From 37f4b9caa02783e06dd7c5318200113409a0deb1 Mon Sep 17 00:00:00 2001 From: Derek Jones Date: Fri, 1 Jul 2011 17:56:50 -0500 Subject: backed out 648b42a75739, which was a NON-trivial whitespace commit. It broke the Typography class's string replacements, for instance --- system/core/Input.php | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) (limited to 'system/core/Input.php') diff --git a/system/core/Input.php b/system/core/Input.php index 89eda56b0..dc7612e64 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -1,4 +1,4 @@ -_fetch_from_array($_POST, $index, $xss_clean); } @@ -201,7 +201,7 @@ class CI_Input { * @param mixed * @param string the value of the cookie * @param string the number of seconds until expiration - * @param string the cookie domain. Usually: .yourdomain.com + * @param string the cookie domain. Usually: .yourdomain.com * @param string the cookie path * @param string the cookie prefix * @param bool true makes the cookie secure @@ -402,9 +402,9 @@ class CI_Input { function _sanitize_globals() { // It would be "wrong" to unset any of these GLOBALS. - $protected = array('_SERVER', '_GET', '_POST', '_FILES', '_REQUEST', + $protected = array('_SERVER', '_GET', '_POST', '_FILES', '_REQUEST', '_SESSION', '_ENV', 'GLOBALS', 'HTTP_RAW_POST_DATA', - 'system_folder', 'application_folder', 'BM', 'EXT', + 'system_folder', 'application_folder', 'BM', 'EXT', 'CFG', 'URI', 'RTR', 'OUT', 'IN'); // Unset globals for securiy. @@ -523,7 +523,7 @@ class CI_Input { { $str = $this->uni->clean_string($str); } - + // Remove control characters $str = remove_invisible_characters($str); @@ -579,7 +579,7 @@ class CI_Input { /** * Request Headers * - * In Apache, you can simply call apache_request_headers(), however for + * In Apache, you can simply call apache_request_headers(), however for * people running other webservers the function is undefined. * * @return array @@ -609,10 +609,10 @@ class CI_Input { { $key = str_replace('_', ' ', strtolower($key)); $key = str_replace(' ', '-', ucwords($key)); - + $this->headers[$key] = $val; } - + return $this->headers; } @@ -633,7 +633,7 @@ class CI_Input { { $this->request_headers(); } - + if ( ! isset($this->headers[$index])) { return FALSE; @@ -644,7 +644,7 @@ class CI_Input { return $this->security->xss_clean($this->headers[$index]); } - return $this->headers[$index]; + return $this->headers[$index]; } // -------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From c5dccf70ef6d8420b0b858f36318fc4375b0e25d Mon Sep 17 00:00:00 2001 From: Phil Sturgeon Date: Sat, 13 Aug 2011 11:06:57 -0600 Subject: Get php_sapi_name() == 'cli' involved in the 'is this the command line?' decision. --- system/core/Input.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core/Input.php') diff --git a/system/core/Input.php b/system/core/Input.php index dc7612e64..cfbef942d 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -672,7 +672,7 @@ class CI_Input { */ public function is_cli_request() { - return (bool) defined('STDIN'); + return (php_sapi_name() == 'cli') or defined('STDIN'); } } -- cgit v1.2.3-24-g4f1b From 9b5df59a6be4da0016b738de8c4fcd3a14d43867 Mon Sep 17 00:00:00 2001 From: David Behler Date: Sun, 14 Aug 2011 21:04:17 +0200 Subject: Added some docs to CI core files --- system/core/Input.php | 62 ++++++++++++++++++++++++++++++++++++++++----------- 1 file changed, 49 insertions(+), 13 deletions(-) mode change 100644 => 100755 system/core/Input.php (limited to 'system/core/Input.php') diff --git a/system/core/Input.php b/system/core/Input.php old mode 100644 new mode 100755 index dc7612e64..64d6c3600 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -28,15 +28,51 @@ */ class CI_Input { + /** + * IP address of the current user + * + * @var string + */ var $ip_address = FALSE; + /** + * user agent (web browser) being used by the current user + * + * @var string + */ var $user_agent = FALSE; + /** + * If FALSE, then $_GET will be set to an empty array + * + * @var bool + */ var $_allow_get_array = TRUE; + /** + * If TRUE, then newlines are standardized + * + * @var bool + */ var $_standardize_newlines = TRUE; - var $_enable_xss = FALSE; // Set automatically based on config setting - var $_enable_csrf = FALSE; // Set automatically based on config setting - + /** + * Determines whether the XSS filter is always active when GET, POST or COOKIE data is encountered + * Set automatically based on config setting + * + * @var bool + */ + var $_enable_xss = FALSE; + /** + * Enables a CSRF cookie token to be set. + * Set automatically based on config setting + * + * @var bool + */ + var $_enable_csrf = FALSE; + /** + * List of all HTTP request headers + * + * @var array + */ protected $headers = array(); - + /** * Constructor @@ -147,7 +183,7 @@ class CI_Input { } return $post; } - + return $this->_fetch_from_array($_POST, $index, $xss_clean); } @@ -402,9 +438,9 @@ class CI_Input { function _sanitize_globals() { // It would be "wrong" to unset any of these GLOBALS. - $protected = array('_SERVER', '_GET', '_POST', '_FILES', '_REQUEST', + $protected = array('_SERVER', '_GET', '_POST', '_FILES', '_REQUEST', '_SESSION', '_ENV', 'GLOBALS', 'HTTP_RAW_POST_DATA', - 'system_folder', 'application_folder', 'BM', 'EXT', + 'system_folder', 'application_folder', 'BM', 'EXT', 'CFG', 'URI', 'RTR', 'OUT', 'IN'); // Unset globals for securiy. @@ -523,7 +559,7 @@ class CI_Input { { $str = $this->uni->clean_string($str); } - + // Remove control characters $str = remove_invisible_characters($str); @@ -579,7 +615,7 @@ class CI_Input { /** * Request Headers * - * In Apache, you can simply call apache_request_headers(), however for + * In Apache, you can simply call apache_request_headers(), however for * people running other webservers the function is undefined. * * @return array @@ -609,10 +645,10 @@ class CI_Input { { $key = str_replace('_', ' ', strtolower($key)); $key = str_replace(' ', '-', ucwords($key)); - + $this->headers[$key] = $val; } - + return $this->headers; } @@ -633,7 +669,7 @@ class CI_Input { { $this->request_headers(); } - + if ( ! isset($this->headers[$index])) { return FALSE; @@ -644,7 +680,7 @@ class CI_Input { return $this->security->xss_clean($this->headers[$index]); } - return $this->headers[$index]; + return $this->headers[$index]; } // -------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From cda768a957172d5da7aa7637337405c39e0f774d Mon Sep 17 00:00:00 2001 From: David Behler Date: Sun, 14 Aug 2011 23:52:48 +0200 Subject: Added some docs to CI core files --- system/core/Input.php | 2 ++ 1 file changed, 2 insertions(+) (limited to 'system/core/Input.php') diff --git a/system/core/Input.php b/system/core/Input.php index 64d6c3600..bc202b3fc 100755 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -618,6 +618,8 @@ class CI_Input { * In Apache, you can simply call apache_request_headers(), however for * people running other webservers the function is undefined. * + * @param bool XSS cleaning + * * @return array */ public function request_headers($xss_clean = FALSE) -- cgit v1.2.3-24-g4f1b