From 162b1a9824deba1369d756eccc9535544452b479 Mon Sep 17 00:00:00 2001
From: Andrey Andreev <narf@devilix.net>
Date: Mon, 8 Dec 2014 10:59:51 +0200
Subject: Fix 'Array to string conversion' notice in CSRF validation

Rel: #3398
---
 system/core/Security.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'system/core/Security.php')

diff --git a/system/core/Security.php b/system/core/Security.php
index 6ed0f8d4f..8adc35676 100755
--- a/system/core/Security.php
+++ b/system/core/Security.php
@@ -977,8 +977,8 @@ class CI_Security {
 			// We don't necessarily want to regenerate it with
 			// each page load since a page could contain embedded
 			// sub-pages causing this feature to fail
-			if (isset($_COOKIE[$this->_csrf_cookie_name]) &&
-				preg_match('#^[0-9a-f]{32}$#iS', $_COOKIE[$this->_csrf_cookie_name]) === 1)
+			if (isset($_COOKIE[$this->_csrf_cookie_name]) && is_string($_COOKIE[$this->_csrf_cookie_name])
+				&& preg_match('#^[0-9a-f]{32}$#iS', $_COOKIE[$this->_csrf_cookie_name]) === 1)
 			{
 				return $this->_csrf_hash = $_COOKIE[$this->_csrf_cookie_name];
 			}
-- 
cgit v1.2.3-24-g4f1b


From bb177984d7207ecf0bf0e14a389e54d59e9ea0b8 Mon Sep 17 00:00:00 2001
From: warpcode <git@warpcode.eu>
Date: Tue, 16 Dec 2014 11:29:53 +0000
Subject: Fix Issue #3417

---
 system/core/Security.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'system/core/Security.php')

diff --git a/system/core/Security.php b/system/core/Security.php
index 8adc35676..2ac61a540 100755
--- a/system/core/Security.php
+++ b/system/core/Security.php
@@ -673,7 +673,7 @@ class CI_Security {
 
 			// Decode numeric & UTF16 two byte entities
 			$str = html_entity_decode(
-				preg_replace('/(&#(?:x0*[0-9a-f]{2,5}(?![0-9a-f;]))|(?:0*\d{2,4}(?![0-9;])))/iS', '$1;', $str),
+				preg_replace('/(&#(?:x0*[0-9a-f]{2,5}(?![0-9a-f;])|(?:0*\d{2,4}(?![0-9;]))))/iS', '$1;', $str),
 				$flag,
 				$charset
 			);
@@ -995,4 +995,4 @@ class CI_Security {
 }
 
 /* End of file Security.php */
-/* Location: ./system/core/Security.php */
\ No newline at end of file
+/* Location: ./system/core/Security.php */
-- 
cgit v1.2.3-24-g4f1b


From e11657cc3f721a59ccb9cf37d3c099bd6d02e6ab Mon Sep 17 00:00:00 2001
From: Jason Taylor <jason@kaweb.co.uk>
Date: Tue, 16 Dec 2014 12:33:36 +0000
Subject: Remove trailing newline

---
 system/core/Security.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'system/core/Security.php')

diff --git a/system/core/Security.php b/system/core/Security.php
index 2ac61a540..8ad0518a4 100755
--- a/system/core/Security.php
+++ b/system/core/Security.php
@@ -995,4 +995,4 @@ class CI_Security {
 }
 
 /* End of file Security.php */
-/* Location: ./system/core/Security.php */
+/* Location: ./system/core/Security.php */
\ No newline at end of file
-- 
cgit v1.2.3-24-g4f1b


From 93455e31f1f88fa88394091a5156ac96e61c4179 Mon Sep 17 00:00:00 2001
From: Andrey Andreev <narf@devilix.net>
Date: Fri, 9 Jan 2015 16:15:45 +0200
Subject: Fix E_WARNING in CI_Security::entity_decode() on PHP<5.3.4

Related: #3057
Previous commit: 487d1ae060e6414e0a59c9752a4914fa3b8c4710
---
 system/core/Security.php | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

(limited to 'system/core/Security.php')

diff --git a/system/core/Security.php b/system/core/Security.php
index 8ad0518a4..6b1140562 100755
--- a/system/core/Security.php
+++ b/system/core/Security.php
@@ -644,7 +644,12 @@ class CI_Security {
 			{
 				if ( ! isset($_entities))
 				{
-					$_entities = array_map('strtolower', get_html_translation_table(HTML_ENTITIES, $flag, $charset));
+					$_entities = array_map(
+						'strtolower',
+						is_php('5.3.4')
+							? get_html_translation_table(HTML_ENTITIES, $flag, $charset)
+							: get_html_translation_table(HTML_ENTITIES, $flag)
+					);
 
 					// If we're not on PHP 5.4+, add the possibly dangerous HTML 5
 					// entities to the array manually
-- 
cgit v1.2.3-24-g4f1b


From fe9309d22c1b088f5363954d6dac013c8c955894 Mon Sep 17 00:00:00 2001
From: Andrey Andreev <narf@devilix.net>
Date: Fri, 9 Jan 2015 17:48:58 +0200
Subject: Bulk (mostly documentation) update

 - Remove PHP version from license notices
 - Bump year number in copyright notices
 - Recommend PHP 5.4 or newer to be used
 - Tell Travis-CI to test on PHP 5.3.0 instead of the latest 5.3 version

Related: #3450
---
 system/core/Security.php | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)
 mode change 100755 => 100644 system/core/Security.php

(limited to 'system/core/Security.php')

diff --git a/system/core/Security.php b/system/core/Security.php
old mode 100755
new mode 100644
index 6b1140562..2bf0f6284
--- a/system/core/Security.php
+++ b/system/core/Security.php
@@ -2,11 +2,11 @@
 /**
  * CodeIgniter
  *
- * An open source application development framework for PHP 5.2.4 or newer
+ * An open source application development framework for PHP
  *
  * This content is released under the MIT License (MIT)
  *
- * Copyright (c) 2014, British Columbia Institute of Technology
+ * Copyright (c) 2014 - 2015, British Columbia Institute of Technology
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -29,7 +29,7 @@
  * @package	CodeIgniter
  * @author	EllisLab Dev Team
  * @copyright	Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/)
- * @copyright	Copyright (c) 2014, British Columbia Institute of Technology (http://bcit.ca/)
+ * @copyright	Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/)
  * @license	http://opensource.org/licenses/MIT	MIT License
  * @link	http://codeigniter.com
  * @since	Version 1.0.0
-- 
cgit v1.2.3-24-g4f1b