From b97d21f92c3f38aaab36d2c1f885918375417845 Mon Sep 17 00:00:00 2001 From: Derek Jones Date: Tue, 2 Mar 2010 12:53:43 -0600 Subject: moving core library files out of libraries into new core folder --- system/core/Base4.php | 69 +++ system/core/Base5.php | 56 +++ system/core/Benchmark.php | 113 +++++ system/core/CodeIgniter.php | 280 +++++++++++ system/core/Common.php | 421 +++++++++++++++++ system/core/Compat.php | 93 ++++ system/core/Config.php | 244 ++++++++++ system/core/Controller.php | 127 +++++ system/core/Exceptions.php | 174 +++++++ system/core/Hooks.php | 226 +++++++++ system/core/Input.php | 1067 ++++++++++++++++++++++++++++++++++++++++++ system/core/Lang.php | 123 +++++ system/core/Loader.php | 1085 +++++++++++++++++++++++++++++++++++++++++++ system/core/Model.php | 83 ++++ system/core/Output.php | 409 ++++++++++++++++ system/core/Router.php | 389 ++++++++++++++++ system/core/URI.php | 586 +++++++++++++++++++++++ system/core/index.html | 10 + 18 files changed, 5555 insertions(+) create mode 100644 system/core/Base4.php create mode 100644 system/core/Base5.php create mode 100644 system/core/Benchmark.php create mode 100644 system/core/CodeIgniter.php create mode 100644 system/core/Common.php create mode 100644 system/core/Compat.php create mode 100644 system/core/Config.php create mode 100644 system/core/Controller.php create mode 100644 system/core/Exceptions.php create mode 100644 system/core/Hooks.php create mode 100644 system/core/Input.php create mode 100644 system/core/Lang.php create mode 100644 system/core/Loader.php create mode 100644 system/core/Model.php create mode 100644 system/core/Output.php create mode 100644 system/core/Router.php create mode 100644 system/core/URI.php create mode 100644 system/core/index.html (limited to 'system/core') diff --git a/system/core/Base4.php b/system/core/Base4.php new file mode 100644 index 000000000..3561c2564 --- /dev/null +++ b/system/core/Base4.php @@ -0,0 +1,69 @@ +load->library('email') to instantiate + * classes that can then be used within controllers as $this->email->send() + * + * PHP 4 also has trouble referencing the CI super object within application + * constructors since objects do not exist until the class is fully + * instantiated. Basically PHP 4 sucks... + * + * Since PHP 5 doesn't suffer from this problem so we load one of + * two files based on the version of PHP being run. + * + * @package CodeIgniter + * @subpackage codeigniter + * @category front-controller + * @author ExpressionEngine Dev Team + * @link http://codeigniter.com/user_guide/ + */ + class CI_Base extends CI_Loader { + + function CI_Base() + { + // This allows syntax like $this->load->foo() to work + parent::CI_Loader(); + $this->load =& $this; + + // This allows resources used within controller constructors to work + global $OBJ; + $OBJ = $this->load; // Do NOT use a reference. + } +} + +function &get_instance() +{ + global $CI, $OBJ; + + if (is_object($CI)) + { + return $CI; + } + + return $OBJ->load; +} + + +/* End of file Base4.php */ +/* Location: ./system/codeigniter/Base4.php */ \ No newline at end of file diff --git a/system/core/Base5.php b/system/core/Base5.php new file mode 100644 index 000000000..5d944ae5a --- /dev/null +++ b/system/core/Base5.php @@ -0,0 +1,56 @@ +marker[$name] = microtime(); + } + + // -------------------------------------------------------------------- + + /** + * Calculates the time difference between two marked points. + * + * If the first parameter is empty this function instead returns the + * {elapsed_time} pseudo-variable. This permits the full system + * execution time to be shown in a template. The output class will + * swap the real value for this variable. + * + * @access public + * @param string a particular marked point + * @param string a particular marked point + * @param integer the number of decimal places + * @return mixed + */ + function elapsed_time($point1 = '', $point2 = '', $decimals = 4) + { + if ($point1 == '') + { + return '{elapsed_time}'; + } + + if ( ! isset($this->marker[$point1])) + { + return ''; + } + + if ( ! isset($this->marker[$point2])) + { + $this->marker[$point2] = microtime(); + } + + list($sm, $ss) = explode(' ', $this->marker[$point1]); + list($em, $es) = explode(' ', $this->marker[$point2]); + + return number_format(($em + $es) - ($sm + $ss), $decimals); + } + + // -------------------------------------------------------------------- + + /** + * Memory Usage + * + * This function returns the {memory_usage} pseudo-variable. + * This permits it to be put it anywhere in a template + * without the memory being calculated until the end. + * The output class will swap the real value for this variable. + * + * @access public + * @return string + */ + function memory_usage() + { + return '{memory_usage}'; + } + +} + +// END CI_Benchmark class + +/* End of file Benchmark.php */ +/* Location: ./system/libraries/Benchmark.php */ \ No newline at end of file diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php new file mode 100644 index 000000000..5d5bb144b --- /dev/null +++ b/system/core/CodeIgniter.php @@ -0,0 +1,280 @@ +mark('total_execution_time_start'); +$BM->mark('loading_time_base_classes_start'); + +/* + * ------------------------------------------------------ + * Instantiate the hooks class + * ------------------------------------------------------ + */ + +$EXT =& load_class('Hooks'); + +/* + * ------------------------------------------------------ + * Is there a "pre_system" hook? + * ------------------------------------------------------ + */ +$EXT->_call_hook('pre_system'); + +/* + * ------------------------------------------------------ + * Instantiate the base classes + * ------------------------------------------------------ + */ + +$CFG =& load_class('Config'); +$URI =& load_class('URI'); +$RTR =& load_class('Router'); +$OUT =& load_class('Output'); + +/* + * ------------------------------------------------------ + * Is there a valid cache file? If so, we're done... + * ------------------------------------------------------ + */ + +if ($EXT->_call_hook('cache_override') === FALSE) +{ + if ($OUT->_display_cache($CFG, $URI) == TRUE) + { + exit; + } +} + +/* + * ------------------------------------------------------ + * Load the remaining base classes + * ------------------------------------------------------ + */ + +$IN =& load_class('Input'); +$LANG =& load_class('Language'); + +/* + * ------------------------------------------------------ + * Load the app controller and local controller + * ------------------------------------------------------ + * + * Note: Due to the poor object handling in PHP 4 we'll + * conditionally load different versions of the base + * class. Retaining PHP 4 compatibility requires a bit of a hack. + * + * Note: The Loader class needs to be included first + * + */ +if ( ! is_php('5.0.0')) +{ + load_class('Loader', FALSE); + require(BASEPATH.'codeigniter/Base4'.EXT); +} +else +{ + require(BASEPATH.'codeigniter/Base5'.EXT); +} + +// Load the base controller class +load_class('Controller', FALSE); + +// Load the local application controller +// Note: The Router class automatically validates the controller path. If this include fails it +// means that the default controller in the Routes.php file is not resolving to something valid. +if ( ! file_exists(APPPATH.'controllers/'.$RTR->fetch_directory().$RTR->fetch_class().EXT)) +{ + show_error('Unable to load your default controller. Please make sure the controller specified in your Routes.php file is valid.'); +} + +include(APPPATH.'controllers/'.$RTR->fetch_directory().$RTR->fetch_class().EXT); + +// Set a mark point for benchmarking +$BM->mark('loading_time_base_classes_end'); + + +/* + * ------------------------------------------------------ + * Security check + * ------------------------------------------------------ + * + * None of the functions in the app controller or the + * loader class can be called via the URI, nor can + * controller functions that begin with an underscore + */ +$class = $RTR->fetch_class(); +$method = $RTR->fetch_method(); + +if ( ! class_exists($class) + OR $method == 'controller' + OR strncmp($method, '_', 1) == 0 + OR in_array(strtolower($method), array_map('strtolower', get_class_methods('Controller'))) + ) +{ + show_404("{$class}/{$method}"); +} + +/* + * ------------------------------------------------------ + * Is there a "pre_controller" hook? + * ------------------------------------------------------ + */ +$EXT->_call_hook('pre_controller'); + +/* + * ------------------------------------------------------ + * Instantiate the controller and call requested method + * ------------------------------------------------------ + */ + +// Mark a start point so we can benchmark the controller +$BM->mark('controller_execution_time_( '.$class.' / '.$method.' )_start'); + +$CI = new $class(); + +// Is this a scaffolding request? +if ($RTR->scaffolding_request === TRUE) +{ + if ($EXT->_call_hook('scaffolding_override') === FALSE) + { + $CI->_ci_scaffolding(); + } +} +else +{ + /* + * ------------------------------------------------------ + * Is there a "post_controller_constructor" hook? + * ------------------------------------------------------ + */ + $EXT->_call_hook('post_controller_constructor'); + + // Is there a "remap" function? + if (method_exists($CI, '_remap')) + { + $CI->_remap($method); + } + else + { + // is_callable() returns TRUE on some versions of PHP 5 for private and protected + // methods, so we'll use this workaround for consistent behavior + if ( ! in_array(strtolower($method), array_map('strtolower', get_class_methods($CI)))) + { + show_404("{$class}/{$method}"); + } + + // Call the requested method. + // Any URI segments present (besides the class/function) will be passed to the method for convenience + call_user_func_array(array(&$CI, $method), array_slice($URI->rsegments, 2)); + } +} + +// Mark a benchmark end point +$BM->mark('controller_execution_time_( '.$class.' / '.$method.' )_end'); + +/* + * ------------------------------------------------------ + * Is there a "post_controller" hook? + * ------------------------------------------------------ + */ +$EXT->_call_hook('post_controller'); + +/* + * ------------------------------------------------------ + * Send the final rendered output to the browser + * ------------------------------------------------------ + */ + +if ($EXT->_call_hook('display_override') === FALSE) +{ + $OUT->_display(); +} + +/* + * ------------------------------------------------------ + * Is there a "post_system" hook? + * ------------------------------------------------------ + */ +$EXT->_call_hook('post_system'); + +/* + * ------------------------------------------------------ + * Close the DB connection if one exists + * ------------------------------------------------------ + */ +if (class_exists('CI_DB') AND isset($CI->db)) +{ + $CI->db->close(); +} + + +/* End of file CodeIgniter.php */ +/* Location: ./system/codeigniter/CodeIgniter.php */ \ No newline at end of file diff --git a/system/core/Common.php b/system/core/Common.php new file mode 100644 index 000000000..9a35062a4 --- /dev/null +++ b/system/core/Common.php @@ -0,0 +1,421 @@ + 5 +* we'll set a static variable. +* +* @access public +* @param string +* @return bool +*/ +function is_php($version = '5.0.0') +{ + static $_is_php; + $version = (string)$version; + + if ( ! isset($_is_php[$version])) + { + $_is_php[$version] = (version_compare(PHP_VERSION, $version) < 0) ? FALSE : TRUE; + } + + return $_is_php[$version]; +} + +// ------------------------------------------------------------------------ + +/** + * Tests for file writability + * + * is_writable() returns TRUE on Windows servers when you really can't write to + * the file, based on the read-only attribute. is_writable() is also unreliable + * on Unix servers if safe_mode is on. + * + * @access private + * @return void + */ +function is_really_writable($file) +{ + // If we're on a Unix server with safe_mode off we call is_writable + if (DIRECTORY_SEPARATOR == '/' AND @ini_get("safe_mode") == FALSE) + { + return is_writable($file); + } + + // For windows servers and safe_mode "on" installations we'll actually + // write a file then read it. Bah... + if (is_dir($file)) + { + $file = rtrim($file, '/').'/'.md5(mt_rand(1,100).mt_rand(1,100)); + + if (($fp = @fopen($file, FOPEN_WRITE_CREATE)) === FALSE) + { + return FALSE; + } + + fclose($fp); + @chmod($file, DIR_WRITE_MODE); + @unlink($file); + return TRUE; + } + elseif (($fp = @fopen($file, FOPEN_WRITE_CREATE)) === FALSE) + { + return FALSE; + } + + fclose($fp); + return TRUE; +} + +// ------------------------------------------------------------------------ + +/** +* Class registry +* +* This function acts as a singleton. If the requested class does not +* exist it is instantiated and set to a static variable. If it has +* previously been instantiated the variable is returned. +* +* @access public +* @param string the class name being requested +* @param bool optional flag that lets classes get loaded but not instantiated +* @return object +*/ +function &load_class($class, $instantiate = TRUE) +{ + static $objects = array(); + + // Does the class exist? If so, we're done... + if (isset($objects[$class])) + { + return $objects[$class]; + } + + // If the requested class does not exist in the application/libraries + // folder we'll load the native class from the system/libraries folder. + if (file_exists(APPPATH.'libraries/'.config_item('subclass_prefix').$class.EXT)) + { + require(BASEPATH.'libraries/'.$class.EXT); + require(APPPATH.'libraries/'.config_item('subclass_prefix').$class.EXT); + $is_subclass = TRUE; + } + else + { + if (file_exists(APPPATH.'libraries/'.$class.EXT)) + { + require(APPPATH.'libraries/'.$class.EXT); + $is_subclass = FALSE; + } + else + { + require(BASEPATH.'libraries/'.$class.EXT); + $is_subclass = FALSE; + } + } + + if ($instantiate == FALSE) + { + $objects[$class] = TRUE; + return $objects[$class]; + } + + if ($is_subclass == TRUE) + { + $name = config_item('subclass_prefix').$class; + + $objects[$class] =& instantiate_class(new $name()); + return $objects[$class]; + } + + $name = ($class != 'Controller') ? 'CI_'.$class : $class; + + $objects[$class] =& instantiate_class(new $name()); + return $objects[$class]; +} + +/** + * Instantiate Class + * + * Returns a new class object by reference, used by load_class() and the DB class. + * Required to retain PHP 4 compatibility and also not make PHP 5.3 cry. + * + * Use: $obj =& instantiate_class(new Foo()); + * + * @access public + * @param object + * @return object + */ +function &instantiate_class(&$class_object) +{ + return $class_object; +} + +/** +* Loads the main config.php file +* +* @access private +* @return array +*/ +function &get_config() +{ + static $main_conf; + + if ( ! isset($main_conf)) + { + if ( ! file_exists(APPPATH.'config/config'.EXT)) + { + exit('The configuration file config'.EXT.' does not exist.'); + } + + require(APPPATH.'config/config'.EXT); + + if ( ! isset($config) OR ! is_array($config)) + { + exit('Your config file does not appear to be formatted correctly.'); + } + + $main_conf[0] =& $config; + } + return $main_conf[0]; +} + +/** +* Gets a config item +* +* @access public +* @return mixed +*/ +function config_item($item) +{ + static $config_item = array(); + + if ( ! isset($config_item[$item])) + { + $config =& get_config(); + + if ( ! isset($config[$item])) + { + return FALSE; + } + $config_item[$item] = $config[$item]; + } + + return $config_item[$item]; +} + + +/** +* Error Handler +* +* This function lets us invoke the exception class and +* display errors using the standard error template located +* in application/errors/errors.php +* This function will send the error page directly to the +* browser and exit. +* +* @access public +* @return void +*/ +function show_error($message, $status_code = 500) +{ + $error =& load_class('Exceptions'); + echo $error->show_error('An Error Was Encountered', $message, 'error_general', $status_code); + exit; +} + + +/** +* 404 Page Handler +* +* This function is similar to the show_error() function above +* However, instead of the standard error template it displays +* 404 errors. +* +* @access public +* @return void +*/ +function show_404($page = '') +{ + $error =& load_class('Exceptions'); + $error->show_404($page); + exit; +} + + +/** +* Error Logging Interface +* +* We use this as a simple mechanism to access the logging +* class and send messages to be logged. +* +* @access public +* @return void +*/ +function log_message($level = 'error', $message, $php_error = FALSE) +{ + static $LOG; + + $config =& get_config(); + if ($config['log_threshold'] == 0) + { + return; + } + + $LOG =& load_class('Log'); + $LOG->write_log($level, $message, $php_error); +} + + +/** + * Set HTTP Status Header + * + * @access public + * @param int the status code + * @param string + * @return void + */ +function set_status_header($code = 200, $text = '') +{ + $stati = array( + 200 => 'OK', + 201 => 'Created', + 202 => 'Accepted', + 203 => 'Non-Authoritative Information', + 204 => 'No Content', + 205 => 'Reset Content', + 206 => 'Partial Content', + + 300 => 'Multiple Choices', + 301 => 'Moved Permanently', + 302 => 'Found', + 304 => 'Not Modified', + 305 => 'Use Proxy', + 307 => 'Temporary Redirect', + + 400 => 'Bad Request', + 401 => 'Unauthorized', + 403 => 'Forbidden', + 404 => 'Not Found', + 405 => 'Method Not Allowed', + 406 => 'Not Acceptable', + 407 => 'Proxy Authentication Required', + 408 => 'Request Timeout', + 409 => 'Conflict', + 410 => 'Gone', + 411 => 'Length Required', + 412 => 'Precondition Failed', + 413 => 'Request Entity Too Large', + 414 => 'Request-URI Too Long', + 415 => 'Unsupported Media Type', + 416 => 'Requested Range Not Satisfiable', + 417 => 'Expectation Failed', + + 500 => 'Internal Server Error', + 501 => 'Not Implemented', + 502 => 'Bad Gateway', + 503 => 'Service Unavailable', + 504 => 'Gateway Timeout', + 505 => 'HTTP Version Not Supported' + ); + + if ($code == '' OR ! is_numeric($code)) + { + show_error('Status codes must be numeric', 500); + } + + if (isset($stati[$code]) AND $text == '') + { + $text = $stati[$code]; + } + + if ($text == '') + { + show_error('No status text available. Please check your status code number or supply your own message text.', 500); + } + + $server_protocol = (isset($_SERVER['SERVER_PROTOCOL'])) ? $_SERVER['SERVER_PROTOCOL'] : FALSE; + + if (substr(php_sapi_name(), 0, 3) == 'cgi') + { + header("Status: {$code} {$text}", TRUE); + } + elseif ($server_protocol == 'HTTP/1.1' OR $server_protocol == 'HTTP/1.0') + { + header($server_protocol." {$code} {$text}", TRUE, $code); + } + else + { + header("HTTP/1.1 {$code} {$text}", TRUE, $code); + } +} + + +/** +* Exception Handler +* +* This is the custom exception handler that is declaired at the top +* of Codeigniter.php. The main reason we use this is permit +* PHP errors to be logged in our own log files since we may +* not have access to server logs. Since this function +* effectively intercepts PHP errors, however, we also need +* to display errors based on the current error_reporting level. +* We do that with the use of a PHP error template. +* +* @access private +* @return void +*/ +function _exception_handler($severity, $message, $filepath, $line) +{ + // We don't bother with "strict" notices since they will fill up + // the log file with information that isn't normally very + // helpful. For example, if you are running PHP 5 and you + // use version 4 style class functions (without prefixes + // like "public", "private", etc.) you'll get notices telling + // you that these have been deprecated. + + if ($severity == E_STRICT) + { + return; + } + + $error =& load_class('Exceptions'); + + // Should we display the error? + // We'll get the current error_reporting level and add its bits + // with the severity bits to find out. + + if (($severity & error_reporting()) == $severity) + { + $error->show_php_error($severity, $message, $filepath, $line); + } + + // Should we log the error? No? We're done... + $config =& get_config(); + if ($config['log_threshold'] == 0) + { + return; + } + + $error->log_exception($severity, $message, $filepath, $line); +} + + + +/* End of file Common.php */ +/* Location: ./system/codeigniter/Common.php */ \ No newline at end of file diff --git a/system/core/Compat.php b/system/core/Compat.php new file mode 100644 index 000000000..40017a93b --- /dev/null +++ b/system/core/Compat.php @@ -0,0 +1,93 @@ +config =& get_config(); + log_message('debug', "Config Class Initialized"); + } + + // -------------------------------------------------------------------- + + /** + * Load Config File + * + * @access public + * @param string the config file name + * @return boolean if the file was loaded correctly + */ + function load($file = '', $use_sections = FALSE, $fail_gracefully = FALSE) + { + $file = ($file == '') ? 'config' : str_replace(EXT, '', $file); + + if (in_array($file, $this->is_loaded, TRUE)) + { + return TRUE; + } + + if ( ! file_exists(APPPATH.'config/'.$file.EXT)) + { + if ($fail_gracefully === TRUE) + { + return FALSE; + } + show_error('The configuration file '.$file.EXT.' does not exist.'); + } + + include(APPPATH.'config/'.$file.EXT); + + if ( ! isset($config) OR ! is_array($config)) + { + if ($fail_gracefully === TRUE) + { + return FALSE; + } + show_error('Your '.$file.EXT.' file does not appear to contain a valid configuration array.'); + } + + if ($use_sections === TRUE) + { + if (isset($this->config[$file])) + { + $this->config[$file] = array_merge($this->config[$file], $config); + } + else + { + $this->config[$file] = $config; + } + } + else + { + $this->config = array_merge($this->config, $config); + } + + $this->is_loaded[] = $file; + unset($config); + + log_message('debug', 'Config file loaded: config/'.$file.EXT); + return TRUE; + } + + // -------------------------------------------------------------------- + + /** + * Fetch a config file item + * + * + * @access public + * @param string the config item name + * @param string the index name + * @param bool + * @return string + */ + function item($item, $index = '') + { + if ($index == '') + { + if ( ! isset($this->config[$item])) + { + return FALSE; + } + + $pref = $this->config[$item]; + } + else + { + if ( ! isset($this->config[$index])) + { + return FALSE; + } + + if ( ! isset($this->config[$index][$item])) + { + return FALSE; + } + + $pref = $this->config[$index][$item]; + } + + return $pref; + } + + // -------------------------------------------------------------------- + + /** + * Fetch a config file item - adds slash after item + * + * The second parameter allows a slash to be added to the end of + * the item, in the case of a path. + * + * @access public + * @param string the config item name + * @param bool + * @return string + */ + function slash_item($item) + { + if ( ! isset($this->config[$item])) + { + return FALSE; + } + + $pref = $this->config[$item]; + + if ($pref != '' && substr($pref, -1) != '/') + { + $pref .= '/'; + } + + return $pref; + } + + // -------------------------------------------------------------------- + + /** + * Site URL + * + * @access public + * @param string the URI string + * @return string + */ + function site_url($uri = '') + { + if (is_array($uri)) + { + $uri = implode('/', $uri); + } + + if ($uri == '') + { + return $this->slash_item('base_url').$this->item('index_page'); + } + else + { + $suffix = ($this->item('url_suffix') == FALSE) ? '' : $this->item('url_suffix'); + return $this->slash_item('base_url').$this->slash_item('index_page').trim($uri, '/').$suffix; + } + } + + // -------------------------------------------------------------------- + + /** + * System URL + * + * @access public + * @return string + */ + function system_url() + { + $x = explode("/", preg_replace("|/*(.+?)/*$|", "\\1", BASEPATH)); + return $this->slash_item('base_url').end($x).'/'; + } + + // -------------------------------------------------------------------- + + /** + * Set a config file item + * + * @access public + * @param string the config item key + * @param string the config item value + * @return void + */ + function set_item($item, $value) + { + $this->config[$item] = $value; + } + +} + +// END CI_Config class + +/* End of file Config.php */ +/* Location: ./system/libraries/Config.php */ \ No newline at end of file diff --git a/system/core/Controller.php b/system/core/Controller.php new file mode 100644 index 000000000..c5637c951 --- /dev/null +++ b/system/core/Controller.php @@ -0,0 +1,127 @@ +_ci_initialize(); + log_message('debug', "Controller Class Initialized"); + } + + // -------------------------------------------------------------------- + + /** + * Initialize + * + * Assigns all the bases classes loaded by the front controller to + * variables in this class. Also calls the autoload routine. + * + * @access private + * @return void + */ + function _ci_initialize() + { + // Assign all the class objects that were instantiated by the + // front controller to local class variables so that CI can be + // run as one big super object. + $classes = array( + 'config' => 'Config', + 'input' => 'Input', + 'benchmark' => 'Benchmark', + 'uri' => 'URI', + 'output' => 'Output', + 'lang' => 'Language', + 'router' => 'Router' + ); + + foreach ($classes as $var => $class) + { + $this->$var =& load_class($class); + } + + // In PHP 5 the Loader class is run as a discreet + // class. In PHP 4 it extends the Controller + if (floor(phpversion()) >= 5) + { + $this->load =& load_class('Loader'); + $this->load->_ci_autoloader(); + } + else + { + $this->_ci_autoloader(); + + // sync up the objects since PHP4 was working from a copy + foreach (array_keys(get_object_vars($this)) as $attribute) + { + if (is_object($this->$attribute)) + { + $this->load->$attribute =& $this->$attribute; + } + } + } + } + + // -------------------------------------------------------------------- + + /** + * Run Scaffolding + * + * @access private + * @return void + */ + function _ci_scaffolding() + { + if ($this->_ci_scaffolding === FALSE OR $this->_ci_scaff_table === FALSE) + { + show_404('Scaffolding unavailable'); + } + + $method = ( ! in_array($this->uri->segment(3), array('add', 'insert', 'edit', 'update', 'view', 'delete', 'do_delete'), TRUE)) ? 'view' : $this->uri->segment(3); + + require_once(BASEPATH.'scaffolding/Scaffolding'.EXT); + $scaff = new Scaffolding($this->_ci_scaff_table); + $scaff->$method(); + } + + +} +// END _Controller class + +/* End of file Controller.php */ +/* Location: ./system/libraries/Controller.php */ \ No newline at end of file diff --git a/system/core/Exceptions.php b/system/core/Exceptions.php new file mode 100644 index 000000000..bd567ccdc --- /dev/null +++ b/system/core/Exceptions.php @@ -0,0 +1,174 @@ + 'Error', + E_WARNING => 'Warning', + E_PARSE => 'Parsing Error', + E_NOTICE => 'Notice', + E_CORE_ERROR => 'Core Error', + E_CORE_WARNING => 'Core Warning', + E_COMPILE_ERROR => 'Compile Error', + E_COMPILE_WARNING => 'Compile Warning', + E_USER_ERROR => 'User Error', + E_USER_WARNING => 'User Warning', + E_USER_NOTICE => 'User Notice', + E_STRICT => 'Runtime Notice' + ); + + + /** + * Constructor + * + */ + function CI_Exceptions() + { + $this->ob_level = ob_get_level(); + // Note: Do not log messages from this constructor. + } + + // -------------------------------------------------------------------- + + /** + * Exception Logger + * + * This function logs PHP generated error messages + * + * @access private + * @param string the error severity + * @param string the error string + * @param string the error filepath + * @param string the error line number + * @return string + */ + function log_exception($severity, $message, $filepath, $line) + { + $severity = ( ! isset($this->levels[$severity])) ? $severity : $this->levels[$severity]; + + log_message('error', 'Severity: '.$severity.' --> '.$message. ' '.$filepath.' '.$line, TRUE); + } + + // -------------------------------------------------------------------- + + /** + * 404 Page Not Found Handler + * + * @access private + * @param string + * @return string + */ + function show_404($page = '') + { + $heading = "404 Page Not Found"; + $message = "The page you requested was not found."; + + log_message('error', '404 Page Not Found --> '.$page); + echo $this->show_error($heading, $message, 'error_404', 404); + exit; + } + + // -------------------------------------------------------------------- + + /** + * General Error Page + * + * This function takes an error message as input + * (either as a string or an array) and displays + * it using the specified template. + * + * @access private + * @param string the heading + * @param string the message + * @param string the template name + * @return string + */ + function show_error($heading, $message, $template = 'error_general', $status_code = 500) + { + set_status_header($status_code); + + $message = '

'.implode('

', ( ! is_array($message)) ? array($message) : $message).'

'; + + if (ob_get_level() > $this->ob_level + 1) + { + ob_end_flush(); + } + ob_start(); + include(APPPATH.'errors/'.$template.EXT); + $buffer = ob_get_contents(); + ob_end_clean(); + return $buffer; + } + + // -------------------------------------------------------------------- + + /** + * Native PHP error handler + * + * @access private + * @param string the error severity + * @param string the error string + * @param string the error filepath + * @param string the error line number + * @return string + */ + function show_php_error($severity, $message, $filepath, $line) + { + $severity = ( ! isset($this->levels[$severity])) ? $severity : $this->levels[$severity]; + + $filepath = str_replace("\\", "/", $filepath); + + // For safety reasons we do not show the full file path + if (FALSE !== strpos($filepath, '/')) + { + $x = explode('/', $filepath); + $filepath = $x[count($x)-2].'/'.end($x); + } + + if (ob_get_level() > $this->ob_level + 1) + { + ob_end_flush(); + } + ob_start(); + include(APPPATH.'errors/error_php'.EXT); + $buffer = ob_get_contents(); + ob_end_clean(); + echo $buffer; + } + + +} +// END Exceptions Class + +/* End of file Exceptions.php */ +/* Location: ./system/libraries/Exceptions.php */ \ No newline at end of file diff --git a/system/core/Hooks.php b/system/core/Hooks.php new file mode 100644 index 000000000..6d736c3f6 --- /dev/null +++ b/system/core/Hooks.php @@ -0,0 +1,226 @@ +_initialize(); + log_message('debug', "Hooks Class Initialized"); + } + + // -------------------------------------------------------------------- + + /** + * Initialize the Hooks Preferences + * + * @access private + * @return void + */ + function _initialize() + { + $CFG =& load_class('Config'); + + // If hooks are not enabled in the config file + // there is nothing else to do + + if ($CFG->item('enable_hooks') == FALSE) + { + return; + } + + // Grab the "hooks" definition file. + // If there are no hooks, we're done. + + @include(APPPATH.'config/hooks'.EXT); + + if ( ! isset($hook) OR ! is_array($hook)) + { + return; + } + + $this->hooks =& $hook; + $this->enabled = TRUE; + } + + // -------------------------------------------------------------------- + + /** + * Call Hook + * + * Calls a particular hook + * + * @access private + * @param string the hook name + * @return mixed + */ + function _call_hook($which = '') + { + if ( ! $this->enabled OR ! isset($this->hooks[$which])) + { + return FALSE; + } + + if (isset($this->hooks[$which][0]) AND is_array($this->hooks[$which][0])) + { + foreach ($this->hooks[$which] as $val) + { + $this->_run_hook($val); + } + } + else + { + $this->_run_hook($this->hooks[$which]); + } + + return TRUE; + } + + // -------------------------------------------------------------------- + + /** + * Run Hook + * + * Runs a particular hook + * + * @access private + * @param array the hook details + * @return bool + */ + function _run_hook($data) + { + if ( ! is_array($data)) + { + return FALSE; + } + + // ----------------------------------- + // Safety - Prevents run-away loops + // ----------------------------------- + + // If the script being called happens to have the same + // hook call within it a loop can happen + + if ($this->in_progress == TRUE) + { + return; + } + + // ----------------------------------- + // Set file path + // ----------------------------------- + + if ( ! isset($data['filepath']) OR ! isset($data['filename'])) + { + return FALSE; + } + + $filepath = APPPATH.$data['filepath'].'/'.$data['filename']; + + if ( ! file_exists($filepath)) + { + return FALSE; + } + + // ----------------------------------- + // Set class/function name + // ----------------------------------- + + $class = FALSE; + $function = FALSE; + $params = ''; + + if (isset($data['class']) AND $data['class'] != '') + { + $class = $data['class']; + } + + if (isset($data['function'])) + { + $function = $data['function']; + } + + if (isset($data['params'])) + { + $params = $data['params']; + } + + if ($class === FALSE AND $function === FALSE) + { + return FALSE; + } + + // ----------------------------------- + // Set the in_progress flag + // ----------------------------------- + + $this->in_progress = TRUE; + + // ----------------------------------- + // Call the requested class and/or function + // ----------------------------------- + + if ($class !== FALSE) + { + if ( ! class_exists($class)) + { + require($filepath); + } + + $HOOK = new $class; + $HOOK->$function($params); + } + else + { + if ( ! function_exists($function)) + { + require($filepath); + } + + $function($params); + } + + $this->in_progress = FALSE; + return TRUE; + } + +} + +// END CI_Hooks class + +/* End of file Hooks.php */ +/* Location: ./system/libraries/Hooks.php */ \ No newline at end of file diff --git a/system/core/Input.php b/system/core/Input.php new file mode 100644 index 000000000..e736d2b8b --- /dev/null +++ b/system/core/Input.php @@ -0,0 +1,1067 @@ + '[removed]', + 'document.write' => '[removed]', + '.parentNode' => '[removed]', + '.innerHTML' => '[removed]', + 'window.location' => '[removed]', + '-moz-binding' => '[removed]', + '' => '-->', + ' '<![CDATA[' + ); + /* never allowed, regex replacement */ + var $never_allowed_regex = array( + "javascript\s*:" => '[removed]', + "expression\s*(\(|&\#40;)" => '[removed]', // CSS and IE + "vbscript\s*:" => '[removed]', // IE, surprise! + "Redirect\s+302" => '[removed]' + ); + + /** + * Constructor + * + * Sets whether to globally enable the XSS processing + * and whether to allow the $_GET array + * + * @access public + */ + function CI_Input() + { + log_message('debug', "Input Class Initialized"); + + $CFG =& load_class('Config'); + $this->use_xss_clean = ($CFG->item('global_xss_filtering') === TRUE) ? TRUE : FALSE; + $this->allow_get_array = ($CFG->item('enable_query_strings') === TRUE) ? TRUE : FALSE; + $this->_sanitize_globals(); + } + + // -------------------------------------------------------------------- + + /** + * Sanitize Globals + * + * This function does the following: + * + * Unsets $_GET data (if query strings are not enabled) + * + * Unsets all globals if register_globals is enabled + * + * Standardizes newline characters to \n + * + * @access private + * @return void + */ + function _sanitize_globals() + { + // Would kind of be "wrong" to unset any of these GLOBALS + $protected = array('_SERVER', '_GET', '_POST', '_FILES', '_REQUEST', '_SESSION', '_ENV', 'GLOBALS', 'HTTP_RAW_POST_DATA', + 'system_folder', 'application_folder', 'BM', 'EXT', 'CFG', 'URI', 'RTR', 'OUT', 'IN'); + + // Unset globals for security. + // This is effectively the same as register_globals = off + foreach (array($_GET, $_POST, $_COOKIE, $_SERVER, $_FILES, $_ENV, (isset($_SESSION) && is_array($_SESSION)) ? $_SESSION : array()) as $global) + { + if ( ! is_array($global)) + { + if ( ! in_array($global, $protected)) + { + unset($GLOBALS[$global]); + } + } + else + { + foreach ($global as $key => $val) + { + if ( ! in_array($key, $protected)) + { + unset($GLOBALS[$key]); + } + + if (is_array($val)) + { + foreach($val as $k => $v) + { + if ( ! in_array($k, $protected)) + { + unset($GLOBALS[$k]); + } + } + } + } + } + } + + // Is $_GET data allowed? If not we'll set the $_GET to an empty array + if ($this->allow_get_array == FALSE) + { + $_GET = array(); + } + else + { + $_GET = $this->_clean_input_data($_GET); + } + + // Clean $_POST Data + $_POST = $this->_clean_input_data($_POST); + + // Clean $_COOKIE Data + // Also get rid of specially treated cookies that might be set by a server + // or silly application, that are of no use to a CI application anyway + // but that when present will trip our 'Disallowed Key Characters' alarm + // http://www.ietf.org/rfc/rfc2109.txt + // note that the key names below are single quoted strings, and are not PHP variables + unset($_COOKIE['$Version']); + unset($_COOKIE['$Path']); + unset($_COOKIE['$Domain']); + $_COOKIE = $this->_clean_input_data($_COOKIE); + + log_message('debug', "Global POST and COOKIE data sanitized"); + } + + // -------------------------------------------------------------------- + + /** + * Clean Input Data + * + * This is a helper function. It escapes data and + * standardizes newline characters to \n + * + * @access private + * @param string + * @return string + */ + function _clean_input_data($str) + { + if (is_array($str)) + { + $new_array = array(); + foreach ($str as $key => $val) + { + $new_array[$this->_clean_input_keys($key)] = $this->_clean_input_data($val); + } + return $new_array; + } + + // We strip slashes if magic quotes is on to keep things consistent + if (get_magic_quotes_gpc()) + { + $str = stripslashes($str); + } + + // Should we filter the input data? + if ($this->use_xss_clean === TRUE) + { + $str = $this->xss_clean($str); + } + + // Standardize newlines + if (strpos($str, "\r") !== FALSE) + { + $str = str_replace(array("\r\n", "\r"), "\n", $str); + } + + return $str; + } + + // -------------------------------------------------------------------- + + /** + * Clean Keys + * + * This is a helper function. To prevent malicious users + * from trying to exploit keys we make sure that keys are + * only named with alpha-numeric text and a few other items. + * + * @access private + * @param string + * @return string + */ + function _clean_input_keys($str) + { + if ( ! preg_match("/^[a-z0-9:_\/-]+$/i", $str)) + { + exit('Disallowed Key Characters.'); + } + + return $str; + } + + // -------------------------------------------------------------------- + + /** + * Fetch from array + * + * This is a helper function to retrieve values from global arrays + * + * @access private + * @param array + * @param string + * @param bool + * @return string + */ + function _fetch_from_array(&$array, $index = '', $xss_clean = FALSE) + { + if ( ! isset($array[$index])) + { + return FALSE; + } + + if ($xss_clean === TRUE) + { + return $this->xss_clean($array[$index]); + } + + return $array[$index]; + } + + // -------------------------------------------------------------------- + + /** + * Fetch an item from the GET array + * + * @access public + * @param string + * @param bool + * @return string + */ + function get($index = '', $xss_clean = FALSE) + { + return $this->_fetch_from_array($_GET, $index, $xss_clean); + } + + // -------------------------------------------------------------------- + + /** + * Fetch an item from the POST array + * + * @access public + * @param string + * @param bool + * @return string + */ + function post($index = '', $xss_clean = FALSE) + { + return $this->_fetch_from_array($_POST, $index, $xss_clean); + } + + // -------------------------------------------------------------------- + + /** + * Fetch an item from either the GET array or the POST + * + * @access public + * @param string The index key + * @param bool XSS cleaning + * @return string + */ + function get_post($index = '', $xss_clean = FALSE) + { + if ( ! isset($_POST[$index]) ) + { + return $this->get($index, $xss_clean); + } + else + { + return $this->post($index, $xss_clean); + } + } + + // -------------------------------------------------------------------- + + /** + * Fetch an item from the COOKIE array + * + * @access public + * @param string + * @param bool + * @return string + */ + function cookie($index = '', $xss_clean = FALSE) + { + return $this->_fetch_from_array($_COOKIE, $index, $xss_clean); + } + + // -------------------------------------------------------------------- + + /** + * Fetch an item from the SERVER array + * + * @access public + * @param string + * @param bool + * @return string + */ + function server($index = '', $xss_clean = FALSE) + { + return $this->_fetch_from_array($_SERVER, $index, $xss_clean); + } + + // -------------------------------------------------------------------- + + /** + * Fetch the IP Address + * + * @access public + * @return string + */ + function ip_address() + { + if ($this->ip_address !== FALSE) + { + return $this->ip_address; + } + + if (config_item('proxy_ips') != '' && $this->server('HTTP_X_FORWARDED_FOR') && $this->server('REMOTE_ADDR')) + { + $proxies = preg_split('/[\s,]/', config_item('proxy_ips'), -1, PREG_SPLIT_NO_EMPTY); + $proxies = is_array($proxies) ? $proxies : array($proxies); + + $this->ip_address = in_array($_SERVER['REMOTE_ADDR'], $proxies) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR']; + } + elseif ($this->server('REMOTE_ADDR') AND $this->server('HTTP_CLIENT_IP')) + { + $this->ip_address = $_SERVER['HTTP_CLIENT_IP']; + } + elseif ($this->server('REMOTE_ADDR')) + { + $this->ip_address = $_SERVER['REMOTE_ADDR']; + } + elseif ($this->server('HTTP_CLIENT_IP')) + { + $this->ip_address = $_SERVER['HTTP_CLIENT_IP']; + } + elseif ($this->server('HTTP_X_FORWARDED_FOR')) + { + $this->ip_address = $_SERVER['HTTP_X_FORWARDED_FOR']; + } + + if ($this->ip_address === FALSE) + { + $this->ip_address = '0.0.0.0'; + return $this->ip_address; + } + + if (strstr($this->ip_address, ',')) + { + $x = explode(',', $this->ip_address); + $this->ip_address = trim(end($x)); + } + + if ( ! $this->valid_ip($this->ip_address)) + { + $this->ip_address = '0.0.0.0'; + } + + return $this->ip_address; + } + + // -------------------------------------------------------------------- + + /** + * Validate IP Address + * + * Updated version suggested by Geert De Deckere + * + * @access public + * @param string + * @return string + */ + function valid_ip($ip) + { + $ip_segments = explode('.', $ip); + + // Always 4 segments needed + if (count($ip_segments) != 4) + { + return FALSE; + } + // IP can not start with 0 + if ($ip_segments[0][0] == '0') + { + return FALSE; + } + // Check each segment + foreach ($ip_segments as $segment) + { + // IP segments must be digits and can not be + // longer than 3 digits or greater then 255 + if ($segment == '' OR preg_match("/[^0-9]/", $segment) OR $segment > 255 OR strlen($segment) > 3) + { + return FALSE; + } + } + + return TRUE; + } + + // -------------------------------------------------------------------- + + /** + * User Agent + * + * @access public + * @return string + */ + function user_agent() + { + if ($this->user_agent !== FALSE) + { + return $this->user_agent; + } + + $this->user_agent = ( ! isset($_SERVER['HTTP_USER_AGENT'])) ? FALSE : $_SERVER['HTTP_USER_AGENT']; + + return $this->user_agent; + } + + // -------------------------------------------------------------------- + + /** + * Filename Security + * + * @access public + * @param string + * @return string + */ + function filename_security($str) + { + $bad = array( + "../", + "./", + "", + "<", + ">", + "'", + '"', + '&', + '$', + '#', + '{', + '}', + '[', + ']', + '=', + ';', + '?', + "%20", + "%22", + "%3c", // < + "%253c", // < + "%3e", // > + "%0e", // > + "%28", // ( + "%29", // ) + "%2528", // ( + "%26", // & + "%24", // $ + "%3f", // ? + "%3b", // ; + "%3d" // = + ); + + return stripslashes(str_replace($bad, '', $str)); + } + + // -------------------------------------------------------------------- + + /** + * XSS Clean + * + * Sanitizes data so that Cross Site Scripting Hacks can be + * prevented. This function does a fair amount of work but + * it is extremely thorough, designed to prevent even the + * most obscure XSS attempts. Nothing is ever 100% foolproof, + * of course, but I haven't been able to get anything passed + * the filter. + * + * Note: This function should only be used to deal with data + * upon submission. It's not something that should + * be used for general runtime processing. + * + * This function was based in part on some code and ideas I + * got from Bitflux: http://blog.bitflux.ch/wiki/XSS_Prevention + * + * To help develop this script I used this great list of + * vulnerabilities along with a few other hacks I've + * harvested from examining vulnerabilities in other programs: + * http://ha.ckers.org/xss.html + * + * @access public + * @param string + * @return string + */ + function xss_clean($str, $is_image = FALSE) + { + /* + * Is the string an array? + * + */ + if (is_array($str)) + { + while (list($key) = each($str)) + { + $str[$key] = $this->xss_clean($str[$key]); + } + + return $str; + } + + /* + * Remove Invisible Characters + */ + $str = $this->_remove_invisible_characters($str); + + /* + * Protect GET variables in URLs + */ + + // 901119URL5918AMP18930PROTECT8198 + + $str = preg_replace('|\&([a-z\_0-9\-]+)\=([a-z\_0-9\-]+)|i', $this->xss_hash()."\\1=\\2", $str); + + /* + * Validate standard character entities + * + * Add a semicolon if missing. We do this to enable + * the conversion of entities to ASCII later. + * + */ + $str = preg_replace('#(&\#?[0-9a-z]{2,})([\x00-\x20])*;?#i', "\\1;\\2", $str); + + /* + * Validate UTF16 two byte encoding (x00) + * + * Just as above, adds a semicolon if missing. + * + */ + $str = preg_replace('#(&\#x?)([0-9A-F]+);?#i',"\\1\\2;",$str); + + /* + * Un-Protect GET variables in URLs + */ + $str = str_replace($this->xss_hash(), '&', $str); + + /* + * URL Decode + * + * Just in case stuff like this is submitted: + * + * Google + * + * Note: Use rawurldecode() so it does not remove plus signs + * + */ + $str = rawurldecode($str); + + /* + * Convert character entities to ASCII + * + * This permits our tests below to work reliably. + * We only convert entities that are within tags since + * these are the ones that will pose security problems. + * + */ + + $str = preg_replace_callback("/[a-z]+=([\'\"]).*?\\1/si", array($this, '_convert_attribute'), $str); + + $str = preg_replace_callback("/<\w+.*?(?=>|<|$)/si", array($this, '_html_entity_decode_callback'), $str); + + /* + * Remove Invisible Characters Again! + */ + $str = $this->_remove_invisible_characters($str); + + /* + * Convert all tabs to spaces + * + * This prevents strings like this: ja vascript + * NOTE: we deal with spaces between characters later. + * NOTE: preg_replace was found to be amazingly slow here on large blocks of data, + * so we use str_replace. + * + */ + + if (strpos($str, "\t") !== FALSE) + { + $str = str_replace("\t", ' ', $str); + } + + /* + * Capture converted string for later comparison + */ + $converted_string = $str; + + /* + * Not Allowed Under Any Conditions + */ + + foreach ($this->never_allowed_str as $key => $val) + { + $str = str_replace($key, $val, $str); + } + + foreach ($this->never_allowed_regex as $key => $val) + { + $str = preg_replace("#".$key."#i", $val, $str); + } + + /* + * Makes PHP tags safe + * + * Note: XML tags are inadvertently replaced too: + * + * '), array('<?', '?>'), $str); + } + + /* + * Compact any exploded words + * + * This corrects words like: j a v a s c r i p t + * These words are compacted back to their correct state. + * + */ + $words = array('javascript', 'expression', 'vbscript', 'script', 'applet', 'alert', 'document', 'write', 'cookie', 'window'); + foreach ($words as $word) + { + $temp = ''; + + for ($i = 0, $wordlen = strlen($word); $i < $wordlen; $i++) + { + $temp .= substr($word, $i, 1)."\s*"; + } + + // We only want to do this when it is followed by a non-word character + // That way valid stuff like "dealer to" does not become "dealerto" + $str = preg_replace_callback('#('.substr($temp, 0, -3).')(\W)#is', array($this, '_compact_exploded_words'), $str); + } + + /* + * Remove disallowed Javascript in links or img tags + * We used to do some version comparisons and use of stripos for PHP5, but it is dog slow compared + * to these simplified non-capturing preg_match(), especially if the pattern exists in the string + */ + do + { + $original = $str; + + if (preg_match("/]*?)(>|$)#si", array($this, '_js_link_removal'), $str); + } + + if (preg_match("/]*?)(\s?/?>|$)#si", array($this, '_js_img_removal'), $str); + } + + if (preg_match("/script/i", $str) OR preg_match("/xss/i", $str)) + { + $str = preg_replace("#<(/*)(script|xss)(.*?)\>#si", '[removed]', $str); + } + } + while($original != $str); + + unset($original); + + /* + * Remove JavaScript Event Handlers + * + * Note: This code is a little blunt. It removes + * the event handler and anything up to the closing >, + * but it's unlikely to be a problem. + * + */ + $event_handlers = array('[^a-z_\-]on\w*','xmlns'); + + if ($is_image === TRUE) + { + /* + * Adobe Photoshop puts XML metadata into JFIF images, including namespacing, + * so we have to allow this for images. -Paul + */ + unset($event_handlers[array_search('xmlns', $event_handlers)]); + } + + $str = preg_replace("#<([^><]+?)(".implode('|', $event_handlers).")(\s*=\s*[^><]*)([><]*)#i", "<\\1\\4", $str); + + /* + * Sanitize naughty HTML elements + * + * If a tag containing any of the words in the list + * below is found, the tag gets converted to entities. + * + * So this: + * Becomes: <blink> + * + */ + $naughty = 'alert|applet|audio|basefont|base|behavior|bgsound|blink|body|embed|expression|form|frameset|frame|head|html|ilayer|iframe|input|isindex|layer|link|meta|object|plaintext|style|script|textarea|title|video|xml|xss'; + $str = preg_replace_callback('#<(/*\s*)('.$naughty.')([^><]*)([><]*)#is', array($this, '_sanitize_naughty_html'), $str); + + /* + * Sanitize naughty scripting elements + * + * Similar to above, only instead of looking for + * tags it looks for PHP and JavaScript commands + * that are disallowed. Rather than removing the + * code, it simply converts the parenthesis to entities + * rendering the code un-executable. + * + * For example: eval('some code') + * Becomes: eval('some code') + * + */ + $str = preg_replace('#(alert|cmd|passthru|eval|exec|expression|system|fopen|fsockopen|file|file_get_contents|readfile|unlink)(\s*)\((.*?)\)#si', "\\1\\2(\\3)", $str); + + /* + * Final clean up + * + * This adds a bit of extra precaution in case + * something got through the above filters + * + */ + foreach ($this->never_allowed_str as $key => $val) + { + $str = str_replace($key, $val, $str); + } + + foreach ($this->never_allowed_regex as $key => $val) + { + $str = preg_replace("#".$key."#i", $val, $str); + } + + /* + * Images are Handled in a Special Way + * - Essentially, we want to know that after all of the character conversion is done whether + * any unwanted, likely XSS, code was found. If not, we return TRUE, as the image is clean. + * However, if the string post-conversion does not matched the string post-removal of XSS, + * then it fails, as there was unwanted XSS code found and removed/changed during processing. + */ + + if ($is_image === TRUE) + { + if ($str == $converted_string) + { + return TRUE; + } + else + { + return FALSE; + } + } + + log_message('debug', "XSS Filtering completed"); + return $str; + } + + // -------------------------------------------------------------------- + + /** + * Random Hash for protecting URLs + * + * @access public + * @return string + */ + function xss_hash() + { + if ($this->xss_hash == '') + { + if (phpversion() >= 4.2) + mt_srand(); + else + mt_srand(hexdec(substr(md5(microtime()), -8)) & 0x7fffffff); + + $this->xss_hash = md5(time() + mt_rand(0, 1999999999)); + } + + return $this->xss_hash; + } + + // -------------------------------------------------------------------- + + /** + * Remove Invisible Characters + * + * This prevents sandwiching null characters + * between ascii characters, like Java\0script. + * + * @access public + * @param string + * @return string + */ + function _remove_invisible_characters($str) + { + static $non_displayables; + + if ( ! isset($non_displayables)) + { + // every control character except newline (dec 10), carriage return (dec 13), and horizontal tab (dec 09), + $non_displayables = array( + '/%0[0-8bcef]/', // url encoded 00-08, 11, 12, 14, 15 + '/%1[0-9a-f]/', // url encoded 16-31 + '/[\x00-\x08]/', // 00-08 + '/\x0b/', '/\x0c/', // 11, 12 + '/[\x0e-\x1f]/' // 14-31 + ); + } + + do + { + $cleaned = $str; + $str = preg_replace($non_displayables, '', $str); + } + while ($cleaned != $str); + + return $str; + } + + // -------------------------------------------------------------------- + + /** + * Compact Exploded Words + * + * Callback function for xss_clean() to remove whitespace from + * things like j a v a s c r i p t + * + * @access public + * @param type + * @return type + */ + function _compact_exploded_words($matches) + { + return preg_replace('/\s+/s', '', $matches[1]).$matches[2]; + } + + // -------------------------------------------------------------------- + + /** + * Sanitize Naughty HTML + * + * Callback function for xss_clean() to remove naughty HTML elements + * + * @access private + * @param array + * @return string + */ + function _sanitize_naughty_html($matches) + { + // encode opening brace + $str = '<'.$matches[1].$matches[2].$matches[3]; + + // encode captured opening or closing brace to prevent recursive vectors + $str .= str_replace(array('>', '<'), array('>', '<'), $matches[4]); + + return $str; + } + + // -------------------------------------------------------------------- + + /** + * JS Link Removal + * + * Callback function for xss_clean() to sanitize links + * This limits the PCRE backtracks, making it more performance friendly + * and prevents PREG_BACKTRACK_LIMIT_ERROR from being triggered in + * PHP 5.2+ on link-heavy strings + * + * @access private + * @param array + * @return string + */ + function _js_link_removal($match) + { + $attributes = $this->_filter_attributes(str_replace(array('<', '>'), '', $match[1])); + return str_replace($match[1], preg_replace("#href=.*?(alert\(|alert&\#40;|javascript\:|charset\=|window\.|document\.|\.cookie|_filter_attributes(str_replace(array('<', '>'), '', $match[1])); + return str_replace($match[1], preg_replace("#src=.*?(alert\(|alert&\#40;|javascript\:|charset\=|window\.|document\.|\.cookie|', '<', '\\'), array('>', '<', '\\\\'), $match[0]); + } + + // -------------------------------------------------------------------- + + /** + * HTML Entity Decode Callback + * + * Used as a callback for XSS Clean + * + * @access public + * @param array + * @return string + */ + function _html_entity_decode_callback($match) + { + $CFG =& load_class('Config'); + $charset = $CFG->item('charset'); + + return $this->_html_entity_decode($match[0], strtoupper($charset)); + } + + // -------------------------------------------------------------------- + + /** + * HTML Entities Decode + * + * This function is a replacement for html_entity_decode() + * + * In some versions of PHP the native function does not work + * when UTF-8 is the specified character set, so this gives us + * a work-around. More info here: + * http://bugs.php.net/bug.php?id=25670 + * + * @access private + * @param string + * @param string + * @return string + */ + /* ------------------------------------------------- + /* Replacement for html_entity_decode() + /* -------------------------------------------------*/ + + /* + NOTE: html_entity_decode() has a bug in some PHP versions when UTF-8 is the + character set, and the PHP developers said they were not back porting the + fix to versions other than PHP 5.x. + */ + function _html_entity_decode($str, $charset='UTF-8') + { + if (stristr($str, '&') === FALSE) return $str; + + // The reason we are not using html_entity_decode() by itself is because + // while it is not technically correct to leave out the semicolon + // at the end of an entity most browsers will still interpret the entity + // correctly. html_entity_decode() does not convert entities without + // semicolons, so we are left with our own little solution here. Bummer. + + if (function_exists('html_entity_decode') && (strtolower($charset) != 'utf-8' OR version_compare(phpversion(), '5.0.0', '>='))) + { + $str = html_entity_decode($str, ENT_COMPAT, $charset); + $str = preg_replace('~&#x(0*[0-9a-f]{2,5})~ei', 'chr(hexdec("\\1"))', $str); + return preg_replace('~&#([0-9]{2,4})~e', 'chr(\\1)', $str); + } + + // Numeric Entities + $str = preg_replace('~&#x(0*[0-9a-f]{2,5});{0,1}~ei', 'chr(hexdec("\\1"))', $str); + $str = preg_replace('~&#([0-9]{2,4});{0,1}~e', 'chr(\\1)', $str); + + // Literal Entities - Slightly slow so we do another check + if (stristr($str, '&') === FALSE) + { + $str = strtr($str, array_flip(get_html_translation_table(HTML_ENTITIES))); + } + + return $str; + } + + // -------------------------------------------------------------------- + + /** + * Filter Attributes + * + * Filters tag attributes for consistency and safety + * + * @access public + * @param string + * @return string + */ + function _filter_attributes($str) + { + $out = ''; + + if (preg_match_all('#\s*[a-z\-]+\s*=\s*(\042|\047)([^\\1]*?)\\1#is', $str, $matches)) + { + foreach ($matches[0] as $match) + { + $out .= preg_replace("#/\*.*?\*/#s", '', $match); + } + } + + return $out; + } + + // -------------------------------------------------------------------- + +} +// END Input class + +/* End of file Input.php */ +/* Location: ./system/libraries/Input.php */ \ No newline at end of file diff --git a/system/core/Lang.php b/system/core/Lang.php new file mode 100644 index 000000000..515d04a40 --- /dev/null +++ b/system/core/Lang.php @@ -0,0 +1,123 @@ +is_loaded, TRUE)) + { + return; + } + + if ($idiom == '') + { + $CI =& get_instance(); + $deft_lang = $CI->config->item('language'); + $idiom = ($deft_lang == '') ? 'english' : $deft_lang; + } + + // Determine where the language file is and load it + if (file_exists(APPPATH.'language/'.$idiom.'/'.$langfile)) + { + include(APPPATH.'language/'.$idiom.'/'.$langfile); + } + else + { + if (file_exists(BASEPATH.'language/'.$idiom.'/'.$langfile)) + { + include(BASEPATH.'language/'.$idiom.'/'.$langfile); + } + else + { + show_error('Unable to load the requested language file: language/'.$idiom.'/'.$langfile); + } + } + + if ( ! isset($lang)) + { + log_message('error', 'Language file contains no data: language/'.$idiom.'/'.$langfile); + return; + } + + if ($return == TRUE) + { + return $lang; + } + + $this->is_loaded[] = $langfile; + $this->language = array_merge($this->language, $lang); + unset($lang); + + log_message('debug', 'Language file loaded: language/'.$idiom.'/'.$langfile); + return TRUE; + } + + // -------------------------------------------------------------------- + + /** + * Fetch a single line of text from the language array + * + * @access public + * @param string $line the language line + * @return string + */ + function line($line = '') + { + $line = ($line == '' OR ! isset($this->language[$line])) ? FALSE : $this->language[$line]; + return $line; + } + +} +// END Language Class + +/* End of file Language.php */ +/* Location: ./system/libraries/Language.php */ \ No newline at end of file diff --git a/system/core/Loader.php b/system/core/Loader.php new file mode 100644 index 000000000..2cd2e93b9 --- /dev/null +++ b/system/core/Loader.php @@ -0,0 +1,1085 @@ + 'unit', 'user_agent' => 'agent'); + + + /** + * Constructor + * + * Sets the path to the view files and gets the initial output buffering level + * + * @access public + */ + function CI_Loader() + { + $this->_ci_is_php5 = (floor(phpversion()) >= 5) ? TRUE : FALSE; + $this->_ci_view_path = APPPATH.'views/'; + $this->_ci_ob_level = ob_get_level(); + + log_message('debug', "Loader Class Initialized"); + } + + // -------------------------------------------------------------------- + + /** + * Class Loader + * + * This function lets users load and instantiate classes. + * It is designed to be called from a user's app controllers. + * + * @access public + * @param string the name of the class + * @param mixed the optional parameters + * @param string an optional object name + * @return void + */ + function library($library = '', $params = NULL, $object_name = NULL) + { + if ($library == '') + { + return FALSE; + } + + if ( ! is_null($params) AND ! is_array($params)) + { + $params = NULL; + } + + if (is_array($library)) + { + foreach ($library as $class) + { + $this->_ci_load_class($class, $params, $object_name); + } + } + else + { + $this->_ci_load_class($library, $params, $object_name); + } + + $this->_ci_assign_to_models(); + } + + // -------------------------------------------------------------------- + + /** + * Model Loader + * + * This function lets users load and instantiate models. + * + * @access public + * @param string the name of the class + * @param string name for the model + * @param bool database connection + * @return void + */ + function model($model, $name = '', $db_conn = FALSE) + { + if (is_array($model)) + { + foreach($model as $babe) + { + $this->model($babe); + } + return; + } + + if ($model == '') + { + return; + } + + // Is the model in a sub-folder? If so, parse out the filename and path. + if (strpos($model, '/') === FALSE) + { + $path = ''; + } + else + { + $x = explode('/', $model); + $model = end($x); + unset($x[count($x)-1]); + $path = implode('/', $x).'/'; + } + + if ($name == '') + { + $name = $model; + } + + if (in_array($name, $this->_ci_models, TRUE)) + { + return; + } + + $CI =& get_instance(); + if (isset($CI->$name)) + { + show_error('The model name you are loading is the name of a resource that is already being used: '.$name); + } + + $model = strtolower($model); + + if ( ! file_exists(APPPATH.'models/'.$path.$model.EXT)) + { + show_error('Unable to locate the model you have specified: '.$model); + } + + if ($db_conn !== FALSE AND ! class_exists('CI_DB')) + { + if ($db_conn === TRUE) + $db_conn = ''; + + $CI->load->database($db_conn, FALSE, TRUE); + } + + if ( ! class_exists('Model')) + { + load_class('Model', FALSE); + } + + require_once(APPPATH.'models/'.$path.$model.EXT); + + $model = ucfirst($model); + + $CI->$name = new $model(); + $CI->$name->_assign_libraries(); + + $this->_ci_models[] = $name; + } + + // -------------------------------------------------------------------- + + /** + * Database Loader + * + * @access public + * @param string the DB credentials + * @param bool whether to return the DB object + * @param bool whether to enable active record (this allows us to override the config setting) + * @return object + */ + function database($params = '', $return = FALSE, $active_record = NULL) + { + // Grab the super object + $CI =& get_instance(); + + // Do we even need to load the database class? + if (class_exists('CI_DB') AND $return == FALSE AND $active_record == NULL AND isset($CI->db) AND is_object($CI->db)) + { + return FALSE; + } + + require_once(BASEPATH.'database/DB'.EXT); + + if ($return === TRUE) + { + return DB($params, $active_record); + } + + // Initialize the db variable. Needed to prevent + // reference errors with some configurations + $CI->db = ''; + + // Load the DB class + $CI->db =& DB($params, $active_record); + + // Assign the DB object to any existing models + $this->_ci_assign_to_models(); + } + + // -------------------------------------------------------------------- + + /** + * Load the Utilities Class + * + * @access public + * @return string + */ + function dbutil() + { + if ( ! class_exists('CI_DB')) + { + $this->database(); + } + + $CI =& get_instance(); + + // for backwards compatibility, load dbforge so we can extend dbutils off it + // this use is deprecated and strongly discouraged + $CI->load->dbforge(); + + require_once(BASEPATH.'database/DB_utility'.EXT); + require_once(BASEPATH.'database/drivers/'.$CI->db->dbdriver.'/'.$CI->db->dbdriver.'_utility'.EXT); + $class = 'CI_DB_'.$CI->db->dbdriver.'_utility'; + + $CI->dbutil =& instantiate_class(new $class()); + + $CI->load->_ci_assign_to_models(); + } + + // -------------------------------------------------------------------- + + /** + * Load the Database Forge Class + * + * @access public + * @return string + */ + function dbforge() + { + if ( ! class_exists('CI_DB')) + { + $this->database(); + } + + $CI =& get_instance(); + + require_once(BASEPATH.'database/DB_forge'.EXT); + require_once(BASEPATH.'database/drivers/'.$CI->db->dbdriver.'/'.$CI->db->dbdriver.'_forge'.EXT); + $class = 'CI_DB_'.$CI->db->dbdriver.'_forge'; + + $CI->dbforge = new $class(); + + $CI->load->_ci_assign_to_models(); + } + + // -------------------------------------------------------------------- + + /** + * Load View + * + * This function is used to load a "view" file. It has three parameters: + * + * 1. The name of the "view" file to be included. + * 2. An associative array of data to be extracted for use in the view. + * 3. TRUE/FALSE - whether to return the data or load it. In + * some cases it's advantageous to be able to return data so that + * a developer can process it in some way. + * + * @access public + * @param string + * @param array + * @param bool + * @return void + */ + function view($view, $vars = array(), $return = FALSE) + { + return $this->_ci_load(array('_ci_view' => $view, '_ci_vars' => $this->_ci_object_to_array($vars), '_ci_return' => $return)); + } + + // -------------------------------------------------------------------- + + /** + * Load File + * + * This is a generic file loader + * + * @access public + * @param string + * @param bool + * @return string + */ + function file($path, $return = FALSE) + { + return $this->_ci_load(array('_ci_path' => $path, '_ci_return' => $return)); + } + + // -------------------------------------------------------------------- + + /** + * Set Variables + * + * Once variables are set they become available within + * the controller class and its "view" files. + * + * @access public + * @param array + * @return void + */ + function vars($vars = array(), $val = '') + { + if ($val != '' AND is_string($vars)) + { + $vars = array($vars => $val); + } + + $vars = $this->_ci_object_to_array($vars); + + if (is_array($vars) AND count($vars) > 0) + { + foreach ($vars as $key => $val) + { + $this->_ci_cached_vars[$key] = $val; + } + } + } + + // -------------------------------------------------------------------- + + /** + * Load Helper + * + * This function loads the specified helper file. + * + * @access public + * @param mixed + * @return void + */ + function helper($helpers = array()) + { + if ( ! is_array($helpers)) + { + $helpers = array($helpers); + } + + foreach ($helpers as $helper) + { + $helper = strtolower(str_replace(EXT, '', str_replace('_helper', '', $helper)).'_helper'); + + if (isset($this->_ci_helpers[$helper])) + { + continue; + } + + $ext_helper = APPPATH.'helpers/'.config_item('subclass_prefix').$helper.EXT; + + // Is this a helper extension request? + if (file_exists($ext_helper)) + { + $base_helper = BASEPATH.'helpers/'.$helper.EXT; + + if ( ! file_exists($base_helper)) + { + show_error('Unable to load the requested file: helpers/'.$helper.EXT); + } + + include_once($ext_helper); + include_once($base_helper); + } + elseif (file_exists(APPPATH.'helpers/'.$helper.EXT)) + { + include_once(APPPATH.'helpers/'.$helper.EXT); + } + else + { + if (file_exists(BASEPATH.'helpers/'.$helper.EXT)) + { + include_once(BASEPATH.'helpers/'.$helper.EXT); + } + else + { + show_error('Unable to load the requested file: helpers/'.$helper.EXT); + } + } + + $this->_ci_helpers[$helper] = TRUE; + log_message('debug', 'Helper loaded: '.$helper); + } + } + + // -------------------------------------------------------------------- + + /** + * Load Helpers + * + * This is simply an alias to the above function in case the + * user has written the plural form of this function. + * + * @access public + * @param array + * @return void + */ + function helpers($helpers = array()) + { + $this->helper($helpers); + } + + // -------------------------------------------------------------------- + + /** + * Load Plugin + * + * This function loads the specified plugin. + * + * @access public + * @param array + * @return void + */ + function plugin($plugins = array()) + { + if ( ! is_array($plugins)) + { + $plugins = array($plugins); + } + + foreach ($plugins as $plugin) + { + $plugin = strtolower(str_replace(EXT, '', str_replace('_pi', '', $plugin)).'_pi'); + + if (isset($this->_ci_plugins[$plugin])) + { + continue; + } + + if (file_exists(APPPATH.'plugins/'.$plugin.EXT)) + { + include_once(APPPATH.'plugins/'.$plugin.EXT); + } + else + { + if (file_exists(BASEPATH.'plugins/'.$plugin.EXT)) + { + include_once(BASEPATH.'plugins/'.$plugin.EXT); + } + else + { + show_error('Unable to load the requested file: plugins/'.$plugin.EXT); + } + } + + $this->_ci_plugins[$plugin] = TRUE; + log_message('debug', 'Plugin loaded: '.$plugin); + } + } + + // -------------------------------------------------------------------- + + /** + * Load Plugins + * + * This is simply an alias to the above function in case the + * user has written the plural form of this function. + * + * @access public + * @param array + * @return void + */ + function plugins($plugins = array()) + { + $this->plugin($plugins); + } + + // -------------------------------------------------------------------- + + /** + * Loads a language file + * + * @access public + * @param array + * @param string + * @return void + */ + function language($file = array(), $lang = '') + { + $CI =& get_instance(); + + if ( ! is_array($file)) + { + $file = array($file); + } + + foreach ($file as $langfile) + { + $CI->lang->load($langfile, $lang); + } + } + + /** + * Loads language files for scaffolding + * + * @access public + * @param string + * @return arra + */ + function scaffold_language($file = '', $lang = '', $return = FALSE) + { + $CI =& get_instance(); + return $CI->lang->load($file, $lang, $return); + } + + // -------------------------------------------------------------------- + + /** + * Loads a config file + * + * @access public + * @param string + * @return void + */ + function config($file = '', $use_sections = FALSE, $fail_gracefully = FALSE) + { + $CI =& get_instance(); + $CI->config->load($file, $use_sections, $fail_gracefully); + } + + // -------------------------------------------------------------------- + + /** + * Scaffolding Loader + * + * This initializing function works a bit different than the + * others. It doesn't load the class. Instead, it simply + * sets a flag indicating that scaffolding is allowed to be + * used. The actual scaffolding function below is + * called by the front controller based on whether the + * second segment of the URL matches the "secret" scaffolding + * word stored in the application/config/routes.php + * + * @access public + * @param string + * @return void + */ + function scaffolding($table = '') + { + if ($table === FALSE) + { + show_error('You must include the name of the table you would like to access when you initialize scaffolding'); + } + + $CI =& get_instance(); + $CI->_ci_scaffolding = TRUE; + $CI->_ci_scaff_table = $table; + } + + // -------------------------------------------------------------------- + + /** + * Loader + * + * This function is used to load views and files. + * Variables are prefixed with _ci_ to avoid symbol collision with + * variables made available to view files + * + * @access private + * @param array + * @return void + */ + function _ci_load($_ci_data) + { + // Set the default data variables + foreach (array('_ci_view', '_ci_vars', '_ci_path', '_ci_return') as $_ci_val) + { + $$_ci_val = ( ! isset($_ci_data[$_ci_val])) ? FALSE : $_ci_data[$_ci_val]; + } + + // Set the path to the requested file + if ($_ci_path == '') + { + $_ci_ext = pathinfo($_ci_view, PATHINFO_EXTENSION); + $_ci_file = ($_ci_ext == '') ? $_ci_view.EXT : $_ci_view; + $_ci_path = $this->_ci_view_path.$_ci_file; + } + else + { + $_ci_x = explode('/', $_ci_path); + $_ci_file = end($_ci_x); + } + + if ( ! file_exists($_ci_path)) + { + show_error('Unable to load the requested file: '.$_ci_file); + } + + // This allows anything loaded using $this->load (views, files, etc.) + // to become accessible from within the Controller and Model functions. + // Only needed when running PHP 5 + + if ($this->_ci_is_instance()) + { + $_ci_CI =& get_instance(); + foreach (get_object_vars($_ci_CI) as $_ci_key => $_ci_var) + { + if ( ! isset($this->$_ci_key)) + { + $this->$_ci_key =& $_ci_CI->$_ci_key; + } + } + } + + /* + * Extract and cache variables + * + * You can either set variables using the dedicated $this->load_vars() + * function or via the second parameter of this function. We'll merge + * the two types and cache them so that views that are embedded within + * other views can have access to these variables. + */ + if (is_array($_ci_vars)) + { + $this->_ci_cached_vars = array_merge($this->_ci_cached_vars, $_ci_vars); + } + extract($this->_ci_cached_vars); + + /* + * Buffer the output + * + * We buffer the output for two reasons: + * 1. Speed. You get a significant speed boost. + * 2. So that the final rendered template can be + * post-processed by the output class. Why do we + * need post processing? For one thing, in order to + * show the elapsed page load time. Unless we + * can intercept the content right before it's sent to + * the browser and then stop the timer it won't be accurate. + */ + ob_start(); + + // If the PHP installation does not support short tags we'll + // do a little string replacement, changing the short tags + // to standard PHP echo statements. + + if ((bool) @ini_get('short_open_tag') === FALSE AND config_item('rewrite_short_tags') == TRUE) + { + echo eval('?>'.preg_replace("/;*\s*\?>/", "; ?>", str_replace(' $this->_ci_ob_level + 1) + { + ob_end_flush(); + } + else + { + // PHP 4 requires that we use a global + global $OUT; + $OUT->append_output(ob_get_contents()); + @ob_end_clean(); + } + } + + // -------------------------------------------------------------------- + + /** + * Load class + * + * This function loads the requested class. + * + * @access private + * @param string the item that is being loaded + * @param mixed any additional parameters + * @param string an optional object name + * @return void + */ + function _ci_load_class($class, $params = NULL, $object_name = NULL) + { + // Get the class name, and while we're at it trim any slashes. + // The directory path can be included as part of the class name, + // but we don't want a leading slash + $class = str_replace(EXT, '', trim($class, '/')); + + // Was the path included with the class name? + // We look for a slash to determine this + $subdir = ''; + if (strpos($class, '/') !== FALSE) + { + // explode the path so we can separate the filename from the path + $x = explode('/', $class); + + // Reset the $class variable now that we know the actual filename + $class = end($x); + + // Kill the filename from the array + unset($x[count($x)-1]); + + // Glue the path back together, sans filename + $subdir = implode($x, '/').'/'; + } + + // We'll test for both lowercase and capitalized versions of the file name + foreach (array(ucfirst($class), strtolower($class)) as $class) + { + $subclass = APPPATH.'libraries/'.$subdir.config_item('subclass_prefix').$class.EXT; + + // Is this a class extension request? + if (file_exists($subclass)) + { + $baseclass = BASEPATH.'libraries/'.ucfirst($class).EXT; + + if ( ! file_exists($baseclass)) + { + log_message('error', "Unable to load the requested class: ".$class); + show_error("Unable to load the requested class: ".$class); + } + + // Safety: Was the class already loaded by a previous call? + if (in_array($subclass, $this->_ci_loaded_files)) + { + // Before we deem this to be a duplicate request, let's see + // if a custom object name is being supplied. If so, we'll + // return a new instance of the object + if ( ! is_null($object_name)) + { + $CI =& get_instance(); + if ( ! isset($CI->$object_name)) + { + return $this->_ci_init_class($class, config_item('subclass_prefix'), $params, $object_name); + } + } + + $is_duplicate = TRUE; + log_message('debug', $class." class already loaded. Second attempt ignored."); + return; + } + + include_once($baseclass); + include_once($subclass); + $this->_ci_loaded_files[] = $subclass; + + return $this->_ci_init_class($class, config_item('subclass_prefix'), $params, $object_name); + } + + // Lets search for the requested library file and load it. + $is_duplicate = FALSE; + for ($i = 1; $i < 3; $i++) + { + $path = ($i % 2) ? APPPATH : BASEPATH; + $filepath = $path.'libraries/'.$subdir.$class.EXT; + + // Does the file exist? No? Bummer... + if ( ! file_exists($filepath)) + { + continue; + } + + // Safety: Was the class already loaded by a previous call? + if (in_array($filepath, $this->_ci_loaded_files)) + { + // Before we deem this to be a duplicate request, let's see + // if a custom object name is being supplied. If so, we'll + // return a new instance of the object + if ( ! is_null($object_name)) + { + $CI =& get_instance(); + if ( ! isset($CI->$object_name)) + { + return $this->_ci_init_class($class, '', $params, $object_name); + } + } + + $is_duplicate = TRUE; + log_message('debug', $class." class already loaded. Second attempt ignored."); + return; + } + + include_once($filepath); + $this->_ci_loaded_files[] = $filepath; + return $this->_ci_init_class($class, '', $params, $object_name); + } + } // END FOREACH + + // One last attempt. Maybe the library is in a subdirectory, but it wasn't specified? + if ($subdir == '') + { + $path = strtolower($class).'/'.$class; + return $this->_ci_load_class($path, $params); + } + + // If we got this far we were unable to find the requested class. + // We do not issue errors if the load call failed due to a duplicate request + if ($is_duplicate == FALSE) + { + log_message('error', "Unable to load the requested class: ".$class); + show_error("Unable to load the requested class: ".$class); + } + } + + // -------------------------------------------------------------------- + + /** + * Instantiates a class + * + * @access private + * @param string + * @param string + * @param string an optional object name + * @return null + */ + function _ci_init_class($class, $prefix = '', $config = FALSE, $object_name = NULL) + { + // Is there an associated config file for this class? + if ($config === NULL) + { + // We test for both uppercase and lowercase, for servers that + // are case-sensitive with regard to file names + if (file_exists(APPPATH.'config/'.strtolower($class).EXT)) + { + include_once(APPPATH.'config/'.strtolower($class).EXT); + } + elseif (file_exists(APPPATH.'config/'.ucfirst(strtolower($class)).EXT)) + { + include_once(APPPATH.'config/'.ucfirst(strtolower($class)).EXT); + } + } + + if ($prefix == '') + { + if (class_exists('CI_'.$class)) + { + $name = 'CI_'.$class; + } + elseif (class_exists(config_item('subclass_prefix').$class)) + { + $name = config_item('subclass_prefix').$class; + } + else + { + $name = $class; + } + } + else + { + $name = $prefix.$class; + } + + // Is the class name valid? + if ( ! class_exists($name)) + { + log_message('error', "Non-existent class: ".$name); + show_error("Non-existent class: ".$class); + } + + // Set the variable name we will assign the class to + // Was a custom class name supplied? If so we'll use it + $class = strtolower($class); + + if (is_null($object_name)) + { + $classvar = ( ! isset($this->_ci_varmap[$class])) ? $class : $this->_ci_varmap[$class]; + } + else + { + $classvar = $object_name; + } + + // Save the class name and object name + $this->_ci_classes[$class] = $classvar; + + // Instantiate the class + $CI =& get_instance(); + if ($config !== NULL) + { + $CI->$classvar = new $name($config); + } + else + { + $CI->$classvar = new $name; + } + } + + // -------------------------------------------------------------------- + + /** + * Autoloader + * + * The config/autoload.php file contains an array that permits sub-systems, + * libraries, plugins, and helpers to be loaded automatically. + * + * @access private + * @param array + * @return void + */ + function _ci_autoloader() + { + include_once(APPPATH.'config/autoload'.EXT); + + if ( ! isset($autoload)) + { + return FALSE; + } + + // Load any custom config file + if (count($autoload['config']) > 0) + { + $CI =& get_instance(); + foreach ($autoload['config'] as $key => $val) + { + $CI->config->load($val); + } + } + + // Autoload plugins, helpers and languages + foreach (array('helper', 'plugin', 'language') as $type) + { + if (isset($autoload[$type]) AND count($autoload[$type]) > 0) + { + $this->$type($autoload[$type]); + } + } + + // A little tweak to remain backward compatible + // The $autoload['core'] item was deprecated + if ( ! isset($autoload['libraries'])) + { + $autoload['libraries'] = $autoload['core']; + } + + // Load libraries + if (isset($autoload['libraries']) AND count($autoload['libraries']) > 0) + { + // Load the database driver. + if (in_array('database', $autoload['libraries'])) + { + $this->database(); + $autoload['libraries'] = array_diff($autoload['libraries'], array('database')); + } + + // Load scaffolding + if (in_array('scaffolding', $autoload['libraries'])) + { + $this->scaffolding(); + $autoload['libraries'] = array_diff($autoload['libraries'], array('scaffolding')); + } + + // Load all other libraries + foreach ($autoload['libraries'] as $item) + { + $this->library($item); + } + } + + // Autoload models + if (isset($autoload['model'])) + { + $this->model($autoload['model']); + } + + } + + // -------------------------------------------------------------------- + + /** + * Assign to Models + * + * Makes sure that anything loaded by the loader class (libraries, plugins, etc.) + * will be available to models, if any exist. + * + * @access private + * @param object + * @return array + */ + function _ci_assign_to_models() + { + if (count($this->_ci_models) == 0) + { + return; + } + + if ($this->_ci_is_instance()) + { + $CI =& get_instance(); + foreach ($this->_ci_models as $model) + { + $CI->$model->_assign_libraries(); + } + } + else + { + foreach ($this->_ci_models as $model) + { + $this->$model->_assign_libraries(); + } + } + } + + // -------------------------------------------------------------------- + + /** + * Object to Array + * + * Takes an object as input and converts the class variables to array key/vals + * + * @access private + * @param object + * @return array + */ + function _ci_object_to_array($object) + { + return (is_object($object)) ? get_object_vars($object) : $object; + } + + // -------------------------------------------------------------------- + + /** + * Determines whether we should use the CI instance or $this + * + * @access private + * @return bool + */ + function _ci_is_instance() + { + if ($this->_ci_is_php5 == TRUE) + { + return TRUE; + } + + global $CI; + return (is_object($CI)) ? TRUE : FALSE; + } + +} + +/* End of file Loader.php */ +/* Location: ./system/libraries/Loader.php */ \ No newline at end of file diff --git a/system/core/Model.php b/system/core/Model.php new file mode 100644 index 000000000..e9c2d24d1 --- /dev/null +++ b/system/core/Model.php @@ -0,0 +1,83 @@ +_assign_libraries( (method_exists($this, '__get') OR method_exists($this, '__set')) ? FALSE : TRUE ); + + // We don't want to assign the model object to itself when using the + // assign_libraries function below so we'll grab the name of the model parent + $this->_parent_name = ucfirst(get_class($this)); + + log_message('debug', "Model Class Initialized"); + } + + /** + * Assign Libraries + * + * Creates local references to all currently instantiated objects + * so that any syntax that can be legally used in a controller + * can be used within models. + * + * @access private + */ + function _assign_libraries($use_reference = TRUE) + { + $CI =& get_instance(); + foreach (array_keys(get_object_vars($CI)) as $key) + { + if ( ! isset($this->$key) AND $key != $this->_parent_name) + { + // In some cases using references can cause + // problems so we'll conditionally use them + if ($use_reference == TRUE) + { + $this->$key = NULL; // Needed to prevent reference errors with some configurations + $this->$key =& $CI->$key; + } + else + { + $this->$key = $CI->$key; + } + } + } + } + +} +// END Model Class + +/* End of file Model.php */ +/* Location: ./system/libraries/Model.php */ \ No newline at end of file diff --git a/system/core/Output.php b/system/core/Output.php new file mode 100644 index 000000000..6a9a11677 --- /dev/null +++ b/system/core/Output.php @@ -0,0 +1,409 @@ +final_output; + } + + // -------------------------------------------------------------------- + + /** + * Set Output + * + * Sets the output string + * + * @access public + * @param string + * @return void + */ + function set_output($output) + { + $this->final_output = $output; + } + + // -------------------------------------------------------------------- + + /** + * Append Output + * + * Appends data onto the output string + * + * @access public + * @param string + * @return void + */ + function append_output($output) + { + if ($this->final_output == '') + { + $this->final_output = $output; + } + else + { + $this->final_output .= $output; + } + } + + // -------------------------------------------------------------------- + + /** + * Set Header + * + * Lets you set a server header which will be outputted with the final display. + * + * Note: If a file is cached, headers will not be sent. We need to figure out + * how to permit header data to be saved with the cache data... + * + * @access public + * @param string + * @return void + */ + function set_header($header, $replace = TRUE) + { + $this->headers[] = array($header, $replace); + } + + // -------------------------------------------------------------------- + + /** + * Set HTTP Status Header + * moved to Common procedural functions in 1.7.2 + * + * @access public + * @param int the status code + * @param string + * @return void + */ + function set_status_header($code = '200', $text = '') + { + set_status_header($code, $text); + } + + // -------------------------------------------------------------------- + + /** + * Enable/disable Profiler + * + * @access public + * @param bool + * @return void + */ + function enable_profiler($val = TRUE) + { + $this->enable_profiler = (is_bool($val)) ? $val : TRUE; + } + + // -------------------------------------------------------------------- + + /** + * Set Cache + * + * @access public + * @param integer + * @return void + */ + function cache($time) + { + $this->cache_expiration = ( ! is_numeric($time)) ? 0 : $time; + } + + // -------------------------------------------------------------------- + + /** + * Display Output + * + * All "view" data is automatically put into this variable by the controller class: + * + * $this->final_output + * + * This function sends the finalized output data to the browser along + * with any server headers and profile data. It also stops the + * benchmark timer so the page rendering speed and memory usage can be shown. + * + * @access public + * @return mixed + */ + function _display($output = '') + { + // Note: We use globals because we can't use $CI =& get_instance() + // since this function is sometimes called by the caching mechanism, + // which happens before the CI super object is available. + global $BM, $CFG; + + // -------------------------------------------------------------------- + + // Set the output data + if ($output == '') + { + $output =& $this->final_output; + } + + // -------------------------------------------------------------------- + + // Do we need to write a cache file? + if ($this->cache_expiration > 0) + { + $this->_write_cache($output); + } + + // -------------------------------------------------------------------- + + // Parse out the elapsed time and memory usage, + // then swap the pseudo-variables with the data + + $elapsed = $BM->elapsed_time('total_execution_time_start', 'total_execution_time_end'); + $output = str_replace('{elapsed_time}', $elapsed, $output); + + $memory = ( ! function_exists('memory_get_usage')) ? '0' : round(memory_get_usage()/1024/1024, 2).'MB'; + $output = str_replace('{memory_usage}', $memory, $output); + + // -------------------------------------------------------------------- + + // Is compression requested? + if ($CFG->item('compress_output') === TRUE) + { + if (extension_loaded('zlib')) + { + if (isset($_SERVER['HTTP_ACCEPT_ENCODING']) AND strpos($_SERVER['HTTP_ACCEPT_ENCODING'], 'gzip') !== FALSE) + { + ob_start('ob_gzhandler'); + } + } + } + + // -------------------------------------------------------------------- + + // Are there any server headers to send? + if (count($this->headers) > 0) + { + foreach ($this->headers as $header) + { + @header($header[0], $header[1]); + } + } + + // -------------------------------------------------------------------- + + // Does the get_instance() function exist? + // If not we know we are dealing with a cache file so we'll + // simply echo out the data and exit. + if ( ! function_exists('get_instance')) + { + echo $output; + log_message('debug', "Final output sent to browser"); + log_message('debug', "Total execution time: ".$elapsed); + return TRUE; + } + + // -------------------------------------------------------------------- + + // Grab the super object. We'll need it in a moment... + $CI =& get_instance(); + + // Do we need to generate profile data? + // If so, load the Profile class and run it. + if ($this->enable_profiler == TRUE) + { + $CI->load->library('profiler'); + + // If the output data contains closing and tags + // we will remove them and add them back after we insert the profile data + if (preg_match("|.*?|is", $output)) + { + $output = preg_replace("|.*?|is", '', $output); + $output .= $CI->profiler->run(); + $output .= ''; + } + else + { + $output .= $CI->profiler->run(); + } + } + + // -------------------------------------------------------------------- + + // Does the controller contain a function named _output()? + // If so send the output there. Otherwise, echo it. + if (method_exists($CI, '_output')) + { + $CI->_output($output); + } + else + { + echo $output; // Send it to the browser! + } + + log_message('debug', "Final output sent to browser"); + log_message('debug', "Total execution time: ".$elapsed); + } + + // -------------------------------------------------------------------- + + /** + * Write a Cache File + * + * @access public + * @return void + */ + function _write_cache($output) + { + $CI =& get_instance(); + $path = $CI->config->item('cache_path'); + + $cache_path = ($path == '') ? BASEPATH.'cache/' : $path; + + if ( ! is_dir($cache_path) OR ! is_really_writable($cache_path)) + { + return; + } + + $uri = $CI->config->item('base_url'). + $CI->config->item('index_page'). + $CI->uri->uri_string(); + + $cache_path .= md5($uri); + + if ( ! $fp = @fopen($cache_path, FOPEN_WRITE_CREATE_DESTRUCTIVE)) + { + log_message('error', "Unable to write cache file: ".$cache_path); + return; + } + + $expire = time() + ($this->cache_expiration * 60); + + if (flock($fp, LOCK_EX)) + { + fwrite($fp, $expire.'TS--->'.$output); + flock($fp, LOCK_UN); + } + else + { + log_message('error', "Unable to secure a file lock for file at: ".$cache_path); + return; + } + fclose($fp); + @chmod($cache_path, FILE_WRITE_MODE); + + log_message('debug', "Cache file written: ".$cache_path); + } + + // -------------------------------------------------------------------- + + /** + * Update/serve a cached file + * + * @access public + * @return void + */ + function _display_cache(&$CFG, &$URI) + { + $cache_path = ($CFG->item('cache_path') == '') ? BASEPATH.'cache/' : $CFG->item('cache_path'); + + if ( ! is_dir($cache_path) OR ! is_really_writable($cache_path)) + { + return FALSE; + } + + // Build the file path. The file name is an MD5 hash of the full URI + $uri = $CFG->item('base_url'). + $CFG->item('index_page'). + $URI->uri_string; + + $filepath = $cache_path.md5($uri); + + if ( ! @file_exists($filepath)) + { + return FALSE; + } + + if ( ! $fp = @fopen($filepath, FOPEN_READ)) + { + return FALSE; + } + + flock($fp, LOCK_SH); + + $cache = ''; + if (filesize($filepath) > 0) + { + $cache = fread($fp, filesize($filepath)); + } + + flock($fp, LOCK_UN); + fclose($fp); + + // Strip out the embedded timestamp + if ( ! preg_match("/(\d+TS--->)/", $cache, $match)) + { + return FALSE; + } + + // Has the file expired? If so we'll delete it. + if (time() >= trim(str_replace('TS--->', '', $match['1']))) + { + @unlink($filepath); + log_message('debug', "Cache file has expired. File deleted"); + return FALSE; + } + + // Display the cache + $this->_display(str_replace($match['0'], '', $cache)); + log_message('debug', "Cache file is current. Sending it to browser."); + return TRUE; + } + + +} +// END Output Class + +/* End of file Output.php */ +/* Location: ./system/libraries/Output.php */ \ No newline at end of file diff --git a/system/core/Router.php b/system/core/Router.php new file mode 100644 index 000000000..20e69721d --- /dev/null +++ b/system/core/Router.php @@ -0,0 +1,389 @@ +config =& load_class('Config'); + $this->uri =& load_class('URI'); + $this->_set_routing(); + log_message('debug', "Router Class Initialized"); + } + + // -------------------------------------------------------------------- + + /** + * Set the route mapping + * + * This function determines what should be served based on the URI request, + * as well as any "routes" that have been set in the routing config file. + * + * @access private + * @return void + */ + function _set_routing() + { + // Are query strings enabled in the config file? + // If so, we're done since segment based URIs are not used with query strings. + if ($this->config->item('enable_query_strings') === TRUE AND isset($_GET[$this->config->item('controller_trigger')])) + { + $this->set_class(trim($this->uri->_filter_uri($_GET[$this->config->item('controller_trigger')]))); + + if (isset($_GET[$this->config->item('function_trigger')])) + { + $this->set_method(trim($this->uri->_filter_uri($_GET[$this->config->item('function_trigger')]))); + } + + return; + } + + // Load the routes.php file. + @include(APPPATH.'config/routes'.EXT); + $this->routes = ( ! isset($route) OR ! is_array($route)) ? array() : $route; + unset($route); + + // Set the default controller so we can display it in the event + // the URI doesn't correlated to a valid controller. + $this->default_controller = ( ! isset($this->routes['default_controller']) OR $this->routes['default_controller'] == '') ? FALSE : strtolower($this->routes['default_controller']); + + // Fetch the complete URI string + $this->uri->_fetch_uri_string(); + + // Is there a URI string? If not, the default controller specified in the "routes" file will be shown. + if ($this->uri->uri_string == '') + { + if ($this->default_controller === FALSE) + { + show_error("Unable to determine what should be displayed. A default route has not been specified in the routing file."); + } + + if (strpos($this->default_controller, '/') !== FALSE) + { + $x = explode('/', $this->default_controller); + + $this->set_class(end($x)); + $this->set_method('index'); + $this->_set_request($x); + } + else + { + $this->set_class($this->default_controller); + $this->set_method('index'); + $this->_set_request(array($this->default_controller, 'index')); + } + + // re-index the routed segments array so it starts with 1 rather than 0 + $this->uri->_reindex_segments(); + + log_message('debug', "No URI present. Default controller set."); + return; + } + unset($this->routes['default_controller']); + + // Do we need to remove the URL suffix? + $this->uri->_remove_url_suffix(); + + // Compile the segments into an array + $this->uri->_explode_segments(); + + // Parse any custom routing that may exist + $this->_parse_routes(); + + // Re-index the segment array so that it starts with 1 rather than 0 + $this->uri->_reindex_segments(); + } + + // -------------------------------------------------------------------- + + /** + * Set the Route + * + * This function takes an array of URI segments as + * input, and sets the current class/method + * + * @access private + * @param array + * @param bool + * @return void + */ + function _set_request($segments = array()) + { + $segments = $this->_validate_request($segments); + + if (count($segments) == 0) + { + return; + } + + $this->set_class($segments[0]); + + if (isset($segments[1])) + { + // A scaffolding request. No funny business with the URL + if ($this->routes['scaffolding_trigger'] == $segments[1] AND $segments[1] != '_ci_scaffolding') + { + $this->scaffolding_request = TRUE; + unset($this->routes['scaffolding_trigger']); + } + else + { + // A standard method request + $this->set_method($segments[1]); + } + } + else + { + // This lets the "routed" segment array identify that the default + // index method is being used. + $segments[1] = 'index'; + } + + // Update our "routed" segment array to contain the segments. + // Note: If there is no custom routing, this array will be + // identical to $this->uri->segments + $this->uri->rsegments = $segments; + } + + // -------------------------------------------------------------------- + + /** + * Validates the supplied segments. Attempts to determine the path to + * the controller. + * + * @access private + * @param array + * @return array + */ + function _validate_request($segments) + { + // Does the requested controller exist in the root folder? + if (file_exists(APPPATH.'controllers/'.$segments[0].EXT)) + { + return $segments; + } + + // Is the controller in a sub-folder? + if (is_dir(APPPATH.'controllers/'.$segments[0])) + { + // Set the directory and remove it from the segment array + $this->set_directory($segments[0]); + $segments = array_slice($segments, 1); + + if (count($segments) > 0) + { + // Does the requested controller exist in the sub-folder? + if ( ! file_exists(APPPATH.'controllers/'.$this->fetch_directory().$segments[0].EXT)) + { + show_404($this->fetch_directory().$segments[0]); + } + } + else + { + $this->set_class($this->default_controller); + $this->set_method('index'); + + // Does the default controller exist in the sub-folder? + if ( ! file_exists(APPPATH.'controllers/'.$this->fetch_directory().$this->default_controller.EXT)) + { + $this->directory = ''; + return array(); + } + + } + + return $segments; + } + + // Can't find the requested controller... + show_404($segments[0]); + } + + // -------------------------------------------------------------------- + + /** + * Parse Routes + * + * This function matches any routes that may exist in + * the config/routes.php file against the URI to + * determine if the class/method need to be remapped. + * + * @access private + * @return void + */ + function _parse_routes() + { + // Do we even have any custom routing to deal with? + // There is a default scaffolding trigger, so we'll look just for 1 + if (count($this->routes) == 1) + { + $this->_set_request($this->uri->segments); + return; + } + + // Turn the segment array into a URI string + $uri = implode('/', $this->uri->segments); + + // Is there a literal match? If so we're done + if (isset($this->routes[$uri])) + { + $this->_set_request(explode('/', $this->routes[$uri])); + return; + } + + // Loop through the route array looking for wild-cards + foreach ($this->routes as $key => $val) + { + // Convert wild-cards to RegEx + $key = str_replace(':any', '.+', str_replace(':num', '[0-9]+', $key)); + + // Does the RegEx match? + if (preg_match('#^'.$key.'$#', $uri)) + { + // Do we have a back-reference? + if (strpos($val, '$') !== FALSE AND strpos($key, '(') !== FALSE) + { + $val = preg_replace('#^'.$key.'$#', $val, $uri); + } + + $this->_set_request(explode('/', $val)); + return; + } + } + + // If we got this far it means we didn't encounter a + // matching route so we'll set the site default route + $this->_set_request($this->uri->segments); + } + + // -------------------------------------------------------------------- + + /** + * Set the class name + * + * @access public + * @param string + * @return void + */ + function set_class($class) + { + $this->class = $class; + } + + // -------------------------------------------------------------------- + + /** + * Fetch the current class + * + * @access public + * @return string + */ + function fetch_class() + { + return $this->class; + } + + // -------------------------------------------------------------------- + + /** + * Set the method name + * + * @access public + * @param string + * @return void + */ + function set_method($method) + { + $this->method = $method; + } + + // -------------------------------------------------------------------- + + /** + * Fetch the current method + * + * @access public + * @return string + */ + function fetch_method() + { + if ($this->method == $this->fetch_class()) + { + return 'index'; + } + + return $this->method; + } + + // -------------------------------------------------------------------- + + /** + * Set the directory name + * + * @access public + * @param string + * @return void + */ + function set_directory($dir) + { + $this->directory = $dir.'/'; + } + + // -------------------------------------------------------------------- + + /** + * Fetch the sub-directory (if any) that contains the requested controller class + * + * @access public + * @return string + */ + function fetch_directory() + { + return $this->directory; + } + +} +// END Router Class + +/* End of file Router.php */ +/* Location: ./system/libraries/Router.php */ \ No newline at end of file diff --git a/system/core/URI.php b/system/core/URI.php new file mode 100644 index 000000000..23efb38c1 --- /dev/null +++ b/system/core/URI.php @@ -0,0 +1,586 @@ +config =& load_class('Config'); + log_message('debug', "URI Class Initialized"); + } + + + // -------------------------------------------------------------------- + + /** + * Get the URI String + * + * @access private + * @return string + */ + function _fetch_uri_string() + { + if (strtoupper($this->config->item('uri_protocol')) == 'AUTO') + { + // If the URL has a question mark then it's simplest to just + // build the URI string from the zero index of the $_GET array. + // This avoids having to deal with $_SERVER variables, which + // can be unreliable in some environments + if (is_array($_GET) && count($_GET) == 1 && trim(key($_GET), '/') != '') + { + $this->uri_string = key($_GET); + return; + } + + // Is there a PATH_INFO variable? + // Note: some servers seem to have trouble with getenv() so we'll test it two ways + $path = (isset($_SERVER['PATH_INFO'])) ? $_SERVER['PATH_INFO'] : @getenv('PATH_INFO'); + if (trim($path, '/') != '' && $path != "/".SELF) + { + $this->uri_string = $path; + return; + } + + // No PATH_INFO?... What about QUERY_STRING? + $path = (isset($_SERVER['QUERY_STRING'])) ? $_SERVER['QUERY_STRING'] : @getenv('QUERY_STRING'); + if (trim($path, '/') != '') + { + $this->uri_string = $path; + return; + } + + // No QUERY_STRING?... Maybe the ORIG_PATH_INFO variable exists? + $path = str_replace($_SERVER['SCRIPT_NAME'], '', (isset($_SERVER['ORIG_PATH_INFO'])) ? $_SERVER['ORIG_PATH_INFO'] : @getenv('ORIG_PATH_INFO')); + if (trim($path, '/') != '' && $path != "/".SELF) + { + // remove path and script information so we have good URI data + $this->uri_string = $path; + return; + } + + // We've exhausted all our options... + $this->uri_string = ''; + } + else + { + $uri = strtoupper($this->config->item('uri_protocol')); + + if ($uri == 'REQUEST_URI') + { + $this->uri_string = $this->_parse_request_uri(); + return; + } + + $this->uri_string = (isset($_SERVER[$uri])) ? $_SERVER[$uri] : @getenv($uri); + } + + // If the URI contains only a slash we'll kill it + if ($this->uri_string == '/') + { + $this->uri_string = ''; + } + } + + // -------------------------------------------------------------------- + + /** + * Parse the REQUEST_URI + * + * Due to the way REQUEST_URI works it usually contains path info + * that makes it unusable as URI data. We'll trim off the unnecessary + * data, hopefully arriving at a valid URI that we can use. + * + * @access private + * @return string + */ + function _parse_request_uri() + { + if ( ! isset($_SERVER['REQUEST_URI']) OR $_SERVER['REQUEST_URI'] == '') + { + return ''; + } + + $request_uri = preg_replace("|/(.*)|", "\\1", str_replace("\\", "/", $_SERVER['REQUEST_URI'])); + + if ($request_uri == '' OR $request_uri == SELF) + { + return ''; + } + + $fc_path = FCPATH.SELF; + if (strpos($request_uri, '?') !== FALSE) + { + $fc_path .= '?'; + } + + $parsed_uri = explode("/", $request_uri); + + $i = 0; + foreach(explode("/", $fc_path) as $segment) + { + if (isset($parsed_uri[$i]) && $segment == $parsed_uri[$i]) + { + $i++; + } + } + + $parsed_uri = implode("/", array_slice($parsed_uri, $i)); + + if ($parsed_uri != '') + { + $parsed_uri = '/'.$parsed_uri; + } + + return $parsed_uri; + } + + // -------------------------------------------------------------------- + + /** + * Filter segments for malicious characters + * + * @access private + * @param string + * @return string + */ + function _filter_uri($str) + { + if ($str != '' && $this->config->item('permitted_uri_chars') != '' && $this->config->item('enable_query_strings') == FALSE) + { + // preg_quote() in PHP 5.3 escapes -, so the str_replace() and addition of - to preg_quote() is to maintain backwards + // compatibility as many are unaware of how characters in the permitted_uri_chars will be parsed as a regex pattern + if ( ! preg_match("|^[".str_replace(array('\\-', '\-'), '-', preg_quote($this->config->item('permitted_uri_chars'), '-'))."]+$|i", $str)) + { + show_error('The URI you submitted has disallowed characters.', 400); + } + } + + // Convert programatic characters to entities + $bad = array('$', '(', ')', '%28', '%29'); + $good = array('$', '(', ')', '(', ')'); + + return str_replace($bad, $good, $str); + } + + // -------------------------------------------------------------------- + + /** + * Remove the suffix from the URL if needed + * + * @access private + * @return void + */ + function _remove_url_suffix() + { + if ($this->config->item('url_suffix') != "") + { + $this->uri_string = preg_replace("|".preg_quote($this->config->item('url_suffix'))."$|", "", $this->uri_string); + } + } + + // -------------------------------------------------------------------- + + /** + * Explode the URI Segments. The individual segments will + * be stored in the $this->segments array. + * + * @access private + * @return void + */ + function _explode_segments() + { + foreach(explode("/", preg_replace("|/*(.+?)/*$|", "\\1", $this->uri_string)) as $val) + { + // Filter segments for security + $val = trim($this->_filter_uri($val)); + + if ($val != '') + { + $this->segments[] = $val; + } + } + } + + // -------------------------------------------------------------------- + /** + * Re-index Segments + * + * This function re-indexes the $this->segment array so that it + * starts at 1 rather than 0. Doing so makes it simpler to + * use functions like $this->uri->segment(n) since there is + * a 1:1 relationship between the segment array and the actual segments. + * + * @access private + * @return void + */ + function _reindex_segments() + { + array_unshift($this->segments, NULL); + array_unshift($this->rsegments, NULL); + unset($this->segments[0]); + unset($this->rsegments[0]); + } + + // -------------------------------------------------------------------- + + /** + * Fetch a URI Segment + * + * This function returns the URI segment based on the number provided. + * + * @access public + * @param integer + * @param bool + * @return string + */ + function segment($n, $no_result = FALSE) + { + return ( ! isset($this->segments[$n])) ? $no_result : $this->segments[$n]; + } + + // -------------------------------------------------------------------- + + /** + * Fetch a URI "routed" Segment + * + * This function returns the re-routed URI segment (assuming routing rules are used) + * based on the number provided. If there is no routing this function returns the + * same result as $this->segment() + * + * @access public + * @param integer + * @param bool + * @return string + */ + function rsegment($n, $no_result = FALSE) + { + return ( ! isset($this->rsegments[$n])) ? $no_result : $this->rsegments[$n]; + } + + // -------------------------------------------------------------------- + + /** + * Generate a key value pair from the URI string + * + * This function generates and associative array of URI data starting + * at the supplied segment. For example, if this is your URI: + * + * example.com/user/search/name/joe/location/UK/gender/male + * + * You can use this function to generate an array with this prototype: + * + * array ( + * name => joe + * location => UK + * gender => male + * ) + * + * @access public + * @param integer the starting segment number + * @param array an array of default values + * @return array + */ + function uri_to_assoc($n = 3, $default = array()) + { + return $this->_uri_to_assoc($n, $default, 'segment'); + } + /** + * Identical to above only it uses the re-routed segment array + * + */ + function ruri_to_assoc($n = 3, $default = array()) + { + return $this->_uri_to_assoc($n, $default, 'rsegment'); + } + + // -------------------------------------------------------------------- + + /** + * Generate a key value pair from the URI string or Re-routed URI string + * + * @access private + * @param integer the starting segment number + * @param array an array of default values + * @param string which array we should use + * @return array + */ + function _uri_to_assoc($n = 3, $default = array(), $which = 'segment') + { + if ($which == 'segment') + { + $total_segments = 'total_segments'; + $segment_array = 'segment_array'; + } + else + { + $total_segments = 'total_rsegments'; + $segment_array = 'rsegment_array'; + } + + if ( ! is_numeric($n)) + { + return $default; + } + + if (isset($this->keyval[$n])) + { + return $this->keyval[$n]; + } + + if ($this->$total_segments() < $n) + { + if (count($default) == 0) + { + return array(); + } + + $retval = array(); + foreach ($default as $val) + { + $retval[$val] = FALSE; + } + return $retval; + } + + $segments = array_slice($this->$segment_array(), ($n - 1)); + + $i = 0; + $lastval = ''; + $retval = array(); + foreach ($segments as $seg) + { + if ($i % 2) + { + $retval[$lastval] = $seg; + } + else + { + $retval[$seg] = FALSE; + $lastval = $seg; + } + + $i++; + } + + if (count($default) > 0) + { + foreach ($default as $val) + { + if ( ! array_key_exists($val, $retval)) + { + $retval[$val] = FALSE; + } + } + } + + // Cache the array for reuse + $this->keyval[$n] = $retval; + return $retval; + } + + // -------------------------------------------------------------------- + + /** + * Generate a URI string from an associative array + * + * + * @access public + * @param array an associative array of key/values + * @return array + */ + function assoc_to_uri($array) + { + $temp = array(); + foreach ((array)$array as $key => $val) + { + $temp[] = $key; + $temp[] = $val; + } + + return implode('/', $temp); + } + + // -------------------------------------------------------------------- + + /** + * Fetch a URI Segment and add a trailing slash + * + * @access public + * @param integer + * @param string + * @return string + */ + function slash_segment($n, $where = 'trailing') + { + return $this->_slash_segment($n, $where, 'segment'); + } + + // -------------------------------------------------------------------- + + /** + * Fetch a URI Segment and add a trailing slash + * + * @access public + * @param integer + * @param string + * @return string + */ + function slash_rsegment($n, $where = 'trailing') + { + return $this->_slash_segment($n, $where, 'rsegment'); + } + + // -------------------------------------------------------------------- + + /** + * Fetch a URI Segment and add a trailing slash - helper function + * + * @access private + * @param integer + * @param string + * @param string + * @return string + */ + function _slash_segment($n, $where = 'trailing', $which = 'segment') + { + if ($where == 'trailing') + { + $trailing = '/'; + $leading = ''; + } + elseif ($where == 'leading') + { + $leading = '/'; + $trailing = ''; + } + else + { + $leading = '/'; + $trailing = '/'; + } + return $leading.$this->$which($n).$trailing; + } + + // -------------------------------------------------------------------- + + /** + * Segment Array + * + * @access public + * @return array + */ + function segment_array() + { + return $this->segments; + } + + // -------------------------------------------------------------------- + + /** + * Routed Segment Array + * + * @access public + * @return array + */ + function rsegment_array() + { + return $this->rsegments; + } + + // -------------------------------------------------------------------- + + /** + * Total number of segments + * + * @access public + * @return integer + */ + function total_segments() + { + return count($this->segments); + } + + // -------------------------------------------------------------------- + + /** + * Total number of routed segments + * + * @access public + * @return integer + */ + function total_rsegments() + { + return count($this->rsegments); + } + + // -------------------------------------------------------------------- + + /** + * Fetch the entire URI string + * + * @access public + * @return string + */ + function uri_string() + { + return $this->uri_string; + } + + + // -------------------------------------------------------------------- + + /** + * Fetch the entire Re-routed URI string + * + * @access public + * @return string + */ + function ruri_string() + { + return '/'.implode('/', $this->rsegment_array()).'/'; + } + +} +// END URI Class + +/* End of file URI.php */ +/* Location: ./system/libraries/URI.php */ \ No newline at end of file diff --git a/system/core/index.html b/system/core/index.html new file mode 100644 index 000000000..c942a79ce --- /dev/null +++ b/system/core/index.html @@ -0,0 +1,10 @@ + + + 403 Forbidden + + + +

Directory access is forbidden.

+ + + \ No newline at end of file -- cgit v1.2.3-24-g4f1b From c68dfbf9df1bd76f608307185ec16f5be4b550f1 Mon Sep 17 00:00:00 2001 From: Derek Jones Date: Tue, 2 Mar 2010 12:59:23 -0600 Subject: fixed EOF code comment file locations --- system/core/Base4.php | 2 +- system/core/Base5.php | 2 +- system/core/Benchmark.php | 2 +- system/core/CodeIgniter.php | 2 +- system/core/Common.php | 2 +- system/core/Compat.php | 2 +- system/core/Config.php | 2 +- system/core/Controller.php | 2 +- system/core/Exceptions.php | 2 +- system/core/Hooks.php | 2 +- system/core/Input.php | 2 +- system/core/Lang.php | 2 +- system/core/Loader.php | 2 +- system/core/Model.php | 2 +- system/core/Output.php | 2 +- system/core/Router.php | 2 +- system/core/URI.php | 2 +- 17 files changed, 17 insertions(+), 17 deletions(-) (limited to 'system/core') diff --git a/system/core/Base4.php b/system/core/Base4.php index 3561c2564..24474830c 100644 --- a/system/core/Base4.php +++ b/system/core/Base4.php @@ -66,4 +66,4 @@ function &get_instance() /* End of file Base4.php */ -/* Location: ./system/codeigniter/Base4.php */ \ No newline at end of file +/* Location: ./system/core/Base4.php */ \ No newline at end of file diff --git a/system/core/Base5.php b/system/core/Base5.php index 5d944ae5a..86e3513c7 100644 --- a/system/core/Base5.php +++ b/system/core/Base5.php @@ -53,4 +53,4 @@ function &get_instance() /* End of file Base5.php */ -/* Location: ./system/codeigniter/Base5.php */ \ No newline at end of file +/* Location: ./system/core/Base5.php */ \ No newline at end of file diff --git a/system/core/Benchmark.php b/system/core/Benchmark.php index d485ee21d..1149b7a76 100644 --- a/system/core/Benchmark.php +++ b/system/core/Benchmark.php @@ -110,4 +110,4 @@ class CI_Benchmark { // END CI_Benchmark class /* End of file Benchmark.php */ -/* Location: ./system/libraries/Benchmark.php */ \ No newline at end of file +/* Location: ./system/core/Benchmark.php */ \ No newline at end of file diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index 5d5bb144b..65c75a6c4 100644 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -277,4 +277,4 @@ if (class_exists('CI_DB') AND isset($CI->db)) /* End of file CodeIgniter.php */ -/* Location: ./system/codeigniter/CodeIgniter.php */ \ No newline at end of file +/* Location: ./system/core/CodeIgniter.php */ \ No newline at end of file diff --git a/system/core/Common.php b/system/core/Common.php index 9a35062a4..ae147461e 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -418,4 +418,4 @@ function _exception_handler($severity, $message, $filepath, $line) /* End of file Common.php */ -/* Location: ./system/codeigniter/Common.php */ \ No newline at end of file +/* Location: ./system/core/Common.php */ \ No newline at end of file diff --git a/system/core/Compat.php b/system/core/Compat.php index 40017a93b..1ccc811db 100644 --- a/system/core/Compat.php +++ b/system/core/Compat.php @@ -90,4 +90,4 @@ if ( ! function_exists('ctype_alnum')) } /* End of file Compat.php */ -/* Location: ./system/codeigniter/Compat.php */ \ No newline at end of file +/* Location: ./system/core/Compat.php */ \ No newline at end of file diff --git a/system/core/Config.php b/system/core/Config.php index 760120779..ab69c0720 100644 --- a/system/core/Config.php +++ b/system/core/Config.php @@ -241,4 +241,4 @@ class CI_Config { // END CI_Config class /* End of file Config.php */ -/* Location: ./system/libraries/Config.php */ \ No newline at end of file +/* Location: ./system/core/Config.php */ \ No newline at end of file diff --git a/system/core/Controller.php b/system/core/Controller.php index c5637c951..1b76d0daa 100644 --- a/system/core/Controller.php +++ b/system/core/Controller.php @@ -124,4 +124,4 @@ class Controller extends CI_Base { // END _Controller class /* End of file Controller.php */ -/* Location: ./system/libraries/Controller.php */ \ No newline at end of file +/* Location: ./system/core/Controller.php */ \ No newline at end of file diff --git a/system/core/Exceptions.php b/system/core/Exceptions.php index bd567ccdc..503015dfd 100644 --- a/system/core/Exceptions.php +++ b/system/core/Exceptions.php @@ -171,4 +171,4 @@ class CI_Exceptions { // END Exceptions Class /* End of file Exceptions.php */ -/* Location: ./system/libraries/Exceptions.php */ \ No newline at end of file +/* Location: ./system/core/Exceptions.php */ \ No newline at end of file diff --git a/system/core/Hooks.php b/system/core/Hooks.php index 6d736c3f6..2c12ffafd 100644 --- a/system/core/Hooks.php +++ b/system/core/Hooks.php @@ -223,4 +223,4 @@ class CI_Hooks { // END CI_Hooks class /* End of file Hooks.php */ -/* Location: ./system/libraries/Hooks.php */ \ No newline at end of file +/* Location: ./system/core/Hooks.php */ \ No newline at end of file diff --git a/system/core/Input.php b/system/core/Input.php index e736d2b8b..51c12a8a0 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -1064,4 +1064,4 @@ class CI_Input { // END Input class /* End of file Input.php */ -/* Location: ./system/libraries/Input.php */ \ No newline at end of file +/* Location: ./system/core/Input.php */ \ No newline at end of file diff --git a/system/core/Lang.php b/system/core/Lang.php index 515d04a40..bbecab645 100644 --- a/system/core/Lang.php +++ b/system/core/Lang.php @@ -120,4 +120,4 @@ class CI_Language { // END Language Class /* End of file Language.php */ -/* Location: ./system/libraries/Language.php */ \ No newline at end of file +/* Location: ./system/core/Language.php */ \ No newline at end of file diff --git a/system/core/Loader.php b/system/core/Loader.php index 2cd2e93b9..a30238c3e 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -1082,4 +1082,4 @@ class CI_Loader { } /* End of file Loader.php */ -/* Location: ./system/libraries/Loader.php */ \ No newline at end of file +/* Location: ./system/core/Loader.php */ \ No newline at end of file diff --git a/system/core/Model.php b/system/core/Model.php index e9c2d24d1..541f966b6 100644 --- a/system/core/Model.php +++ b/system/core/Model.php @@ -80,4 +80,4 @@ class Model { // END Model Class /* End of file Model.php */ -/* Location: ./system/libraries/Model.php */ \ No newline at end of file +/* Location: ./system/core/Model.php */ \ No newline at end of file diff --git a/system/core/Output.php b/system/core/Output.php index 6a9a11677..ea4b0e314 100644 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -406,4 +406,4 @@ class CI_Output { // END Output Class /* End of file Output.php */ -/* Location: ./system/libraries/Output.php */ \ No newline at end of file +/* Location: ./system/core/Output.php */ \ No newline at end of file diff --git a/system/core/Router.php b/system/core/Router.php index 20e69721d..32c1c3820 100644 --- a/system/core/Router.php +++ b/system/core/Router.php @@ -386,4 +386,4 @@ class CI_Router { // END Router Class /* End of file Router.php */ -/* Location: ./system/libraries/Router.php */ \ No newline at end of file +/* Location: ./system/core/Router.php */ \ No newline at end of file diff --git a/system/core/URI.php b/system/core/URI.php index 23efb38c1..77b814925 100644 --- a/system/core/URI.php +++ b/system/core/URI.php @@ -583,4 +583,4 @@ class CI_URI { // END URI Class /* End of file URI.php */ -/* Location: ./system/libraries/URI.php */ \ No newline at end of file +/* Location: ./system/core/URI.php */ \ No newline at end of file -- cgit v1.2.3-24-g4f1b From 98badc154c59a1018ada449ad7100bc97c4fbd52 Mon Sep 17 00:00:00 2001 From: Derek Jones Date: Tue, 2 Mar 2010 13:08:02 -0600 Subject: adding Unicode class to core --- system/core/Unicode.php | 165 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 165 insertions(+) create mode 100644 system/core/Unicode.php (limited to 'system/core') diff --git a/system/core/Unicode.php b/system/core/Unicode.php new file mode 100644 index 000000000..c8f1203f7 --- /dev/null +++ b/system/core/Unicode.php @@ -0,0 +1,165 @@ +item('charset') == 'UTF-8' // Application charset must be UTF-8 + ) + { + log_message('debug', "Unicode Class - UTF-8 Support Enabled"); + + define('UTF8_ENABLED', TRUE); + + // set internal encoding for multibyte string functions if necessary + // and set a flag so we don't have to repeatedly use extension_loaded() + // or function_exists() + if (extension_loaded('mbstring')) + { + define('MB_ENABLED', TRUE); + mb_internal_encoding('UTF-8'); + } + else + { + define('MB_ENABLED', FALSE); + } + } + else + { + log_message('debug', "Unicode Class - UTF-8 Support Disabled"); + define('UTF8_ENABLED', FALSE); + } + } + + // -------------------------------------------------------------------- + + /** + * Clean UTF-8 strings + * + * Ensures strings are UTF-8 + * + * @access public + * @param string + * @return string + */ + function clean_string($str) + { + if ($this->_is_ascii($str) === FALSE) + { + $str = @iconv('UTF-8', 'UTF-8//IGNORE', $str); + } + + return $str; + } + + // -------------------------------------------------------------------- + + /** + * Remove ASCII control characters + * + * Removes all ASCII control characters except horizontal tabs, + * line feeds, and carriage returns, as all others can cause + * problems in XML + * + * @access public + * @param string + * @return string + */ + function safe_ascii_for_xml($str) + { + return preg_replace('/[\x00-\x08\x0B\x0C\x0E-\x1F\x7F]+/S', '', $str); + } + + // -------------------------------------------------------------------- + + /** + * Convert to UTF-8 + * + * Attempts to convert a string to UTF-8 + * + * @access public + * @param string + * @param string - input encoding + * @return string + */ + function convert_to_utf8($str, $encoding) + { + if (function_exists('iconv')) + { + $str = @iconv($encoding, 'UTF-8', $str); + } + elseif (function_exists('mb_convert_encoding')) + { + $str = @mb_convert_encoding($str, 'UTF-8', $encoding); + } + else + { + return FALSE; + } + + return $str; + } + + // -------------------------------------------------------------------- + + /** + * Is ASCII? + * + * Tests if a string is standard 7-bit ASCII or not + * + * @access public + * @param string + * @return bool + */ + function _is_ascii($str) + { + return (preg_match('/[^\x00-\x7F]/S', $str) == 0); + } + + // -------------------------------------------------------------------- + +} +// End Unicode Class + +/* End of file Unicode.php */ +/* Location: ./system/core/Unicode.php */ \ No newline at end of file -- cgit v1.2.3-24-g4f1b From 218876c55d9d3f56c20675c4444f19433880878f Mon Sep 17 00:00:00 2001 From: Derek Jones Date: Tue, 2 Mar 2010 13:11:00 -0600 Subject: updating CodeIgniter.php init file --- system/core/CodeIgniter.php | 292 +++++++++++++++++++++++++++----------------- 1 file changed, 180 insertions(+), 112 deletions(-) (limited to 'system/core') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index 65c75a6c4..90cce1c6e 100644 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -16,7 +16,7 @@ // ------------------------------------------------------------------------ /** - * System Front Controller + * System Initialization File * * Loads the base classes and executes the request. * @@ -27,100 +27,177 @@ * @link http://codeigniter.com/user_guide/ */ -// CI Version -define('CI_VERSION', '1.7.2'); +/* + * ------------------------------------------------------ + * Define the CodeIgniter Version + * ------------------------------------------------------ + */ + define('CI_VERSION', '2.0'); /* * ------------------------------------------------------ * Load the global functions * ------------------------------------------------------ */ -require(BASEPATH.'codeigniter/Common'.EXT); + require(BASEPATH.'core/Common'.EXT); /* * ------------------------------------------------------ * Load the compatibility override functions * ------------------------------------------------------ */ -require(BASEPATH.'codeigniter/Compat'.EXT); + require(BASEPATH.'core/Compat'.EXT); /* * ------------------------------------------------------ * Load the framework constants * ------------------------------------------------------ */ -require(APPPATH.'config/constants'.EXT); + require(APPPATH.'config/constants'.EXT); /* * ------------------------------------------------------ * Define a custom error handler so we can log PHP errors * ------------------------------------------------------ */ -set_error_handler('_exception_handler'); + set_error_handler('_exception_handler'); + + if ( ! is_php('5.3')) + { + @set_magic_quotes_runtime(0); // Kill magic quotes + } -if ( ! is_php('5.3')) -{ - @set_magic_quotes_runtime(0); // Kill magic quotes -} + // Set a liberal script execution time limit + if (function_exists("set_time_limit") == TRUE AND @ini_get("safe_mode") == 0) + { + @set_time_limit(300); + } /* * ------------------------------------------------------ - * Start the timer... tick tock tick tock... + * Set the subclass_prefix * ------------------------------------------------------ + * + * Normally the "subclass_prefix" is set in the config file. + * The subclass prefix allows CI to know if a core class is + * being extended via a library in the local application + * "libraries" folder. Since CI allows config items to be + * overriden via data set in the main index. php file, + * before proceeding we need to know if a subclass_prefix + * override exists. If so, we will set this value now, + * before any classes are loaded + * Note: Since the config file data is cached it doesn't + * hurt to load it here. */ + if (isset($assign_to_config['subclass_prefix']) AND $assign_to_config['subclass_prefix'] != '') + { + get_config(array('subclass_prefix' => $assign_to_config['subclass_prefix'])); + } -$BM =& load_class('Benchmark'); -$BM->mark('total_execution_time_start'); -$BM->mark('loading_time_base_classes_start'); +/* + * ------------------------------------------------------ + * Start the timer... tick tock tick tock... + * ------------------------------------------------------ + */ + $BM =& load_class('Benchmark', 'core'); + $BM->mark('total_execution_time_start'); + $BM->mark('loading_time:_base_classes_start'); /* * ------------------------------------------------------ * Instantiate the hooks class * ------------------------------------------------------ */ - -$EXT =& load_class('Hooks'); + $EXT =& load_class('Hooks', 'core'); /* * ------------------------------------------------------ * Is there a "pre_system" hook? * ------------------------------------------------------ */ -$EXT->_call_hook('pre_system'); + $EXT->_call_hook('pre_system'); + +/* + * ------------------------------------------------------ + * Instantiate the config class + * ------------------------------------------------------ + */ + $CFG =& load_class('Config', 'core'); + + // Do we have any manually set config items in the index.php file? + if (isset($assign_to_config)) + { + $CFG->_assign_to_config($assign_to_config); + } + +/* + * ------------------------------------------------------ + * Instantiate the Unicode class + * ------------------------------------------------------ + * + * Note: Order here is rather important as the Unicode + * class needs to be used very early on, but it cannot + * properly determine if UTf-8 can be supported until + * after the Config class is instantiated. + * + */ + $UNI =& load_class('Unicode', 'core'); + /* * ------------------------------------------------------ - * Instantiate the base classes + * Instantiate the URI class * ------------------------------------------------------ */ + $URI =& load_class('URI', 'core'); -$CFG =& load_class('Config'); -$URI =& load_class('URI'); -$RTR =& load_class('Router'); -$OUT =& load_class('Output'); +/* + * ------------------------------------------------------ + * Instantiate the routing class and set the routing + * ------------------------------------------------------ + */ + $RTR =& load_class('Router', 'core'); + $RTR->_set_routing(); + + // Set any routing overrides that may exist in the main index file + if (isset($routing)) + { + $RTR->_set_overrides($routing); + } /* * ------------------------------------------------------ - * Is there a valid cache file? If so, we're done... + * Instantiate the output class * ------------------------------------------------------ */ + $OUT =& load_class('Output', 'core'); -if ($EXT->_call_hook('cache_override') === FALSE) -{ - if ($OUT->_display_cache($CFG, $URI) == TRUE) +/* + * ------------------------------------------------------ + * Is there a valid cache file? If so, we're done... + * ------------------------------------------------------ + */ + if ($EXT->_call_hook('cache_override') === FALSE) { - exit; + if ($OUT->_display_cache($CFG, $URI) == TRUE) + { + exit; + } } -} /* * ------------------------------------------------------ - * Load the remaining base classes + * Load the Input class and sanitize globals * ------------------------------------------------------ */ + $IN =& load_class('Input', 'core'); -$IN =& load_class('Input'); -$LANG =& load_class('Language'); +/* + * ------------------------------------------------------ + * Load the Language class + * ------------------------------------------------------ + */ + $LANG =& load_class('Lang', 'core'); /* * ------------------------------------------------------ @@ -131,35 +208,33 @@ $LANG =& load_class('Language'); * conditionally load different versions of the base * class. Retaining PHP 4 compatibility requires a bit of a hack. * - * Note: The Loader class needs to be included first - * */ -if ( ! is_php('5.0.0')) -{ - load_class('Loader', FALSE); - require(BASEPATH.'codeigniter/Base4'.EXT); -} -else -{ - require(BASEPATH.'codeigniter/Base5'.EXT); -} - -// Load the base controller class -load_class('Controller', FALSE); - -// Load the local application controller -// Note: The Router class automatically validates the controller path. If this include fails it -// means that the default controller in the Routes.php file is not resolving to something valid. -if ( ! file_exists(APPPATH.'controllers/'.$RTR->fetch_directory().$RTR->fetch_class().EXT)) -{ - show_error('Unable to load your default controller. Please make sure the controller specified in your Routes.php file is valid.'); -} - -include(APPPATH.'controllers/'.$RTR->fetch_directory().$RTR->fetch_class().EXT); - -// Set a mark point for benchmarking -$BM->mark('loading_time_base_classes_end'); - + if (is_php('5.0.0') == TRUE) + { + require(BASEPATH.'core/Base5'.EXT); + } + else + { + // The Loader class needs to be included first when running PHP 4.x + load_class('Loader', 'core'); + require(BASEPATH.'core/Base4'.EXT); + } + + // Load the base controller class + require BASEPATH.'core/Controller'.EXT; + + // Load the local application controller + // Note: The Router class automatically validates the controller path using the router->_validate_request(). + // If this include fails it means that the default controller in the Routes.php file is not resolving to something valid. + if ( ! file_exists(APPPATH.'controllers/'.$RTR->fetch_directory().$RTR->fetch_class().EXT)) + { + show_error('Unable to load your default controller. Please make sure the controller specified in your Routes.php file is valid.'); + } + + include(APPPATH.'controllers/'.$RTR->fetch_directory().$RTR->fetch_class().EXT); + + // Set a mark point for benchmarking + $BM->mark('loading_time:_base_classes_end'); /* * ------------------------------------------------------ @@ -170,54 +245,48 @@ $BM->mark('loading_time_base_classes_end'); * loader class can be called via the URI, nor can * controller functions that begin with an underscore */ -$class = $RTR->fetch_class(); -$method = $RTR->fetch_method(); - -if ( ! class_exists($class) - OR $method == 'controller' - OR strncmp($method, '_', 1) == 0 - OR in_array(strtolower($method), array_map('strtolower', get_class_methods('Controller'))) - ) -{ - show_404("{$class}/{$method}"); -} + $class = $RTR->fetch_class(); + $method = $RTR->fetch_method(); + + if ( ! class_exists($class) + OR $method == 'controller' + OR strncmp($method, '_', 1) == 0 + OR in_array(strtolower($method), array_map('strtolower', get_class_methods('Controller'))) + ) + { + show_404("{$class}/{$method}"); + } /* * ------------------------------------------------------ * Is there a "pre_controller" hook? * ------------------------------------------------------ */ -$EXT->_call_hook('pre_controller'); + $EXT->_call_hook('pre_controller'); /* * ------------------------------------------------------ - * Instantiate the controller and call requested method + * Instantiate the requested controller * ------------------------------------------------------ */ + // Mark a start point so we can benchmark the controller + $BM->mark('controller_execution_time_( '.$class.' / '.$method.' )_start'); + + $CI = new $class(); -// Mark a start point so we can benchmark the controller -$BM->mark('controller_execution_time_( '.$class.' / '.$method.' )_start'); - -$CI = new $class(); - -// Is this a scaffolding request? -if ($RTR->scaffolding_request === TRUE) -{ - if ($EXT->_call_hook('scaffolding_override') === FALSE) - { - $CI->_ci_scaffolding(); - } -} -else -{ - /* - * ------------------------------------------------------ - * Is there a "post_controller_constructor" hook? - * ------------------------------------------------------ - */ +/* + * ------------------------------------------------------ + * Is there a "post_controller_constructor" hook? + * ------------------------------------------------------ + */ $EXT->_call_hook('post_controller_constructor'); - - // Is there a "remap" function? + +/* + * ------------------------------------------------------ + * Call the requested method + * ------------------------------------------------------ + */ + // Is there a "remap" function? If so, we call it instead if (method_exists($CI, '_remap')) { $CI->_remap($method); @@ -232,48 +301,47 @@ else } // Call the requested method. - // Any URI segments present (besides the class/function) will be passed to the method for convenience - call_user_func_array(array(&$CI, $method), array_slice($URI->rsegments, 2)); + // Any URI segments present (besides the class/function) will be passed to the method for convenience + call_user_func_array(array(&$CI, $method), array_slice($URI->rsegments, 2)); } -} -// Mark a benchmark end point -$BM->mark('controller_execution_time_( '.$class.' / '.$method.' )_end'); + + // Mark a benchmark end point + $BM->mark('controller_execution_time_( '.$class.' / '.$method.' )_end'); /* * ------------------------------------------------------ * Is there a "post_controller" hook? * ------------------------------------------------------ */ -$EXT->_call_hook('post_controller'); + $EXT->_call_hook('post_controller'); /* * ------------------------------------------------------ * Send the final rendered output to the browser * ------------------------------------------------------ */ - -if ($EXT->_call_hook('display_override') === FALSE) -{ - $OUT->_display(); -} - + if ($EXT->_call_hook('display_override') === FALSE) + { + $OUT->_display(); + } + /* * ------------------------------------------------------ * Is there a "post_system" hook? * ------------------------------------------------------ */ -$EXT->_call_hook('post_system'); + $EXT->_call_hook('post_system'); /* * ------------------------------------------------------ * Close the DB connection if one exists * ------------------------------------------------------ */ -if (class_exists('CI_DB') AND isset($CI->db)) -{ - $CI->db->close(); -} + if (class_exists('CI_DB') AND isset($CI->db)) + { + $CI->db->close(); + } /* End of file CodeIgniter.php */ -- cgit v1.2.3-24-g4f1b From dc8e9ea8e559d7193492e94ccdcbe18bdd8173e4 Mon Sep 17 00:00:00 2001 From: Derek Jones Date: Tue, 2 Mar 2010 13:17:19 -0600 Subject: updated Common functions - whitespace formatting - load_class() changes for new structure --- system/core/Common.php | 528 +++++++++++++++++++++++++++---------------------- 1 file changed, 296 insertions(+), 232 deletions(-) (limited to 'system/core') diff --git a/system/core/Common.php b/system/core/Common.php index ae147461e..47293a11b 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -15,6 +15,20 @@ // ------------------------------------------------------------------------ +/** + * Common Functions + * + * Loads the base classes and executes the request. + * + * @package CodeIgniter + * @subpackage codeigniter + * @category Common Functions + * @author ExpressionEngine Dev Team + * @link http://codeigniter.com/user_guide/ + */ + +// ------------------------------------------------------------------------ + /** * Determines if the current version of PHP is greater then the supplied value * @@ -23,20 +37,20 @@ * * @access public * @param string -* @return bool +* @return bool TRUE if the current version is $version or higher */ -function is_php($version = '5.0.0') -{ - static $_is_php; - $version = (string)$version; - - if ( ! isset($_is_php[$version])) + function is_php($version = '5.0.0') { - $_is_php[$version] = (version_compare(PHP_VERSION, $version) < 0) ? FALSE : TRUE; - } + static $_is_php; + $version = (string)$version; + + if ( ! isset($_is_php[$version])) + { + $_is_php[$version] = (version_compare(PHP_VERSION, $version) < 0) ? FALSE : TRUE; + } - return $_is_php[$version]; -} + return $_is_php[$version]; + } // ------------------------------------------------------------------------ @@ -45,43 +59,43 @@ function is_php($version = '5.0.0') * * is_writable() returns TRUE on Windows servers when you really can't write to * the file, based on the read-only attribute. is_writable() is also unreliable - * on Unix servers if safe_mode is on. + * on Unix servers if safe_mode is on. * * @access private * @return void - */ -function is_really_writable($file) -{ - // If we're on a Unix server with safe_mode off we call is_writable - if (DIRECTORY_SEPARATOR == '/' AND @ini_get("safe_mode") == FALSE) + */ + function is_really_writable($file) { - return is_writable($file); - } + // If we're on a Unix server with safe_mode off we call is_writable + if (DIRECTORY_SEPARATOR == '/' AND @ini_get("safe_mode") == FALSE) + { + return is_writable($file); + } - // For windows servers and safe_mode "on" installations we'll actually - // write a file then read it. Bah... - if (is_dir($file)) - { - $file = rtrim($file, '/').'/'.md5(mt_rand(1,100).mt_rand(1,100)); + // For windows servers and safe_mode "on" installations we'll actually + // write a file then read it. Bah... + if (is_dir($file)) + { + $file = rtrim($file, '/').'/'.md5(mt_rand(1,100).mt_rand(1,100)); - if (($fp = @fopen($file, FOPEN_WRITE_CREATE)) === FALSE) + if (($fp = @fopen($file, FOPEN_WRITE_CREATE)) === FALSE) + { + return FALSE; + } + + fclose($fp); + @chmod($file, DIR_WRITE_MODE); + @unlink($file); + return TRUE; + } + elseif (($fp = @fopen($file, FOPEN_WRITE_CREATE)) === FALSE) { return FALSE; } fclose($fp); - @chmod($file, DIR_WRITE_MODE); - @unlink($file); return TRUE; } - elseif (($fp = @fopen($file, FOPEN_WRITE_CREATE)) === FALSE) - { - return FALSE; - } - - fclose($fp); - return TRUE; -} // ------------------------------------------------------------------------ @@ -94,60 +108,66 @@ function is_really_writable($file) * * @access public * @param string the class name being requested -* @param bool optional flag that lets classes get loaded but not instantiated +* @param string the directory where the class should be found +* @param string the class name prefix * @return object */ -function &load_class($class, $instantiate = TRUE) -{ - static $objects = array(); - - // Does the class exist? If so, we're done... - if (isset($objects[$class])) + function &load_class($class, $directory = 'libraries', $prefix = 'CI_') { - return $objects[$class]; - } - - // If the requested class does not exist in the application/libraries - // folder we'll load the native class from the system/libraries folder. - if (file_exists(APPPATH.'libraries/'.config_item('subclass_prefix').$class.EXT)) - { - require(BASEPATH.'libraries/'.$class.EXT); - require(APPPATH.'libraries/'.config_item('subclass_prefix').$class.EXT); - $is_subclass = TRUE; - } - else - { - if (file_exists(APPPATH.'libraries/'.$class.EXT)) + static $_classes = array(); + + // Does the class exist? If so, we're done... + if (isset($_classes[$class])) { - require(APPPATH.'libraries/'.$class.EXT); - $is_subclass = FALSE; + return $_classes[$class]; } - else - { - require(BASEPATH.'libraries/'.$class.EXT); - $is_subclass = FALSE; + + $name = FALSE; + + // Look for the class first in the native system/libraries folder + // thenin the local application/libraries folder + foreach (array(BASEPATH, APPPATH) as $path) + { + if (file_exists($path.$directory.'/'.$class.EXT)) + { + $name = $prefix.$class; + + if (class_exists($name) === FALSE) + { + require($path.$directory.'/'.$class.EXT); + } + + break; + } } - } - if ($instantiate == FALSE) - { - $objects[$class] = TRUE; - return $objects[$class]; - } + // Is the request a class extension? If so we load it too + if (file_exists(APPPATH.'libraries/'.config_item('subclass_prefix').$class.EXT)) + { + $name = config_item('subclass_prefix').$class; + + if (class_exists($name) === FALSE) + { + require(APPPATH.'libraries/'.config_item('subclass_prefix').$class.EXT); + } + } - if ($is_subclass == TRUE) - { - $name = config_item('subclass_prefix').$class; + // Did we find the class? + if ($name === FALSE) + { + // Note: We use exit() rather then show_error() in order to avoid a + // self-referencing loop with the Excptions class + exit('Unable to locate the specified class: '.$class.EXT); + } - $objects[$class] =& instantiate_class(new $name()); - return $objects[$class]; - } + // Keep track of what we just loaded + is_loaded($class); - $name = ($class != 'Controller') ? 'CI_'.$class : $class; + $_classes[$class] =& instantiate_class(new $name()); + return $_classes[$class]; + } - $objects[$class] =& instantiate_class(new $name()); - return $objects[$class]; -} +// ------------------------------------------------------------------------ /** * Instantiate Class @@ -161,64 +181,110 @@ function &load_class($class, $instantiate = TRUE) * @param object * @return object */ -function &instantiate_class(&$class_object) -{ - return $class_object; -} + function &instantiate_class(&$class_object) + { + return $class_object; + } + +// -------------------------------------------------------------------- + +/** +* Keeps track of which libraries have been loaded. This function is +* called by the load_class() function above +* +* @access public +* @return array +*/ + function is_loaded($class = '') + { + static $_is_loaded = array(); + + if ($class != '') + { + $_is_loaded[strtolower($class)] = $class; + } + + return $_is_loaded; + } + +// ------------------------------------------------------------------------ /** * Loads the main config.php file * +* This function lets us grab the config file even if the Config class +* hasn't been instantiated yet +* * @access private * @return array */ -function &get_config() -{ - static $main_conf; - - if ( ! isset($main_conf)) + function &get_config($replace = array()) { + static $_config; + + if (isset($_config)) + { + return $_config[0]; + } + + // Fetch the config file if ( ! file_exists(APPPATH.'config/config'.EXT)) { - exit('The configuration file config'.EXT.' does not exist.'); + exit('The configuration file does not exist.'); + } + else + { + require(APPPATH.'config/config'.EXT); } - require(APPPATH.'config/config'.EXT); - + // Does the $config array exist in the file? if ( ! isset($config) OR ! is_array($config)) { exit('Your config file does not appear to be formatted correctly.'); } - $main_conf[0] =& $config; + // Are any values being dynamically replaced? + if (count($replace) > 0) + { + foreach ($replace as $key => $val) + { + if (isset($config[$key])) + { + $config[$key] = $val; + } + } + } + + return $_config[0] =& $config; } - return $main_conf[0]; -} + +// ------------------------------------------------------------------------ /** -* Gets a config item +* Returns the specified config item * * @access public * @return mixed */ -function config_item($item) -{ - static $config_item = array(); - - if ( ! isset($config_item[$item])) + function config_item($item) { - $config =& get_config(); - - if ( ! isset($config[$item])) + static $_config_item = array(); + + if ( ! isset($_config_item[$item])) { - return FALSE; + $config =& get_config(); + + if ( ! isset($config[$item])) + { + return FALSE; + } + $_config_item[$item] = $config[$item]; } - $config_item[$item] = $config[$item]; + + return $_config_item[$item]; } - return $config_item[$item]; -} - +// ------------------------------------------------------------------------ /** * Error Handler @@ -232,13 +298,14 @@ function config_item($item) * @access public * @return void */ -function show_error($message, $status_code = 500) -{ - $error =& load_class('Exceptions'); - echo $error->show_error('An Error Was Encountered', $message, 'error_general', $status_code); - exit; -} + function show_error($message, $status_code = 500, $heading = 'An Error Was Encountered') + { + $_error =& load_class('Exceptions', 'core'); + echo $_error->show_error($heading, $message, 'error_general', $status_code); + exit; + } +// ------------------------------------------------------------------------ /** * 404 Page Handler @@ -250,13 +317,14 @@ function show_error($message, $status_code = 500) * @access public * @return void */ -function show_404($page = '') -{ - $error =& load_class('Exceptions'); - $error->show_404($page); - exit; -} + function show_404($page = '') + { + $_error =& load_class('Exceptions', 'core'); + $_error->show_404($page); + exit; + } +// ------------------------------------------------------------------------ /** * Error Logging Interface @@ -267,20 +335,20 @@ function show_404($page = '') * @access public * @return void */ -function log_message($level = 'error', $message, $php_error = FALSE) -{ - static $LOG; - - $config =& get_config(); - if ($config['log_threshold'] == 0) + function log_message($level = 'error', $message, $php_error = FALSE) { - return; - } + static $_log; - $LOG =& load_class('Log'); - $LOG->write_log($level, $message, $php_error); -} + if (config_item('log_threshold') == 0) + { + return; + } + + $_log =& load_class('Log'); + $_log->write_log($level, $message, $php_error); + } +// ------------------------------------------------------------------------ /** * Set HTTP Status Header @@ -289,89 +357,90 @@ function log_message($level = 'error', $message, $php_error = FALSE) * @param int the status code * @param string * @return void - */ -function set_status_header($code = 200, $text = '') -{ - $stati = array( - 200 => 'OK', - 201 => 'Created', - 202 => 'Accepted', - 203 => 'Non-Authoritative Information', - 204 => 'No Content', - 205 => 'Reset Content', - 206 => 'Partial Content', - - 300 => 'Multiple Choices', - 301 => 'Moved Permanently', - 302 => 'Found', - 304 => 'Not Modified', - 305 => 'Use Proxy', - 307 => 'Temporary Redirect', - - 400 => 'Bad Request', - 401 => 'Unauthorized', - 403 => 'Forbidden', - 404 => 'Not Found', - 405 => 'Method Not Allowed', - 406 => 'Not Acceptable', - 407 => 'Proxy Authentication Required', - 408 => 'Request Timeout', - 409 => 'Conflict', - 410 => 'Gone', - 411 => 'Length Required', - 412 => 'Precondition Failed', - 413 => 'Request Entity Too Large', - 414 => 'Request-URI Too Long', - 415 => 'Unsupported Media Type', - 416 => 'Requested Range Not Satisfiable', - 417 => 'Expectation Failed', - - 500 => 'Internal Server Error', - 501 => 'Not Implemented', - 502 => 'Bad Gateway', - 503 => 'Service Unavailable', - 504 => 'Gateway Timeout', - 505 => 'HTTP Version Not Supported' - ); - - if ($code == '' OR ! is_numeric($code)) + */ + function set_status_header($code = 200, $text = '') { - show_error('Status codes must be numeric', 500); - } + $stati = array( + 200 => 'OK', + 201 => 'Created', + 202 => 'Accepted', + 203 => 'Non-Authoritative Information', + 204 => 'No Content', + 205 => 'Reset Content', + 206 => 'Partial Content', + + 300 => 'Multiple Choices', + 301 => 'Moved Permanently', + 302 => 'Found', + 304 => 'Not Modified', + 305 => 'Use Proxy', + 307 => 'Temporary Redirect', + + 400 => 'Bad Request', + 401 => 'Unauthorized', + 403 => 'Forbidden', + 404 => 'Not Found', + 405 => 'Method Not Allowed', + 406 => 'Not Acceptable', + 407 => 'Proxy Authentication Required', + 408 => 'Request Timeout', + 409 => 'Conflict', + 410 => 'Gone', + 411 => 'Length Required', + 412 => 'Precondition Failed', + 413 => 'Request Entity Too Large', + 414 => 'Request-URI Too Long', + 415 => 'Unsupported Media Type', + 416 => 'Requested Range Not Satisfiable', + 417 => 'Expectation Failed', + + 500 => 'Internal Server Error', + 501 => 'Not Implemented', + 502 => 'Bad Gateway', + 503 => 'Service Unavailable', + 504 => 'Gateway Timeout', + 505 => 'HTTP Version Not Supported' + ); + + if ($code == '' OR ! is_numeric($code)) + { + show_error('Status codes must be numeric', 500); + } - if (isset($stati[$code]) AND $text == '') - { - $text = $stati[$code]; - } + if (isset($stati[$code]) AND $text == '') + { + $text = $stati[$code]; + } - if ($text == '') - { - show_error('No status text available. Please check your status code number or supply your own message text.', 500); - } + if ($text == '') + { + show_error('No status text available. Please check your status code number or supply your own message text.', 500); + } - $server_protocol = (isset($_SERVER['SERVER_PROTOCOL'])) ? $_SERVER['SERVER_PROTOCOL'] : FALSE; + $server_protocol = (isset($_SERVER['SERVER_PROTOCOL'])) ? $_SERVER['SERVER_PROTOCOL'] : FALSE; - if (substr(php_sapi_name(), 0, 3) == 'cgi') - { - header("Status: {$code} {$text}", TRUE); - } - elseif ($server_protocol == 'HTTP/1.1' OR $server_protocol == 'HTTP/1.0') - { - header($server_protocol." {$code} {$text}", TRUE, $code); - } - else - { - header("HTTP/1.1 {$code} {$text}", TRUE, $code); + if (substr(php_sapi_name(), 0, 3) == 'cgi') + { + header("Status: {$code} {$text}", TRUE); + } + elseif ($server_protocol == 'HTTP/1.1' OR $server_protocol == 'HTTP/1.0') + { + header($server_protocol." {$code} {$text}", TRUE, $code); + } + else + { + header("HTTP/1.1 {$code} {$text}", TRUE, $code); + } } -} - + +// -------------------------------------------------------------------- /** * Exception Handler * * This is the custom exception handler that is declaired at the top -* of Codeigniter.php. The main reason we use this is permit -* PHP errors to be logged in our own log files since we may +* of Codeigniter.php. The main reason we use this is to permit +* PHP errors to be logged in our own log files since the user may * not have access to server logs. Since this function * effectively intercepts PHP errors, however, we also need * to display errors based on the current error_reporting level. @@ -380,41 +449,36 @@ function set_status_header($code = 200, $text = '') * @access private * @return void */ -function _exception_handler($severity, $message, $filepath, $line) -{ - // We don't bother with "strict" notices since they will fill up - // the log file with information that isn't normally very - // helpful. For example, if you are running PHP 5 and you - // use version 4 style class functions (without prefixes - // like "public", "private", etc.) you'll get notices telling - // you that these have been deprecated. + function _exception_handler($severity, $message, $filepath, $line) + { + // We don't bother with "strict" notices since they tend to fill up + // the log file with excess information that isn't normally very helpful. + // For example, if you are running PHP 5 and you use version 4 style + // class functions (without prefixes like "public", "private", etc.) + // you'll get notices telling you that these have been deprecated. + if ($severity == E_STRICT) + { + return; + } - if ($severity == E_STRICT) - { - return; - } - - $error =& load_class('Exceptions'); - - // Should we display the error? - // We'll get the current error_reporting level and add its bits - // with the severity bits to find out. + $_error =& load_class('Exceptions', 'core'); - if (($severity & error_reporting()) == $severity) - { - $error->show_php_error($severity, $message, $filepath, $line); - } + // Should we display the error? We'll get the current error_reporting + // level and add its bits with the severity bits to find out. + if (($severity & error_reporting()) == $severity) + { + $_error->show_php_error($severity, $message, $filepath, $line); + } + + // Should we log the error? No? We're done... + if (config_item('log_threshold') == 0) + { + return; + } - // Should we log the error? No? We're done... - $config =& get_config(); - if ($config['log_threshold'] == 0) - { - return; + $_error->log_exception($severity, $message, $filepath, $line); } - $error->log_exception($severity, $message, $filepath, $line); -} - /* End of file Common.php */ -- cgit v1.2.3-24-g4f1b From 7ec1310547af2a624b53f51a07231fe022b0664b Mon Sep 17 00:00:00 2001 From: Derek Jones Date: Tue, 2 Mar 2010 13:18:39 -0600 Subject: whitespace and doc block update to Compat functions --- system/core/Compat.php | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Compat.php b/system/core/Compat.php index 1ccc811db..06e5e78de 100644 --- a/system/core/Compat.php +++ b/system/core/Compat.php @@ -24,7 +24,7 @@ * @package CodeIgniter * @subpackage codeigniter * @category Compatibility Functions - * @author ExpressionEngine Development Team + * @author ExpressionEngine Dev Team * @link http://codeigniter.com/user_guide/ */ @@ -89,5 +89,8 @@ if ( ! function_exists('ctype_alnum')) } } +// -------------------------------------------------------------------- + + /* End of file Compat.php */ /* Location: ./system/core/Compat.php */ \ No newline at end of file -- cgit v1.2.3-24-g4f1b From 6d743e2be06efe133a3372389ac4d35d2a94e2a6 Mon Sep 17 00:00:00 2001 From: Derek Jones Date: Tue, 2 Mar 2010 13:22:03 -0600 Subject: added config paths class property added assign_to_config() method to override config items via index.php files --- system/core/Config.php | 143 ++++++++++++++++++++++++++++++++++++------------- 1 file changed, 107 insertions(+), 36 deletions(-) (limited to 'system/core') diff --git a/system/core/Config.php b/system/core/Config.php index ab69c0720..7e0443c1f 100644 --- a/system/core/Config.php +++ b/system/core/Config.php @@ -30,6 +30,7 @@ class CI_Config { var $config = array(); var $is_loaded = array(); + var $_config_paths = array(APPPATH); /** * Constructor @@ -44,7 +45,7 @@ class CI_Config { */ function CI_Config() { - $this->config =& get_config(); + $this->config =& get_config(); log_message('debug', "Config Class Initialized"); } @@ -60,52 +61,66 @@ class CI_Config { function load($file = '', $use_sections = FALSE, $fail_gracefully = FALSE) { $file = ($file == '') ? 'config' : str_replace(EXT, '', $file); + $loaded = FALSE; - if (in_array($file, $this->is_loaded, TRUE)) + foreach($this->_config_paths as $path) { - return TRUE; - } - - if ( ! file_exists(APPPATH.'config/'.$file.EXT)) - { - if ($fail_gracefully === TRUE) + $file_path = $path.'config/'.$file.EXT; + + if (in_array($file_path, $this->is_loaded, TRUE)) { - return FALSE; + $loaded = TRUE; + continue; } - show_error('The configuration file '.$file.EXT.' does not exist.'); - } - - include(APPPATH.'config/'.$file.EXT); - if ( ! isset($config) OR ! is_array($config)) - { - if ($fail_gracefully === TRUE) + if ( ! file_exists($path.'config/'.$file.EXT)) { - return FALSE; + continue; } - show_error('Your '.$file.EXT.' file does not appear to contain a valid configuration array.'); - } + + include($file_path); - if ($use_sections === TRUE) - { - if (isset($this->config[$file])) + if ( ! isset($config) OR ! is_array($config)) + { + if ($fail_gracefully === TRUE) + { + return FALSE; + } + show_error('Your '.$file_path.' file does not appear to contain a valid configuration array.'); + } + + if ($use_sections === TRUE) { - $this->config[$file] = array_merge($this->config[$file], $config); + if (isset($this->config[$file])) + { + $this->config[$file] = array_merge($this->config[$file], $config); + } + else + { + $this->config[$file] = $config; + } } else { - $this->config[$file] = $config; + $this->config = array_merge($this->config, $config); } + + $this->is_loaded[] = $file_path; + unset($config); + + $loaded = TRUE; + log_message('debug', 'Config file loaded: '.$file_path); } - else + + if ($loaded === FALSE) { - $this->config = array_merge($this->config, $config); + if ($fail_gracefully === TRUE) + { + return FALSE; + } + show_error('The configuration file '.$file.EXT.' does not exist.'); } - $this->is_loaded[] = $file; - unset($config); - - log_message('debug', 'Config file loaded: config/'.$file.EXT); return TRUE; } @@ -191,19 +206,52 @@ class CI_Config { */ function site_url($uri = '') { - if (is_array($uri)) + if ($uri == '') { - $uri = implode('/', $uri); + if ($this->item('base_url') == '') + { + return $this->item('index_page'); + } + else + { + return $this->slash_item('base_url').$this->item('index_page'); + } } - if ($uri == '') + if ($this->item('enable_query_strings') == FALSE) { - return $this->slash_item('base_url').$this->item('index_page'); + if (is_array($uri)) + { + $uri = implode('/', $uri); + } + + $suffix = ($this->item('url_suffix') == FALSE) ? '' : $this->item('url_suffix'); + return $this->slash_item('base_url').$this->slash_item('index_page').trim($uri, '/').$suffix; } else { - $suffix = ($this->item('url_suffix') == FALSE) ? '' : $this->item('url_suffix'); - return $this->slash_item('base_url').$this->slash_item('index_page').trim($uri, '/').$suffix; + if (is_array($uri)) + { + $i = 0; + $str = ''; + foreach ($uri as $key => $val) + { + $prefix = ($i == 0) ? '' : '&'; + $str .= $prefix.$key.'='.$val; + $i++; + } + + $uri = $str; + } + + if ($this->item('base_url') == '') + { + return $this->item('index_page').'?'.$uri; + } + else + { + return $this->slash_item('base_url').$this->item('index_page').'?'.$uri; + } } } @@ -235,7 +283,30 @@ class CI_Config { { $this->config[$item] = $value; } + + // -------------------------------------------------------------------- + /** + * Assign to Config + * + * This function is called by the front controller (CodeIgniter.php) + * after the Config class is instantiated. It permits config items + * to be assigned or overriden by variables contained in the index.php file + * + * @access private + * @param array + * @return void + */ + function _assign_to_config($items = array()) + { + if (is_array($items)) + { + foreach ($items as $key => $val) + { + $this->set_item($key, $val); + } + } + } } // END CI_Config class -- cgit v1.2.3-24-g4f1b From 8f9f977c407bfcfc893f418d4c62d91d33d83fe8 Mon Sep 17 00:00:00 2001 From: Derek Jones Date: Tue, 2 Mar 2010 13:28:24 -0600 Subject: killed scaffolding from Controller class reworked to use is_loaded() and is_php() from Common added PHP4 tag --- system/core/Controller.php | 70 ++++++++-------------------------------------- 1 file changed, 12 insertions(+), 58 deletions(-) (limited to 'system/core') diff --git a/system/core/Controller.php b/system/core/Controller.php index 1b76d0daa..2e44500a6 100644 --- a/system/core/Controller.php +++ b/system/core/Controller.php @@ -18,7 +18,7 @@ /** * CodeIgniter Application Controller Class * - * This class object is the super class that every library in + * This class object is the super class the every library in * CodeIgniter will be assigned to. * * @package CodeIgniter @@ -28,9 +28,6 @@ * @link http://codeigniter.com/user_guide/general/controllers.html */ class Controller extends CI_Base { - - var $_ci_scaffolding = FALSE; - var $_ci_scaff_table = FALSE; /** * Constructor @@ -40,46 +37,23 @@ class Controller extends CI_Base { function Controller() { parent::CI_Base(); - $this->_ci_initialize(); - log_message('debug', "Controller Class Initialized"); - } - // -------------------------------------------------------------------- - - /** - * Initialize - * - * Assigns all the bases classes loaded by the front controller to - * variables in this class. Also calls the autoload routine. - * - * @access private - * @return void - */ - function _ci_initialize() - { // Assign all the class objects that were instantiated by the - // front controller to local class variables so that CI can be - // run as one big super object. - $classes = array( - 'config' => 'Config', - 'input' => 'Input', - 'benchmark' => 'Benchmark', - 'uri' => 'URI', - 'output' => 'Output', - 'lang' => 'Language', - 'router' => 'Router' - ); - - foreach ($classes as $var => $class) + // bootstrap file (CodeIgniter.php) to local class variables + // so that CI can run as one big super object. + foreach (is_loaded() as $var => $class) { $this->$var =& load_class($class); } // In PHP 5 the Loader class is run as a discreet - // class. In PHP 4 it extends the Controller - if (floor(phpversion()) >= 5) + // class. In PHP 4 it extends the Controller @PHP4 + if (is_php('5.0.0') == TRUE) { - $this->load =& load_class('Loader'); + $this->load =& load_class('Loader', 'core'); + + $this->load->_base_classes =& is_loaded(); + $this->load->_ci_autoloader(); } else @@ -95,31 +69,11 @@ class Controller extends CI_Base { } } } - } - - // -------------------------------------------------------------------- - - /** - * Run Scaffolding - * - * @access private - * @return void - */ - function _ci_scaffolding() - { - if ($this->_ci_scaffolding === FALSE OR $this->_ci_scaff_table === FALSE) - { - show_404('Scaffolding unavailable'); - } - - $method = ( ! in_array($this->uri->segment(3), array('add', 'insert', 'edit', 'update', 'view', 'delete', 'do_delete'), TRUE)) ? 'view' : $this->uri->segment(3); + + log_message('debug', "Controller Class Initialized"); - require_once(BASEPATH.'scaffolding/Scaffolding'.EXT); - $scaff = new Scaffolding($this->_ci_scaff_table); - $scaff->$method(); } - } // END _Controller class -- cgit v1.2.3-24-g4f1b From ac2b24776fc92800585005f0db2ef82463847c81 Mon Sep 17 00:00:00 2001 From: Derek Jones Date: Tue, 2 Mar 2010 13:29:14 -0600 Subject: added @PHP4 tags to Compat functions --- system/core/Compat.php | 3 +++ 1 file changed, 3 insertions(+) (limited to 'system/core') diff --git a/system/core/Compat.php b/system/core/Compat.php index 06e5e78de..088d5815a 100644 --- a/system/core/Compat.php +++ b/system/core/Compat.php @@ -34,6 +34,7 @@ * PHP versions prior to 5.0 don't support the E_STRICT constant * so we need to explicitly define it otherwise the Exception class * will generate errors when running under PHP 4 + * @PHP4 * */ if ( ! defined('E_STRICT')) @@ -46,6 +47,7 @@ if ( ! defined('E_STRICT')) * * Determines if a string is comprised only of digits * http://us.php.net/manual/en/function.ctype_digit.php + * @PHP4 * * @access public * @param string @@ -71,6 +73,7 @@ if ( ! function_exists('ctype_digit')) * * Determines if a string is comprised of only alphanumeric characters * http://us.php.net/manual/en/function.ctype-alnum.php + * @PHP4 * * @access public * @param string -- cgit v1.2.3-24-g4f1b From 1efda7bc21582c6d0b6409e1f9a37d58e2d79571 Mon Sep 17 00:00:00 2001 From: Derek Jones Date: Tue, 2 Mar 2010 13:30:20 -0600 Subject: @PHP4 tags to CodeIgniter.php --- system/core/CodeIgniter.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index 90cce1c6e..488f9f3ce 100644 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -207,7 +207,8 @@ * Note: Due to the poor object handling in PHP 4 we'll * conditionally load different versions of the base * class. Retaining PHP 4 compatibility requires a bit of a hack. - * + * @PHP4 + * */ if (is_php('5.0.0') == TRUE) { -- cgit v1.2.3-24-g4f1b From d7055aaf8fed8120db13ae29f0da3fe45b725008 Mon Sep 17 00:00:00 2001 From: Derek Jones Date: Tue, 2 Mar 2010 13:32:57 -0600 Subject: adding @PHP4 tags to Base classes --- system/core/Base4.php | 3 ++- system/core/Base5.php | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) (limited to 'system/core') diff --git a/system/core/Base4.php b/system/core/Base4.php index 24474830c..bd0434158 100644 --- a/system/core/Base4.php +++ b/system/core/Base4.php @@ -31,7 +31,8 @@ * * Since PHP 5 doesn't suffer from this problem so we load one of * two files based on the version of PHP being run. - * + * @PHP4 + * * @package CodeIgniter * @subpackage codeigniter * @category front-controller diff --git a/system/core/Base5.php b/system/core/Base5.php index 86e3513c7..6f2fbdab0 100644 --- a/system/core/Base5.php +++ b/system/core/Base5.php @@ -22,7 +22,8 @@ * This file contains some code used only when CodeIgniter is being * run under PHP 5. It allows us to manage the CI super object more * gracefully than what is possible with PHP 4. - * + * @PHP4 (no need for separate Bases after PHP 4 is gone) + * * @package CodeIgniter * @subpackage codeigniter * @category front-controller -- cgit v1.2.3-24-g4f1b From 6f4d17fa4a9987c37c615413b1e98b77f0407416 Mon Sep 17 00:00:00 2001 From: Derek Jones Date: Tue, 2 Mar 2010 13:34:23 -0600 Subject: update Hooks to use load_class() from core --- system/core/Hooks.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'system/core') diff --git a/system/core/Hooks.php b/system/core/Hooks.php index 2c12ffafd..5e017ccb7 100644 --- a/system/core/Hooks.php +++ b/system/core/Hooks.php @@ -18,8 +18,7 @@ /** * CodeIgniter Hooks Class * - * Provides a mechanism to extend the base system without hacking. Most of - * this class is borrowed from Paul's Extension class in ExpressionEngine. + * Provides a mechanism to extend the base system without hacking. * * @package CodeIgniter * @subpackage Libraries -- cgit v1.2.3-24-g4f1b From 69fc4fc9e729f8ef510150ea01185923bffaf58b Mon Sep 17 00:00:00 2001 From: Derek Jones Date: Tue, 2 Mar 2010 13:36:31 -0600 Subject: significant rewrite to Input class some items will be moved to Security class added set_cookie() added UTF-8 uniformity to input --- system/core/Input.php | 897 +++++++++++--------------------------------------- 1 file changed, 192 insertions(+), 705 deletions(-) (limited to 'system/core') diff --git a/system/core/Input.php b/system/core/Input.php index 51c12a8a0..0760dc830 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -27,31 +27,14 @@ * @link http://codeigniter.com/user_guide/libraries/input.html */ class CI_Input { - var $use_xss_clean = FALSE; - var $xss_hash = ''; - var $ip_address = FALSE; - var $user_agent = FALSE; - var $allow_get_array = FALSE; - - /* never allowed, string replacement */ - var $never_allowed_str = array( - 'document.cookie' => '[removed]', - 'document.write' => '[removed]', - '.parentNode' => '[removed]', - '.innerHTML' => '[removed]', - 'window.location' => '[removed]', - '-moz-binding' => '[removed]', - '' => '-->', - ' '<![CDATA[' - ); - /* never allowed, regex replacement */ - var $never_allowed_regex = array( - "javascript\s*:" => '[removed]', - "expression\s*(\(|&\#40;)" => '[removed]', // CSS and IE - "vbscript\s*:" => '[removed]', // IE, surprise! - "Redirect\s+302" => '[removed]' - ); + + var $ip_address = FALSE; + var $user_agent = FALSE; + var $_allow_get_array = FALSE; + var $_standardize_newlines = TRUE; + var $_enable_xss = FALSE; // Set automatically based on config setting + var $_enable_csrf = FALSE; // Set automatically based on config setting + /** * Constructor @@ -65,161 +48,25 @@ class CI_Input { { log_message('debug', "Input Class Initialized"); - $CFG =& load_class('Config'); - $this->use_xss_clean = ($CFG->item('global_xss_filtering') === TRUE) ? TRUE : FALSE; - $this->allow_get_array = ($CFG->item('enable_query_strings') === TRUE) ? TRUE : FALSE; - $this->_sanitize_globals(); - } - - // -------------------------------------------------------------------- - - /** - * Sanitize Globals - * - * This function does the following: - * - * Unsets $_GET data (if query strings are not enabled) - * - * Unsets all globals if register_globals is enabled - * - * Standardizes newline characters to \n - * - * @access private - * @return void - */ - function _sanitize_globals() - { - // Would kind of be "wrong" to unset any of these GLOBALS - $protected = array('_SERVER', '_GET', '_POST', '_FILES', '_REQUEST', '_SESSION', '_ENV', 'GLOBALS', 'HTTP_RAW_POST_DATA', - 'system_folder', 'application_folder', 'BM', 'EXT', 'CFG', 'URI', 'RTR', 'OUT', 'IN'); - - // Unset globals for security. - // This is effectively the same as register_globals = off - foreach (array($_GET, $_POST, $_COOKIE, $_SERVER, $_FILES, $_ENV, (isset($_SESSION) && is_array($_SESSION)) ? $_SESSION : array()) as $global) - { - if ( ! is_array($global)) - { - if ( ! in_array($global, $protected)) - { - unset($GLOBALS[$global]); - } - } - else - { - foreach ($global as $key => $val) - { - if ( ! in_array($key, $protected)) - { - unset($GLOBALS[$key]); - } - - if (is_array($val)) - { - foreach($val as $k => $v) - { - if ( ! in_array($k, $protected)) - { - unset($GLOBALS[$k]); - } - } - } - } - } - } - - // Is $_GET data allowed? If not we'll set the $_GET to an empty array - if ($this->allow_get_array == FALSE) - { - $_GET = array(); - } - else - { - $_GET = $this->_clean_input_data($_GET); - } - - // Clean $_POST Data - $_POST = $this->_clean_input_data($_POST); - - // Clean $_COOKIE Data - // Also get rid of specially treated cookies that might be set by a server - // or silly application, that are of no use to a CI application anyway - // but that when present will trip our 'Disallowed Key Characters' alarm - // http://www.ietf.org/rfc/rfc2109.txt - // note that the key names below are single quoted strings, and are not PHP variables - unset($_COOKIE['$Version']); - unset($_COOKIE['$Path']); - unset($_COOKIE['$Domain']); - $_COOKIE = $this->_clean_input_data($_COOKIE); - - log_message('debug', "Global POST and COOKIE data sanitized"); - } - - // -------------------------------------------------------------------- - - /** - * Clean Input Data - * - * This is a helper function. It escapes data and - * standardizes newline characters to \n - * - * @access private - * @param string - * @return string - */ - function _clean_input_data($str) - { - if (is_array($str)) - { - $new_array = array(); - foreach ($str as $key => $val) - { - $new_array[$this->_clean_input_keys($key)] = $this->_clean_input_data($val); - } - return $new_array; - } - - // We strip slashes if magic quotes is on to keep things consistent - if (get_magic_quotes_gpc()) - { - $str = stripslashes($str); - } + $this->_allow_get_array = (config_item('enable_query_strings') === TRUE) ? TRUE : FALSE; + $this->_enable_xss = (config_item('global_xss_filtering') === TRUE) ? TRUE : FALSE; + $this->_enable_csrf = (config_item('csrf_protection') === TRUE) ? TRUE : FALSE; - // Should we filter the input data? - if ($this->use_xss_clean === TRUE) + // Do we need to load the security class? + if ($this->_enable_xss == TRUE OR $this->_enable_csrf == TRUE) { - $str = $this->xss_clean($str); + $this->security =& load_class('Security'); } - // Standardize newlines - if (strpos($str, "\r") !== FALSE) + // Do we need the Unicode class? + if (UTF8_ENABLED === TRUE) { - $str = str_replace(array("\r\n", "\r"), "\n", $str); + global $UNI; + $this->uni =& $UNI; } - return $str; - } - - // -------------------------------------------------------------------- - - /** - * Clean Keys - * - * This is a helper function. To prevent malicious users - * from trying to exploit keys we make sure that keys are - * only named with alpha-numeric text and a few other items. - * - * @access private - * @param string - * @return string - */ - function _clean_input_keys($str) - { - if ( ! preg_match("/^[a-z0-9:_\/-]+$/i", $str)) - { - exit('Disallowed Key Characters.'); - } - - return $str; + // Sanitize global arrays + $this->_sanitize_globals(); } // -------------------------------------------------------------------- @@ -244,7 +91,8 @@ class CI_Input { if ($xss_clean === TRUE) { - return $this->xss_clean($array[$index]); + $_security =& load_class('Security'); + return $_security->xss_clean($array[$index]); } return $array[$index]; @@ -280,6 +128,7 @@ class CI_Input { return $this->_fetch_from_array($_POST, $index, $xss_clean); } + // -------------------------------------------------------------------- /** @@ -317,6 +166,68 @@ class CI_Input { return $this->_fetch_from_array($_COOKIE, $index, $xss_clean); } + // ------------------------------------------------------------------------ + + /** + * Set cookie + * + * Accepts six parameter, or you can submit an associative + * array in the first parameter containing all the values. + * + * @access public + * @param mixed + * @param string the value of the cookie + * @param string the number of seconds until expiration + * @param string the cookie domain. Usually: .yourdomain.com + * @param string the cookie path + * @param string the cookie prefix + * @return void + */ + function set_cookie($name = '', $value = '', $expire = '', $domain = '', $path = '/', $prefix = '') + { + if (is_array($name)) + { + foreach (array('value', 'expire', 'domain', 'path', 'prefix', 'name') as $item) + { + if (isset($name[$item])) + { + $$item = $name[$item]; + } + } + } + + if ($prefix == '' AND config_item('cookie_prefix') != '') + { + $prefix = config_item('cookie_prefix'); + } + if ($domain == '' AND config_item('cookie_domain') != '') + { + $domain = config_item('cookie_domain'); + } + if ($path == '/' AND config_item('cookie_path') != '/') + { + $path = config_item('cookie_path'); + } + + if ( ! is_numeric($expire)) + { + $expire = time() - 86500; + } + else + { + if ($expire > 0) + { + $expire = time() + $expire; + } + else + { + $expire = 0; + } + } + + setcookie($prefix.$name, $value, $expire, $path, $domain, 0); + } + // -------------------------------------------------------------------- /** @@ -453,580 +364,155 @@ class CI_Input { // -------------------------------------------------------------------- /** - * Filename Security - * - * @access public - * @param string - * @return string - */ - function filename_security($str) - { - $bad = array( - "../", - "./", - "", - "<", - ">", - "'", - '"', - '&', - '$', - '#', - '{', - '}', - '[', - ']', - '=', - ';', - '?', - "%20", - "%22", - "%3c", // < - "%253c", // < - "%3e", // > - "%0e", // > - "%28", // ( - "%29", // ) - "%2528", // ( - "%26", // & - "%24", // $ - "%3f", // ? - "%3b", // ; - "%3d" // = - ); - - return stripslashes(str_replace($bad, '', $str)); - } - - // -------------------------------------------------------------------- - - /** - * XSS Clean + * Sanitize Globals * - * Sanitizes data so that Cross Site Scripting Hacks can be - * prevented. This function does a fair amount of work but - * it is extremely thorough, designed to prevent even the - * most obscure XSS attempts. Nothing is ever 100% foolproof, - * of course, but I haven't been able to get anything passed - * the filter. + * This function does the following: * - * Note: This function should only be used to deal with data - * upon submission. It's not something that should - * be used for general runtime processing. + * Unsets $_GET data (if query strings are not enabled) * - * This function was based in part on some code and ideas I - * got from Bitflux: http://blog.bitflux.ch/wiki/XSS_Prevention + * Unsets all globals if register_globals is enabled * - * To help develop this script I used this great list of - * vulnerabilities along with a few other hacks I've - * harvested from examining vulnerabilities in other programs: - * http://ha.ckers.org/xss.html + * Standardizes newline characters to \n * - * @access public - * @param string - * @return string + * @access private + * @return void */ - function xss_clean($str, $is_image = FALSE) + function _sanitize_globals() { - /* - * Is the string an array? - * - */ - if (is_array($str)) + // It would be "wrong" to unset any of these GLOBALS. + $protected = array('_SERVER', '_GET', '_POST', '_FILES', '_REQUEST', '_SESSION', '_ENV', 'GLOBALS', 'HTTP_RAW_POST_DATA', + 'system_folder', 'application_folder', 'BM', 'EXT', 'CFG', 'URI', 'RTR', 'OUT', 'IN'); + + // Unset globals for securiy. + // This is effectively the same as register_globals = off + foreach (array($_GET, $_POST, $_COOKIE) as $global) { - while (list($key) = each($str)) + if ( ! is_array($global)) { - $str[$key] = $this->xss_clean($str[$key]); + if ( ! in_array($global, $protected)) + { + global $$global; + $$global = NULL; + } + } + else + { + foreach ($global as $key => $val) + { + if ( ! in_array($key, $protected)) + { + global $$key; + $$key = NULL; + } + } } - - return $str; - } - - /* - * Remove Invisible Characters - */ - $str = $this->_remove_invisible_characters($str); - - /* - * Protect GET variables in URLs - */ - - // 901119URL5918AMP18930PROTECT8198 - - $str = preg_replace('|\&([a-z\_0-9\-]+)\=([a-z\_0-9\-]+)|i', $this->xss_hash()."\\1=\\2", $str); - - /* - * Validate standard character entities - * - * Add a semicolon if missing. We do this to enable - * the conversion of entities to ASCII later. - * - */ - $str = preg_replace('#(&\#?[0-9a-z]{2,})([\x00-\x20])*;?#i', "\\1;\\2", $str); - - /* - * Validate UTF16 two byte encoding (x00) - * - * Just as above, adds a semicolon if missing. - * - */ - $str = preg_replace('#(&\#x?)([0-9A-F]+);?#i',"\\1\\2;",$str); - - /* - * Un-Protect GET variables in URLs - */ - $str = str_replace($this->xss_hash(), '&', $str); - - /* - * URL Decode - * - * Just in case stuff like this is submitted: - * - * Google - * - * Note: Use rawurldecode() so it does not remove plus signs - * - */ - $str = rawurldecode($str); - - /* - * Convert character entities to ASCII - * - * This permits our tests below to work reliably. - * We only convert entities that are within tags since - * these are the ones that will pose security problems. - * - */ - - $str = preg_replace_callback("/[a-z]+=([\'\"]).*?\\1/si", array($this, '_convert_attribute'), $str); - - $str = preg_replace_callback("/<\w+.*?(?=>|<|$)/si", array($this, '_html_entity_decode_callback'), $str); - - /* - * Remove Invisible Characters Again! - */ - $str = $this->_remove_invisible_characters($str); - - /* - * Convert all tabs to spaces - * - * This prevents strings like this: ja vascript - * NOTE: we deal with spaces between characters later. - * NOTE: preg_replace was found to be amazingly slow here on large blocks of data, - * so we use str_replace. - * - */ - - if (strpos($str, "\t") !== FALSE) - { - $str = str_replace("\t", ' ', $str); - } - - /* - * Capture converted string for later comparison - */ - $converted_string = $str; - - /* - * Not Allowed Under Any Conditions - */ - - foreach ($this->never_allowed_str as $key => $val) - { - $str = str_replace($key, $val, $str); - } - - foreach ($this->never_allowed_regex as $key => $val) - { - $str = preg_replace("#".$key."#i", $val, $str); } - /* - * Makes PHP tags safe - * - * Note: XML tags are inadvertently replaced too: - * - * _allow_get_array == FALSE) { - // Images have a tendency to have the PHP short opening and closing tags every so often - // so we skip those and only do the long opening tags. - $str = preg_replace('/<\?(php)/i', "<?\\1", $str); + $_GET = array(); } else { - $str = str_replace(array(''), array('<?', '?>'), $str); - } - - /* - * Compact any exploded words - * - * This corrects words like: j a v a s c r i p t - * These words are compacted back to their correct state. - * - */ - $words = array('javascript', 'expression', 'vbscript', 'script', 'applet', 'alert', 'document', 'write', 'cookie', 'window'); - foreach ($words as $word) - { - $temp = ''; - - for ($i = 0, $wordlen = strlen($word); $i < $wordlen; $i++) + if (is_array($_GET) AND count($_GET) > 0) { - $temp .= substr($word, $i, 1)."\s*"; + foreach($_GET as $key => $val) + { + $_GET[$this->_clean_input_keys($key)] = $this->_clean_input_data($val); + } } - - // We only want to do this when it is followed by a non-word character - // That way valid stuff like "dealer to" does not become "dealerto" - $str = preg_replace_callback('#('.substr($temp, 0, -3).')(\W)#is', array($this, '_compact_exploded_words'), $str); } - /* - * Remove disallowed Javascript in links or img tags - * We used to do some version comparisons and use of stripos for PHP5, but it is dog slow compared - * to these simplified non-capturing preg_match(), especially if the pattern exists in the string - */ - do + // Clean $_POST Data + if (is_array($_POST) AND count($_POST) > 0) { - $original = $str; - - if (preg_match("/]*?)(>|$)#si", array($this, '_js_link_removal'), $str); - } - - if (preg_match("/]*?)(\s?/?>|$)#si", array($this, '_js_img_removal'), $str); - } - - if (preg_match("/script/i", $str) OR preg_match("/xss/i", $str)) + foreach($_POST as $key => $val) { - $str = preg_replace("#<(/*)(script|xss)(.*?)\>#si", '[removed]', $str); + $_POST[$this->_clean_input_keys($key)] = $this->_clean_input_data($val); } } - while($original != $str); - - unset($original); - - /* - * Remove JavaScript Event Handlers - * - * Note: This code is a little blunt. It removes - * the event handler and anything up to the closing >, - * but it's unlikely to be a problem. - * - */ - $event_handlers = array('[^a-z_\-]on\w*','xmlns'); - - if ($is_image === TRUE) - { - /* - * Adobe Photoshop puts XML metadata into JFIF images, including namespacing, - * so we have to allow this for images. -Paul - */ - unset($event_handlers[array_search('xmlns', $event_handlers)]); - } - - $str = preg_replace("#<([^><]+?)(".implode('|', $event_handlers).")(\s*=\s*[^><]*)([><]*)#i", "<\\1\\4", $str); - - /* - * Sanitize naughty HTML elements - * - * If a tag containing any of the words in the list - * below is found, the tag gets converted to entities. - * - * So this: - * Becomes: <blink> - * - */ - $naughty = 'alert|applet|audio|basefont|base|behavior|bgsound|blink|body|embed|expression|form|frameset|frame|head|html|ilayer|iframe|input|isindex|layer|link|meta|object|plaintext|style|script|textarea|title|video|xml|xss'; - $str = preg_replace_callback('#<(/*\s*)('.$naughty.')([^><]*)([><]*)#is', array($this, '_sanitize_naughty_html'), $str); - - /* - * Sanitize naughty scripting elements - * - * Similar to above, only instead of looking for - * tags it looks for PHP and JavaScript commands - * that are disallowed. Rather than removing the - * code, it simply converts the parenthesis to entities - * rendering the code un-executable. - * - * For example: eval('some code') - * Becomes: eval('some code') - * - */ - $str = preg_replace('#(alert|cmd|passthru|eval|exec|expression|system|fopen|fsockopen|file|file_get_contents|readfile|unlink)(\s*)\((.*?)\)#si', "\\1\\2(\\3)", $str); - - /* - * Final clean up - * - * This adds a bit of extra precaution in case - * something got through the above filters - * - */ - foreach ($this->never_allowed_str as $key => $val) - { - $str = str_replace($key, $val, $str); - } - - foreach ($this->never_allowed_regex as $key => $val) - { - $str = preg_replace("#".$key."#i", $val, $str); - } - - /* - * Images are Handled in a Special Way - * - Essentially, we want to know that after all of the character conversion is done whether - * any unwanted, likely XSS, code was found. If not, we return TRUE, as the image is clean. - * However, if the string post-conversion does not matched the string post-removal of XSS, - * then it fails, as there was unwanted XSS code found and removed/changed during processing. - */ - if ($is_image === TRUE) - { - if ($str == $converted_string) - { - return TRUE; - } - else + // Clean $_COOKIE Data + if (is_array($_COOKIE) AND count($_COOKIE) > 0) + { + // Also get rid of specially treated cookies that might be set by a server + // or silly application, that are of no use to a CI application anyway + // but that when present will trip our 'Disallowed Key Characters' alarm + // http://www.ietf.org/rfc/rfc2109.txt + // note that the key names below are single quoted strings, and are not PHP variables + unset($_COOKIE['$Version']); + unset($_COOKIE['$Path']); + unset($_COOKIE['$Domain']); + + foreach($_COOKIE as $key => $val) { - return FALSE; + $_COOKIE[$this->_clean_input_keys($key)] = $this->_clean_input_data($val); } } - log_message('debug', "XSS Filtering completed"); - return $str; - } + // Sanitize PHP_SELF + $_SERVER['PHP_SELF'] = strip_tags($_SERVER['PHP_SELF']); - // -------------------------------------------------------------------- - /** - * Random Hash for protecting URLs - * - * @access public - * @return string - */ - function xss_hash() - { - if ($this->xss_hash == '') + // CSRF Protection check + if ($this->_enable_csrf == TRUE) { - if (phpversion() >= 4.2) - mt_srand(); - else - mt_srand(hexdec(substr(md5(microtime()), -8)) & 0x7fffffff); - - $this->xss_hash = md5(time() + mt_rand(0, 1999999999)); + $this->security->csrf_verify(); } - return $this->xss_hash; + log_message('debug', "Global POST and COOKIE data sanitized"); } // -------------------------------------------------------------------- /** - * Remove Invisible Characters + * Clean Input Data * - * This prevents sandwiching null characters - * between ascii characters, like Java\0script. + * This is a helper function. It escapes data and + * standardizes newline characters to \n * - * @access public + * @access private * @param string * @return string */ - function _remove_invisible_characters($str) + function _clean_input_data($str) { - static $non_displayables; - - if ( ! isset($non_displayables)) + if (is_array($str)) { - // every control character except newline (dec 10), carriage return (dec 13), and horizontal tab (dec 09), - $non_displayables = array( - '/%0[0-8bcef]/', // url encoded 00-08, 11, 12, 14, 15 - '/%1[0-9a-f]/', // url encoded 16-31 - '/[\x00-\x08]/', // 00-08 - '/\x0b/', '/\x0c/', // 11, 12 - '/[\x0e-\x1f]/' // 14-31 - ); + $new_array = array(); + foreach ($str as $key => $val) + { + $new_array[$this->_clean_input_keys($key)] = $this->_clean_input_data($val); + } + return $new_array; } - do + // We strip slashes if magic quotes is on to keep things consistent + if (get_magic_quotes_gpc()) { - $cleaned = $str; - $str = preg_replace($non_displayables, '', $str); + $str = stripslashes($str); } - while ($cleaned != $str); - - return $str; - } - - // -------------------------------------------------------------------- - - /** - * Compact Exploded Words - * - * Callback function for xss_clean() to remove whitespace from - * things like j a v a s c r i p t - * - * @access public - * @param type - * @return type - */ - function _compact_exploded_words($matches) - { - return preg_replace('/\s+/s', '', $matches[1]).$matches[2]; - } - - // -------------------------------------------------------------------- - - /** - * Sanitize Naughty HTML - * - * Callback function for xss_clean() to remove naughty HTML elements - * - * @access private - * @param array - * @return string - */ - function _sanitize_naughty_html($matches) - { - // encode opening brace - $str = '<'.$matches[1].$matches[2].$matches[3]; - - // encode captured opening or closing brace to prevent recursive vectors - $str .= str_replace(array('>', '<'), array('>', '<'), $matches[4]); - - return $str; - } - - // -------------------------------------------------------------------- - - /** - * JS Link Removal - * - * Callback function for xss_clean() to sanitize links - * This limits the PCRE backtracks, making it more performance friendly - * and prevents PREG_BACKTRACK_LIMIT_ERROR from being triggered in - * PHP 5.2+ on link-heavy strings - * - * @access private - * @param array - * @return string - */ - function _js_link_removal($match) - { - $attributes = $this->_filter_attributes(str_replace(array('<', '>'), '', $match[1])); - return str_replace($match[1], preg_replace("#href=.*?(alert\(|alert&\#40;|javascript\:|charset\=|window\.|document\.|\.cookie|_filter_attributes(str_replace(array('<', '>'), '', $match[1])); - return str_replace($match[1], preg_replace("#src=.*?(alert\(|alert&\#40;|javascript\:|charset\=|window\.|document\.|\.cookie|', '<', '\\'), array('>', '<', '\\\\'), $match[0]); - } - - // -------------------------------------------------------------------- - /** - * HTML Entity Decode Callback - * - * Used as a callback for XSS Clean - * - * @access public - * @param array - * @return string - */ - function _html_entity_decode_callback($match) - { - $CFG =& load_class('Config'); - $charset = $CFG->item('charset'); - - return $this->_html_entity_decode($match[0], strtoupper($charset)); - } - - // -------------------------------------------------------------------- - - /** - * HTML Entities Decode - * - * This function is a replacement for html_entity_decode() - * - * In some versions of PHP the native function does not work - * when UTF-8 is the specified character set, so this gives us - * a work-around. More info here: - * http://bugs.php.net/bug.php?id=25670 - * - * @access private - * @param string - * @param string - * @return string - */ - /* ------------------------------------------------- - /* Replacement for html_entity_decode() - /* -------------------------------------------------*/ - - /* - NOTE: html_entity_decode() has a bug in some PHP versions when UTF-8 is the - character set, and the PHP developers said they were not back porting the - fix to versions other than PHP 5.x. - */ - function _html_entity_decode($str, $charset='UTF-8') - { - if (stristr($str, '&') === FALSE) return $str; - - // The reason we are not using html_entity_decode() by itself is because - // while it is not technically correct to leave out the semicolon - // at the end of an entity most browsers will still interpret the entity - // correctly. html_entity_decode() does not convert entities without - // semicolons, so we are left with our own little solution here. Bummer. - - if (function_exists('html_entity_decode') && (strtolower($charset) != 'utf-8' OR version_compare(phpversion(), '5.0.0', '>='))) + // Clean UTF-8 if supported + if (UTF8_ENABLED === TRUE) { - $str = html_entity_decode($str, ENT_COMPAT, $charset); - $str = preg_replace('~&#x(0*[0-9a-f]{2,5})~ei', 'chr(hexdec("\\1"))', $str); - return preg_replace('~&#([0-9]{2,4})~e', 'chr(\\1)', $str); + $str = $this->uni->clean_string($str); } - // Numeric Entities - $str = preg_replace('~&#x(0*[0-9a-f]{2,5});{0,1}~ei', 'chr(hexdec("\\1"))', $str); - $str = preg_replace('~&#([0-9]{2,4});{0,1}~e', 'chr(\\1)', $str); + // Should we filter the input data? + if ($this->_enable_xss === TRUE) + { + $str = $this->security->xss_clean($str); + } - // Literal Entities - Slightly slow so we do another check - if (stristr($str, '&') === FALSE) + // Standardize newlines if needed + if ($this->_standardize_newlines == TRUE) { - $str = strtr($str, array_flip(get_html_translation_table(HTML_ENTITIES))); + if (strpos($str, "\r") !== FALSE) + { + $str = str_replace(array("\r\n", "\r"), "\n", $str); + } } return $str; @@ -1035,31 +521,32 @@ class CI_Input { // -------------------------------------------------------------------- /** - * Filter Attributes + * Clean Keys * - * Filters tag attributes for consistency and safety + * This is a helper function. To prevent malicious users + * from trying to exploit keys we make sure that keys are + * only named with alpha-numeric text and a few other items. * - * @access public + * @access private * @param string * @return string */ - function _filter_attributes($str) + function _clean_input_keys($str) { - $out = ''; + if ( ! preg_match("/^[a-z0-9:_\/-]+$/i", $str)) + { + exit('Disallowed Key Characters.'); + } - if (preg_match_all('#\s*[a-z\-]+\s*=\s*(\042|\047)([^\\1]*?)\\1#is', $str, $matches)) + // Clean UTF-8 if supported + if (UTF8_ENABLED === TRUE) { - foreach ($matches[0] as $match) - { - $out .= preg_replace("#/\*.*?\*/#s", '', $match); - } + $str = $this->uni->clean_string($str); } - return $out; + return $str; } - // -------------------------------------------------------------------- - } // END Input class -- cgit v1.2.3-24-g4f1b From 692c5486cdcfc05cd9dc6f348b09bc093b32eea8 Mon Sep 17 00:00:00 2001 From: Derek Jones Date: Tue, 2 Mar 2010 13:39:48 -0600 Subject: renamed class added ability to specify arbitrary path for language file (packages!) added ability to specify lang files that don't end in _lang, or to call file with _lang directly without it adding another _lang suffix --- system/core/Lang.php | 31 ++++++++++++++++++++++--------- 1 file changed, 22 insertions(+), 9 deletions(-) (limited to 'system/core') diff --git a/system/core/Lang.php b/system/core/Lang.php index bbecab645..e071495b8 100644 --- a/system/core/Lang.php +++ b/system/core/Lang.php @@ -24,7 +24,7 @@ * @author ExpressionEngine Dev Team * @link http://codeigniter.com/user_guide/libraries/language.html */ -class CI_Language { +class CI_Lang { var $language = array(); var $is_loaded = array(); @@ -34,7 +34,7 @@ class CI_Language { * * @access public */ - function CI_Language() + function CI_Lang() { log_message('debug', "Language Class Initialized"); } @@ -49,24 +49,36 @@ class CI_Language { * @param string the language (english, etc.) * @return mixed */ - function load($langfile = '', $idiom = '', $return = FALSE) + function load($langfile = '', $idiom = '', $return = FALSE, $add_suffix = TRUE, $alt_path = '') { - $langfile = str_replace(EXT, '', str_replace('_lang.', '', $langfile)).'_lang'.EXT; + $langfile = str_replace(EXT, '', $langfile); + + if ($add_suffix == TRUE) + { + $langfile = str_replace('_lang.', '', $langfile).'_lang'; + } + + $langfile .= EXT; if (in_array($langfile, $this->is_loaded, TRUE)) { return; } + $config =& get_config(); + if ($idiom == '') { - $CI =& get_instance(); - $deft_lang = $CI->config->item('language'); + $deft_lang = ( ! isset($config['language'])) ? 'english' : $config['language']; $idiom = ($deft_lang == '') ? 'english' : $deft_lang; } // Determine where the language file is and load it - if (file_exists(APPPATH.'language/'.$idiom.'/'.$langfile)) + if ($alt_path != '' && file_exists($alt_path.'language/'.$idiom.'/'.$langfile)) + { + include($alt_path.'language/'.$idiom.'/'.$langfile); + } + elseif (file_exists(APPPATH.'language/'.$idiom.'/'.$langfile)) { include(APPPATH.'language/'.$idiom.'/'.$langfile); } @@ -82,6 +94,7 @@ class CI_Language { } } + if ( ! isset($lang)) { log_message('error', 'Language file contains no data: language/'.$idiom.'/'.$langfile); @@ -119,5 +132,5 @@ class CI_Language { } // END Language Class -/* End of file Language.php */ -/* Location: ./system/core/Language.php */ \ No newline at end of file +/* End of file Lang.php */ +/* Location: ./system/core/Lang.php */ \ No newline at end of file -- cgit v1.2.3-24-g4f1b From 32bf18694a43a346ae9c1819f9c37f3fc64d3b1c Mon Sep 17 00:00:00 2001 From: Derek Jones Date: Tue, 2 Mar 2010 13:46:07 -0600 Subject: rewrite of Loader class killed scaffolding added @PHP4 tags --- system/core/Loader.php | 340 ++++++++++++++++++++++++++++--------------------- 1 file changed, 198 insertions(+), 142 deletions(-) (limited to 'system/core') diff --git a/system/core/Loader.php b/system/core/Loader.php index a30238c3e..f70ee0334 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -31,8 +31,11 @@ class CI_Loader { // All these are set automatically. Don't mess with them. var $_ci_ob_level; var $_ci_view_path = ''; - var $_ci_is_php5 = FALSE; + var $_ci_library_paths = array(); + var $_ci_model_paths = array(); + var $_ci_helper_paths = array(); var $_ci_is_instance = FALSE; // Whether we should use $this or $CI =& get_instance() + var $_base_classes = array(); // Set by the controller class var $_ci_cached_vars = array(); var $_ci_classes = array(); var $_ci_loaded_files = array(); @@ -51,10 +54,12 @@ class CI_Loader { */ function CI_Loader() { - $this->_ci_is_php5 = (floor(phpversion()) >= 5) ? TRUE : FALSE; $this->_ci_view_path = APPPATH.'views/'; $this->_ci_ob_level = ob_get_level(); - + $this->_ci_library_paths = array(APPPATH, BASEPATH); + $this->_ci_helper_paths = array(APPPATH, BASEPATH); + $this->_ci_model_paths = array(APPPATH); + log_message('debug', "Loader Class Initialized"); } @@ -74,12 +79,12 @@ class CI_Loader { */ function library($library = '', $params = NULL, $object_name = NULL) { - if ($library == '') + if ($library == '' OR isset($this->_base_classes[$library])) { return FALSE; } - if ( ! is_null($params) AND ! is_array($params)) + if ( ! is_null($params) && ! is_array($params)) { $params = NULL; } @@ -128,17 +133,16 @@ class CI_Loader { return; } + $path = ''; + // Is the model in a sub-folder? If so, parse out the filename and path. - if (strpos($model, '/') === FALSE) - { - $path = ''; - } - else + if (($last_slash = strrpos($model, '/')) !== FALSE) { - $x = explode('/', $model); - $model = end($x); - unset($x[count($x)-1]); - $path = implode('/', $x).'/'; + // The path is in front of the last slash + $path = substr($model, 0, $last_slash + 1); + + // And the model name behind it + $model = substr($model, $last_slash + 1); } if ($name == '') @@ -158,33 +162,40 @@ class CI_Loader { } $model = strtolower($model); - - if ( ! file_exists(APPPATH.'models/'.$path.$model.EXT)) - { - show_error('Unable to locate the model you have specified: '.$model); - } - - if ($db_conn !== FALSE AND ! class_exists('CI_DB')) - { - if ($db_conn === TRUE) - $db_conn = ''; - - $CI->load->database($db_conn, FALSE, TRUE); - } - - if ( ! class_exists('Model')) + + foreach ($this->_ci_model_paths as $mod_path) { - load_class('Model', FALSE); - } + if ( ! file_exists($mod_path.'models/'.$path.$model.EXT)) + { + continue; + } - require_once(APPPATH.'models/'.$path.$model.EXT); + if ($db_conn !== FALSE AND ! class_exists('CI_DB')) + { + if ($db_conn === TRUE) + $db_conn = ''; - $model = ucfirst($model); - - $CI->$name = new $model(); - $CI->$name->_assign_libraries(); + $CI->load->database($db_conn, FALSE, TRUE); + } + + if ( ! class_exists('Model')) + { + load_class('Model', 'core'); + } + + require_once($mod_path.'models/'.$path.$model.EXT); + + $model = ucfirst($model); + + $CI->$name = new $model(); + $CI->$name->_assign_libraries(); + + $this->_ci_models[] = $name; + return; + } - $this->_ci_models[] = $name; + // couldn't find the model + show_error('Unable to locate the model you have specified: '.$model); } // -------------------------------------------------------------------- @@ -366,21 +377,14 @@ class CI_Loader { * @return void */ function helper($helpers = array()) - { - if ( ! is_array($helpers)) - { - $helpers = array($helpers); - } - - foreach ($helpers as $helper) - { - $helper = strtolower(str_replace(EXT, '', str_replace('_helper', '', $helper)).'_helper'); - + { + foreach ($this->_ci_prep_filename($helpers, '_helper') as $helper) + { if (isset($this->_ci_helpers[$helper])) { continue; } - + $ext_helper = APPPATH.'helpers/'.config_item('subclass_prefix').$helper.EXT; // Is this a helper extension request? @@ -395,25 +399,30 @@ class CI_Loader { include_once($ext_helper); include_once($base_helper); + + $this->_ci_helpers[$helper] = TRUE; + log_message('debug', 'Helper loaded: '.$helper); + continue; } - elseif (file_exists(APPPATH.'helpers/'.$helper.EXT)) - { - include_once(APPPATH.'helpers/'.$helper.EXT); - } - else - { - if (file_exists(BASEPATH.'helpers/'.$helper.EXT)) - { - include_once(BASEPATH.'helpers/'.$helper.EXT); - } - else - { - show_error('Unable to load the requested file: helpers/'.$helper.EXT); + + // Try to load the helper + foreach ($this->_ci_helper_paths as $path) + { + if (file_exists($path.'helpers/'.$helper.EXT)) + { + include_once($path.'helpers/'.$helper.EXT); + + $this->_ci_helpers[$helper] = TRUE; + log_message('debug', 'Helper loaded: '.$helper); + break; } } - $this->_ci_helpers[$helper] = TRUE; - log_message('debug', 'Helper loaded: '.$helper); + // unable to load the helper + if ( ! isset($this->_ci_helpers[$helper])) + { + show_error('Unable to load the requested file: helpers/'.$helper.EXT); + } } } @@ -447,15 +456,8 @@ class CI_Loader { */ function plugin($plugins = array()) { - if ( ! is_array($plugins)) - { - $plugins = array($plugins); - } - - foreach ($plugins as $plugin) + foreach ($this->_ci_prep_filename($plugins, '_pi') as $plugin) { - $plugin = strtolower(str_replace(EXT, '', str_replace('_pi', '', $plugin)).'_pi'); - if (isset($this->_ci_plugins[$plugin])) { continue; @@ -523,19 +525,6 @@ class CI_Loader { $CI->lang->load($langfile, $lang); } } - - /** - * Loads language files for scaffolding - * - * @access public - * @param string - * @return arra - */ - function scaffold_language($file = '', $lang = '', $return = FALSE) - { - $CI =& get_instance(); - return $CI->lang->load($file, $lang, $return); - } // -------------------------------------------------------------------- @@ -553,36 +542,75 @@ class CI_Loader { } // -------------------------------------------------------------------- - + /** - * Scaffolding Loader + * Add Package Path * - * This initializing function works a bit different than the - * others. It doesn't load the class. Instead, it simply - * sets a flag indicating that scaffolding is allowed to be - * used. The actual scaffolding function below is - * called by the front controller based on whether the - * second segment of the URL matches the "secret" scaffolding - * word stored in the application/config/routes.php + * Prepends a parent path to the library, model, helper, and config path arrays * * @access public * @param string * @return void - */ - function scaffolding($table = '') - { - if ($table === FALSE) + */ + function add_package_path($path) + { + array_unshift($this->_ci_library_paths, $path); + array_unshift($this->_ci_model_paths, $path); + array_unshift($this->_ci_helper_paths, $path); + + // Add config file path + $config =& $this->_ci_get_component('config'); + array_unshift($config->_config_paths, $path); + } + + // -------------------------------------------------------------------- + + /** + * Remove Package Path + * + * Remove a path from the library, model, and helper path arrays if it exists + * If no path is provided, the most recently added path is removed. + * + * @access public + * @param type + * @return type + */ + function remove_package_path($path = '', $remove_config_path = TRUE) + { + $config =& $this->_ci_get_component('config'); + + if ($path == '') { - show_error('You must include the name of the table you would like to access when you initialize scaffolding'); + $void = array_shift($this->_ci_library_paths); + $void = array_shift($this->_ci_model_paths); + $void = array_shift($this->_ci_helper_paths); + $void = array_shift($config->_config_paths); + } + else + { + foreach (array('_ci_library_paths', '_ci_model_paths', '_ci_helper_paths') as $var) + { + if (($key = array_search($path, $this->{$var})) !== FALSE) + { + unset($this->{$var}[$key]); + } + } + + if (($key = array_search($path, $config->_config_paths)) !== FALSE) + { + unset($config->_config_paths[$key]); + } } - $CI =& get_instance(); - $CI->_ci_scaffolding = TRUE; - $CI->_ci_scaff_table = $table; + // make sure the application default paths are still in the array + $this->_ci_library_paths = array_unique(array_merge($this->_ci_library_paths, array(APPPATH, BASEPATH))); + $this->_ci_helper_paths = array_unique(array_merge($this->_ci_helper_paths, array(APPPATH, BASEPATH))); + $this->_ci_model_paths = array_unique(array_merge($this->_ci_model_paths, array(APPPATH))); + $config->_config_paths = array_unique(array_merge($config->_config_paths, array(APPPATH))); } // -------------------------------------------------------------------- - + /** * Loader * @@ -733,19 +761,13 @@ class CI_Loader { // Was the path included with the class name? // We look for a slash to determine this $subdir = ''; - if (strpos($class, '/') !== FALSE) + if (($last_slash = strrpos($class, '/')) !== FALSE) { - // explode the path so we can separate the filename from the path - $x = explode('/', $class); - - // Reset the $class variable now that we know the actual filename - $class = end($x); - - // Kill the filename from the array - unset($x[count($x)-1]); + // Extract the path + $subdir = substr($class, 0, $last_slash + 1); - // Glue the path back together, sans filename - $subdir = implode($x, '/').'/'; + // Get the filename from the path + $class = substr($class, $last_slash + 1); } // We'll test for both lowercase and capitalized versions of the file name @@ -792,12 +814,11 @@ class CI_Loader { } // Lets search for the requested library file and load it. - $is_duplicate = FALSE; - for ($i = 1; $i < 3; $i++) + $is_duplicate = FALSE; + foreach ($this->_ci_library_paths as $path) { - $path = ($i % 2) ? APPPATH : BASEPATH; $filepath = $path.'libraries/'.$subdir.$class.EXT; - + // Does the file exist? No? Bummer... if ( ! file_exists($filepath)) { @@ -826,8 +847,9 @@ class CI_Loader { include_once($filepath); $this->_ci_loaded_files[] = $filepath; - return $this->_ci_init_class($class, '', $params, $object_name); + return $this->_ci_init_class($class, '', $params, $object_name); } + } // END FOREACH // One last attempt. Maybe the library is in a subdirectory, but it wasn't specified? @@ -859,7 +881,7 @@ class CI_Loader { */ function _ci_init_class($class, $prefix = '', $config = FALSE, $object_name = NULL) { - // Is there an associated config file for this class? + // Is there an associated config file for this class? Note: these should always be lowercase if ($config === NULL) { // We test for both uppercase and lowercase, for servers that @@ -971,7 +993,7 @@ class CI_Loader { // A little tweak to remain backward compatible // The $autoload['core'] item was deprecated - if ( ! isset($autoload['libraries'])) + if ( ! isset($autoload['libraries']) AND isset($autoload['core'])) { $autoload['libraries'] = $autoload['core']; } @@ -985,13 +1007,6 @@ class CI_Loader { $this->database(); $autoload['libraries'] = array_diff($autoload['libraries'], array('database')); } - - // Load scaffolding - if (in_array('scaffolding', $autoload['libraries'])) - { - $this->scaffolding(); - $autoload['libraries'] = array_diff($autoload['libraries'], array('scaffolding')); - } // Load all other libraries foreach ($autoload['libraries'] as $item) @@ -1027,20 +1042,10 @@ class CI_Loader { return; } - if ($this->_ci_is_instance()) + foreach($this->_ci_models as $model) { - $CI =& get_instance(); - foreach ($this->_ci_models as $model) - { - $CI->$model->_assign_libraries(); - } - } - else - { - foreach ($this->_ci_models as $model) - { - $this->$model->_assign_libraries(); - } + $model = $this->_ci_get_component($model); + $model->_assign_libraries(); } } @@ -1064,13 +1069,14 @@ class CI_Loader { /** * Determines whether we should use the CI instance or $this - * + * @PHP4 + * * @access private * @return bool */ function _ci_is_instance() { - if ($this->_ci_is_php5 == TRUE) + if (is_php('5.0.0') == TRUE) { return TRUE; } @@ -1078,6 +1084,56 @@ class CI_Loader { global $CI; return (is_object($CI)) ? TRUE : FALSE; } + + // -------------------------------------------------------------------- + + /** + * Get a reference to a specific library or model + * + * @access private + * @return bool + */ + function &_ci_get_component($component) + { + if ($this->_ci_is_instance()) + { + $CI =& get_instance(); + return $CI->$component; + } + else + { + return $this->$component; + } + } + + // -------------------------------------------------------------------- + + /** + * Prep filename + * + * This function preps the name of various items to make loading them more reliable. + * + * @access private + * @param mixed + * @return array + */ + function _ci_prep_filename($filename, $extension) + { + if ( ! is_array($filename)) + { + return array(strtolower(str_replace(EXT, '', str_replace($extension, '', $filename)).$extension)); + } + else + { + foreach ($filename as $key => $val) + { + $filename[$key] = strtolower(str_replace(EXT, '', str_replace($extension, '', $val)).$extension); + } + + return $filename; + } + } + } -- cgit v1.2.3-24-g4f1b From 8eae4d7a9a922763c64d282f5d46de240bba60d0 Mon Sep 17 00:00:00 2001 From: Derek Jones Date: Tue, 2 Mar 2010 13:47:19 -0600 Subject: class rename --- system/core/Model.php | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'system/core') diff --git a/system/core/Model.php b/system/core/Model.php index 541f966b6..16c4e7dd8 100644 --- a/system/core/Model.php +++ b/system/core/Model.php @@ -24,7 +24,7 @@ * @author ExpressionEngine Dev Team * @link http://codeigniter.com/user_guide/libraries/config.html */ -class Model { +class CI_Model { var $_parent_name = ''; @@ -33,7 +33,7 @@ class Model { * * @access public */ - function Model() + function CI_Model() { // If the magic __get() or __set() methods are used in a Model references can't be used. $this->_assign_libraries( (method_exists($this, '__get') OR method_exists($this, '__set')) ? FALSE : TRUE ); @@ -65,7 +65,8 @@ class Model { // problems so we'll conditionally use them if ($use_reference == TRUE) { - $this->$key = NULL; // Needed to prevent reference errors with some configurations + // Needed to prevent reference errors with some configurations + $this->$key = ''; $this->$key =& $CI->$key; } else -- cgit v1.2.3-24-g4f1b From 46520494d494aa9a3579c24c0e22bfbf31aa719e Mon Sep 17 00:00:00 2001 From: Derek Jones Date: Tue, 2 Mar 2010 13:53:25 -0600 Subject: changed set_status_header() default $code param to proper integer added ability to disable {elapsed_time} and {memory_usage} variables --- system/core/Output.php | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) (limited to 'system/core') diff --git a/system/core/Output.php b/system/core/Output.php index ea4b0e314..ad92accd6 100644 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -32,7 +32,7 @@ class CI_Output { var $cache_expiration = 0; var $headers = array(); var $enable_profiler = FALSE; - + var $parse_exec_vars = TRUE; // whether or not to parse variables like {elapsed_time} and {memory_usage} function CI_Output() { @@ -123,7 +123,7 @@ class CI_Output { * @param string * @return void */ - function set_status_header($code = '200', $text = '') + function set_status_header($code = 200, $text = '') { set_status_header($code, $text); } @@ -199,12 +199,16 @@ class CI_Output { // Parse out the elapsed time and memory usage, // then swap the pseudo-variables with the data - - $elapsed = $BM->elapsed_time('total_execution_time_start', 'total_execution_time_end'); - $output = str_replace('{elapsed_time}', $elapsed, $output); - $memory = ( ! function_exists('memory_get_usage')) ? '0' : round(memory_get_usage()/1024/1024, 2).'MB'; - $output = str_replace('{memory_usage}', $memory, $output); + $elapsed = $BM->elapsed_time('total_execution_time_start', 'total_execution_time_end'); + + if ($this->parse_exec_vars === TRUE) + { + $memory = ( ! function_exists('memory_get_usage')) ? '0' : round(memory_get_usage()/1024/1024, 2).'MB'; + + $output = str_replace('{elapsed_time}', $elapsed, $output); + $output = str_replace('{memory_usage}', $memory, $output); + } // -------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From c77384069446fb1eee1a0ccf4296d48497fb433c Mon Sep 17 00:00:00 2001 From: Derek Jones Date: Tue, 2 Mar 2010 13:55:13 -0600 Subject: Router class rewrite killed scaffolding abstracted _set_default_controller() added implementation for directory and controller trigger when query strings are enabled --- system/core/Router.php | 234 ++++++++++++++++++++++++++++++++----------------- 1 file changed, 153 insertions(+), 81 deletions(-) (limited to 'system/core') diff --git a/system/core/Router.php b/system/core/Router.php index 32c1c3820..b371d5241 100644 --- a/system/core/Router.php +++ b/system/core/Router.php @@ -34,9 +34,7 @@ class CI_Router { var $class = ''; var $method = 'index'; var $directory = ''; - var $uri_protocol = 'auto'; var $default_controller; - var $scaffolding_request = FALSE; // Must be set to FALSE /** * Constructor @@ -45,9 +43,8 @@ class CI_Router { */ function CI_Router() { - $this->config =& load_class('Config'); - $this->uri =& load_class('URI'); - $this->_set_routing(); + $this->config =& load_class('Config', 'core'); + $this->uri =& load_class('URI', 'core'); log_message('debug', "Router Class Initialized"); } @@ -63,63 +60,55 @@ class CI_Router { * @return void */ function _set_routing() - { - // Are query strings enabled in the config file? - // If so, we're done since segment based URIs are not used with query strings. + { + // Are query strings enabled in the config file? Normally CI doesn't utilize query strings + // since URI segments are more search-engine friendly, but they can optionally be used. + // If this feature is enabled, we will gather the directory/class/method a little differently + $segments = array(); if ($this->config->item('enable_query_strings') === TRUE AND isset($_GET[$this->config->item('controller_trigger')])) { - $this->set_class(trim($this->uri->_filter_uri($_GET[$this->config->item('controller_trigger')]))); - + if (isset($_GET[$this->config->item('directory_trigger')])) + { + $this->set_directory(trim($this->uri->_filter_uri($_GET[$this->config->item('directory_trigger')]))); + $segments[] = $this->fetch_directory(); + } + + if (isset($_GET[$this->config->item('controller_trigger')])) + { + $this->set_class(trim($this->uri->_filter_uri($_GET[$this->config->item('controller_trigger')]))); + $segments[] = $this->fetch_class(); + } + if (isset($_GET[$this->config->item('function_trigger')])) { $this->set_method(trim($this->uri->_filter_uri($_GET[$this->config->item('function_trigger')]))); + $segments[] = $this->fetch_method(); } - - return; } // Load the routes.php file. @include(APPPATH.'config/routes'.EXT); $this->routes = ( ! isset($route) OR ! is_array($route)) ? array() : $route; unset($route); - + // Set the default controller so we can display it in the event // the URI doesn't correlated to a valid controller. - $this->default_controller = ( ! isset($this->routes['default_controller']) OR $this->routes['default_controller'] == '') ? FALSE : strtolower($this->routes['default_controller']); + $this->default_controller = ( ! isset($this->routes['default_controller']) OR $this->routes['default_controller'] == '') ? FALSE : strtolower($this->routes['default_controller']); + + // Were there any query string segments? If so, we'll validate them and bail out since we're done. + if (count($segments) > 0) + { + return $this->_validate_request($segments); + } // Fetch the complete URI string $this->uri->_fetch_uri_string(); - + // Is there a URI string? If not, the default controller specified in the "routes" file will be shown. if ($this->uri->uri_string == '') { - if ($this->default_controller === FALSE) - { - show_error("Unable to determine what should be displayed. A default route has not been specified in the routing file."); - } - - if (strpos($this->default_controller, '/') !== FALSE) - { - $x = explode('/', $this->default_controller); - - $this->set_class(end($x)); - $this->set_method('index'); - $this->_set_request($x); - } - else - { - $this->set_class($this->default_controller); - $this->set_method('index'); - $this->_set_request(array($this->default_controller, 'index')); - } - - // re-index the routed segments array so it starts with 1 rather than 0 - $this->uri->_reindex_segments(); - - log_message('debug', "No URI present. Default controller set."); - return; + return $this->_set_default_controller(); } - unset($this->routes['default_controller']); // Do we need to remove the URL suffix? $this->uri->_remove_url_suffix(); @@ -133,6 +122,42 @@ class CI_Router { // Re-index the segment array so that it starts with 1 rather than 0 $this->uri->_reindex_segments(); } + + // -------------------------------------------------------------------- + + /** + * Set the default controller + * + * @access private + * @return void + */ + function _set_default_controller() + { + if ($this->default_controller === FALSE) + { + show_error("Unable to determine what should be displayed. A default route has not been specified in the routing file."); + } + // Is the method being specified? + if (strpos($this->default_controller, '/') !== FALSE) + { + $x = explode('/', $this->default_controller); + + $this->set_class($x[0]); + $this->set_method($x[1]); + $this->_set_request(array($x[0], $x[1])); + } + else + { + $this->set_class($this->default_controller); + $this->set_method('index'); + $this->_set_request(array($this->default_controller, 'index')); + } + + // re-index the routed segments array so it starts with 1 rather than 0 + $this->uri->_reindex_segments(); + + log_message('debug', "No URI present. Default controller set."); + } // -------------------------------------------------------------------- @@ -148,29 +173,20 @@ class CI_Router { * @return void */ function _set_request($segments = array()) - { + { $segments = $this->_validate_request($segments); if (count($segments) == 0) { - return; + return $this->_set_default_controller(); } $this->set_class($segments[0]); if (isset($segments[1])) { - // A scaffolding request. No funny business with the URL - if ($this->routes['scaffolding_trigger'] == $segments[1] AND $segments[1] != '_ci_scaffolding') - { - $this->scaffolding_request = TRUE; - unset($this->routes['scaffolding_trigger']); - } - else - { - // A standard method request - $this->set_method($segments[1]); - } + // A standard method request + $this->set_method($segments[1]); } else { @@ -197,15 +213,20 @@ class CI_Router { */ function _validate_request($segments) { + if (count($segments) == 0) + { + return $segments; + } + // Does the requested controller exist in the root folder? if (file_exists(APPPATH.'controllers/'.$segments[0].EXT)) { return $segments; } - + // Is the controller in a sub-folder? if (is_dir(APPPATH.'controllers/'.$segments[0])) - { + { // Set the directory and remove it from the segment array $this->set_directory($segments[0]); $segments = array_slice($segments, 1); @@ -215,13 +236,24 @@ class CI_Router { // Does the requested controller exist in the sub-folder? if ( ! file_exists(APPPATH.'controllers/'.$this->fetch_directory().$segments[0].EXT)) { - show_404($this->fetch_directory().$segments[0]); + show_404($this->fetch_directory().$segments[0]); } } else { - $this->set_class($this->default_controller); - $this->set_method('index'); + // Is the method being specified in the route? + if (strpos($this->default_controller, '/') !== FALSE) + { + $x = explode('/', $this->default_controller); + + $this->set_class($x[0]); + $this->set_method($x[1]); + } + else + { + $this->set_class($this->default_controller); + $this->set_method('index'); + } // Does the default controller exist in the sub-folder? if ( ! file_exists(APPPATH.'controllers/'.$this->fetch_directory().$this->default_controller.EXT)) @@ -231,16 +263,32 @@ class CI_Router { } } - + return $segments; } - - // Can't find the requested controller... - show_404($segments[0]); + + + // If we've gotten this far it means that the URI does not correlate to a valid + // controller class. We will now see if there is an override + if (isset($this->routes['404_override']) AND $this->routes['404_override'] != '') + { + if (strpos($this->routes['404_override'], '/') !== FALSE) + { + $x = explode('/', $this->routes['404_override']); + + $this->set_class($x[0]); + $this->set_method($x[1]); + + return $x; + } + } + + // Nothing else to do at this point but show a 404 + show_404($segments[0]); } - + // -------------------------------------------------------------------- - + /** * Parse Routes * @@ -253,22 +301,13 @@ class CI_Router { */ function _parse_routes() { - // Do we even have any custom routing to deal with? - // There is a default scaffolding trigger, so we'll look just for 1 - if (count($this->routes) == 1) - { - $this->_set_request($this->uri->segments); - return; - } - // Turn the segment array into a URI string $uri = implode('/', $this->uri->segments); - + // Is there a literal match? If so we're done if (isset($this->routes[$uri])) { - $this->_set_request(explode('/', $this->routes[$uri])); - return; + return $this->_set_request(explode('/', $this->routes[$uri])); } // Loop through the route array looking for wild-cards @@ -276,18 +315,17 @@ class CI_Router { { // Convert wild-cards to RegEx $key = str_replace(':any', '.+', str_replace(':num', '[0-9]+', $key)); - + // Does the RegEx match? if (preg_match('#^'.$key.'$#', $uri)) - { + { // Do we have a back-reference? if (strpos($val, '$') !== FALSE AND strpos($key, '(') !== FALSE) { $val = preg_replace('#^'.$key.'$#', $val, $uri); } - $this->_set_request(explode('/', $val)); - return; + return $this->_set_request(explode('/', $val)); } } @@ -366,7 +404,7 @@ class CI_Router { */ function set_directory($dir) { - $this->directory = $dir.'/'; + $this->directory = trim($dir, '/').'/'; } // -------------------------------------------------------------------- @@ -382,6 +420,40 @@ class CI_Router { return $this->directory; } + // -------------------------------------------------------------------- + + /** + * Set the controller overrides + * + * @access public + * @param array + * @return null + */ + function _set_overrides($routing) + { + if ( ! is_array($routing)) + { + return; + } + + if (isset($routing['directory'])) + { + $this->set_directory($routing['directory']); + } + + if (isset($routing['controller']) AND $routing['controller'] != '') + { + $this->set_class($routing['controller']); + } + + if (isset($routing['function'])) + { + $routing['function'] = ($routing['function'] == '') ? 'index' : $routing['function']; + $this->set_method($routing['function']); + } + } + + } // END Router Class -- cgit v1.2.3-24-g4f1b From 7576a3b6b7ed5658cabae96b3e64614f312d76d7 Mon Sep 17 00:00:00 2001 From: Derek Jones Date: Tue, 2 Mar 2010 14:00:36 -0600 Subject: change to use load_class() from core --- system/core/URI.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/URI.php b/system/core/URI.php index 77b814925..cffffc20d 100644 --- a/system/core/URI.php +++ b/system/core/URI.php @@ -44,7 +44,7 @@ class CI_URI { */ function CI_URI() { - $this->config =& load_class('Config'); + $this->config =& load_class('Config', 'core'); log_message('debug', "URI Class Initialized"); } -- cgit v1.2.3-24-g4f1b From 8dca04163a79701021043fcd3e267a5d965af993 Mon Sep 17 00:00:00 2001 From: Derek Jones Date: Fri, 5 Mar 2010 13:01:44 -0600 Subject: added Driver lib --- system/core/Loader.php | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) (limited to 'system/core') diff --git a/system/core/Loader.php b/system/core/Loader.php index f70ee0334..c399f296d 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -543,6 +543,29 @@ class CI_Loader { // -------------------------------------------------------------------- + /** + * Driver + * + * Loads a driver library + * + * @param string the name of the class + * @param mixed the optional parameters + * @param string an optional object name + * @return void + */ + function driver($library = '', $params = NULL, $object_name = NULL) + { + if ( ! class_exists('CI_Driver_Library')) + { + // we aren't instantiating an object here, that'll be done by the Library itself + require_once BASEPATH.'libraries/Driver'.EXT; + } + + return $this->library($library, $params, $object_name); + } + + // -------------------------------------------------------------------- + /** * Add Package Path * -- cgit v1.2.3-24-g4f1b From c64ca0128ab0cc015ed37d1833bd79ee63e35eba Mon Sep 17 00:00:00 2001 From: Derek Jones Date: Sun, 7 Mar 2010 07:55:56 -0600 Subject: fixed load_class() call in Hooks to get Config from core --- system/core/Hooks.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Hooks.php b/system/core/Hooks.php index 5e017ccb7..3b063f792 100644 --- a/system/core/Hooks.php +++ b/system/core/Hooks.php @@ -52,7 +52,7 @@ class CI_Hooks { */ function _initialize() { - $CFG =& load_class('Config'); + $CFG =& load_class('Config', 'core'); // If hooks are not enabled in the config file // there is nothing else to do -- cgit v1.2.3-24-g4f1b From d5e0cb5fe94fb7a89cc12842511481a3c3d37d8e Mon Sep 17 00:00:00 2001 From: Derek Jones Date: Tue, 9 Mar 2010 20:20:46 -0600 Subject: sped up Driver loading slightly by predicting subfolder location --- system/core/Loader.php | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Loader.php b/system/core/Loader.php index c399f296d..1726f0a53 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -558,7 +558,14 @@ class CI_Loader { if ( ! class_exists('CI_Driver_Library')) { // we aren't instantiating an object here, that'll be done by the Library itself - require_once BASEPATH.'libraries/Driver'.EXT; + require BASEPATH.'libraries/Driver'.EXT; + } + + // We can save the loader some time since Drivers will *always* be in a subfolder, + // and typically identically named to the library + if ( ! strpos($library, '/')) + { + $library = $library.'/'.$library; } return $this->library($library, $params, $object_name); -- cgit v1.2.3-24-g4f1b From c6da50384e06c60e242cb4442abb9c6c9b450674 Mon Sep 17 00:00:00 2001 From: Derek Jones Date: Tue, 9 Mar 2010 20:44:27 -0600 Subject: completely removed Plugins from CodeIgniter --- system/core/Loader.php | 67 +++----------------------------------------------- 1 file changed, 4 insertions(+), 63 deletions(-) (limited to 'system/core') diff --git a/system/core/Loader.php b/system/core/Loader.php index 1726f0a53..976823f81 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -41,7 +41,6 @@ class CI_Loader { var $_ci_loaded_files = array(); var $_ci_models = array(); var $_ci_helpers = array(); - var $_ci_plugins = array(); var $_ci_varmap = array('unit_test' => 'unit', 'user_agent' => 'agent'); @@ -445,64 +444,6 @@ class CI_Loader { // -------------------------------------------------------------------- - /** - * Load Plugin - * - * This function loads the specified plugin. - * - * @access public - * @param array - * @return void - */ - function plugin($plugins = array()) - { - foreach ($this->_ci_prep_filename($plugins, '_pi') as $plugin) - { - if (isset($this->_ci_plugins[$plugin])) - { - continue; - } - - if (file_exists(APPPATH.'plugins/'.$plugin.EXT)) - { - include_once(APPPATH.'plugins/'.$plugin.EXT); - } - else - { - if (file_exists(BASEPATH.'plugins/'.$plugin.EXT)) - { - include_once(BASEPATH.'plugins/'.$plugin.EXT); - } - else - { - show_error('Unable to load the requested file: plugins/'.$plugin.EXT); - } - } - - $this->_ci_plugins[$plugin] = TRUE; - log_message('debug', 'Plugin loaded: '.$plugin); - } - } - - // -------------------------------------------------------------------- - - /** - * Load Plugins - * - * This is simply an alias to the above function in case the - * user has written the plural form of this function. - * - * @access public - * @param array - * @return void - */ - function plugins($plugins = array()) - { - $this->plugin($plugins); - } - - // -------------------------------------------------------------------- - /** * Loads a language file * @@ -987,7 +928,7 @@ class CI_Loader { * Autoloader * * The config/autoload.php file contains an array that permits sub-systems, - * libraries, plugins, and helpers to be loaded automatically. + * libraries, and helpers to be loaded automatically. * * @access private * @param array @@ -1012,8 +953,8 @@ class CI_Loader { } } - // Autoload plugins, helpers and languages - foreach (array('helper', 'plugin', 'language') as $type) + // Autoload helpers and languages + foreach (array('helper', 'language') as $type) { if (isset($autoload[$type]) AND count($autoload[$type]) > 0) { @@ -1058,7 +999,7 @@ class CI_Loader { /** * Assign to Models * - * Makes sure that anything loaded by the loader class (libraries, plugins, etc.) + * Makes sure that anything loaded by the loader class (libraries, etc.) * will be available to models, if any exist. * * @access private -- cgit v1.2.3-24-g4f1b From ee71c80dd20bcfc60169af3eb1f628229ca30d67 Mon Sep 17 00:00:00 2001 From: Derek Jones Date: Wed, 10 Mar 2010 10:05:05 -0600 Subject: added ability to enable/disable individual sections of the Profiler --- system/core/Output.php | 28 +++++++++++++++++++++++++++- 1 file changed, 27 insertions(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Output.php b/system/core/Output.php index ad92accd6..0dcf2e46f 100644 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -34,6 +34,8 @@ class CI_Output { var $enable_profiler = FALSE; var $parse_exec_vars = TRUE; // whether or not to parse variables like {elapsed_time} and {memory_usage} + var $_profiler_sections = array(); + function CI_Output() { log_message('debug', "Output Class Initialized"); @@ -142,6 +144,25 @@ class CI_Output { $this->enable_profiler = (is_bool($val)) ? $val : TRUE; } + // -------------------------------------------------------------------- + + /** + * Set Profiler Sections + * + * Allows override of default / config settings for Profiler section display + * + * @access public + * @param array + * @return void + */ + function set_profiler_sections($sections) + { + foreach ($sections as $section => $enable) + { + $this->_profiler_sections[$section] = ($enable !== FALSE) ? TRUE : FALSE; + } + } + // -------------------------------------------------------------------- /** @@ -258,7 +279,12 @@ class CI_Output { if ($this->enable_profiler == TRUE) { $CI->load->library('profiler'); - + + if ( ! empty($this->_profiler_sections)) + { + $CI->profiler->set_sections($this->_profiler_sections); + } + // If the output data contains closing and tags // we will remove them and add them back after we insert the profile data if (preg_match("|.*?|is", $output)) -- cgit v1.2.3-24-g4f1b From 76b369e191f4432ceba51ba7d7993c4ea54579ae Mon Sep 17 00:00:00 2001 From: Robin Sowell Date: Fri, 19 Mar 2010 11:15:28 -0400 Subject: Changed a few strstr to strpos for consistency w performance guidelines and to mirror EE2. --- system/core/Input.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Input.php b/system/core/Input.php index 0760dc830..2eef82458 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -288,7 +288,7 @@ class CI_Input { return $this->ip_address; } - if (strstr($this->ip_address, ',')) + if (strpos($this->ip_address, ',') !== FALSE) { $x = explode(',', $this->ip_address); $this->ip_address = trim(end($x)); -- cgit v1.2.3-24-g4f1b From d99e603f47e10adc015d4b804352db71f0563062 Mon Sep 17 00:00:00 2001 From: Derek Jones Date: Fri, 19 Mar 2010 19:57:33 -0500 Subject: reordered logic in _display_cache() to eliminate a call to is_really_writable() on each page request unless it is_really_needed() --- system/core/Output.php | 20 +++++++++----------- 1 file changed, 9 insertions(+), 11 deletions(-) (limited to 'system/core') diff --git a/system/core/Output.php b/system/core/Output.php index 0dcf2e46f..ac4129405 100644 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -377,12 +377,7 @@ class CI_Output { function _display_cache(&$CFG, &$URI) { $cache_path = ($CFG->item('cache_path') == '') ? BASEPATH.'cache/' : $CFG->item('cache_path'); - - if ( ! is_dir($cache_path) OR ! is_really_writable($cache_path)) - { - return FALSE; - } - + // Build the file path. The file name is an MD5 hash of the full URI $uri = $CFG->item('base_url'). $CFG->item('index_page'). @@ -410,7 +405,7 @@ class CI_Output { flock($fp, LOCK_UN); fclose($fp); - + // Strip out the embedded timestamp if ( ! preg_match("/(\d+TS--->)/", $cache, $match)) { @@ -419,10 +414,13 @@ class CI_Output { // Has the file expired? If so we'll delete it. if (time() >= trim(str_replace('TS--->', '', $match['1']))) - { - @unlink($filepath); - log_message('debug', "Cache file has expired. File deleted"); - return FALSE; + { + if (is_really_writable($cache_path)) + { + @unlink($filepath); + log_message('debug', "Cache file has expired. File deleted"); + return FALSE; + } } // Display the cache -- cgit v1.2.3-24-g4f1b From 3140ad543e26a0aa4e6bc57a3a85ecdb3dfcf0d5 Mon Sep 17 00:00:00 2001 From: Phil Sturgeon Date: Fri, 12 Mar 2010 00:22:42 +0000 Subject: Will check for sub-classes in core or libraries (which the original file is in) instead of always looking in libraries. Makes more sense to have them in the same folder wether in system or application. --- system/core/Common.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'system/core') diff --git a/system/core/Common.php b/system/core/Common.php index 47293a11b..6e2f72509 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -142,13 +142,13 @@ } // Is the request a class extension? If so we load it too - if (file_exists(APPPATH.'libraries/'.config_item('subclass_prefix').$class.EXT)) + if (file_exists(APPPATH.$directory.'/'.config_item('subclass_prefix').$class.EXT)) { $name = config_item('subclass_prefix').$class; if (class_exists($name) === FALSE) { - require(APPPATH.'libraries/'.config_item('subclass_prefix').$class.EXT); + require(APPPATH.$directory.'/'.config_item('subclass_prefix').$class.EXT); } } -- cgit v1.2.3-24-g4f1b From fa281354b37feead98ab71cc4e6d68f9748a7b6c Mon Sep 17 00:00:00 2001 From: Greg Aker Date: Mon, 22 Mar 2010 14:41:27 -0500 Subject: Fix #10 , extending the CodeIgniter controller with MY_Controller will lead to a fatal PHP error. --- system/core/CodeIgniter.php | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'system/core') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index 488f9f3ce..295917c92 100644 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -224,6 +224,11 @@ // Load the base controller class require BASEPATH.'core/Controller'.EXT; + if (file_exists(APPPATH.'core/'.$CFG->config['subclass_prefix'].'Controller'.EXT)) + { + require APPPATH.'core/'.$CFG->config['subclass_prefix'].'Controller'.EXT; + } + // Load the local application controller // Note: The Router class automatically validates the controller path using the router->_validate_request(). // If this include fails it means that the default controller in the Routes.php file is not resolving to something valid. -- cgit v1.2.3-24-g4f1b From 6c1294b5c3c98e26eaa6cb5eaa83dd3921a30348 Mon Sep 17 00:00:00 2001 From: Derek Jones Date: Thu, 25 Mar 2010 10:32:22 -0500 Subject: code comment typo --- system/core/Controller.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Controller.php b/system/core/Controller.php index 2e44500a6..92f7f17f1 100644 --- a/system/core/Controller.php +++ b/system/core/Controller.php @@ -75,7 +75,7 @@ class Controller extends CI_Base { } } -// END _Controller class +// END Controller class /* End of file Controller.php */ /* Location: ./system/core/Controller.php */ \ No newline at end of file -- cgit v1.2.3-24-g4f1b From d25e66a1824a70c5a2ebfae69b759c3b8a2d02a6 Mon Sep 17 00:00:00 2001 From: Greg Aker Date: Sun, 28 Mar 2010 01:07:09 -0500 Subject: Change in the loader and driver docs to force ucfirst() on driver directory names to ensure compatibility on case sensitive file systems. --- system/core/Loader.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Loader.php b/system/core/Loader.php index 976823f81..292fdc955 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -506,7 +506,7 @@ class CI_Loader { // and typically identically named to the library if ( ! strpos($library, '/')) { - $library = $library.'/'.$library; + $library = ucfirst($library).'/'.$library; } return $this->library($library, $params, $object_name); -- cgit v1.2.3-24-g4f1b From 676e1cda78b7bc4eede7cad509a8d9f015a51816 Mon Sep 17 00:00:00 2001 From: Pascal Kriete Date: Fri, 9 Apr 2010 21:16:16 +0200 Subject: Adding output library exceptions for servers with zlib.output_compression enabled. --- system/core/Output.php | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Output.php b/system/core/Output.php index ac4129405..e25e62197 100644 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -34,10 +34,13 @@ class CI_Output { var $enable_profiler = FALSE; var $parse_exec_vars = TRUE; // whether or not to parse variables like {elapsed_time} and {memory_usage} + var $_zlib_oc = FALSE; var $_profiler_sections = array(); function CI_Output() { + $this->_zlib_oc = @ini_get('zlib.output_compression'); + log_message('debug', "Output Class Initialized"); } @@ -111,6 +114,16 @@ class CI_Output { */ function set_header($header, $replace = TRUE) { + // If zlib.output_compression is enabled it will compress the output, + // but it will not modify the content-length header to compensate for + // the reduction, causing the browser to hang waiting for more data. + // We'll just skip content-length in those cases. + + if ($this->_zlib_oc && strncasecmp($header, 'content-length', 14) == 0) + { + return; + } + $this->headers[] = array($header, $replace); } @@ -234,7 +247,7 @@ class CI_Output { // -------------------------------------------------------------------- // Is compression requested? - if ($CFG->item('compress_output') === TRUE) + if ($CFG->item('compress_output') === TRUE && $this->_zlib_oc == FALSE) { if (extension_loaded('zlib')) { -- cgit v1.2.3-24-g4f1b From 757dda61aa0556aca8172dc2a8175596afe28ce2 Mon Sep 17 00:00:00 2001 From: Greg Aker Date: Wed, 14 Apr 2010 19:06:19 -0500 Subject: Fixing a bug where odbc/mssql/oci8 db drivers would encounter a PHP error due to a function being moved from the input to security class. Moving remove_invisible_characters() to Common.php so the entire class does not need to be instantiated in those database drivers. --- system/core/Common.php | 37 +++++++++++++++++++++++++++++++++++++ 1 file changed, 37 insertions(+) (limited to 'system/core') diff --git a/system/core/Common.php b/system/core/Common.php index 6e2f72509..9dee591e6 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -479,6 +479,43 @@ $_error->log_exception($severity, $message, $filepath, $line); } + // -------------------------------------------------------------------- + + /** + * Remove Invisible Characters + * + * This prevents sandwiching null characters + * between ascii characters, like Java\0script. + * + * @access public + * @param string + * @return string + */ + function remove_invisible_characters($str) + { + static $non_displayables; + + if ( ! isset($non_displayables)) + { + // every control character except newline (dec 10), carriage return (dec 13), and horizontal tab (dec 09), + $non_displayables = array( + '/%0[0-8bcef]/', // url encoded 00-08, 11, 12, 14, 15 + '/%1[0-9a-f]/', // url encoded 16-31 + '/[\x00-\x08]/', // 00-08 + '/\x0b/', '/\x0c/', // 11, 12 + '/[\x0e-\x1f]/' // 14-31 + ); + } + + do + { + $cleaned = $str; + $str = preg_replace($non_displayables, '', $str); + } + while ($cleaned != $str); + + return $str; + } /* End of file Common.php */ -- cgit v1.2.3-24-g4f1b From 78a1cf24831e067aae04531718a167e8ec144fda Mon Sep 17 00:00:00 2001 From: Roger Simms Date: Sun, 25 Apr 2010 12:50:53 +0100 Subject: Simple change to comment line 21: the=>that. --- system/core/Controller.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Controller.php b/system/core/Controller.php index 92f7f17f1..c9d797ca2 100644 --- a/system/core/Controller.php +++ b/system/core/Controller.php @@ -18,7 +18,7 @@ /** * CodeIgniter Application Controller Class * - * This class object is the super class the every library in + * This class object is the super class that every library in * CodeIgniter will be assigned to. * * @package CodeIgniter -- cgit v1.2.3-24-g4f1b From 2ddc9496e9403a59a87b644d1c2b9a106b773e46 Mon Sep 17 00:00:00 2001 From: Derek Allard Date: Thu, 5 Aug 2010 10:08:33 -0400 Subject: Added an optional second parameter to show_404() to disable logging. --- system/core/Common.php | 4 ++-- system/core/Exceptions.php | 9 +++++++-- 2 files changed, 9 insertions(+), 4 deletions(-) (limited to 'system/core') diff --git a/system/core/Common.php b/system/core/Common.php index 9dee591e6..2b8ad26b1 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -317,10 +317,10 @@ * @access public * @return void */ - function show_404($page = '') + function show_404($page = '', $log_error = TRUE) { $_error =& load_class('Exceptions', 'core'); - $_error->show_404($page); + $_error->show_404($page, $log_error); exit; } diff --git a/system/core/Exceptions.php b/system/core/Exceptions.php index 503015dfd..419ea2b61 100644 --- a/system/core/Exceptions.php +++ b/system/core/Exceptions.php @@ -88,12 +88,17 @@ class CI_Exceptions { * @param string * @return string */ - function show_404($page = '') + function show_404($page = '', $log_error = TRUE) { $heading = "404 Page Not Found"; $message = "The page you requested was not found."; - log_message('error', '404 Page Not Found --> '.$page); + // By default we log this, but allow a dev to skip it + if ($log_error) + { + log_message('error', '404 Page Not Found --> '.$page); + } + echo $this->show_error($heading, $message, 'error_404', 404); exit; } -- cgit v1.2.3-24-g4f1b From a7f5a94d9ecc371a1ee9fb3b5ffe4bfdd90b5e2d Mon Sep 17 00:00:00 2001 From: Greg Aker Date: Tue, 14 Sep 2010 17:20:53 -0500 Subject: Added a log message in core/output if the cache directory config value was not found. --- system/core/Output.php | 1 + 1 file changed, 1 insertion(+) (limited to 'system/core') diff --git a/system/core/Output.php b/system/core/Output.php index e25e62197..7d3e2e180 100644 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -346,6 +346,7 @@ class CI_Output { if ( ! is_dir($cache_path) OR ! is_really_writable($cache_path)) { + log_message('error', "Unable to write cache file: ".$cache_path); return; } -- cgit v1.2.3-24-g4f1b From d76334998db618d4633886bbcecc84658b50ab23 Mon Sep 17 00:00:00 2001 From: Derek Jones Date: Tue, 28 Sep 2010 13:14:57 -0500 Subject: fixed a bug where the Output class would send incorrect cached data for controllers implementing their own _output() methods --- system/core/Output.php | 21 +++++++++++++-------- 1 file changed, 13 insertions(+), 8 deletions(-) (limited to 'system/core') diff --git a/system/core/Output.php b/system/core/Output.php index 7d3e2e180..ad9ffbabe 100644 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -212,7 +212,13 @@ class CI_Output { // since this function is sometimes called by the caching mechanism, // which happens before the CI super object is available. global $BM, $CFG; - + + // Grab the super object if we can. + if (function_exists('get_instance')) + { + $CI =& get_instance(); + } + // -------------------------------------------------------------------- // Set the output data @@ -223,8 +229,10 @@ class CI_Output { // -------------------------------------------------------------------- - // Do we need to write a cache file? - if ($this->cache_expiration > 0) + // Do we need to write a cache file? Only if the controller does not have its + // own _output() method and we are not dealing with a cache file, which we + // can determine by the existence of the $CI object above + if ($this->cache_expiration > 0 && isset($CI) && ! method_exists($CI, '_output')) { $this->_write_cache($output); } @@ -271,10 +279,10 @@ class CI_Output { // -------------------------------------------------------------------- - // Does the get_instance() function exist? + // Does the $CI object exist? // If not we know we are dealing with a cache file so we'll // simply echo out the data and exit. - if ( ! function_exists('get_instance')) + if ( ! isset($CI)) { echo $output; log_message('debug', "Final output sent to browser"); @@ -283,9 +291,6 @@ class CI_Output { } // -------------------------------------------------------------------- - - // Grab the super object. We'll need it in a moment... - $CI =& get_instance(); // Do we need to generate profile data? // If so, load the Profile class and run it. -- cgit v1.2.3-24-g4f1b From dd6719738936be31cdaa1758ca86d5eb14dcab3d Mon Sep 17 00:00:00 2001 From: Barry Mieny Date: Mon, 4 Oct 2010 16:33:58 +0200 Subject: Cleanup of stray spaces and tabs --- system/core/Base4.php | 8 +- system/core/Base5.php | 2 +- system/core/Benchmark.php | 4 +- system/core/CodeIgniter.php | 64 +++++----- system/core/Common.php | 70 +++++------ system/core/Compat.php | 10 +- system/core/Config.php | 48 +++---- system/core/Controller.php | 16 +-- system/core/Exceptions.php | 26 ++-- system/core/Hooks.php | 16 +-- system/core/Input.php | 8 +- system/core/Lang.php | 2 +- system/core/Loader.php | 298 ++++++++++++++++++++++---------------------- system/core/Model.php | 14 +-- system/core/Output.php | 142 ++++++++++----------- system/core/Router.php | 156 +++++++++++------------ system/core/URI.php | 6 +- system/core/Unicode.php | 28 ++--- 18 files changed, 459 insertions(+), 459 deletions(-) (limited to 'system/core') diff --git a/system/core/Base4.php b/system/core/Base4.php index bd0434158..ef7838d69 100644 --- a/system/core/Base4.php +++ b/system/core/Base4.php @@ -32,7 +32,7 @@ * Since PHP 5 doesn't suffer from this problem so we load one of * two files based on the version of PHP being run. * @PHP4 - * + * * @package CodeIgniter * @subpackage codeigniter * @category front-controller @@ -46,7 +46,7 @@ // This allows syntax like $this->load->foo() to work parent::CI_Loader(); $this->load =& $this; - + // This allows resources used within controller constructors to work global $OBJ; $OBJ = $this->load; // Do NOT use a reference. @@ -56,12 +56,12 @@ function &get_instance() { global $CI, $OBJ; - + if (is_object($CI)) { return $CI; } - + return $OBJ->load; } diff --git a/system/core/Base5.php b/system/core/Base5.php index 6f2fbdab0..ac6c7f020 100644 --- a/system/core/Base5.php +++ b/system/core/Base5.php @@ -23,7 +23,7 @@ * run under PHP 5. It allows us to manage the CI super object more * gracefully than what is possible with PHP 4. * @PHP4 (no need for separate Bases after PHP 4 is gone) - * + * * @package CodeIgniter * @subpackage codeigniter * @category front-controller diff --git a/system/core/Benchmark.php b/system/core/Benchmark.php index 1149b7a76..80933f424 100644 --- a/system/core/Benchmark.php +++ b/system/core/Benchmark.php @@ -80,13 +80,13 @@ class CI_Benchmark { { $this->marker[$point2] = microtime(); } - + list($sm, $ss) = explode(' ', $this->marker[$point1]); list($em, $es) = explode(' ', $this->marker[$point2]); return number_format(($em + $es) - ($sm + $ss), $decimals); } - + // -------------------------------------------------------------------- /** diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index 295917c92..f67bb8c10 100644 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -61,10 +61,10 @@ * ------------------------------------------------------ */ set_error_handler('_exception_handler'); - + if ( ! is_php('5.3')) { - @set_magic_quotes_runtime(0); // Kill magic quotes + @set_magic_quotes_runtime(0); // Kill magic quotes } // Set a liberal script execution time limit @@ -78,18 +78,18 @@ * Set the subclass_prefix * ------------------------------------------------------ * - * Normally the "subclass_prefix" is set in the config file. - * The subclass prefix allows CI to know if a core class is + * Normally the "subclass_prefix" is set in the config file. + * The subclass prefix allows CI to know if a core class is * being extended via a library in the local application - * "libraries" folder. Since CI allows config items to be - * overriden via data set in the main index. php file, - * before proceeding we need to know if a subclass_prefix + * "libraries" folder. Since CI allows config items to be + * overriden via data set in the main index. php file, + * before proceeding we need to know if a subclass_prefix * override exists. If so, we will set this value now, * before any classes are loaded - * Note: Since the config file data is cached it doesn't + * Note: Since the config file data is cached it doesn't * hurt to load it here. */ - if (isset($assign_to_config['subclass_prefix']) AND $assign_to_config['subclass_prefix'] != '') + if (isset($assign_to_config['subclass_prefix']) AND $assign_to_config['subclass_prefix'] != '') { get_config(array('subclass_prefix' => $assign_to_config['subclass_prefix'])); } @@ -121,12 +121,12 @@ * ------------------------------------------------------ * Instantiate the config class * ------------------------------------------------------ - */ + */ $CFG =& load_class('Config', 'core'); // Do we have any manually set config items in the index.php file? if (isset($assign_to_config)) - { + { $CFG->_assign_to_config($assign_to_config); } @@ -134,16 +134,16 @@ * ------------------------------------------------------ * Instantiate the Unicode class * ------------------------------------------------------ - * + * * Note: Order here is rather important as the Unicode * class needs to be used very early on, but it cannot - * properly determine if UTf-8 can be supported until + * properly determine if UTf-8 can be supported until * after the Config class is instantiated. - * + * */ $UNI =& load_class('Unicode', 'core'); - + /* * ------------------------------------------------------ * Instantiate the URI class @@ -155,10 +155,10 @@ * ------------------------------------------------------ * Instantiate the routing class and set the routing * ------------------------------------------------------ - */ + */ $RTR =& load_class('Router', 'core'); $RTR->_set_routing(); - + // Set any routing overrides that may exist in the main index file if (isset($routing)) { @@ -190,7 +190,7 @@ * Load the Input class and sanitize globals * ------------------------------------------------------ */ - $IN =& load_class('Input', 'core'); + $IN =& load_class('Input', 'core'); /* * ------------------------------------------------------ @@ -208,9 +208,9 @@ * conditionally load different versions of the base * class. Retaining PHP 4 compatibility requires a bit of a hack. * @PHP4 - * + * */ - if (is_php('5.0.0') == TRUE) + if (is_php('5.0.0') == TRUE) { require(BASEPATH.'core/Base5'.EXT); } @@ -220,25 +220,25 @@ load_class('Loader', 'core'); require(BASEPATH.'core/Base4'.EXT); } - + // Load the base controller class require BASEPATH.'core/Controller'.EXT; - + if (file_exists(APPPATH.'core/'.$CFG->config['subclass_prefix'].'Controller'.EXT)) { require APPPATH.'core/'.$CFG->config['subclass_prefix'].'Controller'.EXT; } - + // Load the local application controller - // Note: The Router class automatically validates the controller path using the router->_validate_request(). + // Note: The Router class automatically validates the controller path using the router->_validate_request(). // If this include fails it means that the default controller in the Routes.php file is not resolving to something valid. if ( ! file_exists(APPPATH.'controllers/'.$RTR->fetch_directory().$RTR->fetch_class().EXT)) { show_error('Unable to load your default controller. Please make sure the controller specified in your Routes.php file is valid.'); } - + include(APPPATH.'controllers/'.$RTR->fetch_directory().$RTR->fetch_class().EXT); - + // Set a mark point for benchmarking $BM->mark('loading_time:_base_classes_end'); @@ -253,7 +253,7 @@ */ $class = $RTR->fetch_class(); $method = $RTR->fetch_method(); - + if ( ! class_exists($class) OR $method == 'controller' OR strncmp($method, '_', 1) == 0 @@ -277,7 +277,7 @@ */ // Mark a start point so we can benchmark the controller $BM->mark('controller_execution_time_( '.$class.' / '.$method.' )_start'); - + $CI = new $class(); /* @@ -307,11 +307,11 @@ } // Call the requested method. - // Any URI segments present (besides the class/function) will be passed to the method for convenience - call_user_func_array(array(&$CI, $method), array_slice($URI->rsegments, 2)); + // Any URI segments present (besides the class/function) will be passed to the method for convenience + call_user_func_array(array(&$CI, $method), array_slice($URI->rsegments, 2)); } - + // Mark a benchmark end point $BM->mark('controller_execution_time_( '.$class.' / '.$method.' )_end'); @@ -331,7 +331,7 @@ { $OUT->_display(); } - + /* * ------------------------------------------------------ * Is there a "post_system" hook? diff --git a/system/core/Common.php b/system/core/Common.php index 2b8ad26b1..90ba7c963 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -43,7 +43,7 @@ { static $_is_php; $version = (string)$version; - + if ( ! isset($_is_php[$version])) { $_is_php[$version] = (version_compare(PHP_VERSION, $version) < 0) ? FALSE : TRUE; @@ -57,13 +57,13 @@ /** * Tests for file writability * - * is_writable() returns TRUE on Windows servers when you really can't write to + * is_writable() returns TRUE on Windows servers when you really can't write to * the file, based on the read-only attribute. is_writable() is also unreliable * on Unix servers if safe_mode is on. * * @access private * @return void - */ + */ function is_really_writable($file) { // If we're on a Unix server with safe_mode off we call is_writable @@ -115,7 +115,7 @@ function &load_class($class, $directory = 'libraries', $prefix = 'CI_') { static $_classes = array(); - + // Does the class exist? If so, we're done... if (isset($_classes[$class])) { @@ -127,25 +127,25 @@ // Look for the class first in the native system/libraries folder // thenin the local application/libraries folder foreach (array(BASEPATH, APPPATH) as $path) - { + { if (file_exists($path.$directory.'/'.$class.EXT)) { $name = $prefix.$class; - + if (class_exists($name) === FALSE) { require($path.$directory.'/'.$class.EXT); } - + break; } } // Is the request a class extension? If so we load it too if (file_exists(APPPATH.$directory.'/'.config_item('subclass_prefix').$class.EXT)) - { + { $name = config_item('subclass_prefix').$class; - + if (class_exists($name) === FALSE) { require(APPPATH.$directory.'/'.config_item('subclass_prefix').$class.EXT); @@ -155,8 +155,8 @@ // Did we find the class? if ($name === FALSE) { - // Note: We use exit() rather then show_error() in order to avoid a - // self-referencing loop with the Excptions class + // Note: We use exit() rather then show_error() in order to avoid a + // self-referencing loop with the Excptions class exit('Unable to locate the specified class: '.$class.EXT); } @@ -176,7 +176,7 @@ * Required to retain PHP 4 compatibility and also not make PHP 5.3 cry. * * Use: $obj =& instantiate_class(new Foo()); - * + * * @access public * @param object * @return object @@ -221,11 +221,11 @@ function &get_config($replace = array()) { static $_config; - + if (isset($_config)) { return $_config[0]; - } + } // Fetch the config file if ( ! file_exists(APPPATH.'config/config'.EXT)) @@ -254,7 +254,7 @@ } } } - + return $_config[0] =& $config; } @@ -269,18 +269,18 @@ function config_item($item) { static $_config_item = array(); - + if ( ! isset($_config_item[$item])) { $config =& get_config(); - + if ( ! isset($config[$item])) { return FALSE; } $_config_item[$item] = $config[$item]; } - + return $_config_item[$item]; } @@ -343,7 +343,7 @@ { return; } - + $_log =& load_class('Log'); $_log->write_log($level, $message, $php_error); } @@ -354,10 +354,10 @@ * Set HTTP Status Header * * @access public - * @param int the status code - * @param string + * @param int the status code + * @param string * @return void - */ + */ function set_status_header($code = 200, $text = '') { $stati = array( @@ -408,15 +408,15 @@ } if (isset($stati[$code]) AND $text == '') - { + { $text = $stati[$code]; } - + if ($text == '') { show_error('No status text available. Please check your status code number or supply your own message text.', 500); } - + $server_protocol = (isset($_SERVER['SERVER_PROTOCOL'])) ? $_SERVER['SERVER_PROTOCOL'] : FALSE; if (substr(php_sapi_name(), 0, 3) == 'cgi') @@ -432,7 +432,7 @@ header("HTTP/1.1 {$code} {$text}", TRUE, $code); } } - + // -------------------------------------------------------------------- /** @@ -450,20 +450,20 @@ * @return void */ function _exception_handler($severity, $message, $filepath, $line) - { + { // We don't bother with "strict" notices since they tend to fill up // the log file with excess information that isn't normally very helpful. - // For example, if you are running PHP 5 and you use version 4 style - // class functions (without prefixes like "public", "private", etc.) + // For example, if you are running PHP 5 and you use version 4 style + // class functions (without prefixes like "public", "private", etc.) // you'll get notices telling you that these have been deprecated. if ($severity == E_STRICT) { return; } - + $_error =& load_class('Exceptions', 'core'); - - // Should we display the error? We'll get the current error_reporting + + // Should we display the error? We'll get the current error_reporting // level and add its bits with the severity bits to find out. if (($severity & error_reporting()) == $severity) { @@ -475,12 +475,12 @@ { return; } - + $_error->log_exception($severity, $message, $filepath, $line); } // -------------------------------------------------------------------- - + /** * Remove Invisible Characters * @@ -494,7 +494,7 @@ function remove_invisible_characters($str) { static $non_displayables; - + if ( ! isset($non_displayables)) { // every control character except newline (dec 10), carriage return (dec 13), and horizontal tab (dec 09), diff --git a/system/core/Compat.php b/system/core/Compat.php index 088d5815a..bd11b9836 100644 --- a/system/core/Compat.php +++ b/system/core/Compat.php @@ -32,7 +32,7 @@ /* * PHP versions prior to 5.0 don't support the E_STRICT constant - * so we need to explicitly define it otherwise the Exception class + * so we need to explicitly define it otherwise the Exception class * will generate errors when running under PHP 4 * @PHP4 * @@ -61,9 +61,9 @@ if ( ! function_exists('ctype_digit')) { return FALSE; } - + return ! preg_match('/[^0-9]/', $str); - } + } } // -------------------------------------------------------------------- @@ -87,9 +87,9 @@ if ( ! function_exists('ctype_alnum')) { return FALSE; } - + return ! preg_match('/[^0-9a-z]/i', $str); - } + } } // -------------------------------------------------------------------- diff --git a/system/core/Config.php b/system/core/Config.php index 7e0443c1f..24503ab5d 100644 --- a/system/core/Config.php +++ b/system/core/Config.php @@ -45,10 +45,10 @@ class CI_Config { */ function CI_Config() { - $this->config =& get_config(); + $this->config =& get_config(); log_message('debug', "Config Class Initialized"); } - + // -------------------------------------------------------------------- /** @@ -57,16 +57,16 @@ class CI_Config { * @access public * @param string the config file name * @return boolean if the file was loaded correctly - */ + */ function load($file = '', $use_sections = FALSE, $fail_gracefully = FALSE) { $file = ($file == '') ? 'config' : str_replace(EXT, '', $file); $loaded = FALSE; - + foreach($this->_config_paths as $path) { $file_path = $path.'config/'.$file.EXT; - + if (in_array($file_path, $this->is_loaded, TRUE)) { $loaded = TRUE; @@ -77,7 +77,7 @@ class CI_Config { { continue; } - + include($file_path); if ( ! isset($config) OR ! is_array($config)) @@ -88,7 +88,7 @@ class CI_Config { } show_error('Your '.$file_path.' file does not appear to contain a valid configuration array.'); } - + if ($use_sections === TRUE) { if (isset($this->config[$file])) @@ -104,14 +104,14 @@ class CI_Config { { $this->config = array_merge($this->config, $config); } - + $this->is_loaded[] = $file_path; unset($config); - + $loaded = TRUE; log_message('debug', 'Config file loaded: '.$file_path); } - + if ($loaded === FALSE) { if ($fail_gracefully === TRUE) @@ -123,7 +123,7 @@ class CI_Config { return TRUE; } - + // -------------------------------------------------------------------- /** @@ -137,9 +137,9 @@ class CI_Config { * @return string */ function item($item, $index = '') - { + { if ($index == '') - { + { if ( ! isset($this->config[$item])) { return FALSE; @@ -164,8 +164,8 @@ class CI_Config { return $pref; } - - // -------------------------------------------------------------------- + + // -------------------------------------------------------------------- /** * Fetch a config file item - adds slash after item @@ -188,13 +188,13 @@ class CI_Config { $pref = $this->config[$item]; if ($pref != '' && substr($pref, -1) != '/') - { + { $pref .= '/'; } return $pref; } - + // -------------------------------------------------------------------- /** @@ -224,9 +224,9 @@ class CI_Config { { $uri = implode('/', $uri); } - + $suffix = ($this->item('url_suffix') == FALSE) ? '' : $this->item('url_suffix'); - return $this->slash_item('base_url').$this->slash_item('index_page').trim($uri, '/').$suffix; + return $this->slash_item('base_url').$this->slash_item('index_page').trim($uri, '/').$suffix; } else { @@ -254,7 +254,7 @@ class CI_Config { } } } - + // -------------------------------------------------------------------- /** @@ -268,7 +268,7 @@ class CI_Config { $x = explode("/", preg_replace("|/*(.+?)/*$|", "\\1", BASEPATH)); return $this->slash_item('base_url').end($x).'/'; } - + // -------------------------------------------------------------------- /** @@ -283,7 +283,7 @@ class CI_Config { { $this->config[$item] = $value; } - + // -------------------------------------------------------------------- /** @@ -296,7 +296,7 @@ class CI_Config { * @access private * @param array * @return void - */ + */ function _assign_to_config($items = array()) { if (is_array($items)) @@ -305,7 +305,7 @@ class CI_Config { { $this->set_item($key, $val); } - } + } } } diff --git a/system/core/Controller.php b/system/core/Controller.php index c9d797ca2..9bd9912dc 100644 --- a/system/core/Controller.php +++ b/system/core/Controller.php @@ -28,18 +28,18 @@ * @link http://codeigniter.com/user_guide/general/controllers.html */ class Controller extends CI_Base { - + /** * Constructor * * Calls the initialize() function */ function Controller() - { + { parent::CI_Base(); // Assign all the class objects that were instantiated by the - // bootstrap file (CodeIgniter.php) to local class variables + // bootstrap file (CodeIgniter.php) to local class variables // so that CI can run as one big super object. foreach (is_loaded() as $var => $class) { @@ -48,18 +48,18 @@ class Controller extends CI_Base { // In PHP 5 the Loader class is run as a discreet // class. In PHP 4 it extends the Controller @PHP4 - if (is_php('5.0.0') == TRUE) + if (is_php('5.0.0') == TRUE) { $this->load =& load_class('Loader', 'core'); - + $this->load->_base_classes =& is_loaded(); - + $this->load->_ci_autoloader(); } else { $this->_ci_autoloader(); - + // sync up the objects since PHP4 was working from a copy foreach (array_keys(get_object_vars($this)) as $attribute) { @@ -71,7 +71,7 @@ class Controller extends CI_Base { } log_message('debug', "Controller Class Initialized"); - + } } diff --git a/system/core/Exceptions.php b/system/core/Exceptions.php index 419ea2b61..108861de7 100644 --- a/system/core/Exceptions.php +++ b/system/core/Exceptions.php @@ -51,13 +51,13 @@ class CI_Exceptions { /** * Constructor * - */ + */ function CI_Exceptions() { $this->ob_level = ob_get_level(); // Note: Do not log messages from this constructor. } - + // -------------------------------------------------------------------- /** @@ -73,9 +73,9 @@ class CI_Exceptions { * @return string */ function log_exception($severity, $message, $filepath, $line) - { + { $severity = ( ! isset($this->levels[$severity])) ? $severity : $this->levels[$severity]; - + log_message('error', 'Severity: '.$severity.' --> '.$message. ' '.$filepath.' '.$line, TRUE); } @@ -89,7 +89,7 @@ class CI_Exceptions { * @return string */ function show_404($page = '', $log_error = TRUE) - { + { $heading = "404 Page Not Found"; $message = "The page you requested was not found."; @@ -102,7 +102,7 @@ class CI_Exceptions { echo $this->show_error($heading, $message, 'error_404', 404); exit; } - + // -------------------------------------------------------------------- /** @@ -121,12 +121,12 @@ class CI_Exceptions { function show_error($heading, $message, $template = 'error_general', $status_code = 500) { set_status_header($status_code); - + $message = '

'.implode('

', ( ! is_array($message)) ? array($message) : $message).'

'; if (ob_get_level() > $this->ob_level + 1) { - ob_end_flush(); + ob_end_flush(); } ob_start(); include(APPPATH.'errors/'.$template.EXT); @@ -148,21 +148,21 @@ class CI_Exceptions { * @return string */ function show_php_error($severity, $message, $filepath, $line) - { + { $severity = ( ! isset($this->levels[$severity])) ? $severity : $this->levels[$severity]; - + $filepath = str_replace("\\", "/", $filepath); - + // For safety reasons we do not show the full file path if (FALSE !== strpos($filepath, '/')) { $x = explode('/', $filepath); $filepath = $x[count($x)-2].'/'.end($x); } - + if (ob_get_level() > $this->ob_level + 1) { - ob_end_flush(); + ob_end_flush(); } ob_start(); include(APPPATH.'errors/error_php'.EXT); diff --git a/system/core/Hooks.php b/system/core/Hooks.php index 3b063f792..9026a5eb6 100644 --- a/system/core/Hooks.php +++ b/system/core/Hooks.php @@ -28,8 +28,8 @@ */ class CI_Hooks { - var $enabled = FALSE; - var $hooks = array(); + var $enabled = FALSE; + var $hooks = array(); var $in_progress = FALSE; /** @@ -41,7 +41,7 @@ class CI_Hooks { $this->_initialize(); log_message('debug', "Hooks Class Initialized"); } - + // -------------------------------------------------------------------- /** @@ -49,9 +49,9 @@ class CI_Hooks { * * @access private * @return void - */ - function _initialize() - { + */ + function _initialize() + { $CFG =& load_class('Config', 'core'); // If hooks are not enabled in the config file @@ -74,8 +74,8 @@ class CI_Hooks { $this->hooks =& $hook; $this->enabled = TRUE; - } - + } + // -------------------------------------------------------------------- /** diff --git a/system/core/Input.php b/system/core/Input.php index 2eef82458..df3be207c 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -257,7 +257,7 @@ class CI_Input { { return $this->ip_address; } - + if (config_item('proxy_ips') != '' && $this->server('HTTP_X_FORWARDED_FOR') && $this->server('REMOTE_ADDR')) { $proxies = preg_split('/[\s,]/', config_item('proxy_ips'), -1, PREG_SPLIT_NO_EMPTY); @@ -308,7 +308,7 @@ class CI_Input { * Validate IP Address * * Updated version suggested by Geert De Deckere - * + * * @access public * @param string * @return string @@ -330,7 +330,7 @@ class CI_Input { // Check each segment foreach ($ip_segments as $segment) { - // IP segments must be digits and can not be + // IP segments must be digits and can not be // longer than 3 digits or greater then 255 if ($segment == '' OR preg_match("/[^0-9]/", $segment) OR $segment > 255 OR strlen($segment) > 3) { @@ -383,7 +383,7 @@ class CI_Input { $protected = array('_SERVER', '_GET', '_POST', '_FILES', '_REQUEST', '_SESSION', '_ENV', 'GLOBALS', 'HTTP_RAW_POST_DATA', 'system_folder', 'application_folder', 'BM', 'EXT', 'CFG', 'URI', 'RTR', 'OUT', 'IN'); - // Unset globals for securiy. + // Unset globals for securiy. // This is effectively the same as register_globals = off foreach (array($_GET, $_POST, $_COOKIE) as $global) { diff --git a/system/core/Lang.php b/system/core/Lang.php index e071495b8..cbd4e38b8 100644 --- a/system/core/Lang.php +++ b/system/core/Lang.php @@ -120,7 +120,7 @@ class CI_Lang { * Fetch a single line of text from the language array * * @access public - * @param string $line the language line + * @param string $line the language line * @return string */ function line($line = '') diff --git a/system/core/Loader.php b/system/core/Loader.php index 292fdc955..69b3da0c9 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -34,7 +34,7 @@ class CI_Loader { var $_ci_library_paths = array(); var $_ci_model_paths = array(); var $_ci_helper_paths = array(); - var $_ci_is_instance = FALSE; // Whether we should use $this or $CI =& get_instance() + var $_ci_is_instance = FALSE; // Whether we should use $this or $CI =& get_instance() var $_base_classes = array(); // Set by the controller class var $_ci_cached_vars = array(); var $_ci_classes = array(); @@ -42,7 +42,7 @@ class CI_Loader { var $_ci_models = array(); var $_ci_helpers = array(); var $_ci_varmap = array('unit_test' => 'unit', 'user_agent' => 'agent'); - + /** * Constructor @@ -52,18 +52,18 @@ class CI_Loader { * @access public */ function CI_Loader() - { + { $this->_ci_view_path = APPPATH.'views/'; $this->_ci_ob_level = ob_get_level(); $this->_ci_library_paths = array(APPPATH, BASEPATH); $this->_ci_helper_paths = array(APPPATH, BASEPATH); $this->_ci_model_paths = array(APPPATH); - + log_message('debug', "Loader Class Initialized"); } - + // -------------------------------------------------------------------- - + /** * Class Loader * @@ -75,7 +75,7 @@ class CI_Loader { * @param mixed the optional parameters * @param string an optional object name * @return void - */ + */ function library($library = '', $params = NULL, $object_name = NULL) { if ($library == '' OR isset($this->_base_classes[$library])) @@ -99,12 +99,12 @@ class CI_Loader { { $this->_ci_load_class($library, $params, $object_name); } - + $this->_ci_assign_to_models(); } // -------------------------------------------------------------------- - + /** * Model Loader * @@ -115,14 +115,14 @@ class CI_Loader { * @param string name for the model * @param bool database connection * @return void - */ + */ function model($model, $name = '', $db_conn = FALSE) - { + { if (is_array($model)) { foreach($model as $babe) { - $this->model($babe); + $this->model($babe); } return; } @@ -131,9 +131,9 @@ class CI_Loader { { return; } - + $path = ''; - + // Is the model in a sub-folder? If so, parse out the filename and path. if (($last_slash = strrpos($model, '/')) !== FALSE) { @@ -143,23 +143,23 @@ class CI_Loader { // And the model name behind it $model = substr($model, $last_slash + 1); } - + if ($name == '') { $name = $model; } - + if (in_array($name, $this->_ci_models, TRUE)) { return; } - + $CI =& get_instance(); if (isset($CI->$name)) { show_error('The model name you are loading is the name of a resource that is already being used: '.$name); } - + $model = strtolower($model); foreach ($this->_ci_model_paths as $mod_path) @@ -192,13 +192,13 @@ class CI_Loader { $this->_ci_models[] = $name; return; } - + // couldn't find the model show_error('Unable to locate the model you have specified: '.$model); } - + // -------------------------------------------------------------------- - + /** * Database Loader * @@ -207,57 +207,57 @@ class CI_Loader { * @param bool whether to return the DB object * @param bool whether to enable active record (this allows us to override the config setting) * @return object - */ + */ function database($params = '', $return = FALSE, $active_record = NULL) { // Grab the super object $CI =& get_instance(); - + // Do we even need to load the database class? if (class_exists('CI_DB') AND $return == FALSE AND $active_record == NULL AND isset($CI->db) AND is_object($CI->db)) { return FALSE; - } - + } + require_once(BASEPATH.'database/DB'.EXT); if ($return === TRUE) { return DB($params, $active_record); } - - // Initialize the db variable. Needed to prevent + + // Initialize the db variable. Needed to prevent // reference errors with some configurations $CI->db = ''; - + // Load the DB class - $CI->db =& DB($params, $active_record); - + $CI->db =& DB($params, $active_record); + // Assign the DB object to any existing models $this->_ci_assign_to_models(); } - + // -------------------------------------------------------------------- /** * Load the Utilities Class * * @access public - * @return string - */ + * @return string + */ function dbutil() { if ( ! class_exists('CI_DB')) { $this->database(); } - + $CI =& get_instance(); // for backwards compatibility, load dbforge so we can extend dbutils off it // this use is deprecated and strongly discouraged $CI->load->dbforge(); - + require_once(BASEPATH.'database/DB_utility'.EXT); require_once(BASEPATH.'database/drivers/'.$CI->db->dbdriver.'/'.$CI->db->dbdriver.'_utility'.EXT); $class = 'CI_DB_'.$CI->db->dbdriver.'_utility'; @@ -266,35 +266,35 @@ class CI_Loader { $CI->load->_ci_assign_to_models(); } - + // -------------------------------------------------------------------- /** * Load the Database Forge Class * * @access public - * @return string - */ + * @return string + */ function dbforge() { if ( ! class_exists('CI_DB')) { $this->database(); } - + $CI =& get_instance(); - + require_once(BASEPATH.'database/DB_forge'.EXT); require_once(BASEPATH.'database/drivers/'.$CI->db->dbdriver.'/'.$CI->db->dbdriver.'_forge'.EXT); $class = 'CI_DB_'.$CI->db->dbdriver.'_forge'; $CI->dbforge = new $class(); - + $CI->load->_ci_assign_to_models(); } - + // -------------------------------------------------------------------- - + /** * Load View * @@ -316,9 +316,9 @@ class CI_Loader { { return $this->_ci_load(array('_ci_view' => $view, '_ci_vars' => $this->_ci_object_to_array($vars), '_ci_return' => $return)); } - + // -------------------------------------------------------------------- - + /** * Load File * @@ -333,9 +333,9 @@ class CI_Loader { { return $this->_ci_load(array('_ci_path' => $path, '_ci_return' => $return)); } - + // -------------------------------------------------------------------- - + /** * Set Variables * @@ -352,9 +352,9 @@ class CI_Loader { { $vars = array($vars => $val); } - + $vars = $this->_ci_object_to_array($vars); - + if (is_array($vars) AND count($vars) > 0) { foreach ($vars as $key => $val) @@ -363,9 +363,9 @@ class CI_Loader { } } } - + // -------------------------------------------------------------------- - + /** * Load Helper * @@ -376,9 +376,9 @@ class CI_Loader { * @return void */ function helper($helpers = array()) - { + { foreach ($this->_ci_prep_filename($helpers, '_helper') as $helper) - { + { if (isset($this->_ci_helpers[$helper])) { continue; @@ -386,33 +386,33 @@ class CI_Loader { $ext_helper = APPPATH.'helpers/'.config_item('subclass_prefix').$helper.EXT; - // Is this a helper extension request? + // Is this a helper extension request? if (file_exists($ext_helper)) { $base_helper = BASEPATH.'helpers/'.$helper.EXT; - + if ( ! file_exists($base_helper)) { show_error('Unable to load the requested file: helpers/'.$helper.EXT); } - + include_once($ext_helper); include_once($base_helper); - + $this->_ci_helpers[$helper] = TRUE; log_message('debug', 'Helper loaded: '.$helper); continue; } - + // Try to load the helper foreach ($this->_ci_helper_paths as $path) { if (file_exists($path.'helpers/'.$helper.EXT)) - { + { include_once($path.'helpers/'.$helper.EXT); $this->_ci_helpers[$helper] = TRUE; - log_message('debug', 'Helper loaded: '.$helper); + log_message('debug', 'Helper loaded: '.$helper); break; } } @@ -420,13 +420,13 @@ class CI_Loader { // unable to load the helper if ( ! isset($this->_ci_helpers[$helper])) { - show_error('Unable to load the requested file: helpers/'.$helper.EXT); + show_error('Unable to load the requested file: helpers/'.$helper.EXT); } - } + } } - + // -------------------------------------------------------------------- - + /** * Load Helpers * @@ -441,9 +441,9 @@ class CI_Loader { { $this->helper($helpers); } - + // -------------------------------------------------------------------- - + /** * Loads a language file * @@ -462,13 +462,13 @@ class CI_Loader { } foreach ($file as $langfile) - { + { $CI->lang->load($langfile, $lang); } } - + // -------------------------------------------------------------------- - + /** * Loads a config file * @@ -477,7 +477,7 @@ class CI_Loader { * @return void */ function config($file = '', $use_sections = FALSE, $fail_gracefully = FALSE) - { + { $CI =& get_instance(); $CI->config->load($file, $use_sections, $fail_gracefully); } @@ -501,19 +501,19 @@ class CI_Loader { // we aren't instantiating an object here, that'll be done by the Library itself require BASEPATH.'libraries/Driver'.EXT; } - + // We can save the loader some time since Drivers will *always* be in a subfolder, // and typically identically named to the library if ( ! strpos($library, '/')) { $library = ucfirst($library).'/'.$library; } - + return $this->library($library, $params, $object_name); } // -------------------------------------------------------------------- - + /** * Add Package Path * @@ -528,7 +528,7 @@ class CI_Loader { array_unshift($this->_ci_library_paths, $path); array_unshift($this->_ci_model_paths, $path); array_unshift($this->_ci_helper_paths, $path); - + // Add config file path $config =& $this->_ci_get_component('config'); array_unshift($config->_config_paths, $path); @@ -549,7 +549,7 @@ class CI_Loader { function remove_package_path($path = '', $remove_config_path = TRUE) { $config =& $this->_ci_get_component('config'); - + if ($path == '') { $void = array_shift($this->_ci_library_paths); @@ -566,13 +566,13 @@ class CI_Loader { unset($this->{$var}[$key]); } } - + if (($key = array_search($path, $config->_config_paths)) !== FALSE) { unset($config->_config_paths[$key]); } } - + // make sure the application default paths are still in the array $this->_ci_library_paths = array_unique(array_merge($this->_ci_library_paths, array(APPPATH, BASEPATH))); $this->_ci_helper_paths = array_unique(array_merge($this->_ci_helper_paths, array(APPPATH, BASEPATH))); @@ -581,7 +581,7 @@ class CI_Loader { } // -------------------------------------------------------------------- - + /** * Loader * @@ -613,16 +613,16 @@ class CI_Loader { $_ci_x = explode('/', $_ci_path); $_ci_file = end($_ci_x); } - + if ( ! file_exists($_ci_path)) { show_error('Unable to load the requested file: '.$_ci_file); } - + // This allows anything loaded using $this->load (views, files, etc.) // to become accessible from within the Controller and Model functions. // Only needed when running PHP 5 - + if ($this->_ci_is_instance()) { $_ci_CI =& get_instance(); @@ -642,13 +642,13 @@ class CI_Loader { * function or via the second parameter of this function. We'll merge * the two types and cache them so that views that are embedded within * other views can have access to these variables. - */ + */ if (is_array($_ci_vars)) { $this->_ci_cached_vars = array_merge($this->_ci_cached_vars, $_ci_vars); } extract($this->_ci_cached_vars); - + /* * Buffer the output * @@ -662,11 +662,11 @@ class CI_Loader { * the browser and then stop the timer it won't be accurate. */ ob_start(); - + // If the PHP installation does not support short tags we'll // do a little string replacement, changing the short tags // to standard PHP echo statements. - + if ((bool) @ini_get('short_open_tag') === FALSE AND config_item('rewrite_short_tags') == TRUE) { echo eval('?>'.preg_replace("/;*\s*\?>/", "; ?>", str_replace(' $this->_ci_ob_level + 1) { ob_end_flush(); @@ -717,18 +717,18 @@ class CI_Loader { * This function loads the requested class. * * @access private - * @param string the item that is being loaded + * @param string the item that is being loaded * @param mixed any additional parameters * @param string an optional object name - * @return void + * @return void */ function _ci_load_class($class, $params = NULL, $object_name = NULL) - { - // Get the class name, and while we're at it trim any slashes. - // The directory path can be included as part of the class name, + { + // Get the class name, and while we're at it trim any slashes. + // The directory path can be included as part of the class name, // but we don't want a leading slash $class = str_replace(EXT, '', trim($class, '/')); - + // Was the path included with the class name? // We look for a slash to determine this $subdir = ''; @@ -736,7 +736,7 @@ class CI_Loader { { // Extract the path $subdir = substr($class, 0, $last_slash + 1); - + // Get the filename from the path $class = substr($class, $last_slash + 1); } @@ -746,11 +746,11 @@ class CI_Loader { { $subclass = APPPATH.'libraries/'.$subdir.config_item('subclass_prefix').$class.EXT; - // Is this a class extension request? + // Is this a class extension request? if (file_exists($subclass)) { $baseclass = BASEPATH.'libraries/'.ucfirst($class).EXT; - + if ( ! file_exists($baseclass)) { log_message('error', "Unable to load the requested class: ".$class); @@ -768,22 +768,22 @@ class CI_Loader { $CI =& get_instance(); if ( ! isset($CI->$object_name)) { - return $this->_ci_init_class($class, config_item('subclass_prefix'), $params, $object_name); + return $this->_ci_init_class($class, config_item('subclass_prefix'), $params, $object_name); } } - + $is_duplicate = TRUE; log_message('debug', $class." class already loaded. Second attempt ignored."); return; } - - include_once($baseclass); + + include_once($baseclass); include_once($subclass); $this->_ci_loaded_files[] = $subclass; - - return $this->_ci_init_class($class, config_item('subclass_prefix'), $params, $object_name); + + return $this->_ci_init_class($class, config_item('subclass_prefix'), $params, $object_name); } - + // Lets search for the requested library file and load it. $is_duplicate = FALSE; foreach ($this->_ci_library_paths as $path) @@ -795,7 +795,7 @@ class CI_Loader { { continue; } - + // Safety: Was the class already loaded by a previous call? if (in_array($filepath, $this->_ci_loaded_files)) { @@ -810,15 +810,15 @@ class CI_Loader { return $this->_ci_init_class($class, '', $params, $object_name); } } - + $is_duplicate = TRUE; log_message('debug', $class." class already loaded. Second attempt ignored."); return; } - + include_once($filepath); $this->_ci_loaded_files[] = $filepath; - return $this->_ci_init_class($class, '', $params, $object_name); + return $this->_ci_init_class($class, '', $params, $object_name); } } // END FOREACH @@ -829,7 +829,7 @@ class CI_Loader { $path = strtolower($class).'/'.$class; return $this->_ci_load_class($path, $params); } - + // If we got this far we were unable to find the requested class. // We do not issue errors if the load call failed due to a duplicate request if ($is_duplicate == FALSE) @@ -838,7 +838,7 @@ class CI_Loader { show_error("Unable to load the requested class: ".$class); } } - + // -------------------------------------------------------------------- /** @@ -851,7 +851,7 @@ class CI_Loader { * @return null */ function _ci_init_class($class, $prefix = '', $config = FALSE, $object_name = NULL) - { + { // Is there an associated config file for this class? Note: these should always be lowercase if ($config === NULL) { @@ -860,20 +860,20 @@ class CI_Loader { if (file_exists(APPPATH.'config/'.strtolower($class).EXT)) { include_once(APPPATH.'config/'.strtolower($class).EXT); - } + } elseif (file_exists(APPPATH.'config/'.ucfirst(strtolower($class)).EXT)) { include_once(APPPATH.'config/'.ucfirst(strtolower($class)).EXT); } } - + if ($prefix == '') - { - if (class_exists('CI_'.$class)) + { + if (class_exists('CI_'.$class)) { $name = 'CI_'.$class; } - elseif (class_exists(config_item('subclass_prefix').$class)) + elseif (class_exists(config_item('subclass_prefix').$class)) { $name = config_item('subclass_prefix').$class; } @@ -886,18 +886,18 @@ class CI_Loader { { $name = $prefix.$class; } - + // Is the class name valid? if ( ! class_exists($name)) { log_message('error', "Non-existent class: ".$name); show_error("Non-existent class: ".$class); } - + // Set the variable name we will assign the class to // Was a custom class name supplied? If so we'll use it $class = strtolower($class); - + if (is_null($object_name)) { $classvar = ( ! isset($this->_ci_varmap[$class])) ? $class : $this->_ci_varmap[$class]; @@ -907,23 +907,23 @@ class CI_Loader { $classvar = $object_name; } - // Save the class name and object name + // Save the class name and object name $this->_ci_classes[$class] = $classvar; - // Instantiate the class + // Instantiate the class $CI =& get_instance(); if ($config !== NULL) { $CI->$classvar = new $name($config); } else - { + { $CI->$classvar = new $name; - } - } - + } + } + // -------------------------------------------------------------------- - + /** * Autoloader * @@ -935,31 +935,31 @@ class CI_Loader { * @return void */ function _ci_autoloader() - { + { include_once(APPPATH.'config/autoload'.EXT); - + if ( ! isset($autoload)) { return FALSE; } - + // Load any custom config file if (count($autoload['config']) > 0) - { + { $CI =& get_instance(); foreach ($autoload['config'] as $key => $val) { $CI->config->load($val); } - } + } // Autoload helpers and languages foreach (array('helper', 'language') as $type) - { + { if (isset($autoload[$type]) AND count($autoload[$type]) > 0) { $this->$type($autoload[$type]); - } + } } // A little tweak to remain backward compatible @@ -968,7 +968,7 @@ class CI_Loader { { $autoload['libraries'] = $autoload['core']; } - + // Load libraries if (isset($autoload['libraries']) AND count($autoload['libraries']) > 0) { @@ -978,13 +978,13 @@ class CI_Loader { $this->database(); $autoload['libraries'] = array_diff($autoload['libraries'], array('database')); } - + // Load all other libraries foreach ($autoload['libraries'] as $item) { $this->library($item); } - } + } // Autoload models if (isset($autoload['model'])) @@ -993,7 +993,7 @@ class CI_Loader { } } - + // -------------------------------------------------------------------- /** @@ -1012,13 +1012,13 @@ class CI_Loader { { return; } - + foreach($this->_ci_models as $model) { $model = $this->_ci_get_component($model); $model->_assign_libraries(); } - } + } // -------------------------------------------------------------------- @@ -1041,7 +1041,7 @@ class CI_Loader { /** * Determines whether we should use the CI instance or $this * @PHP4 - * + * * @access private * @return bool */ @@ -1051,11 +1051,11 @@ class CI_Loader { { return TRUE; } - + global $CI; return (is_object($CI)) ? TRUE : FALSE; } - + // -------------------------------------------------------------------- /** @@ -1078,7 +1078,7 @@ class CI_Loader { } // -------------------------------------------------------------------- - + /** * Prep filename * @@ -1091,20 +1091,20 @@ class CI_Loader { function _ci_prep_filename($filename, $extension) { if ( ! is_array($filename)) - { - return array(strtolower(str_replace(EXT, '', str_replace($extension, '', $filename)).$extension)); + { + return array(strtolower(str_replace(EXT, '', str_replace($extension, '', $filename)).$extension)); } else { foreach ($filename as $key => $val) { - $filename[$key] = strtolower(str_replace(EXT, '', str_replace($extension, '', $val)).$extension); + $filename[$key] = strtolower(str_replace(EXT, '', str_replace($extension, '', $val)).$extension); } - + return $filename; } } - + } diff --git a/system/core/Model.php b/system/core/Model.php index 16c4e7dd8..ebbb0fbe6 100644 --- a/system/core/Model.php +++ b/system/core/Model.php @@ -37,11 +37,11 @@ class CI_Model { { // If the magic __get() or __set() methods are used in a Model references can't be used. $this->_assign_libraries( (method_exists($this, '__get') OR method_exists($this, '__set')) ? FALSE : TRUE ); - + // We don't want to assign the model object to itself when using the // assign_libraries function below so we'll grab the name of the model parent $this->_parent_name = ucfirst(get_class($this)); - + log_message('debug', "Model Class Initialized"); } @@ -50,17 +50,17 @@ class CI_Model { * * Creates local references to all currently instantiated objects * so that any syntax that can be legally used in a controller - * can be used within models. + * can be used within models. * * @access private - */ + */ function _assign_libraries($use_reference = TRUE) { - $CI =& get_instance(); + $CI =& get_instance(); foreach (array_keys(get_object_vars($CI)) as $key) { if ( ! isset($this->$key) AND $key != $this->_parent_name) - { + { // In some cases using references can cause // problems so we'll conditionally use them if ($use_reference == TRUE) @@ -74,7 +74,7 @@ class CI_Model { $this->$key = $CI->$key; } } - } + } } } diff --git a/system/core/Output.php b/system/core/Output.php index ad9ffbabe..04e452d2c 100644 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -30,8 +30,8 @@ class CI_Output { var $final_output; var $cache_expiration = 0; - var $headers = array(); - var $enable_profiler = FALSE; + var $headers = array(); + var $enable_profiler = FALSE; var $parse_exec_vars = TRUE; // whether or not to parse variables like {elapsed_time} and {memory_usage} var $_zlib_oc = FALSE; @@ -40,12 +40,12 @@ class CI_Output { function CI_Output() { $this->_zlib_oc = @ini_get('zlib.output_compression'); - + log_message('debug', "Output Class Initialized"); } - + // -------------------------------------------------------------------- - + /** * Get Output * @@ -53,14 +53,14 @@ class CI_Output { * * @access public * @return string - */ + */ function get_output() { return $this->final_output; } - + // -------------------------------------------------------------------- - + /** * Set Output * @@ -69,7 +69,7 @@ class CI_Output { * @access public * @param string * @return void - */ + */ function set_output($output) { $this->final_output = $output; @@ -85,7 +85,7 @@ class CI_Output { * @access public * @param string * @return void - */ + */ function append_output($output) { if ($this->final_output == '') @@ -111,52 +111,52 @@ class CI_Output { * @access public * @param string * @return void - */ + */ function set_header($header, $replace = TRUE) { // If zlib.output_compression is enabled it will compress the output, // but it will not modify the content-length header to compensate for // the reduction, causing the browser to hang waiting for more data. // We'll just skip content-length in those cases. - + if ($this->_zlib_oc && strncasecmp($header, 'content-length', 14) == 0) { return; } - + $this->headers[] = array($header, $replace); } // -------------------------------------------------------------------- - + /** * Set HTTP Status Header * moved to Common procedural functions in 1.7.2 - * + * * @access public - * @param int the status code - * @param string + * @param int the status code + * @param string * @return void - */ + */ function set_status_header($code = 200, $text = '') { set_status_header($code, $text); } - + // -------------------------------------------------------------------- - + /** * Enable/disable Profiler * * @access public * @param bool * @return void - */ + */ function enable_profiler($val = TRUE) { $this->enable_profiler = (is_bool($val)) ? $val : TRUE; } - + // -------------------------------------------------------------------- /** @@ -177,21 +177,21 @@ class CI_Output { } // -------------------------------------------------------------------- - + /** * Set Cache * * @access public * @param integer * @return void - */ + */ function cache($time) { $this->cache_expiration = ( ! is_numeric($time)) ? 0 : $time; } - + // -------------------------------------------------------------------- - + /** * Display Output * @@ -205,9 +205,9 @@ class CI_Output { * * @access public * @return mixed - */ + */ function _display($output = '') - { + { // Note: We use globals because we can't use $CI =& get_instance() // since this function is sometimes called by the caching mechanism, // which happens before the CI super object is available. @@ -220,15 +220,15 @@ class CI_Output { } // -------------------------------------------------------------------- - + // Set the output data if ($output == '') { $output =& $this->final_output; } - + // -------------------------------------------------------------------- - + // Do we need to write a cache file? Only if the controller does not have its // own _output() method and we are not dealing with a cache file, which we // can determine by the existence of the $CI object above @@ -236,24 +236,24 @@ class CI_Output { { $this->_write_cache($output); } - + // -------------------------------------------------------------------- // Parse out the elapsed time and memory usage, // then swap the pseudo-variables with the data - - $elapsed = $BM->elapsed_time('total_execution_time_start', 'total_execution_time_end'); + + $elapsed = $BM->elapsed_time('total_execution_time_start', 'total_execution_time_end'); if ($this->parse_exec_vars === TRUE) { $memory = ( ! function_exists('memory_get_usage')) ? '0' : round(memory_get_usage()/1024/1024, 2).'MB'; - + $output = str_replace('{elapsed_time}', $elapsed, $output); $output = str_replace('{memory_usage}', $memory, $output); } // -------------------------------------------------------------------- - + // Is compression requested? if ($CFG->item('compress_output') === TRUE && $this->_zlib_oc == FALSE) { @@ -267,7 +267,7 @@ class CI_Output { } // -------------------------------------------------------------------- - + // Are there any server headers to send? if (count($this->headers) > 0) { @@ -275,10 +275,10 @@ class CI_Output { { @header($header[0], $header[1]); } - } + } // -------------------------------------------------------------------- - + // Does the $CI object exist? // If not we know we are dealing with a cache file so we'll // simply echo out the data and exit. @@ -289,19 +289,19 @@ class CI_Output { log_message('debug', "Total execution time: ".$elapsed); return TRUE; } - + // -------------------------------------------------------------------- - + // Do we need to generate profile data? // If so, load the Profile class and run it. if ($this->enable_profiler == TRUE) { - $CI->load->library('profiler'); - + $CI->load->library('profiler'); + if ( ! empty($this->_profiler_sections)) { $CI->profiler->set_sections($this->_profiler_sections); - } + } // If the output data contains closing and tags // we will remove them and add them back after we insert the profile data @@ -316,7 +316,7 @@ class CI_Output { $output .= $CI->profiler->run(); } } - + // -------------------------------------------------------------------- // Does the controller contain a function named _output()? @@ -329,36 +329,36 @@ class CI_Output { { echo $output; // Send it to the browser! } - + log_message('debug', "Final output sent to browser"); - log_message('debug', "Total execution time: ".$elapsed); + log_message('debug', "Total execution time: ".$elapsed); } - + // -------------------------------------------------------------------- - + /** * Write a Cache File * * @access public * @return void - */ + */ function _write_cache($output) { - $CI =& get_instance(); + $CI =& get_instance(); $path = $CI->config->item('cache_path'); - + $cache_path = ($path == '') ? BASEPATH.'cache/' : $path; - + if ( ! is_dir($cache_path) OR ! is_really_writable($cache_path)) { log_message('error', "Unable to write cache file: ".$cache_path); return; } - + $uri = $CI->config->item('base_url'). $CI->config->item('index_page'). $CI->uri->uri_string(); - + $cache_path .= md5($uri); if ( ! $fp = @fopen($cache_path, FOPEN_WRITE_CREATE_DESTRUCTIVE)) @@ -366,9 +366,9 @@ class CI_Output { log_message('error', "Unable to write cache file: ".$cache_path); return; } - + $expire = time() + ($this->cache_expiration * 60); - + if (flock($fp, LOCK_EX)) { fwrite($fp, $expire.'TS--->'.$output); @@ -386,51 +386,51 @@ class CI_Output { } // -------------------------------------------------------------------- - + /** * Update/serve a cached file * * @access public * @return void - */ + */ function _display_cache(&$CFG, &$URI) { $cache_path = ($CFG->item('cache_path') == '') ? BASEPATH.'cache/' : $CFG->item('cache_path'); - + // Build the file path. The file name is an MD5 hash of the full URI $uri = $CFG->item('base_url'). $CFG->item('index_page'). $URI->uri_string; - + $filepath = $cache_path.md5($uri); - + if ( ! @file_exists($filepath)) { return FALSE; } - + if ( ! $fp = @fopen($filepath, FOPEN_READ)) { return FALSE; } - + flock($fp, LOCK_SH); - + $cache = ''; if (filesize($filepath) > 0) { $cache = fread($fp, filesize($filepath)); } - + flock($fp, LOCK_UN); fclose($fp); - - // Strip out the embedded timestamp + + // Strip out the embedded timestamp if ( ! preg_match("/(\d+TS--->)/", $cache, $match)) { return FALSE; } - + // Has the file expired? If so we'll delete it. if (time() >= trim(str_replace('TS--->', '', $match['1']))) { @@ -438,13 +438,13 @@ class CI_Output { { @unlink($filepath); log_message('debug', "Cache file has expired. File deleted"); - return FALSE; + return FALSE; } } // Display the cache $this->_display(str_replace($match['0'], '', $cache)); - log_message('debug', "Cache file is current. Sending it to browser."); + log_message('debug', "Cache file is current. Sending it to browser."); return TRUE; } diff --git a/system/core/Router.php b/system/core/Router.php index b371d5241..1db1ad836 100644 --- a/system/core/Router.php +++ b/system/core/Router.php @@ -28,14 +28,14 @@ */ class CI_Router { - var $config; - var $routes = array(); + var $config; + var $routes = array(); var $error_routes = array(); var $class = ''; var $method = 'index'; var $directory = ''; var $default_controller; - + /** * Constructor * @@ -47,9 +47,9 @@ class CI_Router { $this->uri =& load_class('URI', 'core'); log_message('debug', "Router Class Initialized"); } - + // -------------------------------------------------------------------- - + /** * Set the route mapping * @@ -60,9 +60,9 @@ class CI_Router { * @return void */ function _set_routing() - { + { // Are query strings enabled in the config file? Normally CI doesn't utilize query strings - // since URI segments are more search-engine friendly, but they can optionally be used. + // since URI segments are more search-engine friendly, but they can optionally be used. // If this feature is enabled, we will gather the directory/class/method a little differently $segments = array(); if ($this->config->item('enable_query_strings') === TRUE AND isset($_GET[$this->config->item('controller_trigger')])) @@ -72,65 +72,65 @@ class CI_Router { $this->set_directory(trim($this->uri->_filter_uri($_GET[$this->config->item('directory_trigger')]))); $segments[] = $this->fetch_directory(); } - + if (isset($_GET[$this->config->item('controller_trigger')])) { $this->set_class(trim($this->uri->_filter_uri($_GET[$this->config->item('controller_trigger')]))); $segments[] = $this->fetch_class(); } - + if (isset($_GET[$this->config->item('function_trigger')])) { $this->set_method(trim($this->uri->_filter_uri($_GET[$this->config->item('function_trigger')]))); $segments[] = $this->fetch_method(); } } - + // Load the routes.php file. @include(APPPATH.'config/routes'.EXT); $this->routes = ( ! isset($route) OR ! is_array($route)) ? array() : $route; unset($route); - + // Set the default controller so we can display it in the event // the URI doesn't correlated to a valid controller. - $this->default_controller = ( ! isset($this->routes['default_controller']) OR $this->routes['default_controller'] == '') ? FALSE : strtolower($this->routes['default_controller']); - + $this->default_controller = ( ! isset($this->routes['default_controller']) OR $this->routes['default_controller'] == '') ? FALSE : strtolower($this->routes['default_controller']); + // Were there any query string segments? If so, we'll validate them and bail out since we're done. if (count($segments) > 0) { return $this->_validate_request($segments); } - + // Fetch the complete URI string $this->uri->_fetch_uri_string(); - + // Is there a URI string? If not, the default controller specified in the "routes" file will be shown. if ($this->uri->uri_string == '') { return $this->_set_default_controller(); } - + // Do we need to remove the URL suffix? $this->uri->_remove_url_suffix(); - + // Compile the segments into an array $this->uri->_explode_segments(); - + // Parse any custom routing that may exist - $this->_parse_routes(); - + $this->_parse_routes(); + // Re-index the segment array so that it starts with 1 rather than 0 $this->uri->_reindex_segments(); } // -------------------------------------------------------------------- - + /** * Set the default controller * * @access private * @return void - */ + */ function _set_default_controller() { if ($this->default_controller === FALSE) @@ -141,26 +141,26 @@ class CI_Router { if (strpos($this->default_controller, '/') !== FALSE) { $x = explode('/', $this->default_controller); - + $this->set_class($x[0]); $this->set_method($x[1]); $this->_set_request(array($x[0], $x[1])); - } + } else { $this->set_class($this->default_controller); $this->set_method('index'); $this->_set_request(array($this->default_controller, 'index')); } - + // re-index the routed segments array so it starts with 1 rather than 0 $this->uri->_reindex_segments(); - + log_message('debug', "No URI present. Default controller set."); } - + // -------------------------------------------------------------------- - + /** * Set the Route * @@ -173,16 +173,16 @@ class CI_Router { * @return void */ function _set_request($segments = array()) - { + { $segments = $this->_validate_request($segments); - + if (count($segments) == 0) { return $this->_set_default_controller(); } - + $this->set_class($segments[0]); - + if (isset($segments[1])) { // A standard method request @@ -194,15 +194,15 @@ class CI_Router { // index method is being used. $segments[1] = 'index'; } - + // Update our "routed" segment array to contain the segments. // Note: If there is no custom routing, this array will be // identical to $this->uri->segments $this->uri->rsegments = $segments; } - + // -------------------------------------------------------------------- - + /** * Validates the supplied segments. Attempts to determine the path to * the controller. @@ -210,33 +210,33 @@ class CI_Router { * @access private * @param array * @return array - */ + */ function _validate_request($segments) { if (count($segments) == 0) { return $segments; } - + // Does the requested controller exist in the root folder? if (file_exists(APPPATH.'controllers/'.$segments[0].EXT)) { return $segments; } - + // Is the controller in a sub-folder? if (is_dir(APPPATH.'controllers/'.$segments[0])) { // Set the directory and remove it from the segment array $this->set_directory($segments[0]); $segments = array_slice($segments, 1); - + if (count($segments) > 0) { // Does the requested controller exist in the sub-folder? if ( ! file_exists(APPPATH.'controllers/'.$this->fetch_directory().$segments[0].EXT)) { - show_404($this->fetch_directory().$segments[0]); + show_404($this->fetch_directory().$segments[0]); } } else @@ -245,29 +245,29 @@ class CI_Router { if (strpos($this->default_controller, '/') !== FALSE) { $x = explode('/', $this->default_controller); - + $this->set_class($x[0]); $this->set_method($x[1]); - } + } else { $this->set_class($this->default_controller); $this->set_method('index'); } - + // Does the default controller exist in the sub-folder? if ( ! file_exists(APPPATH.'controllers/'.$this->fetch_directory().$this->default_controller.EXT)) { $this->directory = ''; return array(); } - + } - + return $segments; } - - + + // If we've gotten this far it means that the URI does not correlate to a valid // controller class. We will now see if there is an override if (isset($this->routes['404_override']) AND $this->routes['404_override'] != '') @@ -275,20 +275,20 @@ class CI_Router { if (strpos($this->routes['404_override'], '/') !== FALSE) { $x = explode('/', $this->routes['404_override']); - + $this->set_class($x[0]); $this->set_method($x[1]); - + return $x; - } + } } - + // Nothing else to do at this point but show a 404 - show_404($segments[0]); + show_404($segments[0]); } - + // -------------------------------------------------------------------- - + /** * Parse Routes * @@ -303,16 +303,16 @@ class CI_Router { { // Turn the segment array into a URI string $uri = implode('/', $this->uri->segments); - + // Is there a literal match? If so we're done if (isset($this->routes[$uri])) { return $this->_set_request(explode('/', $this->routes[$uri])); } - + // Loop through the route array looking for wild-cards foreach ($this->routes as $key => $val) - { + { // Convert wild-cards to RegEx $key = str_replace(':any', '.+', str_replace(':num', '[0-9]+', $key)); @@ -324,8 +324,8 @@ class CI_Router { { $val = preg_replace('#^'.$key.'$#', $val, $uri); } - - return $this->_set_request(explode('/', $val)); + + return $this->_set_request(explode('/', $val)); } } @@ -335,54 +335,54 @@ class CI_Router { } // -------------------------------------------------------------------- - + /** * Set the class name * * @access public * @param string * @return void - */ + */ function set_class($class) { $this->class = $class; } - + // -------------------------------------------------------------------- - + /** * Fetch the current class * * @access public * @return string - */ + */ function fetch_class() { return $this->class; } - + // -------------------------------------------------------------------- - + /** * Set the method name * * @access public * @param string * @return void - */ + */ function set_method($method) { $this->method = $method; } // -------------------------------------------------------------------- - + /** * Fetch the current method * * @access public * @return string - */ + */ function fetch_method() { if ($this->method == $this->fetch_class()) @@ -394,58 +394,58 @@ class CI_Router { } // -------------------------------------------------------------------- - + /** * Set the directory name * * @access public * @param string * @return void - */ + */ function set_directory($dir) { $this->directory = trim($dir, '/').'/'; } // -------------------------------------------------------------------- - + /** * Fetch the sub-directory (if any) that contains the requested controller class * * @access public * @return string - */ + */ function fetch_directory() { return $this->directory; } // -------------------------------------------------------------------- - + /** * Set the controller overrides * * @access public * @param array * @return null - */ + */ function _set_overrides($routing) { if ( ! is_array($routing)) { return; } - + if (isset($routing['directory'])) { $this->set_directory($routing['directory']); } - + if (isset($routing['controller']) AND $routing['controller'] != '') { $this->set_class($routing['controller']); } - + if (isset($routing['function'])) { $routing['function'] = ($routing['function'] == '') ? 'index' : $routing['function']; diff --git a/system/core/URI.php b/system/core/URI.php index cffffc20d..a3bd45091 100644 --- a/system/core/URI.php +++ b/system/core/URI.php @@ -195,7 +195,7 @@ class CI_URI { } // Convert programatic characters to entities - $bad = array('$', '(', ')', '%28', '%29'); + $bad = array('$', '(', ')', '%28', '%29'); $good = array('$', '(', ')', '(', ')'); return str_replace($bad, $good, $str); @@ -321,7 +321,7 @@ class CI_URI { */ function uri_to_assoc($n = 3, $default = array()) { - return $this->_uri_to_assoc($n, $default, 'segment'); + return $this->_uri_to_assoc($n, $default, 'segment'); } /** * Identical to above only it uses the re-routed segment array @@ -329,7 +329,7 @@ class CI_URI { */ function ruri_to_assoc($n = 3, $default = array()) { - return $this->_uri_to_assoc($n, $default, 'rsegment'); + return $this->_uri_to_assoc($n, $default, 'rsegment'); } // -------------------------------------------------------------------- diff --git a/system/core/Unicode.php b/system/core/Unicode.php index c8f1203f7..ecc8d3042 100644 --- a/system/core/Unicode.php +++ b/system/core/Unicode.php @@ -30,14 +30,14 @@ class CI_Unicode { /** * Constructor - * + * * Determines if UTF-8 support is to be enabled - * + * */ function CI_Unicode() { log_message('debug', "Unicode Class Initialized"); - + global $CFG; if ( @@ -48,7 +48,7 @@ class CI_Unicode { ) { log_message('debug', "Unicode Class - UTF-8 Support Enabled"); - + define('UTF8_ENABLED', TRUE); // set internal encoding for multibyte string functions if necessary @@ -68,11 +68,11 @@ class CI_Unicode { { log_message('debug', "Unicode Class - UTF-8 Support Disabled"); define('UTF8_ENABLED', FALSE); - } + } } - + // -------------------------------------------------------------------- - + /** * Clean UTF-8 strings * @@ -88,19 +88,19 @@ class CI_Unicode { { $str = @iconv('UTF-8', 'UTF-8//IGNORE', $str); } - + return $str; } // -------------------------------------------------------------------- - + /** * Remove ASCII control characters * * Removes all ASCII control characters except horizontal tabs, * line feeds, and carriage returns, as all others can cause * problems in XML - * + * * @access public * @param string * @return string @@ -111,7 +111,7 @@ class CI_Unicode { } // -------------------------------------------------------------------- - + /** * Convert to UTF-8 * @@ -136,12 +136,12 @@ class CI_Unicode { { return FALSE; } - + return $str; } // -------------------------------------------------------------------- - + /** * Is ASCII? * @@ -157,7 +157,7 @@ class CI_Unicode { } // -------------------------------------------------------------------- - + } // End Unicode Class -- cgit v1.2.3-24-g4f1b From 2615e418539c3d6e2f912c66be99ffebfb8513ff Mon Sep 17 00:00:00 2001 From: Derek Jones Date: Wed, 6 Oct 2010 17:51:16 -0500 Subject: fixed a security issue which in certain cases could result in directory traversal --- system/core/Router.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'system/core') diff --git a/system/core/Router.php b/system/core/Router.php index b371d5241..d911eb224 100644 --- a/system/core/Router.php +++ b/system/core/Router.php @@ -345,7 +345,7 @@ class CI_Router { */ function set_class($class) { - $this->class = $class; + $this->class = str_replace(array('/', '.'), '', $class); } // -------------------------------------------------------------------- @@ -404,7 +404,7 @@ class CI_Router { */ function set_directory($dir) { - $this->directory = trim($dir, '/').'/'; + $this->directory = str_replace(array('/', '.'), '', $dir).'/'; } // -------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From bce1348820118ea750224c17d81846229dff4852 Mon Sep 17 00:00:00 2001 From: Greg Aker Date: Mon, 11 Oct 2010 15:37:16 -0500 Subject: Fixed a bug where CI_Model is always loaded in core/Loader.php, regardless of if the class is instantiated or not. --- system/core/Loader.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Loader.php b/system/core/Loader.php index 292fdc955..316985609 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -177,7 +177,7 @@ class CI_Loader { $CI->load->database($db_conn, FALSE, TRUE); } - if ( ! class_exists('Model')) + if ( ! class_exists('CI_Model')) { load_class('Model', 'core'); } -- cgit v1.2.3-24-g4f1b From ce43396cb7beb49558cd78cf7ef51956a74b8185 Mon Sep 17 00:00:00 2001 From: Greg Aker Date: Tue, 12 Oct 2010 09:29:35 -0500 Subject: Fix #83 where multiple libraries could not be loaded at once by passing an array to the load->library() function. --- system/core/Loader.php | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'system/core') diff --git a/system/core/Loader.php b/system/core/Loader.php index 316985609..e64006e93 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -78,6 +78,16 @@ class CI_Loader { */ function library($library = '', $params = NULL, $object_name = NULL) { + if (is_array($library)) + { + foreach($library as $read) + { + $this->library($read); + } + + return; + } + if ($library == '' OR isset($this->_base_classes[$library])) { return FALSE; -- cgit v1.2.3-24-g4f1b From 5b2d2da5ae2e97043c6bef53e565d30e50196e2b Mon Sep 17 00:00:00 2001 From: Pascal Kriete Date: Thu, 4 Nov 2010 17:23:40 -0400 Subject: Fixing the docblock on the unicode class. --- system/core/Unicode.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'system/core') diff --git a/system/core/Unicode.php b/system/core/Unicode.php index c8f1203f7..ec40c11ed 100644 --- a/system/core/Unicode.php +++ b/system/core/Unicode.php @@ -9,16 +9,16 @@ * @copyright Copyright (c) 2008 - 2010, EllisLab, Inc. * @license http://codeigniter.com/user_guide/license.html * @link http://codeigniter.com - * @since Version 1.0 + * @since Version 2.0 * @filesource */ // ------------------------------------------------------------------------ /** - * Output Class + * Unicode Class * - * Responsible for sending final output to browser + * Provides unicode support for UTF-8 environments * * @package CodeIgniter * @subpackage Libraries -- cgit v1.2.3-24-g4f1b From f566af5ffb8f2e8d49bd0b206c6ee29c8bc35a78 Mon Sep 17 00:00:00 2001 From: Pascal Kriete Date: Tue, 9 Nov 2010 13:03:26 -0500 Subject: Fixed a bug where silently failed to override if set_time_limit was in Suhosin's function blacklist. Simply moved the set_time_limit call down a bit. --- system/core/CodeIgniter.php | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) (limited to 'system/core') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index f67bb8c10..e701cc323 100644 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -67,12 +67,6 @@ @set_magic_quotes_runtime(0); // Kill magic quotes } - // Set a liberal script execution time limit - if (function_exists("set_time_limit") == TRUE AND @ini_get("safe_mode") == 0) - { - @set_time_limit(300); - } - /* * ------------------------------------------------------ * Set the subclass_prefix @@ -93,6 +87,16 @@ { get_config(array('subclass_prefix' => $assign_to_config['subclass_prefix'])); } + +/* + * ------------------------------------------------------ + * Set a liberal script execution time limit + * ------------------------------------------------------ + */ + if (function_exists("set_time_limit") == TRUE AND @ini_get("safe_mode") == 0) + { + @set_time_limit(300); + } /* * ------------------------------------------------------ -- cgit v1.2.3-24-g4f1b From 6b6c274e00fe2357004c0a4e38e6bdb0b2e0ddb4 Mon Sep 17 00:00:00 2001 From: Pascal Kriete Date: Tue, 9 Nov 2010 13:12:22 -0500 Subject: Normalizing package paths to include a single trailing slash. --- system/core/Loader.php | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'system/core') diff --git a/system/core/Loader.php b/system/core/Loader.php index 5a2175c2d..e2970613b 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -535,6 +535,8 @@ class CI_Loader { */ function add_package_path($path) { + $path = rtrim($path, '/').'/'; + array_unshift($this->_ci_library_paths, $path); array_unshift($this->_ci_model_paths, $path); array_unshift($this->_ci_helper_paths, $path); @@ -569,6 +571,8 @@ class CI_Loader { } else { + $path = rtrim($path, '/').'/'; + foreach (array('_ci_library_paths', '_ci_model_paths', '_ci_helper_paths') as $var) { if (($key = array_search($path, $this->{$var})) !== FALSE) -- cgit v1.2.3-24-g4f1b From 63277b81edde11b77ff94cbf1c3e5db16c97c4bf Mon Sep 17 00:00:00 2001 From: Greg Aker Date: Tue, 9 Nov 2010 13:46:13 -0600 Subject: Fix #62 Adding CI_ prefix to Controller. --- system/core/CodeIgniter.php | 2 +- system/core/Controller.php | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) (limited to 'system/core') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index e701cc323..3dfefc2ef 100644 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -261,7 +261,7 @@ if ( ! class_exists($class) OR $method == 'controller' OR strncmp($method, '_', 1) == 0 - OR in_array(strtolower($method), array_map('strtolower', get_class_methods('Controller'))) + OR in_array(strtolower($method), array_map('strtolower', get_class_methods('CI_Controller'))) ) { show_404("{$class}/{$method}"); diff --git a/system/core/Controller.php b/system/core/Controller.php index 9bd9912dc..e250caf4b 100644 --- a/system/core/Controller.php +++ b/system/core/Controller.php @@ -27,17 +27,17 @@ * @author ExpressionEngine Dev Team * @link http://codeigniter.com/user_guide/general/controllers.html */ -class Controller extends CI_Base { +class CI_Controller extends CI_Base { /** * Constructor * * Calls the initialize() function */ - function Controller() + function CI_Controller() { parent::CI_Base(); - + // Assign all the class objects that were instantiated by the // bootstrap file (CodeIgniter.php) to local class variables // so that CI can run as one big super object. -- cgit v1.2.3-24-g4f1b From 3431ae375f7e9283ccfe7e165f39bfc84d79f694 Mon Sep 17 00:00:00 2001 From: Pascal Kriete Date: Tue, 9 Nov 2010 15:19:50 -0500 Subject: Adding a second parameter to _remap that contains an array of the leftover segments. --- system/core/CodeIgniter.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index e701cc323..b52281918 100644 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -299,7 +299,7 @@ // Is there a "remap" function? If so, we call it instead if (method_exists($CI, '_remap')) { - $CI->_remap($method); + $CI->_remap($method, array_slice($URI->rsegments, 2)); } else { -- cgit v1.2.3-24-g4f1b From 287781e13232b9d8289e14b4f9642d088ed13d01 Mon Sep 17 00:00:00 2001 From: Pascal Kriete Date: Wed, 10 Nov 2010 15:43:49 -0500 Subject: Removing _assign_to_models and _assign_libraries from model related code in favor of __get(). --- system/core/Loader.php | 39 ++------------------------------------- system/core/Model.php | 40 ++++++---------------------------------- 2 files changed, 8 insertions(+), 71 deletions(-) (limited to 'system/core') diff --git a/system/core/Loader.php b/system/core/Loader.php index e2970613b..2324eca1e 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -109,8 +109,6 @@ class CI_Loader { { $this->_ci_load_class($library, $params, $object_name); } - - $this->_ci_assign_to_models(); } // -------------------------------------------------------------------- @@ -182,7 +180,9 @@ class CI_Loader { if ($db_conn !== FALSE AND ! class_exists('CI_DB')) { if ($db_conn === TRUE) + { $db_conn = ''; + } $CI->load->database($db_conn, FALSE, TRUE); } @@ -197,7 +197,6 @@ class CI_Loader { $model = ucfirst($model); $CI->$name = new $model(); - $CI->$name->_assign_libraries(); $this->_ci_models[] = $name; return; @@ -242,9 +241,6 @@ class CI_Loader { // Load the DB class $CI->db =& DB($params, $active_record); - - // Assign the DB object to any existing models - $this->_ci_assign_to_models(); } // -------------------------------------------------------------------- @@ -273,8 +269,6 @@ class CI_Loader { $class = 'CI_DB_'.$CI->db->dbdriver.'_utility'; $CI->dbutil =& instantiate_class(new $class()); - - $CI->load->_ci_assign_to_models(); } // -------------------------------------------------------------------- @@ -299,8 +293,6 @@ class CI_Loader { $class = 'CI_DB_'.$CI->db->dbdriver.'_forge'; $CI->dbforge = new $class(); - - $CI->load->_ci_assign_to_models(); } // -------------------------------------------------------------------- @@ -1005,33 +997,6 @@ class CI_Loader { { $this->model($autoload['model']); } - - } - - // -------------------------------------------------------------------- - - /** - * Assign to Models - * - * Makes sure that anything loaded by the loader class (libraries, etc.) - * will be available to models, if any exist. - * - * @access private - * @param object - * @return array - */ - function _ci_assign_to_models() - { - if (count($this->_ci_models) == 0) - { - return; - } - - foreach($this->_ci_models as $model) - { - $model = $this->_ci_get_component($model); - $model->_assign_libraries(); - } } // -------------------------------------------------------------------- diff --git a/system/core/Model.php b/system/core/Model.php index ebbb0fbe6..f6098d0cf 100644 --- a/system/core/Model.php +++ b/system/core/Model.php @@ -26,57 +26,29 @@ */ class CI_Model { - var $_parent_name = ''; - /** * Constructor * * @access public */ - function CI_Model() + function __construct() { - // If the magic __get() or __set() methods are used in a Model references can't be used. - $this->_assign_libraries( (method_exists($this, '__get') OR method_exists($this, '__set')) ? FALSE : TRUE ); - - // We don't want to assign the model object to itself when using the - // assign_libraries function below so we'll grab the name of the model parent - $this->_parent_name = ucfirst(get_class($this)); - log_message('debug', "Model Class Initialized"); } /** - * Assign Libraries + * __get * - * Creates local references to all currently instantiated objects - * so that any syntax that can be legally used in a controller - * can be used within models. + * Allows models to access CI's loaded classes using the same + * syntax as controllers. * * @access private */ - function _assign_libraries($use_reference = TRUE) + function __get($key) { $CI =& get_instance(); - foreach (array_keys(get_object_vars($CI)) as $key) - { - if ( ! isset($this->$key) AND $key != $this->_parent_name) - { - // In some cases using references can cause - // problems so we'll conditionally use them - if ($use_reference == TRUE) - { - // Needed to prevent reference errors with some configurations - $this->$key = ''; - $this->$key =& $CI->$key; - } - else - { - $this->$key = $CI->$key; - } - } - } + return $CI->$key; } - } // END Model Class -- cgit v1.2.3-24-g4f1b From 4abfa686ca53177b7dbbb7e1bac3febbbe27ec0f Mon Sep 17 00:00:00 2001 From: Greg Aker Date: Wed, 10 Nov 2010 14:44:26 -0600 Subject: Blasting the Base4/5 files. Updating Controller.php to inherit bits from the old Base5. If a constructor is needed in a controller, call parent::__contruct() --- system/core/Base4.php | 70 --------------------------------------------- system/core/Base5.php | 57 ------------------------------------ system/core/CodeIgniter.php | 20 ++++--------- system/core/Controller.php | 40 +++++++++----------------- 4 files changed, 18 insertions(+), 169 deletions(-) delete mode 100644 system/core/Base4.php delete mode 100644 system/core/Base5.php (limited to 'system/core') diff --git a/system/core/Base4.php b/system/core/Base4.php deleted file mode 100644 index ef7838d69..000000000 --- a/system/core/Base4.php +++ /dev/null @@ -1,70 +0,0 @@ -load->library('email') to instantiate - * classes that can then be used within controllers as $this->email->send() - * - * PHP 4 also has trouble referencing the CI super object within application - * constructors since objects do not exist until the class is fully - * instantiated. Basically PHP 4 sucks... - * - * Since PHP 5 doesn't suffer from this problem so we load one of - * two files based on the version of PHP being run. - * @PHP4 - * - * @package CodeIgniter - * @subpackage codeigniter - * @category front-controller - * @author ExpressionEngine Dev Team - * @link http://codeigniter.com/user_guide/ - */ - class CI_Base extends CI_Loader { - - function CI_Base() - { - // This allows syntax like $this->load->foo() to work - parent::CI_Loader(); - $this->load =& $this; - - // This allows resources used within controller constructors to work - global $OBJ; - $OBJ = $this->load; // Do NOT use a reference. - } -} - -function &get_instance() -{ - global $CI, $OBJ; - - if (is_object($CI)) - { - return $CI; - } - - return $OBJ->load; -} - - -/* End of file Base4.php */ -/* Location: ./system/core/Base4.php */ \ No newline at end of file diff --git a/system/core/Base5.php b/system/core/Base5.php deleted file mode 100644 index ac6c7f020..000000000 --- a/system/core/Base5.php +++ /dev/null @@ -1,57 +0,0 @@ -config['subclass_prefix'].'Controller'.EXT)) { diff --git a/system/core/Controller.php b/system/core/Controller.php index e250caf4b..c78be8724 100644 --- a/system/core/Controller.php +++ b/system/core/Controller.php @@ -2,7 +2,7 @@ /** * CodeIgniter * - * An open source application development framework for PHP 4.3.2 or newer + * An open source application development framework for PHP 5.1.6 or newer * * @package CodeIgniter * @author ExpressionEngine Dev Team @@ -27,16 +27,16 @@ * @author ExpressionEngine Dev Team * @link http://codeigniter.com/user_guide/general/controllers.html */ -class CI_Controller extends CI_Base { +class CI_Controller { + + private static $instance; /** * Constructor - * - * Calls the initialize() function */ - function CI_Controller() + public function __construct() { - parent::CI_Base(); + self::$instance =& $this; // Assign all the class objects that were instantiated by the // bootstrap file (CodeIgniter.php) to local class variables @@ -46,34 +46,20 @@ class CI_Controller extends CI_Base { $this->$var =& load_class($class); } - // In PHP 5 the Loader class is run as a discreet - // class. In PHP 4 it extends the Controller @PHP4 - if (is_php('5.0.0') == TRUE) - { - $this->load =& load_class('Loader', 'core'); - - $this->load->_base_classes =& is_loaded(); + $this->load =& load_class('Loader', 'core'); - $this->load->_ci_autoloader(); - } - else - { - $this->_ci_autoloader(); + $this->load->_base_classes =& is_loaded(); - // sync up the objects since PHP4 was working from a copy - foreach (array_keys(get_object_vars($this)) as $attribute) - { - if (is_object($this->$attribute)) - { - $this->load->$attribute =& $this->$attribute; - } - } - } + $this->load->_ci_autoloader(); log_message('debug', "Controller Class Initialized"); } + public static function &get_instance() + { + return self::$instance; + } } // END Controller class -- cgit v1.2.3-24-g4f1b From 3791853fa72c53062fd72b249efc733b311b3a80 Mon Sep 17 00:00:00 2001 From: Greg Aker Date: Wed, 10 Nov 2010 14:47:06 -0600 Subject: Removing the core/Compat.php file. :: poof :: --- system/core/Compat.php | 99 -------------------------------------------------- 1 file changed, 99 deletions(-) delete mode 100644 system/core/Compat.php (limited to 'system/core') diff --git a/system/core/Compat.php b/system/core/Compat.php deleted file mode 100644 index bd11b9836..000000000 --- a/system/core/Compat.php +++ /dev/null @@ -1,99 +0,0 @@ - Date: Wed, 10 Nov 2010 15:49:10 -0500 Subject: Removing _ci_is_instance from the loader. --- system/core/Loader.php | 44 ++++++-------------------------------------- 1 file changed, 6 insertions(+), 38 deletions(-) (limited to 'system/core') diff --git a/system/core/Loader.php b/system/core/Loader.php index 2324eca1e..57b05ab3e 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -34,7 +34,6 @@ class CI_Loader { var $_ci_library_paths = array(); var $_ci_model_paths = array(); var $_ci_helper_paths = array(); - var $_ci_is_instance = FALSE; // Whether we should use $this or $CI =& get_instance() var $_base_classes = array(); // Set by the controller class var $_ci_cached_vars = array(); var $_ci_classes = array(); @@ -627,17 +626,13 @@ class CI_Loader { // This allows anything loaded using $this->load (views, files, etc.) // to become accessible from within the Controller and Model functions. - // Only needed when running PHP 5 - if ($this->_ci_is_instance()) + $_ci_CI =& get_instance(); + foreach (get_object_vars($_ci_CI) as $_ci_key => $_ci_var) { - $_ci_CI =& get_instance(); - foreach (get_object_vars($_ci_CI) as $_ci_key => $_ci_var) + if ( ! isset($this->$_ci_key)) { - if ( ! isset($this->$_ci_key)) - { - $this->$_ci_key =& $_ci_CI->$_ci_key; - } + $this->$_ci_key =& $_ci_CI->$_ci_key; } } @@ -1017,26 +1012,6 @@ class CI_Loader { // -------------------------------------------------------------------- - /** - * Determines whether we should use the CI instance or $this - * @PHP4 - * - * @access private - * @return bool - */ - function _ci_is_instance() - { - if (is_php('5.0.0') == TRUE) - { - return TRUE; - } - - global $CI; - return (is_object($CI)) ? TRUE : FALSE; - } - - // -------------------------------------------------------------------- - /** * Get a reference to a specific library or model * @@ -1045,15 +1020,8 @@ class CI_Loader { */ function &_ci_get_component($component) { - if ($this->_ci_is_instance()) - { - $CI =& get_instance(); - return $CI->$component; - } - else - { - return $this->$component; - } + $CI =& get_instance(); + return $CI->$component; } // -------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From 741de1c1319dd13de75348863cca591713dd46ce Mon Sep 17 00:00:00 2001 From: Greg Aker Date: Wed, 10 Nov 2010 14:52:57 -0600 Subject: Updating PHP requirements in files 5.1.6 --- system/core/Benchmark.php | 2 +- system/core/CodeIgniter.php | 2 +- system/core/Common.php | 2 +- system/core/Config.php | 2 +- system/core/Exceptions.php | 2 +- system/core/Hooks.php | 2 +- system/core/Input.php | 2 +- system/core/Lang.php | 2 +- system/core/Loader.php | 2 +- system/core/Model.php | 2 +- system/core/Output.php | 2 +- system/core/Router.php | 2 +- system/core/URI.php | 2 +- system/core/Unicode.php | 2 +- 14 files changed, 14 insertions(+), 14 deletions(-) (limited to 'system/core') diff --git a/system/core/Benchmark.php b/system/core/Benchmark.php index 80933f424..d0e1fc683 100644 --- a/system/core/Benchmark.php +++ b/system/core/Benchmark.php @@ -2,7 +2,7 @@ /** * CodeIgniter * - * An open source application development framework for PHP 4.3.2 or newer + * An open source application development framework for PHP 5.1.6 or newer * * @package CodeIgniter * @author ExpressionEngine Dev Team diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index c50ae6d2b..be5a27120 100644 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -2,7 +2,7 @@ /** * CodeIgniter * - * An open source application development framework for PHP 4.3.2 or newer + * An open source application development framework for PHP 5.1.6 or newer * * @package CodeIgniter * @author ExpressionEngine Dev Team diff --git a/system/core/Common.php b/system/core/Common.php index 90ba7c963..56fe713bd 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -2,7 +2,7 @@ /** * CodeIgniter * - * An open source application development framework for PHP 4.3.2 or newer + * An open source application development framework for PHP 5.1.6 or newer * * @package CodeIgniter * @author ExpressionEngine Dev Team diff --git a/system/core/Config.php b/system/core/Config.php index 24503ab5d..b7055c6c9 100644 --- a/system/core/Config.php +++ b/system/core/Config.php @@ -2,7 +2,7 @@ /** * CodeIgniter * - * An open source application development framework for PHP 4.3.2 or newer + * An open source application development framework for PHP 5.1.6 or newer * * @package CodeIgniter * @author ExpressionEngine Dev Team diff --git a/system/core/Exceptions.php b/system/core/Exceptions.php index 108861de7..26b24ef17 100644 --- a/system/core/Exceptions.php +++ b/system/core/Exceptions.php @@ -2,7 +2,7 @@ /** * CodeIgniter * - * An open source application development framework for PHP 4.3.2 or newer + * An open source application development framework for PHP 5.1.6 or newer * * @package CodeIgniter * @author ExpressionEngine Dev Team diff --git a/system/core/Hooks.php b/system/core/Hooks.php index 9026a5eb6..3f841943c 100644 --- a/system/core/Hooks.php +++ b/system/core/Hooks.php @@ -2,7 +2,7 @@ /** * CodeIgniter * - * An open source application development framework for PHP 4.3.2 or newer + * An open source application development framework for PHP 5.1.6 or newer * * @package CodeIgniter * @author ExpressionEngine Dev Team diff --git a/system/core/Input.php b/system/core/Input.php index df3be207c..f959b2890 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -2,7 +2,7 @@ /** * CodeIgniter * - * An open source application development framework for PHP 4.3.2 or newer + * An open source application development framework for PHP 5.1.6 or newer * * @package CodeIgniter * @author ExpressionEngine Dev Team diff --git a/system/core/Lang.php b/system/core/Lang.php index cbd4e38b8..a53a20215 100644 --- a/system/core/Lang.php +++ b/system/core/Lang.php @@ -2,7 +2,7 @@ /** * CodeIgniter * - * An open source application development framework for PHP 4.3.2 or newer + * An open source application development framework for PHP 5.1.6 or newer * * @package CodeIgniter * @author ExpressionEngine Dev Team diff --git a/system/core/Loader.php b/system/core/Loader.php index 2324eca1e..3fc9d4c4a 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -2,7 +2,7 @@ /** * CodeIgniter * - * An open source application development framework for PHP 4.3.2 or newer + * An open source application development framework for PHP 5.1.6 or newer * * @package CodeIgniter * @author ExpressionEngine Dev Team diff --git a/system/core/Model.php b/system/core/Model.php index f6098d0cf..80f4b04a1 100644 --- a/system/core/Model.php +++ b/system/core/Model.php @@ -2,7 +2,7 @@ /** * CodeIgniter * - * An open source application development framework for PHP 4.3.2 or newer + * An open source application development framework for PHP 5.1.6 or newer * * @package CodeIgniter * @author ExpressionEngine Dev Team diff --git a/system/core/Output.php b/system/core/Output.php index 04e452d2c..2ded2837e 100644 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -2,7 +2,7 @@ /** * CodeIgniter * - * An open source application development framework for PHP 4.3.2 or newer + * An open source application development framework for PHP 5.1.6 or newer * * @package CodeIgniter * @author ExpressionEngine Dev Team diff --git a/system/core/Router.php b/system/core/Router.php index 918ea24bf..06c8d4846 100644 --- a/system/core/Router.php +++ b/system/core/Router.php @@ -2,7 +2,7 @@ /** * CodeIgniter * - * An open source application development framework for PHP 4.3.2 or newer + * An open source application development framework for PHP 5.1.6 or newer * * @package CodeIgniter * @author ExpressionEngine Dev Team diff --git a/system/core/URI.php b/system/core/URI.php index a3bd45091..b8d48c578 100644 --- a/system/core/URI.php +++ b/system/core/URI.php @@ -2,7 +2,7 @@ /** * CodeIgniter * - * An open source application development framework for PHP 4.3.2 or newer + * An open source application development framework for PHP 5.1.6 or newer * * @package CodeIgniter * @author ExpressionEngine Dev Team diff --git a/system/core/Unicode.php b/system/core/Unicode.php index 3aeb51b57..20605eecb 100644 --- a/system/core/Unicode.php +++ b/system/core/Unicode.php @@ -2,7 +2,7 @@ /** * CodeIgniter * - * An open source application development framework for PHP 4.3.2 or newer + * An open source application development framework for PHP 5.1.6 or newer * * @package CodeIgniter * @author ExpressionEngine Dev Team -- cgit v1.2.3-24-g4f1b From 2893f00bf042057b73435d65814906e1f5d2380d Mon Sep 17 00:00:00 2001 From: Greg Aker Date: Wed, 10 Nov 2010 14:55:46 -0600 Subject: Removing require Compat.php in CodeIgniter.php --- system/core/CodeIgniter.php | 7 ------- 1 file changed, 7 deletions(-) (limited to 'system/core') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index be5a27120..fc334f050 100644 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -41,13 +41,6 @@ */ require(BASEPATH.'core/Common'.EXT); -/* - * ------------------------------------------------------ - * Load the compatibility override functions - * ------------------------------------------------------ - */ - require(BASEPATH.'core/Compat'.EXT); - /* * ------------------------------------------------------ * Load the framework constants -- cgit v1.2.3-24-g4f1b From 585600207a79c1d9a7b0af5883bf384629b753a3 Mon Sep 17 00:00:00 2001 From: Pascal Kriete Date: Wed, 10 Nov 2010 16:01:20 -0500 Subject: Removing instantiate_class(), which was needed to make php 4 and 5.3 play together nicely. Removed all instantiations by reference. --- system/core/Common.php | 21 +-------------------- system/core/Loader.php | 2 +- 2 files changed, 2 insertions(+), 21 deletions(-) (limited to 'system/core') diff --git a/system/core/Common.php b/system/core/Common.php index 56fe713bd..6a3d5ac0a 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -163,29 +163,10 @@ // Keep track of what we just loaded is_loaded($class); - $_classes[$class] =& instantiate_class(new $name()); + $_classes[$class] = new $name(); return $_classes[$class]; } -// ------------------------------------------------------------------------ - -/** - * Instantiate Class - * - * Returns a new class object by reference, used by load_class() and the DB class. - * Required to retain PHP 4 compatibility and also not make PHP 5.3 cry. - * - * Use: $obj =& instantiate_class(new Foo()); - * - * @access public - * @param object - * @return object - */ - function &instantiate_class(&$class_object) - { - return $class_object; - } - // -------------------------------------------------------------------- /** diff --git a/system/core/Loader.php b/system/core/Loader.php index 69917648d..e97b18102 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -267,7 +267,7 @@ class CI_Loader { require_once(BASEPATH.'database/drivers/'.$CI->db->dbdriver.'/'.$CI->db->dbdriver.'_utility'.EXT); $class = 'CI_DB_'.$CI->db->dbdriver.'_utility'; - $CI->dbutil =& instantiate_class(new $class()); + $CI->dbutil = new $class(); } // -------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From 8adf8b03017cb0ca0c6e99ec9c1995b11f8237e6 Mon Sep 17 00:00:00 2001 From: Pascal Kriete Date: Wed, 10 Nov 2010 16:03:29 -0500 Subject: Removing a global call that was needed for php 4. --- system/core/Loader.php | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) (limited to 'system/core') diff --git a/system/core/Loader.php b/system/core/Loader.php index e97b18102..b64a6e6f4 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -703,9 +703,7 @@ class CI_Loader { } else { - // PHP 4 requires that we use a global - global $OUT; - $OUT->append_output(ob_get_contents()); + $_ci_CI->append_output(ob_get_contents()); @ob_end_clean(); } } -- cgit v1.2.3-24-g4f1b From a926328583e7ffdaaac7daf2f87810d842423f21 Mon Sep 17 00:00:00 2001 From: Greg Aker Date: Wed, 10 Nov 2010 15:26:43 -0600 Subject: Changing all class constructors to __construct() --- system/core/Config.php | 2 +- system/core/Exceptions.php | 3 +-- system/core/Hooks.php | 2 +- system/core/Input.php | 36 +++++++++++++++++------------------- system/core/Lang.php | 2 +- system/core/Loader.php | 2 +- system/core/Output.php | 2 +- system/core/Router.php | 2 +- system/core/URI.php | 4 ++-- system/core/Unicode.php | 2 +- 10 files changed, 27 insertions(+), 30 deletions(-) (limited to 'system/core') diff --git a/system/core/Config.php b/system/core/Config.php index b7055c6c9..bdd1b8333 100644 --- a/system/core/Config.php +++ b/system/core/Config.php @@ -43,7 +43,7 @@ class CI_Config { * @param boolean true if errors should just return false, false if an error message should be displayed * @return boolean if the file was successfully loaded or not */ - function CI_Config() + function __construct() { $this->config =& get_config(); log_message('debug', "Config Class Initialized"); diff --git a/system/core/Exceptions.php b/system/core/Exceptions.php index 26b24ef17..32cb77baf 100644 --- a/system/core/Exceptions.php +++ b/system/core/Exceptions.php @@ -50,9 +50,8 @@ class CI_Exceptions { /** * Constructor - * */ - function CI_Exceptions() + public function __construct() { $this->ob_level = ob_get_level(); // Note: Do not log messages from this constructor. diff --git a/system/core/Hooks.php b/system/core/Hooks.php index 3f841943c..70dc6870b 100644 --- a/system/core/Hooks.php +++ b/system/core/Hooks.php @@ -36,7 +36,7 @@ class CI_Hooks { * Constructor * */ - function CI_Hooks() + function __construct() { $this->_initialize(); log_message('debug', "Hooks Class Initialized"); diff --git a/system/core/Input.php b/system/core/Input.php index f959b2890..0ce2d893a 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -35,16 +35,14 @@ class CI_Input { var $_enable_xss = FALSE; // Set automatically based on config setting var $_enable_csrf = FALSE; // Set automatically based on config setting - /** - * Constructor - * - * Sets whether to globally enable the XSS processing - * and whether to allow the $_GET array - * - * @access public - */ - function CI_Input() + * Constructor + * + * Sets whether to globally enable the XSS processing + * and whether to allow the $_GET array + * + */ + public function __construct() { log_message('debug', "Input Class Initialized"); @@ -72,16 +70,16 @@ class CI_Input { // -------------------------------------------------------------------- /** - * Fetch from array - * - * This is a helper function to retrieve values from global arrays - * - * @access private - * @param array - * @param string - * @param bool - * @return string - */ + * Fetch from array + * + * This is a helper function to retrieve values from global arrays + * + * @access private + * @param array + * @param string + * @param bool + * @return string + */ function _fetch_from_array(&$array, $index = '', $xss_clean = FALSE) { if ( ! isset($array[$index])) diff --git a/system/core/Lang.php b/system/core/Lang.php index a53a20215..e7867b354 100644 --- a/system/core/Lang.php +++ b/system/core/Lang.php @@ -34,7 +34,7 @@ class CI_Lang { * * @access public */ - function CI_Lang() + function __construct() { log_message('debug', "Language Class Initialized"); } diff --git a/system/core/Loader.php b/system/core/Loader.php index b64a6e6f4..5d4b25994 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -50,7 +50,7 @@ class CI_Loader { * * @access public */ - function CI_Loader() + function __construct() { $this->_ci_view_path = APPPATH.'views/'; $this->_ci_ob_level = ob_get_level(); diff --git a/system/core/Output.php b/system/core/Output.php index 2ded2837e..27a3a4bb0 100644 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -37,7 +37,7 @@ class CI_Output { var $_zlib_oc = FALSE; var $_profiler_sections = array(); - function CI_Output() + function __construct() { $this->_zlib_oc = @ini_get('zlib.output_compression'); diff --git a/system/core/Router.php b/system/core/Router.php index 06c8d4846..9276800c3 100644 --- a/system/core/Router.php +++ b/system/core/Router.php @@ -41,7 +41,7 @@ class CI_Router { * * Runs the route mapping function. */ - function CI_Router() + function __construct() { $this->config =& load_class('Config', 'core'); $this->uri =& load_class('URI', 'core'); diff --git a/system/core/URI.php b/system/core/URI.php index b8d48c578..b36593bc0 100644 --- a/system/core/URI.php +++ b/system/core/URI.php @@ -28,7 +28,7 @@ */ class CI_URI { - var $keyval = array(); + var $keyval = array(); var $uri_string; var $segments = array(); var $rsegments = array(); @@ -42,7 +42,7 @@ class CI_URI { * * @access public */ - function CI_URI() + function __construct() { $this->config =& load_class('Config', 'core'); log_message('debug', "URI Class Initialized"); diff --git a/system/core/Unicode.php b/system/core/Unicode.php index 20605eecb..ce1de3022 100644 --- a/system/core/Unicode.php +++ b/system/core/Unicode.php @@ -34,7 +34,7 @@ class CI_Unicode { * Determines if UTF-8 support is to be enabled * */ - function CI_Unicode() + function __construct() { log_message('debug', "Unicode Class Initialized"); -- cgit v1.2.3-24-g4f1b From 22f1a6380b292dbe9576b4015cbfbd09618ead5d Mon Sep 17 00:00:00 2001 From: Greg Aker Date: Wed, 10 Nov 2010 15:34:35 -0600 Subject: Fixing output buffer error in the loader class --- system/core/Loader.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Loader.php b/system/core/Loader.php index 5d4b25994..4b6b19eea 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -703,7 +703,7 @@ class CI_Loader { } else { - $_ci_CI->append_output(ob_get_contents()); + $_ci_CI->output->append_output(ob_get_contents()); @ob_end_clean(); } } -- cgit v1.2.3-24-g4f1b From ebb6f4bf664747d3649d622b98abc78f2da397f7 Mon Sep 17 00:00:00 2001 From: Pascal Kriete Date: Wed, 10 Nov 2010 17:09:21 -0500 Subject: Some simple tweaking --- system/core/CodeIgniter.php | 3 +-- system/core/URI.php | 11 ++++------- 2 files changed, 5 insertions(+), 9 deletions(-) (limited to 'system/core') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index fc334f050..595e00f27 100644 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -221,7 +221,7 @@ // If this include fails it means that the default controller in the Routes.php file is not resolving to something valid. if ( ! file_exists(APPPATH.'controllers/'.$RTR->fetch_directory().$RTR->fetch_class().EXT)) { - show_error('Unable to load your default controller. Please make sure the controller specified in your Routes.php file is valid.'); + show_error('Unable to load your default controller. Please make sure the controller specified in your Routes.php file is valid.'); } include(APPPATH.'controllers/'.$RTR->fetch_directory().$RTR->fetch_class().EXT); @@ -242,7 +242,6 @@ $method = $RTR->fetch_method(); if ( ! class_exists($class) - OR $method == 'controller' OR strncmp($method, '_', 1) == 0 OR in_array(strtolower($method), array_map('strtolower', get_class_methods('CI_Controller'))) ) diff --git a/system/core/URI.php b/system/core/URI.php index b36593bc0..5a5a37cc6 100644 --- a/system/core/URI.php +++ b/system/core/URI.php @@ -482,21 +482,18 @@ class CI_URI { */ function _slash_segment($n, $where = 'trailing', $which = 'segment') { + $leading = '/'; + $trailing = '/'; + if ($where == 'trailing') { - $trailing = '/'; $leading = ''; } elseif ($where == 'leading') { - $leading = '/'; $trailing = ''; } - else - { - $leading = '/'; - $trailing = '/'; - } + return $leading.$this->$which($n).$trailing; } -- cgit v1.2.3-24-g4f1b From ec2f57133750caa5f5903e529a6ae776aebc4431 Mon Sep 17 00:00:00 2001 From: Greg Aker Date: Mon, 15 Nov 2010 16:22:12 -0600 Subject: Adding request_headers() and get_request_header() methods to the input class. The request_headers() method is helpful in non-apache environments where apache_request_headers() isn't going to exist. --- system/core/Input.php | 83 +++++++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 81 insertions(+), 2 deletions(-) (limited to 'system/core') diff --git a/system/core/Input.php b/system/core/Input.php index 0ce2d893a..52ea71bc5 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -35,6 +35,9 @@ class CI_Input { var $_enable_xss = FALSE; // Set automatically based on config setting var $_enable_csrf = FALSE; // Set automatically based on config setting + protected $headers = array(); + + /** * Constructor * @@ -378,8 +381,10 @@ class CI_Input { function _sanitize_globals() { // It would be "wrong" to unset any of these GLOBALS. - $protected = array('_SERVER', '_GET', '_POST', '_FILES', '_REQUEST', '_SESSION', '_ENV', 'GLOBALS', 'HTTP_RAW_POST_DATA', - 'system_folder', 'application_folder', 'BM', 'EXT', 'CFG', 'URI', 'RTR', 'OUT', 'IN'); + $protected = array('_SERVER', '_GET', '_POST', '_FILES', '_REQUEST', + '_SESSION', '_ENV', 'GLOBALS', 'HTTP_RAW_POST_DATA', + 'system_folder', 'application_folder', 'BM', 'EXT', + 'CFG', 'URI', 'RTR', 'OUT', 'IN'); // Unset globals for securiy. // This is effectively the same as register_globals = off @@ -545,6 +550,80 @@ class CI_Input { return $str; } + // -------------------------------------------------------------------- + + /** + * Request Headers + * + * In Apache, you can simply call apache_request_headers(), however for + * people running other webservers the function is undefined. + * + * @return array + */ + public function request_headers($xss_clean = FALSE) + { + // Look at Apache go! + if (function_exists('apache_request_headers')) + { + $headers = apache_request_headers(); + } + else + { + $headers['Content-Type'] = (isset($_SERVER['CONTENT_TYPE'])) ? $_SERVER['CONTENT_TYPE'] : @getenv('CONTENT_TYPE'); + + foreach ($_SERVER as $key => $val) + { + if (strncmp($key, 'HTTP_', 5) === 0) + { + $headers[substr($key, 5)] = $this->_fetch_from_array($_SERVER, $key, $xss_clean); + } + } + } + + // take SOME_HEADER and turn it into Some-Header + foreach ($headers as $key => $val) + { + $key = str_replace('_', ' ', strtolower($key)); + $key = str_replace(' ', '-', ucwords($key)); + + $this->headers[$key] = $val; + } + + return $this->headers; + } + + // -------------------------------------------------------------------- + + /** + * Get Request Header + * + * Returns the value of a single member of the headers class member + * + * @param string array key for $this->headers + * @param boolean XSS Clean or not + * @return mixed FALSE on failure, string on success + */ + public function get_request_header($index, $xss_clean = FALSE) + { + if (empty($this->headers)) + { + $this->request_headers(); + } + + if ( ! isset($this->headers[$index])) + { + return FALSE; + } + + if ($xss_clean === TRUE) + { + $_security =& load_class('Security'); + return $_security->xss_clean($this->headers[$index]); + } + + return $this->headers[$index]; + } + } // END Input class -- cgit v1.2.3-24-g4f1b From cc92210249d1ee2acbdeee8cd78306e3572669d1 Mon Sep 17 00:00:00 2001 From: Greg Aker Date: Wed, 17 Nov 2010 20:25:08 -0600 Subject: Fix #237 get_instance() was being called in the output class before the CI_Controller exists. --- system/core/Output.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Output.php b/system/core/Output.php index 27a3a4bb0..0b708e110 100644 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -214,7 +214,7 @@ class CI_Output { global $BM, $CFG; // Grab the super object if we can. - if (function_exists('get_instance')) + if (class_exists('CI_Controller')) { $CI =& get_instance(); } -- cgit v1.2.3-24-g4f1b From 081ac9d44dab334c748c0f7e763c97d55fb9bdf1 Mon Sep 17 00:00:00 2001 From: Greg Aker Date: Mon, 22 Nov 2010 14:42:53 -0600 Subject: Adding is_ajax_request() method to CI_Input --- system/core/Input.php | 15 +++++++++++++++ 1 file changed, 15 insertions(+) (limited to 'system/core') diff --git a/system/core/Input.php b/system/core/Input.php index 52ea71bc5..6f88b1972 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -624,6 +624,21 @@ class CI_Input { return $this->headers[$index]; } + // -------------------------------------------------------------------- + + /** + * Is ajax Request? + * + * Test to see if a request contains the HTTP_X_REQUESTED_WITH header + * + * @return boolean + */ + public function is_ajax_request() + { + $req_source = $this->server('HTTP_X_REQUESTED_WITH'); + return ($req_source == 'XMLHttpRequest') ? TRUE : FALSE; + } + } // END Input class -- cgit v1.2.3-24-g4f1b From 2fae66e54bac9104acb2236aeffec80d1c794c4d Mon Sep 17 00:00:00 2001 From: Greg Aker Date: Thu, 9 Dec 2010 15:49:34 -0600 Subject: Fix #260 - tightening up the is_ajax_request() method in the Input class. Thanks sophistry for the suggestion --- system/core/Input.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'system/core') diff --git a/system/core/Input.php b/system/core/Input.php index 6f88b1972..9d8811cdd 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -635,8 +635,7 @@ class CI_Input { */ public function is_ajax_request() { - $req_source = $this->server('HTTP_X_REQUESTED_WITH'); - return ($req_source == 'XMLHttpRequest') ? TRUE : FALSE; + return ($this->server('HTTP_X_REQUESTED_WITH') === 'XMLHttpRequest'); } } -- cgit v1.2.3-24-g4f1b From 9a311fd3c45faadb7081a48b068f07c0f44b9e5e Mon Sep 17 00:00:00 2001 From: Phil Sturgeon Date: Wed, 15 Dec 2010 10:50:15 +0000 Subject: Package paths can now be auto-loaded in autoload.php. --- system/core/Loader.php | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'system/core') diff --git a/system/core/Loader.php b/system/core/Loader.php index 4b6b19eea..afbae6175 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -942,6 +942,15 @@ class CI_Loader { return FALSE; } + // Autoload packages + if (isset($autoload['packages'])) + { + foreach ($autoload['packages'] as $package_path) + { + $this->add_package_path($package_path); + } + } + // Load any custom config file if (count($autoload['config']) > 0) { -- cgit v1.2.3-24-g4f1b From 790ebf3a77677dd6d7473bb14f8e9c5594ddcb46 Mon Sep 17 00:00:00 2001 From: Pascal Kriete Date: Wed, 15 Dec 2010 10:53:35 -0500 Subject: Changing the router to support any number of segments in the default route. Closes #261. --- system/core/Router.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Router.php b/system/core/Router.php index 9276800c3..e21519329 100644 --- a/system/core/Router.php +++ b/system/core/Router.php @@ -144,7 +144,7 @@ class CI_Router { $this->set_class($x[0]); $this->set_method($x[1]); - $this->_set_request(array($x[0], $x[1])); + $this->_set_request($x); } else { -- cgit v1.2.3-24-g4f1b From 2eaa4074ea007cec58a802f591b4641b043213d1 Mon Sep 17 00:00:00 2001 From: Greg Aker Date: Tue, 21 Dec 2010 11:44:08 -0600 Subject: Moving system/{logs,cache} to the application directory. --- system/core/Output.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'system/core') diff --git a/system/core/Output.php b/system/core/Output.php index 0b708e110..c83b90f00 100644 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -347,7 +347,7 @@ class CI_Output { $CI =& get_instance(); $path = $CI->config->item('cache_path'); - $cache_path = ($path == '') ? BASEPATH.'cache/' : $path; + $cache_path = ($path == '') ? APPPATH.'cache/' : $path; if ( ! is_dir($cache_path) OR ! is_really_writable($cache_path)) { @@ -395,7 +395,7 @@ class CI_Output { */ function _display_cache(&$CFG, &$URI) { - $cache_path = ($CFG->item('cache_path') == '') ? BASEPATH.'cache/' : $CFG->item('cache_path'); + $cache_path = ($CFG->item('cache_path') == '') ? APPPATH.'cache/' : $CFG->item('cache_path'); // Build the file path. The file name is an MD5 hash of the full URI $uri = $CFG->item('base_url'). -- cgit v1.2.3-24-g4f1b From 9730c75373afbb9b4c9310d3235bdb74adb5b1b2 Mon Sep 17 00:00:00 2001 From: Phil Sturgeon Date: Wed, 15 Dec 2010 10:50:15 +0000 Subject: Package paths can now be auto-loaded in autoload.php. --- system/core/Loader.php | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'system/core') diff --git a/system/core/Loader.php b/system/core/Loader.php index 4b6b19eea..afbae6175 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -942,6 +942,15 @@ class CI_Loader { return FALSE; } + // Autoload packages + if (isset($autoload['packages'])) + { + foreach ($autoload['packages'] as $package_path) + { + $this->add_package_path($package_path); + } + } + // Load any custom config file if (count($autoload['config']) > 0) { -- cgit v1.2.3-24-g4f1b From fd6948997faf5f064f76353da65bd1d0ec65ec51 Mon Sep 17 00:00:00 2001 From: Phil Sturgeon Date: Wed, 15 Dec 2010 10:52:37 +0000 Subject: Potential PHP 5.4 issue, get_magic_quotes_gpc() is being removed. This change will check the function exists before calling it in Input. --- system/core/Input.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Input.php b/system/core/Input.php index 9d8811cdd..5a227332c 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -492,7 +492,7 @@ class CI_Input { } // We strip slashes if magic quotes is on to keep things consistent - if (get_magic_quotes_gpc()) + if (function_exists('get_magic_quotes_gpc') AND get_magic_quotes_gpc()) { $str = stripslashes($str); } -- cgit v1.2.3-24-g4f1b From 65d603e03d3befd6e4f13361c78ab454ea57ba70 Mon Sep 17 00:00:00 2001 From: Dan Horrigan Date: Wed, 15 Dec 2010 08:38:30 -0500 Subject: Added full Query String and $_GET array support. This is enabled by default. Added a seperate config option to enable/disable the $_GET array. --- system/core/Input.php | 4 +- system/core/URI.php | 100 ++++++++++++++++++++++++++++++++++---------------- 2 files changed, 71 insertions(+), 33 deletions(-) (limited to 'system/core') diff --git a/system/core/Input.php b/system/core/Input.php index 9d8811cdd..4ddc402ee 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -30,7 +30,7 @@ class CI_Input { var $ip_address = FALSE; var $user_agent = FALSE; - var $_allow_get_array = FALSE; + var $_allow_get_array = TRUE; var $_standardize_newlines = TRUE; var $_enable_xss = FALSE; // Set automatically based on config setting var $_enable_csrf = FALSE; // Set automatically based on config setting @@ -49,7 +49,7 @@ class CI_Input { { log_message('debug', "Input Class Initialized"); - $this->_allow_get_array = (config_item('enable_query_strings') === TRUE) ? TRUE : FALSE; + $this->_allow_get_array = (config_item('allow_get_array') === TRUE) ? TRUE : FALSE; $this->_enable_xss = (config_item('global_xss_filtering') === TRUE) ? TRUE : FALSE; $this->_enable_csrf = (config_item('csrf_protection') === TRUE) ? TRUE : FALSE; diff --git a/system/core/URI.php b/system/core/URI.php index 5a5a37cc6..f6487d3f9 100644 --- a/system/core/URI.php +++ b/system/core/URI.php @@ -61,13 +61,10 @@ class CI_URI { { if (strtoupper($this->config->item('uri_protocol')) == 'AUTO') { - // If the URL has a question mark then it's simplest to just - // build the URI string from the zero index of the $_GET array. - // This avoids having to deal with $_SERVER variables, which - // can be unreliable in some environments - if (is_array($_GET) && count($_GET) == 1 && trim(key($_GET), '/') != '') + // Let's try the REQUEST_URI first, this will work in most situations + if ($uri = $this->_get_request_uri()) { - $this->uri_string = key($_GET); + $this->uri_string = $this->_parse_request_uri($uri); return; } @@ -88,12 +85,10 @@ class CI_URI { return; } - // No QUERY_STRING?... Maybe the ORIG_PATH_INFO variable exists? - $path = str_replace($_SERVER['SCRIPT_NAME'], '', (isset($_SERVER['ORIG_PATH_INFO'])) ? $_SERVER['ORIG_PATH_INFO'] : @getenv('ORIG_PATH_INFO')); - if (trim($path, '/') != '' && $path != "/".SELF) + // As a last ditch effort lets try using the $_GET array + if (is_array($_GET) && count($_GET) == 1 && trim(key($_GET), '/') != '') { - // remove path and script information so we have good URI data - $this->uri_string = $path; + $this->uri_string = key($_GET); return; } @@ -106,7 +101,7 @@ class CI_URI { if ($uri == 'REQUEST_URI') { - $this->uri_string = $this->_parse_request_uri(); + $this->uri_string = $this->_parse_request_uri($this->_get_request_uri()); return; } @@ -123,36 +118,68 @@ class CI_URI { // -------------------------------------------------------------------- /** - * Parse the REQUEST_URI + * Get REQUEST_URI * - * Due to the way REQUEST_URI works it usually contains path info - * that makes it unusable as URI data. We'll trim off the unnecessary - * data, hopefully arriving at a valid URI that we can use. + * Retrieves the REQUEST_URI, or equivelent for IIS. * * @access private * @return string */ - function _parse_request_uri() + function _get_request_uri() { - if ( ! isset($_SERVER['REQUEST_URI']) OR $_SERVER['REQUEST_URI'] == '') + $uri = FALSE; + + // Let's check for standard servers first + if (isset($_SERVER['REQUEST_URI'])) { - return ''; + $uri = $_SERVER['REQUEST_URI']; + if (strpos($uri, $_SERVER['HTTP_HOST']) !== FALSE) + { + $uri = preg_replace('/^\w+:\/\/[^\/]+/','',$uri); + } } - - $request_uri = preg_replace("|/(.*)|", "\\1", str_replace("\\", "/", $_SERVER['REQUEST_URI'])); - - if ($request_uri == '' OR $request_uri == SELF) + // Now lets check for IIS + elseif (isset($_SERVER['HTTP_X_REWRITE_URL'])) { - return ''; + $uri = $_SERVER['HTTP_X_REWRITE_URL']; + } + // Last ditch effort (for older CGI servers, like IIS 5) + elseif (isset($_SERVER['ORIG_PATH_INFO'])) + { + $uri = $_SERVER['ORIG_PATH_INFO']; + if ( ! empty($_SERVER['QUERY_STRING'])) + { + $uri .= '?'.$_SERVER['QUERY_STRING']; + } } - $fc_path = FCPATH.SELF; - if (strpos($request_uri, '?') !== FALSE) + return $uri; + } + + // -------------------------------------------------------------------- + + /** + * Parse REQUEST_URI + * + * Due to the way REQUEST_URI works it usually contains path info + * that makes it unusable as URI data. We'll trim off the unnecessary + * data, hopefully arriving at a valid URI that we can use. + * + * @access private + * @param string + * @return string + */ + function _parse_request_uri($uri) + { + // Some server's require URL's like index.php?/whatever If that is the case, + // then we need to add that to our parsing. + $fc_path = ltrim(FCPATH.SELF, '/'); + if (strpos($uri, SELF.'?') !== FALSE) { $fc_path .= '?'; } - $parsed_uri = explode("/", $request_uri); + $parsed_uri = explode('/', ltrim($uri, '/')); $i = 0; foreach(explode("/", $fc_path) as $segment) @@ -163,14 +190,25 @@ class CI_URI { } } - $parsed_uri = implode("/", array_slice($parsed_uri, $i)); + $uri = implode("/", array_slice($parsed_uri, $i)); + + // Let's take off any query string and re-assign $_SERVER['QUERY_STRING'] and $_GET. + // This is only needed on some servers. However, we are forced to use it to accomodate + // them. + if (($qs_pos = strpos($uri, '?')) !== FALSE) + { + $_SERVER['QUERY_STRING'] = substr($uri, $qs_pos + 1); + parse_str($_SERVER['QUERY_STRING'], $_GET); + $uri = substr($uri, 0, $qs_pos); + } - if ($parsed_uri != '') + // If it is just a / or index.php then just empty it. + if ($uri == '/' || $uri == SELF) { - $parsed_uri = '/'.$parsed_uri; + $uri = ''; } - return $parsed_uri; + return $uri; } // -------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From 4df8b2276bbcc7f025a41b0d09f2f8cd7927b51a Mon Sep 17 00:00:00 2001 From: Phil Sturgeon Date: Wed, 15 Dec 2010 14:23:14 +0000 Subject: ['base_url'] is now empty by default and will guess what it should be. --- system/core/Config.php | 46 ++++++++++++++++++++++------------------------ 1 file changed, 22 insertions(+), 24 deletions(-) (limited to 'system/core') diff --git a/system/core/Config.php b/system/core/Config.php index bdd1b8333..506af0d99 100644 --- a/system/core/Config.php +++ b/system/core/Config.php @@ -47,6 +47,25 @@ class CI_Config { { $this->config =& get_config(); log_message('debug', "Config Class Initialized"); + + // Set the base_url automatically if none was provided + if ($this->config['base_url'] == '') + { + // Base URL (keeps this crazy sh*t out of the config.php + if(isset($_SERVER['HTTP_HOST'])) + { + $base_url = isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on' ? 'https' : 'http'; + $base_url .= '://'. $_SERVER['HTTP_HOST']; + $base_url .= str_replace(basename($_SERVER['SCRIPT_NAME']), '', $_SERVER['SCRIPT_NAME']); + } + + else + { + $base_url = 'http://localhost/'; + } + + $this->set_item('base_url', $base_url); + } } // -------------------------------------------------------------------- @@ -185,14 +204,7 @@ class CI_Config { return FALSE; } - $pref = $this->config[$item]; - - if ($pref != '' && substr($pref, -1) != '/') - { - $pref .= '/'; - } - - return $pref; + return rtrim($this->config[$item], '/').'/'; } // -------------------------------------------------------------------- @@ -208,14 +220,7 @@ class CI_Config { { if ($uri == '') { - if ($this->item('base_url') == '') - { - return $this->item('index_page'); - } - else - { - return $this->slash_item('base_url').$this->item('index_page'); - } + return $this->slash_item('base_url').$this->item('index_page'); } if ($this->item('enable_query_strings') == FALSE) @@ -244,14 +249,7 @@ class CI_Config { $uri = $str; } - if ($this->item('base_url') == '') - { - return $this->item('index_page').'?'.$uri; - } - else - { - return $this->slash_item('base_url').$this->item('index_page').'?'.$uri; - } + return $this->slash_item('base_url').$this->item('index_page').'?'.$uri; } } -- cgit v1.2.3-24-g4f1b From fb5523855cb0592abe8e8720d7019fa82acfb054 Mon Sep 17 00:00:00 2001 From: Phil Sturgeon Date: Wed, 15 Dec 2010 14:29:21 +0000 Subject: Revised the base_url auto-generation detection of protocol as some servers will not send off. --- system/core/Config.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Config.php b/system/core/Config.php index 506af0d99..081f1d899 100644 --- a/system/core/Config.php +++ b/system/core/Config.php @@ -54,7 +54,7 @@ class CI_Config { // Base URL (keeps this crazy sh*t out of the config.php if(isset($_SERVER['HTTP_HOST'])) { - $base_url = isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on' ? 'https' : 'http'; + $base_url = isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) !== 'off' ? 'https' : 'http'; $base_url .= '://'. $_SERVER['HTTP_HOST']; $base_url .= str_replace(basename($_SERVER['SCRIPT_NAME']), '', $_SERVER['SCRIPT_NAME']); } -- cgit v1.2.3-24-g4f1b From 23174a64277cad04c89d943fa65694299f7424d6 Mon Sep 17 00:00:00 2001 From: Phil Sturgeon Date: Wed, 15 Dec 2010 15:18:16 +0000 Subject: ['404_override'] can now take methods and URI segments, not just a controller name. This is useful for 404 pages on errors/page_missing or /pages/view/404. --- system/core/Router.php | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) (limited to 'system/core') diff --git a/system/core/Router.php b/system/core/Router.php index 9276800c3..79a8b4fcc 100644 --- a/system/core/Router.php +++ b/system/core/Router.php @@ -270,19 +270,17 @@ class CI_Router { // If we've gotten this far it means that the URI does not correlate to a valid // controller class. We will now see if there is an override - if (isset($this->routes['404_override']) AND $this->routes['404_override'] != '') + if (!empty($this->routes['404_override'])) { - if (strpos($this->routes['404_override'], '/') !== FALSE) - { - $x = explode('/', $this->routes['404_override']); + $x = explode('/', $this->routes['404_override']); - $this->set_class($x[0]); - $this->set_method($x[1]); + $this->set_class($x[0]); + $this->set_method(isset($x[1]) ? $x[1] : 'index'); - return $x; - } + return $x; } + // Nothing else to do at this point but show a 404 show_404($segments[0]); } -- cgit v1.2.3-24-g4f1b From de3dbc36dab42d86c66d76efd6fdb1d1dce71ce8 Mon Sep 17 00:00:00 2001 From: Phil Sturgeon Date: Mon, 27 Dec 2010 17:41:02 +0000 Subject: Languages can now be placed in packages folders, and added ->load->get_package_paths(). --- system/core/Config.php | 1 - system/core/Lang.php | 18 +++++++++++------- system/core/Loader.php | 35 +++++++++++++++++++++-------------- 3 files changed, 32 insertions(+), 22 deletions(-) (limited to 'system/core') diff --git a/system/core/Config.php b/system/core/Config.php index 081f1d899..8ecfba73a 100644 --- a/system/core/Config.php +++ b/system/core/Config.php @@ -51,7 +51,6 @@ class CI_Config { // Set the base_url automatically if none was provided if ($this->config['base_url'] == '') { - // Base URL (keeps this crazy sh*t out of the config.php if(isset($_SERVER['HTTP_HOST'])) { $base_url = isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) !== 'off' ? 'https' : 'http'; diff --git a/system/core/Lang.php b/system/core/Lang.php index e7867b354..8ec179771 100644 --- a/system/core/Lang.php +++ b/system/core/Lang.php @@ -78,17 +78,21 @@ class CI_Lang { { include($alt_path.'language/'.$idiom.'/'.$langfile); } - elseif (file_exists(APPPATH.'language/'.$idiom.'/'.$langfile)) - { - include(APPPATH.'language/'.$idiom.'/'.$langfile); - } else { - if (file_exists(BASEPATH.'language/'.$idiom.'/'.$langfile)) + $found = FALSE; + + foreach (get_instance()->load->get_package_paths(TRUE) as $package_path) { - include(BASEPATH.'language/'.$idiom.'/'.$langfile); + if (file_exists($package_path.'language/'.$idiom.'/'.$langfile)) + { + include($package_path.'language/'.$idiom.'/'.$langfile); + $found = TRUE; + break; + } } - else + + if ($found !== TRUE) { show_error('Unable to load the requested language file: language/'.$idiom.'/'.$langfile); } diff --git a/system/core/Loader.php b/system/core/Loader.php index afbae6175..136cae9bf 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -81,12 +81,12 @@ class CI_Loader { { foreach($library as $read) { - $this->library($read); + $this->library($read); } - + return; } - + if ($library == '' OR isset($this->_base_classes[$library])) { return FALSE; @@ -527,7 +527,7 @@ class CI_Loader { function add_package_path($path) { $path = rtrim($path, '/').'/'; - + array_unshift($this->_ci_library_paths, $path); array_unshift($this->_ci_model_paths, $path); array_unshift($this->_ci_helper_paths, $path); @@ -539,6 +539,22 @@ class CI_Loader { // -------------------------------------------------------------------- + /** + * Get Package Paths + * + * Return a list of all package paths, by default it will ignore BASEPATH. + * + * @access public + * @param string + * @return void + */ + function get_package_paths($include_base = FALSE) + { + return $include_base === TRUE ? $this->_ci_library_paths : $this->_ci_model_paths; + } + + // -------------------------------------------------------------------- + /** * Remove Package Path * @@ -563,7 +579,7 @@ class CI_Loader { else { $path = rtrim($path, '/').'/'; - + foreach (array('_ci_library_paths', '_ci_model_paths', '_ci_helper_paths') as $var) { if (($key = array_search($path, $this->{$var})) !== FALSE) @@ -942,15 +958,6 @@ class CI_Loader { return FALSE; } - // Autoload packages - if (isset($autoload['packages'])) - { - foreach ($autoload['packages'] as $package_path) - { - $this->add_package_path($package_path); - } - } - // Load any custom config file if (count($autoload['config']) > 0) { -- cgit v1.2.3-24-g4f1b From 48c718c4cbe4419411623b709f898d3d9a7d7aef Mon Sep 17 00:00:00 2001 From: Phil Sturgeon Date: Thu, 30 Dec 2010 23:40:02 +0000 Subject: Added support for calling controllers, methods and passing parameters via command line, either automatically or specifically with $config['uri_protocol'] = 'CLI'; --- system/core/URI.php | 37 +++++++++++++++++++++++++++++++++---- 1 file changed, 33 insertions(+), 4 deletions(-) (limited to 'system/core') diff --git a/system/core/URI.php b/system/core/URI.php index 047e3c9bc..479a225fb 100644 --- a/system/core/URI.php +++ b/system/core/URI.php @@ -68,6 +68,13 @@ class CI_URI { return; } + // Arguments exist, it must be a command line request + if ( ! empty($_SERVER['argv'])) + { + $this->uri_string = $this->_parse_cli_args(); + return; + } + // Is there a PATH_INFO variable? // Note: some servers seem to have trouble with getenv() so we'll test it two ways $path = (isset($_SERVER['PATH_INFO'])) ? $_SERVER['PATH_INFO'] : @getenv('PATH_INFO'); @@ -104,6 +111,11 @@ class CI_URI { $this->uri_string = $this->_parse_request_uri($this->_get_request_uri()); return; } + elseif ($uri == 'CLI') + { + $this->uri_string = $this->_parse_cli_args(); + return; + } $this->uri_string = (isset($_SERVER[$uri])) ? $_SERVER[$uri] : @getenv($uri); } @@ -144,7 +156,7 @@ class CI_URI { { $uri = $_SERVER['HTTP_X_REWRITE_URL']; } - + // Last ditch effort (for older CGI servers, like IIS 5) elseif (isset($_SERVER['ORIG_PATH_INFO'])) { @@ -171,7 +183,7 @@ class CI_URI { * @param string * @return string */ - function _parse_request_uri($uri) + private function _parse_request_uri($uri) { // Some server's require URL's like index.php?/whatever If that is the case, // then we need to add that to our parsing. @@ -215,6 +227,23 @@ class CI_URI { // -------------------------------------------------------------------- + /** + * Parse cli arguments + * + * Take each command line argument and assume it is a URI segment. + * + * @access private + * @return string + */ + private function _parse_cli_args() + { + $args = array_slice($_SERVER['argv'], 1); + + return $args ? '/' . implode('/', $args) : ''; + } + + // -------------------------------------------------------------------- + /** * Filter segments for malicious characters * @@ -524,7 +553,7 @@ class CI_URI { { $leading = '/'; $trailing = '/'; - + if ($where == 'trailing') { $leading = ''; @@ -533,7 +562,7 @@ class CI_URI { { $trailing = ''; } - + return $leading.$this->$which($n).$trailing; } -- cgit v1.2.3-24-g4f1b From 5e16ec6b33ed6a80bf511b2bf6eb4fc5a1103c94 Mon Sep 17 00:00:00 2001 From: Eric Barnes Date: Tue, 4 Jan 2011 17:25:23 -0500 Subject: Added ability to auto load package config files. Fixes #281 --- system/core/Loader.php | 29 +++++++++++++++++++++-------- 1 file changed, 21 insertions(+), 8 deletions(-) (limited to 'system/core') diff --git a/system/core/Loader.php b/system/core/Loader.php index 136cae9bf..225b43912 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -870,15 +870,28 @@ class CI_Loader { // Is there an associated config file for this class? Note: these should always be lowercase if ($config === NULL) { - // We test for both uppercase and lowercase, for servers that - // are case-sensitive with regard to file names - if (file_exists(APPPATH.'config/'.strtolower($class).EXT)) - { - include_once(APPPATH.'config/'.strtolower($class).EXT); - } - elseif (file_exists(APPPATH.'config/'.ucfirst(strtolower($class)).EXT)) + // Fetch the config paths containing any package paths + $config_component = $this->_ci_get_component('config'); + + if (is_array($config_component->_config_paths)) { - include_once(APPPATH.'config/'.ucfirst(strtolower($class)).EXT); + // Break on the first found file, thus package files + // are not overridden by default paths + foreach ($config_component->_config_paths as $path) + { + // We test for both uppercase and lowercase, for servers that + // are case-sensitive with regard to file names + if (file_exists($path .'config/'.strtolower($class).EXT)) + { + include_once($path .'config/'.strtolower($class).EXT); + break; + } + elseif (file_exists($path .'config/'.ucfirst(strtolower($class)).EXT)) + { + include_once($path .'config/'.ucfirst(strtolower($class)).EXT); + break; + } + } } } -- cgit v1.2.3-24-g4f1b From 0711dc87d98ce20d3a87f7ac43d78af8fba1dca7 Mon Sep 17 00:00:00 2001 From: Greg Aker Date: Wed, 5 Jan 2011 10:49:40 -0600 Subject: Hey look, it's 2011 --- system/core/Benchmark.php | 2 +- system/core/CodeIgniter.php | 2 +- system/core/Common.php | 2 +- system/core/Config.php | 2 +- system/core/Controller.php | 2 +- system/core/Exceptions.php | 2 +- system/core/Hooks.php | 2 +- system/core/Input.php | 2 +- system/core/Lang.php | 2 +- system/core/Loader.php | 2 +- system/core/Model.php | 2 +- system/core/Output.php | 2 +- system/core/Router.php | 2 +- system/core/URI.php | 2 +- system/core/Unicode.php | 2 +- 15 files changed, 15 insertions(+), 15 deletions(-) (limited to 'system/core') diff --git a/system/core/Benchmark.php b/system/core/Benchmark.php index d0e1fc683..515550e9f 100644 --- a/system/core/Benchmark.php +++ b/system/core/Benchmark.php @@ -6,7 +6,7 @@ * * @package CodeIgniter * @author ExpressionEngine Dev Team - * @copyright Copyright (c) 2008 - 2010, EllisLab, Inc. + * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. * @license http://codeigniter.com/user_guide/license.html * @link http://codeigniter.com * @since Version 1.0 diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index 595e00f27..742903653 100644 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -6,7 +6,7 @@ * * @package CodeIgniter * @author ExpressionEngine Dev Team - * @copyright Copyright (c) 2008 - 2010, EllisLab, Inc. + * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. * @license http://codeigniter.com/user_guide/license.html * @link http://codeigniter.com * @since Version 1.0 diff --git a/system/core/Common.php b/system/core/Common.php index 6a3d5ac0a..b5adfacb3 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -6,7 +6,7 @@ * * @package CodeIgniter * @author ExpressionEngine Dev Team - * @copyright Copyright (c) 2008 - 2010, EllisLab, Inc. + * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. * @license http://codeigniter.com/user_guide/license.html * @link http://codeigniter.com * @since Version 1.0 diff --git a/system/core/Config.php b/system/core/Config.php index bdd1b8333..7fc804482 100644 --- a/system/core/Config.php +++ b/system/core/Config.php @@ -6,7 +6,7 @@ * * @package CodeIgniter * @author ExpressionEngine Dev Team - * @copyright Copyright (c) 2008 - 2010, EllisLab, Inc. + * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. * @license http://codeigniter.com/user_guide/license.html * @link http://codeigniter.com * @since Version 1.0 diff --git a/system/core/Controller.php b/system/core/Controller.php index c78be8724..469663f09 100644 --- a/system/core/Controller.php +++ b/system/core/Controller.php @@ -6,7 +6,7 @@ * * @package CodeIgniter * @author ExpressionEngine Dev Team - * @copyright Copyright (c) 2008 - 2010, EllisLab, Inc. + * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. * @license http://codeigniter.com/user_guide/license.html * @link http://codeigniter.com * @since Version 1.0 diff --git a/system/core/Exceptions.php b/system/core/Exceptions.php index 32cb77baf..f5659561c 100644 --- a/system/core/Exceptions.php +++ b/system/core/Exceptions.php @@ -6,7 +6,7 @@ * * @package CodeIgniter * @author ExpressionEngine Dev Team - * @copyright Copyright (c) 2008 - 2010, EllisLab, Inc. + * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. * @license http://codeigniter.com/user_guide/license.html * @link http://codeigniter.com * @since Version 1.0 diff --git a/system/core/Hooks.php b/system/core/Hooks.php index 70dc6870b..75fd811b0 100644 --- a/system/core/Hooks.php +++ b/system/core/Hooks.php @@ -6,7 +6,7 @@ * * @package CodeIgniter * @author ExpressionEngine Dev Team - * @copyright Copyright (c) 2008 - 2010, EllisLab, Inc. + * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. * @license http://codeigniter.com/user_guide/license.html * @link http://codeigniter.com * @since Version 1.0 diff --git a/system/core/Input.php b/system/core/Input.php index 9d8811cdd..9668058c1 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -6,7 +6,7 @@ * * @package CodeIgniter * @author ExpressionEngine Dev Team - * @copyright Copyright (c) 2008 - 2010, EllisLab, Inc. + * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. * @license http://codeigniter.com/user_guide/license.html * @link http://codeigniter.com * @since Version 1.0 diff --git a/system/core/Lang.php b/system/core/Lang.php index e7867b354..6805d0e4a 100644 --- a/system/core/Lang.php +++ b/system/core/Lang.php @@ -6,7 +6,7 @@ * * @package CodeIgniter * @author ExpressionEngine Dev Team - * @copyright Copyright (c) 2008 - 2010, EllisLab, Inc. + * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. * @license http://codeigniter.com/user_guide/license.html * @link http://codeigniter.com * @since Version 1.0 diff --git a/system/core/Loader.php b/system/core/Loader.php index afbae6175..8b1986b9d 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -6,7 +6,7 @@ * * @package CodeIgniter * @author ExpressionEngine Dev Team - * @copyright Copyright (c) 2008 - 2010, EllisLab, Inc. + * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. * @license http://codeigniter.com/user_guide/license.html * @link http://codeigniter.com * @since Version 1.0 diff --git a/system/core/Model.php b/system/core/Model.php index 80f4b04a1..8566a0b66 100644 --- a/system/core/Model.php +++ b/system/core/Model.php @@ -6,7 +6,7 @@ * * @package CodeIgniter * @author ExpressionEngine Dev Team - * @copyright Copyright (c) 2008 - 2010, EllisLab, Inc. + * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. * @license http://codeigniter.com/user_guide/license.html * @link http://codeigniter.com * @since Version 1.0 diff --git a/system/core/Output.php b/system/core/Output.php index c83b90f00..7fb9f7916 100644 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -6,7 +6,7 @@ * * @package CodeIgniter * @author ExpressionEngine Dev Team - * @copyright Copyright (c) 2008 - 2010, EllisLab, Inc. + * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. * @license http://codeigniter.com/user_guide/license.html * @link http://codeigniter.com * @since Version 1.0 diff --git a/system/core/Router.php b/system/core/Router.php index e21519329..bb4eb0e1c 100644 --- a/system/core/Router.php +++ b/system/core/Router.php @@ -6,7 +6,7 @@ * * @package CodeIgniter * @author ExpressionEngine Dev Team - * @copyright Copyright (c) 2008 - 2010, EllisLab, Inc. + * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. * @license http://codeigniter.com/user_guide/license.html * @link http://codeigniter.com * @since Version 1.0 diff --git a/system/core/URI.php b/system/core/URI.php index 5a5a37cc6..a991118e8 100644 --- a/system/core/URI.php +++ b/system/core/URI.php @@ -6,7 +6,7 @@ * * @package CodeIgniter * @author ExpressionEngine Dev Team - * @copyright Copyright (c) 2008 - 2010, EllisLab, Inc. + * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. * @license http://codeigniter.com/user_guide/license.html * @link http://codeigniter.com * @since Version 1.0 diff --git a/system/core/Unicode.php b/system/core/Unicode.php index ce1de3022..ee32c986d 100644 --- a/system/core/Unicode.php +++ b/system/core/Unicode.php @@ -6,7 +6,7 @@ * * @package CodeIgniter * @author ExpressionEngine Dev Team - * @copyright Copyright (c) 2008 - 2010, EllisLab, Inc. + * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. * @license http://codeigniter.com/user_guide/license.html * @link http://codeigniter.com * @since Version 2.0 -- cgit v1.2.3-24-g4f1b From ffdc392e2777ff8326b3fca6087d71ae96816e1b Mon Sep 17 00:00:00 2001 From: Eric Barnes Date: Wed, 12 Jan 2011 09:05:20 -0500 Subject: Removed trailing slash from $this->uri->ruri_string(). Fixes #292 --- system/core/URI.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/URI.php b/system/core/URI.php index 479a225fb..769dacd09 100644 --- a/system/core/URI.php +++ b/system/core/URI.php @@ -642,7 +642,7 @@ class CI_URI { */ function ruri_string() { - return '/'.implode('/', $this->rsegment_array()).'/'; + return '/'.implode('/', $this->rsegment_array()); } } -- cgit v1.2.3-24-g4f1b From cee8075e2f8fdeb0d8516b5af8ae7cd7754ac513 Mon Sep 17 00:00:00 2001 From: joelcox Date: Sat, 15 Jan 2011 23:09:47 +0100 Subject: Split basic configuration in three environments, providing fallback to global --- system/core/Common.php | 4 ++-- system/core/Config.php | 18 ++++++++++++------ 2 files changed, 14 insertions(+), 8 deletions(-) (limited to 'system/core') diff --git a/system/core/Common.php b/system/core/Common.php index 6a3d5ac0a..48de161d2 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -209,13 +209,13 @@ } // Fetch the config file - if ( ! file_exists(APPPATH.'config/config'.EXT)) + if ( ! file_exists(APPPATH.'config/'.ENVIRONMENT.'/config'.EXT)) { exit('The configuration file does not exist.'); } else { - require(APPPATH.'config/config'.EXT); + require(APPPATH.'config/'.ENVIRONMENT.'/config'.EXT); } // Does the $config array exist in the file? diff --git a/system/core/Config.php b/system/core/Config.php index 8ecfba73a..56e3bccd8 100644 --- a/system/core/Config.php +++ b/system/core/Config.php @@ -30,6 +30,7 @@ class CI_Config { var $config = array(); var $is_loaded = array(); + var $environment = ENVIRONMENT; var $_config_paths = array(APPPATH); /** @@ -74,6 +75,8 @@ class CI_Config { * * @access public * @param string the config file name + * @param boolean if configuration values should be loaded into their own section + * @param boolean true if errors should just return false, false if an error message should be displayed * @return boolean if the file was loaded correctly */ function load($file = '', $use_sections = FALSE, $fail_gracefully = FALSE) @@ -82,8 +85,8 @@ class CI_Config { $loaded = FALSE; foreach($this->_config_paths as $path) - { - $file_path = $path.'config/'.$file.EXT; + { + $file_path = $path.'config/'.ENVIRONMENT.'/'.$file.EXT; if (in_array($file_path, $this->is_loaded, TRUE)) { @@ -91,9 +94,12 @@ class CI_Config { continue; } - if ( ! file_exists($path.'config/'.$file.EXT)) + if ( ! $file_path) { - continue; + if ( ! file_exists($path.'config/'.$file.EXT)) + { + $file_path = $path.'config/'.$file.EXT; + } } include($file_path); @@ -136,9 +142,9 @@ class CI_Config { { return FALSE; } - show_error('The configuration file '.$file.EXT.' does not exist.'); + show_error('The configuration file '.$environment.'/'.$file.EXT.' does not exist.'); } - + return TRUE; } -- cgit v1.2.3-24-g4f1b From 96b72ae4dc1334431f95d3f3151409f656a19725 Mon Sep 17 00:00:00 2001 From: joelcox Date: Sun, 16 Jan 2011 14:16:18 +0100 Subject: Fixed bug that prevented global config from loading on error --- system/core/Config.php | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) (limited to 'system/core') diff --git a/system/core/Config.php b/system/core/Config.php index 56e3bccd8..ae914414d 100644 --- a/system/core/Config.php +++ b/system/core/Config.php @@ -94,14 +94,17 @@ class CI_Config { continue; } - if ( ! $file_path) + if ( ! file_exists($file_path)) { - if ( ! file_exists($path.'config/'.$file.EXT)) + log_message('debug', 'Config for '.ENVIRONMENT.' environment is not found. Trying global config.'); + $file_path = $path.'config/'.$file.EXT; + + if ( ! file_exists($file_path)) { - $file_path = $path.'config/'.$file.EXT; + continue; } } - + include($file_path); if ( ! isset($config) OR ! is_array($config)) @@ -142,7 +145,7 @@ class CI_Config { { return FALSE; } - show_error('The configuration file '.$environment.'/'.$file.EXT.' does not exist.'); + show_error('The configuration file '.ENVIRONMENT.'/'.$file.EXT.' and '.$file.EXT.' do not exist.'); } return TRUE; -- cgit v1.2.3-24-g4f1b From 2035fd8f700c12ca6b21cacf9d1bbb111995a1af Mon Sep 17 00:00:00 2001 From: joelcox Date: Sun, 16 Jan 2011 16:50:36 +0100 Subject: Removed configs from environments and corrected for fallback --- system/core/Common.php | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) (limited to 'system/core') diff --git a/system/core/Common.php b/system/core/Common.php index 48de161d2..5c441a56e 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -208,15 +208,20 @@ return $_config[0]; } + $file_path = APPPATH.'config/'.ENVIRONMENT.'/config'.EXT; + // Fetch the config file - if ( ! file_exists(APPPATH.'config/'.ENVIRONMENT.'/config'.EXT)) - { - exit('The configuration file does not exist.'); - } - else + if ( ! file_exists($file_path)) { - require(APPPATH.'config/'.ENVIRONMENT.'/config'.EXT); + $file_path = APPPATH.'config/config'.EXT; + + if ( ! file_exists($file_path)) + { + exit('The configuration file does not exist.'); + } } + + require($file_path); // Does the $config array exist in the file? if ( ! isset($config) OR ! is_array($config)) -- cgit v1.2.3-24-g4f1b From 1bfd9fabffc47ae7f6efc4704ae3125599004de8 Mon Sep 17 00:00:00 2001 From: joelcox Date: Sun, 16 Jan 2011 18:49:39 +0100 Subject: Set error_reporting to E_ALL when environment unknown and changed CI_Loader to load environment configs first. --- system/core/Loader.php | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) (limited to 'system/core') diff --git a/system/core/Loader.php b/system/core/Loader.php index 225b43912..640a6302b 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -880,8 +880,19 @@ class CI_Loader { foreach ($config_component->_config_paths as $path) { // We test for both uppercase and lowercase, for servers that - // are case-sensitive with regard to file names - if (file_exists($path .'config/'.strtolower($class).EXT)) + // are case-sensitive with regard to file names. Check for environment + // first, global next + if (file_exists($path .'config/'.ENVIRONMENT.'/'.strtolower($class).EXT)) + { + include_once($path .'config/'.ENVIRONMENT.'/'.strtolower($class).EXT); + break; + } + elseif (file_exists($path .'config/'.ENVIRONMENT.'/'.ucfirst(strtolower($class)).EXT)) + { + include_once($path .'config/'.ENVIRONMENT.'/'.ucfirst(strtolower($class)).EXT); + break; + } + elseif (file_exists($path .'config/'.strtolower($class).EXT)) { include_once($path .'config/'.strtolower($class).EXT); break; -- cgit v1.2.3-24-g4f1b From 5c59c7dc3254616b18057922ce012f22c18b147b Mon Sep 17 00:00:00 2001 From: joelcox Date: Sun, 16 Jan 2011 18:53:37 +0100 Subject: Cleaned up environment class variable which isn't used anymore in current implementation --- system/core/Config.php | 1 - 1 file changed, 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Config.php b/system/core/Config.php index ae914414d..d6b97d7ef 100644 --- a/system/core/Config.php +++ b/system/core/Config.php @@ -30,7 +30,6 @@ class CI_Config { var $config = array(); var $is_loaded = array(); - var $environment = ENVIRONMENT; var $_config_paths = array(APPPATH); /** -- cgit v1.2.3-24-g4f1b From fea45ad97f9f32738ed7ccc25bdb0405b6f6572f Mon Sep 17 00:00:00 2001 From: Dan Horrigan Date: Wed, 19 Jan 2011 00:54:12 -0500 Subject: Updated the auto URI detection so that it works in more scenarios. Fixes #3 --- system/core/URI.php | 110 +++++++++++++++------------------------------------- 1 file changed, 32 insertions(+), 78 deletions(-) (limited to 'system/core') diff --git a/system/core/URI.php b/system/core/URI.php index 769dacd09..9d28d89cd 100644 --- a/system/core/URI.php +++ b/system/core/URI.php @@ -61,17 +61,17 @@ class CI_URI { { if (strtoupper($this->config->item('uri_protocol')) == 'AUTO') { - // Let's try the REQUEST_URI first, this will work in most situations - if ($uri = $this->_get_request_uri()) + // Arguments exist, it must be a command line request + if ( ! empty($_SERVER['argv'])) { - $this->uri_string = $this->_parse_request_uri($uri); + $this->uri_string = $this->_parse_cli_args(); return; } - // Arguments exist, it must be a command line request - if ( ! empty($_SERVER['argv'])) + // Let's try the REQUEST_URI first, this will work in most situations + if ($uri = $this->_detect_uri()) { - $this->uri_string = $this->_parse_cli_args(); + $this->uri_string = $uri; return; } @@ -108,7 +108,7 @@ class CI_URI { if ($uri == 'REQUEST_URI') { - $this->uri_string = $this->_parse_request_uri($this->_get_request_uri()); + $this->uri_string = $this->_detect_uri(); return; } elseif ($uri == 'CLI') @@ -130,99 +130,53 @@ class CI_URI { // -------------------------------------------------------------------- /** - * Get REQUEST_URI + * Detects the URI * - * Retrieves the REQUEST_URI, or equivelent for IIS. + * This function will detect the URI automatically and fix the query string + * if necessary. * * @access private * @return string */ - function _get_request_uri() + private function _detect_uri() { - $uri = FALSE; - - // Let's check for standard servers first - if (isset($_SERVER['REQUEST_URI'])) + if ( ! isset($_SERVER['REQUEST_URI'])) { - $uri = $_SERVER['REQUEST_URI']; - if (strpos($uri, $_SERVER['SERVER_NAME']) !== FALSE) - { - $uri = preg_replace('/^\w+:\/\/[^\/]+/', '', $uri); - } + return ''; } - // Now lets check for IIS - elseif (isset($_SERVER['HTTP_X_REWRITE_URL'])) + $uri = $_SERVER['REQUEST_URI']; + if (strpos($uri, $_SERVER['SCRIPT_NAME']) === 0) { - $uri = $_SERVER['HTTP_X_REWRITE_URL']; + $uri = substr($uri, strlen($_SERVER['SCRIPT_NAME'])); } - - // Last ditch effort (for older CGI servers, like IIS 5) - elseif (isset($_SERVER['ORIG_PATH_INFO'])) + elseif (strpos($uri, dirname($_SERVER['SCRIPT_NAME'])) === 0) { - $uri = $_SERVER['ORIG_PATH_INFO']; - if ( ! empty($_SERVER['QUERY_STRING'])) - { - $uri .= '?' . $_SERVER['QUERY_STRING']; - } + $uri = substr($uri, strlen(dirname($_SERVER['SCRIPT_NAME']))); } - return $uri; - } - - // -------------------------------------------------------------------- - - /** - * Parse REQUEST_URI - * - * Due to the way REQUEST_URI works it usually contains path info - * that makes it unusable as URI data. We'll trim off the unnecessary - * data, hopefully arriving at a valid URI that we can use. - * - * @access private - * @param string - * @return string - */ - private function _parse_request_uri($uri) - { - // Some server's require URL's like index.php?/whatever If that is the case, - // then we need to add that to our parsing. - $fc_path = ltrim(FCPATH . SELF, '/'); - if (strpos($uri, SELF . '?') !== FALSE) - { - $fc_path .= '?'; - } - - $parsed_uri = explode('/', ltrim($uri, '/')); - - $i = 0; - foreach (explode("/", $fc_path) as $segment) + // This section ensures that even on servers that require the URI to be in the query string (Nginx) a correct + // URI is found, and also fixes the QUERY_STRING server var and $_GET array. + if (strncmp($uri, '?/', 2) === 0) { - if (isset($parsed_uri[$i]) && $segment == $parsed_uri[$i]) - { - $i++; - } + $uri = substr($uri, 2); } - - $uri = implode("/", array_slice($parsed_uri, $i)); - - // Let's take off any query string and re-assign $_SERVER['QUERY_STRING'] and $_GET. - // This is only needed on some servers. However, we are forced to use it to accomodate - // them. - if (($qs_pos = strpos($uri, '?')) !== FALSE) + $parts = preg_split('#\?#i', $uri, 2); + $uri = $parts[0]; + if (isset($parts[1])) { - $_SERVER['QUERY_STRING'] = substr($uri, $qs_pos + 1); + $_SERVER['QUERY_STRING'] = $parts[1]; parse_str($_SERVER['QUERY_STRING'], $_GET); - $uri = substr($uri, 0, $qs_pos); } - - // If it is just a / or index.php then just empty it. - if ($uri == '/' OR $uri == SELF) + else { - $uri = ''; + $_SERVER['QUERY_STRING'] = ''; + $_GET = array(); } + $uri = parse_url($uri, PHP_URL_PATH); - return $uri; + // Do some final cleaning of the URI and return it + return str_replace(array('//', '../'), '/', trim($uri, '/')); } // -------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From c3828718925a0f1660cddadc95b63e14f7189faa Mon Sep 17 00:00:00 2001 From: Phil Sturgeon Date: Wed, 19 Jan 2011 12:31:47 +0000 Subject: Reverted regex validation while we re-think the implementation, and added ->input->is_cli_request(); --- system/core/Input.php | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) (limited to 'system/core') diff --git a/system/core/Input.php b/system/core/Input.php index eb2048e58..3a52e37aa 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -618,19 +618,33 @@ class CI_Input { } // -------------------------------------------------------------------- - + /** * Is ajax Request? * * Test to see if a request contains the HTTP_X_REQUESTED_WITH header * - * @return boolean + * @return boolean */ public function is_ajax_request() { return ($this->server('HTTP_X_REQUESTED_WITH') === 'XMLHttpRequest'); } + // -------------------------------------------------------------------- + + /** + * Is cli Request? + * + * Test to see if a request was made from the command line + * + * @return boolean + */ + public function is_cli_request() + { + return (bool) defined('STDIN'); + } + } // END Input class -- cgit v1.2.3-24-g4f1b From 705a3eec44635f3fada8daa2886d409e6447ca12 Mon Sep 17 00:00:00 2001 From: Phil Sturgeon Date: Wed, 19 Jan 2011 13:46:07 +0000 Subject: Avoid double-slashed on the base_url by only slashing index_page if it is actually set. --- system/core/Config.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Config.php b/system/core/Config.php index 8ecfba73a..7f501911c 100644 --- a/system/core/Config.php +++ b/system/core/Config.php @@ -229,8 +229,9 @@ class CI_Config { $uri = implode('/', $uri); } + $index = $this->item('index_page') == '' ? '' : $this->slash_item('index_page'); $suffix = ($this->item('url_suffix') == FALSE) ? '' : $this->item('url_suffix'); - return $this->slash_item('base_url').$this->slash_item('index_page').trim($uri, '/').$suffix; + return $this->slash_item('base_url').$index.trim($uri, '/').$suffix; } else { -- cgit v1.2.3-24-g4f1b From aaec1e491f99e9d733b06b721d8d4d1ae778135a Mon Sep 17 00:00:00 2001 From: Pascal Kriete Date: Thu, 20 Jan 2011 00:01:21 -0500 Subject: Renaming the unicode class to utf8 so we don't run the risk of violating the Unicode Consortium's trademark. --- system/core/CodeIgniter.php | 6 +++--- system/core/Input.php | 2 +- system/core/Unicode.php | 22 +++++++++++----------- 3 files changed, 15 insertions(+), 15 deletions(-) (limited to 'system/core') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index 742903653..2d3f24958 100644 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -129,17 +129,17 @@ /* * ------------------------------------------------------ - * Instantiate the Unicode class + * Instantiate the UTF-8 class * ------------------------------------------------------ * - * Note: Order here is rather important as the Unicode + * Note: Order here is rather important as the UTF-8 * class needs to be used very early on, but it cannot * properly determine if UTf-8 can be supported until * after the Config class is instantiated. * */ - $UNI =& load_class('Unicode', 'core'); + $UNI =& load_class('Utf8', 'core'); /* * ------------------------------------------------------ diff --git a/system/core/Input.php b/system/core/Input.php index 9668058c1..1157601e1 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -59,7 +59,7 @@ class CI_Input { $this->security =& load_class('Security'); } - // Do we need the Unicode class? + // Do we need the UTF-8 class? if (UTF8_ENABLED === TRUE) { global $UNI; diff --git a/system/core/Unicode.php b/system/core/Unicode.php index ee32c986d..5d5a7ef72 100644 --- a/system/core/Unicode.php +++ b/system/core/Unicode.php @@ -16,17 +16,17 @@ // ------------------------------------------------------------------------ /** - * Unicode Class + * Utf8 Class * - * Provides unicode support for UTF-8 environments + * Provides support for UTF-8 environments * * @package CodeIgniter * @subpackage Libraries - * @category Unicode + * @category UTF-8 * @author ExpressionEngine Dev Team - * @link http://codeigniter.com/user_guide/libraries/unicode.html + * @link http://codeigniter.com/user_guide/libraries/utf8.html */ -class CI_Unicode { +class CI_Utf8 { /** * Constructor @@ -36,7 +36,7 @@ class CI_Unicode { */ function __construct() { - log_message('debug', "Unicode Class Initialized"); + log_message('debug', "Utf8 Class Initialized"); global $CFG; @@ -47,7 +47,7 @@ class CI_Unicode { AND $CFG->item('charset') == 'UTF-8' // Application charset must be UTF-8 ) { - log_message('debug', "Unicode Class - UTF-8 Support Enabled"); + log_message('debug', "UTF-8 Support Enabled"); define('UTF8_ENABLED', TRUE); @@ -66,7 +66,7 @@ class CI_Unicode { } else { - log_message('debug', "Unicode Class - UTF-8 Support Disabled"); + log_message('debug', "UTF-8 Support Disabled"); define('UTF8_ENABLED', FALSE); } } @@ -159,7 +159,7 @@ class CI_Unicode { // -------------------------------------------------------------------- } -// End Unicode Class +// End Utf8 Class -/* End of file Unicode.php */ -/* Location: ./system/core/Unicode.php */ \ No newline at end of file +/* End of file Utf8.php */ +/* Location: ./system/core/Utf8.php */ \ No newline at end of file -- cgit v1.2.3-24-g4f1b From 7d3a1894be6b1722c668d73ce53533bb72cc237c Mon Sep 17 00:00:00 2001 From: Pascal Kriete Date: Thu, 20 Jan 2011 00:17:47 -0500 Subject: Moving the file to Utf8.php --- system/core/Unicode.php | 165 ------------------------------------------------ system/core/Utf8.php | 165 ++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 165 insertions(+), 165 deletions(-) delete mode 100644 system/core/Unicode.php create mode 100644 system/core/Utf8.php (limited to 'system/core') diff --git a/system/core/Unicode.php b/system/core/Unicode.php deleted file mode 100644 index 5d5a7ef72..000000000 --- a/system/core/Unicode.php +++ /dev/null @@ -1,165 +0,0 @@ -item('charset') == 'UTF-8' // Application charset must be UTF-8 - ) - { - log_message('debug', "UTF-8 Support Enabled"); - - define('UTF8_ENABLED', TRUE); - - // set internal encoding for multibyte string functions if necessary - // and set a flag so we don't have to repeatedly use extension_loaded() - // or function_exists() - if (extension_loaded('mbstring')) - { - define('MB_ENABLED', TRUE); - mb_internal_encoding('UTF-8'); - } - else - { - define('MB_ENABLED', FALSE); - } - } - else - { - log_message('debug', "UTF-8 Support Disabled"); - define('UTF8_ENABLED', FALSE); - } - } - - // -------------------------------------------------------------------- - - /** - * Clean UTF-8 strings - * - * Ensures strings are UTF-8 - * - * @access public - * @param string - * @return string - */ - function clean_string($str) - { - if ($this->_is_ascii($str) === FALSE) - { - $str = @iconv('UTF-8', 'UTF-8//IGNORE', $str); - } - - return $str; - } - - // -------------------------------------------------------------------- - - /** - * Remove ASCII control characters - * - * Removes all ASCII control characters except horizontal tabs, - * line feeds, and carriage returns, as all others can cause - * problems in XML - * - * @access public - * @param string - * @return string - */ - function safe_ascii_for_xml($str) - { - return preg_replace('/[\x00-\x08\x0B\x0C\x0E-\x1F\x7F]+/S', '', $str); - } - - // -------------------------------------------------------------------- - - /** - * Convert to UTF-8 - * - * Attempts to convert a string to UTF-8 - * - * @access public - * @param string - * @param string - input encoding - * @return string - */ - function convert_to_utf8($str, $encoding) - { - if (function_exists('iconv')) - { - $str = @iconv($encoding, 'UTF-8', $str); - } - elseif (function_exists('mb_convert_encoding')) - { - $str = @mb_convert_encoding($str, 'UTF-8', $encoding); - } - else - { - return FALSE; - } - - return $str; - } - - // -------------------------------------------------------------------- - - /** - * Is ASCII? - * - * Tests if a string is standard 7-bit ASCII or not - * - * @access public - * @param string - * @return bool - */ - function _is_ascii($str) - { - return (preg_match('/[^\x00-\x7F]/S', $str) == 0); - } - - // -------------------------------------------------------------------- - -} -// End Utf8 Class - -/* End of file Utf8.php */ -/* Location: ./system/core/Utf8.php */ \ No newline at end of file diff --git a/system/core/Utf8.php b/system/core/Utf8.php new file mode 100644 index 000000000..5d5a7ef72 --- /dev/null +++ b/system/core/Utf8.php @@ -0,0 +1,165 @@ +item('charset') == 'UTF-8' // Application charset must be UTF-8 + ) + { + log_message('debug', "UTF-8 Support Enabled"); + + define('UTF8_ENABLED', TRUE); + + // set internal encoding for multibyte string functions if necessary + // and set a flag so we don't have to repeatedly use extension_loaded() + // or function_exists() + if (extension_loaded('mbstring')) + { + define('MB_ENABLED', TRUE); + mb_internal_encoding('UTF-8'); + } + else + { + define('MB_ENABLED', FALSE); + } + } + else + { + log_message('debug', "UTF-8 Support Disabled"); + define('UTF8_ENABLED', FALSE); + } + } + + // -------------------------------------------------------------------- + + /** + * Clean UTF-8 strings + * + * Ensures strings are UTF-8 + * + * @access public + * @param string + * @return string + */ + function clean_string($str) + { + if ($this->_is_ascii($str) === FALSE) + { + $str = @iconv('UTF-8', 'UTF-8//IGNORE', $str); + } + + return $str; + } + + // -------------------------------------------------------------------- + + /** + * Remove ASCII control characters + * + * Removes all ASCII control characters except horizontal tabs, + * line feeds, and carriage returns, as all others can cause + * problems in XML + * + * @access public + * @param string + * @return string + */ + function safe_ascii_for_xml($str) + { + return preg_replace('/[\x00-\x08\x0B\x0C\x0E-\x1F\x7F]+/S', '', $str); + } + + // -------------------------------------------------------------------- + + /** + * Convert to UTF-8 + * + * Attempts to convert a string to UTF-8 + * + * @access public + * @param string + * @param string - input encoding + * @return string + */ + function convert_to_utf8($str, $encoding) + { + if (function_exists('iconv')) + { + $str = @iconv($encoding, 'UTF-8', $str); + } + elseif (function_exists('mb_convert_encoding')) + { + $str = @mb_convert_encoding($str, 'UTF-8', $encoding); + } + else + { + return FALSE; + } + + return $str; + } + + // -------------------------------------------------------------------- + + /** + * Is ASCII? + * + * Tests if a string is standard 7-bit ASCII or not + * + * @access public + * @param string + * @return bool + */ + function _is_ascii($str) + { + return (preg_match('/[^\x00-\x7F]/S', $str) == 0); + } + + // -------------------------------------------------------------------- + +} +// End Utf8 Class + +/* End of file Utf8.php */ +/* Location: ./system/core/Utf8.php */ \ No newline at end of file -- cgit v1.2.3-24-g4f1b From c5bf616c68ab4d18777ba77d5eaf07384b392f78 Mon Sep 17 00:00:00 2001 From: Eric Barnes Date: Sun, 30 Jan 2011 21:17:11 -0500 Subject: Added 404_override to Codeigniter file to catch the 404 if the controller is available but no method. Fixes #19 --- system/core/CodeIgniter.php | 14 ++++++++++++-- system/core/Router.php | 2 +- 2 files changed, 13 insertions(+), 3 deletions(-) (limited to 'system/core') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index 2d3f24958..0414ffbf1 100644 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -80,7 +80,7 @@ { get_config(array('subclass_prefix' => $assign_to_config['subclass_prefix'])); } - + /* * ------------------------------------------------------ * Set a liberal script execution time limit @@ -289,7 +289,17 @@ // methods, so we'll use this workaround for consistent behavior if ( ! in_array(strtolower($method), array_map('strtolower', get_class_methods($CI)))) { - show_404("{$class}/{$method}"); + // Check and see if we are using a 404 override and use it. + if ( ! empty($RTR->routes['404_override'])) + { + $x = explode('/', $RTR->routes['404_override']); + $class = $x[0]; + $method = (isset($x[1]) ? $x[1] : 'index'); + } + else + { + show_404("{$class}/{$method}"); + } } // Call the requested method. diff --git a/system/core/Router.php b/system/core/Router.php index 7be508fef..6893e6e92 100644 --- a/system/core/Router.php +++ b/system/core/Router.php @@ -270,7 +270,7 @@ class CI_Router { // If we've gotten this far it means that the URI does not correlate to a valid // controller class. We will now see if there is an override - if (!empty($this->routes['404_override'])) + if ( ! empty($this->routes['404_override'])) { $x = explode('/', $this->routes['404_override']); -- cgit v1.2.3-24-g4f1b From dda07e9efe683248c042307147b6573e104777ad Mon Sep 17 00:00:00 2001 From: Phil Sturgeon Date: Mon, 31 Jan 2011 23:26:25 +0000 Subject: Some servers would trick URI into thinking it was being run in CLI mode, which broke routing. --- system/core/URI.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'system/core') diff --git a/system/core/URI.php b/system/core/URI.php index 999015949..1b479e92a 100644 --- a/system/core/URI.php +++ b/system/core/URI.php @@ -61,8 +61,8 @@ class CI_URI { { if (strtoupper($this->config->item('uri_protocol')) == 'AUTO') { - // Arguments exist, it must be a command line request - if ( ! empty($_SERVER['argv'])) + // Is the request coming from the command line? + if (defined('STDIN')) { $this->uri_string = $this->_parse_cli_args(); return; -- cgit v1.2.3-24-g4f1b From 5519e3d5d3311275a6fb2aa4962f9cea1626996c Mon Sep 17 00:00:00 2001 From: Eric Barnes Date: Tue, 1 Feb 2011 13:07:37 -0500 Subject: Better logic handling for 404 override --- system/core/CodeIgniter.php | 11 +++++++++++ 1 file changed, 11 insertions(+) (limited to 'system/core') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index 0414ffbf1..567e67f65 100644 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -295,6 +295,17 @@ $x = explode('/', $RTR->routes['404_override']); $class = $x[0]; $method = (isset($x[1]) ? $x[1] : 'index'); + if ( ! class_exists($class)) + { + if ( ! file_exists(APPPATH.'controllers/'.$class.EXT)) + { + show_404("{$class}/{$method}"); + } + + include_once(APPPATH.'controllers/'.$class.EXT); + unset($CI); + $CI = new $class(); + } } else { -- cgit v1.2.3-24-g4f1b From e58199ba6de5622a062536ba03c43700b70716ac Mon Sep 17 00:00:00 2001 From: "ericbarnes@ericbarnes.local" Date: Wed, 2 Feb 2011 22:40:36 -0500 Subject: Fixes #27. When the default controller was used, the _detect_uri() method was returning an incorrect URI, which caused a 404 when a query string was used and no controller specified. via Dan Horrigan --- system/core/URI.php | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'system/core') diff --git a/system/core/URI.php b/system/core/URI.php index 1b479e92a..c43cde005 100644 --- a/system/core/URI.php +++ b/system/core/URI.php @@ -173,6 +173,12 @@ class CI_URI { $_SERVER['QUERY_STRING'] = ''; $_GET = array(); } + + if ($uri == '/' || empty($uri)) + { + return '/'; + } + $uri = parse_url($uri, PHP_URL_PATH); // Do some final cleaning of the URI and return it -- cgit v1.2.3-24-g4f1b From 0ba58b81b65c2059210b921856489b5faaa81369 Mon Sep 17 00:00:00 2001 From: vascopj Date: Sun, 6 Feb 2011 14:20:21 +0000 Subject: A change to pass all fields back if there are no fields passed into the "post" method. Based on comments here http://codeigniter.uservoice.com/forums/40508-codeigniter-reactor/suggestions/1346917-allow-this-input-post-to-return-array-of-eve --- system/core/Input.php | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) (limited to 'system/core') diff --git a/system/core/Input.php b/system/core/Input.php index 3e82874fd..fa8080deb 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -126,6 +126,22 @@ class CI_Input { */ function post($index = '', $xss_clean = FALSE) { + // check if a field has been entered + if( empty($index ) ) + { + // no field entered - return all fields + + $all_post_fields = array(); + + // loop through the full _POST array + foreach( $_POST as $key ) + { + $all_post_fields[$key] = $this->_fetch_from_array($_POST, $key, $xss_clean); + } + return $all_post_fields; + + } + return $this->_fetch_from_array($_POST, $index, $xss_clean); } -- cgit v1.2.3-24-g4f1b From 3c6e4851451cd62b02980821cccdd93290463795 Mon Sep 17 00:00:00 2001 From: Kellas Reeves Date: Wed, 9 Feb 2011 11:57:56 -0600 Subject: cleaned up some redundant code in the Loader->library function Elaborated on its functionality in the user guide. --- system/core/Loader.php | 16 +++------------- 1 file changed, 3 insertions(+), 13 deletions(-) (limited to 'system/core') diff --git a/system/core/Loader.php b/system/core/Loader.php index ca2f016e7..72497c724 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -79,9 +79,9 @@ class CI_Loader { { if (is_array($library)) { - foreach($library as $read) + foreach($library as $class) { - $this->library($read); + $this->library($class, $params); } return; @@ -97,17 +97,7 @@ class CI_Loader { $params = NULL; } - if (is_array($library)) - { - foreach ($library as $class) - { - $this->_ci_load_class($class, $params, $object_name); - } - } - else - { - $this->_ci_load_class($library, $params, $object_name); - } + $this->_ci_load_class($library, $params, $object_name); } // -------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From d6d9f454b6939d1e6f1c9687f4e08d89690f79ff Mon Sep 17 00:00:00 2001 From: Robin Sowell Date: Fri, 11 Feb 2011 15:31:27 -0500 Subject: Adding config option to require 'secure' setting for all cookies- requires https. --- system/core/Input.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Input.php b/system/core/Input.php index 1157601e1..c2db94d64 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -225,8 +225,10 @@ class CI_Input { $expire = 0; } } + + $secure_cookie = (config_item('cookie_secure') === TRUE) ? 1 : 0; - setcookie($prefix.$name, $value, $expire, $path, $domain, 0); + setcookie($prefix.$name, $value, $expire, $path, $domain, $secure_cookie); } // -------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From ff1cfa1ae5c5440bfde35c36ecb4cdcd73cd3966 Mon Sep 17 00:00:00 2001 From: vascopj Date: Sun, 13 Feb 2011 21:30:19 +0000 Subject: Updated the post method and added the new functionality to the get method also Updated the documentation --- system/core/Input.php | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Input.php b/system/core/Input.php index fa8080deb..1be591508 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -111,6 +111,22 @@ class CI_Input { */ function get($index = '', $xss_clean = FALSE) { + // check if a field has been entered + if( empty($index) AND is_array($_GET) AND count($_GET) ) + { + // no field entered - return all fields + + $all_get_fields = array(); + + // loop through the full _GET array + foreach( $_GET as $key ) + { + $all_get_fields[$key] = $this->_fetch_from_array($_GET, $key, $xss_clean); + } + return $all_get_fields; + + } + return $this->_fetch_from_array($_GET, $index, $xss_clean); } @@ -127,7 +143,7 @@ class CI_Input { function post($index = '', $xss_clean = FALSE) { // check if a field has been entered - if( empty($index ) ) + if( empty($index) AND is_array($_POST) AND count($_POST) ) { // no field entered - return all fields -- cgit v1.2.3-24-g4f1b From 5d5895fd1084cd62721afd4c5f875eb2f99eefc4 Mon Sep 17 00:00:00 2001 From: Pascal Kriete Date: Mon, 14 Feb 2011 13:27:07 -0500 Subject: Whitespace cleanup in core/ --- system/core/Config.php | 4 ++-- system/core/Input.php | 6 +++--- system/core/Loader.php | 4 ++-- 3 files changed, 7 insertions(+), 7 deletions(-) (limited to 'system/core') diff --git a/system/core/Config.php b/system/core/Config.php index da22222dc..75f945efd 100644 --- a/system/core/Config.php +++ b/system/core/Config.php @@ -51,7 +51,7 @@ class CI_Config { // Set the base_url automatically if none was provided if ($this->config['base_url'] == '') { - if(isset($_SERVER['HTTP_HOST'])) + if (isset($_SERVER['HTTP_HOST'])) { $base_url = isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) !== 'off' ? 'https' : 'http'; $base_url .= '://'. $_SERVER['HTTP_HOST']; @@ -83,7 +83,7 @@ class CI_Config { $file = ($file == '') ? 'config' : str_replace(EXT, '', $file); $loaded = FALSE; - foreach($this->_config_paths as $path) + foreach ($this->_config_paths as $path) { $file_path = $path.'config/'.ENVIRONMENT.'/'.$file.EXT; diff --git a/system/core/Input.php b/system/core/Input.php index 3e82874fd..cb842812f 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -413,7 +413,7 @@ class CI_Input { { if (is_array($_GET) AND count($_GET) > 0) { - foreach($_GET as $key => $val) + foreach ($_GET as $key => $val) { $_GET[$this->_clean_input_keys($key)] = $this->_clean_input_data($val); } @@ -423,7 +423,7 @@ class CI_Input { // Clean $_POST Data if (is_array($_POST) AND count($_POST) > 0) { - foreach($_POST as $key => $val) + foreach ($_POST as $key => $val) { $_POST[$this->_clean_input_keys($key)] = $this->_clean_input_data($val); } @@ -441,7 +441,7 @@ class CI_Input { unset($_COOKIE['$Path']); unset($_COOKIE['$Domain']); - foreach($_COOKIE as $key => $val) + foreach ($_COOKIE as $key => $val) { $_COOKIE[$this->_clean_input_keys($key)] = $this->_clean_input_data($val); } diff --git a/system/core/Loader.php b/system/core/Loader.php index ca2f016e7..7003318ee 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -79,7 +79,7 @@ class CI_Loader { { if (is_array($library)) { - foreach($library as $read) + foreach ($library as $read) { $this->library($read); } @@ -127,7 +127,7 @@ class CI_Loader { { if (is_array($model)) { - foreach($model as $babe) + foreach ($model as $babe) { $this->model($babe); } -- cgit v1.2.3-24-g4f1b From 44f210543cf6adcac99264d973dd73ea1b0ab37e Mon Sep 17 00:00:00 2001 From: Phil Sturgeon Date: Tue, 15 Feb 2011 21:39:25 +0000 Subject: Input post() and get() will now return a full array if the first argument is not provided. --- system/core/Input.php | 36 +++++++++++++++--------------------- 1 file changed, 15 insertions(+), 21 deletions(-) (limited to 'system/core') diff --git a/system/core/Input.php b/system/core/Input.php index ea5b248cf..16b295546 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -109,22 +109,19 @@ class CI_Input { * @param bool * @return string */ - function get($index = '', $xss_clean = FALSE) + function get($index = NULL, $xss_clean = FALSE) { - // check if a field has been entered - if( empty($index) AND is_array($_GET) AND count($_GET) ) + // Check if a field has been provided + if ($index === NULL AND ! empty($_GET)) { - // no field entered - return all fields - - $all_get_fields = array(); + $get = array(); // loop through the full _GET array - foreach( $_GET as $key ) + foreach (array_keys($_GET) as $key) { - $all_get_fields[$key] = $this->_fetch_from_array($_GET, $key, $xss_clean); + $get[$key] = $this->_fetch_from_array($_GET, $key, $xss_clean); } - return $all_get_fields; - + return $get; } return $this->_fetch_from_array($_GET, $index, $xss_clean); @@ -140,22 +137,19 @@ class CI_Input { * @param bool * @return string */ - function post($index = '', $xss_clean = FALSE) + function post($index = NULL, $xss_clean = FALSE) { - // check if a field has been entered - if( empty($index) AND is_array($_POST) AND count($_POST) ) + // Check if a field has been provided + if ($index === NULL AND ! empty($_POST)) { - // no field entered - return all fields + $post = array(); - $all_post_fields = array(); - - // loop through the full _POST array - foreach( $_POST as $key ) + // Loop through the full _POST array and return it + foreach (array_keys($_POST) as $key) { - $all_post_fields[$key] = $this->_fetch_from_array($_POST, $key, $xss_clean); + $post[$key] = $this->_fetch_from_array($_POST, $key, $xss_clean); } - return $all_post_fields; - + return $post; } return $this->_fetch_from_array($_POST, $index, $xss_clean); -- cgit v1.2.3-24-g4f1b From d8d1e24eee56d2466c91ecd72b3c8932eb3d0639 Mon Sep 17 00:00:00 2001 From: Phil Sturgeon Date: Wed, 16 Feb 2011 17:23:16 +0000 Subject: Secure cookies can now be made with the set_cookie() helper and Input Class method. --- system/core/Input.php | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'system/core') diff --git a/system/core/Input.php b/system/core/Input.php index 16b295546..3957aa63d 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -208,13 +208,14 @@ class CI_Input { * @param string the cookie domain. Usually: .yourdomain.com * @param string the cookie path * @param string the cookie prefix + * @param bool true makes the cookie secure * @return void */ - function set_cookie($name = '', $value = '', $expire = '', $domain = '', $path = '/', $prefix = '') + function set_cookie($name = '', $value = '', $expire = '', $domain = '', $path = '/', $prefix = '', $secure = FALSE) { if (is_array($name)) { - foreach (array('value', 'expire', 'domain', 'path', 'prefix', 'name') as $item) + foreach (array('value', 'expire', 'domain', 'path', 'prefix', 'name', 'secure') as $item) { if (isset($name[$item])) { @@ -245,7 +246,7 @@ class CI_Input { $expire = ($expire > 0) ? time() + $expire : 0; } - setcookie($prefix.$name, $value, $expire, $path, $domain, 0); + setcookie($prefix.$name, $value, $expire, $path, $domain, $secure); } // -------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From 9aa7dc9c96baedf06afb443553a313297158f850 Mon Sep 17 00:00:00 2001 From: tobiasbg Date: Fri, 18 Feb 2011 21:57:13 +0100 Subject: Bugfix in foreach-loop ('name' must be last, as it also is the array's name); consistent handling for 'cookie_secure' config item --- system/core/Input.php | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) (limited to 'system/core') diff --git a/system/core/Input.php b/system/core/Input.php index 25fe102b5..626245390 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -211,11 +211,12 @@ class CI_Input { * @param bool true makes the cookie secure * @return void */ - function set_cookie($name = '', $value = '', $expire = '', $domain = '', $path = '/', $prefix = '', $secure = NULL) + function set_cookie($name = '', $value = '', $expire = '', $domain = '', $path = '/', $prefix = '', $secure = FALSE) { if (is_array($name)) { - foreach (array('value', 'expire', 'domain', 'path', 'prefix', 'name', 'secure') as $item) + // always leave 'name' in last place, as the loop will break otherwise, due to $$item + foreach (array('value', 'expire', 'domain', 'path', 'prefix', 'secure', 'name') as $item) { if (isset($name[$item])) { @@ -236,6 +237,10 @@ class CI_Input { { $path = config_item('cookie_path'); } + if ($secure == FALSE AND config_item('cookie_secure') != FALSE) + { + $secure = config_item('cookie_secure'); + } if ( ! is_numeric($expire)) { @@ -246,12 +251,6 @@ class CI_Input { $expire = ($expire > 0) ? time() + $expire : 0; } - // If TRUE/FALSE is not provided, use the config - if ( ! is_bool($secure)) - { - $secure = (bool) (config_item('cookie_secure') === TRUE); - } - setcookie($prefix.$name, $value, $expire, $path, $domain, $secure); } -- cgit v1.2.3-24-g4f1b From 60ed1a305bea9f879489a1b4c7ac223b6cf3e132 Mon Sep 17 00:00:00 2001 From: Phil Sturgeon Date: Tue, 8 Mar 2011 21:43:54 +0000 Subject: Added $this->output->set_content_type() and method chaining to other methods. --- system/core/Output.php | 67 ++++++++++++++++++++++++++++++++++++++++++++------ 1 file changed, 60 insertions(+), 7 deletions(-) (limited to 'system/core') diff --git a/system/core/Output.php b/system/core/Output.php index 7fb9f7916..6644b3bff 100644 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -28,19 +28,24 @@ */ class CI_Output { - var $final_output; - var $cache_expiration = 0; - var $headers = array(); - var $enable_profiler = FALSE; - var $parse_exec_vars = TRUE; // whether or not to parse variables like {elapsed_time} and {memory_usage} + protected $final_output; + protected $cache_expiration = 0; + protected $headers = array(); + protected $mime_types = array(); + protected $enable_profiler = FALSE; + protected $parse_exec_vars = TRUE; // whether or not to parse variables like {elapsed_time} and {memory_usage} - var $_zlib_oc = FALSE; - var $_profiler_sections = array(); + protected $_zlib_oc = FALSE; + protected $_profiler_sections = array(); function __construct() { $this->_zlib_oc = @ini_get('zlib.output_compression'); + // Get mime types for later + include APPPATH.'config/mimes'.EXT; + $this->mime_types = $mimes; + log_message('debug', "Output Class Initialized"); } @@ -73,6 +78,8 @@ class CI_Output { function set_output($output) { $this->final_output = $output; + + return $this; } // -------------------------------------------------------------------- @@ -96,6 +103,8 @@ class CI_Output { { $this->final_output .= $output; } + + return $this; } // -------------------------------------------------------------------- @@ -125,6 +134,42 @@ class CI_Output { } $this->headers[] = array($header, $replace); + + return $this; + } + + // -------------------------------------------------------------------- + + /** + * Set Content Type Header + * + * @access public + * @param string extension of the file we're outputting + * @return void + */ + function set_content_type($mime_type) + { + if (strpos($mime_type, '/') === FALSE) + { + $extension = ltrim($mime_type, '.'); + + // Is this extension supported? + if (isset($this->mime_types[$extension])) + { + $mime_type =& $this->mime_types[$extension]; + + if (is_array($mime_type)) + { + $mime_type = current($mime_type); + } + } + } + + $header = 'Content-Type: '.$mime_type; + + $this->headers[] = array($header, TRUE); + + return $this; } // -------------------------------------------------------------------- @@ -141,6 +186,8 @@ class CI_Output { function set_status_header($code = 200, $text = '') { set_status_header($code, $text); + + return $this; } // -------------------------------------------------------------------- @@ -155,6 +202,8 @@ class CI_Output { function enable_profiler($val = TRUE) { $this->enable_profiler = (is_bool($val)) ? $val : TRUE; + + return $this; } // -------------------------------------------------------------------- @@ -174,6 +223,8 @@ class CI_Output { { $this->_profiler_sections[$section] = ($enable !== FALSE) ? TRUE : FALSE; } + + return $this; } // -------------------------------------------------------------------- @@ -188,6 +239,8 @@ class CI_Output { function cache($time) { $this->cache_expiration = ( ! is_numeric($time)) ? 0 : $time; + + return $this; } // -------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From babfb29332501d63a7be59d1dbed864d128ffdae Mon Sep 17 00:00:00 2001 From: Phil Sturgeon Date: Tue, 8 Mar 2011 21:56:08 +0000 Subject: Added the constant CI_CORE to help differentiate between Core: TRUE and Reactor: FALSE. --- system/core/CodeIgniter.php | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'system/core') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index 2d3f24958..1c06488f0 100644 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -34,6 +34,13 @@ */ define('CI_VERSION', '2.0'); +/* + * ------------------------------------------------------ + * Define the CodeIgniter Branch (Core = TRUE, Reactor = FALSE) + * ------------------------------------------------------ + */ + define('CI_CORE', FALSE); + /* * ------------------------------------------------------ * Load the global functions -- cgit v1.2.3-24-g4f1b From 2f8b27efeb0a39c24eddf89cf31ea0fd113a6b71 Mon Sep 17 00:00:00 2001 From: Phil Sturgeon Date: Tue, 8 Mar 2011 21:56:08 +0000 Subject: Added the constant CI_CORE to help differentiate between Core: TRUE and Reactor: FALSE. --- system/core/CodeIgniter.php | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'system/core') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index 567e67f65..b91ed3896 100644 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -34,6 +34,13 @@ */ define('CI_VERSION', '2.0'); +/* + * ------------------------------------------------------ + * Define the CodeIgniter Branch (Core = TRUE, Reactor = FALSE) + * ------------------------------------------------------ + */ + define('CI_CORE', FALSE); + /* * ------------------------------------------------------ * Load the global functions -- cgit v1.2.3-24-g4f1b From 1e85af54ffc3e31938ec85987849a93c28bb988d Mon Sep 17 00:00:00 2001 From: Pascal Kriete Date: Tue, 8 Mar 2011 23:01:12 -0500 Subject: Flipping Phil's IS_CORE to true. --- system/core/CodeIgniter.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index 1c06488f0..0d0fffbe1 100644 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -39,7 +39,7 @@ * Define the CodeIgniter Branch (Core = TRUE, Reactor = FALSE) * ------------------------------------------------------ */ - define('CI_CORE', FALSE); + define('CI_CORE', TRUE); /* * ------------------------------------------------------ -- cgit v1.2.3-24-g4f1b From 09380594534d4dd2669e2894aa390582a2bc121d Mon Sep 17 00:00:00 2001 From: Phil Sturgeon Date: Wed, 9 Mar 2011 16:42:07 +0000 Subject: Added 2.0.1 upgrade guide and changed the constants ready. --- system/core/CodeIgniter.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index 6ac333a52..99c261e74 100644 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -32,7 +32,7 @@ * Define the CodeIgniter Version * ------------------------------------------------------ */ - define('CI_VERSION', '2.0'); + define('CI_VERSION', '2.0.1'); /* * ------------------------------------------------------ -- cgit v1.2.3-24-g4f1b From e8f5890e4b7eb52ed4d905a225c3bf985f397439 Mon Sep 17 00:00:00 2001 From: katzgrau Date: Thu, 10 Mar 2011 10:24:29 -0500 Subject: Added full docs for new ENVIRONMENT constant. --- system/core/Config.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Config.php b/system/core/Config.php index 75f945efd..a2a7dd564 100644 --- a/system/core/Config.php +++ b/system/core/Config.php @@ -318,4 +318,4 @@ class CI_Config { // END CI_Config class /* End of file Config.php */ -/* Location: ./system/core/Config.php */ \ No newline at end of file +/* Location: ./system/core/Config.php */ -- cgit v1.2.3-24-g4f1b From 35f6491450d8564b26cbfab90aedcd0e592a81d4 Mon Sep 17 00:00:00 2001 From: Phil Sturgeon Date: Tue, 15 Mar 2011 21:01:39 +0000 Subject: constants.php will be loaded from the environment specific config folder if available. --- system/core/CodeIgniter.php | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) (limited to 'system/core') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index 99c261e74..39a4d7ffd 100644 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -53,7 +53,14 @@ * Load the framework constants * ------------------------------------------------------ */ - require(APPPATH.'config/constants'.EXT); + if (file_exists(APPPATH.'config/'.ENVIRONMENT.'/constants'.EXT)) + { + require(APPPATH.'config/'.ENVIRONMENT.'/constants'.EXT); + } + else + { + require(APPPATH.'config/constants'.EXT); + } /* * ------------------------------------------------------ @@ -365,4 +372,4 @@ /* End of file CodeIgniter.php */ -/* Location: ./system/core/CodeIgniter.php */ +/* Location: ./system/core/CodeIgniter.php */ \ No newline at end of file -- cgit v1.2.3-24-g4f1b From 82f9b1571370e8d87a0cbd4ff16647a6eccf3c6e Mon Sep 17 00:00:00 2001 From: Phil Sturgeon Date: Wed, 16 Mar 2011 22:18:08 +0000 Subject: Standardized newlines even more extensively in Input class. --- system/core/Input.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Input.php b/system/core/Input.php index 626245390..18131350f 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -539,7 +539,7 @@ class CI_Input { { if (strpos($str, "\r") !== FALSE) { - $str = str_replace(array("\r\n", "\r"), PHP_EOL, $str); + $str = str_replace(array("\r\n", "\r", "\r\n\n"), PHP_EOL, $str); } } -- cgit v1.2.3-24-g4f1b From 0ea04149bbae0fdcde92b7362e7cbd76f0df3865 Mon Sep 17 00:00:00 2001 From: bubbafoley Date: Thu, 17 Mar 2011 14:55:41 -0500 Subject: load config files from environment specific locations in core classes, helpers and libraries --- system/core/Hooks.php | 10 +++++++++- system/core/Loader.php | 10 +++++++++- system/core/Output.php | 11 ++++++++++- system/core/Router.php | 10 +++++++++- 4 files changed, 37 insertions(+), 4 deletions(-) (limited to 'system/core') diff --git a/system/core/Hooks.php b/system/core/Hooks.php index 75fd811b0..e4f8cfa53 100644 --- a/system/core/Hooks.php +++ b/system/core/Hooks.php @@ -65,7 +65,15 @@ class CI_Hooks { // Grab the "hooks" definition file. // If there are no hooks, we're done. - @include(APPPATH.'config/hooks'.EXT); + if (file_exists(APPPATH.'config/'.ENVIRONMENT.'/hooks'.EXT)) + { + @include(APPPATH.'config/'.ENVIRONMENT.'/hooks'.EXT); + } + else + { + @include(APPPATH.'config/hooks'.EXT); + } + if ( ! isset($hook) OR ! is_array($hook)) { diff --git a/system/core/Loader.php b/system/core/Loader.php index 7003318ee..75c09435d 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -975,7 +975,15 @@ class CI_Loader { */ function _ci_autoloader() { - include_once(APPPATH.'config/autoload'.EXT); + if (file_exists(APPPATH.'config/'.ENVIRONMENT.'/autoload'.EXT)) + { + include_once(APPPATH.'config/'.ENVIRONMENT.'/autoload'.EXT); + } + else + { + include_once(APPPATH.'config/autoload'.EXT); + } + if ( ! isset($autoload)) { diff --git a/system/core/Output.php b/system/core/Output.php index 6644b3bff..82c821524 100644 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -43,7 +43,16 @@ class CI_Output { $this->_zlib_oc = @ini_get('zlib.output_compression'); // Get mime types for later - include APPPATH.'config/mimes'.EXT; + if (file_exists(APPPATH.'config/'.ENVIRONMENT.'/mimes'.EXT)) + { + include APPPATH.'config/'.ENVIRONMENT.'/mimes'.EXT; + } + else + { + include APPPATH.'config/mimes'.EXT; + } + + $this->mime_types = $mimes; log_message('debug', "Output Class Initialized"); diff --git a/system/core/Router.php b/system/core/Router.php index 6893e6e92..005e81748 100644 --- a/system/core/Router.php +++ b/system/core/Router.php @@ -87,7 +87,15 @@ class CI_Router { } // Load the routes.php file. - @include(APPPATH.'config/routes'.EXT); + + if (file_exists(APPPATH.'config/'.ENVIRONMENT.'/routes'.EXT)) + { + @include(APPPATH.'config/'.ENVIRONMENT.'/routes'.EXT); + } + else + { + @include(APPPATH.'config/routes'.EXT); + } $this->routes = ( ! isset($route) OR ! is_array($route)) ? array() : $route; unset($route); -- cgit v1.2.3-24-g4f1b From 928083406322821a35a7d8a4205620c3854772a6 Mon Sep 17 00:00:00 2001 From: Eric Barnes Date: Fri, 18 Mar 2011 09:02:37 -0400 Subject: Fixed coding to match standards from previous releases --- system/core/Hooks.php | 4 ++-- system/core/Router.php | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) (limited to 'system/core') diff --git a/system/core/Hooks.php b/system/core/Hooks.php index e4f8cfa53..b41c645ae 100644 --- a/system/core/Hooks.php +++ b/system/core/Hooks.php @@ -67,13 +67,13 @@ class CI_Hooks { if (file_exists(APPPATH.'config/'.ENVIRONMENT.'/hooks'.EXT)) { - @include(APPPATH.'config/'.ENVIRONMENT.'/hooks'.EXT); + include(APPPATH.'config/'.ENVIRONMENT.'/hooks'.EXT); } else { @include(APPPATH.'config/hooks'.EXT); } - + if ( ! isset($hook) OR ! is_array($hook)) { diff --git a/system/core/Router.php b/system/core/Router.php index 005e81748..bd363da71 100644 --- a/system/core/Router.php +++ b/system/core/Router.php @@ -87,10 +87,10 @@ class CI_Router { } // Load the routes.php file. - + if (file_exists(APPPATH.'config/'.ENVIRONMENT.'/routes'.EXT)) { - @include(APPPATH.'config/'.ENVIRONMENT.'/routes'.EXT); + include(APPPATH.'config/'.ENVIRONMENT.'/routes'.EXT); } else { -- cgit v1.2.3-24-g4f1b From bb5d4f7806fec3806c9cd21623b4bc3c390fa83a Mon Sep 17 00:00:00 2001 From: Eric Barnes Date: Fri, 18 Mar 2011 13:39:58 -0400 Subject: Changed scope on parse_exec_vars. Fixes #145 --- system/core/Output.php | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) (limited to 'system/core') diff --git a/system/core/Output.php b/system/core/Output.php index 82c821524..5ec096a47 100644 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -28,13 +28,12 @@ */ class CI_Output { + public $parse_exec_vars = TRUE; // whether or not to parse variables like {elapsed_time} and {memory_usage} protected $final_output; protected $cache_expiration = 0; protected $headers = array(); protected $mime_types = array(); protected $enable_profiler = FALSE; - protected $parse_exec_vars = TRUE; // whether or not to parse variables like {elapsed_time} and {memory_usage} - protected $_zlib_oc = FALSE; protected $_profiler_sections = array(); @@ -51,10 +50,10 @@ class CI_Output { { include APPPATH.'config/mimes'.EXT; } - - + + $this->mime_types = $mimes; - + log_message('debug', "Output Class Initialized"); } @@ -87,7 +86,7 @@ class CI_Output { function set_output($output) { $this->final_output = $output; - + return $this; } @@ -177,7 +176,7 @@ class CI_Output { $header = 'Content-Type: '.$mime_type; $this->headers[] = array($header, TRUE); - + return $this; } -- cgit v1.2.3-24-g4f1b From fdd5b11b62f127901ddff2e5dc7923b063371070 Mon Sep 17 00:00:00 2001 From: Eric Barnes Date: Mon, 21 Mar 2011 21:28:58 -0400 Subject: Fixed logic and removed the error supressing --- system/core/Hooks.php | 6 +++--- system/core/Router.php | 8 ++++---- 2 files changed, 7 insertions(+), 7 deletions(-) (limited to 'system/core') diff --git a/system/core/Hooks.php b/system/core/Hooks.php index b41c645ae..d1e5586de 100644 --- a/system/core/Hooks.php +++ b/system/core/Hooks.php @@ -65,13 +65,13 @@ class CI_Hooks { // Grab the "hooks" definition file. // If there are no hooks, we're done. - if (file_exists(APPPATH.'config/'.ENVIRONMENT.'/hooks'.EXT)) + if (is_file(APPPATH.'config/'.ENVIRONMENT.'/hooks'.EXT)) { include(APPPATH.'config/'.ENVIRONMENT.'/hooks'.EXT); } - else + elseif (is_file(APPPATH.'config/hooks'.EXT)) { - @include(APPPATH.'config/hooks'.EXT); + include(APPPATH.'config/hooks'.EXT); } diff --git a/system/core/Router.php b/system/core/Router.php index bd363da71..2c78efe07 100644 --- a/system/core/Router.php +++ b/system/core/Router.php @@ -87,15 +87,15 @@ class CI_Router { } // Load the routes.php file. - - if (file_exists(APPPATH.'config/'.ENVIRONMENT.'/routes'.EXT)) + if (is_file(APPPATH.'config/'.ENVIRONMENT.'/routes'.EXT)) { include(APPPATH.'config/'.ENVIRONMENT.'/routes'.EXT); } - else + elseif (is_file(APPPATH.'config/routes'.EXT)) { - @include(APPPATH.'config/routes'.EXT); + include(APPPATH.'config/routes'.EXT); } + $this->routes = ( ! isset($route) OR ! is_array($route)) ? array() : $route; unset($route); -- cgit v1.2.3-24-g4f1b From e3c41cfa8cda0acda255ffb186464ada4c2c8a5d Mon Sep 17 00:00:00 2001 From: Eric Barnes Date: Mon, 21 Mar 2011 22:07:53 -0400 Subject: Added error logging to language. Fixes #32 --- system/core/Lang.php | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'system/core') diff --git a/system/core/Lang.php b/system/core/Lang.php index fb177902e..0b926a303 100644 --- a/system/core/Lang.php +++ b/system/core/Lang.php @@ -130,6 +130,13 @@ class CI_Lang { function line($line = '') { $line = ($line == '' OR ! isset($this->language[$line])) ? FALSE : $this->language[$line]; + + // Because killer robots like unicorns! + if ($line === FALSE) + { + log_message('error', 'Could not find the language line "'.$line.'"'); + } + return $line; } -- cgit v1.2.3-24-g4f1b From 150830180c79d7688ef4ba41cd13323d760d033b Mon Sep 17 00:00:00 2001 From: Eric Barnes Date: Mon, 21 Mar 2011 22:13:12 -0400 Subject: If you do is_really_writable() on a file that does not exist on a Windows server or on a Unix box with safe_mode enabled, it will create the file and leave it there. Fixes #80 --- system/core/Common.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Common.php b/system/core/Common.php index cd6b93355..f424a2cc9 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -88,7 +88,7 @@ @unlink($file); return TRUE; } - elseif (($fp = @fopen($file, FOPEN_WRITE_CREATE)) === FALSE) + elseif ( ! is_file($file) OR ($fp = @fopen($file, FOPEN_WRITE_CREATE)) === FALSE) { return FALSE; } -- cgit v1.2.3-24-g4f1b From 08b5169a5181706156c9a53229d164d9fa3aea32 Mon Sep 17 00:00:00 2001 From: Phil Sturgeon Date: Sun, 3 Apr 2011 18:05:42 +0100 Subject: Fixed loading an array of libraries. --- system/core/Loader.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Loader.php b/system/core/Loader.php index 5c7a7eff8..278a868e6 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -79,7 +79,7 @@ class CI_Loader { { if (is_array($library)) { - foreach ($library as $read) + foreach ($library as $class) { $this->library($class, $params); } -- cgit v1.2.3-24-g4f1b From 0ff50269e6bac31870a4d69bf4bc0bb895999f1f Mon Sep 17 00:00:00 2001 From: Pascal Kriete Date: Tue, 5 Apr 2011 14:52:03 -0400 Subject: tweaking remove_invisible_characters to make urlencoded character stripping optional --- system/core/Common.php | 28 +++++++++++++--------------- 1 file changed, 13 insertions(+), 15 deletions(-) (limited to 'system/core') diff --git a/system/core/Common.php b/system/core/Common.php index f424a2cc9..b4bd5b097 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -477,28 +477,26 @@ * @param string * @return string */ - function remove_invisible_characters($str) + function remove_invisible_characters($str, $url_encoded = TRUE) { - static $non_displayables; - - if ( ! isset($non_displayables)) + $non_displayables = array(); + + // every control character except newline (dec 10) + // carriage return (dec 13), and horizontal tab (dec 09) + + if ($url_encoded) { - // every control character except newline (dec 10), carriage return (dec 13), and horizontal tab (dec 09), - $non_displayables = array( - '/%0[0-8bcef]/', // url encoded 00-08, 11, 12, 14, 15 - '/%1[0-9a-f]/', // url encoded 16-31 - '/[\x00-\x08]/', // 00-08 - '/\x0b/', '/\x0c/', // 11, 12 - '/[\x0e-\x1f]/' // 14-31 - ); + $non_displayables[] = '/%0[0-8bcef]/'; // url encoded 00-08, 11, 12, 14, 15 + $non_displayables[] = '/%1[0-9a-f]/'; // url encoded 16-31 } + + $non_displayables[] = '/[\x00-\x08\x0B\x0C\x0E-\x1F\x7F]+/S'; // 00-08, 11, 12, 14-31, 127 do { - $cleaned = $str; - $str = preg_replace($non_displayables, '', $str); + $str = preg_replace($non_displayables, '', $str, -1, $count); } - while ($cleaned != $str); + while ($count); return $str; } -- cgit v1.2.3-24-g4f1b From 14a0ac63a9dfb72e4681c37f7727cd48882152bd Mon Sep 17 00:00:00 2001 From: Pascal Kriete Date: Tue, 5 Apr 2011 14:55:56 -0400 Subject: Moving security to core. --- system/core/CodeIgniter.php | 7 + system/core/Input.php | 16 +- system/core/Security.php | 820 ++++++++++++++++++++++++++++++++++++++++++++ system/core/Utf8.php | 2 +- 4 files changed, 835 insertions(+), 10 deletions(-) create mode 100644 system/core/Security.php (limited to 'system/core') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index 39a4d7ffd..7f4595e68 100644 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -196,6 +196,13 @@ } } +/* + * ----------------------------------------------------- + * Load the security class for xss and csrf support + * ----------------------------------------------------- + */ + $SEC =& load_class('Security', 'core'); + /* * ------------------------------------------------------ * Load the Input class and sanitize globals diff --git a/system/core/Input.php b/system/core/Input.php index 18131350f..dc7612e64 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -53,11 +53,8 @@ class CI_Input { $this->_enable_xss = (config_item('global_xss_filtering') === TRUE); $this->_enable_csrf = (config_item('csrf_protection') === TRUE); - // Do we need to load the security class? - if ($this->_enable_xss == TRUE OR $this->_enable_csrf == TRUE) - { - $this->security =& load_class('Security'); - } + global $SEC; + $this->security =& $SEC; // Do we need the UTF-8 class? if (UTF8_ENABLED === TRUE) @@ -92,8 +89,7 @@ class CI_Input { if ($xss_clean === TRUE) { - $_security =& load_class('Security'); - return $_security->xss_clean($array[$index]); + return $this->security->xss_clean($array[$index]); } return $array[$index]; @@ -527,6 +523,9 @@ class CI_Input { { $str = $this->uni->clean_string($str); } + + // Remove control characters + $str = remove_invisible_characters($str); // Should we filter the input data? if ($this->_enable_xss === TRUE) @@ -642,8 +641,7 @@ class CI_Input { if ($xss_clean === TRUE) { - $_security =& load_class('Security'); - return $_security->xss_clean($this->headers[$index]); + return $this->security->xss_clean($this->headers[$index]); } return $this->headers[$index]; diff --git a/system/core/Security.php b/system/core/Security.php new file mode 100644 index 000000000..ceef9779c --- /dev/null +++ b/system/core/Security.php @@ -0,0 +1,820 @@ + '[removed]', + 'document.write' => '[removed]', + '.parentNode' => '[removed]', + '.innerHTML' => '[removed]', + 'window.location' => '[removed]', + '-moz-binding' => '[removed]', + '' => '-->', + ' '<![CDATA[' + ); + + /* never allowed, regex replacement */ + protected $_never_allowed_regex = array( + "javascript\s*:" => '[removed]', + "expression\s*(\(|&\#40;)" => '[removed]', // CSS and IE + "vbscript\s*:" => '[removed]', // IE, surprise! + "Redirect\s+302" => '[removed]' + ); + + /** + * Constructor + */ + public function __construct() + { + // Append application specific cookie prefix to token name + $this->_csrf_cookie_name = (config_item('cookie_prefix')) ? config_item('cookie_prefix').$this->_csrf_token_name : $this->_csrf_token_name; + + // Set the CSRF hash + $this->_csrf_set_hash(); + + log_message('debug', "Security Class Initialized"); + } + + // -------------------------------------------------------------------- + + /** + * Verify Cross Site Request Forgery Protection + * + * @return object + */ + public function csrf_verify() + { + // If no POST data exists we will set the CSRF cookie + if (count($_POST) == 0) + { + return $this->csrf_set_cookie(); + } + + // Do the tokens exist in both the _POST and _COOKIE arrays? + if ( ! isset($_POST[$this->_csrf_token_name]) OR + ! isset($_COOKIE[$this->_csrf_cookie_name])) + { + $this->csrf_show_error(); + } + + // Do the tokens match? + if ($_POST[$this->_csrf_token_name] != $_COOKIE[$this->_csrf_cookie_name]) + { + $this->csrf_show_error(); + } + + // We kill this since we're done and we don't want to + // polute the _POST array + unset($_POST[$this->_csrf_token_name]); + + // Nothing should last forever + unset($_COOKIE[$this->_csrf_cookie_name]); + $this->_csrf_set_hash(); + $this->csrf_set_cookie(); + + log_message('debug', "CSRF token verified "); + + return $this; + } + + // -------------------------------------------------------------------- + + /** + * Set Cross Site Request Forgery Protection Cookie + * + * @return object + */ + public function csrf_set_cookie() + { + $expire = time() + $this->_csrf_expire; + $secure_cookie = (config_item('cookie_secure') === TRUE) ? 1 : 0; + + if ($secure_cookie) + { + $req = isset($_SERVER['HTTPS']) ? $_SERVER['HTTPS'] : FALSE; + + if ( ! $req OR $req == 'off') + { + return FALSE; + } + } + + setcookie($this->_csrf_cookie_name, $this->_csrf_hash, $expire, config_item('cookie_path'), config_item('cookie_domain'), $secure_cookie); + + log_message('debug', "CRSF cookie Set"); + + return $this; + } + + // -------------------------------------------------------------------- + + /** + * Show CSRF Error + * + * @return void + */ + public function csrf_show_error() + { + show_error('The action you have requested is not allowed.'); + } + + // -------------------------------------------------------------------- + + /** + * Get CSRF Hash + * + * Getter Method + * + * @return string self::_csrf_hash + */ + public function get_csrf_hash() + { + return $this->_csrf_hash; + } + + // -------------------------------------------------------------------- + + /** + * Get CSRF Token Name + * + * Getter Method + * + * @return string self::csrf_token_name + */ + public function get_csrf_token_name() + { + return $this->_csrf_token_name; + } + + // -------------------------------------------------------------------- + + /** + * XSS Clean + * + * Sanitizes data so that Cross Site Scripting Hacks can be + * prevented. This function does a fair amount of work but + * it is extremely thorough, designed to prevent even the + * most obscure XSS attempts. Nothing is ever 100% foolproof, + * of course, but I haven't been able to get anything passed + * the filter. + * + * Note: This function should only be used to deal with data + * upon submission. It's not something that should + * be used for general runtime processing. + * + * This function was based in part on some code and ideas I + * got from Bitflux: http://channel.bitflux.ch/wiki/XSS_Prevention + * + * To help develop this script I used this great list of + * vulnerabilities along with a few other hacks I've + * harvested from examining vulnerabilities in other programs: + * http://ha.ckers.org/xss.html + * + * @param mixed string or array + * @return string + */ + public function xss_clean($str, $is_image = FALSE) + { + /* + * Is the string an array? + * + */ + if (is_array($str)) + { + while (list($key) = each($str)) + { + $str[$key] = $this->xss_clean($str[$key]); + } + + return $str; + } + + /* + * Remove Invisible Characters + */ + $str = remove_invisible_characters($str); + + // Validate Entities in URLs + $str = $this->_validate_entities($str); + + /* + * URL Decode + * + * Just in case stuff like this is submitted: + * + * Google + * + * Note: Use rawurldecode() so it does not remove plus signs + * + */ + $str = rawurldecode($str); + + /* + * Convert character entities to ASCII + * + * This permits our tests below to work reliably. + * We only convert entities that are within tags since + * these are the ones that will pose security problems. + * + */ + + $str = preg_replace_callback("/[a-z]+=([\'\"]).*?\\1/si", array($this, '_convert_attribute'), $str); + + $str = preg_replace_callback("/<\w+.*?(?=>|<|$)/si", array($this, '_decode_entity'), $str); + + /* + * Remove Invisible Characters Again! + */ + $str = remove_invisible_characters($str); + + /* + * Convert all tabs to spaces + * + * This prevents strings like this: ja vascript + * NOTE: we deal with spaces between characters later. + * NOTE: preg_replace was found to be amazingly slow here on + * large blocks of data, so we use str_replace. + */ + + if (strpos($str, "\t") !== FALSE) + { + $str = str_replace("\t", ' ', $str); + } + + /* + * Capture converted string for later comparison + */ + $converted_string = $str; + + // Remove Strings that are never allowed + $str = $this->_do_never_allowed($str); + + /* + * Makes PHP tags safe + * + * Note: XML tags are inadvertently replaced too: + * + * '), array('<?', '?>'), $str); + } + + /* + * Compact any exploded words + * + * This corrects words like: j a v a s c r i p t + * These words are compacted back to their correct state. + */ + $words = array( + 'javascript', 'expression', 'vbscript', 'script', + 'applet', 'alert', 'document', 'write', 'cookie', 'window' + ); + + foreach ($words as $word) + { + $temp = ''; + + for ($i = 0, $wordlen = strlen($word); $i < $wordlen; $i++) + { + $temp .= substr($word, $i, 1)."\s*"; + } + + // We only want to do this when it is followed by a non-word character + // That way valid stuff like "dealer to" does not become "dealerto" + $str = preg_replace_callback('#('.substr($temp, 0, -3).')(\W)#is', array($this, '_compact_exploded_words'), $str); + } + + /* + * Remove disallowed Javascript in links or img tags + * We used to do some version comparisons and use of stripos for PHP5, + * but it is dog slow compared to these simplified non-capturing + * preg_match(), especially if the pattern exists in the string + */ + do + { + $original = $str; + + if (preg_match("/]*?)(>|$)#si", array($this, '_js_link_removal'), $str); + } + + if (preg_match("/]*?)(\s?/?>|$)#si", array($this, '_js_img_removal'), $str); + } + + if (preg_match("/script/i", $str) OR preg_match("/xss/i", $str)) + { + $str = preg_replace("#<(/*)(script|xss)(.*?)\>#si", '[removed]', $str); + } + } + while($original != $str); + + unset($original); + + // Remove evil attributes such as style, onclick and xmlns + $str = $this->_remove_evil_attributes($str, $is_image); + + /* + * Sanitize naughty HTML elements + * + * If a tag containing any of the words in the list + * below is found, the tag gets converted to entities. + * + * So this: + * Becomes: <blink> + */ + $naughty = 'alert|applet|audio|basefont|base|behavior|bgsound|blink|body|embed|expression|form|frameset|frame|head|html|ilayer|iframe|input|isindex|layer|link|meta|object|plaintext|style|script|textarea|title|video|xml|xss'; + $str = preg_replace_callback('#<(/*\s*)('.$naughty.')([^><]*)([><]*)#is', array($this, '_sanitize_naughty_html'), $str); + + /* + * Sanitize naughty scripting elements + * + * Similar to above, only instead of looking for + * tags it looks for PHP and JavaScript commands + * that are disallowed. Rather than removing the + * code, it simply converts the parenthesis to entities + * rendering the code un-executable. + * + * For example: eval('some code') + * Becomes: eval('some code') + */ + $str = preg_replace('#(alert|cmd|passthru|eval|exec|expression|system|fopen|fsockopen|file|file_get_contents|readfile|unlink)(\s*)\((.*?)\)#si', "\\1\\2(\\3)", $str); + + + // Final clean up + // This adds a bit of extra precaution in case + // something got through the above filters + $str = $this->_do_never_allowed($str); + + /* + * Images are Handled in a Special Way + * - Essentially, we want to know that after all of the character + * conversion is done whether any unwanted, likely XSS, code was found. + * If not, we return TRUE, as the image is clean. + * However, if the string post-conversion does not matched the + * string post-removal of XSS, then it fails, as there was unwanted XSS + * code found and removed/changed during processing. + */ + + if ($is_image === TRUE) + { + return ($str == $converted_string) ? TRUE: FALSE; + } + + log_message('debug', "XSS Filtering completed"); + return $str; + } + + // -------------------------------------------------------------------- + + /** + * Random Hash for protecting URLs + * + * @return string + */ + public function xss_hash() + { + if ($this->_xss_hash == '') + { + if (phpversion() >= 4.2) + { + mt_srand(); + } + else + { + mt_srand(hexdec(substr(md5(microtime()), -8)) & 0x7fffffff); + } + + $this->_xss_hash = md5(time() + mt_rand(0, 1999999999)); + } + + return $this->_xss_hash; + } + + // -------------------------------------------------------------------- + + /** + * HTML Entities Decode + * + * This function is a replacement for html_entity_decode() + * + * In some versions of PHP the native function does not work + * when UTF-8 is the specified character set, so this gives us + * a work-around. More info here: + * http://bugs.php.net/bug.php?id=25670 + * + * NOTE: html_entity_decode() has a bug in some PHP versions when UTF-8 is the + * character set, and the PHP developers said they were not back porting the + * fix to versions other than PHP 5.x. + * + * @param string + * @param string + * @return string + */ + public function entity_decode($str, $charset='UTF-8') + { + if (stristr($str, '&') === FALSE) return $str; + + // The reason we are not using html_entity_decode() by itself is because + // while it is not technically correct to leave out the semicolon + // at the end of an entity most browsers will still interpret the entity + // correctly. html_entity_decode() does not convert entities without + // semicolons, so we are left with our own little solution here. Bummer. + + if (function_exists('html_entity_decode') && + (strtolower($charset) != 'utf-8')) + { + $str = html_entity_decode($str, ENT_COMPAT, $charset); + $str = preg_replace('~&#x(0*[0-9a-f]{2,5})~ei', 'chr(hexdec("\\1"))', $str); + return preg_replace('~&#([0-9]{2,4})~e', 'chr(\\1)', $str); + } + + // Numeric Entities + $str = preg_replace('~&#x(0*[0-9a-f]{2,5});{0,1}~ei', 'chr(hexdec("\\1"))', $str); + $str = preg_replace('~&#([0-9]{2,4});{0,1}~e', 'chr(\\1)', $str); + + // Literal Entities - Slightly slow so we do another check + if (stristr($str, '&') === FALSE) + { + $str = strtr($str, array_flip(get_html_translation_table(HTML_ENTITIES))); + } + + return $str; + } + + // -------------------------------------------------------------------- + + /** + * Filename Security + * + * @param string + * @return string + */ + public function sanitize_filename($str, $relative_path = FALSE) + { + $bad = array( + "../", + "", + "<", + ">", + "'", + '"', + '&', + '$', + '#', + '{', + '}', + '[', + ']', + '=', + ';', + '?', + "%20", + "%22", + "%3c", // < + "%253c", // < + "%3e", // > + "%0e", // > + "%28", // ( + "%29", // ) + "%2528", // ( + "%26", // & + "%24", // $ + "%3f", // ? + "%3b", // ; + "%3d" // = + ); + + if ( ! $relative_path) + { + $bad[] = './'; + $bad[] = '/'; + } + + $str = remove_invisible_characters($str, FALSE); + return stripslashes(str_replace($bad, '', $str)); + } + + // ---------------------------------------------------------------- + + /** + * Compact Exploded Words + * + * Callback function for xss_clean() to remove whitespace from + * things like j a v a s c r i p t + * + * @param type + * @return type + */ + protected function _compact_exploded_words($matches) + { + return preg_replace('/\s+/s', '', $matches[1]).$matches[2]; + } + + // -------------------------------------------------------------------- + + /* + * Remove Evil HTML Attributes (like evenhandlers and style) + * + * It removes the evil attribute and either: + * - Everything up until a space + * For example, everything between the pipes: + * + * - Everything inside the quotes + * For example, everything between the pipes: + * + * + * @param string $str The string to check + * @param boolean $is_image TRUE if this is an image + * @return string The string with the evil attributes removed + */ + protected function _remove_evil_attributes($str, $is_image) + { + // All javascript event handlers (e.g. onload, onclick, onmouseover), style, and xmlns + $evil_attributes = array('on\w*', 'style', 'xmlns'); + + if ($is_image === TRUE) + { + /* + * Adobe Photoshop puts XML metadata into JFIF images, + * including namespacing, so we have to allow this for images. + */ + unset($evil_attributes[array_search('xmlns', $evil_attributes)]); + } + + do { + $str = preg_replace( + "#<(/?[^><]+?)([^A-Za-z\-])(".implode('|', $evil_attributes).")(\s*=\s*)([\"][^>]*?[\"]|[\'][^>]*?[\']|[^>]*?)([\s><])([><]*)#i", + "<$1$6", + $str, -1, $count + ); + } while ($count); + + return $str; + } + + // -------------------------------------------------------------------- + + /** + * Sanitize Naughty HTML + * + * Callback function for xss_clean() to remove naughty HTML elements + * + * @param array + * @return string + */ + protected function _sanitize_naughty_html($matches) + { + // encode opening brace + $str = '<'.$matches[1].$matches[2].$matches[3]; + + // encode captured opening or closing brace to prevent recursive vectors + $str .= str_replace(array('>', '<'), array('>', '<'), + $matches[4]); + + return $str; + } + + // -------------------------------------------------------------------- + + /** + * JS Link Removal + * + * Callback function for xss_clean() to sanitize links + * This limits the PCRE backtracks, making it more performance friendly + * and prevents PREG_BACKTRACK_LIMIT_ERROR from being triggered in + * PHP 5.2+ on link-heavy strings + * + * @param array + * @return string + */ + protected function _js_link_removal($match) + { + $attributes = $this->_filter_attributes(str_replace(array('<', '>'), '', $match[1])); + + return str_replace($match[1], preg_replace("#href=.*?(alert\(|alert&\#40;|javascript\:|livescript\:|mocha\:|charset\=|window\.|document\.|\.cookie|_filter_attributes(str_replace(array('<', '>'), '', $match[1])); + + return str_replace($match[1], preg_replace("#src=.*?(alert\(|alert&\#40;|javascript\:|livescript\:|mocha\:|charset\=|window\.|document\.|\.cookie|', '<', '\\'), array('>', '<', '\\\\'), $match[0]); + } + + // -------------------------------------------------------------------- + + /** + * Filter Attributes + * + * Filters tag attributes for consistency and safety + * + * @param string + * @return string + */ + protected function _filter_attributes($str) + { + $out = ''; + + if (preg_match_all('#\s*[a-z\-]+\s*=\s*(\042|\047)([^\\1]*?)\\1#is', $str, $matches)) + { + foreach ($matches[0] as $match) + { + $out .= preg_replace("#/\*.*?\*/#s", '', $match); + } + } + + return $out; + } + + // -------------------------------------------------------------------- + + /** + * HTML Entity Decode Callback + * + * Used as a callback for XSS Clean + * + * @param array + * @return string + */ + protected function _decode_entity($match) + { + return $this->entity_decode($match[0], strtoupper(config_item('charset'))); + } + + // -------------------------------------------------------------------- + + /** + * Validate URL entities + * + * Called by xss_clean() + * + * @param string + * @return string + */ + protected function _validate_entities($str) + { + /* + * Protect GET variables in URLs + */ + + // 901119URL5918AMP18930PROTECT8198 + + $str = preg_replace('|\&([a-z\_0-9\-]+)\=([a-z\_0-9\-]+)|i', $this->xss_hash()."\\1=\\2", $str); + + /* + * Validate standard character entities + * + * Add a semicolon if missing. We do this to enable + * the conversion of entities to ASCII later. + * + */ + $str = preg_replace('#(&\#?[0-9a-z]{2,})([\x00-\x20])*;?#i', "\\1;\\2", $str); + + /* + * Validate UTF16 two byte encoding (x00) + * + * Just as above, adds a semicolon if missing. + * + */ + $str = preg_replace('#(&\#x?)([0-9A-F]+);?#i',"\\1\\2;",$str); + + /* + * Un-Protect GET variables in URLs + */ + $str = str_replace($this->xss_hash(), '&', $str); + + return $str; + } + + // ---------------------------------------------------------------------- + + /** + * Do Never Allowed + * + * A utility function for xss_clean() + * + * @param string + * @return string + */ + protected function _do_never_allowed($str) + { + foreach ($this->_never_allowed_str as $key => $val) + { + $str = str_replace($key, $val, $str); + } + + foreach ($this->_never_allowed_regex as $key => $val) + { + $str = preg_replace("#".$key."#i", $val, $str); + } + + return $str; + } + + // -------------------------------------------------------------------- + + /** + * Set Cross Site Request Forgery Protection Cookie + * + * @return string + */ + protected function _csrf_set_hash() + { + if ($this->_csrf_hash == '') + { + // If the cookie exists we will use it's value. + // We don't necessarily want to regenerate it with + // each page load since a page could contain embedded + // sub-pages causing this feature to fail + if (isset($_COOKIE[$this->_csrf_cookie_name]) && + $_COOKIE[$this->_csrf_cookie_name] != '') + { + return $this->_csrf_hash = $_COOKIE[$this->_csrf_cookie_name]; + } + + return $this->_csrf_hash = md5(uniqid(rand(), TRUE)); + } + + return $this->_csrf_hash; + } + +} +// END Security Class + +/* End of file Security.php */ +/* Location: ./system/libraries/Security.php */ \ No newline at end of file diff --git a/system/core/Utf8.php b/system/core/Utf8.php index 5d5a7ef72..2a27d1f35 100644 --- a/system/core/Utf8.php +++ b/system/core/Utf8.php @@ -107,7 +107,7 @@ class CI_Utf8 { */ function safe_ascii_for_xml($str) { - return preg_replace('/[\x00-\x08\x0B\x0C\x0E-\x1F\x7F]+/S', '', $str); + return remove_invisible_characters($str, FALSE); } // -------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From 73598e3ced570c42128ec5e90d67f509bd24fa5d Mon Sep 17 00:00:00 2001 From: Pascal Kriete Date: Tue, 5 Apr 2011 15:01:05 -0400 Subject: Tightening up control character handling in urls --- system/core/URI.php | 57 ++++++++++++++++++++++++++++++++--------------------- 1 file changed, 34 insertions(+), 23 deletions(-) (limited to 'system/core') diff --git a/system/core/URI.php b/system/core/URI.php index c43cde005..80dc62e58 100644 --- a/system/core/URI.php +++ b/system/core/URI.php @@ -64,14 +64,14 @@ class CI_URI { // Is the request coming from the command line? if (defined('STDIN')) { - $this->uri_string = $this->_parse_cli_args(); + $this->_set_uri_string($this->_parse_cli_args()); return; } // Let's try the REQUEST_URI first, this will work in most situations if ($uri = $this->_detect_uri()) { - $this->uri_string = $uri; + $this->_set_uri_string($uri); return; } @@ -80,7 +80,7 @@ class CI_URI { $path = (isset($_SERVER['PATH_INFO'])) ? $_SERVER['PATH_INFO'] : @getenv('PATH_INFO'); if (trim($path, '/') != '' && $path != "/".SELF) { - $this->uri_string = $path; + $this->_set_uri_string($path); return; } @@ -88,43 +88,54 @@ class CI_URI { $path = (isset($_SERVER['QUERY_STRING'])) ? $_SERVER['QUERY_STRING'] : @getenv('QUERY_STRING'); if (trim($path, '/') != '') { - $this->uri_string = $path; + $this->_set_uri_string($path); return; } // As a last ditch effort lets try using the $_GET array if (is_array($_GET) && count($_GET) == 1 && trim(key($_GET), '/') != '') { - $this->uri_string = key($_GET); + $this->_set_uri_string(key($_GET)); return; } // We've exhausted all our options... $this->uri_string = ''; + return; } - else - { - $uri = strtoupper($this->config->item('uri_protocol')); - if ($uri == 'REQUEST_URI') - { - $this->uri_string = $this->_detect_uri(); - return; - } - elseif ($uri == 'CLI') - { - $this->uri_string = $this->_parse_cli_args(); - return; - } + $uri = strtoupper($this->config->item('uri_protocol')); - $this->uri_string = (isset($_SERVER[$uri])) ? $_SERVER[$uri] : @getenv($uri); + if ($uri == 'REQUEST_URI') + { + $this->_set_uri_string($this->_detect_uri()); + return; } - - // If the URI contains only a slash we'll kill it - if ($this->uri_string == '/') + elseif ($uri == 'CLI') { - $this->uri_string = ''; + $this->_set_uri_string($this->_parse_cli_args()); + return; } + + $path = (isset($_SERVER[$uri])) ? $_SERVER[$uri] : @getenv($uri); + $this->_set_uri_string($path); + } + + // -------------------------------------------------------------------- + + /** + * Set the URI String + * + * @access public + * @return string + */ + function _set_uri_string($str) + { + // Filter out control characters + $str = remove_invisible_characters($str, FALSE); + + // If the URI contains only a slash we'll kill it + $this->uri_string = ($str == '/') ? '' : $str; } // -------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From 05fa61144667c85b0463f7e8baa6af00aa195dc6 Mon Sep 17 00:00:00 2001 From: Phil Sturgeon Date: Wed, 6 Apr 2011 22:57:43 +0100 Subject: Made Environment Support optional. Comment out or delete the constant to stop environment checks. --- system/core/CodeIgniter.php | 2 +- system/core/Common.php | 15 +++++++-------- system/core/Config.php | 42 +++++++++++++++++++++++++----------------- system/core/Hooks.php | 2 +- system/core/Loader.php | 6 +++--- system/core/Output.php | 2 +- system/core/Router.php | 2 +- 7 files changed, 39 insertions(+), 32 deletions(-) (limited to 'system/core') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index 39a4d7ffd..143faec15 100644 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -53,7 +53,7 @@ * Load the framework constants * ------------------------------------------------------ */ - if (file_exists(APPPATH.'config/'.ENVIRONMENT.'/constants'.EXT)) + if (defined('ENVIRONMENT') AND file_exists(APPPATH.'config/'.ENVIRONMENT.'/constants'.EXT)) { require(APPPATH.'config/'.ENVIRONMENT.'/constants'.EXT); } diff --git a/system/core/Common.php b/system/core/Common.php index f424a2cc9..d7054ebe6 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -208,19 +208,18 @@ return $_config[0]; } - $file_path = APPPATH.'config/'.ENVIRONMENT.'/config'.EXT; + // Is the config file in the environment folder? + if ( ! defined('ENVIRONMENT') OR ! file_exists($file_path = APPPATH.'config/'.ENVIRONMENT.'/config'.EXT)) + { + $file_path = APPPATH.'config/config'.EXT; + } // Fetch the config file if ( ! file_exists($file_path)) { - $file_path = APPPATH.'config/config'.EXT; - - if ( ! file_exists($file_path)) - { - exit('The configuration file does not exist.'); - } + exit('The configuration file does not exist.'); } - + require($file_path); // Does the $config array exist in the file? diff --git a/system/core/Config.php b/system/core/Config.php index a2a7dd564..863c5ef4b 100644 --- a/system/core/Config.php +++ b/system/core/Config.php @@ -81,29 +81,37 @@ class CI_Config { function load($file = '', $use_sections = FALSE, $fail_gracefully = FALSE) { $file = ($file == '') ? 'config' : str_replace(EXT, '', $file); + $found = FALSE; $loaded = FALSE; foreach ($this->_config_paths as $path) - { - $file_path = $path.'config/'.ENVIRONMENT.'/'.$file.EXT; + { + $check_locations = defined('ENVIRONMENT') + ? array(ENVIRONMENT.'/'.$file, $file) + : array($file); - if (in_array($file_path, $this->is_loaded, TRUE)) + foreach ($check_locations as $location) { - $loaded = TRUE; - continue; - } + $file_path = $path.'config/'.$location.EXT; - if ( ! file_exists($file_path)) - { - log_message('debug', 'Config for '.ENVIRONMENT.' environment is not found. Trying global config.'); - $file_path = $path.'config/'.$file.EXT; - - if ( ! file_exists($file_path)) + if (in_array($file_path, $this->is_loaded, TRUE)) + { + $loaded = TRUE; + continue 2; + } + + if (file_exists($file_path)) { - continue; + $found = TRUE; + break; } } - + + if ($found === FALSE) + { + continue; + } + include($file_path); if ( ! isset($config) OR ! is_array($config)) @@ -144,9 +152,9 @@ class CI_Config { { return FALSE; } - show_error('The configuration file '.ENVIRONMENT.'/'.$file.EXT.' and '.$file.EXT.' do not exist.'); + show_error('The configuration file '.$file.EXT.' does not exist.'); } - + return TRUE; } @@ -318,4 +326,4 @@ class CI_Config { // END CI_Config class /* End of file Config.php */ -/* Location: ./system/core/Config.php */ +/* Location: ./system/core/Config.php */ \ No newline at end of file diff --git a/system/core/Hooks.php b/system/core/Hooks.php index d1e5586de..24fa1055b 100644 --- a/system/core/Hooks.php +++ b/system/core/Hooks.php @@ -65,7 +65,7 @@ class CI_Hooks { // Grab the "hooks" definition file. // If there are no hooks, we're done. - if (is_file(APPPATH.'config/'.ENVIRONMENT.'/hooks'.EXT)) + if (defined('ENVIRONMENT') AND is_file(APPPATH.'config/'.ENVIRONMENT.'/hooks'.EXT)) { include(APPPATH.'config/'.ENVIRONMENT.'/hooks'.EXT); } diff --git a/system/core/Loader.php b/system/core/Loader.php index 278a868e6..e75805d0e 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -872,12 +872,12 @@ class CI_Loader { // We test for both uppercase and lowercase, for servers that // are case-sensitive with regard to file names. Check for environment // first, global next - if (file_exists($path .'config/'.ENVIRONMENT.'/'.strtolower($class).EXT)) + if (defined('ENVIRONMENT') AND file_exists($path .'config/'.ENVIRONMENT.'/'.strtolower($class).EXT)) { include_once($path .'config/'.ENVIRONMENT.'/'.strtolower($class).EXT); break; } - elseif (file_exists($path .'config/'.ENVIRONMENT.'/'.ucfirst(strtolower($class)).EXT)) + elseif (defined('ENVIRONMENT') AND file_exists($path .'config/'.ENVIRONMENT.'/'.ucfirst(strtolower($class)).EXT)) { include_once($path .'config/'.ENVIRONMENT.'/'.ucfirst(strtolower($class)).EXT); break; @@ -965,7 +965,7 @@ class CI_Loader { */ function _ci_autoloader() { - if (file_exists(APPPATH.'config/'.ENVIRONMENT.'/autoload'.EXT)) + if (defined('ENVIRONMENT') AND file_exists(APPPATH.'config/'.ENVIRONMENT.'/autoload'.EXT)) { include_once(APPPATH.'config/'.ENVIRONMENT.'/autoload'.EXT); } diff --git a/system/core/Output.php b/system/core/Output.php index 5ec096a47..bcba2577a 100644 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -42,7 +42,7 @@ class CI_Output { $this->_zlib_oc = @ini_get('zlib.output_compression'); // Get mime types for later - if (file_exists(APPPATH.'config/'.ENVIRONMENT.'/mimes'.EXT)) + if (defined('ENVIRONMENT') AND file_exists(APPPATH.'config/'.ENVIRONMENT.'/mimes'.EXT)) { include APPPATH.'config/'.ENVIRONMENT.'/mimes'.EXT; } diff --git a/system/core/Router.php b/system/core/Router.php index 2c78efe07..d451aab68 100644 --- a/system/core/Router.php +++ b/system/core/Router.php @@ -87,7 +87,7 @@ class CI_Router { } // Load the routes.php file. - if (is_file(APPPATH.'config/'.ENVIRONMENT.'/routes'.EXT)) + if (defined('ENVIRONMENT') AND is_file(APPPATH.'config/'.ENVIRONMENT.'/routes'.EXT)) { include(APPPATH.'config/'.ENVIRONMENT.'/routes'.EXT); } -- cgit v1.2.3-24-g4f1b From f2f4ea49cccc8a8a14ec5f1b71fdba54b1990603 Mon Sep 17 00:00:00 2001 From: Phil Sturgeon Date: Wed, 6 Apr 2011 23:26:10 +0100 Subject: Made in Output protected again, it was only ever made public by Eric to fix an issue with the Dwoo MY_Parser, which is no reason to change core files. That Parser doesn't really even need the acess. --- system/core/Output.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core') diff --git a/system/core/Output.php b/system/core/Output.php index bcba2577a..45a82f3cb 100644 --- a/system/core/Output.php +++ b/system/core/Output.php @@ -28,7 +28,6 @@ */ class CI_Output { - public $parse_exec_vars = TRUE; // whether or not to parse variables like {elapsed_time} and {memory_usage} protected $final_output; protected $cache_expiration = 0; protected $headers = array(); @@ -36,6 +35,7 @@ class CI_Output { protected $enable_profiler = FALSE; protected $_zlib_oc = FALSE; protected $_profiler_sections = array(); + protected $parse_exec_vars = TRUE; // whether or not to parse variables like {elapsed_time} and {memory_usage} function __construct() { -- cgit v1.2.3-24-g4f1b