From 361750a8eb48c91d4a741b81bcb5572388742fed Mon Sep 17 00:00:00 2001 From: Miguel González Date: Mon, 30 Mar 2015 05:00:21 +0200 Subject: Fixes pagination with relative URL When base_url is a URL based on protocol, like "//www.google.com" the double slash regex kills the first "//". --- system/libraries/Pagination.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/system/libraries/Pagination.php b/system/libraries/Pagination.php index d63f61df6..76437f4a5 100644 --- a/system/libraries/Pagination.php +++ b/system/libraries/Pagination.php @@ -644,7 +644,7 @@ class CI_Pagination { // Kill double slashes. Note: Sometimes we can end up with a double slash // in the penultimate link so we'll kill all double slashes. - $output = preg_replace('#([^:])//+#', '\\1/', $output); + $output = preg_replace('#([^:"])//+#', '\\1/', $output); // Add the wrapper HTML if exists return $this->full_tag_open.$output.$this->full_tag_close; -- cgit v1.2.3-24-g4f1b From 0b978ddf678281ad8c1ab263040fd108be6c926f Mon Sep 17 00:00:00 2001 From: w0den Date: Sat, 2 May 2015 17:53:33 +0300 Subject: Bug Fix manually delete caching method MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit According to documentation, to manually delete cache for page "/foo/bar" we should run $this->output->delete_cache('/foo/bar'), but in this case MD5 hash will be calculated for "http://site.com//foo/bar" and this is why, we should pass $uri without beginning slash (ie, "foo/bar"). But the problem is that there is no way to delete cache for home page because: 1) $this->output->delete_cache('/') — MD5 hash will be calculated for "http://site.com//" and cache file will not be deleted. 2) $this->output->delete_cache('') — MD5 hash will be calculated for "http://site.com/%CURRENT_PAGE%" and again, cache file will not be deleted. Trimming the beginning slash, we enable ability to delete cache for home page by calling $this->output->delete_cache('/'). Also, this method will work as specified in the documentation. --- system/core/Output.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/system/core/Output.php b/system/core/Output.php index e7d559a1d..f1859ccf6 100644 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -735,7 +735,7 @@ class CI_Output { } } - $cache_path .= md5($CI->config->item('base_url').$CI->config->item('index_page').$uri); + $cache_path .= md5($CI->config->item('base_url').$CI->config->item('index_page').ltrim($uri, '/')); if ( ! @unlink($cache_path)) { -- cgit v1.2.3-24-g4f1b From dc29c6dc9069650d69496635643f00ab5e52067e Mon Sep 17 00:00:00 2001 From: w0den Date: Mon, 11 May 2015 18:58:20 +0300 Subject: Improve Cache Query String behaviour MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Typically, in most cases, we do not need to cache all the Query String variables. That's why I suggest to improve `Cache Include Query String` behaviour — allow the developer to independently specify which variables should be cached. For example, consider a query to the following URL address: http://site.com/search?q=query&page=2&session=abcd&utm_source=web In this case we don't need to build md5 hash for entire query string, because `session` or `utm_source` can be different for all users. The only variables which should be used for md5 hash should be `q` and `page`. Thus, in `config.php` we can use `$config['cache_query_string'] = array('page', 'q');`. So: `$config['cache_query_string'] = FALSE;` → Cache Include Query String is disabled `$config['cache_query_string'] = TRUE;` → Cache Include Query String is enabled for all `$config['cache_query_string'] = array('page', 'q');` → enabled only for specified variables --- system/core/Output.php | 33 +++++++++++++++++++++++++++------ 1 file changed, 27 insertions(+), 6 deletions(-) diff --git a/system/core/Output.php b/system/core/Output.php index f1859ccf6..4aed62a86 100644 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -556,9 +556,16 @@ class CI_Output { .$CI->config->item('index_page') .$CI->uri->uri_string(); - if ($CI->config->item('cache_query_string') && ! empty($_SERVER['QUERY_STRING'])) + if (($cache_query_string = $CI->config->item('cache_query_string')) && !empty($_SERVER['QUERY_STRING'])) { - $uri .= '?'.$_SERVER['QUERY_STRING']; + if (is_array($cache_query_string)) + { + $uri .= '?'.http_build_query(array_intersect_key($_GET, array_flip($cache_query_string))); + } + else + { + $uri .= '?'.$_SERVER['QUERY_STRING']; + } } $cache_path .= md5($uri); @@ -646,9 +653,16 @@ class CI_Output { // Build the file path. The file name is an MD5 hash of the full URI $uri = $CFG->item('base_url').$CFG->item('index_page').$URI->uri_string; - if ($CFG->item('cache_query_string') && ! empty($_SERVER['QUERY_STRING'])) + if (($cache_query_string = $CFG->item('cache_query_string')) && !empty($_SERVER['QUERY_STRING'])) { - $uri .= '?'.$_SERVER['QUERY_STRING']; + if (is_array($cache_query_string)) + { + $uri .= '?'.http_build_query(array_intersect_key($_GET, array_flip($cache_query_string))); + } + else + { + $uri .= '?'.$_SERVER['QUERY_STRING']; + } } $filepath = $cache_path.md5($uri); @@ -729,9 +743,16 @@ class CI_Output { { $uri = $CI->uri->uri_string(); - if ($CI->config->item('cache_query_string') && ! empty($_SERVER['QUERY_STRING'])) + if (($cache_query_string = $CI->config->item('cache_query_string')) && !empty($_SERVER['QUERY_STRING'])) { - $uri .= '?'.$_SERVER['QUERY_STRING']; + if (is_array($cache_query_string)) + { + $uri .= '?'.http_build_query(array_intersect_key($_GET, array_flip($cache_query_string))); + } + else + { + $uri .= '?'.$_SERVER['QUERY_STRING']; + } } } -- cgit v1.2.3-24-g4f1b From 664d25a2286b5fdef740da7a3c4d72d8fa00d530 Mon Sep 17 00:00:00 2001 From: Adam Jackett Date: Wed, 3 Jun 2015 15:54:54 -0400 Subject: made all form helpers consistent regarding extra attributes --- system/helpers/form_helper.php | 40 ++++++++++++++++++++------- user_guide_src/source/helpers/form_helper.rst | 37 +++++++++++++++++-------- 2 files changed, 56 insertions(+), 21 deletions(-) diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index 53ee8eb11..c77069c55 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -197,7 +197,7 @@ if ( ! function_exists('form_input')) * * @param mixed * @param string - * @param string + * @param mixed * @return string */ function form_input($data = '', $value = '', $extra = '') @@ -208,6 +208,8 @@ if ( ! function_exists('form_input')) 'value' => $value ); + $extra = _attributes_to_string($extra); + return '\n"; } } @@ -223,7 +225,7 @@ if ( ! function_exists('form_password')) * * @param mixed * @param string - * @param string + * @param mixed * @return string */ function form_password($data = '', $value = '', $extra = '') @@ -245,7 +247,7 @@ if ( ! function_exists('form_upload')) * * @param mixed * @param string - * @param string + * @param mixed * @return string */ function form_upload($data = '', $value = '', $extra = '') @@ -253,6 +255,9 @@ if ( ! function_exists('form_upload')) $defaults = array('type' => 'file', 'name' => ''); is_array($data) OR $data = array('name' => $data); $data['type'] = 'file'; + + $extra = _attributes_to_string($extra); + return '\n"; } } @@ -266,7 +271,7 @@ if ( ! function_exists('form_textarea')) * * @param mixed $data * @param string $value - * @param string $extra + * @param mixed $extra * @return string */ function form_textarea($data = '', $value = '', $extra = '') @@ -287,6 +292,8 @@ if ( ! function_exists('form_textarea')) unset($data['value']); // textareas don't use the value attribute } + $extra = _attributes_to_string($extra); + return '\n"; } } @@ -301,11 +308,13 @@ if ( ! function_exists('form_multiselect')) * @param string * @param array * @param mixed - * @param string + * @param mixed * @return string */ function form_multiselect($name = '', $options = array(), $selected = array(), $extra = '') { + $extra = _attributes_to_string($extra); + if ( ! strpos($extra, 'multiple')) { $extra .= ' multiple="multiple"'; @@ -420,7 +429,7 @@ if ( ! function_exists('form_checkbox')) * @param mixed * @param string * @param bool - * @param string + * @param mixed * @return string */ function form_checkbox($data = '', $value = '', $checked = FALSE, $extra = '') @@ -450,6 +459,8 @@ if ( ! function_exists('form_checkbox')) unset($defaults['checked']); } + $extra = _attributes_to_string($extra); + return '\n"; } } @@ -464,13 +475,16 @@ if ( ! function_exists('form_radio')) * @param mixed * @param string * @param bool - * @param string + * @param mixed * @return string */ function form_radio($data = '', $value = '', $checked = FALSE, $extra = '') { is_array($data) OR $data = array('name' => $data); $data['type'] = 'radio'; + + $extra = _attributes_to_string($extra); + return form_checkbox($data, $value, $checked, $extra); } } @@ -484,7 +498,7 @@ if ( ! function_exists('form_submit')) * * @param mixed * @param string - * @param string + * @param mixed * @return string */ function form_submit($data = '', $value = '', $extra = '') @@ -495,6 +509,8 @@ if ( ! function_exists('form_submit')) 'value' => $value ); + $extra = _attributes_to_string($extra); + return '\n"; } } @@ -508,7 +524,7 @@ if ( ! function_exists('form_reset')) * * @param mixed * @param string - * @param string + * @param mixed * @return string */ function form_reset($data = '', $value = '', $extra = '') @@ -519,6 +535,8 @@ if ( ! function_exists('form_reset')) 'value' => $value ); + $extra = _attributes_to_string($extra); + return '\n"; } } @@ -532,7 +550,7 @@ if ( ! function_exists('form_button')) * * @param mixed * @param string - * @param string + * @param mixed * @return string */ function form_button($data = '', $content = '', $extra = '') @@ -548,6 +566,8 @@ if ( ! function_exists('form_button')) unset($data['content']); // content is not an attribute } + $extra = _attributes_to_string($extra); + return '\n"; } } diff --git a/user_guide_src/source/helpers/form_helper.rst b/user_guide_src/source/helpers/form_helper.rst index 9ddca89bc..781e81f96 100644 --- a/user_guide_src/source/helpers/form_helper.rst +++ b/user_guide_src/source/helpers/form_helper.rst @@ -191,7 +191,7 @@ The following functions are available: :param array $data: Field attributes data :param string $value: Field value - :param string $extra: Extra attributes to be added to the tag *as is* + :param mixed $extra: Extra attributes to be added to the tag *as is* either as array or string :returns: An HTML text input field tag :rtype: string @@ -226,11 +226,16 @@ The following functions are available: $js = 'onClick="some_function()"'; echo form_input('username', 'johndoe', $js); + Or you can pass it as an array:: + + $js = array('onClick' => "some_function()"); + echo form_input('username', 'johndoe', $js); + .. php:function:: form_password([$data = ''[, $value = ''[, $extra = '']]]) :param array $data: Field attributes data :param string $value: Field value - :param string $extra: Extra attributes to be added to the tag *as is* + :param mixed $extra: Extra attributes to be added to the tag *as is* either as array or string :returns: An HTML password input field tag :rtype: string @@ -242,7 +247,7 @@ The following functions are available: :param array $data: Field attributes data :param string $value: Field value - :param string $extra: Extra attributes to be added to the tag *as is* + :param mixed $extra: Extra attributes to be added to the tag *as is* either as array or string :returns: An HTML file upload input field tag :rtype: string @@ -255,7 +260,7 @@ The following functions are available: :param array $data: Field attributes data :param string $value: Field value - :param string $extra: Extra attributes to be added to the tag *as is* + :param mixed $extra: Extra attributes to be added to the tag *as is* either as array or string :returns: An HTML textarea tag :rtype: string @@ -270,7 +275,7 @@ The following functions are available: :param string $name: Field name :param array $options: An associative array of options to be listed :param array $selected: List of fields to mark with the *selected* attribute - :param string $extra: Extra attributes to be added to the tag *as is* + :param mixed $extra: Extra attributes to be added to the tag *as is* either as array or string :returns: An HTML dropdown select field tag :rtype: string @@ -324,6 +329,11 @@ The following functions are available: $js = 'id="shirts" onChange="some_function();"'; echo form_dropdown('shirts', $options, 'large', $js); + Or you can pass it as an array:: + + $js = array('id' => "shirts", 'onChange' => "some_function();"); + echo form_dropdown('shirts', $options, 'large', $js); + If the array passed as ``$options`` is a multidimensional array, then ``form_dropdown()`` will produce an with the array key as the label. @@ -334,7 +344,7 @@ The following functions are available: :param string $name: Field name :param array $options: An associative array of options to be listed :param array $selected: List of fields to mark with the *selected* attribute - :param string $extra: Extra attributes to be added to the tag *as is* + :param mixed $extra: Extra attributes to be added to the tag *as is* either as array or string :returns: An HTML dropdown multiselect field tag :rtype: string @@ -417,7 +427,7 @@ The following functions are available: :param array $data: Field attributes data :param string $value: Field value :param bool $checked: Whether to mark the checkbox as being *checked* - :param string $extra: Extra attributes to be added to the tag *as is* + :param mixed $extra: Extra attributes to be added to the tag *as is* either as array or string :returns: An HTML checkbox input tag :rtype: string @@ -450,13 +460,18 @@ The following functions are available: $js = 'onClick="some_function()"'; echo form_checkbox('newsletter', 'accept', TRUE, $js) + Or you can pass it as an array:: + + $js = array('onClick' => "some_function()"); + echo form_checkbox('newsletter', 'accept', TRUE, $js) + .. php:function:: form_radio([$data = ''[, $value = ''[, $checked = FALSE[, $extra = '']]]]) :param array $data: Field attributes data :param string $value: Field value :param bool $checked: Whether to mark the radio button as being *checked* - :param string $extra: Extra attributes to be added to the tag *as is* + :param mixed $extra: Extra attributes to be added to the tag *as is* either as array or string :returns: An HTML radio input tag :rtype: string @@ -495,7 +510,7 @@ The following functions are available: :param string $data: Button name :param string $value: Button value - :param string $extra: Extra attributes to be added to the tag *as is* + :param mixed $extra: Extra attributes to be added to the tag *as is* either as array or string :returns: An HTML input submit tag :rtype: string @@ -513,7 +528,7 @@ The following functions are available: :param string $data: Button name :param string $value: Button value - :param string $extra: Extra attributes to be added to the tag *as is* + :param mixed $extra: Extra attributes to be added to the tag *as is* either as array or string :returns: An HTML input reset button tag :rtype: string @@ -525,7 +540,7 @@ The following functions are available: :param string $data: Button name :param string $content: Button label - :param string $extra: Extra attributes to be added to the tag *as is* + :param mixed $extra: Extra attributes to be added to the tag *as is* either as array or string :returns: An HTML button tag :rtype: string -- cgit v1.2.3-24-g4f1b From a0f1872e4978304a3b096ce90ee539c5e481b4f2 Mon Sep 17 00:00:00 2001 From: Tim Nolte Date: Fri, 5 Jun 2015 13:40:18 -0400 Subject: Updated the MySQLi driver to provide support for SSL connections as well as additional database connection options. Uses the DB_driver class encrypt option as the flag for turning on encryption. Also added SSL connection validation with error logging in order to provide users a way to know if they are actually connecting via SSL. Signed-off-by: Tim Nolte --- system/database/drivers/mysqli/mysqli_driver.php | 92 +++++++++++++++++++++++- 1 file changed, 90 insertions(+), 2 deletions(-) diff --git a/system/database/drivers/mysqli/mysqli_driver.php b/system/database/drivers/mysqli/mysqli_driver.php index e953db052..dd4a9c460 100644 --- a/system/database/drivers/mysqli/mysqli_driver.php +++ b/system/database/drivers/mysqli/mysqli_driver.php @@ -59,6 +59,21 @@ class CI_DB_mysqli_driver extends CI_DB { */ public $dbdriver = 'mysqli'; + /** + * Database options list + * + * Used to set various database options and values. + * + * @example http://php.net/manual/en/mysqli.options.php Allows to set options not built-in/handled by CI. + * + * + * array( MYSQLI_OPT_SSL_VERIFY_SERVER_CERT => true ); + * + * + * @var array + */ + public $db_options = array(); + /** * Compression flag * @@ -86,6 +101,41 @@ class CI_DB_mysqli_driver extends CI_DB { */ public $stricton = FALSE; + /** + * @see http://php.net/manual/en/mysqli.ssl-set.php Documentation for MySQLi + * + * @var string + */ + public $ssl_key = ''; + + /** + * @see http://php.net/manual/en/mysqli.ssl-set.php Documentation for MySQLi + * + * @var string + */ + public $ssl_cert = ''; + + /** + * @see http://php.net/manual/en/mysqli.ssl-set.php Documentation for MySQLi + * + * @var string + */ + public $ssl_ca = ''; + + /** + * @see http://php.net/manual/en/mysqli.ssl-set.php Documentation for MySQLi + * + * @var string + */ + public $ssl_capath = ''; + + /** + * @see http://php.net/manual/en/mysqli.ssl-set.php Documentation for MySQLi + * + * @var string + */ + public $ssl_cipher = ''; + // -------------------------------------------------------------------- /** @@ -132,8 +182,46 @@ class CI_DB_mysqli_driver extends CI_DB { $mysqli->options(MYSQLI_INIT_COMMAND, 'SET SESSION sql_mode="STRICT_ALL_TABLES"'); } - return $mysqli->real_connect($hostname, $this->username, $this->password, $this->database, $port, $socket, $client_flags) - ? $mysqli : FALSE; + foreach ($this->db_options AS $key => $value) + { + $mysqli->options($key, $value); + } + + if ($this->encrypt === TRUE) + { + $mysqli->ssl_set($this->ssl_key, $this->ssl_cert, $this->ssl_ca, $this->ssl_capath, $this->ssl_cipher); + $client_flags |= MYSQLI_CLIENT_SSL; + } + + $connected = @$mysqli->real_connect($hostname, $this->username, $this->password, $this->database, $port, $socket, $client_flags); + + if ($connected) + { + // If SSL was requested we want to do some checking and log an error if an SSL connection wasn't established. + if ($this->encrypt === TRUE) + { + $res = $mysqli->query("SHOW STATUS LIKE 'ssl_cipher';"); + $ssl_status = $res->fetch_row(); + + if ($ssl_status[1] == '') + { + log_message('error', + "Problem With MySQLi SSL: An SSL connection was requested but the resulting connection is not using SSL!"); + } + } + + return $mysqli; + } + else + { + if ($mysqli->connect_errno) + { + log_message('error', + 'msqli connect failed, error: ' . mysqli_connect_error() . " | " . $mysqli->connect_error . " | " . $mysqli->connect_errno); + } + } + + return FALSE; } // -------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From c09ab9d2b31a6c1d60a8db3970dd56feceee9415 Mon Sep 17 00:00:00 2001 From: Tim Nolte Date: Mon, 8 Jun 2015 10:40:26 -0400 Subject: Fixed missing MySQLi driver parameter DOCBLOCK descriptions. Updated database configuration documentation to include a list of the new MySQLi driver parameters. Signed-off-by: Tim Nolte --- system/database/drivers/mysqli/mysqli_driver.php | 10 ++++++++++ user_guide_src/source/database/configuration.rst | 9 ++++++++- 2 files changed, 18 insertions(+), 1 deletion(-) diff --git a/system/database/drivers/mysqli/mysqli_driver.php b/system/database/drivers/mysqli/mysqli_driver.php index dd4a9c460..26b2a8a09 100644 --- a/system/database/drivers/mysqli/mysqli_driver.php +++ b/system/database/drivers/mysqli/mysqli_driver.php @@ -102,6 +102,8 @@ class CI_DB_mysqli_driver extends CI_DB { public $stricton = FALSE; /** + * The path name to the key file. + * * @see http://php.net/manual/en/mysqli.ssl-set.php Documentation for MySQLi * * @var string @@ -109,6 +111,8 @@ class CI_DB_mysqli_driver extends CI_DB { public $ssl_key = ''; /** + * The path name to the certificate file. + * * @see http://php.net/manual/en/mysqli.ssl-set.php Documentation for MySQLi * * @var string @@ -116,6 +120,8 @@ class CI_DB_mysqli_driver extends CI_DB { public $ssl_cert = ''; /** + * The path name to the certificate authority file. + * * @see http://php.net/manual/en/mysqli.ssl-set.php Documentation for MySQLi * * @var string @@ -123,6 +129,8 @@ class CI_DB_mysqli_driver extends CI_DB { public $ssl_ca = ''; /** + * The pathname to a directory that contains trusted SSL CA certificates in PEM format. + * * @see http://php.net/manual/en/mysqli.ssl-set.php Documentation for MySQLi * * @var string @@ -130,6 +138,8 @@ class CI_DB_mysqli_driver extends CI_DB { public $ssl_capath = ''; /** + * A list of allowable ciphers to use for SSL encryption. + * * @see http://php.net/manual/en/mysqli.ssl-set.php Documentation for MySQLi * * @var string diff --git a/user_guide_src/source/database/configuration.rst b/user_guide_src/source/database/configuration.rst index d21c79e44..1d10bc1a6 100644 --- a/user_guide_src/source/database/configuration.rst +++ b/user_guide_src/source/database/configuration.rst @@ -186,10 +186,17 @@ Explanation of Values: :: $db['default']['port'] = 5432; + +**db_options** Used to set various database connections options and values. (MySQLi only) +**ssl_key** The path name to the key file. (MySQLi only) +**ssl_cert** The path name to the certificate file. (MySQLi only) +**ssl_ca** The path name to the certificate authority file. (MySQLi only) +**ssl_capath** The pathname to a directory that contains trusted SSL CA certificates in PEM format. (MySQLi only) +**ssl_cipher** A list of allowable ciphers to use for SSL encryption. (MySQLi only) ====================== ================================================================================================== .. note:: Depending on what database platform you are using (MySQL, PostgreSQL, etc.) not all values will be needed. For example, when using SQLite you will not need to supply a username or password, and the database name will be the path to your database file. The information above assumes - you are using MySQL. \ No newline at end of file + you are using MySQL. -- cgit v1.2.3-24-g4f1b From 2ac4177b4b6afc63d594523416c3991d23dddf20 Mon Sep 17 00:00:00 2001 From: Tim Nolte Date: Mon, 8 Jun 2015 11:02:56 -0400 Subject: Added new MySQLi parameters/info to default database config file. Fixed missing new MySQLi parameters from database configuration documentation examples. Signed-off-by: Tim Nolte --- application/config/database.php | 12 ++++++++++ user_guide_src/source/database/configuration.rst | 28 ++++++++++++++++++++++-- 2 files changed, 38 insertions(+), 2 deletions(-) diff --git a/application/config/database.php b/application/config/database.php index 925b3e504..36ae83dda 100644 --- a/application/config/database.php +++ b/application/config/database.php @@ -43,6 +43,12 @@ defined('BASEPATH') OR exit('No direct script access allowed'); | ['compress'] Whether or not to use client compression (MySQL only) | ['stricton'] TRUE/FALSE - forces 'Strict Mode' connections | - good for ensuring strict SQL while developing +| ['db_options'] Used to set various database connections options and values. (MySQLi only) +| ['ssl_key'] The path name to the key file. (MySQLi only) +| ['ssl_cert'] The path name to the certificate file. (MySQLi only) +| ['ssl_ca'] The path name to the certificate authority file. (MySQLi only) +| ['ssl_capath'] The pathname to a directory that contains trusted SSL CA certificates in PEM format. (MySQLi only) +| ['ssl_cipher'] A list of allowable ciphers to use for SSL encryption. (MySQLi only) | ['failover'] array - A array with 0 or more data for connections if the main should fail. | ['save_queries'] TRUE/FALSE - Whether to "save" all executed queries. | NOTE: Disabling this will also effectively disable both @@ -80,6 +86,12 @@ $db['default'] = array( 'encrypt' => FALSE, 'compress' => FALSE, 'stricton' => FALSE, + 'db_options' => array(), + 'ssl_key' => '', + 'ssl_cert' => '', + 'ssl_ca' => '', + 'ssl_capath' => '', + 'ssl_cipher' => '', 'failover' => array(), 'save_queries' => TRUE ); diff --git a/user_guide_src/source/database/configuration.rst b/user_guide_src/source/database/configuration.rst index 1d10bc1a6..510037dba 100644 --- a/user_guide_src/source/database/configuration.rst +++ b/user_guide_src/source/database/configuration.rst @@ -30,6 +30,12 @@ prototype:: 'encrypt' => FALSE, 'compress' => FALSE, 'stricton' => FALSE, + 'db_options' => array(), + 'ssl_key' => '', + 'ssl_cert' => '', + 'ssl_ca' => '', + 'ssl_capath' => '', + 'ssl_cipher' => '', 'failover' => array() ); @@ -71,7 +77,13 @@ These failovers can be specified by setting the failover for a connection like t 'swap_pre' => '', 'encrypt' => FALSE, 'compress' => FALSE, - 'stricton' => FALSE + 'stricton' => FALSE, + 'db_options' => array(), + 'ssl_key' => '', + 'ssl_cert' => '', + 'ssl_ca' => '', + 'ssl_capath' => '', + 'ssl_cipher' => '' ), array( 'hostname' => 'localhost2', @@ -89,7 +101,13 @@ These failovers can be specified by setting the failover for a connection like t 'swap_pre' => '', 'encrypt' => FALSE, 'compress' => FALSE, - 'stricton' => FALSE + 'stricton' => FALSE, + 'db_options' => array(), + 'ssl_key' => '', + 'ssl_cert' => '', + 'ssl_ca' => '', + 'ssl_capath' => '', + 'ssl_cipher' => '' ) ); @@ -120,6 +138,12 @@ example, to set up a "test" environment you would do this:: 'compress' => FALSE, 'encrypt' => FALSE, 'stricton' => FALSE, + 'db_options' => array(), + 'ssl_key' => '', + 'ssl_cert' => '', + 'ssl_ca' => '', + 'ssl_capath' => '', + 'ssl_cipher' => '', 'failover' => array() ); -- cgit v1.2.3-24-g4f1b From 0c75c8219e42cf629036f73944901bd9f1f286bf Mon Sep 17 00:00:00 2001 From: Adam Jackett Date: Wed, 17 Jun 2015 10:42:23 -0400 Subject: removed unnecessary change to form_radio, updated docs and added changelog entry --- system/helpers/form_helper.php | 2 -- user_guide_src/source/changelog.rst | 12 +++++++++--- user_guide_src/source/helpers/form_helper.rst | 22 +++++++++++----------- 3 files changed, 20 insertions(+), 16 deletions(-) diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index c77069c55..f8c6a9dde 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -483,8 +483,6 @@ if ( ! function_exists('form_radio')) is_array($data) OR $data = array('name' => $data); $data['type'] = 'radio'; - $extra = _attributes_to_string($extra); - return form_checkbox($data, $value, $checked, $extra); } } diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index 5c2c4d944..ee1e36521 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -8,13 +8,19 @@ Version 3.0.1 Release Date: Not Released - Core - + - Added DoS mitigation to :php:func:`hash_pbkdf2()` :doc:`compatibility function `. -- Database - +- Database + - Added ``list_fields()`` support for SQLite ('sqlite3' and 'pdo_sqlite' drivers). +- Helpers + + - :doc:`Form Helper ` changes include: + + - Made all form helpers consistent by allowing an array to be passed for extra attributes. + Bug fixes for 3.0.1 ------------------- diff --git a/user_guide_src/source/helpers/form_helper.rst b/user_guide_src/source/helpers/form_helper.rst index 781e81f96..1c55f5692 100644 --- a/user_guide_src/source/helpers/form_helper.rst +++ b/user_guide_src/source/helpers/form_helper.rst @@ -191,7 +191,7 @@ The following functions are available: :param array $data: Field attributes data :param string $value: Field value - :param mixed $extra: Extra attributes to be added to the tag *as is* either as array or string + :param mixed $extra: Extra attributes to be added to the tag either as array or string :returns: An HTML text input field tag :rtype: string @@ -235,7 +235,7 @@ The following functions are available: :param array $data: Field attributes data :param string $value: Field value - :param mixed $extra: Extra attributes to be added to the tag *as is* either as array or string + :param mixed $extra: Extra attributes to be added to the tag either as array or string :returns: An HTML password input field tag :rtype: string @@ -247,7 +247,7 @@ The following functions are available: :param array $data: Field attributes data :param string $value: Field value - :param mixed $extra: Extra attributes to be added to the tag *as is* either as array or string + :param mixed $extra: Extra attributes to be added to the tag either as array or string :returns: An HTML file upload input field tag :rtype: string @@ -260,7 +260,7 @@ The following functions are available: :param array $data: Field attributes data :param string $value: Field value - :param mixed $extra: Extra attributes to be added to the tag *as is* either as array or string + :param mixed $extra: Extra attributes to be added to the tag either as array or string :returns: An HTML textarea tag :rtype: string @@ -275,7 +275,7 @@ The following functions are available: :param string $name: Field name :param array $options: An associative array of options to be listed :param array $selected: List of fields to mark with the *selected* attribute - :param mixed $extra: Extra attributes to be added to the tag *as is* either as array or string + :param mixed $extra: Extra attributes to be added to the tag either as array or string :returns: An HTML dropdown select field tag :rtype: string @@ -344,7 +344,7 @@ The following functions are available: :param string $name: Field name :param array $options: An associative array of options to be listed :param array $selected: List of fields to mark with the *selected* attribute - :param mixed $extra: Extra attributes to be added to the tag *as is* either as array or string + :param mixed $extra: Extra attributes to be added to the tag either as array or string :returns: An HTML dropdown multiselect field tag :rtype: string @@ -427,7 +427,7 @@ The following functions are available: :param array $data: Field attributes data :param string $value: Field value :param bool $checked: Whether to mark the checkbox as being *checked* - :param mixed $extra: Extra attributes to be added to the tag *as is* either as array or string + :param mixed $extra: Extra attributes to be added to the tag either as array or string :returns: An HTML checkbox input tag :rtype: string @@ -471,7 +471,7 @@ The following functions are available: :param array $data: Field attributes data :param string $value: Field value :param bool $checked: Whether to mark the radio button as being *checked* - :param mixed $extra: Extra attributes to be added to the tag *as is* either as array or string + :param mixed $extra: Extra attributes to be added to the tag either as array or string :returns: An HTML radio input tag :rtype: string @@ -510,7 +510,7 @@ The following functions are available: :param string $data: Button name :param string $value: Button value - :param mixed $extra: Extra attributes to be added to the tag *as is* either as array or string + :param mixed $extra: Extra attributes to be added to the tag either as array or string :returns: An HTML input submit tag :rtype: string @@ -528,7 +528,7 @@ The following functions are available: :param string $data: Button name :param string $value: Button value - :param mixed $extra: Extra attributes to be added to the tag *as is* either as array or string + :param mixed $extra: Extra attributes to be added to the tag either as array or string :returns: An HTML input reset button tag :rtype: string @@ -540,7 +540,7 @@ The following functions are available: :param string $data: Button name :param string $content: Button label - :param mixed $extra: Extra attributes to be added to the tag *as is* either as array or string + :param mixed $extra: Extra attributes to be added to the tag either as array or string :returns: An HTML button tag :rtype: string -- cgit v1.2.3-24-g4f1b From ced557b99cec159a3ad36e497819b8da7f70cd1e Mon Sep 17 00:00:00 2001 From: Tim Nolte Date: Thu, 18 Jun 2015 15:28:43 -0400 Subject: Removed db_options configuration item for implementation later. Changed 5 new MySQLi SSL configuration options to a single ssl_options config item that is an array that will be read to set the individual SSL options. Signed-off-by: Tim Nolte --- application/config/database.php | 7 +-- system/database/drivers/mysqli/mysqli_driver.php | 76 +++++------------------- user_guide_src/source/database/configuration.rst | 35 ++--------- 3 files changed, 22 insertions(+), 96 deletions(-) diff --git a/application/config/database.php b/application/config/database.php index 26353cfb2..7baab3fd5 100644 --- a/application/config/database.php +++ b/application/config/database.php @@ -86,12 +86,7 @@ $db['default'] = array( 'encrypt' => FALSE, 'compress' => FALSE, 'stricton' => FALSE, - 'db_options' => array(), - 'ssl_key' => '', - 'ssl_cert' => '', - 'ssl_ca' => '', - 'ssl_capath' => '', - 'ssl_cipher' => '', + 'ssl_options' => array(), 'failover' => array(), 'save_queries' => TRUE ); diff --git a/system/database/drivers/mysqli/mysqli_driver.php b/system/database/drivers/mysqli/mysqli_driver.php index 26b2a8a09..61a37bd03 100644 --- a/system/database/drivers/mysqli/mysqli_driver.php +++ b/system/database/drivers/mysqli/mysqli_driver.php @@ -59,21 +59,6 @@ class CI_DB_mysqli_driver extends CI_DB { */ public $dbdriver = 'mysqli'; - /** - * Database options list - * - * Used to set various database options and values. - * - * @example http://php.net/manual/en/mysqli.options.php Allows to set options not built-in/handled by CI. - * - * - * array( MYSQLI_OPT_SSL_VERIFY_SERVER_CERT => true ); - * - * - * @var array - */ - public $db_options = array(); - /** * Compression flag * @@ -102,49 +87,19 @@ class CI_DB_mysqli_driver extends CI_DB { public $stricton = FALSE; /** - * The path name to the key file. + * Used to set various SSL options that can be used when making SSL connections. * * @see http://php.net/manual/en/mysqli.ssl-set.php Documentation for MySQLi * - * @var string - */ - public $ssl_key = ''; - - /** - * The path name to the certificate file. - * - * @see http://php.net/manual/en/mysqli.ssl-set.php Documentation for MySQLi - * - * @var string - */ - public $ssl_cert = ''; - - /** - * The path name to the certificate authority file. - * - * @see http://php.net/manual/en/mysqli.ssl-set.php Documentation for MySQLi - * - * @var string - */ - public $ssl_ca = ''; - - /** - * The pathname to a directory that contains trusted SSL CA certificates in PEM format. - * - * @see http://php.net/manual/en/mysqli.ssl-set.php Documentation for MySQLi - * - * @var string - */ - public $ssl_capath = ''; - - /** - * A list of allowable ciphers to use for SSL encryption. - * - * @see http://php.net/manual/en/mysqli.ssl-set.php Documentation for MySQLi - * - * @var string + * @var array */ - public $ssl_cipher = ''; + public $ssl_options = array( + "ssl_key" => '', // The path name to the key file. + "ssl_cert" => '', // The path name to the certificate file. + "ssl_ca" => '', // The path name to the certificate authority file. + "ssl_capath" => '', // The pathname to a directory that contains trusted SSL CA certificates in PEM format. + "ssl_cipher" => '' // A list of allowable ciphers to use for SSL encryption. + ); // -------------------------------------------------------------------- @@ -192,14 +147,15 @@ class CI_DB_mysqli_driver extends CI_DB { $mysqli->options(MYSQLI_INIT_COMMAND, 'SET SESSION sql_mode="STRICT_ALL_TABLES"'); } - foreach ($this->db_options AS $key => $value) - { - $mysqli->options($key, $value); - } - if ($this->encrypt === TRUE) { - $mysqli->ssl_set($this->ssl_key, $this->ssl_cert, $this->ssl_ca, $this->ssl_capath, $this->ssl_cipher); + $ssl_key = array_key_exists('ssl_key', $this->ssl_options) ? $this->ssl_options['ssl_key'] : ''; + $ssl_cert = array_key_exists('ssl_cert', $this->ssl_options) ? $this->ssl_options['ssl_cert'] : ''; + $ssl_ca = array_key_exists('ssl_ca', $this->ssl_options) ? $this->ssl_options['ssl_ca'] : ''; + $ssl_capath = array_key_exists('ssl_capath', $this->ssl_options) ? $this->ssl_options['ssl_capath'] : ''; + $ssl_cipher = array_key_exists('ssl_cipher', $this->ssl_options) ? $this->ssl_options['ssl_cipher'] : ''; + + $mysqli->ssl_set($ssl_key, $ssl_cert, $ssl_ca, $ssl_capath, $ssl_cipher); $client_flags |= MYSQLI_CLIENT_SSL; } diff --git a/user_guide_src/source/database/configuration.rst b/user_guide_src/source/database/configuration.rst index 510037dba..6f1726ef6 100644 --- a/user_guide_src/source/database/configuration.rst +++ b/user_guide_src/source/database/configuration.rst @@ -30,12 +30,7 @@ prototype:: 'encrypt' => FALSE, 'compress' => FALSE, 'stricton' => FALSE, - 'db_options' => array(), - 'ssl_key' => '', - 'ssl_cert' => '', - 'ssl_ca' => '', - 'ssl_capath' => '', - 'ssl_cipher' => '', + 'ssl_options' => array(), 'failover' => array() ); @@ -78,12 +73,7 @@ These failovers can be specified by setting the failover for a connection like t 'encrypt' => FALSE, 'compress' => FALSE, 'stricton' => FALSE, - 'db_options' => array(), - 'ssl_key' => '', - 'ssl_cert' => '', - 'ssl_ca' => '', - 'ssl_capath' => '', - 'ssl_cipher' => '' + 'ssl_options' => array() ), array( 'hostname' => 'localhost2', @@ -102,12 +92,7 @@ These failovers can be specified by setting the failover for a connection like t 'encrypt' => FALSE, 'compress' => FALSE, 'stricton' => FALSE, - 'db_options' => array(), - 'ssl_key' => '', - 'ssl_cert' => '', - 'ssl_ca' => '', - 'ssl_capath' => '', - 'ssl_cipher' => '' + 'ssl_options' => array() ) ); @@ -138,12 +123,7 @@ example, to set up a "test" environment you would do this:: 'compress' => FALSE, 'encrypt' => FALSE, 'stricton' => FALSE, - 'db_options' => array(), - 'ssl_key' => '', - 'ssl_cert' => '', - 'ssl_ca' => '', - 'ssl_capath' => '', - 'ssl_cipher' => '', + 'ssl_options' => array(), 'failover' => array() ); @@ -211,12 +191,7 @@ Explanation of Values: $db['default']['port'] = 5432; -**db_options** Used to set various database connections options and values. (MySQLi only) -**ssl_key** The path name to the key file. (MySQLi only) -**ssl_cert** The path name to the certificate file. (MySQLi only) -**ssl_ca** The path name to the certificate authority file. (MySQLi only) -**ssl_capath** The pathname to a directory that contains trusted SSL CA certificates in PEM format. (MySQLi only) -**ssl_cipher** A list of allowable ciphers to use for SSL encryption. (MySQLi only) +**ssl_options** Used to set various SSL connection options and values. ====================== ================================================================================================== .. note:: Depending on what database platform you are using (MySQL, PostgreSQL, -- cgit v1.2.3-24-g4f1b From 52ec8252a0cf1c57022fabe7a6d1abd0824f1d90 Mon Sep 17 00:00:00 2001 From: Tim Nolte Date: Thu, 18 Jun 2015 15:33:00 -0400 Subject: Fixed a cleanup miss in the default database config file to follow the recent SSL feature changes. Signed-off-by: Tim Nolte --- application/config/database.php | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/application/config/database.php b/application/config/database.php index 7baab3fd5..20e66eab2 100644 --- a/application/config/database.php +++ b/application/config/database.php @@ -43,12 +43,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); | ['compress'] Whether or not to use client compression (MySQL only) | ['stricton'] TRUE/FALSE - forces 'Strict Mode' connections | - good for ensuring strict SQL while developing -| ['db_options'] Used to set various database connections options and values. (MySQLi only) -| ['ssl_key'] The path name to the key file. (MySQLi only) -| ['ssl_cert'] The path name to the certificate file. (MySQLi only) -| ['ssl_ca'] The path name to the certificate authority file. (MySQLi only) -| ['ssl_capath'] The pathname to a directory that contains trusted SSL CA certificates in PEM format. (MySQLi only) -| ['ssl_cipher'] A list of allowable ciphers to use for SSL encryption. (MySQLi only) +| ['ssl_options'] Used to set various SSL options that can be used when making SSL connections. | ['failover'] array - A array with 0 or more data for connections if the main should fail. | ['save_queries'] TRUE/FALSE - Whether to "save" all executed queries. | NOTE: Disabling this will also effectively disable both -- cgit v1.2.3-24-g4f1b From 69befa92007cfa1c089e6b4478409809ea52faca Mon Sep 17 00:00:00 2001 From: ftwbzhao Date: Sat, 4 Jul 2015 17:42:31 +0800 Subject: fix SQlite3 list_fields --- system/database/drivers/sqlite3/sqlite3_driver.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/system/database/drivers/sqlite3/sqlite3_driver.php b/system/database/drivers/sqlite3/sqlite3_driver.php index a7c6420bb..31e37de91 100644 --- a/system/database/drivers/sqlite3/sqlite3_driver.php +++ b/system/database/drivers/sqlite3/sqlite3_driver.php @@ -266,7 +266,7 @@ class CI_DB_sqlite3_driver extends CI_DB { } $this->data_cache['field_names'][$table] = array(); - foreach ($result as $row) + foreach ($result->result_array() as $row) { $this->data_cache['field_names'][$table][] = $row['name']; } -- cgit v1.2.3-24-g4f1b From 59a253d0776275994af0fda9ad729abb8607b4d5 Mon Sep 17 00:00:00 2001 From: ftwbzhao Date: Sat, 4 Jul 2015 17:55:38 +0800 Subject: add changelog --- user_guide_src/source/changelog.rst | 1 + 1 file changed, 1 insertion(+) diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index edbcf2f6a..1fe6e9e09 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -46,6 +46,7 @@ Bug fixes for 3.0.1 - Fixed a bug (#3913) - :doc:`Cache Library ` didn't work with the direct ``$this->cache->$driver_name->method()`` syntax with Redis and Memcache(d). - Fixed a bug (#3932) - :doc:`Query Builder ` didn't properly compile WHERE and HAVING conditions for field names that end with "and", "or". - Fixed a bug in :doc:`Query Builder ` where ``delete()`` didn't properly work on multiple tables with a WHERE condition previously set via ``where()``. +- Fixed a bug (#3952) - ``list_fields()`` didn't work properly with the SQlite ('sqlite3' driver). Version 3.0.0 ============= -- cgit v1.2.3-24-g4f1b From 820f06f63de3da890a87a88161daea0fd1be8caa Mon Sep 17 00:00:00 2001 From: ftwbzhao Date: Sun, 5 Jul 2015 21:25:32 +0800 Subject: fix pdo/sqlite & update changelog --- system/database/drivers/pdo/subdrivers/pdo_sqlite_driver.php | 2 +- user_guide_src/source/changelog.rst | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/system/database/drivers/pdo/subdrivers/pdo_sqlite_driver.php b/system/database/drivers/pdo/subdrivers/pdo_sqlite_driver.php index d5ca741fd..409e6501b 100644 --- a/system/database/drivers/pdo/subdrivers/pdo_sqlite_driver.php +++ b/system/database/drivers/pdo/subdrivers/pdo_sqlite_driver.php @@ -140,7 +140,7 @@ class CI_DB_pdo_sqlite_driver extends CI_DB_pdo_driver { } $this->data_cache['field_names'][$table] = array(); - foreach ($result as $row) + foreach ($result->result_array() as $row) { $this->data_cache['field_names'][$table][] = $row['name']; } diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index 1fe6e9e09..3cd24c450 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -46,7 +46,7 @@ Bug fixes for 3.0.1 - Fixed a bug (#3913) - :doc:`Cache Library ` didn't work with the direct ``$this->cache->$driver_name->method()`` syntax with Redis and Memcache(d). - Fixed a bug (#3932) - :doc:`Query Builder ` didn't properly compile WHERE and HAVING conditions for field names that end with "and", "or". - Fixed a bug in :doc:`Query Builder ` where ``delete()`` didn't properly work on multiple tables with a WHERE condition previously set via ``where()``. -- Fixed a bug (#3952) - ``list_fields()`` didn't work properly with the SQlite ('sqlite3' driver). +- Fixed a bug (#3952) - :doc:`Database ` method ``list_fields()`` didn't work with SQLite3. Version 3.0.0 ============= -- cgit v1.2.3-24-g4f1b From 63b0c26d9d7e6b064145f629ecae5bda5f43fec6 Mon Sep 17 00:00:00 2001 From: ftwbzhao Date: Sun, 5 Jul 2015 22:07:58 +0800 Subject: supported key_prefix on `increment` and `decrement` --- system/libraries/Cache/Cache.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/system/libraries/Cache/Cache.php b/system/libraries/Cache/Cache.php index 06403b6e9..0c87a5628 100644 --- a/system/libraries/Cache/Cache.php +++ b/system/libraries/Cache/Cache.php @@ -178,7 +178,7 @@ class CI_Cache extends CI_Driver_Library { */ public function increment($id, $offset = 1) { - return $this->{$this->_adapter}->increment($id, $offset); + return $this->{$this->_adapter}->increment($this->key_prefix.$id, $offset); } // ------------------------------------------------------------------------ @@ -192,7 +192,7 @@ class CI_Cache extends CI_Driver_Library { */ public function decrement($id, $offset = 1) { - return $this->{$this->_adapter}->decrement($id, $offset); + return $this->{$this->_adapter}->decrement($this->key_prefix.$id, $offset); } // ------------------------------------------------------------------------ -- cgit v1.2.3-24-g4f1b From a5ea5066e4463a3857d6add2c5e2bc6833d1cbc0 Mon Sep 17 00:00:00 2001 From: ftwbzhao Date: Mon, 6 Jul 2015 13:18:11 +0800 Subject: Added "is_resource" into the list of unit tests capable of being run. --- system/libraries/Unit_test.php | 2 +- user_guide_src/source/libraries/unit_testing.rst | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/system/libraries/Unit_test.php b/system/libraries/Unit_test.php index 7b744adc6..60b046ba0 100644 --- a/system/libraries/Unit_test.php +++ b/system/libraries/Unit_test.php @@ -152,7 +152,7 @@ class CI_Unit_test { return FALSE; } - if (in_array($expected, array('is_object', 'is_string', 'is_bool', 'is_true', 'is_false', 'is_int', 'is_numeric', 'is_float', 'is_double', 'is_array', 'is_null'), TRUE)) + if (in_array($expected, array('is_object', 'is_string', 'is_bool', 'is_true', 'is_false', 'is_int', 'is_numeric', 'is_float', 'is_double', 'is_array', 'is_null', 'is_resource'), TRUE)) { $expected = str_replace('is_double', 'is_float', $expected); $result = $expected($test); diff --git a/user_guide_src/source/libraries/unit_testing.rst b/user_guide_src/source/libraries/unit_testing.rst index 026781cb7..57934cba3 100644 --- a/user_guide_src/source/libraries/unit_testing.rst +++ b/user_guide_src/source/libraries/unit_testing.rst @@ -76,6 +76,7 @@ result. Here is a list of allowed comparison types: - is_double - is_array - is_null +- is_resource Generating Reports ================== -- cgit v1.2.3-24-g4f1b From 15c42483c744da24525ae87be4654483657cb2ed Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 6 Jul 2015 11:19:30 +0300 Subject: [ci skip] Add missing changelog entries for PRs #3955, #3957 --- user_guide_src/source/changelog.rst | 3 +++ 1 file changed, 3 insertions(+) diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index edbcf2f6a..432d65e00 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -23,6 +23,8 @@ Release Date: Not Released - Errors "no_file_selected", "file_partial", "stopped_by_extension", "no_file_types", "invalid_filetype", "bad_filename" are now logged at the 'debug' level. - Errors "file_exceeds_limit", "file_exceeds_form_limit", "invalid_filesize", "invalid_dimensions" are now logged at the 'info' level. + - Added 'is_resource' to the available expectations in :doc:`Unit Testing Library `. + Bug fixes for 3.0.1 ------------------- @@ -46,6 +48,7 @@ Bug fixes for 3.0.1 - Fixed a bug (#3913) - :doc:`Cache Library ` didn't work with the direct ``$this->cache->$driver_name->method()`` syntax with Redis and Memcache(d). - Fixed a bug (#3932) - :doc:`Query Builder ` didn't properly compile WHERE and HAVING conditions for field names that end with "and", "or". - Fixed a bug in :doc:`Query Builder ` where ``delete()`` didn't properly work on multiple tables with a WHERE condition previously set via ``where()``. +- Fixed a bug (#3955) - :doc:`Cache Library ` methods ``increment()`` and ``decrement()`` ignored the 'key_prefix' setting. Version 3.0.0 ============= -- cgit v1.2.3-24-g4f1b From c79a62c5c43c75a3dbc0af77433694340b235047 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 6 Jul 2015 11:21:20 +0300 Subject: [ci skip] Update config/migration.php comments Close #3951 --- application/config/migration.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/application/config/migration.php b/application/config/migration.php index 083bf287c..4b585a65c 100644 --- a/application/config/migration.php +++ b/application/config/migration.php @@ -21,12 +21,12 @@ $config['migration_enabled'] = FALSE; | Migration file names may be based on a sequential identifier or on | a timestamp. Options are: | -| 'sequential' = Default migration naming (001_add_blog.php) +| 'sequential' = Sequential migration naming (001_add_blog.php) | 'timestamp' = Timestamp migration naming (20121031104401_add_blog.php) | Use timestamp format YYYYMMDDHHIISS. | -| If this configuration value is missing the Migration library defaults -| to 'sequential' for backward compatibility. +| Note: If this configuration value is missing the Migration library +| defaults to 'sequential' for backward compatibility with CI2. | */ $config['migration_type'] = 'timestamp'; -- cgit v1.2.3-24-g4f1b From bf0488b59daaa9a77a72289b00a5ee807d907286 Mon Sep 17 00:00:00 2001 From: ftwbzhao Date: Mon, 6 Jul 2015 17:48:08 +0800 Subject: fix typo in router class --- system/core/Router.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/system/core/Router.php b/system/core/Router.php index f91d3f6ec..051000533 100644 --- a/system/core/Router.php +++ b/system/core/Router.php @@ -105,7 +105,7 @@ class CI_Router { /** * Enable query strings flag * - * Determines wether to use GET parameters or segment URIs + * Determines whether to use GET parameters or segment URIs * * @var bool */ -- cgit v1.2.3-24-g4f1b From 7018d892512af76043c5843f663da76a7ed08cb7 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 8 Jul 2015 17:57:52 +0300 Subject: Fix #3963 --- system/libraries/Unit_test.php | 8 +++++--- user_guide_src/source/changelog.rst | 1 + 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/system/libraries/Unit_test.php b/system/libraries/Unit_test.php index 60b046ba0..158f841ed 100644 --- a/system/libraries/Unit_test.php +++ b/system/libraries/Unit_test.php @@ -291,10 +291,12 @@ class CI_Unit_test { { continue; } - - if (FALSE !== ($line = $CI->lang->line(strtolower('ut_'.$val), FALSE))) + elseif (in_array($key, array('test_name', 'test_datatype', 'test_res_datatype', 'result'), TRUE)) { - $val = $line; + if (FALSE !== ($line = $CI->lang->line(strtolower('ut_'.$val), FALSE))) + { + $val = $line; + } } $temp[$CI->lang->line('ut_'.$key, FALSE)] = $val; diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index 92d8bb164..63080a684 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -50,6 +50,7 @@ Bug fixes for 3.0.1 - Fixed a bug in :doc:`Query Builder ` where ``delete()`` didn't properly work on multiple tables with a WHERE condition previously set via ``where()``. - Fixed a bug (#3952) - :doc:`Database ` method ``list_fields()`` didn't work with SQLite3. - Fixed a bug (#3955) - :doc:`Cache Library ` methods ``increment()`` and ``decrement()`` ignored the 'key_prefix' setting. +- Fixed a bug (#3963) - :doc:`Unit Testing Library ` wrongly tried to translate filenames, line numbers and notes values in test results. Version 3.0.0 ============= -- cgit v1.2.3-24-g4f1b From a45e37e235da97f539548b457ef4ae46d55ce77e Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 8 Jul 2015 17:58:21 +0300 Subject: [ci skip] Cleanup some whitespace in CI_Unit_test --- system/libraries/Unit_test.php | 46 +++++++++++++++++++++--------------------- 1 file changed, 23 insertions(+), 23 deletions(-) diff --git a/system/libraries/Unit_test.php b/system/libraries/Unit_test.php index 158f841ed..3f986f3e8 100644 --- a/system/libraries/Unit_test.php +++ b/system/libraries/Unit_test.php @@ -55,14 +55,14 @@ class CI_Unit_test { * * @var bool */ - public $active = TRUE; + public $active = TRUE; /** * Test results * * @var array */ - public $results = array(); + public $results = array(); /** * Strict comparison flag @@ -71,21 +71,21 @@ class CI_Unit_test { * * @var bool */ - public $strict = FALSE; + public $strict = FALSE; /** * Template * * @var string */ - protected $_template = NULL; + protected $_template = NULL; /** * Template rows * * @var string */ - protected $_template_rows = NULL; + protected $_template_rows = NULL; /** * List of visible test items @@ -93,13 +93,13 @@ class CI_Unit_test { * @var array */ protected $_test_items_visible = array( - 'test_name', - 'test_datatype', - 'res_datatype', - 'result', - 'file', - 'line', - 'notes' + 'test_name', + 'test_datatype', + 'res_datatype', + 'result', + 'file', + 'line', + 'notes' ); // -------------------------------------------------------------------- @@ -167,14 +167,14 @@ class CI_Unit_test { $back = $this->_backtrace(); $report = array ( - 'test_name' => $test_name, - 'test_datatype' => gettype($test), - 'res_datatype' => $extype, - 'result' => ($result === TRUE) ? 'passed' : 'failed', - 'file' => $back['file'], - 'line' => $back['line'], - 'notes' => $notes - ); + 'test_name' => $test_name, + 'test_datatype' => gettype($test), + 'res_datatype' => $extype, + 'result' => ($result === TRUE) ? 'passed' : 'failed', + 'file' => $back['file'], + 'line' => $back['line'], + 'notes' => $notes + ); $this->results[] = $report; @@ -336,9 +336,9 @@ class CI_Unit_test { { $back = debug_backtrace(); return array( - 'file' => (isset($back[1]['file']) ? $back[1]['file'] : ''), - 'line' => (isset($back[1]['line']) ? $back[1]['line'] : '') - ); + 'file' => (isset($back[1]['file']) ? $back[1]['file'] : ''), + 'line' => (isset($back[1]['line']) ? $back[1]['line'] : '') + ); } // -------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From 91da5d1cc0f339f94922e48bdcce1bace602713a Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 9 Jul 2015 15:14:35 +0300 Subject: Fix #3965 --- system/libraries/Upload.php | 12 +++--------- user_guide_src/source/changelog.rst | 1 + 2 files changed, 4 insertions(+), 9 deletions(-) diff --git a/system/libraries/Upload.php b/system/libraries/Upload.php index a1bd14930..51232f8a7 100644 --- a/system/libraries/Upload.php +++ b/system/libraries/Upload.php @@ -533,15 +533,9 @@ class CI_Upload { * If it returns false there was a problem. */ $this->orig_name = $this->file_name; - - if ($this->overwrite === FALSE) + if (FALSE === ($this->file_name = $this->set_filename($this->upload_path, $this->file_name))) { - $this->file_name = $this->set_filename($this->upload_path, $this->file_name); - - if ($this->file_name === FALSE) - { - return FALSE; - } + return FALSE; } /* @@ -656,7 +650,7 @@ class CI_Upload { $filename = md5(uniqid(mt_rand())).$this->file_ext; } - if ( ! file_exists($path.$filename)) + if ($this->overwrite === TRUE OR ! file_exists($path.$filename)) { return $filename; } diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index 63080a684..8457d8f65 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -51,6 +51,7 @@ Bug fixes for 3.0.1 - Fixed a bug (#3952) - :doc:`Database ` method ``list_fields()`` didn't work with SQLite3. - Fixed a bug (#3955) - :doc:`Cache Library ` methods ``increment()`` and ``decrement()`` ignored the 'key_prefix' setting. - Fixed a bug (#3963) - :doc:`Unit Testing Library ` wrongly tried to translate filenames, line numbers and notes values in test results. +- Fixed a bug (#3965) - :doc:`File Uploading Library ` ignored the "encrypt_name" setting when "overwrite" is enabled. Version 3.0.0 ============= -- cgit v1.2.3-24-g4f1b From 9bb9d072259fead8e4d9693e9b40efc91d5ad7de Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 10 Jul 2015 12:41:25 +0300 Subject: [ci skip] Clarify comments about libraries/drivers autoloading Close #3964 --- application/config/autoload.php | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/application/config/autoload.php b/application/config/autoload.php index 3f0bd24f2..4bc6bf0ad 100644 --- a/application/config/autoload.php +++ b/application/config/autoload.php @@ -45,8 +45,9 @@ $autoload['packages'] = array(); | ------------------------------------------------------------------- | Auto-load Libraries | ------------------------------------------------------------------- -| These are the classes located in the system/libraries folder -| or in your application/libraries folder. +| These are the classes located in system/libraries/ or your +| application/libraries/ directory, with the addition of the +| 'database' library, which is somewhat of a special case. | | Prototype: | @@ -63,8 +64,9 @@ $autoload['libraries'] = array(); | ------------------------------------------------------------------- | Auto-load Drivers | ------------------------------------------------------------------- -| These classes are located in the system/libraries folder or in your -| application/libraries folder within their own subdirectory. They +| These classes are located in system/libraries/ or in your +| application/libraries/ directory, but are also placed inside their +| own subdirectory and they extend the CI_Driver_Library class. They | offer multiple interchangeable driver options. | | Prototype: -- cgit v1.2.3-24-g4f1b From 00cdb810c54c57f2e07c248b0858b7cfe6d53bfd Mon Sep 17 00:00:00 2001 From: Adrian Voicu Date: Fri, 10 Jul 2015 17:04:00 +0300 Subject: Important note If you pass strings to the add_field() methods you won't be able to follow those by add_key() methods on those fields. --- user_guide_src/source/database/forge.rst | 2 ++ 1 file changed, 2 insertions(+) diff --git a/user_guide_src/source/database/forge.rst b/user_guide_src/source/database/forge.rst index a875f7418..a98cdb012 100644 --- a/user_guide_src/source/database/forge.rst +++ b/user_guide_src/source/database/forge.rst @@ -143,6 +143,8 @@ string into the field definitions with add_field() $this->dbforge->add_field("label varchar(100) NOT NULL DEFAULT 'default label'"); +.. note:: Passing strings as fields won't allow you to follow these calls by a add_key() call. + .. note:: Multiple calls to add_field() are cumulative. Creating an id field -- cgit v1.2.3-24-g4f1b From 32bdf1c1e3c8ec6c0ccf38a947ff01c06eb9152f Mon Sep 17 00:00:00 2001 From: dimonneon Date: Fri, 10 Jul 2015 21:47:04 +0300 Subject: Add unicode support in url_title function --- system/helpers/url_helper.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/system/helpers/url_helper.php b/system/helpers/url_helper.php index 6a033d6ba..41ded94ee 100644 --- a/system/helpers/url_helper.php +++ b/system/helpers/url_helper.php @@ -492,7 +492,7 @@ if ( ! function_exists('url_title')) $trans = array( '&.+?;' => '', - '[^a-z0-9 _-]' => '', + '[^\w\d _-]' => '', '\s+' => $separator, '('.$q_separator.')+' => $separator ); @@ -500,7 +500,7 @@ if ( ! function_exists('url_title')) $str = strip_tags($str); foreach ($trans as $key => $val) { - $str = preg_replace('#'.$key.'#i', $val, $str); + $str = preg_replace('#'.$key.'#ui', $val, $str); } if ($lowercase === TRUE) -- cgit v1.2.3-24-g4f1b From 7013cd2514b98c168f8edb402792b4d55c0323d6 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 13 Jul 2015 11:30:01 +0300 Subject: [ci skip] Update 'ico' entry in config/mimes.php --- application/config/mimes.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/application/config/mimes.php b/application/config/mimes.php index d0e1516ff..1f591ba6b 100644 --- a/application/config/mimes.php +++ b/application/config/mimes.php @@ -154,5 +154,5 @@ return array( 'vcf' => 'text/x-vcard', 'srt' => array('text/srt', 'text/plain'), 'vtt' => array('text/vtt', 'text/plain'), - 'ico' => 'image/x-icon' + 'ico' => array('image/x-icon', 'image/x-ico', 'image/vnd.microsoft.icon') ); -- cgit v1.2.3-24-g4f1b From 1fb0cfee53f4424b5f9ca09f734501a942ece9d5 Mon Sep 17 00:00:00 2001 From: Adrian Voicu Date: Mon, 13 Jul 2015 11:36:15 +0300 Subject: Update forge.rst --- user_guide_src/source/database/forge.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/user_guide_src/source/database/forge.rst b/user_guide_src/source/database/forge.rst index a98cdb012..a8a346eb4 100644 --- a/user_guide_src/source/database/forge.rst +++ b/user_guide_src/source/database/forge.rst @@ -143,7 +143,7 @@ string into the field definitions with add_field() $this->dbforge->add_field("label varchar(100) NOT NULL DEFAULT 'default label'"); -.. note:: Passing strings as fields won't allow you to follow these calls by a add_key() call. +..note:: Passing raw strings as fields cannot be followed by ``add_key()`` calls on those fields. .. note:: Multiple calls to add_field() are cumulative. -- cgit v1.2.3-24-g4f1b From 28c830507780c65c9b79f55e63d1071327c41205 Mon Sep 17 00:00:00 2001 From: dimonneon Date: Mon, 13 Jul 2015 11:54:05 +0300 Subject: Add check for PCRE UTF-8 support --- system/helpers/url_helper.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/system/helpers/url_helper.php b/system/helpers/url_helper.php index 41ded94ee..d65f92f1b 100644 --- a/system/helpers/url_helper.php +++ b/system/helpers/url_helper.php @@ -500,7 +500,7 @@ if ( ! function_exists('url_title')) $str = strip_tags($str); foreach ($trans as $key => $val) { - $str = preg_replace('#'.$key.'#ui', $val, $str); + $str = preg_replace('#'.$key.'#i'.(UTF8_ENABLED ? 'u' : ''), $val, $str); } if ($lowercase === TRUE) -- cgit v1.2.3-24-g4f1b From ff50c54266bbd484dd5fb2887974abb69a141817 Mon Sep 17 00:00:00 2001 From: Adrian Voicu Date: Mon, 13 Jul 2015 11:55:51 +0300 Subject: Update forge.rst --- user_guide_src/source/database/forge.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/user_guide_src/source/database/forge.rst b/user_guide_src/source/database/forge.rst index a8a346eb4..646e3a56e 100644 --- a/user_guide_src/source/database/forge.rst +++ b/user_guide_src/source/database/forge.rst @@ -143,7 +143,7 @@ string into the field definitions with add_field() $this->dbforge->add_field("label varchar(100) NOT NULL DEFAULT 'default label'"); -..note:: Passing raw strings as fields cannot be followed by ``add_key()`` calls on those fields. +.. note:: Passing raw strings as fields cannot be followed by ``add_key()`` calls on those fields. .. note:: Multiple calls to add_field() are cumulative. -- cgit v1.2.3-24-g4f1b From 1dfc20da1d2f30f086f9489393141491ccfeed4c Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 15 Jul 2015 15:30:01 +0300 Subject: [ci skip] Changelog entry for PR #3970 --- user_guide_src/source/changelog.rst | 3 +++ 1 file changed, 3 insertions(+) diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index 8457d8f65..d431d49ca 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -25,6 +25,9 @@ Release Date: Not Released - Added 'is_resource' to the available expectations in :doc:`Unit Testing Library `. +- Helpers + + - Added Unicode support to :doc:`URL Helper ` function :php:func:`url_title()`. Bug fixes for 3.0.1 ------------------- -- cgit v1.2.3-24-g4f1b From 7cc6cea2d421862726081a39e932dbceeefcc775 Mon Sep 17 00:00:00 2001 From: Adrian Voicu Date: Fri, 10 Jul 2015 14:41:25 +0300 Subject: allow add of keys with array This will allow adding multiple keys using array (http://www.codeigniter.com/user_guide/database/forge.html#adding-keys). Only if user wants, he can use the table columns to set a primary key by setting second parameter as TRUE. --- system/database/DB_forge.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/system/database/DB_forge.php b/system/database/DB_forge.php index d99fd0024..865498fb5 100644 --- a/system/database/DB_forge.php +++ b/system/database/DB_forge.php @@ -239,7 +239,7 @@ abstract class CI_DB_forge { */ public function add_key($key, $primary = FALSE) { - if ($primary === TRUE && is_array($key)) + if (is_array($key)) { foreach ($key as $one) { -- cgit v1.2.3-24-g4f1b From 8fda540b0d3098ec882b36d1c2492db0ee5031f0 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 15 Jul 2015 15:48:37 +0300 Subject: [ci skip] Add changelog entry for PR #3968 --- user_guide_src/source/changelog.rst | 1 + 1 file changed, 1 insertion(+) diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index d431d49ca..b7888ca23 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -55,6 +55,7 @@ Bug fixes for 3.0.1 - Fixed a bug (#3955) - :doc:`Cache Library ` methods ``increment()`` and ``decrement()`` ignored the 'key_prefix' setting. - Fixed a bug (#3963) - :doc:`Unit Testing Library ` wrongly tried to translate filenames, line numbers and notes values in test results. - Fixed a bug (#3965) - :doc:`File Uploading Library ` ignored the "encrypt_name" setting when "overwrite" is enabled. +- Fixed a bug (#3968) - :doc:`Database Forge ` method ``add_key()`` didn't treat array inputs as composite keys unless it's a PRIMARY KEY. Version 3.0.0 ============= -- cgit v1.2.3-24-g4f1b From 7881fd17790fd86f658dd4cfcb5b2b5a6351ad00 Mon Sep 17 00:00:00 2001 From: Mohammad Sadegh Dehghan Niri Date: Wed, 15 Jul 2015 17:48:57 +0430 Subject: Fix a Typo --- system/core/Security.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/system/core/Security.php b/system/core/Security.php index 9cef42439..7c5199255 100644 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -275,7 +275,7 @@ class CI_Security { $secure_cookie, config_item('cookie_httponly') ); - log_message('info', 'CRSF cookie sent'); + log_message('info', 'CSRF cookie sent'); return $this; } -- cgit v1.2.3-24-g4f1b From c19f3b2596ae846f5de73f562a0288af8c82855a Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 15 Jul 2015 16:41:06 +0300 Subject: Polish changes from PR #3893 --- system/helpers/form_helper.php | 37 ++++++++++----------------- user_guide_src/source/changelog.rst | 2 +- user_guide_src/source/helpers/form_helper.rst | 31 ++++++++++++---------- 3 files changed, 31 insertions(+), 39 deletions(-) diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index f8c6a9dde..fd807769a 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -208,9 +208,7 @@ if ( ! function_exists('form_input')) 'value' => $value ); - $extra = _attributes_to_string($extra); - - return '\n"; + return '\n"; } } @@ -256,9 +254,7 @@ if ( ! function_exists('form_upload')) is_array($data) OR $data = array('name' => $data); $data['type'] = 'file'; - $extra = _attributes_to_string($extra); - - return '\n"; + return '\n"; } } @@ -292,9 +288,9 @@ if ( ! function_exists('form_textarea')) unset($data['value']); // textareas don't use the value attribute } - $extra = _attributes_to_string($extra); - - return '\n"; + return '\n"; } } @@ -314,8 +310,7 @@ if ( ! function_exists('form_multiselect')) function form_multiselect($name = '', $options = array(), $selected = array(), $extra = '') { $extra = _attributes_to_string($extra); - - if ( ! strpos($extra, 'multiple')) + if (stripos($extra, 'multiple') === FALSE) { $extra .= ' multiple="multiple"'; } @@ -381,7 +376,7 @@ if ( ! function_exists('form_dropdown')) $extra = _attributes_to_string($extra); - $multiple = (count($selected) > 1 && strpos($extra, 'multiple') === FALSE) ? ' multiple="multiple"' : ''; + $multiple = (count($selected) > 1 && stripos($extra, 'multiple') === FALSE) ? ' multiple="multiple"' : ''; $form = '\n"; + return '\n"; } } @@ -507,9 +500,7 @@ if ( ! function_exists('form_submit')) 'value' => $value ); - $extra = _attributes_to_string($extra); - - return '\n"; + return '\n"; } } @@ -533,9 +524,7 @@ if ( ! function_exists('form_reset')) 'value' => $value ); - $extra = _attributes_to_string($extra); - - return '\n"; + return '\n"; } } @@ -564,9 +553,9 @@ if ( ! function_exists('form_button')) unset($data['content']); // content is not an attribute } - $extra = _attributes_to_string($extra); - - return '\n"; + return '\n"; } } diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index 4fe3b94ff..55463edc2 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -8,7 +8,7 @@ Version 3.0.1 Release Date: Not Released - Core - + - Added DoS mitigation to :php:func:`hash_pbkdf2()` :doc:`compatibility function `. - Database diff --git a/user_guide_src/source/helpers/form_helper.rst b/user_guide_src/source/helpers/form_helper.rst index 1c55f5692..6317f08ed 100644 --- a/user_guide_src/source/helpers/form_helper.rst +++ b/user_guide_src/source/helpers/form_helper.rst @@ -191,7 +191,7 @@ The following functions are available: :param array $data: Field attributes data :param string $value: Field value - :param mixed $extra: Extra attributes to be added to the tag either as array or string + :param mixed $extra: Extra attributes to be added to the tag either as an array or a literal string :returns: An HTML text input field tag :rtype: string @@ -228,14 +228,14 @@ The following functions are available: Or you can pass it as an array:: - $js = array('onClick' => "some_function()"); + $js = array('onClick' => 'some_function();'); echo form_input('username', 'johndoe', $js); .. php:function:: form_password([$data = ''[, $value = ''[, $extra = '']]]) :param array $data: Field attributes data :param string $value: Field value - :param mixed $extra: Extra attributes to be added to the tag either as array or string + :param mixed $extra: Extra attributes to be added to the tag either as an array or a literal string :returns: An HTML password input field tag :rtype: string @@ -247,7 +247,7 @@ The following functions are available: :param array $data: Field attributes data :param string $value: Field value - :param mixed $extra: Extra attributes to be added to the tag either as array or string + :param mixed $extra: Extra attributes to be added to the tag either as an array or a literal string :returns: An HTML file upload input field tag :rtype: string @@ -260,7 +260,7 @@ The following functions are available: :param array $data: Field attributes data :param string $value: Field value - :param mixed $extra: Extra attributes to be added to the tag either as array or string + :param mixed $extra: Extra attributes to be added to the tag either as an array or a literal string :returns: An HTML textarea tag :rtype: string @@ -275,7 +275,7 @@ The following functions are available: :param string $name: Field name :param array $options: An associative array of options to be listed :param array $selected: List of fields to mark with the *selected* attribute - :param mixed $extra: Extra attributes to be added to the tag either as array or string + :param mixed $extra: Extra attributes to be added to the tag either as an array or a literal string :returns: An HTML dropdown select field tag :rtype: string @@ -331,7 +331,10 @@ The following functions are available: Or you can pass it as an array:: - $js = array('id' => "shirts", 'onChange' => "some_function();"); + $js = array( + 'id' => 'shirts', + 'onChange' => 'some_function();' + ); echo form_dropdown('shirts', $options, 'large', $js); If the array passed as ``$options`` is a multidimensional array, then @@ -344,7 +347,7 @@ The following functions are available: :param string $name: Field name :param array $options: An associative array of options to be listed :param array $selected: List of fields to mark with the *selected* attribute - :param mixed $extra: Extra attributes to be added to the tag either as array or string + :param mixed $extra: Extra attributes to be added to the tag either as an array or a literal string :returns: An HTML dropdown multiselect field tag :rtype: string @@ -427,7 +430,7 @@ The following functions are available: :param array $data: Field attributes data :param string $value: Field value :param bool $checked: Whether to mark the checkbox as being *checked* - :param mixed $extra: Extra attributes to be added to the tag either as array or string + :param mixed $extra: Extra attributes to be added to the tag either as an array or a literal string :returns: An HTML checkbox input tag :rtype: string @@ -462,7 +465,7 @@ The following functions are available: Or you can pass it as an array:: - $js = array('onClick' => "some_function()"); + $js = array('onClick' => 'some_function();'); echo form_checkbox('newsletter', 'accept', TRUE, $js) @@ -471,7 +474,7 @@ The following functions are available: :param array $data: Field attributes data :param string $value: Field value :param bool $checked: Whether to mark the radio button as being *checked* - :param mixed $extra: Extra attributes to be added to the tag either as array or string + :param mixed $extra: Extra attributes to be added to the tag either as an array or a literal string :returns: An HTML radio input tag :rtype: string @@ -510,7 +513,7 @@ The following functions are available: :param string $data: Button name :param string $value: Button value - :param mixed $extra: Extra attributes to be added to the tag either as array or string + :param mixed $extra: Extra attributes to be added to the tag either as an array or a literal string :returns: An HTML input submit tag :rtype: string @@ -528,7 +531,7 @@ The following functions are available: :param string $data: Button name :param string $value: Button value - :param mixed $extra: Extra attributes to be added to the tag either as array or string + :param mixed $extra: Extra attributes to be added to the tag either as an array or a literal string :returns: An HTML input reset button tag :rtype: string @@ -540,7 +543,7 @@ The following functions are available: :param string $data: Button name :param string $content: Button label - :param mixed $extra: Extra attributes to be added to the tag either as array or string + :param mixed $extra: Extra attributes to be added to the tag either as an array or a literal string :returns: An HTML button tag :rtype: string -- cgit v1.2.3-24-g4f1b From 63c34f2774440c5de77429cb613a4dda268f4dd9 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 15 Jul 2015 17:13:34 +0300 Subject: [ci skip] Add a changelog entry for PR #3715 --- user_guide_src/source/changelog.rst | 1 + 1 file changed, 1 insertion(+) diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index 55463edc2..3a1804835 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -57,6 +57,7 @@ Bug fixes for 3.0.1 - Fixed a bug (#3963) - :doc:`Unit Testing Library ` wrongly tried to translate filenames, line numbers and notes values in test results. - Fixed a bug (#3965) - :doc:`File Uploading Library ` ignored the "encrypt_name" setting when "overwrite" is enabled. - Fixed a bug (#3968) - :doc:`Database Forge ` method ``add_key()`` didn't treat array inputs as composite keys unless it's a PRIMARY KEY. +- Fixed a bug (#3715) - :doc:`Pagination Library ` could generate broken link when a protocol-relative base URL is used. Version 3.0.0 ============= -- cgit v1.2.3-24-g4f1b From 298e0058b9d8e576cb7f017ade57c794060c3e98 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 15 Jul 2015 17:17:18 +0300 Subject: [ci skip] Revert styleguide violations from PR #3828 --- system/core/Output.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/system/core/Output.php b/system/core/Output.php index 4aed62a86..76c1329d2 100644 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -556,7 +556,7 @@ class CI_Output { .$CI->config->item('index_page') .$CI->uri->uri_string(); - if (($cache_query_string = $CI->config->item('cache_query_string')) && !empty($_SERVER['QUERY_STRING'])) + if (($cache_query_string = $CI->config->item('cache_query_string')) && ! empty($_SERVER['QUERY_STRING'])) { if (is_array($cache_query_string)) { @@ -653,7 +653,7 @@ class CI_Output { // Build the file path. The file name is an MD5 hash of the full URI $uri = $CFG->item('base_url').$CFG->item('index_page').$URI->uri_string; - if (($cache_query_string = $CFG->item('cache_query_string')) && !empty($_SERVER['QUERY_STRING'])) + if (($cache_query_string = $CFG->item('cache_query_string')) && ! empty($_SERVER['QUERY_STRING'])) { if (is_array($cache_query_string)) { @@ -743,7 +743,7 @@ class CI_Output { { $uri = $CI->uri->uri_string(); - if (($cache_query_string = $CI->config->item('cache_query_string')) && !empty($_SERVER['QUERY_STRING'])) + if (($cache_query_string = $CI->config->item('cache_query_string')) && ! empty($_SERVER['QUERY_STRING'])) { if (is_array($cache_query_string)) { -- cgit v1.2.3-24-g4f1b From 4a4cbb376b1d17a9e74edad8f7cb7f27a50c01c7 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 15 Jul 2015 17:39:44 +0300 Subject: [ci skip] Add changelog entries for PR #3828 --- application/config/config.php | 11 +++++++++-- user_guide_src/source/changelog.rst | 5 +++++ 2 files changed, 14 insertions(+), 2 deletions(-) diff --git a/application/config/config.php b/application/config/config.php index 86ca312b7..f4ba70a4e 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -284,8 +284,15 @@ $config['cache_path'] = ''; | Cache Include Query String |-------------------------------------------------------------------------- | -| Set this to TRUE if you want to use different cache files depending on the -| URL query string. Please be aware this might result in numerous cache files. +| Whether to take the URL query string into consideration when generating +| output cache files. Valid options are: +| +| FALSE = Disabled +| TRUE = Enabled, take all query parameters into account. +| Please be aware that this may result in numerous cache +| files generated for the same page over and over again. +| array('q') = Enabled, but only take into account the specified list +| of query parameters. | */ $config['cache_query_string'] = FALSE; diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index 3a1804835..d175f4b90 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -30,6 +30,10 @@ Release Date: Not Released - Added Unicode support to :doc:`URL Helper ` function :php:func:`url_title()`. - Added support for passing the "extra" parameter as an array to all :doc:`Form Helper ` functions that use it. +- Core + + - Added support for defining a list of specific query parameters in ``$config['cache_query_string']`` for the :doc:`Output Library `. + Bug fixes for 3.0.1 ------------------- @@ -58,6 +62,7 @@ Bug fixes for 3.0.1 - Fixed a bug (#3965) - :doc:`File Uploading Library ` ignored the "encrypt_name" setting when "overwrite" is enabled. - Fixed a bug (#3968) - :doc:`Database Forge ` method ``add_key()`` didn't treat array inputs as composite keys unless it's a PRIMARY KEY. - Fixed a bug (#3715) - :doc:`Pagination Library ` could generate broken link when a protocol-relative base URL is used. +- Fixed a bug (#3828) - :doc:`Output Library ` method ``delete_cache()`` couldn't delete index page caches. Version 3.0.0 ============= -- cgit v1.2.3-24-g4f1b From 924ac35f6d5a51ab5a9c0a27fed246a5678c5ea6 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 16 Jul 2015 10:48:42 +0300 Subject: [ci skip] Fix #3869 Close #3978 Close #3979 --- .../source/_themes/sphinx_rtd_theme/static/css/citheme.css | 7 +++++++ user_guide_src/source/_themes/sphinx_rtd_theme/theme.conf | 2 +- 2 files changed, 8 insertions(+), 1 deletion(-) create mode 100644 user_guide_src/source/_themes/sphinx_rtd_theme/static/css/citheme.css diff --git a/user_guide_src/source/_themes/sphinx_rtd_theme/static/css/citheme.css b/user_guide_src/source/_themes/sphinx_rtd_theme/static/css/citheme.css new file mode 100644 index 000000000..10e7d04c6 --- /dev/null +++ b/user_guide_src/source/_themes/sphinx_rtd_theme/static/css/citheme.css @@ -0,0 +1,7 @@ +@import 'theme.css'; + +.highlighted { + padding: 0px !important; + font-weight: inherit !important; + background-color: #f1d40f !important; +} \ No newline at end of file diff --git a/user_guide_src/source/_themes/sphinx_rtd_theme/theme.conf b/user_guide_src/source/_themes/sphinx_rtd_theme/theme.conf index dcfbf8c22..5814ac963 100644 --- a/user_guide_src/source/_themes/sphinx_rtd_theme/theme.conf +++ b/user_guide_src/source/_themes/sphinx_rtd_theme/theme.conf @@ -1,6 +1,6 @@ [theme] inherit = basic -stylesheet = css/theme.css +stylesheet = css/citheme.css [options] typekit_id = hiw1hhg -- cgit v1.2.3-24-g4f1b From 76e643e7e3ebff679407255f66eafae790912f31 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 16 Jul 2015 13:14:49 +0300 Subject: Refactor proposed changes from PR #3896 --- application/config/database.php | 11 +++- system/database/drivers/mysqli/mysqli_driver.php | 72 +++++++++--------------- user_guide_src/source/changelog.rst | 1 + 3 files changed, 39 insertions(+), 45 deletions(-) diff --git a/application/config/database.php b/application/config/database.php index 429b4d48a..656f0c35a 100644 --- a/application/config/database.php +++ b/application/config/database.php @@ -40,6 +40,16 @@ defined('BASEPATH') OR exit('No direct script access allowed'); | Sites using Latin-1 or UTF-8 database character set and collation are unaffected. | ['swap_pre'] A default table prefix that should be swapped with the dbprefix | ['encrypt'] Whether or not to use an encrypted connection. +| +| 'mysql' (deprecated), 'sqlsrv' and 'pdo/sqlsrv' drivers accept TRUE/FALSE +| 'mysqli' driver accepts an array with the following options: +| +| 'ssl_key' - Path to the private key file +| 'ssl_cert' - Path to the public key certificate file +| 'ssl_ca' - Path to the certificate authority file +| 'ssl_capath' - Path to a directory containing trusted CA certificats in PEM format +| 'ssl_cipher' - List of *allowed* ciphers to be used for the encryption +| | ['compress'] Whether or not to use client compression (MySQL only) | ['stricton'] TRUE/FALSE - forces 'Strict Mode' connections | - good for ensuring strict SQL while developing @@ -80,7 +90,6 @@ $db['default'] = array( 'encrypt' => FALSE, 'compress' => FALSE, 'stricton' => FALSE, - 'ssl_options' => array(), 'failover' => array(), 'save_queries' => TRUE ); diff --git a/system/database/drivers/mysqli/mysqli_driver.php b/system/database/drivers/mysqli/mysqli_driver.php index 61a37bd03..82abf4e73 100644 --- a/system/database/drivers/mysqli/mysqli_driver.php +++ b/system/database/drivers/mysqli/mysqli_driver.php @@ -86,21 +86,6 @@ class CI_DB_mysqli_driver extends CI_DB { */ public $stricton = FALSE; - /** - * Used to set various SSL options that can be used when making SSL connections. - * - * @see http://php.net/manual/en/mysqli.ssl-set.php Documentation for MySQLi - * - * @var array - */ - public $ssl_options = array( - "ssl_key" => '', // The path name to the key file. - "ssl_cert" => '', // The path name to the certificate file. - "ssl_ca" => '', // The path name to the certificate authority file. - "ssl_capath" => '', // The pathname to a directory that contains trusted SSL CA certificates in PEM format. - "ssl_cipher" => '' // A list of allowable ciphers to use for SSL encryption. - ); - // -------------------------------------------------------------------- /** @@ -117,7 +102,6 @@ class CI_DB_mysqli_driver extends CI_DB { * * @param bool $persistent * @return object - * @todo SSL support */ public function db_connect($persistent = FALSE) { @@ -147,45 +131,45 @@ class CI_DB_mysqli_driver extends CI_DB { $mysqli->options(MYSQLI_INIT_COMMAND, 'SET SESSION sql_mode="STRICT_ALL_TABLES"'); } - if ($this->encrypt === TRUE) + if (is_array($this->encrypt)) { - $ssl_key = array_key_exists('ssl_key', $this->ssl_options) ? $this->ssl_options['ssl_key'] : ''; - $ssl_cert = array_key_exists('ssl_cert', $this->ssl_options) ? $this->ssl_options['ssl_cert'] : ''; - $ssl_ca = array_key_exists('ssl_ca', $this->ssl_options) ? $this->ssl_options['ssl_ca'] : ''; - $ssl_capath = array_key_exists('ssl_capath', $this->ssl_options) ? $this->ssl_options['ssl_capath'] : ''; - $ssl_cipher = array_key_exists('ssl_cipher', $this->ssl_options) ? $this->ssl_options['ssl_cipher'] : ''; - - $mysqli->ssl_set($ssl_key, $ssl_cert, $ssl_ca, $ssl_capath, $ssl_cipher); - $client_flags |= MYSQLI_CLIENT_SSL; + $ssl = array(); + empty($this->encrypt['ssl_key']) OR $ssl['key'] = $this->encrypt['ssl_key']; + empty($this->encrypt['ssl_cert']) OR $ssl['cert'] = $this->encrypt['ssl_cert']; + empty($this->encrypt['ssl_ca']) OR $ssl['ca'] = $this->encrypt['ssl_ca']; + empty($this->encrypt['ssl_capath']) OR $ssl['capath'] = $this->encrypt['ssl_capath']; + empty($this->encrypt['ssl_cipher']) OR $ssl['cipher'] = $this->encrypt['ssl_cipher']; + + if ( ! empty($ssl)) + { + $client_flags |= MYSQLI_CLIENT_SSL; + $mysqli->ssl_set( + isset($ssl['key']) ? $ssl['key'] : NULL, + isset($ssl['cert']) ? $ssl['cert'] : NULL, + isset($ssl['ca']) ? $ssl['ca'] : NULL, + isset($ssl['capath']) ? $ssl['capath'] : NULL, + isset($ssl['cipher']) ? $ssl['cipher'] : NULL + ); + } } - $connected = @$mysqli->real_connect($hostname, $this->username, $this->password, $this->database, $port, $socket, $client_flags); - - if ($connected) + if ($mysqli->real_connect($hostname, $this->username, $this->password, $this->database, $port, $socket, $client_flags)) { - // If SSL was requested we want to do some checking and log an error if an SSL connection wasn't established. - if ($this->encrypt === TRUE) + // Prior to version 5.7.3, MySQL silently downgrades to an unencrypted connection if SSL setup fails + if (($client_flags & MYSQLI_CLIENT_SSL) && version_compare($mysqli->client_info, '5.7.3', '<=')) { - $res = $mysqli->query("SHOW STATUS LIKE 'ssl_cipher';"); - $ssl_status = $res->fetch_row(); - - if ($ssl_status[1] == '') + $ssl = $mysqli->query("SHOW STATUS LIKE 'ssl_cipher'")->fetch_row(); + if (empty($ssl[1])) { - log_message('error', - "Problem With MySQLi SSL: An SSL connection was requested but the resulting connection is not using SSL!"); + $mysqli->close(); + $message = 'MySQLi was configured for an SSL connection, but got an unencrypted connection instead!'; + log_message('error', $message); + return ($this->db->db_debug) ? $this->db->display_error($message, '', TRUE) : FALSE; } } return $mysqli; } - else - { - if ($mysqli->connect_errno) - { - log_message('error', - 'msqli connect failed, error: ' . mysqli_connect_error() . " | " . $mysqli->connect_error . " | " . $mysqli->connect_errno); - } - } return FALSE; } diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index d175f4b90..da4d8ff9a 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -14,6 +14,7 @@ Release Date: Not Released - Database - Added ``list_fields()`` support for SQLite ('sqlite3' and 'pdo_sqlite' drivers). + - Added support for setting SSL options for the 'mysqli' driver. - Libraries -- cgit v1.2.3-24-g4f1b From 0785e47152dcb3d3a96c04bc9507eff36a1926c1 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 16 Jul 2015 13:41:55 +0300 Subject: [ci skip] Add note about colon-separated ssl_cipher list --- application/config/database.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/application/config/database.php b/application/config/database.php index 656f0c35a..af29acdc7 100644 --- a/application/config/database.php +++ b/application/config/database.php @@ -48,7 +48,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); | 'ssl_cert' - Path to the public key certificate file | 'ssl_ca' - Path to the certificate authority file | 'ssl_capath' - Path to a directory containing trusted CA certificats in PEM format -| 'ssl_cipher' - List of *allowed* ciphers to be used for the encryption +| 'ssl_cipher' - List of *allowed* ciphers to be used for the encryption, separated by colons (':') | | ['compress'] Whether or not to use client compression (MySQL only) | ['stricton'] TRUE/FALSE - forces 'Strict Mode' connections -- cgit v1.2.3-24-g4f1b From 9194b492f900b05acd204cb1b4a524149402be75 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 16 Jul 2015 14:23:51 +0300 Subject: Improve the ssl_cipher check for MySQLi Related: #3896 --- system/database/drivers/mysqli/mysqli_driver.php | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/system/database/drivers/mysqli/mysqli_driver.php b/system/database/drivers/mysqli/mysqli_driver.php index 82abf4e73..8d398c866 100644 --- a/system/database/drivers/mysqli/mysqli_driver.php +++ b/system/database/drivers/mysqli/mysqli_driver.php @@ -156,16 +156,16 @@ class CI_DB_mysqli_driver extends CI_DB { if ($mysqli->real_connect($hostname, $this->username, $this->password, $this->database, $port, $socket, $client_flags)) { // Prior to version 5.7.3, MySQL silently downgrades to an unencrypted connection if SSL setup fails - if (($client_flags & MYSQLI_CLIENT_SSL) && version_compare($mysqli->client_info, '5.7.3', '<=')) + if ( + ($client_flags & MYSQLI_CLIENT_SSL) + && version_compare($mysqli->client_info, '5.7.3', '<=') + && empty($mysqli->query("SHOW STATUS LIKE 'ssl_cipher'")->fetch_object()->Value) + ) { - $ssl = $mysqli->query("SHOW STATUS LIKE 'ssl_cipher'")->fetch_row(); - if (empty($ssl[1])) - { - $mysqli->close(); - $message = 'MySQLi was configured for an SSL connection, but got an unencrypted connection instead!'; - log_message('error', $message); - return ($this->db->db_debug) ? $this->db->display_error($message, '', TRUE) : FALSE; - } + $mysqli->close(); + $message = 'MySQLi was configured for an SSL connection, but got an unencrypted connection instead!'; + log_message('error', $message); + return ($this->db->db_debug) ? $this->db->display_error($message, '', TRUE) : FALSE; } return $mysqli; -- cgit v1.2.3-24-g4f1b From a38b0c45c79f7045d8f322d7727226d3b458956e Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 16 Jul 2015 14:25:25 +0300 Subject: Add SSL support for PDO_MYSQL too Related: #3896 --- application/config/database.php | 2 +- .../drivers/pdo/subdrivers/pdo_mysql_driver.php | 31 ++++++++++++++++++++-- user_guide_src/source/changelog.rst | 2 +- 3 files changed, 31 insertions(+), 4 deletions(-) diff --git a/application/config/database.php b/application/config/database.php index af29acdc7..ea345ee79 100644 --- a/application/config/database.php +++ b/application/config/database.php @@ -42,7 +42,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); | ['encrypt'] Whether or not to use an encrypted connection. | | 'mysql' (deprecated), 'sqlsrv' and 'pdo/sqlsrv' drivers accept TRUE/FALSE -| 'mysqli' driver accepts an array with the following options: +| 'mysqli' and 'pdo/mysql' drivers accept an array with the following options: | | 'ssl_key' - Path to the private key file | 'ssl_cert' - Path to the public key certificate file diff --git a/system/database/drivers/pdo/subdrivers/pdo_mysql_driver.php b/system/database/drivers/pdo/subdrivers/pdo_mysql_driver.php index 206d83595..e9d25cebc 100644 --- a/system/database/drivers/pdo/subdrivers/pdo_mysql_driver.php +++ b/system/database/drivers/pdo/subdrivers/pdo_mysql_driver.php @@ -119,7 +119,6 @@ class CI_DB_pdo_mysql_driver extends CI_DB_pdo_driver { * * @param bool $persistent * @return object - * @todo SSL support */ public function db_connect($persistent = FALSE) { @@ -151,7 +150,35 @@ class CI_DB_pdo_mysql_driver extends CI_DB_pdo_driver { $this->options[PDO::MYSQL_ATTR_COMPRESS] = TRUE; } - return parent::db_connect($persistent); + // SSL support was added to PDO_MYSQL in PHP 5.3.7 + if (is_array($this->encrypt) && is_php('5.3.7')) + { + $ssl = array(); + empty($this->encrypt['ssl_key']) OR $ssl[PDO::MYSQL_ATTR_SSL_KEY] = $this->encrypt['ssl_key']; + empty($this->encrypt['ssl_cert']) OR $ssl[PDO::MYSQL_ATTR_SSL_CERT] = $this->encrypt['ssl_cert']; + empty($this->encrypt['ssl_ca']) OR $ssl[PDO::MYSQL_ATTR_SSL_CA] = $this->encrypt['ssl_ca']; + empty($this->encrypt['ssl_capath']) OR $ssl[PDO::MYSQL_ATTR_SSL_CAPATH] = $this->encrypt['ssl_capath']; + empty($this->encrypt['ssl_cipher']) OR $ssl[PDO::MYSQL_ATTR_SSL_CIPHER] = $this->encrypt['ssl_cipher']; + + // DO NOT use array_merge() here! + // It re-indexes numeric keys and the PDO_MYSQL_ATTR_SSL_* constants are integers. + empty($ssl) OR $this->options += $ssl; + } + + // Prior to version 5.7.3, MySQL silently downgrades to an unencrypted connection if SSL setup fails + if ( + ($pdo = parent::db_connect($persistent)) !== FALSE + && ! empty($ssl) + && version_compare($pdo->getAttribute(PDO::ATTR_CLIENT_VERSION), '5.7.3', '<=') + && empty($pdo->query("SHOW STATUS LIKE 'ssl_cipher'")->fetchObject()->Value) + ) + { + $message = 'PDO_MYSQL was configured for an SSL connection, but got an unencrypted connection instead!'; + log_message('error', $message); + return ($this->db->db_debug) ? $this->db->display_error($message, '', TRUE) : FALSE; + } + + return $pdo; } // -------------------------------------------------------------------- diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index da4d8ff9a..2cb5a6cd4 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -14,7 +14,7 @@ Release Date: Not Released - Database - Added ``list_fields()`` support for SQLite ('sqlite3' and 'pdo_sqlite' drivers). - - Added support for setting SSL options for the 'mysqli' driver. + - Added SSL connection support for the 'mysqli' and 'pdo_mysql' drivers. - Libraries -- cgit v1.2.3-24-g4f1b From cbb70f0244b55935b61c605f3d2171489492c7db Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 16 Jul 2015 14:35:54 +0300 Subject: [ci skip] Update DB configuration docs with new SSL options --- user_guide_src/source/database/configuration.rst | 25 ++++++++++++++---------- 1 file changed, 15 insertions(+), 10 deletions(-) diff --git a/user_guide_src/source/database/configuration.rst b/user_guide_src/source/database/configuration.rst index 6f1726ef6..6a6c84979 100644 --- a/user_guide_src/source/database/configuration.rst +++ b/user_guide_src/source/database/configuration.rst @@ -30,7 +30,6 @@ prototype:: 'encrypt' => FALSE, 'compress' => FALSE, 'stricton' => FALSE, - 'ssl_options' => array(), 'failover' => array() ); @@ -72,8 +71,7 @@ These failovers can be specified by setting the failover for a connection like t 'swap_pre' => '', 'encrypt' => FALSE, 'compress' => FALSE, - 'stricton' => FALSE, - 'ssl_options' => array() + 'stricton' => FALSE ), array( 'hostname' => 'localhost2', @@ -91,8 +89,7 @@ These failovers can be specified by setting the failover for a connection like t 'swap_pre' => '', 'encrypt' => FALSE, 'compress' => FALSE, - 'stricton' => FALSE, - 'ssl_options' => array() + 'stricton' => FALSE ) ); @@ -123,7 +120,6 @@ example, to set up a "test" environment you would do this:: 'compress' => FALSE, 'encrypt' => FALSE, 'stricton' => FALSE, - 'ssl_options' => array(), 'failover' => array() ); @@ -156,9 +152,9 @@ when the database classes are initialized. Explanation of Values: ---------------------- -====================== ================================================================================================== +====================== =========================================================================================================== Name Config Description -====================== ================================================================================================== +====================== =========================================================================================================== **dsn** The DSN connect string (an all-in-one configuration sequence). **hostname** The hostname of your database server. Often this is 'localhost'. **username** The username used to connect to the database. @@ -183,6 +179,16 @@ Explanation of Values: customizable by the end user. **schema** The database schema, defaults to 'public'. Used by PostgreSQL and ODBC drivers. **encrypt** Whether or not to use an encrypted connection. + + - 'mysql' (deprecated), 'sqlsrv' and 'pdo/sqlsrv' drivers accept TRUE/FALSE + - 'mysqli' and 'pdo/mysql' drivers accept an array with the following options: + + - 'ssl_key' - Path to the private key file + - 'ssl_cert' - Path to the public key certificate file + - 'ssl_ca' - Path to the certificate authority file + - 'ssl_capath' - Path to a directory containing trusted CA certificats in PEM format + - 'ssl_cipher' - List of *allowed* ciphers to be used for the encryption, separated by colons (':') + **compress** Whether or not to use client compression (MySQL only). **stricton** TRUE/FALSE (boolean) - Whether to force "Strict Mode" connections, good for ensuring strict SQL while developing an application. @@ -191,8 +197,7 @@ Explanation of Values: $db['default']['port'] = 5432; -**ssl_options** Used to set various SSL connection options and values. -====================== ================================================================================================== +====================== =========================================================================================================== .. note:: Depending on what database platform you are using (MySQL, PostgreSQL, etc.) not all values will be needed. For example, when using SQLite you -- cgit v1.2.3-24-g4f1b From cfc9e77c89ee5377b25e411ef3d8ab43c8900b7e Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 16 Jul 2015 16:17:27 +0300 Subject: Add 'ssl_verify' option for mysqli driver MYSQLI_OPT_SSL_VERIFY_SERVER_CERT is an undocumented option that may not always be available. Reference: http://svn.php.net/viewvc/php/php-src/trunk/ext/mysqli/tests/mysqli_constants.phpt?view=markup&pathrev=302897 --- application/config/database.php | 1 + system/database/drivers/mysqli/mysqli_driver.php | 5 +++++ user_guide_src/source/database/configuration.rst | 1 + 3 files changed, 7 insertions(+) diff --git a/application/config/database.php b/application/config/database.php index ea345ee79..bf9857fff 100644 --- a/application/config/database.php +++ b/application/config/database.php @@ -49,6 +49,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); | 'ssl_ca' - Path to the certificate authority file | 'ssl_capath' - Path to a directory containing trusted CA certificats in PEM format | 'ssl_cipher' - List of *allowed* ciphers to be used for the encryption, separated by colons (':') +| 'ssl_verify' - TRUE/FALSE; Whether verify the server certificate or not ('mysqli' only) | | ['compress'] Whether or not to use client compression (MySQL only) | ['stricton'] TRUE/FALSE - forces 'Strict Mode' connections diff --git a/system/database/drivers/mysqli/mysqli_driver.php b/system/database/drivers/mysqli/mysqli_driver.php index 8d398c866..dd3cc77c6 100644 --- a/system/database/drivers/mysqli/mysqli_driver.php +++ b/system/database/drivers/mysqli/mysqli_driver.php @@ -142,6 +142,11 @@ class CI_DB_mysqli_driver extends CI_DB { if ( ! empty($ssl)) { + if ( ! empty($this->encrypt['ssl_verify']) && defined('MYSQLI_OPT_SSL_VERIFY_SERVER_CERT')) + { + $mysqli->options(MYSQLI_OPT_SSL_VERIFY_SERVER_CERT, TRUE); + } + $client_flags |= MYSQLI_CLIENT_SSL; $mysqli->ssl_set( isset($ssl['key']) ? $ssl['key'] : NULL, diff --git a/user_guide_src/source/database/configuration.rst b/user_guide_src/source/database/configuration.rst index 6a6c84979..8026be63a 100644 --- a/user_guide_src/source/database/configuration.rst +++ b/user_guide_src/source/database/configuration.rst @@ -188,6 +188,7 @@ Explanation of Values: - 'ssl_ca' - Path to the certificate authority file - 'ssl_capath' - Path to a directory containing trusted CA certificats in PEM format - 'ssl_cipher' - List of *allowed* ciphers to be used for the encryption, separated by colons (':') + - 'ssl_verify' - TRUE/FALSE; Whether to verify the server certificate or not ('mysqli' only) **compress** Whether or not to use client compression (MySQL only). **stricton** TRUE/FALSE (boolean) - Whether to force "Strict Mode" connections, good for ensuring strict SQL -- cgit v1.2.3-24-g4f1b From 87ed4023ac153c53ac1e8eab651fa5131df2c61f Mon Sep 17 00:00:00 2001 From: kenjis Date: Fri, 17 Jul 2015 11:29:51 +0900 Subject: Fix sample code --- user_guide_src/source/libraries/output.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/user_guide_src/source/libraries/output.rst b/user_guide_src/source/libraries/output.rst index 4b36d2a03..84529f766 100644 --- a/user_guide_src/source/libraries/output.rst +++ b/user_guide_src/source/libraries/output.rst @@ -160,7 +160,7 @@ Class Reference Permits you to manually set a server status header. Example:: - $this->output->set_status_header('401'); + $this->output->set_status_header(401); // Sets the header as: Unauthorized `See here `_ for a full list of headers. @@ -230,4 +230,4 @@ Class Reference ->_display(); exit; - .. note:: Calling this method manually without aborting script execution will result in duplicated output. \ No newline at end of file + .. note:: Calling this method manually without aborting script execution will result in duplicated output. -- cgit v1.2.3-24-g4f1b From 611e1fda7318ffefe27f4a002de29b9b88b874ba Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 17 Jul 2015 12:24:29 +0300 Subject: [ci skip] Fix a bug reported via PR #3704 --- system/database/drivers/oci8/oci8_driver.php | 43 +++++++++++++--------------- user_guide_src/source/changelog.rst | 1 + 2 files changed, 21 insertions(+), 23 deletions(-) diff --git a/system/database/drivers/oci8/oci8_driver.php b/system/database/drivers/oci8/oci8_driver.php index b5cf26536..3c5777751 100644 --- a/system/database/drivers/oci8/oci8_driver.php +++ b/system/database/drivers/oci8/oci8_driver.php @@ -101,6 +101,14 @@ class CI_DB_oci8_driver extends CI_DB { // -------------------------------------------------------------------- + /** + * Reset $stmt_id flag + * + * Used by stored_procedure() to prevent _execute() from + * re-setting the statement ID. + */ + protected $_reset_stmt_id = TRUE; + /** * List of reserved identifiers * @@ -265,26 +273,13 @@ class CI_DB_oci8_driver extends CI_DB { /* Oracle must parse the query before it is run. All of the actions with * the query are based on the statement id returned by oci_parse(). */ - $this->stmt_id = FALSE; - $this->_set_stmt_id($sql); - oci_set_prefetch($this->stmt_id, 1000); - return oci_execute($this->stmt_id, $this->commit_mode); - } - - // -------------------------------------------------------------------- - - /** - * Generate a statement ID - * - * @param string $sql an SQL query - * @return void - */ - protected function _set_stmt_id($sql) - { - if ( ! is_resource($this->stmt_id)) + if ($this->_reset_stmt_id === TRUE) { $this->stmt_id = oci_parse($this->conn_id, $sql); } + + oci_set_prefetch($this->stmt_id, 1000); + return oci_execute($this->stmt_id, $this->commit_mode); } // -------------------------------------------------------------------- @@ -318,15 +313,15 @@ class CI_DB_oci8_driver extends CI_DB { * type yes the type of the parameter * length yes the max size of the parameter */ - public function stored_procedure($package, $procedure, $params) + public function stored_procedure($package, $procedure, array $params) { - if ($package === '' OR $procedure === '' OR ! is_array($params)) + if ($package === '' OR $procedure === '') { log_message('error', 'Invalid query: '.$package.'.'.$procedure); return ($this->db_debug) ? $this->display_error('db_invalid_query') : FALSE; } - // build the query string + // Build the query string $sql = 'BEGIN '.$package.'.'.$procedure.'('; $have_cursor = FALSE; @@ -341,10 +336,12 @@ class CI_DB_oci8_driver extends CI_DB { } $sql = trim($sql, ',').'); END;'; - $this->stmt_id = FALSE; - $this->_set_stmt_id($sql); + $this->_reset_stmt_id = FALSE; + $this->stmt_id = oci_parse($this->conn_id, $sql); $this->_bind_params($params); - return $this->query($sql, FALSE, $have_cursor); + $result = $this->query($sql, FALSE, $have_cursor); + $this->_reset_stmt_id = TRUE; + return $result; } // -------------------------------------------------------------------- diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index 2cb5a6cd4..f003f5635 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -64,6 +64,7 @@ Bug fixes for 3.0.1 - Fixed a bug (#3968) - :doc:`Database Forge ` method ``add_key()`` didn't treat array inputs as composite keys unless it's a PRIMARY KEY. - Fixed a bug (#3715) - :doc:`Pagination Library ` could generate broken link when a protocol-relative base URL is used. - Fixed a bug (#3828) - :doc:`Output Library ` method ``delete_cache()`` couldn't delete index page caches. +- Fixed a bug (#3704) - :doc:`Database ` method ``stored_procedure()`` in the 'oci8' driver didn't properly bind parameters. Version 3.0.0 ============= -- cgit v1.2.3-24-g4f1b From 15e2df7424c369ec7ff93676a8b01fa199f04a95 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 17 Jul 2015 13:56:49 +0300 Subject: [ci skip] Fix #3778 --- system/helpers/download_helper.php | 21 ++++++--------------- user_guide_src/source/changelog.rst | 1 + 2 files changed, 7 insertions(+), 15 deletions(-) diff --git a/system/helpers/download_helper.php b/system/helpers/download_helper.php index 95c94a1b8..73f6456c4 100644 --- a/system/helpers/download_helper.php +++ b/system/helpers/download_helper.php @@ -69,16 +69,14 @@ if ( ! function_exists('force_download')) } elseif ($data === NULL) { - if (@is_file($filename) && ($filesize = @filesize($filename)) !== FALSE) - { - $filepath = $filename; - $filename = explode('/', str_replace(DIRECTORY_SEPARATOR, '/', $filename)); - $filename = end($filename); - } - else + if ( ! @is_file($filename) OR ($filesize = @filesize($filename)) === FALSE) { return; } + + $filepath = $filename; + $filename = explode('/', str_replace(DIRECTORY_SEPARATOR, '/', $filename)); + $filename = end($filename); } else { @@ -140,14 +138,7 @@ if ( ! function_exists('force_download')) header('Expires: 0'); header('Content-Transfer-Encoding: binary'); header('Content-Length: '.$filesize); - - // Internet Explorer-specific headers - if (isset($_SERVER['HTTP_USER_AGENT']) && strpos($_SERVER['HTTP_USER_AGENT'], 'MSIE') !== FALSE) - { - header('Cache-Control: no-cache, no-store, must-revalidate'); - } - - header('Pragma: no-cache'); + header('Cache-Control: private, no-transform, no-store, must-revalidate'); // If we have raw data - just dump it if ($data !== NULL) diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index f003f5635..f70414c43 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -65,6 +65,7 @@ Bug fixes for 3.0.1 - Fixed a bug (#3715) - :doc:`Pagination Library ` could generate broken link when a protocol-relative base URL is used. - Fixed a bug (#3828) - :doc:`Output Library ` method ``delete_cache()`` couldn't delete index page caches. - Fixed a bug (#3704) - :doc:`Database ` method ``stored_procedure()`` in the 'oci8' driver didn't properly bind parameters. +- Fixed a bug (#3778) - :doc:`Download Helper ` function :php:func:`force_download()` incorrectly sent a *Pragma* response header. Version 3.0.0 ============= -- cgit v1.2.3-24-g4f1b From 2ef5ed458c611331facfeb5abee051f4c0d1b08e Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 17 Jul 2015 14:24:26 +0300 Subject: Fix #3752 --- system/core/Router.php | 43 +++++++++++++++++++------------------ user_guide_src/source/changelog.rst | 1 + 2 files changed, 23 insertions(+), 21 deletions(-) diff --git a/system/core/Router.php b/system/core/Router.php index 051000533..af87a305a 100644 --- a/system/core/Router.php +++ b/system/core/Router.php @@ -83,7 +83,7 @@ class CI_Router { * * @var string */ - public $directory = ''; + public $directory; /** * Default controller (and method if specific) @@ -126,25 +126,16 @@ class CI_Router { $this->uri =& load_class('URI', 'core'); $this->enable_query_strings = ( ! is_cli() && $this->config->item('enable_query_strings') === TRUE); + + // If a directory override is configured, it has to be set before any dynamic routing logic + is_array($routing) && isset($routing['directory']) && $this->set_directory($routing['directory']); $this->_set_routing(); // Set any routing overrides that may exist in the main index file if (is_array($routing)) { - if (isset($routing['directory'])) - { - $this->set_directory($routing['directory']); - } - - if ( ! empty($routing['controller'])) - { - $this->set_class($routing['controller']); - } - - if ( ! empty($routing['function'])) - { - $this->set_method($routing['function']); - } + empty($routing['controller']) OR $this->set_class($routing['controller']); + empty($routing['function']) OR $this->set_method($routing['function']); } log_message('info', 'Router Class Initialized'); @@ -167,12 +158,17 @@ class CI_Router { // If this feature is enabled, we will gather the directory/class/method a little differently if ($this->enable_query_strings) { - $_d = $this->config->item('directory_trigger'); - $_d = isset($_GET[$_d]) ? trim($_GET[$_d], " \t\n\r\0\x0B/") : ''; - if ($_d !== '') + // If the directory is set at this time, it means an override exists, so skip the checks + if ( ! isset($this->directory)) { - $this->uri->filter_uri($_d); - $this->set_directory($_d); + $_d = $this->config->item('directory_trigger'); + $_d = isset($_GET[$_d]) ? trim($_GET[$_d], " \t\n\r\0\x0B/") : ''; + + if ($_d !== '') + { + $this->uri->filter_uri($_d); + $this->set_directory($_d); + } } $_c = trim($this->config->item('controller_trigger')); @@ -333,6 +329,8 @@ class CI_Router { protected function _validate_request($segments) { $c = count($segments); + $directory_override = isset($this->directory); + // Loop through our segments and return as soon as a controller // is found or when such a directory doesn't exist while ($c-- > 0) @@ -340,7 +338,10 @@ class CI_Router { $test = $this->directory .ucfirst($this->translate_uri_dashes === TRUE ? str_replace('-', '_', $segments[0]) : $segments[0]); - if ( ! file_exists(APPPATH.'controllers/'.$test.'.php') && is_dir(APPPATH.'controllers/'.$this->directory.$segments[0])) + if ( ! file_exists(APPPATH.'controllers/'.$test.'.php') + && $directory_override === FALSE + && is_dir(APPPATH.'controllers/'.$this->directory.$segments[0]) + ) { $this->set_directory(array_shift($segments), TRUE); continue; diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index f70414c43..a100f3fbf 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -66,6 +66,7 @@ Bug fixes for 3.0.1 - Fixed a bug (#3828) - :doc:`Output Library ` method ``delete_cache()`` couldn't delete index page caches. - Fixed a bug (#3704) - :doc:`Database ` method ``stored_procedure()`` in the 'oci8' driver didn't properly bind parameters. - Fixed a bug (#3778) - :doc:`Download Helper ` function :php:func:`force_download()` incorrectly sent a *Pragma* response header. +- Fixed a bug (#3752) - ``$routing['directory']`` overrides were not properly handled and always resulted in a 404 "Not Found" error. Version 3.0.0 ============= -- cgit v1.2.3-24-g4f1b From 20473fa9612caaa8eba5acbe81110cf1e5b25970 Mon Sep 17 00:00:00 2001 From: kenjis Date: Sat, 18 Jul 2015 10:45:43 +0900 Subject: Fix errors/cli/error_php.php output Signed-off-by: Kenji Suzuki --- application/views/errors/cli/error_php.php | 24 +++++++++++------------- 1 file changed, 11 insertions(+), 13 deletions(-) diff --git a/application/views/errors/cli/error_php.php b/application/views/errors/cli/error_php.php index fec91e54f..ed181a887 100644 --- a/application/views/errors/cli/error_php.php +++ b/application/views/errors/cli/error_php.php @@ -4,22 +4,20 @@ defined('BASEPATH') OR exit('No direct script access allowed'); A PHP Error was encountered -Severity: -Message: -Filename: +Severity: +Message: +Filename: Line Number: Backtrace: - - + + + File: + Line: + Function: + + - File: - Line: - Function: - - - - - \ No newline at end of file + -- cgit v1.2.3-24-g4f1b From e17dbe6000a7f5ab3efe42c80bee7ca80dcc23c3 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 20 Jul 2015 10:32:36 +0300 Subject: [ci skip] Fix #3985 --- user_guide_src/source/general/environments.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/user_guide_src/source/general/environments.rst b/user_guide_src/source/general/environments.rst index 7f030b6ef..ac6f3235e 100644 --- a/user_guide_src/source/general/environments.rst +++ b/user_guide_src/source/general/environments.rst @@ -49,4 +49,4 @@ Optionally, you can have CodeIgniter load environment-specific configuration files. This may be useful for managing things like differing API keys across multiple environments. This is described in more detail in the environment section of the :doc:`Config Class -<../libraries/config>`_ documentation. \ No newline at end of file +<../libraries/config>` documentation. \ No newline at end of file -- cgit v1.2.3-24-g4f1b From 43afc71b777b00cfc2638add6fa3c47d333c5e04 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 20 Jul 2015 12:32:02 +0300 Subject: Fix an internal bug in QB where() escaping This is not a supported use case, but if QB escaping is force-disabled, string values passed to where() or having() aren't escaped. That's wrong because escape-disabling should only be possible for identifiers and not values. Reported via the forums: http://forum.codeigniter.com/thread-62478.html --- system/database/DB_query_builder.php | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index a8b5b3579..8d21c5a1d 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -657,10 +657,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { if ($v !== NULL) { - if ($escape === TRUE) - { - $v = ' '.$this->escape($v); - } + $v = ' '.$this->escape($v); if ( ! $this->_has_operator($k)) { -- cgit v1.2.3-24-g4f1b From 72774470d435b18fac6cb90bc4e4ff2b9e8684a2 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 20 Jul 2015 12:34:43 +0300 Subject: [ci skip] Add a changelog entry for last commit --- user_guide_src/source/changelog.rst | 1 + 1 file changed, 1 insertion(+) diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index a100f3fbf..16d6db71a 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -67,6 +67,7 @@ Bug fixes for 3.0.1 - Fixed a bug (#3704) - :doc:`Database ` method ``stored_procedure()`` in the 'oci8' driver didn't properly bind parameters. - Fixed a bug (#3778) - :doc:`Download Helper ` function :php:func:`force_download()` incorrectly sent a *Pragma* response header. - Fixed a bug (#3752) - ``$routing['directory']`` overrides were not properly handled and always resulted in a 404 "Not Found" error. +- Fixed an internal bug in :doc:`Query Builder ` escaping logic where if field name escaping is force-disabled, methods ``where()`` and ``having()`` will also treat values as fields. Version 3.0.0 ============= -- cgit v1.2.3-24-g4f1b From 11fdc643f5125ed1e2bb0009e423332c717f707a Mon Sep 17 00:00:00 2001 From: kenjis Date: Mon, 20 Jul 2015 20:34:39 +0900 Subject: Fix indentation Signed-off-by: Kenji Suzuki --- application/views/errors/cli/error_php.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/application/views/errors/cli/error_php.php b/application/views/errors/cli/error_php.php index ed181a887..d977f8464 100644 --- a/application/views/errors/cli/error_php.php +++ b/application/views/errors/cli/error_php.php @@ -12,12 +12,12 @@ Line Number: Backtrace: - - + + File: Line: Function: - - + + -- cgit v1.2.3-24-g4f1b From 58f7cc999223e2094b3990dd7aa349761fd04009 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 20 Jul 2015 14:44:40 +0300 Subject: [ci skip] Apply changes from PR #3983 to error_exception.php --- application/views/errors/cli/error_exception.php | 30 ++++++++++-------------- application/views/errors/cli/error_php.php | 4 +--- 2 files changed, 14 insertions(+), 20 deletions(-) diff --git a/application/views/errors/cli/error_exception.php b/application/views/errors/cli/error_exception.php index 75d7f0fad..0203cf467 100644 --- a/application/views/errors/cli/error_exception.php +++ b/application/views/errors/cli/error_exception.php @@ -1,25 +1,21 @@ - + An uncaught Exception was encountered -Type: -Message: -Filename: getFile(); ?> -Line Number: getLine(); ?> +Type: +Message: +Filename: getFile(), "\n"; ?> +Line Number: getLine(), "\n"; ?> Backtrace: - getTrace() as $error): ?> - +getTrace() as $error): ?> + + File: + Line: + Function: + + - File: - Line: - Function: - - - - - \ No newline at end of file + diff --git a/application/views/errors/cli/error_php.php b/application/views/errors/cli/error_php.php index d977f8464..0ea9109fa 100644 --- a/application/views/errors/cli/error_php.php +++ b/application/views/errors/cli/error_php.php @@ -1,6 +1,4 @@ - + A PHP Error was encountered -- cgit v1.2.3-24-g4f1b From ca71ba489133c5386e93c75aaa65722fbd90a131 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 20 Jul 2015 14:51:43 +0300 Subject: [ci skip] Add upgrade instructions for 3.0.1 --- user_guide_src/source/installation/upgrade_301.rst | 19 +++++++++++++++++++ user_guide_src/source/installation/upgrading.rst | 3 ++- 2 files changed, 21 insertions(+), 1 deletion(-) create mode 100644 user_guide_src/source/installation/upgrade_301.rst diff --git a/user_guide_src/source/installation/upgrade_301.rst b/user_guide_src/source/installation/upgrade_301.rst new file mode 100644 index 000000000..f38d34008 --- /dev/null +++ b/user_guide_src/source/installation/upgrade_301.rst @@ -0,0 +1,19 @@ +############################# +Upgrading from 3.0.0 to 3.0.1 +############################# + +Before performing an update you should take your site offline by +replacing the index.php file with a static one. + +Step 1: Update your CodeIgniter files +===================================== + +Replace all files and directories in your *system/* directory. + +.. note:: If you have any custom developed files in these directories, + please make copies of them first. + +Step 2: Update your CLI error templates +======================================= + +Replace all files under your *application/errors/cli/* directory. \ No newline at end of file diff --git a/user_guide_src/source/installation/upgrading.rst b/user_guide_src/source/installation/upgrading.rst index 89e90e714..30382aea2 100644 --- a/user_guide_src/source/installation/upgrading.rst +++ b/user_guide_src/source/installation/upgrading.rst @@ -8,7 +8,8 @@ upgrading from. .. toctree:: :titlesonly: - Upgrading from 2.2.x to 3.0.0 + Upgrading from 3.0.0 to 3.0.1 + Upgrading from 2.2.x to 3.0.x Upgrading from 2.2.0 to 2.2.1 Upgrading from 2.1.4 to 2.2.0 Upgrading from 2.1.3 to 2.1.4 -- cgit v1.2.3-24-g4f1b From 2b655187e6cb3d872eafbb8feb8382f3f9252dbc Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 20 Jul 2015 14:52:04 +0300 Subject: [ci skip] Fix a docs compile warning --- user_guide_src/source/changelog.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index 16d6db71a..69fe08943 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -64,7 +64,7 @@ Bug fixes for 3.0.1 - Fixed a bug (#3968) - :doc:`Database Forge ` method ``add_key()`` didn't treat array inputs as composite keys unless it's a PRIMARY KEY. - Fixed a bug (#3715) - :doc:`Pagination Library ` could generate broken link when a protocol-relative base URL is used. - Fixed a bug (#3828) - :doc:`Output Library ` method ``delete_cache()`` couldn't delete index page caches. -- Fixed a bug (#3704) - :doc:`Database ` method ``stored_procedure()`` in the 'oci8' driver didn't properly bind parameters. +- Fixed a bug (#3704) - :doc:`Database ` method ``stored_procedure()`` in the 'oci8' driver didn't properly bind parameters. - Fixed a bug (#3778) - :doc:`Download Helper ` function :php:func:`force_download()` incorrectly sent a *Pragma* response header. - Fixed a bug (#3752) - ``$routing['directory']`` overrides were not properly handled and always resulted in a 404 "Not Found" error. - Fixed an internal bug in :doc:`Query Builder ` escaping logic where if field name escaping is force-disabled, methods ``where()`` and ``having()`` will also treat values as fields. -- cgit v1.2.3-24-g4f1b From e4e8f5daf15440ade1a80efc09af3cabe2cd1386 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 20 Jul 2015 15:28:26 +0300 Subject: [ci skip] Update user-guide with info about 2.2.2, 2.2.3 --- user_guide_src/source/changelog.rst | 24 ++++++++++++++++++++++ user_guide_src/source/installation/downloads.rst | 5 ++++- user_guide_src/source/installation/upgrade_220.rst | 2 +- user_guide_src/source/installation/upgrade_222.rst | 14 +++++++++++++ user_guide_src/source/installation/upgrade_223.rst | 14 +++++++++++++ user_guide_src/source/installation/upgrading.rst | 4 +++- 6 files changed, 60 insertions(+), 3 deletions(-) create mode 100644 user_guide_src/source/installation/upgrade_222.rst create mode 100644 user_guide_src/source/installation/upgrade_223.rst diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index 69fe08943..85bf80097 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -841,6 +841,30 @@ Bug fixes for 3.0 - Fixed a bug (#3573) - :doc:`Email Library ` violated `RFC5321 `_ by sending 'localhost.localdomain' as a hostname. - Fixed a bug (#3572) - ``CI_Security::_remove_evil_attributes()`` failed for large-sized inputs due to *pcre.backtrack_limit* and didn't properly match HTML tags. +Version 2.2.3 +============= + +Release Date: July 14, 2015 + +- Security + + - Removed a fallback to ``mysql_escape_string()`` in the 'mysql' database driver (``escape_str()`` method) when there's no active database connection. + +Version 2.2.2 +============= + +Release Date: April 15, 2015 + +- General Changes + + - Added HTTP "Host" header character validation to prevent cache poisoning attacks when *base_url* auto-detection is used. + - Added *FSCommand* and *seekSegmentTime* to the "evil attributes" list in ``CI_Security::xss_clean()``. + +Bug fixes for 2.2.2 +------------------- + +- Fixed a bug (#3665) - ``CI_Security::entity_decode()`` triggered warnings under some circumstances. + Version 2.2.1 ============= diff --git a/user_guide_src/source/installation/downloads.rst b/user_guide_src/source/installation/downloads.rst index e2b6a9c18..16c8e537a 100644 --- a/user_guide_src/source/installation/downloads.rst +++ b/user_guide_src/source/installation/downloads.rst @@ -2,7 +2,10 @@ Downloading CodeIgniter ####################### -- `CodeIgniter v3.0.0 (Current version) `_ +- `CodeIgniter v3.0.1-dev (Current version) `_ +- `CodeIgniter v3.0.0 `_ +- `CodeIgniter v2.2.3 `_ +- `CodeIgniter v2.2.2 `_ - `CodeIgniter v2.2.1 `_ - `CodeIgniter v2.2.0 `_ - `CodeIgniter v2.1.4 `_ diff --git a/user_guide_src/source/installation/upgrade_220.rst b/user_guide_src/source/installation/upgrade_220.rst index b2e943223..91f9e00cd 100644 --- a/user_guide_src/source/installation/upgrade_220.rst +++ b/user_guide_src/source/installation/upgrade_220.rst @@ -1,5 +1,5 @@ ############################# -Upgrading from 2.1.4 to 2.2.0 +Upgrading from 2.1.4 to 2.2.x ############################# .. note:: The :doc:`Encrypt Class ` now requires the diff --git a/user_guide_src/source/installation/upgrade_222.rst b/user_guide_src/source/installation/upgrade_222.rst new file mode 100644 index 000000000..9dcc61d0e --- /dev/null +++ b/user_guide_src/source/installation/upgrade_222.rst @@ -0,0 +1,14 @@ +############################# +Upgrading from 2.2.1 to 2.2.2 +############################# + +Before performing an update you should take your site offline by +replacing the index.php file with a static one. + +Step 1: Update your CodeIgniter files +===================================== + +Replace all files and directories in your "system" folder. + +.. note:: If you have any custom developed files in these folders please + make copies of them first. \ No newline at end of file diff --git a/user_guide_src/source/installation/upgrade_223.rst b/user_guide_src/source/installation/upgrade_223.rst new file mode 100644 index 000000000..252318ae1 --- /dev/null +++ b/user_guide_src/source/installation/upgrade_223.rst @@ -0,0 +1,14 @@ +############################# +Upgrading from 2.2.2 to 2.2.3 +############################# + +Before performing an update you should take your site offline by +replacing the index.php file with a static one. + +Step 1: Update your CodeIgniter files +===================================== + +Replace all files and directories in your "system" folder. + +.. note:: If you have any custom developed files in these folders please + make copies of them first. \ No newline at end of file diff --git a/user_guide_src/source/installation/upgrading.rst b/user_guide_src/source/installation/upgrading.rst index 30382aea2..e0f0dd5b7 100644 --- a/user_guide_src/source/installation/upgrading.rst +++ b/user_guide_src/source/installation/upgrading.rst @@ -10,8 +10,10 @@ upgrading from. Upgrading from 3.0.0 to 3.0.1 Upgrading from 2.2.x to 3.0.x + Upgrading from 2.2.2 to 2.2.3 + Upgrading from 2.2.1 to 2.2.2 Upgrading from 2.2.0 to 2.2.1 - Upgrading from 2.1.4 to 2.2.0 + Upgrading from 2.1.4 to 2.2.x Upgrading from 2.1.3 to 2.1.4 Upgrading from 2.1.2 to 2.1.3 Upgrading from 2.1.1 to 2.1.2 -- cgit v1.2.3-24-g4f1b From 4b9fec6797db2aea3af8ca4080be73e2ff421080 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 20 Jul 2015 17:26:31 +0300 Subject: Fix #3279 --- system/database/DB_query_builder.php | 8 ++++---- user_guide_src/source/changelog.rst | 1 + 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index 8d21c5a1d..fc2d5901e 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -1733,7 +1733,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { return FALSE; } - $sql = $this->_update($this->protect_identifiers($this->qb_from[0], TRUE, NULL, FALSE), $this->qb_set); + $sql = $this->_update($this->qb_from[0], $this->qb_set); if ($reset === TRUE) { @@ -1781,7 +1781,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { $this->limit($limit); } - $sql = $this->_update($this->protect_identifiers($this->qb_from[0], TRUE, NULL, FALSE), $this->qb_set); + $sql = $this->_update($this->qb_from[0], $this->qb_set); $this->_reset_write(); return $this->query($sql); } @@ -1798,7 +1798,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * @param string the table to update data on * @return bool */ - protected function _validate_update($table = '') + protected function _validate_update($table) { if (count($this->qb_set) === 0) { @@ -1807,7 +1807,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { if ($table !== '') { - $this->qb_from[0] = $table; + $this->qb_from = array($this->protect_identifiers($table, TRUE, NULL, FALSE)); } elseif ( ! isset($this->qb_from[0])) { diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index 85bf80097..22243cf04 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -68,6 +68,7 @@ Bug fixes for 3.0.1 - Fixed a bug (#3778) - :doc:`Download Helper ` function :php:func:`force_download()` incorrectly sent a *Pragma* response header. - Fixed a bug (#3752) - ``$routing['directory']`` overrides were not properly handled and always resulted in a 404 "Not Found" error. - Fixed an internal bug in :doc:`Query Builder ` escaping logic where if field name escaping is force-disabled, methods ``where()`` and ``having()`` will also treat values as fields. +- Fixed a bug (#3279) - :doc:`Query Builder ` methods ``update()`` and ``get_compiled_update()`` did double escaping on the table name if it was provided via ``from()``. Version 3.0.0 ============= -- cgit v1.2.3-24-g4f1b