From 689f95d2c8bcbd0ac2f538c237dff471fbcff048 Mon Sep 17 00:00:00 2001 From: Eric Barnes Date: Tue, 26 Apr 2011 09:59:29 -0400 Subject: Automatic base_url generation was missing a ending slash. --- system/core/Config.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Config.php b/system/core/Config.php index fa71f4d3d..55c623b3c 100644 --- a/system/core/Config.php +++ b/system/core/Config.php @@ -55,7 +55,7 @@ class CI_Config { { $base_url = isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) !== 'off' ? 'https' : 'http'; $base_url .= '://'. $_SERVER['HTTP_HOST']; - $base_url .= str_replace(basename($_SERVER['SCRIPT_NAME']), '', $_SERVER['SCRIPT_NAME']); + $base_url .= str_replace(basename($_SERVER['SCRIPT_NAME']), '', $_SERVER['SCRIPT_NAME']).'/'; } else -- cgit v1.2.3-24-g4f1b From 8eef9c77512d4fad5357d3cbda83b89f844d7d16 Mon Sep 17 00:00:00 2001 From: Joe Cianflone Date: Sun, 21 Aug 2011 10:39:06 -0400 Subject: Ability to move the view folder out of the Application directory * index.php -- added the $view_folder var and VIEWPATH constant * Loader.php -- changed the private _ci_view_paths var so that it's not hardcoded to the view dir, but looks for the VIEWPATH constant instead --- system/core/Loader.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Loader.php b/system/core/Loader.php index e7fa3d3f6..452dc0b4c 100755 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -127,7 +127,7 @@ class CI_Loader { $this->_ci_library_paths = array(APPPATH, BASEPATH); $this->_ci_helper_paths = array(APPPATH, BASEPATH); $this->_ci_model_paths = array(APPPATH); - $this->_ci_view_paths = array(APPPATH.'views/' => TRUE); + $this->_ci_view_paths = array(VIEWPATH => TRUE); log_message('debug', "Loader Class Initialized"); } -- cgit v1.2.3-24-g4f1b From aeb2c3e532e78be9ac78ba6fd4a305b7be31d2ab Mon Sep 17 00:00:00 2001 From: Alex Bilbie Date: Sun, 21 Aug 2011 16:14:54 +0100 Subject: Added new config parameter "csrf_exclude_uris" which allows for URIs to be whitelisted from CSRF verification. Fixes #149 --- system/core/Security.php | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Security.php b/system/core/Security.php index 3617cadcc..efd30eb14 100644 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -93,6 +93,16 @@ class CI_Security { { return $this->csrf_set_cookie(); } + + // Check if URI has been whitelisted from CSRF checks + if ($exclude_uris = config_item('csrf_exclude_uris')) + { + $uri = load_class('URI', 'core'); + if (in_array($uri->uri_string(), $exclude_uris)) + { + return $this; + } + } // Do the tokens exist in both the _POST and _COOKIE arrays? if ( ! isset($_POST[$this->_csrf_token_name]) OR @@ -116,7 +126,7 @@ class CI_Security { $this->_csrf_set_hash(); $this->csrf_set_cookie(); - log_message('debug', "CSRF token verified "); + log_message('debug', "CSRF token verified"); return $this; } -- cgit v1.2.3-24-g4f1b From 52c10b68c275248eb7e12ec1d039876cd5f81f11 Mon Sep 17 00:00:00 2001 From: John Bellone Date: Sun, 21 Aug 2011 11:41:32 -0400 Subject: Making changes to stop remote spoofing --- system/core/Input.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'system/core') diff --git a/system/core/Input.php b/system/core/Input.php index cfbef942d..365f779de 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -287,13 +287,13 @@ class CI_Input { $this->ip_address = in_array($_SERVER['REMOTE_ADDR'], $proxies) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR']; } - elseif ($this->server('REMOTE_ADDR') AND $this->server('HTTP_CLIENT_IP')) + elseif ($this->server('REMOTE_ADDR') AND ! $this->server('HTTP_CLIENT_IP')) { - $this->ip_address = $_SERVER['HTTP_CLIENT_IP']; + $this->ip_address = $_SERVER['REMOTE_ADDR']; } - elseif ($this->server('REMOTE_ADDR')) + elseif ($this->server('REMOTE_ADDR') AND $this->server('HTTP_CLIENT_IP')) { - $this->ip_address = $_SERVER['REMOTE_ADDR']; + $this->ip_address = $_SERVER['HTTP_CLIENT_IP']; } elseif ($this->server('HTTP_CLIENT_IP')) { -- cgit v1.2.3-24-g4f1b From 16f27b402049dc2ff0cc09faf4885aee944ba639 Mon Sep 17 00:00:00 2001 From: John Bellone Date: Sun, 21 Aug 2011 11:45:11 -0400 Subject: Changed order --- system/core/Input.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Input.php b/system/core/Input.php index 365f779de..df9d2a5b7 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -287,7 +287,7 @@ class CI_Input { $this->ip_address = in_array($_SERVER['REMOTE_ADDR'], $proxies) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR']; } - elseif ($this->server('REMOTE_ADDR') AND ! $this->server('HTTP_CLIENT_IP')) + elseif (! $this->server('HTTP_CLIENT_IP') AND $this->server('REMOTE_ADDR')) { $this->ip_address = $_SERVER['REMOTE_ADDR']; } -- cgit v1.2.3-24-g4f1b From ab57a3520eafacaf2f130b3f4778a57a632fac1c Mon Sep 17 00:00:00 2001 From: Shane Pearson Date: Mon, 22 Aug 2011 16:11:20 -0500 Subject: Fix #8 - Load core classes from the application folder first. --- system/core/Common.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'system/core') diff --git a/system/core/Common.php b/system/core/Common.php index db9fbeb9f..3c62403ac 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -132,9 +132,9 @@ if ( ! function_exists('load_class')) $name = FALSE; - // Look for the class first in the native system/libraries folder - // thenin the local application/libraries folder - foreach (array(BASEPATH, APPPATH) as $path) + // Look for the class first in the local application/libraries folder + // then in the native system/libraries folder + foreach (array(APPPATH, BASEPATH) as $path) { if (file_exists($path.$directory.'/'.$class.'.php')) { -- cgit v1.2.3-24-g4f1b From 665baec264c04fb3284e313d59e102b2bf041e37 Mon Sep 17 00:00:00 2001 From: Shane Pearson Date: Mon, 22 Aug 2011 18:52:19 -0500 Subject: make _ci_autoloader() protected so it can be properly extended. --- system/core/Loader.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Loader.php b/system/core/Loader.php index 452dc0b4c..de0fc06d2 100755 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -1106,7 +1106,7 @@ class CI_Loader { * @param array * @return void */ - private function _ci_autoloader() + protected function _ci_autoloader() { if (defined('ENVIRONMENT') AND file_exists(APPPATH.'config/'.ENVIRONMENT.'/autoload.php')) { -- cgit v1.2.3-24-g4f1b From fbac8b4553942db4be52e872d9fd68717e5006e4 Mon Sep 17 00:00:00 2001 From: kenjis Date: Thu, 25 Aug 2011 10:51:44 +0900 Subject: add html_escape() function to escape HTML. --- system/core/Common.php | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) (limited to 'system/core') diff --git a/system/core/Common.php b/system/core/Common.php index 3c62403ac..d79375475 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -536,5 +536,29 @@ if ( ! function_exists('remove_invisible_characters')) } } +// ------------------------------------------------------------------------ + +/** +* Returns HTML escaped variable +* +* @access public +* @param mixed +* @return mixed +*/ +if ( ! function_exists('html_escape')) +{ + function html_escape($var) + { + if (is_array($var)) + { + return array_map('html_escape', $var); + } + else + { + return htmlspecialchars($var, ENT_QUOTES, config_item('charset')); + } + } +} + /* End of file Common.php */ /* Location: ./system/core/Common.php */ \ No newline at end of file -- cgit v1.2.3-24-g4f1b From 373043fef2723d7cbdd768d1930363ac6fecba68 Mon Sep 17 00:00:00 2001 From: Frank Michel Date: Thu, 25 Aug 2011 00:11:00 -0400 Subject: fix for issue #292 with multiple language files --- system/core/Lang.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'system/core') diff --git a/system/core/Lang.php b/system/core/Lang.php index 5ac671838..e140a6a60 100755 --- a/system/core/Lang.php +++ b/system/core/Lang.php @@ -112,7 +112,7 @@ class CI_Lang { } - if ( ! isset($lang)) + if ( ! isset($lang) || ! is_array($lang)) { log_message('error', 'Language file contains no data: language/'.$idiom.'/'.$langfile); return; @@ -124,7 +124,7 @@ class CI_Lang { } $this->is_loaded[] = $langfile; - $this->language = array_merge($this->language, $lang); + $this->language = $this->language + $lang; unset($lang); log_message('debug', 'Language file loaded: language/'.$idiom.'/'.$langfile); -- cgit v1.2.3-24-g4f1b From cb272b60e55882246677db929bc2e0a58f31397d Mon Sep 17 00:00:00 2001 From: Frank Michel Date: Thu, 25 Aug 2011 10:59:55 -0400 Subject: fixed logical operator OR in core/lang --- system/core/Lang.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Lang.php b/system/core/Lang.php index e140a6a60..d61d1029a 100755 --- a/system/core/Lang.php +++ b/system/core/Lang.php @@ -112,7 +112,7 @@ class CI_Lang { } - if ( ! isset($lang) || ! is_array($lang)) + if ( ! isset($lang) OR ! is_array($lang)) { log_message('error', 'Language file contains no data: language/'.$idiom.'/'.$langfile); return; -- cgit v1.2.3-24-g4f1b From f7345e4f5f6e44886eac337d8da064f541df8b9a Mon Sep 17 00:00:00 2001 From: Paul Date: Sat, 27 Aug 2011 06:51:16 +1200 Subject: changed private functions to protected so MY_URI can override them. --- system/core/URI.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'system/core') diff --git a/system/core/URI.php b/system/core/URI.php index a3ae20cc3..8946bc76b 100755 --- a/system/core/URI.php +++ b/system/core/URI.php @@ -175,7 +175,7 @@ class CI_URI { * @access private * @return string */ - private function _detect_uri() + protected function _detect_uri() { if ( ! isset($_SERVER['REQUEST_URI']) OR ! isset($_SERVER['SCRIPT_NAME'])) { @@ -232,7 +232,7 @@ class CI_URI { * @access private * @return string */ - private function _parse_cli_args() + protected function _parse_cli_args() { $args = array_slice($_SERVER['argv'], 1); -- cgit v1.2.3-24-g4f1b From b183ece10dcde599c04af412f0f5c1c776ed29d8 Mon Sep 17 00:00:00 2001 From: Eric Barnes Date: Fri, 26 Aug 2011 14:42:52 -0400 Subject: Changed CI_VERSION to represent develop branch --- system/core/CodeIgniter.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index 0a1391d18..aca4fb23c 100755 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -39,7 +39,7 @@ * @var string * */ - define('CI_VERSION', '2.0.2'); + define('CI_VERSION', '2.1.0-dev'); /** * CodeIgniter Branch (Core = TRUE, Reactor = FALSE) -- cgit v1.2.3-24-g4f1b From 8cc0cfe1ab1e10aad71d14e0b43e05444c00693d Mon Sep 17 00:00:00 2001 From: freewil Date: Sat, 27 Aug 2011 21:53:00 -0400 Subject: always use charset config item --- system/core/Security.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Security.php b/system/core/Security.php index 342455f27..cc21ddc91 100755 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -525,9 +525,10 @@ class CI_Security { * @param string * @return string */ - public function entity_decode($str, $charset='UTF-8') + public function entity_decode($str, $charset = NULL) { if (stristr($str, '&') === FALSE) return $str; + if (empty($charset)) $charset = config_item('charset'); // The reason we are not using html_entity_decode() by itself is because // while it is not technically correct to leave out the semicolon -- cgit v1.2.3-24-g4f1b From 2e00c2490fb544596fba06483ad1c1d626c1fd4f Mon Sep 17 00:00:00 2001 From: Stephen Date: Sun, 28 Aug 2011 10:25:40 +0200 Subject: Added tests for CI_URI class. Made modifications to core class which helped with isolation for testing. --- system/core/URI.php | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/URI.php b/system/core/URI.php index a3ae20cc3..51c2191af 100755 --- a/system/core/URI.php +++ b/system/core/URI.php @@ -87,7 +87,7 @@ class CI_URI { if (strtoupper($this->config->item('uri_protocol')) == 'AUTO') { // Is the request coming from the command line? - if (php_sapi_name() == 'cli' or defined('STDIN')) + if ($this->_is_cli_request()) { $this->_set_uri_string($this->_parse_cli_args()); return; @@ -222,6 +222,21 @@ class CI_URI { return str_replace(array('//', '../'), '/', trim($uri, '/')); } + // -------------------------------------------------------------------- + + /** + * Is cli Request? + * + * Duplicate of function from the Input class to test to see if a request was made from the command line + * + * @return boolean + */ + protected function _is_cli_request() + { + return (php_sapi_name() == 'cli') OR defined('STDIN'); + } + + // -------------------------------------------------------------------- /** -- cgit v1.2.3-24-g4f1b From 5c9b0d1b5618ade5c6aa70475b08b3066f14ff3e Mon Sep 17 00:00:00 2001 From: freewil Date: Sun, 28 Aug 2011 12:15:23 -0400 Subject: always use charset config item --- system/core/Security.php | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) (limited to 'system/core') diff --git a/system/core/Security.php b/system/core/Security.php index cc21ddc91..e99418bdd 100755 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -527,8 +527,15 @@ class CI_Security { */ public function entity_decode($str, $charset = NULL) { - if (stristr($str, '&') === FALSE) return $str; - if (empty($charset)) $charset = config_item('charset'); + if (stristr($str, '&') === FALSE) + { + return $str; + } + + if (empty($charset)) + { + $charset = config_item('charset'); + } // The reason we are not using html_entity_decode() by itself is because // while it is not technically correct to leave out the semicolon -- cgit v1.2.3-24-g4f1b From c4e266b87f39d521ff1002fefa9df809c6b9bd61 Mon Sep 17 00:00:00 2001 From: Darren Hill Date: Tue, 30 Aug 2011 15:40:27 -0400 Subject: Added Session driver with native PHP sessions and original-flavor CI cookie sessions --- system/core/Loader.php | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Loader.php b/system/core/Loader.php index de0fc06d2..51e6b82ca 100755 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -1174,6 +1174,15 @@ class CI_Loader { } } + // Autoload drivers + if (isset($autoload['drivers'])) + { + foreach ($autoload['drivers'] as $item) + { + $this->driver($item); + } + } + // Autoload models if (isset($autoload['model'])) { @@ -1240,4 +1249,4 @@ class CI_Loader { } /* End of file Loader.php */ -/* Location: ./system/core/Loader.php */ \ No newline at end of file +/* Location: ./system/core/Loader.php */ -- cgit v1.2.3-24-g4f1b From ca3be1d515a68293b64704a9a8346802702dedaa Mon Sep 17 00:00:00 2001 From: Darren Hill Date: Wed, 31 Aug 2011 08:31:18 -0400 Subject: Whitespace cleanup --- system/core/Loader.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'system/core') diff --git a/system/core/Loader.php b/system/core/Loader.php index 51e6b82ca..edf5853f0 100755 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -1177,10 +1177,10 @@ class CI_Loader { // Autoload drivers if (isset($autoload['drivers'])) { - foreach ($autoload['drivers'] as $item) - { - $this->driver($item); - } + foreach ($autoload['drivers'] as $item) + { + $this->driver($item); + } } // Autoload models -- cgit v1.2.3-24-g4f1b From c9f84c1f916a7f3b92b02e45cc8c1cd9a040436b Mon Sep 17 00:00:00 2001 From: Bo-Yi Wu Date: Mon, 12 Sep 2011 10:45:39 +0800 Subject: Update: if php version >= 5.2, use filter_var to check validate ip. --- system/core/Input.php | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'system/core') diff --git a/system/core/Input.php b/system/core/Input.php index 0dc2c4550..f99adad01 100755 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -373,6 +373,12 @@ class CI_Input { */ function valid_ip($ip) { + // if php version >= 5.2, use filter_var to check validate ip. + if(is_php('5.2')) + { + return (bool) filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4); + } + $ip_segments = explode('.', $ip); // Always 4 segments needed -- cgit v1.2.3-24-g4f1b From 4db872f861dbf48b55749c53c504481f99db3551 Mon Sep 17 00:00:00 2001 From: Bo-Yi Wu Date: Mon, 12 Sep 2011 10:52:37 +0800 Subject: Update: add public or private prefix. --- system/core/Input.php | 30 +++++++++++++++++------------- 1 file changed, 17 insertions(+), 13 deletions(-) (limited to 'system/core') diff --git a/system/core/Input.php b/system/core/Input.php index f99adad01..2395501f3 100755 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -116,7 +116,7 @@ class CI_Input { * @param bool * @return string */ - function _fetch_from_array(&$array, $index = '', $xss_clean = FALSE) + private function _fetch_from_array(&$array, $index = '', $xss_clean = FALSE) { if ( ! isset($array[$index])) { @@ -141,7 +141,7 @@ class CI_Input { * @param bool * @return string */ - function get($index = NULL, $xss_clean = FALSE) + public function get($index = NULL, $xss_clean = FALSE) { // Check if a field has been provided if ($index === NULL AND ! empty($_GET)) @@ -169,7 +169,7 @@ class CI_Input { * @param bool * @return string */ - function post($index = NULL, $xss_clean = FALSE) + public function post($index = NULL, $xss_clean = FALSE) { // Check if a field has been provided if ($index === NULL AND ! empty($_POST)) @@ -198,7 +198,7 @@ class CI_Input { * @param bool XSS cleaning * @return string */ - function get_post($index = '', $xss_clean = FALSE) + public function get_post($index = '', $xss_clean = FALSE) { if ( ! isset($_POST[$index]) ) { @@ -220,7 +220,7 @@ class CI_Input { * @param bool * @return string */ - function cookie($index = '', $xss_clean = FALSE) + public function cookie($index = '', $xss_clean = FALSE) { return $this->_fetch_from_array($_COOKIE, $index, $xss_clean); } @@ -243,7 +243,7 @@ class CI_Input { * @param bool true makes the cookie secure * @return void */ - function set_cookie($name = '', $value = '', $expire = '', $domain = '', $path = '/', $prefix = '', $secure = FALSE) + public function set_cookie($name = '', $value = '', $expire = '', $domain = '', $path = '/', $prefix = '', $secure = FALSE) { if (is_array($name)) { @@ -296,7 +296,7 @@ class CI_Input { * @param bool * @return string */ - function server($index = '', $xss_clean = FALSE) + public function server($index = '', $xss_clean = FALSE) { return $this->_fetch_from_array($_SERVER, $index, $xss_clean); } @@ -309,7 +309,7 @@ class CI_Input { * @access public * @return string */ - function ip_address() + public function ip_address() { if ($this->ip_address !== FALSE) { @@ -371,7 +371,7 @@ class CI_Input { * @param string * @return string */ - function valid_ip($ip) + public function valid_ip($ip) { // if php version >= 5.2, use filter_var to check validate ip. if(is_php('5.2')) @@ -413,7 +413,7 @@ class CI_Input { * @access public * @return string */ - function user_agent() + public function user_agent() { if ($this->user_agent !== FALSE) { @@ -441,7 +441,7 @@ class CI_Input { * @access private * @return void */ - function _sanitize_globals() + private function _sanitize_globals() { // It would be "wrong" to unset any of these GLOBALS. $protected = array('_SERVER', '_GET', '_POST', '_FILES', '_REQUEST', @@ -542,7 +542,7 @@ class CI_Input { * @param string * @return string */ - function _clean_input_data($str) + private function _clean_input_data($str) { if (is_array($str)) { @@ -600,7 +600,7 @@ class CI_Input { * @param string * @return string */ - function _clean_input_keys($str) + private function _clean_input_keys($str) { if ( ! preg_match("/^[a-z0-9:_\/-]+$/i", $str)) { @@ -624,6 +624,7 @@ class CI_Input { * In Apache, you can simply call apache_request_headers(), however for * people running other webservers the function is undefined. * + * @access public * @param bool XSS cleaning * * @return array @@ -667,6 +668,7 @@ class CI_Input { * * Returns the value of a single member of the headers class member * + * @access public * @param string array key for $this->headers * @param boolean XSS Clean or not * @return mixed FALSE on failure, string on success @@ -698,6 +700,7 @@ class CI_Input { * * Test to see if a request contains the HTTP_X_REQUESTED_WITH header * + * @access public * @return boolean */ public function is_ajax_request() @@ -712,6 +715,7 @@ class CI_Input { * * Test to see if a request was made from the command line * + * @access public * @return boolean */ public function is_cli_request() -- cgit v1.2.3-24-g4f1b From 4ddee144b3493eaceeed6ca9eb6138c881f43eac Mon Sep 17 00:00:00 2001 From: Bo-Yi Wu Date: Mon, 12 Sep 2011 14:35:32 +0800 Subject: Update: check filter_var function exist --- system/core/Input.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Input.php b/system/core/Input.php index 2395501f3..2b36ea3c7 100755 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -374,7 +374,7 @@ class CI_Input { public function valid_ip($ip) { // if php version >= 5.2, use filter_var to check validate ip. - if(is_php('5.2')) + if(function_exists('filter_var')) { return (bool) filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4); } -- cgit v1.2.3-24-g4f1b From 013c895e7f7e9122f8d2e8c80a3ac77f190c5171 Mon Sep 17 00:00:00 2001 From: Bo-Yi Wu Date: Mon, 12 Sep 2011 15:03:44 +0800 Subject: Update: modified return bool value on comment --- system/core/Input.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Input.php b/system/core/Input.php index 2b36ea3c7..1e37b11ea 100755 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -369,7 +369,7 @@ class CI_Input { * * @access public * @param string - * @return string + * @return bool */ public function valid_ip($ip) { -- cgit v1.2.3-24-g4f1b From 47213794f2b09fb3540e1d0e53e50e8b084345e6 Mon Sep 17 00:00:00 2001 From: Bo-Yi Wu Date: Tue, 13 Sep 2011 22:44:07 +0800 Subject: Update: change _fetch_from_array form private to protected --- system/core/Input.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'system/core') diff --git a/system/core/Input.php b/system/core/Input.php index 1e37b11ea..f39371fb0 100755 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -110,13 +110,13 @@ class CI_Input { * * This is a helper function to retrieve values from global arrays * - * @access private + * @access protected * @param array * @param string * @param bool * @return string */ - private function _fetch_from_array(&$array, $index = '', $xss_clean = FALSE) + protected function _fetch_from_array(&$array, $index = '', $xss_clean = FALSE) { if ( ! isset($array[$index])) { @@ -374,7 +374,7 @@ class CI_Input { public function valid_ip($ip) { // if php version >= 5.2, use filter_var to check validate ip. - if(function_exists('filter_var')) + if (function_exists('filter_var')) { return (bool) filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4); } -- cgit v1.2.3-24-g4f1b From e378a39304723d77f1a3a378706d2a20b83f8e28 Mon Sep 17 00:00:00 2001 From: Rommel Castro A Date: Thu, 22 Sep 2011 18:52:25 -0600 Subject: fixed issue #192 --- system/core/Security.php | 1 + 1 file changed, 1 insertion(+) (limited to 'system/core') diff --git a/system/core/Security.php b/system/core/Security.php index e99418bdd..6c4c59057 100755 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -169,6 +169,7 @@ class CI_Security { // Nothing should last forever unset($_COOKIE[$this->_csrf_cookie_name]); + $this->_csrf_hash = ''; $this->_csrf_set_hash(); $this->csrf_set_cookie(); -- cgit v1.2.3-24-g4f1b From 8d263b02c56e25305621535e184333e8cdace9bd Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 24 Sep 2011 18:47:09 +0300 Subject: Suppress warnings generated by get_magic_quotes_gpc() (issue #467) --- system/core/Input.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Input.php b/system/core/Input.php index f39371fb0..6f8442107 100755 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -555,7 +555,7 @@ class CI_Input { } // We strip slashes if magic quotes is on to keep things consistent - if (function_exists('get_magic_quotes_gpc') AND get_magic_quotes_gpc()) + if (function_exists('get_magic_quotes_gpc') AND @get_magic_quotes_gpc()) { $str = stripslashes($str); } -- cgit v1.2.3-24-g4f1b From d93e6f3890fd50b9aaf1e116fa8ceb7e3f0caa05 Mon Sep 17 00:00:00 2001 From: Chris Berthe Date: Sun, 25 Sep 2011 10:33:25 -0400 Subject: Fix #484 - Hash is never set to the cookie --- system/core/Security.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Security.php b/system/core/Security.php index 6c4c59057..84ecb06db 100755 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -886,7 +886,8 @@ class CI_Security { return $this->_csrf_hash = $_COOKIE[$this->_csrf_cookie_name]; } - return $this->_csrf_hash = md5(uniqid(rand(), TRUE)); + $this->_csrf_hash = md5(uniqid(rand(), TRUE)); + $this->csrf_set_cookie(); } return $this->_csrf_hash; -- cgit v1.2.3-24-g4f1b From f6faa536b11f2ded3973a3e976938e99537ba16a Mon Sep 17 00:00:00 2001 From: freewil Date: Thu, 29 Sep 2011 21:57:27 -0400 Subject: cleanup docblocks, remove dated CI_CORE constant --- system/core/CodeIgniter.php | 20 -------------------- 1 file changed, 20 deletions(-) (limited to 'system/core') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index aca4fb23c..9f88384b1 100755 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -33,28 +33,8 @@ * @var string * */ - /** - * CodeIgniter Version - * - * @var string - * - */ define('CI_VERSION', '2.1.0-dev'); -/** - * CodeIgniter Branch (Core = TRUE, Reactor = FALSE) - * - * @var boolean - * - */ - /** - * CodeIgniter Branch (Core = TRUE, Reactor = FALSE) - * - * @var string - * - */ - define('CI_CORE', FALSE); - /* * ------------------------------------------------------ * Load the global functions -- cgit v1.2.3-24-g4f1b From 3d113bd40ba0688c548a52c7eee13b8a87defecd Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 5 Oct 2011 00:03:20 +0300 Subject: Clean up core Security class --- system/core/Security.php | 69 +++++++++++++----------------------------------- 1 file changed, 19 insertions(+), 50 deletions(-) (limited to 'system/core') diff --git a/system/core/Security.php b/system/core/Security.php index 84ecb06db..f71f7d228 100755 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -33,7 +33,7 @@ class CI_Security { * @access protected */ protected $_xss_hash = ''; - + /** * Random Hash for Cross Site Request Forgery Protection Cookie * @@ -41,7 +41,7 @@ class CI_Security { * @access protected */ protected $_csrf_hash = ''; - + /** * Expiration time for Cross Site Request Forgery Protection Cookie * Defaults to two hours (in seconds) @@ -50,7 +50,7 @@ class CI_Security { * @access protected */ protected $_csrf_expire = 7200; - + /** * Token name for Cross Site Request Forgery Protection Cookie * @@ -58,7 +58,7 @@ class CI_Security { * @access protected */ protected $_csrf_token_name = 'ci_csrf_token'; - + /** * Cookie name for Cross Site Request Forgery Protection Cookie * @@ -66,14 +66,14 @@ class CI_Security { * @access protected */ protected $_csrf_cookie_name = 'ci_csrf_token'; - + /** * List of never allowed strings * * @var array * @access protected */ - + protected $_never_allowed_str = array( 'document.cookie' => '[removed]', 'document.write' => '[removed]', @@ -139,7 +139,7 @@ class CI_Security { { return $this->csrf_set_cookie(); } - + // Check if URI has been whitelisted from CSRF checks if ($exclude_uris = config_item('csrf_exclude_uris')) { @@ -172,9 +172,9 @@ class CI_Security { $this->_csrf_hash = ''; $this->_csrf_set_hash(); $this->csrf_set_cookie(); - + log_message('debug', "CSRF token verified"); - + return $this; } @@ -188,7 +188,7 @@ class CI_Security { public function csrf_set_cookie() { $expire = time() + $this->_csrf_expire; - $secure_cookie = (config_item('cookie_secure') === TRUE) ? 1 : 0; + $secure_cookie = (bool) config_item('cookie_secure'); if ($secure_cookie) { @@ -385,16 +385,11 @@ class CI_Security { foreach ($words as $word) { - $temp = ''; - - for ($i = 0, $wordlen = strlen($word); $i < $wordlen; $i++) - { - $temp .= substr($word, $i, 1)."\s*"; - } + $word = implode("\s*", str_split($word)) . "\s*"; // We only want to do this when it is followed by a non-word character // That way valid stuff like "dealer to" does not become "dealerto" - $str = preg_replace_callback('#('.substr($temp, 0, -3).')(\W)#is', array($this, '_compact_exploded_words'), $str); + $str = preg_replace_callback('#('.substr($word, 0, -3).')(\W)#is', array($this, '_compact_exploded_words'), $str); } /* @@ -473,7 +468,7 @@ class CI_Security { if ($is_image === TRUE) { - return ($str == $converted_string) ? TRUE: FALSE; + return ($str === $converted_string) ? TRUE : FALSE; } log_message('debug', "XSS Filtering completed"); @@ -513,26 +508,17 @@ class CI_Security { * * This function is a replacement for html_entity_decode() * - * In some versions of PHP the native function does not work - * when UTF-8 is the specified character set, so this gives us - * a work-around. More info here: - * http://bugs.php.net/bug.php?id=25670 - * - * NOTE: html_entity_decode() has a bug in some PHP versions when UTF-8 is the - * character set, and the PHP developers said they were not back porting the - * fix to versions other than PHP 5.x. - * * @param string * @param string * @return string */ public function entity_decode($str, $charset = NULL) { - if (stristr($str, '&') === FALSE) + if (strpos($str, '&') === FALSE) { return $str; } - + if (empty($charset)) { $charset = config_item('charset'); @@ -543,26 +529,9 @@ class CI_Security { // at the end of an entity most browsers will still interpret the entity // correctly. html_entity_decode() does not convert entities without // semicolons, so we are left with our own little solution here. Bummer. - - if (function_exists('html_entity_decode') && - (strtolower($charset) != 'utf-8')) - { - $str = html_entity_decode($str, ENT_COMPAT, $charset); - $str = preg_replace('~&#x(0*[0-9a-f]{2,5})~ei', 'chr(hexdec("\\1"))', $str); - return preg_replace('~&#([0-9]{2,4})~e', 'chr(\\1)', $str); - } - - // Numeric Entities - $str = preg_replace('~&#x(0*[0-9a-f]{2,5});{0,1}~ei', 'chr(hexdec("\\1"))', $str); - $str = preg_replace('~&#([0-9]{2,4});{0,1}~e', 'chr(\\1)', $str); - - // Literal Entities - Slightly slow so we do another check - if (stristr($str, '&') === FALSE) - { - $str = strtr($str, array_flip(get_html_translation_table(HTML_ENTITIES))); - } - - return $str; + $str = html_entity_decode($str, ENT_COMPAT, $charset); + $str = preg_replace('~&#x(0*[0-9a-f]{2,5})~ei', 'chr(hexdec("\\1"))', $str); + return preg_replace('~&#([0-9]{2,4})~e', 'chr(\\1)', $str); } // -------------------------------------------------------------------- @@ -896,4 +865,4 @@ class CI_Security { } /* End of file Security.php */ -/* Location: ./system/libraries/Security.php */ \ No newline at end of file +/* Location: ./system/libraries/Security.php */ -- cgit v1.2.3-24-g4f1b From 064da7b408102cf8dadc1fd2b968f9852a58d9cf Mon Sep 17 00:00:00 2001 From: purwandi Date: Wed, 5 Oct 2011 17:51:26 +0700 Subject: Fix location file Security Class to core folder --- system/core/Security.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Security.php b/system/core/Security.php index f71f7d228..65338ced3 100755 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -865,4 +865,4 @@ class CI_Security { } /* End of file Security.php */ -/* Location: ./system/libraries/Security.php */ +/* Location: ./system/core/Security.php */ -- cgit v1.2.3-24-g4f1b From 6a15b2d8e84b38e1a42d7c27ae2f6ed393e72399 Mon Sep 17 00:00:00 2001 From: Tom Klingenberg Date: Fri, 7 Oct 2011 20:03:30 +0200 Subject: CI_Loader::driver() processes empty library. Fixed. This causes endless recursion calls _ci_load_class(), see #550 --- system/core/Loader.php | 5 +++++ 1 file changed, 5 insertions(+) mode change 100755 => 100644 system/core/Loader.php (limited to 'system/core') diff --git a/system/core/Loader.php b/system/core/Loader.php old mode 100755 new mode 100644 index de0fc06d2..5539aae14 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -616,6 +616,11 @@ class CI_Loader { require BASEPATH.'libraries/Driver.php'; } + if ($library == '') + { + return FALSE; + } + // We can save the loader some time since Drivers will *always* be in a subfolder, // and typically identically named to the library if ( ! strpos($library, '/')) -- cgit v1.2.3-24-g4f1b From af7286251ec2c0dfd69ae764dbc0e3e8d0b736bf Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 20 Oct 2011 10:11:59 +0300 Subject: get_magic_quotes_gpc() to be executed only if PHP version is 5.3 or lower --- system/core/Input.php | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) (limited to 'system/core') diff --git a/system/core/Input.php b/system/core/Input.php index 6f8442107..f8e89066e 100755 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -554,8 +554,12 @@ class CI_Input { return $new_array; } - // We strip slashes if magic quotes is on to keep things consistent - if (function_exists('get_magic_quotes_gpc') AND @get_magic_quotes_gpc()) + /* We strip slashes if magic quotes is on to keep things consistent + + NOTE: In PHP 5.4 get_magic_quotes_gpc() will always return 0 and + it will probably not exist in future versions at all. + */ + if ( ! is_php('5.4') && get_magic_quotes_gpc()) { $str = stripslashes($str); } -- cgit v1.2.3-24-g4f1b From f4a4bd8fac188ebc9cda822ffc811c218fd92b45 Mon Sep 17 00:00:00 2001 From: Derek Jones Date: Thu, 20 Oct 2011 12:18:42 -0500 Subject: adding new license file (OSL 3.0) and updating readme to ReST added notice of license to all source files. OSL to all except the few files we ship inside of the application folder, those are AFL. Updated license in user guide. incrementing next dev version to 3.0 due to licensing change --- system/core/Benchmark.php | 20 ++++++++++++++++---- system/core/CodeIgniter.php | 22 +++++++++++++++++----- system/core/Common.php | 20 ++++++++++++++++---- system/core/Config.php | 20 ++++++++++++++++---- system/core/Controller.php | 20 ++++++++++++++++---- system/core/Exceptions.php | 20 ++++++++++++++++---- system/core/Hooks.php | 20 ++++++++++++++++---- system/core/Input.php | 20 ++++++++++++++++---- system/core/Lang.php | 20 ++++++++++++++++---- system/core/Loader.php | 20 ++++++++++++++++---- system/core/Model.php | 20 ++++++++++++++++---- system/core/Output.php | 20 ++++++++++++++++---- system/core/Router.php | 20 ++++++++++++++++---- system/core/Security.php | 20 ++++++++++++++++---- system/core/URI.php | 20 ++++++++++++++++---- system/core/Utf8.php | 20 ++++++++++++++++---- 16 files changed, 257 insertions(+), 65 deletions(-) (limited to 'system/core') diff --git a/system/core/Benchmark.php b/system/core/Benchmark.php index a200727ab..0f3104079 100755 --- a/system/core/Benchmark.php +++ b/system/core/Benchmark.php @@ -4,10 +4,22 @@ * * An open source application development framework for PHP 5.1.6 or newer * + * NOTICE OF LICENSE + * + * Licensed under the Open Software License version 3.0 + * + * This source file is subject to the Open Software License (OSL 3.0) that is + * bundled with this package in the files license.txt / license.rst. It is + * also available through the world wide web at this URL: + * http://opensource.org/licenses/OSL-3.0 + * If you did not receive a copy of the license and are unable to obtain it + * through the world wide web, please send an email to + * licensing@ellislab.com so we can send you a copy immediately. + * * @package CodeIgniter - * @author ExpressionEngine Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. - * @license http://codeigniter.com/user_guide/license.html + * @author EllisLab Dev Team + * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 * @filesource @@ -24,7 +36,7 @@ * @package CodeIgniter * @subpackage Libraries * @category Libraries - * @author ExpressionEngine Dev Team + * @author EllisLab Dev Team * @link http://codeigniter.com/user_guide/libraries/benchmark.html */ class CI_Benchmark { diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index 9f88384b1..4d76a5587 100755 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -4,10 +4,22 @@ * * An open source application development framework for PHP 5.1.6 or newer * + * NOTICE OF LICENSE + * + * Licensed under the Open Software License version 3.0 + * + * This source file is subject to the Open Software License (OSL 3.0) that is + * bundled with this package in the files license.txt / license.rst. It is + * also available through the world wide web at this URL: + * http://opensource.org/licenses/OSL-3.0 + * If you did not receive a copy of the license and are unable to obtain it + * through the world wide web, please send an email to + * licensing@ellislab.com so we can send you a copy immediately. + * * @package CodeIgniter - * @author ExpressionEngine Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. - * @license http://codeigniter.com/user_guide/license.html + * @author EllisLab Dev Team + * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 * @filesource @@ -23,7 +35,7 @@ * @package CodeIgniter * @subpackage codeigniter * @category Front-controller - * @author ExpressionEngine Dev Team + * @author EllisLab Dev Team * @link http://codeigniter.com/user_guide/ */ @@ -33,7 +45,7 @@ * @var string * */ - define('CI_VERSION', '2.1.0-dev'); + define('CI_VERSION', '3.0-dev'); /* * ------------------------------------------------------ diff --git a/system/core/Common.php b/system/core/Common.php index d79375475..e43bb8db3 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -4,10 +4,22 @@ * * An open source application development framework for PHP 5.1.6 or newer * + * NOTICE OF LICENSE + * + * Licensed under the Open Software License version 3.0 + * + * This source file is subject to the Open Software License (OSL 3.0) that is + * bundled with this package in the files license.txt / license.rst. It is + * also available through the world wide web at this URL: + * http://opensource.org/licenses/OSL-3.0 + * If you did not receive a copy of the license and are unable to obtain it + * through the world wide web, please send an email to + * licensing@ellislab.com so we can send you a copy immediately. + * * @package CodeIgniter - * @author ExpressionEngine Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. - * @license http://codeigniter.com/user_guide/license.html + * @author EllisLab Dev Team + * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 * @filesource @@ -23,7 +35,7 @@ * @package CodeIgniter * @subpackage codeigniter * @category Common Functions - * @author ExpressionEngine Dev Team + * @author EllisLab Dev Team * @link http://codeigniter.com/user_guide/ */ diff --git a/system/core/Config.php b/system/core/Config.php index 714c4667b..abd2767d5 100755 --- a/system/core/Config.php +++ b/system/core/Config.php @@ -4,10 +4,22 @@ * * An open source application development framework for PHP 5.1.6 or newer * + * NOTICE OF LICENSE + * + * Licensed under the Open Software License version 3.0 + * + * This source file is subject to the Open Software License (OSL 3.0) that is + * bundled with this package in the files license.txt / license.rst. It is + * also available through the world wide web at this URL: + * http://opensource.org/licenses/OSL-3.0 + * If you did not receive a copy of the license and are unable to obtain it + * through the world wide web, please send an email to + * licensing@ellislab.com so we can send you a copy immediately. + * * @package CodeIgniter - * @author ExpressionEngine Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. - * @license http://codeigniter.com/user_guide/license.html + * @author EllisLab Dev Team + * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 * @filesource @@ -23,7 +35,7 @@ * @package CodeIgniter * @subpackage Libraries * @category Libraries - * @author ExpressionEngine Dev Team + * @author EllisLab Dev Team * @link http://codeigniter.com/user_guide/libraries/config.html */ class CI_Config { diff --git a/system/core/Controller.php b/system/core/Controller.php index fddb81e19..ca2bf41b5 100644 --- a/system/core/Controller.php +++ b/system/core/Controller.php @@ -4,10 +4,22 @@ * * An open source application development framework for PHP 5.1.6 or newer * + * NOTICE OF LICENSE + * + * Licensed under the Open Software License version 3.0 + * + * This source file is subject to the Open Software License (OSL 3.0) that is + * bundled with this package in the files license.txt / license.rst. It is + * also available through the world wide web at this URL: + * http://opensource.org/licenses/OSL-3.0 + * If you did not receive a copy of the license and are unable to obtain it + * through the world wide web, please send an email to + * licensing@ellislab.com so we can send you a copy immediately. + * * @package CodeIgniter - * @author ExpressionEngine Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. - * @license http://codeigniter.com/user_guide/license.html + * @author EllisLab Dev Team + * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 * @filesource @@ -24,7 +36,7 @@ * @package CodeIgniter * @subpackage Libraries * @category Libraries - * @author ExpressionEngine Dev Team + * @author EllisLab Dev Team * @link http://codeigniter.com/user_guide/general/controllers.html */ class CI_Controller { diff --git a/system/core/Exceptions.php b/system/core/Exceptions.php index 869739a5a..ead8d814e 100755 --- a/system/core/Exceptions.php +++ b/system/core/Exceptions.php @@ -4,10 +4,22 @@ * * An open source application development framework for PHP 5.1.6 or newer * + * NOTICE OF LICENSE + * + * Licensed under the Open Software License version 3.0 + * + * This source file is subject to the Open Software License (OSL 3.0) that is + * bundled with this package in the files license.txt / license.rst. It is + * also available through the world wide web at this URL: + * http://opensource.org/licenses/OSL-3.0 + * If you did not receive a copy of the license and are unable to obtain it + * through the world wide web, please send an email to + * licensing@ellislab.com so we can send you a copy immediately. + * * @package CodeIgniter - * @author ExpressionEngine Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. - * @license http://codeigniter.com/user_guide/license.html + * @author EllisLab Dev Team + * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 * @filesource @@ -21,7 +33,7 @@ * @package CodeIgniter * @subpackage Libraries * @category Exceptions - * @author ExpressionEngine Dev Team + * @author EllisLab Dev Team * @link http://codeigniter.com/user_guide/libraries/exceptions.html */ class CI_Exceptions { diff --git a/system/core/Hooks.php b/system/core/Hooks.php index 33f1c034c..46bfec02a 100755 --- a/system/core/Hooks.php +++ b/system/core/Hooks.php @@ -4,10 +4,22 @@ * * An open source application development framework for PHP 5.1.6 or newer * + * NOTICE OF LICENSE + * + * Licensed under the Open Software License version 3.0 + * + * This source file is subject to the Open Software License (OSL 3.0) that is + * bundled with this package in the files license.txt / license.rst. It is + * also available through the world wide web at this URL: + * http://opensource.org/licenses/OSL-3.0 + * If you did not receive a copy of the license and are unable to obtain it + * through the world wide web, please send an email to + * licensing@ellislab.com so we can send you a copy immediately. + * * @package CodeIgniter - * @author ExpressionEngine Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. - * @license http://codeigniter.com/user_guide/license.html + * @author EllisLab Dev Team + * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 * @filesource @@ -23,7 +35,7 @@ * @package CodeIgniter * @subpackage Libraries * @category Libraries - * @author ExpressionEngine Dev Team + * @author EllisLab Dev Team * @link http://codeigniter.com/user_guide/libraries/encryption.html */ class CI_Hooks { diff --git a/system/core/Input.php b/system/core/Input.php index f8e89066e..946d9296f 100755 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -4,10 +4,22 @@ * * An open source application development framework for PHP 5.1.6 or newer * + * NOTICE OF LICENSE + * + * Licensed under the Open Software License version 3.0 + * + * This source file is subject to the Open Software License (OSL 3.0) that is + * bundled with this package in the files license.txt / license.rst. It is + * also available through the world wide web at this URL: + * http://opensource.org/licenses/OSL-3.0 + * If you did not receive a copy of the license and are unable to obtain it + * through the world wide web, please send an email to + * licensing@ellislab.com so we can send you a copy immediately. + * * @package CodeIgniter - * @author ExpressionEngine Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. - * @license http://codeigniter.com/user_guide/license.html + * @author EllisLab Dev Team + * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 * @filesource @@ -23,7 +35,7 @@ * @package CodeIgniter * @subpackage Libraries * @category Input - * @author ExpressionEngine Dev Team + * @author EllisLab Dev Team * @link http://codeigniter.com/user_guide/libraries/input.html */ class CI_Input { diff --git a/system/core/Lang.php b/system/core/Lang.php index d61d1029a..e03afb07d 100755 --- a/system/core/Lang.php +++ b/system/core/Lang.php @@ -4,10 +4,22 @@ * * An open source application development framework for PHP 5.1.6 or newer * + * NOTICE OF LICENSE + * + * Licensed under the Open Software License version 3.0 + * + * This source file is subject to the Open Software License (OSL 3.0) that is + * bundled with this package in the files license.txt / license.rst. It is + * also available through the world wide web at this URL: + * http://opensource.org/licenses/OSL-3.0 + * If you did not receive a copy of the license and are unable to obtain it + * through the world wide web, please send an email to + * licensing@ellislab.com so we can send you a copy immediately. + * * @package CodeIgniter - * @author ExpressionEngine Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. - * @license http://codeigniter.com/user_guide/license.html + * @author EllisLab Dev Team + * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 * @filesource @@ -21,7 +33,7 @@ * @package CodeIgniter * @subpackage Libraries * @category Language - * @author ExpressionEngine Dev Team + * @author EllisLab Dev Team * @link http://codeigniter.com/user_guide/libraries/language.html */ class CI_Lang { diff --git a/system/core/Loader.php b/system/core/Loader.php index 5539aae14..4e14b54af 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -4,10 +4,22 @@ * * An open source application development framework for PHP 5.1.6 or newer * + * NOTICE OF LICENSE + * + * Licensed under the Open Software License version 3.0 + * + * This source file is subject to the Open Software License (OSL 3.0) that is + * bundled with this package in the files license.txt / license.rst. It is + * also available through the world wide web at this URL: + * http://opensource.org/licenses/OSL-3.0 + * If you did not receive a copy of the license and are unable to obtain it + * through the world wide web, please send an email to + * licensing@ellislab.com so we can send you a copy immediately. + * * @package CodeIgniter - * @author ExpressionEngine Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. - * @license http://codeigniter.com/user_guide/license.html + * @author EllisLab Dev Team + * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 * @filesource @@ -22,7 +34,7 @@ * * @package CodeIgniter * @subpackage Libraries - * @author ExpressionEngine Dev Team + * @author EllisLab Dev Team * @category Loader * @link http://codeigniter.com/user_guide/libraries/loader.html */ diff --git a/system/core/Model.php b/system/core/Model.php index e15ffbebc..c34bab64b 100755 --- a/system/core/Model.php +++ b/system/core/Model.php @@ -4,10 +4,22 @@ * * An open source application development framework for PHP 5.1.6 or newer * + * NOTICE OF LICENSE + * + * Licensed under the Open Software License version 3.0 + * + * This source file is subject to the Open Software License (OSL 3.0) that is + * bundled with this package in the files license.txt / license.rst. It is + * also available through the world wide web at this URL: + * http://opensource.org/licenses/OSL-3.0 + * If you did not receive a copy of the license and are unable to obtain it + * through the world wide web, please send an email to + * licensing@ellislab.com so we can send you a copy immediately. + * * @package CodeIgniter - * @author ExpressionEngine Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. - * @license http://codeigniter.com/user_guide/license.html + * @author EllisLab Dev Team + * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 * @filesource @@ -21,7 +33,7 @@ * @package CodeIgniter * @subpackage Libraries * @category Libraries - * @author ExpressionEngine Dev Team + * @author EllisLab Dev Team * @link http://codeigniter.com/user_guide/libraries/config.html */ class CI_Model { diff --git a/system/core/Output.php b/system/core/Output.php index ccecafd2b..7b53f8e3e 100755 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -4,10 +4,22 @@ * * An open source application development framework for PHP 5.1.6 or newer * + * NOTICE OF LICENSE + * + * Licensed under the Open Software License version 3.0 + * + * This source file is subject to the Open Software License (OSL 3.0) that is + * bundled with this package in the files license.txt / license.rst. It is + * also available through the world wide web at this URL: + * http://opensource.org/licenses/OSL-3.0 + * If you did not receive a copy of the license and are unable to obtain it + * through the world wide web, please send an email to + * licensing@ellislab.com so we can send you a copy immediately. + * * @package CodeIgniter - * @author ExpressionEngine Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. - * @license http://codeigniter.com/user_guide/license.html + * @author EllisLab Dev Team + * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 * @filesource @@ -23,7 +35,7 @@ * @package CodeIgniter * @subpackage Libraries * @category Output - * @author ExpressionEngine Dev Team + * @author EllisLab Dev Team * @link http://codeigniter.com/user_guide/libraries/output.html */ class CI_Output { diff --git a/system/core/Router.php b/system/core/Router.php index 6da667472..748678d67 100755 --- a/system/core/Router.php +++ b/system/core/Router.php @@ -4,10 +4,22 @@ * * An open source application development framework for PHP 5.1.6 or newer * + * NOTICE OF LICENSE + * + * Licensed under the Open Software License version 3.0 + * + * This source file is subject to the Open Software License (OSL 3.0) that is + * bundled with this package in the files license.txt / license.rst. It is + * also available through the world wide web at this URL: + * http://opensource.org/licenses/OSL-3.0 + * If you did not receive a copy of the license and are unable to obtain it + * through the world wide web, please send an email to + * licensing@ellislab.com so we can send you a copy immediately. + * * @package CodeIgniter - * @author ExpressionEngine Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. - * @license http://codeigniter.com/user_guide/license.html + * @author EllisLab Dev Team + * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 * @filesource @@ -22,7 +34,7 @@ * * @package CodeIgniter * @subpackage Libraries - * @author ExpressionEngine Dev Team + * @author EllisLab Dev Team * @category Libraries * @link http://codeigniter.com/user_guide/general/routing.html */ diff --git a/system/core/Security.php b/system/core/Security.php index 65338ced3..ee4f0a08d 100755 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -4,10 +4,22 @@ * * An open source application development framework for PHP 5.1.6 or newer * + * NOTICE OF LICENSE + * + * Licensed under the Open Software License version 3.0 + * + * This source file is subject to the Open Software License (OSL 3.0) that is + * bundled with this package in the files license.txt / license.rst. It is + * also available through the world wide web at this URL: + * http://opensource.org/licenses/OSL-3.0 + * If you did not receive a copy of the license and are unable to obtain it + * through the world wide web, please send an email to + * licensing@ellislab.com so we can send you a copy immediately. + * * @package CodeIgniter - * @author ExpressionEngine Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. - * @license http://codeigniter.com/user_guide/license.html + * @author EllisLab Dev Team + * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 * @filesource @@ -21,7 +33,7 @@ * @package CodeIgniter * @subpackage Libraries * @category Security - * @author ExpressionEngine Dev Team + * @author EllisLab Dev Team * @link http://codeigniter.com/user_guide/libraries/security.html */ class CI_Security { diff --git a/system/core/URI.php b/system/core/URI.php index 8946bc76b..578d17429 100755 --- a/system/core/URI.php +++ b/system/core/URI.php @@ -4,10 +4,22 @@ * * An open source application development framework for PHP 5.1.6 or newer * + * NOTICE OF LICENSE + * + * Licensed under the Open Software License version 3.0 + * + * This source file is subject to the Open Software License (OSL 3.0) that is + * bundled with this package in the files license.txt / license.rst. It is + * also available through the world wide web at this URL: + * http://opensource.org/licenses/OSL-3.0 + * If you did not receive a copy of the license and are unable to obtain it + * through the world wide web, please send an email to + * licensing@ellislab.com so we can send you a copy immediately. + * * @package CodeIgniter - * @author ExpressionEngine Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. - * @license http://codeigniter.com/user_guide/license.html + * @author EllisLab Dev Team + * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 * @filesource @@ -23,7 +35,7 @@ * @package CodeIgniter * @subpackage Libraries * @category URI - * @author ExpressionEngine Dev Team + * @author EllisLab Dev Team * @link http://codeigniter.com/user_guide/libraries/uri.html */ class CI_URI { diff --git a/system/core/Utf8.php b/system/core/Utf8.php index 2a27d1f35..7abe4e43b 100644 --- a/system/core/Utf8.php +++ b/system/core/Utf8.php @@ -4,10 +4,22 @@ * * An open source application development framework for PHP 5.1.6 or newer * + * NOTICE OF LICENSE + * + * Licensed under the Open Software License version 3.0 + * + * This source file is subject to the Open Software License (OSL 3.0) that is + * bundled with this package in the files license.txt / license.rst. It is + * also available through the world wide web at this URL: + * http://opensource.org/licenses/OSL-3.0 + * If you did not receive a copy of the license and are unable to obtain it + * through the world wide web, please send an email to + * licensing@ellislab.com so we can send you a copy immediately. + * * @package CodeIgniter - * @author ExpressionEngine Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. - * @license http://codeigniter.com/user_guide/license.html + * @author EllisLab Dev Team + * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 2.0 * @filesource @@ -23,7 +35,7 @@ * @package CodeIgniter * @subpackage Libraries * @category UTF-8 - * @author ExpressionEngine Dev Team + * @author EllisLab Dev Team * @link http://codeigniter.com/user_guide/libraries/utf8.html */ class CI_Utf8 { -- cgit v1.2.3-24-g4f1b From 81dd22393368862760e1cfb30a0d73d070cd38af Mon Sep 17 00:00:00 2001 From: Shane Pearson Date: Fri, 18 Nov 2011 20:49:35 -0600 Subject: add method get_vars() to CI_Loader to retrieve all variables loaded with $this->load->vars() --- system/core/Loader.php | 14 ++++++++++++++ 1 file changed, 14 insertions(+) (limited to 'system/core') diff --git a/system/core/Loader.php b/system/core/Loader.php index 4e14b54af..d42dbbf38 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -494,6 +494,20 @@ class CI_Loader { // -------------------------------------------------------------------- + /** + * Get Variables + * + * Retrieve all loaded variables + * + * @return array + */ + public function get_vars() + { + return $this->_ci_cached_vars; + } + + // -------------------------------------------------------------------- + /** * Load Helper * -- cgit v1.2.3-24-g4f1b From 0ec05c1e582805d9b71f06e357846abeaf0e40a4 Mon Sep 17 00:00:00 2001 From: Chris Rosser Date: Mon, 21 Nov 2011 17:56:13 +0000 Subject: Added HTTP status code 422 (Unprocessable Entity) to set_status_header() --- system/core/Common.php | 1 + 1 file changed, 1 insertion(+) (limited to 'system/core') diff --git a/system/core/Common.php b/system/core/Common.php index e43bb8db3..b0921fe0c 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -419,6 +419,7 @@ if ( ! function_exists('set_status_header')) 415 => 'Unsupported Media Type', 416 => 'Requested Range Not Satisfiable', 417 => 'Expectation Failed', + 422 => 'Unprocessable Entity', 500 => 'Internal Server Error', 501 => 'Not Implemented', -- cgit v1.2.3-24-g4f1b From 796b2b711f22775ef8e2a578bd71d065f9800442 Mon Sep 17 00:00:00 2001 From: Jack Webb-Heller Date: Thu, 1 Dec 2011 11:56:12 +0000 Subject: CodeIgniter ignores the set config value for Maximum Execution Time, overwriting it with its own value of 300 seconds. Whilst this is sensible in the vast majority of situations (browsers), when running a script from CLI, it is likely that execution times may need to be longer. Therefore, don't override the time limit if being run from the CLI - instead default back to PHP's own configuration. --- system/core/CodeIgniter.php | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) (limited to 'system/core') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index 4d76a5587..abdbf91d8 100755 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -106,9 +106,13 @@ * Set a liberal script execution time limit * ------------------------------------------------------ */ - if (function_exists("set_time_limit") == TRUE AND @ini_get("safe_mode") == 0) + if (function_exists("set_time_limit") AND @ini_get("safe_mode") == 0) { - @set_time_limit(300); + // Do not override the Time Limit value if running from Command Line + if(php_sapi_name() != 'cli' && ! empty($_SERVER['REMOTE_ADDR'])) + { + @set_time_limit(300); + } } /* -- cgit v1.2.3-24-g4f1b From eea0cbebc48d156f74c044f9932602d051eb9401 Mon Sep 17 00:00:00 2001 From: Jack Webb-Heller Date: Thu, 1 Dec 2011 13:37:08 +0000 Subject: Removed `$_SERVER['REMOTE_ADDR']` following feedback --- system/core/CodeIgniter.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index abdbf91d8..97527e5ca 100755 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -109,7 +109,7 @@ if (function_exists("set_time_limit") AND @ini_get("safe_mode") == 0) { // Do not override the Time Limit value if running from Command Line - if(php_sapi_name() != 'cli' && ! empty($_SERVER['REMOTE_ADDR'])) + if(php_sapi_name() != 'cli') { @set_time_limit(300); } -- cgit v1.2.3-24-g4f1b From 03abee3df4534028c795e3c3da91034a3d3ee0f4 Mon Sep 17 00:00:00 2001 From: Greg Aker Date: Sun, 25 Dec 2011 00:31:29 -0600 Subject: Fixing soft tabs in a few files. --- system/core/Config.php | 2 +- system/core/Hooks.php | 2 +- system/core/Output.php | 2 +- system/core/Security.php | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) (limited to 'system/core') diff --git a/system/core/Config.php b/system/core/Config.php index abd2767d5..b0b4c9aa4 100755 --- a/system/core/Config.php +++ b/system/core/Config.php @@ -328,7 +328,7 @@ class CI_Config { $uri = $str; } } - return $uri; + return $uri; } // -------------------------------------------------------------------- diff --git a/system/core/Hooks.php b/system/core/Hooks.php index 46bfec02a..aa251a389 100755 --- a/system/core/Hooks.php +++ b/system/core/Hooks.php @@ -94,7 +94,7 @@ class CI_Hooks { if (defined('ENVIRONMENT') AND is_file(APPPATH.'config/'.ENVIRONMENT.'/hooks.php')) { - include(APPPATH.'config/'.ENVIRONMENT.'/hooks.php'); + include(APPPATH.'config/'.ENVIRONMENT.'/hooks.php'); } elseif (is_file(APPPATH.'config/hooks.php')) { diff --git a/system/core/Output.php b/system/core/Output.php index 7b53f8e3e..9727a184f 100755 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -108,7 +108,7 @@ class CI_Output { // Get mime types for later if (defined('ENVIRONMENT') AND file_exists(APPPATH.'config/'.ENVIRONMENT.'/mimes.php')) { - include APPPATH.'config/'.ENVIRONMENT.'/mimes.php'; + include APPPATH.'config/'.ENVIRONMENT.'/mimes.php'; } else { diff --git a/system/core/Security.php b/system/core/Security.php index ce3f7d3cc..60a64f358 100755 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -182,7 +182,7 @@ class CI_Security { // Nothing should last forever unset($_COOKIE[$this->_csrf_cookie_name]); - $this->_csrf_hash = ''; + $this->_csrf_hash = ''; $this->_csrf_set_hash(); $this->csrf_set_cookie(); -- cgit v1.2.3-24-g4f1b From 5c1aa631c5f5ec2f6b75ba1158178418e50ba11a Mon Sep 17 00:00:00 2001 From: Greg Aker Date: Sun, 25 Dec 2011 01:24:29 -0600 Subject: Abstracting the loading of files in the config directory depending on environments. --- system/core/CodeIgniter.php | 9 +- system/core/Common.php | 200 +++++++++++++++++++++++++------------------- system/core/Hooks.php | 11 +-- system/core/Loader.php | 9 +- system/core/Output.php | 10 +-- system/core/Router.php | 9 +- 6 files changed, 121 insertions(+), 127 deletions(-) (limited to 'system/core') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index 97527e5ca..04f346c7c 100755 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -59,14 +59,7 @@ * Load the framework constants * ------------------------------------------------------ */ - if (defined('ENVIRONMENT') AND file_exists(APPPATH.'config/'.ENVIRONMENT.'/constants.php')) - { - require(APPPATH.'config/'.ENVIRONMENT.'/constants.php'); - } - else - { - require(APPPATH.'config/constants.php'); - } + load_environ_config('constants', TRUE); /* * ------------------------------------------------------ diff --git a/system/core/Common.php b/system/core/Common.php index b0921fe0c..9e05f3db4 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -47,7 +47,6 @@ * Since there are a few places where we conditionally test for PHP > 5 * we'll set a static variable. * -* @access public * @param string * @return bool TRUE if the current version is $version or higher */ @@ -76,7 +75,6 @@ if ( ! function_exists('is_php')) * the file, based on the read-only attribute. is_writable() is also unreliable * on Unix servers if safe_mode is on. * - * @access private * @return void */ if ( ! function_exists('is_really_writable')) @@ -118,18 +116,17 @@ if ( ! function_exists('is_really_writable')) // ------------------------------------------------------------------------ /** -* Class registry -* -* This function acts as a singleton. If the requested class does not -* exist it is instantiated and set to a static variable. If it has -* previously been instantiated the variable is returned. -* -* @access public -* @param string the class name being requested -* @param string the directory where the class should be found -* @param string the class name prefix -* @return object -*/ + * Class registry + * + * This function acts as a singleton. If the requested class does not + * exist it is instantiated and set to a static variable. If it has + * previously been instantiated the variable is returned. + * + * @param string the class name being requested + * @param string the directory where the class should be found + * @param string the class name prefix + * @return object + */ if ( ! function_exists('load_class')) { function &load_class($class, $directory = 'libraries', $prefix = 'CI_') @@ -191,12 +188,11 @@ if ( ! function_exists('load_class')) // -------------------------------------------------------------------- /** -* Keeps track of which libraries have been loaded. This function is -* called by the load_class() function above -* -* @access public -* @return array -*/ + * Keeps track of which libraries have been loaded. This function is + * called by the load_class() function above + * + * @return array + */ if ( ! function_exists('is_loaded')) { function is_loaded($class = '') @@ -215,14 +211,13 @@ if ( ! function_exists('is_loaded')) // ------------------------------------------------------------------------ /** -* Loads the main config.php file -* -* This function lets us grab the config file even if the Config class -* hasn't been instantiated yet -* -* @access private -* @return array -*/ + * Loads the main config.php file + * + * This function lets us grab the config file even if the Config class + * hasn't been instantiated yet + * + * @return array + */ if ( ! function_exists('get_config')) { function &get_config($replace = array()) @@ -273,11 +268,10 @@ if ( ! function_exists('get_config')) // ------------------------------------------------------------------------ /** -* Returns the specified config item -* -* @access public -* @return mixed -*/ + * Returns the specified config item + * + * @return mixed + */ if ( ! function_exists('config_item')) { function config_item($item) @@ -302,17 +296,16 @@ if ( ! function_exists('config_item')) // ------------------------------------------------------------------------ /** -* Error Handler -* -* This function lets us invoke the exception class and -* display errors using the standard error template located -* in application/errors/errors.php -* This function will send the error page directly to the -* browser and exit. -* -* @access public -* @return void -*/ + * Error Handler + * + * This function lets us invoke the exception class and + * display errors using the standard error template located + * in application/errors/errors.php + * This function will send the error page directly to the + * browser and exit. + * + * @return void + */ if ( ! function_exists('show_error')) { function show_error($message, $status_code = 500, $heading = 'An Error Was Encountered') @@ -326,15 +319,14 @@ if ( ! function_exists('show_error')) // ------------------------------------------------------------------------ /** -* 404 Page Handler -* -* This function is similar to the show_error() function above -* However, instead of the standard error template it displays -* 404 errors. -* -* @access public -* @return void -*/ + * 404 Page Handler + * + * This function is similar to the show_error() function above + * However, instead of the standard error template it displays + * 404 errors. + * + * @return void + */ if ( ! function_exists('show_404')) { function show_404($page = '', $log_error = TRUE) @@ -348,14 +340,13 @@ if ( ! function_exists('show_404')) // ------------------------------------------------------------------------ /** -* Error Logging Interface -* -* We use this as a simple mechanism to access the logging -* class and send messages to be logged. -* -* @access public -* @return void -*/ + * Error Logging Interface + * + * We use this as a simple mechanism to access the logging + * class and send messages to be logged. + * + * @return void + */ if ( ! function_exists('log_message')) { function log_message($level = 'error', $message, $php_error = FALSE) @@ -377,7 +368,6 @@ if ( ! function_exists('log_message')) /** * Set HTTP Status Header * - * @access public * @param int the status code * @param string * @return void @@ -464,19 +454,18 @@ if ( ! function_exists('set_status_header')) // -------------------------------------------------------------------- /** -* Exception Handler -* -* This is the custom exception handler that is declaired at the top -* of Codeigniter.php. The main reason we use this is to permit -* PHP errors to be logged in our own log files since the user may -* not have access to server logs. Since this function -* effectively intercepts PHP errors, however, we also need -* to display errors based on the current error_reporting level. -* We do that with the use of a PHP error template. -* -* @access private -* @return void -*/ + * Exception Handler + * + * This is the custom exception handler that is declaired at the top + * of Codeigniter.php. The main reason we use this is to permit + * PHP errors to be logged in our own log files since the user may + * not have access to server logs. Since this function + * effectively intercepts PHP errors, however, we also need + * to display errors based on the current error_reporting level. + * We do that with the use of a PHP error template. + * + * @return void + */ if ( ! function_exists('_exception_handler')) { function _exception_handler($severity, $message, $filepath, $line) @@ -518,7 +507,6 @@ if ( ! function_exists('_exception_handler')) * This prevents sandwiching null characters * between ascii characters, like Java\0script. * - * @access public * @param string * @return string */ @@ -552,12 +540,11 @@ if ( ! function_exists('remove_invisible_characters')) // ------------------------------------------------------------------------ /** -* Returns HTML escaped variable -* -* @access public -* @param mixed -* @return mixed -*/ + * Returns HTML escaped variable + * + * @param mixed + * @return mixed + */ if ( ! function_exists('html_escape')) { function html_escape($var) @@ -566,12 +553,57 @@ if ( ! function_exists('html_escape')) { return array_map('html_escape', $var); } + + return htmlspecialchars($var, ENT_QUOTES, config_item('charset')); + } +} + +// ------------------------------------------------------------------------ + +/** + * Load Environmental config directory files. + * + * In several places we check to see if the environment is loaded up and if the file + * that is being requested lives in said environment. Otherwise load up the file from + * the main CI config dir. + * + * @todo Optimize a bit to lessen the file system hits if the file has been loaded. + * @param string filename without extension. eg: 'config' or 'hooks' + * @param boolean whether or not to do a `require_once()` or a simple `include()` + * @return void + */ + if ( ! function_exists('load_environ_config')) + { + function load_environ_config($file, $require=FALSE) + { + if (defined('ENVIRONMENT') AND file_exists(APPPATH.'config/'.ENVIRONMENT.'/'.$file.'.php')) + { + if ($require) + { + require_once(APPPATH.'config/'.ENVIRONMENT.'/'.$file.'.php'); + } + else + { + include(APPPATH.'config/'.ENVIRONMENT.'/'.$file.'.php'); + } + + return; + } + + if ($require) + { + require_once(APPPATH.'config/'.$file.'.php'); + } else { - return htmlspecialchars($var, ENT_QUOTES, config_item('charset')); + include(APPPATH.'config/'.$file.'.php'); } + + return; } -} + } + +// ------------------------------------------------------------------------ /* End of file Common.php */ /* Location: ./system/core/Common.php */ \ No newline at end of file diff --git a/system/core/Hooks.php b/system/core/Hooks.php index aa251a389..6a36ce963 100755 --- a/system/core/Hooks.php +++ b/system/core/Hooks.php @@ -91,16 +91,7 @@ class CI_Hooks { // Grab the "hooks" definition file. // If there are no hooks, we're done. - - if (defined('ENVIRONMENT') AND is_file(APPPATH.'config/'.ENVIRONMENT.'/hooks.php')) - { - include(APPPATH.'config/'.ENVIRONMENT.'/hooks.php'); - } - elseif (is_file(APPPATH.'config/hooks.php')) - { - include(APPPATH.'config/hooks.php'); - } - + load_environ_config('hooks'); if ( ! isset($hook) OR ! is_array($hook)) { diff --git a/system/core/Loader.php b/system/core/Loader.php index 4e14b54af..12d07bbe0 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -1125,14 +1125,7 @@ class CI_Loader { */ protected function _ci_autoloader() { - if (defined('ENVIRONMENT') AND file_exists(APPPATH.'config/'.ENVIRONMENT.'/autoload.php')) - { - include(APPPATH.'config/'.ENVIRONMENT.'/autoload.php'); - } - else - { - include(APPPATH.'config/autoload.php'); - } + load_environ_config('autoload'); if ( ! isset($autoload)) { diff --git a/system/core/Output.php b/system/core/Output.php index 9727a184f..4d1036ceb 100755 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -106,15 +106,7 @@ class CI_Output { $this->_zlib_oc = @ini_get('zlib.output_compression'); // Get mime types for later - if (defined('ENVIRONMENT') AND file_exists(APPPATH.'config/'.ENVIRONMENT.'/mimes.php')) - { - include APPPATH.'config/'.ENVIRONMENT.'/mimes.php'; - } - else - { - include APPPATH.'config/mimes.php'; - } - + load_environ_config('mimes'); $this->mime_types = $mimes; diff --git a/system/core/Router.php b/system/core/Router.php index 748678d67..5388a9289 100755 --- a/system/core/Router.php +++ b/system/core/Router.php @@ -141,14 +141,7 @@ class CI_Router { } // Load the routes.php file. - if (defined('ENVIRONMENT') AND is_file(APPPATH.'config/'.ENVIRONMENT.'/routes.php')) - { - include(APPPATH.'config/'.ENVIRONMENT.'/routes.php'); - } - elseif (is_file(APPPATH.'config/routes.php')) - { - include(APPPATH.'config/routes.php'); - } + load_environ_config('routes'); $this->routes = ( ! isset($route) OR ! is_array($route)) ? array() : $route; unset($route); -- cgit v1.2.3-24-g4f1b From d2c4ec66946877ba4ef1c2bedf848eca9667c01d Mon Sep 17 00:00:00 2001 From: Greg Aker Date: Sun, 25 Dec 2011 22:52:57 -0600 Subject: Changes in the UTF8 Class. - Adding error suppression ("@") on the preg_match() in the constructor to help prevent errors if PCRE doesn't support Unicode - Adding method visibility. - Changed comparisons on integers/booleans to explicit. eg: !==/=== --- system/core/Utf8.php | 25 ++++++++++--------------- 1 file changed, 10 insertions(+), 15 deletions(-) (limited to 'system/core') diff --git a/system/core/Utf8.php b/system/core/Utf8.php index 7abe4e43b..1bcf526a5 100644 --- a/system/core/Utf8.php +++ b/system/core/Utf8.php @@ -44,19 +44,18 @@ class CI_Utf8 { * Constructor * * Determines if UTF-8 support is to be enabled - * */ - function __construct() + public function __construct() { log_message('debug', "Utf8 Class Initialized"); global $CFG; if ( - preg_match('/./u', 'é') === 1 // PCRE must support UTF-8 - AND function_exists('iconv') // iconv must be installed - AND ini_get('mbstring.func_overload') != 1 // Multibyte string function overloading cannot be enabled - AND $CFG->item('charset') == 'UTF-8' // Application charset must be UTF-8 + @preg_match('/./u', 'é') === 1 // PCRE must support UTF-8 + && function_exists('iconv') // iconv must be installed + && ini_get('mbstring.func_overload') !== 1 // Multibyte string function overloading cannot be enabled + && $CFG->item('charset') == 'UTF-8' // Application charset must be UTF-8 ) { log_message('debug', "UTF-8 Support Enabled"); @@ -90,11 +89,10 @@ class CI_Utf8 { * * Ensures strings are UTF-8 * - * @access public * @param string * @return string */ - function clean_string($str) + public function clean_string($str) { if ($this->_is_ascii($str) === FALSE) { @@ -113,11 +111,10 @@ class CI_Utf8 { * line feeds, and carriage returns, as all others can cause * problems in XML * - * @access public * @param string * @return string */ - function safe_ascii_for_xml($str) + public function safe_ascii_for_xml($str) { return remove_invisible_characters($str, FALSE); } @@ -129,12 +126,11 @@ class CI_Utf8 { * * Attempts to convert a string to UTF-8 * - * @access public * @param string * @param string - input encoding * @return string */ - function convert_to_utf8($str, $encoding) + public function convert_to_utf8($str, $encoding) { if (function_exists('iconv')) { @@ -159,13 +155,12 @@ class CI_Utf8 { * * Tests if a string is standard 7-bit ASCII or not * - * @access public * @param string * @return bool */ - function _is_ascii($str) + protected function _is_ascii($str) { - return (preg_match('/[^\x00-\x7F]/S', $str) == 0); + return (preg_match('/[^\x00-\x7F]/S', $str) === 0); } // -------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From d96f88277c1e9a4c069c2e2ee3d779385549f31a Mon Sep 17 00:00:00 2001 From: Greg Aker Date: Tue, 27 Dec 2011 16:23:47 -0600 Subject: Revert "Abstracting the loading of files in the config directory depending on environments." This reverts commit 5c1aa631c5f5ec2f6b75ba1158178418e50ba11a. --- system/core/CodeIgniter.php | 9 +- system/core/Common.php | 200 +++++++++++++++++++------------------------- system/core/Hooks.php | 11 ++- system/core/Loader.php | 9 +- system/core/Output.php | 10 ++- system/core/Router.php | 9 +- 6 files changed, 127 insertions(+), 121 deletions(-) (limited to 'system/core') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index 04f346c7c..97527e5ca 100755 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -59,7 +59,14 @@ * Load the framework constants * ------------------------------------------------------ */ - load_environ_config('constants', TRUE); + if (defined('ENVIRONMENT') AND file_exists(APPPATH.'config/'.ENVIRONMENT.'/constants.php')) + { + require(APPPATH.'config/'.ENVIRONMENT.'/constants.php'); + } + else + { + require(APPPATH.'config/constants.php'); + } /* * ------------------------------------------------------ diff --git a/system/core/Common.php b/system/core/Common.php index 9e05f3db4..b0921fe0c 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -47,6 +47,7 @@ * Since there are a few places where we conditionally test for PHP > 5 * we'll set a static variable. * +* @access public * @param string * @return bool TRUE if the current version is $version or higher */ @@ -75,6 +76,7 @@ if ( ! function_exists('is_php')) * the file, based on the read-only attribute. is_writable() is also unreliable * on Unix servers if safe_mode is on. * + * @access private * @return void */ if ( ! function_exists('is_really_writable')) @@ -116,17 +118,18 @@ if ( ! function_exists('is_really_writable')) // ------------------------------------------------------------------------ /** - * Class registry - * - * This function acts as a singleton. If the requested class does not - * exist it is instantiated and set to a static variable. If it has - * previously been instantiated the variable is returned. - * - * @param string the class name being requested - * @param string the directory where the class should be found - * @param string the class name prefix - * @return object - */ +* Class registry +* +* This function acts as a singleton. If the requested class does not +* exist it is instantiated and set to a static variable. If it has +* previously been instantiated the variable is returned. +* +* @access public +* @param string the class name being requested +* @param string the directory where the class should be found +* @param string the class name prefix +* @return object +*/ if ( ! function_exists('load_class')) { function &load_class($class, $directory = 'libraries', $prefix = 'CI_') @@ -188,11 +191,12 @@ if ( ! function_exists('load_class')) // -------------------------------------------------------------------- /** - * Keeps track of which libraries have been loaded. This function is - * called by the load_class() function above - * - * @return array - */ +* Keeps track of which libraries have been loaded. This function is +* called by the load_class() function above +* +* @access public +* @return array +*/ if ( ! function_exists('is_loaded')) { function is_loaded($class = '') @@ -211,13 +215,14 @@ if ( ! function_exists('is_loaded')) // ------------------------------------------------------------------------ /** - * Loads the main config.php file - * - * This function lets us grab the config file even if the Config class - * hasn't been instantiated yet - * - * @return array - */ +* Loads the main config.php file +* +* This function lets us grab the config file even if the Config class +* hasn't been instantiated yet +* +* @access private +* @return array +*/ if ( ! function_exists('get_config')) { function &get_config($replace = array()) @@ -268,10 +273,11 @@ if ( ! function_exists('get_config')) // ------------------------------------------------------------------------ /** - * Returns the specified config item - * - * @return mixed - */ +* Returns the specified config item +* +* @access public +* @return mixed +*/ if ( ! function_exists('config_item')) { function config_item($item) @@ -296,16 +302,17 @@ if ( ! function_exists('config_item')) // ------------------------------------------------------------------------ /** - * Error Handler - * - * This function lets us invoke the exception class and - * display errors using the standard error template located - * in application/errors/errors.php - * This function will send the error page directly to the - * browser and exit. - * - * @return void - */ +* Error Handler +* +* This function lets us invoke the exception class and +* display errors using the standard error template located +* in application/errors/errors.php +* This function will send the error page directly to the +* browser and exit. +* +* @access public +* @return void +*/ if ( ! function_exists('show_error')) { function show_error($message, $status_code = 500, $heading = 'An Error Was Encountered') @@ -319,14 +326,15 @@ if ( ! function_exists('show_error')) // ------------------------------------------------------------------------ /** - * 404 Page Handler - * - * This function is similar to the show_error() function above - * However, instead of the standard error template it displays - * 404 errors. - * - * @return void - */ +* 404 Page Handler +* +* This function is similar to the show_error() function above +* However, instead of the standard error template it displays +* 404 errors. +* +* @access public +* @return void +*/ if ( ! function_exists('show_404')) { function show_404($page = '', $log_error = TRUE) @@ -340,13 +348,14 @@ if ( ! function_exists('show_404')) // ------------------------------------------------------------------------ /** - * Error Logging Interface - * - * We use this as a simple mechanism to access the logging - * class and send messages to be logged. - * - * @return void - */ +* Error Logging Interface +* +* We use this as a simple mechanism to access the logging +* class and send messages to be logged. +* +* @access public +* @return void +*/ if ( ! function_exists('log_message')) { function log_message($level = 'error', $message, $php_error = FALSE) @@ -368,6 +377,7 @@ if ( ! function_exists('log_message')) /** * Set HTTP Status Header * + * @access public * @param int the status code * @param string * @return void @@ -454,18 +464,19 @@ if ( ! function_exists('set_status_header')) // -------------------------------------------------------------------- /** - * Exception Handler - * - * This is the custom exception handler that is declaired at the top - * of Codeigniter.php. The main reason we use this is to permit - * PHP errors to be logged in our own log files since the user may - * not have access to server logs. Since this function - * effectively intercepts PHP errors, however, we also need - * to display errors based on the current error_reporting level. - * We do that with the use of a PHP error template. - * - * @return void - */ +* Exception Handler +* +* This is the custom exception handler that is declaired at the top +* of Codeigniter.php. The main reason we use this is to permit +* PHP errors to be logged in our own log files since the user may +* not have access to server logs. Since this function +* effectively intercepts PHP errors, however, we also need +* to display errors based on the current error_reporting level. +* We do that with the use of a PHP error template. +* +* @access private +* @return void +*/ if ( ! function_exists('_exception_handler')) { function _exception_handler($severity, $message, $filepath, $line) @@ -507,6 +518,7 @@ if ( ! function_exists('_exception_handler')) * This prevents sandwiching null characters * between ascii characters, like Java\0script. * + * @access public * @param string * @return string */ @@ -540,11 +552,12 @@ if ( ! function_exists('remove_invisible_characters')) // ------------------------------------------------------------------------ /** - * Returns HTML escaped variable - * - * @param mixed - * @return mixed - */ +* Returns HTML escaped variable +* +* @access public +* @param mixed +* @return mixed +*/ if ( ! function_exists('html_escape')) { function html_escape($var) @@ -553,57 +566,12 @@ if ( ! function_exists('html_escape')) { return array_map('html_escape', $var); } - - return htmlspecialchars($var, ENT_QUOTES, config_item('charset')); - } -} - -// ------------------------------------------------------------------------ - -/** - * Load Environmental config directory files. - * - * In several places we check to see if the environment is loaded up and if the file - * that is being requested lives in said environment. Otherwise load up the file from - * the main CI config dir. - * - * @todo Optimize a bit to lessen the file system hits if the file has been loaded. - * @param string filename without extension. eg: 'config' or 'hooks' - * @param boolean whether or not to do a `require_once()` or a simple `include()` - * @return void - */ - if ( ! function_exists('load_environ_config')) - { - function load_environ_config($file, $require=FALSE) - { - if (defined('ENVIRONMENT') AND file_exists(APPPATH.'config/'.ENVIRONMENT.'/'.$file.'.php')) - { - if ($require) - { - require_once(APPPATH.'config/'.ENVIRONMENT.'/'.$file.'.php'); - } - else - { - include(APPPATH.'config/'.ENVIRONMENT.'/'.$file.'.php'); - } - - return; - } - - if ($require) - { - require_once(APPPATH.'config/'.$file.'.php'); - } else { - include(APPPATH.'config/'.$file.'.php'); + return htmlspecialchars($var, ENT_QUOTES, config_item('charset')); } - - return; } - } - -// ------------------------------------------------------------------------ +} /* End of file Common.php */ /* Location: ./system/core/Common.php */ \ No newline at end of file diff --git a/system/core/Hooks.php b/system/core/Hooks.php index 6a36ce963..aa251a389 100755 --- a/system/core/Hooks.php +++ b/system/core/Hooks.php @@ -91,7 +91,16 @@ class CI_Hooks { // Grab the "hooks" definition file. // If there are no hooks, we're done. - load_environ_config('hooks'); + + if (defined('ENVIRONMENT') AND is_file(APPPATH.'config/'.ENVIRONMENT.'/hooks.php')) + { + include(APPPATH.'config/'.ENVIRONMENT.'/hooks.php'); + } + elseif (is_file(APPPATH.'config/hooks.php')) + { + include(APPPATH.'config/hooks.php'); + } + if ( ! isset($hook) OR ! is_array($hook)) { diff --git a/system/core/Loader.php b/system/core/Loader.php index 83d134ef4..d42dbbf38 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -1139,7 +1139,14 @@ class CI_Loader { */ protected function _ci_autoloader() { - load_environ_config('autoload'); + if (defined('ENVIRONMENT') AND file_exists(APPPATH.'config/'.ENVIRONMENT.'/autoload.php')) + { + include(APPPATH.'config/'.ENVIRONMENT.'/autoload.php'); + } + else + { + include(APPPATH.'config/autoload.php'); + } if ( ! isset($autoload)) { diff --git a/system/core/Output.php b/system/core/Output.php index 4d1036ceb..9727a184f 100755 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -106,7 +106,15 @@ class CI_Output { $this->_zlib_oc = @ini_get('zlib.output_compression'); // Get mime types for later - load_environ_config('mimes'); + if (defined('ENVIRONMENT') AND file_exists(APPPATH.'config/'.ENVIRONMENT.'/mimes.php')) + { + include APPPATH.'config/'.ENVIRONMENT.'/mimes.php'; + } + else + { + include APPPATH.'config/mimes.php'; + } + $this->mime_types = $mimes; diff --git a/system/core/Router.php b/system/core/Router.php index 5388a9289..748678d67 100755 --- a/system/core/Router.php +++ b/system/core/Router.php @@ -141,7 +141,14 @@ class CI_Router { } // Load the routes.php file. - load_environ_config('routes'); + if (defined('ENVIRONMENT') AND is_file(APPPATH.'config/'.ENVIRONMENT.'/routes.php')) + { + include(APPPATH.'config/'.ENVIRONMENT.'/routes.php'); + } + elseif (is_file(APPPATH.'config/routes.php')) + { + include(APPPATH.'config/routes.php'); + } $this->routes = ( ! isset($route) OR ! is_array($route)) ? array() : $route; unset($route); -- cgit v1.2.3-24-g4f1b From 2be25a6fdb9aa197debca28d1cfe0e0e542296b0 Mon Sep 17 00:00:00 2001 From: RS71 Date: Sat, 31 Dec 2011 16:02:04 -0200 Subject: Update system/core/Security.php --- system/core/Security.php | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) (limited to 'system/core') diff --git a/system/core/Security.php b/system/core/Security.php index 60a64f358..510f3d1ae 100755 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -180,9 +180,14 @@ class CI_Security { // polute the _POST array unset($_POST[$this->_csrf_token_name]); - // Nothing should last forever - unset($_COOKIE[$this->_csrf_cookie_name]); - $this->_csrf_hash = ''; + // Regenerate on every submission? + if (config_item('csrf_regenerate')) + { + // Nothing should last forever + unset($_COOKIE[$this->_csrf_cookie_name]); + $this->_csrf_hash = ''; + } + $this->_csrf_set_hash(); $this->csrf_set_cookie(); -- cgit v1.2.3-24-g4f1b From 0defe5d33ee2633f377a109519ca818becc60f64 Mon Sep 17 00:00:00 2001 From: Greg Aker Date: Sun, 1 Jan 2012 18:46:41 -0600 Subject: Updating copyright date to 2012 --- system/core/Benchmark.php | 2 +- system/core/CodeIgniter.php | 2 +- system/core/Common.php | 2 +- system/core/Config.php | 2 +- system/core/Controller.php | 2 +- system/core/Exceptions.php | 2 +- system/core/Hooks.php | 2 +- system/core/Input.php | 2 +- system/core/Lang.php | 2 +- system/core/Loader.php | 2 +- system/core/Model.php | 2 +- system/core/Output.php | 2 +- system/core/Router.php | 2 +- system/core/Security.php | 2 +- system/core/URI.php | 2 +- system/core/Utf8.php | 2 +- 16 files changed, 16 insertions(+), 16 deletions(-) (limited to 'system/core') diff --git a/system/core/Benchmark.php b/system/core/Benchmark.php index 0f3104079..da246c9e0 100755 --- a/system/core/Benchmark.php +++ b/system/core/Benchmark.php @@ -18,7 +18,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/) * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index 97527e5ca..5152073d5 100755 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -18,7 +18,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/) * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 diff --git a/system/core/Common.php b/system/core/Common.php index b0921fe0c..f42bb640c 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -18,7 +18,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/) * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 diff --git a/system/core/Config.php b/system/core/Config.php index b0b4c9aa4..3e2635494 100755 --- a/system/core/Config.php +++ b/system/core/Config.php @@ -18,7 +18,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/) * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 diff --git a/system/core/Controller.php b/system/core/Controller.php index ca2bf41b5..55b3ec235 100644 --- a/system/core/Controller.php +++ b/system/core/Controller.php @@ -18,7 +18,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/) * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 diff --git a/system/core/Exceptions.php b/system/core/Exceptions.php index ead8d814e..3737f2930 100755 --- a/system/core/Exceptions.php +++ b/system/core/Exceptions.php @@ -18,7 +18,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/) * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 diff --git a/system/core/Hooks.php b/system/core/Hooks.php index aa251a389..174adcb19 100755 --- a/system/core/Hooks.php +++ b/system/core/Hooks.php @@ -18,7 +18,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/) * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 diff --git a/system/core/Input.php b/system/core/Input.php index 3cbbe787f..7cfa4c63f 100755 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -18,7 +18,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/) * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 diff --git a/system/core/Lang.php b/system/core/Lang.php index e03afb07d..5eb2801f6 100755 --- a/system/core/Lang.php +++ b/system/core/Lang.php @@ -18,7 +18,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/) * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 diff --git a/system/core/Loader.php b/system/core/Loader.php index d42dbbf38..c4a6b501c 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -18,7 +18,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/) * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 diff --git a/system/core/Model.php b/system/core/Model.php index c34bab64b..fc640139a 100755 --- a/system/core/Model.php +++ b/system/core/Model.php @@ -18,7 +18,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/) * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 diff --git a/system/core/Output.php b/system/core/Output.php index 9727a184f..e529f914d 100755 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -18,7 +18,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/) * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 diff --git a/system/core/Router.php b/system/core/Router.php index 748678d67..8cad86888 100755 --- a/system/core/Router.php +++ b/system/core/Router.php @@ -18,7 +18,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/) * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 diff --git a/system/core/Security.php b/system/core/Security.php index 60a64f358..272a8bf3f 100755 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -18,7 +18,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/) * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 diff --git a/system/core/URI.php b/system/core/URI.php index 578d17429..3c26d307b 100755 --- a/system/core/URI.php +++ b/system/core/URI.php @@ -18,7 +18,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/) * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 diff --git a/system/core/Utf8.php b/system/core/Utf8.php index 1bcf526a5..40a7ac4c0 100644 --- a/system/core/Utf8.php +++ b/system/core/Utf8.php @@ -18,7 +18,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/) * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 2.0 -- cgit v1.2.3-24-g4f1b From 2fbbfe34033dba5f362382818d0ae4c809ff6698 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 7 Jan 2012 18:37:15 +0200 Subject: Improve the Benchmark library --- system/core/Benchmark.php | 23 +++++++++-------------- 1 file changed, 9 insertions(+), 14 deletions(-) (limited to 'system/core') diff --git a/system/core/Benchmark.php b/system/core/Benchmark.php index da246c9e0..f4dfd3dab 100755 --- a/system/core/Benchmark.php +++ b/system/core/Benchmark.php @@ -1,13 +1,13 @@ -marker[$name] = microtime(); } @@ -75,13 +74,12 @@ class CI_Benchmark { * execution time to be shown in a template. The output class will * swap the real value for this variable. * - * @access public * @param string a particular marked point * @param string a particular marked point * @param integer the number of decimal places * @return mixed */ - function elapsed_time($point1 = '', $point2 = '', $decimals = 4) + public function elapsed_time($point1 = '', $point2 = '', $decimals = 4) { if ($point1 == '') { @@ -114,17 +112,14 @@ class CI_Benchmark { * without the memory being calculated until the end. * The output class will swap the real value for this variable. * - * @access public * @return string */ - function memory_usage() + public function memory_usage() { return '{memory_usage}'; } } -// END CI_Benchmark class - /* End of file Benchmark.php */ -/* Location: ./system/core/Benchmark.php */ \ No newline at end of file +/* Location: ./system/core/Benchmark.php */ -- cgit v1.2.3-24-g4f1b From 9c5c24a582b32659c89f74fb5f773d06db23e426 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 7 Jan 2012 18:51:21 +0200 Subject: Improve core/CodeIgniter.php --- system/core/CodeIgniter.php | 38 +++++++++++++++----------------------- 1 file changed, 15 insertions(+), 23 deletions(-) (limited to 'system/core') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index 5152073d5..e3d818825 100755 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -1,13 +1,13 @@ -_call_hook('cache_override') === FALSE) + if ($EXT->_call_hook('cache_override') === FALSE + AND $OUT->_display_cache($CFG, $URI) == TRUE) { - if ($OUT->_display_cache($CFG, $URI) == TRUE) - { - exit; - } + exit; } /* @@ -273,13 +267,13 @@ $method = $RTR->fetch_method(); if ( ! class_exists($class) - OR strncmp($method, '_', 1) == 0 + OR strpos($method, '_', 1) === 0 OR in_array(strtolower($method), array_map('strtolower', get_class_methods('CI_Controller'))) ) { if ( ! empty($RTR->routes['404_override'])) { - $x = explode('/', $RTR->routes['404_override']); + $x = explode('/', $RTR->routes['404_override'], 2); $class = $x[0]; $method = (isset($x[1]) ? $x[1] : 'index'); if ( ! class_exists($class)) @@ -341,7 +335,7 @@ // Check and see if we are using a 404 override and use it. if ( ! empty($RTR->routes['404_override'])) { - $x = explode('/', $RTR->routes['404_override']); + $x = explode('/', $RTR->routes['404_override'], 2); $class = $x[0]; $method = (isset($x[1]) ? $x[1] : 'index'); if ( ! class_exists($class)) @@ -367,7 +361,6 @@ call_user_func_array(array(&$CI, $method), array_slice($URI->rsegments, 2)); } - // Mark a benchmark end point $BM->mark('controller_execution_time_( '.$class.' / '.$method.' )_end'); @@ -405,6 +398,5 @@ $CI->db->close(); } - /* End of file CodeIgniter.php */ -/* Location: ./system/core/CodeIgniter.php */ \ No newline at end of file +/* Location: ./system/core/CodeIgniter.php */ -- cgit v1.2.3-24-g4f1b From 188abafcd3cc9b196755c0227eebc9a10f33d3a7 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 7 Jan 2012 19:09:42 +0200 Subject: Improve core/Common.php --- system/core/Common.php | 133 ++++++++++++++++++++++++------------------------- 1 file changed, 66 insertions(+), 67 deletions(-) (limited to 'system/core') diff --git a/system/core/Common.php b/system/core/Common.php index f42bb640c..abbe789e2 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -1,13 +1,13 @@ - 'OK', - 201 => 'Created', - 202 => 'Accepted', - 203 => 'Non-Authoritative Information', - 204 => 'No Content', - 205 => 'Reset Content', - 206 => 'Partial Content', - - 300 => 'Multiple Choices', - 301 => 'Moved Permanently', - 302 => 'Found', - 304 => 'Not Modified', - 305 => 'Use Proxy', - 307 => 'Temporary Redirect', - - 400 => 'Bad Request', - 401 => 'Unauthorized', - 403 => 'Forbidden', - 404 => 'Not Found', - 405 => 'Method Not Allowed', - 406 => 'Not Acceptable', - 407 => 'Proxy Authentication Required', - 408 => 'Request Timeout', - 409 => 'Conflict', - 410 => 'Gone', - 411 => 'Length Required', - 412 => 'Precondition Failed', - 413 => 'Request Entity Too Large', - 414 => 'Request-URI Too Long', - 415 => 'Unsupported Media Type', - 416 => 'Requested Range Not Satisfiable', - 417 => 'Expectation Failed', - 422 => 'Unprocessable Entity', - - 500 => 'Internal Server Error', - 501 => 'Not Implemented', - 502 => 'Bad Gateway', - 503 => 'Service Unavailable', - 504 => 'Gateway Timeout', - 505 => 'HTTP Version Not Supported' - ); + 200 => 'OK', + 201 => 'Created', + 202 => 'Accepted', + 203 => 'Non-Authoritative Information', + 204 => 'No Content', + 205 => 'Reset Content', + 206 => 'Partial Content', + + 300 => 'Multiple Choices', + 301 => 'Moved Permanently', + 302 => 'Found', + 304 => 'Not Modified', + 305 => 'Use Proxy', + 307 => 'Temporary Redirect', + + 400 => 'Bad Request', + 401 => 'Unauthorized', + 403 => 'Forbidden', + 404 => 'Not Found', + 405 => 'Method Not Allowed', + 406 => 'Not Acceptable', + 407 => 'Proxy Authentication Required', + 408 => 'Request Timeout', + 409 => 'Conflict', + 410 => 'Gone', + 411 => 'Length Required', + 412 => 'Precondition Failed', + 413 => 'Request Entity Too Large', + 414 => 'Request-URI Too Long', + 415 => 'Unsupported Media Type', + 416 => 'Requested Range Not Satisfiable', + 417 => 'Expectation Failed', + 422 => 'Unprocessable Entity', + + 500 => 'Internal Server Error', + 501 => 'Not Implemented', + 502 => 'Bad Gateway', + 503 => 'Service Unavailable', + 504 => 'Gateway Timeout', + 505 => 'HTTP Version Not Supported' + ); if ($code == '' OR ! is_numeric($code)) { @@ -441,12 +441,12 @@ if ( ! function_exists('set_status_header')) if ($text == '') { - show_error('No status text available. Please check your status code number or supply your own message text.', 500); + show_error('No status text available. Please check your status code number or supply your own message text.', 500); } $server_protocol = (isset($_SERVER['SERVER_PROTOCOL'])) ? $_SERVER['SERVER_PROTOCOL'] : FALSE; - if (substr(php_sapi_name(), 0, 3) == 'cgi') + if (strpos(php_sapi_name(), 'cgi') === 0) { header("Status: {$code} {$text}", TRUE); } @@ -527,16 +527,15 @@ if ( ! function_exists('remove_invisible_characters')) function remove_invisible_characters($str, $url_encoded = TRUE) { $non_displayables = array(); - - // every control character except newline (dec 10) - // carriage return (dec 13), and horizontal tab (dec 09) - + + // every control character except newline (dec 10), + // carriage return (dec 13) and horizontal tab (dec 09) if ($url_encoded) { $non_displayables[] = '/%0[0-8bcef]/'; // url encoded 00-08, 11, 12, 14, 15 $non_displayables[] = '/%1[0-9a-f]/'; // url encoded 16-31 } - + $non_displayables[] = '/[\x00-\x08\x0B\x0C\x0E-\x1F\x7F]+/S'; // 00-08, 11, 12, 14-31, 127 do @@ -574,4 +573,4 @@ if ( ! function_exists('html_escape')) } /* End of file Common.php */ -/* Location: ./system/core/Common.php */ \ No newline at end of file +/* Location: ./system/core/Common.php */ -- cgit v1.2.3-24-g4f1b From ccabcfd68919ecf146cd5f21079365afbffad000 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 7 Jan 2012 19:30:47 +0200 Subject: Improve the Config library --- system/core/Config.php | 114 +++++++++++++++++-------------------------------- 1 file changed, 40 insertions(+), 74 deletions(-) (limited to 'system/core') diff --git a/system/core/Config.php b/system/core/Config.php index 3e2635494..55da4e338 100755 --- a/system/core/Config.php +++ b/system/core/Config.php @@ -1,13 +1,13 @@ -config =& get_config(); log_message('debug', "Config Class Initialized"); @@ -81,10 +81,9 @@ class CI_Config { if (isset($_SERVER['HTTP_HOST'])) { $base_url = isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) !== 'off' ? 'https' : 'http'; - $base_url .= '://'. $_SERVER['HTTP_HOST']; - $base_url .= str_replace(basename($_SERVER['SCRIPT_NAME']), '', $_SERVER['SCRIPT_NAME']); + $base_url .= '://'. $_SERVER['HTTP_HOST'] + . str_replace(basename($_SERVER['SCRIPT_NAME']), '', $_SERVER['SCRIPT_NAME']); } - else { $base_url = 'http://localhost/'; @@ -99,27 +98,25 @@ class CI_Config { /** * Load Config File * - * @access public * @param string the config file name - * @param boolean if configuration values should be loaded into their own section - * @param boolean true if errors should just return false, false if an error message should be displayed + * @param boolean if configuration values should be loaded into their own section + * @param boolean true if errors should just return false, false if an error message should be displayed * @return boolean if the file was loaded correctly */ - function load($file = '', $use_sections = FALSE, $fail_gracefully = FALSE) + public function load($file = '', $use_sections = FALSE, $fail_gracefully = FALSE) { $file = ($file == '') ? 'config' : str_replace('.php', '', $file); - $found = FALSE; - $loaded = FALSE; + $found = $loaded = FALSE; foreach ($this->_config_paths as $path) { $check_locations = defined('ENVIRONMENT') - ? array(ENVIRONMENT.'/'.$file, $file) + ? array(ENVIRONMENT.DIRECTORY_SEPARATOR.$file, $file) : array($file); foreach ($check_locations as $location) { - $file_path = $path.'config/'.$location.'.php'; + $file_path = $path.'config'.DIRECTORY_SEPARATOR.$location.'.php'; if (in_array($file_path, $this->is_loaded, TRUE)) { @@ -192,39 +189,19 @@ class CI_Config { * Fetch a config file item * * - * @access public * @param string the config item name * @param string the index name * @param bool * @return string */ - function item($item, $index = '') + public function item($item, $index = '') { if ($index == '') { - if ( ! isset($this->config[$item])) - { - return FALSE; - } - - $pref = $this->config[$item]; - } - else - { - if ( ! isset($this->config[$index])) - { - return FALSE; - } - - if ( ! isset($this->config[$index][$item])) - { - return FALSE; - } - - $pref = $this->config[$index][$item]; + return isset($this->config[$item]) ? $this->config[$item] : FALSE; } - return $pref; + return isset($this->config[$index], $this->config[$index][$item]) ? $this->config[$index][$item] : FALSE; } // -------------------------------------------------------------------- @@ -232,18 +209,17 @@ class CI_Config { /** * Fetch a config file item - adds slash after item (if item is not empty) * - * @access public * @param string the config item name * @param bool * @return string */ - function slash_item($item) + public function slash_item($item) { if ( ! isset($this->config[$item])) { return FALSE; } - if( trim($this->config[$item]) == '') + elseif (trim($this->config[$item]) == '') { return ''; } @@ -257,11 +233,10 @@ class CI_Config { * Site URL * Returns base_url . index_page [. uri_string] * - * @access public * @param string the URI string * @return string */ - function site_url($uri = '') + public function site_url($uri = '') { if ($uri == '') { @@ -285,11 +260,10 @@ class CI_Config { * Base URL * Returns base_url [. uri_string] * - * @access public * @param string $uri * @return string */ - function base_url($uri = '') + public function base_url($uri = '') { return $this->slash_item('base_url').ltrim($this->_uri_string($uri),'/'); } @@ -299,8 +273,7 @@ class CI_Config { /** * Build URI string for use in Config::site_url() and Config::base_url() * - * @access protected - * @param $uri + * @param mixed $uri * @return string */ protected function _uri_string($uri) @@ -311,23 +284,21 @@ class CI_Config { { $uri = implode('/', $uri); } - $uri = trim($uri, '/'); + return trim($uri, '/'); } - else + elseif (is_array($uri)) { - if (is_array($uri)) + $i = 0; + $str = ''; + foreach ($uri as $key => $val) { - $i = 0; - $str = ''; - foreach ($uri as $key => $val) - { - $prefix = ($i == 0) ? '' : '&'; - $str .= $prefix.$key.'='.$val; - $i++; - } - $uri = $str; + $prefix = ($i === 0) ? '' : '&'; + $str .= $prefix.$key.'='.$val; + $i++; } + return $str; } + return $uri; } @@ -336,12 +307,11 @@ class CI_Config { /** * System URL * - * @access public * @return string */ - function system_url() + public function system_url() { - $x = explode("/", preg_replace("|/*(.+?)/*$|", "\\1", BASEPATH)); + $x = explode('/', preg_replace('|/*(.+?)/*$|', '\\1', BASEPATH)); return $this->slash_item('base_url').end($x).'/'; } @@ -350,12 +320,11 @@ class CI_Config { /** * Set a config file item * - * @access public * @param string the config item key * @param string the config item value * @return void */ - function set_item($item, $value) + public function set_item($item, $value) { $this->config[$item] = $value; } @@ -366,14 +335,13 @@ class CI_Config { * Assign to Config * * This function is called by the front controller (CodeIgniter.php) - * after the Config class is instantiated. It permits config items + * after the Config class is instantiated. It permits config items * to be assigned or overriden by variables contained in the index.php file * - * @access private * @param array * @return void */ - function _assign_to_config($items = array()) + public function _assign_to_config($items = array()) { if (is_array($items)) { @@ -385,7 +353,5 @@ class CI_Config { } } -// END CI_Config class - /* End of file Config.php */ /* Location: ./system/core/Config.php */ -- cgit v1.2.3-24-g4f1b From 7ac33d7a615f9b5e27fe92a0a91c4ebfb19faad3 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 7 Jan 2012 19:39:39 +0200 Subject: Improve core Controller & Exceptions libraries --- system/core/Controller.php | 16 +++------ system/core/Exceptions.php | 83 +++++++++++++++++++--------------------------- 2 files changed, 40 insertions(+), 59 deletions(-) (limited to 'system/core') diff --git a/system/core/Controller.php b/system/core/Controller.php index 55b3ec235..5ae0b0924 100644 --- a/system/core/Controller.php +++ b/system/core/Controller.php @@ -1,13 +1,13 @@ -load =& load_class('Loader', 'core'); - $this->load->initialize(); - log_message('debug', "Controller Class Initialized"); } @@ -70,7 +65,6 @@ class CI_Controller { return self::$instance; } } -// END Controller class /* End of file Controller.php */ -/* Location: ./system/core/Controller.php */ \ No newline at end of file +/* Location: ./system/core/Controller.php */ diff --git a/system/core/Exceptions.php b/system/core/Exceptions.php index 3737f2930..9b672ac54 100755 --- a/system/core/Exceptions.php +++ b/system/core/Exceptions.php @@ -1,13 +1,13 @@ - 'Error', - E_WARNING => 'Warning', - E_PARSE => 'Parsing Error', - E_NOTICE => 'Notice', - E_CORE_ERROR => 'Core Error', - E_CORE_WARNING => 'Core Warning', - E_COMPILE_ERROR => 'Compile Error', - E_COMPILE_WARNING => 'Compile Warning', - E_USER_ERROR => 'User Error', - E_USER_WARNING => 'User Warning', - E_USER_NOTICE => 'User Notice', - E_STRICT => 'Runtime Notice' - ); + public $levels = array( + E_ERROR => 'Error', + E_WARNING => 'Warning', + E_PARSE => 'Parsing Error', + E_NOTICE => 'Notice', + E_CORE_ERROR => 'Core Error', + E_CORE_WARNING => 'Core Warning', + E_COMPILE_ERROR => 'Compile Error', + E_COMPILE_WARNING => 'Compile Warning', + E_USER_ERROR => 'User Error', + E_USER_WARNING => 'User Warning', + E_USER_NOTICE => 'User Notice', + E_STRICT => 'Runtime Notice' + ); - - /** - * Constructor - */ public function __construct() { $this->ob_level = ob_get_level(); - // Note: Do not log messages from this constructor. + // Note: Do not log messages from this constructor. } // -------------------------------------------------------------------- @@ -89,17 +84,15 @@ class CI_Exceptions { * * This function logs PHP generated error messages * - * @access private * @param string the error severity * @param string the error string * @param string the error filepath * @param string the error line number - * @return string + * @return void */ - function log_exception($severity, $message, $filepath, $line) + public function log_exception($severity, $message, $filepath, $line) { $severity = ( ! isset($this->levels[$severity])) ? $severity : $this->levels[$severity]; - log_message('error', 'Severity: '.$severity.' --> '.$message. ' '.$filepath.' '.$line, TRUE); } @@ -108,15 +101,14 @@ class CI_Exceptions { /** * 404 Page Not Found Handler * - * @access private * @param string the page * @param bool log error yes/no * @return string */ - function show_404($page = '', $log_error = TRUE) + public function show_404($page = '', $log_error = TRUE) { - $heading = "404 Page Not Found"; - $message = "The page you requested was not found."; + $heading = '404 Page Not Found'; + $message = 'The page you requested was not found.'; // By default we log this, but allow a dev to skip it if ($log_error) @@ -137,14 +129,13 @@ class CI_Exceptions { * (either as a string or an array) and displays * it using the specified template. * - * @access private * @param string the heading * @param string the message * @param string the template name * @param int the status code * @return string */ - function show_error($heading, $message, $template = 'error_general', $status_code = 500) + public function show_error($heading, $message, $template = 'error_general', $status_code = 500) { set_status_header($status_code); @@ -155,7 +146,7 @@ class CI_Exceptions { ob_end_flush(); } ob_start(); - include(APPPATH.'errors/'.$template.'.php'); + include(APPPATH.'errors'.DIRECTORY_SEPARATOR.$template.'.php'); $buffer = ob_get_contents(); ob_end_clean(); return $buffer; @@ -166,7 +157,6 @@ class CI_Exceptions { /** * Native PHP error handler * - * @access private * @param string the error severity * @param string the error string * @param string the error filepath @@ -176,8 +166,7 @@ class CI_Exceptions { function show_php_error($severity, $message, $filepath, $line) { $severity = ( ! isset($this->levels[$severity])) ? $severity : $this->levels[$severity]; - - $filepath = str_replace("\\", "/", $filepath); + $filepath = str_replace('\\', '/', $filepath); // For safety reasons we do not show the full file path if (FALSE !== strpos($filepath, '/')) @@ -191,15 +180,13 @@ class CI_Exceptions { ob_end_flush(); } ob_start(); - include(APPPATH.'errors/error_php.php'); + include(APPPATH.'errors'.DIRECTORY_SEPARATOR.'error_php.php'); $buffer = ob_get_contents(); ob_end_clean(); echo $buffer; } - } -// END Exceptions Class /* End of file Exceptions.php */ -/* Location: ./system/core/Exceptions.php */ \ No newline at end of file +/* Location: ./system/core/Exceptions.php */ -- cgit v1.2.3-24-g4f1b From 64e98aab6ba2c692a881035245efb94a76deb428 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 7 Jan 2012 20:29:10 +0200 Subject: Improve code Input & Model libraries --- system/core/Input.php | 97 ++++++++++++++++++--------------------------------- system/core/Model.php | 19 ++++------ 2 files changed, 39 insertions(+), 77 deletions(-) (limited to 'system/core') diff --git a/system/core/Input.php b/system/core/Input.php index 7cfa4c63f..07bb30b15 100755 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -1,13 +1,13 @@ -_allow_get_array = (config_item('allow_get_array') === TRUE); - $this->_enable_xss = (config_item('global_xss_filtering') === TRUE); - $this->_enable_csrf = (config_item('csrf_protection') === TRUE); + $this->_enable_xss = (config_item('global_xss_filtering') === TRUE); + $this->_enable_csrf = (config_item('csrf_protection') === TRUE); global $SEC; $this->security =& $SEC; @@ -122,7 +122,6 @@ class CI_Input { * * This is a helper function to retrieve values from global arrays * - * @access protected * @param array * @param string * @param bool @@ -148,7 +147,6 @@ class CI_Input { /** * Fetch an item from the GET array * - * @access public * @param string * @param bool * @return string @@ -176,7 +174,6 @@ class CI_Input { /** * Fetch an item from the POST array * - * @access public * @param string * @param bool * @return string @@ -205,21 +202,15 @@ class CI_Input { /** * Fetch an item from either the GET array or the POST * - * @access public * @param string The index key * @param bool XSS cleaning * @return string */ public function get_post($index = '', $xss_clean = FALSE) { - if ( ! isset($_POST[$index]) ) - { - return $this->get($index, $xss_clean); - } - else - { - return $this->post($index, $xss_clean); - } + return ( ! isset($_POST[$index])) + ? $this->get($index, $xss_clean) + : $this->post($index, $xss_clean); } // -------------------------------------------------------------------- @@ -227,7 +218,6 @@ class CI_Input { /** * Fetch an item from the COOKIE array * - * @access public * @param string * @param bool * @return string @@ -245,7 +235,6 @@ class CI_Input { * Accepts six parameter, or you can submit an associative * array in the first parameter containing all the values. * - * @access public * @param mixed * @param string the value of the cookie * @param string the number of seconds until expiration @@ -303,7 +292,6 @@ class CI_Input { /** * Fetch an item from the SERVER array * - * @access public * @param string * @param bool * @return string @@ -318,7 +306,6 @@ class CI_Input { /** * Fetch the IP Address * - * @access public * @return string */ public function ip_address() @@ -335,7 +322,7 @@ class CI_Input { $this->ip_address = in_array($_SERVER['REMOTE_ADDR'], $proxies) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR']; } - elseif (! $this->server('HTTP_CLIENT_IP') AND $this->server('REMOTE_ADDR')) + elseif ( ! $this->server('HTTP_CLIENT_IP') AND $this->server('REMOTE_ADDR')) { $this->ip_address = $_SERVER['REMOTE_ADDR']; } @@ -354,8 +341,7 @@ class CI_Input { if ($this->ip_address === FALSE) { - $this->ip_address = '0.0.0.0'; - return $this->ip_address; + return $this->ip_address = '0.0.0.0'; } if (strpos($this->ip_address, ',') !== FALSE) @@ -366,7 +352,7 @@ class CI_Input { if ( ! $this->valid_ip($this->ip_address)) { - $this->ip_address = '0.0.0.0'; + return $this->ip_address = '0.0.0.0'; } return $this->ip_address; @@ -379,7 +365,6 @@ class CI_Input { * * Updated version suggested by Geert De Deckere * - * @access public * @param string * @return bool */ @@ -394,7 +379,7 @@ class CI_Input { $ip_segments = explode('.', $ip); // Always 4 segments needed - if (count($ip_segments) != 4) + if (count($ip_segments) !== 4) { return FALSE; } @@ -422,7 +407,6 @@ class CI_Input { /** * User Agent * - * @access public * @return string */ public function user_agent() @@ -432,9 +416,7 @@ class CI_Input { return $this->user_agent; } - $this->user_agent = ( ! isset($_SERVER['HTTP_USER_AGENT'])) ? FALSE : $_SERVER['HTTP_USER_AGENT']; - - return $this->user_agent; + return $this->user_agent = ( ! isset($_SERVER['HTTP_USER_AGENT'])) ? FALSE : $_SERVER['HTTP_USER_AGENT']; } // -------------------------------------------------------------------- @@ -444,22 +426,20 @@ class CI_Input { * * This function does the following: * - * Unsets $_GET data (if query strings are not enabled) - * - * Unsets all globals if register_globals is enabled + * - Unsets $_GET data (if query strings are not enabled) + * - Unsets all globals if register_globals is enabled + * - Standardizes newline characters to \n * - * Standardizes newline characters to \n - * - * @access private * @return void */ private function _sanitize_globals() { // It would be "wrong" to unset any of these GLOBALS. $protected = array('_SERVER', '_GET', '_POST', '_FILES', '_REQUEST', - '_SESSION', '_ENV', 'GLOBALS', 'HTTP_RAW_POST_DATA', - 'system_folder', 'application_folder', 'BM', 'EXT', - 'CFG', 'URI', 'RTR', 'OUT', 'IN'); + '_SESSION', '_ENV', 'GLOBALS', 'HTTP_RAW_POST_DATA', + 'system_folder', 'application_folder', 'BM', 'EXT', + 'CFG', 'URI', 'RTR', 'OUT', 'IN' + ); // Unset globals for securiy. // This is effectively the same as register_globals = off @@ -532,7 +512,6 @@ class CI_Input { // Sanitize PHP_SELF $_SERVER['PHP_SELF'] = strip_tags($_SERVER['PHP_SELF']); - // CSRF Protection check if ($this->_enable_csrf == TRUE) { @@ -550,7 +529,6 @@ class CI_Input { * This is a helper function. It escapes data and * standardizes newline characters to \n * - * @access private * @param string * @return string */ @@ -592,12 +570,9 @@ class CI_Input { } // Standardize newlines if needed - if ($this->_standardize_newlines == TRUE) + if ($this->_standardize_newlines == TRUE AND strpos($str, "\r") !== FALSE) { - if (strpos($str, "\r") !== FALSE) - { - $str = str_replace(array("\r\n", "\r", "\r\n\n"), PHP_EOL, $str); - } + return str_replace(array("\r\n", "\r", "\r\n\n"), PHP_EOL, $str); } return $str; @@ -612,13 +587,12 @@ class CI_Input { * from trying to exploit keys we make sure that keys are * only named with alpha-numeric text and a few other items. * - * @access private * @param string * @return string */ private function _clean_input_keys($str) { - if ( ! preg_match("/^[a-z0-9:_\/-]+$/i", $str)) + if ( ! preg_match('/^[a-z0-9:_\/-]+$/i', $str)) { exit('Disallowed Key Characters.'); } @@ -626,7 +600,7 @@ class CI_Input { // Clean UTF-8 if supported if (UTF8_ENABLED === TRUE) { - $str = $this->uni->clean_string($str); + return $this->uni->clean_string($str); } return $str; @@ -640,10 +614,8 @@ class CI_Input { * In Apache, you can simply call apache_request_headers(), however for * people running other webservers the function is undefined. * - * @access public * @param bool XSS cleaning - * - * @return array + * @return array */ public function request_headers($xss_clean = FALSE) { @@ -658,7 +630,7 @@ class CI_Input { foreach ($_SERVER as $key => $val) { - if (strncmp($key, 'HTTP_', 5) === 0) + if (strpos($key, 'HTTP_') === 0) { $headers[substr($key, 5)] = $this->_fetch_from_array($_SERVER, $key, $xss_clean); } @@ -684,7 +656,6 @@ class CI_Input { * * Returns the value of a single member of the headers class member * - * @access public * @param string array key for $this->headers * @param boolean XSS Clean or not * @return mixed FALSE on failure, string on success @@ -716,7 +687,6 @@ class CI_Input { * * Test to see if a request contains the HTTP_X_REQUESTED_WITH header * - * @access public * @return boolean */ public function is_ajax_request() @@ -731,12 +701,11 @@ class CI_Input { * * Test to see if a request was made from the command line * - * @access public * @return boolean */ public function is_cli_request() { - return (php_sapi_name() == 'cli') or defined('STDIN'); + return (php_sapi_name() === 'cli') or defined('STDIN'); } } diff --git a/system/core/Model.php b/system/core/Model.php index fc640139a..cd64468b8 100755 --- a/system/core/Model.php +++ b/system/core/Model.php @@ -1,13 +1,13 @@ -$key; } } -// END Model Class /* End of file Model.php */ -/* Location: ./system/core/Model.php */ \ No newline at end of file +/* Location: ./system/core/Model.php */ -- cgit v1.2.3-24-g4f1b From 1f5fbb6cb35f5d234f9f2c95f730b13a9015f3c2 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 7 Jan 2012 20:53:29 +0200 Subject: Improve the core Output library --- system/core/Output.php | 150 +++++++++++++++---------------------------------- 1 file changed, 46 insertions(+), 104 deletions(-) (limited to 'system/core') diff --git a/system/core/Output.php b/system/core/Output.php index e529f914d..272545046 100755 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -1,13 +1,13 @@ -_zlib_oc = @ini_get('zlib.output_compression'); @@ -117,8 +105,7 @@ class CI_Output { $this->mime_types = $mimes; - - log_message('debug', "Output Class Initialized"); + log_message('debug', 'Output Class Initialized'); } // -------------------------------------------------------------------- @@ -128,10 +115,9 @@ class CI_Output { * * Returns the current output string * - * @access public * @return string */ - function get_output() + public function get_output() { return $this->final_output; } @@ -147,10 +133,9 @@ class CI_Output { * @param string * @return void */ - function set_output($output) + public function set_output($output) { $this->final_output = $output; - return $this; } @@ -161,11 +146,10 @@ class CI_Output { * * Appends data onto the output string * - * @access public * @param string * @return void */ - function append_output($output) + public function append_output($output) { if ($this->final_output == '') { @@ -189,25 +173,22 @@ class CI_Output { * Note: If a file is cached, headers will not be sent. We need to figure out * how to permit header data to be saved with the cache data... * - * @access public * @param string * @param bool * @return void */ - function set_header($header, $replace = TRUE) + public function set_header($header, $replace = TRUE) { // If zlib.output_compression is enabled it will compress the output, // but it will not modify the content-length header to compensate for // the reduction, causing the browser to hang waiting for more data. // We'll just skip content-length in those cases. - if ($this->_zlib_oc && strncasecmp($header, 'content-length', 14) == 0) { return; } $this->headers[] = array($header, $replace); - return $this; } @@ -216,11 +197,10 @@ class CI_Output { /** * Set Content Type Header * - * @access public * @param string extension of the file we're outputting * @return void */ - function set_content_type($mime_type) + public function set_content_type($mime_type) { if (strpos($mime_type, '/') === FALSE) { @@ -241,7 +221,6 @@ class CI_Output { $header = 'Content-Type: '.$mime_type; $this->headers[] = array($header, TRUE); - return $this; } @@ -251,15 +230,13 @@ class CI_Output { * Set HTTP Status Header * moved to Common procedural functions in 1.7.2 * - * @access public * @param int the status code * @param string * @return void */ - function set_status_header($code = 200, $text = '') + public function set_status_header($code = 200, $text = '') { set_status_header($code, $text); - return $this; } @@ -268,14 +245,12 @@ class CI_Output { /** * Enable/disable Profiler * - * @access public * @param bool * @return void */ - function enable_profiler($val = TRUE) + public function enable_profiler($val = TRUE) { $this->enable_profiler = (is_bool($val)) ? $val : TRUE; - return $this; } @@ -286,11 +261,10 @@ class CI_Output { * * Allows override of default / config settings for Profiler section display * - * @access public * @param array * @return void */ - function set_profiler_sections($sections) + public function set_profiler_sections($sections) { foreach ($sections as $section => $enable) { @@ -305,14 +279,12 @@ class CI_Output { /** * Set Cache * - * @access public * @param integer * @return void */ - function cache($time) + publi function cache($time) { $this->cache_expiration = ( ! is_numeric($time)) ? 0 : $time; - return $this; } @@ -329,11 +301,10 @@ class CI_Output { * with any server headers and profile data. It also stops the * benchmark timer so the page rendering speed and memory usage can be shown. * - * @access public * @param string * @return mixed */ - function _display($output = '') + public function _display($output = '') { // Note: We use globals because we can't use $CI =& get_instance() // since this function is sometimes called by the caching mechanism, @@ -375,22 +346,17 @@ class CI_Output { { $memory = ( ! function_exists('memory_get_usage')) ? '0' : round(memory_get_usage()/1024/1024, 2).'MB'; - $output = str_replace('{elapsed_time}', $elapsed, $output); - $output = str_replace('{memory_usage}', $memory, $output); + $output = str_replace(array('{elapsed_time}', '{memory_usage}'), array($elapsed, $memory), $output); } // -------------------------------------------------------------------- // Is compression requested? - if ($CFG->item('compress_output') === TRUE && $this->_zlib_oc == FALSE) + if ($CFG->item('compress_output') === TRUE && $this->_zlib_oc == FALSE + && extension_loaded('zlib') + && isset($_SERVER['HTTP_ACCEPT_ENCODING']) && strpos($_SERVER['HTTP_ACCEPT_ENCODING'], 'gzip') !== FALSE) { - if (extension_loaded('zlib')) - { - if (isset($_SERVER['HTTP_ACCEPT_ENCODING']) AND strpos($_SERVER['HTTP_ACCEPT_ENCODING'], 'gzip') !== FALSE) - { - ob_start('ob_gzhandler'); - } - } + ob_start('ob_gzhandler'); } // -------------------------------------------------------------------- @@ -412,8 +378,8 @@ class CI_Output { if ( ! isset($CI)) { echo $output; - log_message('debug', "Final output sent to browser"); - log_message('debug', "Total execution time: ".$elapsed); + log_message('debug', 'Final output sent to browser'); + log_message('debug', 'Total execution time: '.$elapsed); return TRUE; } @@ -424,7 +390,6 @@ class CI_Output { if ($this->enable_profiler == TRUE) { $CI->load->library('profiler'); - if ( ! empty($this->_profiler_sections)) { $CI->profiler->set_sections($this->_profiler_sections); @@ -432,16 +397,11 @@ class CI_Output { // If the output data contains closing and tags // we will remove them and add them back after we insert the profile data - if (preg_match("|.*?|is", $output)) + $output = preg_replace('|.*?|is', '', $output, $count).$CI->profiler->run(); + if ($count > 0) { - $output = preg_replace("|.*?|is", '', $output); - $output .= $CI->profiler->run(); $output .= ''; } - else - { - $output .= $CI->profiler->run(); - } } // -------------------------------------------------------------------- @@ -457,8 +417,8 @@ class CI_Output { echo $output; // Send it to the browser! } - log_message('debug', "Final output sent to browser"); - log_message('debug', "Total execution time: ".$elapsed); + log_message('debug', 'Final output sent to browser'); + log_message('debug', 'Total execution time: '.$elapsed); } // -------------------------------------------------------------------- @@ -466,20 +426,18 @@ class CI_Output { /** * Write a Cache File * - * @access public * @param string * @return void */ - function _write_cache($output) + public function _write_cache($output) { $CI =& get_instance(); $path = $CI->config->item('cache_path'); - $cache_path = ($path == '') ? APPPATH.'cache/' : $path; if ( ! is_dir($cache_path) OR ! is_really_writable($cache_path)) { - log_message('error', "Unable to write cache file: ".$cache_path); + log_message('error', 'Unable to write cache file: '.$cache_path); return; } @@ -491,7 +449,7 @@ class CI_Output { if ( ! $fp = @fopen($cache_path, FOPEN_WRITE_CREATE_DESTRUCTIVE)) { - log_message('error', "Unable to write cache file: ".$cache_path); + log_message('error', 'Unable to write cache file: '.$cache_path); return; } @@ -504,13 +462,13 @@ class CI_Output { } else { - log_message('error', "Unable to secure a file lock for file at: ".$cache_path); + log_message('error', 'Unable to secure a file lock for file at: '.$cache_path); return; } fclose($fp); @chmod($cache_path, FILE_WRITE_MODE); - log_message('debug', "Cache file written: ".$cache_path); + log_message('debug', 'Cache file written: '.$cache_path); } // -------------------------------------------------------------------- @@ -518,69 +476,53 @@ class CI_Output { /** * Update/serve a cached file * - * @access public * @param object config class * @param object uri class * @return void */ - function _display_cache(&$CFG, &$URI) + public function _display_cache(&$CFG, &$URI) { $cache_path = ($CFG->item('cache_path') == '') ? APPPATH.'cache/' : $CFG->item('cache_path'); - // Build the file path. The file name is an MD5 hash of the full URI - $uri = $CFG->item('base_url'). - $CFG->item('index_page'). - $URI->uri_string; - + // Build the file path. The file name is an MD5 hash of the full URI + $uri = $CFG->item('base_url').$CFG->item('index_page').$URI->uri_string; $filepath = $cache_path.md5($uri); - if ( ! @file_exists($filepath)) - { - return FALSE; - } - - if ( ! $fp = @fopen($filepath, FOPEN_READ)) + if ( ! @file_exists($filepath) + OR ! $fp = @fopen($filepath, FOPEN_READ)) { return FALSE; } flock($fp, LOCK_SH); - $cache = ''; - if (filesize($filepath) > 0) - { - $cache = fread($fp, filesize($filepath)); - } + $cache = (filesize($filepath) > 0) ? fread($fp, filesize($filepath)) : ''; flock($fp, LOCK_UN); fclose($fp); // Strip out the embedded timestamp - if ( ! preg_match("/(\d+TS--->)/", $cache, $match)) + if ( ! preg_match('/(\d+TS--->)/', $cache, $match)) { return FALSE; } // Has the file expired? If so we'll delete it. - if (time() >= trim(str_replace('TS--->', '', $match['1']))) + if (time() >= trim(str_replace('TS--->', '', $match[1])) + AND is_really_writable($cache_path)) { - if (is_really_writable($cache_path)) - { - @unlink($filepath); - log_message('debug', "Cache file has expired. File deleted"); - return FALSE; - } + @unlink($filepath); + log_message('debug', 'Cache file has expired. File deleted.'); + return FALSE; } // Display the cache - $this->_display(str_replace($match['0'], '', $cache)); - log_message('debug', "Cache file is current. Sending it to browser."); + $this->_display(str_replace($match[0], '', $cache)); + log_message('debug', 'Cache file is current. Sending it to browser.'); return TRUE; } - } -// END Output Class /* End of file Output.php */ -/* Location: ./system/core/Output.php */ \ No newline at end of file +/* Location: ./system/core/Output.php */ -- cgit v1.2.3-24-g4f1b From ba6c04113313d49618b00c434fd5eedc6ab8a653 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 7 Jan 2012 21:10:09 +0200 Subject: Improve the core Router library --- system/core/Router.php | 107 +++++++++++++++++-------------------------------- 1 file changed, 37 insertions(+), 70 deletions(-) (limited to 'system/core') diff --git a/system/core/Router.php b/system/core/Router.php index 8cad86888..d21319565 100755 --- a/system/core/Router.php +++ b/system/core/Router.php @@ -1,13 +1,13 @@ -config =& load_class('Config', 'core'); $this->uri =& load_class('URI', 'core'); - log_message('debug', "Router Class Initialized"); + log_message('debug', 'Router Class Initialized'); } // -------------------------------------------------------------------- @@ -110,12 +103,11 @@ class CI_Router { * This function determines what should be served based on the URI request, * as well as any "routes" that have been set in the routing config file. * - * @access private * @return void */ - function _set_routing() + public function _set_routing() { - // Are query strings enabled in the config file? Normally CI doesn't utilize query strings + // Are query strings enabled in the config file? Normally CI doesn't utilize query strings // since URI segments are more search-engine friendly, but they can optionally be used. // If this feature is enabled, we will gather the directory/class/method a little differently $segments = array(); @@ -157,7 +149,7 @@ class CI_Router { // the URI doesn't correlated to a valid controller. $this->default_controller = ( ! isset($this->routes['default_controller']) OR $this->routes['default_controller'] == '') ? FALSE : strtolower($this->routes['default_controller']); - // Were there any query string segments? If so, we'll validate them and bail out since we're done. + // Were there any query string segments? If so, we'll validate them and bail out since we're done. if (count($segments) > 0) { return $this->_validate_request($segments); @@ -172,17 +164,10 @@ class CI_Router { return $this->_set_default_controller(); } - // Do we need to remove the URL suffix? - $this->uri->_remove_url_suffix(); - - // Compile the segments into an array - $this->uri->_explode_segments(); - - // Parse any custom routing that may exist - $this->_parse_routes(); - - // Re-index the segment array so that it starts with 1 rather than 0 - $this->uri->_reindex_segments(); + $this->uri->_remove_url_suffix(); // Remove the URL suffix + $this->uri->_explode_segments(); // Compile the segments into an array + $this->_parse_routes(); // Parse any custom routing that may exist + $this->uri->_reindex_segments(); // Re-index the segment array so that it starts with 1 rather than 0 } // -------------------------------------------------------------------- @@ -190,20 +175,18 @@ class CI_Router { /** * Set the default controller * - * @access private * @return void */ - function _set_default_controller() + protected function _set_default_controller() { if ($this->default_controller === FALSE) { - show_error("Unable to determine what should be displayed. A default route has not been specified in the routing file."); + show_error('Unable to determine what should be displayed. A default route has not been specified in the routing file.'); } // Is the method being specified? if (strpos($this->default_controller, '/') !== FALSE) { $x = explode('/', $this->default_controller); - $this->set_class($x[0]); $this->set_method($x[1]); $this->_set_request($x); @@ -218,7 +201,7 @@ class CI_Router { // re-index the routed segments array so it starts with 1 rather than 0 $this->uri->_reindex_segments(); - log_message('debug', "No URI present. Default controller set."); + log_message('debug', 'No URI present. Default controller set.'); } // -------------------------------------------------------------------- @@ -229,16 +212,15 @@ class CI_Router { * This function takes an array of URI segments as * input, and sets the current class/method * - * @access private * @param array * @param bool * @return void */ - function _set_request($segments = array()) + protected function _set_request($segments = array()) { $segments = $this->_validate_request($segments); - if (count($segments) == 0) + if (count($segments) === 0) { return $this->_set_default_controller(); } @@ -269,13 +251,12 @@ class CI_Router { * Validates the supplied segments. Attempts to determine the path to * the controller. * - * @access private * @param array * @return array */ - function _validate_request($segments) + protected function _validate_request($segments) { - if (count($segments) == 0) + if (count($segments) === 0) { return $segments; } @@ -301,7 +282,6 @@ class CI_Router { if ( ! empty($this->routes['404_override'])) { $x = explode('/', $this->routes['404_override']); - $this->set_directory(''); $this->set_class($x[0]); $this->set_method(isset($x[1]) ? $x[1] : 'index'); @@ -320,7 +300,6 @@ class CI_Router { if (strpos($this->default_controller, '/') !== FALSE) { $x = explode('/', $this->default_controller); - $this->set_class($x[0]); $this->set_method($x[1]); } @@ -344,18 +323,16 @@ class CI_Router { // If we've gotten this far it means that the URI does not correlate to a valid - // controller class. We will now see if there is an override + // controller class. We will now see if there is an override if ( ! empty($this->routes['404_override'])) { $x = explode('/', $this->routes['404_override']); - $this->set_class($x[0]); $this->set_method(isset($x[1]) ? $x[1] : 'index'); return $x; } - // Nothing else to do at this point but show a 404 show_404($segments[0]); } @@ -369,10 +346,9 @@ class CI_Router { * the config/routes.php file against the URI to * determine if the class/method need to be remapped. * - * @access private * @return void */ - function _parse_routes() + protected function _parse_routes() { // Turn the segment array into a URI string $uri = implode('/', $this->uri->segments); @@ -387,7 +363,7 @@ class CI_Router { foreach ($this->routes as $key => $val) { // Convert wild-cards to RegEx - $key = str_replace(':any', '.+', str_replace(':num', '[0-9]+', $key)); + $key = str_replace(array(':any', ':num'), array('.+', '[0-9]+'), $key); // Does the RegEx match? if (preg_match('#^'.$key.'$#', $uri)) @@ -412,11 +388,10 @@ class CI_Router { /** * Set the class name * - * @access public * @param string * @return void */ - function set_class($class) + public function set_class($class) { $this->class = str_replace(array('/', '.'), '', $class); } @@ -426,10 +401,9 @@ class CI_Router { /** * Fetch the current class * - * @access public * @return string */ - function fetch_class() + public function fetch_class() { return $this->class; } @@ -439,11 +413,10 @@ class CI_Router { /** * Set the method name * - * @access public * @param string * @return void */ - function set_method($method) + public function set_method($method) { $this->method = $method; } @@ -453,10 +426,9 @@ class CI_Router { /** * Fetch the current method * - * @access public * @return string */ - function fetch_method() + public function fetch_method() { if ($this->method == $this->fetch_class()) { @@ -471,11 +443,10 @@ class CI_Router { /** * Set the directory name * - * @access public * @param string * @return void */ - function set_directory($dir) + public function set_directory($dir) { $this->directory = str_replace(array('/', '.'), '', $dir).'/'; } @@ -485,10 +456,9 @@ class CI_Router { /** * Fetch the sub-directory (if any) that contains the requested controller class * - * @access public * @return string */ - function fetch_directory() + public function fetch_directory() { return $this->directory; } @@ -498,11 +468,10 @@ class CI_Router { /** * Set the controller overrides * - * @access public * @param array * @return null */ - function _set_overrides($routing) + public function _set_overrides($routing) { if ( ! is_array($routing)) { @@ -526,9 +495,7 @@ class CI_Router { } } - } -// END Router Class /* End of file Router.php */ -/* Location: ./system/core/Router.php */ \ No newline at end of file +/* Location: ./system/core/Router.php */ -- cgit v1.2.3-24-g4f1b From fdc63828a876e87742380a4ae077e43f514320b8 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 7 Jan 2012 21:17:46 +0200 Subject: Revert DIRECTORY_SEPARATOR changes --- system/core/Controller.php | 2 +- system/core/Exceptions.php | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) (limited to 'system/core') diff --git a/system/core/Controller.php b/system/core/Controller.php index 5ae0b0924..0dc131701 100644 --- a/system/core/Controller.php +++ b/system/core/Controller.php @@ -57,7 +57,7 @@ class CI_Controller { $this->load =& load_class('Loader', 'core'); $this->load->initialize(); - log_message('debug', "Controller Class Initialized"); + log_message('debug', 'Controller Class Initialized'); } public static function &get_instance() diff --git a/system/core/Exceptions.php b/system/core/Exceptions.php index 9b672ac54..bf9901252 100755 --- a/system/core/Exceptions.php +++ b/system/core/Exceptions.php @@ -146,7 +146,7 @@ class CI_Exceptions { ob_end_flush(); } ob_start(); - include(APPPATH.'errors'.DIRECTORY_SEPARATOR.$template.'.php'); + include(APPPATH.'errors/'.$template.'.php'); $buffer = ob_get_contents(); ob_end_clean(); return $buffer; @@ -180,7 +180,7 @@ class CI_Exceptions { ob_end_flush(); } ob_start(); - include(APPPATH.'errors'.DIRECTORY_SEPARATOR.'error_php.php'); + include(APPPATH.'errors/'.'error_php.php'); $buffer = ob_get_contents(); ob_end_clean(); echo $buffer; -- cgit v1.2.3-24-g4f1b From d52b242545376db2eb8146f16125819a391db763 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 7 Jan 2012 21:28:32 +0200 Subject: Reverted DIRECTORY_SEPARATOR changes --- system/core/Config.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'system/core') diff --git a/system/core/Config.php b/system/core/Config.php index 55da4e338..66369115a 100755 --- a/system/core/Config.php +++ b/system/core/Config.php @@ -73,7 +73,7 @@ class CI_Config { public function __construct() { $this->config =& get_config(); - log_message('debug', "Config Class Initialized"); + log_message('debug', 'Config Class Initialized'); // Set the base_url automatically if none was provided if ($this->config['base_url'] == '') @@ -111,12 +111,12 @@ class CI_Config { foreach ($this->_config_paths as $path) { $check_locations = defined('ENVIRONMENT') - ? array(ENVIRONMENT.DIRECTORY_SEPARATOR.$file, $file) + ? array(ENVIRONMENT.'/'.$file, $file) : array($file); foreach ($check_locations as $location) { - $file_path = $path.'config'.DIRECTORY_SEPARATOR.$location.'.php'; + $file_path = $path.'config/'.$location.'.php'; if (in_array($file_path, $this->is_loaded, TRUE)) { -- cgit v1.2.3-24-g4f1b From 536b771cfe2f459890c2c0865fd08411df352318 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 7 Jan 2012 21:31:25 +0200 Subject: Reverted DIRECTORY_SEPARATOR changes --- system/core/Common.php | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) (limited to 'system/core') diff --git a/system/core/Common.php b/system/core/Common.php index abbe789e2..6ef229629 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -94,7 +94,7 @@ if ( ! function_exists('is_really_writable')) */ if (is_dir($file)) { - $file = rtrim($file, '/\\').DIRECTORY_SEPARATOR.md5(mt_rand(1,100).mt_rand(1,100)); + $file = rtrim($file, '/').'/'.md5(mt_rand(1,100).mt_rand(1,100)); if (($fp = @fopen($file, FOPEN_WRITE_CREATE)) === FALSE) { return FALSE; @@ -148,13 +148,13 @@ if ( ! function_exists('load_class')) // then in the native system/libraries folder foreach (array(APPPATH, BASEPATH) as $path) { - if (file_exists($path.$directory.DIRECTORY_SEPARATOR.$class.'.php')) + if (file_exists($path.$directory.'/'.$class.'.php')) { $name = $prefix.$class; if (class_exists($name) === FALSE) { - require($path.$directory.DIRECTORY_SEPARATOR.$class.'.php'); + require($path.$directory.'/'.$class.'.php'); } break; @@ -162,13 +162,13 @@ if ( ! function_exists('load_class')) } // Is the request a class extension? If so we load it too - if (file_exists(APPPATH.$directory.DIRECTORY_SEPARATOR.config_item('subclass_prefix').$class.'.php')) + if (file_exists(APPPATH.$directory.'/'.config_item('subclass_prefix').$class.'.php')) { $name = config_item('subclass_prefix').$class; if (class_exists($name) === FALSE) { - require(APPPATH.$directory.DIRECTORY_SEPARATOR.config_item('subclass_prefix').$class.'.php'); + require(APPPATH.$directory.'/'.config_item('subclass_prefix').$class.'.php'); } } @@ -235,9 +235,9 @@ if ( ! function_exists('get_config')) } // Is the config file in the environment folder? - if ( ! defined('ENVIRONMENT') OR ! file_exists($file_path = APPPATH.'config'.DIRECTORY_SEPARATOR.ENVIRONMENT.DIRECTORY_SEPARATOR.'config.php')) + if ( ! defined('ENVIRONMENT') OR ! file_exists($file_path = APPPATH.'config/'.ENVIRONMENT..'/config.php')) { - $file_path = APPPATH.'config'.DIRECTORY_SEPARATOR.'config.php'; + $file_path = APPPATH.'config/config.php'; } // Fetch the config file -- cgit v1.2.3-24-g4f1b From 88d03c48d5a11f3419feb2409a76bf0591575fd2 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 7 Jan 2012 21:59:00 +0200 Subject: Switch quotes --- system/core/Model.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Model.php b/system/core/Model.php index cd64468b8..a595a6ae2 100755 --- a/system/core/Model.php +++ b/system/core/Model.php @@ -40,7 +40,7 @@ class CI_Model { public function __construct() { - log_message('debug', "Model Class Initialized"); + log_message('debug', 'Model Class Initialized'); } /** -- cgit v1.2.3-24-g4f1b From f9938a2cf9af2341b1f44e6c465852405fc15897 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 7 Jan 2012 22:10:47 +0200 Subject: Improve core Hooks & Lang libraries --- system/core/Hooks.php | 41 ++++++++++++++--------------------------- system/core/Lang.php | 26 +++++++++----------------- 2 files changed, 23 insertions(+), 44 deletions(-) (limited to 'system/core') diff --git a/system/core/Hooks.php b/system/core/Hooks.php index 174adcb19..e1ac58e6e 100755 --- a/system/core/Hooks.php +++ b/system/core/Hooks.php @@ -1,13 +1,13 @@ -_initialize(); - log_message('debug', "Hooks Class Initialized"); + log_message('debug', 'Hooks Class Initialized'); } // -------------------------------------------------------------------- @@ -74,24 +70,20 @@ class CI_Hooks { /** * Initialize the Hooks Preferences * - * @access private * @return void */ - function _initialize() + private function _initialize() { $CFG =& load_class('Config', 'core'); // If hooks are not enabled in the config file // there is nothing else to do - if ($CFG->item('enable_hooks') == FALSE) { return; } // Grab the "hooks" definition file. - // If there are no hooks, we're done. - if (defined('ENVIRONMENT') AND is_file(APPPATH.'config/'.ENVIRONMENT.'/hooks.php')) { include(APPPATH.'config/'.ENVIRONMENT.'/hooks.php'); @@ -101,7 +93,7 @@ class CI_Hooks { include(APPPATH.'config/hooks.php'); } - + // If there are no hooks, we're done. if ( ! isset($hook) OR ! is_array($hook)) { return; @@ -116,13 +108,12 @@ class CI_Hooks { /** * Call Hook * - * Calls a particular hook + * Calls a particular hook. Called by CodeIgniter.php. * - * @access private * @param string the hook name * @return mixed */ - function _call_hook($which = '') + public function _call_hook($which = '') { if ( ! $this->enabled OR ! isset($this->hooks[$which])) { @@ -151,11 +142,10 @@ class CI_Hooks { * * Runs a particular hook * - * @access private * @param array the hook details * @return bool */ - function _run_hook($data) + protected function _run_hook($data) { if ( ! is_array($data)) { @@ -168,7 +158,6 @@ class CI_Hooks { // If the script being called happens to have the same // hook call within it a loop can happen - if ($this->in_progress == TRUE) { return; @@ -254,7 +243,5 @@ class CI_Hooks { } -// END CI_Hooks class - /* End of file Hooks.php */ -/* Location: ./system/core/Hooks.php */ \ No newline at end of file +/* Location: ./system/core/Hooks.php */ diff --git a/system/core/Lang.php b/system/core/Lang.php index 5eb2801f6..088cb6c9c 100755 --- a/system/core/Lang.php +++ b/system/core/Lang.php @@ -1,13 +1,13 @@ -language[$line])) ? FALSE : $this->language[$line]; @@ -166,7 +159,6 @@ class CI_Lang { } } -// END Language Class /* End of file Lang.php */ /* Location: ./system/core/Lang.php */ -- cgit v1.2.3-24-g4f1b From d72973519623f40f121e9cd2df93146ee2543a1f Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 7 Jan 2012 22:53:14 +0200 Subject: Improve the core Loader library --- system/core/Loader.php | 90 +++++++++++++++++++++----------------------------- 1 file changed, 37 insertions(+), 53 deletions(-) (limited to 'system/core') diff --git a/system/core/Loader.php b/system/core/Loader.php index c4a6b501c..689ae1ecd 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -1,13 +1,13 @@ - 'unit', - 'user_agent' => 'agent'); + protected $_ci_varmap = array( + 'unit_test' => 'unit', + 'user_agent' => 'agent' + ); /** * Constructor @@ -141,7 +130,7 @@ class CI_Loader { $this->_ci_model_paths = array(APPPATH); $this->_ci_view_paths = array(VIEWPATH => TRUE); - log_message('debug', "Loader Class Initialized"); + log_message('debug', 'Loader Class Initialized'); } // -------------------------------------------------------------------- @@ -162,7 +151,6 @@ class CI_Loader { $this->_base_classes =& is_loaded(); $this->_ci_autoloader(); - return $this; } @@ -311,9 +299,7 @@ class CI_Loader { require_once($mod_path.'models/'.$path.$model.'.php'); $model = ucfirst($model); - $CI->$name = new $model(); - $this->_ci_models[] = $name; return; } @@ -350,7 +336,7 @@ class CI_Loader { return DB($params, $active_record); } - // Initialize the db variable. Needed to prevent + // Initialize the db variable. Needed to prevent // reference errors with some configurations $CI->db = ''; @@ -716,11 +702,11 @@ class CI_Loader { if ($path == '') { - $void = array_shift($this->_ci_library_paths); - $void = array_shift($this->_ci_model_paths); - $void = array_shift($this->_ci_helper_paths); - $void = array_shift($this->_ci_view_paths); - $void = array_shift($config->_config_paths); + array_shift($this->_ci_library_paths); + array_shift($this->_ci_model_paths); + array_shift($this->_ci_helper_paths); + array_shift($this->_ci_view_paths); + array_shift($config->_config_paths); } else { @@ -808,7 +794,6 @@ class CI_Loader { // This allows anything loaded using $this->load (views, files, etc.) // to become accessible from within the Controller and Model functions. - $_ci_CI =& get_instance(); foreach (get_object_vars($_ci_CI) as $_ci_key => $_ci_var) { @@ -837,12 +822,11 @@ class CI_Loader { * * We buffer the output for two reasons: * 1. Speed. You get a significant speed boost. - * 2. So that the final rendered template can be - * post-processed by the output class. Why do we - * need post processing? For one thing, in order to - * show the elapsed page load time. Unless we - * can intercept the content right before it's sent to - * the browser and then stop the timer it won't be accurate. + * 2. So that the final rendered template can be post-processed by + * the output class. Why do we need post processing? For one thing, + * in order to show the elapsed page load time. Unless we can + * intercept the content right before it's sent to the browser and + * then stop the timer it won't be accurate. */ ob_start(); @@ -915,10 +899,10 @@ class CI_Loader { if (($last_slash = strrpos($class, '/')) !== FALSE) { // Extract the path - $subdir = substr($class, 0, $last_slash + 1); + $subdir = substr($class, 0, ++$last_slash); // Get the filename from the path - $class = substr($class, $last_slash + 1); + $class = substr($class, $last_slash); } // We'll test for both lowercase and capitalized versions of the file name @@ -933,15 +917,15 @@ class CI_Loader { if ( ! file_exists($baseclass)) { - log_message('error', "Unable to load the requested class: ".$class); - show_error("Unable to load the requested class: ".$class); + log_message('error', 'Unable to load the requested class: '.$class); + show_error('Unable to load the requested class: '.$class); } - // Safety: Was the class already loaded by a previous call? + // Safety: Was the class already loaded by a previous call? if (in_array($subclass, $this->_ci_loaded_files)) { // Before we deem this to be a duplicate request, let's see - // if a custom object name is being supplied. If so, we'll + // if a custom object name is being supplied. If so, we'll // return a new instance of the object if ( ! is_null($object_name)) { @@ -953,7 +937,7 @@ class CI_Loader { } $is_duplicate = TRUE; - log_message('debug', $class." class already loaded. Second attempt ignored."); + log_message('debug', $class.' class already loaded. Second attempt ignored.'); return; } @@ -970,17 +954,17 @@ class CI_Loader { { $filepath = $path.'libraries/'.$subdir.$class.'.php'; - // Does the file exist? No? Bummer... + // Does the file exist? No? Bummer... if ( ! file_exists($filepath)) { continue; } - // Safety: Was the class already loaded by a previous call? + // Safety: Was the class already loaded by a previous call? if (in_array($filepath, $this->_ci_loaded_files)) { // Before we deem this to be a duplicate request, let's see - // if a custom object name is being supplied. If so, we'll + // if a custom object name is being supplied. If so, we'll // return a new instance of the object if ( ! is_null($object_name)) { @@ -992,7 +976,7 @@ class CI_Loader { } $is_duplicate = TRUE; - log_message('debug', $class." class already loaded. Second attempt ignored."); + log_message('debug', $class.' class already loaded. Second attempt ignored.'); return; } @@ -1003,7 +987,7 @@ class CI_Loader { } // END FOREACH - // One last attempt. Maybe the library is in a subdirectory, but it wasn't specified? + // One last attempt. Maybe the library is in a subdirectory, but it wasn't specified? if ($subdir == '') { $path = strtolower($class).'/'.$class; @@ -1014,8 +998,8 @@ class CI_Loader { // We do not issue errors if the load call failed due to a duplicate request if ($is_duplicate == FALSE) { - log_message('error', "Unable to load the requested class: ".$class); - show_error("Unable to load the requested class: ".$class); + log_message('error', 'Unable to load the requested class: '.$class); + show_error('Unable to load the requested class: '.$class); } } @@ -1094,12 +1078,12 @@ class CI_Loader { // Is the class name valid? if ( ! class_exists($name)) { - log_message('error', "Non-existent class: ".$name); - show_error("Non-existent class: ".$class); + log_message('error', 'Non-existent class: '.$name); + show_error('Non-existent class: '.$class); } // Set the variable name we will assign the class to - // Was a custom class name supplied? If so we'll use it + // Was a custom class name supplied? If so we'll use it $class = strtolower($class); if (is_null($object_name)) @@ -1271,4 +1255,4 @@ class CI_Loader { } /* End of file Loader.php */ -/* Location: ./system/core/Loader.php */ \ No newline at end of file +/* Location: ./system/core/Loader.php */ -- cgit v1.2.3-24-g4f1b From bb488dc3d4bbac9ac9a1860f066069e4bb4afdcb Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 7 Jan 2012 23:35:16 +0200 Subject: Improve the core Security library --- system/core/Security.php | 254 ++++++++++++++++++----------------------------- 1 file changed, 99 insertions(+), 155 deletions(-) (limited to 'system/core') diff --git a/system/core/Security.php b/system/core/Security.php index 272a8bf3f..d0d3c0803 100755 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -1,13 +1,13 @@ - '[removed]', - 'document.write' => '[removed]', - '.parentNode' => '[removed]', - '.innerHTML' => '[removed]', - 'window.location' => '[removed]', - '-moz-binding' => '[removed]', - '' => '-->', - ' '<![CDATA[', - '' => '<comment>' - ); + 'document.cookie' => '[removed]', + 'document.write' => '[removed]', + '.parentNode' => '[removed]', + '.innerHTML' => '[removed]', + 'window.location' => '[removed]', + '-moz-binding' => '[removed]', + '' => '-->', + ' '<![CDATA[', + '' => '<comment>' + ); /** * List of never allowed regex replacement * * @var array - * @access protected */ protected $_never_allowed_regex = array( - "javascript\s*:" => '[removed]', - "expression\s*(\(|&\#40;)" => '[removed]', // CSS and IE - "vbscript\s*:" => '[removed]', // IE, surprise! - "Redirect\s+302" => '[removed]' - ); + 'javascript\s*:', + 'expression\s*(\(|&\#40;)', // CSS and IE + 'vbscript\s*:', // IE, surprise! + 'Redirect\s+302' + ); - /** - * Constructor - */ public function __construct() { // CSRF config @@ -135,7 +124,7 @@ class CI_Security { // Set the CSRF hash $this->_csrf_set_hash(); - log_message('debug', "Security Class Initialized"); + log_message('debug', 'Security Class Initialized'); } // -------------------------------------------------------------------- @@ -148,7 +137,7 @@ class CI_Security { public function csrf_verify() { // If no POST data exists we will set the CSRF cookie - if (count($_POST) == 0) + if (count($_POST) === 0) { return $this->csrf_set_cookie(); } @@ -186,8 +175,7 @@ class CI_Security { $this->_csrf_set_hash(); $this->csrf_set_cookie(); - log_message('debug', "CSRF token verified"); - + log_message('debug', 'CSRF token verified'); return $this; } @@ -203,19 +191,13 @@ class CI_Security { $expire = time() + $this->_csrf_expire; $secure_cookie = (bool) config_item('cookie_secure'); - if ($secure_cookie) + if ($secure_cookie && ( ! isset($_SERVER['HTTPS']) OR $_SERVER['HTTPS'] == 'off' OR ! $_SERVER['HTTPS'])) { - $req = isset($_SERVER['HTTPS']) ? $_SERVER['HTTPS'] : FALSE; - - if ( ! $req OR $req == 'off') - { - return FALSE; - } + return FALSE; } setcookie($this->_csrf_cookie_name, $this->_csrf_hash, $expire, config_item('cookie_path'), config_item('cookie_domain'), $secure_cookie); - - log_message('debug', "CRSF cookie Set"); + log_message('debug', 'CRSF cookie Set'); return $this; } @@ -253,7 +235,7 @@ class CI_Security { * * Getter Method * - * @return string self::csrf_token_name + * @return string self::_csrf_token_name */ public function get_csrf_token_name() { @@ -273,7 +255,7 @@ class CI_Security { * the filter. * * Note: This function should only be used to deal with data - * upon submission. It's not something that should + * upon submission. It's not something that should * be used for general runtime processing. * * This function was based in part on some code and ideas I @@ -290,10 +272,7 @@ class CI_Security { */ public function xss_clean($str, $is_image = FALSE) { - /* - * Is the string an array? - * - */ + // Is the string an array? if (is_array($str)) { while (list($key) = each($str)) @@ -304,13 +283,8 @@ class CI_Security { return $str; } - /* - * Remove Invisible Characters - */ - $str = remove_invisible_characters($str); - - // Validate Entities in URLs - $str = $this->_validate_entities($str); + // Remove Invisible Characters and validate entities in URLs + $str = $this->_validate_entities(remove_invisible_characters($str)); /* * URL Decode @@ -320,7 +294,6 @@ class CI_Security { * Google * * Note: Use rawurldecode() so it does not remove plus signs - * */ $str = rawurldecode($str); @@ -332,14 +305,10 @@ class CI_Security { * these are the ones that will pose security problems. * */ - $str = preg_replace_callback("/[a-z]+=([\'\"]).*?\\1/si", array($this, '_convert_attribute'), $str); - $str = preg_replace_callback("/<\w+.*?(?=>|<|$)/si", array($this, '_decode_entity'), $str); - /* - * Remove Invisible Characters Again! - */ + // Remove Invisible Characters Again! $str = remove_invisible_characters($str); /* @@ -350,11 +319,7 @@ class CI_Security { * NOTE: preg_replace was found to be amazingly slow here on * large blocks of data, so we use str_replace. */ - - if (strpos($str, "\t") !== FALSE) - { - $str = str_replace("\t", ' ', $str); - } + $str = str_replace("\t", ' ', $str); /* * Capture converted string for later comparison @@ -378,7 +343,7 @@ class CI_Security { // Images have a tendency to have the PHP short opening and // closing tags every so often so we skip those and only // do the long opening tags. - $str = preg_replace('/<\?(php)/i', "<?\\1", $str); + $str = preg_replace('/<\?(php)/i', '<?\\1', $str); } else { @@ -415,19 +380,19 @@ class CI_Security { { $original = $str; - if (preg_match("/]*?)(>|$)#si", array($this, '_js_link_removal'), $str); + $str = preg_replace_callback('#]*?)(>|$)#si', array($this, '_js_link_removal'), $str); } - if (preg_match("/]*?)(\s?/?>|$)#si", array($this, '_js_img_removal'), $str); + $str = preg_replace_callback('#]*?)(\s?/?>|$)#si', array($this, '_js_img_removal'), $str); } - if (preg_match("/script/i", $str) OR preg_match("/xss/i", $str)) + if (preg_match('/(script|xss)/i', $str)) { - $str = preg_replace("#<(/*)(script|xss)(.*?)\>#si", '[removed]', $str); + $str = preg_replace('#<(/*)(script|xss)(.*?)\>#si', '[removed]', $str); } } while($original != $str); @@ -454,14 +419,16 @@ class CI_Security { * * Similar to above, only instead of looking for * tags it looks for PHP and JavaScript commands - * that are disallowed. Rather than removing the + * that are disallowed. Rather than removing the * code, it simply converts the parenthesis to entities * rendering the code un-executable. * * For example: eval('some code') - * Becomes: eval('some code') + * Becomes: eval('some code') */ - $str = preg_replace('#(alert|cmd|passthru|eval|exec|expression|system|fopen|fsockopen|file|file_get_contents|readfile|unlink)(\s*)\((.*?)\)#si', "\\1\\2(\\3)", $str); + $str = preg_replace('#(alert|cmd|passthru|eval|exec|expression|system|fopen|fsockopen|file|file_get_contents|readfile|unlink)(\s*)\((.*?)\)#si', + '\\1\\2(\\3)', + $str); // Final clean up @@ -478,13 +445,12 @@ class CI_Security { * string post-removal of XSS, then it fails, as there was unwanted XSS * code found and removed/changed during processing. */ - if ($is_image === TRUE) { - return ($str === $converted_string) ? TRUE : FALSE; + return ($str === $converted_string); } - log_message('debug', "XSS Filtering completed"); + log_message('debug', 'XSS Filtering completed'); return $str; } @@ -516,7 +482,7 @@ class CI_Security { * The reason we are not using html_entity_decode() by itself is because * while it is not technically correct to leave out the semicolon * at the end of an entity most browsers will still interpret the entity - * correctly. html_entity_decode() does not convert entities without + * correctly. html_entity_decode() does not convert entities without * semicolons, so we are left with our own little solution here. Bummer. * * @param string @@ -552,38 +518,23 @@ class CI_Security { public function sanitize_filename($str, $relative_path = FALSE) { $bad = array( - "../", - "", - "<", - ">", - "'", - '"', - '&', - '$', - '#', - '{', - '}', - '[', - ']', - '=', - ';', - '?', - "%20", - "%22", - "%3c", // < - "%253c", // < - "%3e", // > - "%0e", // > - "%28", // ( - "%29", // ) - "%2528", // ( - "%26", // & - "%24", // $ - "%3f", // ? - "%3b", // ; - "%3d" // = - ); + '../', '', '<', '>', + "'", '"', '&', '$', '#', + '{', '}', '[', ']', '=', + ';', '?', '%20', '%22', + '%3c', // < + '%253c', // < + '%3e', // > + '%0e', // > + '%28', // ( + '%29', // ) + '%2528', // ( + '%26', // & + '%24', // $ + '%3f', // ? + '%3b', // ; + '%3d' // = + ); if ( ! $relative_path) { @@ -636,26 +587,26 @@ class CI_Security { if ($is_image === TRUE) { /* - * Adobe Photoshop puts XML metadata into JFIF images, + * Adobe Photoshop puts XML metadata into JFIF images, * including namespacing, so we have to allow this for images. */ unset($evil_attributes[array_search('xmlns', $evil_attributes)]); } - + do { $count = 0; $attribs = array(); - + // find occurrences of illegal attribute strings without quotes - preg_match_all("/(".implode('|', $evil_attributes).")\s*=\s*([^\s]*)/is", $str, $matches, PREG_SET_ORDER); - + preg_match_all('/('.implode('|', $evil_attributes).')\s*=\s*([^\s]*)/is', $str, $matches, PREG_SET_ORDER); + foreach ($matches as $attr) { $attribs[] = preg_quote($attr[0], '/'); } - + // find occurrences of illegal attribute strings with quotes (042 and 047 are octal quotes) - preg_match_all("/(".implode('|', $evil_attributes).")\s*=\s*(\042|\047)([^\\2]*?)(\\2)/is", $str, $matches, PREG_SET_ORDER); + preg_match_all('/('.implode('|', $evil_attributes).')\s*=\s*(\042|\047)([^\\2]*?)(\\2)/is', $str, $matches, PREG_SET_ORDER); foreach ($matches as $attr) { @@ -665,11 +616,11 @@ class CI_Security { // replace illegal attribute strings that are inside an html tag if (count($attribs) > 0) { - $str = preg_replace("/<(\/?[^><]+?)([^A-Za-z\-])(".implode('|', $attribs).")([\s><])([><]*)/i", '<$1$2$4$5', $str, -1, $count); + $str = preg_replace('/<(\/?[^><]+?)([^A-Za-z\-])('.implode('|', $attribs).')([\s><])([><]*)/i', '<$1$2$4$5', $str, -1, $count); } - + } while ($count); - + return $str; } @@ -685,14 +636,9 @@ class CI_Security { */ protected function _sanitize_naughty_html($matches) { - // encode opening brace - $str = '<'.$matches[1].$matches[2].$matches[3]; - - // encode captured opening or closing brace to prevent recursive vectors - $str .= str_replace(array('>', '<'), array('>', '<'), - $matches[4]); - - return $str; + return '<'.$matches[1].$matches[2].$matches[3] // encode opening brace + // encode captured opening or closing brace to prevent recursive vectors: + . str_replace(array('>', '<'), array('>', '<'), $matches[4]); } // -------------------------------------------------------------------- @@ -710,9 +656,12 @@ class CI_Security { */ protected function _js_link_removal($match) { - $attributes = $this->_filter_attributes(str_replace(array('<', '>'), '', $match[1])); - - return str_replace($match[1], preg_replace("#href=.*?(alert\(|alert&\#40;|javascript\:|livescript\:|mocha\:|charset\=|window\.|document\.|\.cookie|_filter_attributes(str_replace(array('<', '>'), '', $match[1])) + ), + $match[0]); } // -------------------------------------------------------------------- @@ -730,9 +679,12 @@ class CI_Security { */ protected function _js_img_removal($match) { - $attributes = $this->_filter_attributes(str_replace(array('<', '>'), '', $match[1])); - - return str_replace($match[1], preg_replace("#src=.*?(alert\(|alert&\#40;|javascript\:|livescript\:|mocha\:|charset\=|window\.|document\.|\.cookie|_filter_attributes(str_replace(array('<', '>'), '', $match[1])) + ), + $match[0]); } // -------------------------------------------------------------------- @@ -806,33 +758,28 @@ class CI_Security { * Protect GET variables in URLs */ - // 901119URL5918AMP18930PROTECT8198 - - $str = preg_replace('|\&([a-z\_0-9\-]+)\=([a-z\_0-9\-]+)|i', $this->xss_hash()."\\1=\\2", $str); + // 901119URL5918AMP18930PROTECT8198 + $str = preg_replace('|\&([a-z\_0-9\-]+)\=([a-z\_0-9\-]+)|i', $this->xss_hash().'\\1=\\2', $str); /* * Validate standard character entities * * Add a semicolon if missing. We do this to enable * the conversion of entities to ASCII later. - * */ - $str = preg_replace('#(&\#?[0-9a-z]{2,})([\x00-\x20])*;?#i', "\\1;\\2", $str); + $str = preg_replace('#(&\#?[0-9a-z]{2,})([\x00-\x20])*;?#i', '\\1;\\2', $str); /* * Validate UTF16 two byte encoding (x00) * * Just as above, adds a semicolon if missing. - * */ - $str = preg_replace('#(&\#x?)([0-9A-F]+);?#i',"\\1\\2;",$str); + $str = preg_replace('#(&\#x?)([0-9A-F]+);?#i', '\\1\\2;', $str); /* * Un-Protect GET variables in URLs */ - $str = str_replace($this->xss_hash(), '&', $str); - - return $str; + return str_replace($this->xss_hash(), '&', $str); } // ---------------------------------------------------------------------- @@ -847,14 +794,11 @@ class CI_Security { */ protected function _do_never_allowed($str) { - foreach ($this->_never_allowed_str as $key => $val) - { - $str = str_replace($key, $val, $str); - } + $str = str_replace(array_keys($this->_never_allowed_str), $this->_never_allowed_str, $str); - foreach ($this->_never_allowed_regex as $key => $val) + foreach ($this->_never_allowed_regex as $regex) { - $str = preg_replace("#".$key."#i", $val, $str); + $str = preg_replace('#'.$regex.'#i', '[removed]', $str); } return $str; @@ -891,4 +835,4 @@ class CI_Security { } /* End of file Security.php */ -/* Location: ./system/core/Security.php */ \ No newline at end of file +/* Location: ./system/core/Security.php */ -- cgit v1.2.3-24-g4f1b From c123e118de32e2b31b9bf21fdb43458bc9f4cbda Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sun, 8 Jan 2012 00:17:34 +0200 Subject: Improve core URI & UTF8 libraries --- system/core/URI.php | 197 ++++++++++++++++++++++----------------------------- system/core/Utf8.php | 32 ++++----- 2 files changed, 96 insertions(+), 133 deletions(-) (limited to 'system/core') diff --git a/system/core/URI.php b/system/core/URI.php index 3c26d307b..93105b1fd 100755 --- a/system/core/URI.php +++ b/system/core/URI.php @@ -1,13 +1,13 @@ -config =& load_class('Config', 'core'); - log_message('debug', "URI Class Initialized"); + log_message('debug', 'URI Class Initialized'); } - // -------------------------------------------------------------------- /** * Get the URI String * - * @access private - * @return string + * Called by CI_Router + * + * @return void */ - function _fetch_uri_string() + public function _fetch_uri_string() { - if (strtoupper($this->config->item('uri_protocol')) == 'AUTO') + if (strtoupper($this->config->item('uri_protocol')) === 'AUTO') { // Is the request coming from the command line? - if (php_sapi_name() == 'cli' or defined('STDIN')) + if (php_sapi_name() === 'cli' OR defined('STDIN')) { $this->_set_uri_string($this->_parse_cli_args()); return; @@ -115,14 +109,14 @@ class CI_URI { // Is there a PATH_INFO variable? // Note: some servers seem to have trouble with getenv() so we'll test it two ways $path = (isset($_SERVER['PATH_INFO'])) ? $_SERVER['PATH_INFO'] : @getenv('PATH_INFO'); - if (trim($path, '/') != '' && $path != "/".SELF) + if (trim($path, '/') != '' && $path !== '/'.SELF) { $this->_set_uri_string($path); return; } // No PATH_INFO?... What about QUERY_STRING? - $path = (isset($_SERVER['QUERY_STRING'])) ? $_SERVER['QUERY_STRING'] : @getenv('QUERY_STRING'); + $path = (isset($_SERVER['QUERY_STRING'])) ? $_SERVER['QUERY_STRING'] : @getenv('QUERY_STRING'); if (trim($path, '/') != '') { $this->_set_uri_string($path); @@ -130,7 +124,7 @@ class CI_URI { } // As a last ditch effort lets try using the $_GET array - if (is_array($_GET) && count($_GET) == 1 && trim(key($_GET), '/') != '') + if (is_array($_GET) && count($_GET) === 1 && trim(key($_GET), '/') != '') { $this->_set_uri_string(key($_GET)); return; @@ -143,12 +137,12 @@ class CI_URI { $uri = strtoupper($this->config->item('uri_protocol')); - if ($uri == 'REQUEST_URI') + if ($uri === 'REQUEST_URI') { $this->_set_uri_string($this->_detect_uri()); return; } - elseif ($uri == 'CLI') + elseif ($uri === 'CLI') { $this->_set_uri_string($this->_parse_cli_args()); return; @@ -163,17 +157,16 @@ class CI_URI { /** * Set the URI String * - * @access public * @param string - * @return string + * @return void */ - function _set_uri_string($str) + public function _set_uri_string($str) { // Filter out control characters $str = remove_invisible_characters($str, FALSE); // If the URI contains only a slash we'll kill it - $this->uri_string = ($str == '/') ? '' : $str; + $this->uri_string = ($str === '/') ? '' : $str; } // -------------------------------------------------------------------- @@ -184,7 +177,6 @@ class CI_URI { * This function will detect the URI automatically and fix the query string * if necessary. * - * @access private * @return string */ protected function _detect_uri() @@ -194,12 +186,11 @@ class CI_URI { return ''; } - $uri = $_SERVER['REQUEST_URI']; - if (strpos($uri, $_SERVER['SCRIPT_NAME']) === 0) + if (strpos($_SERVER['REQUEST_URI'], $_SERVER['SCRIPT_NAME']) === 0) { $uri = substr($uri, strlen($_SERVER['SCRIPT_NAME'])); } - elseif (strpos($uri, dirname($_SERVER['SCRIPT_NAME'])) === 0) + elseif (strpos($_SERVER['REQUEST_URI'], dirname($_SERVER['SCRIPT_NAME'])) === 0) { $uri = substr($uri, strlen(dirname($_SERVER['SCRIPT_NAME']))); } @@ -223,7 +214,7 @@ class CI_URI { $_GET = array(); } - if ($uri == '/' || empty($uri)) + if ($uri == '/' OR empty($uri)) { return '/'; } @@ -241,13 +232,11 @@ class CI_URI { * * Take each command line argument and assume it is a URI segment. * - * @access private * @return string */ protected function _parse_cli_args() { $args = array_slice($_SERVER['argv'], 1); - return $args ? '/' . implode('/', $args) : ''; } @@ -256,27 +245,28 @@ class CI_URI { /** * Filter segments for malicious characters * - * @access private + * Called by CI_Router + * * @param string * @return string */ - function _filter_uri($str) + public function _filter_uri($str) { if ($str != '' && $this->config->item('permitted_uri_chars') != '' && $this->config->item('enable_query_strings') == FALSE) { // preg_quote() in PHP 5.3 escapes -, so the str_replace() and addition of - to preg_quote() is to maintain backwards // compatibility as many are unaware of how characters in the permitted_uri_chars will be parsed as a regex pattern - if ( ! preg_match("|^[".str_replace(array('\\-', '\-'), '-', preg_quote($this->config->item('permitted_uri_chars'), '-'))."]+$|i", $str)) + if ( ! preg_match('|^['.str_replace(array('\\-', '\-'), '-', preg_quote($this->config->item('permitted_uri_chars'), '-')).']+$|i', $str)) { show_error('The URI you submitted has disallowed characters.', 400); } } - // Convert programatic characters to entities - $bad = array('$', '(', ')', '%28', '%29'); - $good = array('$', '(', ')', '(', ')'); - - return str_replace($bad, $good, $str); + // Convert programatic characters to entities and return + return str_replace( + array('$', '(', ')', '%28', '%29'), // Bad + array('$', '(', ')', '(', ')'), // Good + $str); } // -------------------------------------------------------------------- @@ -284,14 +274,15 @@ class CI_URI { /** * Remove the suffix from the URL if needed * - * @access private + * Called by CI_Router + * * @return void */ - function _remove_url_suffix() + public function _remove_url_suffix() { - if ($this->config->item('url_suffix') != "") + if ($this->config->item('url_suffix') != '') { - $this->uri_string = preg_replace("|".preg_quote($this->config->item('url_suffix'))."$|", "", $this->uri_string); + $this->uri_string = preg_replace('|'.preg_quote($this->config->item('url_suffix')).'$|', '', $this->uri_string); } } @@ -301,12 +292,13 @@ class CI_URI { * Explode the URI Segments. The individual segments will * be stored in the $this->segments array. * - * @access private + * Called by CI_Router + * * @return void */ - function _explode_segments() + public function _explode_segments() { - foreach (explode("/", preg_replace("|/*(.+?)/*$|", "\\1", $this->uri_string)) as $val) + foreach (explode('/', preg_replace('|/*(.+?)/*$|', '\\1', $this->uri_string)) as $val) { // Filter segments for security $val = trim($this->_filter_uri($val)); @@ -323,14 +315,15 @@ class CI_URI { * Re-index Segments * * This function re-indexes the $this->segment array so that it - * starts at 1 rather than 0. Doing so makes it simpler to + * starts at 1 rather than 0. Doing so makes it simpler to * use functions like $this->uri->segment(n) since there is * a 1:1 relationship between the segment array and the actual segments. * - * @access private + * Called by CI_Router + * * @return void */ - function _reindex_segments() + public function _reindex_segments() { array_unshift($this->segments, NULL); array_unshift($this->rsegments, NULL); @@ -345,12 +338,11 @@ class CI_URI { * * This function returns the URI segment based on the number provided. * - * @access public * @param integer * @param bool * @return string */ - function segment($n, $no_result = FALSE) + public function segment($n, $no_result = FALSE) { return ( ! isset($this->segments[$n])) ? $no_result : $this->segments[$n]; } @@ -364,12 +356,11 @@ class CI_URI { * based on the number provided. If there is no routing this function returns the * same result as $this->segment() * - * @access public * @param integer * @param bool * @return string */ - function rsegment($n, $no_result = FALSE) + public function rsegment($n, $no_result = FALSE) { return ( ! isset($this->rsegments[$n])) ? $no_result : $this->rsegments[$n]; } @@ -392,25 +383,22 @@ class CI_URI { * gender => male * ) * - * @access public * @param integer the starting segment number * @param array an array of default values * @return array */ - function uri_to_assoc($n = 3, $default = array()) + public function uri_to_assoc($n = 3, $default = array()) { return $this->_uri_to_assoc($n, $default, 'segment'); } /** * Identical to above only it uses the re-routed segment array * - * @access public * @param integer the starting segment number * @param array an array of default values * @return array - * */ - function ruri_to_assoc($n = 3, $default = array()) + public function ruri_to_assoc($n = 3, $default = array()) { return $this->_uri_to_assoc($n, $default, 'rsegment'); } @@ -420,25 +408,13 @@ class CI_URI { /** * Generate a key value pair from the URI string or Re-routed URI string * - * @access private * @param integer the starting segment number * @param array an array of default values * @param string which array we should use * @return array */ - function _uri_to_assoc($n = 3, $default = array(), $which = 'segment') + protected function _uri_to_assoc($n = 3, $default = array(), $which = 'segment') { - if ($which == 'segment') - { - $total_segments = 'total_segments'; - $segment_array = 'segment_array'; - } - else - { - $total_segments = 'total_rsegments'; - $segment_array = 'rsegment_array'; - } - if ( ! is_numeric($n)) { return $default; @@ -449,23 +425,30 @@ class CI_URI { return $this->keyval[$n]; } + if ($which === 'segment') + { + $total_segments = 'total_segments'; + $segment_array = 'segment_array'; + } + else + { + $total_segments = 'total_rsegments'; + $segment_array = 'rsegment_array'; + } + if ($this->$total_segments() < $n) { - if (count($default) == 0) + if (count($default) === 0) { return array(); } - $retval = array(); - foreach ($default as $val) - { - $retval[$val] = FALSE; - } - return $retval; + return function_exists('array_fill_keys') + ? array_fill_keys($default, FALSE) + : array_combine($default, array_fill(0, count($default), FALSE)); } $segments = array_slice($this->$segment_array(), ($n - 1)); - $i = 0; $lastval = ''; $retval = array(); @@ -506,16 +489,15 @@ class CI_URI { * Generate a URI string from an associative array * * - * @access public * @param array an associative array of key/values * @return array */ - function assoc_to_uri($array) + public function assoc_to_uri($array) { $temp = array(); foreach ((array)$array as $key => $val) { - $temp[] = $key; + $temp[] = $key; $temp[] = $val; } @@ -527,12 +509,11 @@ class CI_URI { /** * Fetch a URI Segment and add a trailing slash * - * @access public * @param integer * @param string * @return string */ - function slash_segment($n, $where = 'trailing') + public function slash_segment($n, $where = 'trailing') { return $this->_slash_segment($n, $where, 'segment'); } @@ -542,12 +523,11 @@ class CI_URI { /** * Fetch a URI Segment and add a trailing slash * - * @access public * @param integer * @param string * @return string */ - function slash_rsegment($n, $where = 'trailing') + public function slash_rsegment($n, $where = 'trailing') { return $this->_slash_segment($n, $where, 'rsegment'); } @@ -557,22 +537,20 @@ class CI_URI { /** * Fetch a URI Segment and add a trailing slash - helper function * - * @access private * @param integer * @param string * @param string * @return string */ - function _slash_segment($n, $where = 'trailing', $which = 'segment') + protected function _slash_segment($n, $where = 'trailing', $which = 'segment') { - $leading = '/'; - $trailing = '/'; + $leading = $trailing = '/'; - if ($where == 'trailing') + if ($where === 'trailing') { $leading = ''; } - elseif ($where == 'leading') + elseif ($where === 'leading') { $trailing = ''; } @@ -585,10 +563,9 @@ class CI_URI { /** * Segment Array * - * @access public * @return array */ - function segment_array() + public function segment_array() { return $this->segments; } @@ -598,10 +575,9 @@ class CI_URI { /** * Routed Segment Array * - * @access public * @return array */ - function rsegment_array() + public function rsegment_array() { return $this->rsegments; } @@ -611,10 +587,9 @@ class CI_URI { /** * Total number of segments * - * @access public * @return integer */ - function total_segments() + public function total_segments() { return count($this->segments); } @@ -624,10 +599,9 @@ class CI_URI { /** * Total number of routed segments * - * @access public * @return integer */ - function total_rsegments() + public function total_rsegments() { return count($this->rsegments); } @@ -637,10 +611,9 @@ class CI_URI { /** * Fetch the entire URI string * - * @access public * @return string */ - function uri_string() + public function uri_string() { return $this->uri_string; } @@ -651,16 +624,14 @@ class CI_URI { /** * Fetch the entire Re-routed URI string * - * @access public * @return string */ - function ruri_string() + public function ruri_string() { return '/'.implode('/', $this->rsegment_array()); } } -// END URI Class /* End of file URI.php */ -/* Location: ./system/core/URI.php */ \ No newline at end of file +/* Location: ./system/core/URI.php */ diff --git a/system/core/Utf8.php b/system/core/Utf8.php index 40a7ac4c0..0e180d36f 100644 --- a/system/core/Utf8.php +++ b/system/core/Utf8.php @@ -1,13 +1,13 @@ -item('charset') == 'UTF-8' // Application charset must be UTF-8 + && @ini_get('mbstring.func_overload') != 1 // Multibyte string function overloading cannot be enabled + && $CFG->item('charset') === 'UTF-8' // Application charset must be UTF-8 ) { - log_message('debug', "UTF-8 Support Enabled"); - define('UTF8_ENABLED', TRUE); + log_message('debug', 'UTF-8 Support Enabled'); // set internal encoding for multibyte string functions if necessary // and set a flag so we don't have to repeatedly use extension_loaded() @@ -77,8 +76,8 @@ class CI_Utf8 { } else { - log_message('debug', "UTF-8 Support Disabled"); define('UTF8_ENABLED', FALSE); + log_message('debug', 'UTF-8 Support Disabled'); } } @@ -134,18 +133,14 @@ class CI_Utf8 { { if (function_exists('iconv')) { - $str = @iconv($encoding, 'UTF-8', $str); + return @iconv($encoding, 'UTF-8', $str); } elseif (function_exists('mb_convert_encoding')) { - $str = @mb_convert_encoding($str, 'UTF-8', $encoding); - } - else - { - return FALSE; + return @mb_convert_encoding($str, 'UTF-8', $encoding); } - return $str; + return FALSE; } // -------------------------------------------------------------------- @@ -163,10 +158,7 @@ class CI_Utf8 { return (preg_match('/[^\x00-\x7F]/S', $str) === 0); } - // -------------------------------------------------------------------- - } -// End Utf8 Class /* End of file Utf8.php */ -/* Location: ./system/core/Utf8.php */ \ No newline at end of file +/* Location: ./system/core/Utf8.php */ -- cgit v1.2.3-24-g4f1b From a798fdb9a08a6f549bcc2a4ea6c6bad45cfef0a2 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sun, 8 Jan 2012 00:20:49 +0200 Subject: Remove a space :) --- system/core/URI.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/URI.php b/system/core/URI.php index 93105b1fd..eaf7b752b 100755 --- a/system/core/URI.php +++ b/system/core/URI.php @@ -497,7 +497,7 @@ class CI_URI { $temp = array(); foreach ((array)$array as $key => $val) { - $temp[] = $key; + $temp[] = $key; $temp[] = $val; } -- cgit v1.2.3-24-g4f1b From 75f7c12815c62782163a54e84707f50459b6ef5d Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sun, 8 Jan 2012 03:49:25 +0200 Subject: Remove loading of ['core'] elements --- system/core/Loader.php | 7 ------- 1 file changed, 7 deletions(-) (limited to 'system/core') diff --git a/system/core/Loader.php b/system/core/Loader.php index 689ae1ecd..272fe4291 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -1165,13 +1165,6 @@ class CI_Loader { } } - // A little tweak to remain backward compatible - // The $autoload['core'] item was deprecated - if ( ! isset($autoload['libraries']) AND isset($autoload['core'])) - { - $autoload['libraries'] = $autoload['core']; - } - // Load libraries if (isset($autoload['libraries']) AND count($autoload['libraries']) > 0) { -- cgit v1.2.3-24-g4f1b From 137749793d6cce57e03904f05239fa80eec48d13 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sun, 8 Jan 2012 04:30:33 +0200 Subject: Switch some public properties to protected --- system/core/Input.php | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) (limited to 'system/core') diff --git a/system/core/Input.php b/system/core/Input.php index 07bb30b15..13bf76fd6 100755 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -57,20 +57,20 @@ class CI_Input { * * @var bool */ - public $_allow_get_array = TRUE; + protected $_allow_get_array = TRUE; /** * If TRUE, then newlines are standardized * * @var bool */ - public $_standardize_newlines = TRUE; + protected $_standardize_newlines = TRUE; /** * Determines whether the XSS filter is always active when GET, POST or COOKIE data is encountered * Set automatically based on config setting * * @var bool */ - public $_enable_xss = FALSE; + protected $_enable_xss = FALSE; /** * Enables a CSRF cookie token to be set. * Set automatically based on config setting @@ -85,17 +85,15 @@ class CI_Input { */ protected $headers = array(); - /** * Constructor * * Sets whether to globally enable the XSS processing * and whether to allow the $_GET array - * */ public function __construct() { - log_message('debug', "Input Class Initialized"); + log_message('debug', 'Input Class Initialized'); $this->_allow_get_array = (config_item('allow_get_array') === TRUE); $this->_enable_xss = (config_item('global_xss_filtering') === TRUE); -- cgit v1.2.3-24-g4f1b From c90d651e8531142d36326d5c3451d7899fb00f76 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sun, 8 Jan 2012 04:35:02 +0200 Subject: Style guide stuff --- system/core/Output.php | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) (limited to 'system/core') diff --git a/system/core/Output.php b/system/core/Output.php index 272545046..1beee734f 100755 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -488,8 +488,7 @@ class CI_Output { $uri = $CFG->item('base_url').$CFG->item('index_page').$URI->uri_string; $filepath = $cache_path.md5($uri); - if ( ! @file_exists($filepath) - OR ! $fp = @fopen($filepath, FOPEN_READ)) + if ( ! @file_exists($filepath) OR ! $fp = @fopen($filepath, FOPEN_READ)) { return FALSE; } @@ -508,8 +507,7 @@ class CI_Output { } // Has the file expired? If so we'll delete it. - if (time() >= trim(str_replace('TS--->', '', $match[1])) - AND is_really_writable($cache_path)) + if (time() >= trim(str_replace('TS--->', '', $match[1])) && is_really_writable($cache_path)) { @unlink($filepath); log_message('debug', 'Cache file has expired. File deleted.'); -- cgit v1.2.3-24-g4f1b From 29ce5d90b4276fc8a4e9354c1435963111f09a24 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sun, 8 Jan 2012 04:43:31 +0200 Subject: Replace AND with && --- system/core/CodeIgniter.php | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) (limited to 'system/core') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index e3d818825..cb5d439bd 100755 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -59,7 +59,7 @@ * Load the framework constants * ------------------------------------------------------ */ - if (defined('ENVIRONMENT') AND file_exists(APPPATH.'config/'.ENVIRONMENT.'/constants.php')) + if (defined('ENVIRONMENT') && file_exists(APPPATH.'config/'.ENVIRONMENT.'/constants.php')) { require(APPPATH.'config/'.ENVIRONMENT.'/constants.php'); } @@ -96,7 +96,7 @@ * Note: Since the config file data is cached it doesn't * hurt to load it here. */ - if (isset($assign_to_config['subclass_prefix']) AND $assign_to_config['subclass_prefix'] != '') + if (isset($assign_to_config['subclass_prefix']) && $assign_to_config['subclass_prefix'] != '') { get_config(array('subclass_prefix' => $assign_to_config['subclass_prefix'])); } @@ -106,8 +106,8 @@ * Set a liberal script execution time limit * ------------------------------------------------------ */ - if (function_exists('set_time_limit') AND @ini_get('safe_mode') == 0 - AND php_sapi_name() !== 'cli') // Do not override the Time Limit value if running from Command Line + if (function_exists('set_time_limit') && @ini_get('safe_mode') == 0 + && php_sapi_name() !== 'cli') // Do not override the Time Limit value if running from Command Line { @set_time_limit(300); } @@ -195,7 +195,7 @@ * ------------------------------------------------------ */ if ($EXT->_call_hook('cache_override') === FALSE - AND $OUT->_display_cache($CFG, $URI) == TRUE) + && $OUT->_display_cache($CFG, $URI) == TRUE) { exit; } @@ -393,7 +393,7 @@ * Close the DB connection if one exists * ------------------------------------------------------ */ - if (class_exists('CI_DB') AND isset($CI->db)) + if (class_exists('CI_DB') && isset($CI->db)) { $CI->db->close(); } -- cgit v1.2.3-24-g4f1b From 90cfe14b8458a3c84825a741cd750c5a02690f3b Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sun, 8 Jan 2012 04:46:42 +0200 Subject: Switch private methods to protected --- system/core/Input.php | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'system/core') diff --git a/system/core/Input.php b/system/core/Input.php index 13bf76fd6..7a16e51ab 100755 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -391,7 +391,7 @@ class CI_Input { { // IP segments must be digits and can not be // longer than 3 digits or greater then 255 - if ($segment == '' OR preg_match("/[^0-9]/", $segment) OR $segment > 255 OR strlen($segment) > 3) + if ($segment == '' OR preg_match('/[^0-9]/', $segment) OR $segment > 255 OR strlen($segment) > 3) { return FALSE; } @@ -430,7 +430,7 @@ class CI_Input { * * @return void */ - private function _sanitize_globals() + protected function _sanitize_globals() { // It would be "wrong" to unset any of these GLOBALS. $protected = array('_SERVER', '_GET', '_POST', '_FILES', '_REQUEST', @@ -516,7 +516,7 @@ class CI_Input { $this->security->csrf_verify(); } - log_message('debug', "Global POST and COOKIE data sanitized"); + log_message('debug', 'Global POST and COOKIE data sanitized'); } // -------------------------------------------------------------------- @@ -530,7 +530,7 @@ class CI_Input { * @param string * @return string */ - private function _clean_input_data($str) + protected function _clean_input_data($str) { if (is_array($str)) { @@ -588,7 +588,7 @@ class CI_Input { * @param string * @return string */ - private function _clean_input_keys($str) + protected function _clean_input_keys($str) { if ( ! preg_match('/^[a-z0-9:_\/-]+$/i', $str)) { -- cgit v1.2.3-24-g4f1b From 8a7d078233bfb80fa01ee090e14ce0664f23b96b Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sun, 8 Jan 2012 05:43:42 +0200 Subject: Remove some tabs --- system/core/Security.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Security.php b/system/core/Security.php index f09298bba..d7881d846 100755 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -176,7 +176,7 @@ class CI_Security { unset($_COOKIE[$this->_csrf_cookie_name]); $this->_csrf_hash = ''; } - + $this->_csrf_set_hash(); $this->csrf_set_cookie(); -- cgit v1.2.3-24-g4f1b From 0609d588a4340fc9a9cfbc0ff76c39bba9ab09fb Mon Sep 17 00:00:00 2001 From: Michiel Vugteveen Date: Sun, 8 Jan 2012 13:26:17 +0100 Subject: Fixes for issue 896 --- system/core/Common.php | 2 +- system/core/Output.php | 3 +-- system/core/URI.php | 5 +++-- 3 files changed, 5 insertions(+), 5 deletions(-) (limited to 'system/core') diff --git a/system/core/Common.php b/system/core/Common.php index 6ef229629..1f59c02d7 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -235,7 +235,7 @@ if ( ! function_exists('get_config')) } // Is the config file in the environment folder? - if ( ! defined('ENVIRONMENT') OR ! file_exists($file_path = APPPATH.'config/'.ENVIRONMENT..'/config.php')) + if ( ! defined('ENVIRONMENT') OR ! file_exists($file_path = APPPATH.'config/'.ENVIRONMENT.'/config.php')) { $file_path = APPPATH.'config/config.php'; } diff --git a/system/core/Output.php b/system/core/Output.php index 1beee734f..da5c29044 100755 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -129,7 +129,6 @@ class CI_Output { * * Sets the output string * - * @access public * @param string * @return void */ @@ -282,7 +281,7 @@ class CI_Output { * @param integer * @return void */ - publi function cache($time) + public function cache($time) { $this->cache_expiration = ( ! is_numeric($time)) ? 0 : $time; return $this; diff --git a/system/core/URI.php b/system/core/URI.php index eaf7b752b..b28ee198b 100755 --- a/system/core/URI.php +++ b/system/core/URI.php @@ -186,11 +186,12 @@ class CI_URI { return ''; } - if (strpos($_SERVER['REQUEST_URI'], $_SERVER['SCRIPT_NAME']) === 0) + $uri = $_SERVER['REQUEST_URI']; + if (strpos($uri, $_SERVER['SCRIPT_NAME']) === 0) { $uri = substr($uri, strlen($_SERVER['SCRIPT_NAME'])); } - elseif (strpos($_SERVER['REQUEST_URI'], dirname($_SERVER['SCRIPT_NAME'])) === 0) + elseif (strpos($uri, dirname($_SERVER['SCRIPT_NAME'])) === 0) { $uri = substr($uri, strlen(dirname($_SERVER['SCRIPT_NAME']))); } -- cgit v1.2.3-24-g4f1b From edc875593d3ddbd0fe86caf6380a62b00a20f245 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 9 Jan 2012 09:35:10 +0200 Subject: Fix a possible notice in Output library --- system/core/Output.php | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) (limited to 'system/core') diff --git a/system/core/Output.php b/system/core/Output.php index da5c29044..69a2e5f88 100755 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -397,14 +397,12 @@ class CI_Output { // If the output data contains closing and tags // we will remove them and add them back after we insert the profile data $output = preg_replace('|.*?|is', '', $output, $count).$CI->profiler->run(); - if ($count > 0) + if (isset($count) && $count > 0) { $output .= ''; } } - // -------------------------------------------------------------------- - // Does the controller contain a function named _output()? // If so send the output there. Otherwise, echo it. if (method_exists($CI, '_output')) @@ -413,7 +411,7 @@ class CI_Output { } else { - echo $output; // Send it to the browser! + echo $output; // Send it to the browser! } log_message('debug', 'Final output sent to browser'); -- cgit v1.2.3-24-g4f1b From cba20b164fdb1e60225b4f1fc04b7a31c4ffa106 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 9 Jan 2012 10:16:41 +0200 Subject: Really fix this ... --- system/core/Output.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'system/core') diff --git a/system/core/Output.php b/system/core/Output.php index 69a2e5f88..d27133d37 100755 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -396,8 +396,9 @@ class CI_Output { // If the output data contains closing and tags // we will remove them and add them back after we insert the profile data - $output = preg_replace('|.*?|is', '', $output, $count).$CI->profiler->run(); - if (isset($count) && $count > 0) + $count = 0; + $output = preg_replace('|.*?|is', '', $output, -1, $count).$CI->profiler->run(); + if ($count > 0) { $output .= ''; } -- cgit v1.2.3-24-g4f1b From a96a9c8e6c7a113c808ba047808180b33360d3dd Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 9 Jan 2012 11:01:15 +0200 Subject: Remove once again ... --- system/core/Output.php | 1 - 1 file changed, 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Output.php b/system/core/Output.php index d27133d37..abd8a0ea9 100755 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -396,7 +396,6 @@ class CI_Output { // If the output data contains closing and tags // we will remove them and add them back after we insert the profile data - $count = 0; $output = preg_replace('|.*?|is', '', $output, -1, $count).$CI->profiler->run(); if ($count > 0) { -- cgit v1.2.3-24-g4f1b From d47baab1bd4d655a68981834d11727ae8c2a3a45 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 9 Jan 2012 16:56:46 +0200 Subject: Fix issue #904 --- system/core/Common.php | 2 +- system/core/Loader.php | 12 +++++------- 2 files changed, 6 insertions(+), 8 deletions(-) (limited to 'system/core') diff --git a/system/core/Common.php b/system/core/Common.php index 1f59c02d7..2f9c4ff43 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -199,7 +199,7 @@ if ( ! function_exists('load_class')) */ if ( ! function_exists('is_loaded')) { - function is_loaded($class = '') + function &is_loaded($class = '') { static $_is_loaded = array(); diff --git a/system/core/Loader.php b/system/core/Loader.php index 272fe4291..12daaa928 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -250,10 +250,10 @@ class CI_Loader { if (($last_slash = strrpos($model, '/')) !== FALSE) { // The path is in front of the last slash - $path = substr($model, 0, $last_slash + 1); + $path = substr($model, 0, ++$last_slash); // And the model name behind it - $model = substr($model, $last_slash + 1); + $model = substr($model, $last_slash); } if ($name == '') @@ -833,10 +833,9 @@ class CI_Loader { // If the PHP installation does not support short tags we'll // do a little string replacement, changing the short tags // to standard PHP echo statements. - if ((bool) @ini_get('short_open_tag') === FALSE AND config_item('rewrite_short_tags') == TRUE) { - echo eval('?>'.preg_replace("/;*\s*\?>/", "; ?>", str_replace(''.preg_replace('/;*\s*\?>/', '; ?>', str_replace(' $this->_ci_ob_level + 1) { @@ -1233,13 +1231,13 @@ class CI_Loader { { if ( ! is_array($filename)) { - return array(strtolower(str_replace('.php', '', str_replace($extension, '', $filename)).$extension)); + return array(strtolower(str_replace(array($extension, '.php'), '', $filename).$extension)); } else { foreach ($filename as $key => $val) { - $filename[$key] = strtolower(str_replace('.php', '', str_replace($extension, '', $val)).$extension); + $filename[$key] = strtolower(str_replace(array($extension, '.php'), '', $val).$extension); } return $filename; -- cgit v1.2.3-24-g4f1b From 4562f2cbb3e5346c6e341516a31ca87dfa47bafd Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 9 Jan 2012 23:39:50 +0200 Subject: Some more stuff ... --- system/core/Security.php | 23 ++++++----------------- 1 file changed, 6 insertions(+), 17 deletions(-) (limited to 'system/core') diff --git a/system/core/Security.php b/system/core/Security.php index d7881d846..1007f61f4 100755 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -153,20 +153,13 @@ class CI_Security { } // Do the tokens exist in both the _POST and _COOKIE arrays? - if ( ! isset($_POST[$this->_csrf_token_name]) OR - ! isset($_COOKIE[$this->_csrf_cookie_name])) + if ( ! isset($_POST[$this->_csrf_token_name]) OR ! isset($_COOKIE[$this->_csrf_cookie_name]) + OR $_POST[$this->_csrf_token_name] != $_COOKIE[$this->_csrf_cookie_name]) // Do the tokens match? { $this->csrf_show_error(); } - // Do the tokens match? - if ($_POST[$this->_csrf_token_name] != $_COOKIE[$this->_csrf_cookie_name]) - { - $this->csrf_show_error(); - } - - // We kill this since we're done and we don't want to - // polute the _POST array + // We kill this since we're done and we don't want to polute the _POST array unset($_POST[$this->_csrf_token_name]); // Regenerate on every submission? @@ -308,10 +301,9 @@ class CI_Security { * This permits our tests below to work reliably. * We only convert entities that are within tags since * these are the ones that will pose security problems. - * */ $str = preg_replace_callback("/[a-z]+=([\'\"]).*?\\1/si", array($this, '_convert_attribute'), $str); - $str = preg_replace_callback("/<\w+.*?(?=>|<|$)/si", array($this, '_decode_entity'), $str); + $str = preg_replace_callback('/<\w+.*?(?=>|<|$)/si', array($this, '_decode_entity'), $str); // Remove Invisible Characters Again! $str = remove_invisible_characters($str); @@ -326,9 +318,7 @@ class CI_Security { */ $str = str_replace("\t", ' ', $str); - /* - * Capture converted string for later comparison - */ + // Capture converted string for later comparison $converted_string = $str; // Remove Strings that are never allowed @@ -720,12 +710,11 @@ class CI_Security { protected function _filter_attributes($str) { $out = ''; - if (preg_match_all('#\s*[a-z\-]+\s*=\s*(\042|\047)([^\\1]*?)\\1#is', $str, $matches)) { foreach ($matches[0] as $match) { - $out .= preg_replace("#/\*.*?\*/#s", '', $match); + $out .= preg_replace('#/\*.*?\*/#s', '', $match); } } -- cgit v1.2.3-24-g4f1b From 4b13061308301cd307fe5317604265ab934fb046 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 10 Jan 2012 16:09:55 +0200 Subject: Fixed a bug in CI_Lang::load() --- system/core/Lang.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Lang.php b/system/core/Lang.php index 088cb6c9c..c40a6856e 100755 --- a/system/core/Lang.php +++ b/system/core/Lang.php @@ -130,7 +130,7 @@ class CI_Lang { } $this->is_loaded[] = $langfile; - $this->language = $this->language + $lang; + $this->language = array_merge($this->language, $lang); unset($lang); log_message('debug', 'Language file loaded: language/'.$idiom.'/'.$langfile); -- cgit v1.2.3-24-g4f1b From 176b363e534da12a38a75c9e2ba273846dfa35a7 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 10 Jan 2012 18:14:28 +0200 Subject: Fix a bug in system/core/CodeIgniter.php --- system/core/CodeIgniter.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index cb5d439bd..7af3c485d 100755 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -267,7 +267,7 @@ $method = $RTR->fetch_method(); if ( ! class_exists($class) - OR strpos($method, '_', 1) === 0 + OR strpos($method, '_') === 0 OR in_array(strtolower($method), array_map('strtolower', get_class_methods('CI_Controller'))) ) { -- cgit v1.2.3-24-g4f1b From c8efb8033ae775a5c1c840f867def4e6253b3d9a Mon Sep 17 00:00:00 2001 From: "Thor (atiredmachine)" Date: Tue, 24 Jan 2012 13:33:39 -0800 Subject: Output class now sets HTTP headers match caching settings. --- system/core/Output.php | 45 +++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 43 insertions(+), 2 deletions(-) (limited to 'system/core') diff --git a/system/core/Output.php b/system/core/Output.php index abd8a0ea9..1f214a0b3 100755 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -466,6 +466,9 @@ class CI_Output { @chmod($cache_path, FILE_WRITE_MODE); log_message('debug', 'Cache file written: '.$cache_path); + + // Send HTTP cache-control headers to browser to match file cache settings. + $this->set_cache_header($_SERVER['REQUEST_TIME'],$expire); } // -------------------------------------------------------------------- @@ -503,13 +506,22 @@ class CI_Output { return FALSE; } - // Has the file expired? If so we'll delete it. - if (time() >= trim(str_replace('TS--->', '', $match[1])) && is_really_writable($cache_path)) + $last_modified = filemtime($cache_path); + $expire = trim(str_replace('TS--->', '', $match[1])); + + // Has the file expired? + if ($_SERVER['REQUEST_TIME'] >= $expire && is_really_writable($cache_path)) { + // If so we'll delete it. @unlink($filepath); log_message('debug', 'Cache file has expired. File deleted.'); return FALSE; } + else + { + // Or else send the HTTP cache control headers. + $this->set_cache_header($last_modified,$expire); + } // Display the cache $this->_display(str_replace($match[0], '', $cache)); @@ -517,6 +529,35 @@ class CI_Output { return TRUE; } + + // -------------------------------------------------------------------- + /** + * Set the HTTP headers to match the server-side file cache settings + * in order to reduce bandwidth. + * + * @param int timestamp of when the page was last modified + * @param int timestamp of when should the requested page expire from cache + * @return void + */ + public function set_cache_header($last_modified,$expiration) + { + $max_age = $expiration - $_SERVER['REQUEST_TIME']; + + if (isset($_SERVER['HTTP_IF_MODIFIED_SINCE']) && ($last_modified <= strtotime($_SERVER['HTTP_IF_MODIFIED_SINCE']))) + { + $this->set_status_header(304); + exit; + } + else + { + header('Pragma: public'); + header('Cache-Control: max-age=' . $max_age . ', public'); + header('Expires: '.gmdate('D, d M Y H:i:s', $expiration).' GMT'); + header('Last-modified: '.gmdate('D, d M Y H:i:s', $last_modified).' GMT'); + } + } + + } /* End of file Output.php */ -- cgit v1.2.3-24-g4f1b From 63678a27864fdd6bb0ed89e6940a1d331121072a Mon Sep 17 00:00:00 2001 From: "Thor (atiredmachine)" Date: Tue, 24 Jan 2012 16:56:01 -0800 Subject: Rudimentary minifying of output. --- system/core/Output.php | 36 ++++++++++++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) (limited to 'system/core') diff --git a/system/core/Output.php b/system/core/Output.php index 1f214a0b3..55a505c34 100755 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -323,6 +323,15 @@ class CI_Output { { $output =& $this->final_output; } + + // -------------------------------------------------------------------- + + // Is minify requested? + if ($CFG->item('minify_output') === TRUE) + { + $output = $this->minify($output); + } + // -------------------------------------------------------------------- @@ -558,6 +567,33 @@ class CI_Output { } + + + // -------------------------------------------------------------------- + /** + * Reduce excessive size of HTML content. + * + * @param string + * @param string + * @return string + */ + public function minify($output,$type='html') + { + switch ($type) + { + case 'html': + + // Replaces multiple spaces with a single space. + $output = preg_replace('!\s{2,}!',' ',$output); + + // ... + break; + } + + return $output; + } + + } /* End of file Output.php */ -- cgit v1.2.3-24-g4f1b From 79db4cdba1a1a80634cd76ab8fc69fce7b1a7ea6 Mon Sep 17 00:00:00 2001 From: "Thor (atiredmachine)" Date: Tue, 24 Jan 2012 20:44:51 -0800 Subject: Improved minifier to restore
 contents, remove even more spaces,
 and process CSS with its own rules.

---
 system/core/Output.php | 35 ++++++++++++++++++++++++++++++++++-
 1 file changed, 34 insertions(+), 1 deletion(-)

(limited to 'system/core')

diff --git a/system/core/Output.php b/system/core/Output.php
index 55a505c34..bb39a7f31 100755
--- a/system/core/Output.php
+++ b/system/core/Output.php
@@ -582,12 +582,45 @@ class CI_Output {
 		switch ($type)
 		{
 			case 'html':
+			
+				// Keep track of 
 tags as they were before processing.
+				// We'll want to return them to this state later.
+				preg_match_all('{}msU',$output,$pres_clean);
+
+				// Keep track of 
 tags as they were before processing.
+				// We'll want to return them to this state later.
+				preg_match_all('{}msU',$output,$style_clean);
 				
+				// Run }msU',$output,$style_clean);
-				
-				// Run }msU',$output,$style_clean);
 				foreach ($style_clean[0] as $s)
 				{
-					$output = str_replace($s, $this->minify($s,'css'), $output);
+					$output = str_replace($s, $this->minify($s,'text/css'), $output);
 				}
 
 				// Replace multiple spaces with a single space.
@@ -614,7 +614,7 @@ class CI_Output {
 			break;
 			
 			
-			case 'css':
+			case 'text/css':
 			
 				// Remove spaces around curly brackets, colons, and semi-colons
 				$output = preg_replace('!\s*(:|;|}|{)\s*!','$1',$output);
-- 
cgit v1.2.3-24-g4f1b


From 5de117549f69465a1ce0f2e128428d9adadd8a6d Mon Sep 17 00:00:00 2001
From: "Thor (atiredmachine)" 
Date: Tue, 24 Jan 2012 22:08:36 -0800
Subject: Strips out HTML comments.

---
 system/core/Output.php | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'system/core')

diff --git a/system/core/Output.php b/system/core/Output.php
index 47c00acd8..8992fc1f1 100755
--- a/system/core/Output.php
+++ b/system/core/Output.php
@@ -600,6 +600,9 @@ class CI_Output {
 				// Replace multiple spaces with a single space.
 				$output = preg_replace('!\s{2,}!',"\n",$output);
 				
+				// Remove comments (non-MSIE conditionals)
+				$output = preg_replace('{\s*\s*}msU','',$output);
+
 				// Remove spaces around block-level elements.
 				$output = preg_replace('{\s*()\s*}', '$1', $output);
 
-- 
cgit v1.2.3-24-g4f1b


From f59ec6fe4fab3bd5ff71d920e13f983454a9fb65 Mon Sep 17 00:00:00 2001
From: "Thor (atiredmachine)" 
Date: Tue, 24 Jan 2012 22:19:14 -0800
Subject: Logs 'debug' message that shows how much % was shaved off.

---
 system/core/Output.php | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

(limited to 'system/core')

diff --git a/system/core/Output.php b/system/core/Output.php
index 8992fc1f1..c95f551ec 100755
--- a/system/core/Output.php
+++ b/system/core/Output.php
@@ -582,7 +582,9 @@ class CI_Output {
 		switch ($type)
 		{
 			case 'text/html':
-			
+
+				$size_before = strlen($output);
+
 				// Keep track of 
  and }msU',$output,$textareas_clean);
+				preg_match_all('{}msU', $output, $pres_clean);
+				preg_match_all('{}msU', $output, $codes_clean);
+				preg_match_all('{}msU', $output, $textareas_clean);
 
 				// Minify the CSS in all the }msU',$output,$style_clean);
+				preg_match_all('{}msU', $output, $style_clean);
 				foreach ($style_clean[0] as $s)
 				{
 					$output = str_replace($s, $this->minify($s,'text/css'), $output);
 				}
 
 				// Replace multiple spaces with a single space.
-				$output = preg_replace('!\s{2,}!',"\n",$output);
+				$output = preg_replace('!\s{2,}!', "\n", $output);
 				
 				// Remove comments (non-MSIE conditionals)
-				$output = preg_replace('{\s*\s*}msU','',$output);
+				$output = preg_replace('{\s*\s*}msU', '', $output);
 
 				// Remove spaces around block-level elements.
 				$output = preg_replace('{\s*()\s*}', '$1', $output);
 
 				// Replace mangled 
 etc. tags with unprocessed ones.
-				preg_match_all('{}msU',$output,$pres_messed);
-				preg_match_all('{}msU',$output,$codes_messed);
-				preg_match_all('{}msU',$output,$textareas_messed);
-				$output = str_replace($pres_messed[0],$pres_clean[0],$output);
-				$output = str_replace($codes_messed[0],$codes_clean[0],$output);
-				$output = str_replace($textareas_messed[0],$textareas_clean[0],$output);
+				preg_match_all('{}msU', $output, $pres_messed);
+				preg_match_all('{}msU', $output, $codes_messed);
+				preg_match_all('{}msU', $output, $textareas_messed);
+				$output = str_replace($pres_messed[0], $pres_clean[0], $output);
+				$output = str_replace($codes_messed[0], $codes_clean[0], $output);
+				$output = str_replace($textareas_messed[0], $textareas_clean[0], $output);
 				
 				$size_after = strlen($output);
 				$savings_percent = round(100 - ($size_after / $size_before * 100));
@@ -640,10 +635,10 @@ class CI_Output {
 			case 'text/css':
 			
 				// Remove spaces around curly brackets, colons, and semi-colons
-				$output = preg_replace('!\s*(:|;|}|{)\s*!','$1',$output);
+				$output = preg_replace('!\s*(:|;|}|{)\s*!', '$1', $output);
 				
 				// Replace spaces with line breaks to limit line lengths
-				$output = preg_replace('!\s+!',"\n",$output);
+				$output = preg_replace('!\s+!', "\n", $output);
 
 			break;
 		}
-- 
cgit v1.2.3-24-g4f1b


From 5c078ceeb926119fc3b4e55ca7c33ff2d1a207cd Mon Sep 17 00:00:00 2001
From: "Thor (atiredmachine)" 
Date: Thu, 26 Jan 2012 17:18:35 -0800
Subject: Added javascript. Improved based on comments.

---
 system/core/Output.php | 74 +++++++++++++++++++++++++++++++++++++-------------
 1 file changed, 55 insertions(+), 19 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Output.php b/system/core/Output.php
index 9bc02fc84..c4eba30bb 100755
--- a/system/core/Output.php
+++ b/system/core/Output.php
@@ -593,12 +593,12 @@ class CI_Output {
 
 				$size_before = strlen($output);
 
-				// Keep track of 
  and }msU', $output, $textareas_clean);
+				preg_match_all('{}msU', $output, $javascript_clean);
 
 				// Minify the CSS in all the }msU', $output, $style_clean);
@@ -606,39 +606,75 @@ class CI_Output {
 				{
 					$output = str_replace($s, $this->minify($s,'text/css'), $output);
 				}
+				
+				// Minify the javascript in }msU', $output, $javascript_messed);
+					$output = str_replace($javascript_messed[0], $javascript_mini, $output);
+				}
+				
+				$size_removed = $size_before - strlen($output);
+				$savings_percent = round(($size_removed / $size_before * 100));
+
+				log_message('debug', 'Minifier shaved '.($size_removed / 1000).'KB ('.$savings_percent.'%) off final HTML output.');
 
 			break;
 			
 			
 			case 'text/css':
 			
-				// Remove spaces around curly brackets, colons, and semi-colons
-				$output = preg_replace('!\s*(:|;|}|{)\s*!', '$1', $output);
-				
-				// Replace spaces with line breaks to limit line lengths
-				$output = preg_replace('!\s+!', "\n", $output);
+				//Remove CSS comments
+				$output = preg_replace('!/\*[^*]*\*+([^/][^*]*\*+)*/!', '', $output);
+			
+				// Remove spaces around curly brackets, colons,
+				// semi-colons, parenthesis, commas
+				$output = preg_replace('!\s*(:|;|,|}|{|\(|\))\s*!', '$1', $output);
+
+			break;
+			
+			
+			case 'text/javascript':
+
+				// Replace multiple spaces with a single newline.
+				$output = preg_replace('!\s{2,}!',"\n", $output);
+
+				// Remove excessive newlines.
+				$output = preg_replace('!(;|{|})\n!','$1', $output);
 
 			break;
 		}
-- 
cgit v1.2.3-24-g4f1b


From 6c5992da5cf3579a29079b0aae3e9ba0700fda5c Mon Sep 17 00:00:00 2001
From: "Thor (atiredmachine)" 
Date: Thu, 26 Jan 2012 18:45:57 -0800
Subject: Removed javascript for now...

---
 system/core/Output.php | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Output.php b/system/core/Output.php
index c4eba30bb..d8c230968 100755
--- a/system/core/Output.php
+++ b/system/core/Output.php
@@ -670,11 +670,11 @@ class CI_Output {
 			
 			case 'text/javascript':
 
-				// Replace multiple spaces with a single newline.
-				$output = preg_replace('!\s{2,}!',"\n", $output);
+				// Replace multiple whitespace characters with a single newline.
+				//$output = preg_replace('!\s{2,}!',"\n", $output);
 
 				// Remove excessive newlines.
-				$output = preg_replace('!(;|{|})\n!','$1', $output);
+				//$output = preg_replace('!(;|{|})\n!','$1', $output);
 
 			break;
 		}
-- 
cgit v1.2.3-24-g4f1b


From 8d5b24a8c55dc1ae7721e10de094c4aba2ca7eae Mon Sep 17 00:00:00 2001
From: Andrey Andreev 
Date: Fri, 27 Jan 2012 14:37:38 +0200
Subject: Fix issue #128

---
 system/core/Lang.php | 23 ++++++++++++-----------
 1 file changed, 12 insertions(+), 11 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Lang.php b/system/core/Lang.php
index c40a6856e..d68c04812 100755
--- a/system/core/Lang.php
+++ b/system/core/Lang.php
@@ -25,8 +25,6 @@
  * @filesource
  */
 
-// ------------------------------------------------------------------------
-
 /**
  * Language Class
  *
@@ -74,22 +72,20 @@ class CI_Lang {
 
 		if ($add_suffix == TRUE)
 		{
-			$langfile = str_replace('_lang.', '', $langfile).'_lang';
+			$langfile = str_replace('_lang', '', $langfile).'_lang';
 		}
 
 		$langfile .= '.php';
 
-		if (in_array($langfile, $this->is_loaded, TRUE))
+		if ($idiom == '')
 		{
-			return;
+			$config =& get_config();
+			$idiom = ( ! empty($config['language'])) ? $config['language'] : 'english';
 		}
 
-		$config =& get_config();
-
-		if ($idiom == '')
+		if ($return == FALSE && isset($this->is_loaded[$langfile]) && $this->is_loaded[$langfile] === $idiom)
 		{
-			$deft_lang = ( ! isset($config['language'])) ? 'english' : $config['language'];
-			$idiom = ($deft_lang == '') ? 'english' : $deft_lang;
+			return;
 		}
 
 		// Determine where the language file is and load it
@@ -121,6 +117,11 @@ class CI_Lang {
 		if ( ! isset($lang) OR ! is_array($lang))
 		{
 			log_message('error', 'Language file contains no data: language/'.$idiom.'/'.$langfile);
+
+			if ($return == TRUE)
+			{
+				return array();
+			}
 			return;
 		}
 
@@ -129,7 +130,7 @@ class CI_Lang {
 			return $lang;
 		}
 
-		$this->is_loaded[] = $langfile;
+		$this->is_loaded[$langfile] = $idiom;
 		$this->language = array_merge($this->language, $lang);
 		unset($lang);
 
-- 
cgit v1.2.3-24-g4f1b


From 65571d9d9684573887dc4a481b44f33b13584059 Mon Sep 17 00:00:00 2001
From: Andrey Andreev 
Date: Fri, 27 Jan 2012 14:51:58 +0200
Subject: Remove an unnecessary unset()

---
 system/core/Lang.php | 1 -
 1 file changed, 1 deletion(-)

(limited to 'system/core')

diff --git a/system/core/Lang.php b/system/core/Lang.php
index d68c04812..711ccab70 100755
--- a/system/core/Lang.php
+++ b/system/core/Lang.php
@@ -132,7 +132,6 @@ class CI_Lang {
 
 		$this->is_loaded[$langfile] = $idiom;
 		$this->language = array_merge($this->language, $lang);
-		unset($lang);
 
 		log_message('debug', 'Language file loaded: language/'.$idiom.'/'.$langfile);
 		return TRUE;
-- 
cgit v1.2.3-24-g4f1b


From 1b8d0ef6491b77375bb068711bc5e10fe4ca4b8f Mon Sep 17 00:00:00 2001
From: Thor 
Date: Sat, 28 Jan 2012 01:48:04 -0800
Subject: Fixed some spaces.

---
 system/core/Output.php | 13 ++++---------
 1 file changed, 4 insertions(+), 9 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Output.php b/system/core/Output.php
index d8c230968..468274002 100755
--- a/system/core/Output.php
+++ b/system/core/Output.php
@@ -604,17 +604,17 @@ class CI_Output {
 				preg_match_all('{}msU', $output, $style_clean);
 				foreach ($style_clean[0] as $s)
 				{
-					$output = str_replace($s, $this->minify($s,'text/css'), $output);
+					$output = str_replace($s, $this->minify($s, 'text/css'), $output);
 				}
 				
 				// Minify the javascript in }msU', $output, $javascript_messed);
 					$output = str_replace($javascript_messed[0], $javascript_mini, $output);
 				}
-				
+
 				$size_removed = $size_before - strlen($output);
 				$savings_percent = round(($size_removed / $size_before * 100));
 
 				log_message('debug', 'Minifier shaved '.($size_removed / 1000).'KB ('.$savings_percent.'%) off final HTML output.');
 
 			break;
-			
-			
+
 			case 'text/css':
-			
+
 				//Remove CSS comments
 				$output = preg_replace('!/\*[^*]*\*+([^/][^*]*\*+)*/!', '', $output);
-			
+
 				// Remove spaces around curly brackets, colons,
 				// semi-colons, parenthesis, commas
 				$output = preg_replace('!\s*(:|;|,|}|{|\(|\))\s*!', '$1', $output);
 
 			break;
-			
-			
+
 			case 'text/javascript':
 
 				// Currently leaves JavaScript untouched.
 			break;
+
+			default: break;
 		}
-		
+
 		return $output;
 	}
 
-
 }
 
 /* End of file Output.php */
-/* Location: ./system/core/Output.php */
+/* Location: ./system/core/Output.php */
\ No newline at end of file
-- 
cgit v1.2.3-24-g4f1b


From f512b73bc78760198a5409f2c4da71fe749b1301 Mon Sep 17 00:00:00 2001
From: Alex Bilbie 
Date: Sat, 16 Jun 2012 11:15:19 +0100
Subject: Spelling fixes - `wether` to `whether`

Interestingly `wether` means a castrated ram in old English
---
 system/core/Hooks.php  | 4 ++--
 system/core/Output.php | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Hooks.php b/system/core/Hooks.php
index 29fd88201..afbf4b453 100644
--- a/system/core/Hooks.php
+++ b/system/core/Hooks.php
@@ -39,7 +39,7 @@
 class CI_Hooks {
 
 	/**
-	 * Determines wether hooks are enabled
+	 * Determines whether hooks are enabled
 	 *
 	 * @var bool
 	 */
@@ -53,7 +53,7 @@ class CI_Hooks {
 	public $hooks =	array();
 
 	/**
-	 * Determines wether hook is in progress, used to prevent infinte loops
+	 * Determines whether hook is in progress, used to prevent infinte loops
 	 *
 	 * @var bool
 	 */
diff --git a/system/core/Output.php b/system/core/Output.php
index 570d4ebc9..ed294f116 100644
--- a/system/core/Output.php
+++ b/system/core/Output.php
@@ -74,7 +74,7 @@ class CI_Output {
 	protected $mime_type		= 'text/html';
 
 	/**
-	 * Determines wether profiler is enabled
+	 * Determines whether profiler is enabled
 	 *
 	 * @var book
 	 */
-- 
cgit v1.2.3-24-g4f1b


From 1764dd7d4ab6e6e5c799eaa9ce007fce48fa0b63 Mon Sep 17 00:00:00 2001
From: Andrey Andreev 
Date: Sat, 16 Jun 2012 18:48:19 +0300
Subject: Fix issue #938 + some related improvements

---
 system/core/Config.php | 20 +++++++-------------
 1 file changed, 7 insertions(+), 13 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Config.php b/system/core/Config.php
index 3de1bcb96..656382716 100644
--- a/system/core/Config.php
+++ b/system/core/Config.php
@@ -225,12 +225,12 @@ class CI_Config {
 	 * Site URL
 	 * Returns base_url . index_page [. uri_string]
 	 *
-	 * @param	string	the URI string
+	 * @param	mixed	the URI string or an array of segments
 	 * @return	string
 	 */
 	public function site_url($uri = '')
 	{
-		if ($uri === '')
+		if (empty($uri))
 		{
 			return $this->slash_item('base_url').$this->item('index_page');
 		}
@@ -240,10 +240,12 @@ class CI_Config {
 			$suffix = ($this->item('url_suffix') === FALSE) ? '' : $this->item('url_suffix');
 			return $this->slash_item('base_url').$this->slash_item('index_page').$this->_uri_string($uri).$suffix;
 		}
-		else
+		elseif (is_array($uri) OR strpos($uri, '?') === FALSE)
 		{
-			return $this->slash_item('base_url').$this->item('index_page').'?'.$this->_uri_string($uri);
+			$uri = '?'.$this->_uri_string($uri);
 		}
+
+		return $this->slash_item('base_url').$this->item('index_page').$uri;
 	}
 
 	// -------------------------------------------------------------
@@ -280,15 +282,7 @@ class CI_Config {
 		}
 		elseif (is_array($uri))
 		{
-			$i = 0;
-			$str = '';
-			foreach ($uri as $key => $val)
-			{
-				$prefix = ($i === 0) ? '' : '&';
-				$str .= $prefix.$key.'='.$val;
-				$i++;
-			}
-			return $str;
+			return http_build_query($uri);
 		}
 
 		return $uri;
-- 
cgit v1.2.3-24-g4f1b


From 95d78cf4f78c0fb685a789c280d106ab242318ef Mon Sep 17 00:00:00 2001
From: Andrey Andreev 
Date: Sat, 16 Jun 2012 19:54:33 +0300
Subject: Fix issue #999

---
 system/core/Config.php | 18 +++++++++++++++---
 system/core/URI.php    |  6 ++++--
 2 files changed, 19 insertions(+), 5 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Config.php b/system/core/Config.php
index 656382716..4b4e5a7ba 100644
--- a/system/core/Config.php
+++ b/system/core/Config.php
@@ -235,14 +235,26 @@ class CI_Config {
 			return $this->slash_item('base_url').$this->item('index_page');
 		}
 
+		$uri = $this->_uri_string($uri);
+
 		if ($this->item('enable_query_strings') === FALSE)
 		{
 			$suffix = ($this->item('url_suffix') === FALSE) ? '' : $this->item('url_suffix');
-			return $this->slash_item('base_url').$this->slash_item('index_page').$this->_uri_string($uri).$suffix;
+
+			if ($suffix !== '' && ($offset = strpos($uri, '?')) !== FALSE)
+			{
+				$uri = substr($uri, 0, $offset).$suffix.substr($uri, $offset);
+			}
+			else
+			{
+				$uri .= $suffix;
+			}
+
+			return $this->slash_item('base_url').$this->slash_item('index_page').$uri;
 		}
-		elseif (is_array($uri) OR strpos($uri, '?') === FALSE)
+		elseif (strpos($uri, '?') === FALSE)
 		{
-			$uri = '?'.$this->_uri_string($uri);
+			$uri = '?'.$uri;
 		}
 
 		return $this->slash_item('base_url').$this->item('index_page').$uri;
diff --git a/system/core/URI.php b/system/core/URI.php
index 208d311a5..6a8b1a5ac 100644
--- a/system/core/URI.php
+++ b/system/core/URI.php
@@ -302,9 +302,11 @@ class CI_URI {
 	 */
 	public function _remove_url_suffix()
 	{
-		if  ($this->config->item('url_suffix') !== '')
+		$suffix = (string) $this->config->item('url_suffix');
+
+		if ($suffix !== '' && ($offset = strrpos($this->uri_string, $suffix)) !== FALSE)
 		{
-			$this->uri_string = preg_replace('|'.preg_quote($this->config->item('url_suffix')).'$|', '', $this->uri_string);
+			$this->uri_string = substr_replace($this->uri_string, '', $offset, strlen($suffix));
 		}
 	}
 
-- 
cgit v1.2.3-24-g4f1b


From 3b6af434b13168828429d06aae7699f6f9537a87 Mon Sep 17 00:00:00 2001
From: Phil Sturgeon 
Date: Thu, 21 Jun 2012 09:21:17 -0500
Subject: Replaced block tag minification regex with a less greedy solution.

---
 system/core/Output.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'system/core')

diff --git a/system/core/Output.php b/system/core/Output.php
index ed294f116..4fdf18f14 100644
--- a/system/core/Output.php
+++ b/system/core/Output.php
@@ -652,7 +652,7 @@ class CI_Output {
 				$output = preg_replace('{\s*\s*}msU', '', $output);
 
 				// Remove spaces around block-level elements.
-				$output = preg_replace('{\s*()\s+}msU', '$1', $output);
+				$output = preg_replace('/\s*(<\/?(html|head|title|meta|script|link|style|body|h[1-6]|div|p|br)[^>]*>)\s*/is', '$1', $output);
 
 				// Replace mangled 
 etc. tags with unprocessed ones.
 
-- 
cgit v1.2.3-24-g4f1b


From 7a744a8ba8f07ba1ec3a48f1d5de641b4025ce20 Mon Sep 17 00:00:00 2001
From: Phil Sturgeon 
Date: Sat, 23 Jun 2012 17:21:00 +0100
Subject: If there is no output then no need to try minifying it

---
 system/core/Output.php | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'system/core')

diff --git a/system/core/Output.php b/system/core/Output.php
index 4fdf18f14..5ec8c4bc0 100644
--- a/system/core/Output.php
+++ b/system/core/Output.php
@@ -625,6 +625,11 @@ class CI_Output {
 
 				$size_before = strlen($output);
 
+				if ($size_before === 0)
+				{
+					return '';
+				}
+
 				// Find all the 
,,}msU', $output, $textareas_clean);
-				preg_match_all('{}msU', $output, $javascript_clean);
+                // Find all the 
,,}msU', $output, $textareas_clean);
+                preg_match_all('{}msU', $output, $javascript_clean);
 
-				// Minify the CSS in all the }msU', $output, $style_clean);
-				foreach ($style_clean[0] as $s)
-				{
-					$output = str_replace($s, $this->minify($s, 'text/css'), $output);
-				}
+                // Minify the CSS in all the }msU', $output, $style_clean);
+                foreach ($style_clean[0] as $s)
+                {
+                    $output = str_replace($s, $this->_minify_script_style($s, $type), $output);
+                }
 
-				// Minify the javascript in }msU', $output, $javascript_messed);
-					$output = str_replace($javascript_messed[0], $javascript_mini, $output);
-				}
+                if (isset($javascript_mini))
+                {
+                    preg_match_all('{}msU', $output, $javascript_messed);
+                    $output = str_replace($javascript_messed[0], $javascript_mini, $output);
+                }
 
-				$size_removed = $size_before - strlen($output);
-				$savings_percent = round(($size_removed / $size_before * 100));
+                $size_removed = $size_before - strlen($output);
+                $savings_percent = round(($size_removed / $size_before * 100));
 
-				log_message('debug', 'Minifier shaved '.($size_removed / 1000).'KB ('.$savings_percent.'%) off final HTML output.');
+                log_message('debug', 'Minifier shaved '.($size_removed / 1000).'KB ('.$savings_percent.'%) off final HTML output.');
 
-			break;
+            break;
 
-			case 'text/css':
-			case 'text/javascript':
+            case 'text/css':
+            case 'text/javascript':
 
-				//Remove CSS comments
-				$output = preg_replace('!/\*[^*]*\*+([^/][^*]*\*+)*/!', '', $output);
+                $output = $this->_minify_scripts_css($output, $type);
 
-				// Remove spaces around curly brackets, colons,
-				// semi-colons, parenthesis, commas
-				$output = preg_replace('!\s*(:|;|,|}|{|\(|\))\s*!', '$1', $output);
+            break;
 
-				// Remove spaces
-			        $output =  preg_replace('/  /s', ' ', $output);
+            default: break;
+        }
 
-			        // Remove breaklines and tabs
-			        $output =  preg_replace('/[\r\n\t]/', '', $output);
+        return $output;
+    }
 
-			break;
 
-			default: break;
-		}
+    // --------------------------------------------------------------------
 
-		return $output;
-	}
+	/**
+	 * Minify Style and Script
+	 *
+	 * Reduce excessive size of CSS/JavaScript content.  To remove spaces this
+     * script walks the string as an array and determines if the pointer is inside
+     * a string created by single quotes or double quotes.  spaces inside those
+     * strings are not stripped.  Opening and closing tags are severed from
+     * the string initially and saved without stripping whitespace to preserve
+     * the tags and any associated properties if tags are present
+	 *
+	 * @param	string	$output	Output to minify
+     * @param   string  $type Output content MIME type
+	 * @return	string	Minified output
+	 */
+    protected function _minify_script_style($output, $type = 'text/html')
+    {
+        // We only need this if there are tags in the file
+        if ($type == 'text/html')
+        {
+            // Remove opening tag and save for later
+            $pos = strpos($output, '>');
+            $open_tag = substr($output, 0, $pos);
+            $output = substr_replace($output, '', 0, $pos);
+
+            // Remove closing tag and save it for later
+            $end_pos = strlen($output);
+            $pos = strpos($output, ' $value)
+        {
+            if ($in_string === FALSE and $in_dstring === FALSE)
+            {
+                if ($value == ' ')
+                {
+                    unset($array_output[$key]);
+                }
+            }
+
+            if ($value == "'")
+            {
+                $in_string = !$in_string;
+            }
+
+            if ($value == '"')
+            {
+                $in_dstring = !$in_dstring;
+            }
+        }
+
+        $output =  implode($array_output);
+
+        // Remove breaklines and tabs
+        $output =  preg_replace('/[\r\n\t]/', '', $output);
+
+        // Put the opening and closing tags back if applicable
+        if (isset($open_tag))
+        {
+            $output = $open_tag . $output . $closing_tag;
+        }
+
+        return $output;
+    }
 
 }
 
-- 
cgit v1.2.3-24-g4f1b


From 638a9d243065733f862761eed0fa5829409b571a Mon Sep 17 00:00:00 2001
From: brian978 
Date: Tue, 18 Dec 2012 13:25:54 +0200
Subject: Replaced spaces with tabs for indentation and || with OR

---
 system/core/Security.php | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Security.php b/system/core/Security.php
index 8c70e85de..5ae8e653c 100644
--- a/system/core/Security.php
+++ b/system/core/Security.php
@@ -526,17 +526,17 @@ class CI_Security {
 			$charset = config_item('charset');
 		}
 
-                do
-                {
-                    $matches = $matches1 = 0;
+		do
+		{
+			$matches = $matches1 = 0;
 
-                    $str = html_entity_decode($str, ENT_COMPAT, $charset);
-                    $str = preg_replace('~&#x(0*[0-9a-f]{2,5})~ei', 'chr(hexdec("\\1"))', $str, -1, $matches);
-                    $str = preg_replace('~&#([0-9]{2,4})~e', 'chr(\\1)', $str, -1, $matches1);
-                }
-                while($matches || $matches1);
+			$str = html_entity_decode($str, ENT_COMPAT, $charset);
+			$str = preg_replace('~&#x(0*[0-9a-f]{2,5})~ei', 'chr(hexdec("\\1"))', $str, -1, $matches);
+			$str = preg_replace('~&#([0-9]{2,4})~e', 'chr(\\1)', $str, -1, $matches1);
+		}
+		while($matches OR $matches1);
 
-                return $str;
+		return $str;
 	}
 
 	// --------------------------------------------------------------------
-- 
cgit v1.2.3-24-g4f1b


From 79503c59f5c1b6dea906c62adde63e291347fac0 Mon Sep 17 00:00:00 2001
From: Andrew Podner 
Date: Tue, 18 Dec 2012 07:47:38 -0500
Subject: fixes #2078: refinement of the minify function for CSS and scripts.

---
 system/core/Output.php | 268 ++++++++++++++++++++++++-------------------------
 1 file changed, 134 insertions(+), 134 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Output.php b/system/core/Output.php
index 1fafa848b..e33f4b0b7 100644
--- a/system/core/Output.php
+++ b/system/core/Output.php
@@ -705,172 +705,172 @@ class CI_Output {
 	 * @return	string	Minified output
 	 */
 	public function minify($output, $type = 'text/html')
-    {
-        switch ($type)
-        {
-            case 'text/html':
+	{
+		switch ($type)
+		{
+			case 'text/html':
 
-                $size_before = strlen($output);
+				$size_before = strlen($output);
 
-                if ($size_before === 0)
-                {
-                    return '';
-                }
+				if ($size_before === 0)
+				{
+					return '';
+				}
 
-                // Find all the 
,,}msU', $output, $textareas_clean);
-                preg_match_all('{}msU', $output, $javascript_clean);
+				// Find all the 
,,}msU', $output, $textareas_clean);
+				preg_match_all('{}msU', $output, $javascript_clean);
 
-                // Minify the CSS in all the }msU', $output, $style_clean);
-                foreach ($style_clean[0] as $s)
-                {
-                    $output = str_replace($s, $this->_minify_script_style($s, $type), $output);
-                }
+				// Minify the CSS in all the }msU', $output, $style_clean);
+				foreach ($style_clean[0] as $s)
+				{
+					$output = str_replace($s, $this->_minify_script_style($s, $type), $output);
+				}
 
-                // Minify the javascript in }msU', $output, $javascript_messed);
-                    $output = str_replace($javascript_messed[0], $javascript_mini, $output);
-                }
+				if (isset($javascript_mini))
+				{
+					preg_match_all('{}msU', $output, $javascript_messed);
+					$output = str_replace($javascript_messed[0], $javascript_mini, $output);
+				}
 
-                $size_removed = $size_before - strlen($output);
-                $savings_percent = round(($size_removed / $size_before * 100));
+				$size_removed = $size_before - strlen($output);
+				$savings_percent = round(($size_removed / $size_before * 100));
 
-                log_message('debug', 'Minifier shaved '.($size_removed / 1000).'KB ('.$savings_percent.'%) off final HTML output.');
+				log_message('debug', 'Minifier shaved '.($size_removed / 1000).'KB ('.$savings_percent.'%) off final HTML output.');
 
-            break;
+			break;
 
-            case 'text/css':
-            case 'text/javascript':
+			case 'text/css':
+			case 'text/javascript':
 
-                $output = $this->_minify_scripts_css($output, $type);
+				$output = $this->_minify_scripts_css($output, $type);
 
-            break;
+			break;
 
-            default: break;
-        }
+			default: break;
+		}
 
-        return $output;
-    }
+		return $output;
+	}
 
 
-    // --------------------------------------------------------------------
+	// --------------------------------------------------------------------
 
 	/**
 	 * Minify Style and Script
 	 *
 	 * Reduce excessive size of CSS/JavaScript content.  To remove spaces this
-     * script walks the string as an array and determines if the pointer is inside
-     * a string created by single quotes or double quotes.  spaces inside those
-     * strings are not stripped.  Opening and closing tags are severed from
-     * the string initially and saved without stripping whitespace to preserve
-     * the tags and any associated properties if tags are present
+	 * script walks the string as an array and determines if the pointer is inside
+	 * a string created by single quotes or double quotes.  spaces inside those
+	 * strings are not stripped.  Opening and closing tags are severed from
+	 * the string initially and saved without stripping whitespace to preserve
+	 * the tags and any associated properties if tags are present
 	 *
 	 * @param	string	$output	Output to minify
-     * @param   string  $type Output content MIME type
+	 * @param	string  $type Output content MIME type
 	 * @return	string	Minified output
 	 */
-    protected function _minify_script_style($output, $type = 'text/html')
-    {
-        // We only need this if there are tags in the file
-        if ($type == 'text/html')
-        {
-            // Remove opening tag and save for later
-            $pos = strpos($output, '>');
-            $open_tag = substr($output, 0, $pos);
-            $output = substr_replace($output, '', 0, $pos);
-
-            // Remove closing tag and save it for later
-            $end_pos = strlen($output);
-            $pos = strpos($output, ' $value)
-        {
-            if ($in_string === FALSE and $in_dstring === FALSE)
-            {
-                if ($value == ' ')
-                {
-                    unset($array_output[$key]);
-                }
-            }
-
-            if ($value == "'")
-            {
-                $in_string = !$in_string;
-            }
-
-            if ($value == '"')
-            {
-                $in_dstring = !$in_dstring;
-            }
-        }
-
-        $output =  implode($array_output);
-
-        // Remove breaklines and tabs
-        $output =  preg_replace('/[\r\n\t]/', '', $output);
-
-        // Put the opening and closing tags back if applicable
-        if (isset($open_tag))
-        {
-            $output = $open_tag . $output . $closing_tag;
-        }
-
-        return $output;
-    }
+	protected function _minify_script_style($output, $type = 'text/html')
+	{
+		// We only need this if there are tags in the file
+		if ($type == 'text/html')
+		{
+			// Remove opening tag and save for later
+			$pos = strpos($output, '>');
+			$open_tag = substr($output, 0, $pos);
+			$output = substr_replace($output, '', 0, $pos);
+
+			// Remove closing tag and save it for later
+			$end_pos = strlen($output);
+			$pos = strpos($output, ' $value)
+		{
+			if ($in_string === FALSE and $in_dstring === FALSE)
+			{
+				if ($value == ' ')
+				{
+					unset($array_output[$key]);
+				}
+			}
+
+			if ($value == "'")
+			{
+				$in_string = !$in_string;
+			}
+
+			if ($value == '"')
+			{
+				$in_dstring = !$in_dstring;
+			}
+		}
+
+		$output = implode($array_output);
+
+		// Remove breaklines and tabs
+		$output = preg_replace('/[\r\n\t]/', '', $output);
+
+		// Put the opening and closing tags back if applicable
+		if (isset($open_tag))
+		{
+			$output = $open_tag . $output . $closing_tag;
+		}
+
+		return $output;
+	}
 
 }
 
-- 
cgit v1.2.3-24-g4f1b


From 7747f0a2eecd85285a7f2acd223df6f54b543e0e Mon Sep 17 00:00:00 2001
From: Andrew Podner 
Date: Tue, 18 Dec 2012 13:13:15 -0500
Subject: fixes #2078: formatting / styleguide cleanup

---
 system/core/Output.php | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Output.php b/system/core/Output.php
index e33f4b0b7..338c8b7e6 100644
--- a/system/core/Output.php
+++ b/system/core/Output.php
@@ -839,22 +839,22 @@ class CI_Output {
 		$array_output = str_split($output);
 		foreach ($array_output as $key => $value)
 		{
-			if ($in_string === FALSE and $in_dstring === FALSE)
+			if ($in_string === FALSE && $in_dstring === FALSE)
 			{
-				if ($value == ' ')
+				if ($value === ' ')
 				{
 					unset($array_output[$key]);
 				}
 			}
 
-			if ($value == "'")
+			if ($value === "'")
 			{
-				$in_string = !$in_string;
+				$in_string = ! $in_string;
 			}
 
-			if ($value == '"')
+			if ($value === '"')
 			{
-				$in_dstring = !$in_dstring;
+				$in_dstring = ! $in_dstring;
 			}
 		}
 
@@ -866,7 +866,7 @@ class CI_Output {
 		// Put the opening and closing tags back if applicable
 		if (isset($open_tag))
 		{
-			$output = $open_tag . $output . $closing_tag;
+			$output = $open_tag.$output.$closing_tag;
 		}
 
 		return $output;
-- 
cgit v1.2.3-24-g4f1b


From 9a171a0f7120e61e8bed44abda4930c5d8eeb256 Mon Sep 17 00:00:00 2001
From: Andrew Podner 
Date: Tue, 18 Dec 2012 13:18:25 -0500
Subject: fixes #2078: formatting / styleguide cleanup (take2)

---
 system/core/Output.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'system/core')

diff --git a/system/core/Output.php b/system/core/Output.php
index 338c8b7e6..3a94d97e1 100644
--- a/system/core/Output.php
+++ b/system/core/Output.php
@@ -782,7 +782,7 @@ class CI_Output {
 			case 'text/css':
 			case 'text/javascript':
 
-				$output = $this->_minify_scripts_css($output, $type);
+				$output = $this->_minify_script_style($output, $type);
 
 			break;
 
-- 
cgit v1.2.3-24-g4f1b


From 9dfceda245c7833edd3311ed0e5e5704db34e847 Mon Sep 17 00:00:00 2001
From: Andrew Podner 
Date: Tue, 18 Dec 2012 19:37:22 -0500
Subject: fixes #2078: changing type variable to boolean in protected method

---
 system/core/Output.php | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Output.php b/system/core/Output.php
index 3a94d97e1..2793d4132 100644
--- a/system/core/Output.php
+++ b/system/core/Output.php
@@ -728,13 +728,13 @@ class CI_Output {
 				preg_match_all('{}msU', $output, $style_clean);
 				foreach ($style_clean[0] as $s)
 				{
-					$output = str_replace($s, $this->_minify_script_style($s, $type), $output);
+					$output = str_replace($s, $this->_minify_script_style($s, TRUE), $output);
 				}
 
 				// Minify the javascript in }msU', $output, $javascript_clean);
-
-				// Minify the CSS in all the }msU', $output, $style_clean);
-				foreach ($style_clean[0] as $s)
-				{
-					$output = str_replace($s, $this->_minify_script_style($s, TRUE), $output);
-				}
-
-				// Minify the javascript in }msU', $output, $javascript_messed);
-					$output = str_replace($javascript_messed[0], $javascript_mini, $output);
-				}
-
-				$size_removed = $size_before - strlen($output);
-				$savings_percent = round(($size_removed / $size_before * 100));
-
-				log_message('debug', 'Minifier shaved '.($size_removed / 1000).'KB ('.$savings_percent.'%) off final HTML output.');
-
-			break;
-
-			case 'text/css':
-			case 'text/javascript':
-
-				$output = $this->_minify_script_style($output);
-
-			break;
-
-			default: break;
-		}
-
-		return $output;
-	}
-
-	// --------------------------------------------------------------------
-
-	/**
-	 * Minify Style and Script
-	 *
-	 * Reduce excessive size of CSS/JavaScript content.  To remove spaces this
-	 * script walks the string as an array and determines if the pointer is inside
-	 * a string created by single quotes or double quotes.  spaces inside those
-	 * strings are not stripped.  Opening and closing tags are severed from
-	 * the string initially and saved without stripping whitespace to preserve
-	 * the tags and any associated properties if tags are present
-	 *
-	 * Minification logic/workflow is similar to methods used by Douglas Crockford
-	 * in JSMIN. http://www.crockford.com/javascript/jsmin.html
-	 *
-	 * KNOWN ISSUE: ending a line with a closing parenthesis ')' and no semicolon
-	 * where there should be one will break the Javascript. New lines after a
-	 * closing parenthesis are not recognized by the script. For best results
-	 * be sure to terminate lines with a semicolon when appropriate.
-	 *
-	 * @param	string	$output		Output to minify
-	 * @param	bool	$has_tags	Specify if the output has style or script tags
-	 * @return	string	Minified output
-	 */
-	protected function _minify_script_style($output, $has_tags = FALSE)
-	{
-		// We only need this if there are tags in the file
-		if ($has_tags === TRUE)
-		{
-			// Remove opening tag and save for later
-			$pos = strpos($output, '>') + 1;
-			$open_tag = substr($output, 0, $pos);
-			$output = substr_replace($output, '', 0, $pos);
-
-			// Remove closing tag and save it for later
-			$end_pos = strlen($output);
-			$pos = strpos($output, ' $value)
-		{
-			if ($in_string === FALSE && $in_dstring === FALSE)
-			{
-				if ($value === ' ')
-				{
-					// Get the next element in the array for comparisons
-					$next = $array_output[$key + 1];
-
-					// Strip spaces preceded/followed by a non-ASCII character
-					// or not preceded/followed by an alphanumeric
-					// or not preceded/followed \ $ and _
-					if ((preg_match('/^[\x20-\x7f]*$/D', $next) OR preg_match('/^[\x20-\x7f]*$/D', $prev))
-						&& ( ! ctype_alnum($next) OR ! ctype_alnum($prev))
-						&& ! in_array($next, array('\\', '_', '$'), TRUE)
-						&& ! in_array($prev, array('\\', '_', '$'), TRUE)
-					)
-					{
-						unset($array_output[$key]);
-					}
-				}
-				else
-				{
-					// Save this value as previous for the next iteration
-					// if it is not a blank space
-					$prev = $value;
-				}
-			}
-
-			if ($value === "'")
-			{
-				$in_string = ! $in_string;
-			}
-			elseif ($value === '"')
-			{
-				$in_dstring = ! $in_dstring;
-			}
-		}
-
-		// Put the string back together after spaces have been stripped
-		$output = implode($array_output);
-
-		// Remove new line characters unless previous or next character is
-		// printable or Non-ASCII
-		preg_match_all('/[\n]/', $output, $lf, PREG_OFFSET_CAPTURE);
-		$removed_lf = 0;
-		foreach ($lf as $feed_position)
-		{
-			foreach ($feed_position as $position)
-			{
-				$position = $position[1] - $removed_lf;
-				$next = $output[$position + 1];
-				$prev = $output[$position - 1];
-				if ( ! ctype_print($next) && ! ctype_print($prev)
-					&& ! preg_match('/^[\x20-\x7f]*$/D', $next)
-					&& ! preg_match('/^[\x20-\x7f]*$/D', $prev)
-				)
-				{
-					$output = substr_replace($output, '', $position, 1);
-					$removed_lf++;
-				}
-			}
-		}
-
-		// Put the opening and closing tags back if applicable
-		return isset($open_tag)
-			? $open_tag.$output.$closing_tag
-			: $output;
-	}
-
-}
-
-/* End of file Output.php */
+_zlib_oc = (bool) @ini_get('zlib.output_compression');
+
+		// Get mime types for later
+		$this->mimes =& get_mimes();
+
+		log_message('debug', 'Output Class Initialized');
+	}
+
+	// --------------------------------------------------------------------
+
+	/**
+	 * Get Output
+	 *
+	 * Returns the current output string.
+	 *
+	 * @return	string
+	 */
+	public function get_output()
+	{
+		return $this->final_output;
+	}
+
+	// --------------------------------------------------------------------
+
+	/**
+	 * Set Output
+	 *
+	 * Sets the output string.
+	 *
+	 * @param	string	$output	Output data
+	 * @return	CI_Output
+	 */
+	public function set_output($output)
+	{
+		$this->final_output = $output;
+		return $this;
+	}
+
+	// --------------------------------------------------------------------
+
+	/**
+	 * Append Output
+	 *
+	 * Appends data onto the output string.
+	 *
+	 * @param	string	$output	Data to append
+	 * @return	CI_Output
+	 */
+	public function append_output($output)
+	{
+		if (empty($this->final_output))
+		{
+			$this->final_output = $output;
+		}
+		else
+		{
+			$this->final_output .= $output;
+		}
+
+		return $this;
+	}
+
+	// --------------------------------------------------------------------
+
+	/**
+	 * Set Header
+	 *
+	 * Lets you set a server header which will be sent with the final output.
+	 *
+	 * Note: If a file is cached, headers will not be sent.
+	 * @todo	We need to figure out how to permit headers to be cached.
+	 *
+	 * @param	string	$header		Header
+	 * @param	bool	$replace	Whether to replace the old header value, if already set
+	 * @return	CI_Output
+	 */
+	public function set_header($header, $replace = TRUE)
+	{
+		// If zlib.output_compression is enabled it will compress the output,
+		// but it will not modify the content-length header to compensate for
+		// the reduction, causing the browser to hang waiting for more data.
+		// We'll just skip content-length in those cases.
+		if ($this->_zlib_oc && strncasecmp($header, 'content-length', 14) === 0)
+		{
+			return $this;
+		}
+
+		$this->headers[] = array($header, $replace);
+		return $this;
+	}
+
+	// --------------------------------------------------------------------
+
+	/**
+	 * Set Content-Type Header
+	 *
+	 * @param	string	$mime_type	Extension of the file we're outputting
+	 * @param	string	$charset	Character set (default: NULL)
+	 * @return	CI_Output
+	 */
+	public function set_content_type($mime_type, $charset = NULL)
+	{
+		if (strpos($mime_type, '/') === FALSE)
+		{
+			$extension = ltrim($mime_type, '.');
+
+			// Is this extension supported?
+			if (isset($this->mimes[$extension]))
+			{
+				$mime_type =& $this->mimes[$extension];
+
+				if (is_array($mime_type))
+				{
+					$mime_type = current($mime_type);
+				}
+			}
+		}
+
+		$this->mime_type = $mime_type;
+
+		if (empty($charset))
+		{
+			$charset = config_item('charset');
+		}
+
+		$header = 'Content-Type: '.$mime_type
+			.(empty($charset) ? NULL : '; charset='.$charset);
+
+		$this->headers[] = array($header, TRUE);
+		return $this;
+	}
+
+	// --------------------------------------------------------------------
+
+	/**
+	 * Get Current Content-Type Header
+	 *
+	 * @return	string	'text/html', if not already set
+	 */
+	public function get_content_type()
+	{
+		for ($i = 0, $c = count($this->headers); $i < $c; $i++)
+		{
+			if (sscanf($this->headers[$i][0], 'Content-Type: %[^;]', $content_type) === 1)
+			{
+				return $content_type;
+			}
+		}
+
+		return 'text/html';
+	}
+
+	// --------------------------------------------------------------------
+
+	/**
+	 * Get Header
+	 *
+	 * @param	string	$header_name
+	 * @return	string
+	 */
+	public function get_header($header)
+	{
+		// Combine headers already sent with our batched headers
+		$headers = array_merge(
+			// We only need [x][0] from our multi-dimensional array
+			array_map('array_shift', $this->headers),
+			headers_list()
+		);
+
+		if (empty($headers) OR empty($header))
+		{
+			return NULL;
+		}
+
+		for ($i = 0, $c = count($headers); $i < $c; $i++)
+		{
+			if (strncasecmp($header, $headers[$i], $l = strlen($header)) === 0)
+			{
+				return trim(substr($headers[$i], $l+1));
+			}
+		}
+
+		return NULL;
+	}
+
+	// --------------------------------------------------------------------
+
+	/**
+	 * Set HTTP Status Header
+	 *
+	 * As of version 1.7.2, this is an alias for common function
+	 * set_status_header().
+	 *
+	 * @param	int	$code	Status code (default: 200)
+	 * @param	string	$text	Optional message
+	 * @return	CI_Output
+	 */
+	public function set_status_header($code = 200, $text = '')
+	{
+		set_status_header($code, $text);
+		return $this;
+	}
+
+	// --------------------------------------------------------------------
+
+	/**
+	 * Enable/disable Profiler
+	 *
+	 * @param	bool	$val	TRUE to enable or FALSE to disable
+	 * @return	CI_Output
+	 */
+	public function enable_profiler($val = TRUE)
+	{
+		$this->enable_profiler = is_bool($val) ? $val : TRUE;
+		return $this;
+	}
+
+	// --------------------------------------------------------------------
+
+	/**
+	 * Set Profiler Sections
+	 *
+	 * Allows override of default/config settings for
+	 * Profiler section display.
+	 *
+	 * @param	array	$sections	Profiler sections
+	 * @return	CI_Output
+	 */
+	public function set_profiler_sections($sections)
+	{
+		if (isset($sections['query_toggle_count']))
+		{
+			$this->_profiler_sections['query_toggle_count'] = (int) $sections['query_toggle_count'];
+			unset($sections['query_toggle_count']);
+		}
+
+		foreach ($sections as $section => $enable)
+		{
+			$this->_profiler_sections[$section] = ($enable !== FALSE);
+		}
+
+		return $this;
+	}
+
+	// --------------------------------------------------------------------
+
+	/**
+	 * Set Cache
+	 *
+	 * @param	int	$time	Cache expiration time in seconds
+	 * @return	CI_Output
+	 */
+	public function cache($time)
+	{
+		$this->cache_expiration = is_numeric($time) ? $time : 0;
+		return $this;
+	}
+
+	// --------------------------------------------------------------------
+
+	/**
+	 * Display Output
+	 *
+	 * Processes sends the sends finalized output data to the browser along
+	 * with any server headers and profile data. It also stops benchmark
+	 * timers so the page rendering speed and memory usage can be shown.
+	 *
+	 * Note: All "view" data is automatically put into $this->final_output
+	 *	 by controller class.
+	 *
+	 * @uses	CI_Output::$final_output
+	 * @param	string	$output	Output data override
+	 * @return	void
+	 */
+	public function _display($output = '')
+	{
+		// Note:  We use globals because we can't use $CI =& get_instance()
+		// since this function is sometimes called by the caching mechanism,
+		// which happens before the CI super object is available.
+		global $BM, $CFG;
+
+		// Grab the super object if we can.
+		if (class_exists('CI_Controller'))
+		{
+			$CI =& get_instance();
+		}
+
+		// --------------------------------------------------------------------
+
+		// Set the output data
+		if ($output === '')
+		{
+			$output =& $this->final_output;
+		}
+
+		// --------------------------------------------------------------------
+
+		// Is minify requested?
+		if ($CFG->item('minify_output') === TRUE)
+		{
+			$output = $this->minify($output, $this->mime_type);
+		}
+
+		// --------------------------------------------------------------------
+
+		// Do we need to write a cache file? Only if the controller does not have its
+		// own _output() method and we are not dealing with a cache file, which we
+		// can determine by the existence of the $CI object above
+		if ($this->cache_expiration > 0 && isset($CI) && ! method_exists($CI, '_output'))
+		{
+			$this->_write_cache($output);
+		}
+
+		// --------------------------------------------------------------------
+
+		// Parse out the elapsed time and memory usage,
+		// then swap the pseudo-variables with the data
+
+		$elapsed = $BM->elapsed_time('total_execution_time_start', 'total_execution_time_end');
+
+		if ($this->parse_exec_vars === TRUE)
+		{
+			$memory	= round(memory_get_usage() / 1024 / 1024, 2).'MB';
+
+			$output = str_replace(array('{elapsed_time}', '{memory_usage}'), array($elapsed, $memory), $output);
+		}
+
+		// --------------------------------------------------------------------
+
+		// Is compression requested?
+		if ($CFG->item('compress_output') === TRUE && $this->_zlib_oc === FALSE
+			&& extension_loaded('zlib')
+			&& isset($_SERVER['HTTP_ACCEPT_ENCODING']) && strpos($_SERVER['HTTP_ACCEPT_ENCODING'], 'gzip') !== FALSE)
+		{
+			ob_start('ob_gzhandler');
+		}
+
+		// --------------------------------------------------------------------
+
+		// Are there any server headers to send?
+		if (count($this->headers) > 0)
+		{
+			foreach ($this->headers as $header)
+			{
+				@header($header[0], $header[1]);
+			}
+		}
+
+		// --------------------------------------------------------------------
+
+		// Does the $CI object exist?
+		// If not we know we are dealing with a cache file so we'll
+		// simply echo out the data and exit.
+		if ( ! isset($CI))
+		{
+			echo $output;
+			log_message('debug', 'Final output sent to browser');
+			log_message('debug', 'Total execution time: '.$elapsed);
+			return;
+		}
+
+		// --------------------------------------------------------------------
+
+		// Do we need to generate profile data?
+		// If so, load the Profile class and run it.
+		if ($this->enable_profiler === TRUE)
+		{
+			$CI->load->library('profiler');
+			if ( ! empty($this->_profiler_sections))
+			{
+				$CI->profiler->set_sections($this->_profiler_sections);
+			}
+
+			// If the output data contains closing  and  tags
+			// we will remove them and add them back after we insert the profile data
+			$output = preg_replace('|.*?|is', '', $output, -1, $count).$CI->profiler->run();
+			if ($count > 0)
+			{
+				$output .= '';
+			}
+		}
+
+		// Does the controller contain a function named _output()?
+		// If so send the output there.  Otherwise, echo it.
+		if (method_exists($CI, '_output'))
+		{
+			$CI->_output($output);
+		}
+		else
+		{
+			echo $output; // Send it to the browser!
+		}
+
+		log_message('debug', 'Final output sent to browser');
+		log_message('debug', 'Total execution time: '.$elapsed);
+	}
+
+	// --------------------------------------------------------------------
+
+	/**
+	 * Write Cache
+	 *
+	 * @param	string	$output	Output data to cache
+	 * @return	void
+	 */
+	public function _write_cache($output)
+	{
+		$CI =& get_instance();
+		$path = $CI->config->item('cache_path');
+		$cache_path = ($path === '') ? APPPATH.'cache/' : $path;
+
+		if ( ! is_dir($cache_path) OR ! is_really_writable($cache_path))
+		{
+			log_message('error', 'Unable to write cache file: '.$cache_path);
+			return;
+		}
+
+		$uri =	$CI->config->item('base_url').
+				$CI->config->item('index_page').
+				$CI->uri->uri_string();
+
+		$cache_path .= md5($uri);
+
+		if ( ! $fp = @fopen($cache_path, FOPEN_WRITE_CREATE_DESTRUCTIVE))
+		{
+			log_message('error', 'Unable to write cache file: '.$cache_path);
+			return;
+		}
+
+		$expire = time() + ($this->cache_expiration * 60);
+
+		if (flock($fp, LOCK_EX))
+		{
+			fwrite($fp, $expire.'TS--->'.$output);
+			flock($fp, LOCK_UN);
+		}
+		else
+		{
+			log_message('error', 'Unable to secure a file lock for file at: '.$cache_path);
+			return;
+		}
+		fclose($fp);
+		@chmod($cache_path, FILE_WRITE_MODE);
+
+		log_message('debug', 'Cache file written: '.$cache_path);
+
+		// Send HTTP cache-control headers to browser to match file cache settings.
+		$this->set_cache_header($_SERVER['REQUEST_TIME'], $expire);
+	}
+
+	// --------------------------------------------------------------------
+
+	/**
+	 * Update/serve cached output
+	 *
+	 * @uses	CI_Config
+	 * @uses	CI_URI
+	 *
+	 * @param	object	&$CFG	CI_Config class instance
+	 * @param	object	&$URI	CI_URI class instance
+	 * @return	bool	TRUE on success or FALSE on failure
+	 */
+	public function _display_cache(&$CFG, &$URI)
+	{
+		$cache_path = ($CFG->item('cache_path') === '') ? APPPATH.'cache/' : $CFG->item('cache_path');
+
+		// Build the file path. The file name is an MD5 hash of the full URI
+		$uri =	$CFG->item('base_url').$CFG->item('index_page').$URI->uri_string;
+		$filepath = $cache_path.md5($uri);
+
+		if ( ! @file_exists($filepath) OR ! $fp = @fopen($filepath, FOPEN_READ))
+		{
+			return FALSE;
+		}
+
+		flock($fp, LOCK_SH);
+
+		$cache = (filesize($filepath) > 0) ? fread($fp, filesize($filepath)) : '';
+
+		flock($fp, LOCK_UN);
+		fclose($fp);
+
+		// Strip out the embedded timestamp
+		if ( ! preg_match('/^(\d+)TS--->/', $cache, $match))
+		{
+			return FALSE;
+		}
+
+		$last_modified = filemtime($cache_path);
+		$expire = $match[1];
+
+		// Has the file expired?
+		if ($_SERVER['REQUEST_TIME'] >= $expire && is_really_writable($cache_path))
+		{
+			// If so we'll delete it.
+			@unlink($filepath);
+			log_message('debug', 'Cache file has expired. File deleted.');
+			return FALSE;
+		}
+		else
+		{
+			// Or else send the HTTP cache control headers.
+			$this->set_cache_header($last_modified, $expire);
+		}
+
+		// Display the cache
+		$this->_display(substr($cache, strlen($match[0])));
+		log_message('debug', 'Cache file is current. Sending it to browser.');
+		return TRUE;
+	}
+
+	// --------------------------------------------------------------------
+
+	/**
+	 * Delete cache
+	 *
+	 * @param	string	$uri	URI string
+	 * @return	bool
+	 */
+	public function delete_cache($uri = '')
+	{
+		$CI =& get_instance();
+		$cache_path = $CI->config->item('cache_path');
+		if ($cache_path === '')
+		{
+			$cache_path = APPPATH.'cache/';
+		}
+
+		if ( ! is_dir($cache_path))
+		{
+			log_message('error', 'Unable to find cache path: '.$cache_path);
+			return FALSE;
+		}
+
+		if (empty($uri))
+		{
+			$uri = $CI->uri->uri_string();
+		}
+
+		$cache_path .= md5($CI->config->item('base_url').$CI->config->item('index_page').$uri);
+
+		if ( ! @unlink($cache_path))
+		{
+			log_message('error', 'Unable to delete cache file for '.$uri);
+			return FALSE;
+		}
+
+		return TRUE;
+	}
+
+	// --------------------------------------------------------------------
+
+	/**
+	 * Set Cache Header
+	 *
+	 * Set the HTTP headers to match the server-side file cache settings
+	 * in order to reduce bandwidth.
+	 *
+	 * @param	int	$last_modified	Timestamp of when the page was last modified
+	 * @param	int	$expiration	Timestamp of when should the requested page expire from cache
+	 * @return	void
+	 */
+	public function set_cache_header($last_modified, $expiration)
+	{
+		$max_age = $expiration - $_SERVER['REQUEST_TIME'];
+
+		if (isset($_SERVER['HTTP_IF_MODIFIED_SINCE']) && $last_modified <= strtotime($_SERVER['HTTP_IF_MODIFIED_SINCE']))
+		{
+			$this->set_status_header(304);
+			exit;
+		}
+		else
+		{
+			header('Pragma: public');
+			header('Cache-Control: max-age=' . $max_age . ', public');
+			header('Expires: '.gmdate('D, d M Y H:i:s', $expiration).' GMT');
+			header('Last-modified: '.gmdate('D, d M Y H:i:s', $last_modified).' GMT');
+		}
+	}
+
+	// --------------------------------------------------------------------
+
+	/**
+	 * Minify
+	 *
+	 * Reduce excessive size of HTML/CSS/JavaScript content.
+	 *
+	 * @param	string	$output	Output to minify
+	 * @param	string	$type	Output content MIME type
+	 * @return	string	Minified output
+	 */
+	public function minify($output, $type = 'text/html')
+	{
+		switch ($type)
+		{
+			case 'text/html':
+
+				if (($size_before = strlen($output)) === 0)
+				{
+					return '';
+				}
+
+				// Find all the 
,,}msU', $output, $textareas_clean);
+				preg_match_all('{}msU', $output, $javascript_clean);
+
+				// Minify the CSS in all the }msU', $output, $style_clean);
+				foreach ($style_clean[0] as $s)
+				{
+					$output = str_replace($s, $this->_minify_script_style($s, TRUE), $output);
+				}
+
+				// Minify the javascript in }msU', $output, $javascript_messed);
+					$output = str_replace($javascript_messed[0], $javascript_mini, $output);
+				}
+
+				$size_removed = $size_before - strlen($output);
+				$savings_percent = round(($size_removed / $size_before * 100));
+
+				log_message('debug', 'Minifier shaved '.($size_removed / 1000).'KB ('.$savings_percent.'%) off final HTML output.');
+
+			break;
+
+			case 'text/css':
+			case 'text/javascript':
+
+				$output = $this->_minify_script_style($output);
+
+			break;
+
+			default: break;
+		}
+
+		return $output;
+	}
+
+	// --------------------------------------------------------------------
+
+	/**
+	 * Minify Style and Script
+	 *
+	 * Reduce excessive size of CSS/JavaScript content.  To remove spaces this
+	 * script walks the string as an array and determines if the pointer is inside
+	 * a string created by single quotes or double quotes.  spaces inside those
+	 * strings are not stripped.  Opening and closing tags are severed from
+	 * the string initially and saved without stripping whitespace to preserve
+	 * the tags and any associated properties if tags are present
+	 *
+	 * Minification logic/workflow is similar to methods used by Douglas Crockford
+	 * in JSMIN. http://www.crockford.com/javascript/jsmin.html
+	 *
+	 * KNOWN ISSUE: ending a line with a closing parenthesis ')' and no semicolon
+	 * where there should be one will break the Javascript. New lines after a
+	 * closing parenthesis are not recognized by the script. For best results
+	 * be sure to terminate lines with a semicolon when appropriate.
+	 *
+	 * @param	string	$output		Output to minify
+	 * @param	bool	$has_tags	Specify if the output has style or script tags
+	 * @return	string	Minified output
+	 */
+	protected function _minify_script_style($output, $has_tags = FALSE)
+	{
+		// We only need this if there are tags in the file
+		if ($has_tags === TRUE)
+		{
+			// Remove opening tag and save for later
+			$pos = strpos($output, '>') + 1;
+			$open_tag = substr($output, 0, $pos);
+			$output = substr_replace($output, '', 0, $pos);
+
+			// Remove closing tag and save it for later
+			$end_pos = strlen($output);
+			$pos = strpos($output, ' $value)
+		{
+			if ($in_string === FALSE && $in_dstring === FALSE)
+			{
+				if ($value === ' ')
+				{
+					// Get the next element in the array for comparisons
+					$next = $array_output[$key + 1];
+
+					// Strip spaces preceded/followed by a non-ASCII character
+					// or not preceded/followed by an alphanumeric
+					// or not preceded/followed \ $ and _
+					if ((preg_match('/^[\x20-\x7f]*$/D', $next) OR preg_match('/^[\x20-\x7f]*$/D', $prev))
+						&& ( ! ctype_alnum($next) OR ! ctype_alnum($prev))
+						&& ! in_array($next, array('\\', '_', '$'), TRUE)
+						&& ! in_array($prev, array('\\', '_', '$'), TRUE)
+					)
+					{
+						unset($array_output[$key]);
+					}
+				}
+				else
+				{
+					// Save this value as previous for the next iteration
+					// if it is not a blank space
+					$prev = $value;
+				}
+			}
+
+			if ($value === "'")
+			{
+				$in_string = ! $in_string;
+			}
+			elseif ($value === '"')
+			{
+				$in_dstring = ! $in_dstring;
+			}
+		}
+
+		// Put the string back together after spaces have been stripped
+		$output = implode($array_output);
+
+		// Remove new line characters unless previous or next character is
+		// printable or Non-ASCII
+		preg_match_all('/[\n]/', $output, $lf, PREG_OFFSET_CAPTURE);
+		$removed_lf = 0;
+		foreach ($lf as $feed_position)
+		{
+			foreach ($feed_position as $position)
+			{
+				$position = $position[1] - $removed_lf;
+				$next = $output[$position + 1];
+				$prev = $output[$position - 1];
+				if ( ! ctype_print($next) && ! ctype_print($prev)
+					&& ! preg_match('/^[\x20-\x7f]*$/D', $next)
+					&& ! preg_match('/^[\x20-\x7f]*$/D', $prev)
+				)
+				{
+					$output = substr_replace($output, '', $position, 1);
+					$removed_lf++;
+				}
+			}
+		}
+
+		// Put the opening and closing tags back if applicable
+		return isset($open_tag)
+			? $open_tag.$output.$closing_tag
+			: $output;
+	}
+
+}
+
+/* End of file Output.php */
 /* Location: ./system/core/Output.php */
\ No newline at end of file
-- 
cgit v1.2.3-24-g4f1b


From 362b80054ed80940064fd7891a9628279498504b Mon Sep 17 00:00:00 2001
From: Michael Dodge 
Date: Fri, 4 Jan 2013 23:18:39 -0700
Subject: Revert "Fix MSIE conditionals regex in minify output func"

This reverts commit 8e12c787042396e172a7448c65bd16c3015ffb0f.
---
 system/core/Output.php | 1842 ++++++++++++++++++++++++------------------------
 1 file changed, 921 insertions(+), 921 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Output.php b/system/core/Output.php
index b45263942..ce0500e71 100644
--- a/system/core/Output.php
+++ b/system/core/Output.php
@@ -1,922 +1,922 @@
-_zlib_oc = (bool) @ini_get('zlib.output_compression');
-
-		// Get mime types for later
-		$this->mimes =& get_mimes();
-
-		log_message('debug', 'Output Class Initialized');
-	}
-
-	// --------------------------------------------------------------------
-
-	/**
-	 * Get Output
-	 *
-	 * Returns the current output string.
-	 *
-	 * @return	string
-	 */
-	public function get_output()
-	{
-		return $this->final_output;
-	}
-
-	// --------------------------------------------------------------------
-
-	/**
-	 * Set Output
-	 *
-	 * Sets the output string.
-	 *
-	 * @param	string	$output	Output data
-	 * @return	CI_Output
-	 */
-	public function set_output($output)
-	{
-		$this->final_output = $output;
-		return $this;
-	}
-
-	// --------------------------------------------------------------------
-
-	/**
-	 * Append Output
-	 *
-	 * Appends data onto the output string.
-	 *
-	 * @param	string	$output	Data to append
-	 * @return	CI_Output
-	 */
-	public function append_output($output)
-	{
-		if (empty($this->final_output))
-		{
-			$this->final_output = $output;
-		}
-		else
-		{
-			$this->final_output .= $output;
-		}
-
-		return $this;
-	}
-
-	// --------------------------------------------------------------------
-
-	/**
-	 * Set Header
-	 *
-	 * Lets you set a server header which will be sent with the final output.
-	 *
-	 * Note: If a file is cached, headers will not be sent.
-	 * @todo	We need to figure out how to permit headers to be cached.
-	 *
-	 * @param	string	$header		Header
-	 * @param	bool	$replace	Whether to replace the old header value, if already set
-	 * @return	CI_Output
-	 */
-	public function set_header($header, $replace = TRUE)
-	{
-		// If zlib.output_compression is enabled it will compress the output,
-		// but it will not modify the content-length header to compensate for
-		// the reduction, causing the browser to hang waiting for more data.
-		// We'll just skip content-length in those cases.
-		if ($this->_zlib_oc && strncasecmp($header, 'content-length', 14) === 0)
-		{
-			return $this;
-		}
-
-		$this->headers[] = array($header, $replace);
-		return $this;
-	}
-
-	// --------------------------------------------------------------------
-
-	/**
-	 * Set Content-Type Header
-	 *
-	 * @param	string	$mime_type	Extension of the file we're outputting
-	 * @param	string	$charset	Character set (default: NULL)
-	 * @return	CI_Output
-	 */
-	public function set_content_type($mime_type, $charset = NULL)
-	{
-		if (strpos($mime_type, '/') === FALSE)
-		{
-			$extension = ltrim($mime_type, '.');
-
-			// Is this extension supported?
-			if (isset($this->mimes[$extension]))
-			{
-				$mime_type =& $this->mimes[$extension];
-
-				if (is_array($mime_type))
-				{
-					$mime_type = current($mime_type);
-				}
-			}
-		}
-
-		$this->mime_type = $mime_type;
-
-		if (empty($charset))
-		{
-			$charset = config_item('charset');
-		}
-
-		$header = 'Content-Type: '.$mime_type
-			.(empty($charset) ? NULL : '; charset='.$charset);
-
-		$this->headers[] = array($header, TRUE);
-		return $this;
-	}
-
-	// --------------------------------------------------------------------
-
-	/**
-	 * Get Current Content-Type Header
-	 *
-	 * @return	string	'text/html', if not already set
-	 */
-	public function get_content_type()
-	{
-		for ($i = 0, $c = count($this->headers); $i < $c; $i++)
-		{
-			if (sscanf($this->headers[$i][0], 'Content-Type: %[^;]', $content_type) === 1)
-			{
-				return $content_type;
-			}
-		}
-
-		return 'text/html';
-	}
-
-	// --------------------------------------------------------------------
-
-	/**
-	 * Get Header
-	 *
-	 * @param	string	$header_name
-	 * @return	string
-	 */
-	public function get_header($header)
-	{
-		// Combine headers already sent with our batched headers
-		$headers = array_merge(
-			// We only need [x][0] from our multi-dimensional array
-			array_map('array_shift', $this->headers),
-			headers_list()
-		);
-
-		if (empty($headers) OR empty($header))
-		{
-			return NULL;
-		}
-
-		for ($i = 0, $c = count($headers); $i < $c; $i++)
-		{
-			if (strncasecmp($header, $headers[$i], $l = strlen($header)) === 0)
-			{
-				return trim(substr($headers[$i], $l+1));
-			}
-		}
-
-		return NULL;
-	}
-
-	// --------------------------------------------------------------------
-
-	/**
-	 * Set HTTP Status Header
-	 *
-	 * As of version 1.7.2, this is an alias for common function
-	 * set_status_header().
-	 *
-	 * @param	int	$code	Status code (default: 200)
-	 * @param	string	$text	Optional message
-	 * @return	CI_Output
-	 */
-	public function set_status_header($code = 200, $text = '')
-	{
-		set_status_header($code, $text);
-		return $this;
-	}
-
-	// --------------------------------------------------------------------
-
-	/**
-	 * Enable/disable Profiler
-	 *
-	 * @param	bool	$val	TRUE to enable or FALSE to disable
-	 * @return	CI_Output
-	 */
-	public function enable_profiler($val = TRUE)
-	{
-		$this->enable_profiler = is_bool($val) ? $val : TRUE;
-		return $this;
-	}
-
-	// --------------------------------------------------------------------
-
-	/**
-	 * Set Profiler Sections
-	 *
-	 * Allows override of default/config settings for
-	 * Profiler section display.
-	 *
-	 * @param	array	$sections	Profiler sections
-	 * @return	CI_Output
-	 */
-	public function set_profiler_sections($sections)
-	{
-		if (isset($sections['query_toggle_count']))
-		{
-			$this->_profiler_sections['query_toggle_count'] = (int) $sections['query_toggle_count'];
-			unset($sections['query_toggle_count']);
-		}
-
-		foreach ($sections as $section => $enable)
-		{
-			$this->_profiler_sections[$section] = ($enable !== FALSE);
-		}
-
-		return $this;
-	}
-
-	// --------------------------------------------------------------------
-
-	/**
-	 * Set Cache
-	 *
-	 * @param	int	$time	Cache expiration time in seconds
-	 * @return	CI_Output
-	 */
-	public function cache($time)
-	{
-		$this->cache_expiration = is_numeric($time) ? $time : 0;
-		return $this;
-	}
-
-	// --------------------------------------------------------------------
-
-	/**
-	 * Display Output
-	 *
-	 * Processes sends the sends finalized output data to the browser along
-	 * with any server headers and profile data. It also stops benchmark
-	 * timers so the page rendering speed and memory usage can be shown.
-	 *
-	 * Note: All "view" data is automatically put into $this->final_output
-	 *	 by controller class.
-	 *
-	 * @uses	CI_Output::$final_output
-	 * @param	string	$output	Output data override
-	 * @return	void
-	 */
-	public function _display($output = '')
-	{
-		// Note:  We use globals because we can't use $CI =& get_instance()
-		// since this function is sometimes called by the caching mechanism,
-		// which happens before the CI super object is available.
-		global $BM, $CFG;
-
-		// Grab the super object if we can.
-		if (class_exists('CI_Controller'))
-		{
-			$CI =& get_instance();
-		}
-
-		// --------------------------------------------------------------------
-
-		// Set the output data
-		if ($output === '')
-		{
-			$output =& $this->final_output;
-		}
-
-		// --------------------------------------------------------------------
-
-		// Is minify requested?
-		if ($CFG->item('minify_output') === TRUE)
-		{
-			$output = $this->minify($output, $this->mime_type);
-		}
-
-		// --------------------------------------------------------------------
-
-		// Do we need to write a cache file? Only if the controller does not have its
-		// own _output() method and we are not dealing with a cache file, which we
-		// can determine by the existence of the $CI object above
-		if ($this->cache_expiration > 0 && isset($CI) && ! method_exists($CI, '_output'))
-		{
-			$this->_write_cache($output);
-		}
-
-		// --------------------------------------------------------------------
-
-		// Parse out the elapsed time and memory usage,
-		// then swap the pseudo-variables with the data
-
-		$elapsed = $BM->elapsed_time('total_execution_time_start', 'total_execution_time_end');
-
-		if ($this->parse_exec_vars === TRUE)
-		{
-			$memory	= round(memory_get_usage() / 1024 / 1024, 2).'MB';
-
-			$output = str_replace(array('{elapsed_time}', '{memory_usage}'), array($elapsed, $memory), $output);
-		}
-
-		// --------------------------------------------------------------------
-
-		// Is compression requested?
-		if ($CFG->item('compress_output') === TRUE && $this->_zlib_oc === FALSE
-			&& extension_loaded('zlib')
-			&& isset($_SERVER['HTTP_ACCEPT_ENCODING']) && strpos($_SERVER['HTTP_ACCEPT_ENCODING'], 'gzip') !== FALSE)
-		{
-			ob_start('ob_gzhandler');
-		}
-
-		// --------------------------------------------------------------------
-
-		// Are there any server headers to send?
-		if (count($this->headers) > 0)
-		{
-			foreach ($this->headers as $header)
-			{
-				@header($header[0], $header[1]);
-			}
-		}
-
-		// --------------------------------------------------------------------
-
-		// Does the $CI object exist?
-		// If not we know we are dealing with a cache file so we'll
-		// simply echo out the data and exit.
-		if ( ! isset($CI))
-		{
-			echo $output;
-			log_message('debug', 'Final output sent to browser');
-			log_message('debug', 'Total execution time: '.$elapsed);
-			return;
-		}
-
-		// --------------------------------------------------------------------
-
-		// Do we need to generate profile data?
-		// If so, load the Profile class and run it.
-		if ($this->enable_profiler === TRUE)
-		{
-			$CI->load->library('profiler');
-			if ( ! empty($this->_profiler_sections))
-			{
-				$CI->profiler->set_sections($this->_profiler_sections);
-			}
-
-			// If the output data contains closing  and  tags
-			// we will remove them and add them back after we insert the profile data
-			$output = preg_replace('|.*?|is', '', $output, -1, $count).$CI->profiler->run();
-			if ($count > 0)
-			{
-				$output .= '';
-			}
-		}
-
-		// Does the controller contain a function named _output()?
-		// If so send the output there.  Otherwise, echo it.
-		if (method_exists($CI, '_output'))
-		{
-			$CI->_output($output);
-		}
-		else
-		{
-			echo $output; // Send it to the browser!
-		}
-
-		log_message('debug', 'Final output sent to browser');
-		log_message('debug', 'Total execution time: '.$elapsed);
-	}
-
-	// --------------------------------------------------------------------
-
-	/**
-	 * Write Cache
-	 *
-	 * @param	string	$output	Output data to cache
-	 * @return	void
-	 */
-	public function _write_cache($output)
-	{
-		$CI =& get_instance();
-		$path = $CI->config->item('cache_path');
-		$cache_path = ($path === '') ? APPPATH.'cache/' : $path;
-
-		if ( ! is_dir($cache_path) OR ! is_really_writable($cache_path))
-		{
-			log_message('error', 'Unable to write cache file: '.$cache_path);
-			return;
-		}
-
-		$uri =	$CI->config->item('base_url').
-				$CI->config->item('index_page').
-				$CI->uri->uri_string();
-
-		$cache_path .= md5($uri);
-
-		if ( ! $fp = @fopen($cache_path, FOPEN_WRITE_CREATE_DESTRUCTIVE))
-		{
-			log_message('error', 'Unable to write cache file: '.$cache_path);
-			return;
-		}
-
-		$expire = time() + ($this->cache_expiration * 60);
-
-		if (flock($fp, LOCK_EX))
-		{
-			fwrite($fp, $expire.'TS--->'.$output);
-			flock($fp, LOCK_UN);
-		}
-		else
-		{
-			log_message('error', 'Unable to secure a file lock for file at: '.$cache_path);
-			return;
-		}
-		fclose($fp);
-		@chmod($cache_path, FILE_WRITE_MODE);
-
-		log_message('debug', 'Cache file written: '.$cache_path);
-
-		// Send HTTP cache-control headers to browser to match file cache settings.
-		$this->set_cache_header($_SERVER['REQUEST_TIME'], $expire);
-	}
-
-	// --------------------------------------------------------------------
-
-	/**
-	 * Update/serve cached output
-	 *
-	 * @uses	CI_Config
-	 * @uses	CI_URI
-	 *
-	 * @param	object	&$CFG	CI_Config class instance
-	 * @param	object	&$URI	CI_URI class instance
-	 * @return	bool	TRUE on success or FALSE on failure
-	 */
-	public function _display_cache(&$CFG, &$URI)
-	{
-		$cache_path = ($CFG->item('cache_path') === '') ? APPPATH.'cache/' : $CFG->item('cache_path');
-
-		// Build the file path. The file name is an MD5 hash of the full URI
-		$uri =	$CFG->item('base_url').$CFG->item('index_page').$URI->uri_string;
-		$filepath = $cache_path.md5($uri);
-
-		if ( ! @file_exists($filepath) OR ! $fp = @fopen($filepath, FOPEN_READ))
-		{
-			return FALSE;
-		}
-
-		flock($fp, LOCK_SH);
-
-		$cache = (filesize($filepath) > 0) ? fread($fp, filesize($filepath)) : '';
-
-		flock($fp, LOCK_UN);
-		fclose($fp);
-
-		// Strip out the embedded timestamp
-		if ( ! preg_match('/^(\d+)TS--->/', $cache, $match))
-		{
-			return FALSE;
-		}
-
-		$last_modified = filemtime($cache_path);
-		$expire = $match[1];
-
-		// Has the file expired?
-		if ($_SERVER['REQUEST_TIME'] >= $expire && is_really_writable($cache_path))
-		{
-			// If so we'll delete it.
-			@unlink($filepath);
-			log_message('debug', 'Cache file has expired. File deleted.');
-			return FALSE;
-		}
-		else
-		{
-			// Or else send the HTTP cache control headers.
-			$this->set_cache_header($last_modified, $expire);
-		}
-
-		// Display the cache
-		$this->_display(substr($cache, strlen($match[0])));
-		log_message('debug', 'Cache file is current. Sending it to browser.');
-		return TRUE;
-	}
-
-	// --------------------------------------------------------------------
-
-	/**
-	 * Delete cache
-	 *
-	 * @param	string	$uri	URI string
-	 * @return	bool
-	 */
-	public function delete_cache($uri = '')
-	{
-		$CI =& get_instance();
-		$cache_path = $CI->config->item('cache_path');
-		if ($cache_path === '')
-		{
-			$cache_path = APPPATH.'cache/';
-		}
-
-		if ( ! is_dir($cache_path))
-		{
-			log_message('error', 'Unable to find cache path: '.$cache_path);
-			return FALSE;
-		}
-
-		if (empty($uri))
-		{
-			$uri = $CI->uri->uri_string();
-		}
-
-		$cache_path .= md5($CI->config->item('base_url').$CI->config->item('index_page').$uri);
-
-		if ( ! @unlink($cache_path))
-		{
-			log_message('error', 'Unable to delete cache file for '.$uri);
-			return FALSE;
-		}
-
-		return TRUE;
-	}
-
-	// --------------------------------------------------------------------
-
-	/**
-	 * Set Cache Header
-	 *
-	 * Set the HTTP headers to match the server-side file cache settings
-	 * in order to reduce bandwidth.
-	 *
-	 * @param	int	$last_modified	Timestamp of when the page was last modified
-	 * @param	int	$expiration	Timestamp of when should the requested page expire from cache
-	 * @return	void
-	 */
-	public function set_cache_header($last_modified, $expiration)
-	{
-		$max_age = $expiration - $_SERVER['REQUEST_TIME'];
-
-		if (isset($_SERVER['HTTP_IF_MODIFIED_SINCE']) && $last_modified <= strtotime($_SERVER['HTTP_IF_MODIFIED_SINCE']))
-		{
-			$this->set_status_header(304);
-			exit;
-		}
-		else
-		{
-			header('Pragma: public');
-			header('Cache-Control: max-age=' . $max_age . ', public');
-			header('Expires: '.gmdate('D, d M Y H:i:s', $expiration).' GMT');
-			header('Last-modified: '.gmdate('D, d M Y H:i:s', $last_modified).' GMT');
-		}
-	}
-
-	// --------------------------------------------------------------------
-
-	/**
-	 * Minify
-	 *
-	 * Reduce excessive size of HTML/CSS/JavaScript content.
-	 *
-	 * @param	string	$output	Output to minify
-	 * @param	string	$type	Output content MIME type
-	 * @return	string	Minified output
-	 */
-	public function minify($output, $type = 'text/html')
-	{
-		switch ($type)
-		{
-			case 'text/html':
-
-				if (($size_before = strlen($output)) === 0)
-				{
-					return '';
-				}
-
-				// Find all the 
,,}msU', $output, $textareas_clean);
-				preg_match_all('{}msU', $output, $javascript_clean);
-
-				// Minify the CSS in all the }msU', $output, $style_clean);
-				foreach ($style_clean[0] as $s)
-				{
-					$output = str_replace($s, $this->_minify_script_style($s, TRUE), $output);
-				}
-
-				// Minify the javascript in }msU', $output, $javascript_messed);
-					$output = str_replace($javascript_messed[0], $javascript_mini, $output);
-				}
-
-				$size_removed = $size_before - strlen($output);
-				$savings_percent = round(($size_removed / $size_before * 100));
-
-				log_message('debug', 'Minifier shaved '.($size_removed / 1000).'KB ('.$savings_percent.'%) off final HTML output.');
-
-			break;
-
-			case 'text/css':
-			case 'text/javascript':
-
-				$output = $this->_minify_script_style($output);
-
-			break;
-
-			default: break;
-		}
-
-		return $output;
-	}
-
-	// --------------------------------------------------------------------
-
-	/**
-	 * Minify Style and Script
-	 *
-	 * Reduce excessive size of CSS/JavaScript content.  To remove spaces this
-	 * script walks the string as an array and determines if the pointer is inside
-	 * a string created by single quotes or double quotes.  spaces inside those
-	 * strings are not stripped.  Opening and closing tags are severed from
-	 * the string initially and saved without stripping whitespace to preserve
-	 * the tags and any associated properties if tags are present
-	 *
-	 * Minification logic/workflow is similar to methods used by Douglas Crockford
-	 * in JSMIN. http://www.crockford.com/javascript/jsmin.html
-	 *
-	 * KNOWN ISSUE: ending a line with a closing parenthesis ')' and no semicolon
-	 * where there should be one will break the Javascript. New lines after a
-	 * closing parenthesis are not recognized by the script. For best results
-	 * be sure to terminate lines with a semicolon when appropriate.
-	 *
-	 * @param	string	$output		Output to minify
-	 * @param	bool	$has_tags	Specify if the output has style or script tags
-	 * @return	string	Minified output
-	 */
-	protected function _minify_script_style($output, $has_tags = FALSE)
-	{
-		// We only need this if there are tags in the file
-		if ($has_tags === TRUE)
-		{
-			// Remove opening tag and save for later
-			$pos = strpos($output, '>') + 1;
-			$open_tag = substr($output, 0, $pos);
-			$output = substr_replace($output, '', 0, $pos);
-
-			// Remove closing tag and save it for later
-			$end_pos = strlen($output);
-			$pos = strpos($output, ' $value)
-		{
-			if ($in_string === FALSE && $in_dstring === FALSE)
-			{
-				if ($value === ' ')
-				{
-					// Get the next element in the array for comparisons
-					$next = $array_output[$key + 1];
-
-					// Strip spaces preceded/followed by a non-ASCII character
-					// or not preceded/followed by an alphanumeric
-					// or not preceded/followed \ $ and _
-					if ((preg_match('/^[\x20-\x7f]*$/D', $next) OR preg_match('/^[\x20-\x7f]*$/D', $prev))
-						&& ( ! ctype_alnum($next) OR ! ctype_alnum($prev))
-						&& ! in_array($next, array('\\', '_', '$'), TRUE)
-						&& ! in_array($prev, array('\\', '_', '$'), TRUE)
-					)
-					{
-						unset($array_output[$key]);
-					}
-				}
-				else
-				{
-					// Save this value as previous for the next iteration
-					// if it is not a blank space
-					$prev = $value;
-				}
-			}
-
-			if ($value === "'")
-			{
-				$in_string = ! $in_string;
-			}
-			elseif ($value === '"')
-			{
-				$in_dstring = ! $in_dstring;
-			}
-		}
-
-		// Put the string back together after spaces have been stripped
-		$output = implode($array_output);
-
-		// Remove new line characters unless previous or next character is
-		// printable or Non-ASCII
-		preg_match_all('/[\n]/', $output, $lf, PREG_OFFSET_CAPTURE);
-		$removed_lf = 0;
-		foreach ($lf as $feed_position)
-		{
-			foreach ($feed_position as $position)
-			{
-				$position = $position[1] - $removed_lf;
-				$next = $output[$position + 1];
-				$prev = $output[$position - 1];
-				if ( ! ctype_print($next) && ! ctype_print($prev)
-					&& ! preg_match('/^[\x20-\x7f]*$/D', $next)
-					&& ! preg_match('/^[\x20-\x7f]*$/D', $prev)
-				)
-				{
-					$output = substr_replace($output, '', $position, 1);
-					$removed_lf++;
-				}
-			}
-		}
-
-		// Put the opening and closing tags back if applicable
-		return isset($open_tag)
-			? $open_tag.$output.$closing_tag
-			: $output;
-	}
-
-}
-
-/* End of file Output.php */
+_zlib_oc = (bool) @ini_get('zlib.output_compression');
+
+		// Get mime types for later
+		$this->mimes =& get_mimes();
+
+		log_message('debug', 'Output Class Initialized');
+	}
+
+	// --------------------------------------------------------------------
+
+	/**
+	 * Get Output
+	 *
+	 * Returns the current output string.
+	 *
+	 * @return	string
+	 */
+	public function get_output()
+	{
+		return $this->final_output;
+	}
+
+	// --------------------------------------------------------------------
+
+	/**
+	 * Set Output
+	 *
+	 * Sets the output string.
+	 *
+	 * @param	string	$output	Output data
+	 * @return	CI_Output
+	 */
+	public function set_output($output)
+	{
+		$this->final_output = $output;
+		return $this;
+	}
+
+	// --------------------------------------------------------------------
+
+	/**
+	 * Append Output
+	 *
+	 * Appends data onto the output string.
+	 *
+	 * @param	string	$output	Data to append
+	 * @return	CI_Output
+	 */
+	public function append_output($output)
+	{
+		if (empty($this->final_output))
+		{
+			$this->final_output = $output;
+		}
+		else
+		{
+			$this->final_output .= $output;
+		}
+
+		return $this;
+	}
+
+	// --------------------------------------------------------------------
+
+	/**
+	 * Set Header
+	 *
+	 * Lets you set a server header which will be sent with the final output.
+	 *
+	 * Note: If a file is cached, headers will not be sent.
+	 * @todo	We need to figure out how to permit headers to be cached.
+	 *
+	 * @param	string	$header		Header
+	 * @param	bool	$replace	Whether to replace the old header value, if already set
+	 * @return	CI_Output
+	 */
+	public function set_header($header, $replace = TRUE)
+	{
+		// If zlib.output_compression is enabled it will compress the output,
+		// but it will not modify the content-length header to compensate for
+		// the reduction, causing the browser to hang waiting for more data.
+		// We'll just skip content-length in those cases.
+		if ($this->_zlib_oc && strncasecmp($header, 'content-length', 14) === 0)
+		{
+			return $this;
+		}
+
+		$this->headers[] = array($header, $replace);
+		return $this;
+	}
+
+	// --------------------------------------------------------------------
+
+	/**
+	 * Set Content-Type Header
+	 *
+	 * @param	string	$mime_type	Extension of the file we're outputting
+	 * @param	string	$charset	Character set (default: NULL)
+	 * @return	CI_Output
+	 */
+	public function set_content_type($mime_type, $charset = NULL)
+	{
+		if (strpos($mime_type, '/') === FALSE)
+		{
+			$extension = ltrim($mime_type, '.');
+
+			// Is this extension supported?
+			if (isset($this->mimes[$extension]))
+			{
+				$mime_type =& $this->mimes[$extension];
+
+				if (is_array($mime_type))
+				{
+					$mime_type = current($mime_type);
+				}
+			}
+		}
+
+		$this->mime_type = $mime_type;
+
+		if (empty($charset))
+		{
+			$charset = config_item('charset');
+		}
+
+		$header = 'Content-Type: '.$mime_type
+			.(empty($charset) ? NULL : '; charset='.$charset);
+
+		$this->headers[] = array($header, TRUE);
+		return $this;
+	}
+
+	// --------------------------------------------------------------------
+
+	/**
+	 * Get Current Content-Type Header
+	 *
+	 * @return	string	'text/html', if not already set
+	 */
+	public function get_content_type()
+	{
+		for ($i = 0, $c = count($this->headers); $i < $c; $i++)
+		{
+			if (sscanf($this->headers[$i][0], 'Content-Type: %[^;]', $content_type) === 1)
+			{
+				return $content_type;
+			}
+		}
+
+		return 'text/html';
+	}
+
+	// --------------------------------------------------------------------
+
+	/**
+	 * Get Header
+	 *
+	 * @param	string	$header_name
+	 * @return	string
+	 */
+	public function get_header($header)
+	{
+		// Combine headers already sent with our batched headers
+		$headers = array_merge(
+			// We only need [x][0] from our multi-dimensional array
+			array_map('array_shift', $this->headers),
+			headers_list()
+		);
+
+		if (empty($headers) OR empty($header))
+		{
+			return NULL;
+		}
+
+		for ($i = 0, $c = count($headers); $i < $c; $i++)
+		{
+			if (strncasecmp($header, $headers[$i], $l = strlen($header)) === 0)
+			{
+				return trim(substr($headers[$i], $l+1));
+			}
+		}
+
+		return NULL;
+	}
+
+	// --------------------------------------------------------------------
+
+	/**
+	 * Set HTTP Status Header
+	 *
+	 * As of version 1.7.2, this is an alias for common function
+	 * set_status_header().
+	 *
+	 * @param	int	$code	Status code (default: 200)
+	 * @param	string	$text	Optional message
+	 * @return	CI_Output
+	 */
+	public function set_status_header($code = 200, $text = '')
+	{
+		set_status_header($code, $text);
+		return $this;
+	}
+
+	// --------------------------------------------------------------------
+
+	/**
+	 * Enable/disable Profiler
+	 *
+	 * @param	bool	$val	TRUE to enable or FALSE to disable
+	 * @return	CI_Output
+	 */
+	public function enable_profiler($val = TRUE)
+	{
+		$this->enable_profiler = is_bool($val) ? $val : TRUE;
+		return $this;
+	}
+
+	// --------------------------------------------------------------------
+
+	/**
+	 * Set Profiler Sections
+	 *
+	 * Allows override of default/config settings for
+	 * Profiler section display.
+	 *
+	 * @param	array	$sections	Profiler sections
+	 * @return	CI_Output
+	 */
+	public function set_profiler_sections($sections)
+	{
+		if (isset($sections['query_toggle_count']))
+		{
+			$this->_profiler_sections['query_toggle_count'] = (int) $sections['query_toggle_count'];
+			unset($sections['query_toggle_count']);
+		}
+
+		foreach ($sections as $section => $enable)
+		{
+			$this->_profiler_sections[$section] = ($enable !== FALSE);
+		}
+
+		return $this;
+	}
+
+	// --------------------------------------------------------------------
+
+	/**
+	 * Set Cache
+	 *
+	 * @param	int	$time	Cache expiration time in seconds
+	 * @return	CI_Output
+	 */
+	public function cache($time)
+	{
+		$this->cache_expiration = is_numeric($time) ? $time : 0;
+		return $this;
+	}
+
+	// --------------------------------------------------------------------
+
+	/**
+	 * Display Output
+	 *
+	 * Processes sends the sends finalized output data to the browser along
+	 * with any server headers and profile data. It also stops benchmark
+	 * timers so the page rendering speed and memory usage can be shown.
+	 *
+	 * Note: All "view" data is automatically put into $this->final_output
+	 *	 by controller class.
+	 *
+	 * @uses	CI_Output::$final_output
+	 * @param	string	$output	Output data override
+	 * @return	void
+	 */
+	public function _display($output = '')
+	{
+		// Note:  We use globals because we can't use $CI =& get_instance()
+		// since this function is sometimes called by the caching mechanism,
+		// which happens before the CI super object is available.
+		global $BM, $CFG;
+
+		// Grab the super object if we can.
+		if (class_exists('CI_Controller'))
+		{
+			$CI =& get_instance();
+		}
+
+		// --------------------------------------------------------------------
+
+		// Set the output data
+		if ($output === '')
+		{
+			$output =& $this->final_output;
+		}
+
+		// --------------------------------------------------------------------
+
+		// Is minify requested?
+		if ($CFG->item('minify_output') === TRUE)
+		{
+			$output = $this->minify($output, $this->mime_type);
+		}
+
+		// --------------------------------------------------------------------
+
+		// Do we need to write a cache file? Only if the controller does not have its
+		// own _output() method and we are not dealing with a cache file, which we
+		// can determine by the existence of the $CI object above
+		if ($this->cache_expiration > 0 && isset($CI) && ! method_exists($CI, '_output'))
+		{
+			$this->_write_cache($output);
+		}
+
+		// --------------------------------------------------------------------
+
+		// Parse out the elapsed time and memory usage,
+		// then swap the pseudo-variables with the data
+
+		$elapsed = $BM->elapsed_time('total_execution_time_start', 'total_execution_time_end');
+
+		if ($this->parse_exec_vars === TRUE)
+		{
+			$memory	= round(memory_get_usage() / 1024 / 1024, 2).'MB';
+
+			$output = str_replace(array('{elapsed_time}', '{memory_usage}'), array($elapsed, $memory), $output);
+		}
+
+		// --------------------------------------------------------------------
+
+		// Is compression requested?
+		if ($CFG->item('compress_output') === TRUE && $this->_zlib_oc === FALSE
+			&& extension_loaded('zlib')
+			&& isset($_SERVER['HTTP_ACCEPT_ENCODING']) && strpos($_SERVER['HTTP_ACCEPT_ENCODING'], 'gzip') !== FALSE)
+		{
+			ob_start('ob_gzhandler');
+		}
+
+		// --------------------------------------------------------------------
+
+		// Are there any server headers to send?
+		if (count($this->headers) > 0)
+		{
+			foreach ($this->headers as $header)
+			{
+				@header($header[0], $header[1]);
+			}
+		}
+
+		// --------------------------------------------------------------------
+
+		// Does the $CI object exist?
+		// If not we know we are dealing with a cache file so we'll
+		// simply echo out the data and exit.
+		if ( ! isset($CI))
+		{
+			echo $output;
+			log_message('debug', 'Final output sent to browser');
+			log_message('debug', 'Total execution time: '.$elapsed);
+			return;
+		}
+
+		// --------------------------------------------------------------------
+
+		// Do we need to generate profile data?
+		// If so, load the Profile class and run it.
+		if ($this->enable_profiler === TRUE)
+		{
+			$CI->load->library('profiler');
+			if ( ! empty($this->_profiler_sections))
+			{
+				$CI->profiler->set_sections($this->_profiler_sections);
+			}
+
+			// If the output data contains closing  and  tags
+			// we will remove them and add them back after we insert the profile data
+			$output = preg_replace('|.*?|is', '', $output, -1, $count).$CI->profiler->run();
+			if ($count > 0)
+			{
+				$output .= '';
+			}
+		}
+
+		// Does the controller contain a function named _output()?
+		// If so send the output there.  Otherwise, echo it.
+		if (method_exists($CI, '_output'))
+		{
+			$CI->_output($output);
+		}
+		else
+		{
+			echo $output; // Send it to the browser!
+		}
+
+		log_message('debug', 'Final output sent to browser');
+		log_message('debug', 'Total execution time: '.$elapsed);
+	}
+
+	// --------------------------------------------------------------------
+
+	/**
+	 * Write Cache
+	 *
+	 * @param	string	$output	Output data to cache
+	 * @return	void
+	 */
+	public function _write_cache($output)
+	{
+		$CI =& get_instance();
+		$path = $CI->config->item('cache_path');
+		$cache_path = ($path === '') ? APPPATH.'cache/' : $path;
+
+		if ( ! is_dir($cache_path) OR ! is_really_writable($cache_path))
+		{
+			log_message('error', 'Unable to write cache file: '.$cache_path);
+			return;
+		}
+
+		$uri =	$CI->config->item('base_url').
+				$CI->config->item('index_page').
+				$CI->uri->uri_string();
+
+		$cache_path .= md5($uri);
+
+		if ( ! $fp = @fopen($cache_path, FOPEN_WRITE_CREATE_DESTRUCTIVE))
+		{
+			log_message('error', 'Unable to write cache file: '.$cache_path);
+			return;
+		}
+
+		$expire = time() + ($this->cache_expiration * 60);
+
+		if (flock($fp, LOCK_EX))
+		{
+			fwrite($fp, $expire.'TS--->'.$output);
+			flock($fp, LOCK_UN);
+		}
+		else
+		{
+			log_message('error', 'Unable to secure a file lock for file at: '.$cache_path);
+			return;
+		}
+		fclose($fp);
+		@chmod($cache_path, FILE_WRITE_MODE);
+
+		log_message('debug', 'Cache file written: '.$cache_path);
+
+		// Send HTTP cache-control headers to browser to match file cache settings.
+		$this->set_cache_header($_SERVER['REQUEST_TIME'], $expire);
+	}
+
+	// --------------------------------------------------------------------
+
+	/**
+	 * Update/serve cached output
+	 *
+	 * @uses	CI_Config
+	 * @uses	CI_URI
+	 *
+	 * @param	object	&$CFG	CI_Config class instance
+	 * @param	object	&$URI	CI_URI class instance
+	 * @return	bool	TRUE on success or FALSE on failure
+	 */
+	public function _display_cache(&$CFG, &$URI)
+	{
+		$cache_path = ($CFG->item('cache_path') === '') ? APPPATH.'cache/' : $CFG->item('cache_path');
+
+		// Build the file path. The file name is an MD5 hash of the full URI
+		$uri =	$CFG->item('base_url').$CFG->item('index_page').$URI->uri_string;
+		$filepath = $cache_path.md5($uri);
+
+		if ( ! @file_exists($filepath) OR ! $fp = @fopen($filepath, FOPEN_READ))
+		{
+			return FALSE;
+		}
+
+		flock($fp, LOCK_SH);
+
+		$cache = (filesize($filepath) > 0) ? fread($fp, filesize($filepath)) : '';
+
+		flock($fp, LOCK_UN);
+		fclose($fp);
+
+		// Strip out the embedded timestamp
+		if ( ! preg_match('/^(\d+)TS--->/', $cache, $match))
+		{
+			return FALSE;
+		}
+
+		$last_modified = filemtime($cache_path);
+		$expire = $match[1];
+
+		// Has the file expired?
+		if ($_SERVER['REQUEST_TIME'] >= $expire && is_really_writable($cache_path))
+		{
+			// If so we'll delete it.
+			@unlink($filepath);
+			log_message('debug', 'Cache file has expired. File deleted.');
+			return FALSE;
+		}
+		else
+		{
+			// Or else send the HTTP cache control headers.
+			$this->set_cache_header($last_modified, $expire);
+		}
+
+		// Display the cache
+		$this->_display(substr($cache, strlen($match[0])));
+		log_message('debug', 'Cache file is current. Sending it to browser.');
+		return TRUE;
+	}
+
+	// --------------------------------------------------------------------
+
+	/**
+	 * Delete cache
+	 *
+	 * @param	string	$uri	URI string
+	 * @return	bool
+	 */
+	public function delete_cache($uri = '')
+	{
+		$CI =& get_instance();
+		$cache_path = $CI->config->item('cache_path');
+		if ($cache_path === '')
+		{
+			$cache_path = APPPATH.'cache/';
+		}
+
+		if ( ! is_dir($cache_path))
+		{
+			log_message('error', 'Unable to find cache path: '.$cache_path);
+			return FALSE;
+		}
+
+		if (empty($uri))
+		{
+			$uri = $CI->uri->uri_string();
+		}
+
+		$cache_path .= md5($CI->config->item('base_url').$CI->config->item('index_page').$uri);
+
+		if ( ! @unlink($cache_path))
+		{
+			log_message('error', 'Unable to delete cache file for '.$uri);
+			return FALSE;
+		}
+
+		return TRUE;
+	}
+
+	// --------------------------------------------------------------------
+
+	/**
+	 * Set Cache Header
+	 *
+	 * Set the HTTP headers to match the server-side file cache settings
+	 * in order to reduce bandwidth.
+	 *
+	 * @param	int	$last_modified	Timestamp of when the page was last modified
+	 * @param	int	$expiration	Timestamp of when should the requested page expire from cache
+	 * @return	void
+	 */
+	public function set_cache_header($last_modified, $expiration)
+	{
+		$max_age = $expiration - $_SERVER['REQUEST_TIME'];
+
+		if (isset($_SERVER['HTTP_IF_MODIFIED_SINCE']) && $last_modified <= strtotime($_SERVER['HTTP_IF_MODIFIED_SINCE']))
+		{
+			$this->set_status_header(304);
+			exit;
+		}
+		else
+		{
+			header('Pragma: public');
+			header('Cache-Control: max-age=' . $max_age . ', public');
+			header('Expires: '.gmdate('D, d M Y H:i:s', $expiration).' GMT');
+			header('Last-modified: '.gmdate('D, d M Y H:i:s', $last_modified).' GMT');
+		}
+	}
+
+	// --------------------------------------------------------------------
+
+	/**
+	 * Minify
+	 *
+	 * Reduce excessive size of HTML/CSS/JavaScript content.
+	 *
+	 * @param	string	$output	Output to minify
+	 * @param	string	$type	Output content MIME type
+	 * @return	string	Minified output
+	 */
+	public function minify($output, $type = 'text/html')
+	{
+		switch ($type)
+		{
+			case 'text/html':
+
+				if (($size_before = strlen($output)) === 0)
+				{
+					return '';
+				}
+
+				// Find all the 
,,}msU', $output, $textareas_clean);
+				preg_match_all('{}msU', $output, $javascript_clean);
+
+				// Minify the CSS in all the }msU', $output, $style_clean);
+				foreach ($style_clean[0] as $s)
+				{
+					$output = str_replace($s, $this->_minify_script_style($s, TRUE), $output);
+				}
+
+				// Minify the javascript in }msU', $output, $javascript_messed);
+					$output = str_replace($javascript_messed[0], $javascript_mini, $output);
+				}
+
+				$size_removed = $size_before - strlen($output);
+				$savings_percent = round(($size_removed / $size_before * 100));
+
+				log_message('debug', 'Minifier shaved '.($size_removed / 1000).'KB ('.$savings_percent.'%) off final HTML output.');
+
+			break;
+
+			case 'text/css':
+			case 'text/javascript':
+
+				$output = $this->_minify_script_style($output);
+
+			break;
+
+			default: break;
+		}
+
+		return $output;
+	}
+
+	// --------------------------------------------------------------------
+
+	/**
+	 * Minify Style and Script
+	 *
+	 * Reduce excessive size of CSS/JavaScript content.  To remove spaces this
+	 * script walks the string as an array and determines if the pointer is inside
+	 * a string created by single quotes or double quotes.  spaces inside those
+	 * strings are not stripped.  Opening and closing tags are severed from
+	 * the string initially and saved without stripping whitespace to preserve
+	 * the tags and any associated properties if tags are present
+	 *
+	 * Minification logic/workflow is similar to methods used by Douglas Crockford
+	 * in JSMIN. http://www.crockford.com/javascript/jsmin.html
+	 *
+	 * KNOWN ISSUE: ending a line with a closing parenthesis ')' and no semicolon
+	 * where there should be one will break the Javascript. New lines after a
+	 * closing parenthesis are not recognized by the script. For best results
+	 * be sure to terminate lines with a semicolon when appropriate.
+	 *
+	 * @param	string	$output		Output to minify
+	 * @param	bool	$has_tags	Specify if the output has style or script tags
+	 * @return	string	Minified output
+	 */
+	protected function _minify_script_style($output, $has_tags = FALSE)
+	{
+		// We only need this if there are tags in the file
+		if ($has_tags === TRUE)
+		{
+			// Remove opening tag and save for later
+			$pos = strpos($output, '>') + 1;
+			$open_tag = substr($output, 0, $pos);
+			$output = substr_replace($output, '', 0, $pos);
+
+			// Remove closing tag and save it for later
+			$end_pos = strlen($output);
+			$pos = strpos($output, ' $value)
+		{
+			if ($in_string === FALSE && $in_dstring === FALSE)
+			{
+				if ($value === ' ')
+				{
+					// Get the next element in the array for comparisons
+					$next = $array_output[$key + 1];
+
+					// Strip spaces preceded/followed by a non-ASCII character
+					// or not preceded/followed by an alphanumeric
+					// or not preceded/followed \ $ and _
+					if ((preg_match('/^[\x20-\x7f]*$/D', $next) OR preg_match('/^[\x20-\x7f]*$/D', $prev))
+						&& ( ! ctype_alnum($next) OR ! ctype_alnum($prev))
+						&& ! in_array($next, array('\\', '_', '$'), TRUE)
+						&& ! in_array($prev, array('\\', '_', '$'), TRUE)
+					)
+					{
+						unset($array_output[$key]);
+					}
+				}
+				else
+				{
+					// Save this value as previous for the next iteration
+					// if it is not a blank space
+					$prev = $value;
+				}
+			}
+
+			if ($value === "'")
+			{
+				$in_string = ! $in_string;
+			}
+			elseif ($value === '"')
+			{
+				$in_dstring = ! $in_dstring;
+			}
+		}
+
+		// Put the string back together after spaces have been stripped
+		$output = implode($array_output);
+
+		// Remove new line characters unless previous or next character is
+		// printable or Non-ASCII
+		preg_match_all('/[\n]/', $output, $lf, PREG_OFFSET_CAPTURE);
+		$removed_lf = 0;
+		foreach ($lf as $feed_position)
+		{
+			foreach ($feed_position as $position)
+			{
+				$position = $position[1] - $removed_lf;
+				$next = $output[$position + 1];
+				$prev = $output[$position - 1];
+				if ( ! ctype_print($next) && ! ctype_print($prev)
+					&& ! preg_match('/^[\x20-\x7f]*$/D', $next)
+					&& ! preg_match('/^[\x20-\x7f]*$/D', $prev)
+				)
+				{
+					$output = substr_replace($output, '', $position, 1);
+					$removed_lf++;
+				}
+			}
+		}
+
+		// Put the opening and closing tags back if applicable
+		return isset($open_tag)
+			? $open_tag.$output.$closing_tag
+			: $output;
+	}
+
+}
+
+/* End of file Output.php */
 /* Location: ./system/core/Output.php */
\ No newline at end of file
-- 
cgit v1.2.3-24-g4f1b


From 4d02e356cadd9af49c915c76b7cd27d01e67edb8 Mon Sep 17 00:00:00 2001
From: Michael Dodge 
Date: Fri, 4 Jan 2013 23:22:51 -0700
Subject: Fix MSIE conditionals regex in minify output

Allows IE conditionals like the following to remain unmodified.
```html
  
```
Credit to joebert regex from

http://www.sitepoint.com/forums/showthread.php?696559-Regex-pattern-to-strip-HTML-comments-but-leave-conditonals&s=3eef4ceb0a59b2fdb946fa56220fb6fd&p=4678083&viewfull=1#post4678083
---
 system/core/Output.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'system/core')

diff --git a/system/core/Output.php b/system/core/Output.php
index ce0500e71..27e711783 100644
--- a/system/core/Output.php
+++ b/system/core/Output.php
@@ -739,7 +739,7 @@ class CI_Output {
 				$output = preg_replace('!\s{2,}!', ' ', $output);
 
 				// Remove comments (non-MSIE conditionals)
-				$output = preg_replace('{\s*\s*}msU', '', $output);
+				$output = preg_replace('{\s*\s*}msU', '', $output);
 
 				// Remove spaces around block-level elements.
 				$output = preg_replace('/\s*(<\/?(html|head|title|meta|script|link|style|body|h[1-6]|div|p|br)[^>]*>)\s*/is', '$1', $output);
-- 
cgit v1.2.3-24-g4f1b


From b19a203595b69067b3665ee179fb4b58cf5a014c Mon Sep 17 00:00:00 2001
From: Ted Wood 
Date: Sat, 5 Jan 2013 16:02:43 -0800
Subject: utilize static function variables in Common::log_message() to "cache"
 log threshold and Log library instance to reduce function calls

---
 system/core/Common.php | 15 ++++++++++++---
 1 file changed, 12 insertions(+), 3 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Common.php b/system/core/Common.php
index a4b4f2b3e..d494caf80 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -413,14 +413,23 @@ if ( ! function_exists('log_message'))
 	 */
 	function log_message($level = 'error', $message, $php_error = FALSE)
 	{
-		static $_log;
+		static $_log, $_log_threshold;
+		
+		if ($_log_threshold === NULL)
+		{
+			$_log_threshold = config_item('log_threshold');
+		}
 
-		if (config_item('log_threshold') === 0)
+		if ($_log_threshold === 0)
 		{
 			return;
 		}
 
-		$_log =& load_class('Log', 'core');
+		if ($_log === NULL)
+		{
+			$_log =& load_class('Log', 'core');
+		}
+		
 		$_log->write_log($level, $message, $php_error);
 	}
 }
-- 
cgit v1.2.3-24-g4f1b


From 4c22364e12268961aac3ba0f2a4b60a066a16bcd Mon Sep 17 00:00:00 2001
From: Ted Wood 
Date: Sat, 5 Jan 2013 16:50:31 -0800
Subject: Slight performance improvement by moving some class property
 initialization to the class property declarations rather than setting them in
 the constructor. Subclasses can always override in their own constructor if
 they wish to. Is there a reason why it was done the way it was done? A policy
 that I am not aware of?

---
 system/core/Loader.php | 12 ++++--------
 1 file changed, 4 insertions(+), 8 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Loader.php b/system/core/Loader.php
index 5e6c40050..9bfddc15a 100644
--- a/system/core/Loader.php
+++ b/system/core/Loader.php
@@ -52,28 +52,28 @@ class CI_Loader {
 	 *
 	 * @var	array
 	 */
-	protected $_ci_view_paths =	array();
+	protected $_ci_view_paths =	array(VIEWPATH	=> TRUE);
 
 	/**
 	 * List of paths to load libraries from
 	 *
 	 * @var	array
 	 */
-	protected $_ci_library_paths =	array();
+	protected $_ci_library_paths =	array(APPPATH, BASEPATH);
 
 	/**
 	 * List of paths to load models from
 	 *
 	 * @var	array
 	 */
-	protected $_ci_model_paths =	array();
+	protected $_ci_model_paths =	array(APPPATH);
 
 	/**
 	 * List of paths to load helpers from
 	 *
 	 * @var	array
 	 */
-	protected $_ci_helper_paths =	array();
+	protected $_ci_helper_paths =	array(APPPATH, BASEPATH);
 
 	/**
 	 * List of loaded base classes
@@ -137,10 +137,6 @@ class CI_Loader {
 	public function __construct()
 	{
 		$this->_ci_ob_level  = ob_get_level();
-		$this->_ci_library_paths = array(APPPATH, BASEPATH);
-		$this->_ci_helper_paths = array(APPPATH, BASEPATH);
-		$this->_ci_model_paths = array(APPPATH);
-		$this->_ci_view_paths = array(VIEWPATH	=> TRUE);
 
 		log_message('debug', 'Loader Class Initialized');
 	}
-- 
cgit v1.2.3-24-g4f1b


From 325e91ab502b1062e99085d8729c833c24d18076 Mon Sep 17 00:00:00 2001
From: Ted Wood 
Date: Mon, 7 Jan 2013 10:52:21 -0800
Subject: minor tweaks and optimizations: minimize function calls in
 _fetch_uri_string(); use constant PHP_SAPI instead of function
 php_sapi_name()

---
 system/core/URI.php | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

(limited to 'system/core')

diff --git a/system/core/URI.php b/system/core/URI.php
index fb8540118..b3603bbb1 100644
--- a/system/core/URI.php
+++ b/system/core/URI.php
@@ -94,7 +94,9 @@ class CI_URI {
 	 */
 	public function _fetch_uri_string()
 	{
-		if (strtoupper($this->config->item('uri_protocol')) === 'AUTO')
+		$protocol = strtoupper($this->config->item('uri_protocol'));
+
+		if ($protocol === 'AUTO')
 		{
 			// Is the request coming from the command line?
 			if ($this->_is_cli_request())
@@ -136,20 +138,18 @@ class CI_URI {
 			return;
 		}
 
-		$uri = strtoupper($this->config->item('uri_protocol'));
-
-		if ($uri === 'CLI')
+		if ($protocol === 'CLI')
 		{
 			$this->_set_uri_string($this->_parse_argv());
 			return;
 		}
-		elseif (method_exists($this, ($method = '_parse_'.strtolower($uri))))
+		elseif (method_exists($this, ($method = '_parse_'.strtolower($protocol))))
 		{
 			$this->_set_uri_string($this->$method());
 			return;
 		}
 
-		$uri = isset($_SERVER[$uri]) ? $_SERVER[$uri] : @getenv($uri);
+		$uri = isset($_SERVER[$protocol]) ? $_SERVER[$protocol] : @getenv($protocol);
 		$this->_set_uri_string($uri);
 	}
 
@@ -291,7 +291,7 @@ class CI_URI {
 	 */
 	protected function _is_cli_request()
 	{
-		return (php_sapi_name() === 'cli') OR defined('STDIN');
+		return (PHP_SAPI === 'cli') OR defined('STDIN');
 	}
 
 	// --------------------------------------------------------------------
-- 
cgit v1.2.3-24-g4f1b


From 661f588a010fd9203d542398e04997902405c122 Mon Sep 17 00:00:00 2001
From: vlakoff 
Date: Thu, 10 Jan 2013 16:26:59 +0100
Subject: URI->_remove_url_suffix() : suffix has to be at the end of uri_string

related to #2135
---
 system/core/URI.php | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

(limited to 'system/core')

diff --git a/system/core/URI.php b/system/core/URI.php
index b3603bbb1..8d0d8fddc 100644
--- a/system/core/URI.php
+++ b/system/core/URI.php
@@ -353,9 +353,16 @@ class CI_URI {
 	{
 		$suffix = (string) $this->config->item('url_suffix');
 
-		if ($suffix !== '' && ($offset = strrpos($this->uri_string, $suffix)) !== FALSE)
+		if ($suffix === '')
 		{
-			$this->uri_string = substr_replace($this->uri_string, '', $offset, strlen($suffix));
+			return;
+		}
+
+		$offset = strrpos($this->uri_string, $suffix);
+
+		if ($offset !== FALSE && $offset === strlen($this->uri_string) - strlen($suffix))
+		{
+			$this->uri_string = substr($this->uri_string, 0, $offset);
 		}
 	}
 
-- 
cgit v1.2.3-24-g4f1b


From d1e50fa4ae25a8e60a13f06e6debbca1b2749fce Mon Sep 17 00:00:00 2001
From: vlakoff 
Date: Fri, 11 Jan 2013 15:22:17 +0100
Subject: URI->_remove_url_suffix() : more efficient code

related to #2135
---
 system/core/URI.php | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'system/core')

diff --git a/system/core/URI.php b/system/core/URI.php
index 8d0d8fddc..9b31a646b 100644
--- a/system/core/URI.php
+++ b/system/core/URI.php
@@ -358,11 +358,11 @@ class CI_URI {
 			return;
 		}
 
-		$offset = strrpos($this->uri_string, $suffix);
+		$slen = strlen($suffix);
 
-		if ($offset !== FALSE && $offset === strlen($this->uri_string) - strlen($suffix))
+		if (substr($this->uri_string, -$slen) === $suffix)
 		{
-			$this->uri_string = substr($this->uri_string, 0, $offset);
+			$this->uri_string = substr($this->uri_string, 0, -$slen);
 		}
 	}
 
-- 
cgit v1.2.3-24-g4f1b


From 5a519db2c4884a3972dd33e09d0b3a314aa222e2 Mon Sep 17 00:00:00 2001
From: Andrey Andreev 
Date: Sat, 12 Jan 2013 04:19:19 +0200
Subject: Implement autoload model aliasing (#2117)

---
 system/core/Loader.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Loader.php b/system/core/Loader.php
index 9bfddc15a..4d95d6288 100644
--- a/system/core/Loader.php
+++ b/system/core/Loader.php
@@ -233,9 +233,9 @@ class CI_Loader {
 		}
 		elseif (is_array($model))
 		{
-			foreach ($model as $class)
+			foreach ($model as $key => $value)
 			{
-				$this->model($class);
+				$this->model(is_int($key) ? $value : $key, $value);
 			}
 			return;
 		}
-- 
cgit v1.2.3-24-g4f1b


From c90e67ea553f1ff0fc22f280583fca22f95f9f42 Mon Sep 17 00:00:00 2001
From: Eric Roberts 
Date: Fri, 11 Jan 2013 21:20:54 -0600
Subject: Improve output cache.

---
 system/core/Output.php | 34 ++++++++++++++++++++++++----------
 1 file changed, 24 insertions(+), 10 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Output.php b/system/core/Output.php
index 27e711783..52a551858 100644
--- a/system/core/Output.php
+++ b/system/core/Output.php
@@ -58,21 +58,21 @@ class CI_Output {
 	 *
 	 * @var	array
 	 */
-	public $headers =	array();
+	public $headers = array();
 
 	/**
 	 * List of mime types
 	 *
 	 * @var	array
 	 */
-	public $mimes =		array();
+	public $mimes = array();
 
 	/**
 	 * Mime-type for the current page
 	 *
 	 * @var	string
 	 */
-	protected $mime_type	= 'text/html';
+	protected $mime_type = 'text/html';
 
 	/**
 	 * Enable Profiler flag
@@ -86,14 +86,14 @@ class CI_Output {
 	 *
 	 * @var	bool
 	 */
-	protected $_zlib_oc =		FALSE;
+	protected $_zlib_oc = FALSE;
 
 	/**
 	 * List of profiler sections
 	 *
 	 * @var	array
 	 */
-	protected $_profiler_sections =	array();
+	protected $_profiler_sections = array();
 
 	/**
 	 * Parse markers flag
@@ -102,7 +102,7 @@ class CI_Output {
 	 *
 	 * @var	bool
 	 */
-	public $parse_exec_vars =	TRUE;
+	public $parse_exec_vars = TRUE;
 
 	/**
 	 * Class constructor
@@ -543,10 +543,16 @@ class CI_Output {
 		}
 
 		$expire = time() + ($this->cache_expiration * 60);
+		
+		// Put together our serialized info.
+		$cache_info = serialize(array(
+			'expire'	=> $expire,
+			'headers'	=> $this->headers
+		));
 
 		if (flock($fp, LOCK_EX))
 		{
-			fwrite($fp, $expire.'TS--->'.$output);
+			fwrite($fp, $cache_info.'ENDCI--->'.$output);
 			flock($fp, LOCK_UN);
 		}
 		else
@@ -595,14 +601,16 @@ class CI_Output {
 		flock($fp, LOCK_UN);
 		fclose($fp);
 
-		// Strip out the embedded timestamp
-		if ( ! preg_match('/^(\d+)TS--->/', $cache, $match))
+		// Look for embedded serialized file info.
+		if ( ! preg_match('/^(.*)ENDCI--->/', $cache, $match))
 		{
 			return FALSE;
 		}
+		
+		$cache_info = unserialize($match[1]);
+		$expire = $cache_info['expire'];
 
 		$last_modified = filemtime($cache_path);
-		$expire = $match[1];
 
 		// Has the file expired?
 		if ($_SERVER['REQUEST_TIME'] >= $expire && is_really_writable($cache_path))
@@ -617,6 +625,12 @@ class CI_Output {
 			// Or else send the HTTP cache control headers.
 			$this->set_cache_header($last_modified, $expire);
 		}
+		
+		// Add headers from cache file.
+		foreach ($cache_info['headers'] as $header)
+		{
+			$this->set_header($header[0], $header[1]);
+		}
 
 		// Display the cache
 		$this->_display(substr($cache, strlen($match[0])));
-- 
cgit v1.2.3-24-g4f1b


From 1228fe27bc1f22838cd80c5fe33c37274faf0e24 Mon Sep 17 00:00:00 2001
From: vlakoff 
Date: Mon, 14 Jan 2013 01:30:09 +0100
Subject: Replace is_null() with === / !== NULL

Exact same behavior, but faster. I also think it's more readable.
---
 system/core/Loader.php | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Loader.php b/system/core/Loader.php
index 4d95d6288..1ad07f1fa 100644
--- a/system/core/Loader.php
+++ b/system/core/Loader.php
@@ -205,7 +205,7 @@ class CI_Loader {
 			return;
 		}
 
-		if ( ! is_null($params) && ! is_array($params))
+		if ($params !== NULL && ! is_array($params))
 		{
 			$params = NULL;
 		}
@@ -975,7 +975,7 @@ class CI_Loader {
 					// Before we deem this to be a duplicate request, let's see
 					// if a custom object name is being supplied. If so, we'll
 					// return a new instance of the object
-					if ( ! is_null($object_name))
+					if ($object_name !== NULL)
 					{
 						$CI =& get_instance();
 						if ( ! isset($CI->$object_name))
@@ -1014,7 +1014,7 @@ class CI_Loader {
 					// Before we deem this to be a duplicate request, let's see
 					// if a custom object name is being supplied. If so, we'll
 					// return a new instance of the object
-					if ( ! is_null($object_name))
+					if ($object_name !== NULL)
 					{
 						$CI =& get_instance();
 						if ( ! isset($CI->$object_name))
@@ -1144,7 +1144,7 @@ class CI_Loader {
 		// Was a custom class name supplied? If so we'll use it
 		$class = strtolower($class);
 
-		if (is_null($object_name))
+		if ($object_name === NULL)
 		{
 			$classvar = isset($this->_ci_varmap[$class]) ? $this->_ci_varmap[$class] : $class;
 		}
-- 
cgit v1.2.3-24-g4f1b


From 3e6b58215a78f63f43a62c584a1386bda2a1f3e1 Mon Sep 17 00:00:00 2001
From: Eric Roberts 
Date: Thu, 17 Jan 2013 18:30:25 -0600
Subject: Return spacing on var definitions.

Signed-off-by: Eric Roberts 
---
 system/core/Output.php | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Output.php b/system/core/Output.php
index 52a551858..e6c48b5dd 100644
--- a/system/core/Output.php
+++ b/system/core/Output.php
@@ -58,21 +58,21 @@ class CI_Output {
 	 *
 	 * @var	array
 	 */
-	public $headers = array();
+	public $headers =	array();
 
 	/**
 	 * List of mime types
 	 *
 	 * @var	array
 	 */
-	public $mimes = array();
+	public $mimes =		array();
 
 	/**
 	 * Mime-type for the current page
 	 *
 	 * @var	string
 	 */
-	protected $mime_type = 'text/html';
+	protected $mime_type	= 'text/html';
 
 	/**
 	 * Enable Profiler flag
@@ -86,14 +86,14 @@ class CI_Output {
 	 *
 	 * @var	bool
 	 */
-	protected $_zlib_oc = FALSE;
+	protected $_zlib_oc =		FALSE;
 
 	/**
 	 * List of profiler sections
 	 *
 	 * @var	array
 	 */
-	protected $_profiler_sections = array();
+	protected $_profiler_sections =	array();
 
 	/**
 	 * Parse markers flag
@@ -102,7 +102,7 @@ class CI_Output {
 	 *
 	 * @var	bool
 	 */
-	public $parse_exec_vars = TRUE;
+	public $parse_exec_vars =	TRUE;
 
 	/**
 	 * Class constructor
-- 
cgit v1.2.3-24-g4f1b


From 5dc6d51091b718d37d2c4b30da1e01b5b95333f8 Mon Sep 17 00:00:00 2001
From: Purwandi 
Date: Sat, 19 Jan 2013 17:43:08 +0700
Subject: Support minify table block

---
 system/core/Output.php | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Output.php b/system/core/Output.php
index e6c48b5dd..cf5178a0c 100644
--- a/system/core/Output.php
+++ b/system/core/Output.php
@@ -543,7 +543,7 @@ class CI_Output {
 		}
 
 		$expire = time() + ($this->cache_expiration * 60);
-		
+
 		// Put together our serialized info.
 		$cache_info = serialize(array(
 			'expire'	=> $expire,
@@ -606,7 +606,7 @@ class CI_Output {
 		{
 			return FALSE;
 		}
-		
+
 		$cache_info = unserialize($match[1]);
 		$expire = $cache_info['expire'];
 
@@ -625,7 +625,7 @@ class CI_Output {
 			// Or else send the HTTP cache control headers.
 			$this->set_cache_header($last_modified, $expire);
 		}
-		
+
 		// Add headers from cache file.
 		foreach ($cache_info['headers'] as $header)
 		{
@@ -756,7 +756,7 @@ class CI_Output {
 				$output = preg_replace('{\s*\s*}msU', '', $output);
 
 				// Remove spaces around block-level elements.
-				$output = preg_replace('/\s*(<\/?(html|head|title|meta|script|link|style|body|h[1-6]|div|p|br)[^>]*>)\s*/is', '$1', $output);
+				$output = preg_replace('/\s*(<\/?(html|head|title|meta|script|link|style|body|table|thead|tbody|tfoot|tr|th|td|h[1-6]|div|p|br)[^>]*>)\s*/is', '$1', $output);
 
 				// Replace mangled 
 etc. tags with unprocessed ones.
 
-- 
cgit v1.2.3-24-g4f1b


From 3ffce987e0d7efa68bbce2d83915b06e97bd3475 Mon Sep 17 00:00:00 2001
From: Andrey Andreev 
Date: Mon, 21 Jan 2013 15:24:09 +0200
Subject: [ci skip] Manually apply #2162, #2163

---
 system/core/Output.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'system/core')

diff --git a/system/core/Output.php b/system/core/Output.php
index cf5178a0c..a20841463 100644
--- a/system/core/Output.php
+++ b/system/core/Output.php
@@ -772,7 +772,7 @@ class CI_Output {
 					$output = str_replace($codes_messed[0], $codes_clean[0], $output);
 				}
 
-				if ( ! empty($codes_clean))
+				if ( ! empty($textareas_clean))
 				{
 					preg_match_all('{}msU', $output, $textareas_messed);
 					$output = str_replace($textareas_messed[0], $textareas_clean[0], $output);
-- 
cgit v1.2.3-24-g4f1b


From 9f690f190f1aa503dfc6270e3a97d96196ae3cff Mon Sep 17 00:00:00 2001
From: Andrey Andreev 
Date: Mon, 21 Jan 2013 15:30:25 +0200
Subject: Partially implement PR #2155

---
 system/core/Log.php | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'system/core')

diff --git a/system/core/Log.php b/system/core/Log.php
index 9dabfe6f2..cd3c17e1e 100644
--- a/system/core/Log.php
+++ b/system/core/Log.php
@@ -97,6 +97,8 @@ class CI_Log {
 
 		$this->_log_path = ($config['log_path'] !== '') ? $config['log_path'] : APPPATH.'logs/';
 
+		file_exists($this->_log_path) OR mkdir($this->_log_path, DIR_WRITE_MODE, TRUE);
+
 		if ( ! is_dir($this->_log_path) OR ! is_really_writable($this->_log_path))
 		{
 			$this->_enabled = FALSE;
-- 
cgit v1.2.3-24-g4f1b


From 353f9834adf3f44c6c7a0f924089bb2b43360404 Mon Sep 17 00:00:00 2001
From: Daniel Hunsaker 
Date: Thu, 24 Jan 2013 17:09:10 -0700
Subject: Updated all cases of exit() to return a valid code

Specific codes are as follows, but can easily be changed if a different order/breakdown makes more sense:

- 0: Success; everything executed as planned
- 1: Configuration Error; something is wrong with/in the configuration file(s)
- 2: Class Not Found; what it says
- 3: Driver Method Unsupported; the method you're trying to use on a Driver doesn't exist
- 4: File Not Found; 404 error
- 5: Database Error; something is broken in the database somewhere
- 6: Invalid Input; the user attempted to submit a request with invlaid characters in 1+ key names
7 through 26 are reserved for future use
- 27: Generic Error; generated by show_error() when the status code is >= 100
28 through 127 are errors generated by user applications, normally by using show_error() with a status code below 100
128 through 254 should not be used by applications, as they are reserved by system-level functions
- 255: PHP Fatal Error; automatically generated by PHP for fatal errors, and therefore not allowed for our use

Status codes below 100 are shifted up by 28 to place them in the user error range.  It may make more sense to have these codes
left alone and instead shift the CI errors into the 101 through 127 space, but that's not what I opted for here.

It would probably also be a good idea to replace the hard-coded numbers with constants or some such, but I was in a bit of a
hurry when I made these changes, so I didn't look around for the best place to do this.  With proper guidance, I could
easily amend this commit with another that uses such constant values.

Signed-off-by: Daniel Hunsaker 
---
 system/core/CodeIgniter.php |  2 +-
 system/core/Common.php      | 29 ++++++++++++++++++++++-------
 system/core/Exceptions.php  |  2 +-
 system/core/Input.php       |  3 ++-
 system/core/Output.php      |  2 +-
 5 files changed, 27 insertions(+), 11 deletions(-)

(limited to 'system/core')

diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php
index 8affde64d..13826c328 100644
--- a/system/core/CodeIgniter.php
+++ b/system/core/CodeIgniter.php
@@ -188,7 +188,7 @@ defined('BASEPATH') OR exit('No direct script access allowed');
 	if ($EXT->call_hook('cache_override') === FALSE
 		&& $OUT->_display_cache($CFG, $URI) === TRUE)
 	{
-		exit;
+		exit(0);
 	}
 
 /*
diff --git a/system/core/Common.php b/system/core/Common.php
index d494caf80..d6387209b 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -1,3 +1,4 @@
+
 show_error($heading, $message, 'error_general', $status_code);
-		exit;
+		exit($exit_status);
 	}
 }
 
@@ -392,7 +407,7 @@ if ( ! function_exists('show_404'))
 	{
 		$_error =& load_class('Exceptions', 'core');
 		$_error->show_404($page, $log_error);
-		exit;
+		exit(4);
 	}
 }
 
@@ -514,11 +529,11 @@ if ( ! function_exists('set_status_header'))
 
 		if (strpos(php_sapi_name(), 'cgi') === 0)
 		{
-			header('Status: '.$code.' '.$text, TRUE);
+			if (!headers_sent()) header('Status: '.$code.' '.$text, TRUE);
 		}
 		else
 		{
-			header(($server_protocol ? $server_protocol : 'HTTP/1.1').' '.$code.' '.$text, TRUE, $code);
+			if (!headers_sent()) header(($server_protocol ? $server_protocol : 'HTTP/1.1').' '.$code.' '.$text, TRUE, $code);
 		}
 	}
 }
diff --git a/system/core/Exceptions.php b/system/core/Exceptions.php
index e6023e73b..f799d6027 100644
--- a/system/core/Exceptions.php
+++ b/system/core/Exceptions.php
@@ -117,7 +117,7 @@ class CI_Exceptions {
 		}
 
 		echo $this->show_error($heading, $message, 'error_404', 404);
-		exit;
+		exit(4);
 	}
 
 	// --------------------------------------------------------------------
diff --git a/system/core/Input.php b/system/core/Input.php
index 82e22dd49..8f37e4464 100644
--- a/system/core/Input.php
+++ b/system/core/Input.php
@@ -745,7 +745,8 @@ class CI_Input {
 		if ( ! preg_match('/^[a-z0-9:_\/|-]+$/i', $str))
 		{
 			set_status_header(503);
-			exit('Disallowed Key Characters.');
+			echo 'Disallowed Key Characters.';
+			exit(6);
 		}
 
 		// Clean UTF-8 if supported
diff --git a/system/core/Output.php b/system/core/Output.php
index a20841463..7898d1972 100644
--- a/system/core/Output.php
+++ b/system/core/Output.php
@@ -696,7 +696,7 @@ class CI_Output {
 		if (isset($_SERVER['HTTP_IF_MODIFIED_SINCE']) && $last_modified <= strtotime($_SERVER['HTTP_IF_MODIFIED_SINCE']))
 		{
 			$this->set_status_header(304);
-			exit;
+			exit(0);
 		}
 		else
 		{
-- 
cgit v1.2.3-24-g4f1b


From b75e13df03dcf898cc85e144b941e1b1f6c332be Mon Sep 17 00:00:00 2001
From: Eric Roberts 
Date: Sun, 27 Jan 2013 20:10:09 -0600
Subject: Fix newline standardization.

Signed-off-by: Eric Roberts 
---
 system/core/Input.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Input.php b/system/core/Input.php
index 82e22dd49..68a8fe03f 100644
--- a/system/core/Input.php
+++ b/system/core/Input.php
@@ -720,9 +720,9 @@ class CI_Input {
 		}
 
 		// Standardize newlines if needed
-		if ($this->_standardize_newlines === TRUE && strpos($str, "\r") !== FALSE)
+		if ($this->_standardize_newlines === TRUE)
 		{
-			return str_replace(array("\r\n", "\r", "\r\n\n"), PHP_EOL, $str);
+			return preg_replace('/(?:\r\n|[\r\n])/', PHP_EOL, $str);
 		}
 
 		return $str;
-- 
cgit v1.2.3-24-g4f1b


From db529ca1e13e9f9e1c73be20c3b92a7adc3c6aa2 Mon Sep 17 00:00:00 2001
From: Andrey Andreev 
Date: Mon, 28 Jan 2013 11:00:02 +0200
Subject: Remove unnecessary defined('ENVIRONMENT') checks

As suggested in issue #2134 & PR #2149
---
 system/core/CodeIgniter.php | 2 +-
 system/core/Common.php      | 4 ++--
 system/core/Config.php      | 6 +-----
 system/core/Hooks.php       | 2 +-
 system/core/Loader.php      | 6 +++---
 system/core/Router.php      | 2 +-
 6 files changed, 9 insertions(+), 13 deletions(-)

(limited to 'system/core')

diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php
index 8affde64d..cb4b735d5 100644
--- a/system/core/CodeIgniter.php
+++ b/system/core/CodeIgniter.php
@@ -58,7 +58,7 @@ defined('BASEPATH') OR exit('No direct script access allowed');
  *  Load the framework constants
  * ------------------------------------------------------
  */
-	if (defined('ENVIRONMENT') && file_exists(APPPATH.'config/'.ENVIRONMENT.'/constants.php'))
+	if (file_exists(APPPATH.'config/'.ENVIRONMENT.'/constants.php'))
 	{
 		require(APPPATH.'config/'.ENVIRONMENT.'/constants.php');
 	}
diff --git a/system/core/Common.php b/system/core/Common.php
index d494caf80..90cc5b3a4 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -241,7 +241,7 @@ if ( ! function_exists('get_config'))
 		}
 
 		// Is the config file in the environment folder?
-		if (defined('ENVIRONMENT') && file_exists($file_path = APPPATH.'config/'.ENVIRONMENT.'/config.php'))
+		if (file_exists($file_path = APPPATH.'config/'.ENVIRONMENT.'/config.php'))
 		{
 			require($file_path);
 		}
@@ -316,7 +316,7 @@ if ( ! function_exists('get_mimes'))
 	{
 		static $_mimes = array();
 
-		if (defined('ENVIRONMENT') && is_file(APPPATH.'config/'.ENVIRONMENT.'/mimes.php'))
+		if (is_file(APPPATH.'config/'.ENVIRONMENT.'/mimes.php'))
 		{
 			$_mimes = include(APPPATH.'config/'.ENVIRONMENT.'/mimes.php');
 		}
diff --git a/system/core/Config.php b/system/core/Config.php
index 0160d1a15..7e64444bc 100644
--- a/system/core/Config.php
+++ b/system/core/Config.php
@@ -106,13 +106,9 @@ class CI_Config {
 		$file = ($file === '') ? 'config' : str_replace('.php', '', $file);
 		$found = $loaded = FALSE;
 
-		$check_locations = defined('ENVIRONMENT')
-			? array(ENVIRONMENT.'/'.$file, $file)
-			: array($file);
-
 		foreach ($this->_config_paths as $path)
 		{
-			foreach ($check_locations as $location)
+			foreach (array(ENVIRONMENT.'/'.$file, $file) as $location)
 			{
 				$file_path = $path.'config/'.$location.'.php';
 
diff --git a/system/core/Hooks.php b/system/core/Hooks.php
index 2cb416c0c..59759e02e 100644
--- a/system/core/Hooks.php
+++ b/system/core/Hooks.php
@@ -81,7 +81,7 @@ class CI_Hooks {
 		}
 
 		// Grab the "hooks" definition file.
-		if (defined('ENVIRONMENT') && is_file(APPPATH.'config/'.ENVIRONMENT.'/hooks.php'))
+		if (is_file(APPPATH.'config/'.ENVIRONMENT.'/hooks.php'))
 		{
 			include(APPPATH.'config/'.ENVIRONMENT.'/hooks.php');
 		}
diff --git a/system/core/Loader.php b/system/core/Loader.php
index 1ad07f1fa..bbd7a84b6 100644
--- a/system/core/Loader.php
+++ b/system/core/Loader.php
@@ -1089,12 +1089,12 @@ class CI_Loader {
 					// We test for both uppercase and lowercase, for servers that
 					// are case-sensitive with regard to file names. Check for environment
 					// first, global next
-					if (defined('ENVIRONMENT') && file_exists($path.'config/'.ENVIRONMENT.'/'.strtolower($class).'.php'))
+					if (file_exists($path.'config/'.ENVIRONMENT.'/'.strtolower($class).'.php'))
 					{
 						include($path.'config/'.ENVIRONMENT.'/'.strtolower($class).'.php');
 						break;
 					}
-					elseif (defined('ENVIRONMENT') && file_exists($path.'config/'.ENVIRONMENT.'/'.ucfirst(strtolower($class)).'.php'))
+					elseif (file_exists($path.'config/'.ENVIRONMENT.'/'.ucfirst(strtolower($class)).'.php'))
 					{
 						include($path.'config/'.ENVIRONMENT.'/'.ucfirst(strtolower($class)).'.php');
 						break;
@@ -1180,7 +1180,7 @@ class CI_Loader {
 	 */
 	protected function _ci_autoloader()
 	{
-		if (defined('ENVIRONMENT') && file_exists(APPPATH.'config/'.ENVIRONMENT.'/autoload.php'))
+		if (file_exists(APPPATH.'config/'.ENVIRONMENT.'/autoload.php'))
 		{
 			include(APPPATH.'config/'.ENVIRONMENT.'/autoload.php');
 		}
diff --git a/system/core/Router.php b/system/core/Router.php
index f284e29cc..4755b3712 100644
--- a/system/core/Router.php
+++ b/system/core/Router.php
@@ -133,7 +133,7 @@ class CI_Router {
 		}
 
 		// Load the routes.php file.
-		if (defined('ENVIRONMENT') && is_file(APPPATH.'config/'.ENVIRONMENT.'/routes.php'))
+		if (is_file(APPPATH.'config/'.ENVIRONMENT.'/routes.php'))
 		{
 			include(APPPATH.'config/'.ENVIRONMENT.'/routes.php');
 		}
-- 
cgit v1.2.3-24-g4f1b


From 3608e1a094945631c5b65e1f66460e4486c5b541 Mon Sep 17 00:00:00 2001
From: Andrey Andreev 
Date: Mon, 28 Jan 2013 16:27:30 +0200
Subject: Libraries' filenames must be named in a ucfirst-like manner

---
 system/core/Loader.php | 144 +++++++++++++++++++++----------------------------
 1 file changed, 60 insertions(+), 84 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Loader.php b/system/core/Loader.php
index bbd7a84b6..3ecce1676 100644
--- a/system/core/Loader.php
+++ b/system/core/Loader.php
@@ -96,13 +96,6 @@ class CI_Loader {
 	 */
 	protected $_ci_classes =	array();
 
-	/**
-	 * List of loaded files
-	 *
-	 * @var	array
-	 */
-	protected $_ci_loaded_files =	array();
-
 	/**
 	 * List of loaded models
 	 *
@@ -943,117 +936,100 @@ class CI_Loader {
 
 		// Was the path included with the class name?
 		// We look for a slash to determine this
-		$subdir = '';
 		if (($last_slash = strrpos($class, '/')) !== FALSE)
 		{
 			// Extract the path
-			$subdir = substr($class, 0, ++$last_slash);
+			$subdir = ucfirst(substr($class, 0, ++$last_slash));
 
 			// Get the filename from the path
 			$class = substr($class, $last_slash);
 		}
+		else
+		{
+			$subdir = '';
+		}
+
+		$class = ucfirst($class);
+		$subclass = APPPATH.'libraries/'.$subdir.config_item('subclass_prefix').$class.'.php';
 
-		// We'll test for both lowercase and capitalized versions of the file name
-		foreach (array(ucfirst($class), strtolower($class)) as $class)
+		// Is this a class extension request?
+		if (file_exists($subclass))
 		{
-			$subclass = APPPATH.'libraries/'.$subdir.config_item('subclass_prefix').$class.'.php';
+			$baseclass = BASEPATH.'libraries/'.$class.'.php';
 
-			// Is this a class extension request?
-			if (file_exists($subclass))
+			if ( ! file_exists($baseclass))
 			{
-				$baseclass = BASEPATH.'libraries/'.ucfirst($class).'.php';
-
-				if ( ! file_exists($baseclass))
-				{
-					log_message('error', 'Unable to load the requested class: '.$class);
-					show_error('Unable to load the requested class: '.$class);
-				}
+				log_message('error', 'Unable to load the requested class: '.$class);
+				show_error('Unable to load the requested class: '.$class);
+			}
 
-				// Safety: Was the class already loaded by a previous call?
-				if (in_array($subclass, $this->_ci_loaded_files))
+			// Safety: Was the class already loaded by a previous call?
+			if (class_exists(config_item('subclass_prefix').$class, FALSE))
+			{
+				// Before we deem this to be a duplicate request, let's see
+				// if a custom object name is being supplied. If so, we'll
+				// return a new instance of the object
+				if ($object_name !== NULL)
 				{
-					// Before we deem this to be a duplicate request, let's see
-					// if a custom object name is being supplied. If so, we'll
-					// return a new instance of the object
-					if ($object_name !== NULL)
+					$CI =& get_instance();
+					if ( ! isset($CI->$object_name))
 					{
-						$CI =& get_instance();
-						if ( ! isset($CI->$object_name))
-						{
-							return $this->_ci_init_class($class, config_item('subclass_prefix'), $params, $object_name);
-						}
+						return $this->_ci_init_class($class, config_item('subclass_prefix'), $params, $object_name);
 					}
-
-					$is_duplicate = TRUE;
-					log_message('debug', $class.' class already loaded. Second attempt ignored.');
-					return;
 				}
 
-				include_once($baseclass);
-				include_once($subclass);
-				$this->_ci_loaded_files[] = $subclass;
-
-				return $this->_ci_init_class($class, config_item('subclass_prefix'), $params, $object_name);
+				log_message('debug', $class.' class already loaded. Second attempt ignored.');
+				return;
 			}
 
-			// Lets search for the requested library file and load it.
-			$is_duplicate = FALSE;
-			foreach ($this->_ci_library_paths as $path)
-			{
-				$filepath = $path.'libraries/'.$subdir.$class.'.php';
+			include_once($baseclass);
+			include_once($subclass);
 
-				// Does the file exist? No? Bummer...
-				if ( ! file_exists($filepath))
-				{
-					continue;
-				}
+			return $this->_ci_init_class($class, config_item('subclass_prefix'), $params, $object_name);
+		}
+
+		// Lets search for the requested library file and load it.
+		foreach ($this->_ci_library_paths as $path)
+		{
+			$filepath = $path.'libraries/'.$subdir.$class.'.php';
 
-				// Safety: Was the class already loaded by a previous call?
-				if (in_array($filepath, $this->_ci_loaded_files))
+			// Safety: Was the class already loaded by a previous call?
+			if (class_exists($class, FALSE))
+			{
+				// Before we deem this to be a duplicate request, let's see
+				// if a custom object name is being supplied. If so, we'll
+				// return a new instance of the object
+				if ($object_name !== NULL)
 				{
-					// Before we deem this to be a duplicate request, let's see
-					// if a custom object name is being supplied. If so, we'll
-					// return a new instance of the object
-					if ($object_name !== NULL)
+					$CI =& get_instance();
+					if ( ! isset($CI->$object_name))
 					{
-						$CI =& get_instance();
-						if ( ! isset($CI->$object_name))
-						{
-							return $this->_ci_init_class($class, '', $params, $object_name);
-						}
+						return $this->_ci_init_class($class, '', $params, $object_name);
 					}
-
-					$is_duplicate = TRUE;
-					log_message('debug', $class.' class already loaded. Second attempt ignored.');
-					return;
 				}
 
-				include_once($filepath);
-				$this->_ci_loaded_files[] = $filepath;
-				return $this->_ci_init_class($class, '', $params, $object_name);
+				log_message('debug', $class.' class already loaded. Second attempt ignored.');
+				return;
+			}
+			// Does the file exist? No? Bummer...
+			elseif ( ! file_exists($filepath))
+			{
+				continue;
 			}
-		} // END FOREACH
+
+			include_once($filepath);
+			return $this->_ci_init_class($class, '', $params, $object_name);
+		}
 
 		// One last attempt. Maybe the library is in a subdirectory, but it wasn't specified?
 		if ($subdir === '')
 		{
-			$path = strtolower($class).'/'.$class;
-			return $this->_ci_load_class($path, $params, $object_name);
-		}
-		elseif (ucfirst($subdir) != $subdir)
-		{
-			// Lowercase subdir failed - retry capitalized
-			$path = ucfirst($subdir).$class;
-			return $this->_ci_load_class($path, $params, $object_name);
+			return $this->_ci_load_class($class.'/'.$class, $params, $object_name);
 		}
 
 		// If we got this far we were unable to find the requested class.
-		// We do not issue errors if the load call failed due to a duplicate request
-		if ($is_duplicate === FALSE)
-		{
-			log_message('error', 'Unable to load the requested class: '.$class);
-			show_error('Unable to load the requested class: '.$class);
-		}
+		log_message('error', 'Unable to load the requested class: '.$class);
+		show_error('Unable to load the requested class: '.$class);
 	}
 
 	// --------------------------------------------------------------------
-- 
cgit v1.2.3-24-g4f1b


From c26d34ff12458760eb843454d3224e1dad1fb2e0 Mon Sep 17 00:00:00 2001
From: Andrey Andreev 
Date: Mon, 28 Jan 2013 21:46:08 +0200
Subject: Fix issue #2202 and alter Loader Class docs

---
 system/core/Loader.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'system/core')

diff --git a/system/core/Loader.php b/system/core/Loader.php
index 3ecce1676..00ca35199 100644
--- a/system/core/Loader.php
+++ b/system/core/Loader.php
@@ -939,7 +939,7 @@ class CI_Loader {
 		if (($last_slash = strrpos($class, '/')) !== FALSE)
 		{
 			// Extract the path
-			$subdir = ucfirst(substr($class, 0, ++$last_slash));
+			$subdir = substr($class, 0, ++$last_slash);
 
 			// Get the filename from the path
 			$class = substr($class, $last_slash);
-- 
cgit v1.2.3-24-g4f1b


From 0687911229be13e100724dbf8b15b95146b591a9 Mon Sep 17 00:00:00 2001
From: Andrey Andreev 
Date: Tue, 29 Jan 2013 15:05:02 +0200
Subject: Replace is_file() with the faster file_exists() (where it makes
 sense)

Also:
 - Implemented caching of configuration arrays for smileys, foreign characters and doctypes.
 - Implemented cascading-style loading of configuration files (except for library configs, DB and constants.php).
---
 system/core/Common.php | 4 ++--
 system/core/Hooks.php  | 5 +++--
 system/core/Router.php | 9 +++++----
 3 files changed, 10 insertions(+), 8 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Common.php b/system/core/Common.php
index 90cc5b3a4..258cd4967 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -316,11 +316,11 @@ if ( ! function_exists('get_mimes'))
 	{
 		static $_mimes = array();
 
-		if (is_file(APPPATH.'config/'.ENVIRONMENT.'/mimes.php'))
+		if (file_exists(APPPATH.'config/'.ENVIRONMENT.'/mimes.php'))
 		{
 			$_mimes = include(APPPATH.'config/'.ENVIRONMENT.'/mimes.php');
 		}
-		elseif (is_file(APPPATH.'config/mimes.php'))
+		elseif (file_exists(APPPATH.'config/mimes.php'))
 		{
 			$_mimes = include(APPPATH.'config/mimes.php');
 		}
diff --git a/system/core/Hooks.php b/system/core/Hooks.php
index 59759e02e..17f6a027e 100644
--- a/system/core/Hooks.php
+++ b/system/core/Hooks.php
@@ -81,11 +81,12 @@ class CI_Hooks {
 		}
 
 		// Grab the "hooks" definition file.
-		if (is_file(APPPATH.'config/'.ENVIRONMENT.'/hooks.php'))
+		if (file_exists(APPPATH.'config/'.ENVIRONMENT.'/hooks.php'))
 		{
 			include(APPPATH.'config/'.ENVIRONMENT.'/hooks.php');
 		}
-		elseif (is_file(APPPATH.'config/hooks.php'))
+
+		if (file_exists(APPPATH.'config/hooks.php'))
 		{
 			include(APPPATH.'config/hooks.php');
 		}
diff --git a/system/core/Router.php b/system/core/Router.php
index 4755b3712..bb0ce16bd 100644
--- a/system/core/Router.php
+++ b/system/core/Router.php
@@ -133,13 +133,14 @@ class CI_Router {
 		}
 
 		// Load the routes.php file.
-		if (is_file(APPPATH.'config/'.ENVIRONMENT.'/routes.php'))
+		if (file_exists(APPPATH.'config/routes.php'))
 		{
-			include(APPPATH.'config/'.ENVIRONMENT.'/routes.php');
+			include(APPPATH.'config/routes.php');
 		}
-		elseif (is_file(APPPATH.'config/routes.php'))
+
+		if (file_exists(APPPATH.'config/'.ENVIRONMENT.'/routes.php'))
 		{
-			include(APPPATH.'config/routes.php');
+			include(APPPATH.'config/'.ENVIRONMENT.'/routes.php');
 		}
 
 		$this->routes = (empty($route) OR ! is_array($route)) ? array() : $route;
-- 
cgit v1.2.3-24-g4f1b


From 7e5597782a589e4171ca08abdd9ce1a185542ff4 Mon Sep 17 00:00:00 2001
From: Andrey Andreev 
Date: Tue, 29 Jan 2013 15:38:33 +0200
Subject: Replace CI_Upload::clean_file_name() usage with
 CI_Security::sanitize_filename()

Also applied @xeptor's fix (a big thanks) to the sanitize_filename() method and added a changelog entry for it - fixes issue #73.
---
 system/core/Security.php | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

(limited to 'system/core')

diff --git a/system/core/Security.php b/system/core/Security.php
index a6cd14a5f..7aae54efc 100644
--- a/system/core/Security.php
+++ b/system/core/Security.php
@@ -576,7 +576,15 @@ class CI_Security {
 		}
 
 		$str = remove_invisible_characters($str, FALSE);
-		return stripslashes(str_replace($bad, '', $str));
+
+		do
+		{
+			$old = $str;
+			$str = str_replace($bad, '', $str);
+		}
+		while ($old !== $str);
+
+		return stripslashes($str);
 	}
 
 	// ----------------------------------------------------------------
-- 
cgit v1.2.3-24-g4f1b


From 3683723212c1de682c4e026df28fe3b03b4ea404 Mon Sep 17 00:00:00 2001
From: Bo-Yi Wu 
Date: Wed, 30 Jan 2013 23:18:50 +0800
Subject: core comment error.

Signed-off-by: Bo-Yi Wu 
---
 system/core/Log.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'system/core')

diff --git a/system/core/Log.php b/system/core/Log.php
index cd3c17e1e..f5d091e14 100644
--- a/system/core/Log.php
+++ b/system/core/Log.php
@@ -179,4 +179,4 @@ class CI_Log {
 }
 
 /* End of file Log.php */
-/* Location: ./system/libraries/Log.php */
\ No newline at end of file
+/* Location: ./system/core/Log.php */
\ No newline at end of file
-- 
cgit v1.2.3-24-g4f1b


From aae91a45e27cb11e09b22bf9be04a7da9f6ff20b Mon Sep 17 00:00:00 2001
From: Chris Passas 
Date: Wed, 13 Feb 2013 11:51:30 -0500
Subject: Update system/core/Log.php
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Updated Log.php so that a developer can extend it and change the log file extension.

It makes sense to default to .php when logs are in the public web folder.  It would be nice if a developer moves the log file path we have the option to use a standard extension like .log
---
 system/core/Log.php | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Log.php b/system/core/Log.php
index f5d091e14..3b0a9213d 100644
--- a/system/core/Log.php
+++ b/system/core/Log.php
@@ -71,6 +71,13 @@ class CI_Log {
 	 * @var string
 	 */
 	protected $_date_fmt		= 'Y-m-d H:i:s';
+	
+	/**
+	 * Log file extension
+	 *
+	 * @var string
+	 */
+	protected $_log_ext		= 'php';
 
 	/**
 	 * Whether or not the logger can write to the log files
@@ -147,7 +154,7 @@ class CI_Log {
 			return FALSE;
 		}
 
-		$filepath = $this->_log_path.'log-'.date('Y-m-d').'.php';
+		$filepath = $this->_log_path.'log-'.date('Y-m-d').'.'.$this->_log_ext;
 		$message  = '';
 
 		if ( ! file_exists($filepath))
@@ -179,4 +186,4 @@ class CI_Log {
 }
 
 /* End of file Log.php */
-/* Location: ./system/core/Log.php */
\ No newline at end of file
+/* Location: ./system/core/Log.php */
-- 
cgit v1.2.3-24-g4f1b


From 0bd6b28045c9b9a820e580b3f651f474b60348a3 Mon Sep 17 00:00:00 2001
From: Chris Passas 
Date: Wed, 13 Feb 2013 14:16:18 -0500
Subject: Added support for changing the default log file extension from .php
 to whatever is preferred. example (.log)

This is a follow up to this pull request.

https://github.com/EllisLab/CodeIgniter/pull/2243
---
 system/core/Log.php | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'system/core')

diff --git a/system/core/Log.php b/system/core/Log.php
index 3b0a9213d..7572d2ac6 100644
--- a/system/core/Log.php
+++ b/system/core/Log.php
@@ -104,6 +104,8 @@ class CI_Log {
 
 		$this->_log_path = ($config['log_path'] !== '') ? $config['log_path'] : APPPATH.'logs/';
 
+		$this->_log_ext = ($config['log_file_extension'] !== '') ? $config['log_file_extension'] : $this->_log_ext;
+
 		file_exists($this->_log_path) OR mkdir($this->_log_path, DIR_WRITE_MODE, TRUE);
 
 		if ( ! is_dir($this->_log_path) OR ! is_really_writable($this->_log_path))
-- 
cgit v1.2.3-24-g4f1b


From 7219232771ee28f6f18248cfffd4fdffa570dfb7 Mon Sep 17 00:00:00 2001
From: maltzurra 
Date: Thu, 14 Feb 2013 11:12:37 +0100
Subject: Update system/core/Common.php

Updated is_https() to avoid "NULL" or "0" values to set HTTPS.
---
 system/core/Common.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Common.php b/system/core/Common.php
index 258cd4967..136dd521c 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -343,7 +343,7 @@ if ( ! function_exists('is_https'))
 	 */
 	function is_https()
 	{
-		return ( ! empty($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) !== 'off');
+		return (isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) === 'on');
 	}
 }
 
@@ -713,4 +713,4 @@ if ( ! function_exists('function_usable'))
 }
 
 /* End of file Common.php */
-/* Location: ./system/core/Common.php */
\ No newline at end of file
+/* Location: ./system/core/Common.php */
-- 
cgit v1.2.3-24-g4f1b


From 2718f6c8a5bbae38b7a7f875c6eef40739ce8ee4 Mon Sep 17 00:00:00 2001
From: Chris Passas 
Date: Thu, 14 Feb 2013 08:57:49 -0500
Subject: Update system/core/Log.php

Added ltrim() as requested to strip '.' incase it's added by mistake.
---
 system/core/Log.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'system/core')

diff --git a/system/core/Log.php b/system/core/Log.php
index 7572d2ac6..abc7b2494 100644
--- a/system/core/Log.php
+++ b/system/core/Log.php
@@ -104,7 +104,7 @@ class CI_Log {
 
 		$this->_log_path = ($config['log_path'] !== '') ? $config['log_path'] : APPPATH.'logs/';
 
-		$this->_log_ext = ($config['log_file_extension'] !== '') ? $config['log_file_extension'] : $this->_log_ext;
+		$this->_log_ext = ($config['log_file_extension'] !== '') ? ltrim($config['log_file_extension'],'.') : $this->_log_ext;
 
 		file_exists($this->_log_path) OR mkdir($this->_log_path, DIR_WRITE_MODE, TRUE);
 
-- 
cgit v1.2.3-24-g4f1b


From fb8de247990189721bc7b2e48fe57ceb2db039f5 Mon Sep 17 00:00:00 2001
From: Chris Passas 
Date: Thu, 14 Feb 2013 09:01:24 -0500
Subject: Update system/core/Log.php

Don't print no script access code into log file if log file is not .php anymore.
---
 system/core/Log.php | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

(limited to 'system/core')

diff --git a/system/core/Log.php b/system/core/Log.php
index abc7b2494..7b2082a6c 100644
--- a/system/core/Log.php
+++ b/system/core/Log.php
@@ -162,7 +162,10 @@ class CI_Log {
 		if ( ! file_exists($filepath))
 		{
 			$newfile = TRUE;
-			$message .= '<'."?php defined('BASEPATH') OR exit('No direct script access allowed'); ?".">\n\n";
+			if($this->_log_ext === 'php')
+			{
+				$message .= '<'."?php defined('BASEPATH') OR exit('No direct script access allowed'); ?".">\n\n";
+			}
 		}
 
 		if ( ! $fp = @fopen($filepath, FOPEN_WRITE_CREATE))
-- 
cgit v1.2.3-24-g4f1b


From de8766f0a538ef9c4d39dcd88efc9422b5170360 Mon Sep 17 00:00:00 2001
From: maltzurra 
Date: Thu, 14 Feb 2013 15:38:58 +0100
Subject: Update system/core/Common.php

---
 system/core/Common.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'system/core')

diff --git a/system/core/Common.php b/system/core/Common.php
index 136dd521c..0386ff37a 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -713,4 +713,5 @@ if ( ! function_exists('function_usable'))
 }
 
 /* End of file Common.php */
-/* Location: ./system/core/Common.php */
+/* Location: ./system/core/Common.php 
+*/
-- 
cgit v1.2.3-24-g4f1b


From beafe2fffbe5407f735caf2c286540d896d113f3 Mon Sep 17 00:00:00 2001
From: maltzurra 
Date: Thu, 14 Feb 2013 15:39:17 +0100
Subject: Update system/core/Common.php

---
 system/core/Common.php | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Common.php b/system/core/Common.php
index 0386ff37a..136dd521c 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -713,5 +713,4 @@ if ( ! function_exists('function_usable'))
 }
 
 /* End of file Common.php */
-/* Location: ./system/core/Common.php 
-*/
+/* Location: ./system/core/Common.php */
-- 
cgit v1.2.3-24-g4f1b


From 3567246091195e035ea4c8d3b2915eb6b45ad5e2 Mon Sep 17 00:00:00 2001
From: vlakoff 
Date: Fri, 15 Feb 2013 01:36:04 +0100
Subject: Various cosmetic fixes

---
 system/core/Loader.php | 2 +-
 system/core/URI.php    | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Loader.php b/system/core/Loader.php
index 00ca35199..9306a09ef 100644
--- a/system/core/Loader.php
+++ b/system/core/Loader.php
@@ -988,7 +988,7 @@ class CI_Loader {
 			return $this->_ci_init_class($class, config_item('subclass_prefix'), $params, $object_name);
 		}
 
-		// Lets search for the requested library file and load it.
+		// Let's search for the requested library file and load it.
 		foreach ($this->_ci_library_paths as $path)
 		{
 			$filepath = $path.'libraries/'.$subdir.$class.'.php';
diff --git a/system/core/URI.php b/system/core/URI.php
index 9b31a646b..b2286f032 100644
--- a/system/core/URI.php
+++ b/system/core/URI.php
@@ -126,7 +126,7 @@ class CI_URI {
 				return;
 			}
 
-			// As a last ditch effort lets try using the $_GET array
+			// As a last ditch effort let's try using the $_GET array
 			if (is_array($_GET) && count($_GET) === 1 && trim(key($_GET), '/') !== '')
 			{
 				$this->_set_uri_string(key($_GET));
-- 
cgit v1.2.3-24-g4f1b


From 8d8636778ac600176772c4d54321a1e0842e5b07 Mon Sep 17 00:00:00 2001
From: Chris Passas 
Date: Fri, 15 Feb 2013 09:06:11 -0500
Subject: Update system/core/Log.php

Added a space after the comma on the ltrim().
---
 system/core/Log.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'system/core')

diff --git a/system/core/Log.php b/system/core/Log.php
index 7b2082a6c..2a4728dc4 100644
--- a/system/core/Log.php
+++ b/system/core/Log.php
@@ -104,7 +104,7 @@ class CI_Log {
 
 		$this->_log_path = ($config['log_path'] !== '') ? $config['log_path'] : APPPATH.'logs/';
 
-		$this->_log_ext = ($config['log_file_extension'] !== '') ? ltrim($config['log_file_extension'],'.') : $this->_log_ext;
+		$this->_log_ext = ($config['log_file_extension'] !== '') ? ltrim($config['log_file_extension'], '.') : $this->_log_ext;
 
 		file_exists($this->_log_path) OR mkdir($this->_log_path, DIR_WRITE_MODE, TRUE);
 
-- 
cgit v1.2.3-24-g4f1b


From ce6f43b7120a184aa0cff0bdb90fa3d7f032e14b Mon Sep 17 00:00:00 2001
From: Chris Passas 
Date: Tue, 12 Feb 2013 16:58:38 -0500
Subject: Update system/core/Common.php
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

If using nginx instead of apache by default nginx will not populate the $_SERVER['HTTPS'] value.  This change allows falling back to checking the port number of the request to determine if your on SSL or not.

The other option is adding the following to your nginx config.

fastcgi_param HTTPS on; #some php apps require this to detent https
---
 system/core/Common.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Common.php b/system/core/Common.php
index 258cd4967..b9c872748 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -343,7 +343,7 @@ if ( ! function_exists('is_https'))
 	 */
 	function is_https()
 	{
-		return ( ! empty($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) !== 'off');
+		return (  ( ! empty($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) !== 'off' ) || ($_SERVER["SERVER_PORT"] === '443') );
 	}
 }
 
@@ -713,4 +713,4 @@ if ( ! function_exists('function_usable'))
 }
 
 /* End of file Common.php */
-/* Location: ./system/core/Common.php */
\ No newline at end of file
+/* Location: ./system/core/Common.php */
-- 
cgit v1.2.3-24-g4f1b


From 614cc1c384b84801428f9823007586584af00653 Mon Sep 17 00:00:00 2001
From: Chris Passas 
Date: Wed, 13 Feb 2013 11:45:20 -0500
Subject: Revert "Update system/core/Common.php"

This reverts commit 8af05ac97513764cc539919e179794df87352c30.
---
 system/core/Common.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Common.php b/system/core/Common.php
index b9c872748..258cd4967 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -343,7 +343,7 @@ if ( ! function_exists('is_https'))
 	 */
 	function is_https()
 	{
-		return (  ( ! empty($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) !== 'off' ) || ($_SERVER["SERVER_PORT"] === '443') );
+		return ( ! empty($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) !== 'off');
 	}
 }
 
@@ -713,4 +713,4 @@ if ( ! function_exists('function_usable'))
 }
 
 /* End of file Common.php */
-/* Location: ./system/core/Common.php */
+/* Location: ./system/core/Common.php */
\ No newline at end of file
-- 
cgit v1.2.3-24-g4f1b


From b0607703b32ec790cc300e9f77a18ea17ab6d7dd Mon Sep 17 00:00:00 2001
From: Chris Passas 
Date: Wed, 13 Feb 2013 11:47:02 -0500
Subject: Revert "Revert "Update system/core/Common.php""

This reverts commit 3de57eaea8510ea9cfd70f063565c24904669c4c.
---
 system/core/Common.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Common.php b/system/core/Common.php
index 258cd4967..b9c872748 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -343,7 +343,7 @@ if ( ! function_exists('is_https'))
 	 */
 	function is_https()
 	{
-		return ( ! empty($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) !== 'off');
+		return (  ( ! empty($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) !== 'off' ) || ($_SERVER["SERVER_PORT"] === '443') );
 	}
 }
 
@@ -713,4 +713,4 @@ if ( ! function_exists('function_usable'))
 }
 
 /* End of file Common.php */
-/* Location: ./system/core/Common.php */
\ No newline at end of file
+/* Location: ./system/core/Common.php */
-- 
cgit v1.2.3-24-g4f1b


From 6f19fd770b67804797c55d47c1c5f5fcb3a37b2e Mon Sep 17 00:00:00 2001
From: Chris Passas 
Date: Wed, 13 Feb 2013 11:47:02 -0500
Subject: Revert "Update system/core/Log.php"

This reverts commit bbc6ab4736a896be83e3e3d5f8856374ffa2984c.
---
 system/core/Log.php | 11 ++---------
 1 file changed, 2 insertions(+), 9 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Log.php b/system/core/Log.php
index 2a4728dc4..0749de8ba 100644
--- a/system/core/Log.php
+++ b/system/core/Log.php
@@ -71,13 +71,6 @@ class CI_Log {
 	 * @var string
 	 */
 	protected $_date_fmt		= 'Y-m-d H:i:s';
-	
-	/**
-	 * Log file extension
-	 *
-	 * @var string
-	 */
-	protected $_log_ext		= 'php';
 
 	/**
 	 * Whether or not the logger can write to the log files
@@ -156,7 +149,7 @@ class CI_Log {
 			return FALSE;
 		}
 
-		$filepath = $this->_log_path.'log-'.date('Y-m-d').'.'.$this->_log_ext;
+		$filepath = $this->_log_path.'log-'.date('Y-m-d').'.php';
 		$message  = '';
 
 		if ( ! file_exists($filepath))
@@ -191,4 +184,4 @@ class CI_Log {
 }
 
 /* End of file Log.php */
-/* Location: ./system/core/Log.php */
+/* Location: ./system/core/Log.php */
\ No newline at end of file
-- 
cgit v1.2.3-24-g4f1b


From 62f7cdf3a6f5d701430267ef9ba9bfd92650deab Mon Sep 17 00:00:00 2001
From: Chris Passas 
Date: Wed, 13 Feb 2013 11:47:45 -0500
Subject: Revert "Update system/core/Common.php"

This reverts commit 8af05ac97513764cc539919e179794df87352c30.
---
 system/core/Common.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Common.php b/system/core/Common.php
index b9c872748..258cd4967 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -343,7 +343,7 @@ if ( ! function_exists('is_https'))
 	 */
 	function is_https()
 	{
-		return (  ( ! empty($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) !== 'off' ) || ($_SERVER["SERVER_PORT"] === '443') );
+		return ( ! empty($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) !== 'off');
 	}
 }
 
@@ -713,4 +713,4 @@ if ( ! function_exists('function_usable'))
 }
 
 /* End of file Common.php */
-/* Location: ./system/core/Common.php */
+/* Location: ./system/core/Common.php */
\ No newline at end of file
-- 
cgit v1.2.3-24-g4f1b


From a107a0fd79d0ee5f6292138a76398ed390041710 Mon Sep 17 00:00:00 2001
From: Andrey Andreev 
Date: Fri, 15 Feb 2013 22:30:31 +0200
Subject: Fix some stuff from recent pull requests

---
 system/core/Common.php |  6 +++---
 system/core/Log.php    | 24 +++++++++++++++++-------
 2 files changed, 20 insertions(+), 10 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Common.php b/system/core/Common.php
index 136dd521c..f8c1290f5 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -414,7 +414,7 @@ if ( ! function_exists('log_message'))
 	function log_message($level = 'error', $message, $php_error = FALSE)
 	{
 		static $_log, $_log_threshold;
-		
+
 		if ($_log_threshold === NULL)
 		{
 			$_log_threshold = config_item('log_threshold');
@@ -429,7 +429,7 @@ if ( ! function_exists('log_message'))
 		{
 			$_log =& load_class('Log', 'core');
 		}
-		
+
 		$_log->write_log($level, $message, $php_error);
 	}
 }
@@ -713,4 +713,4 @@ if ( ! function_exists('function_usable'))
 }
 
 /* End of file Common.php */
-/* Location: ./system/core/Common.php */
+/* Location: ./system/core/Common.php */
\ No newline at end of file
diff --git a/system/core/Log.php b/system/core/Log.php
index 0749de8ba..a84d3dc22 100644
--- a/system/core/Log.php
+++ b/system/core/Log.php
@@ -72,6 +72,13 @@ class CI_Log {
 	 */
 	protected $_date_fmt		= 'Y-m-d H:i:s';
 
+	/**
+	 * Filename extension
+	 *
+	 * @var	string
+	 */
+	protected $_file_ext;
+
 	/**
 	 * Whether or not the logger can write to the log files
 	 *
@@ -86,8 +93,10 @@ class CI_Log {
 	 */
 	protected $_levels		= array('ERROR' => 1, 'DEBUG' => 2, 'INFO' => 3, 'ALL' => 4);
 
+	// --------------------------------------------------------------------
+
 	/**
-	 * Initialize Logging class
+	 * Class constructor
 	 *
 	 * @return	void
 	 */
@@ -96,8 +105,8 @@ class CI_Log {
 		$config =& get_config();
 
 		$this->_log_path = ($config['log_path'] !== '') ? $config['log_path'] : APPPATH.'logs/';
-
-		$this->_log_ext = ($config['log_file_extension'] !== '') ? ltrim($config['log_file_extension'], '.') : $this->_log_ext;
+		$this->_file_ext = (isset($config['log_file_extension']) && $config['log_file_extension'] !== '')
+			? ltrim($config['log_file_extension'], '.') : 'php';
 
 		file_exists($this->_log_path) OR mkdir($this->_log_path, DIR_WRITE_MODE, TRUE);
 
@@ -149,15 +158,16 @@ class CI_Log {
 			return FALSE;
 		}
 
-		$filepath = $this->_log_path.'log-'.date('Y-m-d').'.php';
-		$message  = '';
+		$filepath = $this->_log_path.'log-'.date('Y-m-d').'.'.$this->_file_ext;
+		$message = '';
 
 		if ( ! file_exists($filepath))
 		{
 			$newfile = TRUE;
-			if($this->_log_ext === 'php')
+			// Only add protection to php files
+			if ($this->_file_ext === 'php')
 			{
-				$message .= '<'."?php defined('BASEPATH') OR exit('No direct script access allowed'); ?".">\n\n";
+				$message .= "\n\n";
 			}
 		}
 
-- 
cgit v1.2.3-24-g4f1b


From 49e68de96b420a444c826995746a5f09470e76d9 Mon Sep 17 00:00:00 2001
From: Andrey Andreev 
Date: Thu, 21 Feb 2013 16:30:55 +0200
Subject: Disable autoloader call from class_exists() occurences to improve
 performance

Note: The Driver libary tests seem to depend on that, so one occurence in CI_Loader is left until we resolve that.
---
 system/core/CodeIgniter.php |  6 +++---
 system/core/Common.php      |  4 ++--
 system/core/Hooks.php       |  2 +-
 system/core/Loader.php      | 10 +++++-----
 system/core/Output.php      |  2 +-
 5 files changed, 12 insertions(+), 12 deletions(-)

(limited to 'system/core')

diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php
index cb4b735d5..7f76977b5 100644
--- a/system/core/CodeIgniter.php
+++ b/system/core/CodeIgniter.php
@@ -263,7 +263,7 @@ defined('BASEPATH') OR exit('No direct script access allowed');
 	$class  = $RTR->fetch_class();
 	$method = $RTR->fetch_method();
 
-	if ( ! class_exists($class) OR $method[0] === '_' OR method_exists('CI_Controller', $method))
+	if ( ! class_exists($class, FALSE) OR $method[0] === '_' OR method_exists('CI_Controller', $method))
 	{
 		if ( ! empty($RTR->routes['404_override']))
 		{
@@ -272,7 +272,7 @@ defined('BASEPATH') OR exit('No direct script access allowed');
 				$method = 'index';
 			}
 
-			if ( ! class_exists($class))
+			if ( ! class_exists($class, FALSE))
 			{
 				if ( ! file_exists(APPPATH.'controllers/'.$class.'.php'))
 				{
@@ -310,7 +310,7 @@ defined('BASEPATH') OR exit('No direct script access allowed');
 				$method = 'index';
 			}
 
-			if ( ! class_exists($class))
+			if ( ! class_exists($class, FALSE))
 			{
 				if ( ! file_exists(APPPATH.'controllers/'.$class.'.php'))
 				{
diff --git a/system/core/Common.php b/system/core/Common.php
index f8c1290f5..ee9bb2e87 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -149,7 +149,7 @@ if ( ! function_exists('load_class'))
 			{
 				$name = $prefix.$class;
 
-				if (class_exists($name) === FALSE)
+				if (class_exists($name, FALSE) === FALSE)
 				{
 					require_once($path.$directory.'/'.$class.'.php');
 				}
@@ -163,7 +163,7 @@ if ( ! function_exists('load_class'))
 		{
 			$name = config_item('subclass_prefix').$class;
 
-			if (class_exists($name) === FALSE)
+			if (class_exists($name, FALSE) === FALSE)
 			{
 				require_once(APPPATH.$directory.'/'.config_item('subclass_prefix').$class.'.php');
 			}
diff --git a/system/core/Hooks.php b/system/core/Hooks.php
index 17f6a027e..b3b111991 100644
--- a/system/core/Hooks.php
+++ b/system/core/Hooks.php
@@ -195,7 +195,7 @@ class CI_Hooks {
 		// Call the requested class and/or function
 		if ($class !== FALSE)
 		{
-			if ( ! class_exists($class))
+			if ( ! class_exists($class, FALSE))
 			{
 				require($filepath);
 			}
diff --git a/system/core/Loader.php b/system/core/Loader.php
index 9306a09ef..6e5b58ba7 100644
--- a/system/core/Loader.php
+++ b/system/core/Loader.php
@@ -270,7 +270,7 @@ class CI_Loader {
 				continue;
 			}
 
-			if ($db_conn !== FALSE && ! class_exists('CI_DB'))
+			if ($db_conn !== FALSE && ! class_exists('CI_DB', FALSE))
 			{
 				if ($db_conn === TRUE)
 				{
@@ -280,7 +280,7 @@ class CI_Loader {
 				$CI->load->database($db_conn, FALSE, TRUE);
 			}
 
-			if ( ! class_exists('CI_Model'))
+			if ( ! class_exists('CI_Model', FALSE))
 			{
 				load_class('Model', 'core');
 			}
@@ -1091,11 +1091,11 @@ class CI_Loader {
 
 		if ($prefix === '')
 		{
-			if (class_exists('CI_'.$class))
+			if (class_exists('CI_'.$class, FALSE))
 			{
 				$name = 'CI_'.$class;
 			}
-			elseif (class_exists(config_item('subclass_prefix').$class))
+			elseif (class_exists(config_item('subclass_prefix').$class, FALSE))
 			{
 				$name = config_item('subclass_prefix').$class;
 			}
@@ -1110,7 +1110,7 @@ class CI_Loader {
 		}
 
 		// Is the class name valid?
-		if ( ! class_exists($name))
+		if ( ! class_exists($name, FALSE))
 		{
 			log_message('error', 'Non-existent class: '.$name);
 			show_error('Non-existent class: '.$name);
diff --git a/system/core/Output.php b/system/core/Output.php
index a20841463..25ecd496c 100644
--- a/system/core/Output.php
+++ b/system/core/Output.php
@@ -395,7 +395,7 @@ class CI_Output {
 		global $BM, $CFG;
 
 		// Grab the super object if we can.
-		if (class_exists('CI_Controller'))
+		if (class_exists('CI_Controller', FALSE))
 		{
 			$CI =& get_instance();
 		}
-- 
cgit v1.2.3-24-g4f1b


From 3b5b7f48848d098c6190781f8790a1b0dcb0217c Mon Sep 17 00:00:00 2001
From: Daniel Hunsaker 
Date: Fri, 22 Feb 2013 19:17:56 -0700
Subject: Updated exit codes as constant values

Re-allocated exit status codes according to three references, which follow:

BSD sysexits.h:http://www.gsp.com/cgi-bin/man.cgi?section=3&topic=sysexits
GNU recomendations:http://www.gnu.org/software/libc/manual/html_node/Exit-Status.html
Bash scripting:http://tldp.org/LDP/abs/html/exitcodes.html

The GNU recommendations stem from and expand upon the standard C/C++ library (stdlibc)
definitions, while also suggesting some best-practice conventions which happen to prevent
exit status code collisions with bash, and probably other shells.

The re-allocated codes are now mapped to constant values, set in *application/config/constants.php*,
and used throughout the CodeIgniter core.  They would additionally be used in *index.php*,
but the constants file hasn't been loaded at that point, so the integer values are used
instead, and a comment follows each such use with amplifying information on why that
particular value was selected.

Finally, the errors documentation has been updated accordingly.

Signed-off-by: Daniel Hunsaker 
---
 system/core/CodeIgniter.php |  2 +-
 system/core/Common.php      | 16 ++++++++++------
 system/core/Exceptions.php  |  2 +-
 system/core/Input.php       |  2 +-
 system/core/Output.php      |  2 +-
 5 files changed, 14 insertions(+), 10 deletions(-)

(limited to 'system/core')

diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php
index 5a872ef21..8f5271add 100644
--- a/system/core/CodeIgniter.php
+++ b/system/core/CodeIgniter.php
@@ -188,7 +188,7 @@ defined('BASEPATH') OR exit('No direct script access allowed');
 	if ($EXT->call_hook('cache_override') === FALSE
 		&& $OUT->_display_cache($CFG, $URI) === TRUE)
 	{
-		exit(0);
+		exit(EXIT_SUCCESS);
 	}
 
 /*
diff --git a/system/core/Common.php b/system/core/Common.php
index 3cd97dc2e..479f0da7f 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -177,7 +177,7 @@ if ( ! function_exists('load_class'))
 			// self-referencing loop with the Exceptions class
 			set_status_header(503);
 			echo 'Unable to locate the specified class: '.$class.'.php';
-			exit(2);
+			exit(EXIT_UNK_CLASS);
 		}
 
 		// Keep track of what we just loaded
@@ -251,7 +251,7 @@ if ( ! function_exists('get_config'))
 		{
 			set_status_header(503);
 			echo 'The configuration file does not exist.';
-			exit(1);
+			exit(EXIT_CONFIG);
 		}
 
 		// Does the $config array exist in the file?
@@ -259,7 +259,7 @@ if ( ! function_exists('get_config'))
 		{
 			set_status_header(503);
 			echo 'Your config file does not appear to be formatted correctly.';
-			exit(1);
+			exit(EXIT_CONFIG);
 		}
 
 		// Are any values being dynamically replaced?
@@ -374,12 +374,16 @@ if ( ! function_exists('show_error'))
 		$status_code = abs($status_code);
 		if ($status_code < 100)
 		{
-			$exit_status = $status_code + 28;
+			$exit_status = $status_code + EXIT__AUTO_MIN;
+			if ($exit_status > EXIT__AUTO_MAX)
+			{
+				$exit_status = EXIT_FAILURE;
+			}
 			$status_code = 500;
 		}
 		else
 		{
-			$exit_status = 27;
+			$exit_status = EXIT_FAILURE;
 		}
 		
 		$_error =& load_class('Exceptions', 'core');
@@ -407,7 +411,7 @@ if ( ! function_exists('show_404'))
 	{
 		$_error =& load_class('Exceptions', 'core');
 		$_error->show_404($page, $log_error);
-		exit(4);
+		exit(EXIT_UNK_FILE);
 	}
 }
 
diff --git a/system/core/Exceptions.php b/system/core/Exceptions.php
index f799d6027..423387ff9 100644
--- a/system/core/Exceptions.php
+++ b/system/core/Exceptions.php
@@ -117,7 +117,7 @@ class CI_Exceptions {
 		}
 
 		echo $this->show_error($heading, $message, 'error_404', 404);
-		exit(4);
+		exit(EXIT_UNK_FILE);
 	}
 
 	// --------------------------------------------------------------------
diff --git a/system/core/Input.php b/system/core/Input.php
index 904f4d6e9..8d491e055 100644
--- a/system/core/Input.php
+++ b/system/core/Input.php
@@ -746,7 +746,7 @@ class CI_Input {
 		{
 			set_status_header(503);
 			echo 'Disallowed Key Characters.';
-			exit(6);
+			exit(EXIT_USER_INPUT);
 		}
 
 		// Clean UTF-8 if supported
diff --git a/system/core/Output.php b/system/core/Output.php
index d4abe871d..1025703dc 100644
--- a/system/core/Output.php
+++ b/system/core/Output.php
@@ -696,7 +696,7 @@ class CI_Output {
 		if (isset($_SERVER['HTTP_IF_MODIFIED_SINCE']) && $last_modified <= strtotime($_SERVER['HTTP_IF_MODIFIED_SINCE']))
 		{
 			$this->set_status_header(304);
-			exit(0);
+			exit(EXIT_SUCCESS);
 		}
 		else
 		{
-- 
cgit v1.2.3-24-g4f1b


From a5e0ea8131e16752ab369d776f585b130b526f85 Mon Sep 17 00:00:00 2001
From: vlakoff 
Date: Wed, 27 Feb 2013 18:17:35 +0100
Subject: Fix this use case: load->vars->('foobar', '')

Previously, only the other syntax was working: load->vars->(array('foobar' => ''))
---
 system/core/Loader.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'system/core')

diff --git a/system/core/Loader.php b/system/core/Loader.php
index 6e5b58ba7..d4e63231c 100644
--- a/system/core/Loader.php
+++ b/system/core/Loader.php
@@ -459,7 +459,7 @@ class CI_Loader {
 	 */
 	public function vars($vars = array(), $val = '')
 	{
-		if ($val !== '' && is_string($vars))
+		if (is_string($vars))
 		{
 			$vars = array($vars => $val);
 		}
-- 
cgit v1.2.3-24-g4f1b


From 50dfe0175df02fe4aa243757bdf1b42fb9fc3169 Mon Sep 17 00:00:00 2001
From: Daniel Hunsaker 
Date: Mon, 4 Mar 2013 02:05:20 -0700
Subject: Updated in accordance with feedback from @narfbg

- Removed commented lists of constants from the three reference conventions,
  replacing each with the URLs at which more information can be found.
- Renamed a few constants to more closely reflect CodeIgniter conventions.
- Modified a couple of lines which were in violation of the CI Style Guide.

Signed-off-by: Daniel Hunsaker 
---
 system/core/Common.php     | 23 +++++++++++++----------
 system/core/Exceptions.php |  2 +-
 2 files changed, 14 insertions(+), 11 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Common.php b/system/core/Common.php
index 479f0da7f..e11668d5f 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -177,7 +177,7 @@ if ( ! function_exists('load_class'))
 			// self-referencing loop with the Exceptions class
 			set_status_header(503);
 			echo 'Unable to locate the specified class: '.$class.'.php';
-			exit(EXIT_UNK_CLASS);
+			exit(EXIT_UNKNOWN_CLASS);
 		}
 
 		// Keep track of what we just loaded
@@ -377,13 +377,13 @@ if ( ! function_exists('show_error'))
 			$exit_status = $status_code + EXIT__AUTO_MIN;
 			if ($exit_status > EXIT__AUTO_MAX)
 			{
-				$exit_status = EXIT_FAILURE;
+				$exit_status = EXIT_ERROR;
 			}
 			$status_code = 500;
 		}
 		else
 		{
-			$exit_status = EXIT_FAILURE;
+			$exit_status = EXIT_ERROR;
 		}
 		
 		$_error =& load_class('Exceptions', 'core');
@@ -411,7 +411,7 @@ if ( ! function_exists('show_404'))
 	{
 		$_error =& load_class('Exceptions', 'core');
 		$_error->show_404($page, $log_error);
-		exit(EXIT_UNK_FILE);
+		exit(EXIT_UNKNOWN_FILE);
 	}
 }
 
@@ -531,13 +531,16 @@ if ( ! function_exists('set_status_header'))
 
 		$server_protocol = isset($_SERVER['SERVER_PROTOCOL']) ? $_SERVER['SERVER_PROTOCOL'] : FALSE;
 
-		if (strpos(php_sapi_name(), 'cgi') === 0)
+		if ( ! headers_sent())
 		{
-			if (!headers_sent()) header('Status: '.$code.' '.$text, TRUE);
-		}
-		else
-		{
-			if (!headers_sent()) header(($server_protocol ? $server_protocol : 'HTTP/1.1').' '.$code.' '.$text, TRUE, $code);
+			if (strpos(php_sapi_name(), 'cgi') === 0)
+			{
+				header('Status: '.$code.' '.$text, TRUE);
+			}
+			else
+			{
+				header(($server_protocol ? $server_protocol : 'HTTP/1.1').' '.$code.' '.$text, TRUE, $code);
+			}
 		}
 	}
 }
diff --git a/system/core/Exceptions.php b/system/core/Exceptions.php
index 423387ff9..9c68d06a5 100644
--- a/system/core/Exceptions.php
+++ b/system/core/Exceptions.php
@@ -117,7 +117,7 @@ class CI_Exceptions {
 		}
 
 		echo $this->show_error($heading, $message, 'error_404', 404);
-		exit(EXIT_UNK_FILE);
+		exit(EXIT_UNKNOWN_FILE);
 	}
 
 	// --------------------------------------------------------------------
-- 
cgit v1.2.3-24-g4f1b


From b2ac67a3a766ac18f5041eff7a5cbeef7437a184 Mon Sep 17 00:00:00 2001
From: Daniel Hunsaker 
Date: Mon, 4 Mar 2013 02:31:26 -0700
Subject: Oops, missed a few places where EXIT_SUCCESS was being used.

Signed-off-by: Daniel Hunsaker 
---
 system/core/CodeIgniter.php | 2 +-
 system/core/Output.php      | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

(limited to 'system/core')

diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php
index 8f5271add..7f76977b5 100644
--- a/system/core/CodeIgniter.php
+++ b/system/core/CodeIgniter.php
@@ -188,7 +188,7 @@ defined('BASEPATH') OR exit('No direct script access allowed');
 	if ($EXT->call_hook('cache_override') === FALSE
 		&& $OUT->_display_cache($CFG, $URI) === TRUE)
 	{
-		exit(EXIT_SUCCESS);
+		exit;
 	}
 
 /*
diff --git a/system/core/Output.php b/system/core/Output.php
index 1025703dc..25ecd496c 100644
--- a/system/core/Output.php
+++ b/system/core/Output.php
@@ -696,7 +696,7 @@ class CI_Output {
 		if (isset($_SERVER['HTTP_IF_MODIFIED_SINCE']) && $last_modified <= strtotime($_SERVER['HTTP_IF_MODIFIED_SINCE']))
 		{
 			$this->set_status_header(304);
-			exit(EXIT_SUCCESS);
+			exit;
 		}
 		else
 		{
-- 
cgit v1.2.3-24-g4f1b


From 8626e93d5b4362c86a58933dda9206ac8810476d Mon Sep 17 00:00:00 2001
From: Daniel Hunsaker 
Date: Mon, 4 Mar 2013 05:14:22 -0700
Subject: Reverting changes to functions that have no business being used in
 CLI apps to begin with

Signed-off-by: Daniel Hunsaker 
---
 system/core/Common.php | 15 ++++++---------
 1 file changed, 6 insertions(+), 9 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Common.php b/system/core/Common.php
index e11668d5f..9baf5e315 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -531,16 +531,13 @@ if ( ! function_exists('set_status_header'))
 
 		$server_protocol = isset($_SERVER['SERVER_PROTOCOL']) ? $_SERVER['SERVER_PROTOCOL'] : FALSE;
 
-		if ( ! headers_sent())
+		if (strpos(php_sapi_name(), 'cgi') === 0)
 		{
-			if (strpos(php_sapi_name(), 'cgi') === 0)
-			{
-				header('Status: '.$code.' '.$text, TRUE);
-			}
-			else
-			{
-				header(($server_protocol ? $server_protocol : 'HTTP/1.1').' '.$code.' '.$text, TRUE, $code);
-			}
+			header('Status: '.$code.' '.$text, TRUE);
+		}
+		else
+		{
+			header(($server_protocol ? $server_protocol : 'HTTP/1.1').' '.$code.' '.$text, TRUE, $code);
 		}
 	}
 }
-- 
cgit v1.2.3-24-g4f1b


From 5a6814e2c832186e61d15e2032c4ad41932c4f49 Mon Sep 17 00:00:00 2001
From: Andrey Andreev 
Date: Mon, 4 Mar 2013 15:44:12 +0200
Subject: Fix #2301

---
 system/core/Common.php | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Common.php b/system/core/Common.php
index 9baf5e315..10c22375e 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -1,4 +1,3 @@
-
 show_error($heading, $message, 'error_general', $status_code);
 		exit($exit_status);
-- 
cgit v1.2.3-24-g4f1b


From 7b90325ceb8aa6fdb4680afe959927fc000bf548 Mon Sep 17 00:00:00 2001
From: bayssmekanique 
Date: Tue, 12 Mar 2013 13:25:24 -0700
Subject: Output Class Minify Function Change

Added 2 additional MIME types to match against for JavaScript detection.
---
 system/core/Output.php | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'system/core')

diff --git a/system/core/Output.php b/system/core/Output.php
index 25ecd496c..3320ae154 100644
--- a/system/core/Output.php
+++ b/system/core/Output.php
@@ -793,6 +793,8 @@ class CI_Output {
 
 			case 'text/css':
 			case 'text/javascript':
+			case 'application/javascript':
+			case 'application/x-javascript':
 
 				$output = $this->_minify_script_style($output);
 
-- 
cgit v1.2.3-24-g4f1b


From a7447d205296eeead94617f4b66707e336547b51 Mon Sep 17 00:00:00 2001
From: nisheeth-barthwal 
Date: Thu, 21 Mar 2013 15:48:10 +0530
Subject: Added array notation for keys in Input library

---
 system/core/Input.php | 74 ++++++++++++++++++++++++++++++++++++++++-----------
 1 file changed, 58 insertions(+), 16 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Input.php b/system/core/Input.php
index 8d491e055..ffe7b4d27 100644
--- a/system/core/Input.php
+++ b/system/core/Input.php
@@ -149,21 +149,59 @@ class CI_Input {
 	 * @param	array	&$array		$_GET, $_POST, $_COOKIE, $_SERVER, etc.
 	 * @param	string	$index		Index for item to be fetched from $array
 	 * @param	bool	$xss_clean	Whether to apply XSS filtering
+	 * @param	bool	$recurse	Whether to recurse into arrays via nested keys
 	 * @return	mixed
 	 */
-	protected function _fetch_from_array(&$array, $index = '', $xss_clean = FALSE)
+	protected function _fetch_from_array(&$array, $index = '', $xss_clean = FALSE, $recurse = FALSE)
 	{
-		if ( ! isset($array[$index]))
+		$value = NULL;
+
+		if (isset($array[$index]))
 		{
-			return NULL;
+			$value = $array[$index];
+		}
+		else if($recurse)
+		{
+			// We couldn't find the $field as a simple key, so try the nested notation
+			$key = $index;
+			$container = $array;
+			
+			// Test if the $index is an array name, and try to obtain the final index
+			if (preg_match_all('/\[(.*?)\]/', $index, $matches))
+			{
+				sscanf($index, '%[^[][', $key);
+				for ($i = 0, $c = count($matches[0]); $i < $c; $i++)
+				{
+					if($matches[1][$i] === '')			// The array notation will return the value as array
+					{
+						break;
+					}
+					if (isset($container[$key]))
+					{
+						$container = $container[$key];
+						$key = $matches[1][$i];
+					}
+					else
+					{
+						$container = array();
+						break;
+					}
+				}
+
+				// Check if the deepest container has the field
+				if(isset($container[$key]))
+				{
+					$value = $container[$key];
+				}
+			}
 		}
 
 		if ($xss_clean === TRUE)
 		{
-			return $this->security->xss_clean($array[$index]);
+			return $this->security->xss_clean($value);
 		}
 
-		return $array[$index];
+		return $value;
 	}
 
 	// --------------------------------------------------------------------
@@ -173,9 +211,10 @@ class CI_Input {
 	 *
 	 * @param	string	$index		Index for item to be fetched from $_GET
 	 * @param	bool	$xss_clean	Whether to apply XSS filtering
+	 * @param	bool	$recurse	Whether to recurse into arrays via nested keys
 	 * @return	mixed
 	 */
-	public function get($index = NULL, $xss_clean = FALSE)
+	public function get($index = NULL, $xss_clean = FALSE, $recurse = FALSE)
 	{
 		// Check if a field has been provided
 		if ($index === NULL)
@@ -190,12 +229,12 @@ class CI_Input {
 			// loop through the full _GET array
 			foreach (array_keys($_GET) as $key)
 			{
-				$get[$key] = $this->_fetch_from_array($_GET, $key, $xss_clean);
+				$get[$key] = $this->_fetch_from_array($_GET, $key, $xss_clean, $recurse);
 			}
 			return $get;
 		}
 
-		return $this->_fetch_from_array($_GET, $index, $xss_clean);
+		return $this->_fetch_from_array($_GET, $index, $xss_clean, $recurse);
 	}
 
 	// --------------------------------------------------------------------
@@ -205,9 +244,10 @@ class CI_Input {
 	 *
 	 * @param	string	$index		Index for item to be fetched from $_POST
 	 * @param	bool	$xss_clean	Whether to apply XSS filtering
+	 * @param	bool	$recurse	Whether to recurse into arrays via nested keys
 	 * @return	mixed
 	 */
-	public function post($index = NULL, $xss_clean = FALSE)
+	public function post($index = NULL, $xss_clean = FALSE, $recurse = FALSE)
 	{
 		// Check if a field has been provided
 		if ($index === NULL)
@@ -222,12 +262,12 @@ class CI_Input {
 			// Loop through the full _POST array and return it
 			foreach (array_keys($_POST) as $key)
 			{
-				$post[$key] = $this->_fetch_from_array($_POST, $key, $xss_clean);
+				$post[$key] = $this->_fetch_from_array($_POST, $key, $xss_clean, $recurse);
 			}
 			return $post;
 		}
 
-		return $this->_fetch_from_array($_POST, $index, $xss_clean);
+		return $this->_fetch_from_array($_POST, $index, $xss_clean, $recurse);
 	}
 
 	// --------------------------------------------------------------------
@@ -237,13 +277,14 @@ class CI_Input {
 	 *
 	 * @param	string	$index		Index for item to be fetched from $_POST or $_GET
 	 * @param	bool	$xss_clean	Whether to apply XSS filtering
+	 * @param	bool	$recurse	Whether to recurse into arrays via nested keys
 	 * @return	mixed
 	 */
-	public function get_post($index = '', $xss_clean = FALSE)
+	public function get_post($index = '', $xss_clean = FALSE, $recurse = FALSE)
 	{
 		return isset($_POST[$index])
-			? $this->post($index, $xss_clean)
-			: $this->get($index, $xss_clean);
+			? $this->post($index, $xss_clean, $recurse)
+			: $this->get($index, $xss_clean, $recurse);
 	}
 
 	// --------------------------------------------------------------------
@@ -253,11 +294,12 @@ class CI_Input {
 	 *
 	 * @param	string	$index		Index for item to be fetched from $_COOKIE
 	 * @param	bool	$xss_clean	Whether to apply XSS filtering
+	 * @param	bool	$recurse	Whether to recurse into arrays via nested keys
 	 * @return	mixed
 	 */
-	public function cookie($index = '', $xss_clean = FALSE)
+	public function cookie($index = '', $xss_clean = FALSE, $recurse = FALSE)
 	{
-		return $this->_fetch_from_array($_COOKIE, $index, $xss_clean);
+		return $this->_fetch_from_array($_COOKIE, $index, $xss_clean, $recurse);
 	}
 
 	// --------------------------------------------------------------------
-- 
cgit v1.2.3-24-g4f1b


From a5bcfb1d291d42521b0dc420b1b501c36710277d Mon Sep 17 00:00:00 2001
From: nisheeth-barthwal 
Date: Sat, 23 Mar 2013 10:53:51 +0530
Subject: Removed $recurse parameter in lieu of auto parsing. Changed
 "provision" entry.

---
 system/core/Input.php | 32 +++++++++++++-------------------
 1 file changed, 13 insertions(+), 19 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Input.php b/system/core/Input.php
index ffe7b4d27..7424a003a 100644
--- a/system/core/Input.php
+++ b/system/core/Input.php
@@ -149,10 +149,9 @@ class CI_Input {
 	 * @param	array	&$array		$_GET, $_POST, $_COOKIE, $_SERVER, etc.
 	 * @param	string	$index		Index for item to be fetched from $array
 	 * @param	bool	$xss_clean	Whether to apply XSS filtering
-	 * @param	bool	$recurse	Whether to recurse into arrays via nested keys
 	 * @return	mixed
 	 */
-	protected function _fetch_from_array(&$array, $index = '', $xss_clean = FALSE, $recurse = FALSE)
+	protected function _fetch_from_array(&$array, $index = '', $xss_clean = FALSE)
 	{
 		$value = NULL;
 
@@ -160,9 +159,8 @@ class CI_Input {
 		{
 			$value = $array[$index];
 		}
-		else if($recurse)
+		else if(preg_match('/\[[^]]*\]$/', $index))		// Does the index contain array notation
 		{
-			// We couldn't find the $field as a simple key, so try the nested notation
 			$key = $index;
 			$container = $array;
 			
@@ -211,10 +209,9 @@ class CI_Input {
 	 *
 	 * @param	string	$index		Index for item to be fetched from $_GET
 	 * @param	bool	$xss_clean	Whether to apply XSS filtering
-	 * @param	bool	$recurse	Whether to recurse into arrays via nested keys
 	 * @return	mixed
 	 */
-	public function get($index = NULL, $xss_clean = FALSE, $recurse = FALSE)
+	public function get($index = NULL, $xss_clean = FALSE)
 	{
 		// Check if a field has been provided
 		if ($index === NULL)
@@ -229,12 +226,12 @@ class CI_Input {
 			// loop through the full _GET array
 			foreach (array_keys($_GET) as $key)
 			{
-				$get[$key] = $this->_fetch_from_array($_GET, $key, $xss_clean, $recurse);
+				$get[$key] = $this->_fetch_from_array($_GET, $key, $xss_clean);
 			}
 			return $get;
 		}
 
-		return $this->_fetch_from_array($_GET, $index, $xss_clean, $recurse);
+		return $this->_fetch_from_array($_GET, $index, $xss_clean);
 	}
 
 	// --------------------------------------------------------------------
@@ -244,10 +241,9 @@ class CI_Input {
 	 *
 	 * @param	string	$index		Index for item to be fetched from $_POST
 	 * @param	bool	$xss_clean	Whether to apply XSS filtering
-	 * @param	bool	$recurse	Whether to recurse into arrays via nested keys
 	 * @return	mixed
 	 */
-	public function post($index = NULL, $xss_clean = FALSE, $recurse = FALSE)
+	public function post($index = NULL, $xss_clean = FALSE)
 	{
 		// Check if a field has been provided
 		if ($index === NULL)
@@ -262,12 +258,12 @@ class CI_Input {
 			// Loop through the full _POST array and return it
 			foreach (array_keys($_POST) as $key)
 			{
-				$post[$key] = $this->_fetch_from_array($_POST, $key, $xss_clean, $recurse);
+				$post[$key] = $this->_fetch_from_array($_POST, $key, $xss_clean);
 			}
 			return $post;
 		}
 
-		return $this->_fetch_from_array($_POST, $index, $xss_clean, $recurse);
+		return $this->_fetch_from_array($_POST, $index, $xss_clean);
 	}
 
 	// --------------------------------------------------------------------
@@ -277,14 +273,13 @@ class CI_Input {
 	 *
 	 * @param	string	$index		Index for item to be fetched from $_POST or $_GET
 	 * @param	bool	$xss_clean	Whether to apply XSS filtering
-	 * @param	bool	$recurse	Whether to recurse into arrays via nested keys
 	 * @return	mixed
 	 */
-	public function get_post($index = '', $xss_clean = FALSE, $recurse = FALSE)
+	public function get_post($index = '', $xss_clean = FALSE)
 	{
 		return isset($_POST[$index])
-			? $this->post($index, $xss_clean, $recurse)
-			: $this->get($index, $xss_clean, $recurse);
+			? $this->post($index, $xss_clean)
+			: $this->get($index, $xss_clean);
 	}
 
 	// --------------------------------------------------------------------
@@ -294,12 +289,11 @@ class CI_Input {
 	 *
 	 * @param	string	$index		Index for item to be fetched from $_COOKIE
 	 * @param	bool	$xss_clean	Whether to apply XSS filtering
-	 * @param	bool	$recurse	Whether to recurse into arrays via nested keys
 	 * @return	mixed
 	 */
-	public function cookie($index = '', $xss_clean = FALSE, $recurse = FALSE)
+	public function cookie($index = '', $xss_clean = FALSE)
 	{
-		return $this->_fetch_from_array($_COOKIE, $index, $xss_clean, $recurse);
+		return $this->_fetch_from_array($_COOKIE, $index, $xss_clean);
 	}
 
 	// --------------------------------------------------------------------
-- 
cgit v1.2.3-24-g4f1b


From 7b1a2f1f40d940dde34e47b36808a84e0353af56 Mon Sep 17 00:00:00 2001
From: nisheeth-barthwal 
Date: Mon, 25 Mar 2013 11:29:53 +0530
Subject: Changed "else if" to "elseif"

---
 system/core/Input.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'system/core')

diff --git a/system/core/Input.php b/system/core/Input.php
index 7424a003a..6ee132005 100644
--- a/system/core/Input.php
+++ b/system/core/Input.php
@@ -159,7 +159,7 @@ class CI_Input {
 		{
 			$value = $array[$index];
 		}
-		else if(preg_match('/\[[^]]*\]$/', $index))		// Does the index contain array notation
+		elseif(preg_match('/\[[^]]*\]$/', $index))		// Does the index contain array notation
 		{
 			$key = $index;
 			$container = $array;
-- 
cgit v1.2.3-24-g4f1b


From 77236e055234cbbc9f6ca6be472c70077a1f5856 Mon Sep 17 00:00:00 2001
From: nisheeth-barthwal 
Date: Mon, 25 Mar 2013 23:42:36 +0530
Subject: Simplified notation parsing and other cosmetic fixes

---
 system/core/Input.php | 47 ++++++++++++++++-------------------------------
 1 file changed, 16 insertions(+), 31 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Input.php b/system/core/Input.php
index 6ee132005..d707fe25c 100644
--- a/system/core/Input.php
+++ b/system/core/Input.php
@@ -153,53 +153,38 @@ class CI_Input {
 	 */
 	protected function _fetch_from_array(&$array, $index = '', $xss_clean = FALSE)
 	{
-		$value = NULL;
-
 		if (isset($array[$index]))
 		{
 			$value = $array[$index];
 		}
-		elseif(preg_match('/\[[^]]*\]$/', $index))		// Does the index contain array notation
+		elseif (($count = preg_match_all('/(?:^[^\[]+)|\[[^]]*\]/', $index, $matches)) > 1)		// Does the index contain array notation
 		{
-			$key = $index;
 			$container = $array;
-			
-			// Test if the $index is an array name, and try to obtain the final index
-			if (preg_match_all('/\[(.*?)\]/', $index, $matches))
+			for ($i = 0; $i < $count; $i++)
 			{
-				sscanf($index, '%[^[][', $key);
-				for ($i = 0, $c = count($matches[0]); $i < $c; $i++)
+				$key = trim($matches[0][$i], '[]');
+				if($key === '')			// The array notation will return the value as array
 				{
-					if($matches[1][$i] === '')			// The array notation will return the value as array
-					{
-						break;
-					}
-					if (isset($container[$key]))
-					{
-						$container = $container[$key];
-						$key = $matches[1][$i];
-					}
-					else
-					{
-						$container = array();
-						break;
-					}
+					break;
 				}
-
-				// Check if the deepest container has the field
-				if(isset($container[$key]))
+				if (isset($container[$key]))
+				{
+					$value = $container = $container[$key];
+				}
+				else
 				{
-					$value = $container[$key];
+					return NULL;
 				}
 			}
 		}
-
-		if ($xss_clean === TRUE)
+		else
 		{
-			return $this->security->xss_clean($value);
+			return NULL;
 		}
 
-		return $value;
+		return ($xss_clean === TRUE)
+			? $this->security->xss_clean($value)
+			: $value;
 	}
 
 	// --------------------------------------------------------------------
-- 
cgit v1.2.3-24-g4f1b


From 47ea5a8b99e17e9513be57d0af92f9e2637569b2 Mon Sep 17 00:00:00 2001
From: nisheeth-barthwal 
Date: Tue, 26 Mar 2013 18:57:28 +0530
Subject: Code fixes in line with suggestions

---
 system/core/Input.php | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Input.php b/system/core/Input.php
index d707fe25c..1e21886ff 100644
--- a/system/core/Input.php
+++ b/system/core/Input.php
@@ -157,19 +157,20 @@ class CI_Input {
 		{
 			$value = $array[$index];
 		}
-		elseif (($count = preg_match_all('/(?:^[^\[]+)|\[[^]]*\]/', $index, $matches)) > 1)		// Does the index contain array notation
+		elseif (($count = preg_match_all('/(?:^[^\[]+)|\[[^]]*\]/', $index, $matches)) > 1) // Does the index contain array notation
 		{
-			$container = $array;
+			$value = $array;
 			for ($i = 0; $i < $count; $i++)
 			{
 				$key = trim($matches[0][$i], '[]');
-				if($key === '')			// The array notation will return the value as array
+				if($key === '') // Empty notation will return the value as array
 				{
 					break;
 				}
-				if (isset($container[$key]))
+
+				if (isset($value[$key]))
 				{
-					$value = $container = $container[$key];
+					$value = $value[$key];
 				}
 				else
 				{
-- 
cgit v1.2.3-24-g4f1b


From 408cbb4f3582ac64bb534a6539370992071d5950 Mon Sep 17 00:00:00 2001
From: nisheeth-barthwal 
Date: Tue, 26 Mar 2013 19:06:40 +0530
Subject: Code style fix

---
 system/core/Input.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'system/core')

diff --git a/system/core/Input.php b/system/core/Input.php
index 1e21886ff..6690b7f2e 100644
--- a/system/core/Input.php
+++ b/system/core/Input.php
@@ -163,7 +163,7 @@ class CI_Input {
 			for ($i = 0; $i < $count; $i++)
 			{
 				$key = trim($matches[0][$i], '[]');
-				if($key === '') // Empty notation will return the value as array
+				if ($key === '') // Empty notation will return the value as array
 				{
 					break;
 				}
-- 
cgit v1.2.3-24-g4f1b


From 52301c76a9aa202927cade48e7528606d352db54 Mon Sep 17 00:00:00 2001
From: vlakoff 
Date: Fri, 29 Mar 2013 14:23:34 +0100
Subject: Documentation: fix some outdated paths

---
 system/core/Common.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'system/core')

diff --git a/system/core/Common.php b/system/core/Common.php
index 10c22375e..efa7a9380 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -359,7 +359,7 @@ if ( ! function_exists('show_error'))
 	 *
 	 * This function lets us invoke the exception class and
 	 * display errors using the standard error template located
-	 * in application/errors/errors.php
+	 * in application/views/errors/error_general.php
 	 * This function will send the error page directly to the
 	 * browser and exit.
 	 *
-- 
cgit v1.2.3-24-g4f1b


From 0612756dd37a3472259a19814e1a9bb403ab6e11 Mon Sep 17 00:00:00 2001
From: vlakoff 
Date: Sat, 30 Mar 2013 00:06:39 +0100
Subject: Some cleanup related to mt_rand()

- min and max values are 0 and mt_getrandmax() by default
- remove useless mt_srand() seed calls
---
 system/core/Common.php   | 2 +-
 system/core/Security.php | 3 +--
 2 files changed, 2 insertions(+), 3 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Common.php b/system/core/Common.php
index efa7a9380..b4f0c388e 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -92,7 +92,7 @@ if ( ! function_exists('is_really_writable'))
 		 */
 		if (is_dir($file))
 		{
-			$file = rtrim($file, '/').'/'.md5(mt_rand(1,100).mt_rand(1,100));
+			$file = rtrim($file, '/').'/'.md5(mt_rand());
 			if (($fp = @fopen($file, FOPEN_WRITE_CREATE)) === FALSE)
 			{
 				return FALSE;
diff --git a/system/core/Security.php b/system/core/Security.php
index 7aae54efc..196d61144 100644
--- a/system/core/Security.php
+++ b/system/core/Security.php
@@ -488,8 +488,7 @@ class CI_Security {
 	{
 		if ($this->_xss_hash === '')
 		{
-			mt_srand();
-			$this->_xss_hash = md5(time() + mt_rand(0, 1999999999));
+			$this->_xss_hash = md5(uniqid(mt_rand()));
 		}
 
 		return $this->_xss_hash;
-- 
cgit v1.2.3-24-g4f1b


From 0e4237f8fb01320fb7cc87b1fb93a552630505d6 Mon Sep 17 00:00:00 2001
From: Andrey Andreev 
Date: Thu, 4 Apr 2013 16:53:21 +0300
Subject: Fix #2380 and deprecate CI_Router::fetch_*() methods

---
 system/core/CodeIgniter.php |  8 ++++----
 system/core/Router.php      | 17 ++++++++++-------
 2 files changed, 14 insertions(+), 11 deletions(-)

(limited to 'system/core')

diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php
index 7f76977b5..3fe5c0648 100644
--- a/system/core/CodeIgniter.php
+++ b/system/core/CodeIgniter.php
@@ -241,12 +241,12 @@ defined('BASEPATH') OR exit('No direct script access allowed');
 	// Load the local application controller
 	// Note: The Router class automatically validates the controller path using the router->_validate_request().
 	// If this include fails it means that the default controller in the Routes.php file is not resolving to something valid.
-	if ( ! file_exists(APPPATH.'controllers/'.$RTR->fetch_directory().$RTR->fetch_class().'.php'))
+	if ( ! file_exists(APPPATH.'controllers/'.$RTR->directory.$RTR->class.'.php'))
 	{
 		show_error('Unable to load your default controller. Please make sure the controller specified in your Routes.php file is valid.');
 	}
 
-	include(APPPATH.'controllers/'.$RTR->fetch_directory().$RTR->fetch_class().'.php');
+	include(APPPATH.'controllers/'.$RTR->directory.$RTR->class.'.php');
 
 	// Set a mark point for benchmarking
 	$BM->mark('loading_time:_base_classes_end');
@@ -260,8 +260,8 @@ defined('BASEPATH') OR exit('No direct script access allowed');
  *  loader class can be called via the URI, nor can
  *  controller functions that begin with an underscore.
  */
-	$class  = $RTR->fetch_class();
-	$method = $RTR->fetch_method();
+	$class	= $RTR->class;
+	$method	= $RTR->method;
 
 	if ( ! class_exists($class, FALSE) OR $method[0] === '_' OR method_exists('CI_Controller', $method))
 	{
diff --git a/system/core/Router.php b/system/core/Router.php
index bb0ce16bd..c86ab9c20 100644
--- a/system/core/Router.php
+++ b/system/core/Router.php
@@ -119,16 +119,16 @@ class CI_Router {
 			if (isset($_GET[$this->config->item('directory_trigger')]) && is_string($_GET[$this->config->item('directory_trigger')]))
 			{
 				$this->set_directory(trim($this->uri->_filter_uri($_GET[$this->config->item('directory_trigger')])));
-				$segments[] = $this->fetch_directory();
+				$segments[] = $this->directory;
 			}
 
 			$this->set_class(trim($this->uri->_filter_uri($_GET[$this->config->item('controller_trigger')])));
-			$segments[] = $this->fetch_class();
+			$segments[] = $this->class;
 
 			if ( ! empty($_GET[$this->config->item('function_trigger')]) && is_string($_GET[$this->config->item('function_trigger')]))
 			{
 				$this->set_method(trim($this->uri->_filter_uri($_GET[$this->config->item('function_trigger')])));
-				$segments[] = $this->fetch_method();
+				$segments[] = $this->method;
 			}
 		}
 
@@ -270,7 +270,7 @@ class CI_Router {
 				empty($segments[1]) OR $segments[1] = str_replace('-', '_', $segments[1]);
 
 				// Does the requested controller exist in the sub-folder?
-				if ( ! file_exists(APPPATH.'controllers/'.$this->fetch_directory().$segments[0].'.php'))
+				if ( ! file_exists(APPPATH.'controllers/'.$this->directory.$segments[0].'.php'))
 				{
 					if ( ! empty($this->routes['404_override']))
 					{
@@ -279,7 +279,7 @@ class CI_Router {
 					}
 					else
 					{
-						show_404($this->fetch_directory().$segments[0]);
+						show_404($this->directory.$segments[0]);
 					}
 				}
 			}
@@ -287,7 +287,7 @@ class CI_Router {
 			{
 				// Is the method being specified in the route?
 				$segments = explode('/', $this->default_controller);
-				if ( ! file_exists(APPPATH.'controllers/'.$this->fetch_directory().$segments[0].'.php'))
+				if ( ! file_exists(APPPATH.'controllers/'.$this->directory.$segments[0].'.php'))
 				{
 					$this->directory = '';
 				}
@@ -413,6 +413,7 @@ class CI_Router {
 	/**
 	 * Fetch the current class
 	 *
+	 * @deprecated	3.0.0	Read the 'class' property instead
 	 * @return	string
 	 */
 	public function fetch_class()
@@ -438,11 +439,12 @@ class CI_Router {
 	/**
 	 * Fetch the current method
 	 *
+	 * @deprecated	3.0.0	Read the 'method' property instead
 	 * @return	string
 	 */
 	public function fetch_method()
 	{
-		return ($this->method === $this->fetch_class()) ? 'index' : $this->method;
+		return $this->method;
 	}
 
 	// --------------------------------------------------------------------
@@ -466,6 +468,7 @@ class CI_Router {
 	 * Feches the sub-directory (if any) that contains the requested
 	 * controller class.
 	 *
+	 * @deprecated	3.0.0	Read the 'directory' property instead
 	 * @return	string
 	 */
 	public function fetch_directory()
-- 
cgit v1.2.3-24-g4f1b


From ccdd4290aca2ddb3c64ca3db57e1da5c34537a6a Mon Sep 17 00:00:00 2001
From: Andrey Andreev 
Date: Fri, 5 Apr 2013 14:28:04 +0300
Subject: Fix #2387

---
 system/core/Output.php | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Output.php b/system/core/Output.php
index 3320ae154..8f4690052 100644
--- a/system/core/Output.php
+++ b/system/core/Output.php
@@ -841,9 +841,8 @@ class CI_Output {
 			$output = substr_replace($output, '', 0, $pos);
 
 			// Remove closing tag and save it for later
-			$end_pos = strlen($output);
 			$pos = strpos($output, '= 0; $i--)
+		{
+		        $output = substr_replace(
+		                $output,
+		                preg_replace('/\s*(:|;|,|}|{|\(|\))\s*/i', '$1', $chunks[$i][0]),
+		                $chunks[$i][1],
+		                strlen($chunks[$i][0])
+		        );
+		}
 
 		// Replace tabs with spaces
 		// Replace carriage returns & multiple new lines with single new line
-- 
cgit v1.2.3-24-g4f1b


From 8e038d50e8c94d610bfdedf01318462b7ddd8670 Mon Sep 17 00:00:00 2001
From: Andrey Andreev 
Date: Fri, 5 Apr 2013 19:31:04 +0300
Subject: [ci skip] Replace spaces with tabs

---
 system/core/Output.php | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Output.php b/system/core/Output.php
index 8f4690052..06d7a866b 100644
--- a/system/core/Output.php
+++ b/system/core/Output.php
@@ -854,12 +854,12 @@ class CI_Output {
 		$chunks = preg_split('/([\'|"]).+(?![^\\\]\\1)\\1/iU', $output, -1, PREG_SPLIT_OFFSET_CAPTURE);
 		for ($i = count($chunks) - 1; $i >= 0; $i--)
 		{
-		        $output = substr_replace(
-		                $output,
-		                preg_replace('/\s*(:|;|,|}|{|\(|\))\s*/i', '$1', $chunks[$i][0]),
-		                $chunks[$i][1],
-		                strlen($chunks[$i][0])
-		        );
+			$output = substr_replace(
+				$output,
+				preg_replace('/\s*(:|;|,|}|{|\(|\))\s*/i', '$1', $chunks[$i][0]),
+				$chunks[$i][1],
+				strlen($chunks[$i][0])
+			);
 		}
 
 		// Replace tabs with spaces
-- 
cgit v1.2.3-24-g4f1b


From 5eb1cbfa673bfa4b8a66ab8a56389a279c1f975b Mon Sep 17 00:00:00 2001
From: Andrey Andreev 
Date: Mon, 8 Apr 2013 01:20:31 +0300
Subject: Replace another fetch_directory() use

---
 system/core/URI.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'system/core')

diff --git a/system/core/URI.php b/system/core/URI.php
index b2286f032..bc086d223 100644
--- a/system/core/URI.php
+++ b/system/core/URI.php
@@ -720,7 +720,7 @@ class CI_URI {
 	{
 		global $RTR;
 
-		if (($dir = $RTR->fetch_directory()) === '/')
+		if (($dir = $RTR->directory) === '/')
 		{
 			$dir = '';
 		}
-- 
cgit v1.2.3-24-g4f1b


From 1d3752c109547919f15b321beb2d5375fc2db150 Mon Sep 17 00:00:00 2001
From: Daniel 
Date: Sun, 14 Apr 2013 16:41:57 -0400
Subject: Fix for extending classes in a subdirectory (e.g. drivers)

---
 system/core/Loader.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'system/core')

diff --git a/system/core/Loader.php b/system/core/Loader.php
index d4e63231c..8f76f9a6b 100644
--- a/system/core/Loader.php
+++ b/system/core/Loader.php
@@ -955,7 +955,7 @@ class CI_Loader {
 		// Is this a class extension request?
 		if (file_exists($subclass))
 		{
-			$baseclass = BASEPATH.'libraries/'.$class.'.php';
+			$baseclass = BASEPATH.'libraries/'.$subdir.$class.'.php';
 
 			if ( ! file_exists($baseclass))
 			{
-- 
cgit v1.2.3-24-g4f1b


From 826990fc88208103142385f1a448bb4771213155 Mon Sep 17 00:00:00 2001
From: CJ 
Date: Tue, 16 Apr 2013 14:17:53 +0800
Subject: apache_request_headers need not go through recapitalization of
 incoming headers and should be pass through as is. This is a follow up on
 #2107 (c82b57b) by @danhunsaker;

---
 system/core/Input.php | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Input.php b/system/core/Input.php
index 6690b7f2e..31bd7008b 100644
--- a/system/core/Input.php
+++ b/system/core/Input.php
@@ -793,7 +793,7 @@ class CI_Input {
 		// In Apache, you can simply call apache_request_headers()
 		if (function_exists('apache_request_headers'))
 		{
-			$headers = apache_request_headers();
+			$this->headers = apache_request_headers();
 		}
 		else
 		{
@@ -806,15 +806,15 @@ class CI_Input {
 					$headers[$header] = $this->_fetch_from_array($_SERVER, $key, $xss_clean);
 				}
 			}
-		}
 
-		// take SOME_HEADER and turn it into Some-Header
-		foreach ($headers as $key => $val)
-		{
-			$key = str_replace(array('_', '-'), ' ', strtolower($key));
-			$key = str_replace(' ', '-', ucwords($key));
+			// take SOME_HEADER and turn it into Some-Header
+			foreach ($headers as $key => $val)
+			{
+				$key = str_replace('_', ' ', strtolower($key));
+				$key = str_replace(' ', '-', ucwords($key));
 
-			$this->headers[$key] = $val;
+				$this->headers[$key] = $val;
+			}
 		}
 
 		return $this->headers;
-- 
cgit v1.2.3-24-g4f1b


From 71cff1da396ba0c56644c04fdd2729db6766c557 Mon Sep 17 00:00:00 2001
From: CJ 
Date: Tue, 16 Apr 2013 21:50:55 +0800
Subject: #2409: Updated based on feedback by @narfbg;

---
 system/core/Input.php | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Input.php b/system/core/Input.php
index 31bd7008b..7a6b6e4e0 100644
--- a/system/core/Input.php
+++ b/system/core/Input.php
@@ -790,10 +790,16 @@ class CI_Input {
 	 */
 	public function request_headers($xss_clean = FALSE)
 	{
+		// If header is already defined, return it immediately
+		if ( ! empty($this->headers))
+		{
+			return $this->headers;
+		}
+
 		// In Apache, you can simply call apache_request_headers()
 		if (function_exists('apache_request_headers'))
 		{
-			$this->headers = apache_request_headers();
+			return $this->headers = apache_request_headers();
 		}
 		else
 		{
@@ -810,7 +816,7 @@ class CI_Input {
 			// take SOME_HEADER and turn it into Some-Header
 			foreach ($headers as $key => $val)
 			{
-				$key = str_replace('_', ' ', strtolower($key));
+				$key = str_replace(array('_', '-'), ' ', strtolower($key));
 				$key = str_replace(' ', '-', ucwords($key));
 
 				$this->headers[$key] = $val;
-- 
cgit v1.2.3-24-g4f1b


From d08e18cafb31af586002e4de39f12cf8e048383b Mon Sep 17 00:00:00 2001
From: CJ 
Date: Wed, 17 Apr 2013 00:55:48 +0800
Subject: See #2409: Remove double replacing of dashes and instead change
 `Content-Type` to `CONTENT_TYPE`

---
 system/core/Input.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Input.php b/system/core/Input.php
index 7a6b6e4e0..a0c5552f6 100644
--- a/system/core/Input.php
+++ b/system/core/Input.php
@@ -803,7 +803,7 @@ class CI_Input {
 		}
 		else
 		{
-			$headers['Content-Type'] = isset($_SERVER['CONTENT_TYPE']) ? $_SERVER['CONTENT_TYPE'] : @getenv('CONTENT_TYPE');
+			$headers['CONTENT_TYPE'] = isset($_SERVER['CONTENT_TYPE']) ? $_SERVER['CONTENT_TYPE'] : @getenv('CONTENT_TYPE');
 
 			foreach ($_SERVER as $key => $val)
 			{
@@ -816,7 +816,7 @@ class CI_Input {
 			// take SOME_HEADER and turn it into Some-Header
 			foreach ($headers as $key => $val)
 			{
-				$key = str_replace(array('_', '-'), ' ', strtolower($key));
+				$key = str_replace('_', ' ', strtolower($key));
 				$key = str_replace(' ', '-', ucwords($key));
 
 				$this->headers[$key] = $val;
-- 
cgit v1.2.3-24-g4f1b


From d195f224db31644eaaef4b4cb4713d9af5f57ead Mon Sep 17 00:00:00 2001
From: CJ 
Date: Wed, 17 Apr 2013 01:04:13 +0800
Subject: See #2409: Reformating and code cleanup for request_headers;

---
 system/core/Input.php | 23 ++++++++---------------
 1 file changed, 8 insertions(+), 15 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Input.php b/system/core/Input.php
index a0c5552f6..6b7d5bd43 100644
--- a/system/core/Input.php
+++ b/system/core/Input.php
@@ -801,25 +801,18 @@ class CI_Input {
 		{
 			return $this->headers = apache_request_headers();
 		}
-		else
-		{
-			$headers['CONTENT_TYPE'] = isset($_SERVER['CONTENT_TYPE']) ? $_SERVER['CONTENT_TYPE'] : @getenv('CONTENT_TYPE');
 
-			foreach ($_SERVER as $key => $val)
-			{
-				if (sscanf($key, 'HTTP_%s', $header) === 1)
-				{
-					$headers[$header] = $this->_fetch_from_array($_SERVER, $key, $xss_clean);
-				}
-			}
+		$this->headers['CONTENT_TYPE'] = isset($_SERVER['CONTENT_TYPE']) ? $_SERVER['CONTENT_TYPE'] : @getenv('CONTENT_TYPE');
 
-			// take SOME_HEADER and turn it into Some-Header
-			foreach ($headers as $key => $val)
+		foreach ($_SERVER as $key => $val)
+		{
+			if (sscanf($key, 'HTTP_%s', $header) === 1)
 			{
-				$key = str_replace('_', ' ', strtolower($key));
-				$key = str_replace(' ', '-', ucwords($key));
+				// take SOME_HEADER and turn it into Some-Header
+				$header = str_replace('_', ' ', strtolower($header));
+				$header = str_replace(' ', '-', ucwords($header));
 
-				$this->headers[$key] = $val;
+				$this->headers[$header] = $this->_fetch_from_array($_SERVER, $key, $xss_clean);
 			}
 		}
 
-- 
cgit v1.2.3-24-g4f1b


From c5c522a069cc504509955890aacd55b97979043b Mon Sep 17 00:00:00 2001
From: CJ 
Date: Wed, 17 Apr 2013 11:59:22 +0800
Subject: #2409: Force Content Type to go through camelization;

---
 system/core/Input.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'system/core')

diff --git a/system/core/Input.php b/system/core/Input.php
index 6b7d5bd43..ff0bbe060 100644
--- a/system/core/Input.php
+++ b/system/core/Input.php
@@ -802,7 +802,7 @@ class CI_Input {
 			return $this->headers = apache_request_headers();
 		}
 
-		$this->headers['CONTENT_TYPE'] = isset($_SERVER['CONTENT_TYPE']) ? $_SERVER['CONTENT_TYPE'] : @getenv('CONTENT_TYPE');
+		$_SERVER['HTTP_CONTENT_TYPE'] = isset($_SERVER['CONTENT_TYPE']) ? $_SERVER['CONTENT_TYPE'] : @getenv('CONTENT_TYPE');
 
 		foreach ($_SERVER as $key => $val)
 		{
-- 
cgit v1.2.3-24-g4f1b


From 8347f9161a1ba080be62b22eb546cceea8f8a8e9 Mon Sep 17 00:00:00 2001
From: CJ 
Date: Wed, 17 Apr 2013 21:45:22 +0800
Subject: See #2409: Avoid overwriting global $_SERVER and set Content-Type to
 protected property;

---
 system/core/Input.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'system/core')

diff --git a/system/core/Input.php b/system/core/Input.php
index ff0bbe060..0ef81128e 100644
--- a/system/core/Input.php
+++ b/system/core/Input.php
@@ -802,7 +802,7 @@ class CI_Input {
 			return $this->headers = apache_request_headers();
 		}
 
-		$_SERVER['HTTP_CONTENT_TYPE'] = isset($_SERVER['CONTENT_TYPE']) ? $_SERVER['CONTENT_TYPE'] : @getenv('CONTENT_TYPE');
+		$this->headers['Content-Type'] = isset($_SERVER['CONTENT_TYPE']) ? $_SERVER['CONTENT_TYPE'] : @getenv('CONTENT_TYPE');
 
 		foreach ($_SERVER as $key => $val)
 		{
-- 
cgit v1.2.3-24-g4f1b


From d0c30ab416b0f6bc7fdc9ea70f6fd5e07ac13884 Mon Sep 17 00:00:00 2001
From: vlakoff 
Date: Tue, 7 May 2013 07:49:23 +0200
Subject: Logging functions: level parameter is not optional

This parameter cannot be optional, as the following parameter is mandatory.

Also completed the corresponding documentation.
---
 system/core/Common.php | 8 ++++----
 system/core/Log.php    | 4 ++--
 2 files changed, 6 insertions(+), 6 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Common.php b/system/core/Common.php
index b4f0c388e..cad340f33 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -424,12 +424,12 @@ if ( ! function_exists('log_message'))
 	 * We use this as a simple mechanism to access the logging
 	 * class and send messages to be logged.
 	 *
-	 * @param	string
-	 * @param	string
-	 * @param	bool
+	 * @param	string	the error level: 'error', 'debug' or 'info'
+	 * @param	string	the error message
+	 * @param	bool	whether the error is a native PHP error
 	 * @return	void
 	 */
-	function log_message($level = 'error', $message, $php_error = FALSE)
+	function log_message($level, $message, $php_error = FALSE)
 	{
 		static $_log, $_log_threshold;
 
diff --git a/system/core/Log.php b/system/core/Log.php
index a84d3dc22..e4d72b544 100644
--- a/system/core/Log.php
+++ b/system/core/Log.php
@@ -138,12 +138,12 @@ class CI_Log {
 	 *
 	 * Generally this function will be called using the global log_message() function
 	 *
-	 * @param	string	the error level
+	 * @param	string	the error level: 'error', 'debug' or 'info'
 	 * @param	string	the error message
 	 * @param	bool	whether the error is a native PHP error
 	 * @return	bool
 	 */
-	public function write_log($level = 'error', $msg, $php_error = FALSE)
+	public function write_log($level, $msg, $php_error = FALSE)
 	{
 		if ($this->_enabled === FALSE)
 		{
-- 
cgit v1.2.3-24-g4f1b


From cdc6113987565975ed7ed83945e500bc00936d48 Mon Sep 17 00:00:00 2001
From: vlakoff 
Date: Fri, 10 May 2013 16:47:47 +0200
Subject: Fix a docblock in Loader class

---
 system/core/Loader.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'system/core')

diff --git a/system/core/Loader.php b/system/core/Loader.php
index d4e63231c..0a5cf5b84 100644
--- a/system/core/Loader.php
+++ b/system/core/Loader.php
@@ -713,7 +713,7 @@ class CI_Loader {
 	 *
 	 * Return a list of all package paths.
 	 *
-	 * @param	bool	$include_base	Whether to include BASEPATH (default: TRUE)
+	 * @param	bool	$include_base	Whether to include BASEPATH (default: FALSE)
 	 * @return	array
 	 */
 	public function get_package_paths($include_base = FALSE)
-- 
cgit v1.2.3-24-g4f1b


From fadb82230ba29b4c8a1e5f97092f7d775491f340 Mon Sep 17 00:00:00 2001
From: vlakoff 
Date: Sun, 12 May 2013 10:57:09 +0200
Subject: Do not trigger a possible custom autoloader, as it is irrelevant here

These were the last two calls of class_exists() without the $autoloader = FALSE argument.
---
 system/core/Loader.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'system/core')

diff --git a/system/core/Loader.php b/system/core/Loader.php
index d4e63231c..6f90aec8b 100644
--- a/system/core/Loader.php
+++ b/system/core/Loader.php
@@ -658,7 +658,7 @@ class CI_Loader {
 			return FALSE;
 		}
 
-		if ( ! class_exists('CI_Driver_Library'))
+		if ( ! class_exists('CI_Driver_Library', FALSE))
 		{
 			// We aren't instantiating an object here, just making the base class available
 			require BASEPATH.'libraries/Driver.php';
-- 
cgit v1.2.3-24-g4f1b


From 1074bbf1851499e98912349c386701657c7f2cdd Mon Sep 17 00:00:00 2001
From: "Richard Deurwaarder (Xeli)" 
Date: Wed, 19 Jun 2013 10:57:27 +0200
Subject: Add support for https behind a reverse proxy using X-Forwarded-Proto

---
 system/core/Common.php | 16 ++++++++++++----
 1 file changed, 12 insertions(+), 4 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Common.php b/system/core/Common.php
index cad340f33..7bf11dae5 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -345,9 +345,17 @@ if ( ! function_exists('is_https'))
 	 * @return	bool
 	 */
 	function is_https()
-	{
-		return (isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) === 'on');
-	}
+    {
+        if(isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) === 'on'){
+            return True;
+        }elseif (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https'){
+            return True;
+        }elseif (isset($_SERVER['HTTP_FRONT_END_HTTPS']) && $_SERVER['HTTP_FRONT_END_HTTPS'] == 'on'){
+            return True;
+        }else{
+            return False
+        }
+    }
 }
 
 // ------------------------------------------------------------------------
@@ -731,4 +739,4 @@ if ( ! function_exists('function_usable'))
 }
 
 /* End of file Common.php */
-/* Location: ./system/core/Common.php */
\ No newline at end of file
+/* Location: ./system/core/Common.php */
-- 
cgit v1.2.3-24-g4f1b


From 983b3139d4d834caed06a2341f0cd0beaa09114a Mon Sep 17 00:00:00 2001
From: "Richard Deurwaarder (Xeli)" 
Date: Wed, 19 Jun 2013 13:49:08 +0200
Subject: Change True -> TRUE per codeigniter guidelines

---
 system/core/Common.php | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Common.php b/system/core/Common.php
index 7bf11dae5..467691cbf 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -347,13 +347,13 @@ if ( ! function_exists('is_https'))
 	function is_https()
     {
         if(isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) === 'on'){
-            return True;
+            return TRUE;
         }elseif (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https'){
-            return True;
+            return TRUE;
         }elseif (isset($_SERVER['HTTP_FRONT_END_HTTPS']) && $_SERVER['HTTP_FRONT_END_HTTPS'] == 'on'){
-            return True;
+            return TRUE;
         }else{
-            return False
+            return FALSE;
         }
     }
 }
-- 
cgit v1.2.3-24-g4f1b


From 7cd4055f460f0c191e29d0e2952023d5f6400d30 Mon Sep 17 00:00:00 2001
From: "Richard Deurwaarder (Xeli)" 
Date: Mon, 24 Jun 2013 13:48:34 +0200
Subject: Use codeigniter coding style

---
 system/core/Common.php | 16 +++++++++++-----
 1 file changed, 11 insertions(+), 5 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Common.php b/system/core/Common.php
index 467691cbf..db611e39a 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -346,13 +346,20 @@ if ( ! function_exists('is_https'))
 	 */
 	function is_https()
     {
-        if(isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) === 'on'){
+        if(isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) === 'on')
+        {
             return TRUE;
-        }elseif (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https'){
+        }
+        elseif (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https')
+        {
             return TRUE;
-        }elseif (isset($_SERVER['HTTP_FRONT_END_HTTPS']) && $_SERVER['HTTP_FRONT_END_HTTPS'] == 'on'){
+        }
+        elseif (isset($_SERVER['HTTP_FRONT_END_HTTPS']) && $_SERVER['HTTP_FRONT_END_HTTPS'] == 'on')
+        {
             return TRUE;
-        }else{
+        }
+        else
+        {
             return FALSE;
         }
     }
@@ -737,6 +744,5 @@ if ( ! function_exists('function_usable'))
 		return FALSE;
 	}
 }
-
 /* End of file Common.php */
 /* Location: ./system/core/Common.php */
-- 
cgit v1.2.3-24-g4f1b


From 668d0093a08a4be58f0bcfcf1414d94a924256b8 Mon Sep 17 00:00:00 2001
From: "Richard Deurwaarder (Xeli)" 
Date: Mon, 24 Jun 2013 13:50:52 +0200
Subject: remove newline in system/core/Common.php

---
 system/core/Common.php | 1 +
 1 file changed, 1 insertion(+)

(limited to 'system/core')

diff --git a/system/core/Common.php b/system/core/Common.php
index db611e39a..11ff4bae9 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -744,5 +744,6 @@ if ( ! function_exists('function_usable'))
 		return FALSE;
 	}
 }
+
 /* End of file Common.php */
 /* Location: ./system/core/Common.php */
-- 
cgit v1.2.3-24-g4f1b


From 7061bd014b6b7dbf89bf42e940aa134228f044ce Mon Sep 17 00:00:00 2001
From: "Richard Deurwaarder (Xeli)" 
Date: Mon, 24 Jun 2013 14:07:21 +0200
Subject: remove newline at eof in syste/core/Common

---
 system/core/Common.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'system/core')

diff --git a/system/core/Common.php b/system/core/Common.php
index 11ff4bae9..081b63cce 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -746,4 +746,4 @@ if ( ! function_exists('function_usable'))
 }
 
 /* End of file Common.php */
-/* Location: ./system/core/Common.php */
+/* Location: ./system/core/Common.php */
\ No newline at end of file
-- 
cgit v1.2.3-24-g4f1b


From 4760aeff226175cc4267dd8fb8963a03031b78d2 Mon Sep 17 00:00:00 2001
From: "Richard Deurwaarder (Xeli)" 
Date: Mon, 24 Jun 2013 14:50:35 +0200
Subject: Revert "remove newline at eof in syste/core/Common"

This reverts commit 7061bd014b6b7dbf89bf42e940aa134228f044ce.
---
 system/core/Common.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'system/core')

diff --git a/system/core/Common.php b/system/core/Common.php
index 081b63cce..11ff4bae9 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -746,4 +746,4 @@ if ( ! function_exists('function_usable'))
 }
 
 /* End of file Common.php */
-/* Location: ./system/core/Common.php */
\ No newline at end of file
+/* Location: ./system/core/Common.php */
-- 
cgit v1.2.3-24-g4f1b


From 23dc052fb2149725c15e0e51e64e34642b89defd Mon Sep 17 00:00:00 2001
From: "Richard Deurwaarder (Xeli)" 
Date: Mon, 24 Jun 2013 14:52:47 +0200
Subject: fix indentation according to codeigniter codestyle system/core/Common

---
 system/core/Common.php | 36 ++++++++++++++++++------------------
 1 file changed, 18 insertions(+), 18 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Common.php b/system/core/Common.php
index 11ff4bae9..bd187dcda 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -345,24 +345,24 @@ if ( ! function_exists('is_https'))
 	 * @return	bool
 	 */
 	function is_https()
-    {
-        if(isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) === 'on')
-        {
-            return TRUE;
-        }
-        elseif (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https')
-        {
-            return TRUE;
-        }
-        elseif (isset($_SERVER['HTTP_FRONT_END_HTTPS']) && $_SERVER['HTTP_FRONT_END_HTTPS'] == 'on')
-        {
-            return TRUE;
-        }
-        else
-        {
-            return FALSE;
-        }
-    }
+	{
+		if(isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) === 'on')
+		{
+			return TRUE;
+		}
+		elseif (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https')
+		{
+			return TRUE;
+		}
+		elseif (isset($_SERVER['HTTP_FRONT_END_HTTPS']) && $_SERVER['HTTP_FRONT_END_HTTPS'] == 'on')
+		{
+			return TRUE;
+		}
+		else
+		{
+			return FALSE;
+		}
+	}
 }
 
 // ------------------------------------------------------------------------
-- 
cgit v1.2.3-24-g4f1b


From 4055d577822130006e058f6505d022aac444f855 Mon Sep 17 00:00:00 2001
From: "Richard Deurwaarder (Xeli)" 
Date: Mon, 24 Jun 2013 14:59:20 +0200
Subject: remove newline again in system/core/Common.php, silly editor keeps
 adding it

---
 system/core/Common.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'system/core')

diff --git a/system/core/Common.php b/system/core/Common.php
index bd187dcda..851d4f34e 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -746,4 +746,4 @@ if ( ! function_exists('function_usable'))
 }
 
 /* End of file Common.php */
-/* Location: ./system/core/Common.php */
+/* Location: ./system/core/Common.php */
\ No newline at end of file
-- 
cgit v1.2.3-24-g4f1b


From 7cc29451bb685d05b4faeb79762b1b291cb44b8b Mon Sep 17 00:00:00 2001
From: "Richard Deurwaarder (Xeli)" 
Date: Mon, 24 Jun 2013 15:06:19 +0200
Subject: remove else clause in is_https function, just add return FALSE as
 fallback

---
 system/core/Common.php | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Common.php b/system/core/Common.php
index 851d4f34e..f3a1b5055 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -358,10 +358,7 @@ if ( ! function_exists('is_https'))
 		{
 			return TRUE;
 		}
-		else
-		{
-			return FALSE;
-		}
+		return FALSE;
 	}
 }
 
-- 
cgit v1.2.3-24-g4f1b


From 98999976f6025d7ffcb04f8aa448518651fb0d89 Mon Sep 17 00:00:00 2001
From: "Richard Deurwaarder (Xeli)" 
Date: Mon, 24 Jun 2013 15:19:30 +0200
Subject: some more readablility tweaks in system/core/Common

---
 system/core/Common.php | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Common.php b/system/core/Common.php
index f3a1b5055..cb087cb22 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -346,7 +346,7 @@ if ( ! function_exists('is_https'))
 	 */
 	function is_https()
 	{
-		if(isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) === 'on')
+		if (isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) === 'on')
 		{
 			return TRUE;
 		}
@@ -354,10 +354,11 @@ if ( ! function_exists('is_https'))
 		{
 			return TRUE;
 		}
-		elseif (isset($_SERVER['HTTP_FRONT_END_HTTPS']) && $_SERVER['HTTP_FRONT_END_HTTPS'] == 'on')
+		elseif (isset($_SERVER['HTTP_FRONT_END_HTTPS']) && $_SERVER['HTTP_FRONT_END_HTTPS'] === 'on')
 		{
 			return TRUE;
 		}
+
 		return FALSE;
 	}
 }
-- 
cgit v1.2.3-24-g4f1b


From 333b80e256edecaefef764969bb9dc2a00a3fbb3 Mon Sep 17 00:00:00 2001
From: Andrey Andreev 
Date: Mon, 1 Jul 2013 16:21:54 +0300
Subject: Issue #2508

---
 system/core/Common.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Common.php b/system/core/Common.php
index cb087cb22..93cd0a0ae 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -346,7 +346,7 @@ if ( ! function_exists('is_https'))
 	 */
 	function is_https()
 	{
-		if (isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) === 'on')
+		if ( ! empty($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) !== 'off')
 		{
 			return TRUE;
 		}
@@ -354,7 +354,7 @@ if ( ! function_exists('is_https'))
 		{
 			return TRUE;
 		}
-		elseif (isset($_SERVER['HTTP_FRONT_END_HTTPS']) && $_SERVER['HTTP_FRONT_END_HTTPS'] === 'on')
+		elseif ( ! empty($_SERVER['HTTP_FRONT_END_HTTPS']) && strtolower($_SERVER['HTTP_FRONT_END_HTTPS']) !== 'off')
 		{
 			return TRUE;
 		}
-- 
cgit v1.2.3-24-g4f1b


From 7eb116a33937ec32bb30208561a27b8f0c26f496 Mon Sep 17 00:00:00 2001
From: Jesse van Assen 
Date: Sat, 6 Jul 2013 10:42:14 +0200
Subject: The script is halted and a '500 Internal Server Error' is issued when
 a fatal error occurs.

Signed-off-by: Jesse van Assen 
---
 system/core/Common.php | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

(limited to 'system/core')

diff --git a/system/core/Common.php b/system/core/Common.php
index 93cd0a0ae..7553f4ae6 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -577,6 +577,19 @@ if ( ! function_exists('_exception_handler'))
 	 */
 	function _exception_handler($severity, $message, $filepath, $line)
 	{
+		$is_error = ((E_ERROR | E_COMPILE_ERROR | E_CORE_ERROR | E_USER_ERROR) & $severity) === $severity;
+
+		// When an error occurred, set the status header to '500 Internal Server Error'
+		// to indicate to the client something went wrong.
+		// This can't be done within the $_error->show_php_error method because
+		// it is only called when the display_errors flag is set (which isn't usually
+		// the case in a production environment) or when errors are ignored because
+		// they are above the error_reporting threshold.
+		if ($is_error)
+		{
+			set_status_header(500);
+		}
+
 		$_error =& load_class('Exceptions', 'core');
 
 		// Should we ignore the error? We'll get the current error_reporting
@@ -593,6 +606,14 @@ if ( ! function_exists('_exception_handler'))
 		}
 
 		$_error->log_exception($severity, $message, $filepath, $line);
+
+		// If the error is fatal, the execution of the script should be stopped because
+		// errors can't be recovered from. Halting the script conforms with PHP's
+		// default error handling. See http://www.php.net/manual/en/errorfunc.constants.php
+		if ($is_error)
+		{
+			exit();
+		}
 	}
 }
 
-- 
cgit v1.2.3-24-g4f1b


From af431ce8e9f7759e938b6535bde68ade3cd1caa8 Mon Sep 17 00:00:00 2001
From: vlakoff 
Date: Fri, 19 Jul 2013 02:06:41 +0200
Subject: Fix config_item() returning stale values

Use case fixed:

    config_item('foobar'); // returns "some value"
    $CI->config->set_item('foobar', 'new value');
    config_item('foobar'); // still returns "some value", expected "new value"
---
 system/core/Common.php | 15 +++++----------
 1 file changed, 5 insertions(+), 10 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Common.php b/system/core/Common.php
index 93cd0a0ae..b95a05db9 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -289,20 +289,15 @@ if ( ! function_exists('config_item'))
 	 */
 	function config_item($item)
 	{
-		static $_config_item = array();
+		static $_config;
 
-		if ( ! isset($_config_item[$item]))
+		if (empty($_config))
 		{
-			$config =& get_config();
-
-			if ( ! isset($config[$item]))
-			{
-				return FALSE;
-			}
-			$_config_item[$item] = $config[$item];
+			// references cannot be directly assigned to static variables, so we use an array
+			$_config[0] =& get_config();
 		}
 
-		return $_config_item[$item];
+		return isset($_config[0][$item]) ? $_config[0][$item] : FALSE;
 	}
 }
 
-- 
cgit v1.2.3-24-g4f1b


From 08fec7bdf846daa3dfa4114310f065294ac092fc Mon Sep 17 00:00:00 2001
From: Andrey Andreev 
Date: Fri, 19 Jul 2013 16:25:51 +0300
Subject: Router improvements

- Make dashes-to-underscores URI segment replacement configurable via ['translate_uri_dashes'].
- Make _set_routing() protected and move the call to the class constructor.
- Remove redudant calls to set_class() and set_method().
- Clean-up/optimize the routes loading procedure.

(fixes issue #2503)
---
 system/core/CodeIgniter.php |  1 -
 system/core/Router.php      | 56 ++++++++++++++++++++++++++++++---------------
 2 files changed, 38 insertions(+), 19 deletions(-)

(limited to 'system/core')

diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php
index 3fe5c0648..c68266408 100644
--- a/system/core/CodeIgniter.php
+++ b/system/core/CodeIgniter.php
@@ -165,7 +165,6 @@ defined('BASEPATH') OR exit('No direct script access allowed');
  * ------------------------------------------------------
  */
 	$RTR =& load_class('Router', 'core');
-	$RTR->_set_routing();
 
 	// Set any routing overrides that may exist in the main index file
 	if (isset($routing))
diff --git a/system/core/Router.php b/system/core/Router.php
index c86ab9c20..cc3916f86 100644
--- a/system/core/Router.php
+++ b/system/core/Router.php
@@ -81,6 +81,18 @@ class CI_Router {
 	 */
 	public $default_controller;
 
+	/**
+	 * Translate URI dashes
+	 *
+	 * Determines whether dashes in controller & method segments
+	 * should be automatically replaced by underscores.
+	 *
+	 * @var	bool
+	 */
+	public $translate_uri_dashes = FALSE;
+
+	// --------------------------------------------------------------------
+
 	/**
 	 * Class constructor
 	 *
@@ -92,6 +104,7 @@ class CI_Router {
 	{
 		$this->config =& load_class('Config', 'core');
 		$this->uri =& load_class('URI', 'core');
+		$this->_set_routing();
 		log_message('debug', 'Router Class Initialized');
 	}
 
@@ -105,7 +118,7 @@ class CI_Router {
 	 *
 	 * @return	void
 	 */
-	public function _set_routing()
+	protected function _set_routing()
 	{
 		// Are query strings enabled in the config file? Normally CI doesn't utilize query strings
 		// since URI segments are more search-engine friendly, but they can optionally be used.
@@ -143,12 +156,14 @@ class CI_Router {
 			include(APPPATH.'config/'.ENVIRONMENT.'/routes.php');
 		}
 
-		$this->routes = (empty($route) OR ! is_array($route)) ? array() : $route;
-		unset($route);
-
-		// Set the default controller so we can display it in the event
-		// the URI doesn't correlated to a valid controller.
-		$this->default_controller = empty($this->routes['default_controller']) ? FALSE : $this->routes['default_controller'];
+		// Validate & get reserved routes
+		if (isset($route) && is_array($route))
+		{
+			isset($route['default_controller']) && $this->default_controller = $route['default_controller'];
+			isset($route['translate_uri_dashes']) && $this->translate_uri_dashes = $route['translate_uri_dashes'];
+			unset($route['default_controller'], $route['translate_uri_dashes']);
+			$this->routes = $route;
+		}
 
 		// Were there any query string segments? If so, we'll validate them and bail out since we're done.
 		if (count($segments) > 0)
@@ -191,8 +206,6 @@ class CI_Router {
 			$method = 'index';
 		}
 
-		$this->set_class($class);
-		$this->set_method($method);
 		$this->_set_request(array($class, $method));
 
 		// re-index the routed segments array so it starts with 1 rather than 0
@@ -221,8 +234,16 @@ class CI_Router {
 			return $this->_set_default_controller();
 		}
 
-		$this->set_class($segments[0]);
+		if ($this->translate_uri_dashes === TRUE)
+		{
+			$segments[0] = str_replace('-', '_', $segments[0]);
+			if (isset($segments[1]))
+			{
+				$segments[1] = str_replace('-', '_', $segments[1]);
+			}
+		}
 
+		$this->set_class($segments[0]);
 		isset($segments[1]) OR $segments[1] = 'index';
 		$this->set_method($segments[1]);
 
@@ -249,13 +270,12 @@ class CI_Router {
 			return $segments;
 		}
 
-		$temp = str_replace('-', '_', $segments[0]);
+		$test = ($this->translate_uri_dashes === TRUE)
+			? str_replace('-', '_', $segments[0]) : $segments[0];
 
 		// Does the requested controller exist in the root folder?
-		if (file_exists(APPPATH.'controllers/'.$temp.'.php'))
+		if (file_exists(APPPATH.'controllers/'.$test.'.php'))
 		{
-			$segments[0] = $temp;
-			empty($segments[1]) OR $segments[1] = str_replace('-', '_', $segments[1]);
 			return $segments;
 		}
 
@@ -266,11 +286,11 @@ class CI_Router {
 			$this->set_directory(array_shift($segments));
 			if (count($segments) > 0)
 			{
-				$segments[0] = str_replace('-', '_', $segments[0]);
-				empty($segments[1]) OR $segments[1] = str_replace('-', '_', $segments[1]);
+				$test = ($this->translate_uri_dashes === TRUE)
+					? str_replace('-', '_', $segments[0]) : $segments[0];
 
-				// Does the requested controller exist in the sub-folder?
-				if ( ! file_exists(APPPATH.'controllers/'.$this->directory.$segments[0].'.php'))
+				// Does the requested controller exist in the sub-directory?
+				if ( ! file_exists(APPPATH.'controllers/'.$this->directory.$test.'.php'))
 				{
 					if ( ! empty($this->routes['404_override']))
 					{
-- 
cgit v1.2.3-24-g4f1b


From 20292311636837e120d205e470e41826820feb46 Mon Sep 17 00:00:00 2001
From: Andrey Andreev 
Date: Mon, 22 Jul 2013 14:29:10 +0300
Subject: Change class filenames to Ucfirst

---
 system/core/CodeIgniter.php | 12 ++++++++----
 system/core/Loader.php      | 31 +++++++++++++++----------------
 system/core/Router.php      |  8 +++-----
 3 files changed, 26 insertions(+), 25 deletions(-)

(limited to 'system/core')

diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php
index c68266408..a026920a4 100644
--- a/system/core/CodeIgniter.php
+++ b/system/core/CodeIgniter.php
@@ -240,12 +240,13 @@ defined('BASEPATH') OR exit('No direct script access allowed');
 	// Load the local application controller
 	// Note: The Router class automatically validates the controller path using the router->_validate_request().
 	// If this include fails it means that the default controller in the Routes.php file is not resolving to something valid.
-	if ( ! file_exists(APPPATH.'controllers/'.$RTR->directory.$RTR->class.'.php'))
+	$class = ucfirst($RTR->class);
+	if ( ! file_exists(APPPATH.'controllers/'.$RTR->directory.$class.'.php'))
 	{
 		show_error('Unable to load your default controller. Please make sure the controller specified in your Routes.php file is valid.');
 	}
 
-	include(APPPATH.'controllers/'.$RTR->directory.$RTR->class.'.php');
+	include(APPPATH.'controllers/'.$RTR->directory.$class.'.php');
 
 	// Set a mark point for benchmarking
 	$BM->mark('loading_time:_base_classes_end');
@@ -257,9 +258,8 @@ defined('BASEPATH') OR exit('No direct script access allowed');
  *
  *  None of the methods in the app controller or the
  *  loader class can be called via the URI, nor can
- *  controller functions that begin with an underscore.
+ *  controller methods that begin with an underscore.
  */
-	$class	= $RTR->class;
 	$method	= $RTR->method;
 
 	if ( ! class_exists($class, FALSE) OR $method[0] === '_' OR method_exists('CI_Controller', $method))
@@ -271,6 +271,8 @@ defined('BASEPATH') OR exit('No direct script access allowed');
 				$method = 'index';
 			}
 
+			$class = ucfirst($class);
+
 			if ( ! class_exists($class, FALSE))
 			{
 				if ( ! file_exists(APPPATH.'controllers/'.$class.'.php'))
@@ -309,6 +311,8 @@ defined('BASEPATH') OR exit('No direct script access allowed');
 				$method = 'index';
 			}
 
+			$class = ucfirst($class);
+
 			if ( ! class_exists($class, FALSE))
 			{
 				if ( ! file_exists(APPPATH.'controllers/'.$class.'.php'))
diff --git a/system/core/Loader.php b/system/core/Loader.php
index 70a6b6fa6..535c9e4db 100644
--- a/system/core/Loader.php
+++ b/system/core/Loader.php
@@ -261,33 +261,32 @@ class CI_Loader {
 			show_error('The model name you are loading is the name of a resource that is already being used: '.$name);
 		}
 
-		$model = strtolower($model);
-
-		foreach ($this->_ci_model_paths as $mod_path)
+		if ($db_conn !== FALSE && ! class_exists('CI_DB', FALSE))
 		{
-			if ( ! file_exists($mod_path.'models/'.$path.$model.'.php'))
+			if ($db_conn === TRUE)
 			{
-				continue;
+				$db_conn = '';
 			}
 
-			if ($db_conn !== FALSE && ! class_exists('CI_DB', FALSE))
-			{
-				if ($db_conn === TRUE)
-				{
-					$db_conn = '';
-				}
+			$CI->load->database($db_conn, FALSE, TRUE);
+		}
 
-				$CI->load->database($db_conn, FALSE, TRUE);
-			}
+		if ( ! class_exists('CI_Model', FALSE))
+		{
+			load_class('Model', 'core');
+		}
+
+		$model = ucfirst(strtolower($model));
 
-			if ( ! class_exists('CI_Model', FALSE))
+		foreach ($this->_ci_model_paths as $mod_path)
+		{
+			if ( ! file_exists($mod_path.'models/'.$path.$model.'.php'))
 			{
-				load_class('Model', 'core');
+				continue;
 			}
 
 			require_once($mod_path.'models/'.$path.$model.'.php');
 
-			$model = ucfirst($model);
 			$CI->$name = new $model();
 			$this->_ci_models[] = $name;
 			return;
diff --git a/system/core/Router.php b/system/core/Router.php
index cc3916f86..989ae542e 100644
--- a/system/core/Router.php
+++ b/system/core/Router.php
@@ -270,8 +270,7 @@ class CI_Router {
 			return $segments;
 		}
 
-		$test = ($this->translate_uri_dashes === TRUE)
-			? str_replace('-', '_', $segments[0]) : $segments[0];
+		$test = ucfirst($this->translate_uri_dashes === TRUE ? str_replace('-', '_', $segments[0]) : $segments[0]);
 
 		// Does the requested controller exist in the root folder?
 		if (file_exists(APPPATH.'controllers/'.$test.'.php'))
@@ -286,8 +285,7 @@ class CI_Router {
 			$this->set_directory(array_shift($segments));
 			if (count($segments) > 0)
 			{
-				$test = ($this->translate_uri_dashes === TRUE)
-					? str_replace('-', '_', $segments[0]) : $segments[0];
+				$test = ucfirst($this->translate_uri_dashes === TRUE ? str_replace('-', '_', $segments[0]) : $segments[0]);
 
 				// Does the requested controller exist in the sub-directory?
 				if ( ! file_exists(APPPATH.'controllers/'.$this->directory.$test.'.php'))
@@ -307,7 +305,7 @@ class CI_Router {
 			{
 				// Is the method being specified in the route?
 				$segments = explode('/', $this->default_controller);
-				if ( ! file_exists(APPPATH.'controllers/'.$this->directory.$segments[0].'.php'))
+				if ( ! file_exists(APPPATH.'controllers/'.$this->directory.ucfirst($segments[0]).'.php'))
 				{
 					$this->directory = '';
 				}
-- 
cgit v1.2.3-24-g4f1b


From 9ab70a89b3ba7ee26faaae47410259e74391b593 Mon Sep 17 00:00:00 2001
From: Andrey Andreev 
Date: Tue, 23 Jul 2013 00:09:26 +0300
Subject: Give Drivers a higher priority in the autoloader

---
 system/core/Loader.php | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Loader.php b/system/core/Loader.php
index 535c9e4db..4d0cd09a2 100644
--- a/system/core/Loader.php
+++ b/system/core/Loader.php
@@ -1197,6 +1197,15 @@ class CI_Loader {
 			}
 		}
 
+		// Autoload drivers
+		if (isset($autoload['drivers']))
+		{
+			foreach ($autoload['drivers'] as $item)
+			{
+				$this->driver($item);
+			}
+		}
+
 		// Load libraries
 		if (isset($autoload['libraries']) && count($autoload['libraries']) > 0)
 		{
@@ -1214,15 +1223,6 @@ class CI_Loader {
 			}
 		}
 
-		// Autoload drivers
-		if (isset($autoload['drivers']))
-		{
-			foreach ($autoload['drivers'] as $item)
-			{
-				$this->driver($item);
-			}
-		}
-
 		// Autoload models
 		if (isset($autoload['model']))
 		{
-- 
cgit v1.2.3-24-g4f1b


From 519f87a07bd1fe3a9ec037f727628bb6c7c8e251 Mon Sep 17 00:00:00 2001
From: Andrey Andreev 
Date: Tue, 23 Jul 2013 17:16:10 +0300
Subject: Loader changes & optimizations related to issue #2551

---
 system/core/Loader.php | 63 +++++++++++++++++++++++++-------------------------
 1 file changed, 31 insertions(+), 32 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Loader.php b/system/core/Loader.php
index 4d0cd09a2..1709c2db1 100644
--- a/system/core/Loader.php
+++ b/system/core/Loader.php
@@ -75,13 +75,6 @@ class CI_Loader {
 	 */
 	protected $_ci_helper_paths =	array(APPPATH, BASEPATH);
 
-	/**
-	 * List of loaded base classes
-	 *
-	 * @var	array
-	 */
-	protected $_base_classes =	array(); // Set by the controller class
-
 	/**
 	 * List of cached variables
 	 *
@@ -120,6 +113,8 @@ class CI_Loader {
 		'user_agent' => 'agent'
 	);
 
+	// --------------------------------------------------------------------
+
 	/**
 	 * Class constructor
 	 *
@@ -129,7 +124,8 @@ class CI_Loader {
 	 */
 	public function __construct()
 	{
-		$this->_ci_ob_level  = ob_get_level();
+		$this->_ci_ob_level = ob_get_level();
+		$this->_ci_classes =& is_loaded();
 
 		log_message('debug', 'Loader Class Initialized');
 	}
@@ -147,7 +143,6 @@ class CI_Loader {
 	 */
 	public function initialize()
 	{
-		$this->_base_classes =& is_loaded();
 		$this->_ci_autoloader();
 	}
 
@@ -165,7 +160,7 @@ class CI_Loader {
 	 */
 	public function is_loaded($class)
 	{
-		return isset($this->_ci_classes[$class]) ? $this->_ci_classes[$class] : FALSE;
+		return array_search(ucfirst($class), $this->_ci_classes, TRUE);
 	}
 
 	// --------------------------------------------------------------------
@@ -183,7 +178,11 @@ class CI_Loader {
 	 */
 	public function library($library = '', $params = NULL, $object_name = NULL)
 	{
-		if (is_array($library))
+		if (empty($library))
+		{
+			return;
+		}
+		elseif (is_array($library))
 		{
 			foreach ($library as $class)
 			{
@@ -193,11 +192,6 @@ class CI_Loader {
 			return;
 		}
 
-		if ($library === '' OR isset($this->_base_classes[$library]))
-		{
-			return;
-		}
-
 		if ($params !== NULL && ! is_array($params))
 		{
 			$params = NULL;
@@ -1117,30 +1111,35 @@ class CI_Loader {
 
 		// Set the variable name we will assign the class to
 		// Was a custom class name supplied? If so we'll use it
-		$class = strtolower($class);
-
-		if ($object_name === NULL)
+		if (empty($object_name))
 		{
-			$classvar = isset($this->_ci_varmap[$class]) ? $this->_ci_varmap[$class] : $class;
+			$object_name = strtolower($class);
+			if (isset($this->_ci_varmap[$object_name]))
+			{
+				$object_name = $this->_ci_varmap[$object_name];
+			}
 		}
-		else
+
+		// Don't overwrite existing properties
+		$CI =& get_instance();
+		if (isset($CI->$object_name))
 		{
-			$classvar = $object_name;
+			if ($CI->$object_name instanceof $name)
+			{
+				log_message('debug', $class." has already been instantiated as '".$object_name."'. Second attempt aborted.");
+				return;
+			}
+
+			show_error("Resource '".$object_name."' already exists and is not a ".$class." instance.");
 		}
 
 		// Save the class name and object name
-		$this->_ci_classes[$class] = $classvar;
+		$this->_ci_classes[$object_name] = $class;
 
 		// Instantiate the class
-		$CI =& get_instance();
-		if ($config !== NULL)
-		{
-			$CI->$classvar = new $name($config);
-		}
-		else
-		{
-			$CI->$classvar = new $name();
-		}
+		$CI->$object_name = isset($config)
+			? new $name($config)
+			: new $name();
 	}
 
 	// --------------------------------------------------------------------
-- 
cgit v1.2.3-24-g4f1b


From 184cf1b5a719f4559767a221520d5ba96d1e4d8b Mon Sep 17 00:00:00 2001
From: vlakoff 
Date: Wed, 24 Jul 2013 03:43:39 +0200
Subject: config->item() now returns NULL instead of FALSE when the required
 item doesn't exist.

Uniformization with other functions. This also brings the ability to properly use booleans in configuration.
---
 system/core/Config.php | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Config.php b/system/core/Config.php
index 7e64444bc..14ade7248 100644
--- a/system/core/Config.php
+++ b/system/core/Config.php
@@ -184,16 +184,16 @@ class CI_Config {
 	 *
 	 * @param	string	$item	Config item name
 	 * @param	string	$index	Index name
-	 * @return	string|bool	The configuration item or FALSE on failure
+	 * @return	string|null	The configuration item or NULL on failure
 	 */
 	public function item($item, $index = '')
 	{
 		if ($index == '')
 		{
-			return isset($this->config[$item]) ? $this->config[$item] : FALSE;
+			return isset($this->config[$item]) ? $this->config[$item] : NULL;
 		}
 
-		return isset($this->config[$index], $this->config[$index][$item]) ? $this->config[$index][$item] : FALSE;
+		return isset($this->config[$index], $this->config[$index][$item]) ? $this->config[$index][$item] : NULL;
 	}
 
 	// --------------------------------------------------------------------
-- 
cgit v1.2.3-24-g4f1b


From 90f316a8615fbbbc0810d945dd1a237662c6bfbf Mon Sep 17 00:00:00 2001
From: vlakoff 
Date: Thu, 25 Jul 2013 04:33:56 +0200
Subject: Adjustments to the previous commit

---
 system/core/Config.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'system/core')

diff --git a/system/core/Config.php b/system/core/Config.php
index 14ade7248..e7cbe5624 100644
--- a/system/core/Config.php
+++ b/system/core/Config.php
@@ -184,7 +184,7 @@ class CI_Config {
 	 *
 	 * @param	string	$item	Config item name
 	 * @param	string	$index	Index name
-	 * @return	string|null	The configuration item or NULL on failure
+	 * @return	string|null	The configuration item or NULL if the item doesn't exist
 	 */
 	public function item($item, $index = '')
 	{
-- 
cgit v1.2.3-24-g4f1b


From c1044cb62e39709aa14f86a56bc950a78cfc713c Mon Sep 17 00:00:00 2001
From: vlakoff 
Date: Thu, 25 Jul 2013 12:18:43 +0200
Subject: Uniformize slash_item() with item()

---
 system/core/Config.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Config.php b/system/core/Config.php
index e7cbe5624..109ee6424 100644
--- a/system/core/Config.php
+++ b/system/core/Config.php
@@ -202,13 +202,13 @@ class CI_Config {
 	 * Fetch a config file item with slash appended (if not empty)
 	 *
 	 * @param	string		$item	Config item name
-	 * @return	string|bool	The configuration item or FALSE on failure
+	 * @return	string|null	The configuration item or NULL if the item doesn't exist
 	 */
 	public function slash_item($item)
 	{
 		if ( ! isset($this->config[$item]))
 		{
-			return FALSE;
+			return NULL;
 		}
 		elseif (trim($this->config[$item]) === '')
 		{
-- 
cgit v1.2.3-24-g4f1b


From 23719ab569c9c8d6b791f65d7861daba3895ddcb Mon Sep 17 00:00:00 2001
From: Hunter Wu 
Date: Thu, 1 Aug 2013 23:15:13 +0800
Subject: Add windows filename rule as an option for upload files

---
 system/core/Security.php | 51 ++++++++++++++++++++++++++++++------------------
 1 file changed, 32 insertions(+), 19 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Security.php b/system/core/Security.php
index 196d61144..cd1cb1ab4 100644
--- a/system/core/Security.php
+++ b/system/core/Security.php
@@ -114,6 +114,36 @@ class CI_Security {
 		"([\"'])?data\s*:[^\\1]*?base64[^\\1]*?,[^\\1]*?\\1?"
 	);
 
+	/**
+	 * List of bad chars for sanitize filename
+	 *
+	 * @var	array
+	 */
+	private $_filename_bad_str_rules = array(
+		'default' => array(
+			'../', '', '<', '>',
+			"'", '"', '&', '$', '#',
+			'{', '}', '[', ']', '=',
+			';', '?', '%20', '%22',
+			'%3c',		// <
+			'%253c',	// <
+			'%3e',		// >
+			'%0e',		// >
+			'%28',		// (
+			'%29',		// )
+			'%2528',	// (
+			'%26',		// &
+			'%24',		// $
+			'%3f',		// ?
+			'%3b',		// ;
+			'%3d'		// =
+		),
+		'windows' => array(
+			'\\', '/', ':', '*', '?',
+			'"', '<', '>', '|',
+		),
+	);
+
 	/**
 	 * Class constructor
 	 *
@@ -547,26 +577,9 @@ class CI_Security {
 	 * @param 	bool	$relative_path	Whether to preserve paths
 	 * @return	string
 	 */
-	public function sanitize_filename($str, $relative_path = FALSE)
+	public function sanitize_filename($str, $relative_path = FALSE, $rule = 'default')
 	{
-		$bad = array(
-			'../', '', '<', '>',
-			"'", '"', '&', '$', '#',
-			'{', '}', '[', ']', '=',
-			';', '?', '%20', '%22',
-			'%3c',		// <
-			'%253c',	// <
-			'%3e',		// >
-			'%0e',		// >
-			'%28',		// (
-			'%29',		// )
-			'%2528',	// (
-			'%26',		// &
-			'%24',		// $
-			'%3f',		// ?
-			'%3b',		// ;
-			'%3d'		// =
-		);
+		$bad = $this->_filename_bad_str_rules[$rule];
 
 		if ( ! $relative_path)
 		{
-- 
cgit v1.2.3-24-g4f1b


From 8df3352dff5f734c1b3831fdc131f676a9850d51 Mon Sep 17 00:00:00 2001
From: Hunter Wu 
Date: Sat, 3 Aug 2013 22:36:05 +0800
Subject: Revert "Add windows filename rule as an option for upload files"

This reverts commit 23719ab569c9c8d6b791f65d7861daba3895ddcb.
---
 system/core/Security.php | 51 ++++++++++++++++++------------------------------
 1 file changed, 19 insertions(+), 32 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Security.php b/system/core/Security.php
index cd1cb1ab4..196d61144 100644
--- a/system/core/Security.php
+++ b/system/core/Security.php
@@ -114,36 +114,6 @@ class CI_Security {
 		"([\"'])?data\s*:[^\\1]*?base64[^\\1]*?,[^\\1]*?\\1?"
 	);
 
-	/**
-	 * List of bad chars for sanitize filename
-	 *
-	 * @var	array
-	 */
-	private $_filename_bad_str_rules = array(
-		'default' => array(
-			'../', '', '<', '>',
-			"'", '"', '&', '$', '#',
-			'{', '}', '[', ']', '=',
-			';', '?', '%20', '%22',
-			'%3c',		// <
-			'%253c',	// <
-			'%3e',		// >
-			'%0e',		// >
-			'%28',		// (
-			'%29',		// )
-			'%2528',	// (
-			'%26',		// &
-			'%24',		// $
-			'%3f',		// ?
-			'%3b',		// ;
-			'%3d'		// =
-		),
-		'windows' => array(
-			'\\', '/', ':', '*', '?',
-			'"', '<', '>', '|',
-		),
-	);
-
 	/**
 	 * Class constructor
 	 *
@@ -577,9 +547,26 @@ class CI_Security {
 	 * @param 	bool	$relative_path	Whether to preserve paths
 	 * @return	string
 	 */
-	public function sanitize_filename($str, $relative_path = FALSE, $rule = 'default')
+	public function sanitize_filename($str, $relative_path = FALSE)
 	{
-		$bad = $this->_filename_bad_str_rules[$rule];
+		$bad = array(
+			'../', '', '<', '>',
+			"'", '"', '&', '$', '#',
+			'{', '}', '[', ']', '=',
+			';', '?', '%20', '%22',
+			'%3c',		// <
+			'%253c',	// <
+			'%3e',		// >
+			'%0e',		// >
+			'%28',		// (
+			'%29',		// )
+			'%2528',	// (
+			'%26',		// &
+			'%24',		// $
+			'%3f',		// ?
+			'%3b',		// ;
+			'%3d'		// =
+		);
 
 		if ( ! $relative_path)
 		{
-- 
cgit v1.2.3-24-g4f1b


From a8d6d3b13a0086c86e3dd69f0376be3a6982bc16 Mon Sep 17 00:00:00 2001
From: Hunter Wu 
Date: Sat, 3 Aug 2013 23:17:45 +0800
Subject: Make the bad filename array public in Security library

---
 system/core/Security.php | 56 ++++++++++++++++++++++++++++++++----------------
 1 file changed, 38 insertions(+), 18 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Security.php b/system/core/Security.php
index 196d61144..3d04d5e12 100644
--- a/system/core/Security.php
+++ b/system/core/Security.php
@@ -37,6 +37,30 @@ defined('BASEPATH') OR exit('No direct script access allowed');
  */
 class CI_Security {
 
+	/**
+	 * List of sanitize filename strings
+	 *
+	 * @var	array
+	 */
+	public $sanitize_filename_str =	array(
+		'../', '', '<', '>',
+		"'", '"', '&', '$', '#',
+		'{', '}', '[', ']', '=',
+		';', '?', '%20', '%22',
+		'%3c',		// <
+		'%253c',	// <
+		'%3e',		// >
+		'%0e',		// >
+		'%28',		// (
+		'%29',		// )
+		'%2528',	// (
+		'%26',		// &
+		'%24',		// $
+		'%3f',		// ?
+		'%3b',		// ;
+		'%3d'		// =
+	);
+
 	/**
 	 * XSS Hash
 	 *
@@ -540,6 +564,19 @@ class CI_Security {
 
 	// --------------------------------------------------------------------
 
+	/**
+	 * Set Sanitize Filename Strings
+	 *
+	 * @param	array	$strings
+	 * @return	void
+	 */
+	public function set_sanitize_filename_str($strings)
+	{
+		$this->sanitize_filename_str = $strings;
+	}
+
+	// --------------------------------------------------------------------
+
 	/**
 	 * Sanitize Filename
 	 *
@@ -549,24 +586,7 @@ class CI_Security {
 	 */
 	public function sanitize_filename($str, $relative_path = FALSE)
 	{
-		$bad = array(
-			'../', '', '<', '>',
-			"'", '"', '&', '$', '#',
-			'{', '}', '[', ']', '=',
-			';', '?', '%20', '%22',
-			'%3c',		// <
-			'%253c',	// <
-			'%3e',		// >
-			'%0e',		// >
-			'%28',		// (
-			'%29',		// )
-			'%2528',	// (
-			'%26',		// &
-			'%24',		// $
-			'%3f',		// ?
-			'%3b',		// ;
-			'%3d'		// =
-		);
+		$bad = $this->sanitize_filename_str;
 
 		if ( ! $relative_path)
 		{
-- 
cgit v1.2.3-24-g4f1b


From 4495cc740c1c0e382cc62d3d174abd17c0b4d84f Mon Sep 17 00:00:00 2001
From: Hunter Wu 
Date: Sun, 4 Aug 2013 12:31:52 +0800
Subject: Rename bad chars property to filename_bad_chars, remove the setter
 and add changelog entry

---
 system/core/Security.php | 17 ++---------------
 1 file changed, 2 insertions(+), 15 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Security.php b/system/core/Security.php
index 3d04d5e12..70cf3e013 100644
--- a/system/core/Security.php
+++ b/system/core/Security.php
@@ -42,7 +42,7 @@ class CI_Security {
 	 *
 	 * @var	array
 	 */
-	public $sanitize_filename_str =	array(
+	public $filename_bad_chars =	array(
 		'../', '', '<', '>',
 		"'", '"', '&', '$', '#',
 		'{', '}', '[', ']', '=',
@@ -564,19 +564,6 @@ class CI_Security {
 
 	// --------------------------------------------------------------------
 
-	/**
-	 * Set Sanitize Filename Strings
-	 *
-	 * @param	array	$strings
-	 * @return	void
-	 */
-	public function set_sanitize_filename_str($strings)
-	{
-		$this->sanitize_filename_str = $strings;
-	}
-
-	// --------------------------------------------------------------------
-
 	/**
 	 * Sanitize Filename
 	 *
@@ -586,7 +573,7 @@ class CI_Security {
 	 */
 	public function sanitize_filename($str, $relative_path = FALSE)
 	{
-		$bad = $this->sanitize_filename_str;
+		$bad = $this->filename_bad_chars;
 
 		if ( ! $relative_path)
 		{
-- 
cgit v1.2.3-24-g4f1b


From c941d855dc32ec44107cb863596fa385c7aed015 Mon Sep 17 00:00:00 2001
From: vlakoff 
Date: Tue, 6 Aug 2013 14:44:40 +0200
Subject: Various typos and tabs adjustments

---
 system/core/Common.php | 4 ++--
 system/core/Input.php  | 2 +-
 system/core/Router.php | 4 ++--
 3 files changed, 5 insertions(+), 5 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Common.php b/system/core/Common.php
index b95a05db9..b9e318394 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -556,8 +556,8 @@ if ( ! function_exists('_exception_handler'))
 	/**
 	 * Exception Handler
 	 *
-	 * This is the custom exception handler that is declaired at the top
-	 * of Codeigniter.php. The main reason we use this is to permit
+	 * This is the custom exception handler that is declared at the top
+	 * of CodeIgniter.php. The main reason we use this is to permit
 	 * PHP errors to be logged in our own log files since the user may
 	 * not have access to server logs. Since this function
 	 * effectively intercepts PHP errors, however, we also need
diff --git a/system/core/Input.php b/system/core/Input.php
index 0ef81128e..6f184a3ca 100644
--- a/system/core/Input.php
+++ b/system/core/Input.php
@@ -47,7 +47,7 @@ class CI_Input {
 	public $ip_address = FALSE;
 
 	/**
-	 * User agent strin
+	 * User agent string
 	 *
 	 * @var	string
 	 */
diff --git a/system/core/Router.php b/system/core/Router.php
index 989ae542e..0f7278ae6 100644
--- a/system/core/Router.php
+++ b/system/core/Router.php
@@ -351,10 +351,10 @@ class CI_Router {
 			return $this->_set_request(explode('/', $this->routes[$uri]));
 		}
 
-		// Loop through the route array looking for wild-cards
+		// Loop through the route array looking for wildcards
 		foreach ($this->routes as $key => $val)
 		{
-			// Convert wild-cards to RegEx
+			// Convert wildcards to RegEx
 			$key = str_replace(array(':any', ':num'), array('[^/]+', '[0-9]+'), $key);
 
 			// Does the RegEx match?
-- 
cgit v1.2.3-24-g4f1b


From 40d124924ea331c6a57ab1b3f743299a41eb3f0c Mon Sep 17 00:00:00 2001
From: vlakoff 
Date: Tue, 6 Aug 2013 14:46:00 +0200
Subject: Replace php_sapi_name() function with PHP_SAPI constant

exact same behavior but faster, shorter
---
 system/core/Common.php | 2 +-
 system/core/Input.php  | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Common.php b/system/core/Common.php
index b9e318394..28c60832c 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -538,7 +538,7 @@ if ( ! function_exists('set_status_header'))
 
 		$server_protocol = isset($_SERVER['SERVER_PROTOCOL']) ? $_SERVER['SERVER_PROTOCOL'] : FALSE;
 
-		if (strpos(php_sapi_name(), 'cgi') === 0)
+		if (strpos(PHP_SAPI, 'cgi') === 0)
 		{
 			header('Status: '.$code.' '.$text, TRUE);
 		}
diff --git a/system/core/Input.php b/system/core/Input.php
index 6f184a3ca..1e67ce183 100644
--- a/system/core/Input.php
+++ b/system/core/Input.php
@@ -872,7 +872,7 @@ class CI_Input {
 	 */
 	public function is_cli_request()
 	{
-		return (php_sapi_name() === 'cli' OR defined('STDIN'));
+		return (PHP_SAPI === 'cli' OR defined('STDIN'));
 	}
 
 	// --------------------------------------------------------------------
-- 
cgit v1.2.3-24-g4f1b


From 61f1aa0c4d22e1ab5a10e906f25d7e4ee24b225c Mon Sep 17 00:00:00 2001
From: vlakoff 
Date: Wed, 7 Aug 2013 11:29:17 +0200
Subject: Fix noneffective static variable cache in log_message()

---
 system/core/Common.php | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Common.php b/system/core/Common.php
index 28c60832c..98a3fcb35 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -453,10 +453,11 @@ if ( ! function_exists('log_message'))
 
 		if ($_log === NULL)
 		{
-			$_log =& load_class('Log', 'core');
+			// references cannot be directly assigned to static variables, so we use an array
+			$_log[0] =& load_class('Log', 'core');
 		}
 
-		$_log->write_log($level, $message, $php_error);
+		$_log[0]->write_log($level, $message, $php_error);
 	}
 }
 
-- 
cgit v1.2.3-24-g4f1b


From 2f8d2d381ef4a2fd9ea8f67a36a731aae8b14064 Mon Sep 17 00:00:00 2001
From: Andrey Andreev 
Date: Wed, 7 Aug 2013 15:54:47 +0300
Subject: Add a changelog entry for PR #2590 and further optimize log_message()

CI_Log::write_log() already checks the log threshold, so there's no point in doing it in log_message() as well.
---
 system/core/Common.php | 12 +-----------
 1 file changed, 1 insertion(+), 11 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Common.php b/system/core/Common.php
index 98a3fcb35..21e1df9c6 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -439,17 +439,7 @@ if ( ! function_exists('log_message'))
 	 */
 	function log_message($level, $message, $php_error = FALSE)
 	{
-		static $_log, $_log_threshold;
-
-		if ($_log_threshold === NULL)
-		{
-			$_log_threshold = config_item('log_threshold');
-		}
-
-		if ($_log_threshold === 0)
-		{
-			return;
-		}
+		static $_log;
 
 		if ($_log === NULL)
 		{
-- 
cgit v1.2.3-24-g4f1b


From 441fd264267ac526730d06183bd3cfebfd26df01 Mon Sep 17 00:00:00 2001
From: vlakoff 
Date: Sun, 11 Aug 2013 20:36:41 +0200
Subject: Input class: change behavior of get_post() method, add post_get()
 method

followup to PR #2522
---
 system/core/Input.php | 18 +++++++++++++++++-
 1 file changed, 17 insertions(+), 1 deletion(-)

(limited to 'system/core')

diff --git a/system/core/Input.php b/system/core/Input.php
index 1e67ce183..24e21ea08 100644
--- a/system/core/Input.php
+++ b/system/core/Input.php
@@ -261,7 +261,7 @@ class CI_Input {
 	 * @param	bool	$xss_clean	Whether to apply XSS filtering
 	 * @return	mixed
 	 */
-	public function get_post($index = '', $xss_clean = FALSE)
+	public function post_get($index = '', $xss_clean = FALSE)
 	{
 		return isset($_POST[$index])
 			? $this->post($index, $xss_clean)
@@ -270,6 +270,22 @@ class CI_Input {
 
 	// --------------------------------------------------------------------
 
+	/**
+	 * Fetch an item from GET data with fallback to POST
+	 *
+	 * @param	string	$index		Index for item to be fetched from $_GET or $_POST
+	 * @param	bool	$xss_clean	Whether to apply XSS filtering
+	 * @return	mixed
+	 */
+	public function get_post($index = '', $xss_clean = FALSE)
+	{
+		return isset($_GET[$index])
+			? $this->get($index, $xss_clean)
+			: $this->post($index, $xss_clean);
+	}
+
+	// --------------------------------------------------------------------
+
 	/**
 	 * Fetch an item from the COOKIE array
 	 *
-- 
cgit v1.2.3-24-g4f1b


From 8d70c0af8f395cfa6354e4e586b156f65954fca3 Mon Sep 17 00:00:00 2001
From: vlakoff 
Date: Sat, 17 Aug 2013 07:31:29 +0200
Subject: Fix $replace parameter handling in get_config()

Code was reached only on first function call, then short-circuited because of the reference cache.
---
 system/core/CodeIgniter.php |  2 +-
 system/core/Common.php      | 58 ++++++++++++++++++++++++---------------------
 2 files changed, 32 insertions(+), 28 deletions(-)

(limited to 'system/core')

diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php
index a026920a4..c962fda20 100644
--- a/system/core/CodeIgniter.php
+++ b/system/core/CodeIgniter.php
@@ -88,7 +88,7 @@ defined('BASEPATH') OR exit('No direct script access allowed');
  * The subclass prefix allows CI to know if a core class is
  * being extended via a library in the local application
  * "libraries" folder. Since CI allows config items to be
- * overriden via data set in the main index. php file,
+ * overriden via data set in the main index.php file,
  * before proceeding we need to know if a subclass_prefix
  * override exists. If so, we will set this value now,
  * before any classes are loaded
diff --git a/system/core/Common.php b/system/core/Common.php
index 21e1df9c6..a90a3ab70 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -230,39 +230,43 @@ if ( ! function_exists('get_config'))
 
 		if (isset($_config))
 		{
-			return $_config[0];
+			$config =& $_config[0];
 		}
-
-		$file_path = APPPATH.'config/config.php';
-		$found = FALSE;
-		if (file_exists($file_path))
+		else
 		{
-			$found = TRUE;
-			require($file_path);
-		}
+			$file_path = APPPATH.'config/config.php';
+			$found = FALSE;
+			if (file_exists($file_path))
+			{
+				$found = TRUE;
+				require($file_path);
+			}
 
-		// Is the config file in the environment folder?
-		if (file_exists($file_path = APPPATH.'config/'.ENVIRONMENT.'/config.php'))
-		{
-			require($file_path);
-		}
-		elseif ( ! $found)
-		{
-			set_status_header(503);
-			echo 'The configuration file does not exist.';
-			exit(EXIT_CONFIG);
-		}
+			// Is the config file in the environment folder?
+			if (file_exists($file_path = APPPATH.'config/'.ENVIRONMENT.'/config.php'))
+			{
+				require($file_path);
+			}
+			elseif ( ! $found)
+			{
+				set_status_header(503);
+				echo 'The configuration file does not exist.';
+				exit(EXIT_CONFIG);
+			}
 
-		// Does the $config array exist in the file?
-		if ( ! isset($config) OR ! is_array($config))
-		{
-			set_status_header(503);
-			echo 'Your config file does not appear to be formatted correctly.';
-			exit(EXIT_CONFIG);
+			// Does the $config array exist in the file?
+			if ( ! isset($config) OR ! is_array($config))
+			{
+				set_status_header(503);
+				echo 'Your config file does not appear to be formatted correctly.';
+				exit(EXIT_CONFIG);
+			}
+
+			$_config[0] =& $config;
 		}
 
 		// Are any values being dynamically replaced?
-		if (count($replace) > 0)
+		if (!empty($replace))
 		{
 			foreach ($replace as $key => $val)
 			{
@@ -273,7 +277,7 @@ if ( ! function_exists('get_config'))
 			}
 		}
 
-		return $_config[0] =& $config;
+		return $config;
 	}
 }
 
-- 
cgit v1.2.3-24-g4f1b


From 2f7810a36b488a1b3d3dfd3ba8eb6bfbbe91f9ff Mon Sep 17 00:00:00 2001
From: vlakoff 
Date: Mon, 19 Aug 2013 04:46:26 +0200
Subject: Ensure get_config() optional argument is an array, remove useless
 test

---
 system/core/Common.php | 11 ++++-------
 1 file changed, 4 insertions(+), 7 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Common.php b/system/core/Common.php
index a90a3ab70..50bcd9278 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -224,7 +224,7 @@ if ( ! function_exists('get_config'))
 	 * @param	array
 	 * @return	array
 	 */
-	function &get_config($replace = array())
+	function &get_config(array $replace = array())
 	{
 		static $_config;
 
@@ -266,14 +266,11 @@ if ( ! function_exists('get_config'))
 		}
 
 		// Are any values being dynamically replaced?
-		if (!empty($replace))
+		foreach ($replace as $key => $val)
 		{
-			foreach ($replace as $key => $val)
+			if (isset($config[$key]))
 			{
-				if (isset($config[$key]))
-				{
-					$config[$key] = $val;
-				}
+				$config[$key] = $val;
 			}
 		}
 
-- 
cgit v1.2.3-24-g4f1b


From 67e5ca678a43a00aecd46cb6d02cfbf9c36d666b Mon Sep 17 00:00:00 2001
From: vlakoff 
Date: Mon, 19 Aug 2013 04:52:00 +0200
Subject: Allow items to be set even if they were not present yet

---
 system/core/Common.php | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Common.php b/system/core/Common.php
index 50bcd9278..6b3d73100 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -265,13 +265,10 @@ if ( ! function_exists('get_config'))
 			$_config[0] =& $config;
 		}
 
-		// Are any values being dynamically replaced?
+		// Are any values being dynamically added or replaced?
 		foreach ($replace as $key => $val)
 		{
-			if (isset($config[$key]))
-			{
-				$config[$key] = $val;
-			}
+			$config[$key] = $val;
 		}
 
 		return $config;
-- 
cgit v1.2.3-24-g4f1b


From 05d043b38896570004fadbed8495fc99c6ef3da6 Mon Sep 17 00:00:00 2001
From: vlakoff 
Date: Mon, 19 Aug 2013 04:55:34 +0200
Subject: Adjustments in static reference handling

---
 system/core/Common.php | 13 +++++--------
 1 file changed, 5 insertions(+), 8 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Common.php b/system/core/Common.php
index 6b3d73100..cf9cd846d 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -228,11 +228,7 @@ if ( ! function_exists('get_config'))
 	{
 		static $_config;
 
-		if (isset($_config))
-		{
-			$config =& $_config[0];
-		}
-		else
+		if (empty($_config))
 		{
 			$file_path = APPPATH.'config/config.php';
 			$found = FALSE;
@@ -262,16 +258,17 @@ if ( ! function_exists('get_config'))
 				exit(EXIT_CONFIG);
 			}
 
+			// references cannot be directly assigned to static variables, so we use an array
 			$_config[0] =& $config;
 		}
 
 		// Are any values being dynamically added or replaced?
 		foreach ($replace as $key => $val)
 		{
-			$config[$key] = $val;
+			$_config[0][$key] = $val;
 		}
 
-		return $config;
+		return $_config[0];
 	}
 }
 
@@ -439,7 +436,7 @@ if ( ! function_exists('log_message'))
 	{
 		static $_log;
 
-		if ($_log === NULL)
+		if (empty($_log))
 		{
 			// references cannot be directly assigned to static variables, so we use an array
 			$_log[0] =& load_class('Log', 'core');
-- 
cgit v1.2.3-24-g4f1b


From 49890a95da8438910b6f6b8da43ec5e5cd10f53c Mon Sep 17 00:00:00 2001
From: Andrey Andreev 
Date: Mon, 19 Aug 2013 19:56:18 +0300
Subject: Kill the damn kitten

---
 system/core/Common.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Common.php b/system/core/Common.php
index cf9cd846d..7f296b133 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -224,7 +224,7 @@ if ( ! function_exists('get_config'))
 	 * @param	array
 	 * @return	array
 	 */
-	function &get_config(array $replace = array())
+	function &get_config(Array $replace = array())
 	{
 		static $_config;
 
@@ -436,7 +436,7 @@ if ( ! function_exists('log_message'))
 	{
 		static $_log;
 
-		if (empty($_log))
+		if ($_log === NULL)
 		{
 			// references cannot be directly assigned to static variables, so we use an array
 			$_log[0] =& load_class('Log', 'core');
-- 
cgit v1.2.3-24-g4f1b


From 67e643a475a37c53267d0f43b2c2d67efd907014 Mon Sep 17 00:00:00 2001
From: judge 
Date: Tue, 10 Sep 2013 13:59:46 +0200
Subject: fixed error in finding closing tag

---
 system/core/Output.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'system/core')

diff --git a/system/core/Output.php b/system/core/Output.php
index 06d7a866b..7bfb8cebe 100644
--- a/system/core/Output.php
+++ b/system/core/Output.php
@@ -841,7 +841,7 @@ class CI_Output {
 			$output = substr_replace($output, '', 0, $pos);
 
 			// Remove closing tag and save it for later
-			$pos = strpos($output, '
Date: Tue, 10 Sep 2013 14:54:47 +0200
Subject: Removed unnecessary parameter

---
 system/core/Output.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'system/core')

diff --git a/system/core/Output.php b/system/core/Output.php
index 7bfb8cebe..e323385ba 100644
--- a/system/core/Output.php
+++ b/system/core/Output.php
@@ -842,7 +842,7 @@ class CI_Output {
 
 			// Remove closing tag and save it for later
 			$pos = strrpos($output, '
Date: Tue, 10 Sep 2013 16:13:27 +0200
Subject: Improved detecting whether the pointer is in a string or not

---
 system/core/Output.php | 24 ++++++++++++++++++++++--
 1 file changed, 22 insertions(+), 2 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Output.php b/system/core/Output.php
index e323385ba..5272ba662 100644
--- a/system/core/Output.php
+++ b/system/core/Output.php
@@ -849,6 +849,26 @@ class CI_Output {
 		// Remove CSS comments
 		$output = preg_replace('!/\*[^*]*\*+([^/][^*]*\*+)*/!i', '', $output);
 
+		// Remove Javascript inline comments
+		if ($has_tags === TRUE && strpos(strtolower($open_tag), 'script') !== FALSE) {
+			$lines = preg_split('/((\r?\n)|(\n?\r))/',$output);
+			foreach ($lines as &$line){
+				$in_string = $in_dstring = FALSE;
+				$len = strlen($line);
+				for ($i=0; $i<$len; $i++){
+					if ( !$in_string && !$in_dstring && substr($line,$i,2)==='//'){
+						$line = substr($line,0,$i);
+						break;
+					}
+					if ( $line[$i]==='"' )
+						$in_dstring = ! $in_dstring;
+					if ( $line[$i]==="'" )
+						$in_string = ! $in_string;
+				}
+			}
+			$output = implode("\n",$lines);
+		}
+
 		// Remove spaces around curly brackets, colons,
 		// semi-colons, parenthesis, commas
 		$chunks = preg_split('/([\'|"]).+(?![^\\\]\\1)\\1/iU', $output, -1, PREG_SPLIT_OFFSET_CAPTURE);
@@ -899,11 +919,11 @@ class CI_Output {
 				}
 			}
 
-			if ($value === "'")
+			if ($value === "'" && ! $in_dstring)
 			{
 				$in_string = ! $in_string;
 			}
-			elseif ($value === '"')
+			elseif ($value === '"' && ! $in_string)
 			{
 				$in_dstring = ! $in_dstring;
 			}
-- 
cgit v1.2.3-24-g4f1b


From f57ecc141e072473c73630af29ffe06be25e850c Mon Sep 17 00:00:00 2001
From: judge 
Date: Tue, 10 Sep 2013 16:18:14 +0200
Subject: Remove Javascript inline comments + improved detecting whether the
 pointer is in a string or not

---
 system/core/Output.php | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Output.php b/system/core/Output.php
index 5272ba662..ec82ae7e8 100644
--- a/system/core/Output.php
+++ b/system/core/Output.php
@@ -856,14 +856,14 @@ class CI_Output {
 				$in_string = $in_dstring = FALSE;
 				$len = strlen($line);
 				for ($i=0; $i<$len; $i++){
-					if ( !$in_string && !$in_dstring && substr($line,$i,2)==='//'){
+					if ( ! $in_string && ! $in_dstring && substr($line,$i,2) === '//'){
 						$line = substr($line,0,$i);
 						break;
 					}
-					if ( $line[$i]==='"' )
-						$in_dstring = ! $in_dstring;
-					if ( $line[$i]==="'" )
+					if ( $line[$i]==="'" && ! $in_dstring )
 						$in_string = ! $in_string;
+					else if ( $line[$i]==='"' && ! $in_string )
+						$in_dstring = ! $in_dstring;
 				}
 			}
 			$output = implode("\n",$lines);
-- 
cgit v1.2.3-24-g4f1b


From c7df348233227ecf490ef26795022af6cd26807c Mon Sep 17 00:00:00 2001
From: judge 
Date: Tue, 10 Sep 2013 16:24:07 +0200
Subject: Fixed coding style

---
 system/core/Output.php | 22 +++++++++++++---------
 1 file changed, 13 insertions(+), 9 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Output.php b/system/core/Output.php
index ec82ae7e8..355a139d5 100644
--- a/system/core/Output.php
+++ b/system/core/Output.php
@@ -850,23 +850,27 @@ class CI_Output {
 		$output = preg_replace('!/\*[^*]*\*+([^/][^*]*\*+)*/!i', '', $output);
 
 		// Remove Javascript inline comments
-		if ($has_tags === TRUE && strpos(strtolower($open_tag), 'script') !== FALSE) {
-			$lines = preg_split('/((\r?\n)|(\n?\r))/',$output);
-			foreach ($lines as &$line){
+		if ($has_tags === TRUE && strpos(strtolower($open_tag), 'script') !== FALSE)
+		{
+			$lines = preg_split('/((\r?\n)|(\n?\r))/', $output);
+			foreach ($lines as &$line)
+			{
 				$in_string = $in_dstring = FALSE;
 				$len = strlen($line);
-				for ($i=0; $i<$len; $i++){
-					if ( ! $in_string && ! $in_dstring && substr($line,$i,2) === '//'){
-						$line = substr($line,0,$i);
+				for ($i=0; $i<$len; $i++)
+				{
+					if ( ! $in_string && ! $in_dstring && substr($line, $i, 2) === '//')
+					{
+						$line = substr($line, 0, $i);
 						break;
 					}
-					if ( $line[$i]==="'" && ! $in_dstring )
+					if ($line[$i] === "'" && ! $in_dstring)
 						$in_string = ! $in_string;
-					else if ( $line[$i]==='"' && ! $in_string )
+					elseif ($line[$i] === '"' && ! $in_string)
 						$in_dstring = ! $in_dstring;
 				}
 			}
-			$output = implode("\n",$lines);
+			$output = implode("\n", $lines);
 		}
 
 		// Remove spaces around curly brackets, colons,
-- 
cgit v1.2.3-24-g4f1b


From 21fe9daf1cdc86cbd8800515166e19b2f8879b71 Mon Sep 17 00:00:00 2001
From: Kaiwang Chen 
Date: Wed, 11 Sep 2013 13:09:41 +0800
Subject: Simulate a complete custom exception handler by redirecting uncaught
 events.

---
 system/core/CodeIgniter.php |  1 +
 system/core/Common.php      | 29 +++++++++++++++++++++++++++++
 2 files changed, 30 insertions(+)

(limited to 'system/core')

diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php
index c962fda20..67c94cfd1 100644
--- a/system/core/CodeIgniter.php
+++ b/system/core/CodeIgniter.php
@@ -73,6 +73,7 @@ defined('BASEPATH') OR exit('No direct script access allowed');
  * ------------------------------------------------------
  */
 	set_error_handler('_exception_handler');
+	register_shutdown_function('_shutdown_handler');
 
 	if ( ! is_php('5.4'))
 	{
diff --git a/system/core/Common.php b/system/core/Common.php
index 7f296b133..0353a9d10 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -577,6 +577,35 @@ if ( ! function_exists('_exception_handler'))
 	}
 }
 
+// ------------------------------------------------------------------------
+
+if ( ! function_exists('_shutdown_handler'))
+{
+	/**
+	 * Shutdown Handler
+	 *
+	 * This is the shutdown handler that is declared at the top
+	 * of CodeIgniter.php. The main reason we use this is to simulate
+	 * a complete custom exception handler.
+	 *
+	 * E_STRICT is purposivly neglected because such events may have 
+	 * been caught. Duplication or none? None is preferred for now.
+	 *
+	 * @link	http://insomanic.me.uk/post/229851073/php-trick-catching-fatal-errors-e-error-with-a
+	 * @return	void
+	 */
+	function _shutdown_handler()
+	{
+		$last_error = function_exists('error_get_last') ? error_get_last() : NULL;
+		if (isset($last_error) &&
+			($last_error['type'] & (E_ERROR | E_PARSE | E_CORE_ERROR | E_CORE_WARNING | E_COMPILE_ERROR | E_COMPILE_WARNING)))
+		{
+			chdir(CIPATH);
+			_exception_handler($last_error['type'], $last_error['message'], $last_error['file'], $last_error['line']);
+		}
+	}
+}
+
 // --------------------------------------------------------------------
 
 if ( ! function_exists('remove_invisible_characters'))
-- 
cgit v1.2.3-24-g4f1b


From 5f0ee055ddf0624017bfcd1748445d8854c0b5ea Mon Sep 17 00:00:00 2001
From: Kaiwang Chen 
Date: Thu, 12 Sep 2013 11:54:44 +0800
Subject: Remove unnecessary chdir() in the shutdown handler.

---
 system/core/Common.php | 1 -
 1 file changed, 1 deletion(-)

(limited to 'system/core')

diff --git a/system/core/Common.php b/system/core/Common.php
index 0353a9d10..edfad99c5 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -600,7 +600,6 @@ if ( ! function_exists('_shutdown_handler'))
 		if (isset($last_error) &&
 			($last_error['type'] & (E_ERROR | E_PARSE | E_CORE_ERROR | E_CORE_WARNING | E_COMPILE_ERROR | E_COMPILE_WARNING)))
 		{
-			chdir(CIPATH);
 			_exception_handler($last_error['type'], $last_error['message'], $last_error['file'], $last_error['line']);
 		}
 	}
-- 
cgit v1.2.3-24-g4f1b


From c5768dbab1f026db1bc3aa3908454eaecbc9006c Mon Sep 17 00:00:00 2001
From: judge 
Date: Thu, 12 Sep 2013 14:43:43 +0200
Subject: Fixed coding style

---
 system/core/Output.php | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Output.php b/system/core/Output.php
index 355a139d5..7c2a64d24 100644
--- a/system/core/Output.php
+++ b/system/core/Output.php
@@ -852,24 +852,29 @@ class CI_Output {
 		// Remove Javascript inline comments
 		if ($has_tags === TRUE && strpos(strtolower($open_tag), 'script') !== FALSE)
 		{
-			$lines = preg_split('/((\r?\n)|(\n?\r))/', $output);
+			$lines = preg_split('/\r?\n|\n?\r/', $output);
 			foreach ($lines as &$line)
 			{
 				$in_string = $in_dstring = FALSE;
-				$len = strlen($line);
-				for ($i=0; $i<$len; $i++)
+				for ($i = 0, $len = strlen($line); $i < $len; $i++)
 				{
 					if ( ! $in_string && ! $in_dstring && substr($line, $i, 2) === '//')
 					{
 						$line = substr($line, 0, $i);
 						break;
 					}
+
 					if ($line[$i] === "'" && ! $in_dstring)
+					{
 						$in_string = ! $in_string;
+					}
 					elseif ($line[$i] === '"' && ! $in_string)
+					{
 						$in_dstring = ! $in_dstring;
+					}
 				}
 			}
+
 			$output = implode("\n", $lines);
 		}
 
-- 
cgit v1.2.3-24-g4f1b


From 4005e3c06e362f90dde1dff1564bd91adca52e9f Mon Sep 17 00:00:00 2001
From: Ahmad Anbar 
Date: Thu, 12 Sep 2013 23:33:28 +0300
Subject: Fixed issue #2638 which prevented loading models in sub-folders by
 passing an array.

---
 system/core/Loader.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Loader.php b/system/core/Loader.php
index 1709c2db1..a218e79fb 100644
--- a/system/core/Loader.php
+++ b/system/core/Loader.php
@@ -222,7 +222,7 @@ class CI_Loader {
 		{
 			foreach ($model as $key => $value)
 			{
-				$this->model(is_int($key) ? $value : $key, $value);
+				is_int($key) ? $this->model($value, '', $db_conn) : $this->model($key, $value, $db_conn);
 			}
 			return;
 		}
@@ -1293,4 +1293,4 @@ class CI_Loader {
 }
 
 /* End of file Loader.php */
-/* Location: ./system/core/Loader.php */
\ No newline at end of file
+/* Location: ./system/core/Loader.php */
-- 
cgit v1.2.3-24-g4f1b


From ed3fd58f97c496d40357ab931fd2d8cdb821a0a8 Mon Sep 17 00:00:00 2001
From: Ahmad Anbar 
Date: Fri, 13 Sep 2013 00:23:37 +0300
Subject: Removed new line from the end of the file.

---
 system/core/Loader.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'system/core')

diff --git a/system/core/Loader.php b/system/core/Loader.php
index a218e79fb..2eef9979c 100644
--- a/system/core/Loader.php
+++ b/system/core/Loader.php
@@ -1293,4 +1293,4 @@ class CI_Loader {
 }
 
 /* End of file Loader.php */
-/* Location: ./system/core/Loader.php */
+/* Location: ./system/core/Loader.php */
\ No newline at end of file
-- 
cgit v1.2.3-24-g4f1b


From 838c9a96f645aac24daa31285efa1051535c4219 Mon Sep 17 00:00:00 2001
From: Andrey Andreev 
Date: Fri, 13 Sep 2013 14:05:13 +0300
Subject: Drop the unused  parameter from log_message() / CI_Log::write_log()

---
 system/core/Common.php     | 4 ++--
 system/core/Exceptions.php | 2 +-
 system/core/Log.php        | 2 +-
 3 files changed, 4 insertions(+), 4 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Common.php b/system/core/Common.php
index edfad99c5..cf81e3fb5 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -432,7 +432,7 @@ if ( ! function_exists('log_message'))
 	 * @param	bool	whether the error is a native PHP error
 	 * @return	void
 	 */
-	function log_message($level, $message, $php_error = FALSE)
+	function log_message($level, $message)
 	{
 		static $_log;
 
@@ -442,7 +442,7 @@ if ( ! function_exists('log_message'))
 			$_log[0] =& load_class('Log', 'core');
 		}
 
-		$_log[0]->write_log($level, $message, $php_error);
+		$_log[0]->write_log($level, $message);
 	}
 }
 
diff --git a/system/core/Exceptions.php b/system/core/Exceptions.php
index 9c68d06a5..d7e5ed4d9 100644
--- a/system/core/Exceptions.php
+++ b/system/core/Exceptions.php
@@ -91,7 +91,7 @@ class CI_Exceptions {
 	public function log_exception($severity, $message, $filepath, $line)
 	{
 		$severity = isset($this->levels[$severity]) ? $this->levels[$severity] : $severity;
-		log_message('error', 'Severity: '.$severity.'  --> '.$message. ' '.$filepath.' '.$line, TRUE);
+		log_message('error', 'Severity: '.$severity.'  --> '.$message. ' '.$filepath.' '.$line);
 	}
 
 	// --------------------------------------------------------------------
diff --git a/system/core/Log.php b/system/core/Log.php
index e4d72b544..20bc55986 100644
--- a/system/core/Log.php
+++ b/system/core/Log.php
@@ -143,7 +143,7 @@ class CI_Log {
 	 * @param	bool	whether the error is a native PHP error
 	 * @return	bool
 	 */
-	public function write_log($level, $msg, $php_error = FALSE)
+	public function write_log($level, $msg)
 	{
 		if ($this->_enabled === FALSE)
 		{
-- 
cgit v1.2.3-24-g4f1b


From 5932a7354bf46fb0a86794af37da42f715c355bf Mon Sep 17 00:00:00 2001
From: Andrey Andreev 
Date: Fri, 13 Sep 2013 14:45:53 +0300
Subject: Improvements to safe_mode detection (it doesn't exist in PHP 5.4)

---
 system/core/CodeIgniter.php | 6 ++----
 system/core/Common.php      | 2 +-
 2 files changed, 3 insertions(+), 5 deletions(-)

(limited to 'system/core')

diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php
index 67c94cfd1..c12116236 100644
--- a/system/core/CodeIgniter.php
+++ b/system/core/CodeIgniter.php
@@ -75,10 +75,8 @@ defined('BASEPATH') OR exit('No direct script access allowed');
 	set_error_handler('_exception_handler');
 	register_shutdown_function('_shutdown_handler');
 
-	if ( ! is_php('5.4'))
-	{
-		@ini_set('magic_quotes_runtime', 0); // Kill magic quotes
-	}
+	// Kill magic quotes
+	is_php('5.4') OR @ini_set('magic_quotes_runtime', 0);
 
 /*
  * ------------------------------------------------------
diff --git a/system/core/Common.php b/system/core/Common.php
index cf81e3fb5..286deccda 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -82,7 +82,7 @@ if ( ! function_exists('is_really_writable'))
 	function is_really_writable($file)
 	{
 		// If we're on a Unix server with safe_mode off we call is_writable
-		if (DIRECTORY_SEPARATOR === '/' && (bool) @ini_get('safe_mode') === FALSE)
+		if (DIRECTORY_SEPARATOR === '/' && (is_php('5.4') OR (bool) @ini_get('safe_mode') === FALSE))
 		{
 			return is_writable($file);
 		}
-- 
cgit v1.2.3-24-g4f1b


From e890ecf4403fe6be6dea9809ba51a3a8f66b0b2e Mon Sep 17 00:00:00 2001
From: vkeranov 
Date: Sat, 14 Sep 2013 21:38:05 +0300
Subject: No need of this anymore

---
 system/core/Log.php | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Log.php b/system/core/Log.php
index 20bc55986..0390aba0b 100644
--- a/system/core/Log.php
+++ b/system/core/Log.php
@@ -140,7 +140,6 @@ class CI_Log {
 	 *
 	 * @param	string	the error level: 'error', 'debug' or 'info'
 	 * @param	string	the error message
-	 * @param	bool	whether the error is a native PHP error
 	 * @return	bool
 	 */
 	public function write_log($level, $msg)
@@ -194,4 +193,4 @@ class CI_Log {
 }
 
 /* End of file Log.php */
-/* Location: ./system/core/Log.php */
\ No newline at end of file
+/* Location: ./system/core/Log.php */
-- 
cgit v1.2.3-24-g4f1b


From d6f3d315e543a6c81917c1c2719748e018e43a5f Mon Sep 17 00:00:00 2001
From: vkeranov 
Date: Sat, 14 Sep 2013 21:39:49 +0300
Subject: No need of this anymore

---
 system/core/Common.php | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Common.php b/system/core/Common.php
index 286deccda..e24f8854d 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -429,7 +429,6 @@ if ( ! function_exists('log_message'))
 	 *
 	 * @param	string	the error level: 'error', 'debug' or 'info'
 	 * @param	string	the error message
-	 * @param	bool	whether the error is a native PHP error
 	 * @return	void
 	 */
 	function log_message($level, $message)
@@ -588,7 +587,7 @@ if ( ! function_exists('_shutdown_handler'))
 	 * of CodeIgniter.php. The main reason we use this is to simulate
 	 * a complete custom exception handler.
 	 *
-	 * E_STRICT is purposivly neglected because such events may have 
+	 * E_STRICT is purposivly neglected because such events may have
 	 * been caught. Duplication or none? None is preferred for now.
 	 *
 	 * @link	http://insomanic.me.uk/post/229851073/php-trick-catching-fatal-errors-e-error-with-a
@@ -753,4 +752,4 @@ if ( ! function_exists('function_usable'))
 }
 
 /* End of file Common.php */
-/* Location: ./system/core/Common.php */
\ No newline at end of file
+/* Location: ./system/core/Common.php */
-- 
cgit v1.2.3-24-g4f1b


From 13c818ee2f7424050cf363dceac7512bf9f9f943 Mon Sep 17 00:00:00 2001
From: Andrey Andreev 
Date: Sat, 14 Sep 2013 21:44:36 +0300
Subject: [ci skip] Remove empty lines

---
 system/core/Common.php | 2 +-
 system/core/Log.php    | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Common.php b/system/core/Common.php
index e24f8854d..c25707e50 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -752,4 +752,4 @@ if ( ! function_exists('function_usable'))
 }
 
 /* End of file Common.php */
-/* Location: ./system/core/Common.php */
+/* Location: ./system/core/Common.php */
\ No newline at end of file
diff --git a/system/core/Log.php b/system/core/Log.php
index 0390aba0b..b2327b8f0 100644
--- a/system/core/Log.php
+++ b/system/core/Log.php
@@ -193,4 +193,4 @@ class CI_Log {
 }
 
 /* End of file Log.php */
-/* Location: ./system/core/Log.php */
+/* Location: ./system/core/Log.php */
\ No newline at end of file
-- 
cgit v1.2.3-24-g4f1b


From 0bba6434f0ba3d6b1f677233c2e3c8f37b3195cc Mon Sep 17 00:00:00 2001
From: David Cox Jr 
Date: Sun, 22 Sep 2013 02:09:36 -0400
Subject: Fixes Issue 2637 more elegant way to make sure that the comment is
 not in a js string var

---
 system/core/Output.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'system/core')

diff --git a/system/core/Output.php b/system/core/Output.php
index 7c2a64d24..b5955c008 100644
--- a/system/core/Output.php
+++ b/system/core/Output.php
@@ -847,7 +847,7 @@ class CI_Output {
 		}
 
 		// Remove CSS comments
-		$output = preg_replace('!/\*[^*]*\*+([^/][^*]*\*+)*/!i', '', $output);
+		$output = preg_replace('!/\*[^*]*\*+([^/][^*]*\*+)*/(?!.*?("|\'))!i', '', $output);
 
 		// Remove Javascript inline comments
 		if ($has_tags === TRUE && strpos(strtolower($open_tag), 'script') !== FALSE)
-- 
cgit v1.2.3-24-g4f1b


From fd0aabb1e6f3db088ad9b3079adc0f9bba9b6c2b Mon Sep 17 00:00:00 2001
From: Andrey Andreev 
Date: Mon, 23 Sep 2013 13:18:20 +0300
Subject: Fix issue #33

---
 system/core/Input.php | 31 ++++++++++++++++++++++++-------
 1 file changed, 24 insertions(+), 7 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Input.php b/system/core/Input.php
index 24e21ea08..8c32e459e 100644
--- a/system/core/Input.php
+++ b/system/core/Input.php
@@ -693,7 +693,14 @@ class CI_Input {
 
 			foreach ($_COOKIE as $key => $val)
 			{
-				$_COOKIE[$this->_clean_input_keys($key)] = $this->_clean_input_data($val);
+				if (($cookie_key = $this->_clean_input_keys($key)) !== FALSE)
+				{
+					$_COOKIE[$cookie_key] = $this->_clean_input_data($val);
+				}
+				else
+				{
+					unset($_COOKIE[$key]);
+				}
 			}
 		}
 
@@ -706,7 +713,7 @@ class CI_Input {
 			$this->security->csrf_verify();
 		}
 
-		log_message('debug', 'Global POST and COOKIE data sanitized');
+		log_message('debug', 'Global POST, GET and COOKIE data sanitized');
 	}
 
 	// --------------------------------------------------------------------
@@ -776,15 +783,25 @@ class CI_Input {
 	 * only named with alpha-numeric text and a few other items.
 	 *
 	 * @param	string	$str	Input string
-	 * @return	string
+	 * @param	string	$fatal	Whether to terminate script exection
+	 *				or to return FALSE if an invalid
+	 *				key is encountered
+	 * @return	string|bool
 	 */
-	protected function _clean_input_keys($str)
+	protected function _clean_input_keys($str, $fatal = TRUE)
 	{
 		if ( ! preg_match('/^[a-z0-9:_\/|-]+$/i', $str))
 		{
-			set_status_header(503);
-			echo 'Disallowed Key Characters.';
-			exit(EXIT_USER_INPUT);
+			if ($fatal === TRUE)
+			{
+				return FALSE;
+			}
+			else
+			{
+				set_status_header(503);
+				echo 'Disallowed Key Characters.';
+				exit(EXIT_USER_INPUT);
+			}
 		}
 
 		// Clean UTF-8 if supported
-- 
cgit v1.2.3-24-g4f1b


From 6d917858b5ffd012bd85a0062d511d261cd6df2d Mon Sep 17 00:00:00 2001
From: David Cox Jr 
Date: Mon, 23 Sep 2013 23:47:26 -0400
Subject: fix #2637 cleaned up the regex to remove extra qualifiers used
 character sets where possible for clarity main expression optimized

---
 system/core/Output.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'system/core')

diff --git a/system/core/Output.php b/system/core/Output.php
index b5955c008..7a5fb66f6 100644
--- a/system/core/Output.php
+++ b/system/core/Output.php
@@ -847,7 +847,7 @@ class CI_Output {
 		}
 
 		// Remove CSS comments
-		$output = preg_replace('!/\*[^*]*\*+([^/][^*]*\*+)*/(?!.*?("|\'))!i', '', $output);
+		$output = preg_replace('!/\*([^/][^*]*\*)*/(?!.+?["\'])!i', '', $output);
 
 		// Remove Javascript inline comments
 		if ($has_tags === TRUE && strpos(strtolower($open_tag), 'script') !== FALSE)
-- 
cgit v1.2.3-24-g4f1b


From cf60fa7ac654a15e00888eef469838ef4bf47204 Mon Sep 17 00:00:00 2001
From: Jesse van Assen 
Date: Fri, 27 Sep 2013 11:58:44 +0200
Subject: Script is killed with the proper exit code.

---
 system/core/Common.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'system/core')

diff --git a/system/core/Common.php b/system/core/Common.php
index 7553f4ae6..d88b0867b 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -612,7 +612,7 @@ if ( ! function_exists('_exception_handler'))
 		// default error handling. See http://www.php.net/manual/en/errorfunc.constants.php
 		if ($is_error)
 		{
-			exit();
+			exit(EXIT_ERROR);
 		}
 	}
 }
-- 
cgit v1.2.3-24-g4f1b


From b53bd4e58f372b767ab33e0e7ffd89201710d043 Mon Sep 17 00:00:00 2001
From: garthkerr 
Date: Tue, 1 Oct 2013 19:46:11 -0400
Subject: Add return type for view loader.

When _ci_return is TRUE.
---
 system/core/Loader.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Loader.php b/system/core/Loader.php
index 2eef9979c..e0962510d 100644
--- a/system/core/Loader.php
+++ b/system/core/Loader.php
@@ -415,7 +415,7 @@ class CI_Loader {
 	 *				to be extracted for use in the view
 	 * @param	bool	$return	Whether to return the view output
 	 *				or leave it to the Output class
-	 * @return	void
+	 * @return	void|string
 	 */
 	public function view($view, $vars = array(), $return = FALSE)
 	{
@@ -1293,4 +1293,4 @@ class CI_Loader {
 }
 
 /* End of file Loader.php */
-/* Location: ./system/core/Loader.php */
\ No newline at end of file
+/* Location: ./system/core/Loader.php */
-- 
cgit v1.2.3-24-g4f1b


From a442bc2bced3bd9359548c376f99027d5334a1c7 Mon Sep 17 00:00:00 2001
From: David Cox Jr 
Date: Wed, 2 Oct 2013 23:16:51 -0400
Subject: re-fixes #2637 delimiter used for regex bounds found in neg.
 lookahead causes error using @ delimiter now for this expression

---
 system/core/Output.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'system/core')

diff --git a/system/core/Output.php b/system/core/Output.php
index 7a5fb66f6..04209d920 100644
--- a/system/core/Output.php
+++ b/system/core/Output.php
@@ -847,7 +847,7 @@ class CI_Output {
 		}
 
 		// Remove CSS comments
-		$output = preg_replace('!/\*([^/][^*]*\*)*/(?!.+?["\'])!i', '', $output);
+		$output = preg_replace('@/\*([^/][^*]*\*)*/(?!.+?["\'])@i', '', $output);
 
 		// Remove Javascript inline comments
 		if ($has_tags === TRUE && strpos(strtolower($open_tag), 'script') !== FALSE)
-- 
cgit v1.2.3-24-g4f1b


From 46e77e0d28cf6c057484df022a012e85de2f79b6 Mon Sep 17 00:00:00 2001
From: David Cox Jr 
Date: Thu, 3 Oct 2013 16:56:04 -0400
Subject: partial fix #2667 this fixes the ability to replace a space with a /
 and skip the XSS filtering

---
 system/core/Security.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'system/core')

diff --git a/system/core/Security.php b/system/core/Security.php
index 70cf3e013..368e17dc3 100644
--- a/system/core/Security.php
+++ b/system/core/Security.php
@@ -603,7 +603,7 @@ class CI_Security {
 	 */
 	public function strip_image_tags($str)
 	{
-		return preg_replace(array('##', '##'), '\\1', $str);
+		return preg_replace(array('##', '##'), '\\1', $str);
 	}
 
 	// ----------------------------------------------------------------
-- 
cgit v1.2.3-24-g4f1b


From 9f417d070916e82309a762639cc344445601156b Mon Sep 17 00:00:00 2001
From: Andrey Andreev 
Date: Mon, 14 Oct 2013 12:24:36 +0300
Subject: Fix #2682

---
 system/core/Loader.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'system/core')

diff --git a/system/core/Loader.php b/system/core/Loader.php
index e0962510d..0c16632eb 100644
--- a/system/core/Loader.php
+++ b/system/core/Loader.php
@@ -1293,4 +1293,4 @@ class CI_Loader {
 }
 
 /* End of file Loader.php */
-/* Location: ./system/core/Loader.php */
+/* Location: ./system/core/Loader.php */
\ No newline at end of file
-- 
cgit v1.2.3-24-g4f1b


From a81a5effc439306807730002c19d8b4dda3c6f1d Mon Sep 17 00:00:00 2001
From: Tomaz Lovrec 
Date: Wed, 16 Oct 2013 11:29:57 +0200
Subject: Added possibility clear out the cached variables from the Loader.

---
 system/core/Loader.php | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

(limited to 'system/core')

diff --git a/system/core/Loader.php b/system/core/Loader.php
index 0c16632eb..e5829ca80 100644
--- a/system/core/Loader.php
+++ b/system/core/Loader.php
@@ -470,6 +470,20 @@ class CI_Loader {
 
 	// --------------------------------------------------------------------
 
+	/**
+	 * Clear Cached Variables
+	 * 
+	 * Clears the cached variables.
+	 * 
+	 * @return  void
+	 */
+	public function clear_vars()
+	{
+		$this->_ci_cached_vars = array();
+	}
+	
+	// --------------------------------------------------------------------
+
 	/**
 	 * Get Variable
 	 *
@@ -1293,4 +1307,4 @@ class CI_Loader {
 }
 
 /* End of file Loader.php */
-/* Location: ./system/core/Loader.php */
\ No newline at end of file
+/* Location: ./system/core/Loader.php */
-- 
cgit v1.2.3-24-g4f1b


From 8bb20a1ff7217c9f5125db49916da8a9b6574c19 Mon Sep 17 00:00:00 2001
From: Tomaz Lovrec 
Date: Wed, 16 Oct 2013 12:34:36 +0200
Subject: Fixed empty line at EOF and added changelog entry

---
 system/core/Loader.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'system/core')

diff --git a/system/core/Loader.php b/system/core/Loader.php
index e5829ca80..70c1e4154 100644
--- a/system/core/Loader.php
+++ b/system/core/Loader.php
@@ -1307,4 +1307,4 @@ class CI_Loader {
 }
 
 /* End of file Loader.php */
-/* Location: ./system/core/Loader.php */
+/* Location: ./system/core/Loader.php */
\ No newline at end of file
-- 
cgit v1.2.3-24-g4f1b


From 3a3d5f6c2320a90436de241af41fe22df7344728 Mon Sep 17 00:00:00 2001
From: vlakoff 
Date: Thu, 17 Oct 2013 22:22:16 +0200
Subject: Replace the last rand() with mt_rand()

Better entropy, faster.
Also fixed a few "it's" typos.
---
 system/core/Security.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Security.php b/system/core/Security.php
index 368e17dc3..6f5f5cb90 100644
--- a/system/core/Security.php
+++ b/system/core/Security.php
@@ -884,7 +884,7 @@ class CI_Security {
 	{
 		if ($this->_csrf_hash === '')
 		{
-			// If the cookie exists we will use it's value.
+			// If the cookie exists we will use its value.
 			// We don't necessarily want to regenerate it with
 			// each page load since a page could contain embedded
 			// sub-pages causing this feature to fail
@@ -894,7 +894,7 @@ class CI_Security {
 				return $this->_csrf_hash = $_COOKIE[$this->_csrf_cookie_name];
 			}
 
-			$this->_csrf_hash = md5(uniqid(rand(), TRUE));
+			$this->_csrf_hash = md5(uniqid(mt_rand(), TRUE));
 			$this->csrf_set_cookie();
 		}
 
-- 
cgit v1.2.3-24-g4f1b


From 3fa729d7092c814fe14e15d8d51789ce7907f2a8 Mon Sep 17 00:00:00 2001
From: Andrey Andreev 
Date: Fri, 18 Oct 2013 20:57:41 +0300
Subject: Fix issue #2681 (alternative to PR #2690)

---
 system/core/Security.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Security.php b/system/core/Security.php
index 6f5f5cb90..5c5c0efb6 100644
--- a/system/core/Security.php
+++ b/system/core/Security.php
@@ -553,9 +553,9 @@ class CI_Security {
 		{
 			$matches = $matches1 = 0;
 
+			$str = preg_replace('~(�*[0-9a-f]{2,5});?~iS', $str, -1, $matches);
+			$str = preg_replace('~(&#\d{2,4});?~S', $str, -1, $matches1);
 			$str = html_entity_decode($str, ENT_COMPAT, $charset);
-			$str = preg_replace('~&#x(0*[0-9a-f]{2,5})~ei', 'chr(hexdec("\\1"))', $str, -1, $matches);
-			$str = preg_replace('~&#([0-9]{2,4})~e', 'chr(\\1)', $str, -1, $matches1);
 		}
 		while ($matches OR $matches1);
 
-- 
cgit v1.2.3-24-g4f1b


From e08411d72226ba5b2f97b519051f78d978747e18 Mon Sep 17 00:00:00 2001
From: Andrey Andreev 
Date: Fri, 18 Oct 2013 21:13:56 +0300
Subject: Eh ... preg_replace() needs a replacement

---
 system/core/Security.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Security.php b/system/core/Security.php
index 5c5c0efb6..9423f825c 100644
--- a/system/core/Security.php
+++ b/system/core/Security.php
@@ -553,8 +553,8 @@ class CI_Security {
 		{
 			$matches = $matches1 = 0;
 
-			$str = preg_replace('~(�*[0-9a-f]{2,5});?~iS', $str, -1, $matches);
-			$str = preg_replace('~(&#\d{2,4});?~S', $str, -1, $matches1);
+			$str = preg_replace('~(�*[0-9a-f]{2,5});?~iS', '$1;', $str, -1, $matches);
+			$str = preg_replace('~(&#\d{2,4});?~S', '$1;', $str, -1, $matches1);
 			$str = html_entity_decode($str, ENT_COMPAT, $charset);
 		}
 		while ($matches OR $matches1);
-- 
cgit v1.2.3-24-g4f1b


From 6614367f62d2cbd9e8f979c9349cd5474b035866 Mon Sep 17 00:00:00 2001
From: Andrey Andreev 
Date: Tue, 22 Oct 2013 15:00:11 +0300
Subject: Fix CSS minifier

---
 system/core/Output.php | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Output.php b/system/core/Output.php
index 04209d920..719c43256 100644
--- a/system/core/Output.php
+++ b/system/core/Output.php
@@ -909,12 +909,12 @@ class CI_Output {
 					$next = $array_output[$key + 1];
 
 					// Strip spaces preceded/followed by a non-ASCII character
-					// or not preceded/followed by an alphanumeric
-					// or not preceded/followed \ $ and _
+					// that are not preceded/followed by an alphanumeric character,
+					// '\', '$', '_', '.' and '#'
 					if ((preg_match('/^[\x20-\x7f]*$/D', $next) OR preg_match('/^[\x20-\x7f]*$/D', $prev))
 						&& ( ! ctype_alnum($next) OR ! ctype_alnum($prev))
-						&& ! in_array($next, array('\\', '_', '$'), TRUE)
-						&& ! in_array($prev, array('\\', '_', '$'), TRUE)
+						&& ! in_array($next, array('\\', '_', '$', '.', '#'), TRUE)
+						&& ! in_array($prev, array('\\', '_', '$', '.', '#'), TRUE)
 					)
 					{
 						unset($array_output[$key]);
-- 
cgit v1.2.3-24-g4f1b


From 4c07fce7191ed5d9c393479406cce454a9c4a7cc Mon Sep 17 00:00:00 2001
From: vlakoff 
Date: Fri, 25 Oct 2013 01:20:32 +0200
Subject: Implement $protocol parameter in Config base_url() and site_url()
 methods

Let's keep the implementation logic in one place.
Improves 2023c3d05b042cf1322286d69557c2b8bf3bd8d5.
---
 system/core/Config.php | 28 ++++++++++++++++++++++------
 1 file changed, 22 insertions(+), 6 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Config.php b/system/core/Config.php
index 109ee6424..a0e830abe 100644
--- a/system/core/Config.php
+++ b/system/core/Config.php
@@ -228,13 +228,21 @@ class CI_Config {
 	 * @uses	CI_Config::_uri_string()
 	 *
 	 * @param	string|string[]	$uri	URI string or an array of segments
+	 * @param	string	$protocol
 	 * @return	string
 	 */
-	public function site_url($uri = '')
+	public function site_url($uri = '', $protocol = NULL)
 	{
+		$base_url = $this->slash_item('base_url');
+
+		if (isset($protocol))
+		{
+			$base_url = $protocol.substr($base_url, strpos($base_url, '://'));
+		}
+
 		if (empty($uri))
 		{
-			return $this->slash_item('base_url').$this->item('index_page');
+			return $base_url.$this->item('index_page');
 		}
 
 		$uri = $this->_uri_string($uri);
@@ -255,14 +263,14 @@ class CI_Config {
 				}
 			}
 
-			return $this->slash_item('base_url').$this->slash_item('index_page').$uri;
+			return $base_url.$this->slash_item('index_page').$uri;
 		}
 		elseif (strpos($uri, '?') === FALSE)
 		{
 			$uri = '?'.$uri;
 		}
 
-		return $this->slash_item('base_url').$this->item('index_page').$uri;
+		return $base_url.$this->item('index_page').$uri;
 	}
 
 	// -------------------------------------------------------------
@@ -275,11 +283,19 @@ class CI_Config {
 	 * @uses	CI_Config::_uri_string()
 	 *
 	 * @param	string|string[]	$uri	URI string or an array of segments
+	 * @param	string	$protocol
 	 * @return	string
 	 */
-	public function base_url($uri = '')
+	public function base_url($uri = '', $protocol = NULL)
 	{
-		return $this->slash_item('base_url').ltrim($this->_uri_string($uri), '/');
+		$base_url = $this->slash_item('base_url');
+
+		if (isset($protocol))
+		{
+			$base_url = $protocol.substr($base_url, strpos($base_url, '://'));
+		}
+
+		return $base_url.ltrim($this->_uri_string($uri), '/');
 	}
 
 	// -------------------------------------------------------------
-- 
cgit v1.2.3-24-g4f1b


From 6a424902ba0dbd59de2dd6e69bbf9e73d10c083d Mon Sep 17 00:00:00 2001
From: Andrey Andreev 
Date: Mon, 28 Oct 2013 14:16:18 +0200
Subject: An alternative to CI_Output::_minify_script_style() using more
 efficient regexp patterns

---
 system/core/Output.php | 102 ++++++++++++++++++++++++++++++++++++++++++++++---
 1 file changed, 97 insertions(+), 5 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Output.php b/system/core/Output.php
index 719c43256..cae1347bc 100644
--- a/system/core/Output.php
+++ b/system/core/Output.php
@@ -740,13 +740,13 @@ class CI_Output {
 				preg_match_all('{}msU', $output, $style_clean);
 				foreach ($style_clean[0] as $s)
 				{
-					$output = str_replace($s, $this->_minify_script_style($s, TRUE), $output);
+					$output = str_replace($s, $this->_minify_js_css($s, 'css', TRUE), $output);
 				}
 
 				// Minify the javascript in }msU', $output, $javascript_clean);
-
-				// Minify the CSS in all the }msU', $output, $style_clean);
-				foreach ($style_clean[0] as $s)
-				{
-					$output = str_replace($s, $this->_minify_js_css($s, 'css', TRUE), $output);
-				}
-
-				// Minify the javascript in }msU', $output, $javascript_messed);
-					$output = str_replace($javascript_messed[0], $javascript_mini, $output);
-				}
-
-				$size_removed = $size_before - strlen($output);
-				$savings_percent = round(($size_removed / $size_before * 100));
-
-				log_message('debug', 'Minifier shaved '.($size_removed / 1000).'KB ('.$savings_percent.'%) off final HTML output.');
-
-			break;
-
-			case 'text/css':
-
-				return $this->_minify_js_css($output, 'css');
-
-			case 'text/javascript':
-			case 'application/javascript':
-			case 'application/x-javascript':
-
-				return $this->_minify_js_css($output, 'js');
-
-			default: break;
-		}
-
-		return $output;
-	}
-
-	// --------------------------------------------------------------------
-
-	/**
-	 * Minify JavaScript and CSS code
-	 *
-	 * Strips comments and excessive whitespace characters
-	 *
-	 * @param	string	$output
-	 * @param	string	$type	'js' or 'css'
-	 * @param	bool	$tags	Whether $output contains the 'script' or 'style' tag
-	 * @return	string
-	 */
-	protected function _minify_js_css($output, $type, $tags = FALSE)
-	{
-		if ($tags === TRUE)
-		{
-			$tags = array('close' => strrchr($output, '<'));
-
-			$open_length = strpos($output, '>') + 1;
-			$tags['open'] = substr($output, 0, $open_length);
-
-			$output = substr($output, $open_length, -strlen($tags['close']));
-
-			// Strip spaces from the tags
-			$tags = preg_replace('#\s{2,}#', ' ', $tags);
-		}
-
-		$output = trim($output);
-
-		if ($type === 'js')
-		{
-			// Catch all string literals and comment blocks
-			if (preg_match_all('#((?:((??@\[\]^`{|}~])\s*#'	=> '$1',	// Remove spaces following and preceeding JS-wise non-special & non-word characters
-				'#\s{2,}#'					=> ' '		// Reduce the remaining multiple whitespace characters to a single space
-			);
-		}
-		else
-		{
-			$patterns = array(
-				'#/\*.*(?=\*/)\*/#s'	=> '',		// Remove /* block comments */
-				'#\n?//[^\n]*#'		=> '',		// Remove // line comments
-				'#\s*([^\w.\#%])\s*#U'	=> '$1',	// Remove spaces following and preceeding non-word characters, excluding dots, hashes and the percent sign
-				'#\s{2,}#'		=> ' '		// Reduce the remaining multiple space characters to a single space
-			);
-		}
-
-		$$varname = preg_replace(array_keys($patterns), array_values($patterns), $$varname);
-
-		// Glue back JS quoted strings
-		if ($type === 'js')
-		{
-			$js_code += $js_literals;
-			ksort($js_code);
-			$output = implode($js_code);
-			unset($js_code, $js_literals, $varname, $patterns);
-		}
-
-		return is_array($tags)
-			? $tags['open'].$output.$tags['close']
-			: $output;
-	}
-
 }
 
 /* End of file Output.php */
-- 
cgit v1.2.3-24-g4f1b


From bb177984d7207ecf0bf0e14a389e54d59e9ea0b8 Mon Sep 17 00:00:00 2001
From: warpcode 
Date: Tue, 16 Dec 2014 11:29:53 +0000
Subject: Fix Issue #3417

---
 system/core/Security.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Security.php b/system/core/Security.php
index 8adc35676..2ac61a540 100755
--- a/system/core/Security.php
+++ b/system/core/Security.php
@@ -673,7 +673,7 @@ class CI_Security {
 
 			// Decode numeric & UTF16 two byte entities
 			$str = html_entity_decode(
-				preg_replace('/(&#(?:x0*[0-9a-f]{2,5}(?![0-9a-f;]))|(?:0*\d{2,4}(?![0-9;])))/iS', '$1;', $str),
+				preg_replace('/(&#(?:x0*[0-9a-f]{2,5}(?![0-9a-f;])|(?:0*\d{2,4}(?![0-9;]))))/iS', '$1;', $str),
 				$flag,
 				$charset
 			);
@@ -995,4 +995,4 @@ class CI_Security {
 }
 
 /* End of file Security.php */
-/* Location: ./system/core/Security.php */
\ No newline at end of file
+/* Location: ./system/core/Security.php */
-- 
cgit v1.2.3-24-g4f1b


From e11657cc3f721a59ccb9cf37d3c099bd6d02e6ab Mon Sep 17 00:00:00 2001
From: Jason Taylor 
Date: Tue, 16 Dec 2014 12:33:36 +0000
Subject: Remove trailing newline

---
 system/core/Security.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'system/core')

diff --git a/system/core/Security.php b/system/core/Security.php
index 2ac61a540..8ad0518a4 100755
--- a/system/core/Security.php
+++ b/system/core/Security.php
@@ -995,4 +995,4 @@ class CI_Security {
 }
 
 /* End of file Security.php */
-/* Location: ./system/core/Security.php */
+/* Location: ./system/core/Security.php */
\ No newline at end of file
-- 
cgit v1.2.3-24-g4f1b


From 42bc6d51e15c180f35632d5c03c649225f8dbf74 Mon Sep 17 00:00:00 2001
From: Andrey Andreev 
Date: Tue, 16 Dec 2014 16:16:45 +0200
Subject: Fix #3419

---
 system/core/Config.php | 69 ++++++++++++++++++++------------------------------
 1 file changed, 28 insertions(+), 41 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Config.php b/system/core/Config.php
index d8a606c14..ca865cebf 100644
--- a/system/core/Config.php
+++ b/system/core/Config.php
@@ -120,74 +120,61 @@ class CI_Config {
 
 		foreach ($this->_config_paths as $path)
 		{
-			$found = FALSE;
-			foreach (array(ENVIRONMENT.'/'.$file, $file) as $location)
+			foreach (array($file, ENVIRONMENT.'/'.$file) as $location)
 			{
 				$file_path = $path.'config/'.$location.'.php';
 
 				if (in_array($file_path, $this->is_loaded, TRUE))
 				{
-					$loaded = TRUE;
-					continue 2;
+					return TRUE;
 				}
 
-				if (file_exists($file_path))
+				if ( ! file_exists($file_path))
 				{
-					$found = TRUE;
-					break;
+					continue;
 				}
-			}
-
-			if ($found === FALSE)
-			{
-				continue;
-			}
 
-			include($file_path);
+				include($file_path);
 
-			if ( ! isset($config) OR ! is_array($config))
-			{
-				if ($fail_gracefully === TRUE)
+				if ( ! isset($config) OR ! is_array($config))
 				{
-					return FALSE;
+					if ($fail_gracefully === TRUE)
+					{
+						return FALSE;
+					}
+
+					show_error('Your '.$file_path.' file does not appear to contain a valid configuration array.');
 				}
-				show_error('Your '.$file_path.' file does not appear to contain a valid configuration array.');
-			}
 
-			if ($use_sections === TRUE)
-			{
-				if (isset($this->config[$file]))
+				if ($use_sections === TRUE)
 				{
-					$this->config[$file] = array_merge($this->config[$file], $config);
+					$this->config[$file] = isset($this->config[$file])
+						? array_merge($this->config[$file], $config)
+						: $config;
 				}
 				else
 				{
-					$this->config[$file] = $config;
+					$this->config = array_merge($this->config, $config);
 				}
+
+				$this->is_loaded[] = $file_path;
+				$config = NULL;
+				$loaded = TRUE;
+				log_message('debug', 'Config file loaded: '.$file_path);
 			}
-			else
+
+			if ($loaded === TRUE)
 			{
-				$this->config = array_merge($this->config, $config);
+				return TRUE;
 			}
-
-			$this->is_loaded[] = $file_path;
-			unset($config);
-
-			$loaded = TRUE;
-			log_message('debug', 'Config file loaded: '.$file_path);
-			break;
 		}
 
-		if ($loaded === FALSE)
+		if ($fail_gracefully === TRUE)
 		{
-			if ($fail_gracefully === TRUE)
-			{
-				return FALSE;
-			}
-			show_error('The configuration file '.$file.'.php does not exist.');
+			return FALSE;
 		}
 
-		return TRUE;
+		show_error('The configuration file '.$file.'.php does not exist.');
 	}
 
 	// --------------------------------------------------------------------
-- 
cgit v1.2.3-24-g4f1b


From 95c31adc770164f27c8dd678f30c60494827af02 Mon Sep 17 00:00:00 2001
From: Andrey Andreev 
Date: Wed, 17 Dec 2014 19:01:31 +0200
Subject: Extend fix for #3419

---
 system/core/Loader.php | 38 +++++++++++++++++++++-----------------
 1 file changed, 21 insertions(+), 17 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Loader.php b/system/core/Loader.php
index e0a7d5e1b..afdedf522 100644
--- a/system/core/Loader.php
+++ b/system/core/Loader.php
@@ -1090,31 +1090,38 @@ class CI_Loader {
 
 			if (is_array($config_component->_config_paths))
 			{
-				// Break on the first found file, thus package files
-				// are not overridden by default paths
+				$found = FALSE;
 				foreach ($config_component->_config_paths as $path)
 				{
 					// We test for both uppercase and lowercase, for servers that
-					// are case-sensitive with regard to file names. Check for environment
-					// first, global next
+					// are case-sensitive with regard to file names. Load global first,
+					// override with environment next
+					if (file_exists($path.'config/'.strtolower($class).'.php'))
+					{
+						include($path.'config/'.strtolower($class).'.php');
+						$found = TRUE;
+					}
+					elseif (file_exists($path.'config/'.ucfirst(strtolower($class)).'.php'))
+					{
+						include($path.'config/'.ucfirst(strtolower($class)).'.php');
+						$found = TRUE;
+					}
+
 					if (file_exists($path.'config/'.ENVIRONMENT.'/'.strtolower($class).'.php'))
 					{
 						include($path.'config/'.ENVIRONMENT.'/'.strtolower($class).'.php');
-						break;
+						$found = TRUE;
 					}
 					elseif (file_exists($path.'config/'.ENVIRONMENT.'/'.ucfirst(strtolower($class)).'.php'))
 					{
 						include($path.'config/'.ENVIRONMENT.'/'.ucfirst(strtolower($class)).'.php');
-						break;
+						$found = TRUE;
 					}
-					elseif (file_exists($path.'config/'.strtolower($class).'.php'))
-					{
-						include($path.'config/'.strtolower($class).'.php');
-						break;
-					}
-					elseif (file_exists($path.'config/'.ucfirst(strtolower($class)).'.php'))
+
+					// Break on the first found configuration, thus package
+					// files are not overridden by default paths
+					if ($found === TRUE)
 					{
-						include($path.'config/'.ucfirst(strtolower($class)).'.php');
 						break;
 					}
 				}
@@ -1193,14 +1200,11 @@ class CI_Loader {
 	 */
 	protected function _ci_autoloader()
 	{
+		include(APPPATH.'config/autoload.php');
 		if (file_exists(APPPATH.'config/'.ENVIRONMENT.'/autoload.php'))
 		{
 			include(APPPATH.'config/'.ENVIRONMENT.'/autoload.php');
 		}
-		else
-		{
-			include(APPPATH.'config/autoload.php');
-		}
 
 		if ( ! isset($autoload))
 		{
-- 
cgit v1.2.3-24-g4f1b


From f83262eceefb37053a8a025fefff0cbb03985f2f Mon Sep 17 00:00:00 2001
From: Gabriel Potkány 
Date: Fri, 19 Dec 2014 12:35:00 +0100
Subject: Support for microseconds

---
 system/core/Log.php | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

(limited to 'system/core')

diff --git a/system/core/Log.php b/system/core/Log.php
index b0576c58f..ab8ae2857 100644
--- a/system/core/Log.php
+++ b/system/core/Log.php
@@ -198,7 +198,12 @@ class CI_Log {
 			return FALSE;
 		}
 
-		$message .= $level.' - '.date($this->_date_fmt).' --> '.$msg."\n";
+		// Instantiate DateTime with microseconds accuracy to allow proper use of "u" character in date format
+		$t = microtime(true);
+		$micro = sprintf("%06d",($t - floor($t)) * 1000000);
+		$date = new DateTime(date('Y-m-d H:i:s.'.$micro, $t));
+
+		$message .= $level.' - '.$date->format($this->_date_fmt).' --> '.$msg."\n";
 
 		flock($fp, LOCK_EX);
 
-- 
cgit v1.2.3-24-g4f1b


From 53e8303f3f38244aaf7c79848f6bf8f01cfb0d95 Mon Sep 17 00:00:00 2001
From: Gabriel Potkány 
Date: Sat, 20 Dec 2014 00:00:23 +0100
Subject: Make µs support conditional and fix style
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 system/core/Log.php | 18 +++++++++++++-----
 1 file changed, 13 insertions(+), 5 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Log.php b/system/core/Log.php
index ab8ae2857..ccaaf4b9a 100644
--- a/system/core/Log.php
+++ b/system/core/Log.php
@@ -198,12 +198,20 @@ class CI_Log {
 			return FALSE;
 		}
 
-		// Instantiate DateTime with microseconds accuracy to allow proper use of "u" character in date format
-		$t = microtime(true);
-		$micro = sprintf("%06d",($t - floor($t)) * 1000000);
-		$date = new DateTime(date('Y-m-d H:i:s.'.$micro, $t));
+		// Instantiating DateTime with microseconds appended to initial date is needed for proper support of this format
+		if (strpos($this->_date_fmt, 'u') !== FALSE)
+		{
+			$microtime_full = microtime(TRUE);
+			$microtime_short = sprintf("%06d", ($microtime_full - floor($microtime_full)) * 1000000);
+			$date = new DateTime(date('Y-m-d H:i:s.'.$microtime_short, $microtime_full));
+			$date = $date->format($this->_date_fmt);
+		}
+		else
+		{
+			$date = date($this->_date_fmt);
+		}
 
-		$message .= $level.' - '.$date->format($this->_date_fmt).' --> '.$msg."\n";
+		$message .= $level.' - '.$date.' --> '.$msg."\n";
 
 		flock($fp, LOCK_EX);
 
-- 
cgit v1.2.3-24-g4f1b


From 72d63cdb448284251a2fccb45f509117e45ea2b9 Mon Sep 17 00:00:00 2001
From: Claudio Galdiolo 
Date: Mon, 22 Dec 2014 15:18:14 -0500
Subject: fix typo in the comments

---
 system/core/CodeIgniter.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'system/core')

diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php
index 88e730bc3..b1da42d54 100644
--- a/system/core/CodeIgniter.php
+++ b/system/core/CodeIgniter.php
@@ -145,7 +145,7 @@ if ( ! is_php('5.4'))
  * The subclass prefix allows CI to know if a core class is
  * being extended via a library in the local application
  * "libraries" folder. Since CI allows config items to be
- * overriden via data set in the main index.php file,
+ * overridden via data set in the main index.php file,
  * before proceeding we need to know if a subclass_prefix
  * override exists. If so, we will set this value now,
  * before any classes are loaded
-- 
cgit v1.2.3-24-g4f1b


From 1e5a9b18f0cbef5092b95378e34ad8e7eaf0c7e7 Mon Sep 17 00:00:00 2001
From: Andrey Andreev 
Date: Sat, 3 Jan 2015 20:25:38 +0200
Subject: Fix #3453

Allow hyphens and underscores in language idioms.
---
 system/core/Lang.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'system/core')

diff --git a/system/core/Lang.php b/system/core/Lang.php
index c0cd34a3d..9aaf944ce 100644
--- a/system/core/Lang.php
+++ b/system/core/Lang.php
@@ -106,7 +106,7 @@ class CI_Lang {
 
 		$langfile .= '.php';
 
-		if (empty($idiom) OR ! ctype_alpha($idiom))
+		if (empty($idiom) OR ! preg_match('/^[a-z_-]$/i', $idiom))
 		{
 			$config =& get_config();
 			$idiom = empty($config['language']) ? 'english' : $config['language'];
-- 
cgit v1.2.3-24-g4f1b


From 4be16041b2bd585d5715cb65e147241bbdff2106 Mon Sep 17 00:00:00 2001
From: vlakoff 
Date: Sun, 4 Jan 2015 17:16:20 +0100
Subject: Change order of hooks loading

Let override hooks via environment-specific config.
---
 system/core/Hooks.php | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Hooks.php b/system/core/Hooks.php
index 57e4a99a6..4ec7698d7 100644
--- a/system/core/Hooks.php
+++ b/system/core/Hooks.php
@@ -99,14 +99,14 @@ class CI_Hooks {
 		}
 
 		// Grab the "hooks" definition file.
-		if (file_exists(APPPATH.'config/'.ENVIRONMENT.'/hooks.php'))
+		if (file_exists(APPPATH.'config/hooks.php'))
 		{
-			include(APPPATH.'config/'.ENVIRONMENT.'/hooks.php');
+			include(APPPATH.'config/hooks.php');
 		}
 
-		if (file_exists(APPPATH.'config/hooks.php'))
+		if (file_exists(APPPATH.'config/'.ENVIRONMENT.'/hooks.php'))
 		{
-			include(APPPATH.'config/hooks.php');
+			include(APPPATH.'config/'.ENVIRONMENT.'/hooks.php');
 		}
 
 		// If there are no hooks, we're done.
-- 
cgit v1.2.3-24-g4f1b


From 93455e31f1f88fa88394091a5156ac96e61c4179 Mon Sep 17 00:00:00 2001
From: Andrey Andreev 
Date: Fri, 9 Jan 2015 16:15:45 +0200
Subject: Fix E_WARNING in CI_Security::entity_decode() on PHP<5.3.4

Related: #3057
Previous commit: 487d1ae060e6414e0a59c9752a4914fa3b8c4710
---
 system/core/Security.php | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

(limited to 'system/core')

diff --git a/system/core/Security.php b/system/core/Security.php
index 8ad0518a4..6b1140562 100755
--- a/system/core/Security.php
+++ b/system/core/Security.php
@@ -644,7 +644,12 @@ class CI_Security {
 			{
 				if ( ! isset($_entities))
 				{
-					$_entities = array_map('strtolower', get_html_translation_table(HTML_ENTITIES, $flag, $charset));
+					$_entities = array_map(
+						'strtolower',
+						is_php('5.3.4')
+							? get_html_translation_table(HTML_ENTITIES, $flag, $charset)
+							: get_html_translation_table(HTML_ENTITIES, $flag)
+					);
 
 					// If we're not on PHP 5.4+, add the possibly dangerous HTML 5
 					// entities to the array manually
-- 
cgit v1.2.3-24-g4f1b


From fe9309d22c1b088f5363954d6dac013c8c955894 Mon Sep 17 00:00:00 2001
From: Andrey Andreev 
Date: Fri, 9 Jan 2015 17:48:58 +0200
Subject: Bulk (mostly documentation) update

 - Remove PHP version from license notices
 - Bump year number in copyright notices
 - Recommend PHP 5.4 or newer to be used
 - Tell Travis-CI to test on PHP 5.3.0 instead of the latest 5.3 version

Related: #3450
---
 system/core/Benchmark.php       | 6 +++---
 system/core/CodeIgniter.php     | 6 +++---
 system/core/Common.php          | 6 +++---
 system/core/Config.php          | 6 +++---
 system/core/Controller.php      | 6 +++---
 system/core/Exceptions.php      | 6 +++---
 system/core/Hooks.php           | 6 +++---
 system/core/Input.php           | 6 +++---
 system/core/Lang.php            | 6 +++---
 system/core/Loader.php          | 6 +++---
 system/core/Log.php             | 6 +++---
 system/core/Model.php           | 6 +++---
 system/core/Output.php          | 6 +++---
 system/core/Router.php          | 6 +++---
 system/core/Security.php        | 6 +++---
 system/core/URI.php             | 6 +++---
 system/core/Utf8.php            | 6 +++---
 system/core/compat/hash.php     | 6 +++---
 system/core/compat/mbstring.php | 6 +++---
 system/core/compat/password.php | 6 +++---
 system/core/compat/standard.php | 6 +++---
 21 files changed, 63 insertions(+), 63 deletions(-)
 mode change 100755 => 100644 system/core/Security.php

(limited to 'system/core')

diff --git a/system/core/Benchmark.php b/system/core/Benchmark.php
index b661e9451..86f3ae1aa 100644
--- a/system/core/Benchmark.php
+++ b/system/core/Benchmark.php
@@ -2,11 +2,11 @@
 /**
  * CodeIgniter
  *
- * An open source application development framework for PHP 5.2.4 or newer
+ * An open source application development framework for PHP
  *
  * This content is released under the MIT License (MIT)
  *
- * Copyright (c) 2014, British Columbia Institute of Technology
+ * Copyright (c) 2014 - 2015, British Columbia Institute of Technology
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -29,7 +29,7 @@
  * @package	CodeIgniter
  * @author	EllisLab Dev Team
  * @copyright	Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/)
- * @copyright	Copyright (c) 2014, British Columbia Institute of Technology (http://bcit.ca/)
+ * @copyright	Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/)
  * @license	http://opensource.org/licenses/MIT	MIT License
  * @link	http://codeigniter.com
  * @since	Version 1.0.0
diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php
index b1da42d54..59fdba0e5 100644
--- a/system/core/CodeIgniter.php
+++ b/system/core/CodeIgniter.php
@@ -2,11 +2,11 @@
 /**
  * CodeIgniter
  *
- * An open source application development framework for PHP 5.2.4 or newer
+ * An open source application development framework for PHP
  *
  * This content is released under the MIT License (MIT)
  *
- * Copyright (c) 2014, British Columbia Institute of Technology
+ * Copyright (c) 2014 - 2015, British Columbia Institute of Technology
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -29,7 +29,7 @@
  * @package	CodeIgniter
  * @author	EllisLab Dev Team
  * @copyright	Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/)
- * @copyright	Copyright (c) 2014, British Columbia Institute of Technology (http://bcit.ca/)
+ * @copyright	Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/)
  * @license	http://opensource.org/licenses/MIT	MIT License
  * @link	http://codeigniter.com
  * @since	Version 1.0.0
diff --git a/system/core/Common.php b/system/core/Common.php
index efb52e788..b5a36636e 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -2,11 +2,11 @@
 /**
  * CodeIgniter
  *
- * An open source application development framework for PHP 5.2.4 or newer
+ * An open source application development framework for PHP
  *
  * This content is released under the MIT License (MIT)
  *
- * Copyright (c) 2014, British Columbia Institute of Technology
+ * Copyright (c) 2014 - 2015, British Columbia Institute of Technology
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -29,7 +29,7 @@
  * @package	CodeIgniter
  * @author	EllisLab Dev Team
  * @copyright	Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/)
- * @copyright	Copyright (c) 2014, British Columbia Institute of Technology (http://bcit.ca/)
+ * @copyright	Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/)
  * @license	http://opensource.org/licenses/MIT	MIT License
  * @link	http://codeigniter.com
  * @since	Version 1.0.0
diff --git a/system/core/Config.php b/system/core/Config.php
index ca865cebf..d5ce91f48 100644
--- a/system/core/Config.php
+++ b/system/core/Config.php
@@ -2,11 +2,11 @@
 /**
  * CodeIgniter
  *
- * An open source application development framework for PHP 5.2.4 or newer
+ * An open source application development framework for PHP
  *
  * This content is released under the MIT License (MIT)
  *
- * Copyright (c) 2014, British Columbia Institute of Technology
+ * Copyright (c) 2014 - 2015, British Columbia Institute of Technology
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -29,7 +29,7 @@
  * @package	CodeIgniter
  * @author	EllisLab Dev Team
  * @copyright	Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/)
- * @copyright	Copyright (c) 2014, British Columbia Institute of Technology (http://bcit.ca/)
+ * @copyright	Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/)
  * @license	http://opensource.org/licenses/MIT	MIT License
  * @link	http://codeigniter.com
  * @since	Version 1.0.0
diff --git a/system/core/Controller.php b/system/core/Controller.php
index f553d1f3d..06005b058 100644
--- a/system/core/Controller.php
+++ b/system/core/Controller.php
@@ -2,11 +2,11 @@
 /**
  * CodeIgniter
  *
- * An open source application development framework for PHP 5.2.4 or newer
+ * An open source application development framework for PHP
  *
  * This content is released under the MIT License (MIT)
  *
- * Copyright (c) 2014, British Columbia Institute of Technology
+ * Copyright (c) 2014 - 2015, British Columbia Institute of Technology
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -29,7 +29,7 @@
  * @package	CodeIgniter
  * @author	EllisLab Dev Team
  * @copyright	Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/)
- * @copyright	Copyright (c) 2014, British Columbia Institute of Technology (http://bcit.ca/)
+ * @copyright	Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/)
  * @license	http://opensource.org/licenses/MIT	MIT License
  * @link	http://codeigniter.com
  * @since	Version 1.0.0
diff --git a/system/core/Exceptions.php b/system/core/Exceptions.php
index 0531a4e92..550e03b78 100644
--- a/system/core/Exceptions.php
+++ b/system/core/Exceptions.php
@@ -2,11 +2,11 @@
 /**
  * CodeIgniter
  *
- * An open source application development framework for PHP 5.2.4 or newer
+ * An open source application development framework for PHP
  *
  * This content is released under the MIT License (MIT)
  *
- * Copyright (c) 2014, British Columbia Institute of Technology
+ * Copyright (c) 2014 - 2015, British Columbia Institute of Technology
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -29,7 +29,7 @@
  * @package	CodeIgniter
  * @author	EllisLab Dev Team
  * @copyright	Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/)
- * @copyright	Copyright (c) 2014, British Columbia Institute of Technology (http://bcit.ca/)
+ * @copyright	Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/)
  * @license	http://opensource.org/licenses/MIT	MIT License
  * @link	http://codeigniter.com
  * @since	Version 1.0.0
diff --git a/system/core/Hooks.php b/system/core/Hooks.php
index 4ec7698d7..429d6bceb 100644
--- a/system/core/Hooks.php
+++ b/system/core/Hooks.php
@@ -2,11 +2,11 @@
 /**
  * CodeIgniter
  *
- * An open source application development framework for PHP 5.2.4 or newer
+ * An open source application development framework for PHP
  *
  * This content is released under the MIT License (MIT)
  *
- * Copyright (c) 2014, British Columbia Institute of Technology
+ * Copyright (c) 2014 - 2015, British Columbia Institute of Technology
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -29,7 +29,7 @@
  * @package	CodeIgniter
  * @author	EllisLab Dev Team
  * @copyright	Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/)
- * @copyright	Copyright (c) 2014, British Columbia Institute of Technology (http://bcit.ca/)
+ * @copyright	Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/)
  * @license	http://opensource.org/licenses/MIT	MIT License
  * @link	http://codeigniter.com
  * @since	Version 1.0.0
diff --git a/system/core/Input.php b/system/core/Input.php
index 0c6025d1e..358417c79 100644
--- a/system/core/Input.php
+++ b/system/core/Input.php
@@ -2,11 +2,11 @@
 /**
  * CodeIgniter
  *
- * An open source application development framework for PHP 5.2.4 or newer
+ * An open source application development framework for PHP
  *
  * This content is released under the MIT License (MIT)
  *
- * Copyright (c) 2014, British Columbia Institute of Technology
+ * Copyright (c) 2014 - 2015, British Columbia Institute of Technology
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -29,7 +29,7 @@
  * @package	CodeIgniter
  * @author	EllisLab Dev Team
  * @copyright	Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/)
- * @copyright	Copyright (c) 2014, British Columbia Institute of Technology (http://bcit.ca/)
+ * @copyright	Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/)
  * @license	http://opensource.org/licenses/MIT	MIT License
  * @link	http://codeigniter.com
  * @since	Version 1.0.0
diff --git a/system/core/Lang.php b/system/core/Lang.php
index 9aaf944ce..c74729035 100644
--- a/system/core/Lang.php
+++ b/system/core/Lang.php
@@ -2,11 +2,11 @@
 /**
  * CodeIgniter
  *
- * An open source application development framework for PHP 5.2.4 or newer
+ * An open source application development framework for PHP
  *
  * This content is released under the MIT License (MIT)
  *
- * Copyright (c) 2014, British Columbia Institute of Technology
+ * Copyright (c) 2014 - 2015, British Columbia Institute of Technology
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -29,7 +29,7 @@
  * @package	CodeIgniter
  * @author	EllisLab Dev Team
  * @copyright	Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/)
- * @copyright	Copyright (c) 2014, British Columbia Institute of Technology (http://bcit.ca/)
+ * @copyright	Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/)
  * @license	http://opensource.org/licenses/MIT	MIT License
  * @link	http://codeigniter.com
  * @since	Version 1.0.0
diff --git a/system/core/Loader.php b/system/core/Loader.php
index afdedf522..d930dbfa8 100644
--- a/system/core/Loader.php
+++ b/system/core/Loader.php
@@ -2,11 +2,11 @@
 /**
  * CodeIgniter
  *
- * An open source application development framework for PHP 5.2.4 or newer
+ * An open source application development framework for PHP
  *
  * This content is released under the MIT License (MIT)
  *
- * Copyright (c) 2014, British Columbia Institute of Technology
+ * Copyright (c) 2014 - 2015, British Columbia Institute of Technology
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -29,7 +29,7 @@
  * @package	CodeIgniter
  * @author	EllisLab Dev Team
  * @copyright	Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/)
- * @copyright	Copyright (c) 2014, British Columbia Institute of Technology (http://bcit.ca/)
+ * @copyright	Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/)
  * @license	http://opensource.org/licenses/MIT	MIT License
  * @link	http://codeigniter.com
  * @since	Version 1.0.0
diff --git a/system/core/Log.php b/system/core/Log.php
index b0576c58f..7d318ed57 100644
--- a/system/core/Log.php
+++ b/system/core/Log.php
@@ -2,11 +2,11 @@
 /**
  * CodeIgniter
  *
- * An open source application development framework for PHP 5.2.4 or newer
+ * An open source application development framework for PHP
  *
  * This content is released under the MIT License (MIT)
  *
- * Copyright (c) 2014, British Columbia Institute of Technology
+ * Copyright (c) 2014 - 2015, British Columbia Institute of Technology
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -29,7 +29,7 @@
  * @package	CodeIgniter
  * @author	EllisLab Dev Team
  * @copyright	Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/)
- * @copyright	Copyright (c) 2014, British Columbia Institute of Technology (http://bcit.ca/)
+ * @copyright	Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/)
  * @license	http://opensource.org/licenses/MIT	MIT License
  * @link	http://codeigniter.com
  * @since	Version 1.0.0
diff --git a/system/core/Model.php b/system/core/Model.php
index c5dff29ec..1cb00f742 100644
--- a/system/core/Model.php
+++ b/system/core/Model.php
@@ -2,11 +2,11 @@
 /**
  * CodeIgniter
  *
- * An open source application development framework for PHP 5.2.4 or newer
+ * An open source application development framework for PHP
  *
  * This content is released under the MIT License (MIT)
  *
- * Copyright (c) 2014, British Columbia Institute of Technology
+ * Copyright (c) 2014 - 2015, British Columbia Institute of Technology
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -29,7 +29,7 @@
  * @package	CodeIgniter
  * @author	EllisLab Dev Team
  * @copyright	Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/)
- * @copyright	Copyright (c) 2014, British Columbia Institute of Technology (http://bcit.ca/)
+ * @copyright	Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/)
  * @license	http://opensource.org/licenses/MIT	MIT License
  * @link	http://codeigniter.com
  * @since	Version 1.0.0
diff --git a/system/core/Output.php b/system/core/Output.php
index 09d251fe2..beac6b377 100644
--- a/system/core/Output.php
+++ b/system/core/Output.php
@@ -2,11 +2,11 @@
 /**
  * CodeIgniter
  *
- * An open source application development framework for PHP 5.2.4 or newer
+ * An open source application development framework for PHP
  *
  * This content is released under the MIT License (MIT)
  *
- * Copyright (c) 2014, British Columbia Institute of Technology
+ * Copyright (c) 2014 - 2015, British Columbia Institute of Technology
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -29,7 +29,7 @@
  * @package	CodeIgniter
  * @author	EllisLab Dev Team
  * @copyright	Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/)
- * @copyright	Copyright (c) 2014, British Columbia Institute of Technology (http://bcit.ca/)
+ * @copyright	Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/)
  * @license	http://opensource.org/licenses/MIT	MIT License
  * @link	http://codeigniter.com
  * @since	Version 1.0.0
diff --git a/system/core/Router.php b/system/core/Router.php
index d86735f5f..b21335fc2 100644
--- a/system/core/Router.php
+++ b/system/core/Router.php
@@ -2,11 +2,11 @@
 /**
  * CodeIgniter
  *
- * An open source application development framework for PHP 5.2.4 or newer
+ * An open source application development framework for PHP
  *
  * This content is released under the MIT License (MIT)
  *
- * Copyright (c) 2014, British Columbia Institute of Technology
+ * Copyright (c) 2014 - 2015, British Columbia Institute of Technology
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -29,7 +29,7 @@
  * @package	CodeIgniter
  * @author	EllisLab Dev Team
  * @copyright	Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/)
- * @copyright	Copyright (c) 2014, British Columbia Institute of Technology (http://bcit.ca/)
+ * @copyright	Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/)
  * @license	http://opensource.org/licenses/MIT	MIT License
  * @link	http://codeigniter.com
  * @since	Version 1.0.0
diff --git a/system/core/Security.php b/system/core/Security.php
old mode 100755
new mode 100644
index 6b1140562..2bf0f6284
--- a/system/core/Security.php
+++ b/system/core/Security.php
@@ -2,11 +2,11 @@
 /**
  * CodeIgniter
  *
- * An open source application development framework for PHP 5.2.4 or newer
+ * An open source application development framework for PHP
  *
  * This content is released under the MIT License (MIT)
  *
- * Copyright (c) 2014, British Columbia Institute of Technology
+ * Copyright (c) 2014 - 2015, British Columbia Institute of Technology
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -29,7 +29,7 @@
  * @package	CodeIgniter
  * @author	EllisLab Dev Team
  * @copyright	Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/)
- * @copyright	Copyright (c) 2014, British Columbia Institute of Technology (http://bcit.ca/)
+ * @copyright	Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/)
  * @license	http://opensource.org/licenses/MIT	MIT License
  * @link	http://codeigniter.com
  * @since	Version 1.0.0
diff --git a/system/core/URI.php b/system/core/URI.php
index 790910169..39d1a8f30 100644
--- a/system/core/URI.php
+++ b/system/core/URI.php
@@ -2,11 +2,11 @@
 /**
  * CodeIgniter
  *
- * An open source application development framework for PHP 5.2.4 or newer
+ * An open source application development framework for PHP
  *
  * This content is released under the MIT License (MIT)
  *
- * Copyright (c) 2014, British Columbia Institute of Technology
+ * Copyright (c) 2014 - 2015, British Columbia Institute of Technology
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -29,7 +29,7 @@
  * @package	CodeIgniter
  * @author	EllisLab Dev Team
  * @copyright	Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/)
- * @copyright	Copyright (c) 2014, British Columbia Institute of Technology (http://bcit.ca/)
+ * @copyright	Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/)
  * @license	http://opensource.org/licenses/MIT	MIT License
  * @link	http://codeigniter.com
  * @since	Version 1.0.0
diff --git a/system/core/Utf8.php b/system/core/Utf8.php
index 52f21de75..bca95c206 100644
--- a/system/core/Utf8.php
+++ b/system/core/Utf8.php
@@ -2,11 +2,11 @@
 /**
  * CodeIgniter
  *
- * An open source application development framework for PHP 5.2.4 or newer
+ * An open source application development framework for PHP
  *
  * This content is released under the MIT License (MIT)
  *
- * Copyright (c) 2014, British Columbia Institute of Technology
+ * Copyright (c) 2014 - 2015, British Columbia Institute of Technology
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -29,7 +29,7 @@
  * @package	CodeIgniter
  * @author	EllisLab Dev Team
  * @copyright	Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/)
- * @copyright	Copyright (c) 2014, British Columbia Institute of Technology (http://bcit.ca/)
+ * @copyright	Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/)
  * @license	http://opensource.org/licenses/MIT	MIT License
  * @link	http://codeigniter.com
  * @since	Version 2.0.0
diff --git a/system/core/compat/hash.php b/system/core/compat/hash.php
index d59815c9d..aeacabdb9 100644
--- a/system/core/compat/hash.php
+++ b/system/core/compat/hash.php
@@ -2,11 +2,11 @@
 /**
  * CodeIgniter
  *
- * An open source application development framework for PHP 5.2.4 or newer
+ * An open source application development framework for PHP
  *
  * This content is released under the MIT License (MIT)
  *
- * Copyright (c) 2014, British Columbia Institute of Technology
+ * Copyright (c) 2014 - 2015, British Columbia Institute of Technology
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -29,7 +29,7 @@
  * @package	CodeIgniter
  * @author	EllisLab Dev Team
  * @copyright	Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/)
- * @copyright	Copyright (c) 2014, British Columbia Institute of Technology (http://bcit.ca/)
+ * @copyright	Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/)
  * @license	http://opensource.org/licenses/MIT	MIT License
  * @link	http://codeigniter.com
  * @since	Version 3.0.0
diff --git a/system/core/compat/mbstring.php b/system/core/compat/mbstring.php
index bc1238e8e..52ca6d02f 100644
--- a/system/core/compat/mbstring.php
+++ b/system/core/compat/mbstring.php
@@ -2,11 +2,11 @@
 /**
  * CodeIgniter
  *
- * An open source application development framework for PHP 5.2.4 or newer
+ * An open source application development framework for PHP
  *
  * This content is released under the MIT License (MIT)
  *
- * Copyright (c) 2014, British Columbia Institute of Technology
+ * Copyright (c) 2014 - 2015, British Columbia Institute of Technology
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -29,7 +29,7 @@
  * @package	CodeIgniter
  * @author	EllisLab Dev Team
  * @copyright	Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/)
- * @copyright	Copyright (c) 2014, British Columbia Institute of Technology (http://bcit.ca/)
+ * @copyright	Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/)
  * @license	http://opensource.org/licenses/MIT	MIT License
  * @link	http://codeigniter.com
  * @since	Version 3.0.0
diff --git a/system/core/compat/password.php b/system/core/compat/password.php
index f1c9178a8..00befb022 100644
--- a/system/core/compat/password.php
+++ b/system/core/compat/password.php
@@ -2,11 +2,11 @@
 /**
  * CodeIgniter
  *
- * An open source application development framework for PHP 5.2.4 or newer
+ * An open source application development framework for PHP
  *
  * This content is released under the MIT License (MIT)
  *
- * Copyright (c) 2014, British Columbia Institute of Technology
+ * Copyright (c) 2014 - 2015, British Columbia Institute of Technology
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -29,7 +29,7 @@
  * @package	CodeIgniter
  * @author	EllisLab Dev Team
  * @copyright	Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/)
- * @copyright	Copyright (c) 2014, British Columbia Institute of Technology (http://bcit.ca/)
+ * @copyright	Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/)
  * @license	http://opensource.org/licenses/MIT	MIT License
  * @link	http://codeigniter.com
  * @since	Version 3.0.0
diff --git a/system/core/compat/standard.php b/system/core/compat/standard.php
index e4f1f679e..f24f7f8ae 100644
--- a/system/core/compat/standard.php
+++ b/system/core/compat/standard.php
@@ -2,11 +2,11 @@
 /**
  * CodeIgniter
  *
- * An open source application development framework for PHP 5.2.4 or newer
+ * An open source application development framework for PHP
  *
  * This content is released under the MIT License (MIT)
  *
- * Copyright (c) 2014, British Columbia Institute of Technology
+ * Copyright (c) 2014 - 2015, British Columbia Institute of Technology
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -29,7 +29,7 @@
  * @package	CodeIgniter
  * @author	EllisLab Dev Team
  * @copyright	Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/)
- * @copyright	Copyright (c) 2014, British Columbia Institute of Technology (http://bcit.ca/)
+ * @copyright	Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/)
  * @license	http://opensource.org/licenses/MIT	MIT License
  * @link	http://codeigniter.com
  * @since	Version 3.0.0
-- 
cgit v1.2.3-24-g4f1b


From 7a829720e3116f3e132e543d91f4fe32ab2b895c Mon Sep 17 00:00:00 2001
From: Andrey Andreev 
Date: Sun, 11 Jan 2015 04:37:46 +0200
Subject: Fix #3464

---
 system/core/Lang.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'system/core')

diff --git a/system/core/Lang.php b/system/core/Lang.php
index c74729035..fe1dc1a9d 100644
--- a/system/core/Lang.php
+++ b/system/core/Lang.php
@@ -106,7 +106,7 @@ class CI_Lang {
 
 		$langfile .= '.php';
 
-		if (empty($idiom) OR ! preg_match('/^[a-z_-]$/i', $idiom))
+		if (empty($idiom) OR ! preg_match('/^[a-z_-]+$/i', $idiom))
 		{
 			$config =& get_config();
 			$idiom = empty($config['language']) ? 'english' : $config['language'];
-- 
cgit v1.2.3-24-g4f1b


From 38666660a0d3b9a91cffb27c0fb519340e76ba5d Mon Sep 17 00:00:00 2001
From: Andrey Andreev 
Date: Tue, 13 Jan 2015 15:53:25 +0200
Subject: Handle false-positive string values for display_errors

---
 system/core/Common.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Common.php b/system/core/Common.php
index b5a36636e..71da829d3 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -615,7 +615,7 @@ if ( ! function_exists('_error_handler'))
 		$_error->log_exception($severity, $message, $filepath, $line);
 
 		// Should we display the error?
-		if (ini_get('display_errors'))
+		if (str_ireplace(array('off', 'none', 'no', 'false', 'null'), '', ini_get('display_errors')))
 		{
 			$_error->show_php_error($severity, $message, $filepath, $line);
 		}
@@ -650,7 +650,7 @@ if ( ! function_exists('_exception_handler'))
 		$_error->log_exception('error', 'Exception: '.$exception->getMessage(), $exception->getFile(), $exception->getLine());
 
 		// Should we display the error?
-		if (ini_get('display_errors'))
+		if (str_ireplace(array('off', 'none', 'no', 'false', 'null'), '', ini_get('display_errors')))
 		{
 			$_error->show_exception($exception);
 		}
-- 
cgit v1.2.3-24-g4f1b


From 90726b8c769ea75aec34814ddfa91655d488e6c3 Mon Sep 17 00:00:00 2001
From: Andrey Andreev 
Date: Tue, 20 Jan 2015 12:39:22 +0200
Subject: [ci skip] Change some log messages' level

'Class Loaded' type of messages flood log files when
log_threshold is set to 2 (debug). They're now logged
as 'info' level.

This is manually applying PR #1528, which was created
to do the same thing, but became outdated.
---
 system/core/Config.php     | 5 ++++-
 system/core/Controller.php | 2 +-
 system/core/Hooks.php      | 3 +--
 system/core/Input.php      | 4 ++--
 system/core/Lang.php       | 4 ++--
 system/core/Loader.php     | 8 ++++----
 system/core/Model.php      | 2 +-
 system/core/Output.php     | 6 +++---
 system/core/Router.php     | 2 +-
 system/core/Security.php   | 7 +++----
 system/core/URI.php        | 2 +-
 system/core/Utf8.php       | 2 +-
 12 files changed, 24 insertions(+), 23 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Config.php b/system/core/Config.php
index d5ce91f48..3828fae65 100644
--- a/system/core/Config.php
+++ b/system/core/Config.php
@@ -72,6 +72,8 @@ class CI_Config {
 	 */
 	public $_config_paths =	array(APPPATH);
 
+	// --------------------------------------------------------------------
+
 	/**
 	 * Class constructor
 	 *
@@ -82,7 +84,6 @@ class CI_Config {
 	public function __construct()
 	{
 		$this->config =& get_config();
-		log_message('debug', 'Config Class Initialized');
 
 		// Set the base_url automatically if none was provided
 		if (empty($this->config['base_url']))
@@ -101,6 +102,8 @@ class CI_Config {
 
 			$this->set_item('base_url', $base_url);
 		}
+
+		log_message('info', 'Config Class Initialized');
 	}
 
 	// --------------------------------------------------------------------
diff --git a/system/core/Controller.php b/system/core/Controller.php
index 06005b058..4ad10fc2f 100644
--- a/system/core/Controller.php
+++ b/system/core/Controller.php
@@ -77,7 +77,7 @@ class CI_Controller {
 
 		$this->load =& load_class('Loader', 'core');
 		$this->load->initialize();
-		log_message('debug', 'Controller Class Initialized');
+		log_message('info', 'Controller Class Initialized');
 	}
 
 	// --------------------------------------------------------------------
diff --git a/system/core/Hooks.php b/system/core/Hooks.php
index 429d6bceb..a55b38aaa 100644
--- a/system/core/Hooks.php
+++ b/system/core/Hooks.php
@@ -88,8 +88,7 @@ class CI_Hooks {
 	public function __construct()
 	{
 		$CFG =& load_class('Config', 'core');
-
-		log_message('debug', 'Hooks Class Initialized');
+		log_message('info', 'Hooks Class Initialized');
 
 		// If hooks are not enabled in the config file
 		// there is nothing else to do
diff --git a/system/core/Input.php b/system/core/Input.php
index 358417c79..1816a2014 100644
--- a/system/core/Input.php
+++ b/system/core/Input.php
@@ -123,8 +123,6 @@ class CI_Input {
 	 */
 	public function __construct()
 	{
-		log_message('debug', 'Input Class Initialized');
-
 		$this->_allow_get_array		= (config_item('allow_get_array') === TRUE);
 		$this->_enable_xss		= (config_item('global_xss_filtering') === TRUE);
 		$this->_enable_csrf		= (config_item('csrf_protection') === TRUE);
@@ -140,6 +138,8 @@ class CI_Input {
 
 		// Sanitize global arrays
 		$this->_sanitize_globals();
+
+		log_message('info', 'Input Class Initialized');
 	}
 
 	// --------------------------------------------------------------------
diff --git a/system/core/Lang.php b/system/core/Lang.php
index fe1dc1a9d..3213478ca 100644
--- a/system/core/Lang.php
+++ b/system/core/Lang.php
@@ -69,7 +69,7 @@ class CI_Lang {
 	 */
 	public function __construct()
 	{
-		log_message('debug', 'Language Class Initialized');
+		log_message('info', 'Language Class Initialized');
 	}
 
 	// --------------------------------------------------------------------
@@ -172,7 +172,7 @@ class CI_Lang {
 		$this->is_loaded[$langfile] = $idiom;
 		$this->language = array_merge($this->language, $lang);
 
-		log_message('debug', 'Language file loaded: language/'.$idiom.'/'.$langfile);
+		log_message('info', 'Language file loaded: language/'.$idiom.'/'.$langfile);
 		return TRUE;
 	}
 
diff --git a/system/core/Loader.php b/system/core/Loader.php
index d930dbfa8..cce1b1277 100644
--- a/system/core/Loader.php
+++ b/system/core/Loader.php
@@ -138,7 +138,7 @@ class CI_Loader {
 		$this->_ci_ob_level = ob_get_level();
 		$this->_ci_classes =& is_loaded();
 
-		log_message('debug', 'Loader Class Initialized');
+		log_message('info', 'Loader Class Initialized');
 	}
 
 	// --------------------------------------------------------------------
@@ -577,7 +577,7 @@ class CI_Loader {
 
 				include_once($base_helper);
 				$this->_ci_helpers[$helper] = TRUE;
-				log_message('debug', 'Helper loaded: '.$helper);
+				log_message('info', 'Helper loaded: '.$helper);
 				continue;
 			}
 
@@ -589,7 +589,7 @@ class CI_Loader {
 					include_once($path.'helpers/'.$helper.'.php');
 
 					$this->_ci_helpers[$helper] = TRUE;
-					log_message('debug', 'Helper loaded: '.$helper);
+					log_message('info', 'Helper loaded: '.$helper);
 					break;
 				}
 			}
@@ -914,7 +914,7 @@ class CI_Loader {
 			include($_ci_path); // include() vs include_once() allows for multiple views with the same name
 		}
 
-		log_message('debug', 'File loaded: '.$_ci_path);
+		log_message('info', 'File loaded: '.$_ci_path);
 
 		// Return the file data if requested
 		if ($_ci_return === TRUE)
diff --git a/system/core/Model.php b/system/core/Model.php
index 1cb00f742..d1487b611 100644
--- a/system/core/Model.php
+++ b/system/core/Model.php
@@ -55,7 +55,7 @@ class CI_Model {
 	 */
 	public function __construct()
 	{
-		log_message('debug', 'Model Class Initialized');
+		log_message('info', 'Model Class Initialized');
 	}
 
 	// --------------------------------------------------------------------
diff --git a/system/core/Output.php b/system/core/Output.php
index beac6b377..6b9a33d31 100644
--- a/system/core/Output.php
+++ b/system/core/Output.php
@@ -141,7 +141,7 @@ class CI_Output {
 		// Get mime types for later
 		$this->mimes =& get_mimes();
 
-		log_message('debug', 'Output Class Initialized');
+		log_message('info', 'Output Class Initialized');
 	}
 
 	// --------------------------------------------------------------------
@@ -491,7 +491,7 @@ class CI_Output {
 			}
 
 			echo $output;
-			log_message('debug', 'Final output sent to browser');
+			log_message('info', 'Final output sent to browser');
 			log_message('debug', 'Total execution time: '.$elapsed);
 			return;
 		}
@@ -528,7 +528,7 @@ class CI_Output {
 			echo $output; // Send it to the browser!
 		}
 
-		log_message('debug', 'Final output sent to browser');
+		log_message('info', 'Final output sent to browser');
 		log_message('debug', 'Total execution time: '.$elapsed);
 	}
 
diff --git a/system/core/Router.php b/system/core/Router.php
index b21335fc2..c7acad074 100644
--- a/system/core/Router.php
+++ b/system/core/Router.php
@@ -147,7 +147,7 @@ class CI_Router {
 			}
 		}
 
-		log_message('debug', 'Router Class Initialized');
+		log_message('info', 'Router Class Initialized');
 	}
 
 	// --------------------------------------------------------------------
diff --git a/system/core/Security.php b/system/core/Security.php
index 2bf0f6284..4f5d9540d 100644
--- a/system/core/Security.php
+++ b/system/core/Security.php
@@ -192,7 +192,7 @@ class CI_Security {
 
 		$this->charset = strtoupper(config_item('charset'));
 
-		log_message('debug', 'Security Class Initialized');
+		log_message('info', 'Security Class Initialized');
 	}
 
 	// --------------------------------------------------------------------
@@ -244,7 +244,7 @@ class CI_Security {
 		$this->_csrf_set_hash();
 		$this->csrf_set_cookie();
 
-		log_message('debug', 'CSRF token verified');
+		log_message('info', 'CSRF token verified');
 		return $this;
 	}
 
@@ -275,7 +275,7 @@ class CI_Security {
 			$secure_cookie,
 			config_item('cookie_httponly')
 		);
-		log_message('debug', 'CRSF cookie Set');
+		log_message('info', 'CRSF cookie sent');
 
 		return $this;
 	}
@@ -533,7 +533,6 @@ class CI_Security {
 			return ($str === $converted_string);
 		}
 
-		log_message('debug', 'XSS Filtering completed');
 		return $str;
 	}
 
diff --git a/system/core/URI.php b/system/core/URI.php
index 39d1a8f30..a249e5733 100644
--- a/system/core/URI.php
+++ b/system/core/URI.php
@@ -140,7 +140,7 @@ class CI_URI {
 			}
 		}
 
-		log_message('debug', 'URI Class Initialized');
+		log_message('info', 'URI Class Initialized');
 	}
 
 	// --------------------------------------------------------------------
diff --git a/system/core/Utf8.php b/system/core/Utf8.php
index bca95c206..2611a6bb6 100644
--- a/system/core/Utf8.php
+++ b/system/core/Utf8.php
@@ -74,7 +74,7 @@ class CI_Utf8 {
 			log_message('debug', 'UTF-8 Support Disabled');
 		}
 
-		log_message('debug', 'Utf8 Class Initialized');
+		log_message('info', 'Utf8 Class Initialized');
 	}
 
 	// --------------------------------------------------------------------
-- 
cgit v1.2.3-24-g4f1b


From db669f1de59f7105e0b9cf39899b98fd75b90771 Mon Sep 17 00:00:00 2001
From: Andrey Andreev 
Date: Wed, 21 Jan 2015 16:51:51 +0200
Subject: Make libraries matching controller names loadable

---
 system/core/Loader.php | 174 +++++++++++++++++++++++++++++--------------------
 1 file changed, 103 insertions(+), 71 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Loader.php b/system/core/Loader.php
index cce1b1277..99773c3a2 100644
--- a/system/core/Loader.php
+++ b/system/core/Loader.php
@@ -215,7 +215,7 @@ class CI_Loader {
 			$params = NULL;
 		}
 
-		$this->_ci_load_class($library, $params, $object_name);
+		$this->_ci_load_library($library, $params, $object_name);
 		return $this;
 	}
 
@@ -949,17 +949,17 @@ class CI_Loader {
 	// --------------------------------------------------------------------
 
 	/**
-	 * Internal CI Class Loader
+	 * Internal CI Library Loader
 	 *
 	 * @used-by	CI_Loader::library()
-	 * @uses	CI_Loader::_ci_init_class()
+	 * @uses	CI_Loader::_ci_init_library()
 	 *
 	 * @param	string	$class		Class name to load
 	 * @param	mixed	$params		Optional parameters to pass to the class constructor
 	 * @param	string	$object_name	Optional object name to assign to
 	 * @return	void
 	 */
-	protected function _ci_load_class($class, $params = NULL, $object_name = NULL)
+	protected function _ci_load_library($class, $params = NULL, $object_name = NULL)
 	{
 		// Get the class name, and while we're at it trim any slashes.
 		// The directory path can be included as part of the class name,
@@ -982,47 +982,22 @@ class CI_Loader {
 		}
 
 		$class = ucfirst($class);
-		$subclass = APPPATH.'libraries/'.$subdir.config_item('subclass_prefix').$class.'.php';
 
-		// Is this a class extension request?
-		if (file_exists($subclass))
+		// Is this a stock library? There are a few special conditions if so ...
+		if (file_exists(BASEPATH.'libraries/'.$subdir.$class.'.php'))
 		{
-			$baseclass = BASEPATH.'libraries/'.$subdir.$class.'.php';
-
-			if ( ! file_exists($baseclass))
-			{
-				log_message('error', 'Unable to load the requested class: '.$class);
-				show_error('Unable to load the requested class: '.$class);
-			}
-
-			// Safety: Was the class already loaded by a previous call?
-			if (class_exists(config_item('subclass_prefix').$class, FALSE))
-			{
-				// Before we deem this to be a duplicate request, let's see
-				// if a custom object name is being supplied. If so, we'll
-				// return a new instance of the object
-				if ($object_name !== NULL)
-				{
-					$CI =& get_instance();
-					if ( ! isset($CI->$object_name))
-					{
-						return $this->_ci_init_class($class, config_item('subclass_prefix'), $params, $object_name);
-					}
-				}
-
-				log_message('debug', $class.' class already loaded. Second attempt ignored.');
-				return;
-			}
-
-			include_once($baseclass);
-			include_once($subclass);
-
-			return $this->_ci_init_class($class, config_item('subclass_prefix'), $params, $object_name);
+			return $this->_ci_load_stock_library($class, $subdir, $params, $object_name);
 		}
 
 		// Let's search for the requested library file and load it.
 		foreach ($this->_ci_library_paths as $path)
 		{
+			// BASEPATH has already been checked for
+			if ($path === BASEPATH)
+			{
+				continue;
+			}
+
 			$filepath = $path.'libraries/'.$subdir.$class.'.php';
 
 			// Safety: Was the class already loaded by a previous call?
@@ -1036,7 +1011,7 @@ class CI_Loader {
 					$CI =& get_instance();
 					if ( ! isset($CI->$object_name))
 					{
-						return $this->_ci_init_class($class, '', $params, $object_name);
+						return $this->_ci_init_library($class, '', $params, $object_name);
 					}
 				}
 
@@ -1050,13 +1025,13 @@ class CI_Loader {
 			}
 
 			include_once($filepath);
-			return $this->_ci_init_class($class, '', $params, $object_name);
+			return $this->_ci_init_library($class, '', $params, $object_name);
 		}
 
 		// One last attempt. Maybe the library is in a subdirectory, but it wasn't specified?
 		if ($subdir === '')
 		{
-			return $this->_ci_load_class($class.'/'.$class, $params, $object_name);
+			return $this->_ci_load_library($class.'/'.$class, $params, $object_name);
 		}
 
 		// If we got this far we were unable to find the requested class.
@@ -1067,9 +1042,84 @@ class CI_Loader {
 	// --------------------------------------------------------------------
 
 	/**
-	 * Internal CI Class Instantiator
+	 * Internal CI Stock Library Loader
+	 *
+	 * @used-by	CI_Loader::_ci_load_library()
+	 * @uses	CI_Loader::_ci_init_library()
+	 *
+	 * @param	string	$library	Library name to load
+	 * @param	string	$file_path	Path to the library filename, relative to libraries/
+	 * @param	mixed	$params		Optional parameters to pass to the class constructor
+	 * @param	string	$object_name	Optional object name to assign to
+	 * @return	void
+	 */
+	protected function _ci_load_stock_library($library_name, $file_path, $params, $object_name)
+	{
+		$prefix = 'CI_';
+
+		if (class_exists($prefix.$library_name, FALSE))
+		{
+			if (class_exists(config_item('subclass_prefix').$library_name, FALSE))
+			{
+				$prefix = config_item('subclass_prefix');
+			}
+
+			// Before we deem this to be a duplicate request, let's see
+			// if a custom object name is being supplied. If so, we'll
+			// return a new instance of the object
+			if ($object_name !== NULL)
+			{
+				$CI =& get_instance();
+				if ( ! isset($CI->$object_name))
+				{
+					return $this->_ci_init_library($library_name, $prefix, $params, $object_name);
+				}
+			}
+
+			log_message('debug', $library_name.' class already loaded. Second attempt ignored.');
+			return;
+		}
+		elseif (file_exists(APPPATH.'libraries/'.$file_path.$library_name.'.php'))
+		{
+			// Override
+			include_once(APPPATH.'libraries/'.$file_path.$library_name.'.php');
+			if (class_exists($prefix.$library_name, FALSE))
+			{
+				return $this->_ci_init_library($library_name, $prefix, $params, $object_name);
+			}
+			else
+			{
+				log_message('debug', APPPATH.'libraries/'.$file_path.$library_name.'.php exists, but does not declare '.$prefix.$library_name);
+			}
+		}
+
+		include_once(BASEPATH.'libraries/'.$file_path.$library_name.'.php');
+
+		// Check for extensions
+		$subclass = config_item('subclass_prefix').$library_name;
+		if (file_exists(APPPATH.'libraries/'.$file_path.$subclass.'.php'))
+		{
+			include_once(APPPATH.'libraries/'.$file_path.$subclass.'.php');
+			if (class_exists($subclass, FALSE))
+			{
+				$prefix = config_item('subclass_prefix');
+			}
+			else
+			{
+				log_message('debug', APPPATH.'libraries/'.$file_path.$subclass.'.php exists, but does not declare '.$subclass);
+			}
+		}
+
+		return $this->_ci_init_library($library_name, $prefix, $params, $object_name);
+	}
+
+	// --------------------------------------------------------------------
+
+	/**
+	 * Internal CI Library Instantiator
 	 *
-	 * @used-by	CI_Loader::_ci_load_class()
+	 * @used-by	CI_Loader::_ci_load_stock_library()
+	 * @used-by	CI_Loader::_ci_load_library()
 	 *
 	 * @param	string		$class		Class name
 	 * @param	string		$prefix		Class name prefix
@@ -1080,7 +1130,7 @@ class CI_Loader {
 	 * @param	string		$object_name	Optional object name to assign to
 	 * @return	void
 	 */
-	protected function _ci_init_class($class, $prefix = '', $config = FALSE, $object_name = NULL)
+	protected function _ci_init_library($class, $prefix, $config = FALSE, $object_name = NULL)
 	{
 		// Is there an associated config file for this class? Note: these should always be lowercase
 		if ($config === NULL)
@@ -1128,31 +1178,13 @@ class CI_Loader {
 			}
 		}
 
-		if ($prefix === '')
-		{
-			if (class_exists('CI_'.$class, FALSE))
-			{
-				$name = 'CI_'.$class;
-			}
-			elseif (class_exists(config_item('subclass_prefix').$class, FALSE))
-			{
-				$name = config_item('subclass_prefix').$class;
-			}
-			else
-			{
-				$name = $class;
-			}
-		}
-		else
-		{
-			$name = $prefix.$class;
-		}
+		$class_name = $prefix.$class;
 
 		// Is the class name valid?
-		if ( ! class_exists($name, FALSE))
+		if ( ! class_exists($class_name, FALSE))
 		{
-			log_message('error', 'Non-existent class: '.$name);
-			show_error('Non-existent class: '.$name);
+			log_message('error', 'Non-existent class: '.$class_name);
+			show_error('Non-existent class: '.$class_name);
 		}
 
 		// Set the variable name we will assign the class to
@@ -1170,13 +1202,13 @@ class CI_Loader {
 		$CI =& get_instance();
 		if (isset($CI->$object_name))
 		{
-			if ($CI->$object_name instanceof $name)
+			if ($CI->$object_name instanceof $class_name)
 			{
-				log_message('debug', $class." has already been instantiated as '".$object_name."'. Second attempt aborted.");
+				log_message('debug', $class_name." has already been instantiated as '".$object_name."'. Second attempt aborted.");
 				return;
 			}
 
-			show_error("Resource '".$object_name."' already exists and is not a ".$class." instance.");
+			show_error("Resource '".$object_name."' already exists and is not a ".$class_name." instance.");
 		}
 
 		// Save the class name and object name
@@ -1184,8 +1216,8 @@ class CI_Loader {
 
 		// Instantiate the class
 		$CI->$object_name = isset($config)
-			? new $name($config)
-			: new $name();
+			? new $class_name($config)
+			: new $class_name();
 	}
 
 	// --------------------------------------------------------------------
-- 
cgit v1.2.3-24-g4f1b


From 4cbe463b4c442e0e2dae2f43565e77f7ac5ecb86 Mon Sep 17 00:00:00 2001
From: vlakoff 
Date: Wed, 21 Jan 2015 22:56:22 +0100
Subject: Remove closing blocks at end of PHP files

---
 system/core/Benchmark.php       | 3 ---
 system/core/CodeIgniter.php     | 3 ---
 system/core/Common.php          | 3 ---
 system/core/Config.php          | 3 ---
 system/core/Controller.php      | 3 ---
 system/core/Exceptions.php      | 3 ---
 system/core/Hooks.php           | 3 ---
 system/core/Input.php           | 3 ---
 system/core/Lang.php            | 3 ---
 system/core/Loader.php          | 3 ---
 system/core/Log.php             | 3 ---
 system/core/Model.php           | 3 ---
 system/core/Output.php          | 3 ---
 system/core/Router.php          | 3 ---
 system/core/Security.php        | 3 ---
 system/core/URI.php             | 3 ---
 system/core/Utf8.php            | 3 ---
 system/core/compat/hash.php     | 3 ---
 system/core/compat/mbstring.php | 3 ---
 system/core/compat/password.php | 3 ---
 system/core/compat/standard.php | 3 ---
 21 files changed, 63 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Benchmark.php b/system/core/Benchmark.php
index 86f3ae1aa..e420f62a1 100644
--- a/system/core/Benchmark.php
+++ b/system/core/Benchmark.php
@@ -131,6 +131,3 @@ class CI_Benchmark {
 	}
 
 }
-
-/* End of file Benchmark.php */
-/* Location: ./system/core/Benchmark.php */
\ No newline at end of file
diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php
index 59fdba0e5..8c936e018 100644
--- a/system/core/CodeIgniter.php
+++ b/system/core/CodeIgniter.php
@@ -533,6 +533,3 @@ if ( ! is_php('5.4'))
  * ------------------------------------------------------
  */
 	$EXT->call_hook('post_system');
-
-/* End of file CodeIgniter.php */
-/* Location: ./system/core/CodeIgniter.php */
\ No newline at end of file
diff --git a/system/core/Common.php b/system/core/Common.php
index 71da829d3..7046ec401 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -842,6 +842,3 @@ if ( ! function_exists('function_usable'))
 		return FALSE;
 	}
 }
-
-/* End of file Common.php */
-/* Location: ./system/core/Common.php */
\ No newline at end of file
diff --git a/system/core/Config.php b/system/core/Config.php
index 3828fae65..a191a7727 100644
--- a/system/core/Config.php
+++ b/system/core/Config.php
@@ -359,6 +359,3 @@ class CI_Config {
 	}
 
 }
-
-/* End of file Config.php */
-/* Location: ./system/core/Config.php */
\ No newline at end of file
diff --git a/system/core/Controller.php b/system/core/Controller.php
index 4ad10fc2f..a0d97baa2 100644
--- a/system/core/Controller.php
+++ b/system/core/Controller.php
@@ -94,6 +94,3 @@ class CI_Controller {
 	}
 
 }
-
-/* End of file Controller.php */
-/* Location: ./system/core/Controller.php */
\ No newline at end of file
diff --git a/system/core/Exceptions.php b/system/core/Exceptions.php
index 550e03b78..fc25f57e6 100644
--- a/system/core/Exceptions.php
+++ b/system/core/Exceptions.php
@@ -273,6 +273,3 @@ class CI_Exceptions {
 	}
 
 }
-
-/* End of file Exceptions.php */
-/* Location: ./system/core/Exceptions.php */
\ No newline at end of file
diff --git a/system/core/Hooks.php b/system/core/Hooks.php
index a55b38aaa..08479b133 100644
--- a/system/core/Hooks.php
+++ b/system/core/Hooks.php
@@ -264,6 +264,3 @@ class CI_Hooks {
 	}
 
 }
-
-/* End of file Hooks.php */
-/* Location: ./system/core/Hooks.php */
\ No newline at end of file
diff --git a/system/core/Input.php b/system/core/Input.php
index 1816a2014..72425c1c1 100644
--- a/system/core/Input.php
+++ b/system/core/Input.php
@@ -847,6 +847,3 @@ class CI_Input {
 	}
 
 }
-
-/* End of file Input.php */
-/* Location: ./system/core/Input.php */
\ No newline at end of file
diff --git a/system/core/Lang.php b/system/core/Lang.php
index 3213478ca..deb955414 100644
--- a/system/core/Lang.php
+++ b/system/core/Lang.php
@@ -201,6 +201,3 @@ class CI_Lang {
 	}
 
 }
-
-/* End of file Lang.php */
-/* Location: ./system/core/Lang.php */
\ No newline at end of file
diff --git a/system/core/Loader.php b/system/core/Loader.php
index 99773c3a2..6371ca3c7 100644
--- a/system/core/Loader.php
+++ b/system/core/Loader.php
@@ -1365,6 +1365,3 @@ class CI_Loader {
 	}
 
 }
-
-/* End of file Loader.php */
-/* Location: ./system/core/Loader.php */
\ No newline at end of file
diff --git a/system/core/Log.php b/system/core/Log.php
index e7a271f4e..833316273 100644
--- a/system/core/Log.php
+++ b/system/core/Log.php
@@ -235,6 +235,3 @@ class CI_Log {
 	}
 
 }
-
-/* End of file Log.php */
-/* Location: ./system/core/Log.php */
\ No newline at end of file
diff --git a/system/core/Model.php b/system/core/Model.php
index d1487b611..a0469de11 100644
--- a/system/core/Model.php
+++ b/system/core/Model.php
@@ -78,6 +78,3 @@ class CI_Model {
 	}
 
 }
-
-/* End of file Model.php */
-/* Location: ./system/core/Model.php */
\ No newline at end of file
diff --git a/system/core/Output.php b/system/core/Output.php
index 6b9a33d31..b8c6dc02e 100644
--- a/system/core/Output.php
+++ b/system/core/Output.php
@@ -777,6 +777,3 @@ class CI_Output {
 	}
 
 }
-
-/* End of file Output.php */
-/* Location: ./system/core/Output.php */
\ No newline at end of file
diff --git a/system/core/Router.php b/system/core/Router.php
index c7acad074..eb3da2285 100644
--- a/system/core/Router.php
+++ b/system/core/Router.php
@@ -525,6 +525,3 @@ class CI_Router {
 	}
 
 }
-
-/* End of file Router.php */
-/* Location: ./system/core/Router.php */
\ No newline at end of file
diff --git a/system/core/Security.php b/system/core/Security.php
index 4f5d9540d..8b3149c07 100644
--- a/system/core/Security.php
+++ b/system/core/Security.php
@@ -997,6 +997,3 @@ class CI_Security {
 	}
 
 }
-
-/* End of file Security.php */
-/* Location: ./system/core/Security.php */
\ No newline at end of file
diff --git a/system/core/URI.php b/system/core/URI.php
index a249e5733..9bc34ace7 100644
--- a/system/core/URI.php
+++ b/system/core/URI.php
@@ -639,6 +639,3 @@ class CI_URI {
 	}
 
 }
-
-/* End of file URI.php */
-/* Location: ./system/core/URI.php */
\ No newline at end of file
diff --git a/system/core/Utf8.php b/system/core/Utf8.php
index 2611a6bb6..9d8ac41e1 100644
--- a/system/core/Utf8.php
+++ b/system/core/Utf8.php
@@ -162,6 +162,3 @@ class CI_Utf8 {
 	}
 
 }
-
-/* End of file Utf8.php */
-/* Location: ./system/core/Utf8.php */
\ No newline at end of file
diff --git a/system/core/compat/hash.php b/system/core/compat/hash.php
index aeacabdb9..477535dca 100644
--- a/system/core/compat/hash.php
+++ b/system/core/compat/hash.php
@@ -196,6 +196,3 @@ if ( ! function_exists('hash_pbkdf2'))
 		return substr($raw_output ? $hash : bin2hex($hash), 0, $length);
 	}
 }
-
-/* End of file hash.php */
-/* Location: ./system/core/compat/hash.php */
\ No newline at end of file
diff --git a/system/core/compat/mbstring.php b/system/core/compat/mbstring.php
index 52ca6d02f..ddb2bae47 100644
--- a/system/core/compat/mbstring.php
+++ b/system/core/compat/mbstring.php
@@ -147,6 +147,3 @@ if ( ! function_exists('mb_substr'))
 			: substr($str, $start);
 	}
 }
-
-/* End of file mbstring.php */
-/* Location: ./system/core/compat/mbstring.php */
\ No newline at end of file
diff --git a/system/core/compat/password.php b/system/core/compat/password.php
index 00befb022..7b933aa04 100644
--- a/system/core/compat/password.php
+++ b/system/core/compat/password.php
@@ -231,6 +231,3 @@ if ( ! function_exists('password_verify'))
 		return ($compare === 0);
 	}
 }
-
-/* End of file password.php */
-/* Location: ./system/core/compat/password.php */
\ No newline at end of file
diff --git a/system/core/compat/standard.php b/system/core/compat/standard.php
index f24f7f8ae..5a428c114 100644
--- a/system/core/compat/standard.php
+++ b/system/core/compat/standard.php
@@ -387,6 +387,3 @@ if ( ! function_exists('quoted_printable_encode'))
 		return $output;
 	}
 }
-
-/* End of file standard.php */
-/* Location: ./system/core/compat/standard.php */
\ No newline at end of file
-- 
cgit v1.2.3-24-g4f1b


From bd6a814e66643a622ff535664c608b2939af299d Mon Sep 17 00:00:00 2001
From: Andrey Andreev 
Date: Thu, 22 Jan 2015 16:41:25 +0200
Subject: Don't try to include config/autoload.php if it doesn't exist

Related: #3497
---
 system/core/Loader.php | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

(limited to 'system/core')

diff --git a/system/core/Loader.php b/system/core/Loader.php
index 6371ca3c7..20b26d80f 100644
--- a/system/core/Loader.php
+++ b/system/core/Loader.php
@@ -1232,7 +1232,11 @@ class CI_Loader {
 	 */
 	protected function _ci_autoloader()
 	{
-		include(APPPATH.'config/autoload.php');
+		if (file_exists(APPPATH.'config/config.php'))
+		{
+			include(APPPATH.'config/autoload.php');
+		}
+
 		if (file_exists(APPPATH.'config/'.ENVIRONMENT.'/autoload.php'))
 		{
 			include(APPPATH.'config/'.ENVIRONMENT.'/autoload.php');
-- 
cgit v1.2.3-24-g4f1b


From 4b6469dd00946cc34835eb680e20735b228562ca Mon Sep 17 00:00:00 2001
From: Andrey Andreev 
Date: Thu, 22 Jan 2015 16:42:17 +0200
Subject: Um ... I meant autoload.php

#3497
---
 system/core/Loader.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'system/core')

diff --git a/system/core/Loader.php b/system/core/Loader.php
index 20b26d80f..ff7838640 100644
--- a/system/core/Loader.php
+++ b/system/core/Loader.php
@@ -1232,7 +1232,7 @@ class CI_Loader {
 	 */
 	protected function _ci_autoloader()
 	{
-		if (file_exists(APPPATH.'config/config.php'))
+		if (file_exists(APPPATH.'config/autoload.php'))
 		{
 			include(APPPATH.'config/autoload.php');
 		}
-- 
cgit v1.2.3-24-g4f1b


From 654e5c969bfacb429e13eec58fee8d62c2495111 Mon Sep 17 00:00:00 2001
From: kakysha 
Date: Tue, 27 Jan 2015 20:51:50 +0300
Subject: is_php() more accurate description

---
 system/core/Common.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'system/core')

diff --git a/system/core/Common.php b/system/core/Common.php
index 7046ec401..5c5672e99 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -54,7 +54,7 @@ defined('BASEPATH') OR exit('No direct script access allowed');
 if ( ! function_exists('is_php'))
 {
 	/**
-	 * Determines if the current version of PHP is greater then the supplied value
+	 * Determines if the current version of PHP is equal to or greater than the supplied value
 	 *
 	 * @param	string
 	 * @return	bool	TRUE if the current version is $version or higher
-- 
cgit v1.2.3-24-g4f1b


From 325d22da5ff207bafb3df80647792a741b49fcf7 Mon Sep 17 00:00:00 2001
From: Claudio Galdiolo 
Date: Thu, 29 Jan 2015 11:41:17 -0500
Subject: fix typo in comments

---
 system/core/Security.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'system/core')

diff --git a/system/core/Security.php b/system/core/Security.php
index 8b3149c07..7c18c7406 100644
--- a/system/core/Security.php
+++ b/system/core/Security.php
@@ -75,7 +75,7 @@ class CI_Security {
 	/**
 	 * Character set
 	 *
-	 * Will be overriden by the constructor.
+	 * Will be overridden by the constructor.
 	 *
 	 * @var	string
 	 */
-- 
cgit v1.2.3-24-g4f1b


From 17254324f9887c5fa511b94a3b17c8c4d82b2c8f Mon Sep 17 00:00:00 2001
From: Andrey Andreev 
Date: Fri, 30 Jan 2015 15:53:28 +0200
Subject: [ci skip] Load vendor/autoload.php earlier

---
 system/core/CodeIgniter.php | 34 +++++++++++++++++-----------------
 1 file changed, 17 insertions(+), 17 deletions(-)

(limited to 'system/core')

diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php
index 8c936e018..839caba08 100644
--- a/system/core/CodeIgniter.php
+++ b/system/core/CodeIgniter.php
@@ -157,6 +157,23 @@ if ( ! is_php('5.4'))
 		get_config(array('subclass_prefix' => $assign_to_config['subclass_prefix']));
 	}
 
+/*
+ * ------------------------------------------------------
+ *  Should we use a Composer autoloader?
+ * ------------------------------------------------------
+ */
+	if ($composer_autoload = config_item('composer_autoload'))
+	{
+		if ($composer_autoload === TRUE && file_exists(APPPATH.'vendor/autoload.php'))
+		{
+			require_once(APPPATH.'vendor/autoload.php');
+		}
+		elseif (file_exists($composer_autoload))
+		{
+			require_once($composer_autoload);
+		}
+	}
+
 /*
  * ------------------------------------------------------
  *  Start the timer... tick tock tick tock...
@@ -459,23 +476,6 @@ if ( ! is_php('5.4'))
 		$params = array_slice($URI->rsegments, 2);
 	}
 
-/*
- * ------------------------------------------------------
- *  Should we use a Composer autoloader?
- * ------------------------------------------------------
- */
-	if ($composer_autoload = config_item('composer_autoload'))
-	{
-		if ($composer_autoload === TRUE && file_exists(APPPATH.'vendor/autoload.php'))
-		{
-			require_once(APPPATH.'vendor/autoload.php');
-		}
-		elseif (file_exists($composer_autoload))
-		{
-			require_once($composer_autoload);
-		}
-	}
-
 /*
  * ------------------------------------------------------
  *  Is there a "pre_controller" hook?
-- 
cgit v1.2.3-24-g4f1b


From 2eb580cff726160f737da2e36ebae7e60d676e30 Mon Sep 17 00:00:00 2001
From: Andrey Andreev 
Date: Fri, 30 Jan 2015 16:41:43 +0200
Subject: Log an error message if composer_autoload is not found.

---
 system/core/CodeIgniter.php | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

(limited to 'system/core')

diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php
index 839caba08..d830c1829 100644
--- a/system/core/CodeIgniter.php
+++ b/system/core/CodeIgniter.php
@@ -164,14 +164,20 @@ if ( ! is_php('5.4'))
  */
 	if ($composer_autoload = config_item('composer_autoload'))
 	{
-		if ($composer_autoload === TRUE && file_exists(APPPATH.'vendor/autoload.php'))
+		if ($composer_autoload === TRUE)
 		{
-			require_once(APPPATH.'vendor/autoload.php');
+			file_exists(APPPATH.'vendor/autoload.php')
+				? require_once(APPPATH.'vendor/autoload.php')
+				: log_message('error', '$config[\'composer_autoload\'] is set to TRUE but '.APPPATH.'vendor/autoload.php was not found.');
 		}
 		elseif (file_exists($composer_autoload))
 		{
 			require_once($composer_autoload);
 		}
+		else
+		{
+			log_message('error', 'Could not find the specified $config[\'composer_autoload\'] path: '.$composer_autoload);
+		}
 	}
 
 /*
-- 
cgit v1.2.3-24-g4f1b


From 01daaca3551ff1e6a06fa895afcb836fd2cda4bf Mon Sep 17 00:00:00 2001
From: bjjay 
Date: Sat, 31 Jan 2015 22:29:50 +0800
Subject: Reduce once server protocol check

---
 system/core/Common.php | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Common.php b/system/core/Common.php
index 5c5672e99..c3198b31f 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -555,15 +555,14 @@ if ( ! function_exists('set_status_header'))
 			}
 		}
 
-		$server_protocol = isset($_SERVER['SERVER_PROTOCOL']) ? $_SERVER['SERVER_PROTOCOL'] : FALSE;
-
 		if (strpos(PHP_SAPI, 'cgi') === 0)
 		{
 			header('Status: '.$code.' '.$text, TRUE);
 		}
 		else
 		{
-			header(($server_protocol ? $server_protocol : 'HTTP/1.1').' '.$code.' '.$text, TRUE, $code);
+			$server_protocol = isset($_SERVER['SERVER_PROTOCOL']) ? $_SERVER['SERVER_PROTOCOL'] : 'HTTP/1.1';
+			header($server_protocol.' '.$code.' '.$text, TRUE, $code);
 		}
 	}
 }
-- 
cgit v1.2.3-24-g4f1b


From 21432ab323bfb35133a1b725289b435b55db9c6a Mon Sep 17 00:00:00 2001
From: natepizzle 
Date: Tue, 3 Feb 2015 16:25:42 -0600
Subject: Documentation Fix

Signed-off-by: natepizzle 
---
 system/core/Output.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'system/core')

diff --git a/system/core/Output.php b/system/core/Output.php
index b8c6dc02e..02f66936c 100644
--- a/system/core/Output.php
+++ b/system/core/Output.php
@@ -391,7 +391,7 @@ class CI_Output {
 	/**
 	 * Display Output
 	 *
-	 * Processes sends the sends finalized output data to the browser along
+	 * Processes and sends finalized output data to the browser along
 	 * with any server headers and profile data. It also stops benchmark
 	 * timers so the page rendering speed and memory usage can be shown.
 	 *
-- 
cgit v1.2.3-24-g4f1b


From 1fb500077784638399be79b32fe354aec257413c Mon Sep 17 00:00:00 2001
From: Gabriel Potkány 
Date: Wed, 4 Feb 2015 01:45:59 +0100
Subject: Fixed inconsistent return types

---
 system/core/Common.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'system/core')

diff --git a/system/core/Common.php b/system/core/Common.php
index c3198b31f..9f509745f 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -86,7 +86,7 @@ if ( ! function_exists('is_really_writable'))
 	 *
 	 * @link	https://bugs.php.net/bug.php?id=54709
 	 * @param	string
-	 * @return	void
+	 * @return	bool
 	 */
 	function is_really_writable($file)
 	{
-- 
cgit v1.2.3-24-g4f1b


From d9287a076a378209fbb78db80ee915c9cbedf9e0 Mon Sep 17 00:00:00 2001
From: Gabriel Potkány 
Date: Wed, 4 Feb 2015 08:47:56 +0100
Subject: Removed one more return value  (CI_Loader::_ci_autoloader)

---
 system/core/Loader.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'system/core')

diff --git a/system/core/Loader.php b/system/core/Loader.php
index ff7838640..b2eeb3b1d 100644
--- a/system/core/Loader.php
+++ b/system/core/Loader.php
@@ -1244,7 +1244,7 @@ class CI_Loader {
 
 		if ( ! isset($autoload))
 		{
-			return FALSE;
+			return;
 		}
 
 		// Autoload packages
-- 
cgit v1.2.3-24-g4f1b


From f9fbf1187516363a48fe2fe7bc33d00ae11f134f Mon Sep 17 00:00:00 2001
From: Ignasimg 
Date: Fri, 6 Feb 2015 09:21:07 +0100
Subject: Update Input.php

Added support for json input stream. (Not tested)
---
 system/core/Input.php | 55 ++++++++++++++++++++++++++++++++++++++++++---------
 1 file changed, 46 insertions(+), 9 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Input.php b/system/core/Input.php
index 72425c1c1..3024fca78 100644
--- a/system/core/Input.php
+++ b/system/core/Input.php
@@ -103,6 +103,14 @@ class CI_Input {
 	 */
 	protected $headers = array();
 
+	/**
+	 * Raw input stream data
+	 *
+	 * @see	CI_Input::input_stream()
+	 * @var	array
+	 */
+	protected $_raw_input_stream = NULL;
+
 	/**
 	 * Input stream data
 	 *
@@ -111,7 +119,7 @@ class CI_Input {
 	 * @see	CI_Input::input_stream()
 	 * @var	array
 	 */
-	protected $_input_stream = NULL;
+	protected $_input_stream = NULL; // Kept for backward compatible.
 
 	/**
 	 * Class constructor
@@ -298,6 +306,25 @@ class CI_Input {
 
 	// ------------------------------------------------------------------------
 
+	/**
+	 * Fetch raw data from php://input stream
+	 *
+	 * Useful when data is not an array and might contain = and & symbols.
+	 */
+	public function raw_input_stream()
+	{
+		// Prior to PHP 5.6, the input stream can only be read once,
+		// so we'll need to check if we have already done that first.
+		if (is_null($this->_raw_input_stream))
+		{
+			$this->_raw_input_stream = file_get_contents('php://input');
+		}
+
+		return $this->_raw_input_stream;
+	}
+	
+	// ------------------------------------------------------------------------
+
 	/**
 	 * Fetch an item from the php://input stream
 	 *
@@ -309,16 +336,26 @@ class CI_Input {
 	 */
 	public function input_stream($index = NULL, $xss_clean = NULL)
 	{
-		// Prior to PHP 5.6, the input stream can only be read once,
-		// so we'll need to check if we have already done that first.
-		if ( ! is_array($this->_input_stream))
-		{
-			parse_str(file_get_contents('php://input'), $this->_input_stream);
-			is_array($this->_input_stream) OR $this->_input_stream = array();
-		}
-
+		parse_str($this->raw_input_stream(), $this->_input_stream);
 		return $this->_fetch_from_array($this->_input_stream, $index, $xss_clean);
 	}
+	
+	// ------------------------------------------------------------------------
+
+	/**
+	 * Fetch an item from the php://input stream
+	 *
+	 * Useful when you need to access input that's been send as raw json data'
+	 *
+	 * @param	string	$index		Index for item to be fetched
+	 * @param	bool	$xss_clean	Whether to apply XSS filtering
+	 * @return	mixed
+	 */
+	public function json_input_stream($index = NULL, $xss_clean = NULL)
+	{
+		$json_input_stream = json_decode($this->raw_input_stream(), true);
+		return $this->_fetch_from_array($json_input_stream, $index, $xss_clean);
+	}
 
 	// ------------------------------------------------------------------------
 
-- 
cgit v1.2.3-24-g4f1b


From d02a69a4784db9248af43e51d9288e758a346f31 Mon Sep 17 00:00:00 2001
From: Ä°rfan Evrens 
Date: Fri, 6 Feb 2015 20:53:22 +0200
Subject: a tiny change

---
 system/core/Input.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'system/core')

diff --git a/system/core/Input.php b/system/core/Input.php
index 72425c1c1..fae3b6c08 100644
--- a/system/core/Input.php
+++ b/system/core/Input.php
@@ -702,7 +702,7 @@ class CI_Input {
 	 * only named with alpha-numeric text and a few other items.
 	 *
 	 * @param	string	$str	Input string
-	 * @param	string	$fatal	Whether to terminate script exection
+	 * @param	bool	$fatal	Whether to terminate script exection
 	 *				or to return FALSE if an invalid
 	 *				key is encountered
 	 * @return	string|bool
-- 
cgit v1.2.3-24-g4f1b


From 074a214ee829e2169058b7f07efdd44edcc3fc4f Mon Sep 17 00:00:00 2001
From: Andrey Andreev 
Date: Mon, 9 Feb 2015 14:03:14 +0200
Subject: Fix #3579

---
 system/core/Security.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Security.php b/system/core/Security.php
index 7c18c7406..ccb141260 100644
--- a/system/core/Security.php
+++ b/system/core/Security.php
@@ -639,7 +639,7 @@ class CI_Security {
 			$str_compare = $str;
 
 			// Decode standard entities, avoiding false positives
-			if ($c = preg_match_all('/&[a-z]{2,}(?![a-z;])/i', $str, $matches))
+			if (preg_match_all('/&[a-z]{2,}(?![a-z;])/i', $str, $matches))
 			{
 				if ( ! isset($_entities))
 				{
@@ -664,7 +664,7 @@ class CI_Security {
 
 				$replace = array();
 				$matches = array_unique(array_map('strtolower', $matches[0]));
-				for ($i = 0; $i < $c; $i++)
+				for ($i = 0, $c = count($matches); $i < $c; $i++)
 				{
 					if (($char = array_search($matches[$i].';', $_entities, TRUE)) !== FALSE)
 					{
-- 
cgit v1.2.3-24-g4f1b


From b68a811f1a09b8d6012b6782b36a988daf68a82e Mon Sep 17 00:00:00 2001
From: Tjoosten 
Date: Sun, 15 Feb 2015 22:44:24 +0100
Subject: add 

---
 system/core/compat/index.html | 3 ++-
 system/core/index.html        | 3 ++-
 2 files changed, 4 insertions(+), 2 deletions(-)

(limited to 'system/core')

diff --git a/system/core/compat/index.html b/system/core/compat/index.html
index c942a79ce..b702fbc39 100644
--- a/system/core/compat/index.html
+++ b/system/core/compat/index.html
@@ -1,3 +1,4 @@
+
 
 
 	403 Forbidden
@@ -7,4 +8,4 @@
 

Directory access is forbidden.

- \ No newline at end of file + diff --git a/system/core/index.html b/system/core/index.html index c942a79ce..b702fbc39 100644 --- a/system/core/index.html +++ b/system/core/index.html @@ -1,3 +1,4 @@ + 403 Forbidden @@ -7,4 +8,4 @@

Directory access is forbidden.

- \ No newline at end of file + -- cgit v1.2.3-24-g4f1b From af8665d973e63ace812ab1d433ae8b8dce5922c4 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 17 Feb 2015 15:57:47 +0200 Subject: Fix #3572: CI_Security::_remove_evil_attributes() --- system/core/Security.php | 27 ++++++--------------------- 1 file changed, 6 insertions(+), 21 deletions(-) (limited to 'system/core') diff --git a/system/core/Security.php b/system/core/Security.php index ccb141260..216f0e98b 100644 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -784,30 +784,15 @@ class CI_Security { } do { - $count = 0; - $attribs = array(); + $count = $temp_count = 0; - // find occurrences of illegal attribute strings with quotes (042 and 047 are octal quotes) - preg_match_all('/(?]+)(?]*)/is', $str, $matches, PREG_SET_ORDER); - - foreach ($matches as $attr) - { - $attribs[] = preg_quote($attr[0], '/'); - } - - // replace illegal attribute strings that are inside an html tag - if (count($attribs) > 0) - { - $str = preg_replace('/(<]+?)([^A-Za-z<>\-])(.*?)('.implode('|', $attribs).')(.*?)([\s><]?)([><]*)/i', '$1$2 $4$6$7$8', $str, -1, $count); - } + $str = preg_replace('/(<[^>]+)(?]*)/is', '$1[removed]', $str, -1, $temp_count); + $count += $temp_count; } while ($count); -- cgit v1.2.3-24-g4f1b From 0ae4e6c0bd95b7264bee735fb635f317c882bbef Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 18 Feb 2015 21:14:55 +0200 Subject: Fix #3593 Revert "fixes" for #167, #388, #705 (also #1326) as it turns out URL-decoding isn't compliant with the CGI/1.1 specification. RFC 3875: http://www.faqs.org/rfcs/rfc3875.html --- system/core/URI.php | 53 +++++++++++++++++++++++++---------------------------- 1 file changed, 25 insertions(+), 28 deletions(-) (limited to 'system/core') diff --git a/system/core/URI.php b/system/core/URI.php index 9bc34ace7..e96749456 100644 --- a/system/core/URI.php +++ b/system/core/URI.php @@ -107,37 +107,34 @@ class CI_URI { $this->_permitted_uri_chars = $this->config->item('permitted_uri_chars'); // If it's a CLI request, ignore the configuration - if (is_cli() OR ($protocol = strtoupper($this->config->item('uri_protocol'))) === 'CLI') + if (is_cli()) { - $this->_set_uri_string($this->_parse_argv()); + $uri = $this->_parse_argv(); } - elseif ($protocol === 'AUTO') + else { - // Is there a PATH_INFO variable? This should be the easiest solution. - if (isset($_SERVER['PATH_INFO'])) - { - $this->_set_uri_string($_SERVER['PATH_INFO']); - } - // No PATH_INFO? Let's try REQUST_URI or QUERY_STRING then - elseif (($uri = $this->_parse_request_uri()) !== '' OR ($uri = $this->_parse_query_string()) !== '') - { - $this->_set_uri_string($uri); - } - // As a last ditch effor, let's try using the $_GET array - elseif (is_array($_GET) && count($_GET) === 1 && trim(key($_GET), '/') !== '') + $protocol = $this->config->item('uri_protocol'); + empty($protocol) && $protocol = 'REQUEST_URI'; + + switch ($protocol) { - $this->_set_uri_string(key($_GET)); + case 'AUTO': // For BC purposes only + case 'REQUEST_URI': + $uri = $this->_parse_request_uri(); + break; + case 'QUERY_STRING': + $uri = $this->_parse_query_string(); + break; + case 'PATH_INFO': + default: + $uri = isset($_SERVER[$protocol]) + ? $_SERVER[$protocol] + : $this->_parse_request_uri(); + break; } } - elseif (method_exists($this, ($method = '_parse_'.strtolower($protocol)))) - { - $this->_set_uri_string($this->$method()); - } - else - { - $uri = isset($_SERVER[$protocol]) ? $_SERVER[$protocol] : @getenv($protocol); - $this->_set_uri_string($uri); - } + + $this->_set_uri_string($uri); } log_message('info', 'URI Class Initialized'); @@ -206,7 +203,7 @@ class CI_URI { $uri = parse_url($_SERVER['REQUEST_URI']); $query = isset($uri['query']) ? $uri['query'] : ''; - $uri = isset($uri['path']) ? rawurldecode($uri['path']) : ''; + $uri = isset($uri['path']) ? $uri['path'] : ''; if (strpos($uri, $_SERVER['SCRIPT_NAME']) === 0) { @@ -222,7 +219,7 @@ class CI_URI { if (trim($uri, '/') === '' && strncmp($query, '/', 1) === 0) { $query = explode('?', $query, 2); - $uri = rawurldecode($query[0]); + $uri = $query[0]; $_SERVER['QUERY_STRING'] = isset($query[1]) ? $query[1] : ''; } else @@ -262,7 +259,7 @@ class CI_URI { { $uri = explode('?', $uri, 2); $_SERVER['QUERY_STRING'] = isset($uri[1]) ? $uri[1] : ''; - $uri = rawurldecode($uri[0]); + $uri = $uri[0]; } parse_str($_SERVER['QUERY_STRING'], $_GET); -- cgit v1.2.3-24-g4f1b From a8c964c5a1d48d9a70ed5826a086e9eba9963cc9 Mon Sep 17 00:00:00 2001 From: Ignasimg Date: Thu, 19 Feb 2015 01:26:06 +0100 Subject: documentation changes --- system/core/Input.php | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) (limited to 'system/core') diff --git a/system/core/Input.php b/system/core/Input.php index 3024fca78..f181c27ce 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -104,9 +104,9 @@ class CI_Input { protected $headers = array(); /** - * Raw input stream data + * Raw input stream data as received from php://input * - * @see CI_Input::input_stream() + * @see CI_Input::raw_input_stream() * @var array */ protected $_raw_input_stream = NULL; @@ -114,12 +114,12 @@ class CI_Input { /** * Input stream data * - * Parsed from php://input at runtime + * Parsed from raw_input_stream at runtime * * @see CI_Input::input_stream() * @var array */ - protected $_input_stream = NULL; // Kept for backward compatible. + protected $_input_stream = NULL; /** * Class constructor @@ -309,7 +309,7 @@ class CI_Input { /** * Fetch raw data from php://input stream * - * Useful when data is not an array and might contain = and & symbols. + * Useful when data is not an array. */ public function raw_input_stream() { @@ -326,7 +326,7 @@ class CI_Input { // ------------------------------------------------------------------------ /** - * Fetch an item from the php://input stream + * Fetch an item from the input stream * * Useful when you need to access PUT, DELETE or PATCH request data. * @@ -343,9 +343,9 @@ class CI_Input { // ------------------------------------------------------------------------ /** - * Fetch an item from the php://input stream + * Fetch an item from the input stream * - * Useful when you need to access input that's been send as raw json data' + * Useful when you need to access input that's been send as json' * * @param string $index Index for item to be fetched * @param bool $xss_clean Whether to apply XSS filtering -- cgit v1.2.3-24-g4f1b From c545c0147636d8592fdcb7e8ec2c6df09399d485 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 19 Feb 2015 11:36:10 +0200 Subject: Make set_status_header() a dummy under CLI Close #3605 --- system/core/Common.php | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'system/core') diff --git a/system/core/Common.php b/system/core/Common.php index 9f509745f..7035c18ff 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -492,6 +492,11 @@ if ( ! function_exists('set_status_header')) */ function set_status_header($code = 200, $text = '') { + if (is_cli()) + { + return; + } + $stati = array( 200 => 'OK', 201 => 'Created', -- cgit v1.2.3-24-g4f1b From 0b5569f11b9eab01e3b1571eb6012308a3868f01 Mon Sep 17 00:00:00 2001 From: Ignasimg Date: Fri, 20 Feb 2015 17:56:55 +0100 Subject: Added support for raw_input_stream property. --- system/core/Input.php | 81 ++++++++++++++++++--------------------------------- 1 file changed, 28 insertions(+), 53 deletions(-) (limited to 'system/core') diff --git a/system/core/Input.php b/system/core/Input.php index f181c27ce..97884d309 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -103,22 +103,16 @@ class CI_Input { */ protected $headers = array(); - /** - * Raw input stream data as received from php://input - * - * @see CI_Input::raw_input_stream() - * @var array - */ protected $_raw_input_stream = NULL; /** - * Input stream data - * - * Parsed from raw_input_stream at runtime - * - * @see CI_Input::input_stream() - * @var array - */ + * Input stream data + * + * Parsed from php://input at runtime + * + * @see CI_Input::input_stream() + * @var array + */ protected $_input_stream = NULL; /** @@ -307,54 +301,35 @@ class CI_Input { // ------------------------------------------------------------------------ /** - * Fetch raw data from php://input stream - * - * Useful when data is not an array. - */ - public function raw_input_stream() + * Fetch an item from the php://input stream + * + * Useful when you need to access PUT, DELETE or PATCH request data. + * + * @param string $index Index for item to be fetched + * @param bool $xss_clean Whether to apply XSS filtering + * @return mixed + */ + public function input_stream($index = NULL, $xss_clean = NULL) { - // Prior to PHP 5.6, the input stream can only be read once, - // so we'll need to check if we have already done that first. - if (is_null($this->_raw_input_stream)) + // Prior to PHP 5.6, the input stream can only be read once, + // so we'll need to check if we have already done that first. + if ( ! is_array($this->_input_stream)) { - $this->_raw_input_stream = file_get_contents('php://input'); + parse_str($this->raw_input_stream, $this->_input_stream); + is_array($this->_input_stream) OR $this->_input_stream = array(); } - - return $this->_raw_input_stream; - } - - // ------------------------------------------------------------------------ - - /** - * Fetch an item from the input stream - * - * Useful when you need to access PUT, DELETE or PATCH request data. - * - * @param string $index Index for item to be fetched - * @param bool $xss_clean Whether to apply XSS filtering - * @return mixed - */ - public function input_stream($index = NULL, $xss_clean = NULL) - { - parse_str($this->raw_input_stream(), $this->_input_stream); return $this->_fetch_from_array($this->_input_stream, $index, $xss_clean); } - + // ------------------------------------------------------------------------ - /** - * Fetch an item from the input stream - * - * Useful when you need to access input that's been send as json' - * - * @param string $index Index for item to be fetched - * @param bool $xss_clean Whether to apply XSS filtering - * @return mixed - */ - public function json_input_stream($index = NULL, $xss_clean = NULL) + public function __get($name) { - $json_input_stream = json_decode($this->raw_input_stream(), true); - return $this->_fetch_from_array($json_input_stream, $index, $xss_clean); + if ($name === 'raw_input_stream') + { + isset($this->_raw_input_stream) OR $this->_raw_input_stream = file_get_contents('php://input'); + return $this->_raw_input_stream; + } } // ------------------------------------------------------------------------ -- cgit v1.2.3-24-g4f1b From b4ebb39d68797466cac74f4c2c61ea1908ce61cd Mon Sep 17 00:00:00 2001 From: Fieah Date: Sun, 22 Feb 2015 23:55:15 +0800 Subject: Common.php: set_status_header: Improve 1. Verify $code before define $stati 2. Only convert $code to int and define $stati when needed, possibly can save some memory. --- system/core/Common.php | 91 +++++++++++++++++++++++++------------------------- 1 file changed, 45 insertions(+), 46 deletions(-) (limited to 'system/core') diff --git a/system/core/Common.php b/system/core/Common.php index 7035c18ff..ee5a705b2 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -497,59 +497,58 @@ if ( ! function_exists('set_status_header')) return; } - $stati = array( - 200 => 'OK', - 201 => 'Created', - 202 => 'Accepted', - 203 => 'Non-Authoritative Information', - 204 => 'No Content', - 205 => 'Reset Content', - 206 => 'Partial Content', - - 300 => 'Multiple Choices', - 301 => 'Moved Permanently', - 302 => 'Found', - 303 => 'See Other', - 304 => 'Not Modified', - 305 => 'Use Proxy', - 307 => 'Temporary Redirect', - - 400 => 'Bad Request', - 401 => 'Unauthorized', - 403 => 'Forbidden', - 404 => 'Not Found', - 405 => 'Method Not Allowed', - 406 => 'Not Acceptable', - 407 => 'Proxy Authentication Required', - 408 => 'Request Timeout', - 409 => 'Conflict', - 410 => 'Gone', - 411 => 'Length Required', - 412 => 'Precondition Failed', - 413 => 'Request Entity Too Large', - 414 => 'Request-URI Too Long', - 415 => 'Unsupported Media Type', - 416 => 'Requested Range Not Satisfiable', - 417 => 'Expectation Failed', - 422 => 'Unprocessable Entity', - - 500 => 'Internal Server Error', - 501 => 'Not Implemented', - 502 => 'Bad Gateway', - 503 => 'Service Unavailable', - 504 => 'Gateway Timeout', - 505 => 'HTTP Version Not Supported' - ); - if (empty($code) OR ! is_numeric($code)) { show_error('Status codes must be numeric', 500); } - is_int($code) OR $code = (int) $code; - if (empty($text)) { + is_int($code) OR $code = (int) $code; + $stati = array( + 200 => 'OK', + 201 => 'Created', + 202 => 'Accepted', + 203 => 'Non-Authoritative Information', + 204 => 'No Content', + 205 => 'Reset Content', + 206 => 'Partial Content', + + 300 => 'Multiple Choices', + 301 => 'Moved Permanently', + 302 => 'Found', + 303 => 'See Other', + 304 => 'Not Modified', + 305 => 'Use Proxy', + 307 => 'Temporary Redirect', + + 400 => 'Bad Request', + 401 => 'Unauthorized', + 403 => 'Forbidden', + 404 => 'Not Found', + 405 => 'Method Not Allowed', + 406 => 'Not Acceptable', + 407 => 'Proxy Authentication Required', + 408 => 'Request Timeout', + 409 => 'Conflict', + 410 => 'Gone', + 411 => 'Length Required', + 412 => 'Precondition Failed', + 413 => 'Request Entity Too Large', + 414 => 'Request-URI Too Long', + 415 => 'Unsupported Media Type', + 416 => 'Requested Range Not Satisfiable', + 417 => 'Expectation Failed', + 422 => 'Unprocessable Entity', + + 500 => 'Internal Server Error', + 501 => 'Not Implemented', + 502 => 'Bad Gateway', + 503 => 'Service Unavailable', + 504 => 'Gateway Timeout', + 505 => 'HTTP Version Not Supported' + ); + if (isset($stati[$code])) { $text = $stati[$code]; -- cgit v1.2.3-24-g4f1b From cae95883a03b686d24b1d62191f38723ae958960 Mon Sep 17 00:00:00 2001 From: Ignasimg Date: Thu, 26 Feb 2015 02:46:14 +0100 Subject: funny tabs & spaces added and removed. --- system/core/Input.php | 38 ++++++++++++++++++++------------------ 1 file changed, 20 insertions(+), 18 deletions(-) (limited to 'system/core') diff --git a/system/core/Input.php b/system/core/Input.php index 97884d309..14f3e1083 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -103,16 +103,16 @@ class CI_Input { */ protected $headers = array(); - protected $_raw_input_stream = NULL; + protected $_raw_input_stream; /** - * Input stream data - * - * Parsed from php://input at runtime - * - * @see CI_Input::input_stream() - * @var array - */ + * Input stream data + * + * Parsed from php://input at runtime + * + * @see CI_Input::input_stream() + * @var array + */ protected $_input_stream = NULL; /** @@ -301,23 +301,25 @@ class CI_Input { // ------------------------------------------------------------------------ /** - * Fetch an item from the php://input stream - * - * Useful when you need to access PUT, DELETE or PATCH request data. - * - * @param string $index Index for item to be fetched - * @param bool $xss_clean Whether to apply XSS filtering - * @return mixed - */ + * Fetch an item from the php://input stream + * + * Useful when you need to access PUT, DELETE or PATCH request data. + * + * @param string $index Index for item to be fetched + * @param bool $xss_clean Whether to apply XSS filtering + * @return mixed + */ public function input_stream($index = NULL, $xss_clean = NULL) { - // Prior to PHP 5.6, the input stream can only be read once, - // so we'll need to check if we have already done that first. + // Prior to PHP 5.6, the input stream can only be read once, + // so we'll need to check if we have already done that first. if ( ! is_array($this->_input_stream)) { + // $this->raw_input_stream will trigger __get(). parse_str($this->raw_input_stream, $this->_input_stream); is_array($this->_input_stream) OR $this->_input_stream = array(); } + return $this->_fetch_from_array($this->_input_stream, $index, $xss_clean); } -- cgit v1.2.3-24-g4f1b From 1e35792cc2d231cba11c2faefd71717ab67a46d2 Mon Sep 17 00:00:00 2001 From: Ignasimg Date: Thu, 26 Feb 2015 18:02:45 +0100 Subject: Update Input.php --- system/core/Input.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'system/core') diff --git a/system/core/Input.php b/system/core/Input.php index 14f3e1083..a72c4ac1e 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -305,8 +305,8 @@ class CI_Input { * * Useful when you need to access PUT, DELETE or PATCH request data. * - * @param string $index Index for item to be fetched - * @param bool $xss_clean Whether to apply XSS filtering + * @param string $index Index for item to be fetched + * @param bool $xss_clean Whether to apply XSS filtering * @return mixed */ public function input_stream($index = NULL, $xss_clean = NULL) @@ -319,7 +319,7 @@ class CI_Input { parse_str($this->raw_input_stream, $this->_input_stream); is_array($this->_input_stream) OR $this->_input_stream = array(); } - + return $this->_fetch_from_array($this->_input_stream, $index, $xss_clean); } -- cgit v1.2.3-24-g4f1b From d0ac8b132390387d08bcaa5a20fbea35a350c9d3 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 27 Feb 2015 11:41:52 +0200 Subject: Fix an E_NOTICE caused by #3604 --- system/core/Input.php | 43 ++++++++++++++++++++++++++++++------------- 1 file changed, 30 insertions(+), 13 deletions(-) (limited to 'system/core') diff --git a/system/core/Input.php b/system/core/Input.php index c3382b4d9..3e792fc13 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -103,17 +103,26 @@ class CI_Input { */ protected $headers = array(); + /** + * Raw input stream data + * + * Holds a cache of php://input contents + * + * @var string + */ protected $_raw_input_stream; /** - * Input stream data + * Parsed input stream data * * Parsed from php://input at runtime * * @see CI_Input::input_stream() * @var array */ - protected $_input_stream = NULL; + protected $_input_stream; + + // -------------------------------------------------------------------- /** * Class constructor @@ -325,17 +334,6 @@ class CI_Input { // ------------------------------------------------------------------------ - public function __get($name) - { - if ($name === 'raw_input_stream') - { - isset($this->_raw_input_stream) OR $this->_raw_input_stream = file_get_contents('php://input'); - return $this->_raw_input_stream; - } - } - - // ------------------------------------------------------------------------ - /** * Set cookie * @@ -860,4 +858,23 @@ class CI_Input { : strtolower($this->server('REQUEST_METHOD')); } + // ------------------------------------------------------------------------ + + /** + * Magic __get() + * + * Allows read access to protected properties + * + * @param string $name + * @return mixed + */ + public function __get($name) + { + if ($name === 'raw_input_stream') + { + isset($this->_raw_input_stream) OR $this->_raw_input_stream = file_get_contents('php://input'); + return $this->_raw_input_stream; + } + } + } -- cgit v1.2.3-24-g4f1b From 88fd8e4548eb50d8307757b8e37333ded8f221e9 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 27 Feb 2015 11:43:01 +0200 Subject: Eh ... really fix that notice (#3604) --- system/core/Input.php | 2 ++ 1 file changed, 2 insertions(+) (limited to 'system/core') diff --git a/system/core/Input.php b/system/core/Input.php index 3e792fc13..484397d63 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -122,6 +122,8 @@ class CI_Input { */ protected $_input_stream; + protected $security; + // -------------------------------------------------------------------- /** -- cgit v1.2.3-24-g4f1b From 7d365dcc8bdf69534b54401cc862be105e1a8a28 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 27 Feb 2015 14:32:15 +0200 Subject: Fix #3633 --- system/core/Input.php | 1 + 1 file changed, 1 insertion(+) (limited to 'system/core') diff --git a/system/core/Input.php b/system/core/Input.php index 484397d63..be9f3c169 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -123,6 +123,7 @@ class CI_Input { protected $_input_stream; protected $security; + protected $uni; // -------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From 52caf59f244e0c1363ac0ce6ba61a7f5001603df Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 27 Feb 2015 15:09:34 +0200 Subject: Make CI_Input:: read-only as well --- system/core/Input.php | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Input.php b/system/core/Input.php index be9f3c169..6be4b9a6c 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -55,7 +55,7 @@ class CI_Input { * * @var string */ - public $ip_address = FALSE; + protected $ip_address = FALSE; /** * Allow GET array flag @@ -878,6 +878,10 @@ class CI_Input { isset($this->_raw_input_stream) OR $this->_raw_input_stream = file_get_contents('php://input'); return $this->_raw_input_stream; } + elseif ($name === 'ip_address') + { + return $this->ip_address; + } } } -- cgit v1.2.3-24-g4f1b From fd08d02b1984d8f27a5e447a5c9d5e190271ab5e Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 3 Mar 2015 12:36:11 +0200 Subject: Remove an unused var in CI_Log Was suggested as part of PR #3630, which was rejected due to numerous other changes --- system/core/Log.php | 9 +-------- 1 file changed, 1 insertion(+), 8 deletions(-) (limited to 'system/core') diff --git a/system/core/Log.php b/system/core/Log.php index 833316273..e8cb401f5 100644 --- a/system/core/Log.php +++ b/system/core/Log.php @@ -69,13 +69,6 @@ class CI_Log { */ protected $_threshold = 1; - /** - * Highest level of logging - * - * @var int - */ - protected $_threshold_max = 0; - /** * Array of threshold levels to log * @@ -139,7 +132,7 @@ class CI_Log { } elseif (is_array($config['log_threshold'])) { - $this->_threshold = $this->_threshold_max; + $this->_threshold = 0; $this->_threshold_array = array_flip($config['log_threshold']); } -- cgit v1.2.3-24-g4f1b From 137aa20e0b0fd71ff8f672c57c07c4972c91c6a4 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 5 Mar 2015 11:36:25 +0200 Subject: Fix #3642 --- system/core/Config.php | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) (limited to 'system/core') diff --git a/system/core/Config.php b/system/core/Config.php index a191a7727..b9af8e3b2 100644 --- a/system/core/Config.php +++ b/system/core/Config.php @@ -126,7 +126,6 @@ class CI_Config { foreach (array($file, ENVIRONMENT.'/'.$file) as $location) { $file_path = $path.'config/'.$location.'.php'; - if (in_array($file_path, $this->is_loaded, TRUE)) { return TRUE; @@ -165,14 +164,13 @@ class CI_Config { $loaded = TRUE; log_message('debug', 'Config file loaded: '.$file_path); } - - if ($loaded === TRUE) - { - return TRUE; - } } - if ($fail_gracefully === TRUE) + if ($loaded === TRUE) + { + return TRUE; + } + elseif ($fail_gracefully === TRUE) { return FALSE; } -- cgit v1.2.3-24-g4f1b From b6d174649a6e3a975e077d6ffa9b91a48f291ca0 Mon Sep 17 00:00:00 2001 From: bjjay Date: Thu, 12 Mar 2015 10:31:14 +0800 Subject: Correct a comment link typo --- system/core/compat/mbstring.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/compat/mbstring.php b/system/core/compat/mbstring.php index ddb2bae47..e335c85f7 100644 --- a/system/core/compat/mbstring.php +++ b/system/core/compat/mbstring.php @@ -92,7 +92,7 @@ if ( ! function_exists('mb_strpos')) * WARNING: This function WILL fall-back to strpos() * if iconv is not available! * - * @link http://php.net/mb_strpos() + * @link http://php.net/mb_strpos * @param string $haystack * @param string $needle * @param int $offset -- cgit v1.2.3-24-g4f1b From 7f310d63d61e9b334385ef5f6501129d685924ba Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sun, 15 Mar 2015 19:03:43 +0200 Subject: [ci skip] Use DIRECTORY_SEPARATOR instead of / in CI_Config --- system/core/Config.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Config.php b/system/core/Config.php index b9af8e3b2..d07000ac9 100644 --- a/system/core/Config.php +++ b/system/core/Config.php @@ -123,7 +123,7 @@ class CI_Config { foreach ($this->_config_paths as $path) { - foreach (array($file, ENVIRONMENT.'/'.$file) as $location) + foreach (array($file, ENVIRONMENT.DIRECTORY_SEPARATOR.$file) as $location) { $file_path = $path.'config/'.$location.'.php'; if (in_array($file_path, $this->is_loaded, TRUE)) -- cgit v1.2.3-24-g4f1b From 0fc46caedd690b05141a0b80bc5d7bca9b72b61b Mon Sep 17 00:00:00 2001 From: Heesung Ahn Date: Wed, 18 Mar 2015 18:49:22 -0400 Subject: Updated CI_Input unit test and fixed error "undefined offset" caused by using the same variable name, $i, twice for for loop inside for loop. Signed-off-by:Heesung Ahn --- system/core/Input.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'system/core') diff --git a/system/core/Input.php b/system/core/Input.php index 6be4b9a6c..12332cf51 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -490,9 +490,9 @@ class CI_Input { ) ); - for ($i = 0; $i < 8; $i++) + for ($j = 0; $j < 8; $j++) { - $ip[$i] = intval($ip[$i], 16); + $ip[$j] = intval($ip[$j], 16); } $sprintf = '%016b%016b%016b%016b%016b%016b%016b%016b'; -- cgit v1.2.3-24-g4f1b From 28625e5bc99c59f90db117ecfddf5533db11c61e Mon Sep 17 00:00:00 2001 From: Joshua Logsdon Date: Tue, 24 Mar 2015 14:33:21 -0400 Subject: array_fill() throws an error if count($var) is 0 Signed-off-by: Joshua Logsdon --- system/core/Common.php | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'system/core') diff --git a/system/core/Common.php b/system/core/Common.php index ee5a705b2..935c687ab 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -743,6 +743,12 @@ if ( ! function_exists('html_escape')) { if (is_array($var)) { + // If empty array, skip escaping + if ( empty($var) ) + { + return $var; + } + return array_map('html_escape', $var, array_fill(0, count($var), $double_encode)); } -- cgit v1.2.3-24-g4f1b From 8f5c1780706113c926bb7801db27dbae97d00fcf Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 25 Mar 2015 13:41:02 +0200 Subject: Fix #3694: Packages not overriding stock libraries Related: #3692 --- system/core/Loader.php | 47 ++++++++++++++++++++++++++++++----------------- 1 file changed, 30 insertions(+), 17 deletions(-) (limited to 'system/core') diff --git a/system/core/Loader.php b/system/core/Loader.php index b2eeb3b1d..254ad0d6d 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -1079,17 +1079,26 @@ class CI_Loader { log_message('debug', $library_name.' class already loaded. Second attempt ignored.'); return; } - elseif (file_exists(APPPATH.'libraries/'.$file_path.$library_name.'.php')) + + $paths = $this->_ci_library_paths; + array_pop($paths); // BASEPATH + array_pop($paths); // APPPATH (needs to be the first path checked) + array_unshift($paths, APPPATH); + + foreach ($paths as $path) { - // Override - include_once(APPPATH.'libraries/'.$file_path.$library_name.'.php'); - if (class_exists($prefix.$library_name, FALSE)) + if (file_exists($path = $path.'libraries/'.$file_path.$library_name.'.php')) { - return $this->_ci_init_library($library_name, $prefix, $params, $object_name); - } - else - { - log_message('debug', APPPATH.'libraries/'.$file_path.$library_name.'.php exists, but does not declare '.$prefix.$library_name); + // Override + include_once($path); + if (class_exists($prefix.$library_name, FALSE)) + { + return $this->_ci_init_library($library_name, $prefix, $params, $object_name); + } + else + { + log_message('debug', $path.' exists, but does not declare '.$prefix.$library_name); + } } } @@ -1097,16 +1106,20 @@ class CI_Loader { // Check for extensions $subclass = config_item('subclass_prefix').$library_name; - if (file_exists(APPPATH.'libraries/'.$file_path.$subclass.'.php')) + foreach ($paths as $path) { - include_once(APPPATH.'libraries/'.$file_path.$subclass.'.php'); - if (class_exists($subclass, FALSE)) + if (file_exists($path = $path.'libraries/'.$file_path.$subclass.'.php')) { - $prefix = config_item('subclass_prefix'); - } - else - { - log_message('debug', APPPATH.'libraries/'.$file_path.$subclass.'.php exists, but does not declare '.$subclass); + include_once($path); + if (class_exists($subclass, FALSE)) + { + $prefix = config_item('subclass_prefix'); + break; + } + else + { + log_message('debug', APPPATH.'libraries/'.$file_path.$subclass.'.php exists, but does not declare '.$subclass); + } } } -- cgit v1.2.3-24-g4f1b From 993e340a9a0e00c5a2cdbbfc47f0c8a24e8e4bf1 Mon Sep 17 00:00:00 2001 From: Joshua Logsdon Date: Wed, 25 Mar 2015 12:03:43 -0400 Subject: Return empty $var immediately Signed-off-by: Joshua Logsdon --- system/core/Common.php | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) (limited to 'system/core') diff --git a/system/core/Common.php b/system/core/Common.php index 935c687ab..2b1e844b4 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -741,14 +741,14 @@ if ( ! function_exists('html_escape')) */ function html_escape($var, $double_encode = TRUE) { + // If empty, skip escaping + if (empty($var)) + { + return $var; + } + if (is_array($var)) { - // If empty array, skip escaping - if ( empty($var) ) - { - return $var; - } - return array_map('html_escape', $var, array_fill(0, count($var), $double_encode)); } -- cgit v1.2.3-24-g4f1b From 362ff3ae4b6ce363c9cb07de682180bc447c8e28 Mon Sep 17 00:00:00 2001 From: Joshua Logsdon Date: Wed, 25 Mar 2015 12:08:19 -0400 Subject: Remove comment Signed-off-by: Joshua Logsdon --- system/core/Common.php | 1 - 1 file changed, 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Common.php b/system/core/Common.php index 2b1e844b4..f28272b5b 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -741,7 +741,6 @@ if ( ! function_exists('html_escape')) */ function html_escape($var, $double_encode = TRUE) { - // If empty, skip escaping if (empty($var)) { return $var; -- cgit v1.2.3-24-g4f1b From aebd039a61cb5135b31ab0b8d9d95ed3fb678c7b Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 26 Mar 2015 14:15:34 +0200 Subject: Add FSCommand and seekSegmentTime to evil HTML attributes list --- system/core/Security.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Security.php b/system/core/Security.php index 216f0e98b..da497762d 100644 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -772,7 +772,7 @@ class CI_Security { */ protected function _remove_evil_attributes($str, $is_image) { - $evil_attributes = array('on\w*', 'style', 'xmlns', 'formaction', 'form', 'xlink:href'); + $evil_attributes = array('on\w*', 'style', 'xmlns', 'formaction', 'form', 'xlink:href', 'FSCommand', 'seekSegmentTime'); if ($is_image === TRUE) { -- cgit v1.2.3-24-g4f1b From 068ab206d84bf1668832988932dc61cfb3103bf8 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 26 Mar 2015 21:03:38 +0200 Subject: Minor fixes in CI_Security::entity_decode() --- system/core/Security.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'system/core') diff --git a/system/core/Security.php b/system/core/Security.php index da497762d..9cef42439 100644 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -656,7 +656,7 @@ class CI_Security { { $_entities[':'] = ':'; $_entities['('] = '('; - $_entities[')'] = '&rpar'; + $_entities[')'] = ')'; $_entities["\n"] = '&newline;'; $_entities["\t"] = '&tab;'; } @@ -664,11 +664,11 @@ class CI_Security { $replace = array(); $matches = array_unique(array_map('strtolower', $matches[0])); - for ($i = 0, $c = count($matches); $i < $c; $i++) + foreach ($matches as &$match) { - if (($char = array_search($matches[$i].';', $_entities, TRUE)) !== FALSE) + if (($char = array_search($match.';', $_entities, TRUE)) !== FALSE) { - $replace[$matches[$i]] = $char; + $replace[$match] = $char; } } -- cgit v1.2.3-24-g4f1b From 32e7ba3560a2c2c3a72236463091049c51a518ec Mon Sep 17 00:00:00 2001 From: Cyrille TOULET Date: Fri, 27 Mar 2015 19:28:10 +0100 Subject: Fix an "strpos(): Empty needle" warning Signed-off-by: Cyrille TOULET --- system/core/URI.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'system/core') diff --git a/system/core/URI.php b/system/core/URI.php index e96749456..43a0a9caa 100644 --- a/system/core/URI.php +++ b/system/core/URI.php @@ -205,11 +205,11 @@ class CI_URI { $query = isset($uri['query']) ? $uri['query'] : ''; $uri = isset($uri['path']) ? $uri['path'] : ''; - if (strpos($uri, $_SERVER['SCRIPT_NAME']) === 0) + if (!empty($_SERVER['SCRIPT_NAME']) && strpos($uri, $_SERVER['SCRIPT_NAME']) === 0) { $uri = (string) substr($uri, strlen($_SERVER['SCRIPT_NAME'])); } - elseif (strpos($uri, dirname($_SERVER['SCRIPT_NAME'])) === 0) + elseif (!empty($_SERVER['SCRIPT_NAME']) && strpos($uri, dirname($_SERVER['SCRIPT_NAME'])) === 0) { $uri = (string) substr($uri, strlen(dirname($_SERVER['SCRIPT_NAME']))); } -- cgit v1.2.3-24-g4f1b From ead327f7fd53946dc61dbd0562d9f7f3d19e802c Mon Sep 17 00:00:00 2001 From: Cyrille TOULET Date: Sun, 29 Mar 2015 14:53:16 +0200 Subject: Fix an "strpos(): Empty needle" warning Signed-off-by: Cyrille TOULET --- system/core/URI.php | 19 +++++++++++-------- 1 file changed, 11 insertions(+), 8 deletions(-) (limited to 'system/core') diff --git a/system/core/URI.php b/system/core/URI.php index 43a0a9caa..9c8e37f0f 100644 --- a/system/core/URI.php +++ b/system/core/URI.php @@ -205,14 +205,17 @@ class CI_URI { $query = isset($uri['query']) ? $uri['query'] : ''; $uri = isset($uri['path']) ? $uri['path'] : ''; - if (!empty($_SERVER['SCRIPT_NAME']) && strpos($uri, $_SERVER['SCRIPT_NAME']) === 0) - { - $uri = (string) substr($uri, strlen($_SERVER['SCRIPT_NAME'])); - } - elseif (!empty($_SERVER['SCRIPT_NAME']) && strpos($uri, dirname($_SERVER['SCRIPT_NAME'])) === 0) - { - $uri = (string) substr($uri, strlen(dirname($_SERVER['SCRIPT_NAME']))); - } + if (isset($_SERVER['SCRIPT_NAME'][0])) + { + if (strpos($uri, $_SERVER['SCRIPT_NAME']) === 0) + { + $uri = (string) substr($uri, strlen($_SERVER['SCRIPT_NAME'])); + } + elseif (strpos($uri, dirname($_SERVER['SCRIPT_NAME'])) === 0) + { + $uri = (string) substr($uri, strlen(dirname($_SERVER['SCRIPT_NAME']))); + } + } // This section ensures that even on servers that require the URI to be in the query string (Nginx) a correct // URI is found, and also fixes the QUERY_STRING server var and $_GET array. -- cgit v1.2.3-24-g4f1b From cbf3a559583bcc9055fcee5f7564ca847d0b8dff Mon Sep 17 00:00:00 2001 From: Cyrille TOULET Date: Mon, 30 Mar 2015 09:14:46 +0200 Subject: Use tabs instead of spaces Signed-off-by: Cyrille TOULET --- system/core/URI.php | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) (limited to 'system/core') diff --git a/system/core/URI.php b/system/core/URI.php index 9c8e37f0f..2211e3665 100644 --- a/system/core/URI.php +++ b/system/core/URI.php @@ -205,17 +205,17 @@ class CI_URI { $query = isset($uri['query']) ? $uri['query'] : ''; $uri = isset($uri['path']) ? $uri['path'] : ''; - if (isset($_SERVER['SCRIPT_NAME'][0])) - { - if (strpos($uri, $_SERVER['SCRIPT_NAME']) === 0) - { - $uri = (string) substr($uri, strlen($_SERVER['SCRIPT_NAME'])); - } - elseif (strpos($uri, dirname($_SERVER['SCRIPT_NAME'])) === 0) - { - $uri = (string) substr($uri, strlen(dirname($_SERVER['SCRIPT_NAME']))); - } - } + if (isset($_SERVER['SCRIPT_NAME'][0])) + { + if (strpos($uri, $_SERVER['SCRIPT_NAME']) === 0) + { + $uri = (string) substr($uri, strlen($_SERVER['SCRIPT_NAME'])); + } + elseif (strpos($uri, dirname($_SERVER['SCRIPT_NAME'])) === 0) + { + $uri = (string) substr($uri, strlen(dirname($_SERVER['SCRIPT_NAME']))); + } + } // This section ensures that even on servers that require the URI to be in the query string (Nginx) a correct // URI is found, and also fixes the QUERY_STRING server var and $_GET array. -- cgit v1.2.3-24-g4f1b From 7a46bdeed5c1fb2dfafa18b7bd3a2315bd08255e Mon Sep 17 00:00:00 2001 From: mwhitneysdsu Date: Mon, 30 Mar 2015 12:22:17 -0700 Subject: Fix logged path to match checked path in loader This is to fix a logged path missed in 8f5c1780706113c926bb7801db27dbae97d00fcf --- system/core/Loader.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Loader.php b/system/core/Loader.php index 254ad0d6d..c0a5cd634 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -1118,7 +1118,7 @@ class CI_Loader { } else { - log_message('debug', APPPATH.'libraries/'.$file_path.$subclass.'.php exists, but does not declare '.$subclass); + log_message('debug', $path.' exists, but does not declare '.$subclass); } } } -- cgit v1.2.3-24-g4f1b From e04f4f76199d88ae2a3a62379fac728ceb637895 Mon Sep 17 00:00:00 2001 From: mwhitneysdsu Date: Mon, 30 Mar 2015 12:38:22 -0700 Subject: Fix whitespace in previous commit --- system/core/Loader.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Loader.php b/system/core/Loader.php index c0a5cd634..007378ee2 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -1118,7 +1118,7 @@ class CI_Loader { } else { - log_message('debug', $path.' exists, but does not declare '.$subclass); + log_message('debug', $path.' exists, but does not declare '.$subclass); } } } -- cgit v1.2.3-24-g4f1b From c0b2ae29b8a4c48c6adde72bc3f66ad3780246ec Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 31 Mar 2015 11:50:46 +0300 Subject: [ci skip] Update version number --- system/core/CodeIgniter.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index d830c1829..b38166b60 100644 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -55,7 +55,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @var string * */ - define('CI_VERSION', '3.0-dev'); + define('CI_VERSION', '3.0.0'); /* * ------------------------------------------------------ -- cgit v1.2.3-24-g4f1b From 0be4c803d10dfb2c697e07751654848829d4476b Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 31 Mar 2015 15:03:03 +0300 Subject: [ci skip] Fix a wrong docblock link --- system/core/Hooks.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Hooks.php b/system/core/Hooks.php index 08479b133..3b4fb2250 100644 --- a/system/core/Hooks.php +++ b/system/core/Hooks.php @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Libraries * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/encryption.html + * @link http://codeigniter.com/user_guide/general/hooks.html */ class CI_Hooks { -- cgit v1.2.3-24-g4f1b From 68bad62fc4d88b6423bd15ab94a53c54a919f041 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 1 Apr 2015 14:51:25 +0300 Subject: Mitigate potential DoS attacks against hash_pbkdf2() Related: #3720 --- system/core/compat/hash.php | 51 +++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 49 insertions(+), 2 deletions(-) (limited to 'system/core') diff --git a/system/core/compat/hash.php b/system/core/compat/hash.php index 477535dca..15954559c 100644 --- a/system/core/compat/hash.php +++ b/system/core/compat/hash.php @@ -174,9 +174,56 @@ if ( ! function_exists('hash_pbkdf2')) } $hash_length = strlen(hash($algo, NULL, TRUE)); - if (empty($length)) + empty($length) && $length = $hash_length; + + // Pre-hash password inputs longer than the algorithm's block size + // (i.e. prepare HMAC key) to mitigate potential DoS attacks. + static $block_sizes; + empty($block_sizes) && $block_sizes = array( + 'gost' => 32, + 'haval128,3' => 128, + 'haval160,3' => 128, + 'haval192,3' => 128, + 'haval224,3' => 128, + 'haval256,3' => 128, + 'haval128,4' => 128, + 'haval160,4' => 128, + 'haval192,4' => 128, + 'haval224,4' => 128, + 'haval256,4' => 128, + 'haval128,5' => 128, + 'haval160,5' => 128, + 'haval192,5' => 128, + 'haval224,5' => 128, + 'haval256,5' => 128, + 'md2' => 16, + 'md4' => 64, + 'md5' => 64, + 'ripemd128' => 64, + 'ripemd160' => 64, + 'ripemd256' => 64, + 'ripemd320' => 64, + 'salsa10' => 64, + 'salsa20' => 64, + 'sha1' => 64, + 'sha224' => 64, + 'sha256' => 64, + 'sha384' => 128, + 'sha512' => 128, + 'snefru' => 32, + 'snefru256' => 32, + 'tiger128,3' => 64, + 'tiger160,3' => 64, + 'tiger192,3' => 64, + 'tiger128,4' => 64, + 'tiger160,4' => 64, + 'tiger192,4' => 64, + 'whirlpool' => 64 + ); + + if (isset($block_sizes[$algo]) && strlen($password) > $block_sizes[$algo]) { - $length = $hash_length; + $password = hash($algo, $password, TRUE); } $hash = ''; -- cgit v1.2.3-24-g4f1b From d75847ecf28bdbad7033af33514d042ee86c13c2 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 1 Apr 2015 14:51:47 +0300 Subject: [ci skip] Update version numbers --- system/core/CodeIgniter.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index b38166b60..ddf322749 100644 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -55,7 +55,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @var string * */ - define('CI_VERSION', '3.0.0'); + define('CI_VERSION', '3.0.1-dev'); /* * ------------------------------------------------------ -- cgit v1.2.3-24-g4f1b From e36d048b068418b76551fb9eaa2c32a7b40f3812 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 4 Apr 2015 21:55:09 +0300 Subject: Fix #3733 Close #3734 --- system/core/Loader.php | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) (limited to 'system/core') diff --git a/system/core/Loader.php b/system/core/Loader.php index 007378ee2..9205ad1b6 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -1307,10 +1307,7 @@ class CI_Loader { } // Load all other libraries - foreach ($autoload['libraries'] as $item) - { - $this->library($item); - } + $this->library($autoload['libraries']); } // Autoload models -- cgit v1.2.3-24-g4f1b From 5c58e6744c9cf616d93f6f12255e0fc70c751341 Mon Sep 17 00:00:00 2001 From: mult1mate Date: Wed, 8 Apr 2015 16:03:31 +0300 Subject: typo --- system/core/Common.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Common.php b/system/core/Common.php index f28272b5b..a96828e96 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -181,7 +181,7 @@ if ( ! function_exists('load_class')) // Did we find the class? if ($name === FALSE) { - // Note: We use exit() rather then show_error() in order to avoid a + // Note: We use exit() rather than show_error() in order to avoid a // self-referencing loop with the Exceptions class set_status_header(503); echo 'Unable to locate the specified class: '.$class.'.php'; -- cgit v1.2.3-24-g4f1b From 1924eb37cc5488be7560a8a754663bba6a47a5e4 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 8 Apr 2015 17:19:24 +0300 Subject: [ci skip] Fix comment typos https://github.com/bcit-ci/CodeIgniter/pull/3748#issuecomment-90925762 --- system/core/Router.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Router.php b/system/core/Router.php index eb3da2285..f91d3f6ec 100644 --- a/system/core/Router.php +++ b/system/core/Router.php @@ -493,7 +493,7 @@ class CI_Router { * Set directory name * * @param string $dir Directory name - * @param bool $appent Whether we're appending rather then setting the full value + * @param bool $appent Whether we're appending rather than setting the full value * @return void */ public function set_directory($dir, $append = FALSE) -- cgit v1.2.3-24-g4f1b From 2b7a97c55eb7e2797cea0ee39a96996a80c43f27 Mon Sep 17 00:00:00 2001 From: ftwbzhao Date: Tue, 14 Apr 2015 11:19:38 +0800 Subject: Status Code Definitions --- system/core/Common.php | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'system/core') diff --git a/system/core/Common.php b/system/core/Common.php index a96828e96..a81e45500 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -506,6 +506,9 @@ if ( ! function_exists('set_status_header')) { is_int($code) OR $code = (int) $code; $stati = array( + 100 => 'Continue', + 101 => 'Switching Protocols', + 200 => 'OK', 201 => 'Created', 202 => 'Accepted', @@ -524,6 +527,7 @@ if ( ! function_exists('set_status_header')) 400 => 'Bad Request', 401 => 'Unauthorized', + 402 => 'Payment Required', 403 => 'Forbidden', 404 => 'Not Found', 405 => 'Method Not Allowed', -- cgit v1.2.3-24-g4f1b From 6b620fb7e61f1051f5bced189d1b57bd30a97126 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 20 Apr 2015 12:46:46 +0300 Subject: [ci skip] Remove whitespace --- system/core/Common.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Common.php b/system/core/Common.php index a81e45500..b850fd39a 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -749,7 +749,7 @@ if ( ! function_exists('html_escape')) { return $var; } - + if (is_array($var)) { return array_map('html_escape', $var, array_fill(0, count($var), $double_encode)); -- cgit v1.2.3-24-g4f1b From fd1bc2213f158ae9368a3d85dc108f641dd566bf Mon Sep 17 00:00:00 2001 From: Ivan Tcholakov Date: Thu, 23 Apr 2015 23:21:08 +0300 Subject: Output cache: Fixing a wrong timestamp. Credits to khoggatt (CodeIgniter forum). --- system/core/Output.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Output.php b/system/core/Output.php index 02f66936c..e7d559a1d 100644 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -674,7 +674,7 @@ class CI_Output { $cache_info = unserialize($match[1]); $expire = $cache_info['expire']; - $last_modified = filemtime($cache_path); + $last_modified = filemtime($filepath); // Has the file expired? if ($_SERVER['REQUEST_TIME'] >= $expire && is_really_writable($cache_path)) -- cgit v1.2.3-24-g4f1b From 0b978ddf678281ad8c1ab263040fd108be6c926f Mon Sep 17 00:00:00 2001 From: w0den Date: Sat, 2 May 2015 17:53:33 +0300 Subject: Bug Fix manually delete caching method MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit According to documentation, to manually delete cache for page "/foo/bar" we should run $this->output->delete_cache('/foo/bar'), but in this case MD5 hash will be calculated for "http://site.com//foo/bar" and this is why, we should pass $uri without beginning slash (ie, "foo/bar"). But the problem is that there is no way to delete cache for home page because: 1) $this->output->delete_cache('/') — MD5 hash will be calculated for "http://site.com//" and cache file will not be deleted. 2) $this->output->delete_cache('') — MD5 hash will be calculated for "http://site.com/%CURRENT_PAGE%" and again, cache file will not be deleted. Trimming the beginning slash, we enable ability to delete cache for home page by calling $this->output->delete_cache('/'). Also, this method will work as specified in the documentation. --- system/core/Output.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Output.php b/system/core/Output.php index e7d559a1d..f1859ccf6 100644 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -735,7 +735,7 @@ class CI_Output { } } - $cache_path .= md5($CI->config->item('base_url').$CI->config->item('index_page').$uri); + $cache_path .= md5($CI->config->item('base_url').$CI->config->item('index_page').ltrim($uri, '/')); if ( ! @unlink($cache_path)) { -- cgit v1.2.3-24-g4f1b From dc29c6dc9069650d69496635643f00ab5e52067e Mon Sep 17 00:00:00 2001 From: w0den Date: Mon, 11 May 2015 18:58:20 +0300 Subject: Improve Cache Query String behaviour MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Typically, in most cases, we do not need to cache all the Query String variables. That's why I suggest to improve `Cache Include Query String` behaviour — allow the developer to independently specify which variables should be cached. For example, consider a query to the following URL address: http://site.com/search?q=query&page=2&session=abcd&utm_source=web In this case we don't need to build md5 hash for entire query string, because `session` or `utm_source` can be different for all users. The only variables which should be used for md5 hash should be `q` and `page`. Thus, in `config.php` we can use `$config['cache_query_string'] = array('page', 'q');`. So: `$config['cache_query_string'] = FALSE;` → Cache Include Query String is disabled `$config['cache_query_string'] = TRUE;` → Cache Include Query String is enabled for all `$config['cache_query_string'] = array('page', 'q');` → enabled only for specified variables --- system/core/Output.php | 33 +++++++++++++++++++++++++++------ 1 file changed, 27 insertions(+), 6 deletions(-) (limited to 'system/core') diff --git a/system/core/Output.php b/system/core/Output.php index f1859ccf6..4aed62a86 100644 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -556,9 +556,16 @@ class CI_Output { .$CI->config->item('index_page') .$CI->uri->uri_string(); - if ($CI->config->item('cache_query_string') && ! empty($_SERVER['QUERY_STRING'])) + if (($cache_query_string = $CI->config->item('cache_query_string')) && !empty($_SERVER['QUERY_STRING'])) { - $uri .= '?'.$_SERVER['QUERY_STRING']; + if (is_array($cache_query_string)) + { + $uri .= '?'.http_build_query(array_intersect_key($_GET, array_flip($cache_query_string))); + } + else + { + $uri .= '?'.$_SERVER['QUERY_STRING']; + } } $cache_path .= md5($uri); @@ -646,9 +653,16 @@ class CI_Output { // Build the file path. The file name is an MD5 hash of the full URI $uri = $CFG->item('base_url').$CFG->item('index_page').$URI->uri_string; - if ($CFG->item('cache_query_string') && ! empty($_SERVER['QUERY_STRING'])) + if (($cache_query_string = $CFG->item('cache_query_string')) && !empty($_SERVER['QUERY_STRING'])) { - $uri .= '?'.$_SERVER['QUERY_STRING']; + if (is_array($cache_query_string)) + { + $uri .= '?'.http_build_query(array_intersect_key($_GET, array_flip($cache_query_string))); + } + else + { + $uri .= '?'.$_SERVER['QUERY_STRING']; + } } $filepath = $cache_path.md5($uri); @@ -729,9 +743,16 @@ class CI_Output { { $uri = $CI->uri->uri_string(); - if ($CI->config->item('cache_query_string') && ! empty($_SERVER['QUERY_STRING'])) + if (($cache_query_string = $CI->config->item('cache_query_string')) && !empty($_SERVER['QUERY_STRING'])) { - $uri .= '?'.$_SERVER['QUERY_STRING']; + if (is_array($cache_query_string)) + { + $uri .= '?'.http_build_query(array_intersect_key($_GET, array_flip($cache_query_string))); + } + else + { + $uri .= '?'.$_SERVER['QUERY_STRING']; + } } } -- cgit v1.2.3-24-g4f1b From b76394834a3e36e8c376913cd9666a8d7a4cea45 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 8 Jun 2015 14:44:47 +0300 Subject: Fix #3890 --- system/core/Input.php | 18 +++++++++++++----- 1 file changed, 13 insertions(+), 5 deletions(-) (limited to 'system/core') diff --git a/system/core/Input.php b/system/core/Input.php index 12332cf51..b0bbb7b8d 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -799,19 +799,27 @@ class CI_Input { */ public function get_request_header($index, $xss_clean = FALSE) { - if (empty($this->headers)) + static $headers; + + if ( ! isset($headers)) { - $this->request_headers(); + empty($this->headers) OR $this->request_headers(); + foreach ($this->headers as $key => $value) + { + $headers[strtolower($key)] = $value; + } } - if ( ! isset($this->headers[$index])) + $index = strtolower($index); + + if ( ! isset($headers[$index])) { return NULL; } return ($xss_clean === TRUE) - ? $this->security->xss_clean($this->headers[$index]) - : $this->headers[$index]; + ? $this->security->xss_clean($headers[$index]) + : $headers[$index]; } // -------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From bf0488b59daaa9a77a72289b00a5ee807d907286 Mon Sep 17 00:00:00 2001 From: ftwbzhao Date: Mon, 6 Jul 2015 17:48:08 +0800 Subject: fix typo in router class --- system/core/Router.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Router.php b/system/core/Router.php index f91d3f6ec..051000533 100644 --- a/system/core/Router.php +++ b/system/core/Router.php @@ -105,7 +105,7 @@ class CI_Router { /** * Enable query strings flag * - * Determines wether to use GET parameters or segment URIs + * Determines whether to use GET parameters or segment URIs * * @var bool */ -- cgit v1.2.3-24-g4f1b From 7881fd17790fd86f658dd4cfcb5b2b5a6351ad00 Mon Sep 17 00:00:00 2001 From: Mohammad Sadegh Dehghan Niri Date: Wed, 15 Jul 2015 17:48:57 +0430 Subject: Fix a Typo --- system/core/Security.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Security.php b/system/core/Security.php index 9cef42439..7c5199255 100644 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -275,7 +275,7 @@ class CI_Security { $secure_cookie, config_item('cookie_httponly') ); - log_message('info', 'CRSF cookie sent'); + log_message('info', 'CSRF cookie sent'); return $this; } -- cgit v1.2.3-24-g4f1b From 298e0058b9d8e576cb7f017ade57c794060c3e98 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 15 Jul 2015 17:17:18 +0300 Subject: [ci skip] Revert styleguide violations from PR #3828 --- system/core/Output.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'system/core') diff --git a/system/core/Output.php b/system/core/Output.php index 4aed62a86..76c1329d2 100644 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -556,7 +556,7 @@ class CI_Output { .$CI->config->item('index_page') .$CI->uri->uri_string(); - if (($cache_query_string = $CI->config->item('cache_query_string')) && !empty($_SERVER['QUERY_STRING'])) + if (($cache_query_string = $CI->config->item('cache_query_string')) && ! empty($_SERVER['QUERY_STRING'])) { if (is_array($cache_query_string)) { @@ -653,7 +653,7 @@ class CI_Output { // Build the file path. The file name is an MD5 hash of the full URI $uri = $CFG->item('base_url').$CFG->item('index_page').$URI->uri_string; - if (($cache_query_string = $CFG->item('cache_query_string')) && !empty($_SERVER['QUERY_STRING'])) + if (($cache_query_string = $CFG->item('cache_query_string')) && ! empty($_SERVER['QUERY_STRING'])) { if (is_array($cache_query_string)) { @@ -743,7 +743,7 @@ class CI_Output { { $uri = $CI->uri->uri_string(); - if (($cache_query_string = $CI->config->item('cache_query_string')) && !empty($_SERVER['QUERY_STRING'])) + if (($cache_query_string = $CI->config->item('cache_query_string')) && ! empty($_SERVER['QUERY_STRING'])) { if (is_array($cache_query_string)) { -- cgit v1.2.3-24-g4f1b From 2ef5ed458c611331facfeb5abee051f4c0d1b08e Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 17 Jul 2015 14:24:26 +0300 Subject: Fix #3752 --- system/core/Router.php | 43 ++++++++++++++++++++++--------------------- 1 file changed, 22 insertions(+), 21 deletions(-) (limited to 'system/core') diff --git a/system/core/Router.php b/system/core/Router.php index 051000533..af87a305a 100644 --- a/system/core/Router.php +++ b/system/core/Router.php @@ -83,7 +83,7 @@ class CI_Router { * * @var string */ - public $directory = ''; + public $directory; /** * Default controller (and method if specific) @@ -126,25 +126,16 @@ class CI_Router { $this->uri =& load_class('URI', 'core'); $this->enable_query_strings = ( ! is_cli() && $this->config->item('enable_query_strings') === TRUE); + + // If a directory override is configured, it has to be set before any dynamic routing logic + is_array($routing) && isset($routing['directory']) && $this->set_directory($routing['directory']); $this->_set_routing(); // Set any routing overrides that may exist in the main index file if (is_array($routing)) { - if (isset($routing['directory'])) - { - $this->set_directory($routing['directory']); - } - - if ( ! empty($routing['controller'])) - { - $this->set_class($routing['controller']); - } - - if ( ! empty($routing['function'])) - { - $this->set_method($routing['function']); - } + empty($routing['controller']) OR $this->set_class($routing['controller']); + empty($routing['function']) OR $this->set_method($routing['function']); } log_message('info', 'Router Class Initialized'); @@ -167,12 +158,17 @@ class CI_Router { // If this feature is enabled, we will gather the directory/class/method a little differently if ($this->enable_query_strings) { - $_d = $this->config->item('directory_trigger'); - $_d = isset($_GET[$_d]) ? trim($_GET[$_d], " \t\n\r\0\x0B/") : ''; - if ($_d !== '') + // If the directory is set at this time, it means an override exists, so skip the checks + if ( ! isset($this->directory)) { - $this->uri->filter_uri($_d); - $this->set_directory($_d); + $_d = $this->config->item('directory_trigger'); + $_d = isset($_GET[$_d]) ? trim($_GET[$_d], " \t\n\r\0\x0B/") : ''; + + if ($_d !== '') + { + $this->uri->filter_uri($_d); + $this->set_directory($_d); + } } $_c = trim($this->config->item('controller_trigger')); @@ -333,6 +329,8 @@ class CI_Router { protected function _validate_request($segments) { $c = count($segments); + $directory_override = isset($this->directory); + // Loop through our segments and return as soon as a controller // is found or when such a directory doesn't exist while ($c-- > 0) @@ -340,7 +338,10 @@ class CI_Router { $test = $this->directory .ucfirst($this->translate_uri_dashes === TRUE ? str_replace('-', '_', $segments[0]) : $segments[0]); - if ( ! file_exists(APPPATH.'controllers/'.$test.'.php') && is_dir(APPPATH.'controllers/'.$this->directory.$segments[0])) + if ( ! file_exists(APPPATH.'controllers/'.$test.'.php') + && $directory_override === FALSE + && is_dir(APPPATH.'controllers/'.$this->directory.$segments[0]) + ) { $this->set_directory(array_shift($segments), TRUE); continue; -- cgit v1.2.3-24-g4f1b From 07355daccd7f2d0e1fbea3c6d9a9eab575aa9ad8 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 22 Jul 2015 12:46:16 +0300 Subject: Fix #3991 --- system/core/Loader.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Loader.php b/system/core/Loader.php index 9205ad1b6..ea470dbad 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -905,7 +905,7 @@ class CI_Loader { // If the PHP installation does not support short tags we'll // do a little string replacement, changing the short tags // to standard PHP echo statements. - if ( ! is_php('5.4') && ! ini_get('short_open_tag') && config_item('rewrite_short_tags') === TRUE && function_usable('eval')) + if ( ! is_php('5.4') && ! ini_get('short_open_tag') && config_item('rewrite_short_tags') === TRUE) { echo eval('?>'.preg_replace('/;*\s*\?>/', '; ?>', str_replace(' Date: Wed, 22 Jul 2015 13:14:50 +0300 Subject: Add class_exists() checks to CI_Loader::model() Helps debugging in case of controller/model/library class name collision. --- system/core/Loader.php | 38 ++++++++++++++++++++++++++------------ 1 file changed, 26 insertions(+), 12 deletions(-) (limited to 'system/core') diff --git a/system/core/Loader.php b/system/core/Loader.php index ea470dbad..1f48c0782 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -272,7 +272,7 @@ class CI_Loader { $CI =& get_instance(); if (isset($CI->$name)) { - show_error('The model name you are loading is the name of a resource that is already being used: '.$name); + throw new RuntimeException('The model name you are loading is the name of a resource that is already being used: '.$name); } if ($db_conn !== FALSE && ! class_exists('CI_DB', FALSE)) @@ -291,23 +291,37 @@ class CI_Loader { } $model = ucfirst(strtolower($model)); - - foreach ($this->_ci_model_paths as $mod_path) + if ( ! class_exists($model)) { - if ( ! file_exists($mod_path.'models/'.$path.$model.'.php')) + foreach ($this->_ci_model_paths as $mod_path) { - continue; - } + if ( ! file_exists($mod_path.'models/'.$path.$model.'.php')) + { + continue; + } - require_once($mod_path.'models/'.$path.$model.'.php'); + require_once($mod_path.'models/'.$path.$model.'.php'); + if ( ! class_exists($model, FALSE)) + { + throw new RuntimeException($mod_path."models/".$path.$model.".php exists, but doesn't declare class ".$model); + } - $this->_ci_models[] = $name; - $CI->$name = new $model(); - return $this; + break; + } + + if ( ! class_exists($model, FALSE)) + { + throw new RuntimeException('Unable to locate the model you have specified: '.$model); + } + } + elseif ( ! is_subclass_of($model, 'CI_Model')) + { + throw new RuntimeException("Class ".$model." already exists and doesn't extend CI_Model"); } - // couldn't find the model - show_error('Unable to locate the model you have specified: '.$model); + $this->_ci_models[] = $name; + $CI->$name = new $model(); + return $this; } // -------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From 9e25daf2d7126f465ceb34789b6f76c9c77981b4 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 22 Jul 2015 13:50:30 +0300 Subject: Remove eval()-related logic from function_exists() #3991 shows that all such checks are useless as function_exists('eval') will always return FALSE. --- system/core/Common.php | 16 +++------------- 1 file changed, 3 insertions(+), 13 deletions(-) (limited to 'system/core') diff --git a/system/core/Common.php b/system/core/Common.php index b850fd39a..ce324a1cc 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -833,19 +833,9 @@ if ( ! function_exists('function_usable')) { if ( ! isset($_suhosin_func_blacklist)) { - if (extension_loaded('suhosin')) - { - $_suhosin_func_blacklist = explode(',', trim(ini_get('suhosin.executor.func.blacklist'))); - - if ( ! in_array('eval', $_suhosin_func_blacklist, TRUE) && ini_get('suhosin.executor.disable_eval')) - { - $_suhosin_func_blacklist[] = 'eval'; - } - } - else - { - $_suhosin_func_blacklist = array(); - } + $_suhosin_func_blacklist = extension_loaded('suhosin') + ? explode(',', trim(ini_get('suhosin.executor.func.blacklist'))) + : array(); } return ! in_array($function_name, $_suhosin_func_blacklist, TRUE); -- cgit v1.2.3-24-g4f1b From 55bc50578b9f1aa3fd71cb427848b21748655690 Mon Sep 17 00:00:00 2001 From: Calvin Tam Date: Fri, 24 Jul 2015 02:27:24 -0700 Subject: Fixed typos --- system/core/Router.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Router.php b/system/core/Router.php index af87a305a..ab5246a1f 100644 --- a/system/core/Router.php +++ b/system/core/Router.php @@ -494,7 +494,7 @@ class CI_Router { * Set directory name * * @param string $dir Directory name - * @param bool $appent Whether we're appending rather than setting the full value + * @param bool $append Whether we're appending rather than setting the full value * @return void */ public function set_directory($dir, $append = FALSE) -- cgit v1.2.3-24-g4f1b From fddbde69043a1623df8231f96a103af306f5e3db Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 28 Jul 2015 00:07:21 +0300 Subject: Close #4004 --- system/core/URI.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/URI.php b/system/core/URI.php index 2211e3665..b6eff1f4d 100644 --- a/system/core/URI.php +++ b/system/core/URI.php @@ -201,7 +201,9 @@ class CI_URI { return ''; } - $uri = parse_url($_SERVER['REQUEST_URI']); + // parse_url() returns false if no host is present, but the path or query string + // contains a colon followed by a number + $uri = parse_url('dummy'.$_SERVER['REQUEST_URI']); $query = isset($uri['query']) ? $uri['query'] : ''; $uri = isset($uri['path']) ? $uri['path'] : ''; -- cgit v1.2.3-24-g4f1b From 5ffbdcec661888460aef009f62adb50dd8ad1c3c Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 28 Jul 2015 12:19:10 +0300 Subject: Fix #4005 --- system/core/URI.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/URI.php b/system/core/URI.php index b6eff1f4d..5b658f679 100644 --- a/system/core/URI.php +++ b/system/core/URI.php @@ -203,7 +203,7 @@ class CI_URI { // parse_url() returns false if no host is present, but the path or query string // contains a colon followed by a number - $uri = parse_url('dummy'.$_SERVER['REQUEST_URI']); + $uri = parse_url('http://dummy'.$_SERVER['REQUEST_URI']); $query = isset($uri['query']) ? $uri['query'] : ''; $uri = isset($uri['path']) ? $uri['path'] : ''; -- cgit v1.2.3-24-g4f1b From 10fb7d17b2025de4963da8b0108fda4da36ade11 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 3 Aug 2015 10:05:29 +0300 Subject: [ci skip] Normalize tabs/spaces Partial changes from PR #4016 --- system/core/Input.php | 4 ++-- system/core/Loader.php | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) (limited to 'system/core') diff --git a/system/core/Input.php b/system/core/Input.php index b0bbb7b8d..e1319be8d 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -682,7 +682,7 @@ class CI_Input { /* We strip slashes if magic quotes is on to keep things consistent NOTE: In PHP 5.4 get_magic_quotes_gpc() will always return 0 and - it will probably not exist in future versions at all. + it will probably not exist in future versions at all. */ if ( ! is_php('5.4') && get_magic_quotes_gpc()) { @@ -844,7 +844,7 @@ class CI_Input { * Test to see if a request was made from the command line. * * @deprecated 3.0.0 Use is_cli() instead - * @return bool + * @return bool */ public function is_cli_request() { diff --git a/system/core/Loader.php b/system/core/Loader.php index 1f48c0782..5de7a9483 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -514,7 +514,7 @@ class CI_Loader { * * Clears the cached variables. * - * @return object + * @return CI_Loader */ public function clear_vars() { -- cgit v1.2.3-24-g4f1b From abc299b3a234eb7da1b7e3d257b7eba2da649219 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 5 Aug 2015 12:26:22 +0300 Subject: Fix #4027 --- system/core/Router.php | 20 ++++++++++++-------- 1 file changed, 12 insertions(+), 8 deletions(-) (limited to 'system/core') diff --git a/system/core/Router.php b/system/core/Router.php index ab5246a1f..0c793e418 100644 --- a/system/core/Router.php +++ b/system/core/Router.php @@ -375,16 +375,19 @@ class CI_Router { // Is there a literal match? If so we're done if (isset($this->routes[$uri])) { - // Check default routes format - if (is_string($this->routes[$uri])) + // Is it an HTTP verb-based route? + if (is_array($this->routes[$uri])) { - $this->_set_request(explode('/', $this->routes[$uri])); - return; + $route = array_change_key_case($this->routes[$uri], CASE_LOWER); + if (isset($route[$http_verb])) + { + $this->_set_request(explode('/', $route[$http_verb])); + return; + } } - // Is there a matching http verb? - elseif (is_array($this->routes[$uri]) && isset($this->routes[$uri][$http_verb])) + else { - $this->_set_request(explode('/', $this->routes[$uri][$http_verb])); + $this->_set_request(explode('/', $this->routes[$uri])); return; } } @@ -392,9 +395,10 @@ class CI_Router { // Loop through the route array looking for wildcards foreach ($this->routes as $key => $val) { - // Check if route format is using http verb + // Check if route format is using HTTP verbs if (is_array($val)) { + $val = array_change_key_case($val, CASE_LOWER); if (isset($val[$http_verb])) { $val = $val[$http_verb]; -- cgit v1.2.3-24-g4f1b From 1c0f46ad96a923329d7defc92d0e7d93faf00935 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 7 Aug 2015 14:42:29 +0300 Subject: [ci skip] Start of 3.0.2-dev --- system/core/CodeIgniter.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index ddf322749..b69630cf8 100644 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -55,7 +55,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @var string * */ - define('CI_VERSION', '3.0.1-dev'); + define('CI_VERSION', '3.0.2-dev'); /* * ------------------------------------------------------ -- cgit v1.2.3-24-g4f1b From 62fe0117ae087ccfb5fd94cc9f83977c86f2452f Mon Sep 17 00:00:00 2001 From: Claudio Galdiolo Date: Thu, 13 Aug 2015 10:21:42 -0400 Subject: Fix typo in comments --- system/core/Common.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Common.php b/system/core/Common.php index ce324a1cc..ad3ca9f93 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -677,7 +677,7 @@ if ( ! function_exists('_shutdown_handler')) * of CodeIgniter.php. The main reason we use this is to simulate * a complete custom exception handler. * - * E_STRICT is purposivly neglected because such events may have + * E_STRICT is purposively neglected because such events may have * been caught. Duplication or none? None is preferred for now. * * @link http://insomanic.me.uk/post/229851073/php-trick-catching-fatal-errors-e-error-with-a -- cgit v1.2.3-24-g4f1b From c2c7cb7e9d869ba8ba8b16a04e5d8300d462d8de Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 14 Aug 2015 13:48:31 +0300 Subject: Fix #4052 The bug actually had two instances: - Callback routes with literal matches and HTTP verbs has never worked - The reported issue in #4052, which is a regression introduced in 3.0.1 with abc299b3a234eb7da1b7e3d257b7eba2da649219 Removed the literal matches logic altogether to avoid similar issues in the future and reduce code complexity. The same logic is performed with the regular expressions logic. --- system/core/Router.php | 20 -------------------- 1 file changed, 20 deletions(-) (limited to 'system/core') diff --git a/system/core/Router.php b/system/core/Router.php index 0c793e418..eb868cd5b 100644 --- a/system/core/Router.php +++ b/system/core/Router.php @@ -372,26 +372,6 @@ class CI_Router { // Get HTTP verb $http_verb = isset($_SERVER['REQUEST_METHOD']) ? strtolower($_SERVER['REQUEST_METHOD']) : 'cli'; - // Is there a literal match? If so we're done - if (isset($this->routes[$uri])) - { - // Is it an HTTP verb-based route? - if (is_array($this->routes[$uri])) - { - $route = array_change_key_case($this->routes[$uri], CASE_LOWER); - if (isset($route[$http_verb])) - { - $this->_set_request(explode('/', $route[$http_verb])); - return; - } - } - else - { - $this->_set_request(explode('/', $this->routes[$uri])); - return; - } - } - // Loop through the route array looking for wildcards foreach ($this->routes as $key => $val) { -- cgit v1.2.3-24-g4f1b From d45180cb98cd987e2d5cce57a7965a87ee2aed7b Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 15 Aug 2015 09:09:38 +0300 Subject: Fix #4056 --- system/core/Input.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Input.php b/system/core/Input.php index e1319be8d..d896495e9 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -803,7 +803,7 @@ class CI_Input { if ( ! isset($headers)) { - empty($this->headers) OR $this->request_headers(); + empty($this->headers) && $this->request_headers(); foreach ($this->headers as $key => $value) { $headers[strtolower($key)] = $value; -- cgit v1.2.3-24-g4f1b From 825fab7370a28b6c05da126842dd8df25e51e026 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 17 Aug 2015 09:52:42 +0300 Subject: Allow capitals in the middle of model names Requested in #4059 --- system/core/Loader.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Loader.php b/system/core/Loader.php index 5de7a9483..18e4c5287 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -290,7 +290,7 @@ class CI_Loader { load_class('Model', 'core'); } - $model = ucfirst(strtolower($model)); + $model = ucfirst($model); if ( ! class_exists($model)) { foreach ($this->_ci_model_paths as $mod_path) -- cgit v1.2.3-24-g4f1b From dd28a888e8d9934260b14d0b7601da375fe75b8d Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 7 Sep 2015 16:03:05 +0300 Subject: Move csrf_verify() call out of _sanitize_globals() It doesn't belong in there. --- system/core/Input.php | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) (limited to 'system/core') diff --git a/system/core/Input.php b/system/core/Input.php index d896495e9..67a495e74 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -153,6 +153,12 @@ class CI_Input { // Sanitize global arrays $this->_sanitize_globals(); + // CSRF Protection check + if ($this->_enable_csrf === TRUE && ! is_cli()) + { + $this->security->csrf_verify(); + } + log_message('info', 'Input Class Initialized'); } @@ -647,12 +653,6 @@ class CI_Input { // Sanitize PHP_SELF $_SERVER['PHP_SELF'] = strip_tags($_SERVER['PHP_SELF']); - // CSRF Protection check - if ($this->_enable_csrf === TRUE && ! is_cli()) - { - $this->security->csrf_verify(); - } - log_message('debug', 'Global POST, GET and COOKIE data sanitized'); } -- cgit v1.2.3-24-g4f1b From e70238e8acd4ebdf1a3e30d63e8ffb1a46ab6d15 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 7 Sep 2015 16:07:45 +0300 Subject: Remove unnecessary count() calls from _sanitize_globals() foreach() just won't execute for an empty array, it does that check internally. --- system/core/Input.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'system/core') diff --git a/system/core/Input.php b/system/core/Input.php index 67a495e74..4e7a4e95e 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -606,7 +606,7 @@ class CI_Input { { $_GET = array(); } - elseif (is_array($_GET) && count($_GET) > 0) + elseif (is_array($_GET)) { foreach ($_GET as $key => $val) { @@ -615,7 +615,7 @@ class CI_Input { } // Clean $_POST Data - if (is_array($_POST) && count($_POST) > 0) + if (is_array($_POST)) { foreach ($_POST as $key => $val) { @@ -624,7 +624,7 @@ class CI_Input { } // Clean $_COOKIE Data - if (is_array($_COOKIE) && count($_COOKIE) > 0) + if (is_array($_COOKIE)) { // Also get rid of specially treated cookies that might be set by a server // or silly application, that are of no use to a CI application anyway -- cgit v1.2.3-24-g4f1b From 700619cebf75c4e4fcda6a2d7bea1afb84a029e4 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 10 Sep 2015 12:44:50 +0300 Subject: Fix #4106 --- system/core/Security.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'system/core') diff --git a/system/core/Security.php b/system/core/Security.php index 7c5199255..8ca66d297 100644 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -787,11 +787,11 @@ class CI_Security { $count = $temp_count = 0; // replace occurrences of illegal attribute strings with quotes (042 and 047 are octal quotes) - $str = preg_replace('/(<[^>]+)(?]+((?<=\042)[^\042]*(?=\042)|(?<=\047)[^\047]*(?=047))*[^>]*)(?]+)(?]*)/is', '$1[removed]', $str, -1, $temp_count); + $str = preg_replace('/<([^>]+((?<=\042)[^\042]*(?=\042)|(?<=\047)[^\047]*(?=047))*[^>]*)(?]*)/is', '<$1[removed]', $str, -1, $temp_count); $count += $temp_count; } while ($count); -- cgit v1.2.3-24-g4f1b From abc6006884658acb4e2302460f87e2f89a5a7e80 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 10 Sep 2015 16:36:22 +0300 Subject: Fix & extend 700619cebf75c4e4fcda6a2d7bea1afb84a029e4 --- system/core/Security.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'system/core') diff --git a/system/core/Security.php b/system/core/Security.php index 8ca66d297..e4bd327b5 100644 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -787,11 +787,11 @@ class CI_Security { $count = $temp_count = 0; // replace occurrences of illegal attribute strings with quotes (042 and 047 are octal quotes) - $str = preg_replace('/<([^>]+((?<=\042)[^\042]*(?=\042)|(?<=\047)[^\047]*(?=047))*[^>]*)(?]+(((?<=\042)[^\042]*(?=\042)|(?<=\047)[^\047]*(?=\047))[^>]*)*)(?]+((?<=\042)[^\042]*(?=\042)|(?<=\047)[^\047]*(?=047))*[^>]*)(?]*)/is', '<$1[removed]', $str, -1, $temp_count); + $str = preg_replace('/<([^>]+(((?<=\042)[^\042]*(?=\042)|(?<=\047)[^\047]*(?=\047))[^>]*)*)(?]*)/is', '<$1[removed]', $str, -1, $temp_count); $count += $temp_count; } while ($count); -- cgit v1.2.3-24-g4f1b From 12023a79b0c3b45f68cce0357e3009c5884da663 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 10 Sep 2015 18:00:57 +0300 Subject: Last commit didn't adjust a RE index --- system/core/Security.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Security.php b/system/core/Security.php index e4bd327b5..1bc228a11 100644 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -787,7 +787,7 @@ class CI_Security { $count = $temp_count = 0; // replace occurrences of illegal attribute strings with quotes (042 and 047 are octal quotes) - $str = preg_replace('/<([^>]+(((?<=\042)[^\042]*(?=\042)|(?<=\047)[^\047]*(?=\047))[^>]*)*)(?]+(((?<=\042)[^\042]*(?=\042)|(?<=\047)[^\047]*(?=\047))[^>]*)*)(? Date: Fri, 11 Sep 2015 13:59:40 +0300 Subject: Replace the latest XSS patches This one fixes yet another issue, is cleaner and faster. --- system/core/Security.php | 30 +++++++++++++++++++++--------- 1 file changed, 21 insertions(+), 9 deletions(-) (limited to 'system/core') diff --git a/system/core/Security.php b/system/core/Security.php index 1bc228a11..829aac7d2 100644 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -783,16 +783,28 @@ class CI_Security { unset($evil_attributes[array_search('xmlns', $evil_attributes)]); } - do { - $count = $temp_count = 0; - - // replace occurrences of illegal attribute strings with quotes (042 and 047 are octal quotes) - $str = preg_replace('/<([^>]+(((?<=\042)[^\042]*(?=\042)|(?<=\047)[^\047]*(?=\047))[^>]*)*)(?a-z0-9])' // tag start and name, followed by a non-tag character + // optional attributes + .'([\s\042\047/=]+' // non-attribute characters, excluding > (tag close) for obvious reasons + .'[^\s\042\047>/=]+' // attribute characters + // optional attribue-value + .'(\s*=\s*' // attribute-value separator + .'(\042[^\042]*\042|\047[^\047]*\047|[^\s\042\047=><`]*)' // single, double or non-quoted value + .')?' // end optional attribute-value group + .')*' // end optional attributes group + .')' // end catching evil attribute prefix + // evil attribute starts here + .'([\s\042\047>/=]+' // non-attribute characters (we'll replace that with a single space) + .'('.implode('|', $evil_attributes).')' + .'\s*=\s*' // attribute-value separator + .'(\042[^042]+\042|\047[^047]+\047|[^\s\042\047=><`]+)' // attribute value; single, double or non-quotes + .')' // end evil attribute + .'#isS'; - // find occurrences of illegal attribute strings without quotes - $str = preg_replace('/<([^>]+(((?<=\042)[^\042]*(?=\042)|(?<=\047)[^\047]*(?=\047))[^>]*)*)(?]*)/is', '<$1[removed]', $str, -1, $temp_count); - $count += $temp_count; + do { + $count = 0; + $str = preg_replace($pattern, '$1 [removed]', $str, -1, $count); } while ($count); -- cgit v1.2.3-24-g4f1b From 2f71c625b8d9ed7efc34b2139695702d6a08f6be Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 11 Sep 2015 15:21:10 +0300 Subject: Improve on previous commit --- system/core/Security.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Security.php b/system/core/Security.php index 829aac7d2..ca0991ac4 100644 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -795,7 +795,7 @@ class CI_Security { .')*' // end optional attributes group .')' // end catching evil attribute prefix // evil attribute starts here - .'([\s\042\047>/=]+' // non-attribute characters (we'll replace that with a single space) + .'([\s\042\047/=]+' // non-attribute characters (we'll replace that with a single space), again excluding '>' .'('.implode('|', $evil_attributes).')' .'\s*=\s*' // attribute-value separator .'(\042[^042]+\042|\047[^047]+\047|[^\s\042\047=><`]+)' // attribute value; single, double or non-quotes -- cgit v1.2.3-24-g4f1b From bc78748b24ec2d49f0218fa701d1e95259b41187 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 11 Sep 2015 18:11:32 +0300 Subject: Harden xss_clean() more This time eliminate false positives for the 'naughty html' logic. --- system/core/Security.php | 42 +++++++++++++++++++++++++++++++++++++----- 1 file changed, 37 insertions(+), 5 deletions(-) (limited to 'system/core') diff --git a/system/core/Security.php b/system/core/Security.php index ca0991ac4..ade77491d 100644 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -495,8 +495,28 @@ class CI_Security { * So this: * Becomes: <blink> */ - $naughty = 'alert|prompt|confirm|applet|audio|basefont|base|behavior|bgsound|blink|body|embed|expression|form|frameset|frame|head|html|ilayer|iframe|input|button|select|isindex|layer|link|meta|keygen|object|plaintext|style|script|textarea|title|math|video|svg|xml|xss'; - $str = preg_replace_callback('#<(/*\s*)('.$naughty.')([^><]*)([><]*)#is', array($this, '_sanitize_naughty_html'), $str); + $pattern = '#' + .'<((/*\s*)([a-z0-9]+)(?=[^a-z0-9])' // tag start and name, followed by a non-tag character + // optional attributes + .'([\s\042\047/=]+' // non-attribute characters, excluding > (tag close) for obvious reasons + .'[^\s\042\047>/=]+' // attribute characters + // optional attribue-value + .'(\s*=\s*' // attribute-value separator + .'(\042[^\042]*\042|\047[^\047]*\047|[^\s\042\047=><`]*)' // single, double or non-quoted value + .')?' // end optional attribute-value group + .')*' // end optional attributes group + .'[^>]*)>#isS'; + + // Note: It would be nice to optimize this for speed, BUT + // only matching the naughty elements here results in + // false positives and in turn - vulnerabilities! + do + { + $old_str = $str; + $str = preg_replace_callback($pattern, array($this, '_sanitize_naughty_html'), $str); + } + while ($old_str !== $str); + unset($old_str); /* * Sanitize naughty scripting elements @@ -824,9 +844,21 @@ class CI_Security { */ protected function _sanitize_naughty_html($matches) { - return '<'.$matches[1].$matches[2].$matches[3] // encode opening brace - // encode captured opening or closing brace to prevent recursive vectors: - .str_replace(array('>', '<'), array('>', '<'), $matches[4]); + static $naughty = array( + 'alert', 'prompt', 'confirm', 'applet', 'audio', 'basefont', 'base', 'behavior', 'bgsound', + 'blink', 'body', 'embed', 'expression', 'form', 'frameset', 'frame', 'head', 'html', 'ilayer', + 'iframe', 'input', 'button', 'select', 'isindex', 'layer', 'link', 'meta', 'keygen', 'object', + 'plaintext', 'style', 'script', 'textarea', 'title', 'math', 'video', 'svg', 'xml', 'xss' + ); + + // Is the element that we caught naughty? + // If not, just return it back. + if ( ! in_array(strtolower($matches[3]), $naughty, TRUE)) + { + return $matches[0]; + } + + return '<'.$matches[1].'>'; } // -------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From 70f60d07253d301ec62789f78587db0dac826a27 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 14 Sep 2015 11:11:20 +0300 Subject: Move _remove_evil_attributes() call --- system/core/Security.php | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) (limited to 'system/core') diff --git a/system/core/Security.php b/system/core/Security.php index ade77491d..dd3b2c8f0 100644 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -480,12 +480,8 @@ class CI_Security { } } while ($original !== $str); - unset($original); - // Remove evil attributes such as style, onclick and xmlns - $str = $this->_remove_evil_attributes($str, $is_image); - /* * Sanitize naughty HTML elements * @@ -518,6 +514,9 @@ class CI_Security { while ($old_str !== $str); unset($old_str); + // Remove evil attributes such as style, onclick and xmlns + $str = $this->_remove_evil_attributes($str, $is_image); + /* * Sanitize naughty scripting elements * -- cgit v1.2.3-24-g4f1b From 2a2578b396401ac81017b9cd52189f1fcb497b1e Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 14 Sep 2015 11:16:33 +0300 Subject: Add 'eval' to a JS blacklist in xss_clean() --- system/core/Security.php | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) (limited to 'system/core') diff --git a/system/core/Security.php b/system/core/Security.php index dd3b2c8f0..3142f7da2 100644 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -436,7 +436,7 @@ class CI_Security { $words = array( 'javascript', 'expression', 'vbscript', 'jscript', 'wscript', 'vbs', 'script', 'base64', 'applet', 'alert', 'document', - 'write', 'cookie', 'window', 'confirm', 'prompt' + 'write', 'cookie', 'window', 'confirm', 'prompt', 'eval' ); foreach ($words as $word) @@ -902,12 +902,15 @@ class CI_Security { */ protected function _js_img_removal($match) { - return str_replace($match[1], - preg_replace('#src=.*?(?:(?:alert|prompt|confirm)(?:\(|&\#40;)|javascript:|livescript:|mocha:|charset=|window\.|document\.|\.cookie|_filter_attributes(str_replace(array('<', '>'), '', $match[1])) - ), - $match[0]); + return str_replace( + $match[1], + preg_replace( + '#src=.*?(?:(?:alert|prompt|confirm|eval)(?:\(|&\#40;)|javascript:|livescript:|mocha:|charset=|window\.|document\.|\.cookie|_filter_attributes(str_replace(array('<', '>'), '', $match[1])) + ), + $match[0] + ); } // -------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From f2239fe1f6e0578a00afb88e9fc2b2cdd2ac2626 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 14 Sep 2015 13:48:03 +0300 Subject: Fix #4109 --- system/core/Router.php | 42 ++++++++++++++++++++++-------------------- 1 file changed, 22 insertions(+), 20 deletions(-) (limited to 'system/core') diff --git a/system/core/Router.php b/system/core/Router.php index eb868cd5b..a84be1f1d 100644 --- a/system/core/Router.php +++ b/system/core/Router.php @@ -153,6 +153,28 @@ class CI_Router { */ protected function _set_routing() { + // Load the routes.php file. It would be great if we could + // skip this for enable_query_strings = TRUE, but then + // default_controller would be empty ... + if (file_exists(APPPATH.'config/routes.php')) + { + include(APPPATH.'config/routes.php'); + } + + if (file_exists(APPPATH.'config/'.ENVIRONMENT.'/routes.php')) + { + include(APPPATH.'config/'.ENVIRONMENT.'/routes.php'); + } + + // Validate & get reserved routes + if (isset($route) && is_array($route)) + { + isset($route['default_controller']) && $this->default_controller = $route['default_controller']; + isset($route['translate_uri_dashes']) && $this->translate_uri_dashes = $route['translate_uri_dashes']; + unset($route['default_controller'], $route['translate_uri_dashes']); + $this->routes = $route; + } + // Are query strings enabled in the config file? Normally CI doesn't utilize query strings // since URI segments are more search-engine friendly, but they can optionally be used. // If this feature is enabled, we will gather the directory/class/method a little differently @@ -199,26 +221,6 @@ class CI_Router { return; } - // Load the routes.php file. - if (file_exists(APPPATH.'config/routes.php')) - { - include(APPPATH.'config/routes.php'); - } - - if (file_exists(APPPATH.'config/'.ENVIRONMENT.'/routes.php')) - { - include(APPPATH.'config/'.ENVIRONMENT.'/routes.php'); - } - - // Validate & get reserved routes - if (isset($route) && is_array($route)) - { - isset($route['default_controller']) && $this->default_controller = $route['default_controller']; - isset($route['translate_uri_dashes']) && $this->translate_uri_dashes = $route['translate_uri_dashes']; - unset($route['default_controller'], $route['translate_uri_dashes']); - $this->routes = $route; - } - // Is there anything to parse? if ($this->uri->uri_string !== '') { -- cgit v1.2.3-24-g4f1b From 392f8da2ebc22efeb1b688a75c49c1a52e12f0f2 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 14 Sep 2015 14:52:48 +0300 Subject: Close #4098 --- system/core/Config.php | 20 ++++++++++++++++++-- 1 file changed, 18 insertions(+), 2 deletions(-) (limited to 'system/core') diff --git a/system/core/Config.php b/system/core/Config.php index d07000ac9..feea7c85a 100644 --- a/system/core/Config.php +++ b/system/core/Config.php @@ -238,7 +238,15 @@ class CI_Config { if (isset($protocol)) { - $base_url = $protocol.substr($base_url, strpos($base_url, '://')); + // For protocol-relative links + if ($protocol === '') + { + $base_url = substr($base_url, strpos($base_url, '//')); + } + else + { + $base_url = $protocol.substr($base_url, strpos($base_url, '://')); + } } if (empty($uri)) @@ -293,7 +301,15 @@ class CI_Config { if (isset($protocol)) { - $base_url = $protocol.substr($base_url, strpos($base_url, '://')); + // For protocol-relative links + if ($protocol === '') + { + $base_url = substr($base_url, strpos($base_url, '//')); + } + else + { + $base_url = $protocol.substr($base_url, strpos($base_url, '://')); + } } return $base_url.ltrim($this->_uri_string($uri), '/'); -- cgit v1.2.3-24-g4f1b From 1e6d4d611d80dc7f20566ecc125354d84deebd1c Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 14 Sep 2015 16:06:37 +0300 Subject: Another addition to tag detection patterns in xss_clean() --- system/core/Security.php | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Security.php b/system/core/Security.php index 3142f7da2..9e5e72576 100644 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -493,6 +493,7 @@ class CI_Security { */ $pattern = '#' .'<((/*\s*)([a-z0-9]+)(?=[^a-z0-9])' // tag start and name, followed by a non-tag character + .'[^>a-z0-9]*' // a valid attribute character immediately after the tag would count as a separator // optional attributes .'([\s\042\047/=]+' // non-attribute characters, excluding > (tag close) for obvious reasons .'[^\s\042\047>/=]+' // attribute characters @@ -804,6 +805,7 @@ class CI_Security { $pattern = '#(' // catch everything in the tag preceeding the evil attribute .'<[a-z0-9]+(?=[^>a-z0-9])' // tag start and name, followed by a non-tag character + .'[^>a-z0-9]*' // a valid attribute character immediately after the tag would count as a separator // optional attributes .'([\s\042\047/=]+' // non-attribute characters, excluding > (tag close) for obvious reasons .'[^\s\042\047>/=]+' // attribute characters @@ -821,7 +823,8 @@ class CI_Security { .')' // end evil attribute .'#isS'; - do { + do + { $count = 0; $str = preg_replace($pattern, '$1 [removed]', $str, -1, $count); } -- cgit v1.2.3-24-g4f1b From e079203e20506397104c2caed28395ebfa8cfc70 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 15 Sep 2015 17:07:40 +0300 Subject: Missing character in the evil attributes pattern --- system/core/Security.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Security.php b/system/core/Security.php index 9e5e72576..4b42ed448 100644 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -819,7 +819,7 @@ class CI_Security { .'([\s\042\047/=]+' // non-attribute characters (we'll replace that with a single space), again excluding '>' .'('.implode('|', $evil_attributes).')' .'\s*=\s*' // attribute-value separator - .'(\042[^042]+\042|\047[^047]+\047|[^\s\042\047=><`]+)' // attribute value; single, double or non-quotes + .'(\042[^\042]+\042|\047[^\047]+\047|[^\s\042\047=><`]+)' // attribute value; single, double or non-quotes .')' // end evil attribute .'#isS'; -- cgit v1.2.3-24-g4f1b From 3ceb14a4325a8a3d47747dff3d50fbc392fc3206 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 17 Sep 2015 15:03:03 +0300 Subject: Refactor 'evil attributes' sanitization logic Turned out pretty much impossible to do remove 'evil attributes' with just one pattern - it either breaks something else, hits pcre.backtrack_limit or causes PHP to segfault. No benchmarks made, but there shouldn't be any performance regressions since we're now trying to strip attributes only after it is determined that they are inside a tag; up until now this was done seprately for _sanitize_naughty_html() and _remove_evil_attributes(). --- system/core/Security.php | 158 ++++++++++++++++++++--------------------------- 1 file changed, 66 insertions(+), 92 deletions(-) (limited to 'system/core') diff --git a/system/core/Security.php b/system/core/Security.php index 4b42ed448..08cfcbe8f 100644 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -492,16 +492,16 @@ class CI_Security { * Becomes: <blink> */ $pattern = '#' - .'<((/*\s*)([a-z0-9]+)(?=[^a-z0-9])' // tag start and name, followed by a non-tag character - .'[^>a-z0-9]*' // a valid attribute character immediately after the tag would count as a separator + .'<((?/*\s*)(?[a-z0-9]+)(?=[^a-z0-9])' // tag start and name, followed by a non-tag character + .'[^\s\042\047a-z0-9>/=]*' // a valid attribute character immediately after the tag would count as a separator // optional attributes - .'([\s\042\047/=]+' // non-attribute characters, excluding > (tag close) for obvious reasons + .'(?(?:[\s\042\047/=]*' // non-attribute characters, excluding > (tag close) for obvious reasons .'[^\s\042\047>/=]+' // attribute characters - // optional attribue-value - .'(\s*=\s*' // attribute-value separator - .'(\042[^\042]*\042|\047[^\047]*\047|[^\s\042\047=><`]*)' // single, double or non-quoted value - .')?' // end optional attribute-value group - .')*' // end optional attributes group + // optional attribute-value + .'(?:\s*=\s*' // attribute-value separator + .'(?:\042[^\042]*\042|\047[^\047]*\047|[^\s\042\047=><`]*)' // single, double or non-quoted value + .')?' // end optional attribute-value group + .')*)' // end optional attributes group .'[^>]*)>#isS'; // Note: It would be nice to optimize this for speed, BUT @@ -515,9 +515,6 @@ class CI_Security { while ($old_str !== $str); unset($old_str); - // Remove evil attributes such as style, onclick and xmlns - $str = $this->_remove_evil_attributes($str, $is_image); - /* * Sanitize naughty scripting elements * @@ -530,9 +527,11 @@ class CI_Security { * For example: eval('some code') * Becomes: eval('some code') */ - $str = preg_replace('#(alert|prompt|confirm|cmd|passthru|eval|exec|expression|system|fopen|fsockopen|file|file_get_contents|readfile|unlink)(\s*)\((.*?)\)#si', - '\\1\\2(\\3)', - $str); + $str = preg_replace( + '#(alert|prompt|confirm|cmd|passthru|eval|exec|expression|system|fopen|fsockopen|file|file_get_contents|readfile|unlink)(\s*)\((.*?)\)#si', + '\\1\\2(\\3)', + $str + ); // Final clean up // This adds a bit of extra precaution in case @@ -769,72 +768,6 @@ class CI_Security { // -------------------------------------------------------------------- - /** - * Remove Evil HTML Attributes (like event handlers and style) - * - * It removes the evil attribute and either: - * - * - Everything up until a space. For example, everything between the pipes: - * - * - * - * - * - * - Everything inside the quotes. For example, everything between the pipes: - * - * - * - * - * - * @param string $str The string to check - * @param bool $is_image Whether the input is an image - * @return string The string with the evil attributes removed - */ - protected function _remove_evil_attributes($str, $is_image) - { - $evil_attributes = array('on\w*', 'style', 'xmlns', 'formaction', 'form', 'xlink:href', 'FSCommand', 'seekSegmentTime'); - - if ($is_image === TRUE) - { - /* - * Adobe Photoshop puts XML metadata into JFIF images, - * including namespacing, so we have to allow this for images. - */ - unset($evil_attributes[array_search('xmlns', $evil_attributes)]); - } - - $pattern = '#(' // catch everything in the tag preceeding the evil attribute - .'<[a-z0-9]+(?=[^>a-z0-9])' // tag start and name, followed by a non-tag character - .'[^>a-z0-9]*' // a valid attribute character immediately after the tag would count as a separator - // optional attributes - .'([\s\042\047/=]+' // non-attribute characters, excluding > (tag close) for obvious reasons - .'[^\s\042\047>/=]+' // attribute characters - // optional attribue-value - .'(\s*=\s*' // attribute-value separator - .'(\042[^\042]*\042|\047[^\047]*\047|[^\s\042\047=><`]*)' // single, double or non-quoted value - .')?' // end optional attribute-value group - .')*' // end optional attributes group - .')' // end catching evil attribute prefix - // evil attribute starts here - .'([\s\042\047/=]+' // non-attribute characters (we'll replace that with a single space), again excluding '>' - .'('.implode('|', $evil_attributes).')' - .'\s*=\s*' // attribute-value separator - .'(\042[^\042]+\042|\047[^\047]+\047|[^\s\042\047=><`]+)' // attribute value; single, double or non-quotes - .')' // end evil attribute - .'#isS'; - - do - { - $count = 0; - $str = preg_replace($pattern, '$1 [removed]', $str, -1, $count); - } - while ($count); - - return $str; - } - - // -------------------------------------------------------------------- - /** * Sanitize Naughty HTML * @@ -846,21 +779,59 @@ class CI_Security { */ protected function _sanitize_naughty_html($matches) { - static $naughty = array( + static $naughty_tags = array( 'alert', 'prompt', 'confirm', 'applet', 'audio', 'basefont', 'base', 'behavior', 'bgsound', 'blink', 'body', 'embed', 'expression', 'form', 'frameset', 'frame', 'head', 'html', 'ilayer', 'iframe', 'input', 'button', 'select', 'isindex', 'layer', 'link', 'meta', 'keygen', 'object', 'plaintext', 'style', 'script', 'textarea', 'title', 'math', 'video', 'svg', 'xml', 'xss' ); - // Is the element that we caught naughty? - // If not, just return it back. - if ( ! in_array(strtolower($matches[3]), $naughty, TRUE)) + static $evil_attributes = array( + 'on\w+', 'style', 'xmlns', 'formaction', 'form', 'xlink:href', 'FSCommand', 'seekSegmentTime' + ); + + // Is the element that we caught naughty? If so, escape it + if (in_array(strtolower($matches['tagName']), $naughty_tags, TRUE)) { - return $matches[0]; + return '<'.$matches[1].'>'; } + // For other tags, see if their attributes are "evil" and strip those + elseif (isset($matches['attributes'])) + { + // We'll need to catch all attributes separately first + $pattern = '#' + .'([\s\042\047/=]*)' // non-attribute characters, excluding > (tag close) for obvious reasons + .'(?[^\s\042\047>/=]+)' // attribute characters + // optional attribute-value + .'(?:\s*=\s*\042[^\042]+\042|\s*=\s*\047[^\047]+\047|\s*=\s*[^\s\042\047=><`]+)?' // attribute-value separator + .'#i'; + + if ($count = preg_match_all($pattern, $matches['attributes'], $attributes, PREG_SET_ORDER | PREG_OFFSET_CAPTURE)) + { + // Since we'll be using substr_replace() below, we + // need to handle the attributes in reverse order, + // so we don't damage the string. + for ($i = $count - 1; $i > -1; $i--) + { + // Is it indeed an "evil" attribute? + if (preg_match('#^('.implode('|', $evil_attributes).')$#i', $attributes[$i]['name'][0])) + { + $matches['attributes'] = substr_replace( + $matches['attributes'], + ' [removed]', + $attributes[$i][0][1], + strlen($attributes[$i][0][0]) + ); + } + } - return '<'.$matches[1].'>'; + // Note: This will strip some non-space characters and/or + // reduce multiple spaces between attributes. + return '<'.$matches['closeTag'].$matches['tagName'].' '.trim($matches['attributes']).'>'; + } + } + + return $matches[0]; } // -------------------------------------------------------------------- @@ -880,12 +851,15 @@ class CI_Security { */ protected function _js_link_removal($match) { - return str_replace($match[1], - preg_replace('#href=.*?(?:(?:alert|prompt|confirm)(?:\(|&\#40;)|javascript:|livescript:|mocha:|charset=|window\.|document\.|\.cookie|_filter_attributes(str_replace(array('<', '>'), '', $match[1])) - ), - $match[0]); + return str_replace( + $match[1], + preg_replace( + '#href=.*?(?:(?:alert|prompt|confirm)(?:\(|&\#40;)|javascript:|livescript:|mocha:|charset=|window\.|document\.|\.cookie|_filter_attributes(str_replace(array('<', '>'), '', $match[1])) + ), + $match[0] + ); } // -------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From 088e57db3808f78ee89def94c6ce95b571a88427 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 17 Sep 2015 15:55:57 +0300 Subject: Don't allow open-ended tags to pass through xss_clean() This was a regression caused by the previous commit --- system/core/Security.php | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) (limited to 'system/core') diff --git a/system/core/Security.php b/system/core/Security.php index 08cfcbe8f..a30613386 100644 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -492,7 +492,7 @@ class CI_Security { * Becomes: <blink> */ $pattern = '#' - .'<((?/*\s*)(?[a-z0-9]+)(?=[^a-z0-9])' // tag start and name, followed by a non-tag character + .'<((?/*\s*)(?[a-z0-9]+)(?=[^a-z0-9]|$)' // tag start and name, followed by a non-tag character .'[^\s\042\047a-z0-9>/=]*' // a valid attribute character immediately after the tag would count as a separator // optional attributes .'(?(?:[\s\042\047/=]*' // non-attribute characters, excluding > (tag close) for obvious reasons @@ -502,7 +502,7 @@ class CI_Security { .'(?:\042[^\042]*\042|\047[^\047]*\047|[^\s\042\047=><`]*)' // single, double or non-quoted value .')?' // end optional attribute-value group .')*)' // end optional attributes group - .'[^>]*)>#isS'; + .'[^>]*)(?\>)?#isS'; // Note: It would be nice to optimize this for speed, BUT // only matching the naughty elements here results in @@ -790,8 +790,13 @@ class CI_Security { 'on\w+', 'style', 'xmlns', 'formaction', 'form', 'xlink:href', 'FSCommand', 'seekSegmentTime' ); + // First, escape unclosed tags + if (empty($matches['closeTag'])) + { + return '<'.$matches[1]; + } // Is the element that we caught naughty? If so, escape it - if (in_array(strtolower($matches['tagName']), $naughty_tags, TRUE)) + elseif (in_array(strtolower($matches['tagName']), $naughty_tags, TRUE)) { return '<'.$matches[1].'>'; } @@ -827,7 +832,7 @@ class CI_Security { // Note: This will strip some non-space characters and/or // reduce multiple spaces between attributes. - return '<'.$matches['closeTag'].$matches['tagName'].' '.trim($matches['attributes']).'>'; + return '<'.$matches['slash'].$matches['tagName'].' '.trim($matches['attributes']).'>'; } } -- cgit v1.2.3-24-g4f1b From 4fbf2d1a8e2b6d33e92f3f353b05388fd3229bd7 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 21 Sep 2015 16:17:48 +0300 Subject: More XSS stuff --- system/core/Security.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'system/core') diff --git a/system/core/Security.php b/system/core/Security.php index a30613386..0cae23a79 100644 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -808,7 +808,7 @@ class CI_Security { .'([\s\042\047/=]*)' // non-attribute characters, excluding > (tag close) for obvious reasons .'(?[^\s\042\047>/=]+)' // attribute characters // optional attribute-value - .'(?:\s*=\s*\042[^\042]+\042|\s*=\s*\047[^\047]+\047|\s*=\s*[^\s\042\047=><`]+)?' // attribute-value separator + .'(?:\s*=\s*\042[^\042]+\042|\s*=\s*\047[^\047]+\047|\s*=\s*[^\s\042\047=><`]*)?' // attribute-value separator .'#i'; if ($count = preg_match_all($pattern, $matches['attributes'], $attributes, PREG_SET_ORDER | PREG_OFFSET_CAPTURE)) @@ -861,7 +861,7 @@ class CI_Security { preg_replace( '#href=.*?(?:(?:alert|prompt|confirm)(?:\(|&\#40;)|javascript:|livescript:|mocha:|charset=|window\.|document\.|\.cookie|_filter_attributes(str_replace(array('<', '>'), '', $match[1])) + $this->_filter_attributes($match[1]) ), $match[0] ); @@ -889,7 +889,7 @@ class CI_Security { preg_replace( '#src=.*?(?:(?:alert|prompt|confirm|eval)(?:\(|&\#40;)|javascript:|livescript:|mocha:|charset=|window\.|document\.|\.cookie|_filter_attributes(str_replace(array('<', '>'), '', $match[1])) + $this->_filter_attributes($match[1]) ), $match[0] ); -- cgit v1.2.3-24-g4f1b From 84f24c23baf5ea45c30c4ab3cbc57cd846ea0f56 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 24 Sep 2015 15:17:28 +0300 Subject: Fix #4137 --- system/core/Exceptions.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Exceptions.php b/system/core/Exceptions.php index fc25f57e6..d8f62c0fe 100644 --- a/system/core/Exceptions.php +++ b/system/core/Exceptions.php @@ -187,7 +187,7 @@ class CI_Exceptions { // -------------------------------------------------------------------- - public function show_exception(Exception $exception) + public function show_exception($exception) { $templates_path = config_item('error_views_path'); if (empty($templates_path)) -- cgit v1.2.3-24-g4f1b From 249580e711d42fe966e52d7bcc0f349ba99a94a3 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 2 Oct 2015 16:44:05 +0300 Subject: More XSS stuff --- system/core/Security.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Security.php b/system/core/Security.php index 0cae23a79..27471d98e 100644 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -808,7 +808,7 @@ class CI_Security { .'([\s\042\047/=]*)' // non-attribute characters, excluding > (tag close) for obvious reasons .'(?[^\s\042\047>/=]+)' // attribute characters // optional attribute-value - .'(?:\s*=\s*\042[^\042]+\042|\s*=\s*\047[^\047]+\047|\s*=\s*[^\s\042\047=><`]*)?' // attribute-value separator + .'(?:\s*=(?:[^\s\042\047=><`]+|\s*\042[^\042]+\042|\s*\047[^\047]+\047|\s*(?U:[^\s\042\047=><`]*)))' // attribute-value separator .'#i'; if ($count = preg_match_all($pattern, $matches['attributes'], $attributes, PREG_SET_ORDER | PREG_OFFSET_CAPTURE)) -- cgit v1.2.3-24-g4f1b From f0f47da9ae4227968ccc9ee6511bcab526498b4c Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 5 Oct 2015 12:37:16 +0300 Subject: Some more intrusive XSS cleaning --- system/core/Security.php | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) (limited to 'system/core') diff --git a/system/core/Security.php b/system/core/Security.php index 27471d98e..ab85e2239 100644 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -498,8 +498,8 @@ class CI_Security { .'(?(?:[\s\042\047/=]*' // non-attribute characters, excluding > (tag close) for obvious reasons .'[^\s\042\047>/=]+' // attribute characters // optional attribute-value - .'(?:\s*=\s*' // attribute-value separator - .'(?:\042[^\042]*\042|\047[^\047]*\047|[^\s\042\047=><`]*)' // single, double or non-quoted value + .'(?:\s*=' // attribute-value separator + .'(?:[^\s\042\047=><`]+|\s*\042[^\042]*\042|\s*\047[^\047]*\047|\s*(?U:[^\s\042\047=><`]*))' // single, double or non-quoted value .')?' // end optional attribute-value group .')*)' // end optional attributes group .'[^>]*)(?\>)?#isS'; @@ -808,7 +808,7 @@ class CI_Security { .'([\s\042\047/=]*)' // non-attribute characters, excluding > (tag close) for obvious reasons .'(?[^\s\042\047>/=]+)' // attribute characters // optional attribute-value - .'(?:\s*=(?:[^\s\042\047=><`]+|\s*\042[^\042]+\042|\s*\047[^\047]+\047|\s*(?U:[^\s\042\047=><`]*)))' // attribute-value separator + .'(?:\s*=(?[^\s\042\047=><`]+|\s*\042[^\042]*\042|\s*\047[^\047]*\047|\s*(?U:[^\s\042\047=><`]*)))' // attribute-value separator .'#i'; if ($count = preg_match_all($pattern, $matches['attributes'], $attributes, PREG_SET_ORDER | PREG_OFFSET_CAPTURE)) @@ -818,8 +818,14 @@ class CI_Security { // so we don't damage the string. for ($i = $count - 1; $i > -1; $i--) { - // Is it indeed an "evil" attribute? - if (preg_match('#^('.implode('|', $evil_attributes).')$#i', $attributes[$i]['name'][0])) + if ( + // Is it indeed an "evil" attribute? + preg_match('#^('.implode('|', $evil_attributes).')$#i', $attributes[$i]['name'][0]) + // Or an attribute not starting with a letter? Some parsers get confused by that + OR ! ctype_alpha($attributes[$i]['name'][0][0]) + // Does it have an equals sign, but no value and not quoted? Strip that too! + OR (trim($attributes[$i]['value'][0]) === '') + ) { $matches['attributes'] = substr_replace( $matches['attributes'], -- cgit v1.2.3-24-g4f1b From 47adcef68871cea1e556ffb2c0b6f585497e2a27 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 8 Oct 2015 17:21:06 +0300 Subject: [ci skip] Prepare 3.0.2 release --- system/core/CodeIgniter.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index b69630cf8..60dcc0e5e 100644 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -55,7 +55,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @var string * */ - define('CI_VERSION', '3.0.2-dev'); + define('CI_VERSION', '3.0.2'); /* * ------------------------------------------------------ -- cgit v1.2.3-24-g4f1b From 2b5825ec66670b6ecb9528740cc1a51b59dbd3f2 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 12 Oct 2015 16:57:28 +0300 Subject: [ci skip] This is 3.0.3-dev --- system/core/CodeIgniter.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index 60dcc0e5e..8cea813a2 100644 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -55,7 +55,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @var string * */ - define('CI_VERSION', '3.0.2'); + define('CI_VERSION', '3.0.3-dev'); /* * ------------------------------------------------------ -- cgit v1.2.3-24-g4f1b From d2ea460f138fd1f9a527c9b0ece7cce369fd430b Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 30 Oct 2015 11:47:35 +0200 Subject: Fix #3201 --- system/core/Common.php | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Common.php b/system/core/Common.php index ad3ca9f93..3ab98cf6d 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -752,7 +752,12 @@ if ( ! function_exists('html_escape')) if (is_array($var)) { - return array_map('html_escape', $var, array_fill(0, count($var), $double_encode)); + foreach (array_keys($var) as $key) + { + $var[$key] = html_escape($var[$key], $double_encode); + } + + return $var; } return htmlspecialchars($var, ENT_QUOTES, config_item('charset'), $double_encode); -- cgit v1.2.3-24-g4f1b From 71b1b3f5b2dcc0f4b652e9494e9853b82541ac8c Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 27 Oct 2015 12:30:18 +0200 Subject: Harden xss_clean() --- system/core/Security.php | 66 ++++++++++++++++++++++++++++-------------------- 1 file changed, 39 insertions(+), 27 deletions(-) (limited to 'system/core') diff --git a/system/core/Security.php b/system/core/Security.php index ab85e2239..36dea4cf2 100644 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -803,43 +803,55 @@ class CI_Security { // For other tags, see if their attributes are "evil" and strip those elseif (isset($matches['attributes'])) { - // We'll need to catch all attributes separately first - $pattern = '#' - .'([\s\042\047/=]*)' // non-attribute characters, excluding > (tag close) for obvious reasons + // We'll store the already fitlered attributes here + $attributes = array(); + + // Attribute-catching pattern + $attributes_pattern = '#' .'(?[^\s\042\047>/=]+)' // attribute characters // optional attribute-value .'(?:\s*=(?[^\s\042\047=><`]+|\s*\042[^\042]*\042|\s*\047[^\047]*\047|\s*(?U:[^\s\042\047=><`]*)))' // attribute-value separator .'#i'; - if ($count = preg_match_all($pattern, $matches['attributes'], $attributes, PREG_SET_ORDER | PREG_OFFSET_CAPTURE)) + // Blacklist pattern for evil attribute names + $is_evil_pattern = '#^('.implode('|', $evil_attributes).')$#i'; + + // Each iteration filters a single attribute + do { - // Since we'll be using substr_replace() below, we - // need to handle the attributes in reverse order, - // so we don't damage the string. - for ($i = $count - 1; $i > -1; $i--) + // Strip any non-alpha characters that may preceed an attribute. + // Browsers often parse these incorrectly and that has been a + // of numerous XSS issues we've had. + $matches['attributes'] = preg_replace('#^[^a-z]+#i', '', $matches['attributes']); + + if ( ! preg_match($attributes_pattern, $matches['attributes'], $attribute, PREG_OFFSET_CAPTURE)) { - if ( - // Is it indeed an "evil" attribute? - preg_match('#^('.implode('|', $evil_attributes).')$#i', $attributes[$i]['name'][0]) - // Or an attribute not starting with a letter? Some parsers get confused by that - OR ! ctype_alpha($attributes[$i]['name'][0][0]) - // Does it have an equals sign, but no value and not quoted? Strip that too! - OR (trim($attributes[$i]['value'][0]) === '') - ) - { - $matches['attributes'] = substr_replace( - $matches['attributes'], - ' [removed]', - $attributes[$i][0][1], - strlen($attributes[$i][0][0]) - ); - } + // No (valid) attribute found? Discard everything else inside the tag + break; } - // Note: This will strip some non-space characters and/or - // reduce multiple spaces between attributes. - return '<'.$matches['slash'].$matches['tagName'].' '.trim($matches['attributes']).'>'; + if ( + // Is it indeed an "evil" attribute? + preg_match($is_evil_pattern, $attribute['name'][0]) + // Or does it have an equals sign, but no value and not quoted? Strip that too! + OR (trim($attribute['value'][0]) === '') + ) + { + $attributes[] = 'xss=removed'; + } + else + { + $attributes[] = $attribute[0][0]; + } + + $matches['attributes'] = substr($matches['attributes'], $attribute[0][1] + strlen($attribute[0][0])); } + while ($matches['attributes'] !== ''); + + $attributes = empty($attributes) + ? '' + : ' '.implode(' ', $attributes); + return '<'.$matches['slash'].$matches['tagName'].$attributes.'>'; } return $matches[0]; -- cgit v1.2.3-24-g4f1b From 0a6b0661305f20ac1fbd219d43f59193bea90d1d Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 26 Oct 2015 15:31:38 +0200 Subject: Prevent Host header injections --- system/core/Config.php | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) (limited to 'system/core') diff --git a/system/core/Config.php b/system/core/Config.php index feea7c85a..0264776f9 100644 --- a/system/core/Config.php +++ b/system/core/Config.php @@ -88,11 +88,9 @@ class CI_Config { // Set the base_url automatically if none was provided if (empty($this->config['base_url'])) { - // The regular expression is only a basic validation for a valid "Host" header. - // It's not exhaustive, only checks for valid characters. - if (isset($_SERVER['HTTP_HOST']) && preg_match('/^((\[[0-9a-f:]+\])|(\d{1,3}(\.\d{1,3}){3})|[a-z0-9\-\.]+)(:\d+)?$/i', $_SERVER['HTTP_HOST'])) + if (isset($_SERVER['SERVER_ADDR'])) { - $base_url = (is_https() ? 'https' : 'http').'://'.$_SERVER['HTTP_HOST'] + $base_url = (is_https() ? 'https' : 'http').'://'.$_SERVER['SERVER_ADDR'] .substr($_SERVER['SCRIPT_NAME'], 0, strpos($_SERVER['SCRIPT_NAME'], basename($_SERVER['SCRIPT_FILENAME']))); } else -- cgit v1.2.3-24-g4f1b From 0abc55a22535586929fb146a81d1cee68dbccd10 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 31 Oct 2015 19:30:41 +0200 Subject: [ci skip] Update changelog, version & upgrade instructions --- system/core/CodeIgniter.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index 8cea813a2..5080dc6d1 100644 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -55,7 +55,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @var string * */ - define('CI_VERSION', '3.0.3-dev'); + define('CI_VERSION', '3.0.3'); /* * ------------------------------------------------------ -- cgit v1.2.3-24-g4f1b From ab3c383fb3535e55253271f210870cd9361d94c9 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 4 Nov 2015 15:40:55 +0200 Subject: [ci skip] Start of 3.0.4 development --- system/core/CodeIgniter.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index 5080dc6d1..79a23c4ca 100644 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -55,7 +55,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @var string * */ - define('CI_VERSION', '3.0.3'); + define('CI_VERSION', '3.0.4-dev'); /* * ------------------------------------------------------ -- cgit v1.2.3-24-g4f1b From 20edad807645a42df7f4b0baa6e6a2eb29bd2b0c Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 9 Nov 2015 10:56:30 +0200 Subject: Merge pull request #4217 from natesilva/fix-ipv6-base_url Build base_url correctly if SERVER_ADDR is IPv6 --- system/core/Config.php | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Config.php b/system/core/Config.php index 0264776f9..c507f342c 100644 --- a/system/core/Config.php +++ b/system/core/Config.php @@ -90,7 +90,16 @@ class CI_Config { { if (isset($_SERVER['SERVER_ADDR'])) { - $base_url = (is_https() ? 'https' : 'http').'://'.$_SERVER['SERVER_ADDR'] + if (strpos($_SERVER['SERVER_ADDR'], ':') !== FALSE) + { + $server_addr = '['.$_SERVER['SERVER_ADDR'].']'; + } + else + { + $server_addr = $_SERVER['SERVER_ADDR']; + } + + $base_url = (is_https() ? 'https' : 'http').'://'.$server_addr .substr($_SERVER['SCRIPT_NAME'], 0, strpos($_SERVER['SCRIPT_NAME'], basename($_SERVER['SCRIPT_FILENAME']))); } else -- cgit v1.2.3-24-g4f1b From 5afa348b48a93f24957377dc12f86ae64665b944 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 24 Nov 2015 11:48:39 +0200 Subject: Use PHP7's random_bytes() when possible Close #4260 --- system/core/Security.php | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) (limited to 'system/core') diff --git a/system/core/Security.php b/system/core/Security.php index 36dea4cf2..e79bf8aff 100644 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -593,6 +593,22 @@ class CI_Security { return FALSE; } + if (function_exists('random_bytes')) + { + try + { + // The cast is required to avoid TypeError + return random_bytes((int) $length); + } + catch (Exception $e) + { + // If random_bytes() can't do the job, we can't either ... + // There's no point in using fallbacks. + log_message('error', $e->getMessage()); + return FALSE; + } + } + // Unfortunately, none of the following PRNGs is guaranteed to exist ... if (defined('MCRYPT_DEV_URANDOM') && ($output = mcrypt_create_iv($length, MCRYPT_DEV_URANDOM)) !== FALSE) { -- cgit v1.2.3-24-g4f1b From f0f93f50d2a85373988a225504115d4805446189 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 7 Dec 2015 12:12:44 +0200 Subject: Merge pull request #4291 from b-kaxa/fix-phpdoc [ci skip] phpdoc adjustments in CI_Router and CI_URI --- system/core/Router.php | 1 + system/core/URI.php | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Router.php b/system/core/Router.php index a84be1f1d..ce41aa958 100644 --- a/system/core/Router.php +++ b/system/core/Router.php @@ -118,6 +118,7 @@ class CI_Router { * * Runs the route mapping function. * + * @param array $routing * @return void */ public function __construct($routing = NULL) diff --git a/system/core/URI.php b/system/core/URI.php index 5b658f679..5179b401f 100644 --- a/system/core/URI.php +++ b/system/core/URI.php @@ -294,7 +294,7 @@ class CI_URI { * * Do some final cleaning of the URI and return it, currently only used in self::_parse_request_uri() * - * @param string $url + * @param string $uri * @return string */ protected function _remove_relative_directory($uri) -- cgit v1.2.3-24-g4f1b From 0b1efb38293416b13aee8d1d9505e97d2efade5f Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 4 Jan 2016 12:34:14 +0200 Subject: Fix #4350 --- system/core/Loader.php | 32 +++++++++++++++++++++++++++++++- 1 file changed, 31 insertions(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Loader.php b/system/core/Loader.php index 18e4c5287..87f21b279 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -285,9 +285,39 @@ class CI_Loader { $this->database($db_conn, FALSE, TRUE); } + // Note: All of the code under this condition used to be just: + // + // load_class('Model', 'core'); + // + // However, load_class() instantiates classes + // to cache them for later use and that prevents + // MY_Model from being an abstract class and is + // sub-optimal otherwise anyway. if ( ! class_exists('CI_Model', FALSE)) { - load_class('Model', 'core'); + $app_path = APPPATH.'core'.DIRECTORY_SEPARATOR; + if (file_exists($app_path.'Model.php')) + { + require_once($app_path.'Model.php'); + if ( ! class_exists('CI_Model', FALSE)) + { + throw new RuntimeException($app_path."Model.php exists, but doesn't declare class CI_Model"); + } + } + elseif ( ! class_exists('CI_Model', FALSE)) + { + require_once(BASEPATH.'core'.DIRECTORY_SEPARATOR.'Model.php'); + } + + $class = config_item('subclass_prefix').'Model'; + if (file_exists($app_path.$class.'.php')) + { + require_once($app_path.$class.'.php'); + if ( ! class_exists($class, FALSE)) + { + throw new RuntimeException($app_path.$class.".php exists, but doesn't declare class ".$class); + } + } } $model = ucfirst($model); -- cgit v1.2.3-24-g4f1b From 125ef4751080a2118cb203357d77687699e3eb25 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 11 Jan 2016 12:33:00 +0200 Subject: [ci skip] Bump year to 2016 --- system/core/Benchmark.php | 4 ++-- system/core/CodeIgniter.php | 4 ++-- system/core/Common.php | 4 ++-- system/core/Config.php | 4 ++-- system/core/Controller.php | 4 ++-- system/core/Exceptions.php | 4 ++-- system/core/Hooks.php | 4 ++-- system/core/Input.php | 4 ++-- system/core/Lang.php | 4 ++-- system/core/Loader.php | 4 ++-- system/core/Log.php | 4 ++-- system/core/Model.php | 4 ++-- system/core/Output.php | 4 ++-- system/core/Router.php | 4 ++-- system/core/Security.php | 4 ++-- system/core/URI.php | 4 ++-- system/core/Utf8.php | 4 ++-- system/core/compat/hash.php | 4 ++-- system/core/compat/mbstring.php | 4 ++-- system/core/compat/password.php | 4 ++-- system/core/compat/standard.php | 4 ++-- 21 files changed, 42 insertions(+), 42 deletions(-) (limited to 'system/core') diff --git a/system/core/Benchmark.php b/system/core/Benchmark.php index e420f62a1..414a801ee 100644 --- a/system/core/Benchmark.php +++ b/system/core/Benchmark.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2016, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link http://codeigniter.com * @since Version 1.0.0 diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index 79a23c4ca..1394fd862 100644 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2016, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link http://codeigniter.com * @since Version 1.0.0 diff --git a/system/core/Common.php b/system/core/Common.php index 3ab98cf6d..32e47b743 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2016, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link http://codeigniter.com * @since Version 1.0.0 diff --git a/system/core/Config.php b/system/core/Config.php index c507f342c..d03e02d4d 100644 --- a/system/core/Config.php +++ b/system/core/Config.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2016, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link http://codeigniter.com * @since Version 1.0.0 diff --git a/system/core/Controller.php b/system/core/Controller.php index a0d97baa2..260dee4f6 100644 --- a/system/core/Controller.php +++ b/system/core/Controller.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2016, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link http://codeigniter.com * @since Version 1.0.0 diff --git a/system/core/Exceptions.php b/system/core/Exceptions.php index d8f62c0fe..29a285166 100644 --- a/system/core/Exceptions.php +++ b/system/core/Exceptions.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2016, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link http://codeigniter.com * @since Version 1.0.0 diff --git a/system/core/Hooks.php b/system/core/Hooks.php index 3b4fb2250..42090d16c 100644 --- a/system/core/Hooks.php +++ b/system/core/Hooks.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2016, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link http://codeigniter.com * @since Version 1.0.0 diff --git a/system/core/Input.php b/system/core/Input.php index 4e7a4e95e..55474fd0c 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2016, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link http://codeigniter.com * @since Version 1.0.0 diff --git a/system/core/Lang.php b/system/core/Lang.php index deb955414..6913b92fa 100644 --- a/system/core/Lang.php +++ b/system/core/Lang.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2016, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link http://codeigniter.com * @since Version 1.0.0 diff --git a/system/core/Loader.php b/system/core/Loader.php index 87f21b279..500a86ae6 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2016, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link http://codeigniter.com * @since Version 1.0.0 diff --git a/system/core/Log.php b/system/core/Log.php index e8cb401f5..4343d746d 100644 --- a/system/core/Log.php +++ b/system/core/Log.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2016, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link http://codeigniter.com * @since Version 1.0.0 diff --git a/system/core/Model.php b/system/core/Model.php index a0469de11..c9f1f8dd6 100644 --- a/system/core/Model.php +++ b/system/core/Model.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2016, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link http://codeigniter.com * @since Version 1.0.0 diff --git a/system/core/Output.php b/system/core/Output.php index 76c1329d2..75116b3a6 100644 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2016, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link http://codeigniter.com * @since Version 1.0.0 diff --git a/system/core/Router.php b/system/core/Router.php index ce41aa958..85d1df719 100644 --- a/system/core/Router.php +++ b/system/core/Router.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2016, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link http://codeigniter.com * @since Version 1.0.0 diff --git a/system/core/Security.php b/system/core/Security.php index e79bf8aff..16375d17f 100644 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2016, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link http://codeigniter.com * @since Version 1.0.0 diff --git a/system/core/URI.php b/system/core/URI.php index 5179b401f..5262dd49c 100644 --- a/system/core/URI.php +++ b/system/core/URI.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2016, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link http://codeigniter.com * @since Version 1.0.0 diff --git a/system/core/Utf8.php b/system/core/Utf8.php index 9d8ac41e1..c6392c4e2 100644 --- a/system/core/Utf8.php +++ b/system/core/Utf8.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2016, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link http://codeigniter.com * @since Version 2.0.0 diff --git a/system/core/compat/hash.php b/system/core/compat/hash.php index 15954559c..7e5f1335d 100644 --- a/system/core/compat/hash.php +++ b/system/core/compat/hash.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2016, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link http://codeigniter.com * @since Version 3.0.0 diff --git a/system/core/compat/mbstring.php b/system/core/compat/mbstring.php index e335c85f7..ff8e79257 100644 --- a/system/core/compat/mbstring.php +++ b/system/core/compat/mbstring.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2016, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link http://codeigniter.com * @since Version 3.0.0 diff --git a/system/core/compat/password.php b/system/core/compat/password.php index 7b933aa04..3062b89c0 100644 --- a/system/core/compat/password.php +++ b/system/core/compat/password.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2016, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link http://codeigniter.com * @since Version 3.0.0 diff --git a/system/core/compat/standard.php b/system/core/compat/standard.php index 5a428c114..c9f7ce225 100644 --- a/system/core/compat/standard.php +++ b/system/core/compat/standard.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2016, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link http://codeigniter.com * @since Version 3.0.0 -- cgit v1.2.3-24-g4f1b From bd202c91b0e9cf0a8c93bcaa71df9574f5909346 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 11 Jan 2016 12:50:18 +0200 Subject: [ci skip] Update codeigniter.com links to https --- system/core/Benchmark.php | 4 ++-- system/core/CodeIgniter.php | 4 ++-- system/core/Common.php | 4 ++-- system/core/Config.php | 4 ++-- system/core/Controller.php | 4 ++-- system/core/Exceptions.php | 4 ++-- system/core/Hooks.php | 4 ++-- system/core/Input.php | 4 ++-- system/core/Lang.php | 4 ++-- system/core/Loader.php | 4 ++-- system/core/Log.php | 4 ++-- system/core/Model.php | 4 ++-- system/core/Output.php | 4 ++-- system/core/Router.php | 4 ++-- system/core/Security.php | 4 ++-- system/core/URI.php | 4 ++-- system/core/Utf8.php | 4 ++-- system/core/compat/hash.php | 4 ++-- system/core/compat/mbstring.php | 4 ++-- system/core/compat/password.php | 4 ++-- system/core/compat/standard.php | 4 ++-- 21 files changed, 42 insertions(+), 42 deletions(-) (limited to 'system/core') diff --git a/system/core/Benchmark.php b/system/core/Benchmark.php index 414a801ee..fc3b6aafb 100644 --- a/system/core/Benchmark.php +++ b/system/core/Benchmark.php @@ -31,7 +31,7 @@ * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -47,7 +47,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Libraries * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/benchmark.html + * @link https://codeigniter.com/user_guide/libraries/benchmark.html */ class CI_Benchmark { diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index 1394fd862..3b728ddae 100644 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -31,7 +31,7 @@ * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage CodeIgniter * @category Front-controller * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/ + * @link https://codeigniter.com/user_guide/ */ /** diff --git a/system/core/Common.php b/system/core/Common.php index 32e47b743..02421b1b1 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -31,7 +31,7 @@ * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage CodeIgniter * @category Common Functions * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/ + * @link https://codeigniter.com/user_guide/ */ // ------------------------------------------------------------------------ diff --git a/system/core/Config.php b/system/core/Config.php index d03e02d4d..587877da6 100644 --- a/system/core/Config.php +++ b/system/core/Config.php @@ -31,7 +31,7 @@ * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Libraries * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/config.html + * @link https://codeigniter.com/user_guide/libraries/config.html */ class CI_Config { diff --git a/system/core/Controller.php b/system/core/Controller.php index 260dee4f6..c5c6ee0f4 100644 --- a/system/core/Controller.php +++ b/system/core/Controller.php @@ -31,7 +31,7 @@ * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -47,7 +47,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Libraries * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/general/controllers.html + * @link https://codeigniter.com/user_guide/general/controllers.html */ class CI_Controller { diff --git a/system/core/Exceptions.php b/system/core/Exceptions.php index 29a285166..e3270d609 100644 --- a/system/core/Exceptions.php +++ b/system/core/Exceptions.php @@ -31,7 +31,7 @@ * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Exceptions * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/exceptions.html + * @link https://codeigniter.com/user_guide/libraries/exceptions.html */ class CI_Exceptions { diff --git a/system/core/Hooks.php b/system/core/Hooks.php index 42090d16c..af71dba83 100644 --- a/system/core/Hooks.php +++ b/system/core/Hooks.php @@ -31,7 +31,7 @@ * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Libraries * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/general/hooks.html + * @link https://codeigniter.com/user_guide/general/hooks.html */ class CI_Hooks { diff --git a/system/core/Input.php b/system/core/Input.php index 55474fd0c..bb7ad23ba 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -31,7 +31,7 @@ * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Input * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/input.html + * @link https://codeigniter.com/user_guide/libraries/input.html */ class CI_Input { diff --git a/system/core/Lang.php b/system/core/Lang.php index 6913b92fa..20855f975 100644 --- a/system/core/Lang.php +++ b/system/core/Lang.php @@ -31,7 +31,7 @@ * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Language * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/language.html + * @link https://codeigniter.com/user_guide/libraries/language.html */ class CI_Lang { diff --git a/system/core/Loader.php b/system/core/Loader.php index 500a86ae6..4d093d139 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -31,7 +31,7 @@ * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Loader * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/loader.html + * @link https://codeigniter.com/user_guide/libraries/loader.html */ class CI_Loader { diff --git a/system/core/Log.php b/system/core/Log.php index 4343d746d..a5f64f29d 100644 --- a/system/core/Log.php +++ b/system/core/Log.php @@ -31,7 +31,7 @@ * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Logging * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/general/errors.html + * @link https://codeigniter.com/user_guide/general/errors.html */ class CI_Log { diff --git a/system/core/Model.php b/system/core/Model.php index c9f1f8dd6..058387255 100644 --- a/system/core/Model.php +++ b/system/core/Model.php @@ -31,7 +31,7 @@ * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Libraries * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/config.html + * @link https://codeigniter.com/user_guide/libraries/config.html */ class CI_Model { diff --git a/system/core/Output.php b/system/core/Output.php index 75116b3a6..faeb0ea97 100644 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -31,7 +31,7 @@ * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Output * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/output.html + * @link https://codeigniter.com/user_guide/libraries/output.html */ class CI_Output { diff --git a/system/core/Router.php b/system/core/Router.php index 85d1df719..e46ddb4a9 100644 --- a/system/core/Router.php +++ b/system/core/Router.php @@ -31,7 +31,7 @@ * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Libraries * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/general/routing.html + * @link https://codeigniter.com/user_guide/general/routing.html */ class CI_Router { diff --git a/system/core/Security.php b/system/core/Security.php index 16375d17f..f697dd9c2 100644 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -31,7 +31,7 @@ * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Security * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/security.html + * @link https://codeigniter.com/user_guide/libraries/security.html */ class CI_Security { diff --git a/system/core/URI.php b/system/core/URI.php index 5262dd49c..22e454339 100644 --- a/system/core/URI.php +++ b/system/core/URI.php @@ -31,7 +31,7 @@ * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category URI * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/uri.html + * @link https://codeigniter.com/user_guide/libraries/uri.html */ class CI_URI { diff --git a/system/core/Utf8.php b/system/core/Utf8.php index c6392c4e2..523f5f248 100644 --- a/system/core/Utf8.php +++ b/system/core/Utf8.php @@ -31,7 +31,7 @@ * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 2.0.0 * @filesource */ @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category UTF-8 * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/utf8.html + * @link https://codeigniter.com/user_guide/libraries/utf8.html */ class CI_Utf8 { diff --git a/system/core/compat/hash.php b/system/core/compat/hash.php index 7e5f1335d..405c014ab 100644 --- a/system/core/compat/hash.php +++ b/system/core/compat/hash.php @@ -31,7 +31,7 @@ * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage CodeIgniter * @category Compatibility * @author Andrey Andreev - * @link http://codeigniter.com/user_guide/ + * @link https://codeigniter.com/user_guide/ * @link http://php.net/hash */ diff --git a/system/core/compat/mbstring.php b/system/core/compat/mbstring.php index ff8e79257..0c64ed346 100644 --- a/system/core/compat/mbstring.php +++ b/system/core/compat/mbstring.php @@ -31,7 +31,7 @@ * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage CodeIgniter * @category Compatibility * @author Andrey Andreev - * @link http://codeigniter.com/user_guide/ + * @link https://codeigniter.com/user_guide/ * @link http://php.net/mbstring */ diff --git a/system/core/compat/password.php b/system/core/compat/password.php index 3062b89c0..6b6a0fc60 100644 --- a/system/core/compat/password.php +++ b/system/core/compat/password.php @@ -31,7 +31,7 @@ * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage CodeIgniter * @category Compatibility * @author Andrey Andreev - * @link http://codeigniter.com/user_guide/ + * @link https://codeigniter.com/user_guide/ * @link http://php.net/password */ diff --git a/system/core/compat/standard.php b/system/core/compat/standard.php index c9f7ce225..3d439e469 100644 --- a/system/core/compat/standard.php +++ b/system/core/compat/standard.php @@ -31,7 +31,7 @@ * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 3.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage CodeIgniter * @category Compatibility * @author Andrey Andreev - * @link http://codeigniter.com/user_guide/ + * @link https://codeigniter.com/user_guide/ */ // ------------------------------------------------------------------------ -- cgit v1.2.3-24-g4f1b From 1924e879b165fb119847a49a7a5eab2f28295fa2 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 11 Jan 2016 12:55:34 +0200 Subject: [ci skip] Update ellislab.com links to https too --- system/core/Benchmark.php | 2 +- system/core/CodeIgniter.php | 2 +- system/core/Common.php | 2 +- system/core/Config.php | 2 +- system/core/Controller.php | 2 +- system/core/Exceptions.php | 2 +- system/core/Hooks.php | 2 +- system/core/Input.php | 2 +- system/core/Lang.php | 2 +- system/core/Loader.php | 2 +- system/core/Log.php | 2 +- system/core/Model.php | 2 +- system/core/Output.php | 2 +- system/core/Router.php | 2 +- system/core/Security.php | 2 +- system/core/URI.php | 2 +- system/core/Utf8.php | 2 +- system/core/compat/hash.php | 2 +- system/core/compat/mbstring.php | 2 +- system/core/compat/password.php | 2 +- system/core/compat/standard.php | 2 +- 21 files changed, 21 insertions(+), 21 deletions(-) (limited to 'system/core') diff --git a/system/core/Benchmark.php b/system/core/Benchmark.php index fc3b6aafb..b1d74f78f 100644 --- a/system/core/Benchmark.php +++ b/system/core/Benchmark.php @@ -28,7 +28,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index 3b728ddae..727f37029 100644 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -28,7 +28,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com diff --git a/system/core/Common.php b/system/core/Common.php index 02421b1b1..b87ce4d62 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -28,7 +28,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com diff --git a/system/core/Config.php b/system/core/Config.php index 587877da6..ca6fb3793 100644 --- a/system/core/Config.php +++ b/system/core/Config.php @@ -28,7 +28,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com diff --git a/system/core/Controller.php b/system/core/Controller.php index c5c6ee0f4..83b3df26c 100644 --- a/system/core/Controller.php +++ b/system/core/Controller.php @@ -28,7 +28,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com diff --git a/system/core/Exceptions.php b/system/core/Exceptions.php index e3270d609..a1c6a1970 100644 --- a/system/core/Exceptions.php +++ b/system/core/Exceptions.php @@ -28,7 +28,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com diff --git a/system/core/Hooks.php b/system/core/Hooks.php index af71dba83..856795cba 100644 --- a/system/core/Hooks.php +++ b/system/core/Hooks.php @@ -28,7 +28,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com diff --git a/system/core/Input.php b/system/core/Input.php index bb7ad23ba..a7c9ecd0d 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -28,7 +28,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com diff --git a/system/core/Lang.php b/system/core/Lang.php index 20855f975..1fcff078a 100644 --- a/system/core/Lang.php +++ b/system/core/Lang.php @@ -28,7 +28,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com diff --git a/system/core/Loader.php b/system/core/Loader.php index 4d093d139..37d1ecaf9 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -28,7 +28,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com diff --git a/system/core/Log.php b/system/core/Log.php index a5f64f29d..72d3cfbae 100644 --- a/system/core/Log.php +++ b/system/core/Log.php @@ -28,7 +28,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com diff --git a/system/core/Model.php b/system/core/Model.php index 058387255..941881a9f 100644 --- a/system/core/Model.php +++ b/system/core/Model.php @@ -28,7 +28,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com diff --git a/system/core/Output.php b/system/core/Output.php index faeb0ea97..ad87f8545 100644 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -28,7 +28,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com diff --git a/system/core/Router.php b/system/core/Router.php index e46ddb4a9..045d36687 100644 --- a/system/core/Router.php +++ b/system/core/Router.php @@ -28,7 +28,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com diff --git a/system/core/Security.php b/system/core/Security.php index f697dd9c2..bad511dd3 100644 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -28,7 +28,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com diff --git a/system/core/URI.php b/system/core/URI.php index 22e454339..544f6c85f 100644 --- a/system/core/URI.php +++ b/system/core/URI.php @@ -28,7 +28,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com diff --git a/system/core/Utf8.php b/system/core/Utf8.php index 523f5f248..f2f42e6ca 100644 --- a/system/core/Utf8.php +++ b/system/core/Utf8.php @@ -28,7 +28,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com diff --git a/system/core/compat/hash.php b/system/core/compat/hash.php index 405c014ab..6854e4c26 100644 --- a/system/core/compat/hash.php +++ b/system/core/compat/hash.php @@ -28,7 +28,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com diff --git a/system/core/compat/mbstring.php b/system/core/compat/mbstring.php index 0c64ed346..554d10040 100644 --- a/system/core/compat/mbstring.php +++ b/system/core/compat/mbstring.php @@ -28,7 +28,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com diff --git a/system/core/compat/password.php b/system/core/compat/password.php index 6b6a0fc60..f0c22c780 100644 --- a/system/core/compat/password.php +++ b/system/core/compat/password.php @@ -28,7 +28,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com diff --git a/system/core/compat/standard.php b/system/core/compat/standard.php index 3d439e469..47d47aeff 100644 --- a/system/core/compat/standard.php +++ b/system/core/compat/standard.php @@ -28,7 +28,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com -- cgit v1.2.3-24-g4f1b From 4307bff0a4ae884d57cc0c0fa8f54de6c05000e7 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 13 Jan 2016 02:13:10 +0200 Subject: [ci skip] Mark the start of 3.0.5 development --- system/core/CodeIgniter.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index 727f37029..52b542654 100644 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -55,7 +55,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @var string * */ - define('CI_VERSION', '3.0.4-dev'); + define('CI_VERSION', '3.0.5-dev'); /* * ------------------------------------------------------ -- cgit v1.2.3-24-g4f1b From 22df06b544cb74b4a71c0e1b0d9fa0bc13c95469 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 20 Jan 2016 12:10:08 +0200 Subject: [ci skip] Fix a documentation error on output cache times --- system/core/Output.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Output.php b/system/core/Output.php index ad87f8545..ec9c21b91 100644 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -377,7 +377,7 @@ class CI_Output { /** * Set Cache * - * @param int $time Cache expiration time in seconds + * @param int $time Cache expiration time in minutes * @return CI_Output */ public function cache($time) -- cgit v1.2.3-24-g4f1b From 1ccc8bed6ed169356ef31397d9ae988a16cd9a63 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 9 Feb 2016 21:15:10 +0200 Subject: Merge pull request #4323 from jspreddy/sai/log_line_formatting_extensibility_change Refactored CI_Log line formatting to allow extensibility --- system/core/Log.php | 23 ++++++++++++++++++++--- 1 file changed, 20 insertions(+), 3 deletions(-) (limited to 'system/core') diff --git a/system/core/Log.php b/system/core/Log.php index 72d3cfbae..7c81d358b 100644 --- a/system/core/Log.php +++ b/system/core/Log.php @@ -154,8 +154,8 @@ class CI_Log { * * Generally this function will be called using the global log_message() function * - * @param string the error level: 'error', 'debug' or 'info' - * @param string the error message + * @param string $level The error level: 'error', 'debug' or 'info' + * @param string $msg The error message * @return bool */ public function write_log($level, $msg) @@ -204,7 +204,7 @@ class CI_Log { $date = date($this->_date_fmt); } - $message .= $level.' - '.$date.' --> '.$msg."\n"; + $message .= $this->_format_line($level, $date, $msg); flock($fp, LOCK_EX); @@ -227,4 +227,21 @@ class CI_Log { return is_int($result); } + // -------------------------------------------------------------------- + + /** + * Format the log line. + * + * This is for extensibility of log formatting + * If you want to change the log format, extend the CI_Log class and override this method + * + * @param string $level The error level + * @param string $date Formatted date string + * @param string $msg The log message + * @return string Formatted log line with a new line character '\n' at the end + */ + protected function _format_line($level, $date, $message) + { + return $level.' - '.$date.' --> '.$message."\n"; + } } -- cgit v1.2.3-24-g4f1b From 44d3b185ae7a15e50bd595440187c6c863a13415 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 15 Feb 2016 14:37:14 +0200 Subject: Merge pull request #4453 from EpicKris/feature/Autoload-Driver-Object-Name Autoload Driver Object Names --- system/core/Loader.php | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) (limited to 'system/core') diff --git a/system/core/Loader.php b/system/core/Loader.php index 37d1ecaf9..80de804ea 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -718,9 +718,16 @@ class CI_Loader { { if (is_array($library)) { - foreach ($library as $driver) + foreach ($library as $key => $value) { - $this->driver($driver); + if (is_int($key)) + { + $this->driver($value, $params); + } + else + { + $this->driver($key, $params, $value); + } } return $this; @@ -1334,10 +1341,7 @@ class CI_Loader { // Autoload drivers if (isset($autoload['drivers'])) { - foreach ($autoload['drivers'] as $item) - { - $this->driver($item); - } + $this->driver($autoload['drivers']); } // Load libraries -- cgit v1.2.3-24-g4f1b From 738b9e30404a56a8e2e8053f024550232b72ea09 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 24 Feb 2016 12:14:10 +0200 Subject: Merge pull request #4480 from versalle88/develop Changed class_exists() calls to ignore __autoload() --- system/core/Loader.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Loader.php b/system/core/Loader.php index 80de804ea..62781a7bf 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -321,7 +321,7 @@ class CI_Loader { } $model = ucfirst($model); - if ( ! class_exists($model)) + if ( ! class_exists($model, FALSE)) { foreach ($this->_ci_model_paths as $mod_path) { -- cgit v1.2.3-24-g4f1b From e1f36e341a4ff513f8ba1f9908326f159edca4e7 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 1 Mar 2016 13:33:37 +0200 Subject: [ci skip] Move flock() call in CI_Log::write_log() immediately after fopen() --- system/core/Log.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'system/core') diff --git a/system/core/Log.php b/system/core/Log.php index 7c81d358b..1abdaa00e 100644 --- a/system/core/Log.php +++ b/system/core/Log.php @@ -191,6 +191,8 @@ class CI_Log { return FALSE; } + flock($fp, LOCK_EX); + // Instantiating DateTime with microseconds appended to initial date is needed for proper support of this format if (strpos($this->_date_fmt, 'u') !== FALSE) { @@ -206,8 +208,6 @@ class CI_Log { $message .= $this->_format_line($level, $date, $msg); - flock($fp, LOCK_EX); - for ($written = 0, $length = strlen($message); $written < $length; $written += $result) { if (($result = fwrite($fp, substr($message, $written))) === FALSE) -- cgit v1.2.3-24-g4f1b From 3c0d8da56b8535bb3ab563256e221c81a4a96e4a Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 7 Mar 2016 10:52:15 +0200 Subject: Fix #4475 --- system/core/Security.php | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Security.php b/system/core/Security.php index bad511dd3..d5305d1ca 100644 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -762,7 +762,14 @@ class CI_Security { */ public function strip_image_tags($str) { - return preg_replace(array('##', '##'), '\\1', $str); + return preg_replace( + array( + '##i', + '#`]+)).*?\>#i' + ), + '\\2', + $str + ); } // ---------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From 7e0bde27c8a6669b781d87c15ea51b750c91f97c Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 7 Mar 2016 17:52:26 +0200 Subject: Merge pull request #4472 from vibbow/patch-1 [ci skip] Update get_instance() return type in docblock --- system/core/CodeIgniter.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index 52b542654..bf41ab2a2 100644 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -359,7 +359,7 @@ if ( ! is_php('5.4')) * * Returns current CI instance object * - * @return object + * @return CI_Controller */ function &get_instance() { -- cgit v1.2.3-24-g4f1b From 92d1cc05362998ceabe39c4023f41fd939c1f5b2 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 11 Mar 2016 18:19:23 +0200 Subject: Add a defensive check in CI_Loader::_ci_load() Prevents possible internal variable overwrites when loading views --- system/core/Loader.php | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'system/core') diff --git a/system/core/Loader.php b/system/core/Loader.php index 62781a7bf..c742ae71a 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -936,6 +936,14 @@ class CI_Loader { */ if (is_array($_ci_vars)) { + foreach (array_keys($_ci_vars) as $key) + { + if (strncmp($key, '_ci_', 4) === 0) + { + unset($_ci_vars[$key]); + } + } + $this->_ci_cached_vars = array_merge($this->_ci_cached_vars, $_ci_vars); } extract($this->_ci_cached_vars); -- cgit v1.2.3-24-g4f1b From 59bcd1810f6c18e6dd4158003f122f750536d22e Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 11 Mar 2016 18:23:27 +0200 Subject: [ci skip] Prepare for 3.0.5 release --- system/core/CodeIgniter.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index bf41ab2a2..94d34c3fd 100644 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -55,7 +55,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @var string * */ - define('CI_VERSION', '3.0.5-dev'); + define('CI_VERSION', '3.0.5'); /* * ------------------------------------------------------ -- cgit v1.2.3-24-g4f1b From 4f9b20ae507dda7379d392386fb7ce5702626a91 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 11 Mar 2016 18:35:58 +0200 Subject: [ci skip] Mark the start of 3.0.6 development --- system/core/CodeIgniter.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index 94d34c3fd..f0d7c8f53 100644 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -55,7 +55,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @var string * */ - define('CI_VERSION', '3.0.5'); + define('CI_VERSION', '3.0.6-dev'); /* * ------------------------------------------------------ -- cgit v1.2.3-24-g4f1b From 9de0f0b3a65bea6adff9999977ea6b717099e194 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 21 Mar 2016 18:22:33 +0200 Subject: [ci skip] Prepare for 3.0.6 release --- system/core/CodeIgniter.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index f0d7c8f53..3eb3e0573 100644 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -55,7 +55,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @var string * */ - define('CI_VERSION', '3.0.6-dev'); + define('CI_VERSION', '3.0.6'); /* * ------------------------------------------------------ -- cgit v1.2.3-24-g4f1b From eb373a1abb348515001123ecbaca5e5384e69d19 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 21 Mar 2016 18:30:06 +0200 Subject: [ci skip] Mark the start of 3.0.7 development --- system/core/CodeIgniter.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index 3eb3e0573..f0d7c8f53 100644 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -55,7 +55,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @var string * */ - define('CI_VERSION', '3.0.6'); + define('CI_VERSION', '3.0.6-dev'); /* * ------------------------------------------------------ -- cgit v1.2.3-24-g4f1b From 951a4d5c76a5b6403b40bcaff326cf8dbedcbca6 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 22 Mar 2016 11:08:54 +0200 Subject: [ci skip] Fix CI_VERSION --- system/core/CodeIgniter.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index f0d7c8f53..aef0d3a5d 100644 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -55,7 +55,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @var string * */ - define('CI_VERSION', '3.0.6-dev'); + define('CI_VERSION', '3.0.7-dev'); /* * ------------------------------------------------------ -- cgit v1.2.3-24-g4f1b From 4d2628e8aab6d0673ac0a010acbfaa9d76b7d568 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 22 Mar 2016 13:42:03 +0200 Subject: random_bytes()-related improvements See #4260 --- system/core/compat/password.php | 26 ++++++++++++++++++++++---- 1 file changed, 22 insertions(+), 4 deletions(-) (limited to 'system/core') diff --git a/system/core/compat/password.php b/system/core/compat/password.php index f0c22c780..76dd2cf0a 100644 --- a/system/core/compat/password.php +++ b/system/core/compat/password.php @@ -116,13 +116,21 @@ if ( ! function_exists('password_hash')) } elseif ( ! isset($options['salt'])) { - if (defined('MCRYPT_DEV_URANDOM')) + if (function_exists('random_bytes')) { - $options['salt'] = mcrypt_create_iv(16, MCRYPT_DEV_URANDOM); + try + { + $options['salt'] = random_bytes(16); + } + catch (Exception $e) + { + log_message('error', 'compat/password: Error while trying to use random_bytes(): '.$e->getMessage()); + return FALSE; + } } - elseif (function_exists('openssl_random_pseudo_bytes')) + elseif (defined('MCRYPT_DEV_URANDOM')) { - $options['salt'] = openssl_random_pseudo_bytes(16); + $options['salt'] = mcrypt_create_iv(16, MCRYPT_DEV_URANDOM); } elseif (DIRECTORY_SEPARATOR === '/' && (is_readable($dev = '/dev/arandom') OR is_readable($dev = '/dev/urandom'))) { @@ -148,6 +156,16 @@ if ( ! function_exists('password_hash')) fclose($fp); } + elseif (function_exists('openssl_random_pseudo_bytes')) + { + $is_secure = NULL; + $options['salt'] = openssl_random_pseudo_bytes(16, $is_secure); + if ($is_secure !== TRUE) + { + log_message('error', 'compat/password: openssl_random_pseudo_bytes() set the $cryto_strong flag to FALSE'); + return FALSE; + } + } else { log_message('error', 'compat/password: No CSPRNG available.'); -- cgit v1.2.3-24-g4f1b From cd3d5956f7880091740489c5f24af0e72f677c0c Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 4 Apr 2016 10:28:31 +0300 Subject: Fix #4563 --- system/core/Input.php | 26 ++++++++++++++------------ 1 file changed, 14 insertions(+), 12 deletions(-) (limited to 'system/core') diff --git a/system/core/Input.php b/system/core/Input.php index a7c9ecd0d..50ca047e8 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -760,30 +760,32 @@ class CI_Input { // If header is already defined, return it immediately if ( ! empty($this->headers)) { - return $this->headers; + return $this->_fetch_from_array($this->headers, NULL, $xss_clean); } // In Apache, you can simply call apache_request_headers() if (function_exists('apache_request_headers')) { - return $this->headers = apache_request_headers(); + $this->headers = apache_request_headers(); } - - $this->headers['Content-Type'] = isset($_SERVER['CONTENT_TYPE']) ? $_SERVER['CONTENT_TYPE'] : @getenv('CONTENT_TYPE'); - - foreach ($_SERVER as $key => $val) + else { - if (sscanf($key, 'HTTP_%s', $header) === 1) + isset($_SERVER['CONTENT_TYPE']) && $this->headers['Content-Type'] = $_SERVER['CONTENT_TYPE']; + + foreach ($_SERVER as $key => $val) { - // take SOME_HEADER and turn it into Some-Header - $header = str_replace('_', ' ', strtolower($header)); - $header = str_replace(' ', '-', ucwords($header)); + if (sscanf($key, 'HTTP_%s', $header) === 1) + { + // take SOME_HEADER and turn it into Some-Header + $header = str_replace('_', ' ', strtolower($header)); + $header = str_replace(' ', '-', ucwords($header)); - $this->headers[$header] = $this->_fetch_from_array($_SERVER, $key, $xss_clean); + $this->headers[$header] = $_SERVER[$key]; + } } } - return $this->headers; + return $this->_fetch_from_array($this->headers, NULL, $xss_clean); } // -------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From 4ac24c201c673b52b39b7efc2235f1d84d1acd08 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 28 Apr 2016 14:28:07 +0300 Subject: Fix #4605 --- system/core/Config.php | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) (limited to 'system/core') diff --git a/system/core/Config.php b/system/core/Config.php index ca6fb3793..9fd3e4a7d 100644 --- a/system/core/Config.php +++ b/system/core/Config.php @@ -319,7 +319,7 @@ class CI_Config { } } - return $base_url.ltrim($this->_uri_string($uri), '/'); + return $base_url.$this->_uri_string($uri); } // ------------------------------------------------------------- @@ -337,11 +337,8 @@ class CI_Config { { if ($this->item('enable_query_strings') === FALSE) { - if (is_array($uri)) - { - $uri = implode('/', $uri); - } - return trim($uri, '/'); + is_array($uri) && $uri = implode('/', $uri); + return ltrim($uri, '/'); } elseif (is_array($uri)) { -- cgit v1.2.3-24-g4f1b From e13fa9fdb3f2e311bd7331e49b26889f24bc81cb Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 20 May 2016 17:30:07 +0300 Subject: Merge pull request #4638 from kasimtan/phpdoc_fixes [ci skip] Fixed PHPDoc parameter name and type discrepancies --- system/core/Loader.php | 2 +- system/core/Log.php | 2 +- system/core/Output.php | 2 +- system/core/compat/standard.php | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) (limited to 'system/core') diff --git a/system/core/Loader.php b/system/core/Loader.php index c742ae71a..d2c350816 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -1106,7 +1106,7 @@ class CI_Loader { * @used-by CI_Loader::_ci_load_library() * @uses CI_Loader::_ci_init_library() * - * @param string $library Library name to load + * @param string $library_name Library name to load * @param string $file_path Path to the library filename, relative to libraries/ * @param mixed $params Optional parameters to pass to the class constructor * @param string $object_name Optional object name to assign to diff --git a/system/core/Log.php b/system/core/Log.php index 1abdaa00e..986121526 100644 --- a/system/core/Log.php +++ b/system/core/Log.php @@ -237,7 +237,7 @@ class CI_Log { * * @param string $level The error level * @param string $date Formatted date string - * @param string $msg The log message + * @param string $message The log message * @return string Formatted log line with a new line character '\n' at the end */ protected function _format_line($level, $date, $message) diff --git a/system/core/Output.php b/system/core/Output.php index ec9c21b91..06ff1011c 100644 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -285,7 +285,7 @@ class CI_Output { /** * Get Header * - * @param string $header_name + * @param string $header * @return string */ public function get_header($header) diff --git a/system/core/compat/standard.php b/system/core/compat/standard.php index 47d47aeff..c54cab951 100644 --- a/system/core/compat/standard.php +++ b/system/core/compat/standard.php @@ -62,7 +62,7 @@ if ( ! function_exists('array_column')) * array_column() * * @link http://php.net/array_column - * @param string $array + * @param array $array * @param mixed $column_key * @param mixed $index_key * @return array -- cgit v1.2.3-24-g4f1b From 9fd9248a2d712d5ae95bf2e6c6cd036e6b522cbb Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 19 Jul 2016 14:04:17 +0300 Subject: Fix #4679 --- system/core/Input.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'system/core') diff --git a/system/core/Input.php b/system/core/Input.php index 50ca047e8..b81d51ebf 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -519,9 +519,9 @@ class CI_Input { if ($separator === ':') { $netaddr = explode(':', str_replace('::', str_repeat(':', 9 - substr_count($netaddr, ':')), $netaddr)); - for ($i = 0; $i < 8; $i++) + for ($j = 0; $j < 8; $j++) { - $netaddr[$i] = intval($netaddr[$i], 16); + $netaddr[$i] = intval($netaddr[$j], 16); } } else -- cgit v1.2.3-24-g4f1b From 85f3d1ae7fb2da9e0dd364cc91d623040f8b3666 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 25 Jul 2016 10:28:21 +0300 Subject: Merge pull request #4724 from tianhe1986/develop_is_https_strtolower Compare X-Forwarded-Proto case-insensitively --- system/core/Common.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Common.php b/system/core/Common.php index b87ce4d62..85e18e406 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -355,7 +355,7 @@ if ( ! function_exists('is_https')) { return TRUE; } - elseif (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https') + elseif (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && strtolower($_SERVER['HTTP_X_FORWARDED_PROTO']) === 'https') { return TRUE; } -- cgit v1.2.3-24-g4f1b From 384a46150d3014e914c4780a550513395d4bed83 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 25 Jul 2016 10:30:04 +0300 Subject: Merge pull request #4725 from tianhe1986/develop_url_encode_case_insensitive Fix remove_invisible_characters() for URL-encoded characters in upper case --- system/core/Common.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'system/core') diff --git a/system/core/Common.php b/system/core/Common.php index 85e18e406..d66649f59 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -716,8 +716,8 @@ if ( ! function_exists('remove_invisible_characters')) // carriage return (dec 13) and horizontal tab (dec 09) if ($url_encoded) { - $non_displayables[] = '/%0[0-8bcef]/'; // url encoded 00-08, 11, 12, 14, 15 - $non_displayables[] = '/%1[0-9a-f]/'; // url encoded 16-31 + $non_displayables[] = '/%0[0-8bcef]/i'; // url encoded 00-08, 11, 12, 14, 15 + $non_displayables[] = '/%1[0-9a-f]/i'; // url encoded 16-31 } $non_displayables[] = '/[\x00-\x08\x0B\x0C\x0E-\x1F\x7F]+/S'; // 00-08, 11, 12, 14-31, 127 -- cgit v1.2.3-24-g4f1b From 606ad654dcbc9f0fc30f00ce6574918790ee0d1e Mon Sep 17 00:00:00 2001 From: Claudio Galdiolo Date: Thu, 7 Jul 2016 15:32:12 -0400 Subject: Prepare for 3.1.0 release --- system/core/CodeIgniter.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index aef0d3a5d..2525edae2 100644 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -55,7 +55,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @var string * */ - define('CI_VERSION', '3.0.7-dev'); + define('CI_VERSION', '3.1.0'); /* * ------------------------------------------------------ -- cgit v1.2.3-24-g4f1b From 0b9540209499fbd0515e13fdc66e85dea4b6baad Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 26 Jul 2016 20:52:30 +0300 Subject: [ci skip] Mark the start of 3.1.1 development --- system/core/CodeIgniter.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index 2525edae2..70f33d5ed 100644 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -55,7 +55,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @var string * */ - define('CI_VERSION', '3.1.0'); + define('CI_VERSION', '3.1.1-dev'); /* * ------------------------------------------------------ -- cgit v1.2.3-24-g4f1b From a838279625becfba98ccb7635d35c67297129c42 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 28 Jul 2016 16:40:12 +0300 Subject: Remove dead code written for PHP 5.2 --- system/core/CodeIgniter.php | 6 +- system/core/Security.php | 7 +- system/core/compat/password.php | 2 +- system/core/compat/standard.php | 207 ---------------------------------------- 4 files changed, 3 insertions(+), 219 deletions(-) (limited to 'system/core') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index 70f33d5ed..22072e983 100644 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -416,11 +416,7 @@ if ( ! is_php('5.4')) $params = array($method, array_slice($URI->rsegments, 2)); $method = '_remap'; } - // WARNING: It appears that there are issues with is_callable() even in PHP 5.2! - // Furthermore, there are bug reports and feature/change requests related to it - // that make it unreliable to use in this context. Please, DO NOT change this - // work-around until a better alternative is available. - elseif ( ! in_array(strtolower($method), array_map('strtolower', get_class_methods($class)), TRUE)) + elseif ( ! is_callable(array($class, $method))) { $e404 = TRUE; } diff --git a/system/core/Security.php b/system/core/Security.php index d5305d1ca..a29070095 100644 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -678,12 +678,7 @@ class CI_Security { { if ( ! isset($_entities)) { - $_entities = array_map( - 'strtolower', - is_php('5.3.4') - ? get_html_translation_table(HTML_ENTITIES, $flag, $charset) - : get_html_translation_table(HTML_ENTITIES, $flag) - ); + $_entities = array_map('strtolower', get_html_translation_table(HTML_ENTITIES, $flag, $charset)); // If we're not on PHP 5.4+, add the possibly dangerous HTML 5 // entities to the array manually diff --git a/system/core/compat/password.php b/system/core/compat/password.php index 76dd2cf0a..1b5219e7b 100644 --- a/system/core/compat/password.php +++ b/system/core/compat/password.php @@ -50,7 +50,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); // ------------------------------------------------------------------------ -if (is_php('5.5') OR ! is_php('5.3.7') OR ! defined('CRYPT_BLOWFISH') OR CRYPT_BLOWFISH !== 1 OR defined('HHVM_VERSION')) +if (is_php('5.5') OR ! defined('CRYPT_BLOWFISH') OR CRYPT_BLOWFISH !== 1 OR defined('HHVM_VERSION')) { return; } diff --git a/system/core/compat/standard.php b/system/core/compat/standard.php index c54cab951..c839c9bc9 100644 --- a/system/core/compat/standard.php +++ b/system/core/compat/standard.php @@ -180,210 +180,3 @@ if ( ! function_exists('hex2bin')) return pack('H*', $data); } } - -// ------------------------------------------------------------------------ - -if (is_php('5.3')) -{ - return; -} - -// ------------------------------------------------------------------------ - -if ( ! function_exists('array_replace')) -{ - /** - * array_replace() - * - * @link http://php.net/array_replace - * @return array - */ - function array_replace() - { - $arrays = func_get_args(); - - if (($c = count($arrays)) === 0) - { - trigger_error('array_replace() expects at least 1 parameter, 0 given', E_USER_WARNING); - return NULL; - } - elseif ($c === 1) - { - if ( ! is_array($arrays[0])) - { - trigger_error('array_replace(): Argument #1 is not an array', E_USER_WARNING); - return NULL; - } - - return $arrays[0]; - } - - $array = array_shift($arrays); - $c--; - - for ($i = 0; $i < $c; $i++) - { - if ( ! is_array($arrays[$i])) - { - trigger_error('array_replace(): Argument #'.($i + 2).' is not an array', E_USER_WARNING); - return NULL; - } - elseif (empty($arrays[$i])) - { - continue; - } - - foreach (array_keys($arrays[$i]) as $key) - { - $array[$key] = $arrays[$i][$key]; - } - } - - return $array; - } -} - -// ------------------------------------------------------------------------ - -if ( ! function_exists('array_replace_recursive')) -{ - /** - * array_replace_recursive() - * - * @link http://php.net/array_replace_recursive - * @return array - */ - function array_replace_recursive() - { - $arrays = func_get_args(); - - if (($c = count($arrays)) === 0) - { - trigger_error('array_replace_recursive() expects at least 1 parameter, 0 given', E_USER_WARNING); - return NULL; - } - elseif ($c === 1) - { - if ( ! is_array($arrays[0])) - { - trigger_error('array_replace_recursive(): Argument #1 is not an array', E_USER_WARNING); - return NULL; - } - - return $arrays[0]; - } - - $array = array_shift($arrays); - $c--; - - for ($i = 0; $i < $c; $i++) - { - if ( ! is_array($arrays[$i])) - { - trigger_error('array_replace_recursive(): Argument #'.($i + 2).' is not an array', E_USER_WARNING); - return NULL; - } - elseif (empty($arrays[$i])) - { - continue; - } - - foreach (array_keys($arrays[$i]) as $key) - { - $array[$key] = (is_array($arrays[$i][$key]) && isset($array[$key]) && is_array($array[$key])) - ? array_replace_recursive($array[$key], $arrays[$i][$key]) - : $arrays[$i][$key]; - } - } - - return $array; - } -} - -// ------------------------------------------------------------------------ - -if ( ! function_exists('quoted_printable_encode')) -{ - /** - * quoted_printable_encode() - * - * @link http://php.net/quoted_printable_encode - * @param string $str - * @return string - */ - function quoted_printable_encode($str) - { - if (strlen($str) === 0) - { - return ''; - } - elseif (in_array($type = gettype($str), array('array', 'object'), TRUE)) - { - if ($type === 'object' && method_exists($str, '__toString')) - { - $str = (string) $str; - } - else - { - trigger_error('quoted_printable_encode() expects parameter 1 to be string, '.$type.' given', E_USER_WARNING); - return NULL; - } - } - - if (function_exists('imap_8bit')) - { - return imap_8bit($str); - } - - $i = $lp = 0; - $output = ''; - $hex = '0123456789ABCDEF'; - $length = (extension_loaded('mbstring') && ini_get('mbstring.func_overload')) - ? mb_strlen($str, '8bit') - : strlen($str); - - while ($length--) - { - if ((($c = $str[$i++]) === "\015") && isset($str[$i]) && ($str[$i] === "\012") && $length > 0) - { - $output .= "\015".$str[$i++]; - $length--; - $lp = 0; - continue; - } - - if ( - ctype_cntrl($c) - OR (ord($c) === 0x7f) - OR (ord($c) & 0x80) - OR ($c === '=') - OR ($c === ' ' && isset($str[$i]) && $str[$i] === "\015") - ) - { - if ( - (($lp += 3) > 75 && ord($c) <= 0x7f) - OR (ord($c) > 0x7f && ord($c) <= 0xdf && ($lp + 3) > 75) - OR (ord($c) > 0xdf && ord($c) <= 0xef && ($lp + 6) > 75) - OR (ord($c) > 0xef && ord($c) <= 0xf4 && ($lp + 9) > 75) - ) - { - $output .= "=\015\012"; - $lp = 3; - } - - $output .= '='.$hex[ord($c) >> 4].$hex[ord($c) & 0xf]; - continue; - } - - if ((++$lp) > 75) - { - $output .= "=\015\012"; - $lp = 1; - } - - $output .= $c; - } - - return $output; - } -} -- cgit v1.2.3-24-g4f1b From ca102a05b1403c573f03c4cdb7fbba15ab99fe87 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 28 Jul 2016 17:22:21 +0300 Subject: [ci skip] Use const keyword to define CI_VERSION Because. --- system/core/CodeIgniter.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index 22072e983..804c6856d 100644 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -55,7 +55,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @var string * */ - define('CI_VERSION', '3.1.1-dev'); + const CI_VERSION = '3.1.1-dev'; /* * ------------------------------------------------------ -- cgit v1.2.3-24-g4f1b From c114deba71fdbbb0b7087696960f15e5ae0a08c5 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 19 Aug 2016 19:17:59 +0300 Subject: Merge pull request #4777 from tianhe1986/develop_error_handler Add E_PARSE to errors detected by shutdown handler --- system/core/Common.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Common.php b/system/core/Common.php index d66649f59..2c7651943 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -598,7 +598,7 @@ if ( ! function_exists('_error_handler')) */ function _error_handler($severity, $message, $filepath, $line) { - $is_error = (((E_ERROR | E_COMPILE_ERROR | E_CORE_ERROR | E_USER_ERROR) & $severity) === $severity); + $is_error = (((E_ERROR | E_PARSE | E_COMPILE_ERROR | E_CORE_ERROR | E_USER_ERROR) & $severity) === $severity); // When an error occurred, set the status header to '500 Internal Server Error' // to indicate to the client something went wrong. -- cgit v1.2.3-24-g4f1b From fa1ca8bdee7021a67f58a5278900266c16ef7cd7 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 22 Aug 2016 14:13:54 +0300 Subject: Merge pull request #4780 from tianhe1986/develop_standard_hex2bin [ci skip] Trigger error for "resource" type in hex2bin() inputs --- system/core/compat/standard.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/compat/standard.php b/system/core/compat/standard.php index c839c9bc9..6b7caa485 100644 --- a/system/core/compat/standard.php +++ b/system/core/compat/standard.php @@ -153,7 +153,7 @@ if ( ! function_exists('hex2bin')) */ function hex2bin($data) { - if (in_array($type = gettype($data), array('array', 'double', 'object'), TRUE)) + if (in_array($type = gettype($data), array('array', 'double', 'object', 'resource'), TRUE)) { if ($type === 'object' && method_exists($data, '__toString')) { -- cgit v1.2.3-24-g4f1b From a9d83fb0ddef91f0fb386cbe8bdb9cef69ca2af3 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 23 Aug 2016 14:07:11 +0300 Subject: Merge pull request #4781 from tianhe1986/develop_hash_pbkdf2 Hash: processing algorithm name case-insensitively in hash_pbkdf2() --- system/core/compat/hash.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/compat/hash.php b/system/core/compat/hash.php index 6854e4c26..d567d0f80 100644 --- a/system/core/compat/hash.php +++ b/system/core/compat/hash.php @@ -119,7 +119,7 @@ if ( ! function_exists('hash_pbkdf2')) */ function hash_pbkdf2($algo, $password, $salt, $iterations, $length = 0, $raw_output = FALSE) { - if ( ! in_array($algo, hash_algos(), TRUE)) + if ( ! in_array(strtolower($algo), hash_algos(), TRUE)) { trigger_error('hash_pbkdf2(): Unknown hashing algorithm: '.$algo, E_USER_WARNING); return FALSE; -- cgit v1.2.3-24-g4f1b From 1d0bd83d0f4b9f133bf9657113fc50d57d767762 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 29 Aug 2016 14:14:54 +0300 Subject: Merge pull request #4785 from guitarrist/develop [ci skip] Fix a comment typo --- system/core/Security.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Security.php b/system/core/Security.php index a29070095..3a5da4fde 100644 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -230,7 +230,7 @@ class CI_Security { $this->csrf_show_error(); } - // We kill this since we're done and we don't want to polute the _POST array + // We kill this since we're done and we don't want to pollute the _POST array unset($_POST[$this->_csrf_token_name]); // Regenerate on every submission? -- cgit v1.2.3-24-g4f1b From eea02de557834006c5d6a0bfccca7f39e75bf3a8 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 27 Sep 2016 14:59:37 +0300 Subject: Fix entity_decode() issue --- system/core/Security.php | 39 ++++++++++++++++++++++----------------- 1 file changed, 22 insertions(+), 17 deletions(-) (limited to 'system/core') diff --git a/system/core/Security.php b/system/core/Security.php index 3a5da4fde..4a69daa18 100644 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -669,6 +669,22 @@ class CI_Security { ? ENT_COMPAT | ENT_HTML5 : ENT_COMPAT; + if ( ! isset($_entities)) + { + $_entities = array_map('strtolower', get_html_translation_table(HTML_ENTITIES, $flag, $charset)); + + // If we're not on PHP 5.4+, add the possibly dangerous HTML 5 + // entities to the array manually + if ($flag === ENT_COMPAT) + { + $_entities[':'] = ':'; + $_entities['('] = '('; + $_entities[')'] = ')'; + $_entities["\n"] = ' '; + $_entities["\t"] = ' '; + } + } + do { $str_compare = $str; @@ -676,22 +692,6 @@ class CI_Security { // Decode standard entities, avoiding false positives if (preg_match_all('/&[a-z]{2,}(?![a-z;])/i', $str, $matches)) { - if ( ! isset($_entities)) - { - $_entities = array_map('strtolower', get_html_translation_table(HTML_ENTITIES, $flag, $charset)); - - // If we're not on PHP 5.4+, add the possibly dangerous HTML 5 - // entities to the array manually - if ($flag === ENT_COMPAT) - { - $_entities[':'] = ':'; - $_entities['('] = '('; - $_entities[')'] = ')'; - $_entities["\n"] = '&newline;'; - $_entities["\t"] = '&tab;'; - } - } - $replace = array(); $matches = array_unique(array_map('strtolower', $matches[0])); foreach ($matches as &$match) @@ -702,7 +702,7 @@ class CI_Security { } } - $str = str_ireplace(array_keys($replace), array_values($replace), $str); + $str = str_replace(array_keys($replace), array_values($replace), $str); } // Decode numeric & UTF16 two byte entities @@ -711,6 +711,11 @@ class CI_Security { $flag, $charset ); + + if ($flag === ENT_COMPAT) + { + $str = str_replace(array_values($_entities), array_keys($_entities), $str); + } } while ($str_compare !== $str); return $str; -- cgit v1.2.3-24-g4f1b From f2f6d8a70ca35930da798c1e2da134c810a17158 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 11 Oct 2016 16:00:57 +0300 Subject: [ci skip] Add new HTTP status codes https://tools.ietf.org/html/rfc2817 https://tools.ietf.org/html/rfc6585 Requested in #4835 --- system/core/Common.php | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Common.php b/system/core/Common.php index 2c7651943..257763dd3 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -544,13 +544,18 @@ if ( ! function_exists('set_status_header')) 416 => 'Requested Range Not Satisfiable', 417 => 'Expectation Failed', 422 => 'Unprocessable Entity', + 426 => 'Upgrade Required', + 428 => 'Precondition Required', + 429 => 'Too Many Requests', + 431 => 'Request Header Fields Too Large', 500 => 'Internal Server Error', 501 => 'Not Implemented', 502 => 'Bad Gateway', 503 => 'Service Unavailable', 504 => 'Gateway Timeout', - 505 => 'HTTP Version Not Supported' + 505 => 'HTTP Version Not Supported', + 511 => 'Network Authentication Required', ); if (isset($stati[$code])) -- cgit v1.2.3-24-g4f1b From 4ffe6345690f81872d0937e562faaf75f3185b6a Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 21 Oct 2016 16:30:31 +0300 Subject: Fix #4865 --- system/core/Common.php | 1 + system/core/Exceptions.php | 1 - 2 files changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Common.php b/system/core/Common.php index 257763dd3..91c585f7d 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -661,6 +661,7 @@ if ( ! function_exists('_exception_handler')) $_error =& load_class('Exceptions', 'core'); $_error->log_exception('error', 'Exception: '.$exception->getMessage(), $exception->getFile(), $exception->getLine()); + is_cli() OR set_status_header(500); // Should we display the error? if (str_ireplace(array('off', 'none', 'no', 'false', 'null'), '', ini_get('display_errors'))) { diff --git a/system/core/Exceptions.php b/system/core/Exceptions.php index a1c6a1970..4e10f2831 100644 --- a/system/core/Exceptions.php +++ b/system/core/Exceptions.php @@ -207,7 +207,6 @@ class CI_Exceptions { } else { - set_status_header(500); $templates_path .= 'html'.DIRECTORY_SEPARATOR; } -- cgit v1.2.3-24-g4f1b From 378627bb0e0cfb433299a6d832c18099e5c1dc9c Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 22 Oct 2016 16:48:35 +0300 Subject: [ci skip] Prepare for 3.1.1 release --- system/core/CodeIgniter.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index 804c6856d..c5d26e52b 100644 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -55,7 +55,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @var string * */ - const CI_VERSION = '3.1.1-dev'; + const CI_VERSION = '3.1.1'; /* * ------------------------------------------------------ -- cgit v1.2.3-24-g4f1b From 40282340cd7de02cbe8297f557b7d3e23cbc652a Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 26 Oct 2016 17:41:18 +0300 Subject: Fix #4877 --- system/core/Security.php | 34 +++++++++++++++++++++++++++++----- 1 file changed, 29 insertions(+), 5 deletions(-) (limited to 'system/core') diff --git a/system/core/Security.php b/system/core/Security.php index 4a69daa18..b9160a252 100644 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -371,11 +371,17 @@ class CI_Security { * * Note: Use rawurldecode() so it does not remove plus signs */ - do + if (stripos($str, '%') !== false) { - $str = rawurldecode($str); + do + { + $oldstr = $str; + $str = rawurldecode($str); + $str = preg_replace_callback('#%(?:\s*[0-9a-f]){2,}#i', array($this, '_urldecodespaces'), $str); + } + while ($oldstr !== $str); + unset($oldstr); } - while (preg_match('/%[0-9a-f]{2,}/i', $str)); /* * Convert character entities to ASCII @@ -466,7 +472,7 @@ class CI_Security { if (preg_match('/]+([^>]*?)(?:>|$)#si', array($this, '_js_link_removal'), $str); + $str = preg_replace_callback('#]+([^>]*?)(?:>|$)#si', array($this, '_js_link_removal'), $str); } if (preg_match('/ Date: Thu, 27 Oct 2016 15:06:46 +0300 Subject: [ci skip] This is 3.1.2-dev --- system/core/CodeIgniter.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index c5d26e52b..6562e99a2 100644 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -55,7 +55,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @var string * */ - const CI_VERSION = '3.1.1'; + const CI_VERSION = '3.1.2-dev'; /* * ------------------------------------------------------ -- cgit v1.2.3-24-g4f1b From 7bc882384ef4c442fb4edd699c8dd15bbd22e429 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 27 Oct 2016 15:41:23 +0300 Subject: Close #4875 --- system/core/CodeIgniter.php | 21 ++++++++++++++++++++- 1 file changed, 20 insertions(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index 6562e99a2..32ad61899 100644 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -416,10 +416,29 @@ if ( ! is_php('5.4')) $params = array($method, array_slice($URI->rsegments, 2)); $method = '_remap'; } - elseif ( ! is_callable(array($class, $method))) + elseif ( ! method_exists($class, $method)) { $e404 = TRUE; } + /** + * DO NOT CHANGE THIS, NOTHING ELSE WORKS! + * + * - method_exists() returns true for non-public methods, which passes the previous elseif + * - is_callable() returns false for PHP 4-style constructors, even if there's a __construct() + * - method_exists($class, '__construct') won't work because CI_Controller::__construct() is inherited + * - People will only complain if this doesn't work, even though it is documented that it shouldn't. + * + * ReflectionMethod::isConstructor() is the ONLY reliable check, + * knowing which method will be executed as a constructor. + */ + elseif ( ! is_callable(array($class, $method)) && strcasecmp($class, $method) === 0) + { + $reflection = new ReflectionMethod($class, $method); + if ( ! $reflection->isPublic() OR $reflection->isConstructor()) + { + $e404 = TRUE; + } + } } if ($e404) -- cgit v1.2.3-24-g4f1b From 4e2cdec6ff4b4af5f994be4c348ad3b9a9a2942f Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 28 Oct 2016 14:19:08 +0300 Subject: Improve byte-safety --- system/core/Log.php | 53 ++++++++++++++++++++++++++++++++++++++++-- system/core/Output.php | 62 ++++++++++++++++++++++++++++++++++++++++++++------ 2 files changed, 106 insertions(+), 9 deletions(-) (limited to 'system/core') diff --git a/system/core/Log.php b/system/core/Log.php index 986121526..cf6c75a95 100644 --- a/system/core/Log.php +++ b/system/core/Log.php @@ -104,6 +104,13 @@ class CI_Log { */ protected $_levels = array('ERROR' => 1, 'DEBUG' => 2, 'INFO' => 3, 'ALL' => 4); + /** + * mbstring.func_override flag + * + * @var bool + */ + protected static $func_override; + // -------------------------------------------------------------------- /** @@ -115,6 +122,8 @@ class CI_Log { { $config =& get_config(); + isset(self::$func_override) OR self::$func_override = (extension_loaded('mbstring') && ini_get('mbstring.func_override')); + $this->_log_path = ($config['log_path'] !== '') ? $config['log_path'] : APPPATH.'logs/'; $this->_file_ext = (isset($config['log_file_extension']) && $config['log_file_extension'] !== '') ? ltrim($config['log_file_extension'], '.') : 'php'; @@ -208,9 +217,9 @@ class CI_Log { $message .= $this->_format_line($level, $date, $msg); - for ($written = 0, $length = strlen($message); $written < $length; $written += $result) + for ($written = 0, $length = self::strlen($message); $written < $length; $written += $result) { - if (($result = fwrite($fp, substr($message, $written))) === FALSE) + if (($result = fwrite($fp, self::substr($message, $written))) === FALSE) { break; } @@ -244,4 +253,44 @@ class CI_Log { { return $level.' - '.$date.' --> '.$message."\n"; } + + // -------------------------------------------------------------------- + + /** + * Byte-safe strlen() + * + * @param string $str + * @return int + */ + protected static function strlen($str) + { + return (self::$func_override) + ? mb_strlen($str, '8bit') + : strlen($str); + } + + // -------------------------------------------------------------------- + + /** + * Byte-safe substr() + * + * @param string $str + * @param int $start + * @param int $length + * @return string + */ + protected static function substr($str, $start, $length = NULL) + { + if (self::$func_override) + { + // mb_substr($str, $start, null, '8bit') returns an empty + // string on PHP 5.3 + isset($length) OR $length = ($start >= 0 ? self::strlen($str) - $start : -$start); + return mb_substr($str, $start, $length, '8bit'); + } + + return isset($length) + ? substr($str, $start, $length) + : substr($str, $start); + } } diff --git a/system/core/Output.php b/system/core/Output.php index 06ff1011c..cf6510ff1 100644 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -122,6 +122,13 @@ class CI_Output { */ public $parse_exec_vars = TRUE; + /** + * mbstring.func_override flag + * + * @var bool + */ + protected static $func_override; + /** * Class constructor * @@ -138,6 +145,8 @@ class CI_Output { && extension_loaded('zlib') ); + isset(self::$func_override) OR self::$func_override = (extension_loaded('mbstring') && ini_get('mbstring.func_override')); + // Get mime types for later $this->mimes =& get_mimes(); @@ -304,9 +313,9 @@ class CI_Output { for ($i = 0, $c = count($headers); $i < $c; $i++) { - if (strncasecmp($header, $headers[$i], $l = strlen($header)) === 0) + if (strncasecmp($header, $headers[$i], $l = self::strlen($header)) === 0) { - return trim(substr($headers[$i], $l+1)); + return trim(self::substr($headers[$i], $l+1)); } } @@ -480,13 +489,13 @@ class CI_Output { if (isset($_SERVER['HTTP_ACCEPT_ENCODING']) && strpos($_SERVER['HTTP_ACCEPT_ENCODING'], 'gzip') !== FALSE) { header('Content-Encoding: gzip'); - header('Content-Length: '.strlen($output)); + header('Content-Length: '.self::strlen($output)); } else { // User agent doesn't support gzip compression, // so we'll have to decompress our cache - $output = gzinflate(substr($output, 10, -8)); + $output = gzinflate(self::substr($output, 10, -8)); } } @@ -601,9 +610,9 @@ class CI_Output { $output = $cache_info.'ENDCI--->'.$output; - for ($written = 0, $length = strlen($output); $written < $length; $written += $result) + for ($written = 0, $length = self::strlen($output); $written < $length; $written += $result) { - if (($result = fwrite($fp, substr($output, $written))) === FALSE) + if (($result = fwrite($fp, self::substr($output, $written))) === FALSE) { break; } @@ -711,7 +720,7 @@ class CI_Output { } // Display the cache - $this->_display(substr($cache, strlen($match[0]))); + $this->_display(self::substr($cache, self::strlen($match[0]))); log_message('debug', 'Cache file is current. Sending it to browser.'); return TRUE; } @@ -797,4 +806,43 @@ class CI_Output { } } + // -------------------------------------------------------------------- + + /** + * Byte-safe strlen() + * + * @param string $str + * @return int + */ + protected static function strlen($str) + { + return (self::$func_override) + ? mb_strlen($str, '8bit') + : strlen($str); + } + + // -------------------------------------------------------------------- + + /** + * Byte-safe substr() + * + * @param string $str + * @param int $start + * @param int $length + * @return string + */ + protected static function substr($str, $start, $length = NULL) + { + if (self::$func_override) + { + // mb_substr($str, $start, null, '8bit') returns an empty + // string on PHP 5.3 + isset($length) OR $length = ($start >= 0 ? self::strlen($str) - $start : -$start); + return mb_substr($str, $start, $length, '8bit'); + } + + return isset($length) + ? substr($str, $start, $length) + : substr($str, $start); + } } -- cgit v1.2.3-24-g4f1b From 57fa143448577b670d8dd0e02b6e4cf31c4a7cff Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 28 Oct 2016 17:46:31 +0300 Subject: [ci skip] xss_clean() hardening - percent-sign tag (IE) - data: URI scheme inclinding whitespace (Chrome) --- system/core/Security.php | 21 +++++++++++---------- 1 file changed, 11 insertions(+), 10 deletions(-) (limited to 'system/core') diff --git a/system/core/Security.php b/system/core/Security.php index b9160a252..d0308c5f9 100644 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -133,15 +133,16 @@ class CI_Security { * @var array */ protected $_never_allowed_str = array( - 'document.cookie' => '[removed]', - 'document.write' => '[removed]', - '.parentNode' => '[removed]', - '.innerHTML' => '[removed]', - '-moz-binding' => '[removed]', - '' => '-->', - ' '<![CDATA[', - '' => '<comment>' + 'document.cookie' => '[removed]', + 'document.write' => '[removed]', + '.parentNode' => '[removed]', + '.innerHTML' => '[removed]', + '-moz-binding' => '[removed]', + '' => '-->', + ' '<![CDATA[', + '' => '<comment>', + '<%' => '<%' ); /** @@ -924,7 +925,7 @@ class CI_Security { return str_replace( $match[1], preg_replace( - '#href=.*?(?:(?:alert|prompt|confirm)(?:\(|&\#40;)|javascript:|livescript:|mocha:|charset=|window\.|document\.|\.cookie|_filter_attributes($match[1]) ), -- cgit v1.2.3-24-g4f1b From a1f830dedc53e31a48c8722ed11e3e645526bdcc Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 28 Oct 2016 17:59:47 +0300 Subject: [ci skip] Prepare for 3.1.2 release --- system/core/CodeIgniter.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index 32ad61899..a2067fb10 100644 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -55,7 +55,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @var string * */ - const CI_VERSION = '3.1.2-dev'; + const CI_VERSION = '3.1.2'; /* * ------------------------------------------------------ -- cgit v1.2.3-24-g4f1b From 499c6080cd41927df088206155e4055d4da3e58e Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 28 Oct 2016 18:28:34 +0300 Subject: [ci skip] Mark the start of 3.1.3-dev --- system/core/CodeIgniter.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index a2067fb10..71656be29 100644 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -55,7 +55,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @var string * */ - const CI_VERSION = '3.1.2'; + const CI_VERSION = '3.1.3-dev'; /* * ------------------------------------------------------ -- cgit v1.2.3-24-g4f1b From 3a89d3c05303d25486576de3d056f39585decfe4 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 3 Nov 2016 16:26:31 +0200 Subject: Fix #4679, for real --- system/core/Input.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Input.php b/system/core/Input.php index b81d51ebf..24fe8a9cc 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -521,7 +521,7 @@ class CI_Input { $netaddr = explode(':', str_replace('::', str_repeat(':', 9 - substr_count($netaddr, ':')), $netaddr)); for ($j = 0; $j < 8; $j++) { - $netaddr[$i] = intval($netaddr[$j], 16); + $netaddr[$j] = intval($netaddr[$j], 16); } } else -- cgit v1.2.3-24-g4f1b From 4015f9bd8342ad9e05ceae517967719907997434 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 14 Nov 2016 10:22:59 +0200 Subject: Fix #4905 --- system/core/Loader.php | 40 ++++++++-------------------------------- 1 file changed, 8 insertions(+), 32 deletions(-) (limited to 'system/core') diff --git a/system/core/Loader.php b/system/core/Loader.php index d2c350816..1111481b7 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -591,15 +591,21 @@ class CI_Loader { */ public function helper($helpers = array()) { - foreach ($this->_ci_prep_filename($helpers, '_helper') as $helper) + is_array($helpers) OR $helpers = array($helpers); + foreach ($helpers as &$helper) { + $filename = basename($helper); + $filepath = ($filename === $helper) ? '' : substr($helper, 0, strlen($helper) - strlen($filename)); + $filename = strtolower(preg_replace('#(_helper)?(.php)?$#i', '', $filename)).'_helper'; + $helper = $filepath.$filename; + if (isset($this->_ci_helpers[$helper])) { continue; } // Is this a helper extension request? - $ext_helper = config_item('subclass_prefix').$helper; + $ext_helper = config_item('subclass_prefix').$filename; $ext_loaded = FALSE; foreach ($this->_ci_helper_paths as $path) { @@ -1404,34 +1410,4 @@ class CI_Loader { $CI =& get_instance(); return $CI->$component; } - - // -------------------------------------------------------------------- - - /** - * Prep filename - * - * This function prepares filenames of various items to - * make their loading more reliable. - * - * @param string|string[] $filename Filename(s) - * @param string $extension Filename extension - * @return array - */ - protected function _ci_prep_filename($filename, $extension) - { - if ( ! is_array($filename)) - { - return array(strtolower(str_replace(array($extension, '.php'), '', $filename).$extension)); - } - else - { - foreach ($filename as $key => $val) - { - $filename[$key] = strtolower(str_replace(array($extension, '.php'), '', $val).$extension); - } - - return $filename; - } - } - } -- cgit v1.2.3-24-g4f1b From e377910ccf826b448203513bf63bd5721bbd1375 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 1 Dec 2016 13:48:58 +0200 Subject: Fix #4927 --- system/core/Output.php | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'system/core') diff --git a/system/core/Output.php b/system/core/Output.php index cf6510ff1..57c78ab19 100644 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -311,11 +311,12 @@ class CI_Output { return NULL; } - for ($i = 0, $c = count($headers); $i < $c; $i++) + // Count backwards, in order to get the last matching header + for ($c = count($headers) - 1; $c > -1; $c--) { - if (strncasecmp($header, $headers[$i], $l = self::strlen($header)) === 0) + if (strncasecmp($header, $headers[$c], $l = self::strlen($header)) === 0) { - return trim(self::substr($headers[$i], $l+1)); + return trim(self::substr($headers[$c], $l+1)); } } -- cgit v1.2.3-24-g4f1b From 5d6e77b092ca8f1700a7407bf59bcab6b0e30808 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 1 Dec 2016 17:14:35 +0200 Subject: [ci skip] Fix #4928 --- system/core/CodeIgniter.php | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index 71656be29..c9cb5c89f 100644 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -67,7 +67,10 @@ defined('BASEPATH') OR exit('No direct script access allowed'); require_once(APPPATH.'config/'.ENVIRONMENT.'/constants.php'); } - require_once(APPPATH.'config/constants.php'); + if (file_exists(APPPATH.'config/constants.php')) + { + require_once(APPPATH.'config/constants.php'); + } /* * ------------------------------------------------------ -- cgit v1.2.3-24-g4f1b From da60e9bc66ec90970fbd2dfd08b0a6e66b9f5f5f Mon Sep 17 00:00:00 2001 From: Master Yoda Date: Sat, 31 Dec 2016 08:46:18 -0800 Subject: Update copyright data to 2017 --- system/core/Benchmark.php | 4 ++-- system/core/CodeIgniter.php | 4 ++-- system/core/Common.php | 4 ++-- system/core/Config.php | 4 ++-- system/core/Controller.php | 4 ++-- system/core/Exceptions.php | 4 ++-- system/core/Hooks.php | 4 ++-- system/core/Input.php | 4 ++-- system/core/Lang.php | 4 ++-- system/core/Loader.php | 4 ++-- system/core/Log.php | 4 ++-- system/core/Model.php | 4 ++-- system/core/Output.php | 4 ++-- system/core/Router.php | 4 ++-- system/core/Security.php | 4 ++-- system/core/URI.php | 4 ++-- system/core/Utf8.php | 4 ++-- system/core/compat/hash.php | 4 ++-- system/core/compat/mbstring.php | 4 ++-- system/core/compat/password.php | 4 ++-- system/core/compat/standard.php | 4 ++-- 21 files changed, 42 insertions(+), 42 deletions(-) (limited to 'system/core') diff --git a/system/core/Benchmark.php b/system/core/Benchmark.php index b1d74f78f..b3ac79c62 100644 --- a/system/core/Benchmark.php +++ b/system/core/Benchmark.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2016, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) - * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com * @since Version 1.0.0 diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index c9cb5c89f..77365b1c3 100644 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2016, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) - * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com * @since Version 1.0.0 diff --git a/system/core/Common.php b/system/core/Common.php index 91c585f7d..7b3eb6a4e 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2016, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) - * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com * @since Version 1.0.0 diff --git a/system/core/Config.php b/system/core/Config.php index 9fd3e4a7d..cda62241b 100644 --- a/system/core/Config.php +++ b/system/core/Config.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2016, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) - * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com * @since Version 1.0.0 diff --git a/system/core/Controller.php b/system/core/Controller.php index 83b3df26c..59a916734 100644 --- a/system/core/Controller.php +++ b/system/core/Controller.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2016, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) - * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com * @since Version 1.0.0 diff --git a/system/core/Exceptions.php b/system/core/Exceptions.php index 4e10f2831..47d153f49 100644 --- a/system/core/Exceptions.php +++ b/system/core/Exceptions.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2016, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) - * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com * @since Version 1.0.0 diff --git a/system/core/Hooks.php b/system/core/Hooks.php index 856795cba..f2d6f21ca 100644 --- a/system/core/Hooks.php +++ b/system/core/Hooks.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2016, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) - * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com * @since Version 1.0.0 diff --git a/system/core/Input.php b/system/core/Input.php index 24fe8a9cc..d7cd29261 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2016, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) - * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com * @since Version 1.0.0 diff --git a/system/core/Lang.php b/system/core/Lang.php index 1fcff078a..569b02368 100644 --- a/system/core/Lang.php +++ b/system/core/Lang.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2016, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) - * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com * @since Version 1.0.0 diff --git a/system/core/Loader.php b/system/core/Loader.php index 1111481b7..0515723b4 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2016, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) - * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com * @since Version 1.0.0 diff --git a/system/core/Log.php b/system/core/Log.php index cf6c75a95..3e11b35f5 100644 --- a/system/core/Log.php +++ b/system/core/Log.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2016, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) - * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com * @since Version 1.0.0 diff --git a/system/core/Model.php b/system/core/Model.php index 941881a9f..c809e7b84 100644 --- a/system/core/Model.php +++ b/system/core/Model.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2016, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) - * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com * @since Version 1.0.0 diff --git a/system/core/Output.php b/system/core/Output.php index 57c78ab19..349955cd2 100644 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2016, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) - * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com * @since Version 1.0.0 diff --git a/system/core/Router.php b/system/core/Router.php index 045d36687..1abe4c4e5 100644 --- a/system/core/Router.php +++ b/system/core/Router.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2016, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) - * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com * @since Version 1.0.0 diff --git a/system/core/Security.php b/system/core/Security.php index d0308c5f9..8b313a9a2 100644 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2016, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) - * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com * @since Version 1.0.0 diff --git a/system/core/URI.php b/system/core/URI.php index 544f6c85f..3ccdfa7b0 100644 --- a/system/core/URI.php +++ b/system/core/URI.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2016, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) - * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com * @since Version 1.0.0 diff --git a/system/core/Utf8.php b/system/core/Utf8.php index f2f42e6ca..dfbbfff2c 100644 --- a/system/core/Utf8.php +++ b/system/core/Utf8.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2016, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) - * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com * @since Version 2.0.0 diff --git a/system/core/compat/hash.php b/system/core/compat/hash.php index d567d0f80..ba0198e10 100644 --- a/system/core/compat/hash.php +++ b/system/core/compat/hash.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2016, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) - * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com * @since Version 3.0.0 diff --git a/system/core/compat/mbstring.php b/system/core/compat/mbstring.php index 554d10040..f466e1c34 100644 --- a/system/core/compat/mbstring.php +++ b/system/core/compat/mbstring.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2016, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) - * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com * @since Version 3.0.0 diff --git a/system/core/compat/password.php b/system/core/compat/password.php index 1b5219e7b..b209cbe70 100644 --- a/system/core/compat/password.php +++ b/system/core/compat/password.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2016, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) - * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com * @since Version 3.0.0 diff --git a/system/core/compat/standard.php b/system/core/compat/standard.php index 6b7caa485..7db2efb57 100644 --- a/system/core/compat/standard.php +++ b/system/core/compat/standard.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2016, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) - * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com * @since Version 3.0.0 -- cgit v1.2.3-24-g4f1b From 2ab1c1902711c8b0caf5c3e8f2fa825d72f6755d Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 4 Jan 2017 15:26:35 +0200 Subject: Fix an XSS vulnerability --- system/core/Security.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Security.php b/system/core/Security.php index 8b313a9a2..d198b663b 100644 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -499,7 +499,7 @@ class CI_Security { * Becomes: <blink> */ $pattern = '#' - .'<((?/*\s*)(?[a-z0-9]+)(?=[^a-z0-9]|$)' // tag start and name, followed by a non-tag character + .'<((?/*\s*)((?[a-z0-9]+)(?=[^a-z0-9]|$)|.+)' // tag start and name, followed by a non-tag character .'[^\s\042\047a-z0-9>/=]*' // a valid attribute character immediately after the tag would count as a separator // optional attributes .'(?(?:[\s\042\047/=]*' // non-attribute characters, excluding > (tag close) for obvious reasons -- cgit v1.2.3-24-g4f1b From 5a2390d4d6287f2ce35cadae4713b7dcd10fdc9b Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 4 Jan 2017 16:01:27 +0200 Subject: [ci skip] Protect CSRF verification from timing side-channel attacks --- system/core/Security.php | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) (limited to 'system/core') diff --git a/system/core/Security.php b/system/core/Security.php index d198b663b..585ed90ec 100644 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -224,12 +224,9 @@ class CI_Security { } } - // Do the tokens exist in both the _POST and _COOKIE arrays? - if ( ! isset($_POST[$this->_csrf_token_name], $_COOKIE[$this->_csrf_cookie_name]) - OR $_POST[$this->_csrf_token_name] !== $_COOKIE[$this->_csrf_cookie_name]) // Do the tokens match? - { - $this->csrf_show_error(); - } + // Check CSRF token validity, but don't error on mismatch just yet - we'll want to regenerate + $valid = isset($_POST[$this->_csrf_token_name], $_COOKIE[$this->_csrf_cookie_name]) + && hash_equals($_POST[$this->_csrf_token_name], $_COOKIE[$this->_csrf_cookie_name]); // We kill this since we're done and we don't want to pollute the _POST array unset($_POST[$this->_csrf_token_name]); @@ -245,6 +242,11 @@ class CI_Security { $this->_csrf_set_hash(); $this->csrf_set_cookie(); + if ($valid !== TRUE) + { + $this->csrf_show_error(); + } + log_message('info', 'CSRF token verified'); return $this; } -- cgit v1.2.3-24-g4f1b From ec8dbbb79bb083acd1cf6beff5abea055b583db5 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 4 Jan 2017 17:01:44 +0200 Subject: Fix a possible file inclusion vulnerability in CI_Loader::vars() --- system/core/Loader.php | 58 ++++++++++++++++++++++++-------------------------- 1 file changed, 28 insertions(+), 30 deletions(-) (limited to 'system/core') diff --git a/system/core/Loader.php b/system/core/Loader.php index 0515723b4..17ff2362c 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -486,7 +486,7 @@ class CI_Loader { */ public function view($view, $vars = array(), $return = FALSE) { - return $this->_ci_load(array('_ci_view' => $view, '_ci_vars' => $this->_ci_object_to_array($vars), '_ci_return' => $return)); + return $this->_ci_load(array('_ci_view' => $view, '_ci_vars' => $this->_ci_prepare_view_vars($vars), '_ci_return' => $return)); } // -------------------------------------------------------------------- @@ -519,19 +519,13 @@ class CI_Loader { */ public function vars($vars, $val = '') { - if (is_string($vars)) - { - $vars = array($vars => $val); - } - - $vars = $this->_ci_object_to_array($vars); + $vars = is_string($vars) + ? array($vars => $val) + : $this->_ci_prepare_view_vars($vars); - if (is_array($vars) && count($vars) > 0) + foreach ($vars as $key => $val) { - foreach ($vars as $key => $val) - { - $this->_ci_cached_vars[$key] = $val; - } + $this->_ci_cached_vars[$key] = $val; } return $this; @@ -940,18 +934,7 @@ class CI_Loader { * the two types and cache them so that views that are embedded within * other views can have access to these variables. */ - if (is_array($_ci_vars)) - { - foreach (array_keys($_ci_vars) as $key) - { - if (strncmp($key, '_ci_', 4) === 0) - { - unset($_ci_vars[$key]); - } - } - - $this->_ci_cached_vars = array_merge($this->_ci_cached_vars, $_ci_vars); - } + empty($_ci_vars) OR $this->_ci_cached_vars = array_merge($this->_ci_cached_vars, $_ci_vars); extract($this->_ci_cached_vars); /* @@ -1382,17 +1365,32 @@ class CI_Loader { // -------------------------------------------------------------------- /** - * CI Object to Array translator + * Prepare variables for _ci_vars, to be later extract()-ed inside views * - * Takes an object as input and converts the class variables to - * an associative array with key/value pairs. + * Converts objects to associative arrays and filters-out internal + * variable names (i.e. keys prexied with '_ci_'). * - * @param object $object Object data to translate + * @param mixed $vars * @return array */ - protected function _ci_object_to_array($object) + protected function _ci_prepare_view_vars($vars) { - return is_object($object) ? get_object_vars($object) : $object; + if ( ! is_array($vars)) + { + $vars = is_object($vars) + ? get_object_vars($object) + : array(); + } + + foreach (array_keys($vars) as $key) + { + if (strncmp($key, '_ci_', 4) === 0) + { + unset($vars[$key]); + } + } + + return $vars; } // -------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From 52ba26b622b4e58d9511818f8625e77313d680e2 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 9 Jan 2017 16:28:56 +0200 Subject: [ci skip] Prepare 3.1.3 release --- system/core/CodeIgniter.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index 77365b1c3..0edcf972d 100644 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -55,7 +55,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @var string * */ - const CI_VERSION = '3.1.3-dev'; + const CI_VERSION = '3.1.3'; /* * ------------------------------------------------------ -- cgit v1.2.3-24-g4f1b From 7657600403b63d7656dce7b18d2880d3703ad57e Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 9 Jan 2017 18:55:03 +0200 Subject: [ci skip] Mark the beginning of 3.1.4-dev --- system/core/CodeIgniter.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index 0edcf972d..63e9563a1 100644 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -55,7 +55,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @var string * */ - const CI_VERSION = '3.1.3'; + const CI_VERSION = '3.1.4-dev'; /* * ------------------------------------------------------ -- cgit v1.2.3-24-g4f1b From b9ac1a1c268dd6590bb8fb283f45326ce3e0c919 Mon Sep 17 00:00:00 2001 From: Chris Faulkner Date: Tue, 10 Jan 2017 16:02:40 +1030 Subject: Fix Undefined variable: object error Change the undefined variable $object to $vars when calling get_object_vars(). This fixes an error when passing an object to a view. --- system/core/Loader.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'system/core') diff --git a/system/core/Loader.php b/system/core/Loader.php index 17ff2362c..acfc739dd 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -1368,7 +1368,7 @@ class CI_Loader { * Prepare variables for _ci_vars, to be later extract()-ed inside views * * Converts objects to associative arrays and filters-out internal - * variable names (i.e. keys prexied with '_ci_'). + * variable names (i.e. keys prefixed with '_ci_'). * * @param mixed $vars * @return array @@ -1378,7 +1378,7 @@ class CI_Loader { if ( ! is_array($vars)) { $vars = is_object($vars) - ? get_object_vars($object) + ? get_object_vars($vars) : array(); } -- cgit v1.2.3-24-g4f1b From 99d05f0aaffa1750b74b1be4d3654bec95323517 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 11 Jan 2017 17:04:06 +0200 Subject: [ci skip] Merge pull request #4977 from fabiospampinato/fabiospampinato-loader-helper-regex-fix Fixed regex used for loading helpers --- system/core/Loader.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Loader.php b/system/core/Loader.php index acfc739dd..5ed6adb48 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -590,7 +590,7 @@ class CI_Loader { { $filename = basename($helper); $filepath = ($filename === $helper) ? '' : substr($helper, 0, strlen($helper) - strlen($filename)); - $filename = strtolower(preg_replace('#(_helper)?(.php)?$#i', '', $filename)).'_helper'; + $filename = strtolower(preg_replace('#(_helper)?(\.php)?$#i', '', $filename)).'_helper'; $helper = $filepath.$filename; if (isset($this->_ci_helpers[$helper])) -- cgit v1.2.3-24-g4f1b From 71d8f72ffc48a7f46747b3b6b1a554533cc1cbc5 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 17 Jan 2017 12:01:00 +0200 Subject: [ci skip] Merge pull request #4986 from ka7/feature/spelling Spelling fixes in comment blocks and docs --- system/core/Common.php | 2 +- system/core/Security.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'system/core') diff --git a/system/core/Common.php b/system/core/Common.php index 7b3eb6a4e..0c6e2272e 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -827,7 +827,7 @@ if ( ! function_exists('function_usable')) * terminate script execution if a disabled function is executed. * * The above described behavior turned out to be a bug in Suhosin, - * but even though a fix was commited for 0.9.34 on 2012-02-12, + * but even though a fix was committed for 0.9.34 on 2012-02-12, * that version is yet to be released. This function will therefore * be just temporary, but would probably be kept for a few years. * diff --git a/system/core/Security.php b/system/core/Security.php index 585ed90ec..bacbb78d0 100644 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -869,7 +869,7 @@ class CI_Security { // Each iteration filters a single attribute do { - // Strip any non-alpha characters that may preceed an attribute. + // Strip any non-alpha characters that may precede an attribute. // Browsers often parse these incorrectly and that has been a // of numerous XSS issues we've had. $matches['attributes'] = preg_replace('#^[^a-z]+#i', '', $matches['attributes']); -- cgit v1.2.3-24-g4f1b From c0c74d5201c171cd6d0cdc2133e63077ebe1a407 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 19 Jan 2017 15:26:35 +0200 Subject: More byte-safety --- system/core/Log.php | 10 +++++----- system/core/Output.php | 10 +++++----- system/core/compat/password.php | 8 ++++---- 3 files changed, 14 insertions(+), 14 deletions(-) (limited to 'system/core') diff --git a/system/core/Log.php b/system/core/Log.php index 3e11b35f5..d443aedb8 100644 --- a/system/core/Log.php +++ b/system/core/Log.php @@ -105,11 +105,11 @@ class CI_Log { protected $_levels = array('ERROR' => 1, 'DEBUG' => 2, 'INFO' => 3, 'ALL' => 4); /** - * mbstring.func_override flag + * mbstring.func_overload flag * * @var bool */ - protected static $func_override; + protected static $func_overload; // -------------------------------------------------------------------- @@ -122,7 +122,7 @@ class CI_Log { { $config =& get_config(); - isset(self::$func_override) OR self::$func_override = (extension_loaded('mbstring') && ini_get('mbstring.func_override')); + isset(self::$func_overload) OR self::$func_overload = (extension_loaded('mbstring') && ini_get('mbstring.func_overload')); $this->_log_path = ($config['log_path'] !== '') ? $config['log_path'] : APPPATH.'logs/'; $this->_file_ext = (isset($config['log_file_extension']) && $config['log_file_extension'] !== '') @@ -264,7 +264,7 @@ class CI_Log { */ protected static function strlen($str) { - return (self::$func_override) + return (self::$func_overload) ? mb_strlen($str, '8bit') : strlen($str); } @@ -281,7 +281,7 @@ class CI_Log { */ protected static function substr($str, $start, $length = NULL) { - if (self::$func_override) + if (self::$func_overload) { // mb_substr($str, $start, null, '8bit') returns an empty // string on PHP 5.3 diff --git a/system/core/Output.php b/system/core/Output.php index 349955cd2..6ddded22a 100644 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -123,11 +123,11 @@ class CI_Output { public $parse_exec_vars = TRUE; /** - * mbstring.func_override flag + * mbstring.func_overload flag * * @var bool */ - protected static $func_override; + protected static $func_overload; /** * Class constructor @@ -145,7 +145,7 @@ class CI_Output { && extension_loaded('zlib') ); - isset(self::$func_override) OR self::$func_override = (extension_loaded('mbstring') && ini_get('mbstring.func_override')); + isset(self::$func_overload) OR self::$func_overload = (extension_loaded('mbstring') && ini_get('mbstring.func_overload')); // Get mime types for later $this->mimes =& get_mimes(); @@ -817,7 +817,7 @@ class CI_Output { */ protected static function strlen($str) { - return (self::$func_override) + return (self::$func_overload) ? mb_strlen($str, '8bit') : strlen($str); } @@ -834,7 +834,7 @@ class CI_Output { */ protected static function substr($str, $start, $length = NULL) { - if (self::$func_override) + if (self::$func_overload) { // mb_substr($str, $start, null, '8bit') returns an empty // string on PHP 5.3 diff --git a/system/core/compat/password.php b/system/core/compat/password.php index b209cbe70..8176f0088 100644 --- a/system/core/compat/password.php +++ b/system/core/compat/password.php @@ -94,8 +94,8 @@ if ( ! function_exists('password_hash')) */ function password_hash($password, $algo, array $options = array()) { - static $func_override; - isset($func_override) OR $func_override = (extension_loaded('mbstring') && ini_get('mbstring.func_override')); + static $func_overload; + isset($func_overload) OR $func_overload = (extension_loaded('mbstring') && ini_get('mbstring.func_overload')); if ($algo !== 1) { @@ -109,7 +109,7 @@ if ( ! function_exists('password_hash')) return NULL; } - if (isset($options['salt']) && ($saltlen = ($func_override ? mb_strlen($options['salt'], '8bit') : strlen($options['salt']))) < 22) + if (isset($options['salt']) && ($saltlen = ($func_overload ? mb_strlen($options['salt'], '8bit') : strlen($options['salt']))) < 22) { trigger_error('password_hash(): Provided salt is too short: '.$saltlen.' expecting 22', E_USER_WARNING); return NULL; @@ -144,7 +144,7 @@ if ( ! function_exists('password_hash')) is_php('5.4') && stream_set_chunk_size($fp, 16); $options['salt'] = ''; - for ($read = 0; $read < 16; $read = ($func_override) ? mb_strlen($options['salt'], '8bit') : strlen($options['salt'])) + for ($read = 0; $read < 16; $read = ($func_overload) ? mb_strlen($options['salt'], '8bit') : strlen($options['salt'])) { if (($read = fread($fp, 16 - $read)) === FALSE) { -- cgit v1.2.3-24-g4f1b From 25461d8eac80c0f1242150f7316ec58ac14c5d39 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 19 Jan 2017 15:42:43 +0200 Subject: hash_pbkdf2() byte-safety --- system/core/compat/hash.php | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) (limited to 'system/core') diff --git a/system/core/compat/hash.php b/system/core/compat/hash.php index ba0198e10..7eb292188 100644 --- a/system/core/compat/hash.php +++ b/system/core/compat/hash.php @@ -173,7 +173,9 @@ if ( ! function_exists('hash_pbkdf2')) return FALSE; } - $hash_length = strlen(hash($algo, NULL, TRUE)); + $hash_length = defined('MB_OVERLOAD_STRING') + ? mb_strlen(hash($algo, NULL, TRUE)) + : strlen(hash($algo, NULL, TRUE)); empty($length) && $length = $hash_length; // Pre-hash password inputs longer than the algorithm's block size @@ -221,14 +223,14 @@ if ( ! function_exists('hash_pbkdf2')) 'whirlpool' => 64 ); - if (isset($block_sizes[$algo]) && strlen($password) > $block_sizes[$algo]) + if (isset($block_sizes[$algo], $password[$block_sizes[$algo]])) { $password = hash($algo, $password, TRUE); } $hash = ''; // Note: Blocks are NOT 0-indexed - for ($bc = ceil($length / $hash_length), $bi = 1; $bi <= $bc; $bi++) + for ($bc = (int) ceil($length / $hash_length), $bi = 1; $bi <= $bc; $bi++) { $key = $derived_key = hash_hmac($algo, $salt.pack('N', $bi), $password, TRUE); for ($i = 1; $i < $iterations; $i++) @@ -240,6 +242,13 @@ if ( ! function_exists('hash_pbkdf2')) } // This is not RFC-compatible, but we're aiming for natural PHP compatibility - return substr($raw_output ? $hash : bin2hex($hash), 0, $length); + if ( ! $raw_output) + { + $hash = bin2hex($hash); + } + + return defined('MB_OVERLOAD_STRING') + ? mb_substr($hash, 0, $length) + : substr($hash, 0, $length); } } -- cgit v1.2.3-24-g4f1b From 93141a13e77a88be044e4c7f51ba3c2a35bf0ccc Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 19 Jan 2017 15:46:32 +0200 Subject: hash_pbkdf2() byte-safety again ... actually tell mbstring to use 8bit --- system/core/compat/hash.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'system/core') diff --git a/system/core/compat/hash.php b/system/core/compat/hash.php index 7eb292188..c65203aaf 100644 --- a/system/core/compat/hash.php +++ b/system/core/compat/hash.php @@ -174,7 +174,7 @@ if ( ! function_exists('hash_pbkdf2')) } $hash_length = defined('MB_OVERLOAD_STRING') - ? mb_strlen(hash($algo, NULL, TRUE)) + ? mb_strlen(hash($algo, NULL, TRUE), '8bit') : strlen(hash($algo, NULL, TRUE)); empty($length) && $length = $hash_length; @@ -248,7 +248,7 @@ if ( ! function_exists('hash_pbkdf2')) } return defined('MB_OVERLOAD_STRING') - ? mb_substr($hash, 0, $length) + ? mb_substr($hash, 0, $length, '8bit') : substr($hash, 0, $length); } } -- cgit v1.2.3-24-g4f1b From 4316a157c27a3721dbfd8a817bf8cbffb1fe371f Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 20 Jan 2017 15:46:17 +0200 Subject: Don't use each() Will be deprecated in PHP 7.2 --- system/core/Security.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'system/core') diff --git a/system/core/Security.php b/system/core/Security.php index bacbb78d0..082ffa96b 100644 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -354,9 +354,9 @@ class CI_Security { // Is the string an array? if (is_array($str)) { - while (list($key) = each($str)) + foreach ($str as $key => &$value) { - $str[$key] = $this->xss_clean($str[$key]); + $str[$key] = $this->xss_clean($value); } return $str; -- cgit v1.2.3-24-g4f1b From 56f59bdd609b58f3f3826d41b6286882cb26665b Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 23 Jan 2017 11:39:57 +0200 Subject: Merge pull request #4991 from verkhoumov/develop Removed dead code from show_error() --- system/core/Common.php | 5 ----- 1 file changed, 5 deletions(-) (limited to 'system/core') diff --git a/system/core/Common.php b/system/core/Common.php index 0c6e2272e..8437f7926 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -410,11 +410,6 @@ if ( ! function_exists('show_error')) if ($status_code < 100) { $exit_status = $status_code + 9; // 9 is EXIT__AUTO_MIN - if ($exit_status > 125) // 125 is EXIT__AUTO_MAX - { - $exit_status = 1; // EXIT_ERROR - } - $status_code = 500; } else -- cgit v1.2.3-24-g4f1b From 422b8890e8b41a9ecf6644bff169c8c82fa2c82d Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 1 Feb 2017 14:36:49 +0200 Subject: Fix a CI_Input::set_cookie() bug Found on StackOverflow: https://stackoverflow.com/questions/41925028/codeigniter-config-overrides-set-cookie-parameters --- system/core/Input.php | 16 +++++++--------- 1 file changed, 7 insertions(+), 9 deletions(-) (limited to 'system/core') diff --git a/system/core/Input.php b/system/core/Input.php index d7cd29261..af4f87c1f 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -359,7 +359,7 @@ class CI_Input { * @param bool $httponly Whether to only makes the cookie accessible via HTTP (no javascript) * @return void */ - public function set_cookie($name, $value = '', $expire = '', $domain = '', $path = '/', $prefix = '', $secure = FALSE, $httponly = FALSE) + public function set_cookie($name, $value = '', $expire = '', $domain = '', $path = '/', $prefix = '', $secure = NULL, $httponly = NULL) { if (is_array($name)) { @@ -388,15 +388,13 @@ class CI_Input { $path = config_item('cookie_path'); } - if ($secure === FALSE && config_item('cookie_secure') === TRUE) - { - $secure = config_item('cookie_secure'); - } + $secure = ($secure === NULL && config_item('cookie_secure') !== NULL) + ? (bool) config_item('cookie_secure') + : (bool) $secure; - if ($httponly === FALSE && config_item('cookie_httponly') !== FALSE) - { - $httponly = config_item('cookie_httponly'); - } + $httponly = ($httponly === NULL && config_item('cookie_httponly') !== NULL) + ? (bool) config_item('cookie_httponly') + : (bool) $httponly; if ( ! is_numeric($expire)) { -- cgit v1.2.3-24-g4f1b From d60e51ba3bc542ead57d9d7b3b5f11e5c26a72e4 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 6 Feb 2017 10:28:36 +0200 Subject: Merge pull request #5006 from tianhe1986/develop_common Fix two bugs with Common Functions --- system/core/Common.php | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) (limited to 'system/core') diff --git a/system/core/Common.php b/system/core/Common.php index 8437f7926..8b74db0a3 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -319,17 +319,16 @@ if ( ! function_exists('get_mimes')) if (empty($_mimes)) { - if (file_exists(APPPATH.'config/'.ENVIRONMENT.'/mimes.php')) - { - $_mimes = include(APPPATH.'config/'.ENVIRONMENT.'/mimes.php'); - } - elseif (file_exists(APPPATH.'config/mimes.php')) + $_mimes = array(); + + if (file_exists(APPPATH.'config/mimes.php')) { - $_mimes = include(APPPATH.'config/mimes.php'); + $_mimes = array_merge($_mimes, include(APPPATH.'config/mimes.php')); } - else + + if (file_exists(APPPATH.'config/'.ENVIRONMENT.'/mimes.php')) { - $_mimes = array(); + $_mimes = array_merge($_mimes, include(APPPATH.'config/'.ENVIRONMENT.'/mimes.php')); } } @@ -719,6 +718,7 @@ if ( ! function_exists('remove_invisible_characters')) { $non_displayables[] = '/%0[0-8bcef]/i'; // url encoded 00-08, 11, 12, 14, 15 $non_displayables[] = '/%1[0-9a-f]/i'; // url encoded 16-31 + $non_displayables[] = '/%7f/i'; // url encoded 127 } $non_displayables[] = '/[\x00-\x08\x0B\x0C\x0E-\x1F\x7F]+/S'; // 00-08, 11, 12, 14-31, 127 -- cgit v1.2.3-24-g4f1b From 8057d79e54e9f7f577089eecdc2c33be801d3e3f Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 6 Feb 2017 10:34:33 +0200 Subject: [ci skip] Eliminate a needless array_merge() call from PR #5006 patch --- system/core/Common.php | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) (limited to 'system/core') diff --git a/system/core/Common.php b/system/core/Common.php index 8b74db0a3..f7bd42600 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -319,12 +319,9 @@ if ( ! function_exists('get_mimes')) if (empty($_mimes)) { - $_mimes = array(); - - if (file_exists(APPPATH.'config/mimes.php')) - { - $_mimes = array_merge($_mimes, include(APPPATH.'config/mimes.php')); - } + $_mimes = file_exists(APPPATH.'config/mimes.php') + ? include(APPPATH.'config/mimes.php') + : array(); if (file_exists(APPPATH.'config/'.ENVIRONMENT.'/mimes.php')) { -- cgit v1.2.3-24-g4f1b From df33ec2e45356895c5aec0a1ebfc325c2af4f74a Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 20 Mar 2017 17:43:58 +0200 Subject: Fix Apache header injection vulnerability in set_status_header() --- system/core/Common.php | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'system/core') diff --git a/system/core/Common.php b/system/core/Common.php index f7bd42600..2fd5c5809 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -562,12 +562,12 @@ if ( ! function_exists('set_status_header')) if (strpos(PHP_SAPI, 'cgi') === 0) { header('Status: '.$code.' '.$text, TRUE); + return; } - else - { - $server_protocol = isset($_SERVER['SERVER_PROTOCOL']) ? $_SERVER['SERVER_PROTOCOL'] : 'HTTP/1.1'; - header($server_protocol.' '.$code.' '.$text, TRUE, $code); - } + + $server_protocol = (isset($_SERVER['SERVER_PROTOCOL']) && in_array($_SERVER['SERVER_PROTOCOL'], array('HTTP/1.0', 'HTTP/1.1', 'HTTP/2'), TRUE)) + ? $_SERVER['SERVER_PROTOCOL'] : 'HTTP/1.1'; + header($server_protocol.' '.$code.' '.$text, TRUE, $code); } } -- cgit v1.2.3-24-g4f1b From f58643bab5e5a868aabdaa64668cdb67a9b82fbb Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 20 Mar 2017 17:46:23 +0200 Subject: [ci skip] Prepare 3.1.4 release --- system/core/CodeIgniter.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index 63e9563a1..880abab57 100644 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -55,7 +55,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @var string * */ - const CI_VERSION = '3.1.4-dev'; + const CI_VERSION = '3.1.4'; /* * ------------------------------------------------------ -- cgit v1.2.3-24-g4f1b From f83d10b375bd028480a47ec3c0bbb2b07dcabfee Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 20 Mar 2017 17:55:38 +0200 Subject: [ci skip] Mark the start of 3.1.5-dev --- system/core/CodeIgniter.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index 880abab57..b5c2bedf4 100644 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -55,7 +55,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @var string * */ - const CI_VERSION = '3.1.4'; + const CI_VERSION = '3.1.5-dev'; /* * ------------------------------------------------------ -- cgit v1.2.3-24-g4f1b From f8fba7bac1c69e619f504f9960133d9b0fecc34b Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 18 Apr 2017 12:03:15 +0300 Subject: [ci skip] Reduce nesting levels in CI_Output --- system/core/Output.php | 95 +++++++++++++++++++++++--------------------------- 1 file changed, 44 insertions(+), 51 deletions(-) (limited to 'system/core') diff --git a/system/core/Output.php b/system/core/Output.php index 6ddded22a..a3155fece 100644 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -586,62 +586,59 @@ class CI_Output { return; } - if (flock($fp, LOCK_EX)) + if ( ! flock($fp, LOCK_EX)) { - // If output compression is enabled, compress the cache - // itself, so that we don't have to do that each time - // we're serving it - if ($this->_compress_output === TRUE) - { - $output = gzencode($output); + log_message('error', 'Unable to secure a file lock for file at: '.$cache_path); + fclose($fp); + return; + } - if ($this->get_header('content-type') === NULL) - { - $this->set_content_type($this->mime_type); - } + // If output compression is enabled, compress the cache + // itself, so that we don't have to do that each time + // we're serving it + if ($this->_compress_output === TRUE) + { + $output = gzencode($output); + + if ($this->get_header('content-type') === NULL) + { + $this->set_content_type($this->mime_type); } + } - $expire = time() + ($this->cache_expiration * 60); + $expire = time() + ($this->cache_expiration * 60); - // Put together our serialized info. - $cache_info = serialize(array( - 'expire' => $expire, - 'headers' => $this->headers - )); + // Put together our serialized info. + $cache_info = serialize(array( + 'expire' => $expire, + 'headers' => $this->headers + )); - $output = $cache_info.'ENDCI--->'.$output; + $output = $cache_info.'ENDCI--->'.$output; - for ($written = 0, $length = self::strlen($output); $written < $length; $written += $result) + for ($written = 0, $length = self::strlen($output); $written < $length; $written += $result) + { + if (($result = fwrite($fp, self::substr($output, $written))) === FALSE) { - if (($result = fwrite($fp, self::substr($output, $written))) === FALSE) - { - break; - } + break; } - - flock($fp, LOCK_UN); - } - else - { - log_message('error', 'Unable to secure a file lock for file at: '.$cache_path); - return; } + flock($fp, LOCK_UN); fclose($fp); - if (is_int($result)) - { - chmod($cache_path, 0640); - log_message('debug', 'Cache file written: '.$cache_path); - - // Send HTTP cache-control headers to browser to match file cache settings. - $this->set_cache_header($_SERVER['REQUEST_TIME'], $expire); - } - else + if ( ! is_int($result)) { @unlink($cache_path); log_message('error', 'Unable to write the complete cache content at: '.$cache_path); + return; } + + chmod($cache_path, 0640); + log_message('debug', 'Cache file written: '.$cache_path); + + // Send HTTP cache-control headers to browser to match file cache settings. + $this->set_cache_header($_SERVER['REQUEST_TIME'], $expire); } // -------------------------------------------------------------------- @@ -708,11 +705,9 @@ class CI_Output { log_message('debug', 'Cache file has expired. File deleted.'); return FALSE; } - else - { - // Or else send the HTTP cache control headers. - $this->set_cache_header($last_modified, $expire); - } + + // Send the HTTP cache control headers + $this->set_cache_header($last_modified, $expire); // Add headers from cache file. foreach ($cache_info['headers'] as $header) @@ -798,13 +793,11 @@ class CI_Output { $this->set_status_header(304); exit; } - else - { - header('Pragma: public'); - header('Cache-Control: max-age='.$max_age.', public'); - header('Expires: '.gmdate('D, d M Y H:i:s', $expiration).' GMT'); - header('Last-modified: '.gmdate('D, d M Y H:i:s', $last_modified).' GMT'); - } + + header('Pragma: public'); + header('Cache-Control: max-age='.$max_age.', public'); + header('Expires: '.gmdate('D, d M Y H:i:s', $expiration).' GMT'); + header('Last-modified: '.gmdate('D, d M Y H:i:s', $last_modified).' GMT'); } // -------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From ab0010f543d88fa19506907684a9d329d4dd94e3 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 25 May 2017 12:14:41 +0300 Subject: [ci skip] Fix #5131 --- system/core/CodeIgniter.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index b5c2bedf4..0fab092e5 100644 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -434,7 +434,7 @@ if ( ! is_php('5.4')) * ReflectionMethod::isConstructor() is the ONLY reliable check, * knowing which method will be executed as a constructor. */ - elseif ( ! is_callable(array($class, $method)) && strcasecmp($class, $method) === 0) + elseif ( ! is_callable(array($class, $method))) { $reflection = new ReflectionMethod($class, $method); if ( ! $reflection->isPublic() OR $reflection->isConstructor()) -- cgit v1.2.3-24-g4f1b From ee9d428171dc201f51eaffdb62616312915681ff Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 5 Jun 2017 10:44:37 +0300 Subject: [ci skip] Merge pull request #5143 from TysonAndre/misc-phpdoc-nits Fix misc inconsistencies between code and doc comments --- system/core/Common.php | 2 +- system/core/Exceptions.php | 2 +- system/core/compat/mbstring.php | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) (limited to 'system/core') diff --git a/system/core/Common.php b/system/core/Common.php index 2fd5c5809..d6a1fdb4e 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -135,7 +135,7 @@ if ( ! function_exists('load_class')) * * @param string the class name being requested * @param string the directory where the class should be found - * @param string an optional argument to pass to the class constructor + * @param mixed an optional argument to pass to the class constructor * @return object */ function &load_class($class, $directory = 'libraries', $param = NULL) diff --git a/system/core/Exceptions.php b/system/core/Exceptions.php index 47d153f49..526909602 100644 --- a/system/core/Exceptions.php +++ b/system/core/Exceptions.php @@ -231,7 +231,7 @@ class CI_Exceptions { * @param string $message Error message * @param string $filepath File path * @param int $line Line number - * @return string Error page output + * @return void */ public function show_php_error($severity, $message, $filepath, $line) { diff --git a/system/core/compat/mbstring.php b/system/core/compat/mbstring.php index f466e1c34..1b2f2c63b 100644 --- a/system/core/compat/mbstring.php +++ b/system/core/compat/mbstring.php @@ -68,7 +68,7 @@ if ( ! function_exists('mb_strlen')) * @link http://php.net/mb_strlen * @param string $str * @param string $encoding - * @return string + * @return int */ function mb_strlen($str, $encoding = NULL) { -- cgit v1.2.3-24-g4f1b From 2459285b91d6fc4f5099f9f597529cce1059cb33 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 19 Jun 2017 11:29:39 +0300 Subject: [ci skip] Prepare 3.1.5 release --- system/core/CodeIgniter.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index 0fab092e5..823e034d7 100644 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -55,7 +55,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @var string * */ - const CI_VERSION = '3.1.5-dev'; + const CI_VERSION = '3.1.5'; /* * ------------------------------------------------------ -- cgit v1.2.3-24-g4f1b