From fbd31c8d98bd7e5eac5c8e8c2f102b05350db93e Mon Sep 17 00:00:00 2001
From: Andrey Andreev
Date: Sat, 19 May 2012 13:19:43 +0300
Subject: Fix issue #726
---
system/database/drivers/pdo/pdo_driver.php | 16 ++++++++--------
user_guide/changelog.html | 1 +
2 files changed, 9 insertions(+), 8 deletions(-)
diff --git a/system/database/drivers/pdo/pdo_driver.php b/system/database/drivers/pdo/pdo_driver.php
index 5de2079bb..c38b79c5a 100644
--- a/system/database/drivers/pdo/pdo_driver.php
+++ b/system/database/drivers/pdo/pdo_driver.php
@@ -51,23 +51,23 @@ class CI_DB_pdo_driver extends CI_DB {
function __construct($params)
{
parent::__construct($params);
-
+
// clause and character used for LIKE escape sequences
if (strpos($this->hostname, 'mysql') !== FALSE)
{
$this->_like_escape_str = '';
$this->_like_escape_chr = '';
-
+
//Prior to this version, the charset can't be set in the dsn
if(is_php('5.3.6'))
{
$this->hostname .= ";charset={$this->char_set}";
}
-
+
//Set the charset with the connection options
$this->options['PDO::MYSQL_ATTR_INIT_COMMAND'] = "SET NAMES {$this->char_set}";
}
- else if (strpos($this->hostname, 'odbc') !== FALSE)
+ elseif (strpos($this->hostname, 'odbc') !== FALSE)
{
$this->_like_escape_str = " {escape '%s'} ";
$this->_like_escape_chr = '!';
@@ -77,9 +77,9 @@ class CI_DB_pdo_driver extends CI_DB {
$this->_like_escape_str = " ESCAPE '%s' ";
$this->_like_escape_chr = '!';
}
-
- $this->hostname .= ";dbname=".$this->database;
-
+
+ empty($this->database) OR $this->hostname .= ';dbname='.$this->database;
+
$this->trans_enabled = FALSE;
$this->_random_keyword = ' RND('.time().')'; // database specific random keyword
@@ -94,7 +94,7 @@ class CI_DB_pdo_driver extends CI_DB {
function db_connect()
{
$this->options['PDO::ATTR_ERRMODE'] = PDO::ERRMODE_SILENT;
-
+
return new PDO($this->hostname, $this->username, $this->password, $this->options);
}
diff --git a/user_guide/changelog.html b/user_guide/changelog.html
index 55fbceeaf..4e332a013 100644
--- a/user_guide/changelog.html
+++ b/user_guide/changelog.html
@@ -86,6 +86,7 @@ Change Log
Fixed a bug (#538) - Windows paths were ignored when using the Image Manipulation Class to create a new file.
Fixed a bug - When database caching was enabled, $this->db->query() checked the cache before binding variables which resulted in cached queries never being found.
Fixed a bug - CSRF cookie value was allowed to be any (non-empty) string before being written to the output, making code injection a risk.
+
Fixed a bug (#726) - PDO put a 'dbname' argument in it's connection string regardless of the database platform in use, which made it impossible to use SQLite.
--
cgit v1.2.3-24-g4f1b
From 9fa8d404790833a098a8bbd855f1452897d6ff88 Mon Sep 17 00:00:00 2001
From: Rogerio Prado de Jesus
Date: Sat, 19 May 2012 13:38:26 -0300
Subject: Fix a issue with affect_rows in CI_DB_pdo_driver::_execute()
In case of SELECT queries PDOStatement::rowCount doesn't work as expected. This commit
makes affect_rows be initialized properly.
Signed-off-by: Rogerio Prado de Jesus
---
system/database/drivers/pdo/pdo_driver.php | 13 +++++++++++--
user_guide/changelog.html | 1 +
2 files changed, 12 insertions(+), 2 deletions(-)
diff --git a/system/database/drivers/pdo/pdo_driver.php b/system/database/drivers/pdo/pdo_driver.php
index c38b79c5a..952016848 100644
--- a/system/database/drivers/pdo/pdo_driver.php
+++ b/system/database/drivers/pdo/pdo_driver.php
@@ -189,11 +189,20 @@ class CI_DB_pdo_driver extends CI_DB {
function _execute($sql)
{
$sql = $this->_prep_query($sql);
- $result_id = $this->conn_id->query($sql);
+ $result_id = $this->conn_id->prepare($sql);
+ $result_id->execute();
if (is_object($result_id))
{
- $this->affect_rows = $result_id->rowCount();
+ if (is_numeric(stripos($sql, 'SELECT')))
+ {
+ $this->affect_rows = count($result_id->fetchAll());
+ $result_id->execute();
+ }
+ else
+ {
+ $this->affect_rows = $result_id->rowCount();
+ }
}
else
{
diff --git a/user_guide/changelog.html b/user_guide/changelog.html
index 4e332a013..e1a87d963 100644
--- a/user_guide/changelog.html
+++ b/user_guide/changelog.html
@@ -87,6 +87,7 @@ Change Log
Fixed a bug - When database caching was enabled, $this->db->query() checked the cache before binding variables which resulted in cached queries never being found.
Fixed a bug - CSRF cookie value was allowed to be any (non-empty) string before being written to the output, making code injection a risk.
Fixed a bug (#726) - PDO put a 'dbname' argument in it's connection string regardless of the database platform in use, which made it impossible to use SQLite.
+
Fixed a bug - CI_DB_pdo_driver::affect_row was not being initialized properly with SELECT queries, cause it was relying on PDOStatement::rowCount().
--
cgit v1.2.3-24-g4f1b
From 27738491fc11d0b9ce5670b2f6a7957fc421ee4b Mon Sep 17 00:00:00 2001
From: Rogerio Prado de Jesus
Date: Sat, 19 May 2012 13:45:44 -0300
Subject: Fix a issue with CI_DB_pdo_result::num_rows()
In case of SELECT queries PDOStatement::rowCount doesn't work as expected. This commit
makes it returns the expected value.
---
system/database/drivers/pdo/pdo_result.php | 13 ++++++++++++-
user_guide/changelog.html | 1 +
2 files changed, 13 insertions(+), 1 deletion(-)
diff --git a/system/database/drivers/pdo/pdo_result.php b/system/database/drivers/pdo/pdo_result.php
index 7f3058ff0..c05fbc908 100644
--- a/system/database/drivers/pdo/pdo_result.php
+++ b/system/database/drivers/pdo/pdo_result.php
@@ -34,7 +34,18 @@ class CI_DB_pdo_result extends CI_DB_result {
*/
function num_rows()
{
- return $this->result_id->rowCount();
+ if (is_numeric(stripos($this->result_id->queryString, 'SELECT')))
+ {
+ $dbh = $this->conn_id;
+ $query = $dbh->query($this->result_id->queryString);
+ $result = $query->fetchAll();
+ unset($dbh, $query);
+ return count($result);
+ }
+ else
+ {
+ return $this->result_id->rowCount();
+ }
}
// --------------------------------------------------------------------
diff --git a/user_guide/changelog.html b/user_guide/changelog.html
index e1a87d963..ca1a55bac 100644
--- a/user_guide/changelog.html
+++ b/user_guide/changelog.html
@@ -88,6 +88,7 @@ Change Log
Fixed a bug - CSRF cookie value was allowed to be any (non-empty) string before being written to the output, making code injection a risk.
Fixed a bug (#726) - PDO put a 'dbname' argument in it's connection string regardless of the database platform in use, which made it impossible to use SQLite.
Fixed a bug - CI_DB_pdo_driver::affect_row was not being initialized properly with SELECT queries, cause it was relying on PDOStatement::rowCount().
+
Fixed a bug - CI_DB_pdo_result::num_rows() was not returning properly value with SELECT queries, cause it was relying on PDOStatement::rowCount().
--
cgit v1.2.3-24-g4f1b
From 74b648c2da3ee5d92920cea2355ccf36d5e0519e Mon Sep 17 00:00:00 2001
From: Nithin
Date: Sun, 21 Aug 2011 01:23:47 -0300
Subject: Added ability to _like paramater side to use 'none', in case one
wants to query like instead of where without case being sensitive
---
system/database/DB_active_rec.php | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/system/database/DB_active_rec.php b/system/database/DB_active_rec.php
index 7bab729f5..841ede28e 100644
--- a/system/database/DB_active_rec.php
+++ b/system/database/DB_active_rec.php
@@ -660,8 +660,12 @@ class CI_DB_active_record extends CI_DB_driver {
$prefix = (count($this->ar_like) == 0) ? '' : $type;
$v = $this->escape_like_str($v);
-
- if ($side == 'before')
+
+ if ($side == 'none')
+ {
+ $like_statement = $prefix." $k $not LIKE '{$v}'";
+ }
+ elseif ($side == 'before')
{
$like_statement = $prefix." $k $not LIKE '%{$v}'";
}
--
cgit v1.2.3-24-g4f1b
From e65f4893c9b3e7c2b34e0fef7c7de04112329063 Mon Sep 17 00:00:00 2001
From: Phil Sturgeon
Date: Wed, 23 May 2012 19:27:54 +0200
Subject: Removed the starting slash from uri_string() documentation.
---
user_guide/libraries/uri.html | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/user_guide/libraries/uri.html b/user_guide/libraries/uri.html
index f04bb9f10..663fca5bc 100644
--- a/user_guide/libraries/uri.html
+++ b/user_guide/libraries/uri.html
@@ -191,7 +191,7 @@ $str = $this->uri->assoc_to_uri($array);
Fixed a bug (#1059) - CI_Image_lib::clear() was not correctly clearing all necessary object properties, namely width and height.
Fixed a bug (#697) - A wrong array key was used in the Upload library to check for mime-types.
Fixed a bug - form_open() compared $action against site_url() instead of base_url()
Fixed a bug - CI_Upload::_file_mime_type() could've failed if mime_content_type() is used for the detection and returns FALSE.
--
cgit v1.2.3-24-g4f1b
From bc602d8b8e125597bfd557949e846ff5a258b858 Mon Sep 17 00:00:00 2001
From: Andrey Andreev
Date: Thu, 24 May 2012 19:42:16 +0300
Subject: Fix issue #1387
---
system/database/DB_active_rec.php | 4 ++--
system/database/DB_driver.php | 22 ++++++++++++----------
user_guide/changelog.html | 4 ++--
3 files changed, 16 insertions(+), 14 deletions(-)
diff --git a/system/database/DB_active_rec.php b/system/database/DB_active_rec.php
index 841ede28e..10febb1fc 100644
--- a/system/database/DB_active_rec.php
+++ b/system/database/DB_active_rec.php
@@ -255,7 +255,7 @@ class CI_DB_active_record extends CI_DB_driver {
*/
public function from($from)
{
- foreach ((array)$from as $val)
+ foreach ((array) $from as $val)
{
if (strpos($val, ',') !== FALSE)
{
@@ -1647,7 +1647,7 @@ class CI_DB_active_record extends CI_DB_driver {
if (strpos($table, " ") !== FALSE)
{
// if the alias is written with the AS keyword, remove it
- $table = preg_replace('/ AS /i', ' ', $table);
+ $table = preg_replace('/\s+AS\s+/i', ' ', $table);
// Grab the alias
$table = trim(strrchr($table, " "));
diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php
index 6161f149b..c25752824 100644
--- a/system/database/DB_driver.php
+++ b/system/database/DB_driver.php
@@ -1263,15 +1263,20 @@ class CI_DB_driver {
}
// Convert tabs or multiple spaces into single spaces
- $item = preg_replace('/[\t ]+/', ' ', $item);
+ $item = preg_replace('/\s+/', ' ', $item);
// If the item has an alias declaration we remove it and set it aside.
// Basically we remove everything to the right of the first space
- $alias = '';
- if (strpos($item, ' ') !== FALSE)
+ if (preg_match('/^([^\s]+) (AS )*(.+)$/i', $item, $matches))
{
- $alias = strstr($item, " ");
- $item = substr($item, 0, - strlen($alias));
+ $item = $matches[1];
+
+ // Escape the alias
+ $alias = ' '.$matches[2].$this->escape_identifiers($matches[3]);
+ }
+ else
+ {
+ $alias = '';
}
// This is basically a bug fix for queries that use MAX, MIN, etc.
@@ -1387,7 +1392,7 @@ class CI_DB_driver {
return $item.$alias;
}
-
+
// --------------------------------------------------------------------
/**
@@ -1395,16 +1400,13 @@ class CI_DB_driver {
*
* This function is used extensively by every db driver.
*
- * @access private
* @return void
*/
protected function _reset_select()
{
-
}
}
-
/* End of file DB_driver.php */
-/* Location: ./system/database/DB_driver.php */
+/* Location: ./system/database/DB_driver.php */
\ No newline at end of file
diff --git a/user_guide/changelog.html b/user_guide/changelog.html
index e0139775a..266ae8652 100644
--- a/user_guide/changelog.html
+++ b/user_guide/changelog.html
@@ -80,7 +80,6 @@ Change Log
Bug fixes for 2.1.1
-
Fixed a bug (#1059) - CI_Image_lib::clear() was not correctly clearing all necessary object properties, namely width and height.
Fixed a bug (#697) - A wrong array key was used in the Upload library to check for mime-types.
Fixed a bug - form_open() compared $action against site_url() instead of base_url()
Fixed a bug - CI_Upload::_file_mime_type() could've failed if mime_content_type() is used for the detection and returns FALSE.
@@ -88,8 +87,9 @@ Change Log
Fixed a bug - When database caching was enabled, $this->db->query() checked the cache before binding variables which resulted in cached queries never being found.
Fixed a bug - CSRF cookie value was allowed to be any (non-empty) string before being written to the output, making code injection a risk.
Fixed a bug (#726) - PDO put a 'dbname' argument in it's connection string regardless of the database platform in use, which made it impossible to use SQLite.
-
Fixed a bug - CI_DB_pdo_driver::affect_row was not being initialized properly with SELECT queries, cause it was relying on PDOStatement::rowCount().
Fixed a bug - CI_DB_pdo_result::num_rows() was not returning properly value with SELECT queries, cause it was relying on PDOStatement::rowCount().
+
Fixed a bug (#1059) - CI_Image_lib::clear() was not correctly clearing all necessary object properties, namely width and height.
+
Fixed a bug (#1387) - Active Record's from() method didn't escape table aliases.
--
cgit v1.2.3-24-g4f1b
From 10a4724f7a8113c5e23f113a37709c78406de7f2 Mon Sep 17 00:00:00 2001
From: Phil Sturgeon
Date: Thu, 24 May 2012 17:58:17 +0100
Subject: Stop travis trying to run unit tests on 2.1-stable.
---
.travis.yml | 4 ++++
1 file changed, 4 insertions(+)
create mode 100644 .travis.yml
diff --git a/.travis.yml b/.travis.yml
new file mode 100644
index 000000000..b3456f3a8
--- /dev/null
+++ b/.travis.yml
@@ -0,0 +1,4 @@
+branches:
+ except:
+ - 2.1-stable
+ - master
\ No newline at end of file
--
cgit v1.2.3-24-g4f1b
From 9b655400c9519407d1d33a75323b9f4fdac42766 Mon Sep 17 00:00:00 2001
From: Andrey Andreev
Date: Sun, 27 May 2012 16:07:57 +0300
Subject: Fix an erroneus method name
---
system/database/DB_driver.php | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php
index c25752824..858ec356d 100644
--- a/system/database/DB_driver.php
+++ b/system/database/DB_driver.php
@@ -1272,7 +1272,7 @@ class CI_DB_driver {
$item = $matches[1];
// Escape the alias
- $alias = ' '.$matches[2].$this->escape_identifiers($matches[3]);
+ $alias = ' '.$matches[2].$this->_escape_identifiers($matches[3]);
}
else
{
--
cgit v1.2.3-24-g4f1b
From da33cb5df443c41dce75cdf756ea4c3234b510fb Mon Sep 17 00:00:00 2001
From: Phil Sturgeon
Date: Sun, 27 May 2012 20:28:18 +0100
Subject: Driver_Library had $lib_name set as static, and used non-static
---
system/libraries/Driver.php | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/system/libraries/Driver.php b/system/libraries/Driver.php
index 9881c1eec..a199d45f0 100644
--- a/system/libraries/Driver.php
+++ b/system/libraries/Driver.php
@@ -30,7 +30,7 @@
class CI_Driver_Library {
protected $valid_drivers = array();
- protected static $lib_name;
+ protected $lib_name;
// The first time a child is used it won't exist, so we instantiate it
// subsequents calls will go straight to the proper child.
--
cgit v1.2.3-24-g4f1b
From 0a14913fe54e269e535c1f66f715823fa731c843 Mon Sep 17 00:00:00 2001
From: Pascal Kriete
Date: Thu, 7 Jun 2012 16:15:51 -0400
Subject: Adding IPv6 support to the Input and Form_validation libraries.
---
system/core/Input.php | 134 +++++++++++++++++++++++++++++-
system/libraries/Form_validation.php | 5 +-
user_guide/libraries/form_validation.html | 2 +-
user_guide/libraries/input.html | 2 +-
4 files changed, 136 insertions(+), 7 deletions(-)
diff --git a/system/core/Input.php b/system/core/Input.php
index 9bfb5f1fb..4b7622cbe 100755
--- a/system/core/Input.php
+++ b/system/core/Input.php
@@ -365,13 +365,66 @@ class CI_Input {
/**
* Validate IP Address
*
+ * @access public
+ * @param string
+ * @param string ipv4 or ipv6
+ * @return bool
+ */
+ public function valid_ip($ip, $which = '')
+ {
+ $which = strtolower($which);
+
+ // First check if filter_var is available
+ if (is_callable('filter_var'))
+ {
+ switch ($which) {
+ case 'ipv4':
+ $flag = FILTER_FLAG_IPV4;
+ break;
+ case 'ipv6':
+ $flag = FILTER_FLAG_IPV6;
+ break;
+ default:
+ $flag = '';
+ break;
+ }
+
+ return filter_var($ip, FILTER_VALIDATE_IP, $flag) !== FALSE;
+ }
+
+ // If it's not we'll do it manually
+ if ($which != 'ipv6' OR $which != 'ipv4')
+ {
+ if (strpos($ip, ':') !== FALSE)
+ {
+ $which = 'ipv6';
+ }
+ elseif (strpos($ip, '.') !== FALSE)
+ {
+ $which = 'ipv4';
+ }
+ else
+ {
+ return FALSE;
+ }
+ }
+
+ $func = '_valid_'.$which;
+ return $this->$func($ip);
+ }
+
+ // --------------------------------------------------------------------
+
+ /**
+ * Validate IPv4 Address
+ *
* Updated version suggested by Geert De Deckere
*
- * @access public
+ * @access protected
* @param string
- * @return string
+ * @return bool
*/
- function valid_ip($ip)
+ protected function _valid_ipv4($ip)
{
$ip_segments = explode('.', $ip);
@@ -385,6 +438,7 @@ class CI_Input {
{
return FALSE;
}
+
// Check each segment
foreach ($ip_segments as $segment)
{
@@ -398,6 +452,80 @@ class CI_Input {
return TRUE;
}
+
+ // --------------------------------------------------------------------
+
+ /**
+ * Validate IPv6 Address
+ *
+ * @access protected
+ * @param string
+ * @return bool
+ */
+ protected function _valid_ipv6($str)
+ {
+ // 8 groups, separated by :
+ // 0-ffff per group
+ // one set of consecutive 0 groups can be collapsed to ::
+
+ $groups = 8;
+ $collapsed = FALSE;
+
+ $chunks = array_filter(
+ preg_split('/(:{1,2})/', $str, NULL, PREG_SPLIT_DELIM_CAPTURE)
+ );
+
+ // Rule out easy nonsense
+ if (current($chunks) == ':' OR end($chunks) == ':')
+ {
+ return FALSE;
+ }
+
+ // PHP supports IPv4-mapped IPv6 addresses, so we'll expect those as well
+ if (strpos(end($chunks), '.') !== FALSE)
+ {
+ $ipv4 = array_pop($chunks);
+
+ if ( ! $this->_valid_ipv4($ipv4))
+ {
+ return FALSE;
+ }
+
+ $groups--;
+ }
+
+ while ($seg = array_pop($chunks))
+ {
+ if ($seg[0] == ':')
+ {
+ if (--$groups == 0)
+ {
+ return FALSE; // too many groups
+ }
+
+ if (strlen($seg) > 2)
+ {
+ return FALSE; // long separator
+ }
+
+ if ($seg == '::')
+ {
+ if ($collapsed)
+ {
+ return FALSE; // multiple collapsed
+ }
+
+ $collapsed = TRUE;
+ }
+ }
+ elseif (preg_match("/[^0-9a-f]/i", $seg) OR strlen($seg) > 4)
+ {
+ return FALSE; // invalid segment
+ }
+ }
+
+ return $collapsed OR $groups == 1;
+ }
// --------------------------------------------------------------------
diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php
index a34809e05..9aab5da4b 100644
--- a/system/libraries/Form_validation.php
+++ b/system/libraries/Form_validation.php
@@ -1079,11 +1079,12 @@ class CI_Form_validation {
*
* @access public
* @param string
+ * @param string "ipv4" or "ipv6" to validate a specific ip format
* @return string
*/
- public function valid_ip($ip)
+ public function valid_ip($ip, $which = '')
{
- return $this->CI->input->valid_ip($ip);
+ return $this->CI->input->valid_ip($ip, $which);
}
// --------------------------------------------------------------------
diff --git a/user_guide/libraries/form_validation.html b/user_guide/libraries/form_validation.html
index 2028bcd2c..f13ece0d7 100644
--- a/user_guide/libraries/form_validation.html
+++ b/user_guide/libraries/form_validation.html
@@ -1058,7 +1058,7 @@ POST array:
valid_ip
No
-
Returns FALSE if the supplied IP is not valid.
+
Returns FALSE if the supplied IP is not valid. Accepts an optional parameter of "IPv4" or "IPv6" to specify an IP format.
Before performing an update you should take your site offline by replacing the index.php file with a static one.
+
+
Step 1: Update your CodeIgniter files
+
+
Replace all files and directories in your "system" folder and replace your index.php file. If any modifications were made to your index.php they will need to be made fresh in this new one.
+
+
Note: If you have any custom developed files in these folders please make copies of them first.
+
+
Step 2: Update your IP address tables:
+
+
This upgrade adds support for IPv6 IP addresses. In order to store them, you need to enlarge your ip_address columns to 45 characters. For example, CodeIgniter's session table will need to change:
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/user_guide/installation/upgrading.html b/user_guide/installation/upgrading.html
index c3f5ae6dd..01e1e2248 100644
--- a/user_guide/installation/upgrading.html
+++ b/user_guide/installation/upgrading.html
@@ -60,6 +60,7 @@ Upgrading from a Previous Version
Please read the upgrade notes corresponding to the version you are upgrading from.