From 2be25a6fdb9aa197debca28d1cfe0e0e542296b0 Mon Sep 17 00:00:00 2001 From: RS71 Date: Sat, 31 Dec 2011 16:02:04 -0200 Subject: Update system/core/Security.php --- system/core/Security.php | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) (limited to 'system/core') diff --git a/system/core/Security.php b/system/core/Security.php index 60a64f358..510f3d1ae 100755 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -180,9 +180,14 @@ class CI_Security { // polute the _POST array unset($_POST[$this->_csrf_token_name]); - // Nothing should last forever - unset($_COOKIE[$this->_csrf_cookie_name]); - $this->_csrf_hash = ''; + // Regenerate on every submission? + if (config_item('csrf_regenerate')) + { + // Nothing should last forever + unset($_COOKIE[$this->_csrf_cookie_name]); + $this->_csrf_hash = ''; + } + $this->_csrf_set_hash(); $this->csrf_set_cookie(); -- cgit v1.2.3-24-g4f1b From 0defe5d33ee2633f377a109519ca818becc60f64 Mon Sep 17 00:00:00 2001 From: Greg Aker Date: Sun, 1 Jan 2012 18:46:41 -0600 Subject: Updating copyright date to 2012 --- system/core/Benchmark.php | 2 +- system/core/CodeIgniter.php | 2 +- system/core/Common.php | 2 +- system/core/Config.php | 2 +- system/core/Controller.php | 2 +- system/core/Exceptions.php | 2 +- system/core/Hooks.php | 2 +- system/core/Input.php | 2 +- system/core/Lang.php | 2 +- system/core/Loader.php | 2 +- system/core/Model.php | 2 +- system/core/Output.php | 2 +- system/core/Router.php | 2 +- system/core/Security.php | 2 +- system/core/URI.php | 2 +- system/core/Utf8.php | 2 +- 16 files changed, 16 insertions(+), 16 deletions(-) (limited to 'system/core') diff --git a/system/core/Benchmark.php b/system/core/Benchmark.php index 0f3104079..da246c9e0 100755 --- a/system/core/Benchmark.php +++ b/system/core/Benchmark.php @@ -18,7 +18,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/) * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index 97527e5ca..5152073d5 100755 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -18,7 +18,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/) * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 diff --git a/system/core/Common.php b/system/core/Common.php index b0921fe0c..f42bb640c 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -18,7 +18,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/) * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 diff --git a/system/core/Config.php b/system/core/Config.php index b0b4c9aa4..3e2635494 100755 --- a/system/core/Config.php +++ b/system/core/Config.php @@ -18,7 +18,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/) * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 diff --git a/system/core/Controller.php b/system/core/Controller.php index ca2bf41b5..55b3ec235 100644 --- a/system/core/Controller.php +++ b/system/core/Controller.php @@ -18,7 +18,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/) * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 diff --git a/system/core/Exceptions.php b/system/core/Exceptions.php index ead8d814e..3737f2930 100755 --- a/system/core/Exceptions.php +++ b/system/core/Exceptions.php @@ -18,7 +18,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/) * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 diff --git a/system/core/Hooks.php b/system/core/Hooks.php index aa251a389..174adcb19 100755 --- a/system/core/Hooks.php +++ b/system/core/Hooks.php @@ -18,7 +18,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/) * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 diff --git a/system/core/Input.php b/system/core/Input.php index 3cbbe787f..7cfa4c63f 100755 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -18,7 +18,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/) * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 diff --git a/system/core/Lang.php b/system/core/Lang.php index e03afb07d..5eb2801f6 100755 --- a/system/core/Lang.php +++ b/system/core/Lang.php @@ -18,7 +18,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/) * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 diff --git a/system/core/Loader.php b/system/core/Loader.php index d42dbbf38..c4a6b501c 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -18,7 +18,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/) * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 diff --git a/system/core/Model.php b/system/core/Model.php index c34bab64b..fc640139a 100755 --- a/system/core/Model.php +++ b/system/core/Model.php @@ -18,7 +18,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/) * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 diff --git a/system/core/Output.php b/system/core/Output.php index 9727a184f..e529f914d 100755 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -18,7 +18,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/) * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 diff --git a/system/core/Router.php b/system/core/Router.php index 748678d67..8cad86888 100755 --- a/system/core/Router.php +++ b/system/core/Router.php @@ -18,7 +18,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/) * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 diff --git a/system/core/Security.php b/system/core/Security.php index 60a64f358..272a8bf3f 100755 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -18,7 +18,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/) * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 diff --git a/system/core/URI.php b/system/core/URI.php index 578d17429..3c26d307b 100755 --- a/system/core/URI.php +++ b/system/core/URI.php @@ -18,7 +18,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/) * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 diff --git a/system/core/Utf8.php b/system/core/Utf8.php index 1bcf526a5..40a7ac4c0 100644 --- a/system/core/Utf8.php +++ b/system/core/Utf8.php @@ -18,7 +18,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/) * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 2.0 -- cgit v1.2.3-24-g4f1b From 2fbbfe34033dba5f362382818d0ae4c809ff6698 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 7 Jan 2012 18:37:15 +0200 Subject: Improve the Benchmark library --- system/core/Benchmark.php | 23 +++++++++-------------- 1 file changed, 9 insertions(+), 14 deletions(-) (limited to 'system/core') diff --git a/system/core/Benchmark.php b/system/core/Benchmark.php index da246c9e0..f4dfd3dab 100755 --- a/system/core/Benchmark.php +++ b/system/core/Benchmark.php @@ -1,13 +1,13 @@ -marker[$name] = microtime(); } @@ -75,13 +74,12 @@ class CI_Benchmark { * execution time to be shown in a template. The output class will * swap the real value for this variable. * - * @access public * @param string a particular marked point * @param string a particular marked point * @param integer the number of decimal places * @return mixed */ - function elapsed_time($point1 = '', $point2 = '', $decimals = 4) + public function elapsed_time($point1 = '', $point2 = '', $decimals = 4) { if ($point1 == '') { @@ -114,17 +112,14 @@ class CI_Benchmark { * without the memory being calculated until the end. * The output class will swap the real value for this variable. * - * @access public * @return string */ - function memory_usage() + public function memory_usage() { return '{memory_usage}'; } } -// END CI_Benchmark class - /* End of file Benchmark.php */ -/* Location: ./system/core/Benchmark.php */ \ No newline at end of file +/* Location: ./system/core/Benchmark.php */ -- cgit v1.2.3-24-g4f1b From 9c5c24a582b32659c89f74fb5f773d06db23e426 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 7 Jan 2012 18:51:21 +0200 Subject: Improve core/CodeIgniter.php --- system/core/CodeIgniter.php | 38 +++++++++++++++----------------------- 1 file changed, 15 insertions(+), 23 deletions(-) (limited to 'system/core') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index 5152073d5..e3d818825 100755 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -1,13 +1,13 @@ -_call_hook('cache_override') === FALSE) + if ($EXT->_call_hook('cache_override') === FALSE + AND $OUT->_display_cache($CFG, $URI) == TRUE) { - if ($OUT->_display_cache($CFG, $URI) == TRUE) - { - exit; - } + exit; } /* @@ -273,13 +267,13 @@ $method = $RTR->fetch_method(); if ( ! class_exists($class) - OR strncmp($method, '_', 1) == 0 + OR strpos($method, '_', 1) === 0 OR in_array(strtolower($method), array_map('strtolower', get_class_methods('CI_Controller'))) ) { if ( ! empty($RTR->routes['404_override'])) { - $x = explode('/', $RTR->routes['404_override']); + $x = explode('/', $RTR->routes['404_override'], 2); $class = $x[0]; $method = (isset($x[1]) ? $x[1] : 'index'); if ( ! class_exists($class)) @@ -341,7 +335,7 @@ // Check and see if we are using a 404 override and use it. if ( ! empty($RTR->routes['404_override'])) { - $x = explode('/', $RTR->routes['404_override']); + $x = explode('/', $RTR->routes['404_override'], 2); $class = $x[0]; $method = (isset($x[1]) ? $x[1] : 'index'); if ( ! class_exists($class)) @@ -367,7 +361,6 @@ call_user_func_array(array(&$CI, $method), array_slice($URI->rsegments, 2)); } - // Mark a benchmark end point $BM->mark('controller_execution_time_( '.$class.' / '.$method.' )_end'); @@ -405,6 +398,5 @@ $CI->db->close(); } - /* End of file CodeIgniter.php */ -/* Location: ./system/core/CodeIgniter.php */ \ No newline at end of file +/* Location: ./system/core/CodeIgniter.php */ -- cgit v1.2.3-24-g4f1b From 188abafcd3cc9b196755c0227eebc9a10f33d3a7 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 7 Jan 2012 19:09:42 +0200 Subject: Improve core/Common.php --- system/core/Common.php | 133 ++++++++++++++++++++++++------------------------- 1 file changed, 66 insertions(+), 67 deletions(-) (limited to 'system/core') diff --git a/system/core/Common.php b/system/core/Common.php index f42bb640c..abbe789e2 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -1,13 +1,13 @@ - 'OK', - 201 => 'Created', - 202 => 'Accepted', - 203 => 'Non-Authoritative Information', - 204 => 'No Content', - 205 => 'Reset Content', - 206 => 'Partial Content', - - 300 => 'Multiple Choices', - 301 => 'Moved Permanently', - 302 => 'Found', - 304 => 'Not Modified', - 305 => 'Use Proxy', - 307 => 'Temporary Redirect', - - 400 => 'Bad Request', - 401 => 'Unauthorized', - 403 => 'Forbidden', - 404 => 'Not Found', - 405 => 'Method Not Allowed', - 406 => 'Not Acceptable', - 407 => 'Proxy Authentication Required', - 408 => 'Request Timeout', - 409 => 'Conflict', - 410 => 'Gone', - 411 => 'Length Required', - 412 => 'Precondition Failed', - 413 => 'Request Entity Too Large', - 414 => 'Request-URI Too Long', - 415 => 'Unsupported Media Type', - 416 => 'Requested Range Not Satisfiable', - 417 => 'Expectation Failed', - 422 => 'Unprocessable Entity', - - 500 => 'Internal Server Error', - 501 => 'Not Implemented', - 502 => 'Bad Gateway', - 503 => 'Service Unavailable', - 504 => 'Gateway Timeout', - 505 => 'HTTP Version Not Supported' - ); + 200 => 'OK', + 201 => 'Created', + 202 => 'Accepted', + 203 => 'Non-Authoritative Information', + 204 => 'No Content', + 205 => 'Reset Content', + 206 => 'Partial Content', + + 300 => 'Multiple Choices', + 301 => 'Moved Permanently', + 302 => 'Found', + 304 => 'Not Modified', + 305 => 'Use Proxy', + 307 => 'Temporary Redirect', + + 400 => 'Bad Request', + 401 => 'Unauthorized', + 403 => 'Forbidden', + 404 => 'Not Found', + 405 => 'Method Not Allowed', + 406 => 'Not Acceptable', + 407 => 'Proxy Authentication Required', + 408 => 'Request Timeout', + 409 => 'Conflict', + 410 => 'Gone', + 411 => 'Length Required', + 412 => 'Precondition Failed', + 413 => 'Request Entity Too Large', + 414 => 'Request-URI Too Long', + 415 => 'Unsupported Media Type', + 416 => 'Requested Range Not Satisfiable', + 417 => 'Expectation Failed', + 422 => 'Unprocessable Entity', + + 500 => 'Internal Server Error', + 501 => 'Not Implemented', + 502 => 'Bad Gateway', + 503 => 'Service Unavailable', + 504 => 'Gateway Timeout', + 505 => 'HTTP Version Not Supported' + ); if ($code == '' OR ! is_numeric($code)) { @@ -441,12 +441,12 @@ if ( ! function_exists('set_status_header')) if ($text == '') { - show_error('No status text available. Please check your status code number or supply your own message text.', 500); + show_error('No status text available. Please check your status code number or supply your own message text.', 500); } $server_protocol = (isset($_SERVER['SERVER_PROTOCOL'])) ? $_SERVER['SERVER_PROTOCOL'] : FALSE; - if (substr(php_sapi_name(), 0, 3) == 'cgi') + if (strpos(php_sapi_name(), 'cgi') === 0) { header("Status: {$code} {$text}", TRUE); } @@ -527,16 +527,15 @@ if ( ! function_exists('remove_invisible_characters')) function remove_invisible_characters($str, $url_encoded = TRUE) { $non_displayables = array(); - - // every control character except newline (dec 10) - // carriage return (dec 13), and horizontal tab (dec 09) - + + // every control character except newline (dec 10), + // carriage return (dec 13) and horizontal tab (dec 09) if ($url_encoded) { $non_displayables[] = '/%0[0-8bcef]/'; // url encoded 00-08, 11, 12, 14, 15 $non_displayables[] = '/%1[0-9a-f]/'; // url encoded 16-31 } - + $non_displayables[] = '/[\x00-\x08\x0B\x0C\x0E-\x1F\x7F]+/S'; // 00-08, 11, 12, 14-31, 127 do @@ -574,4 +573,4 @@ if ( ! function_exists('html_escape')) } /* End of file Common.php */ -/* Location: ./system/core/Common.php */ \ No newline at end of file +/* Location: ./system/core/Common.php */ -- cgit v1.2.3-24-g4f1b From ccabcfd68919ecf146cd5f21079365afbffad000 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 7 Jan 2012 19:30:47 +0200 Subject: Improve the Config library --- system/core/Config.php | 114 +++++++++++++++++-------------------------------- 1 file changed, 40 insertions(+), 74 deletions(-) (limited to 'system/core') diff --git a/system/core/Config.php b/system/core/Config.php index 3e2635494..55da4e338 100755 --- a/system/core/Config.php +++ b/system/core/Config.php @@ -1,13 +1,13 @@ -config =& get_config(); log_message('debug', "Config Class Initialized"); @@ -81,10 +81,9 @@ class CI_Config { if (isset($_SERVER['HTTP_HOST'])) { $base_url = isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) !== 'off' ? 'https' : 'http'; - $base_url .= '://'. $_SERVER['HTTP_HOST']; - $base_url .= str_replace(basename($_SERVER['SCRIPT_NAME']), '', $_SERVER['SCRIPT_NAME']); + $base_url .= '://'. $_SERVER['HTTP_HOST'] + . str_replace(basename($_SERVER['SCRIPT_NAME']), '', $_SERVER['SCRIPT_NAME']); } - else { $base_url = 'http://localhost/'; @@ -99,27 +98,25 @@ class CI_Config { /** * Load Config File * - * @access public * @param string the config file name - * @param boolean if configuration values should be loaded into their own section - * @param boolean true if errors should just return false, false if an error message should be displayed + * @param boolean if configuration values should be loaded into their own section + * @param boolean true if errors should just return false, false if an error message should be displayed * @return boolean if the file was loaded correctly */ - function load($file = '', $use_sections = FALSE, $fail_gracefully = FALSE) + public function load($file = '', $use_sections = FALSE, $fail_gracefully = FALSE) { $file = ($file == '') ? 'config' : str_replace('.php', '', $file); - $found = FALSE; - $loaded = FALSE; + $found = $loaded = FALSE; foreach ($this->_config_paths as $path) { $check_locations = defined('ENVIRONMENT') - ? array(ENVIRONMENT.'/'.$file, $file) + ? array(ENVIRONMENT.DIRECTORY_SEPARATOR.$file, $file) : array($file); foreach ($check_locations as $location) { - $file_path = $path.'config/'.$location.'.php'; + $file_path = $path.'config'.DIRECTORY_SEPARATOR.$location.'.php'; if (in_array($file_path, $this->is_loaded, TRUE)) { @@ -192,39 +189,19 @@ class CI_Config { * Fetch a config file item * * - * @access public * @param string the config item name * @param string the index name * @param bool * @return string */ - function item($item, $index = '') + public function item($item, $index = '') { if ($index == '') { - if ( ! isset($this->config[$item])) - { - return FALSE; - } - - $pref = $this->config[$item]; - } - else - { - if ( ! isset($this->config[$index])) - { - return FALSE; - } - - if ( ! isset($this->config[$index][$item])) - { - return FALSE; - } - - $pref = $this->config[$index][$item]; + return isset($this->config[$item]) ? $this->config[$item] : FALSE; } - return $pref; + return isset($this->config[$index], $this->config[$index][$item]) ? $this->config[$index][$item] : FALSE; } // -------------------------------------------------------------------- @@ -232,18 +209,17 @@ class CI_Config { /** * Fetch a config file item - adds slash after item (if item is not empty) * - * @access public * @param string the config item name * @param bool * @return string */ - function slash_item($item) + public function slash_item($item) { if ( ! isset($this->config[$item])) { return FALSE; } - if( trim($this->config[$item]) == '') + elseif (trim($this->config[$item]) == '') { return ''; } @@ -257,11 +233,10 @@ class CI_Config { * Site URL * Returns base_url . index_page [. uri_string] * - * @access public * @param string the URI string * @return string */ - function site_url($uri = '') + public function site_url($uri = '') { if ($uri == '') { @@ -285,11 +260,10 @@ class CI_Config { * Base URL * Returns base_url [. uri_string] * - * @access public * @param string $uri * @return string */ - function base_url($uri = '') + public function base_url($uri = '') { return $this->slash_item('base_url').ltrim($this->_uri_string($uri),'/'); } @@ -299,8 +273,7 @@ class CI_Config { /** * Build URI string for use in Config::site_url() and Config::base_url() * - * @access protected - * @param $uri + * @param mixed $uri * @return string */ protected function _uri_string($uri) @@ -311,23 +284,21 @@ class CI_Config { { $uri = implode('/', $uri); } - $uri = trim($uri, '/'); + return trim($uri, '/'); } - else + elseif (is_array($uri)) { - if (is_array($uri)) + $i = 0; + $str = ''; + foreach ($uri as $key => $val) { - $i = 0; - $str = ''; - foreach ($uri as $key => $val) - { - $prefix = ($i == 0) ? '' : '&'; - $str .= $prefix.$key.'='.$val; - $i++; - } - $uri = $str; + $prefix = ($i === 0) ? '' : '&'; + $str .= $prefix.$key.'='.$val; + $i++; } + return $str; } + return $uri; } @@ -336,12 +307,11 @@ class CI_Config { /** * System URL * - * @access public * @return string */ - function system_url() + public function system_url() { - $x = explode("/", preg_replace("|/*(.+?)/*$|", "\\1", BASEPATH)); + $x = explode('/', preg_replace('|/*(.+?)/*$|', '\\1', BASEPATH)); return $this->slash_item('base_url').end($x).'/'; } @@ -350,12 +320,11 @@ class CI_Config { /** * Set a config file item * - * @access public * @param string the config item key * @param string the config item value * @return void */ - function set_item($item, $value) + public function set_item($item, $value) { $this->config[$item] = $value; } @@ -366,14 +335,13 @@ class CI_Config { * Assign to Config * * This function is called by the front controller (CodeIgniter.php) - * after the Config class is instantiated. It permits config items + * after the Config class is instantiated. It permits config items * to be assigned or overriden by variables contained in the index.php file * - * @access private * @param array * @return void */ - function _assign_to_config($items = array()) + public function _assign_to_config($items = array()) { if (is_array($items)) { @@ -385,7 +353,5 @@ class CI_Config { } } -// END CI_Config class - /* End of file Config.php */ /* Location: ./system/core/Config.php */ -- cgit v1.2.3-24-g4f1b From 7ac33d7a615f9b5e27fe92a0a91c4ebfb19faad3 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 7 Jan 2012 19:39:39 +0200 Subject: Improve core Controller & Exceptions libraries --- system/core/Controller.php | 16 +++------ system/core/Exceptions.php | 83 +++++++++++++++++++--------------------------- 2 files changed, 40 insertions(+), 59 deletions(-) (limited to 'system/core') diff --git a/system/core/Controller.php b/system/core/Controller.php index 55b3ec235..5ae0b0924 100644 --- a/system/core/Controller.php +++ b/system/core/Controller.php @@ -1,13 +1,13 @@ -load =& load_class('Loader', 'core'); - $this->load->initialize(); - log_message('debug', "Controller Class Initialized"); } @@ -70,7 +65,6 @@ class CI_Controller { return self::$instance; } } -// END Controller class /* End of file Controller.php */ -/* Location: ./system/core/Controller.php */ \ No newline at end of file +/* Location: ./system/core/Controller.php */ diff --git a/system/core/Exceptions.php b/system/core/Exceptions.php index 3737f2930..9b672ac54 100755 --- a/system/core/Exceptions.php +++ b/system/core/Exceptions.php @@ -1,13 +1,13 @@ - 'Error', - E_WARNING => 'Warning', - E_PARSE => 'Parsing Error', - E_NOTICE => 'Notice', - E_CORE_ERROR => 'Core Error', - E_CORE_WARNING => 'Core Warning', - E_COMPILE_ERROR => 'Compile Error', - E_COMPILE_WARNING => 'Compile Warning', - E_USER_ERROR => 'User Error', - E_USER_WARNING => 'User Warning', - E_USER_NOTICE => 'User Notice', - E_STRICT => 'Runtime Notice' - ); + public $levels = array( + E_ERROR => 'Error', + E_WARNING => 'Warning', + E_PARSE => 'Parsing Error', + E_NOTICE => 'Notice', + E_CORE_ERROR => 'Core Error', + E_CORE_WARNING => 'Core Warning', + E_COMPILE_ERROR => 'Compile Error', + E_COMPILE_WARNING => 'Compile Warning', + E_USER_ERROR => 'User Error', + E_USER_WARNING => 'User Warning', + E_USER_NOTICE => 'User Notice', + E_STRICT => 'Runtime Notice' + ); - - /** - * Constructor - */ public function __construct() { $this->ob_level = ob_get_level(); - // Note: Do not log messages from this constructor. + // Note: Do not log messages from this constructor. } // -------------------------------------------------------------------- @@ -89,17 +84,15 @@ class CI_Exceptions { * * This function logs PHP generated error messages * - * @access private * @param string the error severity * @param string the error string * @param string the error filepath * @param string the error line number - * @return string + * @return void */ - function log_exception($severity, $message, $filepath, $line) + public function log_exception($severity, $message, $filepath, $line) { $severity = ( ! isset($this->levels[$severity])) ? $severity : $this->levels[$severity]; - log_message('error', 'Severity: '.$severity.' --> '.$message. ' '.$filepath.' '.$line, TRUE); } @@ -108,15 +101,14 @@ class CI_Exceptions { /** * 404 Page Not Found Handler * - * @access private * @param string the page * @param bool log error yes/no * @return string */ - function show_404($page = '', $log_error = TRUE) + public function show_404($page = '', $log_error = TRUE) { - $heading = "404 Page Not Found"; - $message = "The page you requested was not found."; + $heading = '404 Page Not Found'; + $message = 'The page you requested was not found.'; // By default we log this, but allow a dev to skip it if ($log_error) @@ -137,14 +129,13 @@ class CI_Exceptions { * (either as a string or an array) and displays * it using the specified template. * - * @access private * @param string the heading * @param string the message * @param string the template name * @param int the status code * @return string */ - function show_error($heading, $message, $template = 'error_general', $status_code = 500) + public function show_error($heading, $message, $template = 'error_general', $status_code = 500) { set_status_header($status_code); @@ -155,7 +146,7 @@ class CI_Exceptions { ob_end_flush(); } ob_start(); - include(APPPATH.'errors/'.$template.'.php'); + include(APPPATH.'errors'.DIRECTORY_SEPARATOR.$template.'.php'); $buffer = ob_get_contents(); ob_end_clean(); return $buffer; @@ -166,7 +157,6 @@ class CI_Exceptions { /** * Native PHP error handler * - * @access private * @param string the error severity * @param string the error string * @param string the error filepath @@ -176,8 +166,7 @@ class CI_Exceptions { function show_php_error($severity, $message, $filepath, $line) { $severity = ( ! isset($this->levels[$severity])) ? $severity : $this->levels[$severity]; - - $filepath = str_replace("\\", "/", $filepath); + $filepath = str_replace('\\', '/', $filepath); // For safety reasons we do not show the full file path if (FALSE !== strpos($filepath, '/')) @@ -191,15 +180,13 @@ class CI_Exceptions { ob_end_flush(); } ob_start(); - include(APPPATH.'errors/error_php.php'); + include(APPPATH.'errors'.DIRECTORY_SEPARATOR.'error_php.php'); $buffer = ob_get_contents(); ob_end_clean(); echo $buffer; } - } -// END Exceptions Class /* End of file Exceptions.php */ -/* Location: ./system/core/Exceptions.php */ \ No newline at end of file +/* Location: ./system/core/Exceptions.php */ -- cgit v1.2.3-24-g4f1b From 64e98aab6ba2c692a881035245efb94a76deb428 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 7 Jan 2012 20:29:10 +0200 Subject: Improve code Input & Model libraries --- system/core/Input.php | 97 ++++++++++++++++++--------------------------------- system/core/Model.php | 19 ++++------ 2 files changed, 39 insertions(+), 77 deletions(-) (limited to 'system/core') diff --git a/system/core/Input.php b/system/core/Input.php index 7cfa4c63f..07bb30b15 100755 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -1,13 +1,13 @@ -_allow_get_array = (config_item('allow_get_array') === TRUE); - $this->_enable_xss = (config_item('global_xss_filtering') === TRUE); - $this->_enable_csrf = (config_item('csrf_protection') === TRUE); + $this->_enable_xss = (config_item('global_xss_filtering') === TRUE); + $this->_enable_csrf = (config_item('csrf_protection') === TRUE); global $SEC; $this->security =& $SEC; @@ -122,7 +122,6 @@ class CI_Input { * * This is a helper function to retrieve values from global arrays * - * @access protected * @param array * @param string * @param bool @@ -148,7 +147,6 @@ class CI_Input { /** * Fetch an item from the GET array * - * @access public * @param string * @param bool * @return string @@ -176,7 +174,6 @@ class CI_Input { /** * Fetch an item from the POST array * - * @access public * @param string * @param bool * @return string @@ -205,21 +202,15 @@ class CI_Input { /** * Fetch an item from either the GET array or the POST * - * @access public * @param string The index key * @param bool XSS cleaning * @return string */ public function get_post($index = '', $xss_clean = FALSE) { - if ( ! isset($_POST[$index]) ) - { - return $this->get($index, $xss_clean); - } - else - { - return $this->post($index, $xss_clean); - } + return ( ! isset($_POST[$index])) + ? $this->get($index, $xss_clean) + : $this->post($index, $xss_clean); } // -------------------------------------------------------------------- @@ -227,7 +218,6 @@ class CI_Input { /** * Fetch an item from the COOKIE array * - * @access public * @param string * @param bool * @return string @@ -245,7 +235,6 @@ class CI_Input { * Accepts six parameter, or you can submit an associative * array in the first parameter containing all the values. * - * @access public * @param mixed * @param string the value of the cookie * @param string the number of seconds until expiration @@ -303,7 +292,6 @@ class CI_Input { /** * Fetch an item from the SERVER array * - * @access public * @param string * @param bool * @return string @@ -318,7 +306,6 @@ class CI_Input { /** * Fetch the IP Address * - * @access public * @return string */ public function ip_address() @@ -335,7 +322,7 @@ class CI_Input { $this->ip_address = in_array($_SERVER['REMOTE_ADDR'], $proxies) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR']; } - elseif (! $this->server('HTTP_CLIENT_IP') AND $this->server('REMOTE_ADDR')) + elseif ( ! $this->server('HTTP_CLIENT_IP') AND $this->server('REMOTE_ADDR')) { $this->ip_address = $_SERVER['REMOTE_ADDR']; } @@ -354,8 +341,7 @@ class CI_Input { if ($this->ip_address === FALSE) { - $this->ip_address = '0.0.0.0'; - return $this->ip_address; + return $this->ip_address = '0.0.0.0'; } if (strpos($this->ip_address, ',') !== FALSE) @@ -366,7 +352,7 @@ class CI_Input { if ( ! $this->valid_ip($this->ip_address)) { - $this->ip_address = '0.0.0.0'; + return $this->ip_address = '0.0.0.0'; } return $this->ip_address; @@ -379,7 +365,6 @@ class CI_Input { * * Updated version suggested by Geert De Deckere * - * @access public * @param string * @return bool */ @@ -394,7 +379,7 @@ class CI_Input { $ip_segments = explode('.', $ip); // Always 4 segments needed - if (count($ip_segments) != 4) + if (count($ip_segments) !== 4) { return FALSE; } @@ -422,7 +407,6 @@ class CI_Input { /** * User Agent * - * @access public * @return string */ public function user_agent() @@ -432,9 +416,7 @@ class CI_Input { return $this->user_agent; } - $this->user_agent = ( ! isset($_SERVER['HTTP_USER_AGENT'])) ? FALSE : $_SERVER['HTTP_USER_AGENT']; - - return $this->user_agent; + return $this->user_agent = ( ! isset($_SERVER['HTTP_USER_AGENT'])) ? FALSE : $_SERVER['HTTP_USER_AGENT']; } // -------------------------------------------------------------------- @@ -444,22 +426,20 @@ class CI_Input { * * This function does the following: * - * Unsets $_GET data (if query strings are not enabled) - * - * Unsets all globals if register_globals is enabled + * - Unsets $_GET data (if query strings are not enabled) + * - Unsets all globals if register_globals is enabled + * - Standardizes newline characters to \n * - * Standardizes newline characters to \n - * - * @access private * @return void */ private function _sanitize_globals() { // It would be "wrong" to unset any of these GLOBALS. $protected = array('_SERVER', '_GET', '_POST', '_FILES', '_REQUEST', - '_SESSION', '_ENV', 'GLOBALS', 'HTTP_RAW_POST_DATA', - 'system_folder', 'application_folder', 'BM', 'EXT', - 'CFG', 'URI', 'RTR', 'OUT', 'IN'); + '_SESSION', '_ENV', 'GLOBALS', 'HTTP_RAW_POST_DATA', + 'system_folder', 'application_folder', 'BM', 'EXT', + 'CFG', 'URI', 'RTR', 'OUT', 'IN' + ); // Unset globals for securiy. // This is effectively the same as register_globals = off @@ -532,7 +512,6 @@ class CI_Input { // Sanitize PHP_SELF $_SERVER['PHP_SELF'] = strip_tags($_SERVER['PHP_SELF']); - // CSRF Protection check if ($this->_enable_csrf == TRUE) { @@ -550,7 +529,6 @@ class CI_Input { * This is a helper function. It escapes data and * standardizes newline characters to \n * - * @access private * @param string * @return string */ @@ -592,12 +570,9 @@ class CI_Input { } // Standardize newlines if needed - if ($this->_standardize_newlines == TRUE) + if ($this->_standardize_newlines == TRUE AND strpos($str, "\r") !== FALSE) { - if (strpos($str, "\r") !== FALSE) - { - $str = str_replace(array("\r\n", "\r", "\r\n\n"), PHP_EOL, $str); - } + return str_replace(array("\r\n", "\r", "\r\n\n"), PHP_EOL, $str); } return $str; @@ -612,13 +587,12 @@ class CI_Input { * from trying to exploit keys we make sure that keys are * only named with alpha-numeric text and a few other items. * - * @access private * @param string * @return string */ private function _clean_input_keys($str) { - if ( ! preg_match("/^[a-z0-9:_\/-]+$/i", $str)) + if ( ! preg_match('/^[a-z0-9:_\/-]+$/i', $str)) { exit('Disallowed Key Characters.'); } @@ -626,7 +600,7 @@ class CI_Input { // Clean UTF-8 if supported if (UTF8_ENABLED === TRUE) { - $str = $this->uni->clean_string($str); + return $this->uni->clean_string($str); } return $str; @@ -640,10 +614,8 @@ class CI_Input { * In Apache, you can simply call apache_request_headers(), however for * people running other webservers the function is undefined. * - * @access public * @param bool XSS cleaning - * - * @return array + * @return array */ public function request_headers($xss_clean = FALSE) { @@ -658,7 +630,7 @@ class CI_Input { foreach ($_SERVER as $key => $val) { - if (strncmp($key, 'HTTP_', 5) === 0) + if (strpos($key, 'HTTP_') === 0) { $headers[substr($key, 5)] = $this->_fetch_from_array($_SERVER, $key, $xss_clean); } @@ -684,7 +656,6 @@ class CI_Input { * * Returns the value of a single member of the headers class member * - * @access public * @param string array key for $this->headers * @param boolean XSS Clean or not * @return mixed FALSE on failure, string on success @@ -716,7 +687,6 @@ class CI_Input { * * Test to see if a request contains the HTTP_X_REQUESTED_WITH header * - * @access public * @return boolean */ public function is_ajax_request() @@ -731,12 +701,11 @@ class CI_Input { * * Test to see if a request was made from the command line * - * @access public * @return boolean */ public function is_cli_request() { - return (php_sapi_name() == 'cli') or defined('STDIN'); + return (php_sapi_name() === 'cli') or defined('STDIN'); } } diff --git a/system/core/Model.php b/system/core/Model.php index fc640139a..cd64468b8 100755 --- a/system/core/Model.php +++ b/system/core/Model.php @@ -1,13 +1,13 @@ -$key; } } -// END Model Class /* End of file Model.php */ -/* Location: ./system/core/Model.php */ \ No newline at end of file +/* Location: ./system/core/Model.php */ -- cgit v1.2.3-24-g4f1b From 1f5fbb6cb35f5d234f9f2c95f730b13a9015f3c2 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 7 Jan 2012 20:53:29 +0200 Subject: Improve the core Output library --- system/core/Output.php | 150 +++++++++++++++---------------------------------- 1 file changed, 46 insertions(+), 104 deletions(-) (limited to 'system/core') diff --git a/system/core/Output.php b/system/core/Output.php index e529f914d..272545046 100755 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -1,13 +1,13 @@ -_zlib_oc = @ini_get('zlib.output_compression'); @@ -117,8 +105,7 @@ class CI_Output { $this->mime_types = $mimes; - - log_message('debug', "Output Class Initialized"); + log_message('debug', 'Output Class Initialized'); } // -------------------------------------------------------------------- @@ -128,10 +115,9 @@ class CI_Output { * * Returns the current output string * - * @access public * @return string */ - function get_output() + public function get_output() { return $this->final_output; } @@ -147,10 +133,9 @@ class CI_Output { * @param string * @return void */ - function set_output($output) + public function set_output($output) { $this->final_output = $output; - return $this; } @@ -161,11 +146,10 @@ class CI_Output { * * Appends data onto the output string * - * @access public * @param string * @return void */ - function append_output($output) + public function append_output($output) { if ($this->final_output == '') { @@ -189,25 +173,22 @@ class CI_Output { * Note: If a file is cached, headers will not be sent. We need to figure out * how to permit header data to be saved with the cache data... * - * @access public * @param string * @param bool * @return void */ - function set_header($header, $replace = TRUE) + public function set_header($header, $replace = TRUE) { // If zlib.output_compression is enabled it will compress the output, // but it will not modify the content-length header to compensate for // the reduction, causing the browser to hang waiting for more data. // We'll just skip content-length in those cases. - if ($this->_zlib_oc && strncasecmp($header, 'content-length', 14) == 0) { return; } $this->headers[] = array($header, $replace); - return $this; } @@ -216,11 +197,10 @@ class CI_Output { /** * Set Content Type Header * - * @access public * @param string extension of the file we're outputting * @return void */ - function set_content_type($mime_type) + public function set_content_type($mime_type) { if (strpos($mime_type, '/') === FALSE) { @@ -241,7 +221,6 @@ class CI_Output { $header = 'Content-Type: '.$mime_type; $this->headers[] = array($header, TRUE); - return $this; } @@ -251,15 +230,13 @@ class CI_Output { * Set HTTP Status Header * moved to Common procedural functions in 1.7.2 * - * @access public * @param int the status code * @param string * @return void */ - function set_status_header($code = 200, $text = '') + public function set_status_header($code = 200, $text = '') { set_status_header($code, $text); - return $this; } @@ -268,14 +245,12 @@ class CI_Output { /** * Enable/disable Profiler * - * @access public * @param bool * @return void */ - function enable_profiler($val = TRUE) + public function enable_profiler($val = TRUE) { $this->enable_profiler = (is_bool($val)) ? $val : TRUE; - return $this; } @@ -286,11 +261,10 @@ class CI_Output { * * Allows override of default / config settings for Profiler section display * - * @access public * @param array * @return void */ - function set_profiler_sections($sections) + public function set_profiler_sections($sections) { foreach ($sections as $section => $enable) { @@ -305,14 +279,12 @@ class CI_Output { /** * Set Cache * - * @access public * @param integer * @return void */ - function cache($time) + publi function cache($time) { $this->cache_expiration = ( ! is_numeric($time)) ? 0 : $time; - return $this; } @@ -329,11 +301,10 @@ class CI_Output { * with any server headers and profile data. It also stops the * benchmark timer so the page rendering speed and memory usage can be shown. * - * @access public * @param string * @return mixed */ - function _display($output = '') + public function _display($output = '') { // Note: We use globals because we can't use $CI =& get_instance() // since this function is sometimes called by the caching mechanism, @@ -375,22 +346,17 @@ class CI_Output { { $memory = ( ! function_exists('memory_get_usage')) ? '0' : round(memory_get_usage()/1024/1024, 2).'MB'; - $output = str_replace('{elapsed_time}', $elapsed, $output); - $output = str_replace('{memory_usage}', $memory, $output); + $output = str_replace(array('{elapsed_time}', '{memory_usage}'), array($elapsed, $memory), $output); } // -------------------------------------------------------------------- // Is compression requested? - if ($CFG->item('compress_output') === TRUE && $this->_zlib_oc == FALSE) + if ($CFG->item('compress_output') === TRUE && $this->_zlib_oc == FALSE + && extension_loaded('zlib') + && isset($_SERVER['HTTP_ACCEPT_ENCODING']) && strpos($_SERVER['HTTP_ACCEPT_ENCODING'], 'gzip') !== FALSE) { - if (extension_loaded('zlib')) - { - if (isset($_SERVER['HTTP_ACCEPT_ENCODING']) AND strpos($_SERVER['HTTP_ACCEPT_ENCODING'], 'gzip') !== FALSE) - { - ob_start('ob_gzhandler'); - } - } + ob_start('ob_gzhandler'); } // -------------------------------------------------------------------- @@ -412,8 +378,8 @@ class CI_Output { if ( ! isset($CI)) { echo $output; - log_message('debug', "Final output sent to browser"); - log_message('debug', "Total execution time: ".$elapsed); + log_message('debug', 'Final output sent to browser'); + log_message('debug', 'Total execution time: '.$elapsed); return TRUE; } @@ -424,7 +390,6 @@ class CI_Output { if ($this->enable_profiler == TRUE) { $CI->load->library('profiler'); - if ( ! empty($this->_profiler_sections)) { $CI->profiler->set_sections($this->_profiler_sections); @@ -432,16 +397,11 @@ class CI_Output { // If the output data contains closing and tags // we will remove them and add them back after we insert the profile data - if (preg_match("|.*?|is", $output)) + $output = preg_replace('|.*?|is', '', $output, $count).$CI->profiler->run(); + if ($count > 0) { - $output = preg_replace("|.*?|is", '', $output); - $output .= $CI->profiler->run(); $output .= ''; } - else - { - $output .= $CI->profiler->run(); - } } // -------------------------------------------------------------------- @@ -457,8 +417,8 @@ class CI_Output { echo $output; // Send it to the browser! } - log_message('debug', "Final output sent to browser"); - log_message('debug', "Total execution time: ".$elapsed); + log_message('debug', 'Final output sent to browser'); + log_message('debug', 'Total execution time: '.$elapsed); } // -------------------------------------------------------------------- @@ -466,20 +426,18 @@ class CI_Output { /** * Write a Cache File * - * @access public * @param string * @return void */ - function _write_cache($output) + public function _write_cache($output) { $CI =& get_instance(); $path = $CI->config->item('cache_path'); - $cache_path = ($path == '') ? APPPATH.'cache/' : $path; if ( ! is_dir($cache_path) OR ! is_really_writable($cache_path)) { - log_message('error', "Unable to write cache file: ".$cache_path); + log_message('error', 'Unable to write cache file: '.$cache_path); return; } @@ -491,7 +449,7 @@ class CI_Output { if ( ! $fp = @fopen($cache_path, FOPEN_WRITE_CREATE_DESTRUCTIVE)) { - log_message('error', "Unable to write cache file: ".$cache_path); + log_message('error', 'Unable to write cache file: '.$cache_path); return; } @@ -504,13 +462,13 @@ class CI_Output { } else { - log_message('error', "Unable to secure a file lock for file at: ".$cache_path); + log_message('error', 'Unable to secure a file lock for file at: '.$cache_path); return; } fclose($fp); @chmod($cache_path, FILE_WRITE_MODE); - log_message('debug', "Cache file written: ".$cache_path); + log_message('debug', 'Cache file written: '.$cache_path); } // -------------------------------------------------------------------- @@ -518,69 +476,53 @@ class CI_Output { /** * Update/serve a cached file * - * @access public * @param object config class * @param object uri class * @return void */ - function _display_cache(&$CFG, &$URI) + public function _display_cache(&$CFG, &$URI) { $cache_path = ($CFG->item('cache_path') == '') ? APPPATH.'cache/' : $CFG->item('cache_path'); - // Build the file path. The file name is an MD5 hash of the full URI - $uri = $CFG->item('base_url'). - $CFG->item('index_page'). - $URI->uri_string; - + // Build the file path. The file name is an MD5 hash of the full URI + $uri = $CFG->item('base_url').$CFG->item('index_page').$URI->uri_string; $filepath = $cache_path.md5($uri); - if ( ! @file_exists($filepath)) - { - return FALSE; - } - - if ( ! $fp = @fopen($filepath, FOPEN_READ)) + if ( ! @file_exists($filepath) + OR ! $fp = @fopen($filepath, FOPEN_READ)) { return FALSE; } flock($fp, LOCK_SH); - $cache = ''; - if (filesize($filepath) > 0) - { - $cache = fread($fp, filesize($filepath)); - } + $cache = (filesize($filepath) > 0) ? fread($fp, filesize($filepath)) : ''; flock($fp, LOCK_UN); fclose($fp); // Strip out the embedded timestamp - if ( ! preg_match("/(\d+TS--->)/", $cache, $match)) + if ( ! preg_match('/(\d+TS--->)/', $cache, $match)) { return FALSE; } // Has the file expired? If so we'll delete it. - if (time() >= trim(str_replace('TS--->', '', $match['1']))) + if (time() >= trim(str_replace('TS--->', '', $match[1])) + AND is_really_writable($cache_path)) { - if (is_really_writable($cache_path)) - { - @unlink($filepath); - log_message('debug', "Cache file has expired. File deleted"); - return FALSE; - } + @unlink($filepath); + log_message('debug', 'Cache file has expired. File deleted.'); + return FALSE; } // Display the cache - $this->_display(str_replace($match['0'], '', $cache)); - log_message('debug', "Cache file is current. Sending it to browser."); + $this->_display(str_replace($match[0], '', $cache)); + log_message('debug', 'Cache file is current. Sending it to browser.'); return TRUE; } - } -// END Output Class /* End of file Output.php */ -/* Location: ./system/core/Output.php */ \ No newline at end of file +/* Location: ./system/core/Output.php */ -- cgit v1.2.3-24-g4f1b From ba6c04113313d49618b00c434fd5eedc6ab8a653 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 7 Jan 2012 21:10:09 +0200 Subject: Improve the core Router library --- system/core/Router.php | 107 +++++++++++++++++-------------------------------- 1 file changed, 37 insertions(+), 70 deletions(-) (limited to 'system/core') diff --git a/system/core/Router.php b/system/core/Router.php index 8cad86888..d21319565 100755 --- a/system/core/Router.php +++ b/system/core/Router.php @@ -1,13 +1,13 @@ -config =& load_class('Config', 'core'); $this->uri =& load_class('URI', 'core'); - log_message('debug', "Router Class Initialized"); + log_message('debug', 'Router Class Initialized'); } // -------------------------------------------------------------------- @@ -110,12 +103,11 @@ class CI_Router { * This function determines what should be served based on the URI request, * as well as any "routes" that have been set in the routing config file. * - * @access private * @return void */ - function _set_routing() + public function _set_routing() { - // Are query strings enabled in the config file? Normally CI doesn't utilize query strings + // Are query strings enabled in the config file? Normally CI doesn't utilize query strings // since URI segments are more search-engine friendly, but they can optionally be used. // If this feature is enabled, we will gather the directory/class/method a little differently $segments = array(); @@ -157,7 +149,7 @@ class CI_Router { // the URI doesn't correlated to a valid controller. $this->default_controller = ( ! isset($this->routes['default_controller']) OR $this->routes['default_controller'] == '') ? FALSE : strtolower($this->routes['default_controller']); - // Were there any query string segments? If so, we'll validate them and bail out since we're done. + // Were there any query string segments? If so, we'll validate them and bail out since we're done. if (count($segments) > 0) { return $this->_validate_request($segments); @@ -172,17 +164,10 @@ class CI_Router { return $this->_set_default_controller(); } - // Do we need to remove the URL suffix? - $this->uri->_remove_url_suffix(); - - // Compile the segments into an array - $this->uri->_explode_segments(); - - // Parse any custom routing that may exist - $this->_parse_routes(); - - // Re-index the segment array so that it starts with 1 rather than 0 - $this->uri->_reindex_segments(); + $this->uri->_remove_url_suffix(); // Remove the URL suffix + $this->uri->_explode_segments(); // Compile the segments into an array + $this->_parse_routes(); // Parse any custom routing that may exist + $this->uri->_reindex_segments(); // Re-index the segment array so that it starts with 1 rather than 0 } // -------------------------------------------------------------------- @@ -190,20 +175,18 @@ class CI_Router { /** * Set the default controller * - * @access private * @return void */ - function _set_default_controller() + protected function _set_default_controller() { if ($this->default_controller === FALSE) { - show_error("Unable to determine what should be displayed. A default route has not been specified in the routing file."); + show_error('Unable to determine what should be displayed. A default route has not been specified in the routing file.'); } // Is the method being specified? if (strpos($this->default_controller, '/') !== FALSE) { $x = explode('/', $this->default_controller); - $this->set_class($x[0]); $this->set_method($x[1]); $this->_set_request($x); @@ -218,7 +201,7 @@ class CI_Router { // re-index the routed segments array so it starts with 1 rather than 0 $this->uri->_reindex_segments(); - log_message('debug', "No URI present. Default controller set."); + log_message('debug', 'No URI present. Default controller set.'); } // -------------------------------------------------------------------- @@ -229,16 +212,15 @@ class CI_Router { * This function takes an array of URI segments as * input, and sets the current class/method * - * @access private * @param array * @param bool * @return void */ - function _set_request($segments = array()) + protected function _set_request($segments = array()) { $segments = $this->_validate_request($segments); - if (count($segments) == 0) + if (count($segments) === 0) { return $this->_set_default_controller(); } @@ -269,13 +251,12 @@ class CI_Router { * Validates the supplied segments. Attempts to determine the path to * the controller. * - * @access private * @param array * @return array */ - function _validate_request($segments) + protected function _validate_request($segments) { - if (count($segments) == 0) + if (count($segments) === 0) { return $segments; } @@ -301,7 +282,6 @@ class CI_Router { if ( ! empty($this->routes['404_override'])) { $x = explode('/', $this->routes['404_override']); - $this->set_directory(''); $this->set_class($x[0]); $this->set_method(isset($x[1]) ? $x[1] : 'index'); @@ -320,7 +300,6 @@ class CI_Router { if (strpos($this->default_controller, '/') !== FALSE) { $x = explode('/', $this->default_controller); - $this->set_class($x[0]); $this->set_method($x[1]); } @@ -344,18 +323,16 @@ class CI_Router { // If we've gotten this far it means that the URI does not correlate to a valid - // controller class. We will now see if there is an override + // controller class. We will now see if there is an override if ( ! empty($this->routes['404_override'])) { $x = explode('/', $this->routes['404_override']); - $this->set_class($x[0]); $this->set_method(isset($x[1]) ? $x[1] : 'index'); return $x; } - // Nothing else to do at this point but show a 404 show_404($segments[0]); } @@ -369,10 +346,9 @@ class CI_Router { * the config/routes.php file against the URI to * determine if the class/method need to be remapped. * - * @access private * @return void */ - function _parse_routes() + protected function _parse_routes() { // Turn the segment array into a URI string $uri = implode('/', $this->uri->segments); @@ -387,7 +363,7 @@ class CI_Router { foreach ($this->routes as $key => $val) { // Convert wild-cards to RegEx - $key = str_replace(':any', '.+', str_replace(':num', '[0-9]+', $key)); + $key = str_replace(array(':any', ':num'), array('.+', '[0-9]+'), $key); // Does the RegEx match? if (preg_match('#^'.$key.'$#', $uri)) @@ -412,11 +388,10 @@ class CI_Router { /** * Set the class name * - * @access public * @param string * @return void */ - function set_class($class) + public function set_class($class) { $this->class = str_replace(array('/', '.'), '', $class); } @@ -426,10 +401,9 @@ class CI_Router { /** * Fetch the current class * - * @access public * @return string */ - function fetch_class() + public function fetch_class() { return $this->class; } @@ -439,11 +413,10 @@ class CI_Router { /** * Set the method name * - * @access public * @param string * @return void */ - function set_method($method) + public function set_method($method) { $this->method = $method; } @@ -453,10 +426,9 @@ class CI_Router { /** * Fetch the current method * - * @access public * @return string */ - function fetch_method() + public function fetch_method() { if ($this->method == $this->fetch_class()) { @@ -471,11 +443,10 @@ class CI_Router { /** * Set the directory name * - * @access public * @param string * @return void */ - function set_directory($dir) + public function set_directory($dir) { $this->directory = str_replace(array('/', '.'), '', $dir).'/'; } @@ -485,10 +456,9 @@ class CI_Router { /** * Fetch the sub-directory (if any) that contains the requested controller class * - * @access public * @return string */ - function fetch_directory() + public function fetch_directory() { return $this->directory; } @@ -498,11 +468,10 @@ class CI_Router { /** * Set the controller overrides * - * @access public * @param array * @return null */ - function _set_overrides($routing) + public function _set_overrides($routing) { if ( ! is_array($routing)) { @@ -526,9 +495,7 @@ class CI_Router { } } - } -// END Router Class /* End of file Router.php */ -/* Location: ./system/core/Router.php */ \ No newline at end of file +/* Location: ./system/core/Router.php */ -- cgit v1.2.3-24-g4f1b From fdc63828a876e87742380a4ae077e43f514320b8 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 7 Jan 2012 21:17:46 +0200 Subject: Revert DIRECTORY_SEPARATOR changes --- system/core/Controller.php | 2 +- system/core/Exceptions.php | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) (limited to 'system/core') diff --git a/system/core/Controller.php b/system/core/Controller.php index 5ae0b0924..0dc131701 100644 --- a/system/core/Controller.php +++ b/system/core/Controller.php @@ -57,7 +57,7 @@ class CI_Controller { $this->load =& load_class('Loader', 'core'); $this->load->initialize(); - log_message('debug', "Controller Class Initialized"); + log_message('debug', 'Controller Class Initialized'); } public static function &get_instance() diff --git a/system/core/Exceptions.php b/system/core/Exceptions.php index 9b672ac54..bf9901252 100755 --- a/system/core/Exceptions.php +++ b/system/core/Exceptions.php @@ -146,7 +146,7 @@ class CI_Exceptions { ob_end_flush(); } ob_start(); - include(APPPATH.'errors'.DIRECTORY_SEPARATOR.$template.'.php'); + include(APPPATH.'errors/'.$template.'.php'); $buffer = ob_get_contents(); ob_end_clean(); return $buffer; @@ -180,7 +180,7 @@ class CI_Exceptions { ob_end_flush(); } ob_start(); - include(APPPATH.'errors'.DIRECTORY_SEPARATOR.'error_php.php'); + include(APPPATH.'errors/'.'error_php.php'); $buffer = ob_get_contents(); ob_end_clean(); echo $buffer; -- cgit v1.2.3-24-g4f1b From d52b242545376db2eb8146f16125819a391db763 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 7 Jan 2012 21:28:32 +0200 Subject: Reverted DIRECTORY_SEPARATOR changes --- system/core/Config.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'system/core') diff --git a/system/core/Config.php b/system/core/Config.php index 55da4e338..66369115a 100755 --- a/system/core/Config.php +++ b/system/core/Config.php @@ -73,7 +73,7 @@ class CI_Config { public function __construct() { $this->config =& get_config(); - log_message('debug', "Config Class Initialized"); + log_message('debug', 'Config Class Initialized'); // Set the base_url automatically if none was provided if ($this->config['base_url'] == '') @@ -111,12 +111,12 @@ class CI_Config { foreach ($this->_config_paths as $path) { $check_locations = defined('ENVIRONMENT') - ? array(ENVIRONMENT.DIRECTORY_SEPARATOR.$file, $file) + ? array(ENVIRONMENT.'/'.$file, $file) : array($file); foreach ($check_locations as $location) { - $file_path = $path.'config'.DIRECTORY_SEPARATOR.$location.'.php'; + $file_path = $path.'config/'.$location.'.php'; if (in_array($file_path, $this->is_loaded, TRUE)) { -- cgit v1.2.3-24-g4f1b From 536b771cfe2f459890c2c0865fd08411df352318 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 7 Jan 2012 21:31:25 +0200 Subject: Reverted DIRECTORY_SEPARATOR changes --- system/core/Common.php | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) (limited to 'system/core') diff --git a/system/core/Common.php b/system/core/Common.php index abbe789e2..6ef229629 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -94,7 +94,7 @@ if ( ! function_exists('is_really_writable')) */ if (is_dir($file)) { - $file = rtrim($file, '/\\').DIRECTORY_SEPARATOR.md5(mt_rand(1,100).mt_rand(1,100)); + $file = rtrim($file, '/').'/'.md5(mt_rand(1,100).mt_rand(1,100)); if (($fp = @fopen($file, FOPEN_WRITE_CREATE)) === FALSE) { return FALSE; @@ -148,13 +148,13 @@ if ( ! function_exists('load_class')) // then in the native system/libraries folder foreach (array(APPPATH, BASEPATH) as $path) { - if (file_exists($path.$directory.DIRECTORY_SEPARATOR.$class.'.php')) + if (file_exists($path.$directory.'/'.$class.'.php')) { $name = $prefix.$class; if (class_exists($name) === FALSE) { - require($path.$directory.DIRECTORY_SEPARATOR.$class.'.php'); + require($path.$directory.'/'.$class.'.php'); } break; @@ -162,13 +162,13 @@ if ( ! function_exists('load_class')) } // Is the request a class extension? If so we load it too - if (file_exists(APPPATH.$directory.DIRECTORY_SEPARATOR.config_item('subclass_prefix').$class.'.php')) + if (file_exists(APPPATH.$directory.'/'.config_item('subclass_prefix').$class.'.php')) { $name = config_item('subclass_prefix').$class; if (class_exists($name) === FALSE) { - require(APPPATH.$directory.DIRECTORY_SEPARATOR.config_item('subclass_prefix').$class.'.php'); + require(APPPATH.$directory.'/'.config_item('subclass_prefix').$class.'.php'); } } @@ -235,9 +235,9 @@ if ( ! function_exists('get_config')) } // Is the config file in the environment folder? - if ( ! defined('ENVIRONMENT') OR ! file_exists($file_path = APPPATH.'config'.DIRECTORY_SEPARATOR.ENVIRONMENT.DIRECTORY_SEPARATOR.'config.php')) + if ( ! defined('ENVIRONMENT') OR ! file_exists($file_path = APPPATH.'config/'.ENVIRONMENT..'/config.php')) { - $file_path = APPPATH.'config'.DIRECTORY_SEPARATOR.'config.php'; + $file_path = APPPATH.'config/config.php'; } // Fetch the config file -- cgit v1.2.3-24-g4f1b From 88d03c48d5a11f3419feb2409a76bf0591575fd2 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 7 Jan 2012 21:59:00 +0200 Subject: Switch quotes --- system/core/Model.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Model.php b/system/core/Model.php index cd64468b8..a595a6ae2 100755 --- a/system/core/Model.php +++ b/system/core/Model.php @@ -40,7 +40,7 @@ class CI_Model { public function __construct() { - log_message('debug', "Model Class Initialized"); + log_message('debug', 'Model Class Initialized'); } /** -- cgit v1.2.3-24-g4f1b From f9938a2cf9af2341b1f44e6c465852405fc15897 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 7 Jan 2012 22:10:47 +0200 Subject: Improve core Hooks & Lang libraries --- system/core/Hooks.php | 41 ++++++++++++++--------------------------- system/core/Lang.php | 26 +++++++++----------------- 2 files changed, 23 insertions(+), 44 deletions(-) (limited to 'system/core') diff --git a/system/core/Hooks.php b/system/core/Hooks.php index 174adcb19..e1ac58e6e 100755 --- a/system/core/Hooks.php +++ b/system/core/Hooks.php @@ -1,13 +1,13 @@ -_initialize(); - log_message('debug', "Hooks Class Initialized"); + log_message('debug', 'Hooks Class Initialized'); } // -------------------------------------------------------------------- @@ -74,24 +70,20 @@ class CI_Hooks { /** * Initialize the Hooks Preferences * - * @access private * @return void */ - function _initialize() + private function _initialize() { $CFG =& load_class('Config', 'core'); // If hooks are not enabled in the config file // there is nothing else to do - if ($CFG->item('enable_hooks') == FALSE) { return; } // Grab the "hooks" definition file. - // If there are no hooks, we're done. - if (defined('ENVIRONMENT') AND is_file(APPPATH.'config/'.ENVIRONMENT.'/hooks.php')) { include(APPPATH.'config/'.ENVIRONMENT.'/hooks.php'); @@ -101,7 +93,7 @@ class CI_Hooks { include(APPPATH.'config/hooks.php'); } - + // If there are no hooks, we're done. if ( ! isset($hook) OR ! is_array($hook)) { return; @@ -116,13 +108,12 @@ class CI_Hooks { /** * Call Hook * - * Calls a particular hook + * Calls a particular hook. Called by CodeIgniter.php. * - * @access private * @param string the hook name * @return mixed */ - function _call_hook($which = '') + public function _call_hook($which = '') { if ( ! $this->enabled OR ! isset($this->hooks[$which])) { @@ -151,11 +142,10 @@ class CI_Hooks { * * Runs a particular hook * - * @access private * @param array the hook details * @return bool */ - function _run_hook($data) + protected function _run_hook($data) { if ( ! is_array($data)) { @@ -168,7 +158,6 @@ class CI_Hooks { // If the script being called happens to have the same // hook call within it a loop can happen - if ($this->in_progress == TRUE) { return; @@ -254,7 +243,5 @@ class CI_Hooks { } -// END CI_Hooks class - /* End of file Hooks.php */ -/* Location: ./system/core/Hooks.php */ \ No newline at end of file +/* Location: ./system/core/Hooks.php */ diff --git a/system/core/Lang.php b/system/core/Lang.php index 5eb2801f6..088cb6c9c 100755 --- a/system/core/Lang.php +++ b/system/core/Lang.php @@ -1,13 +1,13 @@ -language[$line])) ? FALSE : $this->language[$line]; @@ -166,7 +159,6 @@ class CI_Lang { } } -// END Language Class /* End of file Lang.php */ /* Location: ./system/core/Lang.php */ -- cgit v1.2.3-24-g4f1b From d72973519623f40f121e9cd2df93146ee2543a1f Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 7 Jan 2012 22:53:14 +0200 Subject: Improve the core Loader library --- system/core/Loader.php | 90 +++++++++++++++++++++----------------------------- 1 file changed, 37 insertions(+), 53 deletions(-) (limited to 'system/core') diff --git a/system/core/Loader.php b/system/core/Loader.php index c4a6b501c..689ae1ecd 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -1,13 +1,13 @@ - 'unit', - 'user_agent' => 'agent'); + protected $_ci_varmap = array( + 'unit_test' => 'unit', + 'user_agent' => 'agent' + ); /** * Constructor @@ -141,7 +130,7 @@ class CI_Loader { $this->_ci_model_paths = array(APPPATH); $this->_ci_view_paths = array(VIEWPATH => TRUE); - log_message('debug', "Loader Class Initialized"); + log_message('debug', 'Loader Class Initialized'); } // -------------------------------------------------------------------- @@ -162,7 +151,6 @@ class CI_Loader { $this->_base_classes =& is_loaded(); $this->_ci_autoloader(); - return $this; } @@ -311,9 +299,7 @@ class CI_Loader { require_once($mod_path.'models/'.$path.$model.'.php'); $model = ucfirst($model); - $CI->$name = new $model(); - $this->_ci_models[] = $name; return; } @@ -350,7 +336,7 @@ class CI_Loader { return DB($params, $active_record); } - // Initialize the db variable. Needed to prevent + // Initialize the db variable. Needed to prevent // reference errors with some configurations $CI->db = ''; @@ -716,11 +702,11 @@ class CI_Loader { if ($path == '') { - $void = array_shift($this->_ci_library_paths); - $void = array_shift($this->_ci_model_paths); - $void = array_shift($this->_ci_helper_paths); - $void = array_shift($this->_ci_view_paths); - $void = array_shift($config->_config_paths); + array_shift($this->_ci_library_paths); + array_shift($this->_ci_model_paths); + array_shift($this->_ci_helper_paths); + array_shift($this->_ci_view_paths); + array_shift($config->_config_paths); } else { @@ -808,7 +794,6 @@ class CI_Loader { // This allows anything loaded using $this->load (views, files, etc.) // to become accessible from within the Controller and Model functions. - $_ci_CI =& get_instance(); foreach (get_object_vars($_ci_CI) as $_ci_key => $_ci_var) { @@ -837,12 +822,11 @@ class CI_Loader { * * We buffer the output for two reasons: * 1. Speed. You get a significant speed boost. - * 2. So that the final rendered template can be - * post-processed by the output class. Why do we - * need post processing? For one thing, in order to - * show the elapsed page load time. Unless we - * can intercept the content right before it's sent to - * the browser and then stop the timer it won't be accurate. + * 2. So that the final rendered template can be post-processed by + * the output class. Why do we need post processing? For one thing, + * in order to show the elapsed page load time. Unless we can + * intercept the content right before it's sent to the browser and + * then stop the timer it won't be accurate. */ ob_start(); @@ -915,10 +899,10 @@ class CI_Loader { if (($last_slash = strrpos($class, '/')) !== FALSE) { // Extract the path - $subdir = substr($class, 0, $last_slash + 1); + $subdir = substr($class, 0, ++$last_slash); // Get the filename from the path - $class = substr($class, $last_slash + 1); + $class = substr($class, $last_slash); } // We'll test for both lowercase and capitalized versions of the file name @@ -933,15 +917,15 @@ class CI_Loader { if ( ! file_exists($baseclass)) { - log_message('error', "Unable to load the requested class: ".$class); - show_error("Unable to load the requested class: ".$class); + log_message('error', 'Unable to load the requested class: '.$class); + show_error('Unable to load the requested class: '.$class); } - // Safety: Was the class already loaded by a previous call? + // Safety: Was the class already loaded by a previous call? if (in_array($subclass, $this->_ci_loaded_files)) { // Before we deem this to be a duplicate request, let's see - // if a custom object name is being supplied. If so, we'll + // if a custom object name is being supplied. If so, we'll // return a new instance of the object if ( ! is_null($object_name)) { @@ -953,7 +937,7 @@ class CI_Loader { } $is_duplicate = TRUE; - log_message('debug', $class." class already loaded. Second attempt ignored."); + log_message('debug', $class.' class already loaded. Second attempt ignored.'); return; } @@ -970,17 +954,17 @@ class CI_Loader { { $filepath = $path.'libraries/'.$subdir.$class.'.php'; - // Does the file exist? No? Bummer... + // Does the file exist? No? Bummer... if ( ! file_exists($filepath)) { continue; } - // Safety: Was the class already loaded by a previous call? + // Safety: Was the class already loaded by a previous call? if (in_array($filepath, $this->_ci_loaded_files)) { // Before we deem this to be a duplicate request, let's see - // if a custom object name is being supplied. If so, we'll + // if a custom object name is being supplied. If so, we'll // return a new instance of the object if ( ! is_null($object_name)) { @@ -992,7 +976,7 @@ class CI_Loader { } $is_duplicate = TRUE; - log_message('debug', $class." class already loaded. Second attempt ignored."); + log_message('debug', $class.' class already loaded. Second attempt ignored.'); return; } @@ -1003,7 +987,7 @@ class CI_Loader { } // END FOREACH - // One last attempt. Maybe the library is in a subdirectory, but it wasn't specified? + // One last attempt. Maybe the library is in a subdirectory, but it wasn't specified? if ($subdir == '') { $path = strtolower($class).'/'.$class; @@ -1014,8 +998,8 @@ class CI_Loader { // We do not issue errors if the load call failed due to a duplicate request if ($is_duplicate == FALSE) { - log_message('error', "Unable to load the requested class: ".$class); - show_error("Unable to load the requested class: ".$class); + log_message('error', 'Unable to load the requested class: '.$class); + show_error('Unable to load the requested class: '.$class); } } @@ -1094,12 +1078,12 @@ class CI_Loader { // Is the class name valid? if ( ! class_exists($name)) { - log_message('error', "Non-existent class: ".$name); - show_error("Non-existent class: ".$class); + log_message('error', 'Non-existent class: '.$name); + show_error('Non-existent class: '.$class); } // Set the variable name we will assign the class to - // Was a custom class name supplied? If so we'll use it + // Was a custom class name supplied? If so we'll use it $class = strtolower($class); if (is_null($object_name)) @@ -1271,4 +1255,4 @@ class CI_Loader { } /* End of file Loader.php */ -/* Location: ./system/core/Loader.php */ \ No newline at end of file +/* Location: ./system/core/Loader.php */ -- cgit v1.2.3-24-g4f1b From bb488dc3d4bbac9ac9a1860f066069e4bb4afdcb Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 7 Jan 2012 23:35:16 +0200 Subject: Improve the core Security library --- system/core/Security.php | 254 ++++++++++++++++++----------------------------- 1 file changed, 99 insertions(+), 155 deletions(-) (limited to 'system/core') diff --git a/system/core/Security.php b/system/core/Security.php index 272a8bf3f..d0d3c0803 100755 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -1,13 +1,13 @@ - '[removed]', - 'document.write' => '[removed]', - '.parentNode' => '[removed]', - '.innerHTML' => '[removed]', - 'window.location' => '[removed]', - '-moz-binding' => '[removed]', - '' => '-->', - ' '<![CDATA[', - '' => '<comment>' - ); + 'document.cookie' => '[removed]', + 'document.write' => '[removed]', + '.parentNode' => '[removed]', + '.innerHTML' => '[removed]', + 'window.location' => '[removed]', + '-moz-binding' => '[removed]', + '' => '-->', + ' '<![CDATA[', + '' => '<comment>' + ); /** * List of never allowed regex replacement * * @var array - * @access protected */ protected $_never_allowed_regex = array( - "javascript\s*:" => '[removed]', - "expression\s*(\(|&\#40;)" => '[removed]', // CSS and IE - "vbscript\s*:" => '[removed]', // IE, surprise! - "Redirect\s+302" => '[removed]' - ); + 'javascript\s*:', + 'expression\s*(\(|&\#40;)', // CSS and IE + 'vbscript\s*:', // IE, surprise! + 'Redirect\s+302' + ); - /** - * Constructor - */ public function __construct() { // CSRF config @@ -135,7 +124,7 @@ class CI_Security { // Set the CSRF hash $this->_csrf_set_hash(); - log_message('debug', "Security Class Initialized"); + log_message('debug', 'Security Class Initialized'); } // -------------------------------------------------------------------- @@ -148,7 +137,7 @@ class CI_Security { public function csrf_verify() { // If no POST data exists we will set the CSRF cookie - if (count($_POST) == 0) + if (count($_POST) === 0) { return $this->csrf_set_cookie(); } @@ -186,8 +175,7 @@ class CI_Security { $this->_csrf_set_hash(); $this->csrf_set_cookie(); - log_message('debug', "CSRF token verified"); - + log_message('debug', 'CSRF token verified'); return $this; } @@ -203,19 +191,13 @@ class CI_Security { $expire = time() + $this->_csrf_expire; $secure_cookie = (bool) config_item('cookie_secure'); - if ($secure_cookie) + if ($secure_cookie && ( ! isset($_SERVER['HTTPS']) OR $_SERVER['HTTPS'] == 'off' OR ! $_SERVER['HTTPS'])) { - $req = isset($_SERVER['HTTPS']) ? $_SERVER['HTTPS'] : FALSE; - - if ( ! $req OR $req == 'off') - { - return FALSE; - } + return FALSE; } setcookie($this->_csrf_cookie_name, $this->_csrf_hash, $expire, config_item('cookie_path'), config_item('cookie_domain'), $secure_cookie); - - log_message('debug', "CRSF cookie Set"); + log_message('debug', 'CRSF cookie Set'); return $this; } @@ -253,7 +235,7 @@ class CI_Security { * * Getter Method * - * @return string self::csrf_token_name + * @return string self::_csrf_token_name */ public function get_csrf_token_name() { @@ -273,7 +255,7 @@ class CI_Security { * the filter. * * Note: This function should only be used to deal with data - * upon submission. It's not something that should + * upon submission. It's not something that should * be used for general runtime processing. * * This function was based in part on some code and ideas I @@ -290,10 +272,7 @@ class CI_Security { */ public function xss_clean($str, $is_image = FALSE) { - /* - * Is the string an array? - * - */ + // Is the string an array? if (is_array($str)) { while (list($key) = each($str)) @@ -304,13 +283,8 @@ class CI_Security { return $str; } - /* - * Remove Invisible Characters - */ - $str = remove_invisible_characters($str); - - // Validate Entities in URLs - $str = $this->_validate_entities($str); + // Remove Invisible Characters and validate entities in URLs + $str = $this->_validate_entities(remove_invisible_characters($str)); /* * URL Decode @@ -320,7 +294,6 @@ class CI_Security { * Google * * Note: Use rawurldecode() so it does not remove plus signs - * */ $str = rawurldecode($str); @@ -332,14 +305,10 @@ class CI_Security { * these are the ones that will pose security problems. * */ - $str = preg_replace_callback("/[a-z]+=([\'\"]).*?\\1/si", array($this, '_convert_attribute'), $str); - $str = preg_replace_callback("/<\w+.*?(?=>|<|$)/si", array($this, '_decode_entity'), $str); - /* - * Remove Invisible Characters Again! - */ + // Remove Invisible Characters Again! $str = remove_invisible_characters($str); /* @@ -350,11 +319,7 @@ class CI_Security { * NOTE: preg_replace was found to be amazingly slow here on * large blocks of data, so we use str_replace. */ - - if (strpos($str, "\t") !== FALSE) - { - $str = str_replace("\t", ' ', $str); - } + $str = str_replace("\t", ' ', $str); /* * Capture converted string for later comparison @@ -378,7 +343,7 @@ class CI_Security { // Images have a tendency to have the PHP short opening and // closing tags every so often so we skip those and only // do the long opening tags. - $str = preg_replace('/<\?(php)/i', "<?\\1", $str); + $str = preg_replace('/<\?(php)/i', '<?\\1', $str); } else { @@ -415,19 +380,19 @@ class CI_Security { { $original = $str; - if (preg_match("/]*?)(>|$)#si", array($this, '_js_link_removal'), $str); + $str = preg_replace_callback('#]*?)(>|$)#si', array($this, '_js_link_removal'), $str); } - if (preg_match("/]*?)(\s?/?>|$)#si", array($this, '_js_img_removal'), $str); + $str = preg_replace_callback('#]*?)(\s?/?>|$)#si', array($this, '_js_img_removal'), $str); } - if (preg_match("/script/i", $str) OR preg_match("/xss/i", $str)) + if (preg_match('/(script|xss)/i', $str)) { - $str = preg_replace("#<(/*)(script|xss)(.*?)\>#si", '[removed]', $str); + $str = preg_replace('#<(/*)(script|xss)(.*?)\>#si', '[removed]', $str); } } while($original != $str); @@ -454,14 +419,16 @@ class CI_Security { * * Similar to above, only instead of looking for * tags it looks for PHP and JavaScript commands - * that are disallowed. Rather than removing the + * that are disallowed. Rather than removing the * code, it simply converts the parenthesis to entities * rendering the code un-executable. * * For example: eval('some code') - * Becomes: eval('some code') + * Becomes: eval('some code') */ - $str = preg_replace('#(alert|cmd|passthru|eval|exec|expression|system|fopen|fsockopen|file|file_get_contents|readfile|unlink)(\s*)\((.*?)\)#si', "\\1\\2(\\3)", $str); + $str = preg_replace('#(alert|cmd|passthru|eval|exec|expression|system|fopen|fsockopen|file|file_get_contents|readfile|unlink)(\s*)\((.*?)\)#si', + '\\1\\2(\\3)', + $str); // Final clean up @@ -478,13 +445,12 @@ class CI_Security { * string post-removal of XSS, then it fails, as there was unwanted XSS * code found and removed/changed during processing. */ - if ($is_image === TRUE) { - return ($str === $converted_string) ? TRUE : FALSE; + return ($str === $converted_string); } - log_message('debug', "XSS Filtering completed"); + log_message('debug', 'XSS Filtering completed'); return $str; } @@ -516,7 +482,7 @@ class CI_Security { * The reason we are not using html_entity_decode() by itself is because * while it is not technically correct to leave out the semicolon * at the end of an entity most browsers will still interpret the entity - * correctly. html_entity_decode() does not convert entities without + * correctly. html_entity_decode() does not convert entities without * semicolons, so we are left with our own little solution here. Bummer. * * @param string @@ -552,38 +518,23 @@ class CI_Security { public function sanitize_filename($str, $relative_path = FALSE) { $bad = array( - "../", - "", - "<", - ">", - "'", - '"', - '&', - '$', - '#', - '{', - '}', - '[', - ']', - '=', - ';', - '?', - "%20", - "%22", - "%3c", // < - "%253c", // < - "%3e", // > - "%0e", // > - "%28", // ( - "%29", // ) - "%2528", // ( - "%26", // & - "%24", // $ - "%3f", // ? - "%3b", // ; - "%3d" // = - ); + '../', '', '<', '>', + "'", '"', '&', '$', '#', + '{', '}', '[', ']', '=', + ';', '?', '%20', '%22', + '%3c', // < + '%253c', // < + '%3e', // > + '%0e', // > + '%28', // ( + '%29', // ) + '%2528', // ( + '%26', // & + '%24', // $ + '%3f', // ? + '%3b', // ; + '%3d' // = + ); if ( ! $relative_path) { @@ -636,26 +587,26 @@ class CI_Security { if ($is_image === TRUE) { /* - * Adobe Photoshop puts XML metadata into JFIF images, + * Adobe Photoshop puts XML metadata into JFIF images, * including namespacing, so we have to allow this for images. */ unset($evil_attributes[array_search('xmlns', $evil_attributes)]); } - + do { $count = 0; $attribs = array(); - + // find occurrences of illegal attribute strings without quotes - preg_match_all("/(".implode('|', $evil_attributes).")\s*=\s*([^\s]*)/is", $str, $matches, PREG_SET_ORDER); - + preg_match_all('/('.implode('|', $evil_attributes).')\s*=\s*([^\s]*)/is', $str, $matches, PREG_SET_ORDER); + foreach ($matches as $attr) { $attribs[] = preg_quote($attr[0], '/'); } - + // find occurrences of illegal attribute strings with quotes (042 and 047 are octal quotes) - preg_match_all("/(".implode('|', $evil_attributes).")\s*=\s*(\042|\047)([^\\2]*?)(\\2)/is", $str, $matches, PREG_SET_ORDER); + preg_match_all('/('.implode('|', $evil_attributes).')\s*=\s*(\042|\047)([^\\2]*?)(\\2)/is', $str, $matches, PREG_SET_ORDER); foreach ($matches as $attr) { @@ -665,11 +616,11 @@ class CI_Security { // replace illegal attribute strings that are inside an html tag if (count($attribs) > 0) { - $str = preg_replace("/<(\/?[^><]+?)([^A-Za-z\-])(".implode('|', $attribs).")([\s><])([><]*)/i", '<$1$2$4$5', $str, -1, $count); + $str = preg_replace('/<(\/?[^><]+?)([^A-Za-z\-])('.implode('|', $attribs).')([\s><])([><]*)/i', '<$1$2$4$5', $str, -1, $count); } - + } while ($count); - + return $str; } @@ -685,14 +636,9 @@ class CI_Security { */ protected function _sanitize_naughty_html($matches) { - // encode opening brace - $str = '<'.$matches[1].$matches[2].$matches[3]; - - // encode captured opening or closing brace to prevent recursive vectors - $str .= str_replace(array('>', '<'), array('>', '<'), - $matches[4]); - - return $str; + return '<'.$matches[1].$matches[2].$matches[3] // encode opening brace + // encode captured opening or closing brace to prevent recursive vectors: + . str_replace(array('>', '<'), array('>', '<'), $matches[4]); } // -------------------------------------------------------------------- @@ -710,9 +656,12 @@ class CI_Security { */ protected function _js_link_removal($match) { - $attributes = $this->_filter_attributes(str_replace(array('<', '>'), '', $match[1])); - - return str_replace($match[1], preg_replace("#href=.*?(alert\(|alert&\#40;|javascript\:|livescript\:|mocha\:|charset\=|window\.|document\.|\.cookie|_filter_attributes(str_replace(array('<', '>'), '', $match[1])) + ), + $match[0]); } // -------------------------------------------------------------------- @@ -730,9 +679,12 @@ class CI_Security { */ protected function _js_img_removal($match) { - $attributes = $this->_filter_attributes(str_replace(array('<', '>'), '', $match[1])); - - return str_replace($match[1], preg_replace("#src=.*?(alert\(|alert&\#40;|javascript\:|livescript\:|mocha\:|charset\=|window\.|document\.|\.cookie|_filter_attributes(str_replace(array('<', '>'), '', $match[1])) + ), + $match[0]); } // -------------------------------------------------------------------- @@ -806,33 +758,28 @@ class CI_Security { * Protect GET variables in URLs */ - // 901119URL5918AMP18930PROTECT8198 - - $str = preg_replace('|\&([a-z\_0-9\-]+)\=([a-z\_0-9\-]+)|i', $this->xss_hash()."\\1=\\2", $str); + // 901119URL5918AMP18930PROTECT8198 + $str = preg_replace('|\&([a-z\_0-9\-]+)\=([a-z\_0-9\-]+)|i', $this->xss_hash().'\\1=\\2', $str); /* * Validate standard character entities * * Add a semicolon if missing. We do this to enable * the conversion of entities to ASCII later. - * */ - $str = preg_replace('#(&\#?[0-9a-z]{2,})([\x00-\x20])*;?#i', "\\1;\\2", $str); + $str = preg_replace('#(&\#?[0-9a-z]{2,})([\x00-\x20])*;?#i', '\\1;\\2', $str); /* * Validate UTF16 two byte encoding (x00) * * Just as above, adds a semicolon if missing. - * */ - $str = preg_replace('#(&\#x?)([0-9A-F]+);?#i',"\\1\\2;",$str); + $str = preg_replace('#(&\#x?)([0-9A-F]+);?#i', '\\1\\2;', $str); /* * Un-Protect GET variables in URLs */ - $str = str_replace($this->xss_hash(), '&', $str); - - return $str; + return str_replace($this->xss_hash(), '&', $str); } // ---------------------------------------------------------------------- @@ -847,14 +794,11 @@ class CI_Security { */ protected function _do_never_allowed($str) { - foreach ($this->_never_allowed_str as $key => $val) - { - $str = str_replace($key, $val, $str); - } + $str = str_replace(array_keys($this->_never_allowed_str), $this->_never_allowed_str, $str); - foreach ($this->_never_allowed_regex as $key => $val) + foreach ($this->_never_allowed_regex as $regex) { - $str = preg_replace("#".$key."#i", $val, $str); + $str = preg_replace('#'.$regex.'#i', '[removed]', $str); } return $str; @@ -891,4 +835,4 @@ class CI_Security { } /* End of file Security.php */ -/* Location: ./system/core/Security.php */ \ No newline at end of file +/* Location: ./system/core/Security.php */ -- cgit v1.2.3-24-g4f1b From c123e118de32e2b31b9bf21fdb43458bc9f4cbda Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sun, 8 Jan 2012 00:17:34 +0200 Subject: Improve core URI & UTF8 libraries --- system/core/URI.php | 197 ++++++++++++++++++++++----------------------------- system/core/Utf8.php | 32 ++++----- 2 files changed, 96 insertions(+), 133 deletions(-) (limited to 'system/core') diff --git a/system/core/URI.php b/system/core/URI.php index 3c26d307b..93105b1fd 100755 --- a/system/core/URI.php +++ b/system/core/URI.php @@ -1,13 +1,13 @@ -config =& load_class('Config', 'core'); - log_message('debug', "URI Class Initialized"); + log_message('debug', 'URI Class Initialized'); } - // -------------------------------------------------------------------- /** * Get the URI String * - * @access private - * @return string + * Called by CI_Router + * + * @return void */ - function _fetch_uri_string() + public function _fetch_uri_string() { - if (strtoupper($this->config->item('uri_protocol')) == 'AUTO') + if (strtoupper($this->config->item('uri_protocol')) === 'AUTO') { // Is the request coming from the command line? - if (php_sapi_name() == 'cli' or defined('STDIN')) + if (php_sapi_name() === 'cli' OR defined('STDIN')) { $this->_set_uri_string($this->_parse_cli_args()); return; @@ -115,14 +109,14 @@ class CI_URI { // Is there a PATH_INFO variable? // Note: some servers seem to have trouble with getenv() so we'll test it two ways $path = (isset($_SERVER['PATH_INFO'])) ? $_SERVER['PATH_INFO'] : @getenv('PATH_INFO'); - if (trim($path, '/') != '' && $path != "/".SELF) + if (trim($path, '/') != '' && $path !== '/'.SELF) { $this->_set_uri_string($path); return; } // No PATH_INFO?... What about QUERY_STRING? - $path = (isset($_SERVER['QUERY_STRING'])) ? $_SERVER['QUERY_STRING'] : @getenv('QUERY_STRING'); + $path = (isset($_SERVER['QUERY_STRING'])) ? $_SERVER['QUERY_STRING'] : @getenv('QUERY_STRING'); if (trim($path, '/') != '') { $this->_set_uri_string($path); @@ -130,7 +124,7 @@ class CI_URI { } // As a last ditch effort lets try using the $_GET array - if (is_array($_GET) && count($_GET) == 1 && trim(key($_GET), '/') != '') + if (is_array($_GET) && count($_GET) === 1 && trim(key($_GET), '/') != '') { $this->_set_uri_string(key($_GET)); return; @@ -143,12 +137,12 @@ class CI_URI { $uri = strtoupper($this->config->item('uri_protocol')); - if ($uri == 'REQUEST_URI') + if ($uri === 'REQUEST_URI') { $this->_set_uri_string($this->_detect_uri()); return; } - elseif ($uri == 'CLI') + elseif ($uri === 'CLI') { $this->_set_uri_string($this->_parse_cli_args()); return; @@ -163,17 +157,16 @@ class CI_URI { /** * Set the URI String * - * @access public * @param string - * @return string + * @return void */ - function _set_uri_string($str) + public function _set_uri_string($str) { // Filter out control characters $str = remove_invisible_characters($str, FALSE); // If the URI contains only a slash we'll kill it - $this->uri_string = ($str == '/') ? '' : $str; + $this->uri_string = ($str === '/') ? '' : $str; } // -------------------------------------------------------------------- @@ -184,7 +177,6 @@ class CI_URI { * This function will detect the URI automatically and fix the query string * if necessary. * - * @access private * @return string */ protected function _detect_uri() @@ -194,12 +186,11 @@ class CI_URI { return ''; } - $uri = $_SERVER['REQUEST_URI']; - if (strpos($uri, $_SERVER['SCRIPT_NAME']) === 0) + if (strpos($_SERVER['REQUEST_URI'], $_SERVER['SCRIPT_NAME']) === 0) { $uri = substr($uri, strlen($_SERVER['SCRIPT_NAME'])); } - elseif (strpos($uri, dirname($_SERVER['SCRIPT_NAME'])) === 0) + elseif (strpos($_SERVER['REQUEST_URI'], dirname($_SERVER['SCRIPT_NAME'])) === 0) { $uri = substr($uri, strlen(dirname($_SERVER['SCRIPT_NAME']))); } @@ -223,7 +214,7 @@ class CI_URI { $_GET = array(); } - if ($uri == '/' || empty($uri)) + if ($uri == '/' OR empty($uri)) { return '/'; } @@ -241,13 +232,11 @@ class CI_URI { * * Take each command line argument and assume it is a URI segment. * - * @access private * @return string */ protected function _parse_cli_args() { $args = array_slice($_SERVER['argv'], 1); - return $args ? '/' . implode('/', $args) : ''; } @@ -256,27 +245,28 @@ class CI_URI { /** * Filter segments for malicious characters * - * @access private + * Called by CI_Router + * * @param string * @return string */ - function _filter_uri($str) + public function _filter_uri($str) { if ($str != '' && $this->config->item('permitted_uri_chars') != '' && $this->config->item('enable_query_strings') == FALSE) { // preg_quote() in PHP 5.3 escapes -, so the str_replace() and addition of - to preg_quote() is to maintain backwards // compatibility as many are unaware of how characters in the permitted_uri_chars will be parsed as a regex pattern - if ( ! preg_match("|^[".str_replace(array('\\-', '\-'), '-', preg_quote($this->config->item('permitted_uri_chars'), '-'))."]+$|i", $str)) + if ( ! preg_match('|^['.str_replace(array('\\-', '\-'), '-', preg_quote($this->config->item('permitted_uri_chars'), '-')).']+$|i', $str)) { show_error('The URI you submitted has disallowed characters.', 400); } } - // Convert programatic characters to entities - $bad = array('$', '(', ')', '%28', '%29'); - $good = array('$', '(', ')', '(', ')'); - - return str_replace($bad, $good, $str); + // Convert programatic characters to entities and return + return str_replace( + array('$', '(', ')', '%28', '%29'), // Bad + array('$', '(', ')', '(', ')'), // Good + $str); } // -------------------------------------------------------------------- @@ -284,14 +274,15 @@ class CI_URI { /** * Remove the suffix from the URL if needed * - * @access private + * Called by CI_Router + * * @return void */ - function _remove_url_suffix() + public function _remove_url_suffix() { - if ($this->config->item('url_suffix') != "") + if ($this->config->item('url_suffix') != '') { - $this->uri_string = preg_replace("|".preg_quote($this->config->item('url_suffix'))."$|", "", $this->uri_string); + $this->uri_string = preg_replace('|'.preg_quote($this->config->item('url_suffix')).'$|', '', $this->uri_string); } } @@ -301,12 +292,13 @@ class CI_URI { * Explode the URI Segments. The individual segments will * be stored in the $this->segments array. * - * @access private + * Called by CI_Router + * * @return void */ - function _explode_segments() + public function _explode_segments() { - foreach (explode("/", preg_replace("|/*(.+?)/*$|", "\\1", $this->uri_string)) as $val) + foreach (explode('/', preg_replace('|/*(.+?)/*$|', '\\1', $this->uri_string)) as $val) { // Filter segments for security $val = trim($this->_filter_uri($val)); @@ -323,14 +315,15 @@ class CI_URI { * Re-index Segments * * This function re-indexes the $this->segment array so that it - * starts at 1 rather than 0. Doing so makes it simpler to + * starts at 1 rather than 0. Doing so makes it simpler to * use functions like $this->uri->segment(n) since there is * a 1:1 relationship between the segment array and the actual segments. * - * @access private + * Called by CI_Router + * * @return void */ - function _reindex_segments() + public function _reindex_segments() { array_unshift($this->segments, NULL); array_unshift($this->rsegments, NULL); @@ -345,12 +338,11 @@ class CI_URI { * * This function returns the URI segment based on the number provided. * - * @access public * @param integer * @param bool * @return string */ - function segment($n, $no_result = FALSE) + public function segment($n, $no_result = FALSE) { return ( ! isset($this->segments[$n])) ? $no_result : $this->segments[$n]; } @@ -364,12 +356,11 @@ class CI_URI { * based on the number provided. If there is no routing this function returns the * same result as $this->segment() * - * @access public * @param integer * @param bool * @return string */ - function rsegment($n, $no_result = FALSE) + public function rsegment($n, $no_result = FALSE) { return ( ! isset($this->rsegments[$n])) ? $no_result : $this->rsegments[$n]; } @@ -392,25 +383,22 @@ class CI_URI { * gender => male * ) * - * @access public * @param integer the starting segment number * @param array an array of default values * @return array */ - function uri_to_assoc($n = 3, $default = array()) + public function uri_to_assoc($n = 3, $default = array()) { return $this->_uri_to_assoc($n, $default, 'segment'); } /** * Identical to above only it uses the re-routed segment array * - * @access public * @param integer the starting segment number * @param array an array of default values * @return array - * */ - function ruri_to_assoc($n = 3, $default = array()) + public function ruri_to_assoc($n = 3, $default = array()) { return $this->_uri_to_assoc($n, $default, 'rsegment'); } @@ -420,25 +408,13 @@ class CI_URI { /** * Generate a key value pair from the URI string or Re-routed URI string * - * @access private * @param integer the starting segment number * @param array an array of default values * @param string which array we should use * @return array */ - function _uri_to_assoc($n = 3, $default = array(), $which = 'segment') + protected function _uri_to_assoc($n = 3, $default = array(), $which = 'segment') { - if ($which == 'segment') - { - $total_segments = 'total_segments'; - $segment_array = 'segment_array'; - } - else - { - $total_segments = 'total_rsegments'; - $segment_array = 'rsegment_array'; - } - if ( ! is_numeric($n)) { return $default; @@ -449,23 +425,30 @@ class CI_URI { return $this->keyval[$n]; } + if ($which === 'segment') + { + $total_segments = 'total_segments'; + $segment_array = 'segment_array'; + } + else + { + $total_segments = 'total_rsegments'; + $segment_array = 'rsegment_array'; + } + if ($this->$total_segments() < $n) { - if (count($default) == 0) + if (count($default) === 0) { return array(); } - $retval = array(); - foreach ($default as $val) - { - $retval[$val] = FALSE; - } - return $retval; + return function_exists('array_fill_keys') + ? array_fill_keys($default, FALSE) + : array_combine($default, array_fill(0, count($default), FALSE)); } $segments = array_slice($this->$segment_array(), ($n - 1)); - $i = 0; $lastval = ''; $retval = array(); @@ -506,16 +489,15 @@ class CI_URI { * Generate a URI string from an associative array * * - * @access public * @param array an associative array of key/values * @return array */ - function assoc_to_uri($array) + public function assoc_to_uri($array) { $temp = array(); foreach ((array)$array as $key => $val) { - $temp[] = $key; + $temp[] = $key; $temp[] = $val; } @@ -527,12 +509,11 @@ class CI_URI { /** * Fetch a URI Segment and add a trailing slash * - * @access public * @param integer * @param string * @return string */ - function slash_segment($n, $where = 'trailing') + public function slash_segment($n, $where = 'trailing') { return $this->_slash_segment($n, $where, 'segment'); } @@ -542,12 +523,11 @@ class CI_URI { /** * Fetch a URI Segment and add a trailing slash * - * @access public * @param integer * @param string * @return string */ - function slash_rsegment($n, $where = 'trailing') + public function slash_rsegment($n, $where = 'trailing') { return $this->_slash_segment($n, $where, 'rsegment'); } @@ -557,22 +537,20 @@ class CI_URI { /** * Fetch a URI Segment and add a trailing slash - helper function * - * @access private * @param integer * @param string * @param string * @return string */ - function _slash_segment($n, $where = 'trailing', $which = 'segment') + protected function _slash_segment($n, $where = 'trailing', $which = 'segment') { - $leading = '/'; - $trailing = '/'; + $leading = $trailing = '/'; - if ($where == 'trailing') + if ($where === 'trailing') { $leading = ''; } - elseif ($where == 'leading') + elseif ($where === 'leading') { $trailing = ''; } @@ -585,10 +563,9 @@ class CI_URI { /** * Segment Array * - * @access public * @return array */ - function segment_array() + public function segment_array() { return $this->segments; } @@ -598,10 +575,9 @@ class CI_URI { /** * Routed Segment Array * - * @access public * @return array */ - function rsegment_array() + public function rsegment_array() { return $this->rsegments; } @@ -611,10 +587,9 @@ class CI_URI { /** * Total number of segments * - * @access public * @return integer */ - function total_segments() + public function total_segments() { return count($this->segments); } @@ -624,10 +599,9 @@ class CI_URI { /** * Total number of routed segments * - * @access public * @return integer */ - function total_rsegments() + public function total_rsegments() { return count($this->rsegments); } @@ -637,10 +611,9 @@ class CI_URI { /** * Fetch the entire URI string * - * @access public * @return string */ - function uri_string() + public function uri_string() { return $this->uri_string; } @@ -651,16 +624,14 @@ class CI_URI { /** * Fetch the entire Re-routed URI string * - * @access public * @return string */ - function ruri_string() + public function ruri_string() { return '/'.implode('/', $this->rsegment_array()); } } -// END URI Class /* End of file URI.php */ -/* Location: ./system/core/URI.php */ \ No newline at end of file +/* Location: ./system/core/URI.php */ diff --git a/system/core/Utf8.php b/system/core/Utf8.php index 40a7ac4c0..0e180d36f 100644 --- a/system/core/Utf8.php +++ b/system/core/Utf8.php @@ -1,13 +1,13 @@ -item('charset') == 'UTF-8' // Application charset must be UTF-8 + && @ini_get('mbstring.func_overload') != 1 // Multibyte string function overloading cannot be enabled + && $CFG->item('charset') === 'UTF-8' // Application charset must be UTF-8 ) { - log_message('debug', "UTF-8 Support Enabled"); - define('UTF8_ENABLED', TRUE); + log_message('debug', 'UTF-8 Support Enabled'); // set internal encoding for multibyte string functions if necessary // and set a flag so we don't have to repeatedly use extension_loaded() @@ -77,8 +76,8 @@ class CI_Utf8 { } else { - log_message('debug', "UTF-8 Support Disabled"); define('UTF8_ENABLED', FALSE); + log_message('debug', 'UTF-8 Support Disabled'); } } @@ -134,18 +133,14 @@ class CI_Utf8 { { if (function_exists('iconv')) { - $str = @iconv($encoding, 'UTF-8', $str); + return @iconv($encoding, 'UTF-8', $str); } elseif (function_exists('mb_convert_encoding')) { - $str = @mb_convert_encoding($str, 'UTF-8', $encoding); - } - else - { - return FALSE; + return @mb_convert_encoding($str, 'UTF-8', $encoding); } - return $str; + return FALSE; } // -------------------------------------------------------------------- @@ -163,10 +158,7 @@ class CI_Utf8 { return (preg_match('/[^\x00-\x7F]/S', $str) === 0); } - // -------------------------------------------------------------------- - } -// End Utf8 Class /* End of file Utf8.php */ -/* Location: ./system/core/Utf8.php */ \ No newline at end of file +/* Location: ./system/core/Utf8.php */ -- cgit v1.2.3-24-g4f1b From a798fdb9a08a6f549bcc2a4ea6c6bad45cfef0a2 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sun, 8 Jan 2012 00:20:49 +0200 Subject: Remove a space :) --- system/core/URI.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/URI.php b/system/core/URI.php index 93105b1fd..eaf7b752b 100755 --- a/system/core/URI.php +++ b/system/core/URI.php @@ -497,7 +497,7 @@ class CI_URI { $temp = array(); foreach ((array)$array as $key => $val) { - $temp[] = $key; + $temp[] = $key; $temp[] = $val; } -- cgit v1.2.3-24-g4f1b From 75f7c12815c62782163a54e84707f50459b6ef5d Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sun, 8 Jan 2012 03:49:25 +0200 Subject: Remove loading of ['core'] elements --- system/core/Loader.php | 7 ------- 1 file changed, 7 deletions(-) (limited to 'system/core') diff --git a/system/core/Loader.php b/system/core/Loader.php index 689ae1ecd..272fe4291 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -1165,13 +1165,6 @@ class CI_Loader { } } - // A little tweak to remain backward compatible - // The $autoload['core'] item was deprecated - if ( ! isset($autoload['libraries']) AND isset($autoload['core'])) - { - $autoload['libraries'] = $autoload['core']; - } - // Load libraries if (isset($autoload['libraries']) AND count($autoload['libraries']) > 0) { -- cgit v1.2.3-24-g4f1b From 137749793d6cce57e03904f05239fa80eec48d13 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sun, 8 Jan 2012 04:30:33 +0200 Subject: Switch some public properties to protected --- system/core/Input.php | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) (limited to 'system/core') diff --git a/system/core/Input.php b/system/core/Input.php index 07bb30b15..13bf76fd6 100755 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -57,20 +57,20 @@ class CI_Input { * * @var bool */ - public $_allow_get_array = TRUE; + protected $_allow_get_array = TRUE; /** * If TRUE, then newlines are standardized * * @var bool */ - public $_standardize_newlines = TRUE; + protected $_standardize_newlines = TRUE; /** * Determines whether the XSS filter is always active when GET, POST or COOKIE data is encountered * Set automatically based on config setting * * @var bool */ - public $_enable_xss = FALSE; + protected $_enable_xss = FALSE; /** * Enables a CSRF cookie token to be set. * Set automatically based on config setting @@ -85,17 +85,15 @@ class CI_Input { */ protected $headers = array(); - /** * Constructor * * Sets whether to globally enable the XSS processing * and whether to allow the $_GET array - * */ public function __construct() { - log_message('debug', "Input Class Initialized"); + log_message('debug', 'Input Class Initialized'); $this->_allow_get_array = (config_item('allow_get_array') === TRUE); $this->_enable_xss = (config_item('global_xss_filtering') === TRUE); -- cgit v1.2.3-24-g4f1b From c90d651e8531142d36326d5c3451d7899fb00f76 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sun, 8 Jan 2012 04:35:02 +0200 Subject: Style guide stuff --- system/core/Output.php | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) (limited to 'system/core') diff --git a/system/core/Output.php b/system/core/Output.php index 272545046..1beee734f 100755 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -488,8 +488,7 @@ class CI_Output { $uri = $CFG->item('base_url').$CFG->item('index_page').$URI->uri_string; $filepath = $cache_path.md5($uri); - if ( ! @file_exists($filepath) - OR ! $fp = @fopen($filepath, FOPEN_READ)) + if ( ! @file_exists($filepath) OR ! $fp = @fopen($filepath, FOPEN_READ)) { return FALSE; } @@ -508,8 +507,7 @@ class CI_Output { } // Has the file expired? If so we'll delete it. - if (time() >= trim(str_replace('TS--->', '', $match[1])) - AND is_really_writable($cache_path)) + if (time() >= trim(str_replace('TS--->', '', $match[1])) && is_really_writable($cache_path)) { @unlink($filepath); log_message('debug', 'Cache file has expired. File deleted.'); -- cgit v1.2.3-24-g4f1b From 29ce5d90b4276fc8a4e9354c1435963111f09a24 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sun, 8 Jan 2012 04:43:31 +0200 Subject: Replace AND with && --- system/core/CodeIgniter.php | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) (limited to 'system/core') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index e3d818825..cb5d439bd 100755 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -59,7 +59,7 @@ * Load the framework constants * ------------------------------------------------------ */ - if (defined('ENVIRONMENT') AND file_exists(APPPATH.'config/'.ENVIRONMENT.'/constants.php')) + if (defined('ENVIRONMENT') && file_exists(APPPATH.'config/'.ENVIRONMENT.'/constants.php')) { require(APPPATH.'config/'.ENVIRONMENT.'/constants.php'); } @@ -96,7 +96,7 @@ * Note: Since the config file data is cached it doesn't * hurt to load it here. */ - if (isset($assign_to_config['subclass_prefix']) AND $assign_to_config['subclass_prefix'] != '') + if (isset($assign_to_config['subclass_prefix']) && $assign_to_config['subclass_prefix'] != '') { get_config(array('subclass_prefix' => $assign_to_config['subclass_prefix'])); } @@ -106,8 +106,8 @@ * Set a liberal script execution time limit * ------------------------------------------------------ */ - if (function_exists('set_time_limit') AND @ini_get('safe_mode') == 0 - AND php_sapi_name() !== 'cli') // Do not override the Time Limit value if running from Command Line + if (function_exists('set_time_limit') && @ini_get('safe_mode') == 0 + && php_sapi_name() !== 'cli') // Do not override the Time Limit value if running from Command Line { @set_time_limit(300); } @@ -195,7 +195,7 @@ * ------------------------------------------------------ */ if ($EXT->_call_hook('cache_override') === FALSE - AND $OUT->_display_cache($CFG, $URI) == TRUE) + && $OUT->_display_cache($CFG, $URI) == TRUE) { exit; } @@ -393,7 +393,7 @@ * Close the DB connection if one exists * ------------------------------------------------------ */ - if (class_exists('CI_DB') AND isset($CI->db)) + if (class_exists('CI_DB') && isset($CI->db)) { $CI->db->close(); } -- cgit v1.2.3-24-g4f1b From 90cfe14b8458a3c84825a741cd750c5a02690f3b Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sun, 8 Jan 2012 04:46:42 +0200 Subject: Switch private methods to protected --- system/core/Input.php | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'system/core') diff --git a/system/core/Input.php b/system/core/Input.php index 13bf76fd6..7a16e51ab 100755 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -391,7 +391,7 @@ class CI_Input { { // IP segments must be digits and can not be // longer than 3 digits or greater then 255 - if ($segment == '' OR preg_match("/[^0-9]/", $segment) OR $segment > 255 OR strlen($segment) > 3) + if ($segment == '' OR preg_match('/[^0-9]/', $segment) OR $segment > 255 OR strlen($segment) > 3) { return FALSE; } @@ -430,7 +430,7 @@ class CI_Input { * * @return void */ - private function _sanitize_globals() + protected function _sanitize_globals() { // It would be "wrong" to unset any of these GLOBALS. $protected = array('_SERVER', '_GET', '_POST', '_FILES', '_REQUEST', @@ -516,7 +516,7 @@ class CI_Input { $this->security->csrf_verify(); } - log_message('debug', "Global POST and COOKIE data sanitized"); + log_message('debug', 'Global POST and COOKIE data sanitized'); } // -------------------------------------------------------------------- @@ -530,7 +530,7 @@ class CI_Input { * @param string * @return string */ - private function _clean_input_data($str) + protected function _clean_input_data($str) { if (is_array($str)) { @@ -588,7 +588,7 @@ class CI_Input { * @param string * @return string */ - private function _clean_input_keys($str) + protected function _clean_input_keys($str) { if ( ! preg_match('/^[a-z0-9:_\/-]+$/i', $str)) { -- cgit v1.2.3-24-g4f1b From 8a7d078233bfb80fa01ee090e14ce0664f23b96b Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sun, 8 Jan 2012 05:43:42 +0200 Subject: Remove some tabs --- system/core/Security.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Security.php b/system/core/Security.php index f09298bba..d7881d846 100755 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -176,7 +176,7 @@ class CI_Security { unset($_COOKIE[$this->_csrf_cookie_name]); $this->_csrf_hash = ''; } - + $this->_csrf_set_hash(); $this->csrf_set_cookie(); -- cgit v1.2.3-24-g4f1b From 0609d588a4340fc9a9cfbc0ff76c39bba9ab09fb Mon Sep 17 00:00:00 2001 From: Michiel Vugteveen Date: Sun, 8 Jan 2012 13:26:17 +0100 Subject: Fixes for issue 896 --- system/core/Common.php | 2 +- system/core/Output.php | 3 +-- system/core/URI.php | 5 +++-- 3 files changed, 5 insertions(+), 5 deletions(-) (limited to 'system/core') diff --git a/system/core/Common.php b/system/core/Common.php index 6ef229629..1f59c02d7 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -235,7 +235,7 @@ if ( ! function_exists('get_config')) } // Is the config file in the environment folder? - if ( ! defined('ENVIRONMENT') OR ! file_exists($file_path = APPPATH.'config/'.ENVIRONMENT..'/config.php')) + if ( ! defined('ENVIRONMENT') OR ! file_exists($file_path = APPPATH.'config/'.ENVIRONMENT.'/config.php')) { $file_path = APPPATH.'config/config.php'; } diff --git a/system/core/Output.php b/system/core/Output.php index 1beee734f..da5c29044 100755 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -129,7 +129,6 @@ class CI_Output { * * Sets the output string * - * @access public * @param string * @return void */ @@ -282,7 +281,7 @@ class CI_Output { * @param integer * @return void */ - publi function cache($time) + public function cache($time) { $this->cache_expiration = ( ! is_numeric($time)) ? 0 : $time; return $this; diff --git a/system/core/URI.php b/system/core/URI.php index eaf7b752b..b28ee198b 100755 --- a/system/core/URI.php +++ b/system/core/URI.php @@ -186,11 +186,12 @@ class CI_URI { return ''; } - if (strpos($_SERVER['REQUEST_URI'], $_SERVER['SCRIPT_NAME']) === 0) + $uri = $_SERVER['REQUEST_URI']; + if (strpos($uri, $_SERVER['SCRIPT_NAME']) === 0) { $uri = substr($uri, strlen($_SERVER['SCRIPT_NAME'])); } - elseif (strpos($_SERVER['REQUEST_URI'], dirname($_SERVER['SCRIPT_NAME'])) === 0) + elseif (strpos($uri, dirname($_SERVER['SCRIPT_NAME'])) === 0) { $uri = substr($uri, strlen(dirname($_SERVER['SCRIPT_NAME']))); } -- cgit v1.2.3-24-g4f1b From edc875593d3ddbd0fe86caf6380a62b00a20f245 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 9 Jan 2012 09:35:10 +0200 Subject: Fix a possible notice in Output library --- system/core/Output.php | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) (limited to 'system/core') diff --git a/system/core/Output.php b/system/core/Output.php index da5c29044..69a2e5f88 100755 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -397,14 +397,12 @@ class CI_Output { // If the output data contains closing and tags // we will remove them and add them back after we insert the profile data $output = preg_replace('|.*?|is', '', $output, $count).$CI->profiler->run(); - if ($count > 0) + if (isset($count) && $count > 0) { $output .= ''; } } - // -------------------------------------------------------------------- - // Does the controller contain a function named _output()? // If so send the output there. Otherwise, echo it. if (method_exists($CI, '_output')) @@ -413,7 +411,7 @@ class CI_Output { } else { - echo $output; // Send it to the browser! + echo $output; // Send it to the browser! } log_message('debug', 'Final output sent to browser'); -- cgit v1.2.3-24-g4f1b From cba20b164fdb1e60225b4f1fc04b7a31c4ffa106 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 9 Jan 2012 10:16:41 +0200 Subject: Really fix this ... --- system/core/Output.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'system/core') diff --git a/system/core/Output.php b/system/core/Output.php index 69a2e5f88..d27133d37 100755 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -396,8 +396,9 @@ class CI_Output { // If the output data contains closing and tags // we will remove them and add them back after we insert the profile data - $output = preg_replace('|.*?|is', '', $output, $count).$CI->profiler->run(); - if (isset($count) && $count > 0) + $count = 0; + $output = preg_replace('|.*?|is', '', $output, -1, $count).$CI->profiler->run(); + if ($count > 0) { $output .= ''; } -- cgit v1.2.3-24-g4f1b From a96a9c8e6c7a113c808ba047808180b33360d3dd Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 9 Jan 2012 11:01:15 +0200 Subject: Remove once again ... --- system/core/Output.php | 1 - 1 file changed, 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Output.php b/system/core/Output.php index d27133d37..abd8a0ea9 100755 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -396,7 +396,6 @@ class CI_Output { // If the output data contains closing and tags // we will remove them and add them back after we insert the profile data - $count = 0; $output = preg_replace('|.*?|is', '', $output, -1, $count).$CI->profiler->run(); if ($count > 0) { -- cgit v1.2.3-24-g4f1b From d47baab1bd4d655a68981834d11727ae8c2a3a45 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 9 Jan 2012 16:56:46 +0200 Subject: Fix issue #904 --- system/core/Common.php | 2 +- system/core/Loader.php | 12 +++++------- 2 files changed, 6 insertions(+), 8 deletions(-) (limited to 'system/core') diff --git a/system/core/Common.php b/system/core/Common.php index 1f59c02d7..2f9c4ff43 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -199,7 +199,7 @@ if ( ! function_exists('load_class')) */ if ( ! function_exists('is_loaded')) { - function is_loaded($class = '') + function &is_loaded($class = '') { static $_is_loaded = array(); diff --git a/system/core/Loader.php b/system/core/Loader.php index 272fe4291..12daaa928 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -250,10 +250,10 @@ class CI_Loader { if (($last_slash = strrpos($model, '/')) !== FALSE) { // The path is in front of the last slash - $path = substr($model, 0, $last_slash + 1); + $path = substr($model, 0, ++$last_slash); // And the model name behind it - $model = substr($model, $last_slash + 1); + $model = substr($model, $last_slash); } if ($name == '') @@ -833,10 +833,9 @@ class CI_Loader { // If the PHP installation does not support short tags we'll // do a little string replacement, changing the short tags // to standard PHP echo statements. - if ((bool) @ini_get('short_open_tag') === FALSE AND config_item('rewrite_short_tags') == TRUE) { - echo eval('?>'.preg_replace("/;*\s*\?>/", "; ?>", str_replace(''.preg_replace('/;*\s*\?>/', '; ?>', str_replace(' $this->_ci_ob_level + 1) { @@ -1233,13 +1231,13 @@ class CI_Loader { { if ( ! is_array($filename)) { - return array(strtolower(str_replace('.php', '', str_replace($extension, '', $filename)).$extension)); + return array(strtolower(str_replace(array($extension, '.php'), '', $filename).$extension)); } else { foreach ($filename as $key => $val) { - $filename[$key] = strtolower(str_replace('.php', '', str_replace($extension, '', $val)).$extension); + $filename[$key] = strtolower(str_replace(array($extension, '.php'), '', $val).$extension); } return $filename; -- cgit v1.2.3-24-g4f1b From 4562f2cbb3e5346c6e341516a31ca87dfa47bafd Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 9 Jan 2012 23:39:50 +0200 Subject: Some more stuff ... --- system/core/Security.php | 23 ++++++----------------- 1 file changed, 6 insertions(+), 17 deletions(-) (limited to 'system/core') diff --git a/system/core/Security.php b/system/core/Security.php index d7881d846..1007f61f4 100755 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -153,20 +153,13 @@ class CI_Security { } // Do the tokens exist in both the _POST and _COOKIE arrays? - if ( ! isset($_POST[$this->_csrf_token_name]) OR - ! isset($_COOKIE[$this->_csrf_cookie_name])) + if ( ! isset($_POST[$this->_csrf_token_name]) OR ! isset($_COOKIE[$this->_csrf_cookie_name]) + OR $_POST[$this->_csrf_token_name] != $_COOKIE[$this->_csrf_cookie_name]) // Do the tokens match? { $this->csrf_show_error(); } - // Do the tokens match? - if ($_POST[$this->_csrf_token_name] != $_COOKIE[$this->_csrf_cookie_name]) - { - $this->csrf_show_error(); - } - - // We kill this since we're done and we don't want to - // polute the _POST array + // We kill this since we're done and we don't want to polute the _POST array unset($_POST[$this->_csrf_token_name]); // Regenerate on every submission? @@ -308,10 +301,9 @@ class CI_Security { * This permits our tests below to work reliably. * We only convert entities that are within tags since * these are the ones that will pose security problems. - * */ $str = preg_replace_callback("/[a-z]+=([\'\"]).*?\\1/si", array($this, '_convert_attribute'), $str); - $str = preg_replace_callback("/<\w+.*?(?=>|<|$)/si", array($this, '_decode_entity'), $str); + $str = preg_replace_callback('/<\w+.*?(?=>|<|$)/si', array($this, '_decode_entity'), $str); // Remove Invisible Characters Again! $str = remove_invisible_characters($str); @@ -326,9 +318,7 @@ class CI_Security { */ $str = str_replace("\t", ' ', $str); - /* - * Capture converted string for later comparison - */ + // Capture converted string for later comparison $converted_string = $str; // Remove Strings that are never allowed @@ -720,12 +710,11 @@ class CI_Security { protected function _filter_attributes($str) { $out = ''; - if (preg_match_all('#\s*[a-z\-]+\s*=\s*(\042|\047)([^\\1]*?)\\1#is', $str, $matches)) { foreach ($matches[0] as $match) { - $out .= preg_replace("#/\*.*?\*/#s", '', $match); + $out .= preg_replace('#/\*.*?\*/#s', '', $match); } } -- cgit v1.2.3-24-g4f1b From 4b13061308301cd307fe5317604265ab934fb046 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 10 Jan 2012 16:09:55 +0200 Subject: Fixed a bug in CI_Lang::load() --- system/core/Lang.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Lang.php b/system/core/Lang.php index 088cb6c9c..c40a6856e 100755 --- a/system/core/Lang.php +++ b/system/core/Lang.php @@ -130,7 +130,7 @@ class CI_Lang { } $this->is_loaded[] = $langfile; - $this->language = $this->language + $lang; + $this->language = array_merge($this->language, $lang); unset($lang); log_message('debug', 'Language file loaded: language/'.$idiom.'/'.$langfile); -- cgit v1.2.3-24-g4f1b From 176b363e534da12a38a75c9e2ba273846dfa35a7 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 10 Jan 2012 18:14:28 +0200 Subject: Fix a bug in system/core/CodeIgniter.php --- system/core/CodeIgniter.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index cb5d439bd..7af3c485d 100755 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -267,7 +267,7 @@ $method = $RTR->fetch_method(); if ( ! class_exists($class) - OR strpos($method, '_', 1) === 0 + OR strpos($method, '_') === 0 OR in_array(strtolower($method), array_map('strtolower', get_class_methods('CI_Controller'))) ) { -- cgit v1.2.3-24-g4f1b