From c4e266b87f39d521ff1002fefa9df809c6b9bd61 Mon Sep 17 00:00:00 2001 From: Darren Hill Date: Tue, 30 Aug 2011 15:40:27 -0400 Subject: Added Session driver with native PHP sessions and original-flavor CI cookie sessions --- system/core/Loader.php | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Loader.php b/system/core/Loader.php index de0fc06d2..51e6b82ca 100755 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -1174,6 +1174,15 @@ class CI_Loader { } } + // Autoload drivers + if (isset($autoload['drivers'])) + { + foreach ($autoload['drivers'] as $item) + { + $this->driver($item); + } + } + // Autoload models if (isset($autoload['model'])) { @@ -1240,4 +1249,4 @@ class CI_Loader { } /* End of file Loader.php */ -/* Location: ./system/core/Loader.php */ \ No newline at end of file +/* Location: ./system/core/Loader.php */ -- cgit v1.2.3-24-g4f1b From ca3be1d515a68293b64704a9a8346802702dedaa Mon Sep 17 00:00:00 2001 From: Darren Hill Date: Wed, 31 Aug 2011 08:31:18 -0400 Subject: Whitespace cleanup --- system/core/Loader.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'system/core') diff --git a/system/core/Loader.php b/system/core/Loader.php index 51e6b82ca..edf5853f0 100755 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -1177,10 +1177,10 @@ class CI_Loader { // Autoload drivers if (isset($autoload['drivers'])) { - foreach ($autoload['drivers'] as $item) - { - $this->driver($item); - } + foreach ($autoload['drivers'] as $item) + { + $this->driver($item); + } } // Autoload models -- cgit v1.2.3-24-g4f1b From a5a71359a5b320b0dc35fabfeb3e74e97a466a10 Mon Sep 17 00:00:00 2001 From: Jordan Pittman Date: Fri, 20 Jul 2012 19:36:43 -0300 Subject: Added support for IP Address Range Masks (e.g. 192.168.137.0/24) to the Proxy IPs config option --- system/core/Input.php | 21 +++++++++++++++++++-- 1 file changed, 19 insertions(+), 2 deletions(-) (limited to 'system/core') diff --git a/system/core/Input.php b/system/core/Input.php index 162e40c85..c0c85a5e8 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -330,10 +330,27 @@ class CI_Input { if (config_item('proxy_ips') != '' && $this->server('HTTP_X_FORWARDED_FOR') && $this->server('REMOTE_ADDR')) { + $hasRanges = strpos($proxies, '/') !== false; $proxies = preg_split('/[\s,]/', config_item('proxy_ips'), -1, PREG_SPLIT_NO_EMPTY); $proxies = is_array($proxies) ? $proxies : array($proxies); - - $this->ip_address = in_array($_SERVER['REMOTE_ADDR'], $proxies) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR']; + + if ($hasRanges) { + $longIP = ip2long($_SERVER['REMOTE_ADDR']); + $bit32 = 1 << 32; + + foreach($proxies as $ip) { + list($address, $maskLength) = explode('/', $ip); + + $bitmask = $bit32 - (1 << (32 - (int)$maskLength)); + + if (($longIP & $bitmask) == $address) { + $this->ip_address = $_SERVER['HTTP_X_FORWARDED_FOR']; + break; + } + } + } else { + $this->ip_address = in_array($_SERVER['REMOTE_ADDR'], $proxies) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR']; + } } elseif ( ! $this->server('HTTP_CLIENT_IP') && $this->server('REMOTE_ADDR')) { -- cgit v1.2.3-24-g4f1b From 8960acf4fae56fd7b62a451ce8ea571c0e631ed1 Mon Sep 17 00:00:00 2001 From: Jordan Pittman Date: Mon, 23 Jul 2012 09:05:49 -0300 Subject: Update system/core/Input.php --- system/core/Input.php | 28 +++++++++++++++++----------- 1 file changed, 17 insertions(+), 11 deletions(-) (limited to 'system/core') diff --git a/system/core/Input.php b/system/core/Input.php index c0c85a5e8..968a42a9a 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -330,24 +330,30 @@ class CI_Input { if (config_item('proxy_ips') != '' && $this->server('HTTP_X_FORWARDED_FOR') && $this->server('REMOTE_ADDR')) { - $hasRanges = strpos($proxies, '/') !== false; + $has_ranges = strpos($proxies, '/') !== false; $proxies = preg_split('/[\s,]/', config_item('proxy_ips'), -1, PREG_SPLIT_NO_EMPTY); $proxies = is_array($proxies) ? $proxies : array($proxies); - if ($hasRanges) { - $longIP = ip2long($_SERVER['REMOTE_ADDR']); - $bit32 = 1 << 32; - - foreach($proxies as $ip) { - list($address, $maskLength) = explode('/', $ip); - - $bitmask = $bit32 - (1 << (32 - (int)$maskLength)); - - if (($longIP & $bitmask) == $address) { + if ($has_ranges) + { + $long_ip = ip2long($_SERVER['REMOTE_ADDR']); + $bit_32 = 1 << 32; + + // Go through each of the IP Addresses to check for and + // test against range notation + foreach($proxies as $ip) + { + list($address, $mask_length) = explode('/', $ip); + + // Generate the bitmask for a 32 bit IP Address + $bitmask = $bit_32 - (1 << (32 - (int)$mask_length)); + if (($long_ip & $bitmask) == $address) + { $this->ip_address = $_SERVER['HTTP_X_FORWARDED_FOR']; break; } } + } else { $this->ip_address = in_array($_SERVER['REMOTE_ADDR'], $proxies) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR']; } -- cgit v1.2.3-24-g4f1b From 1288fe36214e0c8a22edec16da209081930e17c9 Mon Sep 17 00:00:00 2001 From: vlakoff Date: Mon, 23 Jul 2012 16:22:06 +0200 Subject: output->_display_cache() optimization faster method to remove the timestamp from the content to be served --- system/core/Output.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Output.php b/system/core/Output.php index 5ec8c4bc0..2bf4e998f 100644 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -575,7 +575,7 @@ class CI_Output { } // Display the cache - $this->_display(str_replace($match[0], '', $cache)); + $this->_display(substr($cache, strlen($match[0]))); log_message('debug', 'Cache file is current. Sending it to browser.'); return TRUE; } -- cgit v1.2.3-24-g4f1b From d9384ad6472dd042a897a9b80d78bbf92a794c0f Mon Sep 17 00:00:00 2001 From: vlakoff Date: Mon, 23 Jul 2012 17:06:36 +0200 Subject: output->_display_cache() simplifications remove an unneeded regex capturing group and an unneeded trim() --- system/core/Output.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'system/core') diff --git a/system/core/Output.php b/system/core/Output.php index 2bf4e998f..9842f834d 100644 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -552,13 +552,13 @@ class CI_Output { fclose($fp); // Strip out the embedded timestamp - if ( ! preg_match('/(\d+TS--->)/', $cache, $match)) + if ( ! preg_match('/\d+TS--->/', $cache, $match)) { return FALSE; } $last_modified = filemtime($cache_path); - $expire = trim(str_replace('TS--->', '', $match[1])); + $expire = str_replace('TS--->', '', $match[0]); // Has the file expired? if ($_SERVER['REQUEST_TIME'] >= $expire && is_really_writable($cache_path)) -- cgit v1.2.3-24-g4f1b From a1abadaab34d8d08c54557c7e60d12eb624b72fe Mon Sep 17 00:00:00 2001 From: Chad Furman Date: Sun, 29 Jul 2012 01:03:50 -0400 Subject: refactored (crunched down) _stringify_attributes --- system/core/Common.php | 41 ++++++++++++++++++++++++++++++++++++++++- 1 file changed, 40 insertions(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Common.php b/system/core/Common.php index 06b162264..5cd3961d1 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -598,5 +598,44 @@ if ( ! function_exists('html_escape')) } } +// ------------------------------------------------------------------------ + +if ( ! function_exists('_stringify_attributes')) +{ + /** + * Stringify attributes for use in html tags. + * + * Helper function used to convert a string, array, or object of + * attributes to a string + * + * @param mixed string, array, object + * @param bool + * @return string + */ + function _stringify_attributes($attributes, $js = FALSE) + { + $atts = null; + + if (empty($attributes)) + { + return $atts; + } + + if (is_string($attributes)) + { + return ' '.$attributes; + } + + $attributes = (array) $attributes; + + foreach ($attributes as $key => $val) + { + $atts .= ($js) ? $key.'='.$val.',' : ' '.$key.'="'.$val.'"'; + } + + return rtrim($atts, ','); + } +} + /* End of file Common.php */ -/* Location: ./system/core/Common.php */ \ No newline at end of file +/* Location: ./system/core/Common.php */ -- cgit v1.2.3-24-g4f1b From bdb99999195711903af712fab58fdf4ef3da72ad Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 30 Jul 2012 17:38:05 +0300 Subject: Some clean-up and style changes --- system/core/Common.php | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) (limited to 'system/core') diff --git a/system/core/Common.php b/system/core/Common.php index 5cd3961d1..57374b07d 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -603,18 +603,18 @@ if ( ! function_exists('html_escape')) if ( ! function_exists('_stringify_attributes')) { /** - * Stringify attributes for use in html tags. + * Stringify attributes for use in HTML tags. * - * Helper function used to convert a string, array, or object of - * attributes to a string + * Helper function used to convert a string, array, or object + * of attributes to a string. * - * @param mixed string, array, object - * @param bool - * @return string + * @param mixed string, array, object + * @param bool + * @return string */ function _stringify_attributes($attributes, $js = FALSE) { - $atts = null; + $atts = NULL; if (empty($attributes)) { @@ -632,10 +632,10 @@ if ( ! function_exists('_stringify_attributes')) { $atts .= ($js) ? $key.'='.$val.',' : ' '.$key.'="'.$val.'"'; } - + return rtrim($atts, ','); } } /* End of file Common.php */ -/* Location: ./system/core/Common.php */ +/* Location: ./system/core/Common.php */ \ No newline at end of file -- cgit v1.2.3-24-g4f1b From 0e0c37bc3b8e46d9ecc89fd5591e6b258ebd8b74 Mon Sep 17 00:00:00 2001 From: Francesco Negri Date: Sat, 4 Aug 2012 14:16:50 +0300 Subject: Logging should obey error_reporting() setting If the php error level is not included in the current error_reporting() setting, we should not log it. Also, the log_threshold check is redundant, it's already taken care of by the write_log() method. --- system/core/Common.php | 19 +++++++++---------- 1 file changed, 9 insertions(+), 10 deletions(-) (limited to 'system/core') diff --git a/system/core/Common.php b/system/core/Common.php index 57374b07d..cb99d0505 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -524,21 +524,20 @@ if ( ! function_exists('_exception_handler')) { $_error =& load_class('Exceptions', 'core'); - // Should we display the error? We'll get the current error_reporting + // Should we ignore the error? We'll get the current error_reporting // level and add its bits with the severity bits to find out. - // And respect display_errors - if (($severity & error_reporting()) === $severity && (bool) ini_get('display_errors') === TRUE) + if (($severity & error_reporting()) !== $severity) + { + return; + } + + // Should we display the error? + if ((bool) ini_get('display_errors') === TRUE) { $_error->show_php_error($severity, $message, $filepath, $line); } - // Should we log the error? No? We're done... - if (config_item('log_threshold') === 0) - { - return; - } - - $_error->log_exception($severity, $message, $filepath, $line); + $_error->log_exception($severity, $message, $filepath, $line); } } -- cgit v1.2.3-24-g4f1b From 312bdc5e2160784c7fdd0f38c6d417a9eb5babe0 Mon Sep 17 00:00:00 2001 From: Francesco Negri Date: Sat, 4 Aug 2012 07:32:19 -0400 Subject: fixed whitespace --- system/core/Common.php | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) (limited to 'system/core') diff --git a/system/core/Common.php b/system/core/Common.php index cb99d0505..32c8bd68d 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -527,17 +527,17 @@ if ( ! function_exists('_exception_handler')) // Should we ignore the error? We'll get the current error_reporting // level and add its bits with the severity bits to find out. if (($severity & error_reporting()) !== $severity) - { - return; - } - - // Should we display the error? - if ((bool) ini_get('display_errors') === TRUE) + { + return; + } + + // Should we display the error? + if ((bool) ini_get('display_errors') === TRUE) { $_error->show_php_error($severity, $message, $filepath, $line); } - $_error->log_exception($severity, $message, $filepath, $line); + $_error->log_exception($severity, $message, $filepath, $line); } } -- cgit v1.2.3-24-g4f1b From 5628ba0efca7a631012fef91e259b92d7d807af1 Mon Sep 17 00:00:00 2001 From: dchill42 Date: Wed, 8 Aug 2012 12:05:45 -0400 Subject: Relocated driver base class inclusion so drivers can be loaded with library() --- system/core/Loader.php | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) (limited to 'system/core') diff --git a/system/core/Loader.php b/system/core/Loader.php index ea81c6f26..a62cf06f5 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -409,8 +409,8 @@ class CI_Loader { * 1. The name of the "view" file to be included. * 2. An associative array of data to be extracted for use in the view. * 3. TRUE/FALSE - whether to return the data or load it. In - * some cases it's advantageous to be able to return data so that - * a developer can process it in some way. + * some cases it's advantageous to be able to return data so that + * a developer can process it in some way. * * @param string * @param array @@ -636,12 +636,6 @@ class CI_Loader { return FALSE; } - if ( ! class_exists('CI_Driver_Library')) - { - // we aren't instantiating an object here, that'll be done by the Library itself - require BASEPATH.'libraries/Driver.php'; - } - if ($library === '') { return FALSE; @@ -837,10 +831,10 @@ class CI_Loader { * We buffer the output for two reasons: * 1. Speed. You get a significant speed boost. * 2. So that the final rendered template can be post-processed by - * the output class. Why do we need post processing? For one thing, - * in order to show the elapsed page load time. Unless we can - * intercept the content right before it's sent to the browser and - * then stop the timer it won't be accurate. + * the output class. Why do we need post processing? For one thing, + * in order to show the elapsed page load time. Unless we can + * intercept the content right before it's sent to the browser and + * then stop the timer it won't be accurate. */ ob_start(); @@ -915,6 +909,13 @@ class CI_Loader { // Get the filename from the path $class = substr($class, $last_slash); + + // Check for match and driver base class + if (strtolower($subdir) == strtolower($class) && ! class_exists('CI_Driver_Library')) + { + // We aren't instantiating an object here, just making the base class available + require BASEPATH.'libraries/Driver.php'; + } } // We'll test for both lowercase and capitalized versions of the file name @@ -996,7 +997,6 @@ class CI_Loader { $this->_ci_loaded_files[] = $filepath; return $this->_ci_init_class($class, '', $params, $object_name); } - } // END FOREACH // One last attempt. Maybe the library is in a subdirectory, but it wasn't specified? -- cgit v1.2.3-24-g4f1b From 64f470bfb9b4aa4e0abc984dacd543bb7d059260 Mon Sep 17 00:00:00 2001 From: Joe McFrederick Date: Sat, 18 Aug 2012 12:29:56 -0400 Subject: Fix bug #1000 --- system/core/Loader.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'system/core') diff --git a/system/core/Loader.php b/system/core/Loader.php index 0bc6e844a..656934c87 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -785,11 +785,11 @@ class CI_Loader { $_ci_ext = pathinfo($_ci_view, PATHINFO_EXTENSION); $_ci_file = ($_ci_ext === '') ? $_ci_view.'.php' : $_ci_view; - foreach ($this->_ci_view_paths as $view_file => $cascade) + foreach ($this->_ci_view_paths as $_ci_view_file => $cascade) { - if (file_exists($view_file.$_ci_file)) + if (file_exists($_ci_view_file.$_ci_file)) { - $_ci_path = $view_file.$_ci_file; + $_ci_path = $_ci_view_file.$_ci_file; $file_exists = TRUE; break; } -- cgit v1.2.3-24-g4f1b From aee9265602c3bb30a1f7f3dfd562b9b36cc612a4 Mon Sep 17 00:00:00 2001 From: dchill42 Date: Sun, 26 Aug 2012 21:45:35 -0400 Subject: Fixed select_driver(), cookie sess_destroy(), and native cookie name conflict --- system/core/Loader.php | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Loader.php b/system/core/Loader.php index a62cf06f5..01d99dd37 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -911,7 +911,7 @@ class CI_Loader { $class = substr($class, $last_slash); // Check for match and driver base class - if (strtolower($subdir) == strtolower($class) && ! class_exists('CI_Driver_Library')) + if (strtolower(trim($subdir, '/')) == strtolower($class) && ! class_exists('CI_Driver_Library')) { // We aren't instantiating an object here, just making the base class available require BASEPATH.'libraries/Driver.php'; @@ -1005,6 +1005,12 @@ class CI_Loader { $path = strtolower($class).'/'.$class; return $this->_ci_load_class($path, $params); } + else if (ucfirst($subdir) != $subdir) + { + // Lowercase subdir failed - retry capitalized + $path = ucfirst($subdir).$class; + return $this->_ci_load_class($path, $params); + } // If we got this far we were unable to find the requested class. // We do not issue errors if the load call failed due to a duplicate request -- cgit v1.2.3-24-g4f1b From 0fc3be559d23fda6ab112c01b0cd9156f201af85 Mon Sep 17 00:00:00 2001 From: dchill42 Date: Mon, 27 Aug 2012 20:54:23 -0400 Subject: Fixed multi-driver load return and last-ditch library subdirectory retry object names --- system/core/Loader.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'system/core') diff --git a/system/core/Loader.php b/system/core/Loader.php index 01d99dd37..0d05649ca 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -633,7 +633,7 @@ class CI_Loader { { $this->driver($driver); } - return FALSE; + return; } if ($library === '') @@ -1003,13 +1003,13 @@ class CI_Loader { if ($subdir === '') { $path = strtolower($class).'/'.$class; - return $this->_ci_load_class($path, $params); + return $this->_ci_load_class($path, $params, $object_name); } else if (ucfirst($subdir) != $subdir) { // Lowercase subdir failed - retry capitalized $path = ucfirst($subdir).$class; - return $this->_ci_load_class($path, $params); + return $this->_ci_load_class($path, $params, $object_name); } // If we got this far we were unable to find the requested class. -- cgit v1.2.3-24-g4f1b From b16dd29147fa8155cb9d9dadfb7c587aef81d772 Mon Sep 17 00:00:00 2001 From: vlakoff Date: Sun, 16 Sep 2012 19:11:39 +0200 Subject: Minor change in Output cache file check Won't change anything in practice, but robuster (and faster) if ever a cache file would be invalid --- system/core/Output.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Output.php b/system/core/Output.php index 9842f834d..847c61e3e 100644 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -552,7 +552,7 @@ class CI_Output { fclose($fp); // Strip out the embedded timestamp - if ( ! preg_match('/\d+TS--->/', $cache, $match)) + if ( ! preg_match('/^\d+TS--->/', $cache, $match)) { return FALSE; } -- cgit v1.2.3-24-g4f1b From 239e0e598f0b9462e195db5da658095eb70cf6e3 Mon Sep 17 00:00:00 2001 From: vlakoff Date: Sun, 16 Sep 2012 19:16:33 +0200 Subject: Better method for getting Output cache file embedded timestamp Faster, shorter code --- system/core/Output.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'system/core') diff --git a/system/core/Output.php b/system/core/Output.php index 847c61e3e..052367ed6 100644 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -552,13 +552,13 @@ class CI_Output { fclose($fp); // Strip out the embedded timestamp - if ( ! preg_match('/^\d+TS--->/', $cache, $match)) + if ( ! preg_match('/^(\d+)TS--->/', $cache, $match)) { return FALSE; } $last_modified = filemtime($cache_path); - $expire = str_replace('TS--->', '', $match[0]); + $expire = $match[1]; // Has the file expired? if ($_SERVER['REQUEST_TIME'] >= $expire && is_really_writable($cache_path)) -- cgit v1.2.3-24-g4f1b From 14c9331420c960ff3237c2d82e34f7ebf8c6f12a Mon Sep 17 00:00:00 2001 From: Adam McCann Date: Thu, 20 Sep 2012 01:16:43 +0100 Subject: Fixes issue #1815 - input::ip_address() returns incorrect IP behind proxy --- system/core/Input.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Input.php b/system/core/Input.php index 968a42a9a..5b8e62389 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -383,7 +383,7 @@ class CI_Input { if (strpos($this->ip_address, ',') !== FALSE) { $x = explode(',', $this->ip_address); - $this->ip_address = trim(end($x)); + $this->ip_address = trim($x[0]); } if ( ! $this->valid_ip($this->ip_address)) -- cgit v1.2.3-24-g4f1b From 5b92ae1dfb6ac99630693d193b0d3f60f9df525f Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 4 Oct 2012 13:05:03 +0300 Subject: Misc. style fixes [ci skip] --- system/core/Input.php | 20 ++++++++++++-------- 1 file changed, 12 insertions(+), 8 deletions(-) (limited to 'system/core') diff --git a/system/core/Input.php b/system/core/Input.php index 5b8e62389..657fce625 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -330,10 +330,10 @@ class CI_Input { if (config_item('proxy_ips') != '' && $this->server('HTTP_X_FORWARDED_FOR') && $this->server('REMOTE_ADDR')) { - $has_ranges = strpos($proxies, '/') !== false; + $has_ranges = strpos($proxies, '/') !== FALSE; $proxies = preg_split('/[\s,]/', config_item('proxy_ips'), -1, PREG_SPLIT_NO_EMPTY); $proxies = is_array($proxies) ? $proxies : array($proxies); - + if ($has_ranges) { $long_ip = ip2long($_SERVER['REMOTE_ADDR']); @@ -341,21 +341,25 @@ class CI_Input { // Go through each of the IP Addresses to check for and // test against range notation - foreach($proxies as $ip) + foreach ($proxies as $ip) { - list($address, $mask_length) = explode('/', $ip); + list($address, $mask_length) = explode('/', $ip, 2); // Generate the bitmask for a 32 bit IP Address - $bitmask = $bit_32 - (1 << (32 - (int)$mask_length)); - if (($long_ip & $bitmask) == $address) + $bitmask = $bit_32 - (1 << (32 - (int) $mask_length)); + if (($long_ip & $bitmask) === $address) { $this->ip_address = $_SERVER['HTTP_X_FORWARDED_FOR']; break; } } - } else { - $this->ip_address = in_array($_SERVER['REMOTE_ADDR'], $proxies) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR']; + } + else + { + $this->ip_address = in_array($_SERVER['REMOTE_ADDR'], $proxies) + ? $_SERVER['HTTP_X_FORWARDED_FOR'] + : $_SERVER['REMOTE_ADDR']; } } elseif ( ! $this->server('HTTP_CLIENT_IP') && $this->server('REMOTE_ADDR')) -- cgit v1.2.3-24-g4f1b From 6602cd7b7433b1d514b0f944cc9de563133174cf Mon Sep 17 00:00:00 2001 From: Daniel Morris Date: Thu, 4 Oct 2012 21:06:21 +0100 Subject: DRY determining server protocol Signed-off-by: Daniel Morris --- system/core/Common.php | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) (limited to 'system/core') diff --git a/system/core/Common.php b/system/core/Common.php index 57374b07d..09b73ef2e 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -488,13 +488,9 @@ if ( ! function_exists('set_status_header')) { header('Status: '.$code.' '.$text, TRUE); } - elseif ($server_protocol === 'HTTP/1.0') - { - header('HTTP/1.0 '.$code.' '.$text, TRUE, $code); - } else { - header('HTTP/1.1 '.$code.' '.$text, TRUE, $code); + header($server_protocol.' '.$code.' '.$text, TRUE, $code); } } } -- cgit v1.2.3-24-g4f1b From e5f9e4a6069db57ec6c166bc8f198b1c229cf399 Mon Sep 17 00:00:00 2001 From: Daniel Morris Date: Thu, 4 Oct 2012 21:33:46 +0100 Subject: Default to HTTP/1.1 if $server_protocol is not set Signed-off-by: Daniel Morris --- system/core/Common.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Common.php b/system/core/Common.php index 09b73ef2e..2a804877d 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -490,7 +490,7 @@ if ( ! function_exists('set_status_header')) } else { - header($server_protocol.' '.$code.' '.$text, TRUE, $code); + header($server_protocol ?: 'HTTP/1.1'.' '.$code.' '.$text, TRUE, $code); } } } -- cgit v1.2.3-24-g4f1b From 7885c5cac9932e0598719682522b1c4902c15876 Mon Sep 17 00:00:00 2001 From: Daniel Morris Date: Thu, 4 Oct 2012 21:44:09 +0100 Subject: Compatibility with PHP 5.2.4 and enclosed ternary operation Signed-off-by: Daniel Morris --- system/core/Common.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Common.php b/system/core/Common.php index 2a804877d..e449dd2e0 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -490,7 +490,7 @@ if ( ! function_exists('set_status_header')) } else { - header($server_protocol ?: 'HTTP/1.1'.' '.$code.' '.$text, TRUE, $code); + header(($server_protocol ? $server_protocol : 'HTTP/1.1').' '.$code.' '.$text, TRUE, $code); } } } -- cgit v1.2.3-24-g4f1b From 9438e26671ee1f0b49c8da7a56a0a195788fd5da Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 5 Oct 2012 13:16:27 +0300 Subject: Fix issue #116 + other space/style fixes [ci skip --- system/core/Config.php | 2 +- system/core/Loader.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'system/core') diff --git a/system/core/Config.php b/system/core/Config.php index 2f6a9e085..8e4f998ef 100644 --- a/system/core/Config.php +++ b/system/core/Config.php @@ -102,7 +102,7 @@ class CI_Config { { $file = ($file === '') ? 'config' : str_replace('.php', '', $file); $found = $loaded = FALSE; - + $check_locations = defined('ENVIRONMENT') ? array(ENVIRONMENT.'/'.$file, $file) : array($file); diff --git a/system/core/Loader.php b/system/core/Loader.php index 89b2028bf..75e93608a 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -1275,4 +1275,4 @@ class CI_Loader { } /* End of file Loader.php */ -/* Location: ./system/core/Loader.php */ +/* Location: ./system/core/Loader.php */ \ No newline at end of file -- cgit v1.2.3-24-g4f1b From 9ac557f2473844f3c2207189f371f827dbaddb71 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 6 Oct 2012 20:27:57 +0300 Subject: Add IPv6 and array() support for *proxy_ips* configuration --- system/core/Input.php | 141 +++++++++++++++++++++++++++++++++++--------------- 1 file changed, 99 insertions(+), 42 deletions(-) (limited to 'system/core') diff --git a/system/core/Input.php b/system/core/Input.php index 657fce625..4a0caa5b5 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -328,60 +328,117 @@ class CI_Input { return $this->ip_address; } - if (config_item('proxy_ips') != '' && $this->server('HTTP_X_FORWARDED_FOR') && $this->server('REMOTE_ADDR')) + $proxy_ips = config_item('proxy_ips'); + if (empty($proxy_ips)) { - $has_ranges = strpos($proxies, '/') !== FALSE; - $proxies = preg_split('/[\s,]/', config_item('proxy_ips'), -1, PREG_SPLIT_NO_EMPTY); - $proxies = is_array($proxies) ? $proxies : array($proxies); + $proxy_ips = FALSE; + } + elseif ( ! is_array($proxy_ips)) + { + $proxy_ips = explode(',', str_replace(' ', '', $proxy_ips)); + } - if ($has_ranges) - { - $long_ip = ip2long($_SERVER['REMOTE_ADDR']); - $bit_32 = 1 << 32; + $this->ip_address = $this->server('REMOTE_ADDR'); - // Go through each of the IP Addresses to check for and - // test against range notation - foreach ($proxies as $ip) + if ($proxy_ips) + { + foreach (array('HTTP_X_FORWARDED_FOR', 'HTTP_CLIENT_IP', 'HTTP_X_CLIENT_IP', 'HTTP_X_CLUSTER_CLIENT_IP') as $header) + { + if (($spoof = $this->server($header)) !== NULL) { - list($address, $mask_length) = explode('/', $ip, 2); + // Some proxies typically list the whole chain of IP + // addresses through which the client has reached us. + // e.g. client_ip, proxy_ip1, proxy_ip2, etc. + if (strpos($spoof, ',') !== FALSE) + { + $spoof = explode(',', $spoof, 2); + $spoof = $spoof[0]; + } - // Generate the bitmask for a 32 bit IP Address - $bitmask = $bit_32 - (1 << (32 - (int) $mask_length)); - if (($long_ip & $bitmask) === $address) + if ( ! $this->valid_ip($spoof)) + { + $spoof = NULL; + } + else { - $this->ip_address = $_SERVER['HTTP_X_FORWARDED_FOR']; break; } } - } - else + + if ($spoof !== NULL) { - $this->ip_address = in_array($_SERVER['REMOTE_ADDR'], $proxies) - ? $_SERVER['HTTP_X_FORWARDED_FOR'] - : $_SERVER['REMOTE_ADDR']; - } - } - elseif ( ! $this->server('HTTP_CLIENT_IP') && $this->server('REMOTE_ADDR')) - { - $this->ip_address = $_SERVER['REMOTE_ADDR']; - } - elseif ($this->server('REMOTE_ADDR') && $this->server('HTTP_CLIENT_IP')) - { - $this->ip_address = $_SERVER['HTTP_CLIENT_IP']; - } - elseif ($this->server('HTTP_CLIENT_IP')) - { - $this->ip_address = $_SERVER['HTTP_CLIENT_IP']; - } - elseif ($this->server('HTTP_X_FORWARDED_FOR')) - { - $this->ip_address = $_SERVER['HTTP_X_FORWARDED_FOR']; - } + for ($i = 0, $c = count($proxy_ips), $separator = (strlen($ip) === 32 ? '.' : ':'); $i < $c; $i++) + { + // Check if we have an IP address or a subnet + if (strpos($proxy_ips[$i], '/') === FALSE) + { + // An IP address (and not a subnet) is specified. + // We can compare right away. + if ($proxy_ips[$i] === $this->ip_address) + { + $this->ip_address = $spoof; + break; + } + + continue; + } - if ($this->ip_address === FALSE) - { - return $this->ip_address = '0.0.0.0'; + // We have a subnet ... now the heavy lifting begins + isset($separator) OR $separator = $this->valid_ip($this->ip_address, 'ipv6') ? ':' : '.'; + + // If the proxy entry doesn't match the IP protocol - skip it + if (strpos($proxy_ips[$i], $separator) === FALSE) + { + continue; + } + + // Convert the REMOTE_ADDR IP address to binary, if needed + if ( ! isset($ip, $convert_func)) + { + if ($separator === ':') + { + // Make sure we're have the "full" IPv6 format + $ip = str_replace('::', str_repeat(':', 9 - substr_count($this->ip_address, ':')), $this->ip_address); + $convert_func = is_php('5.3') + ? function ($value) + { + return str_pad(base_convert($value, 16, 2), 16, '0', STR_PAD_LEFT); + } + : create_function('$value', 'return str_pad(base_convert($value, 16, 2), 16, "0", STR_PAD_LEFT);'); + } + else + { + $ip = $this->ip_address; + $convert_func = is_php('5.3') + ? function ($value) + { + return str_pad(decbin($value), 8, '0', STR_PAD_LEFT); + } + : create_function('$value', 'return str_pad(decbin($value), 8, "0", STR_PAD_LEFT);'); + } + + $ip = implode(array_map($convert_func, explode($separator, $ip))); + } + + // Split the netmask length off the network address + list($netaddr, $masklen) = explode('/', $proxy_ips[$i], 2); + + // Again, an IPv6 address is most likely in a compressed form + if ($separator === ':') + { + $netaddr = str_replace('::', str_repeat(':', 9 - substr_count($netaddr, ':')), $netaddr); + } + + // Convert to a binary form and finally compare + $netaddr = implode(array_map($convert_func, explode($separator, $netaddr))); + if (strncmp($ip, $netaddr, $masklen) === 0) + { + $this->ip_address = $spoof; + break; + } + } + } } if (strpos($this->ip_address, ',') !== FALSE) -- cgit v1.2.3-24-g4f1b From e45ad2b74d9534395616d661cf4656d6f259943b Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 9 Oct 2012 13:11:15 +0300 Subject: Merge changes from 2.1-stable --- system/core/Input.php | 97 +++++++++++++++++++++++++-------------------------- 1 file changed, 48 insertions(+), 49 deletions(-) (limited to 'system/core') diff --git a/system/core/Input.php b/system/core/Input.php index 657fce625..4bb08f808 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -328,66 +328,65 @@ class CI_Input { return $this->ip_address; } - if (config_item('proxy_ips') != '' && $this->server('HTTP_X_FORWARDED_FOR') && $this->server('REMOTE_ADDR')) - { - $has_ranges = strpos($proxies, '/') !== FALSE; - $proxies = preg_split('/[\s,]/', config_item('proxy_ips'), -1, PREG_SPLIT_NO_EMPTY); - $proxies = is_array($proxies) ? $proxies : array($proxies); + $this->ip_address = $_SERVER['REMOTE_ADDR']; + $proxy_ips = config_item('proxy_ips'); - if ($has_ranges) + if ( ! empty($proxy_ips)) + { + foreach (array('HTTP_X_FORWARDED_FOR', 'HTTP_CLIENT_IP', 'HTTP_X_CLIENT_IP', 'HTTP_X_CLUSTER_CLIENT_IP') as $header) { - $long_ip = ip2long($_SERVER['REMOTE_ADDR']); - $bit_32 = 1 << 32; - - // Go through each of the IP Addresses to check for and - // test against range notation - foreach ($proxies as $ip) + if (($spoof = $this->server($header)) !== FALSE) { - list($address, $mask_length) = explode('/', $ip, 2); + // Some proxies typically list the whole chain of IP + // addresses through which the client has reached us. + // e.g. client_ip, proxy_ip1, proxy_ip2, etc. + if (strpos($spoof, ',') !== FALSE) + { + $spoof = explode(',', $spoof, 2); + $spoof = $spoof[0]; + } - // Generate the bitmask for a 32 bit IP Address - $bitmask = $bit_32 - (1 << (32 - (int) $mask_length)); - if (($long_ip & $bitmask) === $address) + if ( ! $this->valid_ip($spoof)) + { + $spoof = FALSE; + } + else { - $this->ip_address = $_SERVER['HTTP_X_FORWARDED_FOR']; break; } } - } - else + + if ($spoof) { - $this->ip_address = in_array($_SERVER['REMOTE_ADDR'], $proxies) - ? $_SERVER['HTTP_X_FORWARDED_FOR'] - : $_SERVER['REMOTE_ADDR']; - } - } - elseif ( ! $this->server('HTTP_CLIENT_IP') && $this->server('REMOTE_ADDR')) - { - $this->ip_address = $_SERVER['REMOTE_ADDR']; - } - elseif ($this->server('REMOTE_ADDR') && $this->server('HTTP_CLIENT_IP')) - { - $this->ip_address = $_SERVER['HTTP_CLIENT_IP']; - } - elseif ($this->server('HTTP_CLIENT_IP')) - { - $this->ip_address = $_SERVER['HTTP_CLIENT_IP']; - } - elseif ($this->server('HTTP_X_FORWARDED_FOR')) - { - $this->ip_address = $_SERVER['HTTP_X_FORWARDED_FOR']; - } + $has_ranges = (strpos($proxy_ips, '/') !== FALSE); + $proxy_ips = explode(',', str_replace(' ', '', $proxy_ips)); - if ($this->ip_address === FALSE) - { - return $this->ip_address = '0.0.0.0'; - } + if ($has_ranges) + { + $long_ip = ip2long($_SERVER['REMOTE_ADDR']); + $bit_32 = 1 << 32; - if (strpos($this->ip_address, ',') !== FALSE) - { - $x = explode(',', $this->ip_address); - $this->ip_address = trim($x[0]); + // Go through each of the IP Addresses to check for and + // test against range notation + foreach ($proxy_ips as $ip) + { + list($address, $mask_length) = explode('/', $ip, 2); + + // Generate the bitmask for a 32 bit IP Address + $bitmask = $bit_32 - (1 << (32 - (int) $mask_length)); + if (($long_ip & $bitmask) === $address) + { + $this->ip_address = $spoof; + break; + } + } + } + elseif (in_array($_SERVER['REMOTE_ADDR'], $proxy_ips, TRUE)) + { + $this->ip_address = $spoof; + } + } } if ( ! $this->valid_ip($this->ip_address)) @@ -545,7 +544,7 @@ class CI_Input { $_SERVER['PHP_SELF'] = strip_tags($_SERVER['PHP_SELF']); // CSRF Protection check - if ($this->_enable_csrf === TRUE) + if ($this->_enable_csrf === TRUE && ! $this->is_cli_request()) { $this->security->csrf_verify(); } -- cgit v1.2.3-24-g4f1b From 9df35b4d23848e831ead765712addd0b845fd8f4 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 9 Oct 2012 13:37:58 +0300 Subject: Remove an unnecessary variable initialization --- system/core/Input.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Input.php b/system/core/Input.php index b65509fd7..82482f2aa 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -364,7 +364,7 @@ class CI_Input { if ($spoof) { - for ($i = 0, $c = count($proxy_ips), $separator = (strlen($ip) === 32 ? '.' : ':'); $i < $c; $i++) + for ($i = 0, $c = count($proxy_ips); $i < $c; $i++) { // Check if we have an IP address or a subnet if (strpos($proxy_ips[$i], '/') === FALSE) -- cgit v1.2.3-24-g4f1b From 6c5f751b5ae66800e7ef3f70306a6bcbcdeeabf1 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 10 Oct 2012 15:56:18 +0300 Subject: mbstring related changes --- system/core/Utf8.php | 37 +++++++++++++++++++------------------ 1 file changed, 19 insertions(+), 18 deletions(-) (limited to 'system/core') diff --git a/system/core/Utf8.php b/system/core/Utf8.php index 0a7ec501c..9e6a4eb1b 100644 --- a/system/core/Utf8.php +++ b/system/core/Utf8.php @@ -49,30 +49,31 @@ class CI_Utf8 { { log_message('debug', 'Utf8 Class Initialized'); - global $CFG; + $charset = strtoupper(config_item('charset')); + + // set internal encoding for multibyte string functions if necessary + // and set a flag so we don't have to repeatedly use extension_loaded() + // or function_exists() + if (extension_loaded('mbstring')) + { + define('MB_ENABLED', TRUE); + mb_internal_encoding($charset); + } + else + { + define('MB_ENABLED', FALSE); + } + if ( - @preg_match('/./u', 'é') === 1 // PCRE must support UTF-8 - && function_exists('iconv') // iconv must be installed - && (bool) @ini_get('mbstring.func_overload') !== TRUE // Multibyte string function overloading cannot be enabled - && $CFG->item('charset') === 'UTF-8' // Application charset must be UTF-8 + @preg_match('/./u', 'é') === 1 // PCRE must support UTF-8 + && function_exists('iconv') // iconv must be installed + && MB_ENABLED === TRUE // mbstring must be enabled + && $charset === 'UTF-8' // Application charset must be UTF-8 ) { define('UTF8_ENABLED', TRUE); log_message('debug', 'UTF-8 Support Enabled'); - - // set internal encoding for multibyte string functions if necessary - // and set a flag so we don't have to repeatedly use extension_loaded() - // or function_exists() - if (extension_loaded('mbstring')) - { - define('MB_ENABLED', TRUE); - mb_internal_encoding('UTF-8'); - } - else - { - define('MB_ENABLED', FALSE); - } } else { -- cgit v1.2.3-24-g4f1b From 9f44c21a3c90e984becaea3948ebafe90d89ac56 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 10 Oct 2012 16:07:17 +0300 Subject: Changelog entry for previous commit and change default charset for the Email library to whatever the config array says --- system/core/Utf8.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Utf8.php b/system/core/Utf8.php index 9e6a4eb1b..1ff02981b 100644 --- a/system/core/Utf8.php +++ b/system/core/Utf8.php @@ -136,7 +136,7 @@ class CI_Utf8 { { return @iconv($encoding, 'UTF-8', $str); } - elseif (function_exists('mb_convert_encoding')) + elseif (MB_ENABLED === TRUE) { return @mb_convert_encoding($str, 'UTF-8', $encoding); } -- cgit v1.2.3-24-g4f1b From a52c775d490fede2a0cb7f54f0dcc5010d7e0465 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 11 Oct 2012 10:54:02 +0300 Subject: Replace a few require() uses with require_once() (should fix issue #1872) --- system/core/CodeIgniter.php | 2 +- system/core/Common.php | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) (limited to 'system/core') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index 8159b19f5..f3592eaf9 100644 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -50,7 +50,7 @@ * Load the global functions * ------------------------------------------------------ */ - require(BASEPATH.'core/Common.php'); + require_once(BASEPATH.'core/Common.php'); /* * ------------------------------------------------------ diff --git a/system/core/Common.php b/system/core/Common.php index 981af4559..341402c6b 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -150,7 +150,7 @@ if ( ! function_exists('load_class')) if (class_exists($name) === FALSE) { - require($path.$directory.'/'.$class.'.php'); + require_once($path.$directory.'/'.$class.'.php'); } break; @@ -164,7 +164,7 @@ if ( ! function_exists('load_class')) if (class_exists($name) === FALSE) { - require(APPPATH.$directory.'/'.config_item('subclass_prefix').$class.'.php'); + require_once(APPPATH.$directory.'/'.config_item('subclass_prefix').$class.'.php'); } } -- cgit v1.2.3-24-g4f1b From 82d2cf17e77d0ca5ffdcaafb72ca2d3dc82dc142 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 13 Oct 2012 12:38:42 +0300 Subject: Fix CI_Input::ip_address() subnet detection --- system/core/Input.php | 48 ++++++++++++++++++++++++++++-------------------- 1 file changed, 28 insertions(+), 20 deletions(-) (limited to 'system/core') diff --git a/system/core/Input.php b/system/core/Input.php index 82482f2aa..ec935d531 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -390,31 +390,32 @@ class CI_Input { } // Convert the REMOTE_ADDR IP address to binary, if needed - if ( ! isset($ip, $convert_func)) + if ( ! isset($ip, $sprintf)) { if ($separator === ':') { // Make sure we're have the "full" IPv6 format - $ip = str_replace('::', str_repeat(':', 9 - substr_count($this->ip_address, ':')), $this->ip_address); - $convert_func = is_php('5.3') - ? function ($value) - { - return str_pad(base_convert($value, 16, 2), 16, '0', STR_PAD_LEFT); - } - : create_function('$value', 'return str_pad(base_convert($value, 16, 2), 16, "0", STR_PAD_LEFT);'); + $ip = explode(':', + str_replace('::', + str_repeat(':', 9 - substr_count($this->ip_address, ':')), + $this->ip_address + ) + ); + + for ($i = 0; $i < 8; $i++) + { + $ip[$i] = intval($ip[$i], 16); + } + + $sprintf = '%016b%016b%016b%016b%016b%016b%016b%016b'; } else { - $ip = $this->ip_address; - $convert_func = is_php('5.3') - ? function ($value) - { - return str_pad(decbin($value), 8, '0', STR_PAD_LEFT); - } - : create_function('$value', 'return str_pad(decbin($value), 8, "0", STR_PAD_LEFT);'); + $ip = explode('.', $this->ip_address); + $sprintf = '%08b%08b%08b%08b'; } - $ip = implode(array_map($convert_func, explode($separator, $ip))); + $ip = vsprintf($sprintf, $ip); } // Split the netmask length off the network address @@ -423,12 +424,19 @@ class CI_Input { // Again, an IPv6 address is most likely in a compressed form if ($separator === ':') { - $netaddr = str_replace('::', str_repeat(':', 9 - substr_count($netaddr, ':')), $netaddr); + $netaddr = explode(':', str_replace('::', str_repeat(':', 9 - substr_count($netaddr, ':')), $netaddr)); + for ($i = 0; $i < 8; $i++) + { + $netaddr[$i] = intval($netaddr[$i], 16); + } + } + else + { + $netaddr = explode('.', $netaddr); } - // Convert to a binary form and finally compare - $netaddr = implode(array_map($convert_func, explode($separator, $netaddr))); - if (strncmp($ip, $netaddr, $masklen) === 0) + // Convert to binary and finally compare + if (strncmp($ip, vsprintf($sprintf, $netaddr), $masklen) === 0) { $this->ip_address = $spoof; break; -- cgit v1.2.3-24-g4f1b From 3fb026713013b60845c4cfe633a8a59a30b9c7dd Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 22 Oct 2012 16:48:01 +0300 Subject: Add is_https() as a common function --- system/core/Common.php | 18 ++++++++++++++++++ system/core/Config.php | 2 +- system/core/Security.php | 2 +- 3 files changed, 20 insertions(+), 2 deletions(-) (limited to 'system/core') diff --git a/system/core/Common.php b/system/core/Common.php index 341402c6b..2dd31d3e9 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -330,6 +330,24 @@ if ( ! function_exists('get_mimes')) // ------------------------------------------------------------------------ +if ( ! function_exists('is_https')) +{ + /** + * Is HTTPS? + * + * Determines if the application is accessed via an encrypted + * (HTTPS) connection. + * + * @return bool + */ + function is_https() + { + return ( ! empty($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) !== 'off'); + } +} + +// ------------------------------------------------------------------------ + if ( ! function_exists('show_error')) { /** diff --git a/system/core/Config.php b/system/core/Config.php index 8e4f998ef..e78128c76 100644 --- a/system/core/Config.php +++ b/system/core/Config.php @@ -75,7 +75,7 @@ class CI_Config { { if (isset($_SERVER['HTTP_HOST'])) { - $base_url = ( ! empty($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) !== 'off') ? 'https' : 'http'; + $base_url = is_https() ? 'https' : 'http'; $base_url .= '://'.$_SERVER['HTTP_HOST'] .str_replace(basename($_SERVER['SCRIPT_NAME']), '', $_SERVER['SCRIPT_NAME']); } diff --git a/system/core/Security.php b/system/core/Security.php index b22d2cf19..2fbc5b34c 100644 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -198,7 +198,7 @@ class CI_Security { $expire = time() + $this->_csrf_expire; $secure_cookie = (bool) config_item('cookie_secure'); - if ($secure_cookie && (empty($_SERVER['HTTPS']) OR strtolower($_SERVER['HTTPS']) === 'off')) + if ($secure_cookie && ! is_https()) { return FALSE; } -- cgit v1.2.3-24-g4f1b From f5f898f8f30968fb36413a14de2dc6a4599b79a6 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 23 Oct 2012 02:13:29 +0300 Subject: Fix issue #779 --- system/core/URI.php | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) (limited to 'system/core') diff --git a/system/core/URI.php b/system/core/URI.php index 6a8b1a5ac..15e6a5599 100644 --- a/system/core/URI.php +++ b/system/core/URI.php @@ -165,11 +165,8 @@ class CI_URI { */ protected function _set_uri_string($str) { - // Filter out control characters - $str = remove_invisible_characters($str, FALSE); - - // If the URI contains only a slash we'll kill it - $this->uri_string = ($str === '/') ? '' : $str; + // Filter out control characters and trim slashes + $this->uri_string = trim(remove_invisible_characters($str, FALSE), '/'); } // -------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From 5fd3ae8d33a4f5d3159b86683b9a670e973a63f5 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 24 Oct 2012 14:55:35 +0300 Subject: [ci skip] style and phpdoc-related changes (rel #1295) --- system/core/Controller.php | 2 ++ system/core/Loader.php | 4 ++-- system/core/Output.php | 3 ++- 3 files changed, 6 insertions(+), 3 deletions(-) (limited to 'system/core') diff --git a/system/core/Controller.php b/system/core/Controller.php index 491414807..9196958ae 100644 --- a/system/core/Controller.php +++ b/system/core/Controller.php @@ -42,6 +42,7 @@ class CI_Controller { /** * Reference to the global CI instance * + * @static * @var object */ private static $instance; @@ -71,6 +72,7 @@ class CI_Controller { /** * Return the CI object * + * @static * @return object */ public static function &get_instance() diff --git a/system/core/Loader.php b/system/core/Loader.php index 75e93608a..5de2e5dde 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -689,7 +689,7 @@ class CI_Loader { */ public function get_package_paths($include_base = FALSE) { - return $include_base === TRUE ? $this->_ci_library_paths : $this->_ci_model_paths; + return ($include_base === TRUE) ? $this->_ci_library_paths : $this->_ci_model_paths; } // -------------------------------------------------------------------- @@ -1005,7 +1005,7 @@ class CI_Loader { $path = strtolower($class).'/'.$class; return $this->_ci_load_class($path, $params, $object_name); } - else if (ucfirst($subdir) != $subdir) + elseif (ucfirst($subdir) != $subdir) { // Lowercase subdir failed - retry capitalized $path = ucfirst($subdir).$class; diff --git a/system/core/Output.php b/system/core/Output.php index 052367ed6..aa0e05dc4 100644 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -204,7 +204,8 @@ class CI_Output { /** * Set Content Type Header * - * @param string extension of the file we're outputting + * @param string $mime_type extension of the file we're outputting + * @param string $charset = NULL * @return void */ public function set_content_type($mime_type, $charset = NULL) -- cgit v1.2.3-24-g4f1b