From f4a4bd8fac188ebc9cda822ffc811c218fd92b45 Mon Sep 17 00:00:00 2001 From: Derek Jones Date: Thu, 20 Oct 2011 12:18:42 -0500 Subject: adding new license file (OSL 3.0) and updating readme to ReST added notice of license to all source files. OSL to all except the few files we ship inside of the application folder, those are AFL. Updated license in user guide. incrementing next dev version to 3.0 due to licensing change --- system/helpers/path_helper.php | 20 ++++++++++++++++---- 1 file changed, 16 insertions(+), 4 deletions(-) (limited to 'system/helpers/path_helper.php') diff --git a/system/helpers/path_helper.php b/system/helpers/path_helper.php index ffcf46842..bca9dcb25 100644 --- a/system/helpers/path_helper.php +++ b/system/helpers/path_helper.php @@ -4,10 +4,22 @@ * * An open source application development framework for PHP 5.1.6 or newer * + * NOTICE OF LICENSE + * + * Licensed under the Open Software License version 3.0 + * + * This source file is subject to the Open Software License (OSL 3.0) that is + * bundled with this package in the files license.txt / license.rst. It is + * also available through the world wide web at this URL: + * http://opensource.org/licenses/OSL-3.0 + * If you did not receive a copy of the license and are unable to obtain it + * through the world wide web, please send an email to + * licensing@ellislab.com so we can send you a copy immediately. + * * @package CodeIgniter - * @author ExpressionEngine Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. - * @license http://codeigniter.com/user_guide/license.html + * @author EllisLab Dev Team + * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 * @filesource @@ -21,7 +33,7 @@ * @package CodeIgniter * @subpackage Helpers * @category Helpers - * @author ExpressionEngine Dev Team + * @author EllisLab Dev Team * @link http://codeigniter.com/user_guide/helpers/xml_helper.html */ -- cgit v1.2.3-24-g4f1b From 0defe5d33ee2633f377a109519ca818becc60f64 Mon Sep 17 00:00:00 2001 From: Greg Aker Date: Sun, 1 Jan 2012 18:46:41 -0600 Subject: Updating copyright date to 2012 --- system/helpers/path_helper.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/helpers/path_helper.php') diff --git a/system/helpers/path_helper.php b/system/helpers/path_helper.php index bca9dcb25..da2b8d307 100644 --- a/system/helpers/path_helper.php +++ b/system/helpers/path_helper.php @@ -18,7 +18,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/) * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 -- cgit v1.2.3-24-g4f1b From a381d175691a5fa58b4ef4d0aab1a0b7bc9a87fb Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 6 Jan 2012 19:19:37 +0200 Subject: Improve number, path & security helpers --- system/helpers/path_helper.php | 20 ++++++++------------ 1 file changed, 8 insertions(+), 12 deletions(-) (limited to 'system/helpers/path_helper.php') diff --git a/system/helpers/path_helper.php b/system/helpers/path_helper.php index da2b8d307..cd87a73eb 100644 --- a/system/helpers/path_helper.php +++ b/system/helpers/path_helper.php @@ -1,13 +1,13 @@ - Date: Fri, 9 Mar 2012 17:03:37 +0000 Subject: Bumped CodeIgniter's PHP requirement to 5.2.4. Yes I know PHP 5.4 just came out, and yes I know PHP 5.3 has lovely features, but there are plenty of corporate systems running on CodeIgniter and PHP 5.3 still is not widely supported enough. CodeIgniter is great for distributed applications, and this is the highest we can reasonably go without breaking support. PHP 5.3 will most likely happen in another year or so. Fingers crossed on that one anyway... --- system/helpers/path_helper.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/helpers/path_helper.php') diff --git a/system/helpers/path_helper.php b/system/helpers/path_helper.php index cd87a73eb..2eb85fefa 100644 --- a/system/helpers/path_helper.php +++ b/system/helpers/path_helper.php @@ -2,7 +2,7 @@ /** * CodeIgniter * - * An open source application development framework for PHP 5.1.6 or newer + * An open source application development framework for PHP 5.2.4 or newer * * NOTICE OF LICENSE * -- cgit v1.2.3-24-g4f1b From 89338828264a6b50e0eb63c449a96f14f0f84076 Mon Sep 17 00:00:00 2001 From: Taufan Aditya Date: Mon, 12 Mar 2012 21:03:37 +0700 Subject: Path helper improvement --- system/helpers/path_helper.php | 16 +++++----------- 1 file changed, 5 insertions(+), 11 deletions(-) (limited to 'system/helpers/path_helper.php') diff --git a/system/helpers/path_helper.php b/system/helpers/path_helper.php index 2eb85fefa..1b9bdae75 100644 --- a/system/helpers/path_helper.php +++ b/system/helpers/path_helper.php @@ -58,21 +58,15 @@ if ( ! function_exists('set_realpath')) } // Resolve the path - if (function_exists('realpath') AND @realpath($path) !== FALSE) - { - $path = realpath($path); - } - - // Add a trailing slash - $path = rtrim($path, DIRECTORY_SEPARATOR).DIRECTORY_SEPARATOR; + $realpath = realpath($path); - // Make sure the path exists - if ($check_existance == TRUE && ! is_dir($path)) + if ( ! $realpath) { - show_error('Not a valid path: '.$path); + return $check_existance ? show_error('Not a valid path: '.$path) : $path; } - return $path; + // Add a trailing slash, if this is a directory + return is_dir($realpath) ? rtrim($realpath, DIRECTORY_SEPARATOR).DIRECTORY_SEPARATOR : $realpath; } } -- cgit v1.2.3-24-g4f1b From 4a7dd98ffd1d21f2b14b9eefa70e6cae2f9aa92d Mon Sep 17 00:00:00 2001 From: Taufan Aditya Date: Mon, 12 Mar 2012 21:33:55 +0700 Subject: Left the function_exists due some security restriction in some hosting environment --- system/helpers/path_helper.php | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) (limited to 'system/helpers/path_helper.php') diff --git a/system/helpers/path_helper.php b/system/helpers/path_helper.php index 1b9bdae75..9c0af44c1 100644 --- a/system/helpers/path_helper.php +++ b/system/helpers/path_helper.php @@ -2,7 +2,7 @@ /** * CodeIgniter * - * An open source application development framework for PHP 5.2.4 or newer + * An open source application development framework for PHP 5.1.6 or newer * * NOTICE OF LICENSE * @@ -58,7 +58,14 @@ if ( ! function_exists('set_realpath')) } // Resolve the path - $realpath = realpath($path); + if (function_exists('realpath')) + { + $realpath = realpath($path); + } + else + { + $realpath = (is_dir($path) or is_file($path)) ? $path : FALSE; + } if ( ! $realpath) { -- cgit v1.2.3-24-g4f1b From 7164cda9ab8aea8fc26aad21dd78c9f06839dec7 Mon Sep 17 00:00:00 2001 From: Taufan Aditya Date: Mon, 12 Mar 2012 21:36:04 +0700 Subject: Minimal PHP version annotation --- system/helpers/path_helper.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/helpers/path_helper.php') diff --git a/system/helpers/path_helper.php b/system/helpers/path_helper.php index 9c0af44c1..8c4730d73 100644 --- a/system/helpers/path_helper.php +++ b/system/helpers/path_helper.php @@ -2,7 +2,7 @@ /** * CodeIgniter * - * An open source application development framework for PHP 5.1.6 or newer + * An open source application development framework for PHP 5.2.4 or newer * * NOTICE OF LICENSE * -- cgit v1.2.3-24-g4f1b From fc49a657af78b0fb248cc666b162dc894e3e04ba Mon Sep 17 00:00:00 2001 From: Taufan Aditya Date: Tue, 13 Mar 2012 03:27:58 +0700 Subject: Extra --- system/helpers/path_helper.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'system/helpers/path_helper.php') diff --git a/system/helpers/path_helper.php b/system/helpers/path_helper.php index 8c4730d73..e4fc6f157 100644 --- a/system/helpers/path_helper.php +++ b/system/helpers/path_helper.php @@ -58,13 +58,13 @@ if ( ! function_exists('set_realpath')) } // Resolve the path - if (function_exists('realpath')) + if (function_exists('realpath') && @realpath($path) !== FALSE) { $realpath = realpath($path); } else { - $realpath = (is_dir($path) or is_file($path)) ? $path : FALSE; + $realpath = (is_dir($path) OR is_file($path)) ? $path : FALSE; } if ( ! $realpath) -- cgit v1.2.3-24-g4f1b From ce707b4cafd64b95031690cf927584b1d60c7ad7 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 14 Mar 2012 10:26:08 +0200 Subject: Further improve the path helper --- system/helpers/path_helper.php | 19 ++++++------------- 1 file changed, 6 insertions(+), 13 deletions(-) (limited to 'system/helpers/path_helper.php') diff --git a/system/helpers/path_helper.php b/system/helpers/path_helper.php index e4fc6f157..c31f0bdc5 100644 --- a/system/helpers/path_helper.php +++ b/system/helpers/path_helper.php @@ -25,8 +25,6 @@ * @filesource */ -// ------------------------------------------------------------------------ - /** * CodeIgniter Path Helpers * @@ -51,8 +49,8 @@ if ( ! function_exists('set_realpath')) { function set_realpath($path, $check_existance = FALSE) { - // Security check to make sure the path is NOT a URL. No remote file inclusion! - if (preg_match("#^(http:\/\/|https:\/\/|www\.|ftp|[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})#i", $path)) + // Security check to make sure the path is NOT a URL. No remote file inclusion! + if (preg_match('#^(http:\/\/|https:\/\/|www\.|ftp|[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})#i', $path)) { show_error('The path you submitted must be a local server path, not a URL'); } @@ -60,20 +58,15 @@ if ( ! function_exists('set_realpath')) // Resolve the path if (function_exists('realpath') && @realpath($path) !== FALSE) { - $realpath = realpath($path); + $path = realpath($path); } - else - { - $realpath = (is_dir($path) OR is_file($path)) ? $path : FALSE; - } - - if ( ! $realpath) + elseif ($check_existance && ! is_dir($path) && ! is_file($path)) { - return $check_existance ? show_error('Not a valid path: '.$path) : $path; + show_error('Not a valid path: '.$path); } // Add a trailing slash, if this is a directory - return is_dir($realpath) ? rtrim($realpath, DIRECTORY_SEPARATOR).DIRECTORY_SEPARATOR : $realpath; + return is_dir($path) ? rtrim($path, DIRECTORY_SEPARATOR).DIRECTORY_SEPARATOR : $path; } } -- cgit v1.2.3-24-g4f1b From 627e172fd3ada0fc2b648a3fff10af4a0022378f Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 26 Mar 2012 20:53:47 +0300 Subject: Remove access description lines and cleanup the download, language, number, path & xml helpers --- system/helpers/path_helper.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'system/helpers/path_helper.php') diff --git a/system/helpers/path_helper.php b/system/helpers/path_helper.php index c31f0bdc5..6ee99072c 100644 --- a/system/helpers/path_helper.php +++ b/system/helpers/path_helper.php @@ -40,7 +40,6 @@ /** * Set Realpath * - * @access public * @param string * @param bool checks to see if the path exists * @return string @@ -71,4 +70,4 @@ if ( ! function_exists('set_realpath')) } /* End of file path_helper.php */ -/* Location: ./system/helpers/path_helper.php */ +/* Location: ./system/helpers/path_helper.php */ \ No newline at end of file -- cgit v1.2.3-24-g4f1b From b75faa1a03a32330e412f0bd0332fb9fa389e914 Mon Sep 17 00:00:00 2001 From: Timothy Warren Date: Fri, 27 Apr 2012 12:03:32 -0400 Subject: Fix rest of the helpers --- system/helpers/path_helper.php | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) (limited to 'system/helpers/path_helper.php') diff --git a/system/helpers/path_helper.php b/system/helpers/path_helper.php index 6ee99072c..13410545c 100644 --- a/system/helpers/path_helper.php +++ b/system/helpers/path_helper.php @@ -37,15 +37,15 @@ // ------------------------------------------------------------------------ -/** - * Set Realpath - * - * @param string - * @param bool checks to see if the path exists - * @return string - */ if ( ! function_exists('set_realpath')) { + /** + * Set Realpath + * + * @param string + * @param bool checks to see if the path exists + * @return string + */ function set_realpath($path, $check_existance = FALSE) { // Security check to make sure the path is NOT a URL. No remote file inclusion! -- cgit v1.2.3-24-g4f1b From c839d28f4230dce0c658338f267b821cc16490a2 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 7 Jun 2012 14:35:27 +0300 Subject: Remove some unnecessary function_exists() checks and some minor improvements --- system/helpers/path_helper.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/helpers/path_helper.php') diff --git a/system/helpers/path_helper.php b/system/helpers/path_helper.php index 13410545c..fec4a1a10 100644 --- a/system/helpers/path_helper.php +++ b/system/helpers/path_helper.php @@ -55,7 +55,7 @@ if ( ! function_exists('set_realpath')) } // Resolve the path - if (function_exists('realpath') && @realpath($path) !== FALSE) + if (@realpath($path) !== FALSE) { $path = realpath($path); } -- cgit v1.2.3-24-g4f1b From 95c586b26f0d5730cca23119d2e5b3f5a19213a6 Mon Sep 17 00:00:00 2001 From: vkeranov Date: Thu, 12 Jul 2012 11:02:55 +0300 Subject: Wrong url again --- system/helpers/path_helper.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/helpers/path_helper.php') diff --git a/system/helpers/path_helper.php b/system/helpers/path_helper.php index fec4a1a10..166fef065 100644 --- a/system/helpers/path_helper.php +++ b/system/helpers/path_helper.php @@ -32,7 +32,7 @@ * @subpackage Helpers * @category Helpers * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/helpers/xml_helper.html + * @link http://codeigniter.com/user_guide/helpers/path_helper.html */ // ------------------------------------------------------------------------ -- cgit v1.2.3-24-g4f1b From c5536aac5752054f7f76e448d58b86407d8f574e Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 1 Nov 2012 17:33:58 +0200 Subject: Manually apply PR #1594 (fixing phpdoc page-level generation/warnings) Also partially fixes issue #1295, fixes inconsistencies in some page-level docblocks and adds include checks in language files. --- system/helpers/path_helper.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'system/helpers/path_helper.php') diff --git a/system/helpers/path_helper.php b/system/helpers/path_helper.php index 166fef065..5a798b118 100644 --- a/system/helpers/path_helper.php +++ b/system/helpers/path_helper.php @@ -1,4 +1,4 @@ - Date: Tue, 1 Jan 2013 08:16:53 +0200 Subject: [ci skip] Happy new year --- system/helpers/path_helper.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/helpers/path_helper.php') diff --git a/system/helpers/path_helper.php b/system/helpers/path_helper.php index 5a798b118..3f4f7e9fb 100644 --- a/system/helpers/path_helper.php +++ b/system/helpers/path_helper.php @@ -18,7 +18,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2013, EllisLab, Inc. (http://ellislab.com/) * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 -- cgit v1.2.3-24-g4f1b From 871754af60251993d640981e107d2def5f2db396 Mon Sep 17 00:00:00 2001 From: darwinel Date: Tue, 11 Feb 2014 17:34:57 +0100 Subject: 2013 > 2014 Update copyright notices from 2013 to 2014. And update one calendar example in user_guide from year 2013/2014 to 2014/2015. --- system/helpers/path_helper.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/helpers/path_helper.php') diff --git a/system/helpers/path_helper.php b/system/helpers/path_helper.php index 3f4f7e9fb..ae1f0bf33 100644 --- a/system/helpers/path_helper.php +++ b/system/helpers/path_helper.php @@ -18,7 +18,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2013, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 -- cgit v1.2.3-24-g4f1b From ea41c8aa1951216b6a9ccc99832d69d2b41c5ead Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 26 Feb 2014 18:31:02 +0200 Subject: Don't use error suppression on realpath() + style adjustments --- system/helpers/path_helper.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/helpers/path_helper.php') diff --git a/system/helpers/path_helper.php b/system/helpers/path_helper.php index ae1f0bf33..15e7968b9 100644 --- a/system/helpers/path_helper.php +++ b/system/helpers/path_helper.php @@ -56,7 +56,7 @@ if ( ! function_exists('set_realpath')) } // Resolve the path - if (@realpath($path) !== FALSE) + if (realpath($path) !== FALSE) { $path = realpath($path); } -- cgit v1.2.3-24-g4f1b From bdb96ca1b1dbfc1791172fd169d7751cbc4d7d55 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 28 Oct 2014 00:13:31 +0200 Subject: [ci skip] Switch to MIT license; close #3293 --- system/helpers/path_helper.php | 39 +++++++++++++++++++++++++-------------- 1 file changed, 25 insertions(+), 14 deletions(-) (limited to 'system/helpers/path_helper.php') diff --git a/system/helpers/path_helper.php b/system/helpers/path_helper.php index 15e7968b9..06e72f2ec 100644 --- a/system/helpers/path_helper.php +++ b/system/helpers/path_helper.php @@ -4,24 +4,35 @@ * * An open source application development framework for PHP 5.2.4 or newer * - * NOTICE OF LICENSE + * This content is released under the MIT License (MIT) * - * Licensed under the Open Software License version 3.0 + * Copyright (c) 2014, British Columbia Institute of Technology * - * This source file is subject to the Open Software License (OSL 3.0) that is - * bundled with this package in the files license.txt / license.rst. It is - * also available through the world wide web at this URL: - * http://opensource.org/licenses/OSL-3.0 - * If you did not receive a copy of the license and are unable to obtain it - * through the world wide web, please send an email to - * licensing@ellislab.com so we can send you a copy immediately. + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: * - * @package CodeIgniter - * @author EllisLab Dev Team + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN + * THE SOFTWARE. + * + * @package CodeIgniter + * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) - * @link http://codeigniter.com - * @since Version 1.0 + * @copyright Copyright (c) 2014, British Columbia Institute of Technology (http://bcit.ca/) + * @license http://opensource.org/licenses/MIT MIT License + * @link http://codeigniter.com + * @since Version 1.0.0 * @filesource */ defined('BASEPATH') OR exit('No direct script access allowed'); -- cgit v1.2.3-24-g4f1b From fe9309d22c1b088f5363954d6dac013c8c955894 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 9 Jan 2015 17:48:58 +0200 Subject: Bulk (mostly documentation) update - Remove PHP version from license notices - Bump year number in copyright notices - Recommend PHP 5.4 or newer to be used - Tell Travis-CI to test on PHP 5.3.0 instead of the latest 5.3 version Related: #3450 --- system/helpers/path_helper.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'system/helpers/path_helper.php') diff --git a/system/helpers/path_helper.php b/system/helpers/path_helper.php index 06e72f2ec..ecf61d29e 100644 --- a/system/helpers/path_helper.php +++ b/system/helpers/path_helper.php @@ -2,11 +2,11 @@ /** * CodeIgniter * - * An open source application development framework for PHP 5.2.4 or newer + * An open source application development framework for PHP * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014, British Columbia Institute of Technology + * Copyright (c) 2014 - 2015, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link http://codeigniter.com * @since Version 1.0.0 -- cgit v1.2.3-24-g4f1b From 4cbe463b4c442e0e2dae2f43565e77f7ac5ecb86 Mon Sep 17 00:00:00 2001 From: vlakoff Date: Wed, 21 Jan 2015 22:56:22 +0100 Subject: Remove closing blocks at end of PHP files --- system/helpers/path_helper.php | 3 --- 1 file changed, 3 deletions(-) (limited to 'system/helpers/path_helper.php') diff --git a/system/helpers/path_helper.php b/system/helpers/path_helper.php index ecf61d29e..c23ec6435 100644 --- a/system/helpers/path_helper.php +++ b/system/helpers/path_helper.php @@ -80,6 +80,3 @@ if ( ! function_exists('set_realpath')) return is_dir($path) ? rtrim($path, DIRECTORY_SEPARATOR).DIRECTORY_SEPARATOR : $path; } } - -/* End of file path_helper.php */ -/* Location: ./system/helpers/path_helper.php */ \ No newline at end of file -- cgit v1.2.3-24-g4f1b From 08b9f20df1c108be5c1ab8b32c0fcbed31a079b3 Mon Sep 17 00:00:00 2001 From: medhavini Date: Mon, 20 Jul 2015 20:35:39 +0530 Subject: Security check fail Security check condition to check that the path is NOT a URL may give false negative in case of subdomains. Where URLs don't start with http or www. --- system/helpers/path_helper.php | 1 + 1 file changed, 1 insertion(+) (limited to 'system/helpers/path_helper.php') diff --git a/system/helpers/path_helper.php b/system/helpers/path_helper.php index c23ec6435..34eebc4b0 100644 --- a/system/helpers/path_helper.php +++ b/system/helpers/path_helper.php @@ -61,6 +61,7 @@ if ( ! function_exists('set_realpath')) function set_realpath($path, $check_existance = FALSE) { // Security check to make sure the path is NOT a URL. No remote file inclusion! + // PROBLEM HERE - this can be easily bypassed in case of subdomains if (preg_match('#^(http:\/\/|https:\/\/|www\.|ftp|[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})#i', $path)) { show_error('The path you submitted must be a local server path, not a URL'); -- cgit v1.2.3-24-g4f1b From 78e1b70e35b45455728e4126ed1b19d6332ad26b Mon Sep 17 00:00:00 2001 From: rajatsharma94 Date: Mon, 20 Jul 2015 22:49:56 +0530 Subject: Failed security check The implemented security check to make sure the path is NOT a URL can easily be bypassed (gives false negative) for all subdomains. Eg "subdomain.domain.com" should ideally show an error but it does not. The new security check tries to make a fsockopen connection to validate whether the URL is external or not. --- system/helpers/path_helper.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'system/helpers/path_helper.php') diff --git a/system/helpers/path_helper.php b/system/helpers/path_helper.php index 34eebc4b0..019e220f3 100644 --- a/system/helpers/path_helper.php +++ b/system/helpers/path_helper.php @@ -61,8 +61,7 @@ if ( ! function_exists('set_realpath')) function set_realpath($path, $check_existance = FALSE) { // Security check to make sure the path is NOT a URL. No remote file inclusion! - // PROBLEM HERE - this can be easily bypassed in case of subdomains - if (preg_match('#^(http:\/\/|https:\/\/|www\.|ftp|[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})#i', $path)) + if (preg_match('#^(http:\/\/|https:\/\/|www\.|ftp|[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})#i', $path) || ( function_exists('fsockopen') && @fsockopen($path, 80, $errno, $errstr, 30))) { show_error('The path you submitted must be a local server path, not a URL'); } -- cgit v1.2.3-24-g4f1b From 5545dcdc170eca21c3d2c91e10556698f9512643 Mon Sep 17 00:00:00 2001 From: medhavini Date: Thu, 23 Jul 2015 18:59:44 +0530 Subject: IP Address checking generates false positives. IP Address checking marks all IPs between 0.0.0.0 - 999.999.999.999 as valid IP Address. Which is not true. --- system/helpers/path_helper.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/helpers/path_helper.php') diff --git a/system/helpers/path_helper.php b/system/helpers/path_helper.php index 019e220f3..cf6be776f 100644 --- a/system/helpers/path_helper.php +++ b/system/helpers/path_helper.php @@ -61,7 +61,7 @@ if ( ! function_exists('set_realpath')) function set_realpath($path, $check_existance = FALSE) { // Security check to make sure the path is NOT a URL. No remote file inclusion! - if (preg_match('#^(http:\/\/|https:\/\/|www\.|ftp|[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})#i', $path) || ( function_exists('fsockopen') && @fsockopen($path, 80, $errno, $errstr, 30))) + if (preg_match('#^(http:\/\/|https:\/\/|www\.|ftp)#i', $path)) { show_error('The path you submitted must be a local server path, not a URL'); } -- cgit v1.2.3-24-g4f1b From d2f63a1803503a09b2d92d4aedd793636d470c7b Mon Sep 17 00:00:00 2001 From: rajatsharma94 Date: Thu, 23 Jul 2015 19:05:17 +0530 Subject: IP checking false positives and no ipv6 check The currently implemented method marks all IPs between 0.0.0.0 - 999.999.999.999 as valid IP Address. Which generates false positives as any IP after 255.255.255.255 is not a valid IP address. Also, there is no check for IPv6 IP addresses. filter_var() solves both the issues. --- system/helpers/path_helper.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/helpers/path_helper.php') diff --git a/system/helpers/path_helper.php b/system/helpers/path_helper.php index cf6be776f..dbe090058 100644 --- a/system/helpers/path_helper.php +++ b/system/helpers/path_helper.php @@ -61,7 +61,7 @@ if ( ! function_exists('set_realpath')) function set_realpath($path, $check_existance = FALSE) { // Security check to make sure the path is NOT a URL. No remote file inclusion! - if (preg_match('#^(http:\/\/|https:\/\/|www\.|ftp)#i', $path)) + if (preg_match('#^(http:\/\/|https:\/\/|www\.|ftp)#i', $path) || (!filter_var($ip, FILTER_VALIDATE_IP) === false)) { show_error('The path you submitted must be a local server path, not a URL'); } -- cgit v1.2.3-24-g4f1b From d41ec5c4e225aaa766a8b9e2856a180cf85cb343 Mon Sep 17 00:00:00 2001 From: rajatsharma94 Date: Thu, 23 Jul 2015 19:59:50 +0530 Subject: Update path_helper.php --- system/helpers/path_helper.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/helpers/path_helper.php') diff --git a/system/helpers/path_helper.php b/system/helpers/path_helper.php index dbe090058..b8640d2e4 100644 --- a/system/helpers/path_helper.php +++ b/system/helpers/path_helper.php @@ -61,7 +61,7 @@ if ( ! function_exists('set_realpath')) function set_realpath($path, $check_existance = FALSE) { // Security check to make sure the path is NOT a URL. No remote file inclusion! - if (preg_match('#^(http:\/\/|https:\/\/|www\.|ftp)#i', $path) || (!filter_var($ip, FILTER_VALIDATE_IP) === false)) + if (preg_match('#^(http:\/\/|https:\/\/|www\.|ftp)#i', $path) OR ( ! filter_var($path, FILTER_VALIDATE_IP) === false)) { show_error('The path you submitted must be a local server path, not a URL'); } -- cgit v1.2.3-24-g4f1b From 591166310919d1f46facf9e6b829d4dcf399bab6 Mon Sep 17 00:00:00 2001 From: rajatsharma94 Date: Thu, 23 Jul 2015 20:02:13 +0530 Subject: Security check updated. All security check conditions are modified according to CI styleguide. --- system/helpers/path_helper.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/helpers/path_helper.php') diff --git a/system/helpers/path_helper.php b/system/helpers/path_helper.php index b8640d2e4..3e5369195 100644 --- a/system/helpers/path_helper.php +++ b/system/helpers/path_helper.php @@ -61,7 +61,7 @@ if ( ! function_exists('set_realpath')) function set_realpath($path, $check_existance = FALSE) { // Security check to make sure the path is NOT a URL. No remote file inclusion! - if (preg_match('#^(http:\/\/|https:\/\/|www\.|ftp)#i', $path) OR ( ! filter_var($path, FILTER_VALIDATE_IP) === false)) + if (preg_match('#^(http:\/\/|https:\/\/|www\.|ftp)#i', $path) OR ( ! filter_var($path, FILTER_VALIDATE_IP) === FALSE)) { show_error('The path you submitted must be a local server path, not a URL'); } -- cgit v1.2.3-24-g4f1b From 08c1a111916a1740e7c33f11ed7097832e1b97df Mon Sep 17 00:00:00 2001 From: rajatsharma94 Date: Thu, 23 Jul 2015 20:31:05 +0530 Subject: Update path_helper.php --- system/helpers/path_helper.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/helpers/path_helper.php') diff --git a/system/helpers/path_helper.php b/system/helpers/path_helper.php index 3e5369195..c96d0b8b3 100644 --- a/system/helpers/path_helper.php +++ b/system/helpers/path_helper.php @@ -61,7 +61,7 @@ if ( ! function_exists('set_realpath')) function set_realpath($path, $check_existance = FALSE) { // Security check to make sure the path is NOT a URL. No remote file inclusion! - if (preg_match('#^(http:\/\/|https:\/\/|www\.|ftp)#i', $path) OR ( ! filter_var($path, FILTER_VALIDATE_IP) === FALSE)) + if (preg_match('#^(http:\/\/|https:\/\/|www\.|ftp)#i', $path) OR filter_var($path, FILTER_VALIDATE_IP) === $path ) { show_error('The path you submitted must be a local server path, not a URL'); } -- cgit v1.2.3-24-g4f1b From 125ef4751080a2118cb203357d77687699e3eb25 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 11 Jan 2016 12:33:00 +0200 Subject: [ci skip] Bump year to 2016 --- system/helpers/path_helper.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'system/helpers/path_helper.php') diff --git a/system/helpers/path_helper.php b/system/helpers/path_helper.php index c96d0b8b3..c9d119435 100644 --- a/system/helpers/path_helper.php +++ b/system/helpers/path_helper.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2016, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link http://codeigniter.com * @since Version 1.0.0 -- cgit v1.2.3-24-g4f1b From bd202c91b0e9cf0a8c93bcaa71df9574f5909346 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 11 Jan 2016 12:50:18 +0200 Subject: [ci skip] Update codeigniter.com links to https --- system/helpers/path_helper.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'system/helpers/path_helper.php') diff --git a/system/helpers/path_helper.php b/system/helpers/path_helper.php index c9d119435..7135b5d60 100644 --- a/system/helpers/path_helper.php +++ b/system/helpers/path_helper.php @@ -31,7 +31,7 @@ * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -44,7 +44,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Helpers * @category Helpers * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/helpers/path_helper.html + * @link https://codeigniter.com/user_guide/helpers/path_helper.html */ // ------------------------------------------------------------------------ -- cgit v1.2.3-24-g4f1b From 1924e879b165fb119847a49a7a5eab2f28295fa2 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 11 Jan 2016 12:55:34 +0200 Subject: [ci skip] Update ellislab.com links to https too --- system/helpers/path_helper.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/helpers/path_helper.php') diff --git a/system/helpers/path_helper.php b/system/helpers/path_helper.php index 7135b5d60..838ece9e9 100644 --- a/system/helpers/path_helper.php +++ b/system/helpers/path_helper.php @@ -28,7 +28,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com -- cgit v1.2.3-24-g4f1b From 0e49b7879f5c40074d77e6aefc4d924cb527abbf Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 26 Jul 2016 19:37:23 +0300 Subject: Merge pull request #4709 from nopesled/develop Filter php:// wrappers in set_realpath() helper --- system/helpers/path_helper.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/helpers/path_helper.php') diff --git a/system/helpers/path_helper.php b/system/helpers/path_helper.php index 838ece9e9..18e175093 100644 --- a/system/helpers/path_helper.php +++ b/system/helpers/path_helper.php @@ -61,7 +61,7 @@ if ( ! function_exists('set_realpath')) function set_realpath($path, $check_existance = FALSE) { // Security check to make sure the path is NOT a URL. No remote file inclusion! - if (preg_match('#^(http:\/\/|https:\/\/|www\.|ftp)#i', $path) OR filter_var($path, FILTER_VALIDATE_IP) === $path ) + if (preg_match('#^(http:\/\/|https:\/\/|www\.|ftp|php:\/\/)#i', $path) OR filter_var($path, FILTER_VALIDATE_IP) === $path ) { show_error('The path you submitted must be a local server path, not a URL'); } -- cgit v1.2.3-24-g4f1b From 287b795b0e423d356427405d04d0c4d3a6c3ab13 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 26 Jul 2016 19:42:41 +0300 Subject: [ci skip] Whitespace --- system/helpers/path_helper.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/helpers/path_helper.php') diff --git a/system/helpers/path_helper.php b/system/helpers/path_helper.php index 18e175093..6c846a211 100644 --- a/system/helpers/path_helper.php +++ b/system/helpers/path_helper.php @@ -61,7 +61,7 @@ if ( ! function_exists('set_realpath')) function set_realpath($path, $check_existance = FALSE) { // Security check to make sure the path is NOT a URL. No remote file inclusion! - if (preg_match('#^(http:\/\/|https:\/\/|www\.|ftp|php:\/\/)#i', $path) OR filter_var($path, FILTER_VALIDATE_IP) === $path ) + if (preg_match('#^(http:\/\/|https:\/\/|www\.|ftp|php:\/\/)#i', $path) OR filter_var($path, FILTER_VALIDATE_IP) === $path) { show_error('The path you submitted must be a local server path, not a URL'); } -- cgit v1.2.3-24-g4f1b From da60e9bc66ec90970fbd2dfd08b0a6e66b9f5f5f Mon Sep 17 00:00:00 2001 From: Master Yoda Date: Sat, 31 Dec 2016 08:46:18 -0800 Subject: Update copyright data to 2017 --- system/helpers/path_helper.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'system/helpers/path_helper.php') diff --git a/system/helpers/path_helper.php b/system/helpers/path_helper.php index 6c846a211..6896cb97b 100644 --- a/system/helpers/path_helper.php +++ b/system/helpers/path_helper.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2016, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) - * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com * @since Version 1.0.0 -- cgit v1.2.3-24-g4f1b