From 60b97145a0cb1c3bba35ec68be7eae911b2b331c Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 25 Oct 2012 16:59:17 +0300 Subject: Form helpers to ignore empty name attributes (fix #1506) --- system/helpers/form_helper.php | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'system/helpers') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index 1bccac35c..3cce8688f 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -921,6 +921,10 @@ if ( ! function_exists('_parse_form_attributes')) { $val = form_prep($val, $default['name']); } + elseif ($key === 'name' && ! strlen($default['name'])) + { + continue; + } $att .= $key.'="'.$val.'" '; } -- cgit v1.2.3-24-g4f1b From 74ffd17ab06327ca62ddfe28a186cae7ba6bd459 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 27 Oct 2012 00:41:03 +0300 Subject: Deprecated form helper function form_prep(). This function has been broken for YEARS and it's value-caching logic has only introduced various problems. We have html_escape() since CI 2.1.0 which is a perfect replacement, so it should be used instead. Fixes #228 & #1630 --- system/helpers/form_helper.php | 51 +++++++++--------------------------------- 1 file changed, 11 insertions(+), 40 deletions(-) (limited to 'system/helpers') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index 3cce8688f..d81bb7c08 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -149,7 +149,7 @@ if ( ! function_exists('form_hidden')) if ( ! is_array($value)) { - $form .= '\n"; + $form .= '\n"; } else { @@ -263,7 +263,7 @@ if ( ! function_exists('form_textarea')) } $name = is_array($data) ? $data['name'] : $data; - return '\n"; + return '\n"; } } @@ -600,44 +600,15 @@ if ( ! function_exists('form_prep')) * * Formats text so that it can be safely placed in a form field in the event it has HTML tags. * - * @param string - * @param string + * @deprecated 3.0.0 This function has been broken for a long time + * and is now just an alias for html_escape(). It's + * second argument is ignored. + * @param string $str = '' + * @param string $field_name = '' * @return string */ function form_prep($str = '', $field_name = '') { - static $prepped_fields = array(); - - // if the field name is an array we do this recursively - if (is_array($str)) - { - foreach ($str as $key => $val) - { - $str[$key] = form_prep($val); - } - - return $str; - } - - if ($str === '') - { - return ''; - } - - // we've already prepped a field with this name - // @todo need to figure out a way to namespace this so - // that we know the *exact* field and not just one with - // the same name - if (isset($prepped_fields[$field_name])) - { - return $str; - } - - if ($field_name !== '') - { - $prepped_fields[$field_name] = $field_name; - } - return html_escape($str); } } @@ -663,13 +634,13 @@ if ( ! function_exists('set_value')) { if ( ! isset($_POST[$field])) { - return $default; + return html_escape($default); } - return form_prep($_POST[$field], $field); + return html_escape($_POST[$field]); } - return form_prep($OBJ->set_value($field, $default), $field); + return html_escape($OBJ->set_value($field, $default)); } } @@ -919,7 +890,7 @@ if ( ! function_exists('_parse_form_attributes')) { if ($key === 'value') { - $val = form_prep($val, $default['name']); + $val = html_escape($val); } elseif ($key === 'name' && ! strlen($default['name'])) { -- cgit v1.2.3-24-g4f1b From 582ebcb3b7eebd12605804577710cf73f0362001 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 27 Oct 2012 00:52:15 +0300 Subject: Fix #142 --- system/helpers/form_helper.php | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) (limited to 'system/helpers') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index d81bb7c08..a09cb36dd 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -298,10 +298,10 @@ if ( ! function_exists('form_dropdown')) /** * Drop-down Menu * - * @param string - * @param array - * @param string - * @param string + * @param mixed $name = '' + * @param mixed $options = array() + * @param mixed $selected = array() + * @param mixed $extra = array() * @return string */ function form_dropdown($name = '', $options = array(), $selected = array(), $extra = '') @@ -316,10 +316,7 @@ if ( ! function_exists('form_dropdown')) return form_dropdown($name['name'], $name['options'], $name['selected'], $name['extra']); } - if ( ! is_array($selected)) - { - $selected = array($selected); - } + is_array($selected) OR $selected = array($selected); // If no selected state was submitted we will attempt to set it automatically if (count($selected) === 0 && isset($_POST[$name])) @@ -352,14 +349,17 @@ if ( ! function_exists('form_dropdown')) foreach ($val as $optgroup_key => $optgroup_val) { $sel = in_array($optgroup_key, $selected) ? ' selected="selected"' : ''; - $form .= '\n"; + $form .= '\n"; } $form .= "\n"; } else { - $form .= '\n"; + $form .= '\n"; } } -- cgit v1.2.3-24-g4f1b From 29d909d5d1a14efc2e316650946bf43ddf03f1fd Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 27 Oct 2012 01:05:09 +0300 Subject: [ci skip] Update docblocks for deprecated functions --- system/helpers/date_helper.php | 17 +++++++---------- system/helpers/file_helper.php | 10 ++++------ system/helpers/form_helper.php | 1 + system/helpers/security_helper.php | 10 ++++------ 4 files changed, 16 insertions(+), 22 deletions(-) (limited to 'system/helpers') diff --git a/system/helpers/date_helper.php b/system/helpers/date_helper.php index 51b2b76db..5d9251526 100644 --- a/system/helpers/date_helper.php +++ b/system/helpers/date_helper.php @@ -119,19 +119,16 @@ if ( ! function_exists('standard_date')) * * As of PHP 5.2, the DateTime extension provides constants that * serve for the exact same purpose and are used with date(). - * Due to that, this function is DEPRECATED and should be removed - * in CodeIgniter 3.1+. * - * Here are two examples of how you should replace it: + * @todo Remove in version 3.1+. + * @deprecated 3.0.0 Use PHP's native date() instead. + * @link http://www.php.net/manual/en/class.datetime.php#datetime.constants.types * - * date(DATE_RFC822, now()); // default - * date(DATE_W3C, $time); // a different format and time + * @example date(DATE_RFC822, now()); // default + * @example date(DATE_W3C, $time); // a different format and time * - * Reference: http://www.php.net/manual/en/class.datetime.php#datetime.constants.types - * - * @deprecated - * @param string the chosen format - * @param int Unix timestamp + * @param string $fmt = 'DATE_RFC822' the chosen format + * @param int $time = NULL Unix timestamp * @return string */ function standard_date($fmt = 'DATE_RFC822', $time = NULL) diff --git a/system/helpers/file_helper.php b/system/helpers/file_helper.php index 441345b05..8f23a3d54 100644 --- a/system/helpers/file_helper.php +++ b/system/helpers/file_helper.php @@ -44,12 +44,10 @@ if ( ! function_exists('read_file')) * * Opens the file specfied in the path and returns it as a string. * - * This function is DEPRECATED and should be removed in - * CodeIgniter 3.1+. Use file_get_contents() instead. - * - * @deprecated - * @param string path to file - * @return string + * @todo Remove in version 3.1+. + * @deprecated 3.0.0 It is now just an alias for PHP's native file_get_contents(). + * @param string $file Path to file + * @return string File contents */ function read_file($file) { diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index a09cb36dd..622622c0e 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -600,6 +600,7 @@ if ( ! function_exists('form_prep')) * * Formats text so that it can be safely placed in a form field in the event it has HTML tags. * + * @todo Remove in version 3.1+. * @deprecated 3.0.0 This function has been broken for a long time * and is now just an alias for html_escape(). It's * second argument is ignored. diff --git a/system/helpers/security_helper.php b/system/helpers/security_helper.php index 5ecc960bc..8bbd06684 100644 --- a/system/helpers/security_helper.php +++ b/system/helpers/security_helper.php @@ -77,12 +77,10 @@ if ( ! function_exists('do_hash')) /** * Hash encode a string * - * This function is DEPRECATED and should be removed in - * CodeIgniter 3.1+. Use hash() instead. - * - * @deprecated - * @param string - * @param string + * @todo Remove in version 3.1+. + * @deprecated 3.0.0 Use PHP's native hash() instead. + * @param string $str + * @param string $type = 'sha1' * @return string */ function do_hash($str, $type = 'sha1') -- cgit v1.2.3-24-g4f1b From 7d753464d13f3a3326a1679226127570cc0c498f Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 27 Oct 2012 03:37:40 +0300 Subject: [ci skip] Optimize ascii_to_entities() --- system/helpers/text_helper.php | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) (limited to 'system/helpers') diff --git a/system/helpers/text_helper.php b/system/helpers/text_helper.php index 016a36c57..89602fc28 100644 --- a/system/helpers/text_helper.php +++ b/system/helpers/text_helper.php @@ -118,18 +118,15 @@ if ( ! function_exists('ascii_to_entities')) /** * High ASCII to Entities * - * Converts High ascii text and MS Word special characters to character entities + * Converts high ASCII text and MS Word special characters to character entities * - * @param string + * @param string $str * @return string */ function ascii_to_entities($str) { - $count = 1; - $out = ''; - $temp = array(); - - for ($i = 0, $s = strlen($str); $i < $s; $i++) + $out = ''; + for ($i = 0, $s = strlen($str), $count = 1, $temp = array(); $i < $s; $i++) { $ordinal = ord($str[$i]); -- cgit v1.2.3-24-g4f1b From 60826db46d3f9ceabcc280c494a975007423e64a Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 27 Oct 2012 14:45:23 +0300 Subject: Deprecate string helper repeater() (an alias for str_repeat()) --- system/helpers/string_helper.php | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) (limited to 'system/helpers') diff --git a/system/helpers/string_helper.php b/system/helpers/string_helper.php index 4eee2a262..c5c493452 100644 --- a/system/helpers/string_helper.php +++ b/system/helpers/string_helper.php @@ -276,8 +276,11 @@ if ( ! function_exists('repeater')) /** * Repeater function * - * @param string - * @param int number of repeats + * @todo Remove in version 3.1+. + * @deprecated 3.0.0 This is just an alias for PHP's native str_repeat() + * + * @param string $data String to repeat + * @param int $num Number of repeats * @return string */ function repeater($data, $num = 1) -- cgit v1.2.3-24-g4f1b