From 0b59bdd3cd647b44c83e746a5d3d3aa179325df4 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 29 Jan 2016 01:18:08 +0200 Subject: Fix a regression in Form helper caused by 0139e6a4a99cbe9b0cc06f394fa12d5691193b72 --- system/helpers/form_helper.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'system/helpers') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index 04778b084..3e1039525 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -791,7 +791,7 @@ if ( ! function_exists('set_checkbox')) // Unchecked checkbox and radio inputs are not even submitted by browsers ... if ($CI->input->method() === 'post') { - return ($input === 'value') ? ' checked="checked"' : ''; + return ($input === $value) ? ' checked="checked"' : ''; } return ($default === TRUE) ? ' checked="checked"' : ''; @@ -843,7 +843,7 @@ if ( ! function_exists('set_radio')) // Unchecked checkbox and radio inputs are not even submitted by browsers ... if ($CI->input->method() === 'post') { - return ($input === 'value') ? ' checked="checked"' : ''; + return ($input === $value) ? ' checked="checked"' : ''; } return ($default === TRUE) ? ' checked="checked"' : ''; -- cgit v1.2.3-24-g4f1b From 6af9dd6e24687b6a7b9d14a058a47edcac761e61 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 29 Jan 2016 13:29:57 +0200 Subject: Fix #4407 --- system/helpers/text_helper.php | 21 ++++++++++++++++++--- 1 file changed, 18 insertions(+), 3 deletions(-) (limited to 'system/helpers') diff --git a/system/helpers/text_helper.php b/system/helpers/text_helper.php index 1fdbedda5..79aaf1492 100644 --- a/system/helpers/text_helper.php +++ b/system/helpers/text_helper.php @@ -275,13 +275,28 @@ if ( ! function_exists('word_censor')) foreach ($censored as $badword) { + $badword = str_replace('\*', '\w*?', preg_quote($badword, '/')); if ($replacement !== '') { - $str = preg_replace("/({$delim})(".str_replace('\*', '\w*?', preg_quote($badword, '/')).")({$delim})/i", "\\1{$replacement}\\3", $str); + $str = preg_replace( + "/({$delim})(".$badword.")({$delim})/i", + "\\1{$replacement}\\3", + $str + ); } - else + elseif (preg_match_all("/{$delim}(".$badword."){$delim}/i", $str, $matches, PREG_PATTERN_ORDER | PREG_OFFSET_CAPTURE)) { - $str = preg_replace("/({$delim})(".str_replace('\*', '\w*?', preg_quote($badword, '/')).")({$delim})/ie", "'\\1'.str_repeat('#', strlen('\\2')).'\\3'", $str); + $matches = $matches[1]; + for ($i = count($matches); $i >= 0; $i--) + { + $length = strlen($matches[$i][0]); + $str = substr_replace( + $str, + str_repeat('#', $length), + $matches[$i][1], + $length + ); + } } } -- cgit v1.2.3-24-g4f1b From 9aab22e0a1aa876b98dcfa58781b0ffde71f97a1 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 29 Jan 2016 16:19:46 +0200 Subject: Fix an error from 6af9dd6e24687b6a7b9d14a058a47edcac761e61 Related: #4407 --- system/helpers/text_helper.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/helpers') diff --git a/system/helpers/text_helper.php b/system/helpers/text_helper.php index 79aaf1492..4f9210f2d 100644 --- a/system/helpers/text_helper.php +++ b/system/helpers/text_helper.php @@ -287,7 +287,7 @@ if ( ! function_exists('word_censor')) elseif (preg_match_all("/{$delim}(".$badword."){$delim}/i", $str, $matches, PREG_PATTERN_ORDER | PREG_OFFSET_CAPTURE)) { $matches = $matches[1]; - for ($i = count($matches); $i >= 0; $i--) + for ($i = count($matches) - 1; $i >= 0; $i--) { $length = strlen($matches[$i][0]); $str = substr_replace( -- cgit v1.2.3-24-g4f1b From ec9e96eb09caa9d024c89a8bdb1b00bf6540278a Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 4 Feb 2016 14:43:46 +0200 Subject: Fix #4427 --- system/helpers/captcha_helper.php | 45 ++++++++++++++++++++------------------- 1 file changed, 23 insertions(+), 22 deletions(-) (limited to 'system/helpers') diff --git a/system/helpers/captcha_helper.php b/system/helpers/captcha_helper.php index fd1b8f1ed..3c1e006f8 100644 --- a/system/helpers/captcha_helper.php +++ b/system/helpers/captcha_helper.php @@ -171,35 +171,36 @@ if ( ! function_exists('create_captcha')) $byte_index = $word_index = 0; while ($word_index < $word_length) { - list(, $rand_index) = unpack('C', $bytes[$byte_index++]); - if ($rand_index > $rand_max) + // Do we have more random data to use? + // It could be exhausted by previous iterations + // ignoring bytes higher than $rand_max. + if ($byte_index === $pool_length) { - // Was this the last byte we have? - // If so, try to fetch more. - if ($byte_index === $pool_length) + // No failures should be possible if the + // first get_random_bytes() call didn't + // return FALSE, but still ... + for ($i = 0; $i < 5; $i++) { - // No failures should be possible if - // the first get_random_bytes() call - // didn't return FALSE, but still ... - for ($i = 0; $i < 5; $i++) + if (($bytes = $security->get_random_bytes($pool_length)) === FALSE) { - if (($bytes = $security->get_random_bytes($pool_length)) === FALSE) - { - continue; - } - - $byte_index = 0; - break; + continue; } - if ($bytes === FALSE) - { - // Sadly, this means fallback to mt_rand() - $word = ''; - break; - } + $byte_index = 0; + break; + } + + if ($bytes === FALSE) + { + // Sadly, this means fallback to mt_rand() + $word = ''; + break; } + } + list(, $rand_index) = unpack('C', $bytes[$byte_index++]); + if ($rand_index > $rand_max) + { continue; } -- cgit v1.2.3-24-g4f1b From 9fee9e450372963e0869ed4fe034acebc74b7a81 Mon Sep 17 00:00:00 2001 From: Ivan Tcholakov Date: Sun, 7 Feb 2016 21:33:46 +0200 Subject: hunanize() helper: Escaping the $separator argument. --- system/helpers/inflector_helper.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/helpers') diff --git a/system/helpers/inflector_helper.php b/system/helpers/inflector_helper.php index 96b723c8d..c064d8de4 100644 --- a/system/helpers/inflector_helper.php +++ b/system/helpers/inflector_helper.php @@ -219,7 +219,7 @@ if ( ! function_exists('humanize')) */ function humanize($str, $separator = '_') { - return ucwords(preg_replace('/['.$separator.']+/', ' ', trim(MB_ENABLED ? mb_strtolower($str) : strtolower($str)))); + return ucwords(preg_replace('/['.preg_quote($separator).']+/', ' ', trim(MB_ENABLED ? mb_strtolower($str) : strtolower($str)))); } } -- cgit v1.2.3-24-g4f1b