From 7c251b38b690183b590adeb31d5155d043b6f74b Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 27 Dec 2011 16:37:23 +0200 Subject: Improve the Encryption library --- system/libraries/Encrypt.php | 92 +++++++++++++++----------------------------- 1 file changed, 32 insertions(+), 60 deletions(-) (limited to 'system/libraries') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index 92b0b3c4a..d9f40b0d5 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -1,13 +1,13 @@ -get_key($key); - - if ($this->_mcrypt_exists === TRUE) - { - $enc = $this->mcrypt_encode($string, $key); - } - else - { - $enc = $this->_xor_encode($string, $key); - } - - return base64_encode($enc); + $method = ($this->_mcrypt_exists === TRUE) ? 'mcrypt_encode' : '_xor_encode'; + return base64_encode($this->$method($string, $this->get_key($key))); } // -------------------------------------------------------------------- @@ -149,28 +139,13 @@ class CI_Encrypt { */ public function decode($string, $key = '') { - $key = $this->get_key($key); - if (preg_match('/[^a-zA-Z0-9\/\+=]/', $string)) { return FALSE; } - $dec = base64_decode($string); - - if ($this->_mcrypt_exists === TRUE) - { - if (($dec = $this->mcrypt_decode($dec, $key)) === FALSE) - { - return FALSE; - } - } - else - { - $dec = $this->_xor_decode($dec, $key); - } - - return $dec; + $method = ($this->_mcrypt_exists === TRUE) ? 'mcrypt_decode' : '_xor_decode'; + return $this->$method(base64_decode($string), $this->get_key($key)); } // -------------------------------------------------------------------- @@ -197,6 +172,10 @@ class CI_Encrypt { log_message('error', 'Encoding from legacy is available only when Mcrypt is in use.'); return FALSE; } + elseif (preg_match('/[^a-zA-Z0-9\/\+=]/', $string)) + { + return FALSE; + } // decode it first // set mode temporarily to what it was when string was encoded with the legacy @@ -205,12 +184,6 @@ class CI_Encrypt { $this->set_mode($legacy_mode); $key = $this->get_key($key); - - if (preg_match('/[^a-zA-Z0-9\/\+=]/', $string)) - { - return FALSE; - } - $dec = base64_decode($string); if (($dec = $this->mcrypt_decode($dec, $key)) === FALSE) @@ -242,17 +215,18 @@ class CI_Encrypt { protected function _xor_encode($string, $key) { $rand = ''; - while (strlen($rand) < 32) + do { $rand .= mt_rand(0, mt_getrandmax()); } + while (strlen($rand) < 32); $rand = $this->hash($rand); $enc = ''; - for ($i = 0; $i < strlen($string); $i++) + for ($i = 0, $ls = strlen($string), $lr = strlen($rand); $i < $ls; $i++) { - $enc .= substr($rand, ($i % strlen($rand)), 1).(substr($rand, ($i % strlen($rand)), 1) ^ substr($string, $i, 1)); + $enc .= $rand[($i % $lr)].($rand[($i % $lr)] ^ $string[$i]); } return $this->_xor_merge($enc, $key); @@ -275,9 +249,9 @@ class CI_Encrypt { $string = $this->_xor_merge($string, $key); $dec = ''; - for ($i = 0; $i < strlen($string); $i++) + for ($i = 0, $l = strlen($string); $i < $l; $i++) { - $dec .= (substr($string, $i++, 1) ^ substr($string, $i, 1)); + $dec .= ($string[$i++] ^ $string[$i]); } return $dec; @@ -298,9 +272,9 @@ class CI_Encrypt { { $hash = $this->hash($key); $str = ''; - for ($i = 0; $i < strlen($string); $i++) + for ($i = 0, $ls = strlen($string), $lh = strlen($hash); $i < $ls; $i++) { - $str .= substr($string, $i, 1) ^ substr($hash, ($i % strlen($hash)), 1); + $str .= $string[$i] ^ $hash[($i % $lh)]; } return $str; @@ -359,18 +333,17 @@ class CI_Encrypt { */ protected function _add_cipher_noise($data, $key) { - $keyhash = $this->hash($key); - $keylen = strlen($keyhash); + $key = $this->hash($key); $str = ''; - for ($i = 0, $j = 0, $len = strlen($data); $i < $len; ++$i, ++$j) + for ($i = 0, $j = 0, $ld = strlen($data), $lk = strlen($key); $i < $ld; ++$i, ++$j) { - if ($j >= $keylen) + if ($j >= $lk) { $j = 0; } - $str .= chr((ord($data[$i]) + ord($keyhash[$j])) % 256); + $str .= chr((ord($data[$i]) + ord($key[$j])) % 256); } return $str; @@ -389,22 +362,21 @@ class CI_Encrypt { */ protected function _remove_cipher_noise($data, $key) { - $keyhash = $this->hash($key); - $keylen = strlen($keyhash); + $key = $this->hash($key); $str = ''; - for ($i = 0, $j = 0, $len = strlen($data); $i < $len; ++$i, ++$j) + for ($i = 0, $j = 0, $ld = strlen($data), $lk = strlen($key); $i < $ld; ++$i, ++$j) { - if ($j >= $keylen) + if ($j >= $lk) { $j = 0; } - $temp = ord($data[$i]) - ord($keyhash[$j]); + $temp = ord($data[$i]) - ord($key[$j]); if ($temp < 0) { - $temp = $temp + 256; + $temp += 256; } $str .= chr($temp); @@ -435,7 +407,7 @@ class CI_Encrypt { * @param constant * @return string */ - function set_mode($mode) + public function set_mode($mode) { $this->_mcrypt_mode = $mode; return $this; @@ -485,7 +457,7 @@ class CI_Encrypt { */ public function set_hash($type = 'sha1') { - $this->_hash_type = ($type != 'sha1' AND $type != 'md5') ? 'sha1' : $type; + $this->_hash_type = ($type !== 'sha1' AND $type !== 'md5') ? 'sha1' : $type; } // -------------------------------------------------------------------- @@ -498,11 +470,11 @@ class CI_Encrypt { */ public function hash($str) { - return ($this->_hash_type == 'sha1') ? sha1($str) : md5($str); + return ($this->_hash_type === 'sha1') ? sha1($str) : md5($str); } } // END CI_Encrypt class /* End of file Encrypt.php */ -/* Location: ./system/libraries/Encrypt.php */ \ No newline at end of file +/* Location: ./system/libraries/Encrypt.php */ -- cgit v1.2.3-24-g4f1b From 345e7ee1c655c53b8022c3e725a4266e15bd2542 Mon Sep 17 00:00:00 2001 From: Ronald Beilsma Date: Wed, 28 Dec 2011 12:59:04 +0100 Subject: fixed bug in pagination library return value of ceil is of type float --- system/libraries/Pagination.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries') diff --git a/system/libraries/Pagination.php b/system/libraries/Pagination.php index 008c15192..d10bef3e5 100644 --- a/system/libraries/Pagination.php +++ b/system/libraries/Pagination.php @@ -131,7 +131,7 @@ class CI_Pagination { $num_pages = ceil($this->total_rows / $this->per_page); // Is there only one page? Hm... nothing more to do here then. - if ($num_pages === 1) + if ($num_pages == 1) { return ''; } -- cgit v1.2.3-24-g4f1b From 64b013611f65006197fdf465186ca36adf12847d Mon Sep 17 00:00:00 2001 From: Ronald Beilsma Date: Wed, 28 Dec 2011 12:59:45 +0100 Subject: fixed bug in typography library array index starts at 0, not 1 --- system/libraries/Typography.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries') diff --git a/system/libraries/Typography.php b/system/libraries/Typography.php index 651ba7bff..ac9486a6b 100644 --- a/system/libraries/Typography.php +++ b/system/libraries/Typography.php @@ -144,7 +144,7 @@ class CI_Typography { $process = TRUE; $paragraph = FALSE; - for ($i = 1, $c = count($chunks); $i <= $c; $i++) + for ($i = 0, $c = count($chunks) - 1; $i <= $c; $i++) { // Are we dealing with a tag? If so, we'll skip the processing for this cycle. // Well also set the "process" flag which allows us to skip
 tags and a few other things.
-- 
cgit v1.2.3-24-g4f1b


From cfb7021e9f53fa089bfd676978b448b27e4bd996 Mon Sep 17 00:00:00 2001
From: Ronald Beilsma 
Date: Thu, 29 Dec 2011 09:57:49 +0100
Subject: ceil returned float (line 131), so if statement in line 134 was bound
 to return false (===, float vs integer)

---
 system/libraries/Pagination.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'system/libraries')

diff --git a/system/libraries/Pagination.php b/system/libraries/Pagination.php
index d10bef3e5..63b750bdb 100644
--- a/system/libraries/Pagination.php
+++ b/system/libraries/Pagination.php
@@ -128,10 +128,10 @@ class CI_Pagination {
 		}
 
 		// Calculate the total number of pages
-		$num_pages = ceil($this->total_rows / $this->per_page);
+		$num_pages = (int) ceil($this->total_rows / $this->per_page);
 
 		// Is there only one page? Hm... nothing more to do here then.
-		if ($num_pages == 1)
+		if ($num_pages === 1)
 		{
 			return '';
 		}
-- 
cgit v1.2.3-24-g4f1b


From cc6dbda62c1c04d4e247308f980e64d5d13c932d Mon Sep 17 00:00:00 2001
From: Andrey Andreev 
Date: Sun, 8 Jan 2012 06:35:17 +0200
Subject: Some more misc. stuff

---
 system/libraries/Encrypt.php | 13 +++----------
 1 file changed, 3 insertions(+), 10 deletions(-)

(limited to 'system/libraries')

diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php
index d9f40b0d5..63e3bb55e 100644
--- a/system/libraries/Encrypt.php
+++ b/system/libraries/Encrypt.php
@@ -46,15 +46,10 @@ class CI_Encrypt {
 	protected $_mcrypt_cipher;
 	protected $_mcrypt_mode;
 
-	/**
-	 * Constructor
-	 *
-	 * Simply determines whether the mcrypt library exists.
-	 */
 	public function __construct()
 	{
 		$this->_mcrypt_exists = ( ! function_exists('mcrypt_encrypt')) ? FALSE : TRUE;
-		log_message('debug', "Encrypt Class Initialized");
+		log_message('debug', 'Encrypt Class Initialized');
 	}
 
 	// --------------------------------------------------------------------
@@ -95,7 +90,7 @@ class CI_Encrypt {
 	 * Set the encryption key
 	 *
 	 * @param	string
-	 * @return	void
+	 * @return	object
 	 */
 	public function set_key($key = '')
 	{
@@ -457,7 +452,7 @@ class CI_Encrypt {
 	 */
 	public function set_hash($type = 'sha1')
 	{
-		$this->_hash_type = ($type !== 'sha1' AND $type !== 'md5') ? 'sha1' : $type;
+		$this->_hash_type = ($type !== 'sha1' && $type !== 'md5') ? 'sha1' : $type;
 	}
 
 	// --------------------------------------------------------------------
@@ -474,7 +469,5 @@ class CI_Encrypt {
 	}
 }
 
-// END CI_Encrypt class
-
 /* End of file Encrypt.php */
 /* Location: ./system/libraries/Encrypt.php */
-- 
cgit v1.2.3-24-g4f1b


From d655a997f7b98da29ea932084e2fb50956188141 Mon Sep 17 00:00:00 2001
From: Andrey Andreev 
Date: Tue, 10 Jan 2012 22:31:29 +0200
Subject: Two returns

---
 system/libraries/Encrypt.php | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

(limited to 'system/libraries')

diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php
index 63e3bb55e..8cb4b1b19 100644
--- a/system/libraries/Encrypt.php
+++ b/system/libraries/Encrypt.php
@@ -180,7 +180,6 @@ class CI_Encrypt {
 
 		$key = $this->get_key($key);
 		$dec = base64_decode($string);
-
 		if (($dec = $this->mcrypt_decode($dec, $key)) === FALSE)
 		{
 			return FALSE;
@@ -419,7 +418,7 @@ class CI_Encrypt {
 	{
 		if ($this->_mcrypt_cipher == '')
 		{
-			$this->_mcrypt_cipher = MCRYPT_RIJNDAEL_256;
+			return $this->_mcrypt_cipher = MCRYPT_RIJNDAEL_256;
 		}
 
 		return $this->_mcrypt_cipher;
@@ -436,7 +435,7 @@ class CI_Encrypt {
 	{
 		if ($this->_mcrypt_mode == '')
 		{
-			$this->_mcrypt_mode = MCRYPT_MODE_CBC;
+			return $this->_mcrypt_mode = MCRYPT_MODE_CBC;
 		}
 
 		return $this->_mcrypt_mode;
-- 
cgit v1.2.3-24-g4f1b


From 8f80bc4f855f78efbcb6344ea29cf67647b6772b Mon Sep 17 00:00:00 2001
From: Ronald Beilsma 
Date: Thu, 12 Jan 2012 16:41:49 +0100
Subject: array keys should be 0, 1, and 2. key 3 results in error (invalid
 offset)

---
 system/libraries/Image_lib.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'system/libraries')

diff --git a/system/libraries/Image_lib.php b/system/libraries/Image_lib.php
index dc7d362ce..a226ae8f8 100644
--- a/system/libraries/Image_lib.php
+++ b/system/libraries/Image_lib.php
@@ -1091,7 +1091,7 @@ class CI_Image_lib {
 			$txt_color = str_split(substr($this->wm_font_color, 1, 6), 2);
 			$txt_color = imagecolorclosest($src_img, hexdec($txt_color[0]), hexdec($txt_color[1]), hexdec($txt_color[2]));
 			$drp_color = str_split(substr($this->wm_shadow_color, 1, 6), 2);
-			$drp_color = imagecolorclosest($src_img, hexdec($drp_color[0]), hexdec($drp_color[2]), hexdec($drp_color[3]));
+			$drp_color = imagecolorclosest($src_img, hexdec($drp_color[0]), hexdec($drp_color[1]), hexdec($drp_color[2]));
 
 			//  Add the text to the source image
 			if ($this->wm_use_truetype)
-- 
cgit v1.2.3-24-g4f1b


From 7bb95dff569f465ad8887404c2f9d5304a2ff5b3 Mon Sep 17 00:00:00 2001
From: Sean Fisher 
Date: Mon, 16 Jan 2012 09:23:14 -0500
Subject: APC throws "apc_store() expects parameter 3 to be long, string
 given". Validates the TTL to an integer.

---
 system/libraries/Cache/drivers/Cache_apc.php | 1 +
 1 file changed, 1 insertion(+)

(limited to 'system/libraries')

diff --git a/system/libraries/Cache/drivers/Cache_apc.php b/system/libraries/Cache/drivers/Cache_apc.php
index 93993d07a..a3dd46978 100644
--- a/system/libraries/Cache/drivers/Cache_apc.php
+++ b/system/libraries/Cache/drivers/Cache_apc.php
@@ -68,6 +68,7 @@ class CI_Cache_apc extends CI_Driver {
 	 */
 	public function save($id, $data, $ttl = 60)
 	{
+		$ttl = (int) $ttl;
 		return apc_store($id, array($data, time(), $ttl), $ttl);
 	}
 
-- 
cgit v1.2.3-24-g4f1b


From f4cb94ef0fdc81f6d9d908a4a2d2efda62add379 Mon Sep 17 00:00:00 2001
From: Andrey Andreev 
Date: Thu, 19 Jan 2012 15:16:55 +0200
Subject: Some more cleaning

---
 system/libraries/Encrypt.php | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

(limited to 'system/libraries')

diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php
index 8cb4b1b19..7c8720fd6 100644
--- a/system/libraries/Encrypt.php
+++ b/system/libraries/Encrypt.php
@@ -9,7 +9,7 @@
  * Licensed under the Open Software License version 3.0
  *
  * This source file is subject to the Open Software License (OSL 3.0) that is
- * bundled with this package in the files license.txt / license.rst.  It is
+ * bundled with this package in the files license.txt / license.rst. It is
  * also available through the world wide web at this URL:
  * http://opensource.org/licenses/OSL-3.0
  * If you did not receive a copy of the license and are unable to obtain it
@@ -25,8 +25,6 @@
  * @filesource
  */
 
-// ------------------------------------------------------------------------
-
 /**
  * CodeIgniter Encryption Class
  *
@@ -447,7 +445,7 @@ class CI_Encrypt {
 	 * Set the Hash type
 	 *
 	 * @param	string
-	 * @return	string
+	 * @return	void
 	 */
 	public function set_hash($type = 'sha1')
 	{
-- 
cgit v1.2.3-24-g4f1b


From ed6531362e9eb98eeb477c63e3c365f79333e724 Mon Sep 17 00:00:00 2001
From: Andrey Andreev 
Date: Tue, 24 Jan 2012 15:26:42 +0200
Subject: Revert a space in the license agreement :)

---
 system/libraries/Encrypt.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'system/libraries')

diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php
index 7c8720fd6..f6eea3b7e 100644
--- a/system/libraries/Encrypt.php
+++ b/system/libraries/Encrypt.php
@@ -9,7 +9,7 @@
  * Licensed under the Open Software License version 3.0
  *
  * This source file is subject to the Open Software License (OSL 3.0) that is
- * bundled with this package in the files license.txt / license.rst. It is
+ * bundled with this package in the files license.txt / license.rst.  It is
  * also available through the world wide web at this URL:
  * http://opensource.org/licenses/OSL-3.0
  * If you did not receive a copy of the license and are unable to obtain it
-- 
cgit v1.2.3-24-g4f1b