From 03edf58ea6c2a1b74f746a7b27b7305a0d33d3d6 Mon Sep 17 00:00:00 2001 From: ziv Date: Fri, 27 Apr 2012 15:09:04 +0800 Subject: Update system/core/Input.php Fix a cookie get back problem. Cookie $index should start with a prefix. --- system/core/Input.php | 1 + 1 file changed, 1 insertion(+) (limited to 'system/core/Input.php') diff --git a/system/core/Input.php b/system/core/Input.php index fc2a550bc..7594a2e45 100755 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -226,6 +226,7 @@ class CI_Input { */ public function cookie($index = '', $xss_clean = FALSE) { + $index = config_item('cookie_prefix').$index; return $this->_fetch_from_array($_COOKIE, $index, $xss_clean); } -- cgit v1.2.3-24-g4f1b From e57411502933afad6fca682efb437db05998e532 Mon Sep 17 00:00:00 2001 From: Phil Sturgeon Date: Mon, 30 Apr 2012 17:57:37 +0200 Subject: Reverted recent commit, cookie_prefix was breaking things. --- system/core/Input.php | 1 - 1 file changed, 1 deletion(-) (limited to 'system/core/Input.php') diff --git a/system/core/Input.php b/system/core/Input.php index 7594a2e45..fc2a550bc 100755 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -226,7 +226,6 @@ class CI_Input { */ public function cookie($index = '', $xss_clean = FALSE) { - $index = config_item('cookie_prefix').$index; return $this->_fetch_from_array($_COOKIE, $index, $xss_clean); } -- cgit v1.2.3-24-g4f1b From 92ebfb65ac044f5c2e6d88fba137253854cf1b94 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 17 May 2012 12:49:24 +0300 Subject: Cleanup the core classes --- system/core/Input.php | 31 +++++++++++++++---------------- 1 file changed, 15 insertions(+), 16 deletions(-) (limited to 'system/core/Input.php') diff --git a/system/core/Input.php b/system/core/Input.php index fc2a550bc..e916ac66d 100755 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -44,28 +44,28 @@ class CI_Input { * @var string */ public $ip_address = FALSE; - + /** * user agent (web browser) being used by the current user * * @var string */ public $user_agent = FALSE; - + /** * If FALSE, then $_GET will be set to an empty array * * @var bool */ protected $_allow_get_array = TRUE; - + /** * If TRUE, then newlines are standardized * * @var bool */ protected $_standardize_newlines = TRUE; - + /** * Determines whether the XSS filter is always active when GET, POST or COOKIE data is encountered * Set automatically based on config setting @@ -73,7 +73,7 @@ class CI_Input { * @var bool */ protected $_enable_xss = FALSE; - + /** * Enables a CSRF cookie token to be set. * Set automatically based on config setting @@ -81,7 +81,7 @@ class CI_Input { * @var bool */ protected $_enable_csrf = FALSE; - + /** * List of all HTTP request headers * @@ -94,6 +94,8 @@ class CI_Input { * * Sets whether to globally enable the XSS processing * and whether to allow the $_GET array + * + * @return void */ public function __construct() { @@ -438,15 +440,7 @@ class CI_Input { // This is effectively the same as register_globals = off foreach (array($_GET, $_POST, $_COOKIE) as $global) { - if ( ! is_array($global)) - { - if ( ! in_array($global, $protected)) - { - global $$global; - $$global = NULL; - } - } - else + if (is_array($global)) { foreach ($global as $key => $val) { @@ -457,6 +451,11 @@ class CI_Input { } } } + elseif ( ! in_array($global, $protected)) + { + global $$global; + $$global = NULL; + } } // Is $_GET data allowed? If not we'll set the $_GET to an empty array @@ -605,7 +604,7 @@ class CI_Input { * In Apache, you can simply call apache_request_headers(), however for * people running other webservers the function is undefined. * - * @param bool XSS cleaning + * @param bool XSS cleaning * @return array */ public function request_headers($xss_clean = FALSE) -- cgit v1.2.3-24-g4f1b From 55a6ddb0c7bab1149bb1ddfa3a1aff46612c91d4 Mon Sep 17 00:00:00 2001 From: Phil Sturgeon Date: Wed, 23 May 2012 18:37:24 +0100 Subject: Input, Session and Cookie get's will return NULL. Read more about this change here: http://codeigniter.com/forums/viewthread/215833 --- system/core/Input.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'system/core/Input.php') diff --git a/system/core/Input.php b/system/core/Input.php index e916ac66d..97be9e690 100755 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -135,7 +135,7 @@ class CI_Input { { if ( ! isset($array[$index])) { - return FALSE; + return NULL; } if ($xss_clean === TRUE) @@ -659,7 +659,7 @@ class CI_Input { if ( ! isset($this->headers[$index])) { - return FALSE; + return NULL; } return ($xss_clean === TRUE) -- cgit v1.2.3-24-g4f1b From ed944a3c70a0bad158cd5a6ca5ce1f2e717aff5d Mon Sep 17 00:00:00 2001 From: Alex Bilbie Date: Sat, 2 Jun 2012 11:07:47 +0100 Subject: Replaced `==` with `===` and `!=` with `!==` in /system/core --- system/core/Input.php | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) (limited to 'system/core/Input.php') diff --git a/system/core/Input.php b/system/core/Input.php index 97be9e690..284b15697 100755 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -263,23 +263,23 @@ class CI_Input { } } - if ($prefix == '' && config_item('cookie_prefix') != '') + if ($prefix === '' && config_item('cookie_prefix') !== '') { $prefix = config_item('cookie_prefix'); } - if ($domain == '' && config_item('cookie_domain') != '') + if ($domain === '' && config_item('cookie_domain') !== '') { $domain = config_item('cookie_domain'); } - if ($path == '/' && config_item('cookie_path') !== '/') + if ($path === '/' && config_item('cookie_path') !== '/') { $path = config_item('cookie_path'); } - if ($secure == FALSE && config_item('cookie_secure') != FALSE) + if ($secure === FALSE && config_item('cookie_secure') !== FALSE) { $secure = config_item('cookie_secure'); } - if ($httponly == FALSE && config_item('cookie_httponly') != FALSE) + if ($httponly === FALSE && config_item('cookie_httponly') !== FALSE) { $httponly = config_item('cookie_httponly'); } @@ -324,7 +324,7 @@ class CI_Input { return $this->ip_address; } - if (config_item('proxy_ips') != '' && $this->server('HTTP_X_FORWARDED_FOR') && $this->server('REMOTE_ADDR')) + if (config_item('proxy_ips') !== '' && $this->server('HTTP_X_FORWARDED_FOR') && $this->server('REMOTE_ADDR')) { $proxies = preg_split('/[\s,]/', config_item('proxy_ips'), -1, PREG_SPLIT_NO_EMPTY); $proxies = is_array($proxies) ? $proxies : array($proxies); @@ -459,7 +459,7 @@ class CI_Input { } // Is $_GET data allowed? If not we'll set the $_GET to an empty array - if ($this->_allow_get_array == FALSE) + if ($this->_allow_get_array === FALSE) { $_GET = array(); } @@ -502,7 +502,7 @@ class CI_Input { $_SERVER['PHP_SELF'] = strip_tags($_SERVER['PHP_SELF']); // CSRF Protection check - if ($this->_enable_csrf == TRUE) + if ($this->_enable_csrf === TRUE) { $this->security->csrf_verify(); } @@ -559,7 +559,7 @@ class CI_Input { } // Standardize newlines if needed - if ($this->_standardize_newlines == TRUE && strpos($str, "\r") !== FALSE) + if ($this->_standardize_newlines === TRUE && strpos($str, "\r") !== FALSE) { return str_replace(array("\r\n", "\r", "\r\n\n"), PHP_EOL, $str); } -- cgit v1.2.3-24-g4f1b From 9ba661b02c492e89028e5c67b7edbfc0efefc9f1 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 4 Jun 2012 14:44:34 +0300 Subject: Revert/optimize some changes from ed944a3c70a0bad158cd5a6ca5ce1f2e717aff5d --- system/core/Input.php | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) (limited to 'system/core/Input.php') diff --git a/system/core/Input.php b/system/core/Input.php index 284b15697..73f46ba6a 100755 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -267,18 +267,22 @@ class CI_Input { { $prefix = config_item('cookie_prefix'); } - if ($domain === '' && config_item('cookie_domain') !== '') + + if ($domain == '' && config_item('cookie_domain') != '') { $domain = config_item('cookie_domain'); } + if ($path === '/' && config_item('cookie_path') !== '/') { $path = config_item('cookie_path'); } + if ($secure === FALSE && config_item('cookie_secure') !== FALSE) { $secure = config_item('cookie_secure'); } + if ($httponly === FALSE && config_item('cookie_httponly') !== FALSE) { $httponly = config_item('cookie_httponly'); @@ -324,7 +328,7 @@ class CI_Input { return $this->ip_address; } - if (config_item('proxy_ips') !== '' && $this->server('HTTP_X_FORWARDED_FOR') && $this->server('REMOTE_ADDR')) + if (config_item('proxy_ips') != '' && $this->server('HTTP_X_FORWARDED_FOR') && $this->server('REMOTE_ADDR')) { $proxies = preg_split('/[\s,]/', config_item('proxy_ips'), -1, PREG_SPLIT_NO_EMPTY); $proxies = is_array($proxies) ? $proxies : array($proxies); -- cgit v1.2.3-24-g4f1b From c28b651b91367e86f1bd6ab7f0cd6c45e58811ab Mon Sep 17 00:00:00 2001 From: Joffrey Jaffeux Date: Wed, 6 Jun 2012 14:26:04 +0200 Subject: Add support for ipv6 --- system/core/Input.php | 22 +++++++++++++++++++++- 1 file changed, 21 insertions(+), 1 deletion(-) (limited to 'system/core/Input.php') diff --git a/system/core/Input.php b/system/core/Input.php index 73f46ba6a..6a5a9d8f0 100755 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -383,7 +383,27 @@ class CI_Input { */ public function valid_ip($ip) { - return (bool) filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4); + if($this->ip_version($ip) === '4') + { + return (bool) filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4); + } + else + { + return (bool) filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6); + } + } + + // -------------------------------------------------------------------- + + /** + * Return ip version + * + * @param string + * @return string + */ + public function ip_version($ip) + { + return strpos($ip, ":") === false ? '4' : '6'; } // -------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From 0723617703dda3660597d9cdef59e7cdded1c497 Mon Sep 17 00:00:00 2001 From: Joffrey Jaffeux Date: Wed, 6 Jun 2012 14:39:02 +0200 Subject: follow styling guide --- system/core/Input.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core/Input.php') diff --git a/system/core/Input.php b/system/core/Input.php index 6a5a9d8f0..ac67aaf4f 100755 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -383,7 +383,7 @@ class CI_Input { */ public function valid_ip($ip) { - if($this->ip_version($ip) === '4') + if ($this->ip_version($ip) === '4') { return (bool) filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4); } -- cgit v1.2.3-24-g4f1b From 908f36a583384b0314d04c4cfe71992746e35daa Mon Sep 17 00:00:00 2001 From: Joffrey Jaffeux Date: Wed, 6 Jun 2012 15:47:22 +0200 Subject: ip_version() now returns int instead of string --- system/core/Input.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'system/core/Input.php') diff --git a/system/core/Input.php b/system/core/Input.php index ac67aaf4f..36ff96d03 100755 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -383,7 +383,7 @@ class CI_Input { */ public function valid_ip($ip) { - if ($this->ip_version($ip) === '4') + if ($this->ip_version($ip) === 4) { return (bool) filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4); } @@ -399,11 +399,11 @@ class CI_Input { * Return ip version * * @param string - * @return string + * @return int */ public function ip_version($ip) { - return strpos($ip, ":") === false ? '4' : '6'; + return strpos($ip, ":") === false ? 4 : 6; } // -------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From 1eb9b127cfb3aef5d89b86a48e35b2f35cd17f81 Mon Sep 17 00:00:00 2001 From: Joffrey Jaffeux Date: Wed, 6 Jun 2012 17:57:40 +0200 Subject: styling guide false -> FALSE --- system/core/Input.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core/Input.php') diff --git a/system/core/Input.php b/system/core/Input.php index 36ff96d03..c1f2086c4 100755 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -403,7 +403,7 @@ class CI_Input { */ public function ip_version($ip) { - return strpos($ip, ":") === false ? 4 : 6; + return strpos($ip, ":") === FALSE ? 4 : 6; } // -------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From 1ab6f6520ebfc016c49cfbe3a4d9d009be5da268 Mon Sep 17 00:00:00 2001 From: Joffrey Jaffeux Date: Wed, 6 Jun 2012 20:14:13 +0200 Subject: removed ip_version() --- system/core/Input.php | 22 +--------------------- 1 file changed, 1 insertion(+), 21 deletions(-) (limited to 'system/core/Input.php') diff --git a/system/core/Input.php b/system/core/Input.php index c1f2086c4..b986c4973 100755 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -383,27 +383,7 @@ class CI_Input { */ public function valid_ip($ip) { - if ($this->ip_version($ip) === 4) - { - return (bool) filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4); - } - else - { - return (bool) filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6); - } - } - - // -------------------------------------------------------------------- - - /** - * Return ip version - * - * @param string - * @return int - */ - public function ip_version($ip) - { - return strpos($ip, ":") === FALSE ? 4 : 6; + return (bool) filter_var($ip, FILTER_VALIDATE_IP); } // -------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b