From 7c71b8f571585655d24ce325fb0ec3deb6caa8e4 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 27 Jan 2018 06:09:02 +0200 Subject: [ci skip] Apply the INTL_IDNA_VARIANT_UTS46 fix to CI_Email::_validate_email_for_shell() --- system/libraries/Email.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/system/libraries/Email.php b/system/libraries/Email.php index 71740ee5e..a53e7e72a 100644 --- a/system/libraries/Email.php +++ b/system/libraries/Email.php @@ -1856,7 +1856,7 @@ class CI_Email { if (function_exists('idn_to_ascii') && strpos($email, '@')) { list($account, $domain) = explode('@', $email, 2); - $domain = is_php('5.4') + $domain = defined('INTL_IDNA_VARIANT_UTS46') ? idn_to_ascii($domain, 0, INTL_IDNA_VARIANT_UTS46) : idn_to_ascii($domain); $email = $account.'@'.$domain; -- cgit v1.2.3-24-g4f1b From 7dd6f14073c109a3227d78e30780ab79117bda42 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 30 Jan 2018 15:08:21 +0200 Subject: Fix a QB bug where where(), having() treated values passed to them as arbitrary SQL --- system/database/DB_query_builder.php | 51 ++++++++++++++++++++---------------- user_guide_src/source/changelog.rst | 1 + 2 files changed, 29 insertions(+), 23 deletions(-) diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index b9bbb5016..8f477e3a1 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -680,7 +680,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { { if ($escape === TRUE) { - $v = ' '.$this->escape($v); + $v = $this->escape($v); } if ( ! $this->_has_operator($k)) @@ -698,10 +698,11 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $k = substr($k, 0, $match[0][1]).($match[1][0] === '=' ? ' IS NULL' : ' IS NOT NULL'); } - $this->{$qb_key}[] = array('condition' => $prefix.$k.$v, 'escape' => $escape); + ${$qb_key} = array('condition' => $prefix.$k, 'value' => $v, 'escape' => $escape); + $this->{$qb_key}[] = ${$qb_key}; if ($this->qb_caching === TRUE) { - $this->{$qb_cache_key}[] = array('condition' => $prefix.$k.$v, 'escape' => $escape); + $this->{$qb_cache_key}[] = ${$qb_key}; $this->qb_cache_exists[] = substr($qb_key, 3); } @@ -834,6 +835,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $where_in = array( 'condition' => $prefix.$key.$not.' IN('.implode(', ', $where_in).')', + 'value' => NULL, 'escape' => $escape ); @@ -962,33 +964,34 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $v = $this->escape_like_str($v); } - if ($side === 'none') + switch ($side) { - $like_statement = "{$prefix} {$k} {$not} LIKE '{$v}'"; - } - elseif ($side === 'before') - { - $like_statement = "{$prefix} {$k} {$not} LIKE '%{$v}'"; - } - elseif ($side === 'after') - { - $like_statement = "{$prefix} {$k} {$not} LIKE '{$v}%'"; - } - else - { - $like_statement = "{$prefix} {$k} {$not} LIKE '%{$v}%'"; + case 'none': + $v = "'{$v}'"; + break; + case 'before': + $v = "%'{$v}'"; + break; + case 'after': + $v = "'{$v}%'"; + break; + case 'both': + default: + $v = "'%{$v}%'"; + break; } // some platforms require an escape sequence definition for LIKE wildcards if ($escape === TRUE && $this->_like_escape_str !== '') { - $like_statement .= sprintf($this->_like_escape_str, $this->_like_escape_chr); + $v .= sprintf($this->_like_escape_str, $this->_like_escape_chr); } - $this->qb_where[] = array('condition' => $like_statement, 'escape' => $escape); + $qb_where = array('condition' => "{$prefix} {$k} {$not} LIKE", 'value' => $v, 'escape' => $escape); + $this->qb_where[] = $qb_where; if ($this->qb_caching === TRUE) { - $this->qb_cache_where[] = array('condition' => $like_statement, 'escape' => $escape); + $this->qb_cache_where[] = $qb_where; $this->qb_cache_exists[] = 'where'; } } @@ -1013,6 +1016,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $prefix = (count($this->qb_where) === 0 && count($this->qb_cache_where) === 0) ? '' : $type; $where = array( 'condition' => $prefix.$not.str_repeat(' ', ++$this->qb_where_group_count).' (', + 'value' => NULL, 'escape' => FALSE ); @@ -1073,6 +1077,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $this->qb_where_group_started = FALSE; $where = array( 'condition' => str_repeat(' ', $this->qb_where_group_count--).')', + 'value' => NULL, 'escape' => FALSE ); @@ -1433,7 +1438,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { // -------------------------------------------------------------------- /** - * Get_Where + * get_where() * * Allows the where clause, limit and offset to be added directly * @@ -2395,7 +2400,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { } elseif ($this->{$qb_key}[$i]['escape'] === FALSE) { - $this->{$qb_key}[$i] = $this->{$qb_key}[$i]['condition']; + $this->{$qb_key}[$i] = $this->{$qb_key}[$i]['condition'].(isset($this->{$qb_key}[$i]['value']) ? ' '.$this->{$qb_key}[$i]['value'] : ''); continue; } @@ -2434,7 +2439,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { .' '.trim($matches[3]).$matches[4].$matches[5]; } - $this->{$qb_key}[$i] = implode('', $conditions); + $this->{$qb_key}[$i] = implode('', $conditions).(isset($this->{$qb_key}[$i]['value']) ? ' '.$this->{$qb_key}[$i]['value'] : ''); } return ($qb_key === 'qb_having' ? "\nHAVING " : "\nWHERE ") diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index f6e24e519..9b7f0149c 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -15,6 +15,7 @@ Bug fixes for 3.1.8 ------------------- - Fixed a bug where :doc:`Form Validation Library `, :doc:`Email Library ` tried to use ``INTL_IDNA_VARIANT_UTS46`` when it was undeclared. +- Fixed a bug where :doc:`Query Builder ` methods ``where()``, ``having()`` treated values passed to them as arbitrary SQL. Version 3.1.7 ============= -- cgit v1.2.3-24-g4f1b From a911daa2775ee9d09404c91c8954c6a216568cb5 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 31 Jan 2018 23:58:39 +0200 Subject: [ci skip] Add changelog entry for PR #5391 --- user_guide_src/source/changelog.rst | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index 9b7f0149c..63de806f6 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -7,6 +7,10 @@ Version 3.1.8 Release Date: Not Released +- **Security** + + - Updated :doc:`URL Helper ` function :php:func:`auto_link()` to add ``rel="noopener"`` to generated links in order to prevent tab hijacking. + - General Changes - Updated :doc:`Email Library ` to always negotiate between TLS 1.0, 1.1, 1.2 when possible (PHP 5.6+) for SMTP connections. -- cgit v1.2.3-24-g4f1b From 84760562d5bb875af0a33b0d0f636dc3081db7c0 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 12 Feb 2018 15:15:47 +0200 Subject: [ci skip] Fix rendering of literal 'http://' strings in the manual --- user_guide_src/source/changelog.rst | 4 ++-- user_guide_src/source/helpers/string_helper.rst | 4 ++-- user_guide_src/source/helpers/url_helper.rst | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index 63de806f6..2b82d7b36 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -1938,7 +1938,7 @@ Hg Tag: v2.0.0 precision. - Added alpha, and sha1 string types to random_string() in the :doc:`String Helper `. - - Modified prep_url() so as to not prepend http:// if the supplied + - Modified prep_url() so as to not prepend \http:// if the supplied string already has a scheme. - Modified get_file_info in the file helper, changing filectime() to filemtime() for dates. @@ -2678,7 +2678,7 @@ Bugfixes for 1.6.2 instantiating new Language and Exception objects, and not using the error heading. - Fixed a bug (#4413) where a URI containing slashes only e.g. - 'http://example.com/index.php?//' would result in PHP errors + '\http://example.com/index.php?//' would result in PHP errors - Fixed an array to string conversion error in the Validation library (#4425) - Fixed bug (#4451, #4299, #4339) where failed transactions will not diff --git a/user_guide_src/source/helpers/string_helper.rst b/user_guide_src/source/helpers/string_helper.rst index a1fd7ee15..6dabc60d3 100644 --- a/user_guide_src/source/helpers/string_helper.rst +++ b/user_guide_src/source/helpers/string_helper.rst @@ -127,7 +127,7 @@ The following functions are available: :rtype: string Converts double slashes in a string to a single slash, except those - found in URL protocol prefixes (e.g. http://). + found in URL protocol prefixes (e.g. \http://). Example:: @@ -220,4 +220,4 @@ The following functions are available: Removes single and double quotes from a string. Example:: $string = "Joe's \"dinner\""; - $string = strip_quotes($string); //results in "Joes dinner" \ No newline at end of file + $string = strip_quotes($string); //results in "Joes dinner" diff --git a/user_guide_src/source/helpers/url_helper.rst b/user_guide_src/source/helpers/url_helper.rst index 435a21df4..e117d37c0 100644 --- a/user_guide_src/source/helpers/url_helper.rst +++ b/user_guide_src/source/helpers/url_helper.rst @@ -144,7 +144,7 @@ The following functions are available: be a string or an array. .. note:: If you are building links that are internal to your application - do not include the base URL (http://...). This will be added + do not include the base URL (\http://...). This will be added automatically from the information specified in your config file. Include only the URI segments you wish appended to the URL. @@ -317,7 +317,7 @@ The following functions are available: :returns: Protocol-prefixed URL string :rtype: string - This function will add http:// in the event that a protocol prefix + This function will add \http:// in the event that a protocol prefix is missing from a URL. Pass the URL string to the function like this:: -- cgit v1.2.3-24-g4f1b From 2f1fc71c61ee9c781949d525f27fa1d5f11b9a95 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 28 Feb 2018 22:33:36 +0200 Subject: [ci skip] Fix 5423 --- system/database/drivers/postgre/postgre_driver.php | 7 +++---- user_guide_src/source/changelog.rst | 2 ++ 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/system/database/drivers/postgre/postgre_driver.php b/system/database/drivers/postgre/postgre_driver.php index 7fb258abb..5779c8783 100644 --- a/system/database/drivers/postgre/postgre_driver.php +++ b/system/database/drivers/postgre/postgre_driver.php @@ -224,8 +224,8 @@ class CI_DB_postgre_driver extends CI_DB { * and so we'll have to fall back to running a query in * order to get it. */ - return isset($pg_version['server']) - ? $this->data_cache['version'] = $pg_version['server'] + return (isset($pg_version['server']) && preg_match('#^(\d+\.\d+)#', $pg_version['server'], $match)) + ? $this->data_cache['version'] = $match[1] : parent::version(); } @@ -354,8 +354,7 @@ class CI_DB_postgre_driver extends CI_DB { */ public function insert_id() { - $v = pg_version($this->conn_id); - $v = isset($v['server']) ? $v['server'] : 0; // 'server' key is only available since PosgreSQL 7.4 + $v = $this->version(); $table = (func_num_args() > 0) ? func_get_arg(0) : NULL; $column = (func_num_args() > 1) ? func_get_arg(1) : NULL; diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index 2b82d7b36..37291e196 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -14,12 +14,14 @@ Release Date: Not Released - General Changes - Updated :doc:`Email Library ` to always negotiate between TLS 1.0, 1.1, 1.2 when possible (PHP 5.6+) for SMTP connections. + - Updated :doc:`Database Library ` method ``version()`` to exclude suffixes to the main version numbers with the 'postgre' driver. Bug fixes for 3.1.8 ------------------- - Fixed a bug where :doc:`Form Validation Library `, :doc:`Email Library ` tried to use ``INTL_IDNA_VARIANT_UTS46`` when it was undeclared. - Fixed a bug where :doc:`Query Builder ` methods ``where()``, ``having()`` treated values passed to them as arbitrary SQL. +- Fixed a bug (#5423) - :doc:`Database Library ` method ``insert_id()`` failed due to incorrect server version parsing with the 'postgre' driver. Version 3.1.7 ============= -- cgit v1.2.3-24-g4f1b From 8ff2b1055e902ef4c66bbb6e3b1a4554872e6659 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 28 Feb 2018 22:44:09 +0200 Subject: [ci skip] Fix #5425 --- system/libraries/Xmlrpc.php | 2 +- user_guide_src/source/changelog.rst | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/system/libraries/Xmlrpc.php b/system/libraries/Xmlrpc.php index 39e4dd37e..c23504de8 100644 --- a/system/libraries/Xmlrpc.php +++ b/system/libraries/Xmlrpc.php @@ -1181,7 +1181,7 @@ class XML_RPC_Message extends CI_Xmlrpc $data = implode("\r\n", $lines); // Parse XML data - if ( ! xml_parse($parser, $data, count($data))) + if ( ! xml_parse($parser, $data, TRUE)) { $errstr = sprintf('XML error: %s at line %d', xml_error_string(xml_get_error_code($parser)), diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index 37291e196..95af9c086 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -22,6 +22,7 @@ Bug fixes for 3.1.8 - Fixed a bug where :doc:`Form Validation Library `, :doc:`Email Library ` tried to use ``INTL_IDNA_VARIANT_UTS46`` when it was undeclared. - Fixed a bug where :doc:`Query Builder ` methods ``where()``, ``having()`` treated values passed to them as arbitrary SQL. - Fixed a bug (#5423) - :doc:`Database Library ` method ``insert_id()`` failed due to incorrect server version parsing with the 'postgre' driver. +- Fixed a bug (#5425) - :doc:`XML-RPC Library ` produced an error message related to ``count()`` on PHP 7.2. Version 3.1.7 ============= -- cgit v1.2.3-24-g4f1b From 0768a406d49f9a7b3ffa32749beaffc55a153902 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 10 Mar 2018 02:08:32 +0200 Subject: [ci skip] Merge pull request #5434 from xims/patch-3 Update Image_lib to avoid setting file permissions when not needed --- system/libraries/Image_lib.php | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/system/libraries/Image_lib.php b/system/libraries/Image_lib.php index b9adcd6e5..a5cb6fb47 100644 --- a/system/libraries/Image_lib.php +++ b/system/libraries/Image_lib.php @@ -835,7 +835,10 @@ class CI_Image_lib { imagedestroy($dst_img); imagedestroy($src_img); - chmod($this->full_dst_path, $this->file_permissions); + if ($this->dynamic_output !== TRUE) + { + chmod($this->full_dst_path, $this->file_permissions); + } return TRUE; } -- cgit v1.2.3-24-g4f1b From dc1d71cea3ef0dc35fabdcebbaca6e333051aa40 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 10 Mar 2018 02:12:18 +0200 Subject: [ci skip] Add changelog entry for #5434 --- user_guide_src/source/changelog.rst | 1 + 1 file changed, 1 insertion(+) diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index 95af9c086..4eaed24ec 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -23,6 +23,7 @@ Bug fixes for 3.1.8 - Fixed a bug where :doc:`Query Builder ` methods ``where()``, ``having()`` treated values passed to them as arbitrary SQL. - Fixed a bug (#5423) - :doc:`Database Library ` method ``insert_id()`` failed due to incorrect server version parsing with the 'postgre' driver. - Fixed a bug (#5425) - :doc:`XML-RPC Library ` produced an error message related to ``count()`` on PHP 7.2. +- Fixed a bug (#5434) - :doc:`Image Manipulation Library ` attempted to ``chmod()`` while rendering images with the ``dynamic_output`` option. Version 3.1.7 ============= -- cgit v1.2.3-24-g4f1b From 3d204b63df199c7fb41d2602867ac3835776f40a Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 10 Mar 2018 02:40:22 +0200 Subject: [ci skip] Fix #5420 --- system/core/Security.php | 12 ++++++++++-- user_guide_src/source/changelog.rst | 1 + 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/system/core/Security.php b/system/core/Security.php index 6cdce5d98..89a94c3dd 100644 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -542,6 +542,14 @@ class CI_Security { $str ); + // Same thing, but for "tag functions" (e.g. eval`some code`) + // See https://github.com/bcit-ci/CodeIgniter/issues/5420 + $str = preg_replace( + '#(alert|prompt|confirm|cmd|passthru|eval|exec|expression|system|fopen|fsockopen|file|file_get_contents|readfile|unlink)(\s*)`(.*?)`#si', + '\\1\\2`\\3`', + $str + ); + // Final clean up // This adds a bit of extra precaution in case // something got through the above filters @@ -927,7 +935,7 @@ class CI_Security { return str_replace( $match[1], preg_replace( - '#href=.*?(?:(?:alert|prompt|confirm)(?:\(|&\#40;)|javascript:|livescript:|mocha:|charset=|window\.|document\.|\.cookie|_filter_attributes($match[1]) ), @@ -955,7 +963,7 @@ class CI_Security { return str_replace( $match[1], preg_replace( - '#src=.*?(?:(?:alert|prompt|confirm|eval)(?:\(|&\#40;)|javascript:|livescript:|mocha:|charset=|window\.|document\.|\.cookie|_filter_attributes($match[1]) ), diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index 4eaed24ec..37cd31d72 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -10,6 +10,7 @@ Release Date: Not Released - **Security** - Updated :doc:`URL Helper ` function :php:func:`auto_link()` to add ``rel="noopener"`` to generated links in order to prevent tab hijacking. + - Updated :doc:`Security Library ` method ``xss_clean()`` to also filter JavaScript tag functions. - General Changes -- cgit v1.2.3-24-g4f1b From 6efd42ebafceda967d1d8def06ee412d3c1f382b Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 15 Mar 2018 16:24:42 +0200 Subject: [ci skip] Fix #5435 --- system/database/drivers/oci8/oci8_driver.php | 15 ++++++++++++++- user_guide_src/source/changelog.rst | 1 + 2 files changed, 15 insertions(+), 1 deletion(-) diff --git a/system/database/drivers/oci8/oci8_driver.php b/system/database/drivers/oci8/oci8_driver.php index 1bd977390..b90db4bd2 100644 --- a/system/database/drivers/oci8/oci8_driver.php +++ b/system/database/drivers/oci8/oci8_driver.php @@ -97,7 +97,7 @@ class CI_DB_oci8_driver extends CI_DB { * * @var bool */ - public $limit_used; + public $limit_used = FALSE; // -------------------------------------------------------------------- @@ -685,4 +685,17 @@ class CI_DB_oci8_driver extends CI_DB { oci_close($this->conn_id); } + // -------------------------------------------------------------------- + + /** + * We need to reset our $limit_used hack flag, so it doesn't propagate + * to subsequent queries. + * + * @return void + */ + protected function _reset_select() + { + $this->limit_used = FALSE; + parent::_reset_select(); + } } diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index 37cd31d72..21f5aae44 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -25,6 +25,7 @@ Bug fixes for 3.1.8 - Fixed a bug (#5423) - :doc:`Database Library ` method ``insert_id()`` failed due to incorrect server version parsing with the 'postgre' driver. - Fixed a bug (#5425) - :doc:`XML-RPC Library ` produced an error message related to ``count()`` on PHP 7.2. - Fixed a bug (#5434) - :doc:`Image Manipulation Library ` attempted to ``chmod()`` while rendering images with the ``dynamic_output`` option. +- Fixed a bug (#5435) - :doc:`Database Results ` method ``field_data()`` hid info about one field if ``limit()`` was previously used with the 'oci8' driver. Version 3.1.7 ============= -- cgit v1.2.3-24-g4f1b From e475b1c9ed1b82b5f4a6a2c31267171f75a82406 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 15 Mar 2018 16:43:35 +0200 Subject: Merge pull request #5431 from CyberSecutor/develop Added parenthesis check around "document" elements and fixed non-existent document.window filter to window.document --- system/core/Security.php | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/system/core/Security.php b/system/core/Security.php index 89a94c3dd..31926b466 100644 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -134,7 +134,9 @@ class CI_Security { */ protected $_never_allowed_str = array( 'document.cookie' => '[removed]', + '(document).cookie' => '[removed]', 'document.write' => '[removed]', + '(document).write' => '[removed]', '.parentNode' => '[removed]', '.innerHTML' => '[removed]', '-moz-binding' => '[removed]', @@ -152,7 +154,7 @@ class CI_Security { */ protected $_never_allowed_regex = array( 'javascript\s*:', - '(document|(document\.)?window)\.(location|on\w*)', + '(\(?document\)?|\(?window\)?(\.document)?)\.(location|on\w*)', 'expression\s*(\(|&\#40;)', // CSS and IE 'vbscript\s*:', // IE, surprise! 'wscript\s*:', // IE @@ -861,7 +863,7 @@ class CI_Security { // For other tags, see if their attributes are "evil" and strip those elseif (isset($matches['attributes'])) { - // We'll store the already fitlered attributes here + // We'll store the already filtered attributes here $attributes = array(); // Attribute-catching pattern @@ -935,7 +937,7 @@ class CI_Security { return str_replace( $match[1], preg_replace( - '#href=.*?(?:(?:alert|prompt|confirm)(?:\(|&\#40;|`|&\#96;)|javascript:|livescript:|mocha:|charset=|window\.|document\.|\.cookie|_filter_attributes($match[1]) ), @@ -963,7 +965,7 @@ class CI_Security { return str_replace( $match[1], preg_replace( - '#src=.*?(?:(?:alert|prompt|confirm|eval)(?:\(|&\#40;|`|&\#96;)|javascript:|livescript:|mocha:|charset=|window\.|document\.|\.cookie|_filter_attributes($match[1]) ), -- cgit v1.2.3-24-g4f1b From bcce0a17f72c9550491a35e35555294943ff7fc1 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 15 Mar 2018 16:48:51 +0200 Subject: [ci skip] Add a changelog entry for PR #5431 --- user_guide_src/source/changelog.rst | 1 + 1 file changed, 1 insertion(+) diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index 21f5aae44..647ea93a1 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -11,6 +11,7 @@ Release Date: Not Released - Updated :doc:`URL Helper ` function :php:func:`auto_link()` to add ``rel="noopener"`` to generated links in order to prevent tab hijacking. - Updated :doc:`Security Library ` method ``xss_clean()`` to also filter JavaScript tag functions. + - Fixed a bug where :doc:`Security Library ` method ``xss_clean()`` didn't check for parentheses around JavaScript's ``document``. - General Changes -- cgit v1.2.3-24-g4f1b From cdf3a9a54fb240bc17fc681b02bd6327ac15d7d0 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 15 Mar 2018 16:58:31 +0200 Subject: [ci skip] Merge pull request #5437 from MadGuyyy/develop Docs spelling fix: utlize -> utilize --- user_guide_src/source/database/query_builder.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/user_guide_src/source/database/query_builder.rst b/user_guide_src/source/database/query_builder.rst index 1b79c893a..38bc7fcff 100644 --- a/user_guide_src/source/database/query_builder.rst +++ b/user_guide_src/source/database/query_builder.rst @@ -654,7 +654,7 @@ will be reset (by default it will be--just like $this->db->insert()):: // Produces string: INSERT INTO mytable (`title`, `content`) VALUES ('My Title', 'My Content') The key thing to notice in the above example is that the second query did not -utlize `$this->db->from()` nor did it pass a table name into the first +utilize `$this->db->from()` nor did it pass a table name into the first parameter. The reason this worked is because the query has not been executed using `$this->db->insert()` which resets values or reset directly using `$this->db->reset_query()`. -- cgit v1.2.3-24-g4f1b From b12fbad77bd69ca0c7624a9094c29b7691ea6107 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 22 Mar 2018 16:44:41 +0200 Subject: [ci skip] Prepare 3.1.8 release --- system/core/CodeIgniter.php | 2 +- user_guide_src/source/changelog.rst | 2 +- user_guide_src/source/conf.py | 4 ++-- user_guide_src/source/installation/downloads.rst | 2 +- 4 files changed, 5 insertions(+), 5 deletions(-) diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index 4f81a98b6..4ad513dd6 100644 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -55,7 +55,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @var string * */ - const CI_VERSION = '3.1.8-dev'; + const CI_VERSION = '3.1.8'; /* * ------------------------------------------------------ diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index 647ea93a1..371b49529 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -5,7 +5,7 @@ Change Log Version 3.1.8 ============= -Release Date: Not Released +Release Date: Mar 22, 2018 - **Security** diff --git a/user_guide_src/source/conf.py b/user_guide_src/source/conf.py index e03c3168f..553669996 100644 --- a/user_guide_src/source/conf.py +++ b/user_guide_src/source/conf.py @@ -48,9 +48,9 @@ copyright = u'2014 - 2018, British Columbia Institute of Technology' # built documents. # # The short X.Y version. -version = '3.1.8-dev' +version = '3.1.8' # The full version, including alpha/beta/rc tags. -release = '3.1.8-dev' +release = '3.1.8' # The language for content autogenerated by Sphinx. Refer to documentation # for a list of supported languages. diff --git a/user_guide_src/source/installation/downloads.rst b/user_guide_src/source/installation/downloads.rst index 03913159b..27675a13c 100644 --- a/user_guide_src/source/installation/downloads.rst +++ b/user_guide_src/source/installation/downloads.rst @@ -2,7 +2,7 @@ Downloading CodeIgniter ####################### -- `CodeIgniter v3.1.8-dev (Current version) `_ +- `CodeIgniter v3.1.8 (Current version) `_ - `CodeIgniter v3.1.7 `_ - `CodeIgniter v3.1.6 `_ - `CodeIgniter v3.1.5 `_ -- cgit v1.2.3-24-g4f1b From 3d2073e877cb1fddbea8fcec5bc5d38b545cdcfa Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 22 Mar 2018 16:52:42 +0200 Subject: [ci skip] Mark the start of 3.1.9 development --- system/core/CodeIgniter.php | 2 +- user_guide_src/source/changelog.rst | 6 ++++++ user_guide_src/source/conf.py | 4 ++-- user_guide_src/source/installation/downloads.rst | 3 ++- user_guide_src/source/installation/upgrade_319.rst | 14 ++++++++++++++ user_guide_src/source/installation/upgrading.rst | 1 + 6 files changed, 26 insertions(+), 4 deletions(-) create mode 100644 user_guide_src/source/installation/upgrade_319.rst diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index 4ad513dd6..c5aab6259 100644 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -55,7 +55,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @var string * */ - const CI_VERSION = '3.1.8'; + const CI_VERSION = '3.1.9-dev'; /* * ------------------------------------------------------ diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index 371b49529..d0989da48 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -2,6 +2,12 @@ Change Log ########## +Version 3.1.9 +============= + +Release Date: Not Released + + Version 3.1.8 ============= diff --git a/user_guide_src/source/conf.py b/user_guide_src/source/conf.py index 553669996..7e1e52035 100644 --- a/user_guide_src/source/conf.py +++ b/user_guide_src/source/conf.py @@ -48,9 +48,9 @@ copyright = u'2014 - 2018, British Columbia Institute of Technology' # built documents. # # The short X.Y version. -version = '3.1.8' +version = '3.1.9-dev' # The full version, including alpha/beta/rc tags. -release = '3.1.8' +release = '3.1.9-dev' # The language for content autogenerated by Sphinx. Refer to documentation # for a list of supported languages. diff --git a/user_guide_src/source/installation/downloads.rst b/user_guide_src/source/installation/downloads.rst index 27675a13c..6147f4dfd 100644 --- a/user_guide_src/source/installation/downloads.rst +++ b/user_guide_src/source/installation/downloads.rst @@ -2,7 +2,8 @@ Downloading CodeIgniter ####################### -- `CodeIgniter v3.1.8 (Current version) `_ +- `CodeIgniter v3.1.9-dev (Current version) `_ +- `CodeIgniter v3.1.8 `_ - `CodeIgniter v3.1.7 `_ - `CodeIgniter v3.1.6 `_ - `CodeIgniter v3.1.5 `_ diff --git a/user_guide_src/source/installation/upgrade_319.rst b/user_guide_src/source/installation/upgrade_319.rst new file mode 100644 index 000000000..99a7347a0 --- /dev/null +++ b/user_guide_src/source/installation/upgrade_319.rst @@ -0,0 +1,14 @@ +############################# +Upgrading from 3.1.8 to 3.1.9 +############################# + +Before performing an update you should take your site offline by +replacing the index.php file with a static one. + +Step 1: Update your CodeIgniter files +===================================== + +Replace all files and directories in your *system/* directory. + +.. note:: If you have any custom developed files in these directories, + please make copies of them first. diff --git a/user_guide_src/source/installation/upgrading.rst b/user_guide_src/source/installation/upgrading.rst index a51b128ec..95525a7c6 100644 --- a/user_guide_src/source/installation/upgrading.rst +++ b/user_guide_src/source/installation/upgrading.rst @@ -8,6 +8,7 @@ upgrading from. .. toctree:: :titlesonly: + Upgrading from 3.1.8 to 3.1.9 Upgrading from 3.1.7 to 3.1.8 Upgrading from 3.1.6 to 3.1.7 Upgrading from 3.1.5 to 3.1.6 -- cgit v1.2.3-24-g4f1b