From 6a15b2d8e84b38e1a42d7c27ae2f6ed393e72399 Mon Sep 17 00:00:00 2001 From: Tom Klingenberg Date: Fri, 7 Oct 2011 20:03:30 +0200 Subject: CI_Loader::driver() processes empty library. Fixed. This causes endless recursion calls _ci_load_class(), see #550 --- system/core/Loader.php | 5 +++++ 1 file changed, 5 insertions(+) mode change 100755 => 100644 system/core/Loader.php (limited to 'system/core') diff --git a/system/core/Loader.php b/system/core/Loader.php old mode 100755 new mode 100644 index de0fc06d2..5539aae14 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -616,6 +616,11 @@ class CI_Loader { require BASEPATH.'libraries/Driver.php'; } + if ($library == '') + { + return FALSE; + } + // We can save the loader some time since Drivers will *always* be in a subfolder, // and typically identically named to the library if ( ! strpos($library, '/')) -- cgit v1.2.3-24-g4f1b From af7286251ec2c0dfd69ae764dbc0e3e8d0b736bf Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 20 Oct 2011 10:11:59 +0300 Subject: get_magic_quotes_gpc() to be executed only if PHP version is 5.3 or lower --- system/core/Input.php | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) (limited to 'system/core') diff --git a/system/core/Input.php b/system/core/Input.php index 6f8442107..f8e89066e 100755 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -554,8 +554,12 @@ class CI_Input { return $new_array; } - // We strip slashes if magic quotes is on to keep things consistent - if (function_exists('get_magic_quotes_gpc') AND @get_magic_quotes_gpc()) + /* We strip slashes if magic quotes is on to keep things consistent + + NOTE: In PHP 5.4 get_magic_quotes_gpc() will always return 0 and + it will probably not exist in future versions at all. + */ + if ( ! is_php('5.4') && get_magic_quotes_gpc()) { $str = stripslashes($str); } -- cgit v1.2.3-24-g4f1b From f4a4bd8fac188ebc9cda822ffc811c218fd92b45 Mon Sep 17 00:00:00 2001 From: Derek Jones Date: Thu, 20 Oct 2011 12:18:42 -0500 Subject: adding new license file (OSL 3.0) and updating readme to ReST added notice of license to all source files. OSL to all except the few files we ship inside of the application folder, those are AFL. Updated license in user guide. incrementing next dev version to 3.0 due to licensing change --- system/core/Benchmark.php | 20 ++++++++++++++++---- system/core/CodeIgniter.php | 22 +++++++++++++++++----- system/core/Common.php | 20 ++++++++++++++++---- system/core/Config.php | 20 ++++++++++++++++---- system/core/Controller.php | 20 ++++++++++++++++---- system/core/Exceptions.php | 20 ++++++++++++++++---- system/core/Hooks.php | 20 ++++++++++++++++---- system/core/Input.php | 20 ++++++++++++++++---- system/core/Lang.php | 20 ++++++++++++++++---- system/core/Loader.php | 20 ++++++++++++++++---- system/core/Model.php | 20 ++++++++++++++++---- system/core/Output.php | 20 ++++++++++++++++---- system/core/Router.php | 20 ++++++++++++++++---- system/core/Security.php | 20 ++++++++++++++++---- system/core/URI.php | 20 ++++++++++++++++---- system/core/Utf8.php | 20 ++++++++++++++++---- 16 files changed, 257 insertions(+), 65 deletions(-) (limited to 'system/core') diff --git a/system/core/Benchmark.php b/system/core/Benchmark.php index a200727ab..0f3104079 100755 --- a/system/core/Benchmark.php +++ b/system/core/Benchmark.php @@ -4,10 +4,22 @@ * * An open source application development framework for PHP 5.1.6 or newer * + * NOTICE OF LICENSE + * + * Licensed under the Open Software License version 3.0 + * + * This source file is subject to the Open Software License (OSL 3.0) that is + * bundled with this package in the files license.txt / license.rst. It is + * also available through the world wide web at this URL: + * http://opensource.org/licenses/OSL-3.0 + * If you did not receive a copy of the license and are unable to obtain it + * through the world wide web, please send an email to + * licensing@ellislab.com so we can send you a copy immediately. + * * @package CodeIgniter - * @author ExpressionEngine Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. - * @license http://codeigniter.com/user_guide/license.html + * @author EllisLab Dev Team + * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 * @filesource @@ -24,7 +36,7 @@ * @package CodeIgniter * @subpackage Libraries * @category Libraries - * @author ExpressionEngine Dev Team + * @author EllisLab Dev Team * @link http://codeigniter.com/user_guide/libraries/benchmark.html */ class CI_Benchmark { diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index 9f88384b1..4d76a5587 100755 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -4,10 +4,22 @@ * * An open source application development framework for PHP 5.1.6 or newer * + * NOTICE OF LICENSE + * + * Licensed under the Open Software License version 3.0 + * + * This source file is subject to the Open Software License (OSL 3.0) that is + * bundled with this package in the files license.txt / license.rst. It is + * also available through the world wide web at this URL: + * http://opensource.org/licenses/OSL-3.0 + * If you did not receive a copy of the license and are unable to obtain it + * through the world wide web, please send an email to + * licensing@ellislab.com so we can send you a copy immediately. + * * @package CodeIgniter - * @author ExpressionEngine Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. - * @license http://codeigniter.com/user_guide/license.html + * @author EllisLab Dev Team + * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 * @filesource @@ -23,7 +35,7 @@ * @package CodeIgniter * @subpackage codeigniter * @category Front-controller - * @author ExpressionEngine Dev Team + * @author EllisLab Dev Team * @link http://codeigniter.com/user_guide/ */ @@ -33,7 +45,7 @@ * @var string * */ - define('CI_VERSION', '2.1.0-dev'); + define('CI_VERSION', '3.0-dev'); /* * ------------------------------------------------------ diff --git a/system/core/Common.php b/system/core/Common.php index d79375475..e43bb8db3 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -4,10 +4,22 @@ * * An open source application development framework for PHP 5.1.6 or newer * + * NOTICE OF LICENSE + * + * Licensed under the Open Software License version 3.0 + * + * This source file is subject to the Open Software License (OSL 3.0) that is + * bundled with this package in the files license.txt / license.rst. It is + * also available through the world wide web at this URL: + * http://opensource.org/licenses/OSL-3.0 + * If you did not receive a copy of the license and are unable to obtain it + * through the world wide web, please send an email to + * licensing@ellislab.com so we can send you a copy immediately. + * * @package CodeIgniter - * @author ExpressionEngine Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. - * @license http://codeigniter.com/user_guide/license.html + * @author EllisLab Dev Team + * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 * @filesource @@ -23,7 +35,7 @@ * @package CodeIgniter * @subpackage codeigniter * @category Common Functions - * @author ExpressionEngine Dev Team + * @author EllisLab Dev Team * @link http://codeigniter.com/user_guide/ */ diff --git a/system/core/Config.php b/system/core/Config.php index 714c4667b..abd2767d5 100755 --- a/system/core/Config.php +++ b/system/core/Config.php @@ -4,10 +4,22 @@ * * An open source application development framework for PHP 5.1.6 or newer * + * NOTICE OF LICENSE + * + * Licensed under the Open Software License version 3.0 + * + * This source file is subject to the Open Software License (OSL 3.0) that is + * bundled with this package in the files license.txt / license.rst. It is + * also available through the world wide web at this URL: + * http://opensource.org/licenses/OSL-3.0 + * If you did not receive a copy of the license and are unable to obtain it + * through the world wide web, please send an email to + * licensing@ellislab.com so we can send you a copy immediately. + * * @package CodeIgniter - * @author ExpressionEngine Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. - * @license http://codeigniter.com/user_guide/license.html + * @author EllisLab Dev Team + * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 * @filesource @@ -23,7 +35,7 @@ * @package CodeIgniter * @subpackage Libraries * @category Libraries - * @author ExpressionEngine Dev Team + * @author EllisLab Dev Team * @link http://codeigniter.com/user_guide/libraries/config.html */ class CI_Config { diff --git a/system/core/Controller.php b/system/core/Controller.php index fddb81e19..ca2bf41b5 100644 --- a/system/core/Controller.php +++ b/system/core/Controller.php @@ -4,10 +4,22 @@ * * An open source application development framework for PHP 5.1.6 or newer * + * NOTICE OF LICENSE + * + * Licensed under the Open Software License version 3.0 + * + * This source file is subject to the Open Software License (OSL 3.0) that is + * bundled with this package in the files license.txt / license.rst. It is + * also available through the world wide web at this URL: + * http://opensource.org/licenses/OSL-3.0 + * If you did not receive a copy of the license and are unable to obtain it + * through the world wide web, please send an email to + * licensing@ellislab.com so we can send you a copy immediately. + * * @package CodeIgniter - * @author ExpressionEngine Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. - * @license http://codeigniter.com/user_guide/license.html + * @author EllisLab Dev Team + * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 * @filesource @@ -24,7 +36,7 @@ * @package CodeIgniter * @subpackage Libraries * @category Libraries - * @author ExpressionEngine Dev Team + * @author EllisLab Dev Team * @link http://codeigniter.com/user_guide/general/controllers.html */ class CI_Controller { diff --git a/system/core/Exceptions.php b/system/core/Exceptions.php index 869739a5a..ead8d814e 100755 --- a/system/core/Exceptions.php +++ b/system/core/Exceptions.php @@ -4,10 +4,22 @@ * * An open source application development framework for PHP 5.1.6 or newer * + * NOTICE OF LICENSE + * + * Licensed under the Open Software License version 3.0 + * + * This source file is subject to the Open Software License (OSL 3.0) that is + * bundled with this package in the files license.txt / license.rst. It is + * also available through the world wide web at this URL: + * http://opensource.org/licenses/OSL-3.0 + * If you did not receive a copy of the license and are unable to obtain it + * through the world wide web, please send an email to + * licensing@ellislab.com so we can send you a copy immediately. + * * @package CodeIgniter - * @author ExpressionEngine Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. - * @license http://codeigniter.com/user_guide/license.html + * @author EllisLab Dev Team + * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 * @filesource @@ -21,7 +33,7 @@ * @package CodeIgniter * @subpackage Libraries * @category Exceptions - * @author ExpressionEngine Dev Team + * @author EllisLab Dev Team * @link http://codeigniter.com/user_guide/libraries/exceptions.html */ class CI_Exceptions { diff --git a/system/core/Hooks.php b/system/core/Hooks.php index 33f1c034c..46bfec02a 100755 --- a/system/core/Hooks.php +++ b/system/core/Hooks.php @@ -4,10 +4,22 @@ * * An open source application development framework for PHP 5.1.6 or newer * + * NOTICE OF LICENSE + * + * Licensed under the Open Software License version 3.0 + * + * This source file is subject to the Open Software License (OSL 3.0) that is + * bundled with this package in the files license.txt / license.rst. It is + * also available through the world wide web at this URL: + * http://opensource.org/licenses/OSL-3.0 + * If you did not receive a copy of the license and are unable to obtain it + * through the world wide web, please send an email to + * licensing@ellislab.com so we can send you a copy immediately. + * * @package CodeIgniter - * @author ExpressionEngine Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. - * @license http://codeigniter.com/user_guide/license.html + * @author EllisLab Dev Team + * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 * @filesource @@ -23,7 +35,7 @@ * @package CodeIgniter * @subpackage Libraries * @category Libraries - * @author ExpressionEngine Dev Team + * @author EllisLab Dev Team * @link http://codeigniter.com/user_guide/libraries/encryption.html */ class CI_Hooks { diff --git a/system/core/Input.php b/system/core/Input.php index f8e89066e..946d9296f 100755 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -4,10 +4,22 @@ * * An open source application development framework for PHP 5.1.6 or newer * + * NOTICE OF LICENSE + * + * Licensed under the Open Software License version 3.0 + * + * This source file is subject to the Open Software License (OSL 3.0) that is + * bundled with this package in the files license.txt / license.rst. It is + * also available through the world wide web at this URL: + * http://opensource.org/licenses/OSL-3.0 + * If you did not receive a copy of the license and are unable to obtain it + * through the world wide web, please send an email to + * licensing@ellislab.com so we can send you a copy immediately. + * * @package CodeIgniter - * @author ExpressionEngine Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. - * @license http://codeigniter.com/user_guide/license.html + * @author EllisLab Dev Team + * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 * @filesource @@ -23,7 +35,7 @@ * @package CodeIgniter * @subpackage Libraries * @category Input - * @author ExpressionEngine Dev Team + * @author EllisLab Dev Team * @link http://codeigniter.com/user_guide/libraries/input.html */ class CI_Input { diff --git a/system/core/Lang.php b/system/core/Lang.php index d61d1029a..e03afb07d 100755 --- a/system/core/Lang.php +++ b/system/core/Lang.php @@ -4,10 +4,22 @@ * * An open source application development framework for PHP 5.1.6 or newer * + * NOTICE OF LICENSE + * + * Licensed under the Open Software License version 3.0 + * + * This source file is subject to the Open Software License (OSL 3.0) that is + * bundled with this package in the files license.txt / license.rst. It is + * also available through the world wide web at this URL: + * http://opensource.org/licenses/OSL-3.0 + * If you did not receive a copy of the license and are unable to obtain it + * through the world wide web, please send an email to + * licensing@ellislab.com so we can send you a copy immediately. + * * @package CodeIgniter - * @author ExpressionEngine Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. - * @license http://codeigniter.com/user_guide/license.html + * @author EllisLab Dev Team + * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 * @filesource @@ -21,7 +33,7 @@ * @package CodeIgniter * @subpackage Libraries * @category Language - * @author ExpressionEngine Dev Team + * @author EllisLab Dev Team * @link http://codeigniter.com/user_guide/libraries/language.html */ class CI_Lang { diff --git a/system/core/Loader.php b/system/core/Loader.php index 5539aae14..4e14b54af 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -4,10 +4,22 @@ * * An open source application development framework for PHP 5.1.6 or newer * + * NOTICE OF LICENSE + * + * Licensed under the Open Software License version 3.0 + * + * This source file is subject to the Open Software License (OSL 3.0) that is + * bundled with this package in the files license.txt / license.rst. It is + * also available through the world wide web at this URL: + * http://opensource.org/licenses/OSL-3.0 + * If you did not receive a copy of the license and are unable to obtain it + * through the world wide web, please send an email to + * licensing@ellislab.com so we can send you a copy immediately. + * * @package CodeIgniter - * @author ExpressionEngine Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. - * @license http://codeigniter.com/user_guide/license.html + * @author EllisLab Dev Team + * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 * @filesource @@ -22,7 +34,7 @@ * * @package CodeIgniter * @subpackage Libraries - * @author ExpressionEngine Dev Team + * @author EllisLab Dev Team * @category Loader * @link http://codeigniter.com/user_guide/libraries/loader.html */ diff --git a/system/core/Model.php b/system/core/Model.php index e15ffbebc..c34bab64b 100755 --- a/system/core/Model.php +++ b/system/core/Model.php @@ -4,10 +4,22 @@ * * An open source application development framework for PHP 5.1.6 or newer * + * NOTICE OF LICENSE + * + * Licensed under the Open Software License version 3.0 + * + * This source file is subject to the Open Software License (OSL 3.0) that is + * bundled with this package in the files license.txt / license.rst. It is + * also available through the world wide web at this URL: + * http://opensource.org/licenses/OSL-3.0 + * If you did not receive a copy of the license and are unable to obtain it + * through the world wide web, please send an email to + * licensing@ellislab.com so we can send you a copy immediately. + * * @package CodeIgniter - * @author ExpressionEngine Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. - * @license http://codeigniter.com/user_guide/license.html + * @author EllisLab Dev Team + * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 * @filesource @@ -21,7 +33,7 @@ * @package CodeIgniter * @subpackage Libraries * @category Libraries - * @author ExpressionEngine Dev Team + * @author EllisLab Dev Team * @link http://codeigniter.com/user_guide/libraries/config.html */ class CI_Model { diff --git a/system/core/Output.php b/system/core/Output.php index ccecafd2b..7b53f8e3e 100755 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -4,10 +4,22 @@ * * An open source application development framework for PHP 5.1.6 or newer * + * NOTICE OF LICENSE + * + * Licensed under the Open Software License version 3.0 + * + * This source file is subject to the Open Software License (OSL 3.0) that is + * bundled with this package in the files license.txt / license.rst. It is + * also available through the world wide web at this URL: + * http://opensource.org/licenses/OSL-3.0 + * If you did not receive a copy of the license and are unable to obtain it + * through the world wide web, please send an email to + * licensing@ellislab.com so we can send you a copy immediately. + * * @package CodeIgniter - * @author ExpressionEngine Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. - * @license http://codeigniter.com/user_guide/license.html + * @author EllisLab Dev Team + * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 * @filesource @@ -23,7 +35,7 @@ * @package CodeIgniter * @subpackage Libraries * @category Output - * @author ExpressionEngine Dev Team + * @author EllisLab Dev Team * @link http://codeigniter.com/user_guide/libraries/output.html */ class CI_Output { diff --git a/system/core/Router.php b/system/core/Router.php index 6da667472..748678d67 100755 --- a/system/core/Router.php +++ b/system/core/Router.php @@ -4,10 +4,22 @@ * * An open source application development framework for PHP 5.1.6 or newer * + * NOTICE OF LICENSE + * + * Licensed under the Open Software License version 3.0 + * + * This source file is subject to the Open Software License (OSL 3.0) that is + * bundled with this package in the files license.txt / license.rst. It is + * also available through the world wide web at this URL: + * http://opensource.org/licenses/OSL-3.0 + * If you did not receive a copy of the license and are unable to obtain it + * through the world wide web, please send an email to + * licensing@ellislab.com so we can send you a copy immediately. + * * @package CodeIgniter - * @author ExpressionEngine Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. - * @license http://codeigniter.com/user_guide/license.html + * @author EllisLab Dev Team + * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 * @filesource @@ -22,7 +34,7 @@ * * @package CodeIgniter * @subpackage Libraries - * @author ExpressionEngine Dev Team + * @author EllisLab Dev Team * @category Libraries * @link http://codeigniter.com/user_guide/general/routing.html */ diff --git a/system/core/Security.php b/system/core/Security.php index 65338ced3..ee4f0a08d 100755 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -4,10 +4,22 @@ * * An open source application development framework for PHP 5.1.6 or newer * + * NOTICE OF LICENSE + * + * Licensed under the Open Software License version 3.0 + * + * This source file is subject to the Open Software License (OSL 3.0) that is + * bundled with this package in the files license.txt / license.rst. It is + * also available through the world wide web at this URL: + * http://opensource.org/licenses/OSL-3.0 + * If you did not receive a copy of the license and are unable to obtain it + * through the world wide web, please send an email to + * licensing@ellislab.com so we can send you a copy immediately. + * * @package CodeIgniter - * @author ExpressionEngine Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. - * @license http://codeigniter.com/user_guide/license.html + * @author EllisLab Dev Team + * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 * @filesource @@ -21,7 +33,7 @@ * @package CodeIgniter * @subpackage Libraries * @category Security - * @author ExpressionEngine Dev Team + * @author EllisLab Dev Team * @link http://codeigniter.com/user_guide/libraries/security.html */ class CI_Security { diff --git a/system/core/URI.php b/system/core/URI.php index 8946bc76b..578d17429 100755 --- a/system/core/URI.php +++ b/system/core/URI.php @@ -4,10 +4,22 @@ * * An open source application development framework for PHP 5.1.6 or newer * + * NOTICE OF LICENSE + * + * Licensed under the Open Software License version 3.0 + * + * This source file is subject to the Open Software License (OSL 3.0) that is + * bundled with this package in the files license.txt / license.rst. It is + * also available through the world wide web at this URL: + * http://opensource.org/licenses/OSL-3.0 + * If you did not receive a copy of the license and are unable to obtain it + * through the world wide web, please send an email to + * licensing@ellislab.com so we can send you a copy immediately. + * * @package CodeIgniter - * @author ExpressionEngine Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. - * @license http://codeigniter.com/user_guide/license.html + * @author EllisLab Dev Team + * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 * @filesource @@ -23,7 +35,7 @@ * @package CodeIgniter * @subpackage Libraries * @category URI - * @author ExpressionEngine Dev Team + * @author EllisLab Dev Team * @link http://codeigniter.com/user_guide/libraries/uri.html */ class CI_URI { diff --git a/system/core/Utf8.php b/system/core/Utf8.php index 2a27d1f35..7abe4e43b 100644 --- a/system/core/Utf8.php +++ b/system/core/Utf8.php @@ -4,10 +4,22 @@ * * An open source application development framework for PHP 5.1.6 or newer * + * NOTICE OF LICENSE + * + * Licensed under the Open Software License version 3.0 + * + * This source file is subject to the Open Software License (OSL 3.0) that is + * bundled with this package in the files license.txt / license.rst. It is + * also available through the world wide web at this URL: + * http://opensource.org/licenses/OSL-3.0 + * If you did not receive a copy of the license and are unable to obtain it + * through the world wide web, please send an email to + * licensing@ellislab.com so we can send you a copy immediately. + * * @package CodeIgniter - * @author ExpressionEngine Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. - * @license http://codeigniter.com/user_guide/license.html + * @author EllisLab Dev Team + * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 2.0 * @filesource @@ -23,7 +35,7 @@ * @package CodeIgniter * @subpackage Libraries * @category UTF-8 - * @author ExpressionEngine Dev Team + * @author EllisLab Dev Team * @link http://codeigniter.com/user_guide/libraries/utf8.html */ class CI_Utf8 { -- cgit v1.2.3-24-g4f1b From e8349294d8638dac1e689d137188bb7c7c7c19c5 Mon Sep 17 00:00:00 2001 From: Tom Klingenberg Date: Fri, 7 Oct 2011 20:03:30 +0200 Subject: CI_Loader::driver() processes empty library. Fixed. This causes endless recursion calls _ci_load_class(), see #550 --- system/core/Loader.php | 5 +++++ 1 file changed, 5 insertions(+) mode change 100755 => 100644 system/core/Loader.php (limited to 'system/core') diff --git a/system/core/Loader.php b/system/core/Loader.php old mode 100755 new mode 100644 index e7fa3d3f6..6b7ee0c28 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -616,6 +616,11 @@ class CI_Loader { require BASEPATH.'libraries/Driver.php'; } + if ($library == '') + { + return FALSE; + } + // We can save the loader some time since Drivers will *always* be in a subfolder, // and typically identically named to the library if ( ! strpos($library, '/')) -- cgit v1.2.3-24-g4f1b From 75b1f3991013c17cacac18e47879c483fe1cf542 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 20 Oct 2011 10:11:59 +0300 Subject: get_magic_quotes_gpc() to be executed only if PHP version is 5.3 or lower --- system/core/Input.php | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) (limited to 'system/core') diff --git a/system/core/Input.php b/system/core/Input.php index 5a033e7b8..9bfb5f1fb 100755 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -548,8 +548,12 @@ class CI_Input { return $new_array; } - // We strip slashes if magic quotes is on to keep things consistent - if (function_exists('get_magic_quotes_gpc') AND get_magic_quotes_gpc()) + /* We strip slashes if magic quotes is on to keep things consistent + + NOTE: In PHP 5.4 get_magic_quotes_gpc() will always return 0 and + it will probably not exist in future versions at all. + */ + if ( ! is_php('5.4') && get_magic_quotes_gpc()) { $str = stripslashes($str); } @@ -714,7 +718,6 @@ class CI_Input { } } -// END Input class /* End of file Input.php */ -/* Location: ./system/core/Input.php */ +/* Location: ./system/core/Input.php */ \ No newline at end of file -- cgit v1.2.3-24-g4f1b From 9c63d0bb34be4007178d5a7e46348d5e23fee3ff Mon Sep 17 00:00:00 2001 From: Phil Sturgeon Date: Thu, 27 Oct 2011 01:55:44 +0100 Subject: Bumped CodeIgniter version to 2.1.0. --- system/core/CodeIgniter.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index 0a1391d18..d9977e1ca 100755 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -39,7 +39,7 @@ * @var string * */ - define('CI_VERSION', '2.0.2'); + define('CI_VERSION', '2.1.0'); /** * CodeIgniter Branch (Core = TRUE, Reactor = FALSE) -- cgit v1.2.3-24-g4f1b From 55027807e4826dfe722598172ab7ffbd9dc0b48c Mon Sep 17 00:00:00 2001 From: kenjis Date: Thu, 25 Aug 2011 10:51:44 +0900 Subject: add html_escape() function to escape HTML. --- system/core/Common.php | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) (limited to 'system/core') diff --git a/system/core/Common.php b/system/core/Common.php index db9fbeb9f..3d6931bc0 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -536,5 +536,29 @@ if ( ! function_exists('remove_invisible_characters')) } } +// ------------------------------------------------------------------------ + +/** +* Returns HTML escaped variable +* +* @access public +* @param mixed +* @return mixed +*/ +if ( ! function_exists('html_escape')) +{ + function html_escape($var) + { + if (is_array($var)) + { + return array_map('html_escape', $var); + } + else + { + return htmlspecialchars($var, ENT_QUOTES, config_item('charset')); + } + } +} + /* End of file Common.php */ /* Location: ./system/core/Common.php */ \ No newline at end of file -- cgit v1.2.3-24-g4f1b From 8d0a31314fbf8040cce5d7601a12fffe208ae884 Mon Sep 17 00:00:00 2001 From: Shane Pearson Date: Mon, 22 Aug 2011 16:11:20 -0500 Subject: Fix #8 - Load core classes from the application folder first. --- system/core/Common.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'system/core') diff --git a/system/core/Common.php b/system/core/Common.php index 3d6931bc0..d79375475 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -132,9 +132,9 @@ if ( ! function_exists('load_class')) $name = FALSE; - // Look for the class first in the native system/libraries folder - // thenin the local application/libraries folder - foreach (array(BASEPATH, APPPATH) as $path) + // Look for the class first in the local application/libraries folder + // then in the native system/libraries folder + foreach (array(APPPATH, BASEPATH) as $path) { if (file_exists($path.$directory.'/'.$class.'.php')) { -- cgit v1.2.3-24-g4f1b From fbcf88b9687ed25c71f0036112f9a120a7623302 Mon Sep 17 00:00:00 2001 From: Pascal Kriete Date: Mon, 14 Nov 2011 13:39:37 -0500 Subject: Removing stray docblocks --- system/core/CodeIgniter.php | 12 ------------ 1 file changed, 12 deletions(-) (limited to 'system/core') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index d9977e1ca..db1aee574 100755 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -33,12 +33,6 @@ * @var string * */ - /** - * CodeIgniter Version - * - * @var string - * - */ define('CI_VERSION', '2.1.0'); /** @@ -47,12 +41,6 @@ * @var boolean * */ - /** - * CodeIgniter Branch (Core = TRUE, Reactor = FALSE) - * - * @var string - * - */ define('CI_CORE', FALSE); /* -- cgit v1.2.3-24-g4f1b From c38e3b672335e3a00d68decf2b629a0afc7c769d Mon Sep 17 00:00:00 2001 From: Pascal Kriete Date: Mon, 14 Nov 2011 13:55:00 -0500 Subject: Tweaking the xss filter for IE tags, parameter injection, and weird html5 attributes. --- system/core/Security.php | 91 ++++++++++++++++++++++-------------------------- 1 file changed, 41 insertions(+), 50 deletions(-) (limited to 'system/core') diff --git a/system/core/Security.php b/system/core/Security.php index dcc680a11..a3e227437 100755 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -77,7 +77,8 @@ class CI_Security { '-moz-binding' => '[removed]', '' => '-->', - ' '<![CDATA[' + ' '<![CDATA[', + '' => '<comment>' ); /* never allowed, regex replacement */ @@ -475,15 +476,7 @@ class CI_Security { { if ($this->_xss_hash == '') { - if (phpversion() >= 4.2) - { - mt_srand(); - } - else - { - mt_srand(hexdec(substr(md5(microtime()), -8)) & 0x7fffffff); - } - + mt_srand(); $this->_xss_hash = md5(time() + mt_rand(0, 1999999999)); } @@ -497,14 +490,11 @@ class CI_Security { * * This function is a replacement for html_entity_decode() * - * In some versions of PHP the native function does not work - * when UTF-8 is the specified character set, so this gives us - * a work-around. More info here: - * http://bugs.php.net/bug.php?id=25670 - * - * NOTE: html_entity_decode() has a bug in some PHP versions when UTF-8 is the - * character set, and the PHP developers said they were not back porting the - * fix to versions other than PHP 5.x. + * The reason we are not using html_entity_decode() by itself is because + * while it is not technically correct to leave out the semicolon + * at the end of an entity most browsers will still interpret the entity + * correctly. html_entity_decode() does not convert entities without + * semicolons, so we are left with our own little solution here. Bummer. * * @param string * @param string @@ -512,33 +502,14 @@ class CI_Security { */ public function entity_decode($str, $charset='UTF-8') { - if (stristr($str, '&') === FALSE) return $str; - - // The reason we are not using html_entity_decode() by itself is because - // while it is not technically correct to leave out the semicolon - // at the end of an entity most browsers will still interpret the entity - // correctly. html_entity_decode() does not convert entities without - // semicolons, so we are left with our own little solution here. Bummer. - - if (function_exists('html_entity_decode') && - (strtolower($charset) != 'utf-8')) - { - $str = html_entity_decode($str, ENT_COMPAT, $charset); - $str = preg_replace('~&#x(0*[0-9a-f]{2,5})~ei', 'chr(hexdec("\\1"))', $str); - return preg_replace('~&#([0-9]{2,4})~e', 'chr(\\1)', $str); - } - - // Numeric Entities - $str = preg_replace('~&#x(0*[0-9a-f]{2,5});{0,1}~ei', 'chr(hexdec("\\1"))', $str); - $str = preg_replace('~&#([0-9]{2,4});{0,1}~e', 'chr(\\1)', $str); - - // Literal Entities - Slightly slow so we do another check if (stristr($str, '&') === FALSE) { - $str = strtr($str, array_flip(get_html_translation_table(HTML_ENTITIES))); + return $str; } - return $str; + $str = html_entity_decode($str, ENT_COMPAT, $charset); + $str = preg_replace('~&#x(0*[0-9a-f]{2,5})~ei', 'chr(hexdec("\\1"))', $str); + return preg_replace('~&#([0-9]{2,4})~e', 'chr(\\1)', $str); } // -------------------------------------------------------------------- @@ -632,25 +603,45 @@ class CI_Security { protected function _remove_evil_attributes($str, $is_image) { // All javascript event handlers (e.g. onload, onclick, onmouseover), style, and xmlns - $evil_attributes = array('on\w*', 'style', 'xmlns'); + $evil_attributes = array('on\w*', 'style', 'xmlns', 'formaction'); if ($is_image === TRUE) { /* - * Adobe Photoshop puts XML metadata into JFIF images, + * Adobe Photoshop puts XML metadata into JFIF images, * including namespacing, so we have to allow this for images. */ unset($evil_attributes[array_search('xmlns', $evil_attributes)]); } - + do { - $str = preg_replace( - "#<(/?[^><]+?)([^A-Za-z\-])(".implode('|', $evil_attributes).")(\s*=\s*)([\"][^>]*?[\"]|[\'][^>]*?[\']|[^>]*?)([\s><])([><]*)#i", - "<$1$6", - $str, -1, $count - ); - } while ($count); + $count = 0; + $attribs = array(); + + // find occurrences of illegal attribute strings without quotes + preg_match_all("/(".implode('|', $evil_attributes).")\s*=\s*([^\s]*)/is", $str, $matches, PREG_SET_ORDER); + + foreach ($matches as $attr) + { + $attribs[] = preg_quote($attr[0], '/'); + } + + // find occurrences of illegal attribute strings with quotes (042 and 047 are octal quotes) + preg_match_all("/(".implode('|', $evil_attributes).")\s*=\s*(\042|\047)([^\\2]*?)(\\2)/is", $str, $matches, PREG_SET_ORDER); + foreach ($matches as $attr) + { + $attribs[] = preg_quote($attr[0], '/'); + } + + // replace illegal attribute strings that are inside an html tag + if (count($attribs) > 0) + { + $str = preg_replace("/<(\/?[^><]+?)([^A-Za-z\-])(".implode('|', $attribs).")([\s><])([><]*)/i", '<$1$2$4$5', $str, -1, $count); + } + + } while ($count); + return $str; } -- cgit v1.2.3-24-g4f1b From 81dd22393368862760e1cfb30a0d73d070cd38af Mon Sep 17 00:00:00 2001 From: Shane Pearson Date: Fri, 18 Nov 2011 20:49:35 -0600 Subject: add method get_vars() to CI_Loader to retrieve all variables loaded with $this->load->vars() --- system/core/Loader.php | 14 ++++++++++++++ 1 file changed, 14 insertions(+) (limited to 'system/core') diff --git a/system/core/Loader.php b/system/core/Loader.php index 4e14b54af..d42dbbf38 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -494,6 +494,20 @@ class CI_Loader { // -------------------------------------------------------------------- + /** + * Get Variables + * + * Retrieve all loaded variables + * + * @return array + */ + public function get_vars() + { + return $this->_ci_cached_vars; + } + + // -------------------------------------------------------------------- + /** * Load Helper * -- cgit v1.2.3-24-g4f1b From 0ec05c1e582805d9b71f06e357846abeaf0e40a4 Mon Sep 17 00:00:00 2001 From: Chris Rosser Date: Mon, 21 Nov 2011 17:56:13 +0000 Subject: Added HTTP status code 422 (Unprocessable Entity) to set_status_header() --- system/core/Common.php | 1 + 1 file changed, 1 insertion(+) (limited to 'system/core') diff --git a/system/core/Common.php b/system/core/Common.php index e43bb8db3..b0921fe0c 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -419,6 +419,7 @@ if ( ! function_exists('set_status_header')) 415 => 'Unsupported Media Type', 416 => 'Requested Range Not Satisfiable', 417 => 'Expectation Failed', + 422 => 'Unprocessable Entity', 500 => 'Internal Server Error', 501 => 'Not Implemented', -- cgit v1.2.3-24-g4f1b From 796b2b711f22775ef8e2a578bd71d065f9800442 Mon Sep 17 00:00:00 2001 From: Jack Webb-Heller Date: Thu, 1 Dec 2011 11:56:12 +0000 Subject: CodeIgniter ignores the set config value for Maximum Execution Time, overwriting it with its own value of 300 seconds. Whilst this is sensible in the vast majority of situations (browsers), when running a script from CLI, it is likely that execution times may need to be longer. Therefore, don't override the time limit if being run from the CLI - instead default back to PHP's own configuration. --- system/core/CodeIgniter.php | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) (limited to 'system/core') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index 4d76a5587..abdbf91d8 100755 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -106,9 +106,13 @@ * Set a liberal script execution time limit * ------------------------------------------------------ */ - if (function_exists("set_time_limit") == TRUE AND @ini_get("safe_mode") == 0) + if (function_exists("set_time_limit") AND @ini_get("safe_mode") == 0) { - @set_time_limit(300); + // Do not override the Time Limit value if running from Command Line + if(php_sapi_name() != 'cli' && ! empty($_SERVER['REMOTE_ADDR'])) + { + @set_time_limit(300); + } } /* -- cgit v1.2.3-24-g4f1b From eea0cbebc48d156f74c044f9932602d051eb9401 Mon Sep 17 00:00:00 2001 From: Jack Webb-Heller Date: Thu, 1 Dec 2011 13:37:08 +0000 Subject: Removed `$_SERVER['REMOTE_ADDR']` following feedback --- system/core/CodeIgniter.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index abdbf91d8..97527e5ca 100755 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -109,7 +109,7 @@ if (function_exists("set_time_limit") AND @ini_get("safe_mode") == 0) { // Do not override the Time Limit value if running from Command Line - if(php_sapi_name() != 'cli' && ! empty($_SERVER['REMOTE_ADDR'])) + if(php_sapi_name() != 'cli') { @set_time_limit(300); } -- cgit v1.2.3-24-g4f1b From 03abee3df4534028c795e3c3da91034a3d3ee0f4 Mon Sep 17 00:00:00 2001 From: Greg Aker Date: Sun, 25 Dec 2011 00:31:29 -0600 Subject: Fixing soft tabs in a few files. --- system/core/Config.php | 2 +- system/core/Hooks.php | 2 +- system/core/Output.php | 2 +- system/core/Security.php | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) (limited to 'system/core') diff --git a/system/core/Config.php b/system/core/Config.php index abd2767d5..b0b4c9aa4 100755 --- a/system/core/Config.php +++ b/system/core/Config.php @@ -328,7 +328,7 @@ class CI_Config { $uri = $str; } } - return $uri; + return $uri; } // -------------------------------------------------------------------- diff --git a/system/core/Hooks.php b/system/core/Hooks.php index 46bfec02a..aa251a389 100755 --- a/system/core/Hooks.php +++ b/system/core/Hooks.php @@ -94,7 +94,7 @@ class CI_Hooks { if (defined('ENVIRONMENT') AND is_file(APPPATH.'config/'.ENVIRONMENT.'/hooks.php')) { - include(APPPATH.'config/'.ENVIRONMENT.'/hooks.php'); + include(APPPATH.'config/'.ENVIRONMENT.'/hooks.php'); } elseif (is_file(APPPATH.'config/hooks.php')) { diff --git a/system/core/Output.php b/system/core/Output.php index 7b53f8e3e..9727a184f 100755 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -108,7 +108,7 @@ class CI_Output { // Get mime types for later if (defined('ENVIRONMENT') AND file_exists(APPPATH.'config/'.ENVIRONMENT.'/mimes.php')) { - include APPPATH.'config/'.ENVIRONMENT.'/mimes.php'; + include APPPATH.'config/'.ENVIRONMENT.'/mimes.php'; } else { diff --git a/system/core/Security.php b/system/core/Security.php index ce3f7d3cc..60a64f358 100755 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -182,7 +182,7 @@ class CI_Security { // Nothing should last forever unset($_COOKIE[$this->_csrf_cookie_name]); - $this->_csrf_hash = ''; + $this->_csrf_hash = ''; $this->_csrf_set_hash(); $this->csrf_set_cookie(); -- cgit v1.2.3-24-g4f1b From 5c1aa631c5f5ec2f6b75ba1158178418e50ba11a Mon Sep 17 00:00:00 2001 From: Greg Aker Date: Sun, 25 Dec 2011 01:24:29 -0600 Subject: Abstracting the loading of files in the config directory depending on environments. --- system/core/CodeIgniter.php | 9 +- system/core/Common.php | 200 +++++++++++++++++++++++++------------------- system/core/Hooks.php | 11 +-- system/core/Loader.php | 9 +- system/core/Output.php | 10 +-- system/core/Router.php | 9 +- 6 files changed, 121 insertions(+), 127 deletions(-) (limited to 'system/core') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index 97527e5ca..04f346c7c 100755 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -59,14 +59,7 @@ * Load the framework constants * ------------------------------------------------------ */ - if (defined('ENVIRONMENT') AND file_exists(APPPATH.'config/'.ENVIRONMENT.'/constants.php')) - { - require(APPPATH.'config/'.ENVIRONMENT.'/constants.php'); - } - else - { - require(APPPATH.'config/constants.php'); - } + load_environ_config('constants', TRUE); /* * ------------------------------------------------------ diff --git a/system/core/Common.php b/system/core/Common.php index b0921fe0c..9e05f3db4 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -47,7 +47,6 @@ * Since there are a few places where we conditionally test for PHP > 5 * we'll set a static variable. * -* @access public * @param string * @return bool TRUE if the current version is $version or higher */ @@ -76,7 +75,6 @@ if ( ! function_exists('is_php')) * the file, based on the read-only attribute. is_writable() is also unreliable * on Unix servers if safe_mode is on. * - * @access private * @return void */ if ( ! function_exists('is_really_writable')) @@ -118,18 +116,17 @@ if ( ! function_exists('is_really_writable')) // ------------------------------------------------------------------------ /** -* Class registry -* -* This function acts as a singleton. If the requested class does not -* exist it is instantiated and set to a static variable. If it has -* previously been instantiated the variable is returned. -* -* @access public -* @param string the class name being requested -* @param string the directory where the class should be found -* @param string the class name prefix -* @return object -*/ + * Class registry + * + * This function acts as a singleton. If the requested class does not + * exist it is instantiated and set to a static variable. If it has + * previously been instantiated the variable is returned. + * + * @param string the class name being requested + * @param string the directory where the class should be found + * @param string the class name prefix + * @return object + */ if ( ! function_exists('load_class')) { function &load_class($class, $directory = 'libraries', $prefix = 'CI_') @@ -191,12 +188,11 @@ if ( ! function_exists('load_class')) // -------------------------------------------------------------------- /** -* Keeps track of which libraries have been loaded. This function is -* called by the load_class() function above -* -* @access public -* @return array -*/ + * Keeps track of which libraries have been loaded. This function is + * called by the load_class() function above + * + * @return array + */ if ( ! function_exists('is_loaded')) { function is_loaded($class = '') @@ -215,14 +211,13 @@ if ( ! function_exists('is_loaded')) // ------------------------------------------------------------------------ /** -* Loads the main config.php file -* -* This function lets us grab the config file even if the Config class -* hasn't been instantiated yet -* -* @access private -* @return array -*/ + * Loads the main config.php file + * + * This function lets us grab the config file even if the Config class + * hasn't been instantiated yet + * + * @return array + */ if ( ! function_exists('get_config')) { function &get_config($replace = array()) @@ -273,11 +268,10 @@ if ( ! function_exists('get_config')) // ------------------------------------------------------------------------ /** -* Returns the specified config item -* -* @access public -* @return mixed -*/ + * Returns the specified config item + * + * @return mixed + */ if ( ! function_exists('config_item')) { function config_item($item) @@ -302,17 +296,16 @@ if ( ! function_exists('config_item')) // ------------------------------------------------------------------------ /** -* Error Handler -* -* This function lets us invoke the exception class and -* display errors using the standard error template located -* in application/errors/errors.php -* This function will send the error page directly to the -* browser and exit. -* -* @access public -* @return void -*/ + * Error Handler + * + * This function lets us invoke the exception class and + * display errors using the standard error template located + * in application/errors/errors.php + * This function will send the error page directly to the + * browser and exit. + * + * @return void + */ if ( ! function_exists('show_error')) { function show_error($message, $status_code = 500, $heading = 'An Error Was Encountered') @@ -326,15 +319,14 @@ if ( ! function_exists('show_error')) // ------------------------------------------------------------------------ /** -* 404 Page Handler -* -* This function is similar to the show_error() function above -* However, instead of the standard error template it displays -* 404 errors. -* -* @access public -* @return void -*/ + * 404 Page Handler + * + * This function is similar to the show_error() function above + * However, instead of the standard error template it displays + * 404 errors. + * + * @return void + */ if ( ! function_exists('show_404')) { function show_404($page = '', $log_error = TRUE) @@ -348,14 +340,13 @@ if ( ! function_exists('show_404')) // ------------------------------------------------------------------------ /** -* Error Logging Interface -* -* We use this as a simple mechanism to access the logging -* class and send messages to be logged. -* -* @access public -* @return void -*/ + * Error Logging Interface + * + * We use this as a simple mechanism to access the logging + * class and send messages to be logged. + * + * @return void + */ if ( ! function_exists('log_message')) { function log_message($level = 'error', $message, $php_error = FALSE) @@ -377,7 +368,6 @@ if ( ! function_exists('log_message')) /** * Set HTTP Status Header * - * @access public * @param int the status code * @param string * @return void @@ -464,19 +454,18 @@ if ( ! function_exists('set_status_header')) // -------------------------------------------------------------------- /** -* Exception Handler -* -* This is the custom exception handler that is declaired at the top -* of Codeigniter.php. The main reason we use this is to permit -* PHP errors to be logged in our own log files since the user may -* not have access to server logs. Since this function -* effectively intercepts PHP errors, however, we also need -* to display errors based on the current error_reporting level. -* We do that with the use of a PHP error template. -* -* @access private -* @return void -*/ + * Exception Handler + * + * This is the custom exception handler that is declaired at the top + * of Codeigniter.php. The main reason we use this is to permit + * PHP errors to be logged in our own log files since the user may + * not have access to server logs. Since this function + * effectively intercepts PHP errors, however, we also need + * to display errors based on the current error_reporting level. + * We do that with the use of a PHP error template. + * + * @return void + */ if ( ! function_exists('_exception_handler')) { function _exception_handler($severity, $message, $filepath, $line) @@ -518,7 +507,6 @@ if ( ! function_exists('_exception_handler')) * This prevents sandwiching null characters * between ascii characters, like Java\0script. * - * @access public * @param string * @return string */ @@ -552,12 +540,11 @@ if ( ! function_exists('remove_invisible_characters')) // ------------------------------------------------------------------------ /** -* Returns HTML escaped variable -* -* @access public -* @param mixed -* @return mixed -*/ + * Returns HTML escaped variable + * + * @param mixed + * @return mixed + */ if ( ! function_exists('html_escape')) { function html_escape($var) @@ -566,12 +553,57 @@ if ( ! function_exists('html_escape')) { return array_map('html_escape', $var); } + + return htmlspecialchars($var, ENT_QUOTES, config_item('charset')); + } +} + +// ------------------------------------------------------------------------ + +/** + * Load Environmental config directory files. + * + * In several places we check to see if the environment is loaded up and if the file + * that is being requested lives in said environment. Otherwise load up the file from + * the main CI config dir. + * + * @todo Optimize a bit to lessen the file system hits if the file has been loaded. + * @param string filename without extension. eg: 'config' or 'hooks' + * @param boolean whether or not to do a `require_once()` or a simple `include()` + * @return void + */ + if ( ! function_exists('load_environ_config')) + { + function load_environ_config($file, $require=FALSE) + { + if (defined('ENVIRONMENT') AND file_exists(APPPATH.'config/'.ENVIRONMENT.'/'.$file.'.php')) + { + if ($require) + { + require_once(APPPATH.'config/'.ENVIRONMENT.'/'.$file.'.php'); + } + else + { + include(APPPATH.'config/'.ENVIRONMENT.'/'.$file.'.php'); + } + + return; + } + + if ($require) + { + require_once(APPPATH.'config/'.$file.'.php'); + } else { - return htmlspecialchars($var, ENT_QUOTES, config_item('charset')); + include(APPPATH.'config/'.$file.'.php'); } + + return; } -} + } + +// ------------------------------------------------------------------------ /* End of file Common.php */ /* Location: ./system/core/Common.php */ \ No newline at end of file diff --git a/system/core/Hooks.php b/system/core/Hooks.php index aa251a389..6a36ce963 100755 --- a/system/core/Hooks.php +++ b/system/core/Hooks.php @@ -91,16 +91,7 @@ class CI_Hooks { // Grab the "hooks" definition file. // If there are no hooks, we're done. - - if (defined('ENVIRONMENT') AND is_file(APPPATH.'config/'.ENVIRONMENT.'/hooks.php')) - { - include(APPPATH.'config/'.ENVIRONMENT.'/hooks.php'); - } - elseif (is_file(APPPATH.'config/hooks.php')) - { - include(APPPATH.'config/hooks.php'); - } - + load_environ_config('hooks'); if ( ! isset($hook) OR ! is_array($hook)) { diff --git a/system/core/Loader.php b/system/core/Loader.php index 4e14b54af..12d07bbe0 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -1125,14 +1125,7 @@ class CI_Loader { */ protected function _ci_autoloader() { - if (defined('ENVIRONMENT') AND file_exists(APPPATH.'config/'.ENVIRONMENT.'/autoload.php')) - { - include(APPPATH.'config/'.ENVIRONMENT.'/autoload.php'); - } - else - { - include(APPPATH.'config/autoload.php'); - } + load_environ_config('autoload'); if ( ! isset($autoload)) { diff --git a/system/core/Output.php b/system/core/Output.php index 9727a184f..4d1036ceb 100755 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -106,15 +106,7 @@ class CI_Output { $this->_zlib_oc = @ini_get('zlib.output_compression'); // Get mime types for later - if (defined('ENVIRONMENT') AND file_exists(APPPATH.'config/'.ENVIRONMENT.'/mimes.php')) - { - include APPPATH.'config/'.ENVIRONMENT.'/mimes.php'; - } - else - { - include APPPATH.'config/mimes.php'; - } - + load_environ_config('mimes'); $this->mime_types = $mimes; diff --git a/system/core/Router.php b/system/core/Router.php index 748678d67..5388a9289 100755 --- a/system/core/Router.php +++ b/system/core/Router.php @@ -141,14 +141,7 @@ class CI_Router { } // Load the routes.php file. - if (defined('ENVIRONMENT') AND is_file(APPPATH.'config/'.ENVIRONMENT.'/routes.php')) - { - include(APPPATH.'config/'.ENVIRONMENT.'/routes.php'); - } - elseif (is_file(APPPATH.'config/routes.php')) - { - include(APPPATH.'config/routes.php'); - } + load_environ_config('routes'); $this->routes = ( ! isset($route) OR ! is_array($route)) ? array() : $route; unset($route); -- cgit v1.2.3-24-g4f1b From d2c4ec66946877ba4ef1c2bedf848eca9667c01d Mon Sep 17 00:00:00 2001 From: Greg Aker Date: Sun, 25 Dec 2011 22:52:57 -0600 Subject: Changes in the UTF8 Class. - Adding error suppression ("@") on the preg_match() in the constructor to help prevent errors if PCRE doesn't support Unicode - Adding method visibility. - Changed comparisons on integers/booleans to explicit. eg: !==/=== --- system/core/Utf8.php | 25 ++++++++++--------------- 1 file changed, 10 insertions(+), 15 deletions(-) (limited to 'system/core') diff --git a/system/core/Utf8.php b/system/core/Utf8.php index 7abe4e43b..1bcf526a5 100644 --- a/system/core/Utf8.php +++ b/system/core/Utf8.php @@ -44,19 +44,18 @@ class CI_Utf8 { * Constructor * * Determines if UTF-8 support is to be enabled - * */ - function __construct() + public function __construct() { log_message('debug', "Utf8 Class Initialized"); global $CFG; if ( - preg_match('/./u', 'é') === 1 // PCRE must support UTF-8 - AND function_exists('iconv') // iconv must be installed - AND ini_get('mbstring.func_overload') != 1 // Multibyte string function overloading cannot be enabled - AND $CFG->item('charset') == 'UTF-8' // Application charset must be UTF-8 + @preg_match('/./u', 'é') === 1 // PCRE must support UTF-8 + && function_exists('iconv') // iconv must be installed + && ini_get('mbstring.func_overload') !== 1 // Multibyte string function overloading cannot be enabled + && $CFG->item('charset') == 'UTF-8' // Application charset must be UTF-8 ) { log_message('debug', "UTF-8 Support Enabled"); @@ -90,11 +89,10 @@ class CI_Utf8 { * * Ensures strings are UTF-8 * - * @access public * @param string * @return string */ - function clean_string($str) + public function clean_string($str) { if ($this->_is_ascii($str) === FALSE) { @@ -113,11 +111,10 @@ class CI_Utf8 { * line feeds, and carriage returns, as all others can cause * problems in XML * - * @access public * @param string * @return string */ - function safe_ascii_for_xml($str) + public function safe_ascii_for_xml($str) { return remove_invisible_characters($str, FALSE); } @@ -129,12 +126,11 @@ class CI_Utf8 { * * Attempts to convert a string to UTF-8 * - * @access public * @param string * @param string - input encoding * @return string */ - function convert_to_utf8($str, $encoding) + public function convert_to_utf8($str, $encoding) { if (function_exists('iconv')) { @@ -159,13 +155,12 @@ class CI_Utf8 { * * Tests if a string is standard 7-bit ASCII or not * - * @access public * @param string * @return bool */ - function _is_ascii($str) + protected function _is_ascii($str) { - return (preg_match('/[^\x00-\x7F]/S', $str) == 0); + return (preg_match('/[^\x00-\x7F]/S', $str) === 0); } // -------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From d96f88277c1e9a4c069c2e2ee3d779385549f31a Mon Sep 17 00:00:00 2001 From: Greg Aker Date: Tue, 27 Dec 2011 16:23:47 -0600 Subject: Revert "Abstracting the loading of files in the config directory depending on environments." This reverts commit 5c1aa631c5f5ec2f6b75ba1158178418e50ba11a. --- system/core/CodeIgniter.php | 9 +- system/core/Common.php | 200 +++++++++++++++++++------------------------- system/core/Hooks.php | 11 ++- system/core/Loader.php | 9 +- system/core/Output.php | 10 ++- system/core/Router.php | 9 +- 6 files changed, 127 insertions(+), 121 deletions(-) (limited to 'system/core') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index 04f346c7c..97527e5ca 100755 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -59,7 +59,14 @@ * Load the framework constants * ------------------------------------------------------ */ - load_environ_config('constants', TRUE); + if (defined('ENVIRONMENT') AND file_exists(APPPATH.'config/'.ENVIRONMENT.'/constants.php')) + { + require(APPPATH.'config/'.ENVIRONMENT.'/constants.php'); + } + else + { + require(APPPATH.'config/constants.php'); + } /* * ------------------------------------------------------ diff --git a/system/core/Common.php b/system/core/Common.php index 9e05f3db4..b0921fe0c 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -47,6 +47,7 @@ * Since there are a few places where we conditionally test for PHP > 5 * we'll set a static variable. * +* @access public * @param string * @return bool TRUE if the current version is $version or higher */ @@ -75,6 +76,7 @@ if ( ! function_exists('is_php')) * the file, based on the read-only attribute. is_writable() is also unreliable * on Unix servers if safe_mode is on. * + * @access private * @return void */ if ( ! function_exists('is_really_writable')) @@ -116,17 +118,18 @@ if ( ! function_exists('is_really_writable')) // ------------------------------------------------------------------------ /** - * Class registry - * - * This function acts as a singleton. If the requested class does not - * exist it is instantiated and set to a static variable. If it has - * previously been instantiated the variable is returned. - * - * @param string the class name being requested - * @param string the directory where the class should be found - * @param string the class name prefix - * @return object - */ +* Class registry +* +* This function acts as a singleton. If the requested class does not +* exist it is instantiated and set to a static variable. If it has +* previously been instantiated the variable is returned. +* +* @access public +* @param string the class name being requested +* @param string the directory where the class should be found +* @param string the class name prefix +* @return object +*/ if ( ! function_exists('load_class')) { function &load_class($class, $directory = 'libraries', $prefix = 'CI_') @@ -188,11 +191,12 @@ if ( ! function_exists('load_class')) // -------------------------------------------------------------------- /** - * Keeps track of which libraries have been loaded. This function is - * called by the load_class() function above - * - * @return array - */ +* Keeps track of which libraries have been loaded. This function is +* called by the load_class() function above +* +* @access public +* @return array +*/ if ( ! function_exists('is_loaded')) { function is_loaded($class = '') @@ -211,13 +215,14 @@ if ( ! function_exists('is_loaded')) // ------------------------------------------------------------------------ /** - * Loads the main config.php file - * - * This function lets us grab the config file even if the Config class - * hasn't been instantiated yet - * - * @return array - */ +* Loads the main config.php file +* +* This function lets us grab the config file even if the Config class +* hasn't been instantiated yet +* +* @access private +* @return array +*/ if ( ! function_exists('get_config')) { function &get_config($replace = array()) @@ -268,10 +273,11 @@ if ( ! function_exists('get_config')) // ------------------------------------------------------------------------ /** - * Returns the specified config item - * - * @return mixed - */ +* Returns the specified config item +* +* @access public +* @return mixed +*/ if ( ! function_exists('config_item')) { function config_item($item) @@ -296,16 +302,17 @@ if ( ! function_exists('config_item')) // ------------------------------------------------------------------------ /** - * Error Handler - * - * This function lets us invoke the exception class and - * display errors using the standard error template located - * in application/errors/errors.php - * This function will send the error page directly to the - * browser and exit. - * - * @return void - */ +* Error Handler +* +* This function lets us invoke the exception class and +* display errors using the standard error template located +* in application/errors/errors.php +* This function will send the error page directly to the +* browser and exit. +* +* @access public +* @return void +*/ if ( ! function_exists('show_error')) { function show_error($message, $status_code = 500, $heading = 'An Error Was Encountered') @@ -319,14 +326,15 @@ if ( ! function_exists('show_error')) // ------------------------------------------------------------------------ /** - * 404 Page Handler - * - * This function is similar to the show_error() function above - * However, instead of the standard error template it displays - * 404 errors. - * - * @return void - */ +* 404 Page Handler +* +* This function is similar to the show_error() function above +* However, instead of the standard error template it displays +* 404 errors. +* +* @access public +* @return void +*/ if ( ! function_exists('show_404')) { function show_404($page = '', $log_error = TRUE) @@ -340,13 +348,14 @@ if ( ! function_exists('show_404')) // ------------------------------------------------------------------------ /** - * Error Logging Interface - * - * We use this as a simple mechanism to access the logging - * class and send messages to be logged. - * - * @return void - */ +* Error Logging Interface +* +* We use this as a simple mechanism to access the logging +* class and send messages to be logged. +* +* @access public +* @return void +*/ if ( ! function_exists('log_message')) { function log_message($level = 'error', $message, $php_error = FALSE) @@ -368,6 +377,7 @@ if ( ! function_exists('log_message')) /** * Set HTTP Status Header * + * @access public * @param int the status code * @param string * @return void @@ -454,18 +464,19 @@ if ( ! function_exists('set_status_header')) // -------------------------------------------------------------------- /** - * Exception Handler - * - * This is the custom exception handler that is declaired at the top - * of Codeigniter.php. The main reason we use this is to permit - * PHP errors to be logged in our own log files since the user may - * not have access to server logs. Since this function - * effectively intercepts PHP errors, however, we also need - * to display errors based on the current error_reporting level. - * We do that with the use of a PHP error template. - * - * @return void - */ +* Exception Handler +* +* This is the custom exception handler that is declaired at the top +* of Codeigniter.php. The main reason we use this is to permit +* PHP errors to be logged in our own log files since the user may +* not have access to server logs. Since this function +* effectively intercepts PHP errors, however, we also need +* to display errors based on the current error_reporting level. +* We do that with the use of a PHP error template. +* +* @access private +* @return void +*/ if ( ! function_exists('_exception_handler')) { function _exception_handler($severity, $message, $filepath, $line) @@ -507,6 +518,7 @@ if ( ! function_exists('_exception_handler')) * This prevents sandwiching null characters * between ascii characters, like Java\0script. * + * @access public * @param string * @return string */ @@ -540,11 +552,12 @@ if ( ! function_exists('remove_invisible_characters')) // ------------------------------------------------------------------------ /** - * Returns HTML escaped variable - * - * @param mixed - * @return mixed - */ +* Returns HTML escaped variable +* +* @access public +* @param mixed +* @return mixed +*/ if ( ! function_exists('html_escape')) { function html_escape($var) @@ -553,57 +566,12 @@ if ( ! function_exists('html_escape')) { return array_map('html_escape', $var); } - - return htmlspecialchars($var, ENT_QUOTES, config_item('charset')); - } -} - -// ------------------------------------------------------------------------ - -/** - * Load Environmental config directory files. - * - * In several places we check to see if the environment is loaded up and if the file - * that is being requested lives in said environment. Otherwise load up the file from - * the main CI config dir. - * - * @todo Optimize a bit to lessen the file system hits if the file has been loaded. - * @param string filename without extension. eg: 'config' or 'hooks' - * @param boolean whether or not to do a `require_once()` or a simple `include()` - * @return void - */ - if ( ! function_exists('load_environ_config')) - { - function load_environ_config($file, $require=FALSE) - { - if (defined('ENVIRONMENT') AND file_exists(APPPATH.'config/'.ENVIRONMENT.'/'.$file.'.php')) - { - if ($require) - { - require_once(APPPATH.'config/'.ENVIRONMENT.'/'.$file.'.php'); - } - else - { - include(APPPATH.'config/'.ENVIRONMENT.'/'.$file.'.php'); - } - - return; - } - - if ($require) - { - require_once(APPPATH.'config/'.$file.'.php'); - } else { - include(APPPATH.'config/'.$file.'.php'); + return htmlspecialchars($var, ENT_QUOTES, config_item('charset')); } - - return; } - } - -// ------------------------------------------------------------------------ +} /* End of file Common.php */ /* Location: ./system/core/Common.php */ \ No newline at end of file diff --git a/system/core/Hooks.php b/system/core/Hooks.php index 6a36ce963..aa251a389 100755 --- a/system/core/Hooks.php +++ b/system/core/Hooks.php @@ -91,7 +91,16 @@ class CI_Hooks { // Grab the "hooks" definition file. // If there are no hooks, we're done. - load_environ_config('hooks'); + + if (defined('ENVIRONMENT') AND is_file(APPPATH.'config/'.ENVIRONMENT.'/hooks.php')) + { + include(APPPATH.'config/'.ENVIRONMENT.'/hooks.php'); + } + elseif (is_file(APPPATH.'config/hooks.php')) + { + include(APPPATH.'config/hooks.php'); + } + if ( ! isset($hook) OR ! is_array($hook)) { diff --git a/system/core/Loader.php b/system/core/Loader.php index 83d134ef4..d42dbbf38 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -1139,7 +1139,14 @@ class CI_Loader { */ protected function _ci_autoloader() { - load_environ_config('autoload'); + if (defined('ENVIRONMENT') AND file_exists(APPPATH.'config/'.ENVIRONMENT.'/autoload.php')) + { + include(APPPATH.'config/'.ENVIRONMENT.'/autoload.php'); + } + else + { + include(APPPATH.'config/autoload.php'); + } if ( ! isset($autoload)) { diff --git a/system/core/Output.php b/system/core/Output.php index 4d1036ceb..9727a184f 100755 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -106,7 +106,15 @@ class CI_Output { $this->_zlib_oc = @ini_get('zlib.output_compression'); // Get mime types for later - load_environ_config('mimes'); + if (defined('ENVIRONMENT') AND file_exists(APPPATH.'config/'.ENVIRONMENT.'/mimes.php')) + { + include APPPATH.'config/'.ENVIRONMENT.'/mimes.php'; + } + else + { + include APPPATH.'config/mimes.php'; + } + $this->mime_types = $mimes; diff --git a/system/core/Router.php b/system/core/Router.php index 5388a9289..748678d67 100755 --- a/system/core/Router.php +++ b/system/core/Router.php @@ -141,7 +141,14 @@ class CI_Router { } // Load the routes.php file. - load_environ_config('routes'); + if (defined('ENVIRONMENT') AND is_file(APPPATH.'config/'.ENVIRONMENT.'/routes.php')) + { + include(APPPATH.'config/'.ENVIRONMENT.'/routes.php'); + } + elseif (is_file(APPPATH.'config/routes.php')) + { + include(APPPATH.'config/routes.php'); + } $this->routes = ( ! isset($route) OR ! is_array($route)) ? array() : $route; unset($route); -- cgit v1.2.3-24-g4f1b From 2be25a6fdb9aa197debca28d1cfe0e0e542296b0 Mon Sep 17 00:00:00 2001 From: RS71 Date: Sat, 31 Dec 2011 16:02:04 -0200 Subject: Update system/core/Security.php --- system/core/Security.php | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) (limited to 'system/core') diff --git a/system/core/Security.php b/system/core/Security.php index 60a64f358..510f3d1ae 100755 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -180,9 +180,14 @@ class CI_Security { // polute the _POST array unset($_POST[$this->_csrf_token_name]); - // Nothing should last forever - unset($_COOKIE[$this->_csrf_cookie_name]); - $this->_csrf_hash = ''; + // Regenerate on every submission? + if (config_item('csrf_regenerate')) + { + // Nothing should last forever + unset($_COOKIE[$this->_csrf_cookie_name]); + $this->_csrf_hash = ''; + } + $this->_csrf_set_hash(); $this->csrf_set_cookie(); -- cgit v1.2.3-24-g4f1b From 0defe5d33ee2633f377a109519ca818becc60f64 Mon Sep 17 00:00:00 2001 From: Greg Aker Date: Sun, 1 Jan 2012 18:46:41 -0600 Subject: Updating copyright date to 2012 --- system/core/Benchmark.php | 2 +- system/core/CodeIgniter.php | 2 +- system/core/Common.php | 2 +- system/core/Config.php | 2 +- system/core/Controller.php | 2 +- system/core/Exceptions.php | 2 +- system/core/Hooks.php | 2 +- system/core/Input.php | 2 +- system/core/Lang.php | 2 +- system/core/Loader.php | 2 +- system/core/Model.php | 2 +- system/core/Output.php | 2 +- system/core/Router.php | 2 +- system/core/Security.php | 2 +- system/core/URI.php | 2 +- system/core/Utf8.php | 2 +- 16 files changed, 16 insertions(+), 16 deletions(-) (limited to 'system/core') diff --git a/system/core/Benchmark.php b/system/core/Benchmark.php index 0f3104079..da246c9e0 100755 --- a/system/core/Benchmark.php +++ b/system/core/Benchmark.php @@ -18,7 +18,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/) * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index 97527e5ca..5152073d5 100755 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -18,7 +18,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/) * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 diff --git a/system/core/Common.php b/system/core/Common.php index b0921fe0c..f42bb640c 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -18,7 +18,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/) * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 diff --git a/system/core/Config.php b/system/core/Config.php index b0b4c9aa4..3e2635494 100755 --- a/system/core/Config.php +++ b/system/core/Config.php @@ -18,7 +18,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/) * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 diff --git a/system/core/Controller.php b/system/core/Controller.php index ca2bf41b5..55b3ec235 100644 --- a/system/core/Controller.php +++ b/system/core/Controller.php @@ -18,7 +18,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/) * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 diff --git a/system/core/Exceptions.php b/system/core/Exceptions.php index ead8d814e..3737f2930 100755 --- a/system/core/Exceptions.php +++ b/system/core/Exceptions.php @@ -18,7 +18,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/) * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 diff --git a/system/core/Hooks.php b/system/core/Hooks.php index aa251a389..174adcb19 100755 --- a/system/core/Hooks.php +++ b/system/core/Hooks.php @@ -18,7 +18,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/) * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 diff --git a/system/core/Input.php b/system/core/Input.php index 3cbbe787f..7cfa4c63f 100755 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -18,7 +18,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/) * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 diff --git a/system/core/Lang.php b/system/core/Lang.php index e03afb07d..5eb2801f6 100755 --- a/system/core/Lang.php +++ b/system/core/Lang.php @@ -18,7 +18,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/) * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 diff --git a/system/core/Loader.php b/system/core/Loader.php index d42dbbf38..c4a6b501c 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -18,7 +18,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/) * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 diff --git a/system/core/Model.php b/system/core/Model.php index c34bab64b..fc640139a 100755 --- a/system/core/Model.php +++ b/system/core/Model.php @@ -18,7 +18,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/) * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 diff --git a/system/core/Output.php b/system/core/Output.php index 9727a184f..e529f914d 100755 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -18,7 +18,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/) * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 diff --git a/system/core/Router.php b/system/core/Router.php index 748678d67..8cad86888 100755 --- a/system/core/Router.php +++ b/system/core/Router.php @@ -18,7 +18,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/) * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 diff --git a/system/core/Security.php b/system/core/Security.php index 60a64f358..272a8bf3f 100755 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -18,7 +18,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/) * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 diff --git a/system/core/URI.php b/system/core/URI.php index 578d17429..3c26d307b 100755 --- a/system/core/URI.php +++ b/system/core/URI.php @@ -18,7 +18,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/) * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 diff --git a/system/core/Utf8.php b/system/core/Utf8.php index 1bcf526a5..40a7ac4c0 100644 --- a/system/core/Utf8.php +++ b/system/core/Utf8.php @@ -18,7 +18,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/) * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 2.0 -- cgit v1.2.3-24-g4f1b From 2fbbfe34033dba5f362382818d0ae4c809ff6698 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 7 Jan 2012 18:37:15 +0200 Subject: Improve the Benchmark library --- system/core/Benchmark.php | 23 +++++++++-------------- 1 file changed, 9 insertions(+), 14 deletions(-) (limited to 'system/core') diff --git a/system/core/Benchmark.php b/system/core/Benchmark.php index da246c9e0..f4dfd3dab 100755 --- a/system/core/Benchmark.php +++ b/system/core/Benchmark.php @@ -1,13 +1,13 @@ -marker[$name] = microtime(); } @@ -75,13 +74,12 @@ class CI_Benchmark { * execution time to be shown in a template. The output class will * swap the real value for this variable. * - * @access public * @param string a particular marked point * @param string a particular marked point * @param integer the number of decimal places * @return mixed */ - function elapsed_time($point1 = '', $point2 = '', $decimals = 4) + public function elapsed_time($point1 = '', $point2 = '', $decimals = 4) { if ($point1 == '') { @@ -114,17 +112,14 @@ class CI_Benchmark { * without the memory being calculated until the end. * The output class will swap the real value for this variable. * - * @access public * @return string */ - function memory_usage() + public function memory_usage() { return '{memory_usage}'; } } -// END CI_Benchmark class - /* End of file Benchmark.php */ -/* Location: ./system/core/Benchmark.php */ \ No newline at end of file +/* Location: ./system/core/Benchmark.php */ -- cgit v1.2.3-24-g4f1b From 9c5c24a582b32659c89f74fb5f773d06db23e426 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 7 Jan 2012 18:51:21 +0200 Subject: Improve core/CodeIgniter.php --- system/core/CodeIgniter.php | 38 +++++++++++++++----------------------- 1 file changed, 15 insertions(+), 23 deletions(-) (limited to 'system/core') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index 5152073d5..e3d818825 100755 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -1,13 +1,13 @@ -_call_hook('cache_override') === FALSE) + if ($EXT->_call_hook('cache_override') === FALSE + AND $OUT->_display_cache($CFG, $URI) == TRUE) { - if ($OUT->_display_cache($CFG, $URI) == TRUE) - { - exit; - } + exit; } /* @@ -273,13 +267,13 @@ $method = $RTR->fetch_method(); if ( ! class_exists($class) - OR strncmp($method, '_', 1) == 0 + OR strpos($method, '_', 1) === 0 OR in_array(strtolower($method), array_map('strtolower', get_class_methods('CI_Controller'))) ) { if ( ! empty($RTR->routes['404_override'])) { - $x = explode('/', $RTR->routes['404_override']); + $x = explode('/', $RTR->routes['404_override'], 2); $class = $x[0]; $method = (isset($x[1]) ? $x[1] : 'index'); if ( ! class_exists($class)) @@ -341,7 +335,7 @@ // Check and see if we are using a 404 override and use it. if ( ! empty($RTR->routes['404_override'])) { - $x = explode('/', $RTR->routes['404_override']); + $x = explode('/', $RTR->routes['404_override'], 2); $class = $x[0]; $method = (isset($x[1]) ? $x[1] : 'index'); if ( ! class_exists($class)) @@ -367,7 +361,6 @@ call_user_func_array(array(&$CI, $method), array_slice($URI->rsegments, 2)); } - // Mark a benchmark end point $BM->mark('controller_execution_time_( '.$class.' / '.$method.' )_end'); @@ -405,6 +398,5 @@ $CI->db->close(); } - /* End of file CodeIgniter.php */ -/* Location: ./system/core/CodeIgniter.php */ \ No newline at end of file +/* Location: ./system/core/CodeIgniter.php */ -- cgit v1.2.3-24-g4f1b From 188abafcd3cc9b196755c0227eebc9a10f33d3a7 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 7 Jan 2012 19:09:42 +0200 Subject: Improve core/Common.php --- system/core/Common.php | 133 ++++++++++++++++++++++++------------------------- 1 file changed, 66 insertions(+), 67 deletions(-) (limited to 'system/core') diff --git a/system/core/Common.php b/system/core/Common.php index f42bb640c..abbe789e2 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -1,13 +1,13 @@ - 'OK', - 201 => 'Created', - 202 => 'Accepted', - 203 => 'Non-Authoritative Information', - 204 => 'No Content', - 205 => 'Reset Content', - 206 => 'Partial Content', - - 300 => 'Multiple Choices', - 301 => 'Moved Permanently', - 302 => 'Found', - 304 => 'Not Modified', - 305 => 'Use Proxy', - 307 => 'Temporary Redirect', - - 400 => 'Bad Request', - 401 => 'Unauthorized', - 403 => 'Forbidden', - 404 => 'Not Found', - 405 => 'Method Not Allowed', - 406 => 'Not Acceptable', - 407 => 'Proxy Authentication Required', - 408 => 'Request Timeout', - 409 => 'Conflict', - 410 => 'Gone', - 411 => 'Length Required', - 412 => 'Precondition Failed', - 413 => 'Request Entity Too Large', - 414 => 'Request-URI Too Long', - 415 => 'Unsupported Media Type', - 416 => 'Requested Range Not Satisfiable', - 417 => 'Expectation Failed', - 422 => 'Unprocessable Entity', - - 500 => 'Internal Server Error', - 501 => 'Not Implemented', - 502 => 'Bad Gateway', - 503 => 'Service Unavailable', - 504 => 'Gateway Timeout', - 505 => 'HTTP Version Not Supported' - ); + 200 => 'OK', + 201 => 'Created', + 202 => 'Accepted', + 203 => 'Non-Authoritative Information', + 204 => 'No Content', + 205 => 'Reset Content', + 206 => 'Partial Content', + + 300 => 'Multiple Choices', + 301 => 'Moved Permanently', + 302 => 'Found', + 304 => 'Not Modified', + 305 => 'Use Proxy', + 307 => 'Temporary Redirect', + + 400 => 'Bad Request', + 401 => 'Unauthorized', + 403 => 'Forbidden', + 404 => 'Not Found', + 405 => 'Method Not Allowed', + 406 => 'Not Acceptable', + 407 => 'Proxy Authentication Required', + 408 => 'Request Timeout', + 409 => 'Conflict', + 410 => 'Gone', + 411 => 'Length Required', + 412 => 'Precondition Failed', + 413 => 'Request Entity Too Large', + 414 => 'Request-URI Too Long', + 415 => 'Unsupported Media Type', + 416 => 'Requested Range Not Satisfiable', + 417 => 'Expectation Failed', + 422 => 'Unprocessable Entity', + + 500 => 'Internal Server Error', + 501 => 'Not Implemented', + 502 => 'Bad Gateway', + 503 => 'Service Unavailable', + 504 => 'Gateway Timeout', + 505 => 'HTTP Version Not Supported' + ); if ($code == '' OR ! is_numeric($code)) { @@ -441,12 +441,12 @@ if ( ! function_exists('set_status_header')) if ($text == '') { - show_error('No status text available. Please check your status code number or supply your own message text.', 500); + show_error('No status text available. Please check your status code number or supply your own message text.', 500); } $server_protocol = (isset($_SERVER['SERVER_PROTOCOL'])) ? $_SERVER['SERVER_PROTOCOL'] : FALSE; - if (substr(php_sapi_name(), 0, 3) == 'cgi') + if (strpos(php_sapi_name(), 'cgi') === 0) { header("Status: {$code} {$text}", TRUE); } @@ -527,16 +527,15 @@ if ( ! function_exists('remove_invisible_characters')) function remove_invisible_characters($str, $url_encoded = TRUE) { $non_displayables = array(); - - // every control character except newline (dec 10) - // carriage return (dec 13), and horizontal tab (dec 09) - + + // every control character except newline (dec 10), + // carriage return (dec 13) and horizontal tab (dec 09) if ($url_encoded) { $non_displayables[] = '/%0[0-8bcef]/'; // url encoded 00-08, 11, 12, 14, 15 $non_displayables[] = '/%1[0-9a-f]/'; // url encoded 16-31 } - + $non_displayables[] = '/[\x00-\x08\x0B\x0C\x0E-\x1F\x7F]+/S'; // 00-08, 11, 12, 14-31, 127 do @@ -574,4 +573,4 @@ if ( ! function_exists('html_escape')) } /* End of file Common.php */ -/* Location: ./system/core/Common.php */ \ No newline at end of file +/* Location: ./system/core/Common.php */ -- cgit v1.2.3-24-g4f1b From ccabcfd68919ecf146cd5f21079365afbffad000 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 7 Jan 2012 19:30:47 +0200 Subject: Improve the Config library --- system/core/Config.php | 114 +++++++++++++++++-------------------------------- 1 file changed, 40 insertions(+), 74 deletions(-) (limited to 'system/core') diff --git a/system/core/Config.php b/system/core/Config.php index 3e2635494..55da4e338 100755 --- a/system/core/Config.php +++ b/system/core/Config.php @@ -1,13 +1,13 @@ -config =& get_config(); log_message('debug', "Config Class Initialized"); @@ -81,10 +81,9 @@ class CI_Config { if (isset($_SERVER['HTTP_HOST'])) { $base_url = isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) !== 'off' ? 'https' : 'http'; - $base_url .= '://'. $_SERVER['HTTP_HOST']; - $base_url .= str_replace(basename($_SERVER['SCRIPT_NAME']), '', $_SERVER['SCRIPT_NAME']); + $base_url .= '://'. $_SERVER['HTTP_HOST'] + . str_replace(basename($_SERVER['SCRIPT_NAME']), '', $_SERVER['SCRIPT_NAME']); } - else { $base_url = 'http://localhost/'; @@ -99,27 +98,25 @@ class CI_Config { /** * Load Config File * - * @access public * @param string the config file name - * @param boolean if configuration values should be loaded into their own section - * @param boolean true if errors should just return false, false if an error message should be displayed + * @param boolean if configuration values should be loaded into their own section + * @param boolean true if errors should just return false, false if an error message should be displayed * @return boolean if the file was loaded correctly */ - function load($file = '', $use_sections = FALSE, $fail_gracefully = FALSE) + public function load($file = '', $use_sections = FALSE, $fail_gracefully = FALSE) { $file = ($file == '') ? 'config' : str_replace('.php', '', $file); - $found = FALSE; - $loaded = FALSE; + $found = $loaded = FALSE; foreach ($this->_config_paths as $path) { $check_locations = defined('ENVIRONMENT') - ? array(ENVIRONMENT.'/'.$file, $file) + ? array(ENVIRONMENT.DIRECTORY_SEPARATOR.$file, $file) : array($file); foreach ($check_locations as $location) { - $file_path = $path.'config/'.$location.'.php'; + $file_path = $path.'config'.DIRECTORY_SEPARATOR.$location.'.php'; if (in_array($file_path, $this->is_loaded, TRUE)) { @@ -192,39 +189,19 @@ class CI_Config { * Fetch a config file item * * - * @access public * @param string the config item name * @param string the index name * @param bool * @return string */ - function item($item, $index = '') + public function item($item, $index = '') { if ($index == '') { - if ( ! isset($this->config[$item])) - { - return FALSE; - } - - $pref = $this->config[$item]; - } - else - { - if ( ! isset($this->config[$index])) - { - return FALSE; - } - - if ( ! isset($this->config[$index][$item])) - { - return FALSE; - } - - $pref = $this->config[$index][$item]; + return isset($this->config[$item]) ? $this->config[$item] : FALSE; } - return $pref; + return isset($this->config[$index], $this->config[$index][$item]) ? $this->config[$index][$item] : FALSE; } // -------------------------------------------------------------------- @@ -232,18 +209,17 @@ class CI_Config { /** * Fetch a config file item - adds slash after item (if item is not empty) * - * @access public * @param string the config item name * @param bool * @return string */ - function slash_item($item) + public function slash_item($item) { if ( ! isset($this->config[$item])) { return FALSE; } - if( trim($this->config[$item]) == '') + elseif (trim($this->config[$item]) == '') { return ''; } @@ -257,11 +233,10 @@ class CI_Config { * Site URL * Returns base_url . index_page [. uri_string] * - * @access public * @param string the URI string * @return string */ - function site_url($uri = '') + public function site_url($uri = '') { if ($uri == '') { @@ -285,11 +260,10 @@ class CI_Config { * Base URL * Returns base_url [. uri_string] * - * @access public * @param string $uri * @return string */ - function base_url($uri = '') + public function base_url($uri = '') { return $this->slash_item('base_url').ltrim($this->_uri_string($uri),'/'); } @@ -299,8 +273,7 @@ class CI_Config { /** * Build URI string for use in Config::site_url() and Config::base_url() * - * @access protected - * @param $uri + * @param mixed $uri * @return string */ protected function _uri_string($uri) @@ -311,23 +284,21 @@ class CI_Config { { $uri = implode('/', $uri); } - $uri = trim($uri, '/'); + return trim($uri, '/'); } - else + elseif (is_array($uri)) { - if (is_array($uri)) + $i = 0; + $str = ''; + foreach ($uri as $key => $val) { - $i = 0; - $str = ''; - foreach ($uri as $key => $val) - { - $prefix = ($i == 0) ? '' : '&'; - $str .= $prefix.$key.'='.$val; - $i++; - } - $uri = $str; + $prefix = ($i === 0) ? '' : '&'; + $str .= $prefix.$key.'='.$val; + $i++; } + return $str; } + return $uri; } @@ -336,12 +307,11 @@ class CI_Config { /** * System URL * - * @access public * @return string */ - function system_url() + public function system_url() { - $x = explode("/", preg_replace("|/*(.+?)/*$|", "\\1", BASEPATH)); + $x = explode('/', preg_replace('|/*(.+?)/*$|', '\\1', BASEPATH)); return $this->slash_item('base_url').end($x).'/'; } @@ -350,12 +320,11 @@ class CI_Config { /** * Set a config file item * - * @access public * @param string the config item key * @param string the config item value * @return void */ - function set_item($item, $value) + public function set_item($item, $value) { $this->config[$item] = $value; } @@ -366,14 +335,13 @@ class CI_Config { * Assign to Config * * This function is called by the front controller (CodeIgniter.php) - * after the Config class is instantiated. It permits config items + * after the Config class is instantiated. It permits config items * to be assigned or overriden by variables contained in the index.php file * - * @access private * @param array * @return void */ - function _assign_to_config($items = array()) + public function _assign_to_config($items = array()) { if (is_array($items)) { @@ -385,7 +353,5 @@ class CI_Config { } } -// END CI_Config class - /* End of file Config.php */ /* Location: ./system/core/Config.php */ -- cgit v1.2.3-24-g4f1b From 7ac33d7a615f9b5e27fe92a0a91c4ebfb19faad3 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 7 Jan 2012 19:39:39 +0200 Subject: Improve core Controller & Exceptions libraries --- system/core/Controller.php | 16 +++------ system/core/Exceptions.php | 83 +++++++++++++++++++--------------------------- 2 files changed, 40 insertions(+), 59 deletions(-) (limited to 'system/core') diff --git a/system/core/Controller.php b/system/core/Controller.php index 55b3ec235..5ae0b0924 100644 --- a/system/core/Controller.php +++ b/system/core/Controller.php @@ -1,13 +1,13 @@ -load =& load_class('Loader', 'core'); - $this->load->initialize(); - log_message('debug', "Controller Class Initialized"); } @@ -70,7 +65,6 @@ class CI_Controller { return self::$instance; } } -// END Controller class /* End of file Controller.php */ -/* Location: ./system/core/Controller.php */ \ No newline at end of file +/* Location: ./system/core/Controller.php */ diff --git a/system/core/Exceptions.php b/system/core/Exceptions.php index 3737f2930..9b672ac54 100755 --- a/system/core/Exceptions.php +++ b/system/core/Exceptions.php @@ -1,13 +1,13 @@ - 'Error', - E_WARNING => 'Warning', - E_PARSE => 'Parsing Error', - E_NOTICE => 'Notice', - E_CORE_ERROR => 'Core Error', - E_CORE_WARNING => 'Core Warning', - E_COMPILE_ERROR => 'Compile Error', - E_COMPILE_WARNING => 'Compile Warning', - E_USER_ERROR => 'User Error', - E_USER_WARNING => 'User Warning', - E_USER_NOTICE => 'User Notice', - E_STRICT => 'Runtime Notice' - ); + public $levels = array( + E_ERROR => 'Error', + E_WARNING => 'Warning', + E_PARSE => 'Parsing Error', + E_NOTICE => 'Notice', + E_CORE_ERROR => 'Core Error', + E_CORE_WARNING => 'Core Warning', + E_COMPILE_ERROR => 'Compile Error', + E_COMPILE_WARNING => 'Compile Warning', + E_USER_ERROR => 'User Error', + E_USER_WARNING => 'User Warning', + E_USER_NOTICE => 'User Notice', + E_STRICT => 'Runtime Notice' + ); - - /** - * Constructor - */ public function __construct() { $this->ob_level = ob_get_level(); - // Note: Do not log messages from this constructor. + // Note: Do not log messages from this constructor. } // -------------------------------------------------------------------- @@ -89,17 +84,15 @@ class CI_Exceptions { * * This function logs PHP generated error messages * - * @access private * @param string the error severity * @param string the error string * @param string the error filepath * @param string the error line number - * @return string + * @return void */ - function log_exception($severity, $message, $filepath, $line) + public function log_exception($severity, $message, $filepath, $line) { $severity = ( ! isset($this->levels[$severity])) ? $severity : $this->levels[$severity]; - log_message('error', 'Severity: '.$severity.' --> '.$message. ' '.$filepath.' '.$line, TRUE); } @@ -108,15 +101,14 @@ class CI_Exceptions { /** * 404 Page Not Found Handler * - * @access private * @param string the page * @param bool log error yes/no * @return string */ - function show_404($page = '', $log_error = TRUE) + public function show_404($page = '', $log_error = TRUE) { - $heading = "404 Page Not Found"; - $message = "The page you requested was not found."; + $heading = '404 Page Not Found'; + $message = 'The page you requested was not found.'; // By default we log this, but allow a dev to skip it if ($log_error) @@ -137,14 +129,13 @@ class CI_Exceptions { * (either as a string or an array) and displays * it using the specified template. * - * @access private * @param string the heading * @param string the message * @param string the template name * @param int the status code * @return string */ - function show_error($heading, $message, $template = 'error_general', $status_code = 500) + public function show_error($heading, $message, $template = 'error_general', $status_code = 500) { set_status_header($status_code); @@ -155,7 +146,7 @@ class CI_Exceptions { ob_end_flush(); } ob_start(); - include(APPPATH.'errors/'.$template.'.php'); + include(APPPATH.'errors'.DIRECTORY_SEPARATOR.$template.'.php'); $buffer = ob_get_contents(); ob_end_clean(); return $buffer; @@ -166,7 +157,6 @@ class CI_Exceptions { /** * Native PHP error handler * - * @access private * @param string the error severity * @param string the error string * @param string the error filepath @@ -176,8 +166,7 @@ class CI_Exceptions { function show_php_error($severity, $message, $filepath, $line) { $severity = ( ! isset($this->levels[$severity])) ? $severity : $this->levels[$severity]; - - $filepath = str_replace("\\", "/", $filepath); + $filepath = str_replace('\\', '/', $filepath); // For safety reasons we do not show the full file path if (FALSE !== strpos($filepath, '/')) @@ -191,15 +180,13 @@ class CI_Exceptions { ob_end_flush(); } ob_start(); - include(APPPATH.'errors/error_php.php'); + include(APPPATH.'errors'.DIRECTORY_SEPARATOR.'error_php.php'); $buffer = ob_get_contents(); ob_end_clean(); echo $buffer; } - } -// END Exceptions Class /* End of file Exceptions.php */ -/* Location: ./system/core/Exceptions.php */ \ No newline at end of file +/* Location: ./system/core/Exceptions.php */ -- cgit v1.2.3-24-g4f1b From 64e98aab6ba2c692a881035245efb94a76deb428 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 7 Jan 2012 20:29:10 +0200 Subject: Improve code Input & Model libraries --- system/core/Input.php | 97 ++++++++++++++++++--------------------------------- system/core/Model.php | 19 ++++------ 2 files changed, 39 insertions(+), 77 deletions(-) (limited to 'system/core') diff --git a/system/core/Input.php b/system/core/Input.php index 7cfa4c63f..07bb30b15 100755 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -1,13 +1,13 @@ -_allow_get_array = (config_item('allow_get_array') === TRUE); - $this->_enable_xss = (config_item('global_xss_filtering') === TRUE); - $this->_enable_csrf = (config_item('csrf_protection') === TRUE); + $this->_enable_xss = (config_item('global_xss_filtering') === TRUE); + $this->_enable_csrf = (config_item('csrf_protection') === TRUE); global $SEC; $this->security =& $SEC; @@ -122,7 +122,6 @@ class CI_Input { * * This is a helper function to retrieve values from global arrays * - * @access protected * @param array * @param string * @param bool @@ -148,7 +147,6 @@ class CI_Input { /** * Fetch an item from the GET array * - * @access public * @param string * @param bool * @return string @@ -176,7 +174,6 @@ class CI_Input { /** * Fetch an item from the POST array * - * @access public * @param string * @param bool * @return string @@ -205,21 +202,15 @@ class CI_Input { /** * Fetch an item from either the GET array or the POST * - * @access public * @param string The index key * @param bool XSS cleaning * @return string */ public function get_post($index = '', $xss_clean = FALSE) { - if ( ! isset($_POST[$index]) ) - { - return $this->get($index, $xss_clean); - } - else - { - return $this->post($index, $xss_clean); - } + return ( ! isset($_POST[$index])) + ? $this->get($index, $xss_clean) + : $this->post($index, $xss_clean); } // -------------------------------------------------------------------- @@ -227,7 +218,6 @@ class CI_Input { /** * Fetch an item from the COOKIE array * - * @access public * @param string * @param bool * @return string @@ -245,7 +235,6 @@ class CI_Input { * Accepts six parameter, or you can submit an associative * array in the first parameter containing all the values. * - * @access public * @param mixed * @param string the value of the cookie * @param string the number of seconds until expiration @@ -303,7 +292,6 @@ class CI_Input { /** * Fetch an item from the SERVER array * - * @access public * @param string * @param bool * @return string @@ -318,7 +306,6 @@ class CI_Input { /** * Fetch the IP Address * - * @access public * @return string */ public function ip_address() @@ -335,7 +322,7 @@ class CI_Input { $this->ip_address = in_array($_SERVER['REMOTE_ADDR'], $proxies) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR']; } - elseif (! $this->server('HTTP_CLIENT_IP') AND $this->server('REMOTE_ADDR')) + elseif ( ! $this->server('HTTP_CLIENT_IP') AND $this->server('REMOTE_ADDR')) { $this->ip_address = $_SERVER['REMOTE_ADDR']; } @@ -354,8 +341,7 @@ class CI_Input { if ($this->ip_address === FALSE) { - $this->ip_address = '0.0.0.0'; - return $this->ip_address; + return $this->ip_address = '0.0.0.0'; } if (strpos($this->ip_address, ',') !== FALSE) @@ -366,7 +352,7 @@ class CI_Input { if ( ! $this->valid_ip($this->ip_address)) { - $this->ip_address = '0.0.0.0'; + return $this->ip_address = '0.0.0.0'; } return $this->ip_address; @@ -379,7 +365,6 @@ class CI_Input { * * Updated version suggested by Geert De Deckere * - * @access public * @param string * @return bool */ @@ -394,7 +379,7 @@ class CI_Input { $ip_segments = explode('.', $ip); // Always 4 segments needed - if (count($ip_segments) != 4) + if (count($ip_segments) !== 4) { return FALSE; } @@ -422,7 +407,6 @@ class CI_Input { /** * User Agent * - * @access public * @return string */ public function user_agent() @@ -432,9 +416,7 @@ class CI_Input { return $this->user_agent; } - $this->user_agent = ( ! isset($_SERVER['HTTP_USER_AGENT'])) ? FALSE : $_SERVER['HTTP_USER_AGENT']; - - return $this->user_agent; + return $this->user_agent = ( ! isset($_SERVER['HTTP_USER_AGENT'])) ? FALSE : $_SERVER['HTTP_USER_AGENT']; } // -------------------------------------------------------------------- @@ -444,22 +426,20 @@ class CI_Input { * * This function does the following: * - * Unsets $_GET data (if query strings are not enabled) - * - * Unsets all globals if register_globals is enabled + * - Unsets $_GET data (if query strings are not enabled) + * - Unsets all globals if register_globals is enabled + * - Standardizes newline characters to \n * - * Standardizes newline characters to \n - * - * @access private * @return void */ private function _sanitize_globals() { // It would be "wrong" to unset any of these GLOBALS. $protected = array('_SERVER', '_GET', '_POST', '_FILES', '_REQUEST', - '_SESSION', '_ENV', 'GLOBALS', 'HTTP_RAW_POST_DATA', - 'system_folder', 'application_folder', 'BM', 'EXT', - 'CFG', 'URI', 'RTR', 'OUT', 'IN'); + '_SESSION', '_ENV', 'GLOBALS', 'HTTP_RAW_POST_DATA', + 'system_folder', 'application_folder', 'BM', 'EXT', + 'CFG', 'URI', 'RTR', 'OUT', 'IN' + ); // Unset globals for securiy. // This is effectively the same as register_globals = off @@ -532,7 +512,6 @@ class CI_Input { // Sanitize PHP_SELF $_SERVER['PHP_SELF'] = strip_tags($_SERVER['PHP_SELF']); - // CSRF Protection check if ($this->_enable_csrf == TRUE) { @@ -550,7 +529,6 @@ class CI_Input { * This is a helper function. It escapes data and * standardizes newline characters to \n * - * @access private * @param string * @return string */ @@ -592,12 +570,9 @@ class CI_Input { } // Standardize newlines if needed - if ($this->_standardize_newlines == TRUE) + if ($this->_standardize_newlines == TRUE AND strpos($str, "\r") !== FALSE) { - if (strpos($str, "\r") !== FALSE) - { - $str = str_replace(array("\r\n", "\r", "\r\n\n"), PHP_EOL, $str); - } + return str_replace(array("\r\n", "\r", "\r\n\n"), PHP_EOL, $str); } return $str; @@ -612,13 +587,12 @@ class CI_Input { * from trying to exploit keys we make sure that keys are * only named with alpha-numeric text and a few other items. * - * @access private * @param string * @return string */ private function _clean_input_keys($str) { - if ( ! preg_match("/^[a-z0-9:_\/-]+$/i", $str)) + if ( ! preg_match('/^[a-z0-9:_\/-]+$/i', $str)) { exit('Disallowed Key Characters.'); } @@ -626,7 +600,7 @@ class CI_Input { // Clean UTF-8 if supported if (UTF8_ENABLED === TRUE) { - $str = $this->uni->clean_string($str); + return $this->uni->clean_string($str); } return $str; @@ -640,10 +614,8 @@ class CI_Input { * In Apache, you can simply call apache_request_headers(), however for * people running other webservers the function is undefined. * - * @access public * @param bool XSS cleaning - * - * @return array + * @return array */ public function request_headers($xss_clean = FALSE) { @@ -658,7 +630,7 @@ class CI_Input { foreach ($_SERVER as $key => $val) { - if (strncmp($key, 'HTTP_', 5) === 0) + if (strpos($key, 'HTTP_') === 0) { $headers[substr($key, 5)] = $this->_fetch_from_array($_SERVER, $key, $xss_clean); } @@ -684,7 +656,6 @@ class CI_Input { * * Returns the value of a single member of the headers class member * - * @access public * @param string array key for $this->headers * @param boolean XSS Clean or not * @return mixed FALSE on failure, string on success @@ -716,7 +687,6 @@ class CI_Input { * * Test to see if a request contains the HTTP_X_REQUESTED_WITH header * - * @access public * @return boolean */ public function is_ajax_request() @@ -731,12 +701,11 @@ class CI_Input { * * Test to see if a request was made from the command line * - * @access public * @return boolean */ public function is_cli_request() { - return (php_sapi_name() == 'cli') or defined('STDIN'); + return (php_sapi_name() === 'cli') or defined('STDIN'); } } diff --git a/system/core/Model.php b/system/core/Model.php index fc640139a..cd64468b8 100755 --- a/system/core/Model.php +++ b/system/core/Model.php @@ -1,13 +1,13 @@ -$key; } } -// END Model Class /* End of file Model.php */ -/* Location: ./system/core/Model.php */ \ No newline at end of file +/* Location: ./system/core/Model.php */ -- cgit v1.2.3-24-g4f1b From 1f5fbb6cb35f5d234f9f2c95f730b13a9015f3c2 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 7 Jan 2012 20:53:29 +0200 Subject: Improve the core Output library --- system/core/Output.php | 150 +++++++++++++++---------------------------------- 1 file changed, 46 insertions(+), 104 deletions(-) (limited to 'system/core') diff --git a/system/core/Output.php b/system/core/Output.php index e529f914d..272545046 100755 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -1,13 +1,13 @@ -_zlib_oc = @ini_get('zlib.output_compression'); @@ -117,8 +105,7 @@ class CI_Output { $this->mime_types = $mimes; - - log_message('debug', "Output Class Initialized"); + log_message('debug', 'Output Class Initialized'); } // -------------------------------------------------------------------- @@ -128,10 +115,9 @@ class CI_Output { * * Returns the current output string * - * @access public * @return string */ - function get_output() + public function get_output() { return $this->final_output; } @@ -147,10 +133,9 @@ class CI_Output { * @param string * @return void */ - function set_output($output) + public function set_output($output) { $this->final_output = $output; - return $this; } @@ -161,11 +146,10 @@ class CI_Output { * * Appends data onto the output string * - * @access public * @param string * @return void */ - function append_output($output) + public function append_output($output) { if ($this->final_output == '') { @@ -189,25 +173,22 @@ class CI_Output { * Note: If a file is cached, headers will not be sent. We need to figure out * how to permit header data to be saved with the cache data... * - * @access public * @param string * @param bool * @return void */ - function set_header($header, $replace = TRUE) + public function set_header($header, $replace = TRUE) { // If zlib.output_compression is enabled it will compress the output, // but it will not modify the content-length header to compensate for // the reduction, causing the browser to hang waiting for more data. // We'll just skip content-length in those cases. - if ($this->_zlib_oc && strncasecmp($header, 'content-length', 14) == 0) { return; } $this->headers[] = array($header, $replace); - return $this; } @@ -216,11 +197,10 @@ class CI_Output { /** * Set Content Type Header * - * @access public * @param string extension of the file we're outputting * @return void */ - function set_content_type($mime_type) + public function set_content_type($mime_type) { if (strpos($mime_type, '/') === FALSE) { @@ -241,7 +221,6 @@ class CI_Output { $header = 'Content-Type: '.$mime_type; $this->headers[] = array($header, TRUE); - return $this; } @@ -251,15 +230,13 @@ class CI_Output { * Set HTTP Status Header * moved to Common procedural functions in 1.7.2 * - * @access public * @param int the status code * @param string * @return void */ - function set_status_header($code = 200, $text = '') + public function set_status_header($code = 200, $text = '') { set_status_header($code, $text); - return $this; } @@ -268,14 +245,12 @@ class CI_Output { /** * Enable/disable Profiler * - * @access public * @param bool * @return void */ - function enable_profiler($val = TRUE) + public function enable_profiler($val = TRUE) { $this->enable_profiler = (is_bool($val)) ? $val : TRUE; - return $this; } @@ -286,11 +261,10 @@ class CI_Output { * * Allows override of default / config settings for Profiler section display * - * @access public * @param array * @return void */ - function set_profiler_sections($sections) + public function set_profiler_sections($sections) { foreach ($sections as $section => $enable) { @@ -305,14 +279,12 @@ class CI_Output { /** * Set Cache * - * @access public * @param integer * @return void */ - function cache($time) + publi function cache($time) { $this->cache_expiration = ( ! is_numeric($time)) ? 0 : $time; - return $this; } @@ -329,11 +301,10 @@ class CI_Output { * with any server headers and profile data. It also stops the * benchmark timer so the page rendering speed and memory usage can be shown. * - * @access public * @param string * @return mixed */ - function _display($output = '') + public function _display($output = '') { // Note: We use globals because we can't use $CI =& get_instance() // since this function is sometimes called by the caching mechanism, @@ -375,22 +346,17 @@ class CI_Output { { $memory = ( ! function_exists('memory_get_usage')) ? '0' : round(memory_get_usage()/1024/1024, 2).'MB'; - $output = str_replace('{elapsed_time}', $elapsed, $output); - $output = str_replace('{memory_usage}', $memory, $output); + $output = str_replace(array('{elapsed_time}', '{memory_usage}'), array($elapsed, $memory), $output); } // -------------------------------------------------------------------- // Is compression requested? - if ($CFG->item('compress_output') === TRUE && $this->_zlib_oc == FALSE) + if ($CFG->item('compress_output') === TRUE && $this->_zlib_oc == FALSE + && extension_loaded('zlib') + && isset($_SERVER['HTTP_ACCEPT_ENCODING']) && strpos($_SERVER['HTTP_ACCEPT_ENCODING'], 'gzip') !== FALSE) { - if (extension_loaded('zlib')) - { - if (isset($_SERVER['HTTP_ACCEPT_ENCODING']) AND strpos($_SERVER['HTTP_ACCEPT_ENCODING'], 'gzip') !== FALSE) - { - ob_start('ob_gzhandler'); - } - } + ob_start('ob_gzhandler'); } // -------------------------------------------------------------------- @@ -412,8 +378,8 @@ class CI_Output { if ( ! isset($CI)) { echo $output; - log_message('debug', "Final output sent to browser"); - log_message('debug', "Total execution time: ".$elapsed); + log_message('debug', 'Final output sent to browser'); + log_message('debug', 'Total execution time: '.$elapsed); return TRUE; } @@ -424,7 +390,6 @@ class CI_Output { if ($this->enable_profiler == TRUE) { $CI->load->library('profiler'); - if ( ! empty($this->_profiler_sections)) { $CI->profiler->set_sections($this->_profiler_sections); @@ -432,16 +397,11 @@ class CI_Output { // If the output data contains closing and tags // we will remove them and add them back after we insert the profile data - if (preg_match("|.*?|is", $output)) + $output = preg_replace('|.*?|is', '', $output, $count).$CI->profiler->run(); + if ($count > 0) { - $output = preg_replace("|.*?|is", '', $output); - $output .= $CI->profiler->run(); $output .= ''; } - else - { - $output .= $CI->profiler->run(); - } } // -------------------------------------------------------------------- @@ -457,8 +417,8 @@ class CI_Output { echo $output; // Send it to the browser! } - log_message('debug', "Final output sent to browser"); - log_message('debug', "Total execution time: ".$elapsed); + log_message('debug', 'Final output sent to browser'); + log_message('debug', 'Total execution time: '.$elapsed); } // -------------------------------------------------------------------- @@ -466,20 +426,18 @@ class CI_Output { /** * Write a Cache File * - * @access public * @param string * @return void */ - function _write_cache($output) + public function _write_cache($output) { $CI =& get_instance(); $path = $CI->config->item('cache_path'); - $cache_path = ($path == '') ? APPPATH.'cache/' : $path; if ( ! is_dir($cache_path) OR ! is_really_writable($cache_path)) { - log_message('error', "Unable to write cache file: ".$cache_path); + log_message('error', 'Unable to write cache file: '.$cache_path); return; } @@ -491,7 +449,7 @@ class CI_Output { if ( ! $fp = @fopen($cache_path, FOPEN_WRITE_CREATE_DESTRUCTIVE)) { - log_message('error', "Unable to write cache file: ".$cache_path); + log_message('error', 'Unable to write cache file: '.$cache_path); return; } @@ -504,13 +462,13 @@ class CI_Output { } else { - log_message('error', "Unable to secure a file lock for file at: ".$cache_path); + log_message('error', 'Unable to secure a file lock for file at: '.$cache_path); return; } fclose($fp); @chmod($cache_path, FILE_WRITE_MODE); - log_message('debug', "Cache file written: ".$cache_path); + log_message('debug', 'Cache file written: '.$cache_path); } // -------------------------------------------------------------------- @@ -518,69 +476,53 @@ class CI_Output { /** * Update/serve a cached file * - * @access public * @param object config class * @param object uri class * @return void */ - function _display_cache(&$CFG, &$URI) + public function _display_cache(&$CFG, &$URI) { $cache_path = ($CFG->item('cache_path') == '') ? APPPATH.'cache/' : $CFG->item('cache_path'); - // Build the file path. The file name is an MD5 hash of the full URI - $uri = $CFG->item('base_url'). - $CFG->item('index_page'). - $URI->uri_string; - + // Build the file path. The file name is an MD5 hash of the full URI + $uri = $CFG->item('base_url').$CFG->item('index_page').$URI->uri_string; $filepath = $cache_path.md5($uri); - if ( ! @file_exists($filepath)) - { - return FALSE; - } - - if ( ! $fp = @fopen($filepath, FOPEN_READ)) + if ( ! @file_exists($filepath) + OR ! $fp = @fopen($filepath, FOPEN_READ)) { return FALSE; } flock($fp, LOCK_SH); - $cache = ''; - if (filesize($filepath) > 0) - { - $cache = fread($fp, filesize($filepath)); - } + $cache = (filesize($filepath) > 0) ? fread($fp, filesize($filepath)) : ''; flock($fp, LOCK_UN); fclose($fp); // Strip out the embedded timestamp - if ( ! preg_match("/(\d+TS--->)/", $cache, $match)) + if ( ! preg_match('/(\d+TS--->)/', $cache, $match)) { return FALSE; } // Has the file expired? If so we'll delete it. - if (time() >= trim(str_replace('TS--->', '', $match['1']))) + if (time() >= trim(str_replace('TS--->', '', $match[1])) + AND is_really_writable($cache_path)) { - if (is_really_writable($cache_path)) - { - @unlink($filepath); - log_message('debug', "Cache file has expired. File deleted"); - return FALSE; - } + @unlink($filepath); + log_message('debug', 'Cache file has expired. File deleted.'); + return FALSE; } // Display the cache - $this->_display(str_replace($match['0'], '', $cache)); - log_message('debug', "Cache file is current. Sending it to browser."); + $this->_display(str_replace($match[0], '', $cache)); + log_message('debug', 'Cache file is current. Sending it to browser.'); return TRUE; } - } -// END Output Class /* End of file Output.php */ -/* Location: ./system/core/Output.php */ \ No newline at end of file +/* Location: ./system/core/Output.php */ -- cgit v1.2.3-24-g4f1b From ba6c04113313d49618b00c434fd5eedc6ab8a653 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 7 Jan 2012 21:10:09 +0200 Subject: Improve the core Router library --- system/core/Router.php | 107 +++++++++++++++++-------------------------------- 1 file changed, 37 insertions(+), 70 deletions(-) (limited to 'system/core') diff --git a/system/core/Router.php b/system/core/Router.php index 8cad86888..d21319565 100755 --- a/system/core/Router.php +++ b/system/core/Router.php @@ -1,13 +1,13 @@ -config =& load_class('Config', 'core'); $this->uri =& load_class('URI', 'core'); - log_message('debug', "Router Class Initialized"); + log_message('debug', 'Router Class Initialized'); } // -------------------------------------------------------------------- @@ -110,12 +103,11 @@ class CI_Router { * This function determines what should be served based on the URI request, * as well as any "routes" that have been set in the routing config file. * - * @access private * @return void */ - function _set_routing() + public function _set_routing() { - // Are query strings enabled in the config file? Normally CI doesn't utilize query strings + // Are query strings enabled in the config file? Normally CI doesn't utilize query strings // since URI segments are more search-engine friendly, but they can optionally be used. // If this feature is enabled, we will gather the directory/class/method a little differently $segments = array(); @@ -157,7 +149,7 @@ class CI_Router { // the URI doesn't correlated to a valid controller. $this->default_controller = ( ! isset($this->routes['default_controller']) OR $this->routes['default_controller'] == '') ? FALSE : strtolower($this->routes['default_controller']); - // Were there any query string segments? If so, we'll validate them and bail out since we're done. + // Were there any query string segments? If so, we'll validate them and bail out since we're done. if (count($segments) > 0) { return $this->_validate_request($segments); @@ -172,17 +164,10 @@ class CI_Router { return $this->_set_default_controller(); } - // Do we need to remove the URL suffix? - $this->uri->_remove_url_suffix(); - - // Compile the segments into an array - $this->uri->_explode_segments(); - - // Parse any custom routing that may exist - $this->_parse_routes(); - - // Re-index the segment array so that it starts with 1 rather than 0 - $this->uri->_reindex_segments(); + $this->uri->_remove_url_suffix(); // Remove the URL suffix + $this->uri->_explode_segments(); // Compile the segments into an array + $this->_parse_routes(); // Parse any custom routing that may exist + $this->uri->_reindex_segments(); // Re-index the segment array so that it starts with 1 rather than 0 } // -------------------------------------------------------------------- @@ -190,20 +175,18 @@ class CI_Router { /** * Set the default controller * - * @access private * @return void */ - function _set_default_controller() + protected function _set_default_controller() { if ($this->default_controller === FALSE) { - show_error("Unable to determine what should be displayed. A default route has not been specified in the routing file."); + show_error('Unable to determine what should be displayed. A default route has not been specified in the routing file.'); } // Is the method being specified? if (strpos($this->default_controller, '/') !== FALSE) { $x = explode('/', $this->default_controller); - $this->set_class($x[0]); $this->set_method($x[1]); $this->_set_request($x); @@ -218,7 +201,7 @@ class CI_Router { // re-index the routed segments array so it starts with 1 rather than 0 $this->uri->_reindex_segments(); - log_message('debug', "No URI present. Default controller set."); + log_message('debug', 'No URI present. Default controller set.'); } // -------------------------------------------------------------------- @@ -229,16 +212,15 @@ class CI_Router { * This function takes an array of URI segments as * input, and sets the current class/method * - * @access private * @param array * @param bool * @return void */ - function _set_request($segments = array()) + protected function _set_request($segments = array()) { $segments = $this->_validate_request($segments); - if (count($segments) == 0) + if (count($segments) === 0) { return $this->_set_default_controller(); } @@ -269,13 +251,12 @@ class CI_Router { * Validates the supplied segments. Attempts to determine the path to * the controller. * - * @access private * @param array * @return array */ - function _validate_request($segments) + protected function _validate_request($segments) { - if (count($segments) == 0) + if (count($segments) === 0) { return $segments; } @@ -301,7 +282,6 @@ class CI_Router { if ( ! empty($this->routes['404_override'])) { $x = explode('/', $this->routes['404_override']); - $this->set_directory(''); $this->set_class($x[0]); $this->set_method(isset($x[1]) ? $x[1] : 'index'); @@ -320,7 +300,6 @@ class CI_Router { if (strpos($this->default_controller, '/') !== FALSE) { $x = explode('/', $this->default_controller); - $this->set_class($x[0]); $this->set_method($x[1]); } @@ -344,18 +323,16 @@ class CI_Router { // If we've gotten this far it means that the URI does not correlate to a valid - // controller class. We will now see if there is an override + // controller class. We will now see if there is an override if ( ! empty($this->routes['404_override'])) { $x = explode('/', $this->routes['404_override']); - $this->set_class($x[0]); $this->set_method(isset($x[1]) ? $x[1] : 'index'); return $x; } - // Nothing else to do at this point but show a 404 show_404($segments[0]); } @@ -369,10 +346,9 @@ class CI_Router { * the config/routes.php file against the URI to * determine if the class/method need to be remapped. * - * @access private * @return void */ - function _parse_routes() + protected function _parse_routes() { // Turn the segment array into a URI string $uri = implode('/', $this->uri->segments); @@ -387,7 +363,7 @@ class CI_Router { foreach ($this->routes as $key => $val) { // Convert wild-cards to RegEx - $key = str_replace(':any', '.+', str_replace(':num', '[0-9]+', $key)); + $key = str_replace(array(':any', ':num'), array('.+', '[0-9]+'), $key); // Does the RegEx match? if (preg_match('#^'.$key.'$#', $uri)) @@ -412,11 +388,10 @@ class CI_Router { /** * Set the class name * - * @access public * @param string * @return void */ - function set_class($class) + public function set_class($class) { $this->class = str_replace(array('/', '.'), '', $class); } @@ -426,10 +401,9 @@ class CI_Router { /** * Fetch the current class * - * @access public * @return string */ - function fetch_class() + public function fetch_class() { return $this->class; } @@ -439,11 +413,10 @@ class CI_Router { /** * Set the method name * - * @access public * @param string * @return void */ - function set_method($method) + public function set_method($method) { $this->method = $method; } @@ -453,10 +426,9 @@ class CI_Router { /** * Fetch the current method * - * @access public * @return string */ - function fetch_method() + public function fetch_method() { if ($this->method == $this->fetch_class()) { @@ -471,11 +443,10 @@ class CI_Router { /** * Set the directory name * - * @access public * @param string * @return void */ - function set_directory($dir) + public function set_directory($dir) { $this->directory = str_replace(array('/', '.'), '', $dir).'/'; } @@ -485,10 +456,9 @@ class CI_Router { /** * Fetch the sub-directory (if any) that contains the requested controller class * - * @access public * @return string */ - function fetch_directory() + public function fetch_directory() { return $this->directory; } @@ -498,11 +468,10 @@ class CI_Router { /** * Set the controller overrides * - * @access public * @param array * @return null */ - function _set_overrides($routing) + public function _set_overrides($routing) { if ( ! is_array($routing)) { @@ -526,9 +495,7 @@ class CI_Router { } } - } -// END Router Class /* End of file Router.php */ -/* Location: ./system/core/Router.php */ \ No newline at end of file +/* Location: ./system/core/Router.php */ -- cgit v1.2.3-24-g4f1b From fdc63828a876e87742380a4ae077e43f514320b8 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 7 Jan 2012 21:17:46 +0200 Subject: Revert DIRECTORY_SEPARATOR changes --- system/core/Controller.php | 2 +- system/core/Exceptions.php | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) (limited to 'system/core') diff --git a/system/core/Controller.php b/system/core/Controller.php index 5ae0b0924..0dc131701 100644 --- a/system/core/Controller.php +++ b/system/core/Controller.php @@ -57,7 +57,7 @@ class CI_Controller { $this->load =& load_class('Loader', 'core'); $this->load->initialize(); - log_message('debug', "Controller Class Initialized"); + log_message('debug', 'Controller Class Initialized'); } public static function &get_instance() diff --git a/system/core/Exceptions.php b/system/core/Exceptions.php index 9b672ac54..bf9901252 100755 --- a/system/core/Exceptions.php +++ b/system/core/Exceptions.php @@ -146,7 +146,7 @@ class CI_Exceptions { ob_end_flush(); } ob_start(); - include(APPPATH.'errors'.DIRECTORY_SEPARATOR.$template.'.php'); + include(APPPATH.'errors/'.$template.'.php'); $buffer = ob_get_contents(); ob_end_clean(); return $buffer; @@ -180,7 +180,7 @@ class CI_Exceptions { ob_end_flush(); } ob_start(); - include(APPPATH.'errors'.DIRECTORY_SEPARATOR.'error_php.php'); + include(APPPATH.'errors/'.'error_php.php'); $buffer = ob_get_contents(); ob_end_clean(); echo $buffer; -- cgit v1.2.3-24-g4f1b From d52b242545376db2eb8146f16125819a391db763 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 7 Jan 2012 21:28:32 +0200 Subject: Reverted DIRECTORY_SEPARATOR changes --- system/core/Config.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'system/core') diff --git a/system/core/Config.php b/system/core/Config.php index 55da4e338..66369115a 100755 --- a/system/core/Config.php +++ b/system/core/Config.php @@ -73,7 +73,7 @@ class CI_Config { public function __construct() { $this->config =& get_config(); - log_message('debug', "Config Class Initialized"); + log_message('debug', 'Config Class Initialized'); // Set the base_url automatically if none was provided if ($this->config['base_url'] == '') @@ -111,12 +111,12 @@ class CI_Config { foreach ($this->_config_paths as $path) { $check_locations = defined('ENVIRONMENT') - ? array(ENVIRONMENT.DIRECTORY_SEPARATOR.$file, $file) + ? array(ENVIRONMENT.'/'.$file, $file) : array($file); foreach ($check_locations as $location) { - $file_path = $path.'config'.DIRECTORY_SEPARATOR.$location.'.php'; + $file_path = $path.'config/'.$location.'.php'; if (in_array($file_path, $this->is_loaded, TRUE)) { -- cgit v1.2.3-24-g4f1b From 536b771cfe2f459890c2c0865fd08411df352318 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 7 Jan 2012 21:31:25 +0200 Subject: Reverted DIRECTORY_SEPARATOR changes --- system/core/Common.php | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) (limited to 'system/core') diff --git a/system/core/Common.php b/system/core/Common.php index abbe789e2..6ef229629 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -94,7 +94,7 @@ if ( ! function_exists('is_really_writable')) */ if (is_dir($file)) { - $file = rtrim($file, '/\\').DIRECTORY_SEPARATOR.md5(mt_rand(1,100).mt_rand(1,100)); + $file = rtrim($file, '/').'/'.md5(mt_rand(1,100).mt_rand(1,100)); if (($fp = @fopen($file, FOPEN_WRITE_CREATE)) === FALSE) { return FALSE; @@ -148,13 +148,13 @@ if ( ! function_exists('load_class')) // then in the native system/libraries folder foreach (array(APPPATH, BASEPATH) as $path) { - if (file_exists($path.$directory.DIRECTORY_SEPARATOR.$class.'.php')) + if (file_exists($path.$directory.'/'.$class.'.php')) { $name = $prefix.$class; if (class_exists($name) === FALSE) { - require($path.$directory.DIRECTORY_SEPARATOR.$class.'.php'); + require($path.$directory.'/'.$class.'.php'); } break; @@ -162,13 +162,13 @@ if ( ! function_exists('load_class')) } // Is the request a class extension? If so we load it too - if (file_exists(APPPATH.$directory.DIRECTORY_SEPARATOR.config_item('subclass_prefix').$class.'.php')) + if (file_exists(APPPATH.$directory.'/'.config_item('subclass_prefix').$class.'.php')) { $name = config_item('subclass_prefix').$class; if (class_exists($name) === FALSE) { - require(APPPATH.$directory.DIRECTORY_SEPARATOR.config_item('subclass_prefix').$class.'.php'); + require(APPPATH.$directory.'/'.config_item('subclass_prefix').$class.'.php'); } } @@ -235,9 +235,9 @@ if ( ! function_exists('get_config')) } // Is the config file in the environment folder? - if ( ! defined('ENVIRONMENT') OR ! file_exists($file_path = APPPATH.'config'.DIRECTORY_SEPARATOR.ENVIRONMENT.DIRECTORY_SEPARATOR.'config.php')) + if ( ! defined('ENVIRONMENT') OR ! file_exists($file_path = APPPATH.'config/'.ENVIRONMENT..'/config.php')) { - $file_path = APPPATH.'config'.DIRECTORY_SEPARATOR.'config.php'; + $file_path = APPPATH.'config/config.php'; } // Fetch the config file -- cgit v1.2.3-24-g4f1b From 88d03c48d5a11f3419feb2409a76bf0591575fd2 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 7 Jan 2012 21:59:00 +0200 Subject: Switch quotes --- system/core/Model.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Model.php b/system/core/Model.php index cd64468b8..a595a6ae2 100755 --- a/system/core/Model.php +++ b/system/core/Model.php @@ -40,7 +40,7 @@ class CI_Model { public function __construct() { - log_message('debug', "Model Class Initialized"); + log_message('debug', 'Model Class Initialized'); } /** -- cgit v1.2.3-24-g4f1b From f9938a2cf9af2341b1f44e6c465852405fc15897 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 7 Jan 2012 22:10:47 +0200 Subject: Improve core Hooks & Lang libraries --- system/core/Hooks.php | 41 ++++++++++++++--------------------------- system/core/Lang.php | 26 +++++++++----------------- 2 files changed, 23 insertions(+), 44 deletions(-) (limited to 'system/core') diff --git a/system/core/Hooks.php b/system/core/Hooks.php index 174adcb19..e1ac58e6e 100755 --- a/system/core/Hooks.php +++ b/system/core/Hooks.php @@ -1,13 +1,13 @@ -_initialize(); - log_message('debug', "Hooks Class Initialized"); + log_message('debug', 'Hooks Class Initialized'); } // -------------------------------------------------------------------- @@ -74,24 +70,20 @@ class CI_Hooks { /** * Initialize the Hooks Preferences * - * @access private * @return void */ - function _initialize() + private function _initialize() { $CFG =& load_class('Config', 'core'); // If hooks are not enabled in the config file // there is nothing else to do - if ($CFG->item('enable_hooks') == FALSE) { return; } // Grab the "hooks" definition file. - // If there are no hooks, we're done. - if (defined('ENVIRONMENT') AND is_file(APPPATH.'config/'.ENVIRONMENT.'/hooks.php')) { include(APPPATH.'config/'.ENVIRONMENT.'/hooks.php'); @@ -101,7 +93,7 @@ class CI_Hooks { include(APPPATH.'config/hooks.php'); } - + // If there are no hooks, we're done. if ( ! isset($hook) OR ! is_array($hook)) { return; @@ -116,13 +108,12 @@ class CI_Hooks { /** * Call Hook * - * Calls a particular hook + * Calls a particular hook. Called by CodeIgniter.php. * - * @access private * @param string the hook name * @return mixed */ - function _call_hook($which = '') + public function _call_hook($which = '') { if ( ! $this->enabled OR ! isset($this->hooks[$which])) { @@ -151,11 +142,10 @@ class CI_Hooks { * * Runs a particular hook * - * @access private * @param array the hook details * @return bool */ - function _run_hook($data) + protected function _run_hook($data) { if ( ! is_array($data)) { @@ -168,7 +158,6 @@ class CI_Hooks { // If the script being called happens to have the same // hook call within it a loop can happen - if ($this->in_progress == TRUE) { return; @@ -254,7 +243,5 @@ class CI_Hooks { } -// END CI_Hooks class - /* End of file Hooks.php */ -/* Location: ./system/core/Hooks.php */ \ No newline at end of file +/* Location: ./system/core/Hooks.php */ diff --git a/system/core/Lang.php b/system/core/Lang.php index 5eb2801f6..088cb6c9c 100755 --- a/system/core/Lang.php +++ b/system/core/Lang.php @@ -1,13 +1,13 @@ -language[$line])) ? FALSE : $this->language[$line]; @@ -166,7 +159,6 @@ class CI_Lang { } } -// END Language Class /* End of file Lang.php */ /* Location: ./system/core/Lang.php */ -- cgit v1.2.3-24-g4f1b From d72973519623f40f121e9cd2df93146ee2543a1f Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 7 Jan 2012 22:53:14 +0200 Subject: Improve the core Loader library --- system/core/Loader.php | 90 +++++++++++++++++++++----------------------------- 1 file changed, 37 insertions(+), 53 deletions(-) (limited to 'system/core') diff --git a/system/core/Loader.php b/system/core/Loader.php index c4a6b501c..689ae1ecd 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -1,13 +1,13 @@ - 'unit', - 'user_agent' => 'agent'); + protected $_ci_varmap = array( + 'unit_test' => 'unit', + 'user_agent' => 'agent' + ); /** * Constructor @@ -141,7 +130,7 @@ class CI_Loader { $this->_ci_model_paths = array(APPPATH); $this->_ci_view_paths = array(VIEWPATH => TRUE); - log_message('debug', "Loader Class Initialized"); + log_message('debug', 'Loader Class Initialized'); } // -------------------------------------------------------------------- @@ -162,7 +151,6 @@ class CI_Loader { $this->_base_classes =& is_loaded(); $this->_ci_autoloader(); - return $this; } @@ -311,9 +299,7 @@ class CI_Loader { require_once($mod_path.'models/'.$path.$model.'.php'); $model = ucfirst($model); - $CI->$name = new $model(); - $this->_ci_models[] = $name; return; } @@ -350,7 +336,7 @@ class CI_Loader { return DB($params, $active_record); } - // Initialize the db variable. Needed to prevent + // Initialize the db variable. Needed to prevent // reference errors with some configurations $CI->db = ''; @@ -716,11 +702,11 @@ class CI_Loader { if ($path == '') { - $void = array_shift($this->_ci_library_paths); - $void = array_shift($this->_ci_model_paths); - $void = array_shift($this->_ci_helper_paths); - $void = array_shift($this->_ci_view_paths); - $void = array_shift($config->_config_paths); + array_shift($this->_ci_library_paths); + array_shift($this->_ci_model_paths); + array_shift($this->_ci_helper_paths); + array_shift($this->_ci_view_paths); + array_shift($config->_config_paths); } else { @@ -808,7 +794,6 @@ class CI_Loader { // This allows anything loaded using $this->load (views, files, etc.) // to become accessible from within the Controller and Model functions. - $_ci_CI =& get_instance(); foreach (get_object_vars($_ci_CI) as $_ci_key => $_ci_var) { @@ -837,12 +822,11 @@ class CI_Loader { * * We buffer the output for two reasons: * 1. Speed. You get a significant speed boost. - * 2. So that the final rendered template can be - * post-processed by the output class. Why do we - * need post processing? For one thing, in order to - * show the elapsed page load time. Unless we - * can intercept the content right before it's sent to - * the browser and then stop the timer it won't be accurate. + * 2. So that the final rendered template can be post-processed by + * the output class. Why do we need post processing? For one thing, + * in order to show the elapsed page load time. Unless we can + * intercept the content right before it's sent to the browser and + * then stop the timer it won't be accurate. */ ob_start(); @@ -915,10 +899,10 @@ class CI_Loader { if (($last_slash = strrpos($class, '/')) !== FALSE) { // Extract the path - $subdir = substr($class, 0, $last_slash + 1); + $subdir = substr($class, 0, ++$last_slash); // Get the filename from the path - $class = substr($class, $last_slash + 1); + $class = substr($class, $last_slash); } // We'll test for both lowercase and capitalized versions of the file name @@ -933,15 +917,15 @@ class CI_Loader { if ( ! file_exists($baseclass)) { - log_message('error', "Unable to load the requested class: ".$class); - show_error("Unable to load the requested class: ".$class); + log_message('error', 'Unable to load the requested class: '.$class); + show_error('Unable to load the requested class: '.$class); } - // Safety: Was the class already loaded by a previous call? + // Safety: Was the class already loaded by a previous call? if (in_array($subclass, $this->_ci_loaded_files)) { // Before we deem this to be a duplicate request, let's see - // if a custom object name is being supplied. If so, we'll + // if a custom object name is being supplied. If so, we'll // return a new instance of the object if ( ! is_null($object_name)) { @@ -953,7 +937,7 @@ class CI_Loader { } $is_duplicate = TRUE; - log_message('debug', $class." class already loaded. Second attempt ignored."); + log_message('debug', $class.' class already loaded. Second attempt ignored.'); return; } @@ -970,17 +954,17 @@ class CI_Loader { { $filepath = $path.'libraries/'.$subdir.$class.'.php'; - // Does the file exist? No? Bummer... + // Does the file exist? No? Bummer... if ( ! file_exists($filepath)) { continue; } - // Safety: Was the class already loaded by a previous call? + // Safety: Was the class already loaded by a previous call? if (in_array($filepath, $this->_ci_loaded_files)) { // Before we deem this to be a duplicate request, let's see - // if a custom object name is being supplied. If so, we'll + // if a custom object name is being supplied. If so, we'll // return a new instance of the object if ( ! is_null($object_name)) { @@ -992,7 +976,7 @@ class CI_Loader { } $is_duplicate = TRUE; - log_message('debug', $class." class already loaded. Second attempt ignored."); + log_message('debug', $class.' class already loaded. Second attempt ignored.'); return; } @@ -1003,7 +987,7 @@ class CI_Loader { } // END FOREACH - // One last attempt. Maybe the library is in a subdirectory, but it wasn't specified? + // One last attempt. Maybe the library is in a subdirectory, but it wasn't specified? if ($subdir == '') { $path = strtolower($class).'/'.$class; @@ -1014,8 +998,8 @@ class CI_Loader { // We do not issue errors if the load call failed due to a duplicate request if ($is_duplicate == FALSE) { - log_message('error', "Unable to load the requested class: ".$class); - show_error("Unable to load the requested class: ".$class); + log_message('error', 'Unable to load the requested class: '.$class); + show_error('Unable to load the requested class: '.$class); } } @@ -1094,12 +1078,12 @@ class CI_Loader { // Is the class name valid? if ( ! class_exists($name)) { - log_message('error', "Non-existent class: ".$name); - show_error("Non-existent class: ".$class); + log_message('error', 'Non-existent class: '.$name); + show_error('Non-existent class: '.$class); } // Set the variable name we will assign the class to - // Was a custom class name supplied? If so we'll use it + // Was a custom class name supplied? If so we'll use it $class = strtolower($class); if (is_null($object_name)) @@ -1271,4 +1255,4 @@ class CI_Loader { } /* End of file Loader.php */ -/* Location: ./system/core/Loader.php */ \ No newline at end of file +/* Location: ./system/core/Loader.php */ -- cgit v1.2.3-24-g4f1b From bb488dc3d4bbac9ac9a1860f066069e4bb4afdcb Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 7 Jan 2012 23:35:16 +0200 Subject: Improve the core Security library --- system/core/Security.php | 254 ++++++++++++++++++----------------------------- 1 file changed, 99 insertions(+), 155 deletions(-) (limited to 'system/core') diff --git a/system/core/Security.php b/system/core/Security.php index 272a8bf3f..d0d3c0803 100755 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -1,13 +1,13 @@ - '[removed]', - 'document.write' => '[removed]', - '.parentNode' => '[removed]', - '.innerHTML' => '[removed]', - 'window.location' => '[removed]', - '-moz-binding' => '[removed]', - '' => '-->', - ' '<![CDATA[', - '' => '<comment>' - ); + 'document.cookie' => '[removed]', + 'document.write' => '[removed]', + '.parentNode' => '[removed]', + '.innerHTML' => '[removed]', + 'window.location' => '[removed]', + '-moz-binding' => '[removed]', + '' => '-->', + ' '<![CDATA[', + '' => '<comment>' + ); /** * List of never allowed regex replacement * * @var array - * @access protected */ protected $_never_allowed_regex = array( - "javascript\s*:" => '[removed]', - "expression\s*(\(|&\#40;)" => '[removed]', // CSS and IE - "vbscript\s*:" => '[removed]', // IE, surprise! - "Redirect\s+302" => '[removed]' - ); + 'javascript\s*:', + 'expression\s*(\(|&\#40;)', // CSS and IE + 'vbscript\s*:', // IE, surprise! + 'Redirect\s+302' + ); - /** - * Constructor - */ public function __construct() { // CSRF config @@ -135,7 +124,7 @@ class CI_Security { // Set the CSRF hash $this->_csrf_set_hash(); - log_message('debug', "Security Class Initialized"); + log_message('debug', 'Security Class Initialized'); } // -------------------------------------------------------------------- @@ -148,7 +137,7 @@ class CI_Security { public function csrf_verify() { // If no POST data exists we will set the CSRF cookie - if (count($_POST) == 0) + if (count($_POST) === 0) { return $this->csrf_set_cookie(); } @@ -186,8 +175,7 @@ class CI_Security { $this->_csrf_set_hash(); $this->csrf_set_cookie(); - log_message('debug', "CSRF token verified"); - + log_message('debug', 'CSRF token verified'); return $this; } @@ -203,19 +191,13 @@ class CI_Security { $expire = time() + $this->_csrf_expire; $secure_cookie = (bool) config_item('cookie_secure'); - if ($secure_cookie) + if ($secure_cookie && ( ! isset($_SERVER['HTTPS']) OR $_SERVER['HTTPS'] == 'off' OR ! $_SERVER['HTTPS'])) { - $req = isset($_SERVER['HTTPS']) ? $_SERVER['HTTPS'] : FALSE; - - if ( ! $req OR $req == 'off') - { - return FALSE; - } + return FALSE; } setcookie($this->_csrf_cookie_name, $this->_csrf_hash, $expire, config_item('cookie_path'), config_item('cookie_domain'), $secure_cookie); - - log_message('debug', "CRSF cookie Set"); + log_message('debug', 'CRSF cookie Set'); return $this; } @@ -253,7 +235,7 @@ class CI_Security { * * Getter Method * - * @return string self::csrf_token_name + * @return string self::_csrf_token_name */ public function get_csrf_token_name() { @@ -273,7 +255,7 @@ class CI_Security { * the filter. * * Note: This function should only be used to deal with data - * upon submission. It's not something that should + * upon submission. It's not something that should * be used for general runtime processing. * * This function was based in part on some code and ideas I @@ -290,10 +272,7 @@ class CI_Security { */ public function xss_clean($str, $is_image = FALSE) { - /* - * Is the string an array? - * - */ + // Is the string an array? if (is_array($str)) { while (list($key) = each($str)) @@ -304,13 +283,8 @@ class CI_Security { return $str; } - /* - * Remove Invisible Characters - */ - $str = remove_invisible_characters($str); - - // Validate Entities in URLs - $str = $this->_validate_entities($str); + // Remove Invisible Characters and validate entities in URLs + $str = $this->_validate_entities(remove_invisible_characters($str)); /* * URL Decode @@ -320,7 +294,6 @@ class CI_Security { * Google * * Note: Use rawurldecode() so it does not remove plus signs - * */ $str = rawurldecode($str); @@ -332,14 +305,10 @@ class CI_Security { * these are the ones that will pose security problems. * */ - $str = preg_replace_callback("/[a-z]+=([\'\"]).*?\\1/si", array($this, '_convert_attribute'), $str); - $str = preg_replace_callback("/<\w+.*?(?=>|<|$)/si", array($this, '_decode_entity'), $str); - /* - * Remove Invisible Characters Again! - */ + // Remove Invisible Characters Again! $str = remove_invisible_characters($str); /* @@ -350,11 +319,7 @@ class CI_Security { * NOTE: preg_replace was found to be amazingly slow here on * large blocks of data, so we use str_replace. */ - - if (strpos($str, "\t") !== FALSE) - { - $str = str_replace("\t", ' ', $str); - } + $str = str_replace("\t", ' ', $str); /* * Capture converted string for later comparison @@ -378,7 +343,7 @@ class CI_Security { // Images have a tendency to have the PHP short opening and // closing tags every so often so we skip those and only // do the long opening tags. - $str = preg_replace('/<\?(php)/i', "<?\\1", $str); + $str = preg_replace('/<\?(php)/i', '<?\\1', $str); } else { @@ -415,19 +380,19 @@ class CI_Security { { $original = $str; - if (preg_match("/]*?)(>|$)#si", array($this, '_js_link_removal'), $str); + $str = preg_replace_callback('#]*?)(>|$)#si', array($this, '_js_link_removal'), $str); } - if (preg_match("/]*?)(\s?/?>|$)#si", array($this, '_js_img_removal'), $str); + $str = preg_replace_callback('#]*?)(\s?/?>|$)#si', array($this, '_js_img_removal'), $str); } - if (preg_match("/script/i", $str) OR preg_match("/xss/i", $str)) + if (preg_match('/(script|xss)/i', $str)) { - $str = preg_replace("#<(/*)(script|xss)(.*?)\>#si", '[removed]', $str); + $str = preg_replace('#<(/*)(script|xss)(.*?)\>#si', '[removed]', $str); } } while($original != $str); @@ -454,14 +419,16 @@ class CI_Security { * * Similar to above, only instead of looking for * tags it looks for PHP and JavaScript commands - * that are disallowed. Rather than removing the + * that are disallowed. Rather than removing the * code, it simply converts the parenthesis to entities * rendering the code un-executable. * * For example: eval('some code') - * Becomes: eval('some code') + * Becomes: eval('some code') */ - $str = preg_replace('#(alert|cmd|passthru|eval|exec|expression|system|fopen|fsockopen|file|file_get_contents|readfile|unlink)(\s*)\((.*?)\)#si', "\\1\\2(\\3)", $str); + $str = preg_replace('#(alert|cmd|passthru|eval|exec|expression|system|fopen|fsockopen|file|file_get_contents|readfile|unlink)(\s*)\((.*?)\)#si', + '\\1\\2(\\3)', + $str); // Final clean up @@ -478,13 +445,12 @@ class CI_Security { * string post-removal of XSS, then it fails, as there was unwanted XSS * code found and removed/changed during processing. */ - if ($is_image === TRUE) { - return ($str === $converted_string) ? TRUE : FALSE; + return ($str === $converted_string); } - log_message('debug', "XSS Filtering completed"); + log_message('debug', 'XSS Filtering completed'); return $str; } @@ -516,7 +482,7 @@ class CI_Security { * The reason we are not using html_entity_decode() by itself is because * while it is not technically correct to leave out the semicolon * at the end of an entity most browsers will still interpret the entity - * correctly. html_entity_decode() does not convert entities without + * correctly. html_entity_decode() does not convert entities without * semicolons, so we are left with our own little solution here. Bummer. * * @param string @@ -552,38 +518,23 @@ class CI_Security { public function sanitize_filename($str, $relative_path = FALSE) { $bad = array( - "../", - "", - "<", - ">", - "'", - '"', - '&', - '$', - '#', - '{', - '}', - '[', - ']', - '=', - ';', - '?', - "%20", - "%22", - "%3c", // < - "%253c", // < - "%3e", // > - "%0e", // > - "%28", // ( - "%29", // ) - "%2528", // ( - "%26", // & - "%24", // $ - "%3f", // ? - "%3b", // ; - "%3d" // = - ); + '../', '', '<', '>', + "'", '"', '&', '$', '#', + '{', '}', '[', ']', '=', + ';', '?', '%20', '%22', + '%3c', // < + '%253c', // < + '%3e', // > + '%0e', // > + '%28', // ( + '%29', // ) + '%2528', // ( + '%26', // & + '%24', // $ + '%3f', // ? + '%3b', // ; + '%3d' // = + ); if ( ! $relative_path) { @@ -636,26 +587,26 @@ class CI_Security { if ($is_image === TRUE) { /* - * Adobe Photoshop puts XML metadata into JFIF images, + * Adobe Photoshop puts XML metadata into JFIF images, * including namespacing, so we have to allow this for images. */ unset($evil_attributes[array_search('xmlns', $evil_attributes)]); } - + do { $count = 0; $attribs = array(); - + // find occurrences of illegal attribute strings without quotes - preg_match_all("/(".implode('|', $evil_attributes).")\s*=\s*([^\s]*)/is", $str, $matches, PREG_SET_ORDER); - + preg_match_all('/('.implode('|', $evil_attributes).')\s*=\s*([^\s]*)/is', $str, $matches, PREG_SET_ORDER); + foreach ($matches as $attr) { $attribs[] = preg_quote($attr[0], '/'); } - + // find occurrences of illegal attribute strings with quotes (042 and 047 are octal quotes) - preg_match_all("/(".implode('|', $evil_attributes).")\s*=\s*(\042|\047)([^\\2]*?)(\\2)/is", $str, $matches, PREG_SET_ORDER); + preg_match_all('/('.implode('|', $evil_attributes).')\s*=\s*(\042|\047)([^\\2]*?)(\\2)/is', $str, $matches, PREG_SET_ORDER); foreach ($matches as $attr) { @@ -665,11 +616,11 @@ class CI_Security { // replace illegal attribute strings that are inside an html tag if (count($attribs) > 0) { - $str = preg_replace("/<(\/?[^><]+?)([^A-Za-z\-])(".implode('|', $attribs).")([\s><])([><]*)/i", '<$1$2$4$5', $str, -1, $count); + $str = preg_replace('/<(\/?[^><]+?)([^A-Za-z\-])('.implode('|', $attribs).')([\s><])([><]*)/i', '<$1$2$4$5', $str, -1, $count); } - + } while ($count); - + return $str; } @@ -685,14 +636,9 @@ class CI_Security { */ protected function _sanitize_naughty_html($matches) { - // encode opening brace - $str = '<'.$matches[1].$matches[2].$matches[3]; - - // encode captured opening or closing brace to prevent recursive vectors - $str .= str_replace(array('>', '<'), array('>', '<'), - $matches[4]); - - return $str; + return '<'.$matches[1].$matches[2].$matches[3] // encode opening brace + // encode captured opening or closing brace to prevent recursive vectors: + . str_replace(array('>', '<'), array('>', '<'), $matches[4]); } // -------------------------------------------------------------------- @@ -710,9 +656,12 @@ class CI_Security { */ protected function _js_link_removal($match) { - $attributes = $this->_filter_attributes(str_replace(array('<', '>'), '', $match[1])); - - return str_replace($match[1], preg_replace("#href=.*?(alert\(|alert&\#40;|javascript\:|livescript\:|mocha\:|charset\=|window\.|document\.|\.cookie|_filter_attributes(str_replace(array('<', '>'), '', $match[1])) + ), + $match[0]); } // -------------------------------------------------------------------- @@ -730,9 +679,12 @@ class CI_Security { */ protected function _js_img_removal($match) { - $attributes = $this->_filter_attributes(str_replace(array('<', '>'), '', $match[1])); - - return str_replace($match[1], preg_replace("#src=.*?(alert\(|alert&\#40;|javascript\:|livescript\:|mocha\:|charset\=|window\.|document\.|\.cookie|_filter_attributes(str_replace(array('<', '>'), '', $match[1])) + ), + $match[0]); } // -------------------------------------------------------------------- @@ -806,33 +758,28 @@ class CI_Security { * Protect GET variables in URLs */ - // 901119URL5918AMP18930PROTECT8198 - - $str = preg_replace('|\&([a-z\_0-9\-]+)\=([a-z\_0-9\-]+)|i', $this->xss_hash()."\\1=\\2", $str); + // 901119URL5918AMP18930PROTECT8198 + $str = preg_replace('|\&([a-z\_0-9\-]+)\=([a-z\_0-9\-]+)|i', $this->xss_hash().'\\1=\\2', $str); /* * Validate standard character entities * * Add a semicolon if missing. We do this to enable * the conversion of entities to ASCII later. - * */ - $str = preg_replace('#(&\#?[0-9a-z]{2,})([\x00-\x20])*;?#i', "\\1;\\2", $str); + $str = preg_replace('#(&\#?[0-9a-z]{2,})([\x00-\x20])*;?#i', '\\1;\\2', $str); /* * Validate UTF16 two byte encoding (x00) * * Just as above, adds a semicolon if missing. - * */ - $str = preg_replace('#(&\#x?)([0-9A-F]+);?#i',"\\1\\2;",$str); + $str = preg_replace('#(&\#x?)([0-9A-F]+);?#i', '\\1\\2;', $str); /* * Un-Protect GET variables in URLs */ - $str = str_replace($this->xss_hash(), '&', $str); - - return $str; + return str_replace($this->xss_hash(), '&', $str); } // ---------------------------------------------------------------------- @@ -847,14 +794,11 @@ class CI_Security { */ protected function _do_never_allowed($str) { - foreach ($this->_never_allowed_str as $key => $val) - { - $str = str_replace($key, $val, $str); - } + $str = str_replace(array_keys($this->_never_allowed_str), $this->_never_allowed_str, $str); - foreach ($this->_never_allowed_regex as $key => $val) + foreach ($this->_never_allowed_regex as $regex) { - $str = preg_replace("#".$key."#i", $val, $str); + $str = preg_replace('#'.$regex.'#i', '[removed]', $str); } return $str; @@ -891,4 +835,4 @@ class CI_Security { } /* End of file Security.php */ -/* Location: ./system/core/Security.php */ \ No newline at end of file +/* Location: ./system/core/Security.php */ -- cgit v1.2.3-24-g4f1b From c123e118de32e2b31b9bf21fdb43458bc9f4cbda Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sun, 8 Jan 2012 00:17:34 +0200 Subject: Improve core URI & UTF8 libraries --- system/core/URI.php | 197 ++++++++++++++++++++++----------------------------- system/core/Utf8.php | 32 ++++----- 2 files changed, 96 insertions(+), 133 deletions(-) (limited to 'system/core') diff --git a/system/core/URI.php b/system/core/URI.php index 3c26d307b..93105b1fd 100755 --- a/system/core/URI.php +++ b/system/core/URI.php @@ -1,13 +1,13 @@ -config =& load_class('Config', 'core'); - log_message('debug', "URI Class Initialized"); + log_message('debug', 'URI Class Initialized'); } - // -------------------------------------------------------------------- /** * Get the URI String * - * @access private - * @return string + * Called by CI_Router + * + * @return void */ - function _fetch_uri_string() + public function _fetch_uri_string() { - if (strtoupper($this->config->item('uri_protocol')) == 'AUTO') + if (strtoupper($this->config->item('uri_protocol')) === 'AUTO') { // Is the request coming from the command line? - if (php_sapi_name() == 'cli' or defined('STDIN')) + if (php_sapi_name() === 'cli' OR defined('STDIN')) { $this->_set_uri_string($this->_parse_cli_args()); return; @@ -115,14 +109,14 @@ class CI_URI { // Is there a PATH_INFO variable? // Note: some servers seem to have trouble with getenv() so we'll test it two ways $path = (isset($_SERVER['PATH_INFO'])) ? $_SERVER['PATH_INFO'] : @getenv('PATH_INFO'); - if (trim($path, '/') != '' && $path != "/".SELF) + if (trim($path, '/') != '' && $path !== '/'.SELF) { $this->_set_uri_string($path); return; } // No PATH_INFO?... What about QUERY_STRING? - $path = (isset($_SERVER['QUERY_STRING'])) ? $_SERVER['QUERY_STRING'] : @getenv('QUERY_STRING'); + $path = (isset($_SERVER['QUERY_STRING'])) ? $_SERVER['QUERY_STRING'] : @getenv('QUERY_STRING'); if (trim($path, '/') != '') { $this->_set_uri_string($path); @@ -130,7 +124,7 @@ class CI_URI { } // As a last ditch effort lets try using the $_GET array - if (is_array($_GET) && count($_GET) == 1 && trim(key($_GET), '/') != '') + if (is_array($_GET) && count($_GET) === 1 && trim(key($_GET), '/') != '') { $this->_set_uri_string(key($_GET)); return; @@ -143,12 +137,12 @@ class CI_URI { $uri = strtoupper($this->config->item('uri_protocol')); - if ($uri == 'REQUEST_URI') + if ($uri === 'REQUEST_URI') { $this->_set_uri_string($this->_detect_uri()); return; } - elseif ($uri == 'CLI') + elseif ($uri === 'CLI') { $this->_set_uri_string($this->_parse_cli_args()); return; @@ -163,17 +157,16 @@ class CI_URI { /** * Set the URI String * - * @access public * @param string - * @return string + * @return void */ - function _set_uri_string($str) + public function _set_uri_string($str) { // Filter out control characters $str = remove_invisible_characters($str, FALSE); // If the URI contains only a slash we'll kill it - $this->uri_string = ($str == '/') ? '' : $str; + $this->uri_string = ($str === '/') ? '' : $str; } // -------------------------------------------------------------------- @@ -184,7 +177,6 @@ class CI_URI { * This function will detect the URI automatically and fix the query string * if necessary. * - * @access private * @return string */ protected function _detect_uri() @@ -194,12 +186,11 @@ class CI_URI { return ''; } - $uri = $_SERVER['REQUEST_URI']; - if (strpos($uri, $_SERVER['SCRIPT_NAME']) === 0) + if (strpos($_SERVER['REQUEST_URI'], $_SERVER['SCRIPT_NAME']) === 0) { $uri = substr($uri, strlen($_SERVER['SCRIPT_NAME'])); } - elseif (strpos($uri, dirname($_SERVER['SCRIPT_NAME'])) === 0) + elseif (strpos($_SERVER['REQUEST_URI'], dirname($_SERVER['SCRIPT_NAME'])) === 0) { $uri = substr($uri, strlen(dirname($_SERVER['SCRIPT_NAME']))); } @@ -223,7 +214,7 @@ class CI_URI { $_GET = array(); } - if ($uri == '/' || empty($uri)) + if ($uri == '/' OR empty($uri)) { return '/'; } @@ -241,13 +232,11 @@ class CI_URI { * * Take each command line argument and assume it is a URI segment. * - * @access private * @return string */ protected function _parse_cli_args() { $args = array_slice($_SERVER['argv'], 1); - return $args ? '/' . implode('/', $args) : ''; } @@ -256,27 +245,28 @@ class CI_URI { /** * Filter segments for malicious characters * - * @access private + * Called by CI_Router + * * @param string * @return string */ - function _filter_uri($str) + public function _filter_uri($str) { if ($str != '' && $this->config->item('permitted_uri_chars') != '' && $this->config->item('enable_query_strings') == FALSE) { // preg_quote() in PHP 5.3 escapes -, so the str_replace() and addition of - to preg_quote() is to maintain backwards // compatibility as many are unaware of how characters in the permitted_uri_chars will be parsed as a regex pattern - if ( ! preg_match("|^[".str_replace(array('\\-', '\-'), '-', preg_quote($this->config->item('permitted_uri_chars'), '-'))."]+$|i", $str)) + if ( ! preg_match('|^['.str_replace(array('\\-', '\-'), '-', preg_quote($this->config->item('permitted_uri_chars'), '-')).']+$|i', $str)) { show_error('The URI you submitted has disallowed characters.', 400); } } - // Convert programatic characters to entities - $bad = array('$', '(', ')', '%28', '%29'); - $good = array('$', '(', ')', '(', ')'); - - return str_replace($bad, $good, $str); + // Convert programatic characters to entities and return + return str_replace( + array('$', '(', ')', '%28', '%29'), // Bad + array('$', '(', ')', '(', ')'), // Good + $str); } // -------------------------------------------------------------------- @@ -284,14 +274,15 @@ class CI_URI { /** * Remove the suffix from the URL if needed * - * @access private + * Called by CI_Router + * * @return void */ - function _remove_url_suffix() + public function _remove_url_suffix() { - if ($this->config->item('url_suffix') != "") + if ($this->config->item('url_suffix') != '') { - $this->uri_string = preg_replace("|".preg_quote($this->config->item('url_suffix'))."$|", "", $this->uri_string); + $this->uri_string = preg_replace('|'.preg_quote($this->config->item('url_suffix')).'$|', '', $this->uri_string); } } @@ -301,12 +292,13 @@ class CI_URI { * Explode the URI Segments. The individual segments will * be stored in the $this->segments array. * - * @access private + * Called by CI_Router + * * @return void */ - function _explode_segments() + public function _explode_segments() { - foreach (explode("/", preg_replace("|/*(.+?)/*$|", "\\1", $this->uri_string)) as $val) + foreach (explode('/', preg_replace('|/*(.+?)/*$|', '\\1', $this->uri_string)) as $val) { // Filter segments for security $val = trim($this->_filter_uri($val)); @@ -323,14 +315,15 @@ class CI_URI { * Re-index Segments * * This function re-indexes the $this->segment array so that it - * starts at 1 rather than 0. Doing so makes it simpler to + * starts at 1 rather than 0. Doing so makes it simpler to * use functions like $this->uri->segment(n) since there is * a 1:1 relationship between the segment array and the actual segments. * - * @access private + * Called by CI_Router + * * @return void */ - function _reindex_segments() + public function _reindex_segments() { array_unshift($this->segments, NULL); array_unshift($this->rsegments, NULL); @@ -345,12 +338,11 @@ class CI_URI { * * This function returns the URI segment based on the number provided. * - * @access public * @param integer * @param bool * @return string */ - function segment($n, $no_result = FALSE) + public function segment($n, $no_result = FALSE) { return ( ! isset($this->segments[$n])) ? $no_result : $this->segments[$n]; } @@ -364,12 +356,11 @@ class CI_URI { * based on the number provided. If there is no routing this function returns the * same result as $this->segment() * - * @access public * @param integer * @param bool * @return string */ - function rsegment($n, $no_result = FALSE) + public function rsegment($n, $no_result = FALSE) { return ( ! isset($this->rsegments[$n])) ? $no_result : $this->rsegments[$n]; } @@ -392,25 +383,22 @@ class CI_URI { * gender => male * ) * - * @access public * @param integer the starting segment number * @param array an array of default values * @return array */ - function uri_to_assoc($n = 3, $default = array()) + public function uri_to_assoc($n = 3, $default = array()) { return $this->_uri_to_assoc($n, $default, 'segment'); } /** * Identical to above only it uses the re-routed segment array * - * @access public * @param integer the starting segment number * @param array an array of default values * @return array - * */ - function ruri_to_assoc($n = 3, $default = array()) + public function ruri_to_assoc($n = 3, $default = array()) { return $this->_uri_to_assoc($n, $default, 'rsegment'); } @@ -420,25 +408,13 @@ class CI_URI { /** * Generate a key value pair from the URI string or Re-routed URI string * - * @access private * @param integer the starting segment number * @param array an array of default values * @param string which array we should use * @return array */ - function _uri_to_assoc($n = 3, $default = array(), $which = 'segment') + protected function _uri_to_assoc($n = 3, $default = array(), $which = 'segment') { - if ($which == 'segment') - { - $total_segments = 'total_segments'; - $segment_array = 'segment_array'; - } - else - { - $total_segments = 'total_rsegments'; - $segment_array = 'rsegment_array'; - } - if ( ! is_numeric($n)) { return $default; @@ -449,23 +425,30 @@ class CI_URI { return $this->keyval[$n]; } + if ($which === 'segment') + { + $total_segments = 'total_segments'; + $segment_array = 'segment_array'; + } + else + { + $total_segments = 'total_rsegments'; + $segment_array = 'rsegment_array'; + } + if ($this->$total_segments() < $n) { - if (count($default) == 0) + if (count($default) === 0) { return array(); } - $retval = array(); - foreach ($default as $val) - { - $retval[$val] = FALSE; - } - return $retval; + return function_exists('array_fill_keys') + ? array_fill_keys($default, FALSE) + : array_combine($default, array_fill(0, count($default), FALSE)); } $segments = array_slice($this->$segment_array(), ($n - 1)); - $i = 0; $lastval = ''; $retval = array(); @@ -506,16 +489,15 @@ class CI_URI { * Generate a URI string from an associative array * * - * @access public * @param array an associative array of key/values * @return array */ - function assoc_to_uri($array) + public function assoc_to_uri($array) { $temp = array(); foreach ((array)$array as $key => $val) { - $temp[] = $key; + $temp[] = $key; $temp[] = $val; } @@ -527,12 +509,11 @@ class CI_URI { /** * Fetch a URI Segment and add a trailing slash * - * @access public * @param integer * @param string * @return string */ - function slash_segment($n, $where = 'trailing') + public function slash_segment($n, $where = 'trailing') { return $this->_slash_segment($n, $where, 'segment'); } @@ -542,12 +523,11 @@ class CI_URI { /** * Fetch a URI Segment and add a trailing slash * - * @access public * @param integer * @param string * @return string */ - function slash_rsegment($n, $where = 'trailing') + public function slash_rsegment($n, $where = 'trailing') { return $this->_slash_segment($n, $where, 'rsegment'); } @@ -557,22 +537,20 @@ class CI_URI { /** * Fetch a URI Segment and add a trailing slash - helper function * - * @access private * @param integer * @param string * @param string * @return string */ - function _slash_segment($n, $where = 'trailing', $which = 'segment') + protected function _slash_segment($n, $where = 'trailing', $which = 'segment') { - $leading = '/'; - $trailing = '/'; + $leading = $trailing = '/'; - if ($where == 'trailing') + if ($where === 'trailing') { $leading = ''; } - elseif ($where == 'leading') + elseif ($where === 'leading') { $trailing = ''; } @@ -585,10 +563,9 @@ class CI_URI { /** * Segment Array * - * @access public * @return array */ - function segment_array() + public function segment_array() { return $this->segments; } @@ -598,10 +575,9 @@ class CI_URI { /** * Routed Segment Array * - * @access public * @return array */ - function rsegment_array() + public function rsegment_array() { return $this->rsegments; } @@ -611,10 +587,9 @@ class CI_URI { /** * Total number of segments * - * @access public * @return integer */ - function total_segments() + public function total_segments() { return count($this->segments); } @@ -624,10 +599,9 @@ class CI_URI { /** * Total number of routed segments * - * @access public * @return integer */ - function total_rsegments() + public function total_rsegments() { return count($this->rsegments); } @@ -637,10 +611,9 @@ class CI_URI { /** * Fetch the entire URI string * - * @access public * @return string */ - function uri_string() + public function uri_string() { return $this->uri_string; } @@ -651,16 +624,14 @@ class CI_URI { /** * Fetch the entire Re-routed URI string * - * @access public * @return string */ - function ruri_string() + public function ruri_string() { return '/'.implode('/', $this->rsegment_array()); } } -// END URI Class /* End of file URI.php */ -/* Location: ./system/core/URI.php */ \ No newline at end of file +/* Location: ./system/core/URI.php */ diff --git a/system/core/Utf8.php b/system/core/Utf8.php index 40a7ac4c0..0e180d36f 100644 --- a/system/core/Utf8.php +++ b/system/core/Utf8.php @@ -1,13 +1,13 @@ -item('charset') == 'UTF-8' // Application charset must be UTF-8 + && @ini_get('mbstring.func_overload') != 1 // Multibyte string function overloading cannot be enabled + && $CFG->item('charset') === 'UTF-8' // Application charset must be UTF-8 ) { - log_message('debug', "UTF-8 Support Enabled"); - define('UTF8_ENABLED', TRUE); + log_message('debug', 'UTF-8 Support Enabled'); // set internal encoding for multibyte string functions if necessary // and set a flag so we don't have to repeatedly use extension_loaded() @@ -77,8 +76,8 @@ class CI_Utf8 { } else { - log_message('debug', "UTF-8 Support Disabled"); define('UTF8_ENABLED', FALSE); + log_message('debug', 'UTF-8 Support Disabled'); } } @@ -134,18 +133,14 @@ class CI_Utf8 { { if (function_exists('iconv')) { - $str = @iconv($encoding, 'UTF-8', $str); + return @iconv($encoding, 'UTF-8', $str); } elseif (function_exists('mb_convert_encoding')) { - $str = @mb_convert_encoding($str, 'UTF-8', $encoding); - } - else - { - return FALSE; + return @mb_convert_encoding($str, 'UTF-8', $encoding); } - return $str; + return FALSE; } // -------------------------------------------------------------------- @@ -163,10 +158,7 @@ class CI_Utf8 { return (preg_match('/[^\x00-\x7F]/S', $str) === 0); } - // -------------------------------------------------------------------- - } -// End Utf8 Class /* End of file Utf8.php */ -/* Location: ./system/core/Utf8.php */ \ No newline at end of file +/* Location: ./system/core/Utf8.php */ -- cgit v1.2.3-24-g4f1b From a798fdb9a08a6f549bcc2a4ea6c6bad45cfef0a2 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sun, 8 Jan 2012 00:20:49 +0200 Subject: Remove a space :) --- system/core/URI.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/URI.php b/system/core/URI.php index 93105b1fd..eaf7b752b 100755 --- a/system/core/URI.php +++ b/system/core/URI.php @@ -497,7 +497,7 @@ class CI_URI { $temp = array(); foreach ((array)$array as $key => $val) { - $temp[] = $key; + $temp[] = $key; $temp[] = $val; } -- cgit v1.2.3-24-g4f1b From 75f7c12815c62782163a54e84707f50459b6ef5d Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sun, 8 Jan 2012 03:49:25 +0200 Subject: Remove loading of ['core'] elements --- system/core/Loader.php | 7 ------- 1 file changed, 7 deletions(-) (limited to 'system/core') diff --git a/system/core/Loader.php b/system/core/Loader.php index 689ae1ecd..272fe4291 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -1165,13 +1165,6 @@ class CI_Loader { } } - // A little tweak to remain backward compatible - // The $autoload['core'] item was deprecated - if ( ! isset($autoload['libraries']) AND isset($autoload['core'])) - { - $autoload['libraries'] = $autoload['core']; - } - // Load libraries if (isset($autoload['libraries']) AND count($autoload['libraries']) > 0) { -- cgit v1.2.3-24-g4f1b From 137749793d6cce57e03904f05239fa80eec48d13 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sun, 8 Jan 2012 04:30:33 +0200 Subject: Switch some public properties to protected --- system/core/Input.php | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) (limited to 'system/core') diff --git a/system/core/Input.php b/system/core/Input.php index 07bb30b15..13bf76fd6 100755 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -57,20 +57,20 @@ class CI_Input { * * @var bool */ - public $_allow_get_array = TRUE; + protected $_allow_get_array = TRUE; /** * If TRUE, then newlines are standardized * * @var bool */ - public $_standardize_newlines = TRUE; + protected $_standardize_newlines = TRUE; /** * Determines whether the XSS filter is always active when GET, POST or COOKIE data is encountered * Set automatically based on config setting * * @var bool */ - public $_enable_xss = FALSE; + protected $_enable_xss = FALSE; /** * Enables a CSRF cookie token to be set. * Set automatically based on config setting @@ -85,17 +85,15 @@ class CI_Input { */ protected $headers = array(); - /** * Constructor * * Sets whether to globally enable the XSS processing * and whether to allow the $_GET array - * */ public function __construct() { - log_message('debug', "Input Class Initialized"); + log_message('debug', 'Input Class Initialized'); $this->_allow_get_array = (config_item('allow_get_array') === TRUE); $this->_enable_xss = (config_item('global_xss_filtering') === TRUE); -- cgit v1.2.3-24-g4f1b From c90d651e8531142d36326d5c3451d7899fb00f76 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sun, 8 Jan 2012 04:35:02 +0200 Subject: Style guide stuff --- system/core/Output.php | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) (limited to 'system/core') diff --git a/system/core/Output.php b/system/core/Output.php index 272545046..1beee734f 100755 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -488,8 +488,7 @@ class CI_Output { $uri = $CFG->item('base_url').$CFG->item('index_page').$URI->uri_string; $filepath = $cache_path.md5($uri); - if ( ! @file_exists($filepath) - OR ! $fp = @fopen($filepath, FOPEN_READ)) + if ( ! @file_exists($filepath) OR ! $fp = @fopen($filepath, FOPEN_READ)) { return FALSE; } @@ -508,8 +507,7 @@ class CI_Output { } // Has the file expired? If so we'll delete it. - if (time() >= trim(str_replace('TS--->', '', $match[1])) - AND is_really_writable($cache_path)) + if (time() >= trim(str_replace('TS--->', '', $match[1])) && is_really_writable($cache_path)) { @unlink($filepath); log_message('debug', 'Cache file has expired. File deleted.'); -- cgit v1.2.3-24-g4f1b From 29ce5d90b4276fc8a4e9354c1435963111f09a24 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sun, 8 Jan 2012 04:43:31 +0200 Subject: Replace AND with && --- system/core/CodeIgniter.php | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) (limited to 'system/core') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index e3d818825..cb5d439bd 100755 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -59,7 +59,7 @@ * Load the framework constants * ------------------------------------------------------ */ - if (defined('ENVIRONMENT') AND file_exists(APPPATH.'config/'.ENVIRONMENT.'/constants.php')) + if (defined('ENVIRONMENT') && file_exists(APPPATH.'config/'.ENVIRONMENT.'/constants.php')) { require(APPPATH.'config/'.ENVIRONMENT.'/constants.php'); } @@ -96,7 +96,7 @@ * Note: Since the config file data is cached it doesn't * hurt to load it here. */ - if (isset($assign_to_config['subclass_prefix']) AND $assign_to_config['subclass_prefix'] != '') + if (isset($assign_to_config['subclass_prefix']) && $assign_to_config['subclass_prefix'] != '') { get_config(array('subclass_prefix' => $assign_to_config['subclass_prefix'])); } @@ -106,8 +106,8 @@ * Set a liberal script execution time limit * ------------------------------------------------------ */ - if (function_exists('set_time_limit') AND @ini_get('safe_mode') == 0 - AND php_sapi_name() !== 'cli') // Do not override the Time Limit value if running from Command Line + if (function_exists('set_time_limit') && @ini_get('safe_mode') == 0 + && php_sapi_name() !== 'cli') // Do not override the Time Limit value if running from Command Line { @set_time_limit(300); } @@ -195,7 +195,7 @@ * ------------------------------------------------------ */ if ($EXT->_call_hook('cache_override') === FALSE - AND $OUT->_display_cache($CFG, $URI) == TRUE) + && $OUT->_display_cache($CFG, $URI) == TRUE) { exit; } @@ -393,7 +393,7 @@ * Close the DB connection if one exists * ------------------------------------------------------ */ - if (class_exists('CI_DB') AND isset($CI->db)) + if (class_exists('CI_DB') && isset($CI->db)) { $CI->db->close(); } -- cgit v1.2.3-24-g4f1b From 90cfe14b8458a3c84825a741cd750c5a02690f3b Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sun, 8 Jan 2012 04:46:42 +0200 Subject: Switch private methods to protected --- system/core/Input.php | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'system/core') diff --git a/system/core/Input.php b/system/core/Input.php index 13bf76fd6..7a16e51ab 100755 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -391,7 +391,7 @@ class CI_Input { { // IP segments must be digits and can not be // longer than 3 digits or greater then 255 - if ($segment == '' OR preg_match("/[^0-9]/", $segment) OR $segment > 255 OR strlen($segment) > 3) + if ($segment == '' OR preg_match('/[^0-9]/', $segment) OR $segment > 255 OR strlen($segment) > 3) { return FALSE; } @@ -430,7 +430,7 @@ class CI_Input { * * @return void */ - private function _sanitize_globals() + protected function _sanitize_globals() { // It would be "wrong" to unset any of these GLOBALS. $protected = array('_SERVER', '_GET', '_POST', '_FILES', '_REQUEST', @@ -516,7 +516,7 @@ class CI_Input { $this->security->csrf_verify(); } - log_message('debug', "Global POST and COOKIE data sanitized"); + log_message('debug', 'Global POST and COOKIE data sanitized'); } // -------------------------------------------------------------------- @@ -530,7 +530,7 @@ class CI_Input { * @param string * @return string */ - private function _clean_input_data($str) + protected function _clean_input_data($str) { if (is_array($str)) { @@ -588,7 +588,7 @@ class CI_Input { * @param string * @return string */ - private function _clean_input_keys($str) + protected function _clean_input_keys($str) { if ( ! preg_match('/^[a-z0-9:_\/-]+$/i', $str)) { -- cgit v1.2.3-24-g4f1b From 8a7d078233bfb80fa01ee090e14ce0664f23b96b Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sun, 8 Jan 2012 05:43:42 +0200 Subject: Remove some tabs --- system/core/Security.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Security.php b/system/core/Security.php index f09298bba..d7881d846 100755 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -176,7 +176,7 @@ class CI_Security { unset($_COOKIE[$this->_csrf_cookie_name]); $this->_csrf_hash = ''; } - + $this->_csrf_set_hash(); $this->csrf_set_cookie(); -- cgit v1.2.3-24-g4f1b From 0609d588a4340fc9a9cfbc0ff76c39bba9ab09fb Mon Sep 17 00:00:00 2001 From: Michiel Vugteveen Date: Sun, 8 Jan 2012 13:26:17 +0100 Subject: Fixes for issue 896 --- system/core/Common.php | 2 +- system/core/Output.php | 3 +-- system/core/URI.php | 5 +++-- 3 files changed, 5 insertions(+), 5 deletions(-) (limited to 'system/core') diff --git a/system/core/Common.php b/system/core/Common.php index 6ef229629..1f59c02d7 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -235,7 +235,7 @@ if ( ! function_exists('get_config')) } // Is the config file in the environment folder? - if ( ! defined('ENVIRONMENT') OR ! file_exists($file_path = APPPATH.'config/'.ENVIRONMENT..'/config.php')) + if ( ! defined('ENVIRONMENT') OR ! file_exists($file_path = APPPATH.'config/'.ENVIRONMENT.'/config.php')) { $file_path = APPPATH.'config/config.php'; } diff --git a/system/core/Output.php b/system/core/Output.php index 1beee734f..da5c29044 100755 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -129,7 +129,6 @@ class CI_Output { * * Sets the output string * - * @access public * @param string * @return void */ @@ -282,7 +281,7 @@ class CI_Output { * @param integer * @return void */ - publi function cache($time) + public function cache($time) { $this->cache_expiration = ( ! is_numeric($time)) ? 0 : $time; return $this; diff --git a/system/core/URI.php b/system/core/URI.php index eaf7b752b..b28ee198b 100755 --- a/system/core/URI.php +++ b/system/core/URI.php @@ -186,11 +186,12 @@ class CI_URI { return ''; } - if (strpos($_SERVER['REQUEST_URI'], $_SERVER['SCRIPT_NAME']) === 0) + $uri = $_SERVER['REQUEST_URI']; + if (strpos($uri, $_SERVER['SCRIPT_NAME']) === 0) { $uri = substr($uri, strlen($_SERVER['SCRIPT_NAME'])); } - elseif (strpos($_SERVER['REQUEST_URI'], dirname($_SERVER['SCRIPT_NAME'])) === 0) + elseif (strpos($uri, dirname($_SERVER['SCRIPT_NAME'])) === 0) { $uri = substr($uri, strlen(dirname($_SERVER['SCRIPT_NAME']))); } -- cgit v1.2.3-24-g4f1b From edc875593d3ddbd0fe86caf6380a62b00a20f245 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 9 Jan 2012 09:35:10 +0200 Subject: Fix a possible notice in Output library --- system/core/Output.php | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) (limited to 'system/core') diff --git a/system/core/Output.php b/system/core/Output.php index da5c29044..69a2e5f88 100755 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -397,14 +397,12 @@ class CI_Output { // If the output data contains closing and tags // we will remove them and add them back after we insert the profile data $output = preg_replace('|.*?|is', '', $output, $count).$CI->profiler->run(); - if ($count > 0) + if (isset($count) && $count > 0) { $output .= ''; } } - // -------------------------------------------------------------------- - // Does the controller contain a function named _output()? // If so send the output there. Otherwise, echo it. if (method_exists($CI, '_output')) @@ -413,7 +411,7 @@ class CI_Output { } else { - echo $output; // Send it to the browser! + echo $output; // Send it to the browser! } log_message('debug', 'Final output sent to browser'); -- cgit v1.2.3-24-g4f1b From cba20b164fdb1e60225b4f1fc04b7a31c4ffa106 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 9 Jan 2012 10:16:41 +0200 Subject: Really fix this ... --- system/core/Output.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'system/core') diff --git a/system/core/Output.php b/system/core/Output.php index 69a2e5f88..d27133d37 100755 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -396,8 +396,9 @@ class CI_Output { // If the output data contains closing and tags // we will remove them and add them back after we insert the profile data - $output = preg_replace('|.*?|is', '', $output, $count).$CI->profiler->run(); - if (isset($count) && $count > 0) + $count = 0; + $output = preg_replace('|.*?|is', '', $output, -1, $count).$CI->profiler->run(); + if ($count > 0) { $output .= ''; } -- cgit v1.2.3-24-g4f1b From a96a9c8e6c7a113c808ba047808180b33360d3dd Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 9 Jan 2012 11:01:15 +0200 Subject: Remove once again ... --- system/core/Output.php | 1 - 1 file changed, 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Output.php b/system/core/Output.php index d27133d37..abd8a0ea9 100755 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -396,7 +396,6 @@ class CI_Output { // If the output data contains closing and tags // we will remove them and add them back after we insert the profile data - $count = 0; $output = preg_replace('|.*?|is', '', $output, -1, $count).$CI->profiler->run(); if ($count > 0) { -- cgit v1.2.3-24-g4f1b From d47baab1bd4d655a68981834d11727ae8c2a3a45 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 9 Jan 2012 16:56:46 +0200 Subject: Fix issue #904 --- system/core/Common.php | 2 +- system/core/Loader.php | 12 +++++------- 2 files changed, 6 insertions(+), 8 deletions(-) (limited to 'system/core') diff --git a/system/core/Common.php b/system/core/Common.php index 1f59c02d7..2f9c4ff43 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -199,7 +199,7 @@ if ( ! function_exists('load_class')) */ if ( ! function_exists('is_loaded')) { - function is_loaded($class = '') + function &is_loaded($class = '') { static $_is_loaded = array(); diff --git a/system/core/Loader.php b/system/core/Loader.php index 272fe4291..12daaa928 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -250,10 +250,10 @@ class CI_Loader { if (($last_slash = strrpos($model, '/')) !== FALSE) { // The path is in front of the last slash - $path = substr($model, 0, $last_slash + 1); + $path = substr($model, 0, ++$last_slash); // And the model name behind it - $model = substr($model, $last_slash + 1); + $model = substr($model, $last_slash); } if ($name == '') @@ -833,10 +833,9 @@ class CI_Loader { // If the PHP installation does not support short tags we'll // do a little string replacement, changing the short tags // to standard PHP echo statements. - if ((bool) @ini_get('short_open_tag') === FALSE AND config_item('rewrite_short_tags') == TRUE) { - echo eval('?>'.preg_replace("/;*\s*\?>/", "; ?>", str_replace(''.preg_replace('/;*\s*\?>/', '; ?>', str_replace(' $this->_ci_ob_level + 1) { @@ -1233,13 +1231,13 @@ class CI_Loader { { if ( ! is_array($filename)) { - return array(strtolower(str_replace('.php', '', str_replace($extension, '', $filename)).$extension)); + return array(strtolower(str_replace(array($extension, '.php'), '', $filename).$extension)); } else { foreach ($filename as $key => $val) { - $filename[$key] = strtolower(str_replace('.php', '', str_replace($extension, '', $val)).$extension); + $filename[$key] = strtolower(str_replace(array($extension, '.php'), '', $val).$extension); } return $filename; -- cgit v1.2.3-24-g4f1b From 4562f2cbb3e5346c6e341516a31ca87dfa47bafd Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 9 Jan 2012 23:39:50 +0200 Subject: Some more stuff ... --- system/core/Security.php | 23 ++++++----------------- 1 file changed, 6 insertions(+), 17 deletions(-) (limited to 'system/core') diff --git a/system/core/Security.php b/system/core/Security.php index d7881d846..1007f61f4 100755 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -153,20 +153,13 @@ class CI_Security { } // Do the tokens exist in both the _POST and _COOKIE arrays? - if ( ! isset($_POST[$this->_csrf_token_name]) OR - ! isset($_COOKIE[$this->_csrf_cookie_name])) + if ( ! isset($_POST[$this->_csrf_token_name]) OR ! isset($_COOKIE[$this->_csrf_cookie_name]) + OR $_POST[$this->_csrf_token_name] != $_COOKIE[$this->_csrf_cookie_name]) // Do the tokens match? { $this->csrf_show_error(); } - // Do the tokens match? - if ($_POST[$this->_csrf_token_name] != $_COOKIE[$this->_csrf_cookie_name]) - { - $this->csrf_show_error(); - } - - // We kill this since we're done and we don't want to - // polute the _POST array + // We kill this since we're done and we don't want to polute the _POST array unset($_POST[$this->_csrf_token_name]); // Regenerate on every submission? @@ -308,10 +301,9 @@ class CI_Security { * This permits our tests below to work reliably. * We only convert entities that are within tags since * these are the ones that will pose security problems. - * */ $str = preg_replace_callback("/[a-z]+=([\'\"]).*?\\1/si", array($this, '_convert_attribute'), $str); - $str = preg_replace_callback("/<\w+.*?(?=>|<|$)/si", array($this, '_decode_entity'), $str); + $str = preg_replace_callback('/<\w+.*?(?=>|<|$)/si', array($this, '_decode_entity'), $str); // Remove Invisible Characters Again! $str = remove_invisible_characters($str); @@ -326,9 +318,7 @@ class CI_Security { */ $str = str_replace("\t", ' ', $str); - /* - * Capture converted string for later comparison - */ + // Capture converted string for later comparison $converted_string = $str; // Remove Strings that are never allowed @@ -720,12 +710,11 @@ class CI_Security { protected function _filter_attributes($str) { $out = ''; - if (preg_match_all('#\s*[a-z\-]+\s*=\s*(\042|\047)([^\\1]*?)\\1#is', $str, $matches)) { foreach ($matches[0] as $match) { - $out .= preg_replace("#/\*.*?\*/#s", '', $match); + $out .= preg_replace('#/\*.*?\*/#s', '', $match); } } -- cgit v1.2.3-24-g4f1b From 4b13061308301cd307fe5317604265ab934fb046 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 10 Jan 2012 16:09:55 +0200 Subject: Fixed a bug in CI_Lang::load() --- system/core/Lang.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Lang.php b/system/core/Lang.php index 088cb6c9c..c40a6856e 100755 --- a/system/core/Lang.php +++ b/system/core/Lang.php @@ -130,7 +130,7 @@ class CI_Lang { } $this->is_loaded[] = $langfile; - $this->language = $this->language + $lang; + $this->language = array_merge($this->language, $lang); unset($lang); log_message('debug', 'Language file loaded: language/'.$idiom.'/'.$langfile); -- cgit v1.2.3-24-g4f1b From 176b363e534da12a38a75c9e2ba273846dfa35a7 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 10 Jan 2012 18:14:28 +0200 Subject: Fix a bug in system/core/CodeIgniter.php --- system/core/CodeIgniter.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index cb5d439bd..7af3c485d 100755 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -267,7 +267,7 @@ $method = $RTR->fetch_method(); if ( ! class_exists($class) - OR strpos($method, '_', 1) === 0 + OR strpos($method, '_') === 0 OR in_array(strtolower($method), array_map('strtolower', get_class_methods('CI_Controller'))) ) { -- cgit v1.2.3-24-g4f1b From 0a9325c86cd5ccbdfe0c70ffb9bf816c8e15e148 Mon Sep 17 00:00:00 2001 From: Ross Duggan Date: Tue, 31 Jan 2012 15:47:52 +0000 Subject: HTTPS detection fix More closely follow the wording of the $_SERVER['HTTPS'] description in the PHP manual, which specifies a "non-empty" value rather than "non-null" --- system/core/Config.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Config.php b/system/core/Config.php index 66369115a..68417435d 100755 --- a/system/core/Config.php +++ b/system/core/Config.php @@ -80,7 +80,7 @@ class CI_Config { { if (isset($_SERVER['HTTP_HOST'])) { - $base_url = isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) !== 'off' ? 'https' : 'http'; + $base_url = ! empty($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) !== 'off' ? 'https' : 'http'; $base_url .= '://'. $_SERVER['HTTP_HOST'] . str_replace(basename($_SERVER['SCRIPT_NAME']), '', $_SERVER['SCRIPT_NAME']); } -- cgit v1.2.3-24-g4f1b From d63e40138e675df40f3a17e04972e82e7a748307 Mon Sep 17 00:00:00 2001 From: Kevin Cupp Date: Sun, 5 Feb 2012 14:14:32 -0500 Subject: Adding in a few 503 status codes for common errors in response to this ExpressionEngine bug about errors getting cached by reverse proxies who cache 200 responses: http://expressionengine.com/bug_tracker/bug/17420 --- system/core/Common.php | 3 +++ system/core/Input.php | 1 + 2 files changed, 4 insertions(+) (limited to 'system/core') diff --git a/system/core/Common.php b/system/core/Common.php index 2f9c4ff43..225227d17 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -177,6 +177,7 @@ if ( ! function_exists('load_class')) { // Note: We use exit() rather then show_error() in order to avoid a // self-referencing loop with the Excptions class + set_status_header(503); exit('Unable to locate the specified class: '.$class.'.php'); } @@ -243,6 +244,7 @@ if ( ! function_exists('get_config')) // Fetch the config file if ( ! file_exists($file_path)) { + set_status_header(503); exit('The configuration file does not exist.'); } @@ -251,6 +253,7 @@ if ( ! function_exists('get_config')) // Does the $config array exist in the file? if ( ! isset($config) OR ! is_array($config)) { + set_status_header(503); exit('Your config file does not appear to be formatted correctly.'); } diff --git a/system/core/Input.php b/system/core/Input.php index 7a16e51ab..3339d97c5 100755 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -592,6 +592,7 @@ class CI_Input { { if ( ! preg_match('/^[a-z0-9:_\/-]+$/i', $str)) { + set_status_header(503); exit('Disallowed Key Characters.'); } -- cgit v1.2.3-24-g4f1b From 9448afb6da995098ce4ca2d24eb3d82b26434b4b Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 8 Feb 2012 19:49:19 +0200 Subject: Fix CI_Input::is_ajax_request() --- system/core/Input.php | 66 ++++++++++++++++++++++----------------------------- 1 file changed, 29 insertions(+), 37 deletions(-) (limited to 'system/core') diff --git a/system/core/Input.php b/system/core/Input.php index 3339d97c5..670f7a11f 100755 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -25,8 +25,6 @@ * @filesource */ -// ------------------------------------------------------------------------ - /** * Input Class * @@ -152,7 +150,7 @@ class CI_Input { public function get($index = NULL, $xss_clean = FALSE) { // Check if a field has been provided - if ($index === NULL AND ! empty($_GET)) + if ($index === NULL && ! empty($_GET)) { $get = array(); @@ -179,7 +177,7 @@ class CI_Input { public function post($index = NULL, $xss_clean = FALSE) { // Check if a field has been provided - if ($index === NULL AND ! empty($_POST)) + if ($index === NULL && ! empty($_POST)) { $post = array(); @@ -206,9 +204,9 @@ class CI_Input { */ public function get_post($index = '', $xss_clean = FALSE) { - return ( ! isset($_POST[$index])) - ? $this->get($index, $xss_clean) - : $this->post($index, $xss_clean); + return isset($_POST[$index]) + ? $this->post($index, $xss_clean) + : $this->get($index, $xss_clean); } // -------------------------------------------------------------------- @@ -256,19 +254,19 @@ class CI_Input { } } - if ($prefix == '' AND config_item('cookie_prefix') != '') + if ($prefix == '' && config_item('cookie_prefix') != '') { $prefix = config_item('cookie_prefix'); } - if ($domain == '' AND config_item('cookie_domain') != '') + if ($domain == '' && config_item('cookie_domain') != '') { $domain = config_item('cookie_domain'); } - if ($path == '/' AND config_item('cookie_path') != '/') + if ($path == '/' && config_item('cookie_path') !== '/') { $path = config_item('cookie_path'); } - if ($secure == FALSE AND config_item('cookie_secure') != FALSE) + if ($secure == FALSE && config_item('cookie_secure') != FALSE) { $secure = config_item('cookie_secure'); } @@ -320,11 +318,11 @@ class CI_Input { $this->ip_address = in_array($_SERVER['REMOTE_ADDR'], $proxies) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR']; } - elseif ( ! $this->server('HTTP_CLIENT_IP') AND $this->server('REMOTE_ADDR')) + elseif ( ! $this->server('HTTP_CLIENT_IP') && $this->server('REMOTE_ADDR')) { $this->ip_address = $_SERVER['REMOTE_ADDR']; } - elseif ($this->server('REMOTE_ADDR') AND $this->server('HTTP_CLIENT_IP')) + elseif ($this->server('REMOTE_ADDR') && $this->server('HTTP_CLIENT_IP')) { $this->ip_address = $_SERVER['HTTP_CLIENT_IP']; } @@ -414,7 +412,7 @@ class CI_Input { return $this->user_agent; } - return $this->user_agent = ( ! isset($_SERVER['HTTP_USER_AGENT'])) ? FALSE : $_SERVER['HTTP_USER_AGENT']; + return $this->user_agent = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : FALSE; } // -------------------------------------------------------------------- @@ -469,19 +467,16 @@ class CI_Input { { $_GET = array(); } - else + elseif (is_array($_GET) && count($_GET) > 0) { - if (is_array($_GET) AND count($_GET) > 0) + foreach ($_GET as $key => $val) { - foreach ($_GET as $key => $val) - { - $_GET[$this->_clean_input_keys($key)] = $this->_clean_input_data($val); - } + $_GET[$this->_clean_input_keys($key)] = $this->_clean_input_data($val); } } // Clean $_POST Data - if (is_array($_POST) AND count($_POST) > 0) + if (is_array($_POST) && count($_POST) > 0) { foreach ($_POST as $key => $val) { @@ -490,7 +485,7 @@ class CI_Input { } // Clean $_COOKIE Data - if (is_array($_COOKIE) AND count($_COOKIE) > 0) + if (is_array($_COOKIE) && count($_COOKIE) > 0) { // Also get rid of specially treated cookies that might be set by a server // or silly application, that are of no use to a CI application anyway @@ -568,7 +563,7 @@ class CI_Input { } // Standardize newlines if needed - if ($this->_standardize_newlines == TRUE AND strpos($str, "\r") !== FALSE) + if ($this->_standardize_newlines == TRUE && strpos($str, "\r") !== FALSE) { return str_replace(array("\r\n", "\r", "\r\n\n"), PHP_EOL, $str); } @@ -625,7 +620,7 @@ class CI_Input { } else { - $headers['Content-Type'] = (isset($_SERVER['CONTENT_TYPE'])) ? $_SERVER['CONTENT_TYPE'] : @getenv('CONTENT_TYPE'); + $headers['Content-Type'] = isset($_SERVER['CONTENT_TYPE']) ? $_SERVER['CONTENT_TYPE'] : @getenv('CONTENT_TYPE'); foreach ($_SERVER as $key => $val) { @@ -655,9 +650,9 @@ class CI_Input { * * Returns the value of a single member of the headers class member * - * @param string array key for $this->headers - * @param boolean XSS Clean or not - * @return mixed FALSE on failure, string on success + * @param string array key for $this->headers + * @param bool XSS Clean or not + * @return mixed FALSE on failure, string on success */ public function get_request_header($index, $xss_clean = FALSE) { @@ -671,12 +666,9 @@ class CI_Input { return FALSE; } - if ($xss_clean === TRUE) - { - return $this->security->xss_clean($this->headers[$index]); - } - - return $this->headers[$index]; + return ($xss_clean === TRUE) + ? $this->security->xss_clean($this->headers[$index]) + : $this->headers[$index]; } // -------------------------------------------------------------------- @@ -686,11 +678,11 @@ class CI_Input { * * Test to see if a request contains the HTTP_X_REQUESTED_WITH header * - * @return boolean + * @return bool */ public function is_ajax_request() { - return ($this->server('HTTP_X_REQUESTED_WITH') === 'XMLHttpRequest'); + return ( ! empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) === 'xmlhttprequest'); } // -------------------------------------------------------------------- @@ -700,11 +692,11 @@ class CI_Input { * * Test to see if a request was made from the command line * - * @return boolean + * @return bool */ public function is_cli_request() { - return (php_sapi_name() === 'cli') or defined('STDIN'); + return (php_sapi_name() === 'cli' OR defined('STDIN')); } } -- cgit v1.2.3-24-g4f1b From 773e117f0bfd103116397d26f0ea1d1854de5ca8 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 8 Feb 2012 23:02:19 +0200 Subject: Remove a few spaces --- system/core/Input.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'system/core') diff --git a/system/core/Input.php b/system/core/Input.php index 670f7a11f..ee15f4013 100755 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -650,9 +650,9 @@ class CI_Input { * * Returns the value of a single member of the headers class member * - * @param string array key for $this->headers + * @param string array key for $this->headers * @param bool XSS Clean or not - * @return mixed FALSE on failure, string on success + * @return mixed FALSE on failure, string on success */ public function get_request_header($index, $xss_clean = FALSE) { -- cgit v1.2.3-24-g4f1b