From 8ff2da1c7457cfd04a28776705cea64cbb96716a Mon Sep 17 00:00:00 2001 From: Michiel Vugteveen Date: Wed, 23 Nov 2011 10:09:57 +0100 Subject: tmp_path does not exists, should be tmp_name --- system/libraries/Upload.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries') diff --git a/system/libraries/Upload.php b/system/libraries/Upload.php index 05511b5d3..fe5907ab2 100644 --- a/system/libraries/Upload.php +++ b/system/libraries/Upload.php @@ -1055,7 +1055,7 @@ class CI_Upload { if (DIRECTORY_SEPARATOR !== '\\' && function_exists('exec')) { $output = array(); - @exec('file --brief --mime-type ' . escapeshellarg($file['tmp_path']), $output, $return_code); + @exec('file --brief --mime-type ' . escapeshellarg($file['tmp_name']), $output, $return_code); if ($return_code === 0 && strlen($output[0]) > 0) // A return status code != 0 would mean failed execution { $this->file_type = rtrim($output[0]); -- cgit v1.2.3-24-g4f1b From 59654319d20a7ec406e7d6f15cf6804e94897d14 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 2 Dec 2011 14:28:54 +0200 Subject: Hotfix for a file type detection bug in the Upload library --- system/libraries/Upload.php | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) (limited to 'system/libraries') diff --git a/system/libraries/Upload.php b/system/libraries/Upload.php index fe5907ab2..ff3461586 100644 --- a/system/libraries/Upload.php +++ b/system/libraries/Upload.php @@ -1042,14 +1042,17 @@ class CI_Upload { if (function_exists('mime_content_type')) { $this->file_type = @mime_content_type($file['tmp_name']); - return; + if (strlen($this->file_type) > 0) // Turned out it's possible ... + { + return; + } } /* This is an ugly hack, but UNIX-type systems provide a native way to detect the file type, * which is still more secure than depending on the value of $_FILES[$field]['type']. * * Notes: - * - a 'W' in the substr() expression bellow, would mean that we're using Windows + * - the DIRECTORY_SEPARATOR comparison ensures that we're not on a Windows system * - many system admins would disable the exec() function due to security concerns, hence the function_exists() check */ if (DIRECTORY_SEPARATOR !== '\\' && function_exists('exec')) -- cgit v1.2.3-24-g4f1b From f796655d37163e7fd046395ddfe765baf752ec77 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 2 Dec 2011 15:00:36 +0200 Subject: Update a comment, just to be clearer --- system/libraries/Upload.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries') diff --git a/system/libraries/Upload.php b/system/libraries/Upload.php index ff3461586..506d15897 100644 --- a/system/libraries/Upload.php +++ b/system/libraries/Upload.php @@ -1042,7 +1042,7 @@ class CI_Upload { if (function_exists('mime_content_type')) { $this->file_type = @mime_content_type($file['tmp_name']); - if (strlen($this->file_type) > 0) // Turned out it's possible ... + if (strlen($this->file_type) > 0) // Turns out it's possible that mime_content_type() returns FALSE or an empty string { return; } -- cgit v1.2.3-24-g4f1b From a49e381fde010a7a83845910c0f772fb139f0b1e Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 9 Dec 2011 13:05:22 +0200 Subject: Improve CI_Upload::_file_mime_type() --- system/libraries/Upload.php | 102 +++++++++++++++++++++++++++++++++----------- 1 file changed, 78 insertions(+), 24 deletions(-) (limited to 'system/libraries') diff --git a/system/libraries/Upload.php b/system/libraries/Upload.php index 506d15897..564d6000e 100644 --- a/system/libraries/Upload.php +++ b/system/libraries/Upload.php @@ -1018,50 +1018,104 @@ class CI_Upload { */ protected function _file_mime_type($file) { - // Use if the Fileinfo extension, if available (only versions above 5.3 support the FILEINFO_MIME_TYPE flag) - if ( (float) substr(phpversion(), 0, 3) >= 5.3 && function_exists('finfo_file')) + // We'll need this to validate the MIME info string (e.g. text/plain; charset=us-ascii) + $regexp = '/^([a-z\-]+\/[a-z0-9\-]+);\s.+$/'; + + /* Fileinfo extension - most reliable method + * + * Unfortunately, prior to PHP 5.3 - it's only available as a PECL extension and the + * more convenient FILEINFO_MIME_TYPE flag doesn't exist. + */ + if (function_exists('finfo_file')) { - $finfo = new finfo(FILEINFO_MIME_TYPE); - if ($finfo !== FALSE) // This is possible, if there is no magic MIME database file found on the system + $finfo = finfo_open(FILEINFO_MIME); + if (is_resource($finfo)) // It is possible that a FALSE value is returned, if there is no magic MIME database file found on the system { - $file_type = $finfo->file($file['tmp_name']); + $mime = @finfo_file($finfo, $file['tmp_name']); + finfo_close($finfo); /* According to the comments section of the PHP manual page, * it is possible that this function returns an empty string * for some files (e.g. if they don't exist in the magic MIME database) */ - if (strlen($file_type) > 1) + if (is_string($mime) && preg_match($regexp, $mime, $matches)) { - $this->file_type = $file_type; + $this->file_type = $matches[1]; return; } } } - // Fall back to the deprecated mime_content_type(), if available - if (function_exists('mime_content_type')) + /* This is an ugly hack, but UNIX-type systems provide a "native" way to detect the file type, + * which is still more secure than depending on the value of $_FILES[$field]['type'], and as it + * was reported in issue #750 (https://github.com/EllisLab/CodeIgniter/issues/750) - it's better + * than mime_content_type() as well, hence the attempts to try calling the command line with + * three different functions. + * + * Notes: + * - the DIRECTORY_SEPARATOR comparison ensures that we're not on a Windows system + * - many system admins would disable the exec(), shell_exec(), popen() and similar functions + * due to security concerns, hence the function_exists() checks + */ + if (DIRECTORY_SEPARATOR !== '\\') { - $this->file_type = @mime_content_type($file['tmp_name']); - if (strlen($this->file_type) > 0) // Turns out it's possible that mime_content_type() returns FALSE or an empty string + $cmd = 'file --brief --mime ' . escapeshellarg($file['tmp_name']) . ' 2>&1'; + + if (function_exists('exec')) { - return; + /* This might look confusing, as $mime is being populated with all of the output when set in the second parameter. + * However, we only neeed the last line, which is the actual return value of exec(), and as such - it overwrites + * anything that could already be set for $mime previously. This effectively makes the second parameter a dummy + * value, which is only put to allow us to get the return status code. + */ + $mime = @exec($cmd, $mime, $return_status); + if ($return_status === 0 && is_string($mime) && preg_match($regexp, $mime, $matches)) + { + $this->file_type = $matches[1]; + return; + } + } + + if ( (bool) @ini_get('safe_mode') === FALSE && function_exists('shell_exec')) + { + $mime = @shell_exec($cmd); + if (strlen($mime) > 0) + { + $mime = explode("\n", trim($mime)); + if (preg_match($regexp, $mime[(count($mime) - 1)], $matches)) + { + $this->file_type = $matches[1]; + return; + } + } + } + + if (function_exists('popen')) + { + $proc = @popen($cmd, 'r'); + if (is_resource($proc)) + { + $mime = @fread($test, 512); + @pclose($proc); + if ($mime !== FALSE) + { + $mime = explode("\n", trim($mime)); + if (preg_match($regexp, $mime[(count($mime) - 1)], $matches)) + { + $this->file_type = $matches[1]; + return; + } + } + } } } - /* This is an ugly hack, but UNIX-type systems provide a native way to detect the file type, - * which is still more secure than depending on the value of $_FILES[$field]['type']. - * - * Notes: - * - the DIRECTORY_SEPARATOR comparison ensures that we're not on a Windows system - * - many system admins would disable the exec() function due to security concerns, hence the function_exists() check - */ - if (DIRECTORY_SEPARATOR !== '\\' && function_exists('exec')) + // Fall back to the deprecated mime_content_type(), if available (still better than $_FILES[$field]['type']) + if (function_exists('mime_content_type')) { - $output = array(); - @exec('file --brief --mime-type ' . escapeshellarg($file['tmp_name']), $output, $return_code); - if ($return_code === 0 && strlen($output[0]) > 0) // A return status code != 0 would mean failed execution + $this->file_type = @mime_content_type($file['tmp_name']); + if (strlen($this->file_type) > 0) // It's possible that mime_content_type() returns FALSE or an empty string { - $this->file_type = rtrim($output[0]); return; } } -- cgit v1.2.3-24-g4f1b From 750ffb9f6d545772c7139b5ee0c1402241c6ceb2 Mon Sep 17 00:00:00 2001 From: Andrew Mackrodt Date: Sat, 10 Dec 2011 23:42:07 +0000 Subject: Fix for Issue #538. --- system/libraries/Image_lib.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries') diff --git a/system/libraries/Image_lib.php b/system/libraries/Image_lib.php index 8902f524d..7f905128b 100644 --- a/system/libraries/Image_lib.php +++ b/system/libraries/Image_lib.php @@ -208,7 +208,7 @@ class CI_Image_lib { } else { - if (strpos($this->new_image, '/') === FALSE) + if (strpos($this->new_image, '/') === FALSE AND strpos($this->new_image, '\\') === FALSE) { $this->dest_folder = $this->source_folder; $this->dest_image = $this->new_image; -- cgit v1.2.3-24-g4f1b From 3b6ff4ddc5ca433ba7b68a51a617c00b93511889 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sun, 11 Dec 2011 14:57:36 +0200 Subject: Fix regular expression for validating MIME type string --- system/libraries/Upload.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries') diff --git a/system/libraries/Upload.php b/system/libraries/Upload.php index 564d6000e..c72fa3c6d 100644 --- a/system/libraries/Upload.php +++ b/system/libraries/Upload.php @@ -1019,7 +1019,7 @@ class CI_Upload { protected function _file_mime_type($file) { // We'll need this to validate the MIME info string (e.g. text/plain; charset=us-ascii) - $regexp = '/^([a-z\-]+\/[a-z0-9\-]+);\s.+$/'; + $regexp = '/^([a-z\-]+\/[a-z0-9\-\.\+]+);\s.+$/'; /* Fileinfo extension - most reliable method * -- cgit v1.2.3-24-g4f1b From f7aed129051475b4baeeb549a764464560c9dd34 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 13 Dec 2011 11:01:06 +0200 Subject: Tweak MIME regular expression check again --- system/libraries/Upload.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries') diff --git a/system/libraries/Upload.php b/system/libraries/Upload.php index c72fa3c6d..91fbf66ca 100644 --- a/system/libraries/Upload.php +++ b/system/libraries/Upload.php @@ -1019,7 +1019,7 @@ class CI_Upload { protected function _file_mime_type($file) { // We'll need this to validate the MIME info string (e.g. text/plain; charset=us-ascii) - $regexp = '/^([a-z\-]+\/[a-z0-9\-\.\+]+);\s.+$/'; + $regexp = '/^([a-z\-]+\/[a-z0-9\-\.\+]+)(;\s.+)?$/'; /* Fileinfo extension - most reliable method * -- cgit v1.2.3-24-g4f1b From 98c347de9f62a3427170f9f73a692d159765e8cf Mon Sep 17 00:00:00 2001 From: Nick Busey Date: Thu, 2 Feb 2012 11:07:03 -0700 Subject: Adding equal to greater than, equal to less than form validators. --- system/libraries/Form_validation.php | 38 +++++++++++++++++++++++++++++++++++- 1 file changed, 37 insertions(+), 1 deletion(-) (limited to 'system/libraries') diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php index 0a6a2af0d..1b2907a08 100644 --- a/system/libraries/Form_validation.php +++ b/system/libraries/Form_validation.php @@ -1116,7 +1116,7 @@ class CI_Form_validation { // -------------------------------------------------------------------- /** - * Greather than + * Greater than * * @param string * @return bool @@ -1130,6 +1130,24 @@ class CI_Form_validation { return $str > $min; } + // -------------------------------------------------------------------- + + /** + * Equal to or Greater than + * + * @access public + * @param string + * @return bool + */ + function equal_to_greater_than($str, $min) + { + if ( ! is_numeric($str)) + { + return FALSE; + } + return $str >= $min; + } + // -------------------------------------------------------------------- /** @@ -1149,6 +1167,24 @@ class CI_Form_validation { // -------------------------------------------------------------------- + /** + * Equal to or Less than + * + * @access public + * @param string + * @return bool + */ + function equal_to_less_than($str, $max) + { + if ( ! is_numeric($str)) + { + return FALSE; + } + return $str <= $max; + } + + // -------------------------------------------------------------------- + /** * Is a Natural number (0,1,2,3, etc.) * -- cgit v1.2.3-24-g4f1b From c1931667cbc614a704f536beb882931af82241cd Mon Sep 17 00:00:00 2001 From: Nick Busey Date: Mon, 6 Feb 2012 17:55:58 -0700 Subject: Renaming equal_to_greater_than to greater_than_equal_to, equal_to_less_than to less_than_equal_to --- system/libraries/Form_validation.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'system/libraries') diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php index 1b2907a08..3ee3cf9df 100644 --- a/system/libraries/Form_validation.php +++ b/system/libraries/Form_validation.php @@ -1139,7 +1139,7 @@ class CI_Form_validation { * @param string * @return bool */ - function equal_to_greater_than($str, $min) + function greater_than_equal_to($str, $min) { if ( ! is_numeric($str)) { @@ -1174,7 +1174,7 @@ class CI_Form_validation { * @param string * @return bool */ - function equal_to_less_than($str, $max) + function less_than_equal_to($str, $max) { if ( ! is_numeric($str)) { -- cgit v1.2.3-24-g4f1b From b57832690574b913c3224b4407427db00dfe7fed Mon Sep 17 00:00:00 2001 From: Michiel Vugteveen Date: Wed, 29 Feb 2012 15:40:28 +0100 Subject: removed double slash --- system/libraries/Upload.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries') diff --git a/system/libraries/Upload.php b/system/libraries/Upload.php index 82383f658..0b853233d 100644 --- a/system/libraries/Upload.php +++ b/system/libraries/Upload.php @@ -960,7 +960,7 @@ class CI_Upload { } elseif (is_file(APPPATH.'config/mimes.php')) { - include(APPPATH.'config//mimes.php'); + include(APPPATH.'config/mimes.php'); } else { -- cgit v1.2.3-24-g4f1b From 50814099c41321e74b7aa7a451f23890fa7d20a1 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 1 Mar 2012 12:36:12 +0200 Subject: Switch private properties in the Email class to protected --- system/libraries/Email.php | 49 +++++++++++++++++++++++----------------------- 1 file changed, 25 insertions(+), 24 deletions(-) (limited to 'system/libraries') diff --git a/system/libraries/Email.php b/system/libraries/Email.php index 922107e9f..027ec0adb 100644 --- a/system/libraries/Email.php +++ b/system/libraries/Email.php @@ -64,30 +64,31 @@ class CI_Email { public $send_multipart = TRUE; // TRUE/FALSE - Yahoo does not like multipart alternative, so this is an override. Set to FALSE for Yahoo. public $bcc_batch_mode = FALSE; // TRUE/FALSE Turns on/off Bcc batch feature public $bcc_batch_size = 200; // If bcc_batch_mode = TRUE, sets max number of Bccs in each batch - private $_safe_mode = FALSE; - private $_subject = ""; - private $_body = ""; - private $_finalbody = ""; - private $_alt_boundary = ""; - private $_atc_boundary = ""; - private $_header_str = ""; - private $_smtp_connect = ""; - private $_encoding = "8bit"; - private $_IP = FALSE; - private $_smtp_auth = FALSE; - private $_replyto_flag = FALSE; - private $_debug_msg = array(); - private $_recipients = array(); - private $_cc_array = array(); - private $_bcc_array = array(); - private $_headers = array(); - private $_attach_name = array(); - private $_attach_type = array(); - private $_attach_disp = array(); - private $_protocols = array('mail', 'sendmail', 'smtp'); - private $_base_charsets = array('us-ascii', 'iso-2022-'); // 7-bit charsets (excluding language suffix) - private $_bit_depths = array('7bit', '8bit'); - private $_priorities = array('1 (Highest)', '2 (High)', '3 (Normal)', '4 (Low)', '5 (Lowest)'); + + protected $_safe_mode = FALSE; + protected $_subject = ''; + protected $_body = ''; + protected $_finalbody = ''; + protected $_alt_boundary = ''; + protected $_atc_boundary = ''; + protected $_header_str = ''; + protected $_smtp_connect = ''; + protected $_encoding = '8bit'; + protected $_IP = FALSE; + protected $_smtp_auth = FALSE; + protected $_replyto_flag = FALSE; + protected $_debug_msg = array(); + protected $_recipients = array(); + protected $_cc_array = array(); + protected $_bcc_array = array(); + protected $_headers = array(); + protected $_attach_name = array(); + protected $_attach_type = array(); + protected $_attach_disp = array(); + protected $_protocols = array('mail', 'sendmail', 'smtp'); + protected $_base_charsets = array('us-ascii', 'iso-2022-'); // 7-bit charsets (excluding language suffix) + protected $_bit_depths = array('7bit', '8bit'); + protected $_priorities = array('1 (Highest)', '2 (High)', '3 (Normal)', '4 (Low)', '5 (Lowest)'); /** -- cgit v1.2.3-24-g4f1b From 081c946bf049a013aaeab4dc726cdbbe20473eb2 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 1 Mar 2012 12:58:11 +0200 Subject: Remove access lines and fix method description blocks in the Email class --- system/libraries/Email.php | 109 +++++++++++---------------------------------- 1 file changed, 25 insertions(+), 84 deletions(-) (limited to 'system/libraries') diff --git a/system/libraries/Email.php b/system/libraries/Email.php index 027ec0adb..898effeb6 100644 --- a/system/libraries/Email.php +++ b/system/libraries/Email.php @@ -25,8 +25,6 @@ * @filesource */ -// ------------------------------------------------------------------------ - /** * CodeIgniter Email Class * @@ -90,7 +88,6 @@ class CI_Email { protected $_bit_depths = array('7bit', '8bit'); protected $_priorities = array('1 (Highest)', '2 (High)', '3 (Normal)', '4 (Low)', '5 (Lowest)'); - /** * Constructor - Sets Email Preferences * @@ -116,7 +113,6 @@ class CI_Email { /** * Initialize preferences * - * @access public * @param array * @return void */ @@ -151,9 +147,8 @@ class CI_Email { /** * Initialize the Email Data * - * @access public * @param bool - * @return void + * @return object */ public function clear($clear_attachments = FALSE) { @@ -186,10 +181,9 @@ class CI_Email { /** * Set FROM * - * @access public * @param string * @param string - * @return void + * @return object */ public function from($from, $name = '') { @@ -229,10 +223,9 @@ class CI_Email { /** * Set Reply-to * - * @access public * @param string * @param string - * @return void + * @return object */ public function reply_to($replyto, $name = '') { @@ -267,9 +260,8 @@ class CI_Email { /** * Set Recipients * - * @access public * @param string - * @return void + * @return object */ public function to($to) { @@ -305,9 +297,8 @@ class CI_Email { /** * Set CC * - * @access public * @param string - * @return void + * @return object */ public function cc($cc) { @@ -334,10 +325,9 @@ class CI_Email { /** * Set BCC * - * @access public * @param string * @param string - * @return void + * @return object */ public function bcc($bcc, $limit = '') { @@ -372,9 +362,8 @@ class CI_Email { /** * Set Email Subject * - * @access public * @param string - * @return void + * @return object */ public function subject($subject) { @@ -388,9 +377,8 @@ class CI_Email { /** * Set Body * - * @access public * @param string - * @return void + * @return object */ public function message($body) { @@ -415,9 +403,8 @@ class CI_Email { /** * Assign file attachments * - * @access public * @param string - * @return void + * @return object */ public function attach($filename, $disposition = '', $newname = NULL) { @@ -432,7 +419,6 @@ class CI_Email { /** * Add a Header Item * - * @access protected * @param string * @param string * @return void @@ -447,7 +433,6 @@ class CI_Email { /** * Convert a String to an Array * - * @access protected * @param string * @return array */ @@ -473,9 +458,8 @@ class CI_Email { /** * Set Multipart Value * - * @access public * @param string - * @return void + * @return object */ public function set_alt_message($str = '') { @@ -488,9 +472,8 @@ class CI_Email { /** * Set Mailtype * - * @access public * @param string - * @return void + * @return object */ public function set_mailtype($type = 'text') { @@ -503,9 +486,8 @@ class CI_Email { /** * Set Wordwrap * - * @access public * @param bool - * @return void + * @return object */ public function set_wordwrap($wordwrap = TRUE) { @@ -518,9 +500,8 @@ class CI_Email { /** * Set Protocol * - * @access public * @param string - * @return void + * @return object */ public function set_protocol($protocol = 'mail') { @@ -533,9 +514,8 @@ class CI_Email { /** * Set Priority * - * @access public - * @param integer - * @return void + * @param int + * @return object */ public function set_priority($n = 3) { @@ -554,9 +534,8 @@ class CI_Email { /** * Set Newline Character * - * @access public * @param string - * @return void + * @return object */ public function set_newline($newline = "\n") { @@ -569,9 +548,8 @@ class CI_Email { /** * Set CRLF * - * @access public * @param string - * @return void + * @return object */ public function set_crlf($crlf = "\n") { @@ -584,7 +562,6 @@ class CI_Email { /** * Set Message Boundary * - * @access protected * @return void */ protected function _set_boundaries() @@ -598,7 +575,6 @@ class CI_Email { /** * Get the Message ID * - * @access protected * @return string */ protected function _get_message_id() @@ -613,7 +589,6 @@ class CI_Email { /** * Get Mail Protocol * - * @access protected * @param bool * @return string */ @@ -633,7 +608,6 @@ class CI_Email { /** * Get Mail Encoding * - * @access protected * @param bool * @return string */ @@ -660,7 +634,6 @@ class CI_Email { /** * Get content type (text/html/attachment) * - * @access protected * @return string */ protected function _get_content_type() @@ -688,7 +661,6 @@ class CI_Email { /** * Set RFC 822 Date * - * @access protected * @return string */ protected function _set_date() @@ -706,7 +678,6 @@ class CI_Email { /** * Mime message * - * @access protected * @return string */ protected function _get_mime_message() @@ -719,7 +690,6 @@ class CI_Email { /** * Validate Email Address * - * @access public * @param string * @return bool */ @@ -748,7 +718,6 @@ class CI_Email { /** * Email Validation * - * @access public * @param string * @return bool */ @@ -762,7 +731,6 @@ class CI_Email { /** * Clean Extended Email Address: Joe Smith * - * @access public * @param string * @return string */ @@ -793,7 +761,6 @@ class CI_Email { * If the user hasn't specified his own alternative message * it creates one by stripping the HTML * - * @access protected * @return string */ protected function _get_alt_message() @@ -819,9 +786,8 @@ class CI_Email { /** * Word Wrap * - * @access public * @param string - * @param integer + * @param int * @return string */ public function word_wrap($str, $charlim = '') @@ -912,8 +878,6 @@ class CI_Email { /** * Build final headers * - * @access protected - * @param string * @return string */ protected function _build_headers() @@ -930,7 +894,6 @@ class CI_Email { /** * Write Headers as a string * - * @access protected * @return void */ protected function _write_headers() @@ -965,7 +928,6 @@ class CI_Email { /** * Build Final Body and attachments * - * @access protected * @return void */ protected function _build_message() @@ -1132,9 +1094,8 @@ class CI_Email { * Prepares string for Quoted-Printable Content-Transfer-Encoding * Refer to RFC 2045 http://www.ietf.org/rfc/rfc2045.txt * - * @access protected * @param string - * @param integer + * @param int * @return string */ protected function _prep_quoted_printable($str, $charlim = '') @@ -1217,10 +1178,9 @@ class CI_Email { * Performs "Q Encoding" on a string for use in email headers. It's related * but not identical to quoted-printable, so it has its own method * - * @access public - * @param str - * @param bool // set to TRUE for processing From: headers - * @return str + * @param string + * @param bool set to TRUE for processing From: headers + * @return string */ protected function _prep_q_encoding($str, $from = FALSE) { @@ -1286,7 +1246,6 @@ class CI_Email { /** * Send Email * - * @access public * @return bool */ public function send() @@ -1319,10 +1278,9 @@ class CI_Email { // -------------------------------------------------------------------- /** - * Batch Bcc Send. Sends groups of BCCs in batches + * Batch Bcc Send. Sends groups of BCCs in batches * - * @access public - * @return bool + * @return void */ public function batch_bcc_send() { @@ -1377,7 +1335,6 @@ class CI_Email { /** * Unwrap special elements * - * @access protected * @return void */ protected function _unwrap_specials() @@ -1390,7 +1347,6 @@ class CI_Email { /** * Strip line-breaks via callback * - * @access protected * @return string */ protected function _remove_nl_callback($matches) @@ -1408,7 +1364,6 @@ class CI_Email { /** * Spool mail to the mail server * - * @access protected * @return bool */ protected function _spool_email() @@ -1430,7 +1385,6 @@ class CI_Email { /** * Send using mail() * - * @access protected * @return bool */ protected function _send_with_mail() @@ -1452,7 +1406,6 @@ class CI_Email { /** * Send using Sendmail * - * @access protected * @return bool */ protected function _send_with_sendmail() @@ -1485,7 +1438,6 @@ class CI_Email { /** * Send using SMTP * - * @access protected * @return bool */ protected function _send_with_smtp() @@ -1554,7 +1506,6 @@ class CI_Email { /** * SMTP Connect * - * @access protected * @param string * @return string */ @@ -1598,7 +1549,6 @@ class CI_Email { /** * Send SMTP command * - * @access protected * @param string * @param string * @return string @@ -1671,7 +1621,6 @@ class CI_Email { /** * SMTP Authenticate * - * @access protected * @return bool */ protected function _smtp_authenticate() @@ -1725,7 +1674,6 @@ class CI_Email { /** * Send SMTP data * - * @access protected * @return bool */ protected function _send_data($data) @@ -1744,7 +1692,6 @@ class CI_Email { /** * Get SMTP data * - * @access protected * @return string */ protected function _get_smtp_data() @@ -1769,7 +1716,6 @@ class CI_Email { /** * Get Hostname * - * @access protected * @return string */ protected function _get_hostname() @@ -1782,7 +1728,6 @@ class CI_Email { /** * Get IP * - * @access protected * @return string */ protected function _get_ip() @@ -1824,7 +1769,6 @@ class CI_Email { /** * Get Debug Message * - * @access public * @return string */ public function print_debugger() @@ -1848,9 +1792,8 @@ class CI_Email { /** * Set Message * - * @access protected * @param string - * @return string + * @return void */ protected function _set_error_message($msg, $val = '') { @@ -1872,7 +1815,6 @@ class CI_Email { /** * Mime Types * - * @access protected * @param string * @return string */ @@ -1971,7 +1913,6 @@ class CI_Email { } } -// END CI_Email class /* End of file Email.php */ /* Location: ./system/libraries/Email.php */ -- cgit v1.2.3-24-g4f1b From 76f15c9bb3004e6da99dd273c34ef3b92a23c17f Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 1 Mar 2012 13:05:07 +0200 Subject: Switch ANDs to &&, || to OR in the Email class --- system/libraries/Email.php | 27 +++++++++++++-------------- 1 file changed, 13 insertions(+), 14 deletions(-) (limited to 'system/libraries') diff --git a/system/libraries/Email.php b/system/libraries/Email.php index 898effeb6..f1b18ab4f 100644 --- a/system/libraries/Email.php +++ b/system/libraries/Email.php @@ -101,7 +101,7 @@ class CI_Email { } else { - $this->_smtp_auth = ($this->smtp_user == '' AND $this->smtp_pass == '') ? FALSE : TRUE; + $this->_smtp_auth = ! ($this->smtp_user == '' && $this->smtp_pass == ''); $this->_safe_mode = (bool) @ini_get("safe_mode"); } @@ -136,7 +136,7 @@ class CI_Email { } $this->clear(); - $this->_smtp_auth = ($this->smtp_user == '' AND $this->smtp_pass == '') ? FALSE : TRUE; + $this->_smtp_auth = ! ($this->smtp_user == '' && $this->smtp_pass == ''); $this->_safe_mode = (bool) @ini_get("safe_mode"); return $this; @@ -553,7 +553,7 @@ class CI_Email { */ public function set_crlf($crlf = "\n") { - $this->crlf = ($crlf !== "\n" AND $crlf !== "\r\n" AND $crlf !== "\r") ? "\n" : $crlf; + $this->crlf = ($crlf !== "\n" && $crlf !== "\r\n" && $crlf !== "\r") ? "\n" : $crlf; return $this; } @@ -932,7 +932,7 @@ class CI_Email { */ protected function _build_message() { - if ($this->wordwrap === TRUE AND $this->mailtype !== 'html') + if ($this->wordwrap === TRUE && $this->mailtype !== 'html') { $this->_body = $this->word_wrap($this->_body); } @@ -1255,9 +1255,9 @@ class CI_Email { $this->reply_to($this->_headers['From']); } - if (( ! isset($this->_recipients) AND ! isset($this->_headers['To'])) AND - ( ! isset($this->_bcc_array) AND ! isset($this->_headers['Bcc'])) AND - ( ! isset($this->_headers['Cc']))) + if ( ! isset($this->_recipients) && ! isset($this->_headers['To']) + && ! isset($this->_bcc_array) && ! isset($this->_headers['Bcc']) + && ! isset($this->_headers['Cc'])) { $this->_set_error_message('lang:email_no_recipients'); return FALSE; @@ -1265,13 +1265,12 @@ class CI_Email { $this->_build_headers(); - if ($this->bcc_batch_mode AND count($this->_bcc_array) > $this->bcc_batch_size) + if ($this->bcc_batch_mode && count($this->_bcc_array) > $this->bcc_batch_size) { return $this->batch_bcc_send(); } $this->_build_message(); - return $this->_spool_email(); } @@ -1630,7 +1629,7 @@ class CI_Email { return TRUE; } - if ($this->smtp_user == "" AND $this->smtp_pass == "") + if ($this->smtp_user == '' && $this->smtp_pass == '') { $this->_set_error_message('lang:email_no_smtp_unpw'); return FALSE; @@ -1737,13 +1736,13 @@ class CI_Email { return $this->_IP; } - $cip = (isset($_SERVER['HTTP_CLIENT_IP']) AND $_SERVER['HTTP_CLIENT_IP'] != "") ? $_SERVER['HTTP_CLIENT_IP'] : FALSE; - $rip = (isset($_SERVER['REMOTE_ADDR']) AND $_SERVER['REMOTE_ADDR'] != "") ? $_SERVER['REMOTE_ADDR'] : FALSE; + $cip = ( ! empty($_SERVER['HTTP_CLIENT_IP'])) ? $_SERVER['HTTP_CLIENT_IP'] : FALSE; + $rip = ( ! empty($_SERVER['REMOTE_ADDR'])) ? $_SERVER['REMOTE_ADDR'] : FALSE; if ($cip) $this->_IP = $cip; elseif ($rip) $this->_IP = $rip; else { - $fip = (isset($_SERVER['HTTP_X_FORWARDED_FOR']) AND $_SERVER['HTTP_X_FORWARDED_FOR'] != "") ? $_SERVER['HTTP_X_FORWARDED_FOR'] : FALSE; + $fip = ( ! empty($_SERVER['HTTP_X_FORWARDED_FOR'])) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : FALSE; if ($fip) { $this->_IP = $fip; @@ -1800,7 +1799,7 @@ class CI_Email { $CI =& get_instance(); $CI->lang->load('email'); - if (substr($msg, 0, 5) !== 'lang:' || FALSE === ($line = $CI->lang->line(substr($msg, 5)))) + if (substr($msg, 0, 5) !== 'lang:' OR FALSE === ($line = $CI->lang->line(substr($msg, 5)))) { $this->_debug_msg[] = str_replace('%s', $val, $msg)."
"; } -- cgit v1.2.3-24-g4f1b From 59c5b537cb5880930f9a8d518659c75cd66f41b0 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 1 Mar 2012 14:09:51 +0200 Subject: Some other minor improvements to the Email library --- system/libraries/Email.php | 148 ++++++++++++++++++++------------------------- 1 file changed, 67 insertions(+), 81 deletions(-) (limited to 'system/libraries') diff --git a/system/libraries/Email.php b/system/libraries/Email.php index f1b18ab4f..c8a5b41af 100644 --- a/system/libraries/Email.php +++ b/system/libraries/Email.php @@ -38,29 +38,29 @@ */ class CI_Email { - public $useragent = "CodeIgniter"; - public $mailpath = "/usr/sbin/sendmail"; // Sendmail path - public $protocol = "mail"; // mail/sendmail/smtp - public $smtp_host = ""; // SMTP Server. Example: mail.earthlink.net - public $smtp_user = ""; // SMTP Username - public $smtp_pass = ""; // SMTP Password - public $smtp_port = "25"; // SMTP Port - public $smtp_timeout = 5; // SMTP Timeout in seconds - public $smtp_crypto = ""; // SMTP Encryption. Can be null, tls or ssl. - public $wordwrap = TRUE; // TRUE/FALSE Turns word-wrap on/off - public $wrapchars = "76"; // Number of characters to wrap at. - public $mailtype = "text"; // text/html Defines email formatting - public $charset = "utf-8"; // Default char set: iso-8859-1 or us-ascii - public $multipart = "mixed"; // "mixed" (in the body) or "related" (separate) - public $alt_message = ''; // Alternative message for HTML emails - public $validate = FALSE; // TRUE/FALSE. Enables email validation - public $priority = "3"; // Default priority (1 - 5) - public $newline = "\n"; // Default newline. "\r\n" or "\n" (Use "\r\n" to comply with RFC 822) - public $crlf = "\n"; // The RFC 2045 compliant CRLF for quoted-printable is "\r\n". Apparently some servers, + public $useragent = 'CodeIgniter'; + public $mailpath = '/usr/sbin/sendmail'; // Sendmail path + public $protocol = 'mail'; // mail/sendmail/smtp + public $smtp_host = ''; // SMTP Server. Example: mail.earthlink.net + public $smtp_user = ''; // SMTP Username + public $smtp_pass = ''; // SMTP Password + public $smtp_port = 25; // SMTP Port + public $smtp_timeout = 5; // SMTP Timeout in seconds + public $smtp_crypto = ''; // SMTP Encryption. Can be null, tls or ssl. + public $wordwrap = TRUE; // TRUE/FALSE Turns word-wrap on/off + public $wrapchars = 76; // Number of characters to wrap at. + public $mailtype = 'text'; // text/html Defines email formatting + public $charset = 'utf-8'; // Default char set: iso-8859-1 or us-ascii + public $multipart = 'mixed'; // "mixed" (in the body) or "related" (separate) + public $alt_message = ''; // Alternative message for HTML emails + public $validate = FALSE; // TRUE/FALSE. Enables email validation + public $priority = 3; // Default priority (1 - 5) + public $newline = "\n"; // Default newline. "\r\n" or "\n" (Use "\r\n" to comply with RFC 822) + public $crlf = "\n"; // The RFC 2045 compliant CRLF for quoted-printable is "\r\n". Apparently some servers, // even on the receiving end think they need to muck with CRLFs, so using "\n", while // distasteful, is the only thing that seems to work for all environments. public $send_multipart = TRUE; // TRUE/FALSE - Yahoo does not like multipart alternative, so this is an override. Set to FALSE for Yahoo. - public $bcc_batch_mode = FALSE; // TRUE/FALSE Turns on/off Bcc batch feature + public $bcc_batch_mode = FALSE; // TRUE/FALSE - Turns on/off Bcc batch feature public $bcc_batch_size = 200; // If bcc_batch_mode = TRUE, sets max number of Bccs in each batch protected $_safe_mode = FALSE; @@ -102,10 +102,10 @@ class CI_Email { else { $this->_smtp_auth = ! ($this->smtp_user == '' && $this->smtp_pass == ''); - $this->_safe_mode = (bool) @ini_get("safe_mode"); + $this->_safe_mode = (bool) @ini_get('safe_mode'); } - log_message('debug', "Email Class Initialized"); + log_message('debug', 'Email Class Initialized'); } // -------------------------------------------------------------------- @@ -137,7 +137,7 @@ class CI_Email { $this->clear(); $this->_smtp_auth = ! ($this->smtp_user == '' && $this->smtp_pass == ''); - $this->_safe_mode = (bool) @ini_get("safe_mode"); + $this->_safe_mode = (bool) @ini_get('safe_mode'); return $this; } @@ -152,11 +152,11 @@ class CI_Email { */ public function clear($clear_attachments = FALSE) { - $this->_subject = ""; - $this->_body = ""; - $this->_finalbody = ""; - $this->_header_str = ""; - $this->_replyto_flag = FALSE; + $this->_subject = ''; + $this->_body = ''; + $this->_finalbody = ''; + $this->_header_str = ''; + $this->_replyto_flag = FALSE; $this->_recipients = array(); $this->_cc_array = array(); $this->_bcc_array = array(); @@ -187,7 +187,7 @@ class CI_Email { */ public function from($from, $name = '') { - if (preg_match( '/\<(.*)\>/', $from, $match)) + if (preg_match('/\<(.*)\>/', $from, $match)) { $from = $match[1]; } @@ -229,7 +229,7 @@ class CI_Email { */ public function reply_to($replyto, $name = '') { - if (preg_match( '/\<(.*)\>/', $replyto, $match)) + if (preg_match('/\<(.*)\>/', $replyto, $match)) { $replyto = $match[1]; } @@ -275,17 +275,17 @@ class CI_Email { if ($this->_get_protocol() !== 'mail') { - $this->_set_header('To', implode(", ", $to)); + $this->_set_header('To', implode(', ', $to)); } switch ($this->_get_protocol()) { - case 'smtp' : + case 'smtp': $this->_recipients = $to; break; - case 'sendmail' : - case 'mail' : - $this->_recipients = implode(", ", $to); + case 'sendmail': + case 'mail': + $this->_recipients = implode(', ', $to); break; } @@ -310,7 +310,7 @@ class CI_Email { $this->validate_email($cc); } - $this->_set_header('Cc', implode(", ", $cc)); + $this->_set_header('Cc', implode(', ', $cc)); if ($this->_get_protocol() === 'smtp') { @@ -351,7 +351,7 @@ class CI_Email { } else { - $this->_set_header('Bcc', implode(", ", $bcc)); + $this->_set_header('Bcc', implode(', ', $bcc)); } return $this; @@ -382,7 +382,7 @@ class CI_Email { */ public function message($body) { - $this->_body = rtrim(str_replace("\r", "", $body)); + $this->_body = rtrim(str_replace("\r", '', $body)); /* strip slashes only if magic quotes is ON if we do it with magic quotes OFF, it strips real, user-inputted chars. @@ -446,8 +446,7 @@ class CI_Email { } else { - $email = trim($email); - settype($email, "array"); + $email = (array) trim($email); } } return $email; @@ -505,7 +504,7 @@ class CI_Email { */ public function set_protocol($protocol = 'mail') { - $this->protocol = ( ! in_array($protocol, $this->_protocols, TRUE)) ? 'mail' : strtolower($protocol); + $this->protocol = in_array($protocol, $this->_protocols, TRUE) ? strtolower($protocol) : 'mail'; return $this; } @@ -519,13 +518,7 @@ class CI_Email { */ public function set_priority($n = 3) { - if ( ! is_numeric($n) OR $n < 1 OR $n > 5) - { - $this->priority = 3; - return; - } - - $this->priority = (int) $n; + $this->priority = preg_match('/^[1-5]$/', $n) ? (int) $n : 3; return $this; } @@ -566,8 +559,8 @@ class CI_Email { */ protected function _set_boundaries() { - $this->_alt_boundary = "B_ALT_".uniqid(''); // multipart/alternative - $this->_atc_boundary = "B_ATC_".uniqid(''); // attachment boundary + $this->_alt_boundary = 'B_ALT_'.uniqid(''); // multipart/alternative + $this->_atc_boundary = 'B_ATC_'.uniqid(''); // attachment boundary } // -------------------------------------------------------------------- @@ -580,8 +573,7 @@ class CI_Email { protected function _get_message_id() { $from = str_replace(array('>', '<'), '', $this->_headers['Return-Path']); - - return "<".uniqid('').strstr($from, '@').">"; + return '<'.uniqid('').strstr($from, '@').'>'; } // -------------------------------------------------------------------- @@ -590,12 +582,12 @@ class CI_Email { * Get Mail Protocol * * @param bool - * @return string + * @return mixed */ protected function _get_protocol($return = TRUE) { $this->protocol = strtolower($this->protocol); - $this->protocol = ( ! in_array($this->protocol, $this->_protocols, TRUE)) ? 'mail' : $this->protocol; + in_array($this->protocol, $this->_protocols, TRUE) OR $this->protocol = 'mail'; if ($return == TRUE) { @@ -613,7 +605,7 @@ class CI_Email { */ protected function _get_encoding($return = TRUE) { - $this->_encoding = ( ! in_array($this->_encoding, $this->_bit_depths)) ? '8bit' : $this->_encoding; + in_array($this->_encoding, $this->_bit_depths) OR $this->_encoding = '8bit'; foreach ($this->_base_charsets as $charset) { @@ -665,12 +657,12 @@ class CI_Email { */ protected function _set_date() { - $timezone = date("Z"); + $timezone = date('Z'); $operator = (strncmp($timezone, '-', 1) === 0) ? '-' : '+'; $timezone = abs($timezone); $timezone = floor($timezone/3600) * 100 + ($timezone % 3600) / 60; - return sprintf("%s %s%04d", date("D, j M Y H:i:s"), $operator, $timezone); + return sprintf('%s %s%04d', date('D, j M Y H:i:s'), $operator, $timezone); } // -------------------------------------------------------------------- @@ -682,7 +674,7 @@ class CI_Email { */ protected function _get_mime_message() { - return "This is a multi-part message in MIME format.".$this->newline."Your email application may not support this format."; + return 'This is a multi-part message in MIME format.'.$this->newline.'Your email application may not support this format.'; } // -------------------------------------------------------------------- @@ -723,7 +715,7 @@ class CI_Email { */ public function valid_email($address) { - return (bool) preg_match("/^([a-z0-9\+_\-]+)(\.[a-z0-9\+_\-]+)*@([a-z0-9\-]+\.)+[a-z]{2,6}$/ix", $address); + return (bool) preg_match('/^([a-z0-9\+_\-]+)(\.[a-z0-9\+_\-]+)*@([a-z0-9\-]+\.)+[a-z]{2,6}$/ix', $address); } // -------------------------------------------------------------------- @@ -745,7 +737,7 @@ class CI_Email { foreach ($email as $addy) { - $clean_email[] = (preg_match( '/\<(.*)\>/', $addy, $match)) ? $match[1] : $addy; + $clean_email[] = preg_match('/\<(.*)\>/', $addy, $match) ? $match[1] : $addy; } return $clean_email; @@ -765,7 +757,7 @@ class CI_Email { */ protected function _get_alt_message() { - if ($this->alt_message != "") + if ($this->alt_message != '') { return $this->word_wrap($this->alt_message, '76'); } @@ -1165,9 +1157,7 @@ class CI_Email { } // get rid of extra CRLF tacked onto the end - $output = substr($output, 0, strlen($this->crlf) * -1); - - return $output; + return substr($output, 0, strlen($this->crlf) * -1); } // -------------------------------------------------------------------- @@ -1236,9 +1226,7 @@ class CI_Email { // wrap each line with the shebang, charset, and transfer encoding // the preceding space on successive lines is required for header "folding" - $str = trim(preg_replace('/^(.*)$/m', ' =?'.$this->charset.'?Q?$1?=', $str)); - - return $str; + return trim(preg_replace('/^(.*)$/m', ' =?'.$this->charset.'?Q?$1?=', $str)); } // -------------------------------------------------------------------- @@ -1283,24 +1271,22 @@ class CI_Email { */ public function batch_bcc_send() { - $float = $this->bcc_batch_size -1; - - $set = ""; - + $float = $this->bcc_batch_size - 1; + $set = ''; $chunk = array(); for ($i = 0, $c = count($this->_bcc_array); $i < $c; $i++) { if (isset($this->_bcc_array[$i])) { - $set .= ", ".$this->_bcc_array[$i]; + $set .= ', '.$this->_bcc_array[$i]; } if ($i == $float) { $chunk[] = substr($set, 1); $float += $this->bcc_batch_size; - $set = ""; + $set = ''; } if ($i === $c-1) @@ -1317,7 +1303,7 @@ class CI_Email { if ($this->protocol !== 'smtp') { - $this->_set_header('Bcc', implode(", ", $bcc)); + $this->_set_header('Bcc', implode(', ', $bcc)); } else { @@ -1719,7 +1705,7 @@ class CI_Email { */ protected function _get_hostname() { - return (isset($_SERVER['SERVER_NAME'])) ? $_SERVER['SERVER_NAME'] : 'localhost.localdomain'; + return isset($_SERVER['SERVER_NAME']) ? $_SERVER['SERVER_NAME'] : 'localhost.localdomain'; } // -------------------------------------------------------------------- @@ -1755,7 +1741,7 @@ class CI_Email { $this->_IP = end($x); } - if ( ! preg_match( "/^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$/", $this->_IP)) + if ( ! preg_match('/^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$/', $this->_IP)) { $this->_IP = '0.0.0.0'; } @@ -1782,8 +1768,7 @@ class CI_Email { } } - $msg .= "
".$this->_header_str."\n".htmlspecialchars($this->_subject)."\n".htmlspecialchars($this->_finalbody).'
'; - return $msg; + return $msg.'
'.$this->_header_str."\n".htmlspecialchars($this->_subject)."\n".htmlspecialchars($this->_finalbody).'
'; } // -------------------------------------------------------------------- @@ -1817,9 +1802,10 @@ class CI_Email { * @param string * @return string */ - protected function _mime_types($ext = "") + protected function _mime_types($ext = '') { - $mimes = array( 'hqx' => 'application/mac-binhex40', + $mimes = array( + 'hqx' => 'application/mac-binhex40', 'cpt' => 'application/mac-compactpro', 'doc' => 'application/msword', 'bin' => 'application/macbinary', @@ -1908,7 +1894,7 @@ class CI_Email { 'eml' => 'message/rfc822' ); - return ( ! isset($mimes[strtolower($ext)])) ? "application/x-unknown-content-type" : $mimes[strtolower($ext)]; + return isset($mimes[strtolower($ext)]) ? $mimes[strtolower($ext)] : 'application/x-unknown-content-type'; } } -- cgit v1.2.3-24-g4f1b From 6ca407e22104d9ba3ef729c840b7dee903df1531 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 1 Mar 2012 15:33:21 +0200 Subject: Fix issue #153 (E_NOTICE generated by getimagesize()) --- system/libraries/Upload.php | 16 +++++++--------- 1 file changed, 7 insertions(+), 9 deletions(-) (limited to 'system/libraries') diff --git a/system/libraries/Upload.php b/system/libraries/Upload.php index 0b853233d..ac29c1bdd 100644 --- a/system/libraries/Upload.php +++ b/system/libraries/Upload.php @@ -1,4 +1,4 @@ -allowed_types == '*') + if ($this->allowed_types === '*') { return TRUE; } - if (count($this->allowed_types) == 0 OR ! is_array($this->allowed_types)) + if ( ! is_array($this->allowed_types) OR count($this->allowed_types) === 0) { $this->set_error('upload_no_file_types'); return FALSE; @@ -618,12 +619,9 @@ class CI_Upload { // Images get some additional checks $image_types = array('gif', 'jpg', 'jpeg', 'png', 'jpe'); - if (in_array($ext, $image_types)) + if (in_array($ext, $image_types) && @getimagesize($this->file_temp) === FALSE) { - if (getimagesize($this->file_temp) === FALSE) - { - return FALSE; - } + return FALSE; } if ($ignore_mime === TRUE) @@ -640,7 +638,7 @@ class CI_Upload { return TRUE; } } - elseif ($mime == $this->file_type) + elseif ($mime === $this->file_type) { return TRUE; } -- cgit v1.2.3-24-g4f1b From 963386ba6072d240840b58d6dbe54287edcb04ad Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 2 Mar 2012 01:52:01 +0200 Subject: Fix issue #803 (Profiler library didn't handle objects properly) --- system/libraries/Profiler.php | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) (limited to 'system/libraries') diff --git a/system/libraries/Profiler.php b/system/libraries/Profiler.php index 89c616543..04216be5d 100644 --- a/system/libraries/Profiler.php +++ b/system/libraries/Profiler.php @@ -270,7 +270,7 @@ class CI_Profiler { } $output .= "$_GET[".$key."]   " - . (is_array($val) ? "
" . htmlspecialchars(stripslashes(print_r($val, true))) . "
" : htmlspecialchars(stripslashes($val))) + . ((is_array($val) OR is_object($val)) ? "
" . htmlspecialchars(stripslashes(print_r($val, true))) . "
" : htmlspecialchars(stripslashes($val))) . "\n"; } @@ -311,7 +311,7 @@ class CI_Profiler { } $output .= "$_POST[".$key."]   "; - if (is_array($val)) + if (is_array($val) OR is_object($val)) { $output .= "
" . htmlspecialchars(stripslashes(print_r($val, TRUE))) . "
"; } @@ -426,9 +426,9 @@ class CI_Profiler { . '  '.$this->CI->lang->line('profiler_config').'  ('.$this->CI->lang->line('profiler_section_show').')' . "\n\n\n\n"; - foreach ($this->CI->config->config as $config=>$val) + foreach ($this->CI->config->config as $config => $val) { - if (is_array($val)) + if (is_array($val) OR is_object($val)) { $val = print_r($val, TRUE); } @@ -459,7 +459,7 @@ class CI_Profiler { foreach ($this->CI->session->all_userdata() as $key => $val) { - if (is_array($val) || is_object($val)) + if (is_array($val) OR is_object($val)) { $val = print_r($val, TRUE); } @@ -501,7 +501,5 @@ class CI_Profiler { } } -// END CI_Profiler class - /* End of file Profiler.php */ /* Location: ./system/libraries/Profiler.php */ -- cgit v1.2.3-24-g4f1b From 676a0dd74409e7e838b94484ef9ba066dcf6db91 Mon Sep 17 00:00:00 2001 From: Michiel Vugteveen Date: Fri, 2 Mar 2012 10:10:34 +0100 Subject: updated error_array #565 --- system/libraries/Form_validation.php | 14 ++++++++++++++ 1 file changed, 14 insertions(+) (limited to 'system/libraries') diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php index 2ee734ae6..5069a44c1 100644 --- a/system/libraries/Form_validation.php +++ b/system/libraries/Form_validation.php @@ -234,6 +234,20 @@ class CI_Form_validation { // -------------------------------------------------------------------- + /** + * Get Array of Error Messages + * + * Returns the error messages as an array + * + * @return array + */ + public function error_array() + { + return $this->_error_array; + } + + // -------------------------------------------------------------------- + /** * Error String * -- cgit v1.2.3-24-g4f1b From f142192a97033c4f8d398212443bc4776bd2ca98 Mon Sep 17 00:00:00 2001 From: Timothy Warren Date: Fri, 2 Mar 2012 11:51:42 -0500 Subject: Limit db session select to single row --- system/libraries/Session.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries') diff --git a/system/libraries/Session.php b/system/libraries/Session.php index 66b39a6a2..dd50a91e1 100644 --- a/system/libraries/Session.php +++ b/system/libraries/Session.php @@ -219,7 +219,7 @@ class CI_Session { $this->CI->db->where('user_agent', $session['user_agent']); } - $query = $this->CI->db->get($this->sess_table_name); + $query = $this->CI->db->limit(1)->get($this->sess_table_name); // No result? Kill it! if ($query->num_rows() === 0) -- cgit v1.2.3-24-g4f1b From 7fcc7bdf7eb9c65920b1e14f242e31e3d71d1fd0 Mon Sep 17 00:00:00 2001 From: Diogo Osório Date: Fri, 2 Mar 2012 16:54:52 +0000 Subject: #1080 - Check if the SMTP connection and authentication were successfull. --- system/libraries/Email.php | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) (limited to 'system/libraries') diff --git a/system/libraries/Email.php b/system/libraries/Email.php index c8a5b41af..39a7059dd 100644 --- a/system/libraries/Email.php +++ b/system/libraries/Email.php @@ -1359,6 +1359,7 @@ class CI_Email { if ( ! $this->$method()) { $this->_set_error_message('lang:email_send_failure_' . ($this->_get_protocol() === 'mail' ? 'phpmail' : $this->_get_protocol())); + return FALSE; } $this->_set_error_message('lang:email_sent', $this->_get_protocol()); @@ -1433,8 +1434,10 @@ class CI_Email { return FALSE; } - $this->_smtp_connect(); - $this->_smtp_authenticate(); + if ( !($this->_smtp_connect() && $this->_smtp_authenticate()) ) + { + return FALSE; + } $this->_send_command('from', $this->clean_email($this->_headers['From'])); -- cgit v1.2.3-24-g4f1b From 593f798a0b463f45e00a207e4fe4b8cc82dedc35 Mon Sep 17 00:00:00 2001 From: Diogo Osório Date: Fri, 2 Mar 2012 18:04:17 +0000 Subject: Made the code more readable, updated the changelog. --- system/libraries/Email.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries') diff --git a/system/libraries/Email.php b/system/libraries/Email.php index 39a7059dd..8d839d0c9 100644 --- a/system/libraries/Email.php +++ b/system/libraries/Email.php @@ -1434,7 +1434,7 @@ class CI_Email { return FALSE; } - if ( !($this->_smtp_connect() && $this->_smtp_authenticate()) ) + if ( ! $this->_smtp_connect() OR ! $this->_smtp_authenticate()) { return FALSE; } -- cgit v1.2.3-24-g4f1b From 010f1f4b315c8f5aef2e0b4c6571e4c4752f56c6 Mon Sep 17 00:00:00 2001 From: tubalmartin Date: Sat, 3 Mar 2012 22:24:31 +0100 Subject: Fixed a bug - CI_Upload::_file_mime_type() could've failed if popen() is used for the detection. --- system/libraries/Upload.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries') diff --git a/system/libraries/Upload.php b/system/libraries/Upload.php index 91fbf66ca..b0490de30 100644 --- a/system/libraries/Upload.php +++ b/system/libraries/Upload.php @@ -1095,7 +1095,7 @@ class CI_Upload { $proc = @popen($cmd, 'r'); if (is_resource($proc)) { - $mime = @fread($test, 512); + $mime = @fread($proc, 512); @pclose($proc); if ($mime !== FALSE) { -- cgit v1.2.3-24-g4f1b From 099c478b2ebafd0a1b74e76221ed06c214e195f4 Mon Sep 17 00:00:00 2001 From: JonoB Date: Sun, 4 Mar 2012 14:37:30 +0000 Subject: Allow users to specify an array for validation, instead of alway using the $_POST array --- system/libraries/Form_validation.php | 67 +++++++++++++++++++++++++++++------- 1 file changed, 55 insertions(+), 12 deletions(-) (limited to 'system/libraries') diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php index 5069a44c1..b3efe82cf 100644 --- a/system/libraries/Form_validation.php +++ b/system/libraries/Form_validation.php @@ -47,7 +47,8 @@ class CI_Form_validation { protected $_error_suffix = '

'; protected $error_string = ''; protected $_safe_form_data = FALSE; - + protected $validation_data = array(); + /** * Constructor */ @@ -84,8 +85,9 @@ class CI_Form_validation { */ public function set_rules($field, $label = '', $rules = '') { - // No reason to set rules if we have no POST data - if (count($_POST) === 0) + // No reason to set rules if we have no POST data + // or a validation array has not been specified + if (count($_POST) === 0 && count($this->validation_data) === 0) { return $this; } @@ -159,13 +161,31 @@ class CI_Form_validation { return $this; } + // -------------------------------------------------------------------- + + /** + * By default, form validation uses the $_POST array to validate + * + * If an array is set through this method, then this array will + * be used instead of the $_POST array + * + * @param array $data + */ + public function set_data($data = '') + { + if ( ! empty($data) && is_array($data)) + { + $this->validation_data = $data; + } + } + // -------------------------------------------------------------------- /** * Set Error Message * * Lets users set their own error messages on the fly. Note: The key - * name has to match the function name that it corresponds to. + * name has to match the function name that it corresponds to. * * @param string * @param string @@ -300,10 +320,14 @@ class CI_Form_validation { public function run($group = '') { // Do we even have any data to process? Mm? - if (count($_POST) === 0) + $validation_array = ( ! empty($this->validation_data)) ? $this->validation_data : $_POST; + if (count($validation_array) === 0) { return FALSE; } + + // Clear any previous validation data + $this->_reset_validation(); // Does the _field_data array containing the validation rules exist? // If not, we look to see if they were assigned via a config file @@ -342,18 +366,18 @@ class CI_Form_validation { // corresponding $_POST item and test for errors foreach ($this->_field_data as $field => $row) { - // Fetch the data from the corresponding $_POST array and cache it in the _field_data array. + // Fetch the data from the corresponding $_POST or validation array and cache it in the _field_data array. // Depending on whether the field name is an array or a string will determine where we get it from. if ($row['is_array'] === TRUE) { - $this->_field_data[$field]['postdata'] = $this->_reduce_array($_POST, $row['keys']); + $this->_field_data[$field]['postdata'] = $this->_reduce_array($validation_array, $row['keys']); } else { - if (isset($_POST[$field]) AND $_POST[$field] != "") + if (isset($validation_array[$field]) AND $validation_array[$field] != "") { - $this->_field_data[$field]['postdata'] = $_POST[$field]; + $this->_field_data[$field]['postdata'] = $validation_array[$field]; } } @@ -867,12 +891,13 @@ class CI_Form_validation { */ public function matches($str, $field) { - if ( ! isset($_POST[$field])) + $validation_array = ( ! empty($this->validation_data)) ? $this->validation_data : $_POST; + if ( ! isset($validation_array[$field])) { return FALSE; } - return ($str === $_POST[$field]); + return ($str === $validation_array[$field]); } // -------------------------------------------------------------------- @@ -1282,7 +1307,25 @@ class CI_Form_validation { { return str_replace(array(''), array('<?php', '<?PHP', '<?', '?>'), $str); } - + + // -------------------------------------------------------------------- + + /** + * Reset validation vars + * + * Prevents subsequent validation routines from being affected by the + * results of any previous validation routine due to the CI singleton. + * + * @return void + */ + protected function _reset_validation() + { + $this->_field_data = array(); + $this->_config_rules = array(); + $this->_error_array = array(); + $this->_error_messages = array(); + $this->error_string = ''; + } } /* End of file Form_validation.php */ -- cgit v1.2.3-24-g4f1b From c8da4fe74d9cb0d456a18316fa9a0879d50e33f4 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sun, 4 Mar 2012 19:20:33 +0200 Subject: Fix indentation for changes from pull #1121 --- system/libraries/Form_validation.php | 49 ++++++++++++++++++------------------ 1 file changed, 24 insertions(+), 25 deletions(-) (limited to 'system/libraries') diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php index b3efe82cf..1c0089d85 100644 --- a/system/libraries/Form_validation.php +++ b/system/libraries/Form_validation.php @@ -48,10 +48,7 @@ class CI_Form_validation { protected $error_string = ''; protected $_safe_form_data = FALSE; protected $validation_data = array(); - - /** - * Constructor - */ + public function __construct($rules = array()) { $this->CI =& get_instance(); @@ -85,7 +82,7 @@ class CI_Form_validation { */ public function set_rules($field, $label = '', $rules = '') { - // No reason to set rules if we have no POST data + // No reason to set rules if we have no POST data // or a validation array has not been specified if (count($_POST) === 0 && count($this->validation_data) === 0) { @@ -162,23 +159,24 @@ class CI_Form_validation { } // -------------------------------------------------------------------- - + /** * By default, form validation uses the $_POST array to validate - * + * * If an array is set through this method, then this array will * be used instead of the $_POST array - * - * @param array $data + * + * @param array $data + * @return void */ public function set_data($data = '') { if ( ! empty($data) && is_array($data)) { - $this->validation_data = $data; + $this->validation_data = $data; } } - + // -------------------------------------------------------------------- /** @@ -325,7 +323,7 @@ class CI_Form_validation { { return FALSE; } - + // Clear any previous validation data $this->_reset_validation(); @@ -891,7 +889,7 @@ class CI_Form_validation { */ public function matches($str, $field) { - $validation_array = ( ! empty($this->validation_data)) ? $this->validation_data : $_POST; + $validation_array = ( ! empty($this->validation_data)) ? $this->validation_data : $_POST; if ( ! isset($validation_array[$field])) { return FALSE; @@ -1307,25 +1305,26 @@ class CI_Form_validation { { return str_replace(array(''), array('<?php', '<?PHP', '<?', '?>'), $str); } - + // -------------------------------------------------------------------- - - /** - * Reset validation vars - * - * Prevents subsequent validation routines from being affected by the + + /** + * Reset validation vars + * + * Prevents subsequent validation routines from being affected by the * results of any previous validation routine due to the CI singleton. - * - * @return void - */ - protected function _reset_validation() - { + * + * @return void + */ + protected function _reset_validation() + { $this->_field_data = array(); $this->_config_rules = array(); $this->_error_array = array(); $this->_error_messages = array(); $this->error_string = ''; - } + } + } /* End of file Form_validation.php */ -- cgit v1.2.3-24-g4f1b From 6b83123dce4a78e06f6eedc7cb1b2bb78d2294f0 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 6 Mar 2012 11:16:57 +0200 Subject: Fixed a bug in CI_Session::_unserialize() --- system/libraries/Session.php | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) (limited to 'system/libraries') diff --git a/system/libraries/Session.php b/system/libraries/Session.php index dd50a91e1..104b88810 100644 --- a/system/libraries/Session.php +++ b/system/libraries/Session.php @@ -454,7 +454,7 @@ class CI_Session { */ public function userdata($item) { - return ( ! isset($this->userdata[$item])) ? FALSE : $this->userdata[$item]; + return isset($this->userdata[$item]) ? $this->userdata[$item] : FALSE; } // -------------------------------------------------------------------- @@ -729,7 +729,7 @@ class CI_Session { */ protected function _unserialize($data) { - $data = @unserialize(strip_slashes($data)); + $data = @unserialize(strip_slashes(trim($data))); if (is_array($data)) { @@ -737,9 +737,11 @@ class CI_Session { return $data; } - return (is_string($data)) ? str_replace('{{slash}}', '\\', $data) : $data; + return is_string($data) ? str_replace('{{slash}}', '\\', $data) : $data; } + // -------------------------------------------------------------------- + /** * Unescape slashes * @@ -779,7 +781,7 @@ class CI_Session { { $expire = $this->now - $this->sess_expiration; - $this->CI->db->where("last_activity < {$expire}"); + $this->CI->db->where('last_activity < '.$expire); $this->CI->db->delete($this->sess_table_name); log_message('debug', 'Session garbage collection performed.'); -- cgit v1.2.3-24-g4f1b From 883f80f7ed758f384847af3db0082f9fb6e525ee Mon Sep 17 00:00:00 2001 From: JonoB Date: Mon, 5 Mar 2012 09:51:27 +0000 Subject: Removed reset_validation() method from run() method --- system/libraries/Form_validation.php | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) (limited to 'system/libraries') diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php index eb6031697..cdb3d3d62 100644 --- a/system/libraries/Form_validation.php +++ b/system/libraries/Form_validation.php @@ -165,6 +165,10 @@ class CI_Form_validation { * * If an array is set through this method, then this array will * be used instead of the $_POST array + * + * Note that if you are validating multiple arrays, then the + * reset_validation() function should be called after validating + * each array due to the limitations of CI's singleton * * @param array $data * @return void @@ -324,9 +328,6 @@ class CI_Form_validation { return FALSE; } - // Clear any previous validation data - $this->_reset_validation(); - // Does the _field_data array containing the validation rules exist? // If not, we look to see if they were assigned via a config file if (count($this->_field_data) === 0) @@ -1352,7 +1353,7 @@ class CI_Form_validation { * * @return void */ - protected function _reset_validation() + public function reset_validation() { $this->_field_data = array(); $this->_config_rules = array(); -- cgit v1.2.3-24-g4f1b