From 31d28fda8bd01ff0c7a2f196bf072bf9d84a83fe Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 31 Oct 2016 09:35:29 +0200 Subject: Merge pull request #4886 from tianhe1986/develop_dbdriver_quote Detect double-quoted strings in DB::compile_binds() --- system/database/DB_driver.php | 2 +- system/database/drivers/odbc/odbc_driver.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php index 7ae52a307..fcc15eee5 100644 --- a/system/database/DB_driver.php +++ b/system/database/DB_driver.php @@ -1000,7 +1000,7 @@ abstract class CI_DB_driver { $ml = strlen($this->bind_marker); // Make sure not to replace a chunk inside a string that happens to match the bind marker - if ($c = preg_match_all("/'[^']*'/i", $sql, $matches)) + if ($c = preg_match_all("/(['\"])[^\\1]*\\1/i", $sql, $matches)) { $c = preg_match_all('/'.preg_quote($this->bind_marker, '/').'/i', str_replace($matches[0], diff --git a/system/database/drivers/odbc/odbc_driver.php b/system/database/drivers/odbc/odbc_driver.php index dbce1cf79..b5512fd76 100644 --- a/system/database/drivers/odbc/odbc_driver.php +++ b/system/database/drivers/odbc/odbc_driver.php @@ -172,7 +172,7 @@ class CI_DB_odbc_driver extends CI_DB_driver { $ml = strlen($this->bind_marker); // Make sure not to replace a chunk inside a string that happens to match the bind marker - if ($c = preg_match_all("/'[^']*'/i", $sql, $matches)) + if ($c = preg_match_all("/(['\"])[^\\1]*\\1/i", $sql, $matches)) { $c = preg_match_all('/'.preg_quote($this->bind_marker, '/').'/i', str_replace($matches[0], -- cgit v1.2.3-24-g4f1b From 6488fc75567b93b4ad1a9ec9ff153c646c379da2 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 31 Oct 2016 09:38:25 +0200 Subject: [ci skip] Add changelog entry for #4886 --- user_guide_src/source/changelog.rst | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index 437fdbabe..47b8fecf2 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -2,6 +2,16 @@ Change Log ########## +Version 3.1.3 +============= + +Release Date: Not Released + +Bug fixes for 3.1.3 +------------------- + +- Fixed a bug (#4886) - :doc:`Database Library ` didn't differentiate bind markers inside double-quoted strings in queries. + Version 3.1.2 ============= -- cgit v1.2.3-24-g4f1b From 14a6c2e2925724b5bf814dc895e14535dfa0aa09 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 31 Oct 2016 10:04:17 +0200 Subject: Fix #4890 --- system/libraries/Xmlrpcs.php | 8 ++++---- user_guide_src/source/changelog.rst | 1 + 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/system/libraries/Xmlrpcs.php b/system/libraries/Xmlrpcs.php index afcdbe68c..f343a7ec0 100644 --- a/system/libraries/Xmlrpcs.php +++ b/system/libraries/Xmlrpcs.php @@ -339,11 +339,11 @@ class CI_Xmlrpcs extends CI_Xmlrpc { //------------------------------------- $method_parts = explode('.', $this->methods[$methName]['function']); - $objectCall = (isset($method_parts[1]) && $method_parts[1] !== ''); + $objectCall = ! empty($method_parts[1]); if ($system_call === TRUE) { - if ( ! is_callable(array($this,$method_parts[1]))) + if ( ! is_callable(array($this, $method_parts[1]))) { return new XML_RPC_Response(0, $this->xmlrpcerr['unknown_method'], $this->xmlrpcstr['unknown_method']); } @@ -400,11 +400,11 @@ class CI_Xmlrpcs extends CI_Xmlrpc { } elseif ($this->object === FALSE) { - return get_instance()->$method_parts[1]($m); + return get_instance()->{$method_parts[1]}($m); } else { - return $this->object->$method_parts[1]($m); + return $this->object->{$method_parts[1]}($m); } } else diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index 47b8fecf2..4a1ce3461 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -11,6 +11,7 @@ Bug fixes for 3.1.3 ------------------- - Fixed a bug (#4886) - :doc:`Database Library ` didn't differentiate bind markers inside double-quoted strings in queries. +- Fixed a bug (#4890) - :doc:`XML-RPC Library ` didn't work on PHP 7. Version 3.1.2 ============= -- cgit v1.2.3-24-g4f1b From 6b5464c5b8a97268aab3814b56a1413a9463a97f Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 31 Oct 2016 13:09:33 +0200 Subject: Merge pull request #4893 from tianhe1986/develop_fix_dbdriver_quote Fix compile_binds: do not use back references inside a character class. --- system/database/DB_driver.php | 2 +- system/database/drivers/odbc/odbc_driver.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php index fcc15eee5..151340596 100644 --- a/system/database/DB_driver.php +++ b/system/database/DB_driver.php @@ -1000,7 +1000,7 @@ abstract class CI_DB_driver { $ml = strlen($this->bind_marker); // Make sure not to replace a chunk inside a string that happens to match the bind marker - if ($c = preg_match_all("/(['\"])[^\\1]*\\1/i", $sql, $matches)) + if ($c = preg_match_all("/'[^']*'|\"[^\"]*\"/i", $sql, $matches)) { $c = preg_match_all('/'.preg_quote($this->bind_marker, '/').'/i', str_replace($matches[0], diff --git a/system/database/drivers/odbc/odbc_driver.php b/system/database/drivers/odbc/odbc_driver.php index b5512fd76..82efa498c 100644 --- a/system/database/drivers/odbc/odbc_driver.php +++ b/system/database/drivers/odbc/odbc_driver.php @@ -172,7 +172,7 @@ class CI_DB_odbc_driver extends CI_DB_driver { $ml = strlen($this->bind_marker); // Make sure not to replace a chunk inside a string that happens to match the bind marker - if ($c = preg_match_all("/(['\"])[^\\1]*\\1/i", $sql, $matches)) + if ($c = preg_match_all("/'[^']*'|\"[^\"]*\"/i", $sql, $matches)) { $c = preg_match_all('/'.preg_quote($this->bind_marker, '/').'/i', str_replace($matches[0], -- cgit v1.2.3-24-g4f1b From 7cc08237c2a15daf283e2bc61501bdc086740311 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 31 Oct 2016 16:19:46 +0200 Subject: [ci skip] Fix #4887 --- system/libraries/Upload.php | 36 +++++++++++++++++++++++------------- user_guide_src/source/changelog.rst | 1 + 2 files changed, 24 insertions(+), 13 deletions(-) diff --git a/system/libraries/Upload.php b/system/libraries/Upload.php index 23fd02ead..778ed6892 100644 --- a/system/libraries/Upload.php +++ b/system/libraries/Upload.php @@ -1218,21 +1218,31 @@ class CI_Upload { // We'll need this to validate the MIME info string (e.g. text/plain; charset=us-ascii) $regexp = '/^([a-z\-]+\/[a-z0-9\-\.\+]+)(;\s.+)?$/'; - // Fileinfo extension - most reliable method - $finfo = @finfo_open(FILEINFO_MIME); - if (is_resource($finfo)) // It is possible that a FALSE value is returned, if there is no magic MIME database file found on the system + /** + * Fileinfo extension - most reliable method + * + * Apparently XAMPP, CentOS, cPanel and who knows what + * other PHP distribution channels EXPLICITLY DISABLE + * ext/fileinfo, which is otherwise enabled by default + * since PHP 5.3 ... + */ + if (function_exists('finfo_file')) { - $mime = @finfo_file($finfo, $file['tmp_name']); - finfo_close($finfo); - - /* According to the comments section of the PHP manual page, - * it is possible that this function returns an empty string - * for some files (e.g. if they don't exist in the magic MIME database) - */ - if (is_string($mime) && preg_match($regexp, $mime, $matches)) + $finfo = @finfo_open(FILEINFO_MIME); + if (is_resource($finfo)) // It is possible that a FALSE value is returned, if there is no magic MIME database file found on the system { - $this->file_type = $matches[1]; - return; + $mime = @finfo_file($finfo, $file['tmp_name']); + finfo_close($finfo); + + /* According to the comments section of the PHP manual page, + * it is possible that this function returns an empty string + * for some files (e.g. if they don't exist in the magic MIME database) + */ + if (is_string($mime) && preg_match($regexp, $mime, $matches)) + { + $this->file_type = $matches[1]; + return; + } } } diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index 4a1ce3461..ffa0597b7 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -12,6 +12,7 @@ Bug fixes for 3.1.3 - Fixed a bug (#4886) - :doc:`Database Library ` didn't differentiate bind markers inside double-quoted strings in queries. - Fixed a bug (#4890) - :doc:`XML-RPC Library ` didn't work on PHP 7. +- Fixed a regression (#4887) - :doc:`File Uploading Library ` triggered fatal errors due to numerous PHP distribution channels (XAMPP and cPanel confirmed) explicitly disabling ext/fileinfo by default. Version 3.1.2 ============= -- cgit v1.2.3-24-g4f1b From 3a89d3c05303d25486576de3d056f39585decfe4 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 3 Nov 2016 16:26:31 +0200 Subject: Fix #4679, for real --- system/core/Input.php | 2 +- user_guide_src/source/changelog.rst | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/system/core/Input.php b/system/core/Input.php index b81d51ebf..24fe8a9cc 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -521,7 +521,7 @@ class CI_Input { $netaddr = explode(':', str_replace('::', str_repeat(':', 9 - substr_count($netaddr, ':')), $netaddr)); for ($j = 0; $j < 8; $j++) { - $netaddr[$i] = intval($netaddr[$j], 16); + $netaddr[$j] = intval($netaddr[$j], 16); } } else diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index ffa0597b7..e5c5ae050 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -13,6 +13,7 @@ Bug fixes for 3.1.3 - Fixed a bug (#4886) - :doc:`Database Library ` didn't differentiate bind markers inside double-quoted strings in queries. - Fixed a bug (#4890) - :doc:`XML-RPC Library ` didn't work on PHP 7. - Fixed a regression (#4887) - :doc:`File Uploading Library ` triggered fatal errors due to numerous PHP distribution channels (XAMPP and cPanel confirmed) explicitly disabling ext/fileinfo by default. +- Fixed a bug (#4679) - :doc:`Input Library ` method ``ip_address()`` didn't properly resolve ``$config['proxy_ips']`` IPv6 addresses. Version 3.1.2 ============= -- cgit v1.2.3-24-g4f1b From be8bd923329cf233fb3828afab5c3b4ceef296ec Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 7 Nov 2016 12:31:31 +0200 Subject: Fix #4902 --- system/libraries/Image_lib.php | 2 +- user_guide_src/source/changelog.rst | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/system/libraries/Image_lib.php b/system/libraries/Image_lib.php index 7ec8ba365..06cdde0b8 100644 --- a/system/libraries/Image_lib.php +++ b/system/libraries/Image_lib.php @@ -886,7 +886,7 @@ class CI_Image_lib { } } - $cmd .= escapeshellarg($this->full_src_path).' '.escapeshellarg($this->full_dst_path).' 2>&1'; + $cmd .= ' '.escapeshellarg($this->full_src_path).' '.escapeshellarg($this->full_dst_path).' 2>&1'; $retval = 1; // exec() might be disabled diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index e5c5ae050..e3183204c 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -14,6 +14,7 @@ Bug fixes for 3.1.3 - Fixed a bug (#4890) - :doc:`XML-RPC Library ` didn't work on PHP 7. - Fixed a regression (#4887) - :doc:`File Uploading Library ` triggered fatal errors due to numerous PHP distribution channels (XAMPP and cPanel confirmed) explicitly disabling ext/fileinfo by default. - Fixed a bug (#4679) - :doc:`Input Library ` method ``ip_address()`` didn't properly resolve ``$config['proxy_ips']`` IPv6 addresses. +- Fixed a bug (#4902) - :doc:`Image Manipulation Library ` processing via ImageMagick didn't work. Version 3.1.2 ============= -- cgit v1.2.3-24-g4f1b From 4015f9bd8342ad9e05ceae517967719907997434 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 14 Nov 2016 10:22:59 +0200 Subject: Fix #4905 --- system/core/Loader.php | 40 ++++++++----------------------------- user_guide_src/source/changelog.rst | 1 + 2 files changed, 9 insertions(+), 32 deletions(-) diff --git a/system/core/Loader.php b/system/core/Loader.php index d2c350816..1111481b7 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -591,15 +591,21 @@ class CI_Loader { */ public function helper($helpers = array()) { - foreach ($this->_ci_prep_filename($helpers, '_helper') as $helper) + is_array($helpers) OR $helpers = array($helpers); + foreach ($helpers as &$helper) { + $filename = basename($helper); + $filepath = ($filename === $helper) ? '' : substr($helper, 0, strlen($helper) - strlen($filename)); + $filename = strtolower(preg_replace('#(_helper)?(.php)?$#i', '', $filename)).'_helper'; + $helper = $filepath.$filename; + if (isset($this->_ci_helpers[$helper])) { continue; } // Is this a helper extension request? - $ext_helper = config_item('subclass_prefix').$helper; + $ext_helper = config_item('subclass_prefix').$filename; $ext_loaded = FALSE; foreach ($this->_ci_helper_paths as $path) { @@ -1404,34 +1410,4 @@ class CI_Loader { $CI =& get_instance(); return $CI->$component; } - - // -------------------------------------------------------------------- - - /** - * Prep filename - * - * This function prepares filenames of various items to - * make their loading more reliable. - * - * @param string|string[] $filename Filename(s) - * @param string $extension Filename extension - * @return array - */ - protected function _ci_prep_filename($filename, $extension) - { - if ( ! is_array($filename)) - { - return array(strtolower(str_replace(array($extension, '.php'), '', $filename).$extension)); - } - else - { - foreach ($filename as $key => $val) - { - $filename[$key] = strtolower(str_replace(array($extension, '.php'), '', $val).$extension); - } - - return $filename; - } - } - } diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index e3183204c..ab2309608 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -15,6 +15,7 @@ Bug fixes for 3.1.3 - Fixed a regression (#4887) - :doc:`File Uploading Library ` triggered fatal errors due to numerous PHP distribution channels (XAMPP and cPanel confirmed) explicitly disabling ext/fileinfo by default. - Fixed a bug (#4679) - :doc:`Input Library ` method ``ip_address()`` didn't properly resolve ``$config['proxy_ips']`` IPv6 addresses. - Fixed a bug (#4902) - :doc:`Image Manipulation Library ` processing via ImageMagick didn't work. +- Fixed a bug (#4905) - :doc:`Loader Library ` didn't take into account possible user-provided directory paths when loading helpers. Version 3.1.2 ============= -- cgit v1.2.3-24-g4f1b From 2c9fa80e413388fa68fecfcf8120d6161f1920d6 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 21 Nov 2016 11:53:53 +0200 Subject: [ci skip] Fix a changelog entry link --- user_guide_src/source/changelog.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index ab2309608..e8498b452 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -10,7 +10,7 @@ Release Date: Not Released Bug fixes for 3.1.3 ------------------- -- Fixed a bug (#4886) - :doc:`Database Library ` didn't differentiate bind markers inside double-quoted strings in queries. +- Fixed a bug (#4886) - :doc:`Database Library ` didn't differentiate bind markers inside double-quoted strings in queries. - Fixed a bug (#4890) - :doc:`XML-RPC Library ` didn't work on PHP 7. - Fixed a regression (#4887) - :doc:`File Uploading Library ` triggered fatal errors due to numerous PHP distribution channels (XAMPP and cPanel confirmed) explicitly disabling ext/fileinfo by default. - Fixed a bug (#4679) - :doc:`Input Library ` method ``ip_address()`` didn't properly resolve ``$config['proxy_ips']`` IPv6 addresses. -- cgit v1.2.3-24-g4f1b From 7622ec6b06221b767c6e99251fb8f0f881e48c8f Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 21 Nov 2016 11:56:21 +0200 Subject: [ci skip] Specify sphinxcontrib-phpdomain 0.1.3.post1 version Our Sphinx dependencies suck --- user_guide_src/README.rst | 4 ++-- user_guide_src/source/documentation/index.rst | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/user_guide_src/README.rst b/user_guide_src/README.rst index 188b42e88..d645adb73 100644 --- a/user_guide_src/README.rst +++ b/user_guide_src/README.rst @@ -24,7 +24,7 @@ Installation 1. Install `easy_install `_ 2. ``easy_install "sphinx==1.2.3"`` -3. ``easy_install sphinxcontrib-phpdomain`` +3. ``easy_install "sphinxcontrib-phpdomain==0.1.3.post1"`` 4. Install the CI Lexer which allows PHP, HTML, CSS, and JavaScript syntax highlighting in code examples (see *cilexer/README*) 5. ``cd user_guide_src`` 6. ``make html`` @@ -60,4 +60,4 @@ Style Guideline *************** Please refer to source/documentation/index.rst for general guidelines for -using Sphinx to document CodeIgniter. \ No newline at end of file +using Sphinx to document CodeIgniter. diff --git a/user_guide_src/source/documentation/index.rst b/user_guide_src/source/documentation/index.rst index 60c6b4ed6..aaac33ecb 100644 --- a/user_guide_src/source/documentation/index.rst +++ b/user_guide_src/source/documentation/index.rst @@ -18,7 +18,7 @@ It is created automatically by inserting the following: .. raw:: html -
+
.. contents:: :local: @@ -43,7 +43,7 @@ Pygments, so that code blocks can be properly highlighted. .. code-block:: bash easy_install "sphinx==1.2.3" - easy_install sphinxcontrib-phpdomain + easy_install "sphinxcontrib-phpdomain==0.1.3.post1" Then follow the directions in the README file in the :samp:`cilexer` folder inside the documentation repository to install the CI Lexer. @@ -199,4 +199,4 @@ It creates the following display: .. php:method:: should_do_something() :returns: Whether or not something should be done - :rtype: bool \ No newline at end of file + :rtype: bool -- cgit v1.2.3-24-g4f1b From e49aa1f1cb63ad90d6c2d204439f538dcc282243 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 22 Nov 2016 12:02:55 +0200 Subject: Fix #4916 --- system/libraries/Session/drivers/Session_database_driver.php | 4 ++-- user_guide_src/source/changelog.rst | 1 + 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/system/libraries/Session/drivers/Session_database_driver.php b/system/libraries/Session/drivers/Session_database_driver.php index cb152f91f..6a7282b23 100644 --- a/system/libraries/Session/drivers/Session_database_driver.php +++ b/system/libraries/Session/drivers/Session_database_driver.php @@ -354,7 +354,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan { if ($this->_platform === 'mysql') { - $arg = $session_id.($this->_config['match_ip'] ? '_'.$_SERVER['REMOTE_ADDR'] : ''); + $arg = md5($session_id.($this->_config['match_ip'] ? '_'.$_SERVER['REMOTE_ADDR'] : '')); if ($this->_db->query("SELECT GET_LOCK('".$arg."', 300) AS ci_session_lock")->row()->ci_session_lock) { $this->_lock = $arg; @@ -417,4 +417,4 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan return parent::_release_lock(); } -} \ No newline at end of file +} diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index e8498b452..36b5d51e4 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -16,6 +16,7 @@ Bug fixes for 3.1.3 - Fixed a bug (#4679) - :doc:`Input Library ` method ``ip_address()`` didn't properly resolve ``$config['proxy_ips']`` IPv6 addresses. - Fixed a bug (#4902) - :doc:`Image Manipulation Library ` processing via ImageMagick didn't work. - Fixed a bug (#4905) - :doc:`Loader Library ` didn't take into account possible user-provided directory paths when loading helpers. +- Fixed a bug (#4916) - :doc:`Session Library ` with ``sess_match_ip`` enabled was unusable for IPv6 clients when using the 'database' driver on MySQL 5.7.5+. Version 3.1.2 ============= -- cgit v1.2.3-24-g4f1b From 820d9cdaac9a9c0371404ce82b60a26ed3ac938f Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 23 Nov 2016 13:27:42 +0200 Subject: Fix #4917 --- system/helpers/date_helper.php | 4 ++-- tests/codeigniter/helpers/date_helper_test.php | 8 ++++++++ user_guide_src/source/changelog.rst | 1 + 3 files changed, 11 insertions(+), 2 deletions(-) diff --git a/system/helpers/date_helper.php b/system/helpers/date_helper.php index 5f1fcf07e..7f072acfa 100644 --- a/system/helpers/date_helper.php +++ b/system/helpers/date_helper.php @@ -529,9 +529,9 @@ if ( ! function_exists('nice_date')) } // Date Like: YYYYMMDD - if (preg_match('/^(\d{2})\d{2}(\d{4})$/i', $bad_date, $matches)) + if (preg_match('/^\d{8}$/i', $bad_date, $matches)) { - return date($format, strtotime($matches[1].'/01/'.$matches[2])); + return DateTime::createFromFormat('Ymd', $bad_date)->format($format); } // Date Like: MM-DD-YYYY __or__ M-D-YYYY (or anything in between) diff --git a/tests/codeigniter/helpers/date_helper_test.php b/tests/codeigniter/helpers/date_helper_test.php index c4f99a97c..8a3502280 100644 --- a/tests/codeigniter/helpers/date_helper_test.php +++ b/tests/codeigniter/helpers/date_helper_test.php @@ -10,6 +10,14 @@ class Date_helper_test extends CI_TestCase { // ------------------------------------------------------------------------ + public function test_nice_date() + { + $this->assertEquals('2016-11-01', nice_date('201611', 'Y-m-d')); + $this->assertEquals('2016-11-23', nice_date('20161123', 'Y-m-d')); + } + + // ------------------------------------------------------------------------ + public function test_now_local() { /* diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index 36b5d51e4..fd3f668cf 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -17,6 +17,7 @@ Bug fixes for 3.1.3 - Fixed a bug (#4902) - :doc:`Image Manipulation Library ` processing via ImageMagick didn't work. - Fixed a bug (#4905) - :doc:`Loader Library ` didn't take into account possible user-provided directory paths when loading helpers. - Fixed a bug (#4916) - :doc:`Session Library ` with ``sess_match_ip`` enabled was unusable for IPv6 clients when using the 'database' driver on MySQL 5.7.5+. +- Fixed a bug (#4917) - :doc:`Date Helper ` function :php:func:`nice_date()` didn't handle YYYYMMDD inputs properly. Version 3.1.2 ============= -- cgit v1.2.3-24-g4f1b From 610be9dc25bcfd06f30d70139701e86b8c3ad400 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 23 Nov 2016 13:40:16 +0200 Subject: [ci skip] Deprecate nice_date() --- system/helpers/date_helper.php | 1 + user_guide_src/source/changelog.rst | 4 ++++ user_guide_src/source/helpers/date_helper.rst | 7 +++++-- user_guide_src/source/installation/upgrade_313.rst | 18 ++++++++++++++++++ 4 files changed, 28 insertions(+), 2 deletions(-) diff --git a/system/helpers/date_helper.php b/system/helpers/date_helper.php index 7f072acfa..0606a4562 100644 --- a/system/helpers/date_helper.php +++ b/system/helpers/date_helper.php @@ -496,6 +496,7 @@ if ( ! function_exists('nice_date')) * Turns many "reasonably-date-like" strings into something * that is actually useful. This only works for dates after unix epoch. * + * @deprecated 3.1.3 Use DateTime::createFromFormat($input_format, $input)->format($output_format); * @param string The terribly formatted date-like string * @param string Date format to return (same as php date function) * @return string diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index fd3f668cf..af556a50a 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -7,6 +7,10 @@ Version 3.1.3 Release Date: Not Released +- General Changes + + - Deprecated :doc:`Date Helper ` function :php:func:`nice_date()`. + Bug fixes for 3.1.3 ------------------- diff --git a/user_guide_src/source/helpers/date_helper.rst b/user_guide_src/source/helpers/date_helper.rst index a85da26a4..600a07574 100644 --- a/user_guide_src/source/helpers/date_helper.rst +++ b/user_guide_src/source/helpers/date_helper.rst @@ -84,7 +84,7 @@ The following functions are available: .. note:: This function is DEPRECATED. Use the native ``date()`` combined with `DateTime's format constants - `_ + `_ instead:: echo date(DATE_RFC822, time()); @@ -220,6 +220,9 @@ The following functions are available: // Should Produce: 2001-09-11 $better_date = nice_date($bad_date, 'Y-m-d'); + .. note:: This function is DEPRECATED. Use PHP's native `DateTime class + `_ instead. + .. php:function:: timespan([$seconds = 1[, $time = ''[, $units = '']]]) :param int $seconds: Number of seconds @@ -434,4 +437,4 @@ UP12 (UTC +12:00) Fiji, Gilbert Islands, Kamchatka, New Zealand UP1275 (UTC +12:45) Chatham Islands Standard Time UP13 (UTC +13:00) Phoenix Islands Time, Tonga UP14 (UTC +14:00) Line Islands -=========== ===================================================================== \ No newline at end of file +=========== ===================================================================== diff --git a/user_guide_src/source/installation/upgrade_313.rst b/user_guide_src/source/installation/upgrade_313.rst index 71afc6f6a..ebce7ab9b 100644 --- a/user_guide_src/source/installation/upgrade_313.rst +++ b/user_guide_src/source/installation/upgrade_313.rst @@ -12,3 +12,21 @@ Replace all files and directories in your *system/* directory. .. note:: If you have any custom developed files in these directories, please make copies of them first. + +Step 2: Remove usage of nice_date() helper (deprecation) +======================================================== + +The :doc:`Date Helper <../helpers/date_helper>` function ``nice_date()`` is +no longer useful since the introduction of PHP's `DateTime classes +`_ + +You can replace it with the following: +:: + + DateTime::createFromFormat($input_format, $input_date)->format($desired_output_format); + +Thus, ``nice_date()`` is now deprecated and scheduled for removal in +CodeIgniter 3.2+. + +.. note:: The function is still available, but you're strongly encouraged + to remove its usage sooner rather than later. -- cgit v1.2.3-24-g4f1b From 45023e555e762baf22b94b0e9ca353548205efb4 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 23 Nov 2016 13:40:52 +0200 Subject: [ci skip] Fix a changelog entry reference --- user_guide_src/source/changelog.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index af556a50a..1fe2d4616 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -20,7 +20,7 @@ Bug fixes for 3.1.3 - Fixed a bug (#4679) - :doc:`Input Library ` method ``ip_address()`` didn't properly resolve ``$config['proxy_ips']`` IPv6 addresses. - Fixed a bug (#4902) - :doc:`Image Manipulation Library ` processing via ImageMagick didn't work. - Fixed a bug (#4905) - :doc:`Loader Library ` didn't take into account possible user-provided directory paths when loading helpers. -- Fixed a bug (#4916) - :doc:`Session Library ` with ``sess_match_ip`` enabled was unusable for IPv6 clients when using the 'database' driver on MySQL 5.7.5+. +- Fixed a bug (#4916) - :doc:`Session Library ` with ``sess_match_ip`` enabled was unusable for IPv6 clients when using the 'database' driver on MySQL 5.7.5+. - Fixed a bug (#4917) - :doc:`Date Helper ` function :php:func:`nice_date()` didn't handle YYYYMMDD inputs properly. Version 3.1.2 -- cgit v1.2.3-24-g4f1b From 6276926c6dcdf976a5f4de34d62f501852e2f84b Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 29 Nov 2016 15:30:30 +0200 Subject: Fix #4923 --- .../Session/drivers/Session_database_driver.php | 10 +++--- .../Session/drivers/Session_memcached_driver.php | 37 ++++++++++------------ .../Session/drivers/Session_redis_driver.php | 27 +++++++--------- user_guide_src/source/changelog.rst | 1 + 4 files changed, 34 insertions(+), 41 deletions(-) diff --git a/system/libraries/Session/drivers/Session_database_driver.php b/system/libraries/Session/drivers/Session_database_driver.php index 6a7282b23..2f5241256 100644 --- a/system/libraries/Session/drivers/Session_database_driver.php +++ b/system/libraries/Session/drivers/Session_database_driver.php @@ -208,8 +208,12 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan // Prevent previous QB calls from messing with our queries $this->_db->reset_query(); + if ($this->_lock === FALSE) + { + return $this->_fail(); + } // Was the ID regenerated? - if ($session_id !== $this->_session_id) + elseif ($session_id !== $this->_session_id) { if ( ! $this->_release_lock() OR ! $this->_get_lock($session_id)) { @@ -219,10 +223,6 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan $this->_row_exists = FALSE; $this->_session_id = $session_id; } - elseif ($this->_lock === FALSE) - { - return $this->_fail(); - } if ($this->_row_exists === FALSE) { diff --git a/system/libraries/Session/drivers/Session_memcached_driver.php b/system/libraries/Session/drivers/Session_memcached_driver.php index 99b4d1baa..eb1dcd3d8 100644 --- a/system/libraries/Session/drivers/Session_memcached_driver.php +++ b/system/libraries/Session/drivers/Session_memcached_driver.php @@ -186,7 +186,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa */ public function write($session_id, $session_data) { - if ( ! isset($this->_memcached)) + if ( ! isset($this->_memcached, $this->_lock_key)) { return $this->_fail(); } @@ -202,28 +202,25 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa $this->_session_id = $session_id; } - if (isset($this->_lock_key)) - { - $key = $this->_key_prefix.$session_id; - - $this->_memcached->replace($this->_lock_key, time(), 300); - if ($this->_fingerprint !== ($fingerprint = md5($session_data))) - { - if ($this->_memcached->set($key, $session_data, $this->_config['expiration'])) - { - $this->_fingerprint = $fingerprint; - return $this->_success; - } + $key = $this->_key_prefix.$session_id; - return $this->_fail(); - } - elseif ( - $this->_memcached->touch($key, $this->_config['expiration']) - OR ($this->_memcached->getResultCode() === Memcached::RES_NOTFOUND && $this->_memcached->set($key, $session_data, $this->_config['expiration'])) - ) + $this->_memcached->replace($this->_lock_key, time(), 300); + if ($this->_fingerprint !== ($fingerprint = md5($session_data))) + { + if ($this->_memcached->set($key, $session_data, $this->_config['expiration'])) { + $this->_fingerprint = $fingerprint; return $this->_success; } + + return $this->_fail(); + } + elseif ( + $this->_memcached->touch($key, $this->_config['expiration']) + OR ($this->_memcached->getResultCode() === Memcached::RES_NOTFOUND && $this->_memcached->set($key, $session_data, $this->_config['expiration'])) + ) + { + return $this->_success; } return $this->_fail(); @@ -375,4 +372,4 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa return TRUE; } -} \ No newline at end of file +} diff --git a/system/libraries/Session/drivers/Session_redis_driver.php b/system/libraries/Session/drivers/Session_redis_driver.php index 8db74c0ca..a780100b1 100644 --- a/system/libraries/Session/drivers/Session_redis_driver.php +++ b/system/libraries/Session/drivers/Session_redis_driver.php @@ -199,7 +199,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle */ public function write($session_id, $session_data) { - if ( ! isset($this->_redis)) + if ( ! isset($this->_redis, $this->_lock_key)) { return $this->_fail(); } @@ -215,27 +215,22 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle $this->_session_id = $session_id; } - if (isset($this->_lock_key)) + $this->_redis->setTimeout($this->_lock_key, 300); + if ($this->_fingerprint !== ($fingerprint = md5($session_data)) OR $this->_key_exists === FALSE) { - $this->_redis->setTimeout($this->_lock_key, 300); - if ($this->_fingerprint !== ($fingerprint = md5($session_data)) OR $this->_key_exists === FALSE) + if ($this->_redis->set($this->_key_prefix.$session_id, $session_data, $this->_config['expiration'])) { - if ($this->_redis->set($this->_key_prefix.$session_id, $session_data, $this->_config['expiration'])) - { - $this->_fingerprint = $fingerprint; - $this->_key_exists = TRUE; - return $this->_success; - } - - return $this->_fail(); + $this->_fingerprint = $fingerprint; + $this->_key_exists = TRUE; + return $this->_success; } - return ($this->_redis->setTimeout($this->_key_prefix.$session_id, $this->_config['expiration'])) - ? $this->_success - : $this->_fail(); + return $this->_fail(); } - return $this->_fail(); + return ($this->_redis->setTimeout($this->_key_prefix.$session_id, $this->_config['expiration'])) + ? $this->_success + : $this->_fail(); } // ------------------------------------------------------------------------ diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index 1fe2d4616..cb95d173b 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -22,6 +22,7 @@ Bug fixes for 3.1.3 - Fixed a bug (#4905) - :doc:`Loader Library ` didn't take into account possible user-provided directory paths when loading helpers. - Fixed a bug (#4916) - :doc:`Session Library ` with ``sess_match_ip`` enabled was unusable for IPv6 clients when using the 'database' driver on MySQL 5.7.5+. - Fixed a bug (#4917) - :doc:`Date Helper ` function :php:func:`nice_date()` didn't handle YYYYMMDD inputs properly. +- Fixed a bug (#4923) - :doc:`Session Library ` could execute an erroneous SQL query with the 'database' driver, if the lock attempt times out. Version 3.1.2 ============= -- cgit v1.2.3-24-g4f1b From e377910ccf826b448203513bf63bd5721bbd1375 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 1 Dec 2016 13:48:58 +0200 Subject: Fix #4927 --- system/core/Output.php | 7 ++++--- user_guide_src/source/changelog.rst | 1 + 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/system/core/Output.php b/system/core/Output.php index cf6510ff1..57c78ab19 100644 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -311,11 +311,12 @@ class CI_Output { return NULL; } - for ($i = 0, $c = count($headers); $i < $c; $i++) + // Count backwards, in order to get the last matching header + for ($c = count($headers) - 1; $c > -1; $c--) { - if (strncasecmp($header, $headers[$i], $l = self::strlen($header)) === 0) + if (strncasecmp($header, $headers[$c], $l = self::strlen($header)) === 0) { - return trim(self::substr($headers[$i], $l+1)); + return trim(self::substr($headers[$c], $l+1)); } } diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index cb95d173b..0d8a93b54 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -23,6 +23,7 @@ Bug fixes for 3.1.3 - Fixed a bug (#4916) - :doc:`Session Library ` with ``sess_match_ip`` enabled was unusable for IPv6 clients when using the 'database' driver on MySQL 5.7.5+. - Fixed a bug (#4917) - :doc:`Date Helper ` function :php:func:`nice_date()` didn't handle YYYYMMDD inputs properly. - Fixed a bug (#4923) - :doc:`Session Library ` could execute an erroneous SQL query with the 'database' driver, if the lock attempt times out. +- Fixed a bug (#4927) - :doc:`Output Library ` method ``get_header()`` returned the first matching header, regardless of whether it would be replaced by a second ``set_header()`` call. Version 3.1.2 ============= -- cgit v1.2.3-24-g4f1b From 8db01f13809a92bac7bc95b02893175d7654d627 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 1 Dec 2016 14:06:57 +0200 Subject: Fix #4844 --- system/libraries/Email.php | 2 +- user_guide_src/source/changelog.rst | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/system/libraries/Email.php b/system/libraries/Email.php index 676bbcafb..2e6f5be90 100644 --- a/system/libraries/Email.php +++ b/system/libraries/Email.php @@ -1878,7 +1878,7 @@ class CI_Email { // is popen() enabled? if ( ! function_usable('popen') OR FALSE === ($fp = @popen( - $this->mailpath.' -oi -f '.$this->clean_email($this->_headers['From']).' -t' + $this->mailpath.' -oi -f '.escapeshellarg($this->clean_email($this->_headers['From'])).' -t' , 'w')) ) // server probably has popen disabled, so nothing we can do to get a verbose error. { diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index 0d8a93b54..4f5efe276 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -24,6 +24,7 @@ Bug fixes for 3.1.3 - Fixed a bug (#4917) - :doc:`Date Helper ` function :php:func:`nice_date()` didn't handle YYYYMMDD inputs properly. - Fixed a bug (#4923) - :doc:`Session Library ` could execute an erroneous SQL query with the 'database' driver, if the lock attempt times out. - Fixed a bug (#4927) - :doc:`Output Library ` method ``get_header()`` returned the first matching header, regardless of whether it would be replaced by a second ``set_header()`` call. +- Fixed a bug (#4844) - :doc:`Email Library ` didn't apply ``escapeshellarg()`` to the while passing the Sendmail ``-f`` parameter through ``popen()``. Version 3.1.2 ============= -- cgit v1.2.3-24-g4f1b