile_select($this->_count_string.$this->protect_identifiers('numrows'))); - if($reset) - { - $this->_reset_select(); - } + if($reset === TRUE) + { + $this->_reset_select(); + } if ($result->num_rows() === 0) { diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index 99e4de53a..6faa1d752 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -176,6 +176,7 @@ Release Date: Not Released - Added Interbase/Firebird database support via the *ibase* driver. - Added ODBC support for ``create_database()``, ``drop_database()`` and ``drop_table()`` in :doc:`Database Forge `. - Added support to binding arrays as ``IN()`` sets in ``query()``. + - Added an optional second parameter to ``count_all_results()``. - :doc:`Query Builder ` changes include: @@ -192,6 +193,7 @@ Release Date: Not Released - Methods ``insert_batch()`` and ``update_batch()`` now return an integer representing the number of rows affected by them. - Methods ``where()``, ``or_where()``, ``having()`` and ``or_having()`` now convert trailing ``=`` and ``<>``, ``!=`` SQL operators to ``IS NULL`` and ``IS NOT NULL`` respectively when the supplied comparison value is ``NULL``. - Added method chaining support to ``reset_query()``, ``start_cache()``, ``stop_cache()`` and ``flush_cache()``. + - Added an optional second parameter to ``count_all_results`` that allows leaving QB values alone. - :doc:`Database Results ` changes include: -- cgit v1.2.3-24-g4f1b From 7f310d63d61e9b334385ef5f6501129d685924ba Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sun, 15 Mar 2015 19:03:43 +0200 Subject: [ci skip] Use DIRECTORY_SEPARATOR instead of / in CI_Config --- system/core/Config.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/system/core/Config.php b/system/core/Config.php index b9af8e3b2..d07000ac9 100644 --- a/system/core/Config.php +++ b/system/core/Config.php @@ -123,7 +123,7 @@ class CI_Config { foreach ($this->_config_paths as $path) { - foreach (array($file, ENVIRONMENT.'/'.$file) as $location) + foreach (array($file, ENVIRONMENT.DIRECTORY_SEPARATOR.$file) as $location) { $file_path = $path.'config/'.$location.'.php'; if (in_array($file_path, $this->is_loaded, TRUE)) -- cgit v1.2.3-24-g4f1b From 2f164058e3ffa429747e27b284f67f2e71809f52 Mon Sep 17 00:00:00 2001 From: yaoshanliang <1329517386@qq.com> Date: Mon, 16 Mar 2015 16:48:15 +0800 Subject: update documentation in database/query_builder.rst, change 2 tabs + 4 spaces to 3 tabs. --- system/database/DB_query_builder.php | 6 +++--- user_guide_src/source/changelog.rst | 3 +-- user_guide_src/source/database/query_builder.rst | 6 ++++++ 3 files changed, 10 insertions(+), 5 deletions(-) diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index facaf0e4c..e5ffef2bb 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -1353,7 +1353,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * returned by an Query Builder query. * * @param string - * @param bool TRUE: resets QB values; FALSE: leave QB vaules alone + * @param bool the reset clause * @return int */ public function count_all_results($table = '', $reset = TRUE) @@ -1368,9 +1368,9 @@ abstract class CI_DB_query_builder extends CI_DB_driver { ? $this->query($this->_count_string.$this->protect_identifiers('numrows')."\nFROM (\n".$this->_compile_select()."\n) CI_count_all_results") : $this->query($this->_compile_select($this->_count_string.$this->protect_identifiers('numrows'))); - if($reset === TRUE) + if ($reset === TRUE) { - $this->_reset_select(); + $this->_reset_select(); } if ($result->num_rows() === 0) diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index 6faa1d752..7f6cafa95 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -176,7 +176,6 @@ Release Date: Not Released - Added Interbase/Firebird database support via the *ibase* driver. - Added ODBC support for ``create_database()``, ``drop_database()`` and ``drop_table()`` in :doc:`Database Forge `. - Added support to binding arrays as ``IN()`` sets in ``query()``. - - Added an optional second parameter to ``count_all_results()``. - :doc:`Query Builder ` changes include: @@ -193,7 +192,7 @@ Release Date: Not Released - Methods ``insert_batch()`` and ``update_batch()`` now return an integer representing the number of rows affected by them. - Methods ``where()``, ``or_where()``, ``having()`` and ``or_having()`` now convert trailing ``=`` and ``<>``, ``!=`` SQL operators to ``IS NULL`` and ``IS NOT NULL`` respectively when the supplied comparison value is ``NULL``. - Added method chaining support to ``reset_query()``, ``start_cache()``, ``stop_cache()`` and ``flush_cache()``. - - Added an optional second parameter to ``count_all_results`` that allows leaving QB values alone. + - Added an optional second to ``count_all_results()`` to disable resetting of QB values. - :doc:`Database Results ` changes include: diff --git a/user_guide_src/source/database/query_builder.rst b/user_guide_src/source/database/query_builder.rst index 9b4694710..68ddca717 100644 --- a/user_guide_src/source/database/query_builder.rst +++ b/user_guide_src/source/database/query_builder.rst @@ -527,6 +527,12 @@ where(), or_where(), like(), or_like(), etc. Example:: $this->db->from('my_table'); echo $this->db->count_all_results(); // Produces an integer, like 17 +The second paramater is to disable resetting of QB values. Example:: + + echo $this->db->count_all_results('my_table'); // Produces an integer, like 25 + $this->db->like('title', 'match'); + echo $this->db->count_all_results(); // Produces an integer, like 17 + **$this->db->count_all()** Permits you to determine the number of rows in a particular table. -- cgit v1.2.3-24-g4f1b From ff806f9157a4a9b32fb40d38ca2cab8130cf66d2 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 16 Mar 2015 17:05:25 +0200 Subject: [ci skip] Polish changes from PR #3669 --- user_guide_src/source/changelog.rst | 2 +- user_guide_src/source/database/query_builder.rst | 13 +++++++------ 2 files changed, 8 insertions(+), 7 deletions(-) diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index 7f6cafa95..44a58915b 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -192,7 +192,7 @@ Release Date: Not Released - Methods ``insert_batch()`` and ``update_batch()`` now return an integer representing the number of rows affected by them. - Methods ``where()``, ``or_where()``, ``having()`` and ``or_having()`` now convert trailing ``=`` and ``<>``, ``!=`` SQL operators to ``IS NULL`` and ``IS NOT NULL`` respectively when the supplied comparison value is ``NULL``. - Added method chaining support to ``reset_query()``, ``start_cache()``, ``stop_cache()`` and ``flush_cache()``. - - Added an optional second to ``count_all_results()`` to disable resetting of QB values. + - Added an optional second parameter to ``count_all_results()`` to disable resetting of QB values. - :doc:`Database Results ` changes include: diff --git a/user_guide_src/source/database/query_builder.rst b/user_guide_src/source/database/query_builder.rst index 68ddca717..0a6d98744 100644 --- a/user_guide_src/source/database/query_builder.rst +++ b/user_guide_src/source/database/query_builder.rst @@ -520,18 +520,18 @@ The second parameter lets you set a result offset. Permits you to determine the number of rows in a particular Active Record query. Queries will accept Query Builder restrictors such as -where(), or_where(), like(), or_like(), etc. Example:: +``where()``, ``or_where()``, ``like()``, ``or_like()``, etc. Example:: echo $this->db->count_all_results('my_table'); // Produces an integer, like 25 $this->db->like('title', 'match'); $this->db->from('my_table'); echo $this->db->count_all_results(); // Produces an integer, like 17 -The second paramater is to disable resetting of QB values. Example:: +However, this method also resets any field values that you may have passed +to ``select()``. If you need to keep them, you can pass ``FALSE`` as the +second parameter:: - echo $this->db->count_all_results('my_table'); // Produces an integer, like 25 - $this->db->like('title', 'match'); - echo $this->db->count_all_results(); // Produces an integer, like 17 + echo $this->db->count_all_results('my_table', FALSE); **$this->db->count_all()** @@ -1097,9 +1097,10 @@ Class Reference Prepends a database prefix, if one exists in configuration. - .. php:method:: count_all_results([$table = '']) + .. php:method:: count_all_results([$table = '', [$reset = TRUE]]) :param string $table: Table name + :param bool $reset: Whether to reset values for SELECTs :returns: Number of rows in the query result :rtype: int -- cgit v1.2.3-24-g4f1b From 33992f542185a34c789d85d7709e7f812803a686 Mon Sep 17 00:00:00 2001 From: Heesung Ahn Date: Mon, 16 Mar 2015 20:17:59 -0400 Subject: Updated fetch_from_array unit test Signed-off-by:Heesung Ahn --- tests/codeigniter/core/Input_test.php | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/tests/codeigniter/core/Input_test.php b/tests/codeigniter/core/Input_test.php index 21ff6d81f..d3f5a9048 100644 --- a/tests/codeigniter/core/Input_test.php +++ b/tests/codeigniter/core/Input_test.php @@ -134,6 +134,15 @@ class Input_test extends CI_TestCase { $this->assertEquals('bar', $foo); $this->assertEquals("Hello, i try to your site", $harm); $this->assertEquals("Hello, i try to [removed]alert('Hack');[removed] your site", $harmless); + + $_SERVER['REQUEST_METHOD'] = 'POST'; + $_POST['foo']['bar'] = 'baz'; + $barArray = array( 'bar' => 'baz' ); + + $this->assertEquals('baz', $this->input->post('foo[bar]')); + $this->assertEquals($barArray, $this->input->post('foo[]')); + $this->assertNull($this->input->post('foo[baz]')); + } // -------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From f3ac71ea74351dc075d95867612da46834eccdf3 Mon Sep 17 00:00:00 2001 From: David Woods Date: Mon, 16 Mar 2015 20:00:21 -0700 Subject: Created setup and construct for Form_Validation unit test Signed-off-by: David Woods --- .../codeigniter/libraries/Form_validation_test.php | 35 ++++++++++++++++++++++ 1 file changed, 35 insertions(+) create mode 100644 tests/codeigniter/libraries/Form_validation_test.php diff --git a/tests/codeigniter/libraries/Form_validation_test.php b/tests/codeigniter/libraries/Form_validation_test.php new file mode 100644 index 000000000..2a433af3d --- /dev/null +++ b/tests/codeigniter/libraries/Form_validation_test.php @@ -0,0 +1,35 @@ +helper() looks in the wrong directories for unit tests, + // We'll use CI_TestCase->helper() instead + $ldr = $this->getMock('CI_Loader', array('helper')); + // At current, CI_Form_Validation only calls load->helper("form") + // Assert this so that if that changes this fails fast + $ldr->expects($this->once()) + ->method('helper') + ->with($this->equalTo('form')); + + $this->ci_instance_var('load', $ldr); + $this->helper('form'); + + } + + public function test___construct() + { + $this->form_validation = new CI_Form_validation(); + + $this->assertNotNull($this->form_validation); + } + + public function test__construct_rules() + { + + } + + public function test_ + +} -- cgit v1.2.3-24-g4f1b From dc1ae6bd92bc0f2c3ee5ce812ec60e580c72501d Mon Sep 17 00:00:00 2001 From: David Woods Date: Mon, 16 Mar 2015 23:36:54 -0700 Subject: Fixed bugs in form_validation for methods matches, differs, and valid_base64. Implemented tests for valid and invalid inputs for all basic rules available for form_validation. The invalid input data currently doesn't pass all tests. Signed-off-by: David Woods --- system/libraries/Form_validation.php | 16 ++- .../codeigniter/libraries/Form_validation_test.php | 136 ++++++++++++++++++++- 2 files changed, 139 insertions(+), 13 deletions(-) diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php index 05de59628..32ea4b1b4 100644 --- a/system/libraries/Form_validation.php +++ b/system/libraries/Form_validation.php @@ -1091,14 +1091,12 @@ class CI_Form_validation { * Match one field to another * * @param string $str string to compare against - * @param string $field + * @param string $param The string desired * @return bool */ - public function matches($str, $field) + public function matches($str, $param) { - return isset($this->_field_data[$field], $this->_field_data[$field]['postdata']) - ? ($str === $this->_field_data[$field]['postdata']) - : FALSE; + return ($str === $param); } // -------------------------------------------------------------------- @@ -1107,12 +1105,12 @@ class CI_Form_validation { * Differs from another field * * @param string - * @param string field + * @param string param is the value provided in the form * @return bool */ - public function differs($str, $field) + public function differs($str, $param) { - return ! (isset($this->_field_data[$field]) && $this->_field_data[$field]['postdata'] === $str); + return ($str !== $param); } // -------------------------------------------------------------------- @@ -1493,7 +1491,7 @@ class CI_Form_validation { */ public function valid_base64($str) { - return (base64_encode(base64_decode($str)) === $str); + return (base64_decode($str, true) !== false); } // -------------------------------------------------------------------- diff --git a/tests/codeigniter/libraries/Form_validation_test.php b/tests/codeigniter/libraries/Form_validation_test.php index 2a433af3d..aefc9a2c7 100644 --- a/tests/codeigniter/libraries/Form_validation_test.php +++ b/tests/codeigniter/libraries/Form_validation_test.php @@ -13,9 +13,31 @@ class Form_validation_test extends CI_TestCase { ->method('helper') ->with($this->equalTo('form')); + // Same applies for lang + $lang = $this->getMock('CI_Lang', array('load')); + + // Setup CI_Input + // Set server variable to GET as default, since this will leave unset in STDIN env + $_SERVER['REQUEST_METHOD'] = 'GET'; + + // Set config for Input class + $this->ci_set_config('allow_get_array', TRUE); + $this->ci_set_config('global_xss_filtering', FALSE); + $this->ci_set_config('csrf_protection', FALSE); + + $security = new Mock_Core_Security(); + + $this->ci_set_config('charset', 'UTF-8'); + $utf8 = new Mock_Core_Utf8(); + + $inp = new Mock_Core_Input($security, $utf8); + + $this->ci_instance_var('lang', $lang); $this->ci_instance_var('load', $ldr); + $this->ci_instance_var('input', $inp); + + $this->lang('form_validation'); $this->helper('form'); - } public function test___construct() @@ -25,11 +47,117 @@ class Form_validation_test extends CI_TestCase { $this->assertNotNull($this->form_validation); } - public function test__construct_rules() + public function test_rules_valid() { + $this->form_validation = new CI_Form_validation(); + $valid_posts = array( + 'required' => array('required',' !'), + 'matches[sample]' => 'sample', + 'differs[sample]' => 'differ', + 'min_length[4]' => array('is_more_than_4', '1234', ' 1'), + 'max_length[8]' => array('less_8', '12345678'), + 'exact_length[5]' => '12345', + 'greater_than[-5]' => array('-4','0','123124451'), + 'greater_than_equal_to[8]' => array('8', '99'), + 'less_than[0]' => '-1', + 'less_than_equal_to[5]' => array('-5', '5'), + 'in_list[red,blue,green]' => array('red', 'blue','green'), + 'alpha' => 'abcdefghijklmnopqrstuvwxyzABCDEFGHLIJKLMNOPQRSTUVWXYZ', + 'alpha_numeric' => 'abcdefghijklmnopqrstuvwxyzABCDEFGHLIJKLMNOPQRSTUVWXYZ0123456789', + 'alpha_numeric_spaces' => ' abcdefghijklmnopqrstuvwxyzABCDEFGHLIJKLMNOPQRSTUVWXYZ0123456789', + 'alpha_dash' => 'abcdefghijklmnopqrstuvwxyzABCDEFGHLIJKLMNOPQRSTUVWXYZ0123456789-_', + 'numeric' => '0123456789', + 'integer' => array('0', '-1231', '987234'), + 'decimal' => array('0.123', '1.0'), + 'is_natural' => '0', + 'is_natural_no_zero' => '1', + 'valid_url' => array('www.codeigniter.com','http://codeigniter.eu'), + 'valid_email' => 'email@sample.com', + 'valid_emails' => '1@sample.com,2@sample.com', + 'valid_ip[ipv4]' => '127.0.0.1', + 'valid_ip[ipv6]' => '2001:0db8:85a3:0000:0000:8a2e:0370:7334', + 'valid_base64' => 'string' + ); + + // Loop through each rule and test + foreach ($valid_posts as $rule => $value) { + // Reset $_POST + $_POST = array(); + + if (is_array($value)) { + foreach($value as $item) { +// printf("%s => %s\n", $rule, $item); + $this->form_validation->set_rules('field', 'name', $rule); + $_POST['field'] = $item; + $this->assertTrue($this->form_validation->run()); + $this->form_validation->reset_validation(); + } + } + else { +// printf("%s => %s\n", $rule, $value); + $this->form_validation->set_rules('field', 'name', $rule); + $_POST['field'] = $value; + $this->assertTrue($this->form_validation->run()); + $this->form_validation->reset_validation(); + } + } } - public function test_ - + public function test_rules_invalid() + { + $this->form_validation = new CI_Form_validation(); + + $invalid_posts = array( + 'required' => array('',' '), + 'matches[sample]' => 'Sample', + 'differ[sample]' => 'sample', + 'min_length[4]' => array('123', ''), + 'max_length[8]' => array('more_than_8', '12345678 '), + 'exact_length[5]' => ' 12345', + 'greater_than[-5]' => array('-5, -12415'), + 'greater_than_equal_to[8]' => array('7', '0'), + 'less_than[0]' => '0', + 'less_than_equal_to[5]' => array('6', '98234'), + 'in_list[red,blue,green]' => array(' red', 'Blue','failz'), + 'alpha' => array('*', ' a', '1'), + 'alpha_numeric' => array('a1 ', '*', '1-'), + 'alpha_numeric_spaces' => array('a1*', ' ~'), + 'alpha_dash' => array('a b', '*'), + 'numeric' => array('a', ''), + 'integer' => array('0.123', '1a', ''), + 'decimal' => array('1', 'a',''), + 'is_natural' => array('1.2','aA',''), + 'is_natural_no_zero' => array('0','1.2',''), + 'valid_url' => array('codeigniter.com','nosite', ''), + 'valid_email' => '@sample.com', + 'valid_emails' => '@sample.com,2@sample.com,validemail@email.ca', + 'valid_ip[ipv4]' => '257.0.0.1', + 'valid_ip[ipv6]' => 'A001:0db8:85a3:0000:0000:8a2e:0370:7334', + ); + + // Loop through each rule and test + foreach ($invalid_posts as $rule => $value) { + // Reset $_POST + $_POST = array(); + + if (is_array($value)) { + foreach($value as $item) { + printf("%s => %s\n", $rule, $item); + $this->form_validation->set_rules('field', 'name', $rule); + $_POST['field'] = $item; + $this->assertFalse($this->form_validation->run()); + $this->form_validation->reset_validation(); + } + } + else { + printf("%s => %s\n", $rule, $value); + $this->form_validation->set_rules('field', 'name', $rule); + $_POST['field'] = $value; + $this->assertFalse($this->form_validation->run()); + $this->form_validation->reset_validation(); + } + } + } + } -- cgit v1.2.3-24-g4f1b From c7029e2e5f479a541d951d6f6ebf1b33a82a1632 Mon Sep 17 00:00:00 2001 From: David Woods Date: Tue, 17 Mar 2015 10:52:01 -0700 Subject: Reformatted unit tests for easier debugging Signed-off-by: David Woods --- .../codeigniter/libraries/Form_validation_test.php | 379 ++++++++++++++------- 1 file changed, 265 insertions(+), 114 deletions(-) diff --git a/tests/codeigniter/libraries/Form_validation_test.php b/tests/codeigniter/libraries/Form_validation_test.php index aefc9a2c7..bfc2083fd 100644 --- a/tests/codeigniter/libraries/Form_validation_test.php +++ b/tests/codeigniter/libraries/Form_validation_test.php @@ -4,6 +4,8 @@ class Form_validation_test extends CI_TestCase { public function set_up() { + $_SERVER['REQUEST_METHOD'] = 'POST'; + // Create a mock loader since load->helper() looks in the wrong directories for unit tests, // We'll use CI_TestCase->helper() instead $ldr = $this->getMock('CI_Loader', array('helper')); @@ -17,9 +19,6 @@ class Form_validation_test extends CI_TestCase { $lang = $this->getMock('CI_Lang', array('load')); // Setup CI_Input - // Set server variable to GET as default, since this will leave unset in STDIN env - $_SERVER['REQUEST_METHOD'] = 'GET'; - // Set config for Input class $this->ci_set_config('allow_get_array', TRUE); $this->ci_set_config('global_xss_filtering', FALSE); @@ -38,126 +37,278 @@ class Form_validation_test extends CI_TestCase { $this->lang('form_validation'); $this->helper('form'); + + $this->form_validation = new CI_Form_validation(); } public function test___construct() { - $this->form_validation = new CI_Form_validation(); - $this->assertNotNull($this->form_validation); } - public function test_rules_valid() + public function test_rule_required() { - $this->form_validation = new CI_Form_validation(); + $this->assertTrue($this->run_rule('required', ' someValue')); - $valid_posts = array( - 'required' => array('required',' !'), - 'matches[sample]' => 'sample', - 'differs[sample]' => 'differ', - 'min_length[4]' => array('is_more_than_4', '1234', ' 1'), - 'max_length[8]' => array('less_8', '12345678'), - 'exact_length[5]' => '12345', - 'greater_than[-5]' => array('-4','0','123124451'), - 'greater_than_equal_to[8]' => array('8', '99'), - 'less_than[0]' => '-1', - 'less_than_equal_to[5]' => array('-5', '5'), - 'in_list[red,blue,green]' => array('red', 'blue','green'), - 'alpha' => 'abcdefghijklmnopqrstuvwxyzABCDEFGHLIJKLMNOPQRSTUVWXYZ', - 'alpha_numeric' => 'abcdefghijklmnopqrstuvwxyzABCDEFGHLIJKLMNOPQRSTUVWXYZ0123456789', - 'alpha_numeric_spaces' => ' abcdefghijklmnopqrstuvwxyzABCDEFGHLIJKLMNOPQRSTUVWXYZ0123456789', - 'alpha_dash' => 'abcdefghijklmnopqrstuvwxyzABCDEFGHLIJKLMNOPQRSTUVWXYZ0123456789-_', - 'numeric' => '0123456789', - 'integer' => array('0', '-1231', '987234'), - 'decimal' => array('0.123', '1.0'), - 'is_natural' => '0', - 'is_natural_no_zero' => '1', - 'valid_url' => array('www.codeigniter.com','http://codeigniter.eu'), - 'valid_email' => 'email@sample.com', - 'valid_emails' => '1@sample.com,2@sample.com', - 'valid_ip[ipv4]' => '127.0.0.1', - 'valid_ip[ipv6]' => '2001:0db8:85a3:0000:0000:8a2e:0370:7334', - 'valid_base64' => 'string' - ); - - // Loop through each rule and test - foreach ($valid_posts as $rule => $value) { - // Reset $_POST - $_POST = array(); - - if (is_array($value)) { - foreach($value as $item) { -// printf("%s => %s\n", $rule, $item); - $this->form_validation->set_rules('field', 'name', $rule); - $_POST['field'] = $item; - $this->assertTrue($this->form_validation->run()); - $this->form_validation->reset_validation(); - } - } - else { -// printf("%s => %s\n", $rule, $value); - $this->form_validation->set_rules('field', 'name', $rule); - $_POST['field'] = $value; - $this->assertTrue($this->form_validation->run()); - $this->form_validation->reset_validation(); - } - } - } - - public function test_rules_invalid() + $this->assertFalse($this->run_rule('required', '')); + $this->assertFalse($this->run_rule('required', ' ')); + } + + public function test_rule_matches() { - $this->form_validation = new CI_Form_validation(); + // Empty input should pass any rule unless required is also specified + $this->assertTrue($this->run_rule('matches[sample]', '')); + $this->assertTrue($this->run_rule('matches[s]', 's')); + + $this->assertFalse($this->run_rule('matches[Sample]', 'sample')); + $this->assertFalse($this->run_rule('matches[sample]', ' sample')); + } + + public function test_rule_differs() + { + // Empty input should pass any rule unless required is also specified + $this->assertTrue($this->run_rule('differs[sample]', '')); + $this->assertTrue($this->run_rule('differs[sample]', 'Sample')); + $this->assertTrue($this->run_rule('differs[sample]', ' sample')); + + $this->assertFalse($this->run_rule('differs[sample]', 'sample')); + } + + public function test_rule_min_length() + { + // Empty input should pass any rule unless required is also specified + $this->assertTrue($this->run_rule('min_length[34]', '')); + $this->assertTrue($this->run_rule('min_length[2]', '12')); + $this->assertTrue($this->run_rule('min_length[2]', ' 2')); + + $this->assertFalse($this->run_rule('min_length[2]', '1')); + $this->assertFalse($this->run_rule('min_length[4]|required', '')); + } + + public function test_rule_max_length() + { + // Empty input should pass any rule unless required is also specified + $this->assertTrue($this->run_rule('max_length[4]', '')); + $this->assertTrue($this->run_rule('max_length[4]', '1234')); + + $this->assertFalse($this->run_rule('max_length[4]', '12345')); + } + + public function test_rule_exact_length() + { + // Empty input should pass any rule unless required is also specified + $this->assertTrue($this->run_rule('exact_length[4]', '')); + $this->assertTrue($this->run_rule('exact_length[4]', '1234')); + + $this->assertFalse($this->run_rule('exact_length[4]', '123')); + $this->assertFalse($this->run_rule('exact_length[4]', '12345')); + } + + public function test_rule_greater_than() + { + // Empty input should pass any rule unless required is also specified + $this->assertTrue($this->run_rule('greater_than[-10]', '')); + $this->assertTrue($this->run_rule('greater_than[-10]', '-9')); + + $this->assertFalse($this->run_rule('greater_than[-10]', '-99')); + $this->assertFalse($this->run_rule('greater_than[-10]', 'a')); + } + + public function test_rule_greater_than_equal_to() + { + // Empty input should pass any rule unless required is also specified + $this->assertTrue($this->run_rule('greater_than_equal_to[0]', '')); + $this->assertTrue($this->run_rule('greater_than_equal_to[0]', '0')); + $this->assertTrue($this->run_rule('greater_than_equal_to[0]', '1')); + + $this->assertFalse($this->run_rule('greater_than_equal_to[0]', '-1')); + $this->assertFalse($this->run_rule('greater_than_equal_to[0]', 'a')); + } + + public function test_rule_less_than() + { + // Empty input should pass any rule unless required is also specified + $this->assertTrue($this->run_rule('less_than[0]', '')); + $this->assertTrue($this->run_rule('less_than[0]', '-1')); + + $this->assertFalse($this->run_rule('less_than[0]', '0')); + $this->assertFalse($this->run_rule('less_than[0]', 'a')); + } + + public function test_rule_less_than_equal_to() + { + // Empty input should pass any rule unless required is also specified + $this->assertTrue($this->run_rule('less_than_equal_to[0]', '')); + $this->assertTrue($this->run_rule('less_than_equal_to[0]', '-1')); + $this->assertTrue($this->run_rule('less_than_equal_to[0]', '0')); + + $this->assertFalse($this->run_rule('less_than_equal_to[0]', '1')); + $this->assertFalse($this->run_rule('less_than_equal_to[0]', 'a')); + } + + public function test_rule_in_list() + { + // Empty input should pass any rule unless required is also specified + $this->assertTrue($this->run_rule('in_list[red,Blue,123]', '')); + $this->assertTrue($this->run_rule('in_list[red,Blue,123]', 'red')); + $this->assertTrue($this->run_rule('in_list[red,Blue,123]', 'Blue')); + $this->assertTrue($this->run_rule('in_list[red,Blue,123]', '123')); + + $this->assertFalse($this->run_rule('in_list[red,Blue,123]', 'Red')); + $this->assertFalse($this->run_rule('in_list[red,Blue,123]', 'blue')); + $this->assertFalse($this->run_rule('in_list[red,Blue,123]', ' red')); + } + + public function test_rule_alpha() + { + // Empty input should pass any rule unless required is also specified + $this->assertTrue($this->run_rule('alpha', '')); + $this->assertTrue($this->run_rule('alpha', 'abcdefghijklmnopqrstuvwxyzABCDEFGHLIJKLMNOPQRSTUVWXYZ')); + + $this->assertFalse($this->run_rule('alpha', 'abcdefghijklmnopqrstuvwxyzABCDEFGHLIJKLMNOPQRSTUVWXYZ ')); + $this->assertFalse($this->run_rule('alpha', 'abcdefghijklmnopqrstuvwxyzABCDEFGHLIJKLMNOPQRSTUVWXYZ1')); + $this->assertFalse($this->run_rule('alpha', 'abcdefghijklmnopqrstuvwxyzABCDEFGHLIJKLMNOPQRSTUVWXYZ*')); + } + + public function test_rule_alpha_numeric() + { + // Empty input should pass any rule unless required is also specified + $this->assertTrue($this->run_rule('alpha_numeric', '')); + $this->assertTrue($this->run_rule('alpha_numeric', 'abcdefghijklmnopqrstuvwxyzABCDEFGHLIJKLMNOPQRSTUVWXYZ0123456789')); + + $this->assertFalse($this->run_rule('alpha_numeric', 'abcdefghijklmnopqrstuvwxyzABCDEFGHLIJKLMNOPQRSTUVWXYZ0123456789\ ')); + $this->assertFalse($this->run_rule('alpha_numeric', 'abcdefghijklmnopqrstuvwxyzABCDEFGHLIJKLMNOPQRSTUVWXYZ0123456789_')); + } + + public function test_rule_alpha_numeric_spaces() + { + // Empty input should pass any rule unless required is also specified + $this->assertTrue($this->run_rule('alpha_numeric_spaces', '')); + $this->assertTrue($this->run_rule('alpha_numeric_spaces', ' abcdefghijklmnopqrstuvwxyzABCDEFGHLIJKLMNOPQRSTUVWXYZ0123456789')); + + $this->assertFalse($this->run_rule('alpha_numeric_spaces', ' abcdefghijklmnopqrstuvwxyzABCDEFGHLIJKLMNOPQRSTUVWXYZ0123456789_')); + } + + public function test_rule_alpha_dash() + { + // Empty input should pass any rule unless required is also specified + $this->assertTrue($this->run_rule('alpha_dash', '')); + $this->assertTrue($this->run_rule('alpha_dash', 'abcdefghijklmnopqrstuvwxyzABCDEFGHLIJKLMNOPQRSTUVWXYZ0123456789-_')); + + $this->assertFalse($this->run_rule('alpha_dash', 'abcdefghijklmnopqrstuvwxyzABCDEFGHLIJKLMNOPQRSTUVWXYZ0123456789-_\ ')); + } + + public function test_rule_numeric() + { + // Empty input should pass any rule unless required is also specified + $this->assertTrue($this->run_rule('numeric', '')); + $this->assertTrue($this->run_rule('numeric', '0')); + $this->assertTrue($this->run_rule('numeric', '12314')); + + $this->assertFalse($this->run_rule('numeric', '123a')); + } + + public function test_rule_integer() + { + // Empty input should pass any rule unless required is also specified + $this->assertTrue($this->run_rule('integer', '')); + $this->assertTrue($this->run_rule('integer', '0')); + $this->assertTrue($this->run_rule('integer', '42')); + + $this->assertFalse($this->run_rule('integer', '124a')); + $this->assertFalse($this->run_rule('integer', '1.9')); + } + + public function test_rule_decimal() + { + // Empty input should pass any rule unless required is also specified + $this->assertTrue($this->run_rule('decimal', '')); + $this->assertTrue($this->run_rule('decimal', '1.0')); + $this->assertTrue($this->run_rule('decimal', '0.98')); + + $this->assertFalse($this->run_rule('decimal', '1.0a')); + $this->assertFalse($this->run_rule('decimal', '-i')); + } + + public function test_rule_is_natural() + { + // Empty input should pass any rule unless required is also specified + $this->assertTrue($this->run_rule('is_natural', '')); + $this->assertTrue($this->run_rule('is_natural', '0')); + $this->assertTrue($this->run_rule('is_natural', '12')); + + $this->assertFalse($this->run_rule('is_natural', '42a')); + } + + public function test_rule_is_natural_no_zero() + { + // Empty input should pass any rule unless required is also specified + $this->assertTrue($this->run_rule('is_natural_no_zero', '')); + $this->assertTrue($this->run_rule('is_natural_no_zero', '42')); + + $this->assertFalse($this->run_rule('is_natural_no_zero', '0')); + $this->assertFalse($this->run_rule('is_natural_no_zero', '42a')); + } + + public function test_rule_valid_url() + { + // Empty input should pass any rule unless required is also specified + $this->assertTrue($this->run_rule('valid_url', '')); + $this->assertTrue($this->run_rule('valid_url', 'www.codeigniter.com')); + $this->assertTrue($this->run_rule('valid_url', 'http://codeigniter.eu')); + + $this->assertFalse($this->run_rule('valid_url', 'codeigniter.c')); + } + + public function test_rule_valid_email() + { + // Empty input should pass any rule unless required is also specified + $this->assertTrue($this->run_rule('valid_email', '')); + $this->assertTrue($this->run_rule('valid_email', 'email@sample.com')); + + $this->assertFalse($this->run_rule('valid_email', '@sample.com')); + } + + public function test_rule_valid_emails() + { + // Empty input should pass any rule unless required is also specified + $this->assertTrue($this->run_rule('valid_emails', '')); + $this->assertTrue($this->run_rule('valid_emails', '1@sample.com,2@sample.com')); - $invalid_posts = array( - 'required' => array('',' '), - 'matches[sample]' => 'Sample', - 'differ[sample]' => 'sample', - 'min_length[4]' => array('123', ''), - 'max_length[8]' => array('more_than_8', '12345678 '), - 'exact_length[5]' => ' 12345', - 'greater_than[-5]' => array('-5, -12415'), - 'greater_than_equal_to[8]' => array('7', '0'), - 'less_than[0]' => '0', - 'less_than_equal_to[5]' => array('6', '98234'), - 'in_list[red,blue,green]' => array(' red', 'Blue','failz'), - 'alpha' => array('*', ' a', '1'), - 'alpha_numeric' => array('a1 ', '*', '1-'), - 'alpha_numeric_spaces' => array('a1*', ' ~'), - 'alpha_dash' => array('a b', '*'), - 'numeric' => array('a', ''), - 'integer' => array('0.123', '1a', ''), - 'decimal' => array('1', 'a',''), - 'is_natural' => array('1.2','aA',''), - 'is_natural_no_zero' => array('0','1.2',''), - 'valid_url' => array('codeigniter.com','nosite', ''), - 'valid_email' => '@sample.com', - 'valid_emails' => '@sample.com,2@sample.com,validemail@email.ca', - 'valid_ip[ipv4]' => '257.0.0.1', - 'valid_ip[ipv6]' => 'A001:0db8:85a3:0000:0000:8a2e:0370:7334', - ); - - // Loop through each rule and test - foreach ($invalid_posts as $rule => $value) { - // Reset $_POST - $_POST = array(); - - if (is_array($value)) { - foreach($value as $item) { - printf("%s => %s\n", $rule, $item); - $this->form_validation->set_rules('field', 'name', $rule); - $_POST['field'] = $item; - $this->assertFalse($this->form_validation->run()); - $this->form_validation->reset_validation(); - } - } - else { - printf("%s => %s\n", $rule, $value); - $this->form_validation->set_rules('field', 'name', $rule); - $_POST['field'] = $value; - $this->assertFalse($this->form_validation->run()); - $this->form_validation->reset_validation(); - } - } - } - + $this->assertFalse($this->run_rule('valid_emails', '@sample.com,2@sample.com,validemail@email.ca')); + } + + public function test_rule_valid_ip() + { + // Empty input should pass any rule unless required is also specified + $this->assertTrue($this->run_rule('valid_ip', '')); + $this->assertTrue($this->run_rule('valid_ip', '127.0.0.1')); + $this->assertTrue($this->run_rule('valid_ip[ipv4]', '127.0.0.1')); + $this->assertTrue($this->run_rule('valid_ip', '2001:0db8:85a3:0000:0000:8a2e:0370:7334')); + $this->assertTrue($this->run_rule('valid_ip[ipv6]', '2001:0db8:85a3:0000:0000:8a2e:0370:7334')); + + $this->assertFalse($this->run_rule('valid_ip[ipv4]', '2001:0db8:85a3:0000:0000:8a2e:0370:7334')); + $this->assertFalse($this->run_rule('valid_ip[ipv6]', '127.0.0.1')); + $this->assertFalse($this->run_rule('valid_ip', 'H001:0db8:85a3:0000:0000:8a2e:0370:7334')); + $this->assertFalse($this->run_rule('valid_ip', '127.0.0.259')); + } + + public function test_rule_valid_base64() + { + // Empty input should pass any rule unless required is also specified + $this->assertTrue($this->run_rule('valid_base64', '')); + $this->assertTrue($this->run_rule('valid_base64', 'string')); + } + + public function run_rule($rule, $test_value) + { +// $this->markTestSkipped('Not designed to be a unit test'); + // Reset the _$POST array + $_POST = array(); + $this->form_validation->reset_validation(); + + $this->form_validation->set_rules('field', 'name', $rule); + $_POST['field'] = $test_value; + return $this->form_validation->run(); + } } -- cgit v1.2.3-24-g4f1b From 8384dd9de4c2721113a5d3158ed06b3cc5bfc145 Mon Sep 17 00:00:00 2001 From: David Woods Date: Tue, 17 Mar 2015 10:55:10 -0700 Subject: Removed bug fixes from this branch. Will recommit them on a separate branch Signed-off-by: David Woods --- system/libraries/Form_validation.php | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php index 32ea4b1b4..05de59628 100644 --- a/system/libraries/Form_validation.php +++ b/system/libraries/Form_validation.php @@ -1091,12 +1091,14 @@ class CI_Form_validation { * Match one field to another * * @param string $str string to compare against - * @param string $param The string desired + * @param string $field * @return bool */ - public function matches($str, $param) + public function matches($str, $field) { - return ($str === $param); + return isset($this->_field_data[$field], $this->_field_data[$field]['postdata']) + ? ($str === $this->_field_data[$field]['postdata']) + : FALSE; } // -------------------------------------------------------------------- @@ -1105,12 +1107,12 @@ class CI_Form_validation { * Differs from another field * * @param string - * @param string param is the value provided in the form + * @param string field * @return bool */ - public function differs($str, $param) + public function differs($str, $field) { - return ($str !== $param); + return ! (isset($this->_field_data[$field]) && $this->_field_data[$field]['postdata'] === $str); } // -------------------------------------------------------------------- @@ -1491,7 +1493,7 @@ class CI_Form_validation { */ public function valid_base64($str) { - return (base64_decode($str, true) !== false); + return (base64_encode(base64_decode($str)) === $str); } // -------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From ce4237a6c48fc2538fcb149730c4f62a02dce849 Mon Sep 17 00:00:00 2001 From: David Woods Date: Tue, 17 Mar 2015 11:28:07 -0700 Subject: Corrected an invalid test case Signed-off-by: David Woods --- tests/codeigniter/libraries/Form_validation_test.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/codeigniter/libraries/Form_validation_test.php b/tests/codeigniter/libraries/Form_validation_test.php index bfc2083fd..5b2e9de70 100644 --- a/tests/codeigniter/libraries/Form_validation_test.php +++ b/tests/codeigniter/libraries/Form_validation_test.php @@ -256,8 +256,8 @@ class Form_validation_test extends CI_TestCase { $this->assertTrue($this->run_rule('valid_url', '')); $this->assertTrue($this->run_rule('valid_url', 'www.codeigniter.com')); $this->assertTrue($this->run_rule('valid_url', 'http://codeigniter.eu')); - - $this->assertFalse($this->run_rule('valid_url', 'codeigniter.c')); + + $this->assertFalse($this->run_rule('valid_url', 'codeigniter')); } public function test_rule_valid_email() -- cgit v1.2.3-24-g4f1b From fe5099a695c25e503a0aff6124644b9011a27e0d Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 18 Mar 2015 12:35:47 +0200 Subject: Polish some recent changes in test cases --- tests/codeigniter/core/Input_test.php | 10 ++++------ tests/codeigniter/core/Security_test.php | 20 ++++++++++---------- 2 files changed, 14 insertions(+), 16 deletions(-) diff --git a/tests/codeigniter/core/Input_test.php b/tests/codeigniter/core/Input_test.php index d3f5a9048..159a877dc 100644 --- a/tests/codeigniter/core/Input_test.php +++ b/tests/codeigniter/core/Input_test.php @@ -134,15 +134,14 @@ class Input_test extends CI_TestCase { $this->assertEquals('bar', $foo); $this->assertEquals("Hello, i try to your site", $harm); $this->assertEquals("Hello, i try to [removed]alert('Hack');[removed] your site", $harmless); - + $_SERVER['REQUEST_METHOD'] = 'POST'; $_POST['foo']['bar'] = 'baz'; - $barArray = array( 'bar' => 'baz' ); - + $barArray = array('bar' => 'baz'); + $this->assertEquals('baz', $this->input->post('foo[bar]')); $this->assertEquals($barArray, $this->input->post('foo[]')); $this->assertNull($this->input->post('foo[baz]')); - } // -------------------------------------------------------------------- @@ -222,5 +221,4 @@ class Input_test extends CI_TestCase { // Back to reality $_SERVER['REMOTE_ADDR'] = '127.0.0.1'; // back to reality } - -} \ No newline at end of file +} diff --git a/tests/codeigniter/core/Security_test.php b/tests/codeigniter/core/Security_test.php index 7f467fb1b..b5524da0f 100644 --- a/tests/codeigniter/core/Security_test.php +++ b/tests/codeigniter/core/Security_test.php @@ -138,12 +138,12 @@ class Security_test extends CI_TestCase { public function test_remove_evil_attributes() { - $this->assertEquals('', $this->security->remove_evil_attributes('', false)); - $this->assertEquals('', $this->security->remove_evil_attributes('', false)); - $this->assertEquals('', $this->security->remove_evil_attributes('', false)); - $this->assertEquals('', $this->security->remove_evil_attributes('', false)); - $this->assertEquals('onOutsideOfTag=test', $this->security->remove_evil_attributes('onOutsideOfTag=test', false)); - $this->assertEquals('onNoTagAtAll = true', $this->security->remove_evil_attributes('onNoTagAtAll = true', false)); + $this->assertEquals('', $this->security->remove_evil_attributes('', FALSE)); + $this->assertEquals('', $this->security->remove_evil_attributes('', FALSE)); + $this->assertEquals('', $this->security->remove_evil_attributes('', FALSE)); + $this->assertEquals('', $this->security->remove_evil_attributes('', FALSE)); + $this->assertEquals('onOutsideOfTag=test', $this->security->remove_evil_attributes('onOutsideOfTag=test', FALSE)); + $this->assertEquals('onNoTagAtAll = true', $this->security->remove_evil_attributes('onNoTagAtAll = true', FALSE)); } // -------------------------------------------------------------------- @@ -199,7 +199,7 @@ class Security_test extends CI_TestCase { public function test_strip_image_tags() { - $imgtags = Array( + $imgtags = array( 'Smiley face', 'Smiley face', '', @@ -210,7 +210,7 @@ class Security_test extends CI_TestCase { '' ); - $urls = Array( + $urls = array( 'smiley.gif', 'smiley.gif', 'http://www.w3schools.com/images/w3schools_green.jpg', @@ -221,7 +221,7 @@ class Security_test extends CI_TestCase { '' ); - for($i = 0; $i < count($imgtags); $i++) + for ($i = 0; $i < count($imgtags); $i++) { $this->assertEquals($urls[$i], $this->security->strip_image_tags($imgtags[$i])); } @@ -245,4 +245,4 @@ class Security_test extends CI_TestCase { $this->assertNotEmpty($this->security->get_csrf_hash()); } -} \ No newline at end of file +} -- cgit v1.2.3-24-g4f1b From 8158bc3172a916cd5cb1089f4f0146bea0510c2f Mon Sep 17 00:00:00 2001 From: Rafael Schwemmer Date: Wed, 18 Mar 2015 15:41:32 +0100 Subject: Fixed a typo in uri.rst documentation --- user_guide_src/source/libraries/uri.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/user_guide_src/source/libraries/uri.rst b/user_guide_src/source/libraries/uri.rst index ae56184cc..4d38c1d22 100644 --- a/user_guide_src/source/libraries/uri.rst +++ b/user_guide_src/source/libraries/uri.rst @@ -110,7 +110,7 @@ Class Reference :returns: Associative URI segments array :rtype: array - This method lets you turn URI segments into and associative array of + This method lets you turn URI segments into an associative array of key/value pairs. Consider this URI:: index.php/user/search/name/joe/location/UK/gender/male @@ -230,4 +230,4 @@ Class Reference This method is identical to ``segment_array()``, except that it returns the array of segments in your re-routed URI in the event you are using - CodeIgniter's :doc:`URI Routing <../general/routing>` feature. \ No newline at end of file + CodeIgniter's :doc:`URI Routing <../general/routing>` feature. -- cgit v1.2.3-24-g4f1b From 64af3bb57e3d84ec9dd79b8e7f82eba57c46c296 Mon Sep 17 00:00:00 2001 From: David Woods Date: Wed, 18 Mar 2015 10:09:26 -0700 Subject: Corrected match, differs, base64, and valid_url test cases. Also changed spaces to tabs Signed-off-by: David Woods --- .../codeigniter/libraries/Form_validation_test.php | 617 +++++++++++---------- 1 file changed, 310 insertions(+), 307 deletions(-) diff --git a/tests/codeigniter/libraries/Form_validation_test.php b/tests/codeigniter/libraries/Form_validation_test.php index 5b2e9de70..571e2cfce 100644 --- a/tests/codeigniter/libraries/Form_validation_test.php +++ b/tests/codeigniter/libraries/Form_validation_test.php @@ -1,314 +1,317 @@ helper() looks in the wrong directories for unit tests, - // We'll use CI_TestCase->helper() instead - $ldr = $this->getMock('CI_Loader', array('helper')); - // At current, CI_Form_Validation only calls load->helper("form") - // Assert this so that if that changes this fails fast - $ldr->expects($this->once()) + + public function set_up() + { + $_SERVER['REQUEST_METHOD'] = 'POST'; + + // Create a mock loader since load->helper() looks in the wrong directories for unit tests, + // We'll use CI_TestCase->helper() instead + $loader = $this->getMock('CI_Loader', array('helper')); + // At current, CI_Form_Validation only calls load->helper("form") + // Assert this so that if that changes this fails fast + $loader->expects($this->once()) ->method('helper') ->with($this->equalTo('form')); - - // Same applies for lang - $lang = $this->getMock('CI_Lang', array('load')); - - // Setup CI_Input - // Set config for Input class - $this->ci_set_config('allow_get_array', TRUE); - $this->ci_set_config('global_xss_filtering', FALSE); - $this->ci_set_config('csrf_protection', FALSE); - - $security = new Mock_Core_Security(); - - $this->ci_set_config('charset', 'UTF-8'); - $utf8 = new Mock_Core_Utf8(); - - $inp = new Mock_Core_Input($security, $utf8); - - $this->ci_instance_var('lang', $lang); - $this->ci_instance_var('load', $ldr); - $this->ci_instance_var('input', $inp); - - $this->lang('form_validation'); - $this->helper('form'); - - $this->form_validation = new CI_Form_validation(); - } - - public function test___construct() - { - $this->assertNotNull($this->form_validation); - } - - public function test_rule_required() - { - $this->assertTrue($this->run_rule('required', ' someValue')); - - $this->assertFalse($this->run_rule('required', '')); - $this->assertFalse($this->run_rule('required', ' ')); - } - - public function test_rule_matches() - { - // Empty input should pass any rule unless required is also specified - $this->assertTrue($this->run_rule('matches[sample]', '')); - $this->assertTrue($this->run_rule('matches[s]', 's')); - - $this->assertFalse($this->run_rule('matches[Sample]', 'sample')); - $this->assertFalse($this->run_rule('matches[sample]', ' sample')); - } - - public function test_rule_differs() - { - // Empty input should pass any rule unless required is also specified - $this->assertTrue($this->run_rule('differs[sample]', '')); - $this->assertTrue($this->run_rule('differs[sample]', 'Sample')); - $this->assertTrue($this->run_rule('differs[sample]', ' sample')); - - $this->assertFalse($this->run_rule('differs[sample]', 'sample')); - } - - public function test_rule_min_length() - { - // Empty input should pass any rule unless required is also specified - $this->assertTrue($this->run_rule('min_length[34]', '')); - $this->assertTrue($this->run_rule('min_length[2]', '12')); - $this->assertTrue($this->run_rule('min_length[2]', ' 2')); - - $this->assertFalse($this->run_rule('min_length[2]', '1')); - $this->assertFalse($this->run_rule('min_length[4]|required', '')); - } - - public function test_rule_max_length() - { - // Empty input should pass any rule unless required is also specified - $this->assertTrue($this->run_rule('max_length[4]', '')); - $this->assertTrue($this->run_rule('max_length[4]', '1234')); - - $this->assertFalse($this->run_rule('max_length[4]', '12345')); - } - - public function test_rule_exact_length() - { - // Empty input should pass any rule unless required is also specified - $this->assertTrue($this->run_rule('exact_length[4]', '')); - $this->assertTrue($this->run_rule('exact_length[4]', '1234')); - - $this->assertFalse($this->run_rule('exact_length[4]', '123')); - $this->assertFalse($this->run_rule('exact_length[4]', '12345')); - } - - public function test_rule_greater_than() - { - // Empty input should pass any rule unless required is also specified - $this->assertTrue($this->run_rule('greater_than[-10]', '')); - $this->assertTrue($this->run_rule('greater_than[-10]', '-9')); - - $this->assertFalse($this->run_rule('greater_than[-10]', '-99')); - $this->assertFalse($this->run_rule('greater_than[-10]', 'a')); - } - - public function test_rule_greater_than_equal_to() - { - // Empty input should pass any rule unless required is also specified - $this->assertTrue($this->run_rule('greater_than_equal_to[0]', '')); - $this->assertTrue($this->run_rule('greater_than_equal_to[0]', '0')); - $this->assertTrue($this->run_rule('greater_than_equal_to[0]', '1')); - - $this->assertFalse($this->run_rule('greater_than_equal_to[0]', '-1')); - $this->assertFalse($this->run_rule('greater_than_equal_to[0]', 'a')); - } - - public function test_rule_less_than() - { - // Empty input should pass any rule unless required is also specified - $this->assertTrue($this->run_rule('less_than[0]', '')); - $this->assertTrue($this->run_rule('less_than[0]', '-1')); - - $this->assertFalse($this->run_rule('less_than[0]', '0')); - $this->assertFalse($this->run_rule('less_than[0]', 'a')); - } - - public function test_rule_less_than_equal_to() - { - // Empty input should pass any rule unless required is also specified - $this->assertTrue($this->run_rule('less_than_equal_to[0]', '')); - $this->assertTrue($this->run_rule('less_than_equal_to[0]', '-1')); - $this->assertTrue($this->run_rule('less_than_equal_to[0]', '0')); - - $this->assertFalse($this->run_rule('less_than_equal_to[0]', '1')); - $this->assertFalse($this->run_rule('less_than_equal_to[0]', 'a')); - } - - public function test_rule_in_list() - { - // Empty input should pass any rule unless required is also specified - $this->assertTrue($this->run_rule('in_list[red,Blue,123]', '')); - $this->assertTrue($this->run_rule('in_list[red,Blue,123]', 'red')); - $this->assertTrue($this->run_rule('in_list[red,Blue,123]', 'Blue')); - $this->assertTrue($this->run_rule('in_list[red,Blue,123]', '123')); - - $this->assertFalse($this->run_rule('in_list[red,Blue,123]', 'Red')); - $this->assertFalse($this->run_rule('in_list[red,Blue,123]', 'blue')); - $this->assertFalse($this->run_rule('in_list[red,Blue,123]', ' red')); - } - - public function test_rule_alpha() - { - // Empty input should pass any rule unless required is also specified - $this->assertTrue($this->run_rule('alpha', '')); - $this->assertTrue($this->run_rule('alpha', 'abcdefghijklmnopqrstuvwxyzABCDEFGHLIJKLMNOPQRSTUVWXYZ')); - - $this->assertFalse($this->run_rule('alpha', 'abcdefghijklmnopqrstuvwxyzABCDEFGHLIJKLMNOPQRSTUVWXYZ ')); - $this->assertFalse($this->run_rule('alpha', 'abcdefghijklmnopqrstuvwxyzABCDEFGHLIJKLMNOPQRSTUVWXYZ1')); - $this->assertFalse($this->run_rule('alpha', 'abcdefghijklmnopqrstuvwxyzABCDEFGHLIJKLMNOPQRSTUVWXYZ*')); - } - - public function test_rule_alpha_numeric() - { - // Empty input should pass any rule unless required is also specified - $this->assertTrue($this->run_rule('alpha_numeric', '')); - $this->assertTrue($this->run_rule('alpha_numeric', 'abcdefghijklmnopqrstuvwxyzABCDEFGHLIJKLMNOPQRSTUVWXYZ0123456789')); - - $this->assertFalse($this->run_rule('alpha_numeric', 'abcdefghijklmnopqrstuvwxyzABCDEFGHLIJKLMNOPQRSTUVWXYZ0123456789\ ')); - $this->assertFalse($this->run_rule('alpha_numeric', 'abcdefghijklmnopqrstuvwxyzABCDEFGHLIJKLMNOPQRSTUVWXYZ0123456789_')); - } - - public function test_rule_alpha_numeric_spaces() - { - // Empty input should pass any rule unless required is also specified - $this->assertTrue($this->run_rule('alpha_numeric_spaces', '')); - $this->assertTrue($this->run_rule('alpha_numeric_spaces', ' abcdefghijklmnopqrstuvwxyzABCDEFGHLIJKLMNOPQRSTUVWXYZ0123456789')); - - $this->assertFalse($this->run_rule('alpha_numeric_spaces', ' abcdefghijklmnopqrstuvwxyzABCDEFGHLIJKLMNOPQRSTUVWXYZ0123456789_')); - } - - public function test_rule_alpha_dash() - { - // Empty input should pass any rule unless required is also specified - $this->assertTrue($this->run_rule('alpha_dash', '')); - $this->assertTrue($this->run_rule('alpha_dash', 'abcdefghijklmnopqrstuvwxyzABCDEFGHLIJKLMNOPQRSTUVWXYZ0123456789-_')); - - $this->assertFalse($this->run_rule('alpha_dash', 'abcdefghijklmnopqrstuvwxyzABCDEFGHLIJKLMNOPQRSTUVWXYZ0123456789-_\ ')); - } - - public function test_rule_numeric() - { - // Empty input should pass any rule unless required is also specified - $this->assertTrue($this->run_rule('numeric', '')); - $this->assertTrue($this->run_rule('numeric', '0')); - $this->assertTrue($this->run_rule('numeric', '12314')); - - $this->assertFalse($this->run_rule('numeric', '123a')); - } - - public function test_rule_integer() - { - // Empty input should pass any rule unless required is also specified - $this->assertTrue($this->run_rule('integer', '')); - $this->assertTrue($this->run_rule('integer', '0')); - $this->assertTrue($this->run_rule('integer', '42')); - - $this->assertFalse($this->run_rule('integer', '124a')); - $this->assertFalse($this->run_rule('integer', '1.9')); - } - - public function test_rule_decimal() - { - // Empty input should pass any rule unless required is also specified - $this->assertTrue($this->run_rule('decimal', '')); - $this->assertTrue($this->run_rule('decimal', '1.0')); - $this->assertTrue($this->run_rule('decimal', '0.98')); - - $this->assertFalse($this->run_rule('decimal', '1.0a')); - $this->assertFalse($this->run_rule('decimal', '-i')); - } - - public function test_rule_is_natural() - { - // Empty input should pass any rule unless required is also specified - $this->assertTrue($this->run_rule('is_natural', '')); - $this->assertTrue($this->run_rule('is_natural', '0')); - $this->assertTrue($this->run_rule('is_natural', '12')); - - $this->assertFalse($this->run_rule('is_natural', '42a')); - } - - public function test_rule_is_natural_no_zero() - { - // Empty input should pass any rule unless required is also specified - $this->assertTrue($this->run_rule('is_natural_no_zero', '')); - $this->assertTrue($this->run_rule('is_natural_no_zero', '42')); - - $this->assertFalse($this->run_rule('is_natural_no_zero', '0')); - $this->assertFalse($this->run_rule('is_natural_no_zero', '42a')); - } - - public function test_rule_valid_url() - { - // Empty input should pass any rule unless required is also specified - $this->assertTrue($this->run_rule('valid_url', '')); - $this->assertTrue($this->run_rule('valid_url', 'www.codeigniter.com')); - $this->assertTrue($this->run_rule('valid_url', 'http://codeigniter.eu')); - - $this->assertFalse($this->run_rule('valid_url', 'codeigniter')); - } - - public function test_rule_valid_email() - { - // Empty input should pass any rule unless required is also specified - $this->assertTrue($this->run_rule('valid_email', '')); - $this->assertTrue($this->run_rule('valid_email', 'email@sample.com')); - - $this->assertFalse($this->run_rule('valid_email', '@sample.com')); - } - - public function test_rule_valid_emails() - { - // Empty input should pass any rule unless required is also specified - $this->assertTrue($this->run_rule('valid_emails', '')); - $this->assertTrue($this->run_rule('valid_emails', '1@sample.com,2@sample.com')); - - $this->assertFalse($this->run_rule('valid_emails', '@sample.com,2@sample.com,validemail@email.ca')); - } - - public function test_rule_valid_ip() - { - // Empty input should pass any rule unless required is also specified - $this->assertTrue($this->run_rule('valid_ip', '')); - $this->assertTrue($this->run_rule('valid_ip', '127.0.0.1')); - $this->assertTrue($this->run_rule('valid_ip[ipv4]', '127.0.0.1')); - $this->assertTrue($this->run_rule('valid_ip', '2001:0db8:85a3:0000:0000:8a2e:0370:7334')); - $this->assertTrue($this->run_rule('valid_ip[ipv6]', '2001:0db8:85a3:0000:0000:8a2e:0370:7334')); - - $this->assertFalse($this->run_rule('valid_ip[ipv4]', '2001:0db8:85a3:0000:0000:8a2e:0370:7334')); - $this->assertFalse($this->run_rule('valid_ip[ipv6]', '127.0.0.1')); - $this->assertFalse($this->run_rule('valid_ip', 'H001:0db8:85a3:0000:0000:8a2e:0370:7334')); - $this->assertFalse($this->run_rule('valid_ip', '127.0.0.259')); - } - - public function test_rule_valid_base64() - { - // Empty input should pass any rule unless required is also specified - $this->assertTrue($this->run_rule('valid_base64', '')); - $this->assertTrue($this->run_rule('valid_base64', 'string')); - } - - public function run_rule($rule, $test_value) - { + // Same applies for lang + $lang = $this->getMock('CI_Lang', array('load')); + + $this->ci_set_config('charset', 'UTF-8'); + $utf8 = new Mock_Core_Utf8(); + $security = new Mock_Core_Security(); + $input = new Mock_Core_Input($security, $utf8); + + $this->ci_instance_var('lang', $lang); + $this->ci_instance_var('load', $loader); + $this->ci_instance_var('input', $input); + + $this->lang('form_validation'); + $this->helper('form'); + + $this->form_validation = new CI_Form_validation(); + } + + public function test___construct() + { + $this->assertNotNull($this->form_validation); + } + + public function test_rule_required() + { + $this->assertTrue($this->run_rule('required', ' someValue')); + + $this->assertFalse($this->run_rule('required', '')); + $this->assertFalse($this->run_rule('required', ' ')); + } + + public function test_rule_matches() + { + // Empty input should pass any rule unless required is also specified + $_POST['to_match'] = 'sample'; + $this->assertTrue($this->run_rule('matches[to_match]', '')); + $_POST['to_match'] = 'sample'; + $this->assertTrue($this->run_rule('matches[to_match]', 'sample')); + + $_POST['to_match'] = 'sample'; + $this->assertFalse($this->run_rule('matches[to_match]', 'Sample')); + $_POST['to_match'] = 'sample'; + $this->assertFalse($this->run_rule('matches[to_match]', ' sample')); + } + + public function test_rule_differs() + { + // Empty input should pass any rule unless required is also specified + $_POST['to_differ'] = 'sample'; + $this->assertTrue($this->run_rule('differs[to_differ]', '')); + $_POST['to_differ'] = 'sample'; + $this->assertTrue($this->run_rule('differs[to_differ]', 'Sample')); + $_POST['to_differ'] = 'sample'; + $this->assertTrue($this->run_rule('differs[to_differ]', ' sample')); + + $_POST['to_differ'] = 'sample'; + $this->assertFalse($this->run_rule('differs[to_differ]', 'sample')); + } + + public function test_rule_min_length() + { + // Empty input should pass any rule unless required is also specified + $this->assertTrue($this->run_rule('min_length[34]', '')); + $this->assertTrue($this->run_rule('min_length[2]', '12')); + $this->assertTrue($this->run_rule('min_length[2]', ' 2')); + + $this->assertFalse($this->run_rule('min_length[2]', '1')); + $this->assertFalse($this->run_rule('min_length[4]|required', '')); + } + + public function test_rule_max_length() + { + // Empty input should pass any rule unless required is also specified + $this->assertTrue($this->run_rule('max_length[4]', '')); + $this->assertTrue($this->run_rule('max_length[4]', '1234')); + + $this->assertFalse($this->run_rule('max_length[4]', '12345')); + } + + public function test_rule_exact_length() + { + // Empty input should pass any rule unless required is also specified + $this->assertTrue($this->run_rule('exact_length[4]', '')); + $this->assertTrue($this->run_rule('exact_length[4]', '1234')); + + $this->assertFalse($this->run_rule('exact_length[4]', '123')); + $this->assertFalse($this->run_rule('exact_length[4]', '12345')); + } + + public function test_rule_greater_than() + { + // Empty input should pass any rule unless required is also specified + $this->assertTrue($this->run_rule('greater_than[-10]', '')); + $this->assertTrue($this->run_rule('greater_than[-10]', '-9')); + + $this->assertFalse($this->run_rule('greater_than[-10]', '-99')); + $this->assertFalse($this->run_rule('greater_than[-10]', 'a')); + } + + public function test_rule_greater_than_equal_to() + { + // Empty input should pass any rule unless required is also specified + $this->assertTrue($this->run_rule('greater_than_equal_to[0]', '')); + $this->assertTrue($this->run_rule('greater_than_equal_to[0]', '0')); + $this->assertTrue($this->run_rule('greater_than_equal_to[0]', '1')); + + $this->assertFalse($this->run_rule('greater_than_equal_to[0]', '-1')); + $this->assertFalse($this->run_rule('greater_than_equal_to[0]', 'a')); + } + + public function test_rule_less_than() + { + // Empty input should pass any rule unless required is also specified + $this->assertTrue($this->run_rule('less_than[0]', '')); + $this->assertTrue($this->run_rule('less_than[0]', '-1')); + + $this->assertFalse($this->run_rule('less_than[0]', '0')); + $this->assertFalse($this->run_rule('less_than[0]', 'a')); + } + + public function test_rule_less_than_equal_to() + { + // Empty input should pass any rule unless required is also specified + $this->assertTrue($this->run_rule('less_than_equal_to[0]', '')); + $this->assertTrue($this->run_rule('less_than_equal_to[0]', '-1')); + $this->assertTrue($this->run_rule('less_than_equal_to[0]', '0')); + + $this->assertFalse($this->run_rule('less_than_equal_to[0]', '1')); + $this->assertFalse($this->run_rule('less_than_equal_to[0]', 'a')); + } + + public function test_rule_in_list() + { + // Empty input should pass any rule unless required is also specified + $this->assertTrue($this->run_rule('in_list[red,Blue,123]', '')); + $this->assertTrue($this->run_rule('in_list[red,Blue,123]', 'red')); + $this->assertTrue($this->run_rule('in_list[red,Blue,123]', 'Blue')); + $this->assertTrue($this->run_rule('in_list[red,Blue,123]', '123')); + + $this->assertFalse($this->run_rule('in_list[red,Blue,123]', 'Red')); + $this->assertFalse($this->run_rule('in_list[red,Blue,123]', 'blue')); + $this->assertFalse($this->run_rule('in_list[red,Blue,123]', ' red')); + } + + public function test_rule_alpha() + { + // Empty input should pass any rule unless required is also specified + $this->assertTrue($this->run_rule('alpha', '')); + $this->assertTrue($this->run_rule('alpha', 'abcdefghijklmnopqrstuvwxyzABCDEFGHLIJKLMNOPQRSTUVWXYZ')); + + $this->assertFalse($this->run_rule('alpha', 'abcdefghijklmnopqrstuvwxyzABCDEFGHLIJKLMNOPQRSTUVWXYZ ')); + $this->assertFalse($this->run_rule('alpha', 'abcdefghijklmnopqrstuvwxyzABCDEFGHLIJKLMNOPQRSTUVWXYZ1')); + $this->assertFalse($this->run_rule('alpha', 'abcdefghijklmnopqrstuvwxyzABCDEFGHLIJKLMNOPQRSTUVWXYZ*')); + } + + public function test_rule_alpha_numeric() + { + // Empty input should pass any rule unless required is also specified + $this->assertTrue($this->run_rule('alpha_numeric', '')); + $this->assertTrue($this->run_rule('alpha_numeric', 'abcdefghijklmnopqrstuvwxyzABCDEFGHLIJKLMNOPQRSTUVWXYZ0123456789')); + + $this->assertFalse($this->run_rule('alpha_numeric', 'abcdefghijklmnopqrstuvwxyzABCDEFGHLIJKLMNOPQRSTUVWXYZ0123456789\ ')); + $this->assertFalse($this->run_rule('alpha_numeric', 'abcdefghijklmnopqrstuvwxyzABCDEFGHLIJKLMNOPQRSTUVWXYZ0123456789_')); + } + + public function test_rule_alpha_numeric_spaces() + { + // Empty input should pass any rule unless required is also specified + $this->assertTrue($this->run_rule('alpha_numeric_spaces', '')); + $this->assertTrue($this->run_rule('alpha_numeric_spaces', ' abcdefghijklmnopqrstuvwxyzABCDEFGHLIJKLMNOPQRSTUVWXYZ0123456789')); + + $this->assertFalse($this->run_rule('alpha_numeric_spaces', ' abcdefghijklmnopqrstuvwxyzABCDEFGHLIJKLMNOPQRSTUVWXYZ0123456789_')); + } + + public function test_rule_alpha_dash() + { + // Empty input should pass any rule unless required is also specified + $this->assertTrue($this->run_rule('alpha_dash', '')); + $this->assertTrue($this->run_rule('alpha_dash', 'abcdefghijklmnopqrstuvwxyzABCDEFGHLIJKLMNOPQRSTUVWXYZ0123456789-_')); + + $this->assertFalse($this->run_rule('alpha_dash', 'abcdefghijklmnopqrstuvwxyzABCDEFGHLIJKLMNOPQRSTUVWXYZ0123456789-_\ ')); + } + + public function test_rule_numeric() + { + // Empty input should pass any rule unless required is also specified + $this->assertTrue($this->run_rule('numeric', '')); + $this->assertTrue($this->run_rule('numeric', '0')); + $this->assertTrue($this->run_rule('numeric', '12314')); + $this->assertTrue($this->run_rule('numeric', '-42')); + + $this->assertFalse($this->run_rule('numeric', '123a')); + } + + public function test_rule_integer() + { + // Empty input should pass any rule unless required is also specified + $this->assertTrue($this->run_rule('integer', '')); + $this->assertTrue($this->run_rule('integer', '0')); + $this->assertTrue($this->run_rule('integer', '42')); + + $this->assertFalse($this->run_rule('integer', '124a')); + $this->assertFalse($this->run_rule('integer', '1.9')); + } + + public function test_rule_decimal() + { + // Empty input should pass any rule unless required is also specified + $this->assertTrue($this->run_rule('decimal', '')); + $this->assertTrue($this->run_rule('decimal', '1.0')); + $this->assertTrue($this->run_rule('decimal', '0.98')); + + $this->assertFalse($this->run_rule('decimal', '1.0a')); + $this->assertFalse($this->run_rule('decimal', '-i')); + } + + public function test_rule_is_natural() + { + // Empty input should pass any rule unless required is also specified + $this->assertTrue($this->run_rule('is_natural', '')); + $this->assertTrue($this->run_rule('is_natural', '0')); + $this->assertTrue($this->run_rule('is_natural', '12')); + + $this->assertFalse($this->run_rule('is_natural', '42a')); + } + + public function test_rule_is_natural_no_zero() + { + // Empty input should pass any rule unless required is also specified + $this->assertTrue($this->run_rule('is_natural_no_zero', '')); + $this->assertTrue($this->run_rule('is_natural_no_zero', '42')); + + $this->assertFalse($this->run_rule('is_natural_no_zero', '0')); + $this->assertFalse($this->run_rule('is_natural_no_zero', '42a')); + } + + public function test_rule_valid_url() + { + // Empty input should pass any rule unless required is also specified + $this->assertTrue($this->run_rule('valid_url', '')); + $this->assertTrue($this->run_rule('valid_url', 'www.codeigniter.com')); + $this->assertTrue($this->run_rule('valid_url', 'http://codeigniter.eu')); + + $this->assertFalse($this->run_rule('valid_url', 'code igniter')); + } + + public function test_rule_valid_email() + { + // Empty input should pass any rule unless required is also specified + $this->assertTrue($this->run_rule('valid_email', '')); + $this->assertTrue($this->run_rule('valid_email', 'email@sample.com')); + + $this->assertFalse($this->run_rule('valid_email', '@sample.com')); + } + + public function test_rule_valid_emails() + { + // Empty input should pass any rule unless required is also specified + $this->assertTrue($this->run_rule('valid_emails', '')); + $this->assertTrue($this->run_rule('valid_emails', '1@sample.com,2@sample.com')); + + $this->assertFalse($this->run_rule('valid_emails', '@sample.com,2@sample.com,validemail@email.ca')); + } + + public function test_rule_valid_ip() + { + // Empty input should pass any rule unless required is also specified + $this->assertTrue($this->run_rule('valid_ip', '')); + $this->assertTrue($this->run_rule('valid_ip', '127.0.0.1')); + $this->assertTrue($this->run_rule('valid_ip[ipv4]', '127.0.0.1')); + $this->assertTrue($this->run_rule('valid_ip', '2001:0db8:85a3:0000:0000:8a2e:0370:7334')); + $this->assertTrue($this->run_rule('valid_ip[ipv6]', '2001:0db8:85a3:0000:0000:8a2e:0370:7334')); + + $this->assertFalse($this->run_rule('valid_ip[ipv4]', '2001:0db8:85a3:0000:0000:8a2e:0370:7334')); + $this->assertFalse($this->run_rule('valid_ip[ipv6]', '127.0.0.1')); + $this->assertFalse($this->run_rule('valid_ip', 'H001:0db8:85a3:0000:0000:8a2e:0370:7334')); + $this->assertFalse($this->run_rule('valid_ip', '127.0.0.259')); + } + + public function test_rule_valid_base64() + { + // Empty input should pass any rule unless required is also specified + $this->assertTrue($this->run_rule('valid_base64', '')); + $this->assertTrue($this->run_rule('valid_base64', base64_encode('string'))); + + $this->assertTrue($this->run_rule('valid_base64', "FA08GG")); + } + + public function run_rule($rule, $test_value) + { // $this->markTestSkipped('Not designed to be a unit test'); - // Reset the _$POST array - $_POST = array(); - $this->form_validation->reset_validation(); - - $this->form_validation->set_rules('field', 'name', $rule); - $_POST['field'] = $test_value; - return $this->form_validation->run(); - } + // Reset the _$POST array + $_POST = array(); + $this->form_validation->reset_validation(); + + $this->form_validation->set_rules('field', 'name', $rule); + $_POST['field'] = $test_value; + return $this->form_validation->run(); + } + } -- cgit v1.2.3-24-g4f1b From 63c288cdd7dd66c653da1092ac07a035b01ef560 Mon Sep 17 00:00:00 2001 From: David Woods Date: Wed, 18 Mar 2015 10:13:34 -0700 Subject: Corrected incorrect assertion in test_rule_valid_base64 Signed-off-by: David Woods --- tests/codeigniter/libraries/Form_validation_test.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/codeigniter/libraries/Form_validation_test.php b/tests/codeigniter/libraries/Form_validation_test.php index 571e2cfce..9c21b9cfb 100644 --- a/tests/codeigniter/libraries/Form_validation_test.php +++ b/tests/codeigniter/libraries/Form_validation_test.php @@ -299,7 +299,7 @@ class Form_validation_test extends CI_TestCase { $this->assertTrue($this->run_rule('valid_base64', '')); $this->assertTrue($this->run_rule('valid_base64', base64_encode('string'))); - $this->assertTrue($this->run_rule('valid_base64', "FA08GG")); + $this->assertFalse($this->run_rule('valid_base64', "FA08GG")); } public function run_rule($rule, $test_value) -- cgit v1.2.3-24-g4f1b From 70e220ad2423f2f701b0db12686dad2e7e9a6458 Mon Sep 17 00:00:00 2001 From: David Woods Date: Wed, 18 Mar 2015 10:29:20 -0700 Subject: Fixed bug of clearing POST array before every test. Signed-off-by: David Woods --- .../codeigniter/libraries/Form_validation_test.php | 26 ++++++++++++---------- 1 file changed, 14 insertions(+), 12 deletions(-) diff --git a/tests/codeigniter/libraries/Form_validation_test.php b/tests/codeigniter/libraries/Form_validation_test.php index 9c21b9cfb..3dff2f374 100644 --- a/tests/codeigniter/libraries/Form_validation_test.php +++ b/tests/codeigniter/libraries/Form_validation_test.php @@ -49,28 +49,28 @@ class Form_validation_test extends CI_TestCase { { // Empty input should pass any rule unless required is also specified $_POST['to_match'] = 'sample'; - $this->assertTrue($this->run_rule('matches[to_match]', '')); + $this->assertTrue($this->run_rule('matches[to_match]', '', FALSE)); $_POST['to_match'] = 'sample'; - $this->assertTrue($this->run_rule('matches[to_match]', 'sample')); + $this->assertTrue($this->run_rule('matches[to_match]', 'sample', FALSE)); $_POST['to_match'] = 'sample'; - $this->assertFalse($this->run_rule('matches[to_match]', 'Sample')); + $this->assertFalse($this->run_rule('matches[to_match]', 'Sample', FALSE)); $_POST['to_match'] = 'sample'; - $this->assertFalse($this->run_rule('matches[to_match]', ' sample')); + $this->assertFalse($this->run_rule('matches[to_match]', ' sample', FALSE)); } public function test_rule_differs() { // Empty input should pass any rule unless required is also specified $_POST['to_differ'] = 'sample'; - $this->assertTrue($this->run_rule('differs[to_differ]', '')); + $this->assertTrue($this->run_rule('differs[to_differ]', '', FALSE)); $_POST['to_differ'] = 'sample'; - $this->assertTrue($this->run_rule('differs[to_differ]', 'Sample')); + $this->assertTrue($this->run_rule('differs[to_differ]', 'Sample', FALSE)); $_POST['to_differ'] = 'sample'; - $this->assertTrue($this->run_rule('differs[to_differ]', ' sample')); + $this->assertTrue($this->run_rule('differs[to_differ]', ' sample', FALSE)); $_POST['to_differ'] = 'sample'; - $this->assertFalse($this->run_rule('differs[to_differ]', 'sample')); + $this->assertFalse($this->run_rule('differs[to_differ]', 'sample', FALSE)); } public function test_rule_min_length() @@ -302,13 +302,15 @@ class Form_validation_test extends CI_TestCase { $this->assertFalse($this->run_rule('valid_base64', "FA08GG")); } - public function run_rule($rule, $test_value) + public function run_rule($rule, $test_value, $reset_post = TRUE) { // $this->markTestSkipped('Not designed to be a unit test'); - // Reset the _$POST array - $_POST = array(); $this->form_validation->reset_validation(); - + if ($reset_post === TRUE) + { + $_POST = array(); + } + $this->form_validation->set_rules('field', 'name', $rule); $_POST['field'] = $test_value; return $this->form_validation->run(); -- cgit v1.2.3-24-g4f1b From 5b88473a716a3c69e72c67f1cfe26452db9e1172 Mon Sep 17 00:00:00 2001 From: David Woods Date: Wed, 18 Mar 2015 10:37:35 -0700 Subject: Switched spaces to tabs on the few lines that were missed from previous refactors Signed-off-by: David Woods --- tests/codeigniter/libraries/Form_validation_test.php | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/tests/codeigniter/libraries/Form_validation_test.php b/tests/codeigniter/libraries/Form_validation_test.php index 3dff2f374..18b7c83d6 100644 --- a/tests/codeigniter/libraries/Form_validation_test.php +++ b/tests/codeigniter/libraries/Form_validation_test.php @@ -8,14 +8,14 @@ class Form_validation_test extends CI_TestCase { // Create a mock loader since load->helper() looks in the wrong directories for unit tests, // We'll use CI_TestCase->helper() instead - $loader = $this->getMock('CI_Loader', array('helper')); + $loader = $this->getMock('CI_Loader', array('helper')); // At current, CI_Form_Validation only calls load->helper("form") // Assert this so that if that changes this fails fast - $loader->expects($this->once()) - ->method('helper') - ->with($this->equalTo('form')); + $loader->expects($this->once()) + ->method('helper') + ->with($this->equalTo('form')); // Same applies for lang - $lang = $this->getMock('CI_Lang', array('load')); + $lang = $this->getMock('CI_Lang', array('load')); $this->ci_set_config('charset', 'UTF-8'); $utf8 = new Mock_Core_Utf8(); @@ -298,7 +298,7 @@ class Form_validation_test extends CI_TestCase { // Empty input should pass any rule unless required is also specified $this->assertTrue($this->run_rule('valid_base64', '')); $this->assertTrue($this->run_rule('valid_base64', base64_encode('string'))); - + $this->assertFalse($this->run_rule('valid_base64', "FA08GG")); } @@ -310,7 +310,7 @@ class Form_validation_test extends CI_TestCase { { $_POST = array(); } - + $this->form_validation->set_rules('field', 'name', $rule); $_POST['field'] = $test_value; return $this->form_validation->run(); -- cgit v1.2.3-24-g4f1b From 0fc46caedd690b05141a0b80bc5d7bca9b72b61b Mon Sep 17 00:00:00 2001 From: Heesung Ahn Date: Wed, 18 Mar 2015 18:49:22 -0400 Subject: Updated CI_Input unit test and fixed error "undefined offset" caused by using the same variable name, $i, twice for for loop inside for loop. Signed-off-by:Heesung Ahn --- system/core/Input.php | 4 +-- tests/codeigniter/core/Input_test.php | 61 ++++++++++++++++++++++++++++++++--- 2 files changed, 58 insertions(+), 7 deletions(-) diff --git a/system/core/Input.php b/system/core/Input.php index 6be4b9a6c..12332cf51 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -490,9 +490,9 @@ class CI_Input { ) ); - for ($i = 0; $i < 8; $i++) + for ($j = 0; $j < 8; $j++) { - $ip[$i] = intval($ip[$i], 16); + $ip[$j] = intval($ip[$j], 16); } $sprintf = '%016b%016b%016b%016b%016b%016b%016b%016b'; diff --git a/tests/codeigniter/core/Input_test.php b/tests/codeigniter/core/Input_test.php index 159a877dc..a632ee689 100644 --- a/tests/codeigniter/core/Input_test.php +++ b/tests/codeigniter/core/Input_test.php @@ -206,9 +206,23 @@ class Input_test extends CI_TestCase { $this->markTestSkipped('TODO: Find a way to test HTTP headers'); } - public function test_ip_address() + // -------------------------------------------------------------------- + + public function test_get_request_header() { + //TODO: Find a way to test HTTP headers + $this->assertNull($this->input->get_request_header('test')); + } + + // -------------------------------------------------------------------- + + public function test_ip_address() + { + $this->input->ip_address = TRUE; + $this->assertTrue($this->input->ip_address()); + // 127.0.0.1 is set in our Bootstrap file + $this->input->ip_address = FALSE; $this->assertEquals('127.0.0.1', $this->input->ip_address()); // Invalid @@ -216,9 +230,46 @@ class Input_test extends CI_TestCase { $this->input->ip_address = FALSE; // reset cached value $this->assertEquals('0.0.0.0', $this->input->ip_address()); - // TODO: Add proxy_ips tests - - // Back to reality + $_SERVER['REMOTE_ADDR'] = '127.0.0.1'; + + // Proxy_ips tests + $this->input->ip_address = FALSE; + $this->ci_set_config('proxy_ips', '127.0.0.3, 127.0.0.4, 127.0.0.2'); + $_SERVER['HTTP_CLIENT_IP'] = '127.0.0.2'; + $this->assertEquals('127.0.0.1', $this->input->ip_address()); + + // Invalid spoof + $this->input->ip_address = FALSE; + $this->ci_set_config('proxy_ips', 'invalid_ip_address'); + $_SERVER['HTTP_CLIENT_IP'] = 'invalid_ip_address'; + $this->assertEquals('127.0.0.1', $this->input->ip_address()); + + $this->input->ip_address = FALSE; + $this->ci_set_config('proxy_ips', 'http://foo/bar/baz, 127.0.0.1/1'); + $_SERVER['HTTP_CLIENT_IP'] = '127.0.0.1'; + $this->assertEquals('127.0.0.1', $this->input->ip_address()); + + $this->input->ip_address = FALSE; + $this->ci_set_config('proxy_ips', 'http://foo/bar/baz, 127.0.0.1/1'); + $_SERVER['HTTP_CLIENT_IP'] = '127.0.0.2'; + $this->assertNotEquals('127.0.0.1', $this->input->ip_address()); + + //IPv6 + $this->input->ip_address = FALSE; + $this->ci_set_config('proxy_ips', 'FE80:0000:0000:0000:0202:B3FF:FE1E:8329/1, FE80:0000:0000:0000:0202:B3FF:FE1E:8300/2'); + $_SERVER['HTTP_CLIENT_IP'] = 'FE80:0000:0000:0000:0202:B3FF:FE1E:8300'; + $_SERVER['REMOTE_ADDR'] = 'FE80:0000:0000:0000:0202:B3FF:FE1E:8329'; + $this->assertEquals('FE80:0000:0000:0000:0202:B3FF:FE1E:8300', $this->input->ip_address()); + + $this->input->ip_address = FALSE; $_SERVER['REMOTE_ADDR'] = '127.0.0.1'; // back to reality } -} + + // -------------------------------------------------------------------- + + public function test_user_agent() + { + $_SERVER['HTTP_USER_AGENT'] = 'test'; + $this->assertEquals('test', $this->input->user_agent()); + } +} \ No newline at end of file -- cgit v1.2.3-24-g4f1b From c44a656649ca4d198f29ea1f07fe0174ce832ccc Mon Sep 17 00:00:00 2001 From: Heesung Ahn Date: Wed, 18 Mar 2015 19:12:27 -0400 Subject: minor update Signed-off-by:Heesung Ahn --- tests/codeigniter/core/Input_test.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/tests/codeigniter/core/Input_test.php b/tests/codeigniter/core/Input_test.php index a632ee689..e269b1762 100644 --- a/tests/codeigniter/core/Input_test.php +++ b/tests/codeigniter/core/Input_test.php @@ -250,9 +250,10 @@ class Input_test extends CI_TestCase { $this->assertEquals('127.0.0.1', $this->input->ip_address()); $this->input->ip_address = FALSE; - $this->ci_set_config('proxy_ips', 'http://foo/bar/baz, 127.0.0.1/1'); + $this->ci_set_config('proxy_ips', 'http://foo/bar/baz, 127.0.0.2'); $_SERVER['HTTP_CLIENT_IP'] = '127.0.0.2'; - $this->assertNotEquals('127.0.0.1', $this->input->ip_address()); + $_SERVER['REMOTE_ADDR'] = '127.0.0.2'; + $this->assertEquals('127.0.0.2', $this->input->ip_address()); //IPv6 $this->input->ip_address = FALSE; -- cgit v1.2.3-24-g4f1b From f4cb8f9590c9d02d228b0ab67be6ac0ca51e0087 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 19 Mar 2015 11:54:47 +0200 Subject: [ci skip] Fix a typo in session docs --- user_guide_src/source/libraries/sessions.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/user_guide_src/source/libraries/sessions.rst b/user_guide_src/source/libraries/sessions.rst index 51ecc03bd..2317f8560 100644 --- a/user_guide_src/source/libraries/sessions.rst +++ b/user_guide_src/source/libraries/sessions.rst @@ -836,7 +836,7 @@ Class Reference .. note:: This method is DEPRECATED. Use ``userdata()`` with no parameters instead. - .. php:method:: &get_usedata() + .. php:method:: &get_userdata() :returns: A reference to ``$_SESSION`` :rtype: array @@ -1053,4 +1053,4 @@ Class Reference $this->session->foo = 'bar'; // Results in: - // $_SESSION['foo'] = 'bar'; \ No newline at end of file + // $_SESSION['foo'] = 'bar'; -- cgit v1.2.3-24-g4f1b From 78978b2a53692ebf8070d1cb96ad4c1609e12329 Mon Sep 17 00:00:00 2001 From: Heesung Ahn Date: Thu, 19 Mar 2015 10:32:36 -0400 Subject: updated based on comment Signed-off-by:Heesung Ahn --- tests/codeigniter/core/Input_test.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/tests/codeigniter/core/Input_test.php b/tests/codeigniter/core/Input_test.php index e269b1762..e6122cabc 100644 --- a/tests/codeigniter/core/Input_test.php +++ b/tests/codeigniter/core/Input_test.php @@ -210,8 +210,7 @@ class Input_test extends CI_TestCase { public function test_get_request_header() { - //TODO: Find a way to test HTTP headers - $this->assertNull($this->input->get_request_header('test')); + $this->markTestSkipped('TODO: Find a way to test HTTP headers'); } // -------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From 46a67d33388b4b79397f8f48ab39fcc2fdf8ea73 Mon Sep 17 00:00:00 2001 From: Heesung Ahn Date: Fri, 20 Mar 2015 09:22:01 -0400 Subject: updated based on comment Signed-off-by:Heesung Ahn --- tests/codeigniter/core/Input_test.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/codeigniter/core/Input_test.php b/tests/codeigniter/core/Input_test.php index e6122cabc..d644d7fc7 100644 --- a/tests/codeigniter/core/Input_test.php +++ b/tests/codeigniter/core/Input_test.php @@ -217,8 +217,8 @@ class Input_test extends CI_TestCase { public function test_ip_address() { - $this->input->ip_address = TRUE; - $this->assertTrue($this->input->ip_address()); + $this->input->ip_address = '127.0.0.1'; + $this->assertEquals('127.0.0.1', $this->input->ip_address()); // 127.0.0.1 is set in our Bootstrap file $this->input->ip_address = FALSE; -- cgit v1.2.3-24-g4f1b From 317cad99f23cc80577039a5b709b39cad72690c5 Mon Sep 17 00:00:00 2001 From: David Woods Date: Fri, 20 Mar 2015 22:32:24 -0700 Subject: Changed scenario based tests to unit tests Added tests for set_data() & set_message() Signed-off-by: David Woods --- .../codeigniter/libraries/Form_validation_test.php | 323 +++++++++++---------- 1 file changed, 175 insertions(+), 148 deletions(-) diff --git a/tests/codeigniter/libraries/Form_validation_test.php b/tests/codeigniter/libraries/Form_validation_test.php index 18b7c83d6..088a0ce3e 100644 --- a/tests/codeigniter/libraries/Form_validation_test.php +++ b/tests/codeigniter/libraries/Form_validation_test.php @@ -11,8 +11,7 @@ class Form_validation_test extends CI_TestCase { $loader = $this->getMock('CI_Loader', array('helper')); // At current, CI_Form_Validation only calls load->helper("form") // Assert this so that if that changes this fails fast - $loader->expects($this->once()) - ->method('helper') + $loader->method('helper') ->with($this->equalTo('form')); // Same applies for lang $lang = $this->getMock('CI_Lang', array('load')); @@ -34,8 +33,9 @@ class Form_validation_test extends CI_TestCase { public function test___construct() { - $this->assertNotNull($this->form_validation); - } + $form_validation = new CI_Form_validation(); + $this->assertNotNull($form_validation); + } public function test_rule_required() { @@ -74,232 +74,259 @@ class Form_validation_test extends CI_TestCase { } public function test_rule_min_length() - { - // Empty input should pass any rule unless required is also specified - $this->assertTrue($this->run_rule('min_length[34]', '')); - $this->assertTrue($this->run_rule('min_length[2]', '12')); - $this->assertTrue($this->run_rule('min_length[2]', ' 2')); + { + $this->assertTrue($this->form_validation->min_length('12345', '5')); + $this->assertTrue($this->form_validation->min_length('test', '0')); - $this->assertFalse($this->run_rule('min_length[2]', '1')); - $this->assertFalse($this->run_rule('min_length[4]|required', '')); + $this->assertFalse($this->form_validation->min_length('123', '4')); + $this->assertFalse($this->form_validation->min_length('should_fail', 'A')); + $this->assertFalse($this->form_validation->min_length('', '4')); } public function test_rule_max_length() - { - // Empty input should pass any rule unless required is also specified - $this->assertTrue($this->run_rule('max_length[4]', '')); - $this->assertTrue($this->run_rule('max_length[4]', '1234')); + { + $this->assertTrue($this->form_validation->max_length('', '4')); + $this->assertTrue($this->form_validation->max_length('1234', '4')); - $this->assertFalse($this->run_rule('max_length[4]', '12345')); + $this->assertFalse($this->form_validation->max_length('12345', '4')); + $this->assertFalse($this->form_validation->max_length('should_fail', 'A')); } public function test_rule_exact_length() - { - // Empty input should pass any rule unless required is also specified - $this->assertTrue($this->run_rule('exact_length[4]', '')); - $this->assertTrue($this->run_rule('exact_length[4]', '1234')); + { + $this->assertTrue($this->form_validation->exact_length('1234', '4')); - $this->assertFalse($this->run_rule('exact_length[4]', '123')); - $this->assertFalse($this->run_rule('exact_length[4]', '12345')); + $this->assertFalse($this->form_validation->exact_length('', '3')); + $this->assertFalse($this->form_validation->exact_length('12345', '4')); + $this->assertFalse($this->form_validation->exact_length('123', '4')); + $this->assertFalse($this->form_validation->exact_length('should_fail', 'A')); } public function test_rule_greater_than() { // Empty input should pass any rule unless required is also specified - $this->assertTrue($this->run_rule('greater_than[-10]', '')); - $this->assertTrue($this->run_rule('greater_than[-10]', '-9')); + $this->assertTrue($this->form_validation->greater_than('-10', '-11')); + $this->assertTrue($this->form_validation->greater_than('10', '9')); - $this->assertFalse($this->run_rule('greater_than[-10]', '-99')); - $this->assertFalse($this->run_rule('greater_than[-10]', 'a')); + $this->assertFalse($this->form_validation->greater_than('10', '10')); + $this->assertFalse($this->form_validation->greater_than('10', 'a')); + $this->assertFalse($this->form_validation->greater_than('10a', '10')); } public function test_rule_greater_than_equal_to() - { - // Empty input should pass any rule unless required is also specified - $this->assertTrue($this->run_rule('greater_than_equal_to[0]', '')); - $this->assertTrue($this->run_rule('greater_than_equal_to[0]', '0')); - $this->assertTrue($this->run_rule('greater_than_equal_to[0]', '1')); + { + $this->assertTrue($this->form_validation->greater_than_equal_to('0', '0')); + $this->assertTrue($this->form_validation->greater_than_equal_to('1', '0')); - $this->assertFalse($this->run_rule('greater_than_equal_to[0]', '-1')); - $this->assertFalse($this->run_rule('greater_than_equal_to[0]', 'a')); + $this->assertFalse($this->form_validation->greater_than_equal_to('-1', '0')); + $this->assertFalse($this->form_validation->greater_than_equal_to('10a', '0')); } public function test_rule_less_than() - { - // Empty input should pass any rule unless required is also specified - $this->assertTrue($this->run_rule('less_than[0]', '')); - $this->assertTrue($this->run_rule('less_than[0]', '-1')); + { + $this->assertTrue($this->form_validation->less_than('4', '5')); + $this->assertTrue($this->form_validation->less_than('-1', '0')); - $this->assertFalse($this->run_rule('less_than[0]', '0')); - $this->assertFalse($this->run_rule('less_than[0]', 'a')); + $this->assertFalse($this->form_validation->less_than('4', '4')); + $this->assertFalse($this->form_validation->less_than('10a', '5')); } public function test_rule_less_than_equal_to() - { - // Empty input should pass any rule unless required is also specified - $this->assertTrue($this->run_rule('less_than_equal_to[0]', '')); - $this->assertTrue($this->run_rule('less_than_equal_to[0]', '-1')); - $this->assertTrue($this->run_rule('less_than_equal_to[0]', '0')); + { + $this->assertTrue($this->form_validation->less_than_equal_to('-1', '0')); + $this->assertTrue($this->form_validation->less_than_equal_to('-1', '-1')); + $this->assertTrue($this->form_validation->less_than_equal_to('4', '4')); - $this->assertFalse($this->run_rule('less_than_equal_to[0]', '1')); - $this->assertFalse($this->run_rule('less_than_equal_to[0]', 'a')); + $this->assertFalse($this->form_validation->less_than_equal_to('0', '-1')); + $this->assertFalse($this->form_validation->less_than_equal_to('10a', '0')); } public function test_rule_in_list() - { - // Empty input should pass any rule unless required is also specified - $this->assertTrue($this->run_rule('in_list[red,Blue,123]', '')); - $this->assertTrue($this->run_rule('in_list[red,Blue,123]', 'red')); - $this->assertTrue($this->run_rule('in_list[red,Blue,123]', 'Blue')); - $this->assertTrue($this->run_rule('in_list[red,Blue,123]', '123')); - - $this->assertFalse($this->run_rule('in_list[red,Blue,123]', 'Red')); - $this->assertFalse($this->run_rule('in_list[red,Blue,123]', 'blue')); - $this->assertFalse($this->run_rule('in_list[red,Blue,123]', ' red')); + { + $this->assertTrue($this->form_validation->in_list('red', 'red,Blue,123')); + $this->assertTrue($this->form_validation->in_list('Blue', 'red,Blue,123')); + $this->assertTrue($this->form_validation->in_list('123', 'red,Blue,123')); + + $this->assertFalse($this->form_validation->in_list('Red', 'red,Blue,123')); + $this->assertFalse($this->form_validation->in_list(' red', 'red,Blue,123')); + $this->assertFalse($this->form_validation->in_list('1234', 'red,Blue,123')); } public function test_rule_alpha() - { - // Empty input should pass any rule unless required is also specified - $this->assertTrue($this->run_rule('alpha', '')); - $this->assertTrue($this->run_rule('alpha', 'abcdefghijklmnopqrstuvwxyzABCDEFGHLIJKLMNOPQRSTUVWXYZ')); + { + $this->assertTrue($this->form_validation->alpha('abcdefghijklmnopqrstuvwxyzABCDEFGHLIJKLMNOPQRSTUVWXYZ')); - $this->assertFalse($this->run_rule('alpha', 'abcdefghijklmnopqrstuvwxyzABCDEFGHLIJKLMNOPQRSTUVWXYZ ')); - $this->assertFalse($this->run_rule('alpha', 'abcdefghijklmnopqrstuvwxyzABCDEFGHLIJKLMNOPQRSTUVWXYZ1')); - $this->assertFalse($this->run_rule('alpha', 'abcdefghijklmnopqrstuvwxyzABCDEFGHLIJKLMNOPQRSTUVWXYZ*')); + $this->assertFalse($this->form_validation->alpha('abcdefghijklmnopqrstuvwxyzABCDEFGHLIJKLMNOPQRSTUVWXYZ ')); + $this->assertFalse($this->form_validation->alpha('abcdefghijklmnopqrstuvwxyzABCDEFGHLIJKLMNOPQRSTUVWXYZ1')); + $this->assertFalse($this->form_validation->alpha('abcdefghijklmnopqrstuvwxyzABCDEFGHLIJKLMNOPQRSTUVWXYZ*')); } public function test_rule_alpha_numeric() - { - // Empty input should pass any rule unless required is also specified - $this->assertTrue($this->run_rule('alpha_numeric', '')); - $this->assertTrue($this->run_rule('alpha_numeric', 'abcdefghijklmnopqrstuvwxyzABCDEFGHLIJKLMNOPQRSTUVWXYZ0123456789')); + { + $this->assertTrue($this->form_validation->alpha_numeric('abcdefghijklmnopqrstuvwxyzABCDEFGHLIJKLMNOPQRSTUVWXYZ0123456789')); - $this->assertFalse($this->run_rule('alpha_numeric', 'abcdefghijklmnopqrstuvwxyzABCDEFGHLIJKLMNOPQRSTUVWXYZ0123456789\ ')); - $this->assertFalse($this->run_rule('alpha_numeric', 'abcdefghijklmnopqrstuvwxyzABCDEFGHLIJKLMNOPQRSTUVWXYZ0123456789_')); + $this->assertFalse($this->form_validation->alpha_numeric('abcdefghijklmnopqrstuvwxyzABCDEFGHLIJKLMNOPQRSTUVWXYZ0123456789\ ')); + $this->assertFalse($this->form_validation->alpha_numeric('abcdefghijklmnopqrstuvwxyzABCDEFGHLIJKLMNOPQRSTUVWXYZ0123456789_')); } public function test_rule_alpha_numeric_spaces() - { - // Empty input should pass any rule unless required is also specified - $this->assertTrue($this->run_rule('alpha_numeric_spaces', '')); - $this->assertTrue($this->run_rule('alpha_numeric_spaces', ' abcdefghijklmnopqrstuvwxyzABCDEFGHLIJKLMNOPQRSTUVWXYZ0123456789')); + { + $this->assertTrue($this->form_validation->alpha_numeric_spaces(' abcdefghijklmnopqrstuvwxyzABCDEFGHLIJKLMNOPQRSTUVWXYZ0123456789')); - $this->assertFalse($this->run_rule('alpha_numeric_spaces', ' abcdefghijklmnopqrstuvwxyzABCDEFGHLIJKLMNOPQRSTUVWXYZ0123456789_')); + $this->assertFalse($this->form_validation->alpha_numeric_spaces(' abcdefghijklmnopqrstuvwxyzABCDEFGHLIJKLMNOPQRSTUVWXYZ0123456789_')); } public function test_rule_alpha_dash() - { - // Empty input should pass any rule unless required is also specified - $this->assertTrue($this->run_rule('alpha_dash', '')); - $this->assertTrue($this->run_rule('alpha_dash', 'abcdefghijklmnopqrstuvwxyzABCDEFGHLIJKLMNOPQRSTUVWXYZ0123456789-_')); + { + $this->assertTrue($this->form_validation->alpha_dash('abcdefghijklmnopqrstuvwxyzABCDEFGHLIJKLMNOPQRSTUVWXYZ0123456789-_')); - $this->assertFalse($this->run_rule('alpha_dash', 'abcdefghijklmnopqrstuvwxyzABCDEFGHLIJKLMNOPQRSTUVWXYZ0123456789-_\ ')); + $this->assertFalse($this->form_validation->alpha_dash('abcdefghijklmnopqrstuvwxyzABCDEFGHLIJKLMNOPQRSTUVWXYZ0123456789-_\ ')); } public function test_rule_numeric() - { - // Empty input should pass any rule unless required is also specified - $this->assertTrue($this->run_rule('numeric', '')); - $this->assertTrue($this->run_rule('numeric', '0')); - $this->assertTrue($this->run_rule('numeric', '12314')); - $this->assertTrue($this->run_rule('numeric', '-42')); + { + $this->assertTrue($this->form_validation->numeric('0')); + $this->assertTrue($this->form_validation->numeric('12314')); + $this->assertTrue($this->form_validation->numeric('-42')); - $this->assertFalse($this->run_rule('numeric', '123a')); + $this->assertFalse($this->form_validation->numeric('123a')); + $this->assertFalse($this->form_validation->numeric('--1')); } public function test_rule_integer() - { - // Empty input should pass any rule unless required is also specified - $this->assertTrue($this->run_rule('integer', '')); - $this->assertTrue($this->run_rule('integer', '0')); - $this->assertTrue($this->run_rule('integer', '42')); - - $this->assertFalse($this->run_rule('integer', '124a')); - $this->assertFalse($this->run_rule('integer', '1.9')); + { + $this->assertTrue($this->form_validation->integer('0')); + $this->assertTrue($this->form_validation->integer('42')); + $this->assertTrue($this->form_validation->integer('-1')); + + $this->assertFalse($this->form_validation->integer('124a')); + $this->assertFalse($this->form_validation->integer('1.9')); + $this->assertFalse($this->form_validation->integer('--1')); } public function test_rule_decimal() - { - // Empty input should pass any rule unless required is also specified - $this->assertTrue($this->run_rule('decimal', '')); - $this->assertTrue($this->run_rule('decimal', '1.0')); - $this->assertTrue($this->run_rule('decimal', '0.98')); - - $this->assertFalse($this->run_rule('decimal', '1.0a')); - $this->assertFalse($this->run_rule('decimal', '-i')); + { + $this->assertTrue($this->form_validation->decimal('1.0')); + $this->assertTrue($this->form_validation->decimal('-0.98')); + + $this->assertFalse($this->form_validation->decimal('0')); + $this->assertFalse($this->form_validation->decimal('1.0a')); + $this->assertFalse($this->form_validation->decimal('-i')); + $this->assertFalse($this->form_validation->decimal('--1')); } public function test_rule_is_natural() - { - // Empty input should pass any rule unless required is also specified - $this->assertTrue($this->run_rule('is_natural', '')); - $this->assertTrue($this->run_rule('is_natural', '0')); - $this->assertTrue($this->run_rule('is_natural', '12')); + { + $this->assertTrue($this->form_validation->is_natural('0')); + $this->assertTrue($this->form_validation->is_natural('12')); - $this->assertFalse($this->run_rule('is_natural', '42a')); + $this->assertFalse($this->form_validation->is_natural('42a')); + $this->assertFalse($this->form_validation->is_natural('-1')); } public function test_rule_is_natural_no_zero() - { - // Empty input should pass any rule unless required is also specified - $this->assertTrue($this->run_rule('is_natural_no_zero', '')); - $this->assertTrue($this->run_rule('is_natural_no_zero', '42')); + { + $this->assertTrue($this->form_validation->is_natural_no_zero('42')); - $this->assertFalse($this->run_rule('is_natural_no_zero', '0')); - $this->assertFalse($this->run_rule('is_natural_no_zero', '42a')); + $this->assertFalse($this->form_validation->is_natural_no_zero('0')); + $this->assertFalse($this->form_validation->is_natural_no_zero('42a')); + $this->assertFalse($this->form_validation->is_natural_no_zero('-1')); } public function test_rule_valid_url() - { - // Empty input should pass any rule unless required is also specified - $this->assertTrue($this->run_rule('valid_url', '')); - $this->assertTrue($this->run_rule('valid_url', 'www.codeigniter.com')); - $this->assertTrue($this->run_rule('valid_url', 'http://codeigniter.eu')); - - $this->assertFalse($this->run_rule('valid_url', 'code igniter')); + { + $this->assertTrue($this->form_validation->valid_url('www.codeigniter.com')); + $this->assertTrue($this->form_validation->valid_url('http://codeigniter.eu')); + + $this->assertFalse($this->form_validation->valid_url('htt://www.codeIgniter.com')); + $this->assertFalse($this->form_validation->valid_url('')); + $this->assertFalse($this->form_validation->valid_url('code igniter')); } public function test_rule_valid_email() - { - // Empty input should pass any rule unless required is also specified - $this->assertTrue($this->run_rule('valid_email', '')); - $this->assertTrue($this->run_rule('valid_email', 'email@sample.com')); + { + $this->assertTrue($this->form_validation->valid_email('email@sample.com')); - $this->assertFalse($this->run_rule('valid_email', '@sample.com')); + $this->assertFalse($this->form_validation->valid_email('valid_email', '@sample.com')); } public function test_rule_valid_emails() - { - // Empty input should pass any rule unless required is also specified - $this->assertTrue($this->run_rule('valid_emails', '')); - $this->assertTrue($this->run_rule('valid_emails', '1@sample.com,2@sample.com')); + { + $this->assertTrue($this->form_validation->valid_emails('1@sample.com,2@sample.com')); + $this->assertTrue($this->form_validation->valid_emails('email@sample.com')); - $this->assertFalse($this->run_rule('valid_emails', '@sample.com,2@sample.com,validemail@email.ca')); + $this->assertFalse($this->form_validation->valid_emails('valid_email', '@sample.com')); + $this->assertFalse($this->form_validation->valid_emails('@sample.com,2@sample.com,validemail@email.ca')); } public function test_rule_valid_ip() - { - // Empty input should pass any rule unless required is also specified - $this->assertTrue($this->run_rule('valid_ip', '')); - $this->assertTrue($this->run_rule('valid_ip', '127.0.0.1')); - $this->assertTrue($this->run_rule('valid_ip[ipv4]', '127.0.0.1')); - $this->assertTrue($this->run_rule('valid_ip', '2001:0db8:85a3:0000:0000:8a2e:0370:7334')); - $this->assertTrue($this->run_rule('valid_ip[ipv6]', '2001:0db8:85a3:0000:0000:8a2e:0370:7334')); - - $this->assertFalse($this->run_rule('valid_ip[ipv4]', '2001:0db8:85a3:0000:0000:8a2e:0370:7334')); - $this->assertFalse($this->run_rule('valid_ip[ipv6]', '127.0.0.1')); - $this->assertFalse($this->run_rule('valid_ip', 'H001:0db8:85a3:0000:0000:8a2e:0370:7334')); - $this->assertFalse($this->run_rule('valid_ip', '127.0.0.259')); + { + $this->assertTrue($this->form_validation->valid_ip('127.0.0.1')); + $this->assertTrue($this->form_validation->valid_ip('127.0.0.1', 'ipv4')); + $this->assertTrue($this->form_validation->valid_ip('2001:0db8:85a3:0000:0000:8a2e:0370:7334')); + $this->assertTrue($this->form_validation->valid_ip('2001:0db8:85a3:0000:0000:8a2e:0370:7334', 'ipv6')); + + $this->assertFalse($this->form_validation->valid_ip('2001:0db8:85a3:0000:0000:8a2e:0370:7334', 'ipv4')); + $this->assertFalse($this->form_validation->valid_ip('127.0.0.1', 'ipv6')); + $this->assertFalse($this->form_validation->valid_ip('H001:0db8:85a3:0000:0000:8a2e:0370:7334')); + $this->assertFalse($this->form_validation->valid_ip('127.0.0.259')); } public function test_rule_valid_base64() - { - // Empty input should pass any rule unless required is also specified - $this->assertTrue($this->run_rule('valid_base64', '')); - $this->assertTrue($this->run_rule('valid_base64', base64_encode('string'))); + { + $this->assertTrue($this->form_validation->valid_base64(base64_encode('string'))); - $this->assertFalse($this->run_rule('valid_base64', "FA08GG")); + $this->assertFalse($this->form_validation->valid_base64('FA08GG')); + } + + public function test_set_data() + { + // Reset test environment + $_POST = array(); + $this->form_validation->reset_validation(); + + $data = array('field' => 'some_data'); + $this->form_validation->set_data($data); + $this->form_validation->set_rules('field', 'label', 'required'); + $this->assertTrue($this->form_validation->run()); + + // Test with empty array + $_POST = array(); + $data = array(); + $this->form_validation->reset_validation(); + $this->form_validation->set_data($data); + $this->form_validation->set_rules('field', 'label', 'required'); + $this->assertFalse($this->form_validation->run()); + } + + public function test_set_message() + { + // Reset test environment + $_POST = array(); + $this->form_validation->reset_validation(); + $err_message = 'What a terrible error!'; + $rules = array( + array( + 'field' => 'req_field', + 'label' => 'label', + 'rules' => 'required' + ) + ); + $errorless_data = array('req_field' => 'some text'); + $erroneous_data = array('req_field' => ''); + + $this->form_validation->set_message('required', $err_message); + $this->form_validation->set_data($erroneous_data); + $this->form_validation->set_rules($rules); + $this->form_validation->run(); + $this->assertEquals('

'.$err_message.'

', $this->form_validation->error('req_field')); + + $this->form_validation->reset_validation(); + $this->form_validation->set_message('required', $err_message); + $this->form_validation->set_data($errorless_data); + $this->form_validation->set_rules($rules); + $this->form_validation->run(); + $this->assertEquals('', $this->form_validation->error('req_field')); } public function run_rule($rule, $test_value, $reset_post = TRUE) -- cgit v1.2.3-24-g4f1b From 94b758651f39cb3e3af335c71473102191965aeb Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 21 Mar 2015 12:15:46 +0200 Subject: [ci skip] Whitespace cleanup following PR #3682 --- tests/codeigniter/core/Input_test.php | 40 +++++++++++++++++------------------ 1 file changed, 20 insertions(+), 20 deletions(-) diff --git a/tests/codeigniter/core/Input_test.php b/tests/codeigniter/core/Input_test.php index d644d7fc7..c56900d22 100644 --- a/tests/codeigniter/core/Input_test.php +++ b/tests/codeigniter/core/Input_test.php @@ -207,19 +207,19 @@ class Input_test extends CI_TestCase { } // -------------------------------------------------------------------- - + public function test_get_request_header() { $this->markTestSkipped('TODO: Find a way to test HTTP headers'); } - + // -------------------------------------------------------------------- - + public function test_ip_address() - { + { $this->input->ip_address = '127.0.0.1'; $this->assertEquals('127.0.0.1', $this->input->ip_address()); - + // 127.0.0.1 is set in our Bootstrap file $this->input->ip_address = FALSE; $this->assertEquals('127.0.0.1', $this->input->ip_address()); @@ -230,46 +230,46 @@ class Input_test extends CI_TestCase { $this->assertEquals('0.0.0.0', $this->input->ip_address()); $_SERVER['REMOTE_ADDR'] = '127.0.0.1'; - + // Proxy_ips tests $this->input->ip_address = FALSE; $this->ci_set_config('proxy_ips', '127.0.0.3, 127.0.0.4, 127.0.0.2'); - $_SERVER['HTTP_CLIENT_IP'] = '127.0.0.2'; + $_SERVER['HTTP_CLIENT_IP'] = '127.0.0.2'; $this->assertEquals('127.0.0.1', $this->input->ip_address()); - + // Invalid spoof $this->input->ip_address = FALSE; $this->ci_set_config('proxy_ips', 'invalid_ip_address'); - $_SERVER['HTTP_CLIENT_IP'] = 'invalid_ip_address'; - $this->assertEquals('127.0.0.1', $this->input->ip_address()); - + $_SERVER['HTTP_CLIENT_IP'] = 'invalid_ip_address'; + $this->assertEquals('127.0.0.1', $this->input->ip_address()); + $this->input->ip_address = FALSE; $this->ci_set_config('proxy_ips', 'http://foo/bar/baz, 127.0.0.1/1'); - $_SERVER['HTTP_CLIENT_IP'] = '127.0.0.1'; + $_SERVER['HTTP_CLIENT_IP'] = '127.0.0.1'; $this->assertEquals('127.0.0.1', $this->input->ip_address()); - + $this->input->ip_address = FALSE; $this->ci_set_config('proxy_ips', 'http://foo/bar/baz, 127.0.0.2'); - $_SERVER['HTTP_CLIENT_IP'] = '127.0.0.2'; + $_SERVER['HTTP_CLIENT_IP'] = '127.0.0.2'; $_SERVER['REMOTE_ADDR'] = '127.0.0.2'; $this->assertEquals('127.0.0.2', $this->input->ip_address()); - + //IPv6 $this->input->ip_address = FALSE; $this->ci_set_config('proxy_ips', 'FE80:0000:0000:0000:0202:B3FF:FE1E:8329/1, FE80:0000:0000:0000:0202:B3FF:FE1E:8300/2'); - $_SERVER['HTTP_CLIENT_IP'] = 'FE80:0000:0000:0000:0202:B3FF:FE1E:8300'; + $_SERVER['HTTP_CLIENT_IP'] = 'FE80:0000:0000:0000:0202:B3FF:FE1E:8300'; $_SERVER['REMOTE_ADDR'] = 'FE80:0000:0000:0000:0202:B3FF:FE1E:8329'; $this->assertEquals('FE80:0000:0000:0000:0202:B3FF:FE1E:8300', $this->input->ip_address()); - + $this->input->ip_address = FALSE; $_SERVER['REMOTE_ADDR'] = '127.0.0.1'; // back to reality } - + // -------------------------------------------------------------------- - + public function test_user_agent() { $_SERVER['HTTP_USER_AGENT'] = 'test'; $this->assertEquals('test', $this->input->user_agent()); } -} \ No newline at end of file +} -- cgit v1.2.3-24-g4f1b From b011716ecce4ac8f28aad08fa4ed824102ff2cd2 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 21 Mar 2015 12:18:10 +0200 Subject: [ci skip] Remove an obsolete note about references Close #3686 --- user_guide_src/source/general/ancillary_classes.rst | 20 ++++++-------------- 1 file changed, 6 insertions(+), 14 deletions(-) diff --git a/user_guide_src/source/general/ancillary_classes.rst b/user_guide_src/source/general/ancillary_classes.rst index 6a64742ce..f1285d931 100644 --- a/user_guide_src/source/general/ancillary_classes.rst +++ b/user_guide_src/source/general/ancillary_classes.rst @@ -11,7 +11,8 @@ get_instance() .. php:function:: get_instance() - :returns: object of class CI_Controller + :returns: Reference to your controller's instance + :rtype: CI_Controller **Any class that you instantiate within your controller methods can access CodeIgniter's native resources** simply by using the @@ -44,17 +45,9 @@ Once you've assigned the object to a variable, you'll use that variable $CI->config->item('base_url'); // etc. -.. note:: You'll notice that the above get_instance() ``function`` is being - passed by reference:: - - $CI =& get_instance(); - - This is very important. Assigning by reference allows you to use the - original CodeIgniter object rather than creating a copy of it. - -Furthermore, if you'll be using ``get_instance()`` inside another class, -then it would be better if you assign it to a property. This way, you -won't need to call ``get_instance()`` in every single method. +If you'll be using ``get_instance()`` inside another class, then it would +be better if you assign it to a property. This way, you won't need to call +``get_instance()`` in every single method. Example:: @@ -80,9 +73,8 @@ Example:: { $this->CI->config->item('base_url'); } - } In the above example, both methods ``foo()`` and ``bar()`` will work after you instantiate the Example class, without the need to call -``get_instance()`` in each of them. \ No newline at end of file +``get_instance()`` in each of them. -- cgit v1.2.3-24-g4f1b From 737a5660c09e844d44969d1b7e8165b5f0296e37 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 21 Mar 2015 12:41:38 +0200 Subject: [ci skip] Forbid DB session usage with cache_on enabled --- system/libraries/Session/drivers/Session_database_driver.php | 4 ++++ user_guide_src/source/libraries/sessions.rst | 3 ++- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/system/libraries/Session/drivers/Session_database_driver.php b/system/libraries/Session/drivers/Session_database_driver.php index 76c1cf34e..1d01c2923 100644 --- a/system/libraries/Session/drivers/Session_database_driver.php +++ b/system/libraries/Session/drivers/Session_database_driver.php @@ -93,6 +93,10 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan { throw new Exception('Configured database connection is persistent. Aborting.'); } + elseif ($this->_db->cache_on) + { + throw new Exception('Configured database connection has cache enabled. Aborting.'); + } $db_driver = $this->_db->dbdriver.(empty($this->_db->subdriver) ? '' : '_'.$this->_db->subdriver); if (strpos($db_driver, 'mysql') !== FALSE) diff --git a/user_guide_src/source/libraries/sessions.rst b/user_guide_src/source/libraries/sessions.rst index 2317f8560..54655ff79 100644 --- a/user_guide_src/source/libraries/sessions.rst +++ b/user_guide_src/source/libraries/sessions.rst @@ -569,9 +569,10 @@ However, there are some conditions that must be met: - Only your **default** database connection (or the one that you access as ``$this->db`` from your controllers) can be used. - - You can NOT use a persistent connection. - You must have the :doc:`Query Builder ` enabled. + - You can NOT use a persistent connection. + - You can NOT use a connection with the *cache_on* setting enabled. In order to use the 'database' session driver, you must also create this table that we already mentioned and then set it as your -- cgit v1.2.3-24-g4f1b From 01015d910f4b3361153c00173ba2998d0b312ba7 Mon Sep 17 00:00:00 2001 From: Mathew White Date: Sun, 22 Mar 2015 12:46:49 +0000 Subject: Fixed redis cache save logic It was trying to use sAdd as a check if the key was created, but that will return false if it is already present in the set. --- system/libraries/Cache/drivers/Cache_redis.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/system/libraries/Cache/drivers/Cache_redis.php b/system/libraries/Cache/drivers/Cache_redis.php index 5236556d9..a35fbf6d2 100644 --- a/system/libraries/Cache/drivers/Cache_redis.php +++ b/system/libraries/Cache/drivers/Cache_redis.php @@ -111,7 +111,7 @@ class CI_Cache_redis extends CI_Driver { if (is_array($data) OR is_object($data)) { - if ( ! $this->_redis->sAdd('_ci_redis_serialized', $id)) + if ( ! $this->_redis->sIsMember('_ci_redis_serialized', $id) && ! $this->_redis->sAdd('_ci_redis_serialized', $id)) { return FALSE; } -- cgit v1.2.3-24-g4f1b From cf77671e18cc40a38f86e216c294e719c73f08b9 Mon Sep 17 00:00:00 2001 From: David Woods Date: Sun, 22 Mar 2015 15:55:16 -0700 Subject: Corrected invalid matches, differs, and set_data test cases Signed-off-by: David Woods --- .../codeigniter/libraries/Form_validation_test.php | 95 ++++++++++++++-------- 1 file changed, 61 insertions(+), 34 deletions(-) diff --git a/tests/codeigniter/libraries/Form_validation_test.php b/tests/codeigniter/libraries/Form_validation_test.php index 088a0ce3e..ccdc64785 100644 --- a/tests/codeigniter/libraries/Form_validation_test.php +++ b/tests/codeigniter/libraries/Form_validation_test.php @@ -39,38 +39,63 @@ class Form_validation_test extends CI_TestCase { public function test_rule_required() { - $this->assertTrue($this->run_rule('required', ' someValue')); + $rules = array(array('field' => 'foo', 'label' => 'foo_label', 'rules' => 'required')); + $this->assertTrue($this->run_rules($rules, array('foo' => 'bar'))); - $this->assertFalse($this->run_rule('required', '')); - $this->assertFalse($this->run_rule('required', ' ')); + $this->assertFalse($this->run_rules($rules, array('foo' => ''))); + $this->assertFalse($this->run_rules($rules, array('foo' => ' '))); } public function test_rule_matches() - { - // Empty input should pass any rule unless required is also specified - $_POST['to_match'] = 'sample'; - $this->assertTrue($this->run_rule('matches[to_match]', '', FALSE)); - $_POST['to_match'] = 'sample'; - $this->assertTrue($this->run_rule('matches[to_match]', 'sample', FALSE)); - - $_POST['to_match'] = 'sample'; - $this->assertFalse($this->run_rule('matches[to_match]', 'Sample', FALSE)); - $_POST['to_match'] = 'sample'; - $this->assertFalse($this->run_rule('matches[to_match]', ' sample', FALSE)); + { + $rules = array( + array('field' => 'foo', 'label' => 'label', 'rules' => 'required'), + array('field' => 'bar', 'label' => 'label2', 'rules' => 'matches[foo]')); + $values_base = array('foo' => 'sample'); + + $this->assertTrue($this->run_rules( + $rules, + array_merge($values_base, array('bar' => '')) + )); + $this->assertTrue($this->run_rules( + $rules, + array_merge($values_base, array('bar' => 'sample')) + )); + + $this->assertFalse($this->run_rules( + $rules, + array_merge($values_base, array('bar' => 'Sample')) + )); + $this->assertFalse($this->run_rules( + $rules, + array_merge($values_base, array('bar' => ' sample')) + )); } public function test_rule_differs() - { - // Empty input should pass any rule unless required is also specified - $_POST['to_differ'] = 'sample'; - $this->assertTrue($this->run_rule('differs[to_differ]', '', FALSE)); - $_POST['to_differ'] = 'sample'; - $this->assertTrue($this->run_rule('differs[to_differ]', 'Sample', FALSE)); - $_POST['to_differ'] = 'sample'; - $this->assertTrue($this->run_rule('differs[to_differ]', ' sample', FALSE)); - - $_POST['to_differ'] = 'sample'; - $this->assertFalse($this->run_rule('differs[to_differ]', 'sample', FALSE)); + { + $rules = array( + array('field' => 'foo', 'label' => 'label', 'rules' => 'required'), + array('field' => 'bar', 'label' => 'label2', 'rules' => 'differs[foo]')); + $values_base = array('foo' => 'sample'); + + $this->assertTrue($this->run_rules( + $rules, + array_merge($values_base, array('bar' => 'does_not_match')) + )); + $this->assertTrue($this->run_rules( + $rules, + array_merge($values_base, array('bar' => 'Sample')) + )); + $this->assertTrue($this->run_rules( + $rules, + array_merge($values_base, array('bar' => ' sample')) + )); + + $this->assertFalse($this->run_rules( + $rules, + array_merge($values_base, array('bar' => 'sample')) + )); } public function test_rule_min_length() @@ -284,7 +309,6 @@ class Form_validation_test extends CI_TestCase { // Reset test environment $_POST = array(); $this->form_validation->reset_validation(); - $data = array('field' => 'some_data'); $this->form_validation->set_data($data); $this->form_validation->set_rules('field', 'label', 'required'); @@ -292,11 +316,13 @@ class Form_validation_test extends CI_TestCase { // Test with empty array $_POST = array(); - $data = array(); $this->form_validation->reset_validation(); + $data = array('field' => 'some_data'); $this->form_validation->set_data($data); + // This should do nothing. Old data will still be used + $this->form_validation->set_data(array()); $this->form_validation->set_rules('field', 'label', 'required'); - $this->assertFalse($this->form_validation->run()); + $this->assertTrue($this->form_validation->run()); } public function test_set_message() @@ -329,17 +355,18 @@ class Form_validation_test extends CI_TestCase { $this->assertEquals('', $this->form_validation->error('req_field')); } - public function run_rule($rule, $test_value, $reset_post = TRUE) + public function run_rules($rules, $values) { // $this->markTestSkipped('Not designed to be a unit test'); $this->form_validation->reset_validation(); - if ($reset_post === TRUE) + $_POST = array(); + + $this->form_validation->set_rules($rules); + foreach ($values as $field => $value) { - $_POST = array(); + $_POST[$field] = $value; } - - $this->form_validation->set_rules('field', 'name', $rule); - $_POST['field'] = $test_value; + return $this->form_validation->run(); } -- cgit v1.2.3-24-g4f1b From 28625e5bc99c59f90db117ecfddf5533db11c61e Mon Sep 17 00:00:00 2001 From: Joshua Logsdon Date: Tue, 24 Mar 2015 14:33:21 -0400 Subject: array_fill() throws an error if count($var) is 0 Signed-off-by: Joshua Logsdon --- system/core/Common.php | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/system/core/Common.php b/system/core/Common.php index ee5a705b2..935c687ab 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -743,6 +743,12 @@ if ( ! function_exists('html_escape')) { if (is_array($var)) { + // If empty array, skip escaping + if ( empty($var) ) + { + return $var; + } + return array_map('html_escape', $var, array_fill(0, count($var), $double_encode)); } -- cgit v1.2.3-24-g4f1b From bd2a7e4062fd97017c5b16beddc15b0c7fc38210 Mon Sep 17 00:00:00 2001 From: Master Yoda Date: Wed, 25 Mar 2015 02:36:31 -0700 Subject: Fixed user guide internal & external links to resolve problems reported by sphinx "make linkcheck" Signed-off-by:Master Yoda --- user_guide_src/source/changelog.rst | 22 ++++++++-------------- user_guide_src/source/contributing/index.rst | 7 +++---- user_guide_src/source/general/credits.rst | 8 ++++---- user_guide_src/source/general/environments.rst | 4 ++-- user_guide_src/source/general/requirements.rst | 2 +- user_guide_src/source/helpers/date_helper.rst | 4 ++-- user_guide_src/source/helpers/email_helper.rst | 2 +- user_guide_src/source/helpers/file_helper.rst | 2 +- user_guide_src/source/helpers/smiley_helper.rst | 2 +- user_guide_src/source/helpers/string_helper.rst | 2 +- user_guide_src/source/helpers/url_helper.rst | 4 ++-- user_guide_src/source/installation/downloads.rst | 16 ++++++++-------- user_guide_src/source/installation/upgrade_200.rst | 4 ++-- user_guide_src/source/installation/upgrade_300.rst | 2 +- user_guide_src/source/libraries/caching.rst | 3 +-- user_guide_src/source/libraries/encryption.rst | 2 +- user_guide_src/source/libraries/javascript.rst | 8 ++++---- user_guide_src/source/libraries/language.rst | 2 +- user_guide_src/source/libraries/loader.rst | 4 ++-- user_guide_src/source/libraries/sessions.rst | 2 +- user_guide_src/source/overview/features.rst | 2 +- .../source/tutorial/create_news_items.rst | 22 +++++++++++----------- user_guide_src/source/tutorial/index.rst | 8 ++++---- user_guide_src/source/tutorial/news_section.rst | 14 +++++++------- user_guide_src/source/tutorial/static_pages.rst | 8 ++++---- 25 files changed, 74 insertions(+), 82 deletions(-) diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index 44a58915b..a1b15105f 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -56,7 +56,7 @@ Release Date: Not Released - Added availability checks where usage of dangerous functions like ``eval()`` and ``exec()`` is required. - Added support for changing the file extension of log files using ``$config['log_file_extension']``. - Added support for turning newline standardization on/off via ``$config['standardize_newlines']`` and set it to FALSE by default. - - Added configuration setting ``$config['composer_autoload']`` to enable loading of a `Composer `_ auto-loader. + - Added configuration setting ``$config['composer_autoload']`` to enable loading of a `Composer `_ auto-loader. - Removed the automatic conversion of 'programmatic characters' to HTML entities from the :doc:`URI Library `. - Changed log messages that say a class or file was loaded to "info" level instead of "debug", so that they don't pollute log files when ``$config['log_threshold']`` is set to 2 (debug). @@ -67,7 +67,7 @@ Release Date: Not Released - Added an optional third parameter to :php:func:`timespan()` that constrains the number of time units displayed. - Added an optional parameter to :php:func:`timezone_menu()` that allows more attributes to be added to the generated select tag. - Added function :php:func:`date_range()` that generates a list of dates between a specified period. - - Deprecated ``standard_date()``, which now just uses the native ``date()`` with `DateTime constants `_. + - Deprecated ``standard_date()``, which now just uses the native ``date()`` with `DateTime constants `_. - Changed :php:func:`now()` to work with all timezone strings supported by PHP. - Changed :php:func:`days_in_month()` to use the native ``cal_days_in_month()`` PHP function, if available. @@ -1137,12 +1137,8 @@ Bug fixes for 2.0.2 class `. - Added form_validation_lang entries for decimal, less_than and greater_than. -- `Fixed issue - #153 `_ - Escape Str Bug in MSSQL driver. -- `Fixed issue - #172 `_ - Google Chrome 11 posts incorrectly when action is empty. +- Fixed issue #153 Escape Str Bug in MSSQL driver. +- Fixed issue #172 Google Chrome 11 posts incorrectly when action is empty. Version 2.0.1 ============= @@ -1235,8 +1231,7 @@ Hg Tag: v2.0.0 libraries, models, config files, etc. in a single "package" directory. See the :doc:`Loader class ` documentation for more details. - - In-development code is now hosted at - `BitBucket `_. + - In-development code is now hosted at BitBucket . - Removed the deprecated Validation Class. - Added CI\_ Prefix to all core classes. - Package paths can now be set in application/config/autoload.php. @@ -1378,7 +1373,7 @@ Hg Tag: v2.0.0 precision. - Added alpha, and sha1 string types to random_string() in the :doc:`String Helper `. - - Modified prep_url() so as to not prepend http:// if the supplied + - Modified prep_url() so as to not prepend http:// if the supplied string already has a scheme. - Modified get_file_info in the file helper, changing filectime() to filemtime() for dates. @@ -2118,7 +2113,7 @@ Bugfixes for 1.6.2 instantiating new Language and Exception objects, and not using the error heading. - Fixed a bug (#4413) where a URI containing slashes only e.g. - 'http://example.com/index.php?//' would result in PHP errors + 'http://example.com/index.php?//' would result in PHP errors - Fixed an array to string conversion error in the Validation library (#4425) - Fixed bug (#4451, #4299, #4339) where failed transactions will not @@ -2770,8 +2765,7 @@ Release Date: September 17, 2006 the core files. - Added the ability to organize controller files :doc:`into sub-folders `. Kudos to Marco for - `suggesting `_ this - (and the next two) feature. + suggesting this (and the next two) feature. - Added regular expressions support for :doc:`routing rules <./general/routing>`. - Added the ability to :doc:`remap function diff --git a/user_guide_src/source/contributing/index.rst b/user_guide_src/source/contributing/index.rst index e88147753..0112ca065 100644 --- a/user_guide_src/source/contributing/index.rst +++ b/user_guide_src/source/contributing/index.rst @@ -10,9 +10,8 @@ Contributing to CodeIgniter CodeIgniter is a community driven project and accepts contributions of code and documentation from the community. These contributions are made in the form -of Issues or `Pull Requests `_ on -the `CodeIgniter repository -`_ on GitHub. +of Issues or `Pull Requests `_ +on the `CodeIgniter repository `_ on GitHub. Issues are a quick way to point out a bug. If you find a bug or documentation error in CodeIgniter then please check a few things first: @@ -75,7 +74,7 @@ PHP Style ========= All code must meet the `Style Guide -`_, which is +`_, which is essentially the `Allman indent style `_, underscores and readable operators. This makes certain that all code is the same format as the diff --git a/user_guide_src/source/general/credits.rst b/user_guide_src/source/general/credits.rst index d22e3a9bc..d0f14b3bd 100644 --- a/user_guide_src/source/general/credits.rst +++ b/user_guide_src/source/general/credits.rst @@ -2,17 +2,17 @@ Credits ####### -CodeIgniter was originally developed by `Rick Ellis `_ -(CEO of `EllisLab, Inc. `_). The framework was written for +CodeIgniter was originally developed by `Rick Ellis `_ +(CEO of `EllisLab, Inc. `_). The framework was written for performance in the real world, with many of the class libraries, helpers, and sub-systems borrowed from the code-base of `ExpressionEngine -`_. +`_. It was, for years, developed and maintained by EllisLab, the ExpressionEngine Development Team and a group of community members called the Reactor Team. In 2014, CodeIgniter was acquired by the `British Columbia Institute of Technology -`_ and was then officially announced as a community-maintained +`_ and was then officially announced as a community-maintained project. Bleeding edge development is spearheaded by the handpicked contributors diff --git a/user_guide_src/source/general/environments.rst b/user_guide_src/source/general/environments.rst index 1ce4fde3a..f5a4f617e 100644 --- a/user_guide_src/source/general/environments.rst +++ b/user_guide_src/source/general/environments.rst @@ -48,5 +48,5 @@ Configuration Files Optionally, you can have CodeIgniter load environment-specific configuration files. This may be useful for managing things like differing API keys across multiple environments. This is described in -more detail in the environment section of the `Config -Class <../libraries/config.html#environments>`_ documentation. \ No newline at end of file +more detail in the environment section of the :doc:`Config +Class <../libraries/config#environments>`_ documentation. \ No newline at end of file diff --git a/user_guide_src/source/general/requirements.rst b/user_guide_src/source/general/requirements.rst index e3f73dba8..f90cdd30d 100644 --- a/user_guide_src/source/general/requirements.rst +++ b/user_guide_src/source/general/requirements.rst @@ -2,7 +2,7 @@ Server Requirements ################### -`PHP `_ version 5.4 or newer is recommended. +`PHP `_ version 5.4 or newer is recommended. It should work on 5.2.4 as well, but we strongly advise you NOT to run such old versions of PHP, because of potential security and performance diff --git a/user_guide_src/source/helpers/date_helper.rst b/user_guide_src/source/helpers/date_helper.rst index bed3b32a2..e0f9f0033 100644 --- a/user_guide_src/source/helpers/date_helper.rst +++ b/user_guide_src/source/helpers/date_helper.rst @@ -50,7 +50,7 @@ The following functions are available: :returns: MySQL-formatted date :rtype: string - This function is identical to PHP's `date() `_ + This function is identical to PHP's `date() `_ function, except that it lets you use MySQL style date codes, where each code letter is preceded with a percent sign, e.g. `%Y %m %d` @@ -84,7 +84,7 @@ The following functions are available: .. note:: This function is DEPRECATED. Use the native ``date()`` combined with `DateTime's format constants - `_ + `_ instead:: echo date(DATE_RFC822, time()); diff --git a/user_guide_src/source/helpers/email_helper.rst b/user_guide_src/source/helpers/email_helper.rst index 685226951..1ee97d902 100644 --- a/user_guide_src/source/helpers/email_helper.rst +++ b/user_guide_src/source/helpers/email_helper.rst @@ -62,7 +62,7 @@ The following functions are available: :returns: TRUE if the mail was successfully sent, FALSE in case of an error :rtype: bool - Sends an email using PHP's native `mail() `_ + Sends an email using PHP's native `mail() `_ function. .. note:: All that this function does is to use PHP's native ``mail`` diff --git a/user_guide_src/source/helpers/file_helper.rst b/user_guide_src/source/helpers/file_helper.rst index 92cb31a82..833cddea4 100644 --- a/user_guide_src/source/helpers/file_helper.rst +++ b/user_guide_src/source/helpers/file_helper.rst @@ -76,7 +76,7 @@ The following functions are available: write_file('./path/to/file.php', $data, 'r+'); - The default mode is 'wb'. Please see the `PHP user guide `_ + The default mode is 'wb'. Please see the `PHP user guide `_ for mode options. .. note: In order for this function to write data to a file, its permissions must diff --git a/user_guide_src/source/helpers/smiley_helper.rst b/user_guide_src/source/helpers/smiley_helper.rst index 978d11e5f..3e7669942 100644 --- a/user_guide_src/source/helpers/smiley_helper.rst +++ b/user_guide_src/source/helpers/smiley_helper.rst @@ -43,7 +43,7 @@ download and install the smiley images, then create a controller and the View as described. .. important:: Before you begin, please `download the smiley images - `_ + `_ and put them in a publicly accessible place on your server. This helper also assumes you have the smiley replacement array located at `application/config/smileys.php` diff --git a/user_guide_src/source/helpers/string_helper.rst b/user_guide_src/source/helpers/string_helper.rst index 9d0d890b3..a1acb215c 100644 --- a/user_guide_src/source/helpers/string_helper.rst +++ b/user_guide_src/source/helpers/string_helper.rst @@ -124,7 +124,7 @@ The following functions are available: :rtype: string Converts double slashes in a string to a single slash, except those - found in URL protocol prefixes (e.g. http://). + found in URL protocol prefixes (e.g. http://). Example:: diff --git a/user_guide_src/source/helpers/url_helper.rst b/user_guide_src/source/helpers/url_helper.rst index 83864d9d3..64deae240 100644 --- a/user_guide_src/source/helpers/url_helper.rst +++ b/user_guide_src/source/helpers/url_helper.rst @@ -144,7 +144,7 @@ Available Functions be a string or an array. .. note:: If you are building links that are internal to your application - do not include the base URL (http://...). This will be added + do not include the base URL (http://...). This will be added automatically from the information specified in your config file. Include only the URI segments you wish appended to the URL. @@ -317,7 +317,7 @@ Available Functions :returns: Protocol-prefixed URL string :rtype: string - This function will add http:// in the event that a protocol prefix + This function will add http:// in the event that a protocol prefix is missing from a URL. Pass the URL string to the function like this:: diff --git a/user_guide_src/source/installation/downloads.rst b/user_guide_src/source/installation/downloads.rst index 3b4ebe64b..e2b6a9c18 100644 --- a/user_guide_src/source/installation/downloads.rst +++ b/user_guide_src/source/installation/downloads.rst @@ -2,14 +2,14 @@ Downloading CodeIgniter ####################### -- `CodeIgniter v3.0.0 (Current version) `_ -- `CodeIgniter v2.2.1 `_ -- `CodeIgniter v2.2.0 `_ -- `CodeIgniter v2.1.4 `_ -- `CodeIgniter v2.1.3 `_ -- `CodeIgniter v2.1.2 `_ -- `CodeIgniter v2.1.1 `_ -- `CodeIgniter v2.1.0 `_ +- `CodeIgniter v3.0.0 (Current version) `_ +- `CodeIgniter v2.2.1 `_ +- `CodeIgniter v2.2.0 `_ +- `CodeIgniter v2.1.4 `_ +- `CodeIgniter v2.1.3 `_ +- `CodeIgniter v2.1.2 `_ +- `CodeIgniter v2.1.1 `_ +- `CodeIgniter v2.1.0 `_ ****** GitHub diff --git a/user_guide_src/source/installation/upgrade_200.rst b/user_guide_src/source/installation/upgrade_200.rst index ca2c6c1e0..03b8ff4ac 100644 --- a/user_guide_src/source/installation/upgrade_200.rst +++ b/user_guide_src/source/installation/upgrade_200.rst @@ -64,8 +64,8 @@ string using the improved methods. This will enable you to easily replace stale encrypted data with fresh in your applications, either on the fly or en masse. -Please read `how to use this -method <../libraries/encrypt.html#legacy>`_ in the Encrypt library +Please read :doc:`how to use this +method <../libraries/encrypt>` in the Encrypt library documentation. Step 5: Remove loading calls for the compatibility helper. diff --git a/user_guide_src/source/installation/upgrade_300.rst b/user_guide_src/source/installation/upgrade_300.rst index 2f806cccf..7e3479740 100644 --- a/user_guide_src/source/installation/upgrade_300.rst +++ b/user_guide_src/source/installation/upgrade_300.rst @@ -627,7 +627,7 @@ Date helper standard_date() =========================== :doc:`Date Helper <../helpers/date_helper>` function ``standard_date()`` is being deprecated due -to the availability of native PHP `constants `_, +to the availability of native PHP `constants `_, which when combined with ``date()`` provide the same functionality. Furthermore, they have the exact same names as the ones supported by ``standard_date()``. Here are examples of how to replace its usage: diff --git a/user_guide_src/source/libraries/caching.rst b/user_guide_src/source/libraries/caching.rst index 86439b4ee..f54de5faf 100644 --- a/user_guide_src/source/libraries/caching.rst +++ b/user_guide_src/source/libraries/caching.rst @@ -250,8 +250,7 @@ Redis Caching ============= Redis is an in-memory key-value store which can operate in LRU cache mode. -To use it, you need Redis server and phpredis PHP extension -`https://github.com/nicolasff/phpredis `_. +To use it, you need `Redis server and phpredis PHP extension `_. Config options to connect to redis server must be stored in the application/config/redis.php file. Available options are:: diff --git a/user_guide_src/source/libraries/encryption.rst b/user_guide_src/source/libraries/encryption.rst index 0c347604c..599be4df0 100644 --- a/user_guide_src/source/libraries/encryption.rst +++ b/user_guide_src/source/libraries/encryption.rst @@ -482,7 +482,7 @@ The reason for not including other popular algorithms, such as MD5 or SHA1 is that they are no longer considered secure enough and as such, we don't want to encourage their usage. If you absolutely need to use them, it is easy to do so via PHP's -native `hash_hmac() `_ function. +native `hash_hmac() `_ function. Stronger algorithms of course will be added in the future as they appear and become widely available. diff --git a/user_guide_src/source/libraries/javascript.rst b/user_guide_src/source/libraries/javascript.rst index 7f83b2f70..e91b9ad78 100644 --- a/user_guide_src/source/libraries/javascript.rst +++ b/user_guide_src/source/libraries/javascript.rst @@ -135,7 +135,7 @@ In the above example: keydown, keyup, load, mousedown, mouseup, mouseover, mouseup, resize, scroll, or unload. - "element_path" is any valid `jQuery selector - `_. Due to jQuery's unique + `_. Due to jQuery's unique selector syntax, this is usually an element id, or CSS selector. For example "#notice_area" would effect ``
``, and "#content a.notice" would effect all anchors with a class of "notice" @@ -147,7 +147,7 @@ Effects ======= The query library supports a powerful -`Effects `_ repertoire. Before an effect +`Effects `_ repertoire. Before an effect can be used, it must be loaded:: $this->jquery->effect([optional path] plugin name); // for example $this->jquery->effect('bounce'); @@ -201,7 +201,7 @@ animate() other additional information. For a full summary, see -`http://docs.jquery.com/Effects/animate `_ +`http://api.jquery.com/animate/ `_ Here is an example of an animate() called on a div with an id of "note", and triggered by a click using the jQuery library's click() event. @@ -288,7 +288,7 @@ corner() -------- Used to add distinct corners to page elements. For full details see -`http://www.malsup.com/jquery/corner/ `_ +`http://malsup.com/jquery/corner/ `_ :: diff --git a/user_guide_src/source/libraries/language.rst b/user_guide_src/source/libraries/language.rst index ee1cefcd0..de17c8288 100644 --- a/user_guide_src/source/libraries/language.rst +++ b/user_guide_src/source/libraries/language.rst @@ -19,7 +19,7 @@ your **application/language/** directory, with separate sub-directories for each The CodeIgniter framework comes with a set of language files for the "english" idiom. Additional approved translations for different idioms may be found in the -`CodeIgniter 3 Translations repositories `_. +`CodeIgniter 3 Translations repositories `_. Each repository deals with a single idiom. When CodeIgniter loads language files, it will load the one in **system/language/** diff --git a/user_guide_src/source/libraries/loader.rst b/user_guide_src/source/libraries/loader.rst index efa9d519b..228d5e478 100644 --- a/user_guide_src/source/libraries/loader.rst +++ b/user_guide_src/source/libraries/loader.rst @@ -238,7 +238,7 @@ Class Reference The second **optional** parameter can take an associative array or an object as input, which it runs through the PHP - `extract() `_ function to convert to variables + `extract() `_ function to convert to variables that can be used in your view files. Again, read the :doc:`Views <../general/views>` page to learn how this might be useful. @@ -259,7 +259,7 @@ Class Reference :rtype: CI_Loader This method takes an associative array as input and generates - variables using the PHP `extract() `_ + variables using the PHP `extract() `_ function. This method produces the same result as using the second parameter of the ``$this->load->view()`` method above. The reason you might want to use this method independently is if you would like to diff --git a/user_guide_src/source/libraries/sessions.rst b/user_guide_src/source/libraries/sessions.rst index 54655ff79..2034ed2b0 100644 --- a/user_guide_src/source/libraries/sessions.rst +++ b/user_guide_src/source/libraries/sessions.rst @@ -640,7 +640,7 @@ of its high performance, which is also probably your reason to use the 'redis' session driver. The downside is that it is not as ubiquitous as relational databases and -requires the `phpredis `_ PHP +requires the `phpredis `_ PHP extension to be installed on your system, and that one doesn't come bundled with PHP. Chances are, you're only be using the 'redis' driver only if you're already diff --git a/user_guide_src/source/overview/features.rst b/user_guide_src/source/overview/features.rst index 8c27b1436..b230be9a3 100644 --- a/user_guide_src/source/overview/features.rst +++ b/user_guide_src/source/overview/features.rst @@ -8,7 +8,7 @@ how intuitively or intelligently it is designed. Features don't reveal anything about the quality of the code, or the performance, or the attention to detail, or security practices. The only way to really judge an app is to try it and get to know the code. -`Installing <../installation/>`_ CodeIgniter is child's play so we +:doc:`Installing <../installation/>`_ CodeIgniter is child's play so we encourage you to do just that. In the mean time here's a list of CodeIgniter's main features. diff --git a/user_guide_src/source/tutorial/create_news_items.rst b/user_guide_src/source/tutorial/create_news_items.rst index 461584723..71d2080af 100644 --- a/user_guide_src/source/tutorial/create_news_items.rst +++ b/user_guide_src/source/tutorial/create_news_items.rst @@ -37,16 +37,16 @@ application/views/news/create.php. There are only two things here that probably look unfamiliar to you: the form_open() function and the validation_errors() function. -The first function is provided by the `form -helper <../helpers/form_helper.html>`_ and renders the form element and -adds extra functionality, like adding a hidden `CSRF prevention -field <../libraries/security.html>`_. The latter is used to report +The first function is provided by the :doc:`form +helper <../helpers/form_helper>` and renders the form element and +adds extra functionality, like adding a hidden :doc:`CSRF prevention +field <../libraries/security>`. The latter is used to report errors related to form validation. Go back to your news controller. You're going to do two things here, check whether the form was submitted and whether the submitted data -passed the validation rules. You'll use the `form -validation <../libraries/form_validation.html>`_ library to do this. +passed the validation rules. You'll use the :doc:`form +validation <../libraries/form_validation>` library to do this. :: @@ -81,8 +81,8 @@ the name of the input field, the name to be used in error messages, and the rule. In this case the title and text fields are required. CodeIgniter has a powerful form validation library as demonstrated -above. You can read `more about this library -here <../libraries/form_validation.html>`_. +above. You can read :doc:`more about this library +here <../libraries/form_validation>`. Continuing down, you can see a condition that checks whether the form validation ran successfully. If it did not, the form is displayed, if it @@ -117,7 +117,7 @@ the model created earlier and add the following: This new method takes care of inserting the news item into the database. The third line contains a new function, url\_title(). This function - -provided by the `URL helper <../helpers/url_helper.html>`_ - strips down +provided by the :doc:`URL helper <../helpers/url_helper>` - strips down the string you pass it, replacing all spaces by dashes (-) and makes sure everything is in lowercase characters. This leaves you with a nice slug, perfect for creating URIs. @@ -125,8 +125,8 @@ slug, perfect for creating URIs. Let's continue with preparing the record that is going to be inserted later, inside the $data array. Each element corresponds with a column in the database table created earlier. You might notice a new method here, -namely the post() method from the `input -library <../libraries/input.html>`_. This method makes sure the data is +namely the post() method from the :doc:`input +library <../libraries/input>`. This method makes sure the data is sanitized, protecting you from nasty attacks from others. The input library is loaded by default. At last, you insert our $data array into our database. diff --git a/user_guide_src/source/tutorial/index.rst b/user_guide_src/source/tutorial/index.rst index b1ab331d1..91f99c7cd 100644 --- a/user_guide_src/source/tutorial/index.rst +++ b/user_guide_src/source/tutorial/index.rst @@ -24,13 +24,13 @@ through the following pages: - Introduction, this page, which gives you an overview of what to expect. -- `Static pages `_, which will teach you the basics +- :doc:`Static pages `, which will teach you the basics of controllers, views and routing. -- `News section `_, where you'll start using models +- :doc:`News section `, where you'll start using models and will be doing some basic database operations. -- `Create news items `_, which will introduce +- :doc:`Create news items `, which will introduce more advanced database operations and form validation. -- `Conclusion `_, which will give you some pointers on +- :doc:`Conclusion `, which will give you some pointers on further reading and other resources. Enjoy your exploration of the CodeIgniter framework. diff --git a/user_guide_src/source/tutorial/news_section.rst b/user_guide_src/source/tutorial/news_section.rst index f436b2510..d8ebac4a3 100644 --- a/user_guide_src/source/tutorial/news_section.rst +++ b/user_guide_src/source/tutorial/news_section.rst @@ -18,7 +18,7 @@ database or other data stores. They represent your data. Open up the application/models directory and create a new file called News_model.php and add the following code. Make sure you've configured your database properly as described -`here <../database/configuration.html>`_. +:doc:`here <../database/configuration>`. :: @@ -53,10 +53,10 @@ seed records. Now that the database and a model have been set up, you'll need a method to get all of our posts from our database. To do this, the database -abstraction layer that is included with CodeIgniter — `Active -Record <../database/query_builder.html>`_ — is used. This makes it -possible to write your 'queries' once and make them work on `all -supported database systems <../general/requirements.html>`_. Add the +abstraction layer that is included with CodeIgniter — +:doc:`Query Builder <../database/query_builder>` — is used. This makes it +possible to write your 'queries' once and make them work on :doc:`all +supported database systems <../general/requirements>`. Add the following code to your model. :: @@ -157,8 +157,8 @@ and add the next piece of code. Here, each news item is looped and displayed to the user. You can see we wrote our template in PHP mixed with HTML. If you prefer to use a -template language, you can use CodeIgniter's `Template -Parser <../libraries/parser>`_ class or a third party parser. +template language, you can use CodeIgniter's :doc:`Template +Parser <../libraries/parser>` class or a third party parser. The news overview page is now done, but a page to display individual news items is still absent. The model created earlier is made in such diff --git a/user_guide_src/source/tutorial/static_pages.rst b/user_guide_src/source/tutorial/static_pages.rst index 53f286473..210d9f8d6 100644 --- a/user_guide_src/source/tutorial/static_pages.rst +++ b/user_guide_src/source/tutorial/static_pages.rst @@ -3,7 +3,7 @@ Static pages ############ **Note:** This tutorial assumes you've downloaded CodeIgniter and -`installed the framework <../installation/index.html>`_ in your +:doc:`installed the framework <../installation/index>` in your development environment. The first thing you're going to do is set up a **controller** to handle @@ -12,14 +12,14 @@ It is the glue of your web application. For example, when a call is made to: - http://example.com/news/latest/10 + http://example.com/news/latest/10 We might imagine that there is a controller named "news". The method being called on news would be "latest". The news method's job could be to grab 10 news items, and render them on the page. Very often in MVC, you'll see URL patterns that match: - http://example.com/[controller-class]/[controller-method]/[arguments] + http://example.com/[controller-class]/[controller-method]/[arguments] As URL schemes become more complex, this may change. But for now, this is all we will need to know. @@ -159,7 +159,7 @@ match, and calls the appropriate controller and method, possibly with arguments. More information about routing can be found in the URI Routing -`documentation <../general/routing.html>`_. +:doc:`documentation <../general/routing>`. Here, the second rule in the $routes array matches **any** request using the wildcard string (:any). and passes the parameter to the ``view()`` -- cgit v1.2.3-24-g4f1b From 8f5c1780706113c926bb7801db27dbae97d00fcf Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 25 Mar 2015 13:41:02 +0200 Subject: Fix #3694: Packages not overriding stock libraries Related: #3692 --- system/core/Loader.php | 47 ++++++++++++++++++++++++++++++----------------- 1 file changed, 30 insertions(+), 17 deletions(-) diff --git a/system/core/Loader.php b/system/core/Loader.php index b2eeb3b1d..254ad0d6d 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -1079,17 +1079,26 @@ class CI_Loader { log_message('debug', $library_name.' class already loaded. Second attempt ignored.'); return; } - elseif (file_exists(APPPATH.'libraries/'.$file_path.$library_name.'.php')) + + $paths = $this->_ci_library_paths; + array_pop($paths); // BASEPATH + array_pop($paths); // APPPATH (needs to be the first path checked) + array_unshift($paths, APPPATH); + + foreach ($paths as $path) { - // Override - include_once(APPPATH.'libraries/'.$file_path.$library_name.'.php'); - if (class_exists($prefix.$library_name, FALSE)) + if (file_exists($path = $path.'libraries/'.$file_path.$library_name.'.php')) { - return $this->_ci_init_library($library_name, $prefix, $params, $object_name); - } - else - { - log_message('debug', APPPATH.'libraries/'.$file_path.$library_name.'.php exists, but does not declare '.$prefix.$library_name); + // Override + include_once($path); + if (class_exists($prefix.$library_name, FALSE)) + { + return $this->_ci_init_library($library_name, $prefix, $params, $object_name); + } + else + { + log_message('debug', $path.' exists, but does not declare '.$prefix.$library_name); + } } } @@ -1097,16 +1106,20 @@ class CI_Loader { // Check for extensions $subclass = config_item('subclass_prefix').$library_name; - if (file_exists(APPPATH.'libraries/'.$file_path.$subclass.'.php')) + foreach ($paths as $path) { - include_once(APPPATH.'libraries/'.$file_path.$subclass.'.php'); - if (class_exists($subclass, FALSE)) + if (file_exists($path = $path.'libraries/'.$file_path.$subclass.'.php')) { - $prefix = config_item('subclass_prefix'); - } - else - { - log_message('debug', APPPATH.'libraries/'.$file_path.$subclass.'.php exists, but does not declare '.$subclass); + include_once($path); + if (class_exists($subclass, FALSE)) + { + $prefix = config_item('subclass_prefix'); + break; + } + else + { + log_message('debug', APPPATH.'libraries/'.$file_path.$subclass.'.php exists, but does not declare '.$subclass); + } } } -- cgit v1.2.3-24-g4f1b From 3549be4242d84b4cba0a00ecde0d58c90efbf0cd Mon Sep 17 00:00:00 2001 From: Gabriel Potkány Date: Wed, 25 Mar 2015 14:04:16 +0100 Subject: Fix language overriding for calendar library --- system/libraries/Calendar.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/system/libraries/Calendar.php b/system/libraries/Calendar.php index 014daac58..9059594bb 100644 --- a/system/libraries/Calendar.php +++ b/system/libraries/Calendar.php @@ -131,7 +131,7 @@ class CI_Calendar { { $this->CI =& get_instance(); - if ( ! in_array('calendar_lang.php', $this->CI->lang->is_loaded, TRUE)) + if ( ! array_key_exists('calendar_lang.php', $this->CI->lang->is_loaded)) { $this->CI->lang->load('calendar'); } -- cgit v1.2.3-24-g4f1b From 993e340a9a0e00c5a2cdbbfc47f0c8a24e8e4bf1 Mon Sep 17 00:00:00 2001 From: Joshua Logsdon Date: Wed, 25 Mar 2015 12:03:43 -0400 Subject: Return empty $var immediately Signed-off-by: Joshua Logsdon --- system/core/Common.php | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/system/core/Common.php b/system/core/Common.php index 935c687ab..2b1e844b4 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -741,14 +741,14 @@ if ( ! function_exists('html_escape')) */ function html_escape($var, $double_encode = TRUE) { + // If empty, skip escaping + if (empty($var)) + { + return $var; + } + if (is_array($var)) { - // If empty array, skip escaping - if ( empty($var) ) - { - return $var; - } - return array_map('html_escape', $var, array_fill(0, count($var), $double_encode)); } -- cgit v1.2.3-24-g4f1b From 362ff3ae4b6ce363c9cb07de682180bc447c8e28 Mon Sep 17 00:00:00 2001 From: Joshua Logsdon Date: Wed, 25 Mar 2015 12:08:19 -0400 Subject: Remove comment Signed-off-by: Joshua Logsdon --- system/core/Common.php | 1 - 1 file changed, 1 deletion(-) diff --git a/system/core/Common.php b/system/core/Common.php index 2b1e844b4..f28272b5b 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -741,7 +741,6 @@ if ( ! function_exists('html_escape')) */ function html_escape($var, $double_encode = TRUE) { - // If empty, skip escaping if (empty($var)) { return $var; -- cgit v1.2.3-24-g4f1b From 51fe87aea6a9588f24c9143338bdc5d0975821f9 Mon Sep 17 00:00:00 2001 From: Gabriel Potkány Date: Wed, 25 Mar 2015 19:15:02 +0100 Subject: use isset instead of array_key_exist --- system/libraries/Calendar.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/system/libraries/Calendar.php b/system/libraries/Calendar.php index 9059594bb..42fa00af2 100644 --- a/system/libraries/Calendar.php +++ b/system/libraries/Calendar.php @@ -131,7 +131,7 @@ class CI_Calendar { { $this->CI =& get_instance(); - if ( ! array_key_exists('calendar_lang.php', $this->CI->lang->is_loaded)) + if ( ! isset($this->CI->lang->is_loaded['calendar_lang.php'])) { $this->CI->lang->load('calendar'); } -- cgit v1.2.3-24-g4f1b From 3e2045b3a465e9d70eda44f9c0bc4534c5d3840c Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 26 Mar 2015 12:34:38 +0200 Subject: Polish changes from PR #3678 ... and make it run on 5.2. --- .../codeigniter/libraries/Form_validation_test.php | 154 +++++++++------------ 1 file changed, 63 insertions(+), 91 deletions(-) diff --git a/tests/codeigniter/libraries/Form_validation_test.php b/tests/codeigniter/libraries/Form_validation_test.php index ccdc64785..1bbd1758b 100644 --- a/tests/codeigniter/libraries/Form_validation_test.php +++ b/tests/codeigniter/libraries/Form_validation_test.php @@ -9,10 +9,7 @@ class Form_validation_test extends CI_TestCase { // Create a mock loader since load->helper() looks in the wrong directories for unit tests, // We'll use CI_TestCase->helper() instead $loader = $this->getMock('CI_Loader', array('helper')); - // At current, CI_Form_Validation only calls load->helper("form") - // Assert this so that if that changes this fails fast - $loader->method('helper') - ->with($this->equalTo('form')); + // Same applies for lang $lang = $this->getMock('CI_Lang', array('load')); @@ -31,12 +28,6 @@ class Form_validation_test extends CI_TestCase { $this->form_validation = new CI_Form_validation(); } - public function test___construct() - { - $form_validation = new CI_Form_validation(); - $this->assertNotNull($form_validation); - } - public function test_rule_required() { $rules = array(array('field' => 'foo', 'label' => 'foo_label', 'rules' => 'required')); @@ -47,61 +38,39 @@ class Form_validation_test extends CI_TestCase { } public function test_rule_matches() - { + { $rules = array( array('field' => 'foo', 'label' => 'label', 'rules' => 'required'), - array('field' => 'bar', 'label' => 'label2', 'rules' => 'matches[foo]')); + array('field' => 'bar', 'label' => 'label2', 'rules' => 'matches[foo]') + ); $values_base = array('foo' => 'sample'); - - $this->assertTrue($this->run_rules( - $rules, - array_merge($values_base, array('bar' => '')) - )); - $this->assertTrue($this->run_rules( - $rules, - array_merge($values_base, array('bar' => 'sample')) - )); - - $this->assertFalse($this->run_rules( - $rules, - array_merge($values_base, array('bar' => 'Sample')) - )); - $this->assertFalse($this->run_rules( - $rules, - array_merge($values_base, array('bar' => ' sample')) - )); + + $this->assertTrue($this->run_rules($rules, array_merge($values_base, array('bar' => '')))); + $this->assertTrue($this->run_rules($rules, array_merge($values_base, array('bar' => 'sample')))); + + $this->assertFalse($this->run_rules($rules, array_merge($values_base, array('bar' => 'Sample')))); + $this->assertFalse($this->run_rules($rules, array_merge($values_base, array('bar' => ' sample')))); } public function test_rule_differs() - { + { $rules = array( array('field' => 'foo', 'label' => 'label', 'rules' => 'required'), - array('field' => 'bar', 'label' => 'label2', 'rules' => 'differs[foo]')); + array('field' => 'bar', 'label' => 'label2', 'rules' => 'differs[foo]') + ); $values_base = array('foo' => 'sample'); - - $this->assertTrue($this->run_rules( - $rules, - array_merge($values_base, array('bar' => 'does_not_match')) - )); - $this->assertTrue($this->run_rules( - $rules, - array_merge($values_base, array('bar' => 'Sample')) - )); - $this->assertTrue($this->run_rules( - $rules, - array_merge($values_base, array('bar' => ' sample')) - )); - - $this->assertFalse($this->run_rules( - $rules, - array_merge($values_base, array('bar' => 'sample')) - )); + + $this->assertTrue($this->run_rules($rules, array_merge($values_base, array('bar' => 'does_not_match')))); + $this->assertTrue($this->run_rules($rules, array_merge($values_base, array('bar' => 'Sample')))); + $this->assertTrue($this->run_rules($rules, array_merge($values_base, array('bar' => ' sample')))); + + $this->assertFalse($this->run_rules($rules, array_merge($values_base, array('bar' => 'sample')))); } public function test_rule_min_length() - { + { $this->assertTrue($this->form_validation->min_length('12345', '5')); - $this->assertTrue($this->form_validation->min_length('test', '0')); + $this->assertTrue($this->form_validation->min_length('test', '0')); $this->assertFalse($this->form_validation->min_length('123', '4')); $this->assertFalse($this->form_validation->min_length('should_fail', 'A')); @@ -109,7 +78,7 @@ class Form_validation_test extends CI_TestCase { } public function test_rule_max_length() - { + { $this->assertTrue($this->form_validation->max_length('', '4')); $this->assertTrue($this->form_validation->max_length('1234', '4')); @@ -118,8 +87,8 @@ class Form_validation_test extends CI_TestCase { } public function test_rule_exact_length() - { - $this->assertTrue($this->form_validation->exact_length('1234', '4')); + { + $this->assertTrue($this->form_validation->exact_length('1234', '4')); $this->assertFalse($this->form_validation->exact_length('', '3')); $this->assertFalse($this->form_validation->exact_length('12345', '4')); @@ -129,7 +98,6 @@ class Form_validation_test extends CI_TestCase { public function test_rule_greater_than() { - // Empty input should pass any rule unless required is also specified $this->assertTrue($this->form_validation->greater_than('-10', '-11')); $this->assertTrue($this->form_validation->greater_than('10', '9')); @@ -139,35 +107,35 @@ class Form_validation_test extends CI_TestCase { } public function test_rule_greater_than_equal_to() - { - $this->assertTrue($this->form_validation->greater_than_equal_to('0', '0')); + { + $this->assertTrue($this->form_validation->greater_than_equal_to('0', '0')); $this->assertTrue($this->form_validation->greater_than_equal_to('1', '0')); - $this->assertFalse($this->form_validation->greater_than_equal_to('-1', '0')); + $this->assertFalse($this->form_validation->greater_than_equal_to('-1', '0')); $this->assertFalse($this->form_validation->greater_than_equal_to('10a', '0')); } public function test_rule_less_than() - { + { $this->assertTrue($this->form_validation->less_than('4', '5')); $this->assertTrue($this->form_validation->less_than('-1', '0')); $this->assertFalse($this->form_validation->less_than('4', '4')); - $this->assertFalse($this->form_validation->less_than('10a', '5')); + $this->assertFalse($this->form_validation->less_than('10a', '5')); } public function test_rule_less_than_equal_to() - { + { $this->assertTrue($this->form_validation->less_than_equal_to('-1', '0')); $this->assertTrue($this->form_validation->less_than_equal_to('-1', '-1')); $this->assertTrue($this->form_validation->less_than_equal_to('4', '4')); $this->assertFalse($this->form_validation->less_than_equal_to('0', '-1')); - $this->assertFalse($this->form_validation->less_than_equal_to('10a', '0')); + $this->assertFalse($this->form_validation->less_than_equal_to('10a', '0')); } public function test_rule_in_list() - { + { $this->assertTrue($this->form_validation->in_list('red', 'red,Blue,123')); $this->assertTrue($this->form_validation->in_list('Blue', 'red,Blue,123')); $this->assertTrue($this->form_validation->in_list('123', 'red,Blue,123')); @@ -178,7 +146,7 @@ class Form_validation_test extends CI_TestCase { } public function test_rule_alpha() - { + { $this->assertTrue($this->form_validation->alpha('abcdefghijklmnopqrstuvwxyzABCDEFGHLIJKLMNOPQRSTUVWXYZ')); $this->assertFalse($this->form_validation->alpha('abcdefghijklmnopqrstuvwxyzABCDEFGHLIJKLMNOPQRSTUVWXYZ ')); @@ -187,7 +155,7 @@ class Form_validation_test extends CI_TestCase { } public function test_rule_alpha_numeric() - { + { $this->assertTrue($this->form_validation->alpha_numeric('abcdefghijklmnopqrstuvwxyzABCDEFGHLIJKLMNOPQRSTUVWXYZ0123456789')); $this->assertFalse($this->form_validation->alpha_numeric('abcdefghijklmnopqrstuvwxyzABCDEFGHLIJKLMNOPQRSTUVWXYZ0123456789\ ')); @@ -195,21 +163,21 @@ class Form_validation_test extends CI_TestCase { } public function test_rule_alpha_numeric_spaces() - { + { $this->assertTrue($this->form_validation->alpha_numeric_spaces(' abcdefghijklmnopqrstuvwxyzABCDEFGHLIJKLMNOPQRSTUVWXYZ0123456789')); $this->assertFalse($this->form_validation->alpha_numeric_spaces(' abcdefghijklmnopqrstuvwxyzABCDEFGHLIJKLMNOPQRSTUVWXYZ0123456789_')); } public function test_rule_alpha_dash() - { + { $this->assertTrue($this->form_validation->alpha_dash('abcdefghijklmnopqrstuvwxyzABCDEFGHLIJKLMNOPQRSTUVWXYZ0123456789-_')); $this->assertFalse($this->form_validation->alpha_dash('abcdefghijklmnopqrstuvwxyzABCDEFGHLIJKLMNOPQRSTUVWXYZ0123456789-_\ ')); } public function test_rule_numeric() - { + { $this->assertTrue($this->form_validation->numeric('0')); $this->assertTrue($this->form_validation->numeric('12314')); $this->assertTrue($this->form_validation->numeric('-42')); @@ -219,7 +187,7 @@ class Form_validation_test extends CI_TestCase { } public function test_rule_integer() - { + { $this->assertTrue($this->form_validation->integer('0')); $this->assertTrue($this->form_validation->integer('42')); $this->assertTrue($this->form_validation->integer('-1')); @@ -230,7 +198,7 @@ class Form_validation_test extends CI_TestCase { } public function test_rule_decimal() - { + { $this->assertTrue($this->form_validation->decimal('1.0')); $this->assertTrue($this->form_validation->decimal('-0.98')); @@ -241,7 +209,7 @@ class Form_validation_test extends CI_TestCase { } public function test_rule_is_natural() - { + { $this->assertTrue($this->form_validation->is_natural('0')); $this->assertTrue($this->form_validation->is_natural('12')); @@ -250,7 +218,7 @@ class Form_validation_test extends CI_TestCase { } public function test_rule_is_natural_no_zero() - { + { $this->assertTrue($this->form_validation->is_natural_no_zero('42')); $this->assertFalse($this->form_validation->is_natural_no_zero('0')); @@ -259,24 +227,24 @@ class Form_validation_test extends CI_TestCase { } public function test_rule_valid_url() - { + { $this->assertTrue($this->form_validation->valid_url('www.codeigniter.com')); $this->assertTrue($this->form_validation->valid_url('http://codeigniter.eu')); - + $this->assertFalse($this->form_validation->valid_url('htt://www.codeIgniter.com')); $this->assertFalse($this->form_validation->valid_url('')); $this->assertFalse($this->form_validation->valid_url('code igniter')); } public function test_rule_valid_email() - { + { $this->assertTrue($this->form_validation->valid_email('email@sample.com')); $this->assertFalse($this->form_validation->valid_email('valid_email', '@sample.com')); } public function test_rule_valid_emails() - { + { $this->assertTrue($this->form_validation->valid_emails('1@sample.com,2@sample.com')); $this->assertTrue($this->form_validation->valid_emails('email@sample.com')); @@ -285,7 +253,7 @@ class Form_validation_test extends CI_TestCase { } public function test_rule_valid_ip() - { + { $this->assertTrue($this->form_validation->valid_ip('127.0.0.1')); $this->assertTrue($this->form_validation->valid_ip('127.0.0.1', 'ipv4')); $this->assertTrue($this->form_validation->valid_ip('2001:0db8:85a3:0000:0000:8a2e:0370:7334')); @@ -298,22 +266,22 @@ class Form_validation_test extends CI_TestCase { } public function test_rule_valid_base64() - { + { $this->assertTrue($this->form_validation->valid_base64(base64_encode('string'))); $this->assertFalse($this->form_validation->valid_base64('FA08GG')); } - + public function test_set_data() { // Reset test environment - $_POST = array(); + $_POST = array(); $this->form_validation->reset_validation(); $data = array('field' => 'some_data'); $this->form_validation->set_data($data); $this->form_validation->set_rules('field', 'label', 'required'); $this->assertTrue($this->form_validation->run()); - + // Test with empty array $_POST = array(); $this->form_validation->reset_validation(); @@ -322,9 +290,9 @@ class Form_validation_test extends CI_TestCase { // This should do nothing. Old data will still be used $this->form_validation->set_data(array()); $this->form_validation->set_rules('field', 'label', 'required'); - $this->assertTrue($this->form_validation->run()); + $this->assertTrue($this->form_validation->run()); } - + public function test_set_message() { // Reset test environment @@ -340,24 +308,29 @@ class Form_validation_test extends CI_TestCase { ); $errorless_data = array('req_field' => 'some text'); $erroneous_data = array('req_field' => ''); - + $this->form_validation->set_message('required', $err_message); $this->form_validation->set_data($erroneous_data); - $this->form_validation->set_rules($rules); + $this->form_validation->set_rules($rules); $this->form_validation->run(); $this->assertEquals('

'.$err_message.'

', $this->form_validation->error('req_field')); - + $this->form_validation->reset_validation(); $this->form_validation->set_message('required', $err_message); $this->form_validation->set_data($errorless_data); $this->form_validation->set_rules($rules); $this->form_validation->run(); - $this->assertEquals('', $this->form_validation->error('req_field')); + $this->assertEquals('', $this->form_validation->error('req_field')); } + /** + * Run rules + * + * Helper method to set rules and run them at once, not + * an actual test case. + */ public function run_rules($rules, $values) { -// $this->markTestSkipped('Not designed to be a unit test'); $this->form_validation->reset_validation(); $_POST = array(); @@ -366,8 +339,7 @@ class Form_validation_test extends CI_TestCase { { $_POST[$field] = $value; } - + return $this->form_validation->run(); } - } -- cgit v1.2.3-24-g4f1b From 2f79f9a9e8a5b167ce899609a2058c4d2f480aa8 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 26 Mar 2015 12:52:05 +0200 Subject: Improve Session GC for files driver Close #3701 --- system/libraries/Session/drivers/Session_files_driver.php | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php index 74528e9d2..45da91c46 100644 --- a/system/libraries/Session/drivers/Session_files_driver.php +++ b/system/libraries/Session/drivers/Session_files_driver.php @@ -326,7 +326,7 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle */ public function gc($maxlifetime) { - if ( ! is_dir($this->_config['save_path']) OR ($files = scandir($this->_config['save_path'])) === FALSE) + if ( ! is_dir($this->_config['save_path']) OR ($directory = opendir($this->_config['save_path'])) === FALSE) { log_message('debug', "Session: Garbage collector couldn't list files under directory '".$this->_config['save_path']."'."); return FALSE; @@ -340,7 +340,7 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle ($this->_config['match_ip'] === TRUE ? 72 : 40) ); - foreach ($files as $file) + while (($file = readdir($directory)) !== FALSE) { // If the filename doesn't match this pattern, it's either not a session file or is not ours if ( ! preg_match($pattern, $file) @@ -354,6 +354,8 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle unlink($this->_config['save_path'].DIRECTORY_SEPARATOR.$file); } + closedir($directory); + return TRUE; } -- cgit v1.2.3-24-g4f1b From 998608ec0cfbbc1b8fd2646abd4018765e413e99 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 26 Mar 2015 13:01:56 +0200 Subject: Apply #2737 fix to CI_Xmlrpcs 3aecedbbb017567925f76ae68b726bd22b4cc80c Also related: #3703 --- system/libraries/Xmlrpcs.php | 27 ++++++++++++++------------- 1 file changed, 14 insertions(+), 13 deletions(-) diff --git a/system/libraries/Xmlrpcs.php b/system/libraries/Xmlrpcs.php index af7041337..c2768445e 100644 --- a/system/libraries/Xmlrpcs.php +++ b/system/libraries/Xmlrpcs.php @@ -233,14 +233,15 @@ class CI_Xmlrpcs extends CI_Xmlrpc { $parser = xml_parser_create($this->xmlrpc_defencoding); $parser_object = new XML_RPC_Message('filler'); - - $parser_object->xh[$parser] = array( - 'isf' => 0, - 'isf_reason' => '', - 'params' => array(), - 'stack' => array(), - 'valuestack' => array(), - 'method' => '' + $pname = (string) $parser; + + $parser_object->xh[$pname] = array( + 'isf' => 0, + 'isf_reason' => '', + 'params' => array(), + 'stack' => array(), + 'valuestack' => array(), + 'method' => '' ); xml_set_object($parser, $parser_object); @@ -263,7 +264,7 @@ class CI_Xmlrpcs extends CI_Xmlrpc { xml_get_current_line_number($parser))); xml_parser_free($parser); } - elseif ($parser_object->xh[$parser]['isf']) + elseif ($parser_object->xh[$pname]['isf']) { return new XML_RPC_Response(0, $this->xmlrpcerr['invalid_return'], $this->xmlrpcstr['invalid_return']); } @@ -271,17 +272,17 @@ class CI_Xmlrpcs extends CI_Xmlrpc { { xml_parser_free($parser); - $m = new XML_RPC_Message($parser_object->xh[$parser]['method']); + $m = new XML_RPC_Message($parser_object->xh[$pname]['method']); $plist = ''; - for ($i = 0, $c = count($parser_object->xh[$parser]['params']); $i < $c; $i++) + for ($i = 0, $c = count($parser_object->xh[$pname]['params']); $i < $c; $i++) { if ($this->debug === TRUE) { - $plist .= $i.' - '.print_r(get_object_vars($parser_object->xh[$parser]['params'][$i]), TRUE).";\n"; + $plist .= $i.' - '.print_r(get_object_vars($parser_object->xh[$pname]['params'][$i]), TRUE).";\n"; } - $m->addParam($parser_object->xh[$parser]['params'][$i]); + $m->addParam($parser_object->xh[$pname]['params'][$i]); } if ($this->debug === TRUE) -- cgit v1.2.3-24-g4f1b From aebd039a61cb5135b31ab0b8d9d95ed3fb678c7b Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 26 Mar 2015 14:15:34 +0200 Subject: Add FSCommand and seekSegmentTime to evil HTML attributes list --- system/core/Security.php | 2 +- tests/codeigniter/core/Security_test.php | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/system/core/Security.php b/system/core/Security.php index 216f0e98b..da497762d 100644 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -772,7 +772,7 @@ class CI_Security { */ protected function _remove_evil_attributes($str, $is_image) { - $evil_attributes = array('on\w*', 'style', 'xmlns', 'formaction', 'form', 'xlink:href'); + $evil_attributes = array('on\w*', 'style', 'xmlns', 'formaction', 'form', 'xlink:href', 'FSCommand', 'seekSegmentTime'); if ($is_image === TRUE) { diff --git a/tests/codeigniter/core/Security_test.php b/tests/codeigniter/core/Security_test.php index b5524da0f..3acd2a598 100644 --- a/tests/codeigniter/core/Security_test.php +++ b/tests/codeigniter/core/Security_test.php @@ -144,6 +144,8 @@ class Security_test extends CI_TestCase { $this->assertEquals('', $this->security->remove_evil_attributes('', FALSE)); $this->assertEquals('onOutsideOfTag=test', $this->security->remove_evil_attributes('onOutsideOfTag=test', FALSE)); $this->assertEquals('onNoTagAtAll = true', $this->security->remove_evil_attributes('onNoTagAtAll = true', FALSE)); + $this->assertEquals('', $this->security->remove_evil_attributes('', FALSE)); + $this->assertEquals('', $this->security->remove_evil_attributes('', FALSE)); } // -------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From 03404890a5a0ea9c5e02c235a94312741bdf05b2 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 26 Mar 2015 20:58:19 +0200 Subject: Remove an unnecessary check #3700 #3706 --- system/libraries/Calendar.php | 6 +----- tests/codeigniter/core/Lang_test.php | 3 +-- 2 files changed, 2 insertions(+), 7 deletions(-) diff --git a/system/libraries/Calendar.php b/system/libraries/Calendar.php index 42fa00af2..f6a0c39c4 100644 --- a/system/libraries/Calendar.php +++ b/system/libraries/Calendar.php @@ -130,11 +130,7 @@ class CI_Calendar { public function __construct($config = array()) { $this->CI =& get_instance(); - - if ( ! isset($this->CI->lang->is_loaded['calendar_lang.php'])) - { - $this->CI->lang->load('calendar'); - } + $this->CI->lang->load('calendar'); empty($config) OR $this->initialize($config); diff --git a/tests/codeigniter/core/Lang_test.php b/tests/codeigniter/core/Lang_test.php index 87a71c885..929bc2ffd 100644 --- a/tests/codeigniter/core/Lang_test.php +++ b/tests/codeigniter/core/Lang_test.php @@ -32,7 +32,7 @@ class Lang_test extends CI_TestCase { // A language other than english $this->ci_vfs_clone('system/language/english/email_lang.php', 'system/language/german/'); $this->assertTrue($this->lang->load('email', 'german')); - $this->assertEquals('german', $this->lang->is_loaded['email_lang.php'] ); + $this->assertEquals('german', $this->lang->is_loaded['email_lang.php']); // Non-alpha idiom (should act the same as unspecified language) $this->ci_vfs_clone('system/language/english/number_lang.php'); @@ -60,5 +60,4 @@ class Lang_test extends CI_TestCase { $this->assertFalse($this->lang->line('nonexistent_string')); $this->assertFalse($this->lang->line(NULL)); } - } -- cgit v1.2.3-24-g4f1b From 068ab206d84bf1668832988932dc61cfb3103bf8 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 26 Mar 2015 21:03:38 +0200 Subject: Minor fixes in CI_Security::entity_decode() --- system/core/Security.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/system/core/Security.php b/system/core/Security.php index da497762d..9cef42439 100644 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -656,7 +656,7 @@ class CI_Security { { $_entities[':'] = ':'; $_entities['('] = '('; - $_entities[')'] = '&rpar'; + $_entities[')'] = ')'; $_entities["\n"] = '&newline;'; $_entities["\t"] = '&tab;'; } @@ -664,11 +664,11 @@ class CI_Security { $replace = array(); $matches = array_unique(array_map('strtolower', $matches[0])); - for ($i = 0, $c = count($matches); $i < $c; $i++) + foreach ($matches as &$match) { - if (($char = array_search($matches[$i].';', $_entities, TRUE)) !== FALSE) + if (($char = array_search($match.';', $_entities, TRUE)) !== FALSE) { - $replace[$matches[$i]] = $char; + $replace[$match] = $char; } } -- cgit v1.2.3-24-g4f1b From 7abc08acbeec7437b72d44e5e1a3500f7f6ac766 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 26 Mar 2015 21:10:49 +0200 Subject: Fix #3703 --- system/libraries/Xmlrpcs.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/system/libraries/Xmlrpcs.php b/system/libraries/Xmlrpcs.php index c2768445e..00d1feca6 100644 --- a/system/libraries/Xmlrpcs.php +++ b/system/libraries/Xmlrpcs.php @@ -223,7 +223,7 @@ class CI_Xmlrpcs extends CI_Xmlrpc { $CI =& get_instance(); if ($CI->input->method() === 'post') { - $data = http_build_query($CI->input->input_stream(NULL, FALSE)); + $data = $CI->input->raw_input_stream; } } -- cgit v1.2.3-24-g4f1b From 6f30b1ad3f51470cd2ffe95447806dbf527f6938 Mon Sep 17 00:00:00 2001 From: Master Yoda Date: Fri, 27 Mar 2015 09:38:23 -0700 Subject: Fix an example in the tutorial. Signed-off-by:Master Yoda --- user_guide_src/source/tutorial/static_pages.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/user_guide_src/source/tutorial/static_pages.rst b/user_guide_src/source/tutorial/static_pages.rst index 210d9f8d6..0c75d5a34 100644 --- a/user_guide_src/source/tutorial/static_pages.rst +++ b/user_guide_src/source/tutorial/static_pages.rst @@ -64,7 +64,7 @@ following code. -

CodeIgniter Tutorial

+

The header contains the basic HTML code that you'll want to display before loading the main view, together with a heading. It will also -- cgit v1.2.3-24-g4f1b From 32e7ba3560a2c2c3a72236463091049c51a518ec Mon Sep 17 00:00:00 2001 From: Cyrille TOULET Date: Fri, 27 Mar 2015 19:28:10 +0100 Subject: Fix an "strpos(): Empty needle" warning Signed-off-by: Cyrille TOULET --- system/core/URI.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/system/core/URI.php b/system/core/URI.php index e96749456..43a0a9caa 100644 --- a/system/core/URI.php +++ b/system/core/URI.php @@ -205,11 +205,11 @@ class CI_URI { $query = isset($uri['query']) ? $uri['query'] : ''; $uri = isset($uri['path']) ? $uri['path'] : ''; - if (strpos($uri, $_SERVER['SCRIPT_NAME']) === 0) + if (!empty($_SERVER['SCRIPT_NAME']) && strpos($uri, $_SERVER['SCRIPT_NAME']) === 0) { $uri = (string) substr($uri, strlen($_SERVER['SCRIPT_NAME'])); } - elseif (strpos($uri, dirname($_SERVER['SCRIPT_NAME'])) === 0) + elseif (!empty($_SERVER['SCRIPT_NAME']) && strpos($uri, dirname($_SERVER['SCRIPT_NAME'])) === 0) { $uri = (string) substr($uri, strlen(dirname($_SERVER['SCRIPT_NAME']))); } -- cgit v1.2.3-24-g4f1b From 5bc1dc5257577f2afd562f5b039ad95d57befdb1 Mon Sep 17 00:00:00 2001 From: David Woods Date: Fri, 27 Mar 2015 22:41:58 -0700 Subject: Added more units tests for Form_validation Up to 65% coverage Signed-off-by: David Woods --- .../codeigniter/libraries/Form_validation_test.php | 110 ++++++++++++++++++++- 1 file changed, 108 insertions(+), 2 deletions(-) diff --git a/tests/codeigniter/libraries/Form_validation_test.php b/tests/codeigniter/libraries/Form_validation_test.php index 1bbd1758b..19e7beeee 100644 --- a/tests/codeigniter/libraries/Form_validation_test.php +++ b/tests/codeigniter/libraries/Form_validation_test.php @@ -248,7 +248,7 @@ class Form_validation_test extends CI_TestCase { $this->assertTrue($this->form_validation->valid_emails('1@sample.com,2@sample.com')); $this->assertTrue($this->form_validation->valid_emails('email@sample.com')); - $this->assertFalse($this->form_validation->valid_emails('valid_email', '@sample.com')); + $this->assertFalse($this->form_validation->valid_emails('valid_email', '@sample.com')); $this->assertFalse($this->form_validation->valid_emails('@sample.com,2@sample.com,validemail@email.ca')); } @@ -313,7 +313,7 @@ class Form_validation_test extends CI_TestCase { $this->form_validation->set_data($erroneous_data); $this->form_validation->set_rules($rules); $this->form_validation->run(); - $this->assertEquals('

'.$err_message.'

', $this->form_validation->error('req_field')); + $this->assertEquals('

' . $err_message . '

', $this->form_validation->error('req_field')); $this->form_validation->reset_validation(); $this->form_validation->set_message('required', $err_message); @@ -323,6 +323,111 @@ class Form_validation_test extends CI_TestCase { $this->assertEquals('', $this->form_validation->error('req_field')); } + public function test_set_error_delimiters() + { + $this->form_validation->reset_validation(); + $prefix = '
'; + $suffix = '
'; + $this->form_validation->set_error_delimiters($prefix, $suffix); + $this->form_validation->set_rules('foo', 'label', 'required'); + $_POST = array('foo' => ''); + $this->form_validation->run(); + $error_msg = $this->form_validation->error('foo'); + + $this->assertTrue(strrpos($error_msg, $prefix) === 0); + $this->assertTrue(strrpos($error_msg, $suffix, -strlen($suffix)) === (strlen($error_msg) - strlen($suffix))); + } + + public function test_error_array() + { + $this->form_validation->reset_validation(); + $error_message = 'What a terrible error!'; + $this->form_validation->set_message('required', $error_message); + $this->form_validation->set_rules('foo', 'label', 'required'); + $_POST = array('foo' => ''); + $this->form_validation->run(); + $this->assertEquals($error_message, $this->form_validation->error_array()['foo']); + } + + public function test_error_string() + { + $this->form_validation->reset_validation(); + $error_message = 'What a terrible error!'; + $prefix_default = ''; + $suffix_default = ''; + $prefix_test = ''; + $suffix_test = ''; + $this->form_validation->set_error_delimiters($prefix_default, $suffix_default); + $this->form_validation->set_message('required', $error_message); + $this->form_validation->set_rules('foo', 'label', 'required'); + $_POST = array('foo' => ''); + $this->form_validation->run(); + + $this->assertEquals($prefix_default . $error_message . $suffix_default . "\n", $this->form_validation->error_string()); + $this->assertEquals($prefix_test . $error_message . $suffix_default . "\n", $this->form_validation->error_string($prefix_test, '')); + $this->assertEquals($prefix_default . $error_message . $suffix_test . "\n", $this->form_validation->error_string('', $suffix_test)); + $this->assertEquals($prefix_test . $error_message . $suffix_test . "\n", $this->form_validation->error_string($prefix_test, $suffix_test)); + + $this->form_validation->reset_validation(); + $this->form_validation->set_rules('foo', 'label', 'required'); + $_POST = array('foo' => 'bar'); + $this->form_validation->run(); + $this->assertEquals('', $this->form_validation->error_string()); + } + + public function test_run() + { + // form_validation->run() is tested in many of the other unit tests + // This test will only test run(group='') when group is not empty + $config = array( + 'pass' => array( + array( + 'field' => 'username', + 'label' => 'user', + 'rules' => 'alpha_numeric' + ) + ), + 'fail' => array( + array( + 'field' => 'username', + 'label' => 'user', + 'rules' => 'alpha' + ) + ) + ); + $_POST = array('username' => 'foo42'); + $form_validation = new CI_Form_validation($config); + $this->assertTrue($form_validation->run('pass')); + + $form_validation = new CI_Form_validation($config); + $this->assertFalse($form_validation->run('fail')); + } + + public function test_has_rule() + { + $this->form_validation->reset_validation(); + $this->form_validation->set_rules('foo', 'label', 'required'); + + $this->assertTrue($this->form_validation->has_rule('foo')); + $this->assertFalse($this->form_validation->has_rule('bar')); + } + + public function test_set_value() + { + $this->form_validation->reset_validation(); + $default = 'default'; + $this->form_validation->set_rules('foo', 'label', 'required'); + $this->form_validation->set_rules('bar[]', 'label', 'required'); + + // No post data yet: should return the default value provided + $this->assertEquals($default, $this->form_validation->set_value('foo', $default)); + $_POST = array('foo' => 'foo', 'bar' => array('bar1', 'bar2')); + $this->form_validation->run(); + $this->assertEquals('foo', $this->form_validation->set_value('foo', $default)); + $this->assertEquals('bar1', $this->form_validation->set_value('bar[]', $default)); + $this->assertEquals('bar2', $this->form_validation->set_value('bar[]', $default)); + } + /** * Run rules * @@ -342,4 +447,5 @@ class Form_validation_test extends CI_TestCase { return $this->form_validation->run(); } + } -- cgit v1.2.3-24-g4f1b From ead327f7fd53946dc61dbd0562d9f7f3d19e802c Mon Sep 17 00:00:00 2001 From: Cyrille TOULET Date: Sun, 29 Mar 2015 14:53:16 +0200 Subject: Fix an "strpos(): Empty needle" warning Signed-off-by: Cyrille TOULET --- system/core/URI.php | 19 +++++++++++-------- 1 file changed, 11 insertions(+), 8 deletions(-) diff --git a/system/core/URI.php b/system/core/URI.php index 43a0a9caa..9c8e37f0f 100644 --- a/system/core/URI.php +++ b/system/core/URI.php @@ -205,14 +205,17 @@ class CI_URI { $query = isset($uri['query']) ? $uri['query'] : ''; $uri = isset($uri['path']) ? $uri['path'] : ''; - if (!empty($_SERVER['SCRIPT_NAME']) && strpos($uri, $_SERVER['SCRIPT_NAME']) === 0) - { - $uri = (string) substr($uri, strlen($_SERVER['SCRIPT_NAME'])); - } - elseif (!empty($_SERVER['SCRIPT_NAME']) && strpos($uri, dirname($_SERVER['SCRIPT_NAME'])) === 0) - { - $uri = (string) substr($uri, strlen(dirname($_SERVER['SCRIPT_NAME']))); - } + if (isset($_SERVER['SCRIPT_NAME'][0])) + { + if (strpos($uri, $_SERVER['SCRIPT_NAME']) === 0) + { + $uri = (string) substr($uri, strlen($_SERVER['SCRIPT_NAME'])); + } + elseif (strpos($uri, dirname($_SERVER['SCRIPT_NAME'])) === 0) + { + $uri = (string) substr($uri, strlen(dirname($_SERVER['SCRIPT_NAME']))); + } + } // This section ensures that even on servers that require the URI to be in the query string (Nginx) a correct // URI is found, and also fixes the QUERY_STRING server var and $_GET array. -- cgit v1.2.3-24-g4f1b From cbc21b9bdbaeb2defd47c0808d47801ab1a14ede Mon Sep 17 00:00:00 2001 From: Heesung Ahn Date: Sun, 29 Mar 2015 13:59:16 -0400 Subject: Increased code coverage Signed-off-by:Heesung Ahn --- tests/codeigniter/core/Lang_test.php | 25 ++++++++++++++++++++++++- 1 file changed, 24 insertions(+), 1 deletion(-) diff --git a/tests/codeigniter/core/Lang_test.php b/tests/codeigniter/core/Lang_test.php index 929bc2ffd..3c1e19db3 100644 --- a/tests/codeigniter/core/Lang_test.php +++ b/tests/codeigniter/core/Lang_test.php @@ -38,7 +38,7 @@ class Lang_test extends CI_TestCase { $this->ci_vfs_clone('system/language/english/number_lang.php'); $this->assertTrue($this->lang->load('number')); $this->assertEquals('Bytes', $this->lang->language['bytes']); - + // Non-existent file $this->setExpectedException( 'RuntimeException', @@ -46,7 +46,30 @@ class Lang_test extends CI_TestCase { ); $this->lang->load('nonexistent'); } + + // -------------------------------------------------------------------- + + public function test_multiple_file_load() + { + // Multiple files + $this->ci_vfs_clone('system/language/english/profiler_lang.php'); + $files = Array('profiler', 'nonexistent'); + $this->setExpectedException( + 'RuntimeException', + 'CI Error: Unable to load the requested language file: language/english/nonexistent_lang.php' + ); + $this->assertTrue($this->lang->load($files, 'english')); + } + // -------------------------------------------------------------------- + + public function test_alternative_path_load() + { + // Alternative Path + $this->ci_vfs_clone('system/language/english/profiler_lang.php'); + $this->assertTrue($this->lang->load('profiler', 'english', FALSE, TRUE, 'vfs://system/')); + } + // -------------------------------------------------------------------- /** -- cgit v1.2.3-24-g4f1b From 4924115bdf8042850e7934d0ab66fe451e7c778b Mon Sep 17 00:00:00 2001 From: Heesung Ahn Date: Sun, 29 Mar 2015 15:10:16 -0400 Subject: removed space Signed-off-by:Heesung Ahn --- tests/codeigniter/core/Lang_test.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/codeigniter/core/Lang_test.php b/tests/codeigniter/core/Lang_test.php index 3c1e19db3..a4db7a9c2 100644 --- a/tests/codeigniter/core/Lang_test.php +++ b/tests/codeigniter/core/Lang_test.php @@ -38,7 +38,7 @@ class Lang_test extends CI_TestCase { $this->ci_vfs_clone('system/language/english/number_lang.php'); $this->assertTrue($this->lang->load('number')); $this->assertEquals('Bytes', $this->lang->language['bytes']); - + // Non-existent file $this->setExpectedException( 'RuntimeException', -- cgit v1.2.3-24-g4f1b From 7df6771e33c43b86a9e0bb8beb9d55aafec3b978 Mon Sep 17 00:00:00 2001 From: Heesung Ahn Date: Sun, 29 Mar 2015 16:27:06 -0400 Subject: Improved unit test code coverage. Signed-off-by:Heesung Ahn --- tests/codeigniter/core/Loader_test.php | 46 ++++++++++++++++++++++++++++++++++ 1 file changed, 46 insertions(+) diff --git a/tests/codeigniter/core/Loader_test.php b/tests/codeigniter/core/Loader_test.php index 9e2092e05..64632c056 100644 --- a/tests/codeigniter/core/Loader_test.php +++ b/tests/codeigniter/core/Loader_test.php @@ -22,6 +22,9 @@ class Loader_test extends CI_TestCase { public function test_library() { + // Test getting CI_Loader object + $this->assertInstanceOf('CI_Loader', $this->load->library(NULL)); + // Create library in VFS $lib = 'unit_test_lib'; $class = 'CI_'.ucfirst($lib); @@ -34,6 +37,13 @@ class Loader_test extends CI_TestCase { $this->assertInstanceOf('CI_Loader', $this->load->library(array($lib))); $this->assertTrue(class_exists($class), $class.' does not exist'); $this->assertAttributeInstanceOf($class, $lib, $this->ci_obj); + + // Create library in VFS + $lib = Array('unit_test_lib'=>'unit_test_lib'); + + // Test loading as an array (int). + $this->assertInstanceOf('CI_Loader', $this->load->library($lib)); + $this->assertTrue(class_exists($class), $class.' does not exist'); // Test a string given to params $this->assertInstanceOf('CI_Loader', $this->load->library($lib, ' ')); @@ -316,6 +326,24 @@ class Loader_test extends CI_TestCase { $this->assertEquals($val1, $this->load->get_var($key1)); $this->assertEquals(array($key1 => $val1, $key2 => $val2), $this->load->get_vars()); } + + // -------------------------------------------------------------------- + + public function test_clear_vars() + { + $key1 = 'foo'; + $val1 = 'bar'; + $key2 = 'boo'; + $val2 = 'hoo'; + $this->assertInstanceOf('CI_Loader', $this->load->vars(array($key1 => $val1))); + $this->assertInstanceOf('CI_Loader', $this->load->vars($key2, $val2)); + $this->assertEquals($val1, $this->load->get_var($key1)); + $this->assertEquals(array($key1 => $val1, $key2 => $val2), $this->load->get_vars()); + + $this->assertInstanceOf('CI_Loader', $this->load->clear_vars()); + $this->assertEquals('', $this->load->get_var($key1)); + $this->assertEquals('', $this->load->get_var($key2)); + } // -------------------------------------------------------------------- @@ -443,6 +471,24 @@ class Loader_test extends CI_TestCase { // -------------------------------------------------------------------- + public function test_remove_package_path() + { + $dir = 'third-party'; + $path = APPPATH.$dir.'/'; + $path2 = APPPATH.'another/'; + $paths = $this->load->get_package_paths(TRUE); + + $this->assertInstanceOf('CI_Loader', $this->load->add_package_path($path)); + $this->assertInstanceOf('CI_Loader', $this->load->remove_package_path($path)); + $this->assertEquals($paths, $this->load->get_package_paths(TRUE)); + + $this->assertInstanceOf('CI_Loader', $this->load->add_package_path($path2)); + $this->assertInstanceOf('CI_Loader', $this->load->remove_package_path()); + $this->assertNotContains($path2, $this->load->get_package_paths(TRUE)); + } + + // -------------------------------------------------------------------- + public function test_load_config() { $cfg = 'someconfig'; -- cgit v1.2.3-24-g4f1b From 4b02f1d9545d40fb97c271078e4352693791abaf Mon Sep 17 00:00:00 2001 From: David Woods Date: Sun, 29 Mar 2015 22:46:14 -0700 Subject: Added more unit tests to CI_Form_validation Unit tests for set_select, set_checkbox, and set_radio currently all fail for the same reason. Signed-off-by: David Woods --- .../codeigniter/libraries/Form_validation_test.php | 147 +++++++++++++++++++++ 1 file changed, 147 insertions(+) diff --git a/tests/codeigniter/libraries/Form_validation_test.php b/tests/codeigniter/libraries/Form_validation_test.php index 19e7beeee..38eb11a34 100644 --- a/tests/codeigniter/libraries/Form_validation_test.php +++ b/tests/codeigniter/libraries/Form_validation_test.php @@ -428,6 +428,153 @@ class Form_validation_test extends CI_TestCase { $this->assertEquals('bar2', $this->form_validation->set_value('bar[]', $default)); } + public function test_set_select() + { + // Test 1: No options selected + $this->form_validation->reset_validation(); + $this->form_validation->set_rules('select', 'label', 'alpha_numeric'); + $_POST = array(); + $this->form_validation->run(); + + $this->assertEquals('', $this->form_validation->set_select('select', 'foo')); + // This fails. Default is only used when no rules are defined. Is this really the desired behaviour? + $this->assertEquals(' selected="selected"', $this->form_validation->set_select('select', 'bar', TRUE)); + + // Test 2: 1 option selected + $this->form_validation->reset_validation(); + $this->form_validation->set_rules('select', 'label', 'alpha_numeric'); + $_POST = array('select' => 'foo'); + $this->form_validation->run(); + + $this->assertEquals(' selected="selected"', $this->form_validation->set_select('select', 'foo')); + $this->assertEquals(' selected="selected"', $this->form_validation->set_select('select', 'foo', TRUE)); + $this->assertEquals('', $this->form_validation->set_select('select', 'bar')); + $this->assertEquals('', $this->form_validation->set_select('select', 'bar', TRUE)); + + // Test 3: Multiple options selected + $this->form_validation->reset_validation(); + $this->form_validation->set_rules('select', 'label', 'alpha_numeric'); + $_POST = array('select' => array('foo', 'bar')); + $this->form_validation->run(); + + $this->assertEquals(' selected="selected"', $this->form_validation->set_select('select', 'foo')); + $this->assertEquals(' selected="selected"', $this->form_validation->set_select('select', 'foo', TRUE)); + $this->assertEquals(' selected="selected"', $this->form_validation->set_select('select', 'bar')); + $this->assertEquals(' selected="selected"', $this->form_validation->set_select('select', 'bar', TRUE)); + $this->assertEquals('', $this->form_validation->set_select('select', 'foobar')); + $this->assertEquals('', $this->form_validation->set_select('select', 'foobar', TRUE)); + } + + public function test_set_radio() + { + // Test 1: No options selected + $this->form_validation->reset_validation(); + $this->form_validation->set_rules('select', 'label', 'alpha_numeric'); + $_POST = array(); + $this->form_validation->run(); + + $this->assertEquals('', $this->form_validation->set_radio('select', 'foo')); + // This fails. Default is only used when no rules are defined. Is this really the desired behaviour? + $this->assertEquals(' checked="checked"', $this->form_validation->set_radio('select', 'bar', TRUE)); + + // Test 2: 1 option selected + $this->form_validation->reset_validation(); + $this->form_validation->set_rules('select', 'label', 'alpha_numeric'); + $_POST = array('select' => 'foo'); + $this->form_validation->run(); + + $this->assertEquals(' checked="checked"', $this->form_validation->set_radio('select', 'foo')); + $this->assertEquals(' checked="checked"', $this->form_validation->set_radio('select', 'foo', TRUE)); + $this->assertEquals('', $this->form_validation->set_radio('select', 'bar')); + $this->assertEquals('', $this->form_validation->set_radio('select', 'bar', TRUE)); + + // Test 3: Multiple options checked + $this->form_validation->reset_validation(); + $this->form_validation->set_rules('select', 'label', 'alpha_numeric'); + $_POST = array('select' => array('foo', 'bar')); + $this->form_validation->run(); + + $this->assertEquals(' checked="checked"', $this->form_validation->set_radio('select', 'foo')); + $this->assertEquals(' checked="checked"', $this->form_validation->set_radio('select', 'foo', TRUE)); + $this->assertEquals(' checked="checked"', $this->form_validation->set_radio('select', 'bar')); + $this->assertEquals(' checked="checked"', $this->form_validation->set_radio('select', 'bar', TRUE)); + $this->assertEquals('', $this->form_validation->set_radio('select', 'foobar')); + $this->assertEquals('', $this->form_validation->set_radio('select', 'foobar', TRUE)); + } + + public function test_set_checkbox() + { + // Test 1: No options selected + $this->form_validation->reset_validation(); + $this->form_validation->set_rules('select', 'label', 'alpha_numeric'); + $_POST = array(); + $this->form_validation->run(); + + $this->assertEquals('', $this->form_validation->set_checkbox('select', 'foo')); + // This fails. Default is only used when no rules are defined. Is this really the desired behaviour? + $this->assertEquals(' checked="checked"', $this->form_validation->set_checkbox('select', 'bar', TRUE)); + + // Test 2: 1 option selected + $this->form_validation->reset_validation(); + $this->form_validation->set_rules('select', 'label', 'alpha_numeric'); + $_POST = array('select' => 'foo'); + $this->form_validation->run(); + + $this->assertEquals(' checked="checked"', $this->form_validation->set_checkbox('select', 'foo')); + $this->assertEquals(' checked="checked"', $this->form_validation->set_checkbox('select', 'foo', TRUE)); + $this->assertEquals('', $this->form_validation->set_checkbox('select', 'bar')); + $this->assertEquals('', $this->form_validation->set_checkbox('select', 'bar', TRUE)); + + // Test 3: Multiple options selected + $this->form_validation->reset_validation(); + $this->form_validation->set_rules('select', 'label', 'alpha_numeric'); + $_POST = array('select' => array('foo', 'bar')); + $this->form_validation->run(); + + $this->assertEquals(' checked="checked"', $this->form_validation->set_checkbox('select', 'foo')); + $this->assertEquals(' checked="checked"', $this->form_validation->set_checkbox('select', 'foo', TRUE)); + $this->assertEquals(' checked="checked"', $this->form_validation->set_checkbox('select', 'bar')); + $this->assertEquals(' checked="checked"', $this->form_validation->set_checkbox('select', 'bar', TRUE)); + $this->assertEquals('', $this->form_validation->set_checkbox('select', 'foobar')); + $this->assertEquals('', $this->form_validation->set_checkbox('select', 'foobar', TRUE)); + } + + public function test_regex_match() + { + $regex = '/f[a-zA-Z]+/'; + $this->assertTrue($this->form_validation->regex_match('foo', $regex)); + $this->assertFalse($this->form_validation->regex_match('bar', $regex)); + } + + public function test_prep_for_form() + { + $this->form_validation->reset_validation(); + $err_msg_unprepped = ''; + $err_msg_prepped = '<error ='foobar'">'; + $this->form_validation->set_rules('foo', 'label', 'required', array('required' => $err_msg_unprepped)); + $_POST = array('foo' => ''); + $this->form_validation->run(); + $err_arr = $this->form_validation->error_array(); + + $this->assertEquals('', $this->form_validation->prep_for_form('')); + $this->assertEquals(array('foo' => $err_msg_prepped), $this->form_validation->prep_for_form($err_arr)); + } + + public function test_prep_url() + { + $this->assertEquals('', $this->form_validation->prep_url('')); + $this->assertEquals('http://codeigniter.com', $this->form_validation->prep_url('codeigniter.com')); + $this->assertEquals('https://codeigniter.com', $this->form_validation->prep_url('https://codeigniter.com')); + $this->assertEquals('http://codeigniter.com', $this->form_validation->prep_url('http://codeigniter.com')); + $this->assertEquals('http://www.codeigniter.com', $this->form_validation->prep_url('www.codeigniter.com')); + } + + public function test_encode_php_tags() + { + $this->assertEquals("<?php", $this->form_validation->encode_php_tags('assertEquals('?>', $this->form_validation->encode_php_tags('?>')); + } + /** * Run rules * -- cgit v1.2.3-24-g4f1b From cbf3a559583bcc9055fcee5f7564ca847d0b8dff Mon Sep 17 00:00:00 2001 From: Cyrille TOULET Date: Mon, 30 Mar 2015 09:14:46 +0200 Subject: Use tabs instead of spaces Signed-off-by: Cyrille TOULET --- system/core/URI.php | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/system/core/URI.php b/system/core/URI.php index 9c8e37f0f..2211e3665 100644 --- a/system/core/URI.php +++ b/system/core/URI.php @@ -205,17 +205,17 @@ class CI_URI { $query = isset($uri['query']) ? $uri['query'] : ''; $uri = isset($uri['path']) ? $uri['path'] : ''; - if (isset($_SERVER['SCRIPT_NAME'][0])) - { - if (strpos($uri, $_SERVER['SCRIPT_NAME']) === 0) - { - $uri = (string) substr($uri, strlen($_SERVER['SCRIPT_NAME'])); - } - elseif (strpos($uri, dirname($_SERVER['SCRIPT_NAME'])) === 0) - { - $uri = (string) substr($uri, strlen(dirname($_SERVER['SCRIPT_NAME']))); - } - } + if (isset($_SERVER['SCRIPT_NAME'][0])) + { + if (strpos($uri, $_SERVER['SCRIPT_NAME']) === 0) + { + $uri = (string) substr($uri, strlen($_SERVER['SCRIPT_NAME'])); + } + elseif (strpos($uri, dirname($_SERVER['SCRIPT_NAME'])) === 0) + { + $uri = (string) substr($uri, strlen(dirname($_SERVER['SCRIPT_NAME']))); + } + } // This section ensures that even on servers that require the URI to be in the query string (Nginx) a correct // URI is found, and also fixes the QUERY_STRING server var and $_GET array. -- cgit v1.2.3-24-g4f1b From aa11370ba3d326eef259fedd5a67481b3aa95df6 Mon Sep 17 00:00:00 2001 From: Heesung Ahn Date: Mon, 30 Mar 2015 10:05:47 -0400 Subject: added spaces Signed-off-by:Heesung Ahn --- tests/codeigniter/core/Loader_test.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/codeigniter/core/Loader_test.php b/tests/codeigniter/core/Loader_test.php index 64632c056..6028521d1 100644 --- a/tests/codeigniter/core/Loader_test.php +++ b/tests/codeigniter/core/Loader_test.php @@ -39,7 +39,7 @@ class Loader_test extends CI_TestCase { $this->assertAttributeInstanceOf($class, $lib, $this->ci_obj); // Create library in VFS - $lib = Array('unit_test_lib'=>'unit_test_lib'); + $lib = Array('unit_test_lib' => 'unit_test_lib'); // Test loading as an array (int). $this->assertInstanceOf('CI_Loader', $this->load->library($lib)); -- cgit v1.2.3-24-g4f1b From d1f39fdef53fc510a6a5d19ec2991e5bc474bc29 Mon Sep 17 00:00:00 2001 From: Heesung Ahn Date: Mon, 30 Mar 2015 10:11:32 -0400 Subject: updated array style and removed assert true Signed-off-by:Heesung Ahn --- tests/codeigniter/core/Lang_test.php | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/tests/codeigniter/core/Lang_test.php b/tests/codeigniter/core/Lang_test.php index a4db7a9c2..3fccf096d 100644 --- a/tests/codeigniter/core/Lang_test.php +++ b/tests/codeigniter/core/Lang_test.php @@ -53,12 +53,15 @@ class Lang_test extends CI_TestCase { { // Multiple files $this->ci_vfs_clone('system/language/english/profiler_lang.php'); - $files = Array('profiler', 'nonexistent'); + $files = Array( + 0 => 'profiler', + 1 => 'nonexistent' + ); $this->setExpectedException( 'RuntimeException', 'CI Error: Unable to load the requested language file: language/english/nonexistent_lang.php' ); - $this->assertTrue($this->lang->load($files, 'english')); + $this->lang->load($files, 'english'); } // -------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From fd3105716f5cdede79b9b471561413c161db250c Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 30 Mar 2015 17:19:26 +0300 Subject: Fix #3717 --- system/libraries/Session/Session.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/system/libraries/Session/Session.php b/system/libraries/Session/Session.php index bb457c659..0549fef66 100644 --- a/system/libraries/Session/Session.php +++ b/system/libraries/Session/Session.php @@ -869,7 +869,7 @@ class CI_Session { public function set_tempdata($data, $value = NULL, $ttl = 300) { $this->set_userdata($data, $value); - $this->mark_as_temp($data, $ttl); + $this->mark_as_temp(is_array($data) ? array_keys($data) : $data, $ttl); } // ------------------------------------------------------------------------ -- cgit v1.2.3-24-g4f1b From fc67a701a574641b5dfd7afe00d4c5d403111626 Mon Sep 17 00:00:00 2001 From: Heesung Ahn Date: Mon, 30 Mar 2015 12:08:11 -0400 Subject: changed to lowercase array and space. Signed-off-by:Heesung Ahn --- tests/codeigniter/core/Lang_test.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/codeigniter/core/Lang_test.php b/tests/codeigniter/core/Lang_test.php index 3fccf096d..0f6ffd3fa 100644 --- a/tests/codeigniter/core/Lang_test.php +++ b/tests/codeigniter/core/Lang_test.php @@ -53,9 +53,9 @@ class Lang_test extends CI_TestCase { { // Multiple files $this->ci_vfs_clone('system/language/english/profiler_lang.php'); - $files = Array( - 0 => 'profiler', - 1 => 'nonexistent' + $files = array( + 0 => 'profiler', + 1 => 'nonexistent' ); $this->setExpectedException( 'RuntimeException', -- cgit v1.2.3-24-g4f1b From 90e07bdaa034d98e23378c51105a8aea85878d07 Mon Sep 17 00:00:00 2001 From: Heesung Ahn Date: Mon, 30 Mar 2015 12:10:00 -0400 Subject: changed to lowercase array. Signed-off-by:Heesung Ahn --- tests/codeigniter/core/Loader_test.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/codeigniter/core/Loader_test.php b/tests/codeigniter/core/Loader_test.php index 6028521d1..5e64b62b9 100644 --- a/tests/codeigniter/core/Loader_test.php +++ b/tests/codeigniter/core/Loader_test.php @@ -39,7 +39,7 @@ class Loader_test extends CI_TestCase { $this->assertAttributeInstanceOf($class, $lib, $this->ci_obj); // Create library in VFS - $lib = Array('unit_test_lib' => 'unit_test_lib'); + $lib = array('unit_test_lib' => 'unit_test_lib'); // Test loading as an array (int). $this->assertInstanceOf('CI_Loader', $this->load->library($lib)); -- cgit v1.2.3-24-g4f1b From 928134324d75ed4a876237ec00d4374b2213586a Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 30 Mar 2015 19:27:06 +0300 Subject: [ci skip] Whitespace cleanup following PRs #3713 #3714 --- tests/codeigniter/core/Lang_test.php | 12 ++++++------ tests/codeigniter/core/Loader_test.php | 19 +++++++++---------- 2 files changed, 15 insertions(+), 16 deletions(-) diff --git a/tests/codeigniter/core/Lang_test.php b/tests/codeigniter/core/Lang_test.php index 0f6ffd3fa..d2dd7598a 100644 --- a/tests/codeigniter/core/Lang_test.php +++ b/tests/codeigniter/core/Lang_test.php @@ -46,15 +46,15 @@ class Lang_test extends CI_TestCase { ); $this->lang->load('nonexistent'); } - + // -------------------------------------------------------------------- - + public function test_multiple_file_load() - { + { // Multiple files $this->ci_vfs_clone('system/language/english/profiler_lang.php'); $files = array( - 0 => 'profiler', + 0 => 'profiler', 1 => 'nonexistent' ); $this->setExpectedException( @@ -65,14 +65,14 @@ class Lang_test extends CI_TestCase { } // -------------------------------------------------------------------- - + public function test_alternative_path_load() { // Alternative Path $this->ci_vfs_clone('system/language/english/profiler_lang.php'); $this->assertTrue($this->lang->load('profiler', 'english', FALSE, TRUE, 'vfs://system/')); } - + // -------------------------------------------------------------------- /** diff --git a/tests/codeigniter/core/Loader_test.php b/tests/codeigniter/core/Loader_test.php index 5e64b62b9..cfaf6c74b 100644 --- a/tests/codeigniter/core/Loader_test.php +++ b/tests/codeigniter/core/Loader_test.php @@ -24,7 +24,7 @@ class Loader_test extends CI_TestCase { { // Test getting CI_Loader object $this->assertInstanceOf('CI_Loader', $this->load->library(NULL)); - + // Create library in VFS $lib = 'unit_test_lib'; $class = 'CI_'.ucfirst($lib); @@ -37,10 +37,10 @@ class Loader_test extends CI_TestCase { $this->assertInstanceOf('CI_Loader', $this->load->library(array($lib))); $this->assertTrue(class_exists($class), $class.' does not exist'); $this->assertAttributeInstanceOf($class, $lib, $this->ci_obj); - + // Create library in VFS $lib = array('unit_test_lib' => 'unit_test_lib'); - + // Test loading as an array (int). $this->assertInstanceOf('CI_Loader', $this->load->library($lib)); $this->assertTrue(class_exists($class), $class.' does not exist'); @@ -326,7 +326,7 @@ class Loader_test extends CI_TestCase { $this->assertEquals($val1, $this->load->get_var($key1)); $this->assertEquals(array($key1 => $val1, $key2 => $val2), $this->load->get_vars()); } - + // -------------------------------------------------------------------- public function test_clear_vars() @@ -339,7 +339,7 @@ class Loader_test extends CI_TestCase { $this->assertInstanceOf('CI_Loader', $this->load->vars($key2, $val2)); $this->assertEquals($val1, $this->load->get_var($key1)); $this->assertEquals(array($key1 => $val1, $key2 => $val2), $this->load->get_vars()); - + $this->assertInstanceOf('CI_Loader', $this->load->clear_vars()); $this->assertEquals('', $this->load->get_var($key1)); $this->assertEquals('', $this->load->get_var($key2)); @@ -477,18 +477,18 @@ class Loader_test extends CI_TestCase { $path = APPPATH.$dir.'/'; $path2 = APPPATH.'another/'; $paths = $this->load->get_package_paths(TRUE); - + $this->assertInstanceOf('CI_Loader', $this->load->add_package_path($path)); $this->assertInstanceOf('CI_Loader', $this->load->remove_package_path($path)); $this->assertEquals($paths, $this->load->get_package_paths(TRUE)); - + $this->assertInstanceOf('CI_Loader', $this->load->add_package_path($path2)); $this->assertInstanceOf('CI_Loader', $this->load->remove_package_path()); $this->assertNotContains($path2, $this->load->get_package_paths(TRUE)); } // -------------------------------------------------------------------- - + public function test_load_config() { $cfg = 'someconfig'; @@ -557,5 +557,4 @@ class Loader_test extends CI_TestCase { // Verify config calls $this->assertEquals($cfg['config'], $this->ci_obj->config->loaded); } - -} \ No newline at end of file +} -- cgit v1.2.3-24-g4f1b From 6eb599a2285e2981341b220b72e6f99149f92c3b Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 30 Mar 2015 19:53:38 +0300 Subject: [ci skip] Fix a broken link in the changelog --- user_guide_src/source/changelog.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index a1b15105f..45780ddb3 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -565,7 +565,7 @@ Release Date: Not Released - Changed the library constructor to try to create the **log_path** directory if it doesn't exist. - Added support for microseconds ("u" date format character) in ``$config['log_date_format']``. - - Added `compatibility layers ` for: + - Added :doc:`compatibility layers ` for: - `Multibyte String `_ (limited support). - `Hash `_ (``hash_equals()``, ``hash_pbkdf2()``). -- cgit v1.2.3-24-g4f1b From 29704f8890bac6b0173ff60cbf3c3c383448cee2 Mon Sep 17 00:00:00 2001 From: David Woods Date: Mon, 30 Mar 2015 10:37:57 -0700 Subject: Corrected unit tests for set_select, set_radio, and set_checkbox Coverage now at ~75% --- .../codeigniter/libraries/Form_validation_test.php | 59 ++++++++++------------ 1 file changed, 27 insertions(+), 32 deletions(-) diff --git a/tests/codeigniter/libraries/Form_validation_test.php b/tests/codeigniter/libraries/Form_validation_test.php index 38eb11a34..9ab16a00f 100644 --- a/tests/codeigniter/libraries/Form_validation_test.php +++ b/tests/codeigniter/libraries/Form_validation_test.php @@ -431,13 +431,11 @@ class Form_validation_test extends CI_TestCase { public function test_set_select() { // Test 1: No options selected - $this->form_validation->reset_validation(); - $this->form_validation->set_rules('select', 'label', 'alpha_numeric'); + $this->form_validation->reset_validation(); $_POST = array(); $this->form_validation->run(); - $this->assertEquals('', $this->form_validation->set_select('select', 'foo')); - // This fails. Default is only used when no rules are defined. Is this really the desired behaviour? + $this->assertEquals('', $this->form_validation->set_select('select', 'foo')); $this->assertEquals(' selected="selected"', $this->form_validation->set_select('select', 'bar', TRUE)); // Test 2: 1 option selected @@ -453,28 +451,27 @@ class Form_validation_test extends CI_TestCase { // Test 3: Multiple options selected $this->form_validation->reset_validation(); - $this->form_validation->set_rules('select', 'label', 'alpha_numeric'); + $this->form_validation->set_rules('select[]', 'label', 'alpha_numeric'); $_POST = array('select' => array('foo', 'bar')); $this->form_validation->run(); - $this->assertEquals(' selected="selected"', $this->form_validation->set_select('select', 'foo')); - $this->assertEquals(' selected="selected"', $this->form_validation->set_select('select', 'foo', TRUE)); - $this->assertEquals(' selected="selected"', $this->form_validation->set_select('select', 'bar')); - $this->assertEquals(' selected="selected"', $this->form_validation->set_select('select', 'bar', TRUE)); - $this->assertEquals('', $this->form_validation->set_select('select', 'foobar')); - $this->assertEquals('', $this->form_validation->set_select('select', 'foobar', TRUE)); + $this->assertEquals(' selected="selected"', $this->form_validation->set_select('select[]', 'foo')); + $this->assertEquals(' selected="selected"', $this->form_validation->set_select('select[]', 'foo', TRUE)); + $this->assertEquals(' selected="selected"', $this->form_validation->set_select('select[]', 'bar')); + $this->assertEquals(' selected="selected"', $this->form_validation->set_select('select[]', 'bar', TRUE)); + $this->assertEquals('', $this->form_validation->set_select('select[]', 'foobar')); + $this->assertEquals('', $this->form_validation->set_select('select[]', 'foobar', TRUE)); } public function test_set_radio() { // Test 1: No options selected - $this->form_validation->reset_validation(); - $this->form_validation->set_rules('select', 'label', 'alpha_numeric'); + $this->form_validation->reset_validation(); $_POST = array(); $this->form_validation->run(); $this->assertEquals('', $this->form_validation->set_radio('select', 'foo')); - // This fails. Default is only used when no rules are defined. Is this really the desired behaviour? + // Default should only work when no rules are set $this->assertEquals(' checked="checked"', $this->form_validation->set_radio('select', 'bar', TRUE)); // Test 2: 1 option selected @@ -490,28 +487,26 @@ class Form_validation_test extends CI_TestCase { // Test 3: Multiple options checked $this->form_validation->reset_validation(); - $this->form_validation->set_rules('select', 'label', 'alpha_numeric'); + $this->form_validation->set_rules('select[]', 'label', 'alpha_numeric'); $_POST = array('select' => array('foo', 'bar')); $this->form_validation->run(); - $this->assertEquals(' checked="checked"', $this->form_validation->set_radio('select', 'foo')); - $this->assertEquals(' checked="checked"', $this->form_validation->set_radio('select', 'foo', TRUE)); - $this->assertEquals(' checked="checked"', $this->form_validation->set_radio('select', 'bar')); - $this->assertEquals(' checked="checked"', $this->form_validation->set_radio('select', 'bar', TRUE)); - $this->assertEquals('', $this->form_validation->set_radio('select', 'foobar')); - $this->assertEquals('', $this->form_validation->set_radio('select', 'foobar', TRUE)); + $this->assertEquals(' checked="checked"', $this->form_validation->set_radio('select[]', 'foo')); + $this->assertEquals(' checked="checked"', $this->form_validation->set_radio('select[]', 'foo', TRUE)); + $this->assertEquals(' checked="checked"', $this->form_validation->set_radio('select[]', 'bar')); + $this->assertEquals(' checked="checked"', $this->form_validation->set_radio('select[]', 'bar', TRUE)); + $this->assertEquals('', $this->form_validation->set_radio('select[]', 'foobar')); + $this->assertEquals('', $this->form_validation->set_radio('select[]', 'foobar', TRUE)); } public function test_set_checkbox() { // Test 1: No options selected - $this->form_validation->reset_validation(); - $this->form_validation->set_rules('select', 'label', 'alpha_numeric'); + $this->form_validation->reset_validation(); $_POST = array(); $this->form_validation->run(); - $this->assertEquals('', $this->form_validation->set_checkbox('select', 'foo')); - // This fails. Default is only used when no rules are defined. Is this really the desired behaviour? + $this->assertEquals('', $this->form_validation->set_checkbox('select', 'foo')); $this->assertEquals(' checked="checked"', $this->form_validation->set_checkbox('select', 'bar', TRUE)); // Test 2: 1 option selected @@ -527,16 +522,16 @@ class Form_validation_test extends CI_TestCase { // Test 3: Multiple options selected $this->form_validation->reset_validation(); - $this->form_validation->set_rules('select', 'label', 'alpha_numeric'); + $this->form_validation->set_rules('select[]', 'label', 'alpha_numeric'); $_POST = array('select' => array('foo', 'bar')); $this->form_validation->run(); - $this->assertEquals(' checked="checked"', $this->form_validation->set_checkbox('select', 'foo')); - $this->assertEquals(' checked="checked"', $this->form_validation->set_checkbox('select', 'foo', TRUE)); - $this->assertEquals(' checked="checked"', $this->form_validation->set_checkbox('select', 'bar')); - $this->assertEquals(' checked="checked"', $this->form_validation->set_checkbox('select', 'bar', TRUE)); - $this->assertEquals('', $this->form_validation->set_checkbox('select', 'foobar')); - $this->assertEquals('', $this->form_validation->set_checkbox('select', 'foobar', TRUE)); + $this->assertEquals(' checked="checked"', $this->form_validation->set_checkbox('select[]', 'foo')); + $this->assertEquals(' checked="checked"', $this->form_validation->set_checkbox('select[]', 'foo', TRUE)); + $this->assertEquals(' checked="checked"', $this->form_validation->set_checkbox('select[]', 'bar')); + $this->assertEquals(' checked="checked"', $this->form_validation->set_checkbox('select[]', 'bar', TRUE)); + $this->assertEquals('', $this->form_validation->set_checkbox('select[]', 'foobar')); + $this->assertEquals('', $this->form_validation->set_checkbox('select[]', 'foobar', TRUE)); } public function test_regex_match() -- cgit v1.2.3-24-g4f1b From 7a46bdeed5c1fb2dfafa18b7bd3a2315bd08255e Mon Sep 17 00:00:00 2001 From: mwhitneysdsu Date: Mon, 30 Mar 2015 12:22:17 -0700 Subject: Fix logged path to match checked path in loader This is to fix a logged path missed in 8f5c1780706113c926bb7801db27dbae97d00fcf --- system/core/Loader.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/system/core/Loader.php b/system/core/Loader.php index 254ad0d6d..c0a5cd634 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -1118,7 +1118,7 @@ class CI_Loader { } else { - log_message('debug', APPPATH.'libraries/'.$file_path.$subclass.'.php exists, but does not declare '.$subclass); + log_message('debug', $path.' exists, but does not declare '.$subclass); } } } -- cgit v1.2.3-24-g4f1b From 7f6f3e3485c1ba9762a239cf279af49bb9bfc755 Mon Sep 17 00:00:00 2001 From: David Woods Date: Mon, 30 Mar 2015 12:25:27 -0700 Subject: Fix for parsing error in PHP 5.2 and 5.3 --- tests/codeigniter/libraries/Form_validation_test.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/tests/codeigniter/libraries/Form_validation_test.php b/tests/codeigniter/libraries/Form_validation_test.php index 9ab16a00f..a25dcf747 100644 --- a/tests/codeigniter/libraries/Form_validation_test.php +++ b/tests/codeigniter/libraries/Form_validation_test.php @@ -346,7 +346,8 @@ class Form_validation_test extends CI_TestCase { $this->form_validation->set_rules('foo', 'label', 'required'); $_POST = array('foo' => ''); $this->form_validation->run(); - $this->assertEquals($error_message, $this->form_validation->error_array()['foo']); + $err_arr = $this->form_validation->error_array(); + $this->assertEquals($error_message, $err_arr['foo']); } public function test_error_string() -- cgit v1.2.3-24-g4f1b From e04f4f76199d88ae2a3a62379fac728ceb637895 Mon Sep 17 00:00:00 2001 From: mwhitneysdsu Date: Mon, 30 Mar 2015 12:38:22 -0700 Subject: Fix whitespace in previous commit --- system/core/Loader.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/system/core/Loader.php b/system/core/Loader.php index c0a5cd634..007378ee2 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -1118,7 +1118,7 @@ class CI_Loader { } else { - log_message('debug', $path.' exists, but does not declare '.$subclass); + log_message('debug', $path.' exists, but does not declare '.$subclass); } } } -- cgit v1.2.3-24-g4f1b From c0b2ae29b8a4c48c6adde72bc3f66ad3780246ec Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 31 Mar 2015 11:50:46 +0300 Subject: [ci skip] Update version number --- system/core/CodeIgniter.php | 2 +- user_guide_src/source/conf.py | 4 ++-- user_guide_src/source/installation/upgrade_300.rst | 2 -- 3 files changed, 3 insertions(+), 5 deletions(-) diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index d830c1829..b38166b60 100644 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -55,7 +55,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @var string * */ - define('CI_VERSION', '3.0-dev'); + define('CI_VERSION', '3.0.0'); /* * ------------------------------------------------------ diff --git a/user_guide_src/source/conf.py b/user_guide_src/source/conf.py index d65fe0dfd..93d70b2e4 100644 --- a/user_guide_src/source/conf.py +++ b/user_guide_src/source/conf.py @@ -48,9 +48,9 @@ copyright = u'2014 - 2015, British Columbia Institute of Technology' # built documents. # # The short X.Y version. -version = '3.0' +version = '3.0.0' # The full version, including alpha/beta/rc tags. -release = '3.0-dev' +release = '3.0.0' # The language for content autogenerated by Sphinx. Refer to documentation # for a list of supported languages. diff --git a/user_guide_src/source/installation/upgrade_300.rst b/user_guide_src/source/installation/upgrade_300.rst index 7e3479740..a3d712482 100644 --- a/user_guide_src/source/installation/upgrade_300.rst +++ b/user_guide_src/source/installation/upgrade_300.rst @@ -2,8 +2,6 @@ Upgrading from 2.2.x to 3.0.0 ############################# -.. note:: These upgrade notes are for a version that is yet to be released. - Before performing an update you should take your site offline by replacing the index.php file with a static one. ************************************* -- cgit v1.2.3-24-g4f1b From a8c499d0125b2e96f7f3c539f6b46cff7547aa80 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 31 Mar 2015 15:01:36 +0300 Subject: [ci skip] Update security recommendations --- user_guide_src/source/general/security.rst | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/user_guide_src/source/general/security.rst b/user_guide_src/source/general/security.rst index efc821f2b..fcfe4c24b 100644 --- a/user_guide_src/source/general/security.rst +++ b/user_guide_src/source/general/security.rst @@ -143,11 +143,15 @@ with that. Please read below. feature, just randomly generate a new, one-time (this is also important) password and send that instead. -- DO NOT put artificial limits on your users' passwords. +- DO NOT put unnecessary limits on your users' passwords. - There's no point in forcing a rule that a password can only be up to - a number of characters, or that it can't contain a certain set of - special characters. + If you're using a hashing algorithm other than BCrypt (which has a limit + of 72 characters), you should set a relatively high limit on password + lengths in order to mitigate DoS attacks - say, 1024 characters. + + Other than that however, there's no point in forcing a rule that a + password can only be up to a number of characters, or that it can't + contain a certain set of special characters. Not only does this **reduce** security instead of improving it, but there's literally no reason to do it. No technical limitations and -- cgit v1.2.3-24-g4f1b From 0be4c803d10dfb2c697e07751654848829d4476b Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 31 Mar 2015 15:03:03 +0300 Subject: [ci skip] Fix a wrong docblock link --- system/core/Hooks.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/system/core/Hooks.php b/system/core/Hooks.php index 08479b133..3b4fb2250 100644 --- a/system/core/Hooks.php +++ b/system/core/Hooks.php @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Libraries * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/encryption.html + * @link http://codeigniter.com/user_guide/general/hooks.html */ class CI_Hooks { -- cgit v1.2.3-24-g4f1b From c6ac5592006935eefab2cc88b808497548105953 Mon Sep 17 00:00:00 2001 From: David Woods Date: Tue, 31 Mar 2015 20:19:39 -0700 Subject: Style changes and variable name changes --- .../codeigniter/libraries/Form_validation_test.php | 43 +++++++++++----------- 1 file changed, 21 insertions(+), 22 deletions(-) diff --git a/tests/codeigniter/libraries/Form_validation_test.php b/tests/codeigniter/libraries/Form_validation_test.php index a25dcf747..b2d401ee5 100644 --- a/tests/codeigniter/libraries/Form_validation_test.php +++ b/tests/codeigniter/libraries/Form_validation_test.php @@ -313,7 +313,7 @@ class Form_validation_test extends CI_TestCase { $this->form_validation->set_data($erroneous_data); $this->form_validation->set_rules($rules); $this->form_validation->run(); - $this->assertEquals('

' . $err_message . '

', $this->form_validation->error('req_field')); + $this->assertEquals('

'.$err_message.'

', $this->form_validation->error('req_field')); $this->form_validation->reset_validation(); $this->form_validation->set_message('required', $err_message); @@ -346,8 +346,8 @@ class Form_validation_test extends CI_TestCase { $this->form_validation->set_rules('foo', 'label', 'required'); $_POST = array('foo' => ''); $this->form_validation->run(); - $err_arr = $this->form_validation->error_array(); - $this->assertEquals($error_message, $err_arr['foo']); + $error_array = $this->form_validation->error_array(); + $this->assertEquals($error_message, $error_array['foo']); } public function test_error_string() @@ -364,16 +364,16 @@ class Form_validation_test extends CI_TestCase { $_POST = array('foo' => ''); $this->form_validation->run(); - $this->assertEquals($prefix_default . $error_message . $suffix_default . "\n", $this->form_validation->error_string()); - $this->assertEquals($prefix_test . $error_message . $suffix_default . "\n", $this->form_validation->error_string($prefix_test, '')); - $this->assertEquals($prefix_default . $error_message . $suffix_test . "\n", $this->form_validation->error_string('', $suffix_test)); - $this->assertEquals($prefix_test . $error_message . $suffix_test . "\n", $this->form_validation->error_string($prefix_test, $suffix_test)); - + $this->assertEquals($prefix_default.$error_message.$suffix_default."\n", $this->form_validation->error_string()); + $this->assertEquals($prefix_test.$error_message.$suffix_default."\n", $this->form_validation->error_string($prefix_test, '')); + $this->assertEquals($prefix_default.$error_message.$suffix_test."\n", $this->form_validation->error_string('', $suffix_test)); + $this->assertEquals($prefix_test.$error_message.$suffix_test."\n", $this->form_validation->error_string($prefix_test, $suffix_test)); + $this->form_validation->reset_validation(); $this->form_validation->set_rules('foo', 'label', 'required'); $_POST = array('foo' => 'bar'); $this->form_validation->run(); - $this->assertEquals('', $this->form_validation->error_string()); + $this->assertEquals('', $this->form_validation->error_string()); } public function test_run() @@ -399,27 +399,27 @@ class Form_validation_test extends CI_TestCase { $_POST = array('username' => 'foo42'); $form_validation = new CI_Form_validation($config); $this->assertTrue($form_validation->run('pass')); - - $form_validation = new CI_Form_validation($config); + + $form_validation = new CI_Form_validation($config); $this->assertFalse($form_validation->run('fail')); } - + public function test_has_rule() { $this->form_validation->reset_validation(); $this->form_validation->set_rules('foo', 'label', 'required'); - + $this->assertTrue($this->form_validation->has_rule('foo')); $this->assertFalse($this->form_validation->has_rule('bar')); } - + public function test_set_value() { $this->form_validation->reset_validation(); $default = 'default'; $this->form_validation->set_rules('foo', 'label', 'required'); $this->form_validation->set_rules('bar[]', 'label', 'required'); - + // No post data yet: should return the default value provided $this->assertEquals($default, $this->form_validation->set_value('foo', $default)); $_POST = array('foo' => 'foo', 'bar' => array('bar1', 'bar2')); @@ -545,15 +545,15 @@ class Form_validation_test extends CI_TestCase { public function test_prep_for_form() { $this->form_validation->reset_validation(); - $err_msg_unprepped = ''; - $err_msg_prepped = '<error ='foobar'">'; - $this->form_validation->set_rules('foo', 'label', 'required', array('required' => $err_msg_unprepped)); + $error_msg_unprepped = ''; + $error_msg_prepped = '<error ='foobar'">'; + $this->form_validation->set_rules('foo', 'label', 'required', array('required' => $error_msg_unprepped)); $_POST = array('foo' => ''); $this->form_validation->run(); - $err_arr = $this->form_validation->error_array(); - + $error_arr = $this->form_validation->error_array(); + $this->assertEquals('', $this->form_validation->prep_for_form('')); - $this->assertEquals(array('foo' => $err_msg_prepped), $this->form_validation->prep_for_form($err_arr)); + $this->assertEquals(array('foo' => $error_msg_prepped), $this->form_validation->prep_for_form($error_arr)); } public function test_prep_url() @@ -590,5 +590,4 @@ class Form_validation_test extends CI_TestCase { return $this->form_validation->run(); } - } -- cgit v1.2.3-24-g4f1b From da7a2205876791dda5b9b62840c3cf6bd6233543 Mon Sep 17 00:00:00 2001 From: Achraf Almouloudi Date: Wed, 1 Apr 2015 05:27:56 +0100 Subject: Fixed typo --- system/libraries/Encryption.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/system/libraries/Encryption.php b/system/libraries/Encryption.php index e3e68139a..f3e039881 100644 --- a/system/libraries/Encryption.php +++ b/system/libraries/Encryption.php @@ -121,7 +121,7 @@ class CI_Encryption { ); /** - * List of supported HMAC algorightms + * List of supported HMAC algorithms * * name => digest size pairs * -- cgit v1.2.3-24-g4f1b From 2e9ae00efbc8441e7019a7ab68a866798df42800 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 1 Apr 2015 14:45:16 +0300 Subject: [ci skip] Whitespace cleanup following PR #3716 --- .../codeigniter/libraries/Form_validation_test.php | 58 +++++++++++----------- 1 file changed, 29 insertions(+), 29 deletions(-) diff --git a/tests/codeigniter/libraries/Form_validation_test.php b/tests/codeigniter/libraries/Form_validation_test.php index b2d401ee5..26d82ec93 100644 --- a/tests/codeigniter/libraries/Form_validation_test.php +++ b/tests/codeigniter/libraries/Form_validation_test.php @@ -428,34 +428,34 @@ class Form_validation_test extends CI_TestCase { $this->assertEquals('bar1', $this->form_validation->set_value('bar[]', $default)); $this->assertEquals('bar2', $this->form_validation->set_value('bar[]', $default)); } - + public function test_set_select() { // Test 1: No options selected - $this->form_validation->reset_validation(); + $this->form_validation->reset_validation(); $_POST = array(); $this->form_validation->run(); - - $this->assertEquals('', $this->form_validation->set_select('select', 'foo')); + + $this->assertEquals('', $this->form_validation->set_select('select', 'foo')); $this->assertEquals(' selected="selected"', $this->form_validation->set_select('select', 'bar', TRUE)); - + // Test 2: 1 option selected $this->form_validation->reset_validation(); $this->form_validation->set_rules('select', 'label', 'alpha_numeric'); $_POST = array('select' => 'foo'); $this->form_validation->run(); - + $this->assertEquals(' selected="selected"', $this->form_validation->set_select('select', 'foo')); $this->assertEquals(' selected="selected"', $this->form_validation->set_select('select', 'foo', TRUE)); $this->assertEquals('', $this->form_validation->set_select('select', 'bar')); $this->assertEquals('', $this->form_validation->set_select('select', 'bar', TRUE)); - + // Test 3: Multiple options selected $this->form_validation->reset_validation(); $this->form_validation->set_rules('select[]', 'label', 'alpha_numeric'); $_POST = array('select' => array('foo', 'bar')); $this->form_validation->run(); - + $this->assertEquals(' selected="selected"', $this->form_validation->set_select('select[]', 'foo')); $this->assertEquals(' selected="selected"', $this->form_validation->set_select('select[]', 'foo', TRUE)); $this->assertEquals(' selected="selected"', $this->form_validation->set_select('select[]', 'bar')); @@ -463,35 +463,35 @@ class Form_validation_test extends CI_TestCase { $this->assertEquals('', $this->form_validation->set_select('select[]', 'foobar')); $this->assertEquals('', $this->form_validation->set_select('select[]', 'foobar', TRUE)); } - + public function test_set_radio() { // Test 1: No options selected - $this->form_validation->reset_validation(); + $this->form_validation->reset_validation(); $_POST = array(); $this->form_validation->run(); - + $this->assertEquals('', $this->form_validation->set_radio('select', 'foo')); // Default should only work when no rules are set $this->assertEquals(' checked="checked"', $this->form_validation->set_radio('select', 'bar', TRUE)); - + // Test 2: 1 option selected $this->form_validation->reset_validation(); $this->form_validation->set_rules('select', 'label', 'alpha_numeric'); $_POST = array('select' => 'foo'); $this->form_validation->run(); - + $this->assertEquals(' checked="checked"', $this->form_validation->set_radio('select', 'foo')); $this->assertEquals(' checked="checked"', $this->form_validation->set_radio('select', 'foo', TRUE)); $this->assertEquals('', $this->form_validation->set_radio('select', 'bar')); $this->assertEquals('', $this->form_validation->set_radio('select', 'bar', TRUE)); - + // Test 3: Multiple options checked $this->form_validation->reset_validation(); $this->form_validation->set_rules('select[]', 'label', 'alpha_numeric'); $_POST = array('select' => array('foo', 'bar')); $this->form_validation->run(); - + $this->assertEquals(' checked="checked"', $this->form_validation->set_radio('select[]', 'foo')); $this->assertEquals(' checked="checked"', $this->form_validation->set_radio('select[]', 'foo', TRUE)); $this->assertEquals(' checked="checked"', $this->form_validation->set_radio('select[]', 'bar')); @@ -499,34 +499,34 @@ class Form_validation_test extends CI_TestCase { $this->assertEquals('', $this->form_validation->set_radio('select[]', 'foobar')); $this->assertEquals('', $this->form_validation->set_radio('select[]', 'foobar', TRUE)); } - + public function test_set_checkbox() { // Test 1: No options selected - $this->form_validation->reset_validation(); + $this->form_validation->reset_validation(); $_POST = array(); $this->form_validation->run(); - - $this->assertEquals('', $this->form_validation->set_checkbox('select', 'foo')); + + $this->assertEquals('', $this->form_validation->set_checkbox('select', 'foo')); $this->assertEquals(' checked="checked"', $this->form_validation->set_checkbox('select', 'bar', TRUE)); - + // Test 2: 1 option selected $this->form_validation->reset_validation(); $this->form_validation->set_rules('select', 'label', 'alpha_numeric'); $_POST = array('select' => 'foo'); $this->form_validation->run(); - + $this->assertEquals(' checked="checked"', $this->form_validation->set_checkbox('select', 'foo')); $this->assertEquals(' checked="checked"', $this->form_validation->set_checkbox('select', 'foo', TRUE)); $this->assertEquals('', $this->form_validation->set_checkbox('select', 'bar')); $this->assertEquals('', $this->form_validation->set_checkbox('select', 'bar', TRUE)); - + // Test 3: Multiple options selected $this->form_validation->reset_validation(); $this->form_validation->set_rules('select[]', 'label', 'alpha_numeric'); $_POST = array('select' => array('foo', 'bar')); $this->form_validation->run(); - + $this->assertEquals(' checked="checked"', $this->form_validation->set_checkbox('select[]', 'foo')); $this->assertEquals(' checked="checked"', $this->form_validation->set_checkbox('select[]', 'foo', TRUE)); $this->assertEquals(' checked="checked"', $this->form_validation->set_checkbox('select[]', 'bar')); @@ -534,14 +534,14 @@ class Form_validation_test extends CI_TestCase { $this->assertEquals('', $this->form_validation->set_checkbox('select[]', 'foobar')); $this->assertEquals('', $this->form_validation->set_checkbox('select[]', 'foobar', TRUE)); } - + public function test_regex_match() { $regex = '/f[a-zA-Z]+/'; $this->assertTrue($this->form_validation->regex_match('foo', $regex)); - $this->assertFalse($this->form_validation->regex_match('bar', $regex)); + $this->assertFalse($this->form_validation->regex_match('bar', $regex)); } - + public function test_prep_for_form() { $this->form_validation->reset_validation(); @@ -555,7 +555,7 @@ class Form_validation_test extends CI_TestCase { $this->assertEquals('', $this->form_validation->prep_for_form('')); $this->assertEquals(array('foo' => $error_msg_prepped), $this->form_validation->prep_for_form($error_arr)); } - + public function test_prep_url() { $this->assertEquals('', $this->form_validation->prep_url('')); @@ -564,13 +564,13 @@ class Form_validation_test extends CI_TestCase { $this->assertEquals('http://codeigniter.com', $this->form_validation->prep_url('http://codeigniter.com')); $this->assertEquals('http://www.codeigniter.com', $this->form_validation->prep_url('www.codeigniter.com')); } - + public function test_encode_php_tags() { $this->assertEquals("<?php", $this->form_validation->encode_php_tags('assertEquals('?>', $this->form_validation->encode_php_tags('?>')); } - + /** * Run rules * -- cgit v1.2.3-24-g4f1b From 68bad62fc4d88b6423bd15ab94a53c54a919f041 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 1 Apr 2015 14:51:25 +0300 Subject: Mitigate potential DoS attacks against hash_pbkdf2() Related: #3720 --- system/core/compat/hash.php | 51 +++++++++++++++++++++++++++++++++++-- user_guide_src/source/changelog.rst | 14 ++++++++-- 2 files changed, 61 insertions(+), 4 deletions(-) diff --git a/system/core/compat/hash.php b/system/core/compat/hash.php index 477535dca..15954559c 100644 --- a/system/core/compat/hash.php +++ b/system/core/compat/hash.php @@ -174,9 +174,56 @@ if ( ! function_exists('hash_pbkdf2')) } $hash_length = strlen(hash($algo, NULL, TRUE)); - if (empty($length)) + empty($length) && $length = $hash_length; + + // Pre-hash password inputs longer than the algorithm's block size + // (i.e. prepare HMAC key) to mitigate potential DoS attacks. + static $block_sizes; + empty($block_sizes) && $block_sizes = array( + 'gost' => 32, + 'haval128,3' => 128, + 'haval160,3' => 128, + 'haval192,3' => 128, + 'haval224,3' => 128, + 'haval256,3' => 128, + 'haval128,4' => 128, + 'haval160,4' => 128, + 'haval192,4' => 128, + 'haval224,4' => 128, + 'haval256,4' => 128, + 'haval128,5' => 128, + 'haval160,5' => 128, + 'haval192,5' => 128, + 'haval224,5' => 128, + 'haval256,5' => 128, + 'md2' => 16, + 'md4' => 64, + 'md5' => 64, + 'ripemd128' => 64, + 'ripemd160' => 64, + 'ripemd256' => 64, + 'ripemd320' => 64, + 'salsa10' => 64, + 'salsa20' => 64, + 'sha1' => 64, + 'sha224' => 64, + 'sha256' => 64, + 'sha384' => 128, + 'sha512' => 128, + 'snefru' => 32, + 'snefru256' => 32, + 'tiger128,3' => 64, + 'tiger160,3' => 64, + 'tiger192,3' => 64, + 'tiger128,4' => 64, + 'tiger160,4' => 64, + 'tiger192,4' => 64, + 'whirlpool' => 64 + ); + + if (isset($block_sizes[$algo]) && strlen($password) > $block_sizes[$algo]) { - $length = $hash_length; + $password = hash($algo, $password, TRUE); } $hash = ''; diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index 45780ddb3..e6e3e9d17 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -2,11 +2,21 @@ Change Log ########## -Version 3.0 (planned) -======================= +Version 3.0.1 +============= Release Date: Not Released +- Core + + - Added DoS mitigation to :php:func:`hash_pbkdf2()` :doc:`compatibility function `. + + +Version 3.0.0 +============= + +Release Date: March 30, 2015 + - License - CodeIgniter has been relicensed with the `MIT License `_, eliminating its old proprietary licensing. -- cgit v1.2.3-24-g4f1b From d75847ecf28bdbad7033af33514d042ee86c13c2 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 1 Apr 2015 14:51:47 +0300 Subject: [ci skip] Update version numbers --- system/core/CodeIgniter.php | 2 +- user_guide_src/source/conf.py | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index b38166b60..ddf322749 100644 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -55,7 +55,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @var string * */ - define('CI_VERSION', '3.0.0'); + define('CI_VERSION', '3.0.1-dev'); /* * ------------------------------------------------------ diff --git a/user_guide_src/source/conf.py b/user_guide_src/source/conf.py index 93d70b2e4..1704654b6 100644 --- a/user_guide_src/source/conf.py +++ b/user_guide_src/source/conf.py @@ -48,9 +48,9 @@ copyright = u'2014 - 2015, British Columbia Institute of Technology' # built documents. # # The short X.Y version. -version = '3.0.0' +version = '3.0.1' # The full version, including alpha/beta/rc tags. -release = '3.0.0' +release = '3.0.0-dev' # The language for content autogenerated by Sphinx. Refer to documentation # for a list of supported languages. -- cgit v1.2.3-24-g4f1b From 680e52985219a25926a3396677cb8391c8cc9da6 Mon Sep 17 00:00:00 2001 From: Sentabi Date: Thu, 2 Apr 2015 23:52:40 +0700 Subject: fixing typo --- user_guide_src/source/tutorial/static_pages.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/user_guide_src/source/tutorial/static_pages.rst b/user_guide_src/source/tutorial/static_pages.rst index 0c75d5a34..62b3469ad 100644 --- a/user_guide_src/source/tutorial/static_pages.rst +++ b/user_guide_src/source/tutorial/static_pages.rst @@ -12,14 +12,14 @@ It is the glue of your web application. For example, when a call is made to: - http://example.com/news/latest/10 + http://example.com/news/latest/10 We might imagine that there is a controller named "news". The method being called on news would be "latest". The news method's job could be to grab 10 news items, and render them on the page. Very often in MVC, you'll see URL patterns that match: - http://example.com/[controller-class]/[controller-method]/[arguments] + http://example.com/[controller-class]/[controller-method]/[arguments] As URL schemes become more complex, this may change. But for now, this is all we will need to know. -- cgit v1.2.3-24-g4f1b From b7a8fbb9588ce4603e9c8fa16072a186e70b8bdb Mon Sep 17 00:00:00 2001 From: Kyle Gadd Date: Fri, 3 Apr 2015 17:37:44 -0600 Subject: Matched root_path's slashes with the name being replaced --- system/libraries/Zip.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/system/libraries/Zip.php b/system/libraries/Zip.php index f2f17148b..3e98ac568 100644 --- a/system/libraries/Zip.php +++ b/system/libraries/Zip.php @@ -352,7 +352,7 @@ class CI_Zip { // Set the original directory root for child dir's to use as relative if ($root_path === NULL) { - $root_path = dirname($path).DIRECTORY_SEPARATOR; + $root_path = str_replace(array('\\', '/'), DIRECTORY_SEPARATOR, dirname($path)).DIRECTORY_SEPARATOR; } while (FALSE !== ($file = readdir($fp))) -- cgit v1.2.3-24-g4f1b From 1db6da309a66ff202d43a4bbb5fdbd66d70afe13 Mon Sep 17 00:00:00 2001 From: LouisMilotte Date: Sat, 4 Apr 2015 03:22:12 -0700 Subject: Edit dbforge drop_table line 230 At current the documentation does not distinguish between DROP TABLE IF EXISTS table_name and DROP TABLE table_name. As seen by the DB_forge.php class in system/database; the function accepts a Boolean as the second parameter as to whether or not to apply the IF EXISTS mysql condition. --- user_guide_src/source/database/forge.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/user_guide_src/source/database/forge.rst b/user_guide_src/source/database/forge.rst index 89fac023e..a4edada5c 100644 --- a/user_guide_src/source/database/forge.rst +++ b/user_guide_src/source/database/forge.rst @@ -227,7 +227,7 @@ Execute a DROP TABLE statement and optionally add an IF EXISTS clause. $this->dbforge->drop_table('table_name'); // Produces: DROP TABLE IF EXISTS table_name - $this->dbforge->drop_table('table_name'); + $this->dbforge->drop_table('table_name',TRUE); Renaming a table @@ -405,4 +405,4 @@ Class Reference :returns: TRUE on success, FALSE on failure :rtype: bool - Renames a table. Usage: See `Renaming a table`_. \ No newline at end of file + Renames a table. Usage: See `Renaming a table`_. -- cgit v1.2.3-24-g4f1b From e36d048b068418b76551fb9eaa2c32a7b40f3812 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 4 Apr 2015 21:55:09 +0300 Subject: Fix #3733 Close #3734 --- system/core/Loader.php | 5 +---- user_guide_src/source/changelog.rst | 6 +++++- 2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/system/core/Loader.php b/system/core/Loader.php index 007378ee2..9205ad1b6 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -1307,10 +1307,7 @@ class CI_Loader { } // Load all other libraries - foreach ($autoload['libraries'] as $item) - { - $this->library($item); - } + $this->library($autoload['libraries']); } // Autoload models diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index e6e3e9d17..8fa4d1ef1 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -11,6 +11,10 @@ Release Date: Not Released - Added DoS mitigation to :php:func:`hash_pbkdf2()` :doc:`compatibility function `. +Bug fixes for 3.0.1 +------------------- + +- Fixed a bug (#3733) - Autoloading of libraries with aliases didn't work, although it was advertised to. Version 3.0.0 ============= @@ -589,7 +593,7 @@ Release Date: March 30, 2015 Bug fixes for 3.0 ------------------- +----------------- - Fixed a bug where ``unlink()`` raised an error if cache file did not exist when you try to delete it. - Fixed a bug (#181) - a typo in the form validation language file. -- cgit v1.2.3-24-g4f1b From 8f793674fec90d0e3306dce59945fbd6da15936a Mon Sep 17 00:00:00 2001 From: Yahya Erturan Date: Mon, 6 Apr 2015 12:12:53 +0300 Subject: #3727 Lowercase $side variable for $this->db->like() in Query Builder $this->db->like('name',$value,'AFTER') returns LIKE '%$value%'. Safer to lowercase in case of UPPERCASE habits. --- system/database/DB_query_builder.php | 3 +++ 1 file changed, 3 insertions(+) diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index e5ffef2bb..a77ed57d0 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -925,6 +925,9 @@ abstract class CI_DB_query_builder extends CI_DB_driver { ? $this->_group_get_type('') : $this->_group_get_type($type); $v = $this->escape_like_str($v); + + // lowercase $side for in case of UPPERCASE string + $side = strtolower($side); if ($side === 'none') { -- cgit v1.2.3-24-g4f1b