From 817163a1bcff02285f763bcf72ff02e86f218cf8 Mon Sep 17 00:00:00 2001
From: Derek Jones
Date: Sat, 11 Jul 2009 17:05:58 +0000
Subject: Modified show_error() to allow sending of HTTP server response codes.
Added set_status_header() to the Common functions to allow use when the Output class is unavailable.
Fixed a bug where the 400 status header sent with the 'disallowed URI characters' was not compatible with CGI environments.
---
system/codeigniter/Common.php | 89 +++++++++++++++++++++++++++++++-
system/libraries/Exceptions.php | 4 +-
system/libraries/Output.php | 75 ++-------------------------
system/libraries/URI.php | 3 +-
user_guide/changelog.html | 7 +++
user_guide/general/common_functions.html | 17 ++++++
user_guide/general/errors.html | 3 +-
user_guide/libraries/output.html | 2 +-
8 files changed, 121 insertions(+), 79 deletions(-)
diff --git a/system/codeigniter/Common.php b/system/codeigniter/Common.php
index c7f95688f..340be2454 100644
--- a/system/codeigniter/Common.php
+++ b/system/codeigniter/Common.php
@@ -203,10 +203,10 @@ function config_item($item)
* @access public
* @return void
*/
-function show_error($message)
+function show_error($message, $status_code = 500)
{
$error =& load_class('Exceptions');
- echo $error->show_error('An Error Was Encountered', $message);
+ echo $error->show_error('An Error Was Encountered', $message, 'error_general', $status_code);
exit;
}
@@ -252,6 +252,91 @@ function log_message($level = 'error', $message, $php_error = FALSE)
$LOG->write_log($level, $message, $php_error);
}
+
+/**
+ * Set HTTP Status Header
+ *
+ * @access public
+ * @param int the status code
+ * @param string
+ * @return void
+ */
+function set_status_header($code = 200, $text = '')
+{
+ $stati = array(
+ 200 => 'OK',
+ 201 => 'Created',
+ 202 => 'Accepted',
+ 203 => 'Non-Authoritative Information',
+ 204 => 'No Content',
+ 205 => 'Reset Content',
+ 206 => 'Partial Content',
+
+ 300 => 'Multiple Choices',
+ 301 => 'Moved Permanently',
+ 302 => 'Found',
+ 304 => 'Not Modified',
+ 305 => 'Use Proxy',
+ 307 => 'Temporary Redirect',
+
+ 400 => 'Bad Request',
+ 401 => 'Unauthorized',
+ 403 => 'Forbidden',
+ 404 => 'Not Found',
+ 405 => 'Method Not Allowed',
+ 406 => 'Not Acceptable',
+ 407 => 'Proxy Authentication Required',
+ 408 => 'Request Timeout',
+ 409 => 'Conflict',
+ 410 => 'Gone',
+ 411 => 'Length Required',
+ 412 => 'Precondition Failed',
+ 413 => 'Request Entity Too Large',
+ 414 => 'Request-URI Too Long',
+ 415 => 'Unsupported Media Type',
+ 416 => 'Requested Range Not Satisfiable',
+ 417 => 'Expectation Failed',
+
+ 500 => 'Internal Server Error',
+ 501 => 'Not Implemented',
+ 502 => 'Bad Gateway',
+ 503 => 'Service Unavailable',
+ 504 => 'Gateway Timeout',
+ 505 => 'HTTP Version Not Supported'
+ );
+
+ if ($code == '' OR ! is_numeric($code))
+ {
+ show_error('Status codes must be numeric', 500);
+ }
+
+ if (isset($stati[$code]) AND $text == '')
+ {
+ $text = $stati[$code];
+ }
+
+ if ($text == '')
+ {
+ show_error('No status text available. Please check your status code number or supply your own message text.', 500);
+ }
+
+ $server_protocol = (isset($_SERVER['SERVER_PROTOCOL'])) ? $_SERVER['SERVER_PROTOCOL'] : FALSE;
+
+ if (substr(php_sapi_name(), 0, 3) == 'cgi')
+ {
+ header("Status: {$code} {$text}", TRUE);
+ }
+ elseif ($server_protocol == 'HTTP/1.1' OR $server_protocol == 'HTTP/1.0')
+ {
+ header($server_protocol." {$code} {$text}", TRUE, $code);
+ }
+ else
+ {
+ header("HTTP/1.1 {$code} {$text}", TRUE, $code);
+ }
+}
+
+
/**
* Exception Handler
*
diff --git a/system/libraries/Exceptions.php b/system/libraries/Exceptions.php
index 902b574fc..1f99d01c3 100644
--- a/system/libraries/Exceptions.php
+++ b/system/libraries/Exceptions.php
@@ -113,8 +113,10 @@ class CI_Exceptions {
* @param string the template name
* @return string
*/
- function show_error($heading, $message, $template = 'error_general')
+ function show_error($heading, $message, $template = 'error_general', $status_code = 500)
{
+ set_status_header($status_code);
+
$message = ''.implode('
', ( ! is_array($message)) ? array($message) : $message).'
';
if (ob_get_level() > $this->ob_level + 1)
diff --git a/system/libraries/Output.php b/system/libraries/Output.php
index 6bfb9c7eb..4423ac726 100644
--- a/system/libraries/Output.php
+++ b/system/libraries/Output.php
@@ -116,7 +116,8 @@ class CI_Output {
/**
* Set HTTP Status Header
- *
+ * moved to Common procedural functions in 1.7.2
+ *
* @access public
* @param int the status code
* @param string
@@ -124,77 +125,7 @@ class CI_Output {
*/
function set_status_header($code = '200', $text = '')
{
- $stati = array(
- '200' => 'OK',
- '201' => 'Created',
- '202' => 'Accepted',
- '203' => 'Non-Authoritative Information',
- '204' => 'No Content',
- '205' => 'Reset Content',
- '206' => 'Partial Content',
-
- '300' => 'Multiple Choices',
- '301' => 'Moved Permanently',
- '302' => 'Found',
- '304' => 'Not Modified',
- '305' => 'Use Proxy',
- '307' => 'Temporary Redirect',
-
- '400' => 'Bad Request',
- '401' => 'Unauthorized',
- '403' => 'Forbidden',
- '404' => 'Not Found',
- '405' => 'Method Not Allowed',
- '406' => 'Not Acceptable',
- '407' => 'Proxy Authentication Required',
- '408' => 'Request Timeout',
- '409' => 'Conflict',
- '410' => 'Gone',
- '411' => 'Length Required',
- '412' => 'Precondition Failed',
- '413' => 'Request Entity Too Large',
- '414' => 'Request-URI Too Long',
- '415' => 'Unsupported Media Type',
- '416' => 'Requested Range Not Satisfiable',
- '417' => 'Expectation Failed',
-
- '500' => 'Internal Server Error',
- '501' => 'Not Implemented',
- '502' => 'Bad Gateway',
- '503' => 'Service Unavailable',
- '504' => 'Gateway Timeout',
- '505' => 'HTTP Version Not Supported'
- );
-
- if ($code == '' OR ! is_numeric($code))
- {
- show_error('Status codes must be numeric');
- }
-
- if (isset($stati[$code]) AND $text == '')
- {
- $text = $stati[$code];
- }
-
- if ($text == '')
- {
- show_error('No status text available. Please check your status code number or supply your own message text.');
- }
-
- $server_protocol = (isset($_SERVER['SERVER_PROTOCOL'])) ? $_SERVER['SERVER_PROTOCOL'] : FALSE;
-
- if (substr(php_sapi_name(), 0, 3) == 'cgi')
- {
- header("Status: {$code} {$text}", TRUE);
- }
- elseif ($server_protocol == 'HTTP/1.1' OR $server_protocol == 'HTTP/1.0')
- {
- header($server_protocol." {$code} {$text}", TRUE, $code);
- }
- else
- {
- header("HTTP/1.1 {$code} {$text}", TRUE, $code);
- }
+ set_status_header($code, $text);
}
// --------------------------------------------------------------------
diff --git a/system/libraries/URI.php b/system/libraries/URI.php
index f09a5cd7c..efc7a18b3 100644
--- a/system/libraries/URI.php
+++ b/system/libraries/URI.php
@@ -188,8 +188,7 @@ class CI_URI {
{
if ( ! preg_match("|^[".preg_quote($this->config->item('permitted_uri_chars'))."]+$|i", $str))
{
- header('HTTP/1.1 400 Bad Request');
- show_error('The URI you submitted has disallowed characters.');
+ show_error('The URI you submitted has disallowed characters.', 400);
}
}
diff --git a/user_guide/changelog.html b/user_guide/changelog.html
index 323467b6e..e4199cd35 100644
--- a/user_guide/changelog.html
+++ b/user_guide/changelog.html
@@ -85,6 +85,12 @@ SVN Revision:
Modified directory_map() in the Directory helper to allow the inclusion of hidden files.
+ General
+
+
Bug fixes for 1.7.2
@@ -102,6 +108,7 @@ SVN Revision:
Fixed a case sensitive string replacement in xss_clean()
Fixed a bug in form_prep() causing it to not preserve entities in the user's original input when called back into a form element
Fixed a bug in _protect_identifiers() where the swap prefix ($swap_pre) was not being observed.
+ Fixed a bug where the 400 status header sent with the 'disallowed URI characters' was not compatible with CGI environments.
Version 1.7.1
diff --git a/user_guide/general/common_functions.html b/user_guide/general/common_functions.html
index df5dfea6e..980a5a969 100644
--- a/user_guide/general/common_functions.html
+++ b/user_guide/general/common_functions.html
@@ -58,8 +58,11 @@ Auto-loading Resources
Common Functions
CodeIgniter uses a few functions for its operation that are globally defined, and are available to you at any point. These do not require loading any libraries or helpers.
+
is_really_writable('path/to/file')
+
is_writable() returns TRUE on Windows servers when you really can't write to the file as the OS reports to PHP as FALSE only if the read-only attribute is marked. This function determines if a file is actually writable by attempting to write to it first. Generally only recommended on platforms where this information may be unreliable.
+
if (is_really_writable('file.txt'))
{
echo "I could write to this if I wanted to";
@@ -68,11 +71,25 @@ else
{
echo "File is not writable";
}
+
config_item('item_key')
The Config library is the preferred way of accessing configuration information, however config_item() can be used to retrieve single keys. See Config library documentation for more information.
+
show_error('message'), show_404('page'), log_message('level', 'message')
These are each outlined on the Error Handling page.
+
+set_status_header(code, 'text');
+
+Permits you to manually set a server status header. Example:
+
+set_status_header(401);
+// Sets the header as: Unauthorized
+
+See here for a full list of headers.
+
+
+
diff --git a/user_guide/general/errors.html b/user_guide/general/errors.html
index c1bb69119..af1184593 100644
--- a/user_guide/general/errors.html
+++ b/user_guide/general/errors.html
@@ -71,9 +71,10 @@ about class/function scoping.
The following functions let you generate errors:
-show_error('message')
+show_error('message' [, int $status_code= 500 ] )
This function will display the error message supplied to it using the following error template:
application/errors/error_general.php
+The optional parameter $status_code determines what HTTP status code should be sent with the error.
show_404('page')
This function will display the 404 error message supplied to it using the following error template:
diff --git a/user_guide/libraries/output.html b/user_guide/libraries/output.html
index 6d75fe7b2..ba6a0d333 100644
--- a/user_guide/libraries/output.html
+++ b/user_guide/libraries/output.html
@@ -100,7 +100,7 @@ $this->output->set_header("Cache-Control: post-check=0, pre-check=0");
$this->output->set_header("Pragma: no-cache");
-$this->output->set_status_header();
+$this->output->set_status_header(code, 'text');
Permits you to manually set a server status header. Example:
--
cgit v1.2.3-24-g4f1b