From a8126b18a37d211240df254a82031e736eb98daf Mon Sep 17 00:00:00 2001
From: Andrey Andreev <narf@bofh.bg>
Date: Wed, 4 Jul 2012 10:37:57 +0300
Subject: Backport CI_Config::load() optimization from pull #1571

---
 system/core/Config.php | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Config.php b/system/core/Config.php
index 714c4667b..5dffbf3f2 100755
--- a/system/core/Config.php
+++ b/system/core/Config.php
@@ -99,12 +99,12 @@ class CI_Config {
 		$found = FALSE;
 		$loaded = FALSE;
 
+		$check_locations = defined('ENVIRONMENT')
+			? array(ENVIRONMENT.'/'.$file, $file)
+			: array($file);
+
 		foreach ($this->_config_paths as $path)
 		{
-			$check_locations = defined('ENVIRONMENT')
-				? array(ENVIRONMENT.'/'.$file, $file)
-				: array($file);
-
 			foreach ($check_locations as $location)
 			{
 				$file_path = $path.'config/'.$location.'.php';
@@ -168,7 +168,7 @@ class CI_Config {
 			{
 				return FALSE;
 			}
-			show_error('The configuration file '.$file.'.php'.' does not exist.');
+			show_error('The configuration file '.$file.'.php does not exist.');
 		}
 
 		return TRUE;
@@ -279,7 +279,7 @@ class CI_Config {
 	 */
 	function base_url($uri = '')
 	{
-		return $this->slash_item('base_url').ltrim($this->_uri_string($uri),'/');
+		return $this->slash_item('base_url').ltrim($this->_uri_string($uri), '/');
 	}
 
 	// -------------------------------------------------------------
-- 
cgit v1.2.3-24-g4f1b


From 7af48d061b7b4250fdb54466655ad1067856d326 Mon Sep 17 00:00:00 2001
From: Andrey Andreev <narf@bofh.bg>
Date: Tue, 24 Jul 2012 11:13:35 +0300
Subject: Change is_loaded() to return a reference

---
 system/core/Common.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'system/core')

diff --git a/system/core/Common.php b/system/core/Common.php
index d79375475..07534c51f 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -187,7 +187,7 @@ if ( ! function_exists('load_class'))
 */
 if ( ! function_exists('is_loaded'))
 {
-	function is_loaded($class = '')
+	function &is_loaded($class = '')
 	{
 		static $_is_loaded = array();
 
-- 
cgit v1.2.3-24-g4f1b


From b0fe0a9a6813e8d3ebca94c5fa86ab6f36f3390d Mon Sep 17 00:00:00 2001
From: Andrey Andreev <narf@bofh.bg>
Date: Sat, 6 Oct 2012 15:24:53 +0300
Subject: Fix issues #227 and #907

---
 system/core/Input.php | 63 +++++++++++++++++++++++++--------------------------
 1 file changed, 31 insertions(+), 32 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Input.php b/system/core/Input.php
index 3559d8607..66e02ba00 100755
--- a/system/core/Input.php
+++ b/system/core/Input.php
@@ -73,13 +73,13 @@ class CI_Input {
 	 */
 	protected $headers			= array();
 
-
 	/**
 	 * Constructor
 	 *
 	 * Sets whether to globally enable the XSS processing
 	 * and whether to allow the $_GET array
 	 *
+	 * @return	void
 	 */
 	public function __construct()
 	{
@@ -306,50 +306,49 @@ class CI_Input {
 	/**
 	* Fetch the IP Address
 	*
-	* @access	public
 	* @return	string
 	*/
-	function ip_address()
+	public function ip_address()
 	{
 		if ($this->ip_address !== FALSE)
 		{
 			return $this->ip_address;
 		}
 
-		if (config_item('proxy_ips') != '' && $this->server('HTTP_X_FORWARDED_FOR') && $this->server('REMOTE_ADDR'))
+		$proxy_ips = config_item('proxy_ips');
+		if ( ! empty($proxy_ips))
 		{
-			$proxies = preg_split('/[\s,]/', config_item('proxy_ips'), -1, PREG_SPLIT_NO_EMPTY);
-			$proxies = is_array($proxies) ? $proxies : array($proxies);
+			$proxy_ips = explode(',', str_replace(' ', '', $proxy_ips));
+			foreach (array('HTTP_X_FORWARDED_FOR', 'HTTP_CLIENT_IP', 'HTTP_X_CLIENT_IP', 'HTTP_X_CLUSTER_CLIENT_IP') as $header)
+			{
+				if (($spoof = $this->server($header)) !== FALSE)
+				{
+					// Some proxies typically list the whole chain of IP
+					// addresses through which the client has reached us.
+					// e.g. client_ip, proxy_ip1, proxy_ip2, etc.
+					if (strpos($spoof, ',') !== FALSE)
+					{
+						$spoof = explode(',', $spoof, 2);
+						$spoof = $spoof[0];
+					}
 
-			$this->ip_address = in_array($_SERVER['REMOTE_ADDR'], $proxies) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR'];
-		}
-		elseif ($this->server('REMOTE_ADDR') AND $this->server('HTTP_CLIENT_IP'))
-		{
-			$this->ip_address = $_SERVER['HTTP_CLIENT_IP'];
-		}
-		elseif ($this->server('REMOTE_ADDR'))
-		{
-			$this->ip_address = $_SERVER['REMOTE_ADDR'];
-		}
-		elseif ($this->server('HTTP_CLIENT_IP'))
-		{
-			$this->ip_address = $_SERVER['HTTP_CLIENT_IP'];
-		}
-		elseif ($this->server('HTTP_X_FORWARDED_FOR'))
-		{
-			$this->ip_address = $_SERVER['HTTP_X_FORWARDED_FOR'];
-		}
+					if ( ! $this->valid_ip($spoof))
+					{
+						$spoof = NULL;
+					}
+					else
+					{
+						break;
+					}
+				}
+			}
 
-		if ($this->ip_address === FALSE)
-		{
-			$this->ip_address = '0.0.0.0';
-			return $this->ip_address;
+			$this->ip_address = ($spoof !== NULL && in_array($_SERVER['REMOTE_ADDR'], $proxy_ips, TRUE))
+				? $spoof : $_SERVER['REMOTE_ADDR'];
 		}
-
-		if (strpos($this->ip_address, ',') !== FALSE)
+		else
 		{
-			$x = explode(',', $this->ip_address);
-			$this->ip_address = trim(end($x));
+			$this->ip_address = $_SERVER['REMOTE_ADDR'];
 		}
 
 		if ( ! $this->valid_ip($this->ip_address))
-- 
cgit v1.2.3-24-g4f1b


From 481e42660f3c703789b4564402b5c47032c87c99 Mon Sep 17 00:00:00 2001
From: Andrey Andreev <narf@bofh.bg>
Date: Sat, 6 Oct 2012 15:42:56 +0300
Subject: Backport security fixes

---
 system/core/Security.php | 51 ++++++++++++++++++++++++------------------------
 1 file changed, 25 insertions(+), 26 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Security.php b/system/core/Security.php
index 7af240ded..00089d765 100755
--- a/system/core/Security.php
+++ b/system/core/Security.php
@@ -98,26 +98,32 @@ class CI_Security {
 
 	/**
 	 * Constructor
+	 *
+	 * @return	void
 	 */
 	public function __construct()
 	{
-		// CSRF config
-		foreach(array('csrf_expire', 'csrf_token_name', 'csrf_cookie_name') as $key)
+		// Is CSRF protection enabled?
+		if (config_item('csrf_protection') === TRUE)
 		{
-			if (FALSE !== ($val = config_item($key)))
+			// CSRF config
+			foreach (array('csrf_expire', 'csrf_token_name', 'csrf_cookie_name') as $key)
 			{
-				$this->{'_'.$key} = $val;
+				if (FALSE !== ($val = config_item($key)))
+				{
+					$this->{'_'.$key} = $val;
+				}
 			}
-		}
 
-		// Append application specific cookie prefix
-		if (config_item('cookie_prefix'))
-		{
-			$this->_csrf_cookie_name = config_item('cookie_prefix').$this->_csrf_cookie_name;
-		}
+			// Append application specific cookie prefix
+			if (config_item('cookie_prefix'))
+			{
+				$this->_csrf_cookie_name = config_item('cookie_prefix').$this->_csrf_cookie_name;
+			}
 
-		// Set the CSRF hash
-		$this->_csrf_set_hash();
+			// Set the CSRF hash
+			$this->_csrf_set_hash();
+		}
 
 		log_message('debug', "Security Class Initialized");
 	}
@@ -131,15 +137,14 @@ class CI_Security {
 	 */
 	public function csrf_verify()
 	{
-		// If no POST data exists we will set the CSRF cookie
-		if (count($_POST) == 0)
+		// If it's not a POST request we will set the CSRF cookie
+		if (strtoupper($_SERVER['REQUEST_METHOD']) !== 'POST')
 		{
 			return $this->csrf_set_cookie();
 		}
 
 		// Do the tokens exist in both the _POST and _COOKIE arrays?
-		if ( ! isset($_POST[$this->_csrf_token_name]) OR
-			 ! isset($_COOKIE[$this->_csrf_cookie_name]))
+		if ( ! isset($_POST[$this->_csrf_token_name], $_COOKIE[$this->_csrf_cookie_name]))
 		{
 			$this->csrf_show_error();
 		}
@@ -159,7 +164,7 @@ class CI_Security {
 		$this->_csrf_set_hash();
 		$this->csrf_set_cookie();
 
-		log_message('debug', "CSRF token verified ");
+		log_message('debug', 'CSRF token verified');
 
 		return $this;
 	}
@@ -176,14 +181,9 @@ class CI_Security {
 		$expire = time() + $this->_csrf_expire;
 		$secure_cookie = (config_item('cookie_secure') === TRUE) ? 1 : 0;
 
-		if ($secure_cookie)
+		if ($secure_cookie && (empty($_SERVER['HTTPS']) OR strtolower($_SERVER['HTTPS']) === 'off'))
 		{
-			$req = isset($_SERVER['HTTPS']) ? $_SERVER['HTTPS'] : FALSE;
-
-			if ( ! $req OR $req == 'off')
-			{
-				return FALSE;
-			}
+			return FALSE;
 		}
 
 		setcookie($this->_csrf_cookie_name, $this->_csrf_hash, $expire, config_item('cookie_path'), config_item('cookie_domain'), $secure_cookie);
@@ -871,7 +871,6 @@ class CI_Security {
 	}
 
 }
-// END Security Class
 
 /* End of file Security.php */
-/* Location: ./system/libraries/Security.php */
+/* Location: ./system/libraries/Security.php */
\ No newline at end of file
-- 
cgit v1.2.3-24-g4f1b


From 05b3877a792caa23cb4503a976b8c85dec47335f Mon Sep 17 00:00:00 2001
From: Andrey Andreev <narf@bofh.bg>
Date: Mon, 8 Oct 2012 00:12:10 +0300
Subject: Bump version number to 2.1.3

---
 system/core/CodeIgniter.php | 2 +-
 system/core/Input.php       | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

(limited to 'system/core')

diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php
index cd3333331..c16c79c09 100755
--- a/system/core/CodeIgniter.php
+++ b/system/core/CodeIgniter.php
@@ -33,7 +33,7 @@
  * @var string
  *
  */
-	define('CI_VERSION', '2.1.2');
+	define('CI_VERSION', '2.1.3');
 
 /**
  * CodeIgniter Branch (Core = TRUE, Reactor = FALSE)
diff --git a/system/core/Input.php b/system/core/Input.php
index 66e02ba00..fa26777a1 100755
--- a/system/core/Input.php
+++ b/system/core/Input.php
@@ -334,7 +334,7 @@ class CI_Input {
 
 					if ( ! $this->valid_ip($spoof))
 					{
-						$spoof = NULL;
+						$spoof = FALSE;
 					}
 					else
 					{
@@ -343,7 +343,7 @@ class CI_Input {
 				}
 			}
 
-			$this->ip_address = ($spoof !== NULL && in_array($_SERVER['REMOTE_ADDR'], $proxy_ips, TRUE))
+			$this->ip_address = ($spoof !== FALSE && in_array($_SERVER['REMOTE_ADDR'], $proxy_ips, TRUE))
 				? $spoof : $_SERVER['REMOTE_ADDR'];
 		}
 		else
-- 
cgit v1.2.3-24-g4f1b


From 8f8436080ed60dbd680f2792d475bbed944df78c Mon Sep 17 00:00:00 2001
From: Andrey Andreev <narf@bofh.bg>
Date: Mon, 8 Oct 2012 10:47:22 +0300
Subject: Fix issue #1715

---
 system/core/Input.php | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Input.php b/system/core/Input.php
index fa26777a1..218eed3d7 100755
--- a/system/core/Input.php
+++ b/system/core/Input.php
@@ -641,8 +641,8 @@ class CI_Input {
 		$_SERVER['PHP_SELF'] = strip_tags($_SERVER['PHP_SELF']);
 
 
-		// CSRF Protection check
-		if ($this->_enable_csrf == TRUE)
+		// CSRF Protection check on HTTP requests
+		if ($this->_enable_csrf == TRUE && $this->is_cli_request())
 		{
 			$this->security->csrf_verify();
 		}
@@ -836,11 +836,11 @@ class CI_Input {
 	 *
 	 * Test to see if a request was made from the command line
 	 *
-	 * @return 	boolean
+	 * @return 	bool
 	 */
 	public function is_cli_request()
 	{
-		return (php_sapi_name() == 'cli') or defined('STDIN');
+		return (php_sapi_name() === 'cli' OR defined('STDIN'));
 	}
 
 }
-- 
cgit v1.2.3-24-g4f1b


From 05e8c03b6742033cf88885cb86217cadca3a4567 Mon Sep 17 00:00:00 2001
From: Andrey Andreev <narf@bofh.bg>
Date: Mon, 8 Oct 2012 11:11:27 +0300
Subject: Really fix #1715

---
 system/core/Input.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'system/core')

diff --git a/system/core/Input.php b/system/core/Input.php
index 218eed3d7..0c1f2b08e 100755
--- a/system/core/Input.php
+++ b/system/core/Input.php
@@ -642,7 +642,7 @@ class CI_Input {
 
 
 		// CSRF Protection check on HTTP requests
-		if ($this->_enable_csrf == TRUE && $this->is_cli_request())
+		if ($this->_enable_csrf == TRUE && ! $this->is_cli_request())
 		{
 			$this->security->csrf_verify();
 		}
-- 
cgit v1.2.3-24-g4f1b