From 80c20dcfded0df95457acf5cd9b437d2a268bc85 Mon Sep 17 00:00:00 2001
From: Andrey Andreev <narf@devilix.net>
Date: Fri, 10 May 2019 20:29:48 +0300
Subject: [ci skip] Fix #5755

---
 system/libraries/Form_validation.php                 | 7 +++++++
 tests/codeigniter/libraries/Form_validation_test.php | 3 +++
 user_guide_src/source/changelog.rst                  | 1 +
 3 files changed, 11 insertions(+)

diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php
index 1bd55499a..fdf202010 100644
--- a/system/libraries/Form_validation.php
+++ b/system/libraries/Form_validation.php
@@ -1208,6 +1208,13 @@ class CI_Form_validation {
 			$str = $matches[2];
 		}
 
+		// Apparently, FILTER_VALIDATE_URL doesn't reject digit-only names for some reason ...
+		// See https://github.com/bcit-ci/CodeIgniter/issues/5755
+		if (ctype_digit($str))
+		{
+			return FALSE;
+		}
+
 		// PHP 7 accepts IPv6 addresses within square brackets as hostnames,
 		// but it appears that the PR that came in with https://bugs.php.net/bug.php?id=68039
 		// was never merged into a PHP 5 branch ... https://3v4l.org/8PsSN
diff --git a/tests/codeigniter/libraries/Form_validation_test.php b/tests/codeigniter/libraries/Form_validation_test.php
index 3280f5bd8..6872b3abd 100644
--- a/tests/codeigniter/libraries/Form_validation_test.php
+++ b/tests/codeigniter/libraries/Form_validation_test.php
@@ -262,6 +262,9 @@ class Form_validation_test extends CI_TestCase {
 		// URI scheme case-sensitivity: https://github.com/bcit-ci/CodeIgniter/pull/4758
 		$this->assertTrue($this->form_validation->valid_url('HtTp://127.0.0.1/'));
 
+		// https://github.com/bcit-ci/CodeIgniter/issues/5755
+		$this->assertFalse($this->form_validation->valid_url('1'));
+
 		$this->assertFalse($this->form_validation->valid_url('htt://www.codeIgniter.com'));
 		$this->assertFalse($this->form_validation->valid_url(''));
 		$this->assertFalse($this->form_validation->valid_url('code igniter'));
diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst
index 3ec908626..aeea47578 100644
--- a/user_guide_src/source/changelog.rst
+++ b/user_guide_src/source/changelog.rst
@@ -20,6 +20,7 @@ Bug fixes for 3.1.11
 -  Fixed a bug (#5708) - :doc:`Session Library <libraries/session>` 'redis' driver too often failed with locking-related errors that could've been avoided.
 -  Fixed a bug (#5703) - :doc:`Session Library <libraries/session>` triggered an ``E_WARNING`` message about changing ``session.save_path`` during an active session when it fails to obtain a lock.
 -  Fixed a bug where :doc:`Session Library <libraries/session>` 'database' driver didn't trigger a failure if it can't obtain a lock.
+-  Fixed a bug (#5755) - :doc:`Form Validation Library <libraries/form_validation>` rule **valid_url** accepted digit-only domains due to a PHP bug.
 
 Version 3.1.10
 ==============
-- 
cgit v1.2.3-24-g4f1b