From 07e50b9b235f3c53bce580d8cc9a59e4e14df274 Mon Sep 17 00:00:00 2001 From: Phil Sturgeon Date: Tue, 15 Mar 2011 14:03:53 +0000 Subject: Fixed upload issue reported by Valhallen and fixed by bubbafoley. --- system/libraries/Upload.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries') diff --git a/system/libraries/Upload.php b/system/libraries/Upload.php index e15ea1b5d..2012fb302 100644 --- a/system/libraries/Upload.php +++ b/system/libraries/Upload.php @@ -951,7 +951,7 @@ class CI_Upload { if (count($this->mimes) == 0) { - if (@require_once(APPPATH.'config/mimes'.EXT)) + if (@require(APPPATH.'config/mimes'.EXT)) { $this->mimes = $mimes; unset($mimes); -- cgit v1.2.3-24-g4f1b From 0ea04149bbae0fdcde92b7362e7cbd76f0df3865 Mon Sep 17 00:00:00 2001 From: bubbafoley Date: Thu, 17 Mar 2011 14:55:41 -0500 Subject: load config files from environment specific locations in core classes, helpers and libraries --- system/libraries/Upload.php | 11 ++++++++++- system/libraries/User_agent.php | 11 ++++++++++- 2 files changed, 20 insertions(+), 2 deletions(-) (limited to 'system/libraries') diff --git a/system/libraries/Upload.php b/system/libraries/Upload.php index 2012fb302..24189f4b4 100644 --- a/system/libraries/Upload.php +++ b/system/libraries/Upload.php @@ -951,7 +951,16 @@ class CI_Upload { if (count($this->mimes) == 0) { - if (@require(APPPATH.'config/mimes'.EXT)) + if (file_exists(APPPATH.'config/'.ENVIRONMENT.'/mimes'.EXT)) + { + $_mimes_path = APPPATH.'config/'.ENVIRONMENT.'/mimes'.EXT; + } + else + { + $_mimes_path = APPPATH.'config/mimes'.EXT; + } + + if (@require($_mimes_path)) { $this->mimes = $mimes; unset($mimes); diff --git a/system/libraries/User_agent.php b/system/libraries/User_agent.php index 3774fc283..2690e174d 100644 --- a/system/libraries/User_agent.php +++ b/system/libraries/User_agent.php @@ -84,7 +84,16 @@ class CI_User_agent { */ private function _load_agent_file() { - if ( ! @include(APPPATH.'config/user_agents'.EXT)) + if (file_exists(APPPATH.'config/'.ENVIRONMENT.'/user_agents'.EXT)) + { + $_ua_path = APPPATH.'config/'.ENVIRONMENT.'/user_agents'.EXT; + } + else + { + $_ua_path = APPPATH.'config/user_agents'.EXT; + } + + if ( ! @include($_ua_path)) { return FALSE; } -- cgit v1.2.3-24-g4f1b From 928083406322821a35a7d8a4205620c3854772a6 Mon Sep 17 00:00:00 2001 From: Eric Barnes Date: Fri, 18 Mar 2011 09:02:37 -0400 Subject: Fixed coding to match standards from previous releases --- system/libraries/Upload.php | 6 +++--- system/libraries/User_agent.php | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) (limited to 'system/libraries') diff --git a/system/libraries/Upload.php b/system/libraries/Upload.php index 24189f4b4..e8e47a194 100644 --- a/system/libraries/Upload.php +++ b/system/libraries/Upload.php @@ -142,7 +142,7 @@ class CI_Upload { */ public function do_upload($field = 'userfile') { - + // Is $_FILES[$field] set? If not, no reason to continue. if ( ! isset($_FILES[$field])) { @@ -953,13 +953,13 @@ class CI_Upload { { if (file_exists(APPPATH.'config/'.ENVIRONMENT.'/mimes'.EXT)) { - $_mimes_path = APPPATH.'config/'.ENVIRONMENT.'/mimes'.EXT; + $_mimes_path = APPPATH.'config/'.ENVIRONMENT.'/mimes'.EXT; } else { $_mimes_path = APPPATH.'config/mimes'.EXT; } - + if (@require($_mimes_path)) { $this->mimes = $mimes; diff --git a/system/libraries/User_agent.php b/system/libraries/User_agent.php index 2690e174d..38cdb40f1 100644 --- a/system/libraries/User_agent.php +++ b/system/libraries/User_agent.php @@ -92,7 +92,7 @@ class CI_User_agent { { $_ua_path = APPPATH.'config/user_agents'.EXT; } - + if ( ! @include($_ua_path)) { return FALSE; -- cgit v1.2.3-24-g4f1b From fdd5b11b62f127901ddff2e5dc7923b063371070 Mon Sep 17 00:00:00 2001 From: Eric Barnes Date: Mon, 21 Mar 2011 21:28:58 -0400 Subject: Fixed logic and removed the error supressing --- system/libraries/Upload.php | 17 +++++++++-------- system/libraries/User_agent.php | 11 +++++------ 2 files changed, 14 insertions(+), 14 deletions(-) (limited to 'system/libraries') diff --git a/system/libraries/Upload.php b/system/libraries/Upload.php index e8e47a194..5816a5558 100644 --- a/system/libraries/Upload.php +++ b/system/libraries/Upload.php @@ -951,20 +951,21 @@ class CI_Upload { if (count($this->mimes) == 0) { - if (file_exists(APPPATH.'config/'.ENVIRONMENT.'/mimes'.EXT)) + if (is_file(APPPATH.'config/'.ENVIRONMENT.'/mimes'.EXT)) { - $_mimes_path = APPPATH.'config/'.ENVIRONMENT.'/mimes'.EXT; + include(APPPATH.'config/'.ENVIRONMENT.'/mimes'.EXT); } - else + elseif (is_file(APPPATH.'config/mimes'.EXT)) { - $_mimes_path = APPPATH.'config/mimes'.EXT; + include(APPPATH.'config//mimes'.EXT); } - - if (@require($_mimes_path)) + else { - $this->mimes = $mimes; - unset($mimes); + return FALSE; } + + $this->mimes = $mimes; + unset($mimes); } return ( ! isset($this->mimes[$mime])) ? FALSE : $this->mimes[$mime]; diff --git a/system/libraries/User_agent.php b/system/libraries/User_agent.php index 38cdb40f1..11af21491 100644 --- a/system/libraries/User_agent.php +++ b/system/libraries/User_agent.php @@ -84,16 +84,15 @@ class CI_User_agent { */ private function _load_agent_file() { - if (file_exists(APPPATH.'config/'.ENVIRONMENT.'/user_agents'.EXT)) + if (is_file(APPPATH.'config/'.ENVIRONMENT.'/user_agents'.EXT)) { - $_ua_path = APPPATH.'config/'.ENVIRONMENT.'/user_agents'.EXT; + include(APPPATH.'config/'.ENVIRONMENT.'/user_agents'.EXT); } - else + elseif (is_file(APPPATH.'config/user_agents'.EXT)) { - $_ua_path = APPPATH.'config/user_agents'.EXT; + include(APPPATH.'config/user_agents'.EXT); } - - if ( ! @include($_ua_path)) + else { return FALSE; } -- cgit v1.2.3-24-g4f1b From eb2dcda02cd338f3230161b03ac4a55956b31bf9 Mon Sep 17 00:00:00 2001 From: Phil Sturgeon Date: Sat, 2 Apr 2011 14:44:58 +0100 Subject: Added CI_ Prefix to the Cache driver. --- system/libraries/Cache/Cache.php | 6 +++--- system/libraries/Cache/drivers/Cache_apc.php | 2 +- system/libraries/Cache/drivers/Cache_dummy.php | 2 +- system/libraries/Cache/drivers/Cache_file.php | 2 +- system/libraries/Cache/drivers/Cache_memcached.php | 2 +- system/libraries/Driver.php | 24 +++++++++++----------- 6 files changed, 19 insertions(+), 19 deletions(-) (limited to 'system/libraries') diff --git a/system/libraries/Cache/Cache.php b/system/libraries/Cache/Cache.php index d3f6105ea..61e7aa761 100644 --- a/system/libraries/Cache/Cache.php +++ b/system/libraries/Cache/Cache.php @@ -24,11 +24,11 @@ * @author ExpressionEngine Dev Team * @link */ -class Cache extends CI_Driver_Library { +class CI_Cache extends CI_Driver_Library { protected $valid_drivers = array( - 'cache_apc', 'cache_file', 'cache_memcached', 'cache_dummy' - ); + 'cache_apc', 'cache_file', 'cache_memcached', 'cache_dummy' + ); protected $_cache_path = NULL; // Path of cache files (if file-based cache) protected $_adapter = 'dummy'; diff --git a/system/libraries/Cache/drivers/Cache_apc.php b/system/libraries/Cache/drivers/Cache_apc.php index 4b995c793..de75719c4 100644 --- a/system/libraries/Cache/drivers/Cache_apc.php +++ b/system/libraries/Cache/drivers/Cache_apc.php @@ -25,7 +25,7 @@ * @link */ -class Cache_apc extends CI_Driver { +class CI_Cache_apc extends CI_Driver { /** * Get diff --git a/system/libraries/Cache/drivers/Cache_dummy.php b/system/libraries/Cache/drivers/Cache_dummy.php index 74f689241..de47acb43 100644 --- a/system/libraries/Cache/drivers/Cache_dummy.php +++ b/system/libraries/Cache/drivers/Cache_dummy.php @@ -25,7 +25,7 @@ * @link */ -class Cache_dummy extends CI_Driver { +class CI_Cache_dummy extends CI_Driver { /** * Get diff --git a/system/libraries/Cache/drivers/Cache_file.php b/system/libraries/Cache/drivers/Cache_file.php index 86d1a3b6a..13e2d1af6 100644 --- a/system/libraries/Cache/drivers/Cache_file.php +++ b/system/libraries/Cache/drivers/Cache_file.php @@ -25,7 +25,7 @@ * @link */ -class Cache_file extends CI_Driver { +class CI_Cache_file extends CI_Driver { protected $_cache_path; diff --git a/system/libraries/Cache/drivers/Cache_memcached.php b/system/libraries/Cache/drivers/Cache_memcached.php index 5f5a31591..ec2fd216a 100644 --- a/system/libraries/Cache/drivers/Cache_memcached.php +++ b/system/libraries/Cache/drivers/Cache_memcached.php @@ -25,7 +25,7 @@ * @link */ -class Cache_memcached extends CI_Driver { +class CI_Cache_memcached extends CI_Driver { private $_memcached; // Holds the memcached object diff --git a/system/libraries/Driver.php b/system/libraries/Driver.php index 02e093d7e..d1838f2c1 100644 --- a/system/libraries/Driver.php +++ b/system/libraries/Driver.php @@ -44,7 +44,11 @@ class CI_Driver_Library { // The class will be prefixed with the parent lib $child_class = $this->lib_name.'_'.$child; - if (in_array(strtolower($child_class), array_map('strtolower', $this->valid_drivers))) + // Remove the CI_ prefix and lowercase + $lib_name = strtolower(preg_replace('/^CI_/', '', $this->lib_name)); + $driver_name = strtolower(preg_replace('/^CI_/', '', $child_class)); + + if (in_array($driver_name, array_map('strtolower', $this->valid_drivers))) { // check and see if the driver is in a separate file if ( ! class_exists($child_class)) @@ -52,19 +56,15 @@ class CI_Driver_Library { // check application path first foreach (array(APPPATH, BASEPATH) as $path) { - // and check for case sensitivity of both the parent and child libs - foreach (array(ucfirst($this->lib_name), strtolower($this->lib_name)) as $lib) + // loves me some nesting! + foreach (array(ucfirst($driver_name), $driver_name) as $class) { - // loves me some nesting! - foreach (array(ucfirst($child_class), strtolower($child_class)) as $class) - { - $filepath = $path.'libraries/'.$this->lib_name.'/drivers/'.$child_class.EXT; + $filepath = $path.'libraries/'.$lib_name.'/drivers/'.$class.EXT; - if (file_exists($filepath)) - { - include_once $filepath; - break; - } + if (file_exists($filepath)) + { + include_once $filepath; + break; } } } -- cgit v1.2.3-24-g4f1b From c9c045a7feee07563c8d14bac3381f7af0e17280 Mon Sep 17 00:00:00 2001 From: Pascal Kriete Date: Tue, 5 Apr 2011 14:50:41 -0400 Subject: Improving parameter security in xss clean --- system/libraries/Security.php | 620 ++++++++++++++++++++++++------------------ 1 file changed, 351 insertions(+), 269 deletions(-) (limited to 'system/libraries') diff --git a/system/libraries/Security.php b/system/libraries/Security.php index 58db4e79c..ceef9779c 100644 --- a/system/libraries/Security.php +++ b/system/libraries/Security.php @@ -22,44 +22,44 @@ * @subpackage Libraries * @category Security * @author ExpressionEngine Dev Team - * @link http://codeigniter.com/user_guide/libraries/sessions.html + * @link http://codeigniter.com/user_guide/libraries/security.html */ class CI_Security { - - public $xss_hash = ''; - public $csrf_hash = ''; - public $csrf_expire = 7200; // Two hours (in seconds) - public $csrf_token_name = 'ci_csrf_token'; - public $csrf_cookie_name = 'ci_csrf_token'; + + protected $_xss_hash = ''; + protected $_csrf_hash = ''; + protected $_csrf_expire = 7200; // Two hours (in seconds) + protected $_csrf_token_name = 'ci_csrf_token'; + protected $_csrf_cookie_name = 'ci_csrf_token'; /* never allowed, string replacement */ - public $never_allowed_str = array( - 'document.cookie' => '[removed]', - 'document.write' => '[removed]', - '.parentNode' => '[removed]', - '.innerHTML' => '[removed]', - 'window.location' => '[removed]', - '-moz-binding' => '[removed]', - '' => '-->', - ' '<![CDATA[' - ); - /* never allowed, regex replacement */ - public $never_allowed_regex = array( - "javascript\s*:" => '[removed]', - "expression\s*(\(|&\#40;)" => '[removed]', // CSS and IE - "vbscript\s*:" => '[removed]', // IE, surprise! - "Redirect\s+302" => '[removed]' - ); + protected $_never_allowed_str = array( + 'document.cookie' => '[removed]', + 'document.write' => '[removed]', + '.parentNode' => '[removed]', + '.innerHTML' => '[removed]', + 'window.location' => '[removed]', + '-moz-binding' => '[removed]', + '' => '-->', + ' '<![CDATA[' + ); + /* never allowed, regex replacement */ + protected $_never_allowed_regex = array( + "javascript\s*:" => '[removed]', + "expression\s*(\(|&\#40;)" => '[removed]', // CSS and IE + "vbscript\s*:" => '[removed]', // IE, surprise! + "Redirect\s+302" => '[removed]' + ); + + /** + * Constructor + */ public function __construct() { - $this->csrf_token_name = (config_item('csrf_token_name')) ? config_item('csrf_token_name') : 'csrf_token_name'; - $this->csrf_cookie_name = (config_item('csrf_cookie_name')) ? config_item('csrf_cookie_name') : 'csrf_cookie_name'; - $this->csrf_expire = (config_item('csrf_expire')) ? config_item('csrf_expire') : 7200; - // Append application specific cookie prefix to token name - $this->csrf_cookie_name = (config_item('cookie_prefix')) ? config_item('cookie_prefix').$this->csrf_token_name : $this->csrf_token_name; + $this->_csrf_cookie_name = (config_item('cookie_prefix')) ? config_item('cookie_prefix').$this->_csrf_token_name : $this->_csrf_token_name; // Set the CSRF hash $this->_csrf_set_hash(); @@ -72,8 +72,7 @@ class CI_Security { /** * Verify Cross Site Request Forgery Protection * - * @access public - * @return null + * @return object */ public function csrf_verify() { @@ -84,26 +83,30 @@ class CI_Security { } // Do the tokens exist in both the _POST and _COOKIE arrays? - if ( ! isset($_POST[$this->csrf_token_name]) OR ! isset($_COOKIE[$this->csrf_cookie_name])) + if ( ! isset($_POST[$this->_csrf_token_name]) OR + ! isset($_COOKIE[$this->_csrf_cookie_name])) { $this->csrf_show_error(); } // Do the tokens match? - if ($_POST[$this->csrf_token_name] != $_COOKIE[$this->csrf_cookie_name]) + if ($_POST[$this->_csrf_token_name] != $_COOKIE[$this->_csrf_cookie_name]) { $this->csrf_show_error(); } - // We kill this since we're done and we don't want to polute the _POST array - unset($_POST[$this->csrf_token_name]); + // We kill this since we're done and we don't want to + // polute the _POST array + unset($_POST[$this->_csrf_token_name]); // Nothing should last forever - unset($_COOKIE[$this->csrf_cookie_name]); + unset($_COOKIE[$this->_csrf_cookie_name]); $this->_csrf_set_hash(); $this->csrf_set_cookie(); log_message('debug', "CSRF token verified "); + + return $this; } // -------------------------------------------------------------------- @@ -111,57 +114,68 @@ class CI_Security { /** * Set Cross Site Request Forgery Protection Cookie * - * @access public - * @return null + * @return object */ public function csrf_set_cookie() { - $expire = time() + $this->csrf_expire; + $expire = time() + $this->_csrf_expire; $secure_cookie = (config_item('cookie_secure') === TRUE) ? 1 : 0; - setcookie($this->csrf_cookie_name, $this->csrf_hash, $expire, config_item('cookie_path'), config_item('cookie_domain'), $secure_cookie); + if ($secure_cookie) + { + $req = isset($_SERVER['HTTPS']) ? $_SERVER['HTTPS'] : FALSE; + + if ( ! $req OR $req == 'off') + { + return FALSE; + } + } + + setcookie($this->_csrf_cookie_name, $this->_csrf_hash, $expire, config_item('cookie_path'), config_item('cookie_domain'), $secure_cookie); log_message('debug', "CRSF cookie Set"); + + return $this; } // -------------------------------------------------------------------- /** - * Set Cross Site Request Forgery Protection Cookie + * Show CSRF Error * - * @access private - * @return null + * @return void */ - private function _csrf_set_hash() + public function csrf_show_error() { - if ($this->csrf_hash == '') - { - // If the cookie exists we will use it's value. We don't necessarily want to regenerate it with - // each page load since a page could contain embedded sub-pages causing this feature to fail - if (isset($_COOKIE[$this->csrf_cookie_name]) AND $_COOKIE[$this->csrf_cookie_name] != '') - { - $this->csrf_hash = $_COOKIE[$this->csrf_cookie_name]; - } - else - { - $this->csrf_hash = md5(uniqid(rand(), TRUE)); - } - } + show_error('The action you have requested is not allowed.'); + } - return $this->csrf_hash; + // -------------------------------------------------------------------- + + /** + * Get CSRF Hash + * + * Getter Method + * + * @return string self::_csrf_hash + */ + public function get_csrf_hash() + { + return $this->_csrf_hash; } // -------------------------------------------------------------------- /** - * Show CSRF Error + * Get CSRF Token Name * - * @access public - * @return null + * Getter Method + * + * @return string self::csrf_token_name */ - public function csrf_show_error() + public function get_csrf_token_name() { - show_error('The action you have requested is not allowed.'); + return $this->_csrf_token_name; } // -------------------------------------------------------------------- @@ -188,7 +202,6 @@ class CI_Security { * harvested from examining vulnerabilities in other programs: * http://ha.ckers.org/xss.html * - * @access public * @param mixed string or array * @return string */ @@ -213,35 +226,8 @@ class CI_Security { */ $str = remove_invisible_characters($str); - /* - * Protect GET variables in URLs - */ - - // 901119URL5918AMP18930PROTECT8198 - - $str = preg_replace('|\&([a-z\_0-9\-]+)\=([a-z\_0-9\-]+)|i', $this->xss_hash()."\\1=\\2", $str); - - /* - * Validate standard character entities - * - * Add a semicolon if missing. We do this to enable - * the conversion of entities to ASCII later. - * - */ - $str = preg_replace('#(&\#?[0-9a-z]{2,})([\x00-\x20])*;?#i', "\\1;\\2", $str); - - /* - * Validate UTF16 two byte encoding (x00) - * - * Just as above, adds a semicolon if missing. - * - */ - $str = preg_replace('#(&\#x?)([0-9A-F]+);?#i',"\\1\\2;",$str); - - /* - * Un-Protect GET variables in URLs - */ - $str = str_replace($this->xss_hash(), '&', $str); + // Validate Entities in URLs + $str = $this->_validate_entities($str); /* * URL Decode @@ -265,7 +251,7 @@ class CI_Security { */ $str = preg_replace_callback("/[a-z]+=([\'\"]).*?\\1/si", array($this, '_convert_attribute'), $str); - + $str = preg_replace_callback("/<\w+.*?(?=>|<|$)/si", array($this, '_decode_entity'), $str); /* @@ -278,9 +264,8 @@ class CI_Security { * * This prevents strings like this: ja vascript * NOTE: we deal with spaces between characters later. - * NOTE: preg_replace was found to be amazingly slow here on large blocks of data, - * so we use str_replace. - * + * NOTE: preg_replace was found to be amazingly slow here on + * large blocks of data, so we use str_replace. */ if (strpos($str, "\t") !== FALSE) @@ -293,34 +278,23 @@ class CI_Security { */ $converted_string = $str; - /* - * Not Allowed Under Any Conditions - */ - - foreach ($this->never_allowed_str as $key => $val) - { - $str = str_replace($key, $val, $str); - } - - foreach ($this->never_allowed_regex as $key => $val) - { - $str = preg_replace("#".$key."#i", $val, $str); - } + // Remove Strings that are never allowed + $str = $this->_do_never_allowed($str); /* * Makes PHP tags safe * - * Note: XML tags are inadvertently replaced too: + * Note: XML tags are inadvertently replaced too: * - * #si", '[removed]', $str); } } - while ($original != $str); + while($original != $str); unset($original); - /* - * Remove JavaScript Event Handlers - * - * Note: This code is a little blunt. It removes - * the event handler and anything up to the closing >, - * but it's unlikely to be a problem. - * - */ - $event_handlers = array('[^a-z_\-]on\w*','xmlns'); - - if ($is_image === TRUE) - { - /* - * Adobe Photoshop puts XML metadata into JFIF images, including namespacing, - * so we have to allow this for images. -Paul - */ - unset($event_handlers[array_search('xmlns', $event_handlers)]); - } - - $str = preg_replace("#<([^><]+?)(".implode('|', $event_handlers).")(\s*=\s*[^><]*)([><]*)#i", "<\\1\\4", $str); + // Remove evil attributes such as style, onclick and xmlns + $str = $this->_remove_evil_attributes($str, $is_image); /* * Sanitize naughty HTML elements @@ -407,7 +367,6 @@ class CI_Security { * * So this: * Becomes: <blink> - * */ $naughty = 'alert|applet|audio|basefont|base|behavior|bgsound|blink|body|embed|expression|form|frameset|frame|head|html|ilayer|iframe|input|isindex|layer|link|meta|object|plaintext|style|script|textarea|title|video|xml|xss'; $str = preg_replace_callback('#<(/*\s*)('.$naughty.')([^><]*)([><]*)#is', array($this, '_sanitize_naughty_html'), $str); @@ -423,45 +382,28 @@ class CI_Security { * * For example: eval('some code') * Becomes: eval('some code') - * */ $str = preg_replace('#(alert|cmd|passthru|eval|exec|expression|system|fopen|fsockopen|file|file_get_contents|readfile|unlink)(\s*)\((.*?)\)#si', "\\1\\2(\\3)", $str); - /* - * Final clean up - * - * This adds a bit of extra precaution in case - * something got through the above filters - * - */ - foreach ($this->never_allowed_str as $key => $val) - { - $str = str_replace($key, $val, $str); - } - foreach ($this->never_allowed_regex as $key => $val) - { - $str = preg_replace("#".$key."#i", $val, $str); - } + // Final clean up + // This adds a bit of extra precaution in case + // something got through the above filters + $str = $this->_do_never_allowed($str); /* - * Images are Handled in a Special Way - * - Essentially, we want to know that after all of the character conversion is done whether - * any unwanted, likely XSS, code was found. If not, we return TRUE, as the image is clean. - * However, if the string post-conversion does not matched the string post-removal of XSS, - * then it fails, as there was unwanted XSS code found and removed/changed during processing. + * Images are Handled in a Special Way + * - Essentially, we want to know that after all of the character + * conversion is done whether any unwanted, likely XSS, code was found. + * If not, we return TRUE, as the image is clean. + * However, if the string post-conversion does not matched the + * string post-removal of XSS, then it fails, as there was unwanted XSS + * code found and removed/changed during processing. */ if ($is_image === TRUE) { - if ($str == $converted_string) - { - return TRUE; - } - else - { - return FALSE; - } + return ($str == $converted_string) ? TRUE: FALSE; } log_message('debug', "XSS Filtering completed"); @@ -473,41 +415,190 @@ class CI_Security { /** * Random Hash for protecting URLs * - * @access public * @return string */ public function xss_hash() { - if ($this->xss_hash == '') + if ($this->_xss_hash == '') { if (phpversion() >= 4.2) + { mt_srand(); + } else + { mt_srand(hexdec(substr(md5(microtime()), -8)) & 0x7fffffff); + } - $this->xss_hash = md5(time() + mt_rand(0, 1999999999)); + $this->_xss_hash = md5(time() + mt_rand(0, 1999999999)); } - return $this->xss_hash; + return $this->_xss_hash; } // -------------------------------------------------------------------- + /** + * HTML Entities Decode + * + * This function is a replacement for html_entity_decode() + * + * In some versions of PHP the native function does not work + * when UTF-8 is the specified character set, so this gives us + * a work-around. More info here: + * http://bugs.php.net/bug.php?id=25670 + * + * NOTE: html_entity_decode() has a bug in some PHP versions when UTF-8 is the + * character set, and the PHP developers said they were not back porting the + * fix to versions other than PHP 5.x. + * + * @param string + * @param string + * @return string + */ + public function entity_decode($str, $charset='UTF-8') + { + if (stristr($str, '&') === FALSE) return $str; + + // The reason we are not using html_entity_decode() by itself is because + // while it is not technically correct to leave out the semicolon + // at the end of an entity most browsers will still interpret the entity + // correctly. html_entity_decode() does not convert entities without + // semicolons, so we are left with our own little solution here. Bummer. + + if (function_exists('html_entity_decode') && + (strtolower($charset) != 'utf-8')) + { + $str = html_entity_decode($str, ENT_COMPAT, $charset); + $str = preg_replace('~&#x(0*[0-9a-f]{2,5})~ei', 'chr(hexdec("\\1"))', $str); + return preg_replace('~&#([0-9]{2,4})~e', 'chr(\\1)', $str); + } + + // Numeric Entities + $str = preg_replace('~&#x(0*[0-9a-f]{2,5});{0,1}~ei', 'chr(hexdec("\\1"))', $str); + $str = preg_replace('~&#([0-9]{2,4});{0,1}~e', 'chr(\\1)', $str); + + // Literal Entities - Slightly slow so we do another check + if (stristr($str, '&') === FALSE) + { + $str = strtr($str, array_flip(get_html_translation_table(HTML_ENTITIES))); + } + + return $str; + } + + // -------------------------------------------------------------------- + + /** + * Filename Security + * + * @param string + * @return string + */ + public function sanitize_filename($str, $relative_path = FALSE) + { + $bad = array( + "../", + "", + "<", + ">", + "'", + '"', + '&', + '$', + '#', + '{', + '}', + '[', + ']', + '=', + ';', + '?', + "%20", + "%22", + "%3c", // < + "%253c", // < + "%3e", // > + "%0e", // > + "%28", // ( + "%29", // ) + "%2528", // ( + "%26", // & + "%24", // $ + "%3f", // ? + "%3b", // ; + "%3d" // = + ); + + if ( ! $relative_path) + { + $bad[] = './'; + $bad[] = '/'; + } + + $str = remove_invisible_characters($str, FALSE); + return stripslashes(str_replace($bad, '', $str)); + } + + // ---------------------------------------------------------------- + /** * Compact Exploded Words * * Callback function for xss_clean() to remove whitespace from * things like j a v a s c r i p t * - * @access private * @param type * @return type */ - private function _compact_exploded_words($matches) + protected function _compact_exploded_words($matches) { return preg_replace('/\s+/s', '', $matches[1]).$matches[2]; } + // -------------------------------------------------------------------- + + /* + * Remove Evil HTML Attributes (like evenhandlers and style) + * + * It removes the evil attribute and either: + * - Everything up until a space + * For example, everything between the pipes: + * + * - Everything inside the quotes + * For example, everything between the pipes: + * + * + * @param string $str The string to check + * @param boolean $is_image TRUE if this is an image + * @return string The string with the evil attributes removed + */ + protected function _remove_evil_attributes($str, $is_image) + { + // All javascript event handlers (e.g. onload, onclick, onmouseover), style, and xmlns + $evil_attributes = array('on\w*', 'style', 'xmlns'); + + if ($is_image === TRUE) + { + /* + * Adobe Photoshop puts XML metadata into JFIF images, + * including namespacing, so we have to allow this for images. + */ + unset($evil_attributes[array_search('xmlns', $evil_attributes)]); + } + + do { + $str = preg_replace( + "#<(/?[^><]+?)([^A-Za-z\-])(".implode('|', $evil_attributes).")(\s*=\s*)([\"][^>]*?[\"]|[\'][^>]*?[\']|[^>]*?)([\s><])([><]*)#i", + "<$1$6", + $str, -1, $count + ); + } while ($count); + + return $str; + } + // -------------------------------------------------------------------- /** @@ -515,17 +606,17 @@ class CI_Security { * * Callback function for xss_clean() to remove naughty HTML elements * - * @access private * @param array * @return string */ - private function _sanitize_naughty_html($matches) + protected function _sanitize_naughty_html($matches) { // encode opening brace $str = '<'.$matches[1].$matches[2].$matches[3]; // encode captured opening or closing brace to prevent recursive vectors - $str .= str_replace(array('>', '<'), array('>', '<'), $matches[4]); + $str .= str_replace(array('>', '<'), array('>', '<'), + $matches[4]); return $str; } @@ -540,16 +631,18 @@ class CI_Security { * and prevents PREG_BACKTRACK_LIMIT_ERROR from being triggered in * PHP 5.2+ on link-heavy strings * - * @access private * @param array * @return string */ - private function _js_link_removal($match) + protected function _js_link_removal($match) { $attributes = $this->_filter_attributes(str_replace(array('<', '>'), '', $match[1])); - return str_replace($match[1], preg_replace("#href=.*?(alert\(|alert&\#40;|javascript\:|charset\=|window\.|document\.|\.cookie|_filter_attributes(str_replace(array('<', '>'), '', $match[1])); - return str_replace($match[1], preg_replace("#src=.*?(alert\(|alert&\#40;|javascript\:|charset\=|window\.|document\.|\.cookie|', '<', '\\'), array('>', '<', '\\\\'), $match[0]); } @@ -591,11 +683,10 @@ class CI_Security { * * Filters tag attributes for consistency and safety * - * @access private * @param string * @return string */ - private function _filter_attributes($str) + protected function _filter_attributes($str) { $out = ''; @@ -617,118 +708,109 @@ class CI_Security { * * Used as a callback for XSS Clean * - * @access private * @param array * @return string */ - private function _decode_entity($match) + protected function _decode_entity($match) { return $this->entity_decode($match[0], strtoupper(config_item('charset'))); } // -------------------------------------------------------------------- - + /** - * HTML Entities Decode - * - * This function is a replacement for html_entity_decode() - * - * In some versions of PHP the native function does not work - * when UTF-8 is the specified character set, so this gives us - * a work-around. More info here: - * http://bugs.php.net/bug.php?id=25670 + * Validate URL entities * - * NOTE: html_entity_decode() has a bug in some PHP versions when UTF-8 is the - * character set, and the PHP developers said they were not back porting the - * fix to versions other than PHP 5.x. + * Called by xss_clean() * - * @access public - * @param string - * @param string - * @return string + * @param string + * @return string */ - public function entity_decode($str, $charset='UTF-8') + protected function _validate_entities($str) { - if (stristr($str, '&') === FALSE) return $str; + /* + * Protect GET variables in URLs + */ + + // 901119URL5918AMP18930PROTECT8198 + + $str = preg_replace('|\&([a-z\_0-9\-]+)\=([a-z\_0-9\-]+)|i', $this->xss_hash()."\\1=\\2", $str); - // The reason we are not using html_entity_decode() by itself is because - // while it is not technically correct to leave out the semicolon - // at the end of an entity most browsers will still interpret the entity - // correctly. html_entity_decode() does not convert entities without - // semicolons, so we are left with our own little solution here. Bummer. + /* + * Validate standard character entities + * + * Add a semicolon if missing. We do this to enable + * the conversion of entities to ASCII later. + * + */ + $str = preg_replace('#(&\#?[0-9a-z]{2,})([\x00-\x20])*;?#i', "\\1;\\2", $str); - if (function_exists('html_entity_decode') && (strtolower($charset) != 'utf-8' OR is_php('5.0.0'))) - { - $str = html_entity_decode($str, ENT_COMPAT, $charset); - $str = preg_replace('~&#x(0*[0-9a-f]{2,5})~ei', 'chr(hexdec("\\1"))', $str); - return preg_replace('~&#([0-9]{2,4})~e', 'chr(\\1)', $str); - } + /* + * Validate UTF16 two byte encoding (x00) + * + * Just as above, adds a semicolon if missing. + * + */ + $str = preg_replace('#(&\#x?)([0-9A-F]+);?#i',"\\1\\2;",$str); - // Numeric Entities - $str = preg_replace('~&#x(0*[0-9a-f]{2,5});{0,1}~ei', 'chr(hexdec("\\1"))', $str); - $str = preg_replace('~&#([0-9]{2,4});{0,1}~e', 'chr(\\1)', $str); + /* + * Un-Protect GET variables in URLs + */ + $str = str_replace($this->xss_hash(), '&', $str); + + return $str; + } - // Literal Entities - Slightly slow so we do another check - if (stristr($str, '&') === FALSE) + // ---------------------------------------------------------------------- + + /** + * Do Never Allowed + * + * A utility function for xss_clean() + * + * @param string + * @return string + */ + protected function _do_never_allowed($str) + { + foreach ($this->_never_allowed_str as $key => $val) { - $str = strtr($str, array_flip(get_html_translation_table(HTML_ENTITIES))); + $str = str_replace($key, $val, $str); } + foreach ($this->_never_allowed_regex as $key => $val) + { + $str = preg_replace("#".$key."#i", $val, $str); + } + return $str; } // -------------------------------------------------------------------- /** - * Filename Security + * Set Cross Site Request Forgery Protection Cookie * - * @access public - * @param string * @return string */ - public function sanitize_filename($str, $relative_path = FALSE) + protected function _csrf_set_hash() { - $bad = array( - "../", - "", - "<", - ">", - "'", - '"', - '&', - '$', - '#', - '{', - '}', - '[', - ']', - '=', - ';', - '?', - "%20", - "%22", - "%3c", // < - "%253c", // < - "%3e", // > - "%0e", // > - "%28", // ( - "%29", // ) - "%2528", // ( - "%26", // & - "%24", // $ - "%3f", // ? - "%3b", // ; - "%3d" // = - ); - - if ( ! $relative_path) + if ($this->_csrf_hash == '') { - $bad[] = './'; - $bad[] = '/'; + // If the cookie exists we will use it's value. + // We don't necessarily want to regenerate it with + // each page load since a page could contain embedded + // sub-pages causing this feature to fail + if (isset($_COOKIE[$this->_csrf_cookie_name]) && + $_COOKIE[$this->_csrf_cookie_name] != '') + { + return $this->_csrf_hash = $_COOKIE[$this->_csrf_cookie_name]; + } + + return $this->_csrf_hash = md5(uniqid(rand(), TRUE)); } - return stripslashes(str_replace($bad, '', $str)); + return $this->_csrf_hash; } } -- cgit v1.2.3-24-g4f1b From 14a0ac63a9dfb72e4681c37f7727cd48882152bd Mon Sep 17 00:00:00 2001 From: Pascal Kriete Date: Tue, 5 Apr 2011 14:55:56 -0400 Subject: Moving security to core. --- system/libraries/Security.php | 820 ------------------------------------------ 1 file changed, 820 deletions(-) delete mode 100644 system/libraries/Security.php (limited to 'system/libraries') diff --git a/system/libraries/Security.php b/system/libraries/Security.php deleted file mode 100644 index ceef9779c..000000000 --- a/system/libraries/Security.php +++ /dev/null @@ -1,820 +0,0 @@ - '[removed]', - 'document.write' => '[removed]', - '.parentNode' => '[removed]', - '.innerHTML' => '[removed]', - 'window.location' => '[removed]', - '-moz-binding' => '[removed]', - '' => '-->', - ' '<![CDATA[' - ); - - /* never allowed, regex replacement */ - protected $_never_allowed_regex = array( - "javascript\s*:" => '[removed]', - "expression\s*(\(|&\#40;)" => '[removed]', // CSS and IE - "vbscript\s*:" => '[removed]', // IE, surprise! - "Redirect\s+302" => '[removed]' - ); - - /** - * Constructor - */ - public function __construct() - { - // Append application specific cookie prefix to token name - $this->_csrf_cookie_name = (config_item('cookie_prefix')) ? config_item('cookie_prefix').$this->_csrf_token_name : $this->_csrf_token_name; - - // Set the CSRF hash - $this->_csrf_set_hash(); - - log_message('debug', "Security Class Initialized"); - } - - // -------------------------------------------------------------------- - - /** - * Verify Cross Site Request Forgery Protection - * - * @return object - */ - public function csrf_verify() - { - // If no POST data exists we will set the CSRF cookie - if (count($_POST) == 0) - { - return $this->csrf_set_cookie(); - } - - // Do the tokens exist in both the _POST and _COOKIE arrays? - if ( ! isset($_POST[$this->_csrf_token_name]) OR - ! isset($_COOKIE[$this->_csrf_cookie_name])) - { - $this->csrf_show_error(); - } - - // Do the tokens match? - if ($_POST[$this->_csrf_token_name] != $_COOKIE[$this->_csrf_cookie_name]) - { - $this->csrf_show_error(); - } - - // We kill this since we're done and we don't want to - // polute the _POST array - unset($_POST[$this->_csrf_token_name]); - - // Nothing should last forever - unset($_COOKIE[$this->_csrf_cookie_name]); - $this->_csrf_set_hash(); - $this->csrf_set_cookie(); - - log_message('debug', "CSRF token verified "); - - return $this; - } - - // -------------------------------------------------------------------- - - /** - * Set Cross Site Request Forgery Protection Cookie - * - * @return object - */ - public function csrf_set_cookie() - { - $expire = time() + $this->_csrf_expire; - $secure_cookie = (config_item('cookie_secure') === TRUE) ? 1 : 0; - - if ($secure_cookie) - { - $req = isset($_SERVER['HTTPS']) ? $_SERVER['HTTPS'] : FALSE; - - if ( ! $req OR $req == 'off') - { - return FALSE; - } - } - - setcookie($this->_csrf_cookie_name, $this->_csrf_hash, $expire, config_item('cookie_path'), config_item('cookie_domain'), $secure_cookie); - - log_message('debug', "CRSF cookie Set"); - - return $this; - } - - // -------------------------------------------------------------------- - - /** - * Show CSRF Error - * - * @return void - */ - public function csrf_show_error() - { - show_error('The action you have requested is not allowed.'); - } - - // -------------------------------------------------------------------- - - /** - * Get CSRF Hash - * - * Getter Method - * - * @return string self::_csrf_hash - */ - public function get_csrf_hash() - { - return $this->_csrf_hash; - } - - // -------------------------------------------------------------------- - - /** - * Get CSRF Token Name - * - * Getter Method - * - * @return string self::csrf_token_name - */ - public function get_csrf_token_name() - { - return $this->_csrf_token_name; - } - - // -------------------------------------------------------------------- - - /** - * XSS Clean - * - * Sanitizes data so that Cross Site Scripting Hacks can be - * prevented. This function does a fair amount of work but - * it is extremely thorough, designed to prevent even the - * most obscure XSS attempts. Nothing is ever 100% foolproof, - * of course, but I haven't been able to get anything passed - * the filter. - * - * Note: This function should only be used to deal with data - * upon submission. It's not something that should - * be used for general runtime processing. - * - * This function was based in part on some code and ideas I - * got from Bitflux: http://channel.bitflux.ch/wiki/XSS_Prevention - * - * To help develop this script I used this great list of - * vulnerabilities along with a few other hacks I've - * harvested from examining vulnerabilities in other programs: - * http://ha.ckers.org/xss.html - * - * @param mixed string or array - * @return string - */ - public function xss_clean($str, $is_image = FALSE) - { - /* - * Is the string an array? - * - */ - if (is_array($str)) - { - while (list($key) = each($str)) - { - $str[$key] = $this->xss_clean($str[$key]); - } - - return $str; - } - - /* - * Remove Invisible Characters - */ - $str = remove_invisible_characters($str); - - // Validate Entities in URLs - $str = $this->_validate_entities($str); - - /* - * URL Decode - * - * Just in case stuff like this is submitted: - * - * Google - * - * Note: Use rawurldecode() so it does not remove plus signs - * - */ - $str = rawurldecode($str); - - /* - * Convert character entities to ASCII - * - * This permits our tests below to work reliably. - * We only convert entities that are within tags since - * these are the ones that will pose security problems. - * - */ - - $str = preg_replace_callback("/[a-z]+=([\'\"]).*?\\1/si", array($this, '_convert_attribute'), $str); - - $str = preg_replace_callback("/<\w+.*?(?=>|<|$)/si", array($this, '_decode_entity'), $str); - - /* - * Remove Invisible Characters Again! - */ - $str = remove_invisible_characters($str); - - /* - * Convert all tabs to spaces - * - * This prevents strings like this: ja vascript - * NOTE: we deal with spaces between characters later. - * NOTE: preg_replace was found to be amazingly slow here on - * large blocks of data, so we use str_replace. - */ - - if (strpos($str, "\t") !== FALSE) - { - $str = str_replace("\t", ' ', $str); - } - - /* - * Capture converted string for later comparison - */ - $converted_string = $str; - - // Remove Strings that are never allowed - $str = $this->_do_never_allowed($str); - - /* - * Makes PHP tags safe - * - * Note: XML tags are inadvertently replaced too: - * - * '), array('<?', '?>'), $str); - } - - /* - * Compact any exploded words - * - * This corrects words like: j a v a s c r i p t - * These words are compacted back to their correct state. - */ - $words = array( - 'javascript', 'expression', 'vbscript', 'script', - 'applet', 'alert', 'document', 'write', 'cookie', 'window' - ); - - foreach ($words as $word) - { - $temp = ''; - - for ($i = 0, $wordlen = strlen($word); $i < $wordlen; $i++) - { - $temp .= substr($word, $i, 1)."\s*"; - } - - // We only want to do this when it is followed by a non-word character - // That way valid stuff like "dealer to" does not become "dealerto" - $str = preg_replace_callback('#('.substr($temp, 0, -3).')(\W)#is', array($this, '_compact_exploded_words'), $str); - } - - /* - * Remove disallowed Javascript in links or img tags - * We used to do some version comparisons and use of stripos for PHP5, - * but it is dog slow compared to these simplified non-capturing - * preg_match(), especially if the pattern exists in the string - */ - do - { - $original = $str; - - if (preg_match("/]*?)(>|$)#si", array($this, '_js_link_removal'), $str); - } - - if (preg_match("/]*?)(\s?/?>|$)#si", array($this, '_js_img_removal'), $str); - } - - if (preg_match("/script/i", $str) OR preg_match("/xss/i", $str)) - { - $str = preg_replace("#<(/*)(script|xss)(.*?)\>#si", '[removed]', $str); - } - } - while($original != $str); - - unset($original); - - // Remove evil attributes such as style, onclick and xmlns - $str = $this->_remove_evil_attributes($str, $is_image); - - /* - * Sanitize naughty HTML elements - * - * If a tag containing any of the words in the list - * below is found, the tag gets converted to entities. - * - * So this: - * Becomes: <blink> - */ - $naughty = 'alert|applet|audio|basefont|base|behavior|bgsound|blink|body|embed|expression|form|frameset|frame|head|html|ilayer|iframe|input|isindex|layer|link|meta|object|plaintext|style|script|textarea|title|video|xml|xss'; - $str = preg_replace_callback('#<(/*\s*)('.$naughty.')([^><]*)([><]*)#is', array($this, '_sanitize_naughty_html'), $str); - - /* - * Sanitize naughty scripting elements - * - * Similar to above, only instead of looking for - * tags it looks for PHP and JavaScript commands - * that are disallowed. Rather than removing the - * code, it simply converts the parenthesis to entities - * rendering the code un-executable. - * - * For example: eval('some code') - * Becomes: eval('some code') - */ - $str = preg_replace('#(alert|cmd|passthru|eval|exec|expression|system|fopen|fsockopen|file|file_get_contents|readfile|unlink)(\s*)\((.*?)\)#si', "\\1\\2(\\3)", $str); - - - // Final clean up - // This adds a bit of extra precaution in case - // something got through the above filters - $str = $this->_do_never_allowed($str); - - /* - * Images are Handled in a Special Way - * - Essentially, we want to know that after all of the character - * conversion is done whether any unwanted, likely XSS, code was found. - * If not, we return TRUE, as the image is clean. - * However, if the string post-conversion does not matched the - * string post-removal of XSS, then it fails, as there was unwanted XSS - * code found and removed/changed during processing. - */ - - if ($is_image === TRUE) - { - return ($str == $converted_string) ? TRUE: FALSE; - } - - log_message('debug', "XSS Filtering completed"); - return $str; - } - - // -------------------------------------------------------------------- - - /** - * Random Hash for protecting URLs - * - * @return string - */ - public function xss_hash() - { - if ($this->_xss_hash == '') - { - if (phpversion() >= 4.2) - { - mt_srand(); - } - else - { - mt_srand(hexdec(substr(md5(microtime()), -8)) & 0x7fffffff); - } - - $this->_xss_hash = md5(time() + mt_rand(0, 1999999999)); - } - - return $this->_xss_hash; - } - - // -------------------------------------------------------------------- - - /** - * HTML Entities Decode - * - * This function is a replacement for html_entity_decode() - * - * In some versions of PHP the native function does not work - * when UTF-8 is the specified character set, so this gives us - * a work-around. More info here: - * http://bugs.php.net/bug.php?id=25670 - * - * NOTE: html_entity_decode() has a bug in some PHP versions when UTF-8 is the - * character set, and the PHP developers said they were not back porting the - * fix to versions other than PHP 5.x. - * - * @param string - * @param string - * @return string - */ - public function entity_decode($str, $charset='UTF-8') - { - if (stristr($str, '&') === FALSE) return $str; - - // The reason we are not using html_entity_decode() by itself is because - // while it is not technically correct to leave out the semicolon - // at the end of an entity most browsers will still interpret the entity - // correctly. html_entity_decode() does not convert entities without - // semicolons, so we are left with our own little solution here. Bummer. - - if (function_exists('html_entity_decode') && - (strtolower($charset) != 'utf-8')) - { - $str = html_entity_decode($str, ENT_COMPAT, $charset); - $str = preg_replace('~&#x(0*[0-9a-f]{2,5})~ei', 'chr(hexdec("\\1"))', $str); - return preg_replace('~&#([0-9]{2,4})~e', 'chr(\\1)', $str); - } - - // Numeric Entities - $str = preg_replace('~&#x(0*[0-9a-f]{2,5});{0,1}~ei', 'chr(hexdec("\\1"))', $str); - $str = preg_replace('~&#([0-9]{2,4});{0,1}~e', 'chr(\\1)', $str); - - // Literal Entities - Slightly slow so we do another check - if (stristr($str, '&') === FALSE) - { - $str = strtr($str, array_flip(get_html_translation_table(HTML_ENTITIES))); - } - - return $str; - } - - // -------------------------------------------------------------------- - - /** - * Filename Security - * - * @param string - * @return string - */ - public function sanitize_filename($str, $relative_path = FALSE) - { - $bad = array( - "../", - "", - "<", - ">", - "'", - '"', - '&', - '$', - '#', - '{', - '}', - '[', - ']', - '=', - ';', - '?', - "%20", - "%22", - "%3c", // < - "%253c", // < - "%3e", // > - "%0e", // > - "%28", // ( - "%29", // ) - "%2528", // ( - "%26", // & - "%24", // $ - "%3f", // ? - "%3b", // ; - "%3d" // = - ); - - if ( ! $relative_path) - { - $bad[] = './'; - $bad[] = '/'; - } - - $str = remove_invisible_characters($str, FALSE); - return stripslashes(str_replace($bad, '', $str)); - } - - // ---------------------------------------------------------------- - - /** - * Compact Exploded Words - * - * Callback function for xss_clean() to remove whitespace from - * things like j a v a s c r i p t - * - * @param type - * @return type - */ - protected function _compact_exploded_words($matches) - { - return preg_replace('/\s+/s', '', $matches[1]).$matches[2]; - } - - // -------------------------------------------------------------------- - - /* - * Remove Evil HTML Attributes (like evenhandlers and style) - * - * It removes the evil attribute and either: - * - Everything up until a space - * For example, everything between the pipes: - * - * - Everything inside the quotes - * For example, everything between the pipes: - * - * - * @param string $str The string to check - * @param boolean $is_image TRUE if this is an image - * @return string The string with the evil attributes removed - */ - protected function _remove_evil_attributes($str, $is_image) - { - // All javascript event handlers (e.g. onload, onclick, onmouseover), style, and xmlns - $evil_attributes = array('on\w*', 'style', 'xmlns'); - - if ($is_image === TRUE) - { - /* - * Adobe Photoshop puts XML metadata into JFIF images, - * including namespacing, so we have to allow this for images. - */ - unset($evil_attributes[array_search('xmlns', $evil_attributes)]); - } - - do { - $str = preg_replace( - "#<(/?[^><]+?)([^A-Za-z\-])(".implode('|', $evil_attributes).")(\s*=\s*)([\"][^>]*?[\"]|[\'][^>]*?[\']|[^>]*?)([\s><])([><]*)#i", - "<$1$6", - $str, -1, $count - ); - } while ($count); - - return $str; - } - - // -------------------------------------------------------------------- - - /** - * Sanitize Naughty HTML - * - * Callback function for xss_clean() to remove naughty HTML elements - * - * @param array - * @return string - */ - protected function _sanitize_naughty_html($matches) - { - // encode opening brace - $str = '<'.$matches[1].$matches[2].$matches[3]; - - // encode captured opening or closing brace to prevent recursive vectors - $str .= str_replace(array('>', '<'), array('>', '<'), - $matches[4]); - - return $str; - } - - // -------------------------------------------------------------------- - - /** - * JS Link Removal - * - * Callback function for xss_clean() to sanitize links - * This limits the PCRE backtracks, making it more performance friendly - * and prevents PREG_BACKTRACK_LIMIT_ERROR from being triggered in - * PHP 5.2+ on link-heavy strings - * - * @param array - * @return string - */ - protected function _js_link_removal($match) - { - $attributes = $this->_filter_attributes(str_replace(array('<', '>'), '', $match[1])); - - return str_replace($match[1], preg_replace("#href=.*?(alert\(|alert&\#40;|javascript\:|livescript\:|mocha\:|charset\=|window\.|document\.|\.cookie|_filter_attributes(str_replace(array('<', '>'), '', $match[1])); - - return str_replace($match[1], preg_replace("#src=.*?(alert\(|alert&\#40;|javascript\:|livescript\:|mocha\:|charset\=|window\.|document\.|\.cookie|', '<', '\\'), array('>', '<', '\\\\'), $match[0]); - } - - // -------------------------------------------------------------------- - - /** - * Filter Attributes - * - * Filters tag attributes for consistency and safety - * - * @param string - * @return string - */ - protected function _filter_attributes($str) - { - $out = ''; - - if (preg_match_all('#\s*[a-z\-]+\s*=\s*(\042|\047)([^\\1]*?)\\1#is', $str, $matches)) - { - foreach ($matches[0] as $match) - { - $out .= preg_replace("#/\*.*?\*/#s", '', $match); - } - } - - return $out; - } - - // -------------------------------------------------------------------- - - /** - * HTML Entity Decode Callback - * - * Used as a callback for XSS Clean - * - * @param array - * @return string - */ - protected function _decode_entity($match) - { - return $this->entity_decode($match[0], strtoupper(config_item('charset'))); - } - - // -------------------------------------------------------------------- - - /** - * Validate URL entities - * - * Called by xss_clean() - * - * @param string - * @return string - */ - protected function _validate_entities($str) - { - /* - * Protect GET variables in URLs - */ - - // 901119URL5918AMP18930PROTECT8198 - - $str = preg_replace('|\&([a-z\_0-9\-]+)\=([a-z\_0-9\-]+)|i', $this->xss_hash()."\\1=\\2", $str); - - /* - * Validate standard character entities - * - * Add a semicolon if missing. We do this to enable - * the conversion of entities to ASCII later. - * - */ - $str = preg_replace('#(&\#?[0-9a-z]{2,})([\x00-\x20])*;?#i', "\\1;\\2", $str); - - /* - * Validate UTF16 two byte encoding (x00) - * - * Just as above, adds a semicolon if missing. - * - */ - $str = preg_replace('#(&\#x?)([0-9A-F]+);?#i',"\\1\\2;",$str); - - /* - * Un-Protect GET variables in URLs - */ - $str = str_replace($this->xss_hash(), '&', $str); - - return $str; - } - - // ---------------------------------------------------------------------- - - /** - * Do Never Allowed - * - * A utility function for xss_clean() - * - * @param string - * @return string - */ - protected function _do_never_allowed($str) - { - foreach ($this->_never_allowed_str as $key => $val) - { - $str = str_replace($key, $val, $str); - } - - foreach ($this->_never_allowed_regex as $key => $val) - { - $str = preg_replace("#".$key."#i", $val, $str); - } - - return $str; - } - - // -------------------------------------------------------------------- - - /** - * Set Cross Site Request Forgery Protection Cookie - * - * @return string - */ - protected function _csrf_set_hash() - { - if ($this->_csrf_hash == '') - { - // If the cookie exists we will use it's value. - // We don't necessarily want to regenerate it with - // each page load since a page could contain embedded - // sub-pages causing this feature to fail - if (isset($_COOKIE[$this->_csrf_cookie_name]) && - $_COOKIE[$this->_csrf_cookie_name] != '') - { - return $this->_csrf_hash = $_COOKIE[$this->_csrf_cookie_name]; - } - - return $this->_csrf_hash = md5(uniqid(rand(), TRUE)); - } - - return $this->_csrf_hash; - } - -} -// END Security Class - -/* End of file Security.php */ -/* Location: ./system/libraries/Security.php */ \ No newline at end of file -- cgit v1.2.3-24-g4f1b From 6984aaf27f53b91ab1eafcdccd5fb871dfcd5f18 Mon Sep 17 00:00:00 2001 From: Pascal Kriete Date: Tue, 5 Apr 2011 14:58:04 -0400 Subject: Removing security loading calls. --- system/libraries/Form_validation.php | 5 ----- system/libraries/Upload.php | 6 ------ system/libraries/Xmlrpc.php | 14 ++------------ 3 files changed, 2 insertions(+), 23 deletions(-) (limited to 'system/libraries') diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php index adfd17db1..cfc02eda9 100644 --- a/system/libraries/Form_validation.php +++ b/system/libraries/Form_validation.php @@ -1336,11 +1336,6 @@ class CI_Form_validation { */ function xss_clean($str) { - if ( ! isset($this->CI->security)) - { - $this->CI->load->library('security'); - } - return $this->CI->security->xss_clean($str); } diff --git a/system/libraries/Upload.php b/system/libraries/Upload.php index 5816a5558..b62e0d73c 100644 --- a/system/libraries/Upload.php +++ b/system/libraries/Upload.php @@ -875,12 +875,6 @@ class CI_Upload { } $CI =& get_instance(); - - if ( ! isset($CI->security)) - { - $CI->load->library('security'); - } - return $CI->security->xss_clean($data, TRUE); } diff --git a/system/libraries/Xmlrpc.php b/system/libraries/Xmlrpc.php index a24bca9b6..5da6ea6ae 100644 --- a/system/libraries/Xmlrpc.php +++ b/system/libraries/Xmlrpc.php @@ -504,12 +504,7 @@ class XML_RPC_Response function decode($array=FALSE) { $CI =& get_instance(); - - if ($this->xss_clean && ! isset($CI->security)) - { - $CI->load->library('security'); - } - + if ($array !== FALSE && is_array($array)) { while (list($key) = each($array)) @@ -1121,12 +1116,7 @@ class XML_RPC_Message extends CI_Xmlrpc function output_parameters($array=FALSE) { $CI =& get_instance(); - - if ($this->xss_clean && ! isset($CI->security)) - { - $CI->load->library('security'); - } - + if ($array !== FALSE && is_array($array)) { while (list($key) = each($array)) -- cgit v1.2.3-24-g4f1b From f1bd6fa78a3235ade2365a43bb5124ff72807c96 Mon Sep 17 00:00:00 2001 From: Pascal Kriete Date: Tue, 5 Apr 2011 15:04:28 -0400 Subject: Fixed a bug in the Javascript Library where improperly escaped characters could result in arbitrary javascript execution. --- system/libraries/Javascript.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries') diff --git a/system/libraries/Javascript.php b/system/libraries/Javascript.php index 167859abd..34e0d7001 100644 --- a/system/libraries/Javascript.php +++ b/system/libraries/Javascript.php @@ -855,7 +855,7 @@ class CI_Javascript { } elseif (is_string($result) OR $is_key) { - return '"'.str_replace(array('\\', "\t", "\n", "\r", '"'), array('\\\\', '\\t', '\\n', "\\r", '\"'), $result).'"'; + return '"'.str_replace(array('\\', "\t", "\n", "\r", '"', '/'), array('\\\\', '\\t', '\\n', "\\r", '\"', '\/'), $result).'"'; } elseif (is_scalar($result)) { -- cgit v1.2.3-24-g4f1b From 05fa61144667c85b0463f7e8baa6af00aa195dc6 Mon Sep 17 00:00:00 2001 From: Phil Sturgeon Date: Wed, 6 Apr 2011 22:57:43 +0100 Subject: Made Environment Support optional. Comment out or delete the constant to stop environment checks. --- system/libraries/Upload.php | 2 +- system/libraries/User_agent.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'system/libraries') diff --git a/system/libraries/Upload.php b/system/libraries/Upload.php index 5816a5558..3cd2e4fc1 100644 --- a/system/libraries/Upload.php +++ b/system/libraries/Upload.php @@ -951,7 +951,7 @@ class CI_Upload { if (count($this->mimes) == 0) { - if (is_file(APPPATH.'config/'.ENVIRONMENT.'/mimes'.EXT)) + if (defined('ENVIRONMENT') AND is_file(APPPATH.'config/'.ENVIRONMENT.'/mimes'.EXT)) { include(APPPATH.'config/'.ENVIRONMENT.'/mimes'.EXT); } diff --git a/system/libraries/User_agent.php b/system/libraries/User_agent.php index 11af21491..04cda7312 100644 --- a/system/libraries/User_agent.php +++ b/system/libraries/User_agent.php @@ -84,7 +84,7 @@ class CI_User_agent { */ private function _load_agent_file() { - if (is_file(APPPATH.'config/'.ENVIRONMENT.'/user_agents'.EXT)) + if (defined('ENVIRONMENT') AND is_file(APPPATH.'config/'.ENVIRONMENT.'/user_agents'.EXT)) { include(APPPATH.'config/'.ENVIRONMENT.'/user_agents'.EXT); } -- cgit v1.2.3-24-g4f1b From 48bac74ea9fcb8eecdf97597647f1ed492d97b43 Mon Sep 17 00:00:00 2001 From: patwork Date: Fri, 8 Apr 2011 13:46:47 +0200 Subject: Fix: codeigniter-reactor/193 incorrect driver filepaths --- system/libraries/Driver.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'system/libraries') diff --git a/system/libraries/Driver.php b/system/libraries/Driver.php index d1838f2c1..b942f539f 100644 --- a/system/libraries/Driver.php +++ b/system/libraries/Driver.php @@ -45,7 +45,7 @@ class CI_Driver_Library { $child_class = $this->lib_name.'_'.$child; // Remove the CI_ prefix and lowercase - $lib_name = strtolower(preg_replace('/^CI_/', '', $this->lib_name)); + $lib_name = ucfirst(strtolower(preg_replace('/^CI_/', '', $this->lib_name))); $driver_name = strtolower(preg_replace('/^CI_/', '', $child_class)); if (in_array($driver_name, array_map('strtolower', $this->valid_drivers))) @@ -226,4 +226,4 @@ class CI_Driver { // END CI_Driver CLASS /* End of file Driver.php */ -/* Location: ./system/libraries/Driver.php */ \ No newline at end of file +/* Location: ./system/libraries/Driver.php */ -- cgit v1.2.3-24-g4f1b From b07079827b084213463bdf576894faab172213f2 Mon Sep 17 00:00:00 2001 From: patwork Date: Fri, 8 Apr 2011 15:10:05 +0200 Subject: Deals with language errors after codeigniter-reactor commit r2307:c43c6dea56fb --- system/libraries/Email.php | 44 ++++++++++++++++++++++---------------------- 1 file changed, 22 insertions(+), 22 deletions(-) (limited to 'system/libraries') diff --git a/system/libraries/Email.php b/system/libraries/Email.php index 6c21f114d..cd89f8f3d 100644 --- a/system/libraries/Email.php +++ b/system/libraries/Email.php @@ -722,7 +722,7 @@ class CI_Email { { if ( ! is_array($email)) { - $this->_set_error_message('email_must_be_array'); + $this->_set_error_message('lang:email_must_be_array'); return FALSE; } @@ -730,7 +730,7 @@ class CI_Email { { if ( ! $this->valid_email($val)) { - $this->_set_error_message('email_invalid_address', $val); + $this->_set_error_message('lang:email_invalid_address', $val); return FALSE; } } @@ -1131,7 +1131,7 @@ class CI_Email { if ( ! file_exists($filename)) { - $this->_set_error_message('email_attachment_missing', $filename); + $this->_set_error_message('lang:email_attachment_missing', $filename); return FALSE; } @@ -1146,7 +1146,7 @@ class CI_Email { if ( ! $fp = fopen($filename, FOPEN_READ)) { - $this->_set_error_message('email_attachment_unreadable', $filename); + $this->_set_error_message('lang:email_attachment_unreadable', $filename); return FALSE; } @@ -1353,7 +1353,7 @@ class CI_Email { ( ! isset($this->_bcc_array) AND ! isset($this->_headers['Bcc'])) AND ( ! isset($this->_headers['Cc']))) { - $this->_set_error_message('email_no_recipients'); + $this->_set_error_message('lang:email_no_recipients'); return FALSE; } @@ -1484,7 +1484,7 @@ class CI_Email { if ( ! $this->_send_with_mail()) { - $this->_set_error_message('email_send_failure_phpmail'); + $this->_set_error_message('lang:email_send_failure_phpmail'); return FALSE; } break; @@ -1492,7 +1492,7 @@ class CI_Email { if ( ! $this->_send_with_sendmail()) { - $this->_set_error_message('email_send_failure_sendmail'); + $this->_set_error_message('lang:email_send_failure_sendmail'); return FALSE; } break; @@ -1500,14 +1500,14 @@ class CI_Email { if ( ! $this->_send_with_smtp()) { - $this->_set_error_message('email_send_failure_smtp'); + $this->_set_error_message('lang:email_send_failure_smtp'); return FALSE; } break; } - $this->_set_error_message('email_sent', $this->_get_protocol()); + $this->_set_error_message('lang:email_sent', $this->_get_protocol()); return TRUE; } @@ -1578,8 +1578,8 @@ class CI_Email { if ($status != 0) { - $this->_set_error_message('email_exit_status', $status); - $this->_set_error_message('email_no_socket'); + $this->_set_error_message('lang:email_exit_status', $status); + $this->_set_error_message('lang:email_no_socket'); return FALSE; } @@ -1598,7 +1598,7 @@ class CI_Email { { if ($this->smtp_host == '') { - $this->_set_error_message('email_no_hostname'); + $this->_set_error_message('lang:email_no_hostname'); return FALSE; } @@ -1647,7 +1647,7 @@ class CI_Email { if (strncmp($reply, '250', 3) != 0) { - $this->_set_error_message('email_smtp_error', $reply); + $this->_set_error_message('lang:email_smtp_error', $reply); return FALSE; } @@ -1674,7 +1674,7 @@ class CI_Email { if ( ! is_resource($this->_smtp_connect)) { - $this->_set_error_message('email_smtp_error', $errno." ".$errstr); + $this->_set_error_message('lang:email_smtp_error', $errno." ".$errstr); return FALSE; } @@ -1737,7 +1737,7 @@ class CI_Email { if (substr($reply, 0, 3) != $resp) { - $this->_set_error_message('email_smtp_error', $reply); + $this->_set_error_message('lang:email_smtp_error', $reply); return FALSE; } @@ -1766,7 +1766,7 @@ class CI_Email { if ($this->smtp_user == "" AND $this->smtp_pass == "") { - $this->_set_error_message('email_no_smtp_unpw'); + $this->_set_error_message('lang:email_no_smtp_unpw'); return FALSE; } @@ -1776,7 +1776,7 @@ class CI_Email { if (strncmp($reply, '334', 3) != 0) { - $this->_set_error_message('email_failed_smtp_login', $reply); + $this->_set_error_message('lang:email_failed_smtp_login', $reply); return FALSE; } @@ -1786,7 +1786,7 @@ class CI_Email { if (strncmp($reply, '334', 3) != 0) { - $this->_set_error_message('email_smtp_auth_un', $reply); + $this->_set_error_message('lang:email_smtp_auth_un', $reply); return FALSE; } @@ -1796,7 +1796,7 @@ class CI_Email { if (strncmp($reply, '235', 3) != 0) { - $this->_set_error_message('email_smtp_auth_pw', $reply); + $this->_set_error_message('lang:email_smtp_auth_pw', $reply); return FALSE; } @@ -1815,7 +1815,7 @@ class CI_Email { { if ( ! fwrite($this->_smtp_connect, $data . $this->newline)) { - $this->_set_error_message('email_smtp_data_failure', $data); + $this->_set_error_message('lang:email_smtp_data_failure', $data); return FALSE; } else @@ -1942,7 +1942,7 @@ class CI_Email { $CI =& get_instance(); $CI->lang->load('email'); - if (FALSE === ($line = $CI->lang->line($msg))) + if (substr($msg, 0, 5) != 'lang:' || FALSE === ($line = $CI->lang->line(substr($msg, 5)))) { $this->_debug_msg[] = str_replace('%s', $val, $msg)."
"; } @@ -2059,4 +2059,4 @@ class CI_Email { // END CI_Email class /* End of file Email.php */ -/* Location: ./system/libraries/Email.php */ \ No newline at end of file +/* Location: ./system/libraries/Email.php */ -- cgit v1.2.3-24-g4f1b From 02404a1f59e4f3ae8231d87d8be5b23488ea86d2 Mon Sep 17 00:00:00 2001 From: patwork Date: Fri, 8 Apr 2011 15:45:46 +0200 Subject: Fix: codeigniter-reactor/127 Form_validation rule error logging --- system/libraries/Form_validation.php | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'system/libraries') diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php index cfc02eda9..6f79a554a 100644 --- a/system/libraries/Form_validation.php +++ b/system/libraries/Form_validation.php @@ -628,6 +628,10 @@ class CI_Form_validation { $this->_field_data[$row['field']]['postdata'] = (is_bool($result)) ? $postdata : $result; } } + else + { + log_message('debug', "Unable to find validation rule: ".$rule); + } continue; } @@ -1357,4 +1361,4 @@ class CI_Form_validation { // END Form Validation Class /* End of file Form_validation.php */ -/* Location: ./system/libraries/Form_validation.php */ \ No newline at end of file +/* Location: ./system/libraries/Form_validation.php */ -- cgit v1.2.3-24-g4f1b From bffb7769c6f31b7a47355d4eb66f5ac1d85c2a2e Mon Sep 17 00:00:00 2001 From: Eric Barnes Date: Mon, 18 Apr 2011 00:03:31 -0400 Subject: Changed path in footer comment of cache dummy. --- system/libraries/Cache/drivers/Cache_dummy.php | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) (limited to 'system/libraries') diff --git a/system/libraries/Cache/drivers/Cache_dummy.php b/system/libraries/Cache/drivers/Cache_dummy.php index de47acb43..f96a68e27 100644 --- a/system/libraries/Cache/drivers/Cache_dummy.php +++ b/system/libraries/Cache/drivers/Cache_dummy.php @@ -10,29 +10,29 @@ * @license http://codeigniter.com/user_guide/license.html * @link http://codeigniter.com * @since Version 2.0 - * @filesource + * @filesource */ // ------------------------------------------------------------------------ /** - * CodeIgniter Dummy Caching Class + * CodeIgniter Dummy Caching Class * * @package CodeIgniter * @subpackage Libraries * @category Core * @author ExpressionEngine Dev Team - * @link + * @link */ class CI_Cache_dummy extends CI_Driver { /** - * Get + * Get * * Since this is the dummy class, it's always going to return FALSE. * - * @param string + * @param string * @return Boolean FALSE */ public function get($id) @@ -40,8 +40,8 @@ class CI_Cache_dummy extends CI_Driver { return FALSE; } - // ------------------------------------------------------------------------ - + // ------------------------------------------------------------------------ + /** * Cache Save * @@ -55,7 +55,7 @@ class CI_Cache_dummy extends CI_Driver { { return TRUE; } - + // ------------------------------------------------------------------------ /** @@ -112,7 +112,7 @@ class CI_Cache_dummy extends CI_Driver { /** * Is this caching driver supported on the system? * Of course this one is. - * + * * @return TRUE; */ public function is_supported() @@ -121,9 +121,9 @@ class CI_Cache_dummy extends CI_Driver { } // ------------------------------------------------------------------------ - + } // End Class -/* End of file Cache_apc.php */ -/* Location: ./system/libraries/Cache/drivers/Cache_apc.php */ \ No newline at end of file +/* End of file Cache_dummy.php */ +/* Location: ./system/libraries/Cache/drivers/Cache_dummy.php */ \ No newline at end of file -- cgit v1.2.3-24-g4f1b From 62df13125bd9ab22ff0c7f2565a42a6de13ed7e4 Mon Sep 17 00:00:00 2001 From: Greg Aker Date: Mon, 18 Apr 2011 11:18:02 -0500 Subject: Added Session Class userdata to the output profiler. Additionally, added a show/hide toggle on HTTP Headers, Session Data and Config Variables. --- system/libraries/Profiler.php | 45 +++++++++++++++++++++++++++++++++++++------ 1 file changed, 39 insertions(+), 6 deletions(-) (limited to 'system/libraries') diff --git a/system/libraries/Profiler.php b/system/libraries/Profiler.php index 8a1f18ced..d1828b984 100644 --- a/system/libraries/Profiler.php +++ b/system/libraries/Profiler.php @@ -32,7 +32,7 @@ */ class CI_Profiler { - var $CI; + private $CI; protected $_available_sections = array( 'benchmarks', @@ -43,6 +43,7 @@ class CI_Profiler { 'controller_info', 'queries', 'http_headers', + 'session_data', 'config' ); @@ -410,10 +411,10 @@ class CI_Profiler { $output = "\n\n"; $output .= '
'; $output .= "\n"; - $output .= '  '.$this->CI->lang->line('profiler_headers').'  '; + $output .= '  '.$this->CI->lang->line('profiler_headers').'  ('.$this->CI->lang->line('profiler_section_show').')'; $output .= "\n"; - $output .= "\n\n\n"; + $output .= "\n\n
\n"; foreach (array('HTTP_ACCEPT', 'HTTP_USER_AGENT', 'HTTP_CONNECTION', 'SERVER_PORT', 'SERVER_NAME', 'REMOTE_ADDR', 'SERVER_SOFTWARE', 'HTTP_ACCEPT_LANGUAGE', 'SCRIPT_NAME', 'REQUEST_METHOD',' HTTP_HOST', 'REMOTE_HOST', 'CONTENT_TYPE', 'SERVER_PROTOCOL', 'QUERY_STRING', 'HTTP_ACCEPT_ENCODING', 'HTTP_X_FORWARDED_FOR') as $header) { @@ -441,10 +442,10 @@ class CI_Profiler { $output = "\n\n"; $output .= '
'; $output .= "\n"; - $output .= '  '.$this->CI->lang->line('profiler_config').'  '; + $output .= '  '.$this->CI->lang->line('profiler_config').'  ('.$this->CI->lang->line('profiler_section_show').')'; $output .= "\n"; - $output .= "\n\n
\n"; + $output .= "\n\n
\n"; foreach ($this->CI->config->config as $config=>$val) { @@ -464,6 +465,39 @@ class CI_Profiler { // -------------------------------------------------------------------- + /** + * Compile session userdata + * + * @return string + */ + private function _compile_session_data() + { + if ( ! isset($this->CI->session)) + { + return; + } + + $output = '
'; + $output .= '  '.$this->CI->lang->line('profiler_session_data').'  ('.$this->CI->lang->line('profiler_section_show').')'; + $output .= "
"; + + foreach ($this->CI->session->all_userdata() as $key => $val) + { + if (is_array($val)) + { + $val = print_r($val, TRUE); + } + + $output .= "\n"; + } + + $output .= ''; + $output .= "
"; + return $output; + } + + // -------------------------------------------------------------------- + /** * Run the Profiler * @@ -493,7 +527,6 @@ class CI_Profiler { return $output; } - } // END CI_Profiler class -- cgit v1.2.3-24-g4f1b From 3403366d0f457c1dd449076b4177d1aff5cb176c Mon Sep 17 00:00:00 2001 From: Greg Aker Date: Mon, 18 Apr 2011 11:18:09 -0500 Subject: changeset: 2202:06a75a1bd622 tag: tip user: Greg Aker date: Mon Apr 18 11:10:37 2011 -0500 summary: Tweak to session class all_userdata() to just return the userdata array. Also documented previously undocumented all_userdata() method. --- system/libraries/Session.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'system/libraries') diff --git a/system/libraries/Session.php b/system/libraries/Session.php index 182294059..32317c2e6 100644 --- a/system/libraries/Session.php +++ b/system/libraries/Session.php @@ -435,11 +435,11 @@ class CI_Session { * Fetch all session data * * @access public - * @return mixed + * @return array */ function all_userdata() { - return ( ! isset($this->userdata)) ? FALSE : $this->userdata; + return $this->userdata; } // -------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From e6e6e64ab078205153513af24dd4163157efb148 Mon Sep 17 00:00:00 2001 From: Greg Aker Date: Mon, 18 Apr 2011 15:54:13 -0500 Subject: changeset: 2204:37301a84c8be tag: tip user: Greg Aker date: Mon Apr 18 15:51:28 2011 -0500 summary: Adding toggle show/hide on database queries in the output profiler. Added a profiler config item to set a threshold of when to hide the queries by default. Additionally, fixed a bug I created earlier today by marking the $CI class var in CI_Profiler as private. --- system/libraries/Profiler.php | 35 +++++++++++++++++++++++++++++------ 1 file changed, 29 insertions(+), 6 deletions(-) (limited to 'system/libraries') diff --git a/system/libraries/Profiler.php b/system/libraries/Profiler.php index d1828b984..b73ddaf0d 100644 --- a/system/libraries/Profiler.php +++ b/system/libraries/Profiler.php @@ -32,8 +32,6 @@ */ class CI_Profiler { - private $CI; - protected $_available_sections = array( 'benchmarks', 'get', @@ -46,12 +44,24 @@ class CI_Profiler { 'session_data', 'config' ); + + protected $_query_toggle_count = 25; + + protected $CI; + // -------------------------------------------------------------------- + public function __construct($config = array()) { $this->CI =& get_instance(); $this->CI->load->language('profiler'); + if (isset($config['query_toggle_count'])) + { + $this->_query_toggle_count = (int) $config['query_toggle_count']; + unset($config['query_toggle_count']); + } + // default all sections to display foreach ($this->_available_sections as $section) { @@ -163,7 +173,7 @@ class CI_Profiler { $output .= "\n"; $output .= '  '.$this->CI->lang->line('profiler_queries').'  '; $output .= "\n"; - $output .= "\n\n\n"; + $output .= "\n\n
\n"; $output .="\n"; $output .= "
".$this->CI->lang->line('profiler_no_db')."
\n"; $output .= ""; @@ -178,14 +188,27 @@ class CI_Profiler { $highlight = array('SELECT', 'DISTINCT', 'FROM', 'WHERE', 'AND', 'LEFT JOIN', 'ORDER BY', 'GROUP BY', 'LIMIT', 'INSERT', 'INTO', 'VALUES', 'UPDATE', 'OR ', 'HAVING', 'OFFSET', 'NOT IN', 'IN', 'LIKE', 'NOT LIKE', 'COUNT', 'MAX', 'MIN', 'ON', 'AS', 'AVG', 'SUM', '(', ')'); $output = "\n\n"; - + + $count = 0; + foreach ($dbs as $db) { + $count++; + + $hide_queries = (count($db->queries) > $this->_query_toggle_count) ? ' display:none' : ''; + + $show_hide_js = '('.$this->CI->lang->line('profiler_section_hide').')'; + + if ($hide_queries != '') + { + $show_hide_js = '('.$this->CI->lang->line('profiler_section_show').')'; + } + $output .= '
'; $output .= "\n"; - $output .= '  '.$this->CI->lang->line('profiler_database').':  '.$db->database.'   '.$this->CI->lang->line('profiler_queries').': '.count($db->queries).'   '; + $output .= '  '.$this->CI->lang->line('profiler_database').':  '.$db->database.'   '.$this->CI->lang->line('profiler_queries').': '.count($db->queries).'  '.$show_hide_js.''; $output .= "\n"; - $output .= "\n\n\n"; + $output .= "\n\n
\n"; if (count($db->queries) == 0) { -- cgit v1.2.3-24-g4f1b From 3a746655e92ec59ee7e731c3535673a9aedc5d3e Mon Sep 17 00:00:00 2001 From: Greg Aker Date: Tue, 19 Apr 2011 10:59:47 -0500 Subject: Removing internal references to the EXT constant. Additionally, marked the constant as deprecated. Use ".php" instead. Also adding upgrade notes from 2.0.2 to 2.0.3. --- system/libraries/Calendar.php | 2 +- system/libraries/Driver.php | 2 +- system/libraries/Encrypt.php | 2 +- system/libraries/Log.php | 2 +- system/libraries/Upload.php | 8 ++++---- system/libraries/User_agent.php | 8 ++++---- 6 files changed, 12 insertions(+), 12 deletions(-) (limited to 'system/libraries') diff --git a/system/libraries/Calendar.php b/system/libraries/Calendar.php index 72d228e73..df0fd6eeb 100644 --- a/system/libraries/Calendar.php +++ b/system/libraries/Calendar.php @@ -47,7 +47,7 @@ class CI_Calendar { { $this->CI =& get_instance(); - if ( ! in_array('calendar_lang'.EXT, $this->CI->lang->is_loaded, TRUE)) + if ( ! in_array('calendar_lang.php', $this->CI->lang->is_loaded, TRUE)) { $this->CI->lang->load('calendar'); } diff --git a/system/libraries/Driver.php b/system/libraries/Driver.php index b942f539f..d1925c0ec 100644 --- a/system/libraries/Driver.php +++ b/system/libraries/Driver.php @@ -59,7 +59,7 @@ class CI_Driver_Library { // loves me some nesting! foreach (array(ucfirst($driver_name), $driver_name) as $class) { - $filepath = $path.'libraries/'.$lib_name.'/drivers/'.$class.EXT; + $filepath = $path.'libraries/'.$lib_name.'/drivers/'.$class.'.php'; if (file_exists($filepath)) { diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index e5f65878a..b30a8cf0b 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -524,7 +524,7 @@ class CI_Encrypt { { if ( ! function_exists('mhash')) { - require_once(BASEPATH.'libraries/Sha1'.EXT); + require_once(BASEPATH.'libraries/Sha1.php'); $SH = new CI_SHA; return $SH->generate($str); } diff --git a/system/libraries/Log.php b/system/libraries/Log.php index fb2c5a49b..9f1db76ba 100644 --- a/system/libraries/Log.php +++ b/system/libraries/Log.php @@ -83,7 +83,7 @@ class CI_Log { return FALSE; } - $filepath = $this->_log_path.'log-'.date('Y-m-d').EXT; + $filepath = $this->_log_path.'log-'.date('Y-m-d').'.php'; $message = ''; if ( ! file_exists($filepath)) diff --git a/system/libraries/Upload.php b/system/libraries/Upload.php index e80049fa4..3177424c4 100644 --- a/system/libraries/Upload.php +++ b/system/libraries/Upload.php @@ -945,13 +945,13 @@ class CI_Upload { if (count($this->mimes) == 0) { - if (defined('ENVIRONMENT') AND is_file(APPPATH.'config/'.ENVIRONMENT.'/mimes'.EXT)) + if (defined('ENVIRONMENT') AND is_file(APPPATH.'config/'.ENVIRONMENT.'/mimes.php')) { - include(APPPATH.'config/'.ENVIRONMENT.'/mimes'.EXT); + include(APPPATH.'config/'.ENVIRONMENT.'/mimes.php'); } - elseif (is_file(APPPATH.'config/mimes'.EXT)) + elseif (is_file(APPPATH.'config/mimes.php')) { - include(APPPATH.'config//mimes'.EXT); + include(APPPATH.'config//mimes.php'); } else { diff --git a/system/libraries/User_agent.php b/system/libraries/User_agent.php index 04cda7312..016102a2a 100644 --- a/system/libraries/User_agent.php +++ b/system/libraries/User_agent.php @@ -84,13 +84,13 @@ class CI_User_agent { */ private function _load_agent_file() { - if (defined('ENVIRONMENT') AND is_file(APPPATH.'config/'.ENVIRONMENT.'/user_agents'.EXT)) + if (defined('ENVIRONMENT') AND is_file(APPPATH.'config/'.ENVIRONMENT.'/user_agents.php')) { - include(APPPATH.'config/'.ENVIRONMENT.'/user_agents'.EXT); + include(APPPATH.'config/'.ENVIRONMENT.'/user_agents.php'); } - elseif (is_file(APPPATH.'config/user_agents'.EXT)) + elseif (is_file(APPPATH.'config/user_agents.php')) { - include(APPPATH.'config/user_agents'.EXT); + include(APPPATH.'config/user_agents.php'); } else { -- cgit v1.2.3-24-g4f1b From 50671cf8d67c805692fec49eda33d21227a21ec2 Mon Sep 17 00:00:00 2001 From: Greg Aker Date: Wed, 20 Apr 2011 11:36:45 -0500 Subject: Altered Session to use a longer match against the user_agent string. See upgrade notes if using database sessions.sess_match_useragent == TRUE AND trim($session['user_agent']) != trim(substr($this->CI->input->user_agent(), 0, 50))) + if ($this->sess_match_useragent == TRUE AND trim($session['user_agent']) != trim(substr($this->CI->input->user_agent(), 0, 120))) { $this->sess_destroy(); return FALSE; @@ -316,7 +316,7 @@ class CI_Session { $this->userdata = array( 'session_id' => md5(uniqid($sessid, TRUE)), 'ip_address' => $this->CI->input->ip_address(), - 'user_agent' => substr($this->CI->input->user_agent(), 0, 50), + 'user_agent' => substr($this->CI->input->user_agent(), 0, 120), 'last_activity' => $this->now ); -- cgit v1.2.3-24-g4f1b From c0b133c02e057b6506726b794ba4582bf18ed663 Mon Sep 17 00:00:00 2001 From: kenjis Date: Fri, 22 Apr 2011 19:58:43 +0900 Subject: default value of $total_rows in Pagination class should be number. And fix User Guide Pagination Class's Example which uses string to number variable. --- system/libraries/Pagination.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries') diff --git a/system/libraries/Pagination.php b/system/libraries/Pagination.php index 1113f862f..cc62e660b 100644 --- a/system/libraries/Pagination.php +++ b/system/libraries/Pagination.php @@ -30,7 +30,7 @@ class CI_Pagination { var $prefix = ''; // A custom prefix added to the path. var $suffix = ''; // A custom suffix added to the path. - var $total_rows = ''; // Total number of items (database results) + var $total_rows = 0; // Total number of items (database results) var $per_page = 10; // Max number of items you want shown per page var $num_links = 2; // Number of "digit" links to show before/after the currently viewed page var $cur_page = 0; // The current page being viewed -- cgit v1.2.3-24-g4f1b From c24f49b54f47229aa89781c0cc06c3d9fa947937 Mon Sep 17 00:00:00 2001 From: Razican Date: Mon, 25 Apr 2011 13:43:57 +0200 Subject: Fixed #60. --- system/libraries/Profiler.php | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) (limited to 'system/libraries') diff --git a/system/libraries/Profiler.php b/system/libraries/Profiler.php index b73ddaf0d..082a5ee1d 100644 --- a/system/libraries/Profiler.php +++ b/system/libraries/Profiler.php @@ -44,13 +44,13 @@ class CI_Profiler { 'session_data', 'config' ); - + protected $_query_toggle_count = 25; - - protected $CI; + + protected $CI; // -------------------------------------------------------------------- - + public function __construct($config = array()) { $this->CI =& get_instance(); @@ -188,22 +188,22 @@ class CI_Profiler { $highlight = array('SELECT', 'DISTINCT', 'FROM', 'WHERE', 'AND', 'LEFT JOIN', 'ORDER BY', 'GROUP BY', 'LIMIT', 'INSERT', 'INTO', 'VALUES', 'UPDATE', 'OR ', 'HAVING', 'OFFSET', 'NOT IN', 'IN', 'LIKE', 'NOT LIKE', 'COUNT', 'MAX', 'MIN', 'ON', 'AS', 'AVG', 'SUM', '(', ')'); $output = "\n\n"; - + $count = 0; - + foreach ($dbs as $db) { $count++; - + $hide_queries = (count($db->queries) > $this->_query_toggle_count) ? ' display:none' : ''; - + $show_hide_js = '('.$this->CI->lang->line('profiler_section_hide').')'; - + if ($hide_queries != '') { $show_hide_js = '('.$this->CI->lang->line('profiler_section_show').')'; } - + $output .= '
'; $output .= "\n"; $output .= '  '.$this->CI->lang->line('profiler_database').':  '.$db->database.'   '.$this->CI->lang->line('profiler_queries').': '.count($db->queries).'  '.$show_hide_js.''; @@ -412,7 +412,7 @@ class CI_Profiler { } else { - $output .= "
".$this->CI->lang->line('profiler_no_memory_usage')."
"; + $output .= "
".$this->CI->lang->line('profiler_no_memory')."
"; } $output .= "
"; -- cgit v1.2.3-24-g4f1b From 114ab0988e20ac6be39ad363ff897a1a3b85e565 Mon Sep 17 00:00:00 2001 From: Razican Date: Mon, 25 Apr 2011 17:26:45 +0200 Subject: Fixed double-space typo. --- system/libraries/Cache/Cache.php | 30 ++-- system/libraries/Cache/drivers/Cache_apc.php | 24 +-- system/libraries/Cache/drivers/Cache_file.php | 40 ++--- system/libraries/Calendar.php | 18 +-- system/libraries/Cart.php | 22 +-- system/libraries/Driver.php | 2 +- system/libraries/Email.php | 46 +++--- system/libraries/Encrypt.php | 2 +- system/libraries/Form_validation.php | 32 ++-- system/libraries/Ftp.php | 8 +- system/libraries/Image_lib.php | 118 +++++++------- system/libraries/Javascript.php | 12 +- system/libraries/Log.php | 8 +- system/libraries/Pagination.php | 18 +-- system/libraries/Parser.php | 18 +-- system/libraries/Profiler.php | 26 +-- system/libraries/Session.php | 30 ++-- system/libraries/Sha1.php | 8 +- system/libraries/Table.php | 12 +- system/libraries/Trackback.php | 16 +- system/libraries/Typography.php | 36 ++--- system/libraries/Unit_test.php | 2 +- system/libraries/Upload.php | 28 ++-- system/libraries/User_agent.php | 2 +- system/libraries/Xmlrpc.php | 90 +++++------ system/libraries/Xmlrpcs.php | 44 +++--- system/libraries/Zip.php | 12 +- system/libraries/javascript/Jquery.php | 218 +++++++++++++------------- 28 files changed, 461 insertions(+), 461 deletions(-) (limited to 'system/libraries') diff --git a/system/libraries/Cache/Cache.php b/system/libraries/Cache/Cache.php index 61e7aa761..938c80857 100644 --- a/system/libraries/Cache/Cache.php +++ b/system/libraries/Cache/Cache.php @@ -10,22 +10,22 @@ * @license http://codeigniter.com/user_guide/license.html * @link http://codeigniter.com * @since Version 2.0 - * @filesource + * @filesource */ // ------------------------------------------------------------------------ /** - * CodeIgniter Caching Class + * CodeIgniter Caching Class * * @package CodeIgniter * @subpackage Libraries * @category Core * @author ExpressionEngine Dev Team - * @link + * @link */ class CI_Cache extends CI_Driver_Library { - + protected $valid_drivers = array( 'cache_apc', 'cache_file', 'cache_memcached', 'cache_dummy' ); @@ -33,7 +33,7 @@ class CI_Cache extends CI_Driver_Library { protected $_cache_path = NULL; // Path of cache files (if file-based cache) protected $_adapter = 'dummy'; protected $_backup_driver; - + // ------------------------------------------------------------------------ /** @@ -52,16 +52,16 @@ class CI_Cache extends CI_Driver_Library { // ------------------------------------------------------------------------ /** - * Get + * Get * - * Look for a value in the cache. If it exists, return the data + * Look for a value in the cache. If it exists, return the data * if not, return FALSE * - * @param string + * @param string * @return mixed value that is stored/FALSE on failure */ public function get($id) - { + { return $this->{$this->_adapter}->get($id); } @@ -112,7 +112,7 @@ class CI_Cache extends CI_Driver_Library { * Cache Info * * @param string user/filehits - * @return mixed array on success, false on failure + * @return mixed array on success, false on failure */ public function cache_info($type = 'user') { @@ -120,7 +120,7 @@ class CI_Cache extends CI_Driver_Library { } // ------------------------------------------------------------------------ - + /** * Get Cache Metadata * @@ -131,7 +131,7 @@ class CI_Cache extends CI_Driver_Library { { return $this->{$this->_adapter}->get_metadata($id); } - + // ------------------------------------------------------------------------ /** @@ -139,11 +139,11 @@ class CI_Cache extends CI_Driver_Library { * * Initialize class properties based on the configuration array. * - * @param array + * @param array * @return void */ private function _initialize($config) - { + { $default_config = array( 'adapter', 'memcached' @@ -207,7 +207,7 @@ class CI_Cache extends CI_Driver_Library { return $obj; } - + // ------------------------------------------------------------------------ } // End Class diff --git a/system/libraries/Cache/drivers/Cache_apc.php b/system/libraries/Cache/drivers/Cache_apc.php index de75719c4..ea129eded 100644 --- a/system/libraries/Cache/drivers/Cache_apc.php +++ b/system/libraries/Cache/drivers/Cache_apc.php @@ -10,30 +10,30 @@ * @license http://codeigniter.com/user_guide/license.html * @link http://codeigniter.com * @since Version 2.0 - * @filesource + * @filesource */ // ------------------------------------------------------------------------ /** - * CodeIgniter APC Caching Class + * CodeIgniter APC Caching Class * * @package CodeIgniter * @subpackage Libraries * @category Core * @author ExpressionEngine Dev Team - * @link + * @link */ class CI_Cache_apc extends CI_Driver { /** - * Get + * Get * - * Look for a value in the cache. If it exists, return the data + * Look for a value in the cache. If it exists, return the data * if not, return FALSE * - * @param string + * @param string * @return mixed value that is stored/FALSE on failure */ public function get($id) @@ -43,8 +43,8 @@ class CI_Cache_apc extends CI_Driver { return (is_array($data)) ? $data[0] : FALSE; } - // ------------------------------------------------------------------------ - + // ------------------------------------------------------------------------ + /** * Cache Save * @@ -58,7 +58,7 @@ class CI_Cache_apc extends CI_Driver { { return apc_store($id, array($data, time(), $ttl), $ttl); } - + // ------------------------------------------------------------------------ /** @@ -90,7 +90,7 @@ class CI_Cache_apc extends CI_Driver { * Cache Info * * @param string user/filehits - * @return mixed array on success, false on failure + * @return mixed array on success, false on failure */ public function cache_info($type = NULL) { @@ -137,13 +137,13 @@ class CI_Cache_apc extends CI_Driver { log_message('error', 'The APC PHP extension must be loaded to use APC Cache.'); return FALSE; } - + return TRUE; } // ------------------------------------------------------------------------ - + } // End Class diff --git a/system/libraries/Cache/drivers/Cache_file.php b/system/libraries/Cache/drivers/Cache_file.php index 13e2d1af6..39dcd15c2 100644 --- a/system/libraries/Cache/drivers/Cache_file.php +++ b/system/libraries/Cache/drivers/Cache_file.php @@ -10,19 +10,19 @@ * @license http://codeigniter.com/user_guide/license.html * @link http://codeigniter.com * @since Version 2.0 - * @filesource + * @filesource */ // ------------------------------------------------------------------------ /** - * CodeIgniter Memcached Caching Class + * CodeIgniter Memcached Caching Class * * @package CodeIgniter * @subpackage Libraries * @category Core * @author ExpressionEngine Dev Team - * @link + * @link */ class CI_Cache_file extends CI_Driver { @@ -36,9 +36,9 @@ class CI_Cache_file extends CI_Driver { { $CI =& get_instance(); $CI->load->helper('file'); - + $path = $CI->config->item('cache_path'); - + $this->_cache_path = ($path == '') ? APPPATH.'cache/' : $path; } @@ -56,16 +56,16 @@ class CI_Cache_file extends CI_Driver { { return FALSE; } - + $data = read_file($this->_cache_path.$id); $data = unserialize($data); - - if (time() > $data['time'] + $data['ttl']) + + if (time() > $data['time'] + $data['ttl']) { unlink($this->_cache_path.$id); return FALSE; } - + return $data['data']; } @@ -76,22 +76,22 @@ class CI_Cache_file extends CI_Driver { * * @param string unique key * @param mixed data to store - * @param int length of time (in seconds) the cache is valid + * @param int length of time (in seconds) the cache is valid * - Default is 60 seconds * @return boolean true on success/false on failure */ public function save($id, $data, $ttl = 60) - { + { $contents = array( 'time' => time(), - 'ttl' => $ttl, + 'ttl' => $ttl, 'data' => $data ); - + if (write_file($this->_cache_path.$id, serialize($contents))) { @chmod($this->_cache_path.$id, 0777); - return TRUE; + return TRUE; } return FALSE; @@ -116,7 +116,7 @@ class CI_Cache_file extends CI_Driver { * Clean the Cache * * @return boolean false on failure/true on success - */ + */ public function clean() { return delete_files($this->_cache_path); @@ -151,10 +151,10 @@ class CI_Cache_file extends CI_Driver { { return FALSE; } - - $data = read_file($this->_cache_path.$id); + + $data = read_file($this->_cache_path.$id); $data = unserialize($data); - + if (is_array($data)) { $data = $data['data']; @@ -170,7 +170,7 @@ class CI_Cache_file extends CI_Driver { 'mtime' => $mtime ); } - + return FALSE; } @@ -180,7 +180,7 @@ class CI_Cache_file extends CI_Driver { * Is supported * * In the file driver, check to see that the cache directory is indeed writable - * + * * @return boolean */ public function is_supported() diff --git a/system/libraries/Calendar.php b/system/libraries/Calendar.php index df0fd6eeb..7dcbaab47 100644 --- a/system/libraries/Calendar.php +++ b/system/libraries/Calendar.php @@ -1,4 +1,4 @@ -local_time); + $year = date("Y", $this->local_time); if ($month == '') $month = date("m", $this->local_time); @@ -128,7 +128,7 @@ class CI_Calendar { // Set the starting day number $local_date = mktime(12, 0, 0, $month, 1, $year); $date = getdate($local_date); - $day = $start_day + 1 - $date["wday"]; + $day = $start_day + 1 - $date["wday"]; while ($day > 1) { @@ -157,8 +157,8 @@ class CI_Calendar { // "previous" month link if ($this->show_next_prev == TRUE) { - // Add a trailing slash to the URL if needed - $this->next_prev_url = preg_replace("/(.+?)\/*$/", "\\1/", $this->next_prev_url); + // Add a trailing slash to the URL if needed + $this->next_prev_url = preg_replace("/(.+?)\/*$/", "\\1/", $this->next_prev_url); $adjusted_date = $this->adjust_date($month - 1, $year); $out .= str_replace('{previous_url}', $this->next_prev_url.$adjusted_date['year'].'/'.$adjusted_date['month'], $this->temp['heading_previous_cell']); @@ -233,7 +233,7 @@ class CI_Calendar { $out .= $this->temp['cal_cell_blank']; } - $out .= ($is_current_month == TRUE AND $day == $cur_day) ? $this->temp['cal_cell_end_today'] : $this->temp['cal_cell_end']; + $out .= ($is_current_month == TRUE AND $day == $cur_day) ? $this->temp['cal_cell_end_today'] : $this->temp['cal_cell_end']; $day++; } @@ -287,7 +287,7 @@ class CI_Calendar { * Get Day Names * * Returns an array of day names (Sunday, Monday, etc.) based - * on the type. Options: long, short, abrev + * on the type. Options: long, short, abrev * * @access public * @param string @@ -404,7 +404,7 @@ class CI_Calendar { */ function default_template() { - return array ( + return array ( 'table_open' => '
', 'heading_row_start' => '', 'heading_previous_cell' => '', @@ -451,7 +451,7 @@ class CI_Calendar { $today = array('cal_cell_start_today', 'cal_cell_content_today', 'cal_cell_no_content_today', 'cal_cell_end_today'); - foreach (array('table_open', 'table_close', 'heading_row_start', 'heading_previous_cell', 'heading_title_cell', 'heading_next_cell', 'heading_row_end', 'week_row_start', 'week_day_cell', 'week_row_end', 'cal_row_start', 'cal_cell_start', 'cal_cell_content', 'cal_cell_no_content', 'cal_cell_blank', 'cal_cell_end', 'cal_row_end', 'cal_cell_start_today', 'cal_cell_content_today', 'cal_cell_no_content_today', 'cal_cell_end_today') as $val) + foreach (array('table_open', 'table_close', 'heading_row_start', 'heading_previous_cell', 'heading_title_cell', 'heading_next_cell', 'heading_row_end', 'week_row_start', 'week_day_cell', 'week_row_end', 'cal_row_start', 'cal_cell_start', 'cal_cell_content', 'cal_cell_no_content', 'cal_cell_blank', 'cal_cell_end', 'cal_row_end', 'cal_cell_start_today', 'cal_cell_content_today', 'cal_cell_no_content_today', 'cal_cell_end_today') as $val) { if (preg_match("/\{".$val."\}(.*?)\{\/".$val."\}/si", $this->template, $match)) { diff --git a/system/libraries/Cart.php b/system/libraries/Cart.php index 7f65b48b9..fbccfb3d9 100644 --- a/system/libraries/Cart.php +++ b/system/libraries/Cart.php @@ -1,4 +1,4 @@ -CI =& get_instance(); - // Are any config settings being passed manually? If so, set them + // Are any config settings being passed manually? If so, set them $config = array(); if (count($params) > 0) { @@ -148,7 +148,7 @@ class CI_Cart { // -------------------------------------------------------------------- - // Does the $items array contain an id, quantity, price, and name? These are required + // Does the $items array contain an id, quantity, price, and name? These are required if ( ! isset($items['id']) OR ! isset($items['qty']) OR ! isset($items['price']) OR ! isset($items['name'])) { log_message('error', 'The cart array must contain a product ID, quantity, price, and name.'); @@ -157,7 +157,7 @@ class CI_Cart { // -------------------------------------------------------------------- - // Prep the quantity. It can only be a number. Duh... + // Prep the quantity. It can only be a number. Duh... $items['qty'] = trim(preg_replace('/([^0-9])/i', '', $items['qty'])); // Trim any leading zeros $items['qty'] = trim(preg_replace('/(^[0]+)/i', '', $items['qty'])); @@ -175,7 +175,7 @@ class CI_Cart { // Note: These can be user-specified by setting the $this->product_id_rules variable. if ( ! preg_match("/^[".$this->product_id_rules."]+$/i", $items['id'])) { - log_message('error', 'Invalid product ID. The product ID can only contain alpha-numeric characters, dashes, and underscores'); + log_message('error', 'Invalid product ID. The product ID can only contain alpha-numeric characters, dashes, and underscores'); return FALSE; } @@ -191,7 +191,7 @@ class CI_Cart { // -------------------------------------------------------------------- - // Prep the price. Remove anything that isn't a number or decimal point. + // Prep the price. Remove anything that isn't a number or decimal point. $items['price'] = trim(preg_replace('/([^0-9\.])/i', '', $items['price'])); // Trim any leading zeros $items['price'] = trim(preg_replace('/(^[0]+)/i', '', $items['price'])); @@ -210,7 +210,7 @@ class CI_Cart { // Each row in the cart array, however, must have a unique index that identifies not only // a particular product, but makes it possible to store identical products with different options. // For example, what if someone buys two identical t-shirts (same product ID), but in - // different sizes? The product ID (and other attributes, like the name) will be identical for + // different sizes? The product ID (and other attributes, like the name) will be identical for // both sizes because it's the same shirt. The only difference will be the size. // Internally, we need to treat identical submissions, but with different options, as a unique product. // Our solution is to convert the options array to a string and MD5 it along with the product ID. @@ -271,7 +271,7 @@ class CI_Cart { } // You can either update a single product using a one-dimensional array, - // or multiple products using a multi-dimensional one. The way we + // or multiple products using a multi-dimensional one. The way we // determine the array type is by looking for a required array key named "id". // If it's not found we assume it's a multi-dimensional array $save_cart = FALSE; @@ -344,7 +344,7 @@ class CI_Cart { return FALSE; } - // Is the quantity zero? If so we will remove the item from the cart. + // Is the quantity zero? If so we will remove the item from the cart. // If the quantity is greater than zero we are updating if ($items['qty'] == 0) { @@ -392,7 +392,7 @@ class CI_Cart { $this->_cart_contents['total_items'] = count($this->_cart_contents); $this->_cart_contents['cart_total'] = $total; - // Is our cart empty? If so we delete it from the session + // Is our cart empty? If so we delete it from the session if (count($this->_cart_contents) <= 2) { $this->CI->session->unset_userdata('cart_contents'); diff --git a/system/libraries/Driver.php b/system/libraries/Driver.php index d1925c0ec..b90b5aba6 100644 --- a/system/libraries/Driver.php +++ b/system/libraries/Driver.php @@ -1,4 +1,4 @@ -_attach_name[] = $filename; $this->_attach_type[] = $this->_mime_types(next(explode('.', basename($filename)))); - $this->_attach_disp[] = $disposition; // Can also be 'inline' Not sure if it matters + $this->_attach_disp[] = $disposition; // Can also be 'inline' Not sure if it matters return $this; } @@ -600,7 +600,7 @@ class CI_Email { $from = str_replace(">", "", $from); $from = str_replace("<", "", $from); - return "<".uniqid('').strstr($from, '@').">"; + return "<".uniqid('').strstr($from, '@').">"; } // -------------------------------------------------------------------- @@ -660,15 +660,15 @@ class CI_Email { */ private function _get_content_type() { - if ($this->mailtype == 'html' && count($this->_attach_name) == 0) + if ($this->mailtype == 'html' && count($this->_attach_name) == 0) { return 'html'; } - elseif ($this->mailtype == 'html' && count($this->_attach_name) > 0) + elseif ($this->mailtype == 'html' && count($this->_attach_name) > 0) { return 'html-attach'; } - elseif ($this->mailtype == 'text' && count($this->_attach_name) > 0) + elseif ($this->mailtype == 'text' && count($this->_attach_name) > 0) { return 'plain-attach'; } @@ -881,7 +881,7 @@ class CI_Email { // Use PHP's native public function to do the initial wordwrap. // We set the cut flag to FALSE so that any individual words that are - // too long get left alone. In the next step we'll deal with them. + // too long get left alone. In the next step we'll deal with them. $str = wordwrap($str, $charlim, "\n", FALSE); // Split the string into individual lines of text and cycle through them @@ -999,7 +999,7 @@ class CI_Email { */ private function _build_message() { - if ($this->wordwrap === TRUE AND $this->mailtype != 'html') + if ($this->wordwrap === TRUE AND $this->mailtype != 'html') { $this->_body = $this->word_wrap($this->_body); } @@ -1135,7 +1135,7 @@ class CI_Email { return FALSE; } - $h = "--".$this->_atc_boundary.$this->newline; + $h = "--".$this->_atc_boundary.$this->newline; $h .= "Content-type: ".$ctype."; "; $h .= "name=\"".$basename."\"".$this->newline; $h .= "Content-Disposition: ".$this->_attach_disp[$i].";".$this->newline; @@ -1237,7 +1237,7 @@ class CI_Email { // encode = signs if ($ascii == '61') { - $char = $escape.strtoupper(sprintf('%02s', dechex($ascii))); // =3D + $char = $escape.strtoupper(sprintf('%02s', dechex($ascii))); // =3D } // If we're at the character limit, add the line to the output, @@ -1267,7 +1267,7 @@ class CI_Email { /** * Prep Q Encoding * - * Performs "Q Encoding" on a string for use in email headers. It's related + * Performs "Q Encoding" on a string for use in email headers. It's related * but not identical to quoted-printable, so it has its own method * * @access public @@ -1349,7 +1349,7 @@ class CI_Email { $this->reply_to($this->_headers['From']); } - if (( ! isset($this->_recipients) AND ! isset($this->_headers['To'])) AND + if (( ! isset($this->_recipients) AND ! isset($this->_headers['To'])) AND ( ! isset($this->_bcc_array) AND ! isset($this->_headers['Bcc'])) AND ( ! isset($this->_headers['Cc']))) { @@ -1359,7 +1359,7 @@ class CI_Email { $this->_build_headers(); - if ($this->bcc_batch_mode AND count($this->_bcc_array) > 0) + if ($this->bcc_batch_mode AND count($this->_bcc_array) > 0) { if (count($this->_bcc_array) > $this->bcc_batch_size) return $this->batch_bcc_send(); @@ -1380,7 +1380,7 @@ class CI_Email { // -------------------------------------------------------------------- /** - * Batch Bcc Send. Sends groups of BCCs in batches + * Batch Bcc Send. Sends groups of BCCs in batches * * @access public * @return bool @@ -1752,7 +1752,7 @@ class CI_Email { // -------------------------------------------------------------------- /** - * SMTP Authenticate + * SMTP Authenticate * * @access private * @return bool @@ -1764,7 +1764,7 @@ class CI_Email { return TRUE; } - if ($this->smtp_user == "" AND $this->smtp_pass == "") + if ($this->smtp_user == "" AND $this->smtp_pass == "") { $this->_set_error_message('lang:email_no_smtp_unpw'); return FALSE; diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index b30a8cf0b..2f7db6623 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -1,4 +1,4 @@ -_field_data) == 0) { - // No validation rules? We're done... + // No validation rules? We're done... if (count($this->_config_rules) == 0) { return FALSE; @@ -648,7 +648,7 @@ class CI_Form_validation { } } - // Did the rule test negatively? If so, grab the error. + // Did the rule test negatively? If so, grab the error. if ($result === FALSE) { if ( ! isset($this->_error_messages[$rule])) @@ -664,7 +664,7 @@ class CI_Form_validation { } // Is the parameter we are inserting into the error message the name - // of another field? If so we need to grab its "field label" + // of another field? If so we need to grab its "field label" if (isset($this->_field_data[$param]) AND isset($this->_field_data[$param]['label'])) { $param = $this->_translate_fieldname($this->_field_data[$param]['label']); @@ -704,7 +704,7 @@ class CI_Form_validation { // Grab the variable $line = substr($fieldname, 5); - // Were we able to translate the field name? If not we use $line + // Were we able to translate the field name? If not we use $line if (FALSE === ($fieldname = $this->CI->lang->line($line))) { return $line; @@ -735,7 +735,7 @@ class CI_Form_validation { } // If the data is an array output them one at a time. - // E.g: form_input('name[]', set_value('name[]'); + // E.g: form_input('name[]', set_value('name[]'); if (is_array($this->_field_data[$field]['postdata'])) { return array_shift($this->_field_data[$field]['postdata']); @@ -914,7 +914,7 @@ class CI_Form_validation { return FALSE; } - return TRUE; + return TRUE; } // -------------------------------------------------------------------- @@ -1207,7 +1207,7 @@ class CI_Form_validation { // -------------------------------------------------------------------- /** - * Is a Natural number (0,1,2,3, etc.) + * Is a Natural number (0,1,2,3, etc.) * * @access public * @param string @@ -1221,7 +1221,7 @@ class CI_Form_validation { // -------------------------------------------------------------------- /** - * Is a Natural number, but not a zero (1,2,3, etc.) + * Is a Natural number, but not a zero (1,2,3, etc.) * * @access public * @param string @@ -1354,7 +1354,7 @@ class CI_Form_validation { */ function encode_php_tags($str) { - return str_replace(array(''), array('<?php', '<?PHP', '<?', '?>'), $str); + return str_replace(array(''), array('<?php', '<?PHP', '<?', '?>'), $str); } } diff --git a/system/libraries/Ftp.php b/system/libraries/Ftp.php index d7a8b3b02..859cc9c30 100644 --- a/system/libraries/Ftp.php +++ b/system/libraries/Ftp.php @@ -1,4 +1,4 @@ -list_files($filepath); @@ -513,7 +513,7 @@ class CI_FTP { * Read a directory and recreate it remotely * * This function recursively reads a folder and everything it contains (including - * sub-folders) and creates a mirror via FTP based on it. Whatever the directory structure + * sub-folders) and creates a mirror via FTP based on it. Whatever the directory structure * of the original file path will be recreated on the server. * * @access public diff --git a/system/libraries/Image_lib.php b/system/libraries/Image_lib.php index 8902f524d..099a238dd 100644 --- a/system/libraries/Image_lib.php +++ b/system/libraries/Image_lib.php @@ -1,4 +1,4 @@ -source_image == '') { $this->set_error('imglib_source_image_required'); - return FALSE; + return FALSE; } /* * Is getimagesize() Available? * * We use it to determine the image properties (width/height). - * Note: We need to figure out how to determine image + * Note: We need to figure out how to determine image * properties using ImageMagick and NetPBM * */ @@ -189,7 +189,7 @@ class CI_Image_lib { // Set the Image Properties if ( ! $this->get_image_properties($this->source_folder.$this->source_image)) { - return FALSE; + return FALSE; } /* @@ -197,7 +197,7 @@ class CI_Image_lib { * * If the user has set a "new_image" name it means * we are making a copy of the source image. If not - * it means we are altering the original. We'll + * it means we are altering the original. We'll * set the destination filename and path accordingly. * */ @@ -267,7 +267,7 @@ class CI_Image_lib { * * When creating thumbs or copies, the target width/height * might not be in correct proportion with the source - * image's width/height. We'll recalculate it here. + * image's width/height. We'll recalculate it here. * */ if ($this->maintain_ratio === TRUE && ($this->width != '' AND $this->height != '')) @@ -399,7 +399,7 @@ class CI_Image_lib { if ($this->rotation_angle == '' OR ! in_array($this->rotation_angle, $degs)) { $this->set_error('imglib_rotation_angle_required'); - return FALSE; + return FALSE; } // Reassign the width and height @@ -469,8 +469,8 @@ class CI_Image_lib { // Let's set up our values based on the action if ($action == 'crop') { - // Reassign the source width/height if cropping - $this->orig_width = $this->width; + // Reassign the source width/height if cropping + $this->orig_width = $this->width; $this->orig_height = $this->height; // GD 2.0 has a cropping bug so we'll test for it @@ -487,19 +487,19 @@ class CI_Image_lib { $this->y_axis = 0; } - // Create the image handle + // Create the image handle if ( ! ($src_img = $this->image_create_gd())) { return FALSE; } - // Create The Image + // Create The Image // - // old conditional which users report cause problems with shared GD libs who report themselves as "2.0 or greater" - // it appears that this is no longer the issue that it was in 2004, so we've removed it, retaining it in the comment - // below should that ever prove inaccurate. + // old conditional which users report cause problems with shared GD libs who report themselves as "2.0 or greater" + // it appears that this is no longer the issue that it was in 2004, so we've removed it, retaining it in the comment + // below should that ever prove inaccurate. // - // if ($this->image_library == 'gd2' AND function_exists('imagecreatetruecolor') AND $v2_override == FALSE) + // if ($this->image_library == 'gd2' AND function_exists('imagecreatetruecolor') AND $v2_override == FALSE) if ($this->image_library == 'gd2' AND function_exists('imagecreatetruecolor')) { $create = 'imagecreatetruecolor'; @@ -521,7 +521,7 @@ class CI_Image_lib { $copy($dst_img, $src_img, 0, 0, $this->x_axis, $this->y_axis, $this->width, $this->height, $this->orig_width, $this->orig_height); - // Show the image + // Show the image if ($this->dynamic_output == TRUE) { $this->image_display_gd($dst_img); @@ -535,7 +535,7 @@ class CI_Image_lib { } } - // Kill the file handles + // Kill the file handles imagedestroy($dst_img); imagedestroy($src_img); @@ -558,7 +558,7 @@ class CI_Image_lib { */ function image_process_imagemagick($action = 'resize') { - // Do we have a vaild library path? + // Do we have a vaild library path? if ($this->library_path == '') { $this->set_error('imglib_libpath_invalid'); @@ -593,7 +593,7 @@ class CI_Image_lib { $cmd .= " ".$angle." \"$this->full_src_path\" \"$this->full_dst_path\" 2>&1"; } - else // Resize + else // Resize { $cmd .= " -resize ".$this->width."x".$this->height." \"$this->full_src_path\" \"$this->full_dst_path\" 2>&1"; } @@ -634,7 +634,7 @@ class CI_Image_lib { return FALSE; } - // Build the resizing command + // Build the resizing command switch ($this->image_type) { case 1 : @@ -684,7 +684,7 @@ class CI_Image_lib { @exec($cmd, $output, $retval); - // Did it work? + // Did it work? if ($retval > 0) { $this->set_error('imglib_image_process_failed'); @@ -711,7 +711,7 @@ class CI_Image_lib { */ function image_rotate_gd() { - // Create the image handle + // Create the image handle if ( ! ($src_img = $this->image_create_gd())) { return FALSE; @@ -724,10 +724,10 @@ class CI_Image_lib { $white = imagecolorallocate($src_img, 255, 255, 255); - // Rotate it! + // Rotate it! $dst_img = imagerotate($src_img, $this->rotation_angle, $white); - // Save the Image + // Save the Image if ($this->dynamic_output == TRUE) { $this->image_display_gd($dst_img); @@ -741,7 +741,7 @@ class CI_Image_lib { } } - // Kill the file handles + // Kill the file handles imagedestroy($dst_img); imagedestroy($src_img); @@ -769,14 +769,14 @@ class CI_Image_lib { return FALSE; } - $width = $this->orig_width; + $width = $this->orig_width; $height = $this->orig_height; if ($this->rotation_angle == 'hor') { for ($i = 0; $i < $height; $i++) { - $left = 0; + $left = 0; $right = $width-1; while ($left < $right) @@ -813,7 +813,7 @@ class CI_Image_lib { } } - // Show the image + // Show the image if ($this->dynamic_output == TRUE) { $this->image_display_gd($src_img); @@ -827,7 +827,7 @@ class CI_Image_lib { } } - // Kill the file handles + // Kill the file handles imagedestroy($src_img); // Set the file to 777 @@ -876,24 +876,24 @@ class CI_Image_lib { return FALSE; } - // Fetch source image properties + // Fetch source image properties $this->get_image_properties(); - // Fetch watermark image properties + // Fetch watermark image properties $props = $this->get_image_properties($this->wm_overlay_path, TRUE); $wm_img_type = $props['image_type']; $wm_width = $props['width']; $wm_height = $props['height']; - // Create two image resources - $wm_img = $this->image_create_gd($this->wm_overlay_path, $wm_img_type); + // Create two image resources + $wm_img = $this->image_create_gd($this->wm_overlay_path, $wm_img_type); $src_img = $this->image_create_gd($this->full_src_path); // Reverse the offset if necessary // When the image is positioned at the bottom // we don't want the vertical offset to push it - // further down. We want the reverse, so we'll - // invert the offset. Same with the horizontal + // further down. We want the reverse, so we'll + // invert the offset. Same with the horizontal // offset when the image is at the right $this->wm_vrt_alignment = strtoupper(substr($this->wm_vrt_alignment, 0, 1)); @@ -905,11 +905,11 @@ class CI_Image_lib { if ($this->wm_hor_alignment == 'R') $this->wm_hor_offset = $this->wm_hor_offset * -1; - // Set the base x and y axis values + // Set the base x and y axis values $x_axis = $this->wm_hor_offset + $this->wm_padding; $y_axis = $this->wm_vrt_offset + $this->wm_padding; - // Set the vertical position + // Set the vertical position switch ($this->wm_vrt_alignment) { case 'T': @@ -920,7 +920,7 @@ class CI_Image_lib { break; } - // Set the horizontal position + // Set the horizontal position switch ($this->wm_hor_alignment) { case 'L': @@ -931,7 +931,7 @@ class CI_Image_lib { break; } - // Build the finalized image + // Build the finalized image if ($wm_img_type == 3 AND function_exists('imagealphablending')) { @imagealphablending($src_img, TRUE); @@ -954,7 +954,7 @@ class CI_Image_lib { imagecopymerge($src_img, $wm_img, $x_axis, $y_axis, 0, 0, $wm_width, $wm_height, $this->wm_opacity); } - // Output the image + // Output the image if ($this->dynamic_output == TRUE) { $this->image_display_gd($src_img); @@ -994,7 +994,7 @@ class CI_Image_lib { return FALSE; } - // Fetch source image properties + // Fetch source image properties $this->get_image_properties(); // Set RGB values for text and shadow @@ -1015,8 +1015,8 @@ class CI_Image_lib { // Reverse the vertical offset // When the image is positioned at the bottom // we don't want the vertical offset to push it - // further down. We want the reverse, so we'll - // invert the offset. Note: The horizontal + // further down. We want the reverse, so we'll + // invert the offset. Note: The horizontal // offset flips itself automatically if ($this->wm_vrt_alignment == 'B') @@ -1033,13 +1033,13 @@ class CI_Image_lib { if ($this->wm_font_size == '') $this->wm_font_size = '17'; - $fontwidth = $this->wm_font_size-($this->wm_font_size/4); + $fontwidth = $this->wm_font_size-($this->wm_font_size/4); $fontheight = $this->wm_font_size; $this->wm_vrt_offset += $this->wm_font_size; } else { - $fontwidth = imagefontwidth($this->wm_font_size); + $fontwidth = imagefontwidth($this->wm_font_size); $fontheight = imagefontheight($this->wm_font_size); } @@ -1080,11 +1080,11 @@ class CI_Image_lib { case "C": if ($this->wm_use_drop_shadow) $x_shad += floor(($this->orig_width - $fontwidth*strlen($this->wm_text))/2); - $x_axis += floor(($this->orig_width -$fontwidth*strlen($this->wm_text))/2); + $x_axis += floor(($this->orig_width -$fontwidth*strlen($this->wm_text))/2); break; } - // Add the text to the source image + // Add the text to the source image if ($this->wm_use_truetype) { if ($this->wm_use_drop_shadow) @@ -1098,7 +1098,7 @@ class CI_Image_lib { imagestring($src_img, $this->wm_font_size, $x_axis, $y_axis, $this->wm_text, $txt_color); } - // Output the final image + // Output the final image if ($this->dynamic_output == TRUE) { $this->image_display_gd($src_img); @@ -1366,7 +1366,7 @@ class CI_Image_lib { * Size calculator * * This function takes a known width x height and - * recalculates it to a new size. Only one + * recalculates it to a new size. Only one * new variable needs to be known * * $props = array( @@ -1374,7 +1374,7 @@ class CI_Image_lib { * 'height' => $height, * 'new_width' => 40, * 'new_height' => '' - * ); + * ); * * @access public * @param array @@ -1418,10 +1418,10 @@ class CI_Image_lib { * Explode source_image * * This is a helper function that extracts the extension - * from the source_image. This function lets us deal with - * source_images with multiple periods, like: my.cool.jpg + * from the source_image. This function lets us deal with + * source_images with multiple periods, like: my.cool.jpg * It returns an associative array with two elements: - * $array['ext'] = '.jpg'; + * $array['ext'] = '.jpg'; * $array['name'] = 'my.cool'; * * @access public diff --git a/system/libraries/Javascript.php b/system/libraries/Javascript.php index 34e0d7001..9e42a4385 100644 --- a/system/libraries/Javascript.php +++ b/system/libraries/Javascript.php @@ -1,4 +1,4 @@ -js =& $this->CI->$js_library_driver; - log_message('debug', "Javascript Class Initialized and loaded. Driver used: $js_library_driver"); + log_message('debug', "Javascript Class Initialized and loaded. Driver used: $js_library_driver"); } - // -------------------------------------------------------------------- + // -------------------------------------------------------------------- // Event Code // -------------------------------------------------------------------- @@ -378,7 +378,7 @@ class CI_Javascript { return $this->js->_unload($element, $js); } - // -------------------------------------------------------------------- + // -------------------------------------------------------------------- // Effects // -------------------------------------------------------------------- @@ -685,7 +685,7 @@ class CI_Javascript { return $str; } - + // -------------------------------------------------------------------- /** @@ -855,7 +855,7 @@ class CI_Javascript { } elseif (is_string($result) OR $is_key) { - return '"'.str_replace(array('\\', "\t", "\n", "\r", '"', '/'), array('\\\\', '\\t', '\\n', "\\r", '\"', '\/'), $result).'"'; + return '"'.str_replace(array('\\', "\t", "\n", "\r", '"', '/'), array('\\\\', '\\t', '\\n', "\\r", '\"', '\/'), $result).'"'; } elseif (is_scalar($result)) { diff --git a/system/libraries/Log.php b/system/libraries/Log.php index 9f1db76ba..2505fc678 100644 --- a/system/libraries/Log.php +++ b/system/libraries/Log.php @@ -1,4 +1,4 @@ - '1', 'DEBUG' => '2', 'INFO' => '3', 'ALL' => '4'); + protected $_levels = array('ERROR' => '1', 'DEBUG' => '2', 'INFO' => '3', 'ALL' => '4'); /** * Constructor @@ -84,11 +84,11 @@ class CI_Log { } $filepath = $this->_log_path.'log-'.date('Y-m-d').'.php'; - $message = ''; + $message = ''; if ( ! file_exists($filepath)) { - $message .= "<"."?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); ?".">\n\n"; + $message .= "<"."?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); ?".">\n\n"; } if ( ! $fp = @fopen($filepath, FOPEN_WRITE_CREATE)) diff --git a/system/libraries/Pagination.php b/system/libraries/Pagination.php index cc62e660b..d9c22d501 100644 --- a/system/libraries/Pagination.php +++ b/system/libraries/Pagination.php @@ -1,4 +1,4 @@ -cur_page - $this->num_links) > 0) ? $this->cur_page - ($this->num_links - 1) : 1; - $end = (($this->cur_page + $this->num_links) < $num_pages) ? $this->cur_page + $this->num_links : $num_pages; + $end = (($this->cur_page + $this->num_links) < $num_pages) ? $this->cur_page + $this->num_links : $num_pages; - // Is pagination being used over GET or POST? If get, add a per_page query + // Is pagination being used over GET or POST? If get, add a per_page query // string. If post, add a trailing slash to the base URL if needed if ($CI->config->item('enable_query_strings') === TRUE OR $this->page_query_string === TRUE) { @@ -194,14 +194,14 @@ class CI_Pagination { $output = ''; // Render the "First" link - if ($this->first_link !== FALSE AND $this->cur_page > ($this->num_links + 1)) + if ($this->first_link !== FALSE AND $this->cur_page > ($this->num_links + 1)) { $first_url = ($this->first_url == '') ? $this->base_url : $this->first_url; $output .= $this->first_tag_open.'anchor_class.'href="'.$first_url.'">'.$this->first_link.''.$this->first_tag_close; } // Render the "previous" link - if ($this->prev_link !== FALSE AND $this->cur_page != 1) + if ($this->prev_link !== FALSE AND $this->cur_page != 1) { $i = $uri_page_number - $this->per_page; @@ -263,7 +263,7 @@ class CI_Pagination { $output .= $this->last_tag_open.'anchor_class.'href="'.$this->base_url.$this->prefix.$i.$this->suffix.'">'.$this->last_link.''.$this->last_tag_close; } - // Kill double slashes. Note: Sometimes we can end up with a double slash + // Kill double slashes. Note: Sometimes we can end up with a double slash // in the penultimate link so we'll kill all double slashes. $output = preg_replace("#([^:])//+#", "\\1/", $output); diff --git a/system/libraries/Parser.php b/system/libraries/Parser.php index d223da020..f48f2a7e5 100644 --- a/system/libraries/Parser.php +++ b/system/libraries/Parser.php @@ -1,4 +1,4 @@ -'; $output .= "\n"; $output .= '  '.$this->CI->lang->line('profiler_benchmarks').'  '; @@ -168,7 +168,7 @@ class CI_Profiler { if (count($dbs) == 0) { - $output = "\n\n"; + $output = "\n\n"; $output .= '
'; $output .= "\n"; $output .= '  '.$this->CI->lang->line('profiler_queries').'  '; @@ -187,7 +187,7 @@ class CI_Profiler { // Key words we want bolded $highlight = array('SELECT', 'DISTINCT', 'FROM', 'WHERE', 'AND', 'LEFT JOIN', 'ORDER BY', 'GROUP BY', 'LIMIT', 'INSERT', 'INTO', 'VALUES', 'UPDATE', 'OR ', 'HAVING', 'OFFSET', 'NOT IN', 'IN', 'LIKE', 'NOT LIKE', 'COUNT', 'MAX', 'MIN', 'ON', 'AS', 'AVG', 'SUM', '(', ')'); - $output = "\n\n"; + $output = "\n\n"; $count = 0; @@ -249,7 +249,7 @@ class CI_Profiler { */ protected function _compile_get() { - $output = "\n\n"; + $output = "\n\n"; $output .= '
'; $output .= "\n"; $output .= '  '.$this->CI->lang->line('profiler_get_data').'  '; @@ -298,7 +298,7 @@ class CI_Profiler { */ protected function _compile_post() { - $output = "\n\n"; + $output = "\n\n"; $output .= '
'; $output .= "\n"; $output .= '  '.$this->CI->lang->line('profiler_post_data').'  '; @@ -347,7 +347,7 @@ class CI_Profiler { */ protected function _compile_uri_string() { - $output = "\n\n"; + $output = "\n\n"; $output .= '
'; $output .= "\n"; $output .= '  '.$this->CI->lang->line('profiler_uri_string').'  '; @@ -376,7 +376,7 @@ class CI_Profiler { */ protected function _compile_controller_info() { - $output = "\n\n"; + $output = "\n\n"; $output .= '
'; $output .= "\n"; $output .= '  '.$this->CI->lang->line('profiler_controller_info').'  '; @@ -400,7 +400,7 @@ class CI_Profiler { */ protected function _compile_memory_usage() { - $output = "\n\n"; + $output = "\n\n"; $output .= '
'; $output .= "\n"; $output .= '  '.$this->CI->lang->line('profiler_memory_usage').'  '; @@ -431,7 +431,7 @@ class CI_Profiler { */ protected function _compile_http_headers() { - $output = "\n\n"; + $output = "\n\n"; $output .= '
'; $output .= "\n"; $output .= '  '.$this->CI->lang->line('profiler_headers').'  ('.$this->CI->lang->line('profiler_section_show').')'; @@ -462,7 +462,7 @@ class CI_Profiler { */ protected function _compile_config() { - $output = "\n\n"; + $output = "\n\n"; $output .= '
'; $output .= "\n"; $output .= '  '.$this->CI->lang->line('profiler_config').'  ('.$this->CI->lang->line('profiler_section_show').')'; diff --git a/system/libraries/Session.php b/system/libraries/Session.php index 2c8a80163..76525dbb8 100644 --- a/system/libraries/Session.php +++ b/system/libraries/Session.php @@ -1,4 +1,4 @@ -CI->load->library('encrypt'); } - // Are we using a database? If so, load it + // Are we using a database? If so, load it if ($this->sess_use_database === TRUE AND $this->sess_table_name != '') { $this->CI->load->database(); } - // Set the "now" time. Can either be GMT or server time, based on the - // config prefs. We use this to set the "last activity" time + // Set the "now" time. Can either be GMT or server time, based on the + // config prefs. We use this to set the "last activity" time $this->now = $this->_get_time(); // Set the session length. If the session expiration is @@ -97,12 +97,12 @@ class CI_Session { { $this->sess_expiration = (60*60*24*365*2); } - + // Set the cookie name $this->sess_cookie_name = $this->cookie_prefix.$this->sess_cookie_name; // Run the Session routine. If a session doesn't exist we'll - // create a new one. If it does, we'll update it. + // create a new one. If it does, we'll update it. if ( ! $this->sess_read()) { $this->sess_create(); @@ -137,7 +137,7 @@ class CI_Session { // Fetch the cookie $session = $this->CI->input->cookie($this->sess_cookie_name); - // No cookie? Goodbye cruel world!... + // No cookie? Goodbye cruel world!... if ($session === FALSE) { log_message('debug', 'A session cookie was not found.'); @@ -155,8 +155,8 @@ class CI_Session { $hash = substr($session, strlen($session)-32); // get last 32 chars $session = substr($session, 0, strlen($session)-32); - // Does the md5 hash match? This is to prevent manipulation of session data in userspace - if ($hash !== md5($session.$this->encryption_key)) + // Does the md5 hash match? This is to prevent manipulation of session data in userspace + if ($hash !== md5($session.$this->encryption_key)) { log_message('error', 'The session cookie data did not match what was expected. This could be a possible hacking attempt.'); $this->sess_destroy(); @@ -212,14 +212,14 @@ class CI_Session { $query = $this->CI->db->get($this->sess_table_name); - // No result? Kill it! + // No result? Kill it! if ($query->num_rows() == 0) { $this->sess_destroy(); return FALSE; } - // Is there custom data? If so, add it to the main session array + // Is there custom data? If so, add it to the main session array $row = $query->row(); if (isset($row->user_data) AND $row->user_data != '') { @@ -252,7 +252,7 @@ class CI_Session { */ function sess_write() { - // Are we saving custom data to the DB? If not, all we do is update the cookie + // Are we saving custom data to the DB? If not, all we do is update the cookie if ($this->sess_use_database === FALSE) { $this->_set_cookie(); @@ -272,7 +272,7 @@ class CI_Session { $cookie_userdata[$val] = $this->userdata[$val]; } - // Did we find any custom data? If not, we turn the empty array into a string + // Did we find any custom data? If not, we turn the empty array into a string // since there's no reason to serialize and store an empty array in the DB if (count($custom_userdata) === 0) { @@ -288,7 +288,7 @@ class CI_Session { $this->CI->db->where('session_id', $this->userdata['session_id']); $this->CI->db->update($this->sess_table_name, array('last_activity' => $this->userdata['last_activity'], 'user_data' => $custom_userdata)); - // Write the cookie. Notice that we manually pass the cookie data array to the + // Write the cookie. Notice that we manually pass the cookie data array to the // _set_cookie() function. Normally that function will store $this->userdata, but // in this case that array contains custom data, which we do not want in the cookie. $this->_set_cookie($cookie_userdata); @@ -535,7 +535,7 @@ class CI_Session { */ function keep_flashdata($key) { - // 'old' flashdata gets removed. Here we mark all + // 'old' flashdata gets removed. Here we mark all // flashdata as 'new' to preserve it from _flashdata_sweep() // Note the function will return FALSE if the $key // provided cannot be found diff --git a/system/libraries/Sha1.php b/system/libraries/Sha1.php index 1a657572b..04e07d1c1 100644 --- a/system/libraries/Sha1.php +++ b/system/libraries/Sha1.php @@ -1,4 +1,4 @@ -heading) == 0 AND count($this->rows) == 0) { return 'Undefined table data'; @@ -376,7 +376,7 @@ class CI_Table { // -------------------------------------------------------------------- /** - * Clears the table arrays. Useful if multiple tables are being generated + * Clears the table arrays. Useful if multiple tables are being generated * * @access public * @return void @@ -495,7 +495,7 @@ class CI_Table { */ function _default_template() { - return array ( + return array ( 'table_open' => '
<<
', 'thead_open' => '', diff --git a/system/libraries/Trackback.php b/system/libraries/Trackback.php index b0a767822..b0f8a9098 100644 --- a/system/libraries/Trackback.php +++ b/system/libraries/Trackback.php @@ -1,4 +1,4 @@ -","\"", "'", "-"), array("&", "<", ">", """, "'", "-"), diff --git a/system/libraries/Typography.php b/system/libraries/Typography.php index 734cec104..3ceb0b52b 100644 --- a/system/libraries/Typography.php +++ b/system/libraries/Typography.php @@ -1,4 +1,4 @@ - tags if they exist. It's cheaper to do this separately since most content will + // match and yank 
 tags if they exist. It's cheaper to do this separately since most content will
 		// not contain 
 tags, and it keeps the PCRE patterns below simpler and faster
 		if (strpos($str, 'inline_elements.")([ >])#i", "{@TAG}\\1\\2\\3", $str);
 
-		// Split the string at every tag.  This expression creates an array with this prototype:
+		// Split the string at every tag. This expression creates an array with this prototype:
 		//
 		//	[array]
 		//	{
@@ -126,7 +126,7 @@ class CI_Typography {
 		//	}
 		$chunks = preg_split('/(<(?:[^<>]+(?:"[^"]*"|\'[^\']*\')?)+>)/', $str, -1, PREG_SPLIT_DELIM_CAPTURE|PREG_SPLIT_NO_EMPTY);
 
-		// Build our finalized string.  We cycle through the array, skipping tags, and processing the contained text
+		// Build our finalized string. We cycle through the array, skipping tags, and processing the contained text
 		$str = '';
 		$process = TRUE;
 		$paragraph = FALSE;
@@ -143,7 +143,7 @@ class CI_Typography {
 			{
 				if (preg_match("#".$this->skip_elements."#", $match[2]))
 				{
-					$process =  ($match[1] == '/') ? TRUE : FALSE;
+					$process = ($match[1] == '/') ? TRUE : FALSE;
 				}
 
 				if ($match[1] == '')
@@ -161,17 +161,17 @@ class CI_Typography {
 				continue;
 			}
 
-			//  Force a newline to make sure end tags get processed by _format_newlines()
+			// Force a newline to make sure end tags get processed by _format_newlines()
 			if ($current_chunk == $total_chunks)
 			{
 				$chunk .= "\n";
 			}
 
-			//  Convert Newlines into 
 and 
 tags
+			// Convert Newlines into 
 and 
 tags
 			$str .= $this->_format_newlines($chunk);
 		}
 
-		// No opening block level tag?  Add it if needed.
+		// No opening block level tag? Add it if needed.
 		if ( ! preg_match("/^\s*<(?:".$this->block_elements.")/i", $str))
 		{
 			$str = preg_replace("/^(.*?)<(".$this->block_elements.")/i", '
$1
<$2', $str);
@@ -204,14 +204,14 @@ class CI_Typography {
 						'#
<('.$this->block_elements.')#'	=> '<$1',
 
 						// Clean up stray non-breaking spaces preceeding block elements
-						'#( \s*)+<('.$this->block_elements.')#'	=> '  <$2',
+						'#( \s*)+<('.$this->block_elements.')#'	=> ' <$2',
 
 						// Replace the temporary markers we added earlier
 						'/\{@TAG\}/'		=> '<',
 						'/\{@DQ\}/'			=> '"',
 						'/\{@SQ\}/'			=> "'",
 						'/\{@DD\}/'			=> '--',
-						'/\{@NBS\}/'		=> '  ',
+						'/\{@NBS\}/'		=> ' ',
 
 						// An unintended consequence of the _format_newlines function is that
 						// some of the newlines get truncated, resulting in 
 tags
@@ -296,7 +296,7 @@ class CI_Typography {
 							'/(\w)\.{3}/'					=> '$1…',
 
 							// double space after sentences
-							'/(\W)  /'						=> '$1  ',
+							'/(\W) /'						=> '$1  ',
 
 							// ampersands, if not a character entity
 							'/&(?!#?[a-zA-Z0-9]{2,};)/'		=> '&'
@@ -324,7 +324,7 @@ class CI_Typography {
 			return $str;
 		}
 
-		if (strpos($str, "\n") === FALSE  && ! in_array($this->last_block_element, $this->inner_block_required))
+		if (strpos($str, "\n") === FALSE && ! in_array($this->last_block_element, $this->inner_block_required))
 		{
 			return $str;
 		}
@@ -341,7 +341,7 @@ class CI_Typography {
 			// We trim off the right-side new line so that the closing 
 tag
 			// will be positioned immediately following the string, matching
 			// the behavior of the opening 
 tag
-			$str =  '
'.rtrim($str).'
';
+			$str = '
'.rtrim($str).'
';
 		}
 
 		// Remove empty paragraphs if they are on the first line, as this
@@ -367,7 +367,7 @@ class CI_Typography {
 	 */
 	function _protect_characters($match)
 	{
-		return str_replace(array("'",'"','--','  '), array('{@SQ}', '{@DQ}', '{@DD}', '{@NBS}'), $match[0]);
+		return str_replace(array("'",'"','--',' '), array('{@SQ}', '{@DQ}', '{@DD}', '{@NBS}'), $match[0]);
 	}
 
 	// --------------------------------------------------------------------
diff --git a/system/libraries/Unit_test.php b/system/libraries/Unit_test.php
index 5bd7e801a..c9012f646 100644
--- a/system/libraries/Unit_test.php
+++ b/system/libraries/Unit_test.php
@@ -1,4 +1,4 @@
-set_error('upload_stopped_by_extension');
 					break;
-				default :   $this->set_error('upload_no_file_selected');
+				default :  $this->set_error('upload_no_file_selected');
 					break;
 			}
 
@@ -290,7 +290,7 @@ class CI_Upload {
 		/*
 		 * Run the file through the XSS hacking filter
 		 * This helps prevent malicious code from being
-		 * embedded within a file.  Scripts can easily
+		 * embedded within a file. Scripts can easily
 		 * be disguised as images or other file types.
 		 */
 		if ($this->xss_clean)
@@ -305,8 +305,8 @@ class CI_Upload {
 		/*
 		 * Move the file to the final destination
 		 * To deal with different server configurations
-		 * we'll attempt to use copy() first.  If that fails
-		 * we'll use move_uploaded_file().  One of the two should
+		 * we'll attempt to use copy() first. If that fails
+		 * we'll use move_uploaded_file(). One of the two should
 		 * reliably work in most environments
 		 */
 		if ( ! @copy($this->file_temp, $this->upload_path.$this->file_name))
@@ -321,7 +321,7 @@ class CI_Upload {
 		/*
 		 * Set the finalized image dimensions
 		 * This sets the image width/height (assuming the
-		 * file was an image).  We use this information
+		 * file was an image). We use this information
 		 * in the "data" function.
 		 */
 		$this->set_image_properties($this->upload_path.$this->file_name);
@@ -518,7 +518,7 @@ class CI_Upload {
 				$this->image_width		= $D['0'];
 				$this->image_height		= $D['1'];
 				$this->image_type		= ( ! isset($types[$D['2']])) ? 'unknown' : $types[$D['2']];
-				$this->image_size_str	= $D['3'];  // string containing height and width
+				$this->image_size_str	= $D['3']; // string containing height and width
 			}
 		}
 	}
@@ -551,7 +551,7 @@ class CI_Upload {
 		// IE will sometimes return odd mime-types during upload, so here we just standardize all
 		// jpegs or pngs to the same file type.
 
-		$png_mimes  = array('image/x-png');
+		$png_mimes = array('image/x-png');
 		$jpeg_mimes = array('image/jpg', 'image/jpe', 'image/jpeg', 'image/pjpeg');
 
 		if (in_array($this->file_type, $png_mimes))
@@ -642,7 +642,7 @@ class CI_Upload {
 	 */
 	public function is_allowed_filesize()
 	{
-		if ($this->max_size != 0  AND  $this->file_size > $this->max_size)
+		if ($this->max_size != 0 AND $this->file_size > $this->max_size)
 		{
 			return FALSE;
 		}
@@ -721,7 +721,7 @@ class CI_Upload {
 			return FALSE;
 		}
 
-		$this->upload_path = preg_replace("/(.+?)\/*$/", "\\1/",  $this->upload_path);
+		$this->upload_path = preg_replace("/(.+?)\/*$/", "\\1/", $this->upload_path);
 		return TRUE;
 	}
 
@@ -834,7 +834,7 @@ class CI_Upload {
 			$current = ini_get('memory_limit') * 1024 * 1024;
 
 			// There was a bug/behavioural change in PHP 5.2, where numbers over one million get output
-			// into scientific notation.  number_format() ensures this number is an integer
+			// into scientific notation. number_format() ensures this number is an integer
 			// http://bugs.php.net/bug.php?id=43053
 
 			$new_memory = number_format(ceil(filesize($file) + $current), 0, '.', '');
@@ -844,8 +844,8 @@ class CI_Upload {
 
 		// If the file being uploaded is an image, then we should have no problem with XSS attacks (in theory), but
 		// IE can be fooled into mime-type detecting a malformed image as an html file, thus executing an XSS attack on anyone
-		// using IE who looks at the image.  It does this by inspecting the first 255 bytes of an image.  To get around this
-		// CI will itself look at the first 255 bytes of an image to determine its relative safety.  This can save a lot of
+		// using IE who looks at the image. It does this by inspecting the first 255 bytes of an image. To get around this
+		// CI will itself look at the first 255 bytes of an image to determine its relative safety. This can save a lot of
 		// processor power and time if it is actually a clean image, as it will be in nearly all instances _except_ an
 		// attempted XSS attack.
 
@@ -933,7 +933,7 @@ class CI_Upload {
 	/**
 	 * List of Mime Types
 	 *
-	 * This is a list of mime types.  We use it to validate
+	 * This is a list of mime types. We use it to validate
 	 * the "allowed types" set by the developer
 	 *
 	 * @param	string
diff --git a/system/libraries/User_agent.php b/system/libraries/User_agent.php
index 016102a2a..543d1d5a3 100644
--- a/system/libraries/User_agent.php
+++ b/system/libraries/User_agent.php
@@ -1,4 +1,4 @@
-xmlrpcerr['unknown_method'] = '1';
 		$this->xmlrpcstr['unknown_method'] = 'This is not a known method for this XML-RPC Server';
 		$this->xmlrpcerr['invalid_return'] = '2';
-		$this->xmlrpcstr['invalid_return'] = 'The XML data received was either invalid or not in the correct form for XML-RPC.  Turn on debugging to examine the XML data further.';
+		$this->xmlrpcstr['invalid_return'] = 'The XML data received was either invalid or not in the correct form for XML-RPC. Turn on debugging to examine the XML data further.';
 		$this->xmlrpcerr['incorrect_params'] = '3';
 		$this->xmlrpcstr['incorrect_params'] = 'Incorrect parameters were passed to method';
 		$this->xmlrpcerr['introspect_unknown'] = '4';
@@ -129,7 +129,7 @@ class CI_Xmlrpc {
 
 
 	//-------------------------------------
-	//  Initialize Prefs
+	// Initialize Prefs
 	//-------------------------------------
 
 	function initialize($config = array())
@@ -148,7 +148,7 @@ class CI_Xmlrpc {
 	// END
 
 	//-------------------------------------
-	//  Take URL and parse it
+	// Take URL and parse it
 	//-------------------------------------
 
 	function server($url, $port=80)
@@ -172,7 +172,7 @@ class CI_Xmlrpc {
 	// END
 
 	//-------------------------------------
-	//  Set Timeout
+	// Set Timeout
 	//-------------------------------------
 
 	function timeout($seconds=5)
@@ -185,7 +185,7 @@ class CI_Xmlrpc {
 	// END
 
 	//-------------------------------------
-	//  Set Methods
+	// Set Methods
 	//-------------------------------------
 
 	function method($function)
@@ -195,7 +195,7 @@ class CI_Xmlrpc {
 	// END
 
 	//-------------------------------------
-	//  Take Array of Data and Create Objects
+	// Take Array of Data and Create Objects
 	//-------------------------------------
 
 	function request($incoming)
@@ -216,7 +216,7 @@ class CI_Xmlrpc {
 
 
 	//-------------------------------------
-	//  Set Debug
+	// Set Debug
 	//-------------------------------------
 
 	function set_debug($flag = TRUE)
@@ -225,7 +225,7 @@ class CI_Xmlrpc {
 	}
 
 	//-------------------------------------
-	//  Values Parsing
+	// Values Parsing
 	//-------------------------------------
 
 	function values_parsing($value, $return = FALSE)
@@ -268,7 +268,7 @@ class CI_Xmlrpc {
 
 
 	//-------------------------------------
-	//  Sends XML-RPC Request
+	// Sends XML-RPC Request
 	//-------------------------------------
 
 	function send_request()
@@ -294,7 +294,7 @@ class CI_Xmlrpc {
 	// END
 
 	//-------------------------------------
-	//  Returns Error
+	// Returns Error
 	//-------------------------------------
 
 	function display_error()
@@ -304,7 +304,7 @@ class CI_Xmlrpc {
 	// END
 
 	//-------------------------------------
-	//  Returns Remote Server Response
+	// Returns Remote Server Response
 	//-------------------------------------
 
 	function display_response()
@@ -314,7 +314,7 @@ class CI_Xmlrpc {
 	// END
 
 	//-------------------------------------
-	//  Sends an Error Message for Server Request
+	// Sends an Error Message for Server Request
 	//-------------------------------------
 
 	function send_error_message($number, $message)
@@ -325,7 +325,7 @@ class CI_Xmlrpc {
 
 
 	//-------------------------------------
-	//  Send Response for Server Request
+	// Send Response for Server Request
 	//-------------------------------------
 
 	function send_response($response)
@@ -399,7 +399,7 @@ class XML_RPC_Client extends CI_Xmlrpc
 		}
 
 		$r = "\r\n";
-		$op  = "POST {$this->path} HTTP/1.0$r";
+		$op = "POST {$this->path} HTTP/1.0$r";
 		$op .= "Host: {$this->server}$r";
 		$op .= "Content-Type: text/xml$r";
 		$op .= "User-Agent: {$this->xmlrpcName}$r";
@@ -447,7 +447,7 @@ class XML_RPC_Response
 		else if ( ! is_object($val))
 		{
 			// programmer error, not an object
-			error_log("Invalid type '" . gettype($val) . "' (value: $val) passed to XML_RPC_Response.  Defaulting to empty value.");
+			error_log("Invalid type '" . gettype($val) . "' (value: $val) passed to XML_RPC_Response. Defaulting to empty value.");
 			$this->val = new XML_RPC_Values();
 		}
 		else
@@ -504,7 +504,7 @@ class XML_RPC_Response
 	function decode($array=FALSE)
 	{
 		$CI =& get_instance();
-		
+
 		if ($array !== FALSE && is_array($array))
 		{
 			while (list($key) = each($array))
@@ -541,7 +541,7 @@ class XML_RPC_Response
 
 
 	//-------------------------------------
-	//  XML-RPC Object to PHP Types
+	// XML-RPC Object to PHP Types
 	//-------------------------------------
 
 	function xmlrpc_decoder($xmlrpc_val)
@@ -581,7 +581,7 @@ class XML_RPC_Response
 
 
 	//-------------------------------------
-	//  ISO-8601 time to server or UTC time
+	// ISO-8601 time to server or UTC time
 	//-------------------------------------
 
 	function iso8601_decode($time, $utc=0)
@@ -630,7 +630,7 @@ class XML_RPC_Message extends CI_Xmlrpc
 	}
 
 	//-------------------------------------
-	//  Create Payload to Send
+	// Create Payload to Send
 	//-------------------------------------
 
 	function createPayload()
@@ -650,7 +650,7 @@ class XML_RPC_Message extends CI_Xmlrpc
 	}
 
 	//-------------------------------------
-	//  Parse External XML-RPC Server's Response
+	// Parse External XML-RPC Server's Response
 	//-------------------------------------
 
 	function parseResponse($fp)
@@ -663,7 +663,7 @@ class XML_RPC_Message extends CI_Xmlrpc
 		}
 
 		//-------------------------------------
-		//  DISPLAY HTTP CONTENT for DEBUGGING
+		// DISPLAY HTTP CONTENT for DEBUGGING
 		//-------------------------------------
 
 		if ($this->debug === TRUE)
@@ -674,7 +674,7 @@ class XML_RPC_Message extends CI_Xmlrpc
 		}
 
 		//-------------------------------------
-		//  Check for data
+		// Check for data
 		//-------------------------------------
 
 		if ($data == "")
@@ -686,7 +686,7 @@ class XML_RPC_Message extends CI_Xmlrpc
 
 
 		//-------------------------------------
-		//  Check for HTTP 200 Response
+		// Check for HTTP 200 Response
 		//-------------------------------------
 
 		if (strncmp($data, 'HTTP', 4) == 0 && ! preg_match('/^HTTP\/[0-9\.]+ 200 /', $data))
@@ -697,7 +697,7 @@ class XML_RPC_Message extends CI_Xmlrpc
 		}
 
 		//-------------------------------------
-		//  Create and Set Up XML Parser
+		// Create and Set Up XML Parser
 		//-------------------------------------
 
 		$parser = xml_parser_create($this->xmlrpc_defencoding);
@@ -718,7 +718,7 @@ class XML_RPC_Message extends CI_Xmlrpc
 
 
 		//-------------------------------------
-		//  GET HEADERS
+		// GET HEADERS
 		//-------------------------------------
 
 		$lines = explode("\r\n", $data);
@@ -734,7 +734,7 @@ class XML_RPC_Message extends CI_Xmlrpc
 
 
 		//-------------------------------------
-		//  PARSE XML DATA
+		// PARSE XML DATA
 		//-------------------------------------
 
 		if ( ! xml_parse($parser, $data, count($data)))
@@ -750,7 +750,7 @@ class XML_RPC_Message extends CI_Xmlrpc
 		xml_parser_free($parser);
 
 		// ---------------------------------------
-		//  Got Ourselves Some Badness, It Seems
+		// Got Ourselves Some Badness, It Seems
 		// ---------------------------------------
 
 		if ($this->xh[$parser]['isf'] > 1)
@@ -772,7 +772,7 @@ class XML_RPC_Message extends CI_Xmlrpc
 		}
 
 		//-------------------------------------
-		//  DISPLAY XML CONTENT for DEBUGGING
+		// DISPLAY XML CONTENT for DEBUGGING
 		//-------------------------------------
 
 		if ($this->debug === TRUE)
@@ -797,7 +797,7 @@ class XML_RPC_Message extends CI_Xmlrpc
 		}
 
 		//-------------------------------------
-		//  SEND RESPONSE
+		// SEND RESPONSE
 		//-------------------------------------
 
 		$v = $this->xh[$parser]['value'];
@@ -826,21 +826,21 @@ class XML_RPC_Message extends CI_Xmlrpc
 	}
 
 	// ------------------------------------
-	//  Begin Return Message Parsing section
+	// Begin Return Message Parsing section
 	// ------------------------------------
 
 	// quick explanation of components:
-	//   ac - used to accumulate values
-	//   isf - used to indicate a fault
-	//   lv - used to indicate "looking for a value": implements
+	//  ac - used to accumulate values
+	//  isf - used to indicate a fault
+	//  lv - used to indicate "looking for a value": implements
 	//		the logic to allow values with no types to be strings
-	//   params - used to store parameters in method calls
-	//   method - used to store method name
+	//  params - used to store parameters in method calls
+	//  method - used to store method name
 	//	 stack - array with parent tree of the xml element,
 	//			 used to validate the nesting of elements
 
 	//-------------------------------------
-	//  Start Element Handler
+	// Start Element Handler
 	//-------------------------------------
 
 	function open_tag($the_parser, $name, $attrs)
@@ -942,7 +942,7 @@ class XML_RPC_Message extends CI_Xmlrpc
 
 
 	//-------------------------------------
-	//  End Element Handler
+	// End Element Handler
 	//-------------------------------------
 
 	function closing_tag($the_parser, $name)
@@ -951,7 +951,7 @@ class XML_RPC_Message extends CI_Xmlrpc
 
 		// Remove current element from stack and set variable
 		// NOTE: If the XML validates, then we do not have to worry about
-		// the opening and closing of elements.  Nesting is checked on the opening
+		// the opening and closing of elements. Nesting is checked on the opening
 		// tag so we be safe there as well.
 
 		$curr_elem = array_shift($this->xh[$the_parser]['stack']);
@@ -1080,13 +1080,13 @@ class XML_RPC_Message extends CI_Xmlrpc
 				// We're all good kids with nuthin' to do
 			break;
 			default:
-				// End of an Invalid Element.  Taken care of during the opening tag though
+				// End of an Invalid Element. Taken care of during the opening tag though
 			break;
 		}
 	}
 
 	//-------------------------------------
-	//  Parses Character Data
+	// Parses Character Data
 	//-------------------------------------
 
 	function character_data($the_parser, $data)
@@ -1116,7 +1116,7 @@ class XML_RPC_Message extends CI_Xmlrpc
 	function output_parameters($array=FALSE)
 	{
 		$CI =& get_instance();
-		
+
 		if ($array !== FALSE && is_array($array))
 		{
 			while (list($key) = each($array))
diff --git a/system/libraries/Xmlrpcs.php b/system/libraries/Xmlrpcs.php
index 9cd332147..88af60693 100644
--- a/system/libraries/Xmlrpcs.php
+++ b/system/libraries/Xmlrpcs.php
@@ -1,4 +1,4 @@
-parseRequest();
-		$payload  = 'xmlrpc_defencoding.'"?'.'>'."\n";
+		$payload = 'xmlrpc_defencoding.'"?'.'>'."\n";
 		$payload .= $this->debug_msg;
 		$payload .= $r->prepare_response();
 
@@ -156,7 +156,7 @@ class CI_Xmlrpcs extends CI_Xmlrpc
 	function add_to_map($methodname, $function, $sig, $doc)
 	{
 		$this->methods[$methodname] = array(
-			'function'  => $function,
+			'function' => $function,
 			'signature' => $sig,
 			'docstring' => $doc
 		);
@@ -176,7 +176,7 @@ class CI_Xmlrpcs extends CI_Xmlrpc
 		global $HTTP_RAW_POST_DATA;
 
 		//-------------------------------------
-		//  Get Data
+		// Get Data
 		//-------------------------------------
 
 		if ($data == '')
@@ -185,7 +185,7 @@ class CI_Xmlrpcs extends CI_Xmlrpc
 		}
 
 		//-------------------------------------
-		//  Set up XML Parser
+		// Set up XML Parser
 		//-------------------------------------
 
 		$parser = xml_parser_create($this->xmlrpc_defencoding);
@@ -207,7 +207,7 @@ class CI_Xmlrpcs extends CI_Xmlrpc
 
 
 		//-------------------------------------
-		//  PARSE + PROCESS XML DATA
+		// PARSE + PROCESS XML DATA
 		//-------------------------------------
 
 		if ( ! xml_parse($parser, $data, 1))
@@ -235,7 +235,7 @@ class CI_Xmlrpcs extends CI_Xmlrpc
 			{
 				if ($this->debug === TRUE)
 				{
-					$plist .= "$i - " .  print_r(get_object_vars($parser_object->xh[$parser]['params'][$i]), TRUE). ";\n";
+					$plist .= "$i - " . print_r(get_object_vars($parser_object->xh[$parser]['params'][$i]), TRUE). ";\n";
 				}
 
 				$m->addParam($parser_object->xh[$parser]['params'][$i]);
@@ -252,7 +252,7 @@ class CI_Xmlrpcs extends CI_Xmlrpc
 		}
 
 		//-------------------------------------
-		//  SET DEBUGGING MESSAGE
+		// SET DEBUGGING MESSAGE
 		//-------------------------------------
 
 		if ($this->debug === TRUE)
@@ -285,7 +285,7 @@ class CI_Xmlrpcs extends CI_Xmlrpc
 		}
 
 		//-------------------------------------
-		//  Valid Method
+		// Valid Method
 		//-------------------------------------
 
 		if ( ! isset($this->methods[$methName]['function']))
@@ -294,7 +294,7 @@ class CI_Xmlrpcs extends CI_Xmlrpc
 		}
 
 		//-------------------------------------
-		//  Check for Method (and Object)
+		// Check for Method (and Object)
 		//-------------------------------------
 
 		$method_parts = explode(".", $this->methods[$methName]['function']);
@@ -320,7 +320,7 @@ class CI_Xmlrpcs extends CI_Xmlrpc
 		}
 
 		//-------------------------------------
-		//  Checking Methods Signature
+		// Checking Methods Signature
 		//-------------------------------------
 
 		if (isset($this->methods[$methName]['signature']))
@@ -353,7 +353,7 @@ class CI_Xmlrpcs extends CI_Xmlrpc
 		}
 
 		//-------------------------------------
-		//  Calls the Function
+		// Calls the Function
 		//-------------------------------------
 
 		if ($objectCall === TRUE)
@@ -381,11 +381,11 @@ class CI_Xmlrpcs extends CI_Xmlrpc
 			return call_user_func($this->methods[$methName]['function'], $m);
 		}
 	}
-	
+
 	// --------------------------------------------------------------------
 
 	/**
-	 * Server Function:  List Methods
+	 * Server Function: List Methods
 	 *
 	 * @access	public
 	 * @param	mixed
@@ -409,11 +409,11 @@ class CI_Xmlrpcs extends CI_Xmlrpc
 		$v->addArray($output);
 		return new XML_RPC_Response($v);
 	}
-	
+
 	// --------------------------------------------------------------------
 
 	/**
-	 * Server Function:  Return Signature for Method
+	 * Server Function: Return Signature for Method
 	 *
 	 * @access	public
 	 * @param	mixed
@@ -458,7 +458,7 @@ class CI_Xmlrpcs extends CI_Xmlrpc
 	// --------------------------------------------------------------------
 
 	/**
-	 * Server Function:  Doc String for Method
+	 * Server Function: Doc String for Method
 	 *
 	 * @access	public
 	 * @param	mixed
@@ -480,11 +480,11 @@ class CI_Xmlrpcs extends CI_Xmlrpc
 			return new XML_RPC_Response(0, $this->xmlrpcerr['introspect_unknown'], $this->xmlrpcstr['introspect_unknown']);
 		}
 	}
-	
+
 	// --------------------------------------------------------------------
 
 	/**
-	 * Server Function:  Multi-call
+	 * Server Function: Multi-call
 	 *
 	 * @access	public
 	 * @param	mixed
@@ -528,7 +528,7 @@ class CI_Xmlrpcs extends CI_Xmlrpc
 	// --------------------------------------------------------------------
 
 	/**
-	 *  Multi-call Function:  Error Handling
+	 * Multi-call Function: Error Handling
 	 *
 	 * @access	public
 	 * @param	mixed
@@ -536,7 +536,7 @@ class CI_Xmlrpcs extends CI_Xmlrpc
 	 */
 	function multicall_error($err)
 	{
-		$str  = is_string($err) ? $this->xmlrpcstr["multicall_${err}"] : $err->faultString();
+		$str = is_string($err) ? $this->xmlrpcstr["multicall_${err}"] : $err->faultString();
 		$code = is_string($err) ? $this->xmlrpcerr["multicall_${err}"] : $err->faultCode();
 
 		$struct['faultCode'] = new XML_RPC_Values($code, 'int');
@@ -548,7 +548,7 @@ class CI_Xmlrpcs extends CI_Xmlrpc
 	// --------------------------------------------------------------------
 
 	/**
-	 *  Multi-call Function:  Processes method
+	 * Multi-call Function: Processes method
 	 *
 	 * @access	public
 	 * @param	mixed
diff --git a/system/libraries/Zip.php b/system/libraries/Zip.php
index 666327d5c..1ae3e7f25 100644
--- a/system/libraries/Zip.php
+++ b/system/libraries/Zip.php
@@ -1,4 +1,4 @@
-CI =& get_instance();	
+		$this->CI =& get_instance();
 		extract($params);
 
 		if ($autoload === TRUE)
 		{
-			$this->script();			
+			$this->script();
 		}
-		
+
 		log_message('debug', "Jquery Class Initialized");
 	}
-	
-	// --------------------------------------------------------------------	 
+
+	// --------------------------------------------------------------------
 	// Event Code
-	// --------------------------------------------------------------------	
+	// --------------------------------------------------------------------
 
 	/**
 	 * Blur
@@ -65,9 +65,9 @@ class CI_Jquery extends CI_Javascript {
 	{
 		return $this->_add_event($element, $js, 'blur');
 	}
-	
+
 	// --------------------------------------------------------------------
-	
+
 	/**
 	 * Change
 	 *
@@ -82,9 +82,9 @@ class CI_Jquery extends CI_Javascript {
 	{
 		return $this->_add_event($element, $js, 'change');
 	}
-	
+
 	// --------------------------------------------------------------------
-	
+
 	/**
 	 * Click
 	 *
@@ -112,7 +112,7 @@ class CI_Jquery extends CI_Javascript {
 	}
 
 	// --------------------------------------------------------------------
-	
+
 	/**
 	 * Double Click
 	 *
@@ -129,7 +129,7 @@ class CI_Jquery extends CI_Javascript {
 	}
 
 	// --------------------------------------------------------------------
-	
+
 	/**
 	 * Error
 	 *
@@ -146,7 +146,7 @@ class CI_Jquery extends CI_Javascript {
 	}
 
 	// --------------------------------------------------------------------
-	
+
 	/**
 	 * Focus
 	 *
@@ -163,7 +163,7 @@ class CI_Jquery extends CI_Javascript {
 	}
 
 	// --------------------------------------------------------------------
-	
+
 	/**
 	 * Hover
 	 *
@@ -185,7 +185,7 @@ class CI_Jquery extends CI_Javascript {
 	}
 
 	// --------------------------------------------------------------------
-	
+
 	/**
 	 * Keydown
 	 *
@@ -202,7 +202,7 @@ class CI_Jquery extends CI_Javascript {
 	}
 
 	// --------------------------------------------------------------------
-	
+
 	/**
 	 * Keyup
 	 *
@@ -216,10 +216,10 @@ class CI_Jquery extends CI_Javascript {
 	function _keyup($element = 'this', $js = '')
 	{
 		return $this->_add_event($element, $js, 'keyup');
-	}	
+	}
 
 	// --------------------------------------------------------------------
-	
+
 	/**
 	 * Load
 	 *
@@ -233,10 +233,10 @@ class CI_Jquery extends CI_Javascript {
 	function _load($element = 'this', $js = '')
 	{
 		return $this->_add_event($element, $js, 'load');
-	}	
-	
+	}
+
 	// --------------------------------------------------------------------
-	
+
 	/**
 	 * Mousedown
 	 *
@@ -253,7 +253,7 @@ class CI_Jquery extends CI_Javascript {
 	}
 
 	// --------------------------------------------------------------------
-	
+
 	/**
 	 * Mouse Out
 	 *
@@ -270,7 +270,7 @@ class CI_Jquery extends CI_Javascript {
 	}
 
 	// --------------------------------------------------------------------
-	
+
 	/**
 	 * Mouse Over
 	 *
@@ -321,7 +321,7 @@ class CI_Jquery extends CI_Javascript {
 		{
 			$array_js = array($array_js);
 		}
-		
+
 		foreach ($array_js as $js)
 		{
 			$this->jquery_code_for_compile[] = "\t$js\n";
@@ -361,7 +361,7 @@ class CI_Jquery extends CI_Javascript {
 	{
 		return $this->_add_event($element, $js, 'scroll');
 	}
-	
+
 	// --------------------------------------------------------------------
 
 	/**
@@ -379,10 +379,10 @@ class CI_Jquery extends CI_Javascript {
 		return $this->_add_event($element, $js, 'unload');
 	}
 
-	// --------------------------------------------------------------------	 
+	// --------------------------------------------------------------------
 	// Effects
-	// --------------------------------------------------------------------	
-	
+	// --------------------------------------------------------------------
+
 	/**
 	 * Add Class
 	 *
@@ -395,7 +395,7 @@ class CI_Jquery extends CI_Javascript {
 	function _addClass($element = 'this', $class='')
 	{
 		$element = $this->_prep_element($element);
-		$str  = "$({$element}).addClass(\"$class\");";
+		$str = "$({$element}).addClass(\"$class\");";
 		return $str;
 	}
 
@@ -416,9 +416,9 @@ class CI_Jquery extends CI_Javascript {
 	{
 		$element = $this->_prep_element($element);
 		$speed = $this->_validate_speed($speed);
-		
+
 		$animations = "\t\t\t";
-		
+
 		foreach ($params as $param=>$value)
 		{
 			$animations .= $param.': \''.$value.'\', ';
@@ -430,19 +430,19 @@ class CI_Jquery extends CI_Javascript {
 		{
 			$speed = ', '.$speed;
 		}
-		
+
 		if ($extra != '')
 		{
 			$extra = ', '.$extra;
 		}
-		
-		$str  = "$({$element}).animate({\n$animations\n\t\t}".$speed.$extra.");";
-		
+
+		$str = "$({$element}).animate({\n$animations\n\t\t}".$speed.$extra.");";
+
 		return $str;
 	}
 
 	// --------------------------------------------------------------------
-		
+
 	/**
 	 * Fade In
 	 *
@@ -456,21 +456,21 @@ class CI_Jquery extends CI_Javascript {
 	 */
 	function _fadeIn($element = 'this', $speed = '', $callback = '')
 	{
-		$element = $this->_prep_element($element);	
+		$element = $this->_prep_element($element);
 		$speed = $this->_validate_speed($speed);
-		
+
 		if ($callback != '')
 		{
 			$callback = ", function(){\n{$callback}\n}";
 		}
-		
-		$str  = "$({$element}).fadeIn({$speed}{$callback});";
-		
+
+		$str = "$({$element}).fadeIn({$speed}{$callback});";
+
 		return $str;
 	}
-		
+
 	// --------------------------------------------------------------------
-	
+
 	/**
 	 * Fade Out
 	 *
@@ -486,14 +486,14 @@ class CI_Jquery extends CI_Javascript {
 	{
 		$element = $this->_prep_element($element);
 		$speed = $this->_validate_speed($speed);
-		
+
 		if ($callback != '')
 		{
 			$callback = ", function(){\n{$callback}\n}";
 		}
-		
-		$str  = "$({$element}).fadeOut({$speed}{$callback});";
-		
+
+		$str = "$({$element}).fadeOut({$speed}{$callback});";
+
 		return $str;
 	}
 
@@ -512,19 +512,19 @@ class CI_Jquery extends CI_Javascript {
 	 */
 	function _hide($element = 'this', $speed = '', $callback = '')
 	{
-		$element = $this->_prep_element($element);	
+		$element = $this->_prep_element($element);
 		$speed = $this->_validate_speed($speed);
-		
+
 		if ($callback != '')
 		{
 			$callback = ", function(){\n{$callback}\n}";
 		}
-		
-		$str  = "$({$element}).hide({$speed}{$callback});";
+
+		$str = "$({$element}).hide({$speed}{$callback});";
 
 		return $str;
 	}
-	
+
 	// --------------------------------------------------------------------
 
 	/**
@@ -539,12 +539,12 @@ class CI_Jquery extends CI_Javascript {
 	function _removeClass($element = 'this', $class='')
 	{
 		$element = $this->_prep_element($element);
-		$str  = "$({$element}).removeClass(\"$class\");";
+		$str = "$({$element}).removeClass(\"$class\");";
 		return $str;
 	}
 
 	// --------------------------------------------------------------------
-			
+
 	/**
 	 * Slide Up
 	 *
@@ -558,21 +558,21 @@ class CI_Jquery extends CI_Javascript {
 	 */
 	function _slideUp($element = 'this', $speed = '', $callback = '')
 	{
-		$element = $this->_prep_element($element);	
+		$element = $this->_prep_element($element);
 		$speed = $this->_validate_speed($speed);
-		
+
 		if ($callback != '')
 		{
 			$callback = ", function(){\n{$callback}\n}";
 		}
-		
-		$str  = "$({$element}).slideUp({$speed}{$callback});";
-		
+
+		$str = "$({$element}).slideUp({$speed}{$callback});";
+
 		return $str;
 	}
-		
+
 	// --------------------------------------------------------------------
-	
+
 	/**
 	 * Slide Down
 	 *
@@ -588,19 +588,19 @@ class CI_Jquery extends CI_Javascript {
 	{
 		$element = $this->_prep_element($element);
 		$speed = $this->_validate_speed($speed);
-		
+
 		if ($callback != '')
 		{
 			$callback = ", function(){\n{$callback}\n}";
 		}
-		
-		$str  = "$({$element}).slideDown({$speed}{$callback});";
-		
+
+		$str = "$({$element}).slideDown({$speed}{$callback});";
+
 		return $str;
 	}
 
 	// --------------------------------------------------------------------
-	
+
 	/**
 	 * Slide Toggle
 	 *
@@ -616,19 +616,19 @@ class CI_Jquery extends CI_Javascript {
 	{
 		$element = $this->_prep_element($element);
 		$speed = $this->_validate_speed($speed);
-		
+
 		if ($callback != '')
 		{
 			$callback = ", function(){\n{$callback}\n}";
 		}
-		
-		$str  = "$({$element}).slideToggle({$speed}{$callback});";
-		
+
+		$str = "$({$element}).slideToggle({$speed}{$callback});";
+
 		return $str;
 	}
-		
+
 	// --------------------------------------------------------------------
-	
+
 	/**
 	 * Toggle
 	 *
@@ -641,12 +641,12 @@ class CI_Jquery extends CI_Javascript {
 	function _toggle($element = 'this')
 	{
 		$element = $this->_prep_element($element);
-		$str  = "$({$element}).toggle();";
+		$str = "$({$element}).toggle();";
 		return $str;
 	}
-	
+
 	// --------------------------------------------------------------------
-	
+
 	/**
 	 * Toggle Class
 	 *
@@ -659,12 +659,12 @@ class CI_Jquery extends CI_Javascript {
 	function _toggleClass($element = 'this', $class='')
 	{
 		$element = $this->_prep_element($element);
-		$str  = "$({$element}).toggleClass(\"$class\");";
+		$str = "$({$element}).toggleClass(\"$class\");";
 		return $str;
 	}
-	
+
 	// --------------------------------------------------------------------
-	
+
 	/**
 	 * Show
 	 *
@@ -678,16 +678,16 @@ class CI_Jquery extends CI_Javascript {
 	 */
 	function _show($element = 'this', $speed = '', $callback = '')
 	{
-		$element = $this->_prep_element($element);	
+		$element = $this->_prep_element($element);
 		$speed = $this->_validate_speed($speed);
-		
+
 		if ($callback != '')
 		{
 			$callback = ", function(){\n{$callback}\n}";
 		}
-		
-		$str  = "$({$element}).show({$speed}{$callback});";
-		
+
+		$str = "$({$element}).show({$speed}{$callback});";
+
 		return $str;
 	}
 
@@ -696,7 +696,7 @@ class CI_Jquery extends CI_Javascript {
 	/**
 	 * Updater
 	 *
-	 * An Ajax call that populates the designated DOM node with 
+	 * An Ajax call that populates the designated DOM node with
 	 * returned content
 	 *
 	 * @access	private
@@ -705,13 +705,13 @@ class CI_Jquery extends CI_Javascript {
 	 * @param	string	optional parameters
 	 * @return	string
 	 */
-	
+
 	function _updater($container = 'this', $controller, $options = '')
-	{	
+	{
 		$container = $this->_prep_element($container);
-		
+
 		$controller = (strpos('://', $controller) === FALSE) ? $controller : $this->CI->config->site_url($controller);
-		
+
 		// ajaxStart and ajaxStop are better choices here... but this is a stop gap
 		if ($this->CI->config->item('javascript_ajax_img') == '')
 		{
@@ -721,7 +721,7 @@ class CI_Jquery extends CI_Javascript {
 		{
 			$loading_notifier = 'CI->config->slash_item('base_url') . $this->CI->config->item('javascript_ajax_img') . '\' alt=\'Loading\' />';
 		}
-		
+
 		$updater = "$($container).empty();\n"; // anything that was in... get it out
 		$updater .= "\t\t$($container).prepend(\"$loading_notifier\");\n"; // to replace with an image
 
@@ -741,7 +741,7 @@ class CI_Jquery extends CI_Javascript {
 	// --------------------------------------------------------------------
 	// Pre-written handy stuff
 	// --------------------------------------------------------------------
-	 
+
 	/**
 	 * Zebra tables
 	 *
@@ -753,8 +753,8 @@ class CI_Jquery extends CI_Javascript {
 	function _zebraTables($class = '', $odd = 'odd', $hover = '')
 	{
 		$class = ($class != '') ? '.'.$class : '';
-		
-		$zebra  = "\t\$(\"table{$class} tbody tr:nth-child(even)\").addClass(\"{$odd}\");";
+
+		$zebra = "\t\$(\"table{$class} tbody tr:nth-child(even)\").addClass(\"{$odd}\");";
 
 		$this->jquery_code_for_compile[] = $zebra;
 
@@ -771,7 +771,7 @@ class CI_Jquery extends CI_Javascript {
 	// --------------------------------------------------------------------
 	// Plugins
 	// --------------------------------------------------------------------
-	
+
 	/**
 	 * Corner Plugin
 	 *
@@ -793,7 +793,7 @@ class CI_Jquery extends CI_Javascript {
 
 		return "$(" . $this->_prep_element($element) . ").corner(".$corner_style.");";
 	}
-	
+
 	// --------------------------------------------------------------------
 
 	/**
@@ -805,7 +805,7 @@ class CI_Jquery extends CI_Javascript {
 	 * @return	void
 	 */
 	function modal($src, $relative = FALSE)
-	{	
+	{
 		$this->jquery_code_for_load[] = $this->external($src, $relative);
 	}
 
@@ -897,7 +897,7 @@ class CI_Jquery extends CI_Javascript {
 	{
 		$this->jquery_code_for_compile[] = "\t$(" . $this->_prep_element($table) . ").tablesorter($options);\n";
 	}
-	
+
 	// --------------------------------------------------------------------
 	// Class functions
 	// --------------------------------------------------------------------
@@ -912,7 +912,7 @@ class CI_Jquery extends CI_Javascript {
 	 * @param	string	The code to execute
 	 * @param	string	The event to pass
 	 * @return	string
-	 */	
+	 */
 	function _add_event($element, $js, $event)
 	{
 		if (is_array($js))
@@ -953,15 +953,15 @@ class CI_Jquery extends CI_Javascript {
 		$script = '$(document).ready(function() {' . "\n";
 		$script .= implode('', $this->jquery_code_for_compile);
 		$script .= '});';
-		
+
 		$output = ($script_tags === FALSE) ? $script : $this->inline($script);
 
 		$this->CI->load->vars(array($view_var => $output));
 
 	}
-	
+
 	// --------------------------------------------------------------------
-	
+
 	/**
 	 * Clear Compile
 	 *
@@ -976,7 +976,7 @@ class CI_Jquery extends CI_Javascript {
 	}
 
 	// --------------------------------------------------------------------
-	
+
 	/**
 	 * Document Ready
 	 *
@@ -992,7 +992,7 @@ class CI_Jquery extends CI_Javascript {
 			$js = array ($js);
 
 		}
-		
+
 		foreach ($js as $script)
 		{
 			$this->jquery_code_for_compile[] = $script;
@@ -1016,7 +1016,7 @@ class CI_Jquery extends CI_Javascript {
 		$this->jquery_code_for_load[] = $library_src;
 		return $library_src;
 	}
-	
+
 	// --------------------------------------------------------------------
 
 	/**
@@ -1036,10 +1036,10 @@ class CI_Jquery extends CI_Javascript {
 		{
 			$element = '"'.$element.'"';
 		}
-		
+
 		return $element;
 	}
-	
+
 	// --------------------------------------------------------------------
 
 	/**
@@ -1050,7 +1050,7 @@ class CI_Jquery extends CI_Javascript {
 	 * @access	private
 	 * @param	string
 	 * @return	string
-	 */	
+	 */
 	function _validate_speed($speed)
 	{
 		if (in_array($speed, array('slow', 'normal', 'fast')))
@@ -1061,7 +1061,7 @@ class CI_Jquery extends CI_Javascript {
 		{
 			$speed = '';
 		}
-	
+
 		return $speed;
 	}
 
-- 
cgit v1.2.3-24-g4f1b


From 28bda7fd05d5261e0da1702e789cfedc6ab423b4 Mon Sep 17 00:00:00 2001
From: Greg Aker 
Date: Mon, 25 Apr 2011 15:00:45 -0500
Subject: swapping out preg_replace() in the driver library where str_replace()
 works just fine.

---
 system/libraries/Driver.php | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

(limited to 'system/libraries')

diff --git a/system/libraries/Driver.php b/system/libraries/Driver.php
index b90b5aba6..1e01fcc1f 100644
--- a/system/libraries/Driver.php
+++ b/system/libraries/Driver.php
@@ -43,11 +43,11 @@ class CI_Driver_Library {
 
 		// The class will be prefixed with the parent lib
 		$child_class = $this->lib_name.'_'.$child;
-
+	
 		// Remove the CI_ prefix and lowercase
-		$lib_name = ucfirst(strtolower(preg_replace('/^CI_/', '', $this->lib_name)));
-		$driver_name = strtolower(preg_replace('/^CI_/', '', $child_class));
-
+		$lib_name = ucfirst(strtolower(str_replace('CI_', '', $this->lib_name)));
+		$driver_name = strtolower(str_replace('CI_', '', $child_class));
+		
 		if (in_array($driver_name, array_map('strtolower', $this->valid_drivers)))
 		{
 			// check and see if the driver is in a separate file
-- 
cgit v1.2.3-24-g4f1b