From 8f9ab65270ae033c5637f8a7d26ae834e9a71d5e Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 10 Jan 2017 12:30:38 +0200 Subject: [ci skip] CI_Image_lib to set gd.jpeg_ignore_warning = 1 See #4967 --- system/libraries/Image_lib.php | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'system/libraries') diff --git a/system/libraries/Image_lib.php b/system/libraries/Image_lib.php index 9ec44da0c..88c9e7ede 100644 --- a/system/libraries/Image_lib.php +++ b/system/libraries/Image_lib.php @@ -392,6 +392,16 @@ class CI_Image_lib { $this->initialize($props); } + /** + * A work-around for some improperly formatted, but + * usable JPEGs; known to be produced by Samsung + * smartphones' front-facing cameras. + * + * @see https://github.com/bcit-ci/CodeIgniter/issues/4967 + * @see https://bugs.php.net/bug.php?id=72404 + */ + ini_set('gd.jpeg_ignore_warning', 1); + log_message('info', 'Image Lib Class Initialized'); } -- cgit v1.2.3-24-g4f1b From 37226c036a52ae857b13109774b1cdfc4b1d4db9 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 11 Jan 2017 12:05:32 +0200 Subject: [ci skip] Fix an error with DB sessions triggered with regenerate + destroy --- system/libraries/Session/drivers/Session_database_driver.php | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'system/libraries') diff --git a/system/libraries/Session/drivers/Session_database_driver.php b/system/libraries/Session/drivers/Session_database_driver.php index 31f5a4663..b519b782f 100644 --- a/system/libraries/Session/drivers/Session_database_driver.php +++ b/system/libraries/Session/drivers/Session_database_driver.php @@ -208,12 +208,8 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan // Prevent previous QB calls from messing with our queries $this->_db->reset_query(); - if ($this->_lock === FALSE) - { - return $this->_fail(); - } // Was the ID regenerated? - elseif ($session_id !== $this->_session_id) + if (isset($this->_session_id) && $session_id !== $this->_session_id) { if ( ! $this->_release_lock() OR ! $this->_get_lock($session_id)) { @@ -223,6 +219,10 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan $this->_row_exists = FALSE; $this->_session_id = $session_id; } + elseif ($this->_lock === FALSE) + { + return $this->_fail(); + } if ($this->_row_exists === FALSE) { -- cgit v1.2.3-24-g4f1b From 71d8f72ffc48a7f46747b3b6b1a554533cc1cbc5 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 17 Jan 2017 12:01:00 +0200 Subject: [ci skip] Merge pull request #4986 from ka7/feature/spelling Spelling fixes in comment blocks and docs --- system/libraries/Cache/drivers/Cache_memcached.php | 2 +- system/libraries/Ftp.php | 2 +- system/libraries/Pagination.php | 2 +- system/libraries/Typography.php | 2 +- system/libraries/Xmlrpc.php | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) (limited to 'system/libraries') diff --git a/system/libraries/Cache/drivers/Cache_memcached.php b/system/libraries/Cache/drivers/Cache_memcached.php index 17e361107..b642a2c03 100644 --- a/system/libraries/Cache/drivers/Cache_memcached.php +++ b/system/libraries/Cache/drivers/Cache_memcached.php @@ -110,7 +110,7 @@ class CI_Cache_memcached extends CI_Driver { if ($this->_memcached instanceof Memcache) { - // Third parameter is persistance and defaults to TRUE. + // Third parameter is persistence and defaults to TRUE. $this->_memcached->addServer( $cache_server['hostname'], $cache_server['port'], diff --git a/system/libraries/Ftp.php b/system/libraries/Ftp.php index ac960a419..86e5b8f33 100644 --- a/system/libraries/Ftp.php +++ b/system/libraries/Ftp.php @@ -486,7 +486,7 @@ class CI_FTP { { for ($i = 0, $c = count($list); $i < $c; $i++) { - // If we can't delete the item it's probaly a directory, + // If we can't delete the item it's probably a directory, // so we'll recursively call delete_dir() if ( ! preg_match('#/\.\.?$#', $list[$i]) && ! @ftp_delete($this->conn_id, $list[$i])) { diff --git a/system/libraries/Pagination.php b/system/libraries/Pagination.php index 1df5f9cd5..f26f8a4ed 100644 --- a/system/libraries/Pagination.php +++ b/system/libraries/Pagination.php @@ -428,7 +428,7 @@ class CI_Pagination { { $get = $this->CI->input->get(); - // Unset the controll, method, old-school routing options + // Unset the control, method, old-school routing options unset($get['c'], $get['m'], $get[$this->query_string_segment]); } else diff --git a/system/libraries/Typography.php b/system/libraries/Typography.php index ce31ba317..b25d8fdaa 100644 --- a/system/libraries/Typography.php +++ b/system/libraries/Typography.php @@ -241,7 +241,7 @@ class CI_Typography { // Clean up stray paragraph tags that appear before block level elements '#

<('.$this->block_elements.')#' => '<$1', - // Clean up stray non-breaking spaces preceeding block elements + // Clean up stray non-breaking spaces preceding block elements '#( \s*)+<('.$this->block_elements.')#' => ' <$2', // Replace the temporary markers we added earlier diff --git a/system/libraries/Xmlrpc.php b/system/libraries/Xmlrpc.php index f043e0f90..fc5abe5c4 100644 --- a/system/libraries/Xmlrpc.php +++ b/system/libraries/Xmlrpc.php @@ -238,7 +238,7 @@ class CI_Xmlrpc { public $result; /** - * XML-RPC Reponse + * XML-RPC Response * * @var array */ -- cgit v1.2.3-24-g4f1b From f565212c5aa07a8016394a3bc66874be83c73d4d Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 19 Jan 2017 15:17:00 +0200 Subject: Fix byte-safety issues & actually test for them --- system/libraries/Encrypt.php | 59 ++++++++++++++++++++++++++++++++++------- system/libraries/Encryption.php | 10 +++---- 2 files changed, 55 insertions(+), 14 deletions(-) (limited to 'system/libraries') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index 46f374726..ebcc6e8c6 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -122,7 +122,7 @@ class CI_Encrypt { $key = config_item('encryption_key'); - if ( ! strlen($key)) + if ( ! self::strlen($key)) { show_error('In order to use the encryption class requires that you set an encryption key in your config file.'); } @@ -252,7 +252,7 @@ class CI_Encrypt { $string = $this->_xor_merge($string, $key); $dec = ''; - for ($i = 0, $l = strlen($string); $i < $l; $i++) + for ($i = 0, $l = self::strlen($string); $i < $l; $i++) { $dec .= ($string[$i++] ^ $string[$i]); } @@ -275,7 +275,8 @@ class CI_Encrypt { { $hash = $this->hash($key); $str = ''; - for ($i = 0, $ls = strlen($string), $lh = strlen($hash); $i < $ls; $i++) + + for ($i = 0, $ls = self::strlen($string), $lh = self::strlen($hash); $i < $ls; $i++) { $str .= $string[$i] ^ $hash[($i % $lh)]; } @@ -295,7 +296,7 @@ class CI_Encrypt { public function mcrypt_encode($data, $key) { $init_size = mcrypt_get_iv_size($this->_get_cipher(), $this->_get_mode()); - $init_vect = mcrypt_create_iv($init_size, MCRYPT_RAND); + $init_vect = mcrypt_create_iv($init_size, MCRYPT_DEV_URANDOM); return $this->_add_cipher_noise($init_vect.mcrypt_encrypt($this->_get_cipher(), $key, $data, $this->_get_mode(), $init_vect), $key); } @@ -313,13 +314,14 @@ class CI_Encrypt { $data = $this->_remove_cipher_noise($data, $key); $init_size = mcrypt_get_iv_size($this->_get_cipher(), $this->_get_mode()); - if ($init_size > strlen($data)) + if ($init_size > self::strlen($data)) { return FALSE; } - $init_vect = substr($data, 0, $init_size); - $data = substr($data, $init_size); + $init_vect = self::substr($data, 0, $init_size); + $data = self::substr($data, $init_size); + return rtrim(mcrypt_decrypt($this->_get_cipher(), $key, $data, $this->_get_mode(), $init_vect), "\0"); } @@ -339,7 +341,7 @@ class CI_Encrypt { $key = $this->hash($key); $str = ''; - for ($i = 0, $j = 0, $ld = strlen($data), $lk = strlen($key); $i < $ld; ++$i, ++$j) + for ($i = 0, $j = 0, $ld = self::strlen($data), $lk = self::strlen($key); $i < $ld; ++$i, ++$j) { if ($j >= $lk) { @@ -369,7 +371,7 @@ class CI_Encrypt { $key = $this->hash($key); $str = ''; - for ($i = 0, $j = 0, $ld = strlen($data), $lk = strlen($key); $i < $ld; ++$i, ++$j) + for ($i = 0, $j = 0, $ld = self::strlen($data), $lk = self::strlen($key); $i < $ld; ++$i, ++$j) { if ($j >= $lk) { @@ -477,4 +479,43 @@ class CI_Encrypt { return hash($this->_hash_type, $str); } + // -------------------------------------------------------------------- + + /** + * Byte-safe strlen() + * + * @param string $str + * @return int + */ + protected static function strlen($str) + { + return defined('MB_OVERLOAD_STRING') + ? mb_strlen($str, '8bit') + : strlen($str); + } + + // -------------------------------------------------------------------- + + /** + * Byte-safe substr() + * + * @param string $str + * @param int $start + * @param int $length + * @return string + */ + protected static function substr($str, $start, $length = NULL) + { + if (defined('MB_OVERLOAD_STRING')) + { + // mb_substr($str, $start, null, '8bit') returns an empty + // string on PHP 5.3 + isset($length) OR $length = ($start >= 0 ? self::strlen($str) - $start : -$start); + return mb_substr($str, $start, $length, '8bit'); + } + + return isset($length) + ? substr($str, $start, $length) + : substr($str, $start); + } } diff --git a/system/libraries/Encryption.php b/system/libraries/Encryption.php index 74832ede6..c1e454dda 100644 --- a/system/libraries/Encryption.php +++ b/system/libraries/Encryption.php @@ -135,11 +135,11 @@ class CI_Encryption { ); /** - * mbstring.func_override flag + * mbstring.func_overload flag * * @var bool */ - protected static $func_override; + protected static $func_overload; // -------------------------------------------------------------------- @@ -161,7 +161,7 @@ class CI_Encryption { show_error('Encryption: Unable to find an available encryption driver.'); } - isset(self::$func_override) OR self::$func_override = (extension_loaded('mbstring') && ini_get('mbstring.func_override')); + isset(self::$func_overload) OR self::$func_overload = (extension_loaded('mbstring') && ini_get('mbstring.func_overload')); $this->initialize($params); if ( ! isset($this->_key) && self::strlen($key = config_item('encryption_key')) > 0) @@ -911,7 +911,7 @@ class CI_Encryption { */ protected static function strlen($str) { - return (self::$func_override) + return (self::$func_overload) ? mb_strlen($str, '8bit') : strlen($str); } @@ -928,7 +928,7 @@ class CI_Encryption { */ protected static function substr($str, $start, $length = NULL) { - if (self::$func_override) + if (self::$func_overload) { // mb_substr($str, $start, null, '8bit') returns an empty // string on PHP 5.3 -- cgit v1.2.3-24-g4f1b From c0c74d5201c171cd6d0cdc2133e63077ebe1a407 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 19 Jan 2017 15:26:35 +0200 Subject: More byte-safety --- system/libraries/Email.php | 10 +++++----- system/libraries/Session/drivers/Session_files_driver.php | 8 ++++---- system/libraries/Zip.php | 10 +++++----- 3 files changed, 14 insertions(+), 14 deletions(-) (limited to 'system/libraries') diff --git a/system/libraries/Email.php b/system/libraries/Email.php index 117c4845f..955787d28 100644 --- a/system/libraries/Email.php +++ b/system/libraries/Email.php @@ -375,11 +375,11 @@ class CI_Email { ); /** - * mbstring.func_override flag + * mbstring.func_overload flag * * @var bool */ - protected static $func_override; + protected static $func_overload; // -------------------------------------------------------------------- @@ -397,7 +397,7 @@ class CI_Email { $this->initialize($config); $this->_safe_mode = ( ! is_php('5.4') && ini_get('safe_mode')); - isset(self::$func_override) OR self::$func_override = (extension_loaded('mbstring') && ini_get('mbstring.func_override')); + isset(self::$func_overload) OR self::$func_overload = (extension_loaded('mbstring') && ini_get('mbstring.func_overload')); log_message('info', 'Email Class Initialized'); } @@ -2442,7 +2442,7 @@ class CI_Email { */ protected static function strlen($str) { - return (self::$func_override) + return (self::$func_overload) ? mb_strlen($str, '8bit') : strlen($str); } @@ -2459,7 +2459,7 @@ class CI_Email { */ protected static function substr($str, $start, $length = NULL) { - if (self::$func_override) + if (self::$func_overload) { // mb_substr($str, $start, null, '8bit') returns an empty // string on PHP 5.3 diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php index 6016e094e..8860ef667 100644 --- a/system/libraries/Session/drivers/Session_files_driver.php +++ b/system/libraries/Session/drivers/Session_files_driver.php @@ -84,11 +84,11 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle protected $_sid_regexp; /** - * mbstring.func_override flag + * mbstring.func_overload flag * * @var bool */ - protected static $func_override; + protected static $func_overload; // ------------------------------------------------------------------------ @@ -115,7 +115,7 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle $this->_sid_regexp = $this->_config['_sid_regexp']; - isset(self::$func_override) OR self::$func_override = (extension_loaded('mbstring') && ini_get('mbstring.func_override')); + isset(self::$func_overload) OR self::$func_overload = (extension_loaded('mbstring') && ini_get('mbstring.func_overload')); } // ------------------------------------------------------------------------ @@ -399,7 +399,7 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle */ protected static function strlen($str) { - return (self::$func_override) + return (self::$func_overload) ? mb_strlen($str, '8bit') : strlen($str); } diff --git a/system/libraries/Zip.php b/system/libraries/Zip.php index 46f6c145d..2c71e1fbe 100644 --- a/system/libraries/Zip.php +++ b/system/libraries/Zip.php @@ -106,11 +106,11 @@ class CI_Zip { public $compression_level = 2; /** - * mbstring.func_override flag + * mbstring.func_overload flag * * @var bool */ - protected static $func_override; + protected static $func_overload; /** * Initialize zip compression class @@ -119,7 +119,7 @@ class CI_Zip { */ public function __construct() { - isset(self::$func_override) OR self::$func_override = (extension_loaded('mbstring') && ini_get('mbstring.func_override')); + isset(self::$func_overload) OR self::$func_overload = (extension_loaded('mbstring') && ini_get('mbstring.func_overload')); $this->now = time(); log_message('info', 'Zip Compression Class Initialized'); @@ -500,7 +500,7 @@ class CI_Zip { */ protected static function strlen($str) { - return (self::$func_override) + return (self::$func_overload) ? mb_strlen($str, '8bit') : strlen($str); } @@ -517,7 +517,7 @@ class CI_Zip { */ protected static function substr($str, $start, $length = NULL) { - if (self::$func_override) + if (self::$func_overload) { // mb_substr($str, $start, null, '8bit') returns an empty // string on PHP 5.3 -- cgit v1.2.3-24-g4f1b From 4316a157c27a3721dbfd8a817bf8cbffb1fe371f Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 20 Jan 2017 15:46:17 +0200 Subject: Don't use each() Will be deprecated in PHP 7.2 --- system/libraries/Xmlrpc.php | 36 +++++++++++++++++------------------- system/libraries/Xmlrpcs.php | 4 ++-- 2 files changed, 19 insertions(+), 21 deletions(-) (limited to 'system/libraries') diff --git a/system/libraries/Xmlrpc.php b/system/libraries/Xmlrpc.php index fc5abe5c4..c766a89c8 100644 --- a/system/libraries/Xmlrpc.php +++ b/system/libraries/Xmlrpc.php @@ -460,7 +460,7 @@ class CI_Xmlrpc { { if (is_array($value[0]) && ($value[1] === 'struct' OR $value[1] === 'array')) { - while (list($k) = each($value[0])) + foreach (array_keys($value[0]) as $k) { $value[0][$k] = $this->values_parsing($value[0][$k]); } @@ -931,15 +931,15 @@ class XML_RPC_Response if (is_array($array)) { - while (list($key) = each($array)) + foreach ($array as $key => &$value) { - if (is_array($array[$key])) + if (is_array($value)) { - $array[$key] = $this->decode($array[$key]); + $array[$key] = $this->decode($value); } elseif ($this->xss_clean) { - $array[$key] = $CI->security->xss_clean($array[$key]); + $array[$key] = $CI->security->xss_clean($value); } } @@ -993,10 +993,11 @@ class XML_RPC_Response reset($xmlrpc_val->me['struct']); $arr = array(); - while (list($key,$value) = each($xmlrpc_val->me['struct'])) + foreach ($xmlrpc_val->me['struct'] as $key => &$value) { $arr[$key] = $this->xmlrpc_decoder($value); } + return $arr; } } @@ -1562,17 +1563,17 @@ class XML_RPC_Message extends CI_Xmlrpc if ( ! empty($array)) { - while (list($key) = each($array)) + foreach ($array as $key => &$value) { - if (is_array($array[$key])) + if (is_array($value)) { - $array[$key] = $this->output_parameters($array[$key]); + $array[$key] = $this->output_parameters($value); } elseif ($key !== 'bits' && $this->xss_clean) { // 'bits' is for the MetaWeblog API image bits // @todo - this needs to be made more general purpose - $array[$key] = $CI->security->xss_clean($array[$key]); + $array[$key] = $CI->security->xss_clean($value); } } @@ -1632,7 +1633,7 @@ class XML_RPC_Message extends CI_Xmlrpc reset($param->me['struct']); $arr = array(); - while (list($key,$value) = each($param->me['struct'])) + foreach ($param->me['struct'] as $key => &$value) { $arr[$key] = $this->decode_message($value); } @@ -1823,7 +1824,7 @@ class XML_RPC_Values extends CI_Xmlrpc // struct $rs .= "\n"; reset($val); - while (list($key2, $val2) = each($val)) + foreach ($val as $key2 => &$val2) { $rs .= "\n{$key2}\n".$this->serializeval($val2)."\n"; } @@ -1884,11 +1885,9 @@ class XML_RPC_Values extends CI_Xmlrpc */ public function serializeval($o) { - $ar = $o->me; - reset($ar); - - list($typ, $val) = each($ar); - return "\n".$this->serializedata($typ, $val)."\n"; + $array = $o->me; + list($value, $type) = array(reset($ar), key($array)); + return "\n".$this->serializedata($type, $value)."\n"; } // -------------------------------------------------------------------- @@ -1900,8 +1899,7 @@ class XML_RPC_Values extends CI_Xmlrpc */ public function scalarval() { - reset($this->me); - return current($this->me); + return reset($this->me); } // -------------------------------------------------------------------- diff --git a/system/libraries/Xmlrpcs.php b/system/libraries/Xmlrpcs.php index 21de937c8..0274f13b6 100644 --- a/system/libraries/Xmlrpcs.php +++ b/system/libraries/Xmlrpcs.php @@ -584,7 +584,7 @@ class CI_Xmlrpcs extends CI_Xmlrpc { return $this->multicall_error('nomethod'); } - list($scalar_type, $scalar_value) = each($methName->me); + list($scalar_value, $scalar_type) = array(reset($methName->me), key($methName->me)); $scalar_type = $scalar_type === $this->xmlrpcI4 ? $this->xmlrpcInt : $scalar_type; if ($methName->kindOf() !== 'scalar' OR $scalar_type !== 'string') @@ -604,7 +604,7 @@ class CI_Xmlrpcs extends CI_Xmlrpc { return $this->multicall_error('notarray'); } - list($a, $b) = each($params->me); + list($b, $a) = array(reset($params->me), key($params->me)); $msg = new XML_RPC_Message($scalar_value); for ($i = 0, $numParams = count($b); $i < $numParams; $i++) -- cgit v1.2.3-24-g4f1b From cd8d52807854657cca365e40f6191c6ef2817341 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 23 Jan 2017 11:42:47 +0200 Subject: Merge pull request #4990 from tianhe1986/develop_profiler Two small changes with CI_Profiler --- system/libraries/Profiler.php | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'system/libraries') diff --git a/system/libraries/Profiler.php b/system/libraries/Profiler.php index e9e03cfe0..9ea09a529 100644 --- a/system/libraries/Profiler.php +++ b/system/libraries/Profiler.php @@ -316,7 +316,7 @@ class CI_Profiler { { is_int($key) OR $key = "'".htmlspecialchars($key, ENT_QUOTES, config_item('charset'))."'"; $val = (is_array($val) OR is_object($val)) - ? '
'.htmlspecialchars(print_r($val, TRUE), ENT_QUOTES, config_item('charset'))
+					? '
'.htmlspecialchars(print_r($val, TRUE), ENT_QUOTES, config_item('charset')).'
' : htmlspecialchars($val, ENT_QUOTES, config_item('charset')); $output .= '$_GET[' @@ -356,7 +356,7 @@ class CI_Profiler { { is_int($key) OR $key = "'".htmlspecialchars($key, ENT_QUOTES, config_item('charset'))."'"; $val = (is_array($val) OR is_object($val)) - ? '
'.htmlspecialchars(print_r($val, TRUE), ENT_QUOTES, config_item('charset'))
+					? '
'.htmlspecialchars(print_r($val, TRUE), ENT_QUOTES, config_item('charset')).'
' : htmlspecialchars($val, ENT_QUOTES, config_item('charset')); $output .= '$_POST[' @@ -368,7 +368,7 @@ class CI_Profiler { { is_int($key) OR $key = "'".htmlspecialchars($key, ENT_QUOTES, config_item('charset'))."'"; $val = (is_array($val) OR is_object($val)) - ? '
'.htmlspecialchars(print_r($val, TRUE), ENT_QUOTES, config_item('charset'))
+					? '
'.htmlspecialchars(print_r($val, TRUE), ENT_QUOTES, config_item('charset')).'
' : htmlspecialchars($val, ENT_QUOTES, config_item('charset')); $output .= '$_FILES[' @@ -490,7 +490,7 @@ class CI_Profiler { } $output .= '' - .$config.'  '.htmlspecialchars($val)."\n"; + .$config.'  '.htmlspecialchars($val, ENT_QUOTES, config_item('charset'))."\n"; } return $output."\n"; @@ -522,7 +522,7 @@ class CI_Profiler { } $output .= '' - .$key.'  '.htmlspecialchars($val)."\n"; + .$key.'  '.htmlspecialchars($val, ENT_QUOTES, config_item('charset'))."\n"; } return $output."\n"; -- cgit v1.2.3-24-g4f1b From bdcafdfa204b041493707caa277915e00a124eaf Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 28 Mar 2017 17:31:09 +0300 Subject: [ci skip] Fix 5070 --- system/libraries/Email.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries') diff --git a/system/libraries/Email.php b/system/libraries/Email.php index 955787d28..d4b938701 100644 --- a/system/libraries/Email.php +++ b/system/libraries/Email.php @@ -941,7 +941,7 @@ class CI_Email { foreach ($this->_base_charsets as $charset) { - if (strpos($charset, $this->charset) === 0) + if (strpos($this->charset, $charset) === 0) { $this->_encoding = '7bit'; } -- cgit v1.2.3-24-g4f1b From b9e45e32d89f2cba80f88becb0d52c92898e3a1d Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 6 Apr 2017 14:36:19 +0300 Subject: [ci skip] Simplify some internal CI_Email code --- system/libraries/Email.php | 24 ++++++++---------------- 1 file changed, 8 insertions(+), 16 deletions(-) (limited to 'system/libraries') diff --git a/system/libraries/Email.php b/system/libraries/Email.php index d4b938701..0e9cf0574 100644 --- a/system/libraries/Email.php +++ b/system/libraries/Email.php @@ -913,18 +913,13 @@ class CI_Email { /** * Get Mail Protocol * - * @param bool * @return mixed */ - protected function _get_protocol($return = TRUE) + protected function _get_protocol() { $this->protocol = strtolower($this->protocol); in_array($this->protocol, $this->_protocols, TRUE) OR $this->protocol = 'mail'; - - if ($return === TRUE) - { - return $this->protocol; - } + return $this->protocol; } // -------------------------------------------------------------------- @@ -932,10 +927,9 @@ class CI_Email { /** * Get Mail Encoding * - * @param bool * @return string */ - protected function _get_encoding($return = TRUE) + protected function _get_encoding() { in_array($this->_encoding, $this->_bit_depths) OR $this->_encoding = '8bit'; @@ -947,10 +941,7 @@ class CI_Email { } } - if ($return === TRUE) - { - return $this->_encoding; - } + return $this->_encoding; } // -------------------------------------------------------------------- @@ -1829,14 +1820,15 @@ class CI_Email { { $this->_unwrap_specials(); - $method = '_send_with_'.$this->_get_protocol(); + $protocol = $this->_get_protocol(); + $method = '_send_with_'.$protocol; if ( ! $this->$method()) { - $this->_set_error_message('lang:email_send_failure_'.($this->_get_protocol() === 'mail' ? 'phpmail' : $this->_get_protocol())); + $this->_set_error_message('lang:email_send_failure_'.($protocol === 'mail' ? 'phpmail' : $protocol)); return FALSE; } - $this->_set_error_message('lang:email_sent', $this->_get_protocol()); + $this->_set_error_message('lang:email_sent', $protocol); return TRUE; } -- cgit v1.2.3-24-g4f1b From 11d59d7097ce35ab3b9845de2e021f9db1e25863 Mon Sep 17 00:00:00 2001 From: "Instructor, Computer Systems Technology" Date: Sat, 15 Apr 2017 13:35:10 -0700 Subject: Merge pull request #5085 from jim-parry/fix/xmlrpc Fix typo in serializeval() --- system/libraries/Xmlrpc.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries') diff --git a/system/libraries/Xmlrpc.php b/system/libraries/Xmlrpc.php index c766a89c8..6fa791864 100644 --- a/system/libraries/Xmlrpc.php +++ b/system/libraries/Xmlrpc.php @@ -1886,7 +1886,7 @@ class XML_RPC_Values extends CI_Xmlrpc public function serializeval($o) { $array = $o->me; - list($value, $type) = array(reset($ar), key($array)); + list($value, $type) = array(reset($array), key($array)); return "\n".$this->serializedata($type, $value)."\n"; } -- cgit v1.2.3-24-g4f1b From ee9d428171dc201f51eaffdb62616312915681ff Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 5 Jun 2017 10:44:37 +0300 Subject: [ci skip] Merge pull request #5143 from TysonAndre/misc-phpdoc-nits Fix misc inconsistencies between code and doc comments --- system/libraries/Session/drivers/Session_redis_driver.php | 2 +- system/libraries/Table.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'system/libraries') diff --git a/system/libraries/Session/drivers/Session_redis_driver.php b/system/libraries/Session/drivers/Session_redis_driver.php index d260f7b82..e220a2951 100644 --- a/system/libraries/Session/drivers/Session_redis_driver.php +++ b/system/libraries/Session/drivers/Session_redis_driver.php @@ -51,7 +51,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle /** * phpRedis instance * - * @var resource + * @var Redis */ protected $_redis; diff --git a/system/libraries/Table.php b/system/libraries/Table.php index fef9bb039..50c5e358b 100644 --- a/system/libraries/Table.php +++ b/system/libraries/Table.php @@ -435,7 +435,7 @@ class CI_Table { /** * Set table data from a database result object * - * @param CI_DB_result $db_result Database result object + * @param CI_DB_result $object Database result object * @return void */ protected function _set_from_db_result($object) -- cgit v1.2.3-24-g4f1b From ed1a0453a9372e88058169f2028c9a2140318961 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 19 Jun 2017 08:25:23 +0300 Subject: [ci skip] Fix a bug in FV valid_email() --- system/libraries/Form_validation.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'system/libraries') diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php index 4f679a17f..71d0e64b1 100644 --- a/system/libraries/Form_validation.php +++ b/system/libraries/Form_validation.php @@ -1229,9 +1229,9 @@ class CI_Form_validation { */ public function valid_email($str) { - if (function_exists('idn_to_ascii') && sscanf($str, '%[^@]@%s', $name, $domain) === 2) + if (function_exists('idn_to_ascii') && preg_match('#\A([^@]+)@(.+)\z#', $str, $matches)) { - $str = $name.'@'.idn_to_ascii($domain); + $str = $matches[1].'@'.idn_to_ascii($matches[2]); } return (bool) filter_var($str, FILTER_VALIDATE_EMAIL); -- cgit v1.2.3-24-g4f1b From fdf4b59e7734e3417c745a651382dec8bf556ed0 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 6 Jul 2017 11:49:13 +0300 Subject: [ci skip] Merge pull request #5170 from tianhe1986/develop_session_race_condition Decreasing the probability of race condition in session lock --- system/libraries/Session/drivers/Session_memcached_driver.php | 5 +++-- system/libraries/Session/drivers/Session_redis_driver.php | 6 +++++- 2 files changed, 8 insertions(+), 3 deletions(-) (limited to 'system/libraries') diff --git a/system/libraries/Session/drivers/Session_memcached_driver.php b/system/libraries/Session/drivers/Session_memcached_driver.php index 2556bf0f7..5e90539d7 100644 --- a/system/libraries/Session/drivers/Session_memcached_driver.php +++ b/system/libraries/Session/drivers/Session_memcached_driver.php @@ -310,7 +310,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa if ( ! $this->_memcached->replace($this->_lock_key, time(), 300)) { return ($this->_memcached->getResultCode() === Memcached::RES_NOTFOUND) - ? $this->_memcached->set($this->_lock_key, time(), 300) + ? $this->_memcached->add($this->_lock_key, time(), 300) : FALSE; } } @@ -326,7 +326,8 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa continue; } - if ( ! $this->_memcached->set($lock_key, time(), 300)) + $method = ($this->_memcached->getResultCode() === Memcached::RES_NOTFOUND) ? 'add' : 'set'; + if ( ! $this->_memcached->$method($lock_key, time(), 300)) { log_message('error', 'Session: Error while trying to obtain lock for '.$this->_key_prefix.$session_id); return FALSE; diff --git a/system/libraries/Session/drivers/Session_redis_driver.php b/system/libraries/Session/drivers/Session_redis_driver.php index e220a2951..a9e655a8c 100644 --- a/system/libraries/Session/drivers/Session_redis_driver.php +++ b/system/libraries/Session/drivers/Session_redis_driver.php @@ -341,7 +341,11 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle continue; } - if ( ! $this->_redis->setex($lock_key, 300, time())) + $result = ($ttl === -2) + ? $this->_redis->set($lock_key, time(), array('nx', 'ex' => 300)) + : $this->_redis->setex($lock_key, 300, time()); + + if ( ! $result) { log_message('error', 'Session: Error while trying to obtain lock for '.$this->_key_prefix.$session_id); return FALSE; -- cgit v1.2.3-24-g4f1b From 9c068a1cfca6fbafb1013f0966207ac65bd120ea Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 10 Jul 2017 14:40:06 +0300 Subject: [ci skip] Merge pull request #5128 from lloricode/profiler-pre-tag Profiler add pre tag --- system/libraries/Profiler.php | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) (limited to 'system/libraries') diff --git a/system/libraries/Profiler.php b/system/libraries/Profiler.php index 9ea09a529..cb3eaed75 100644 --- a/system/libraries/Profiler.php +++ b/system/libraries/Profiler.php @@ -484,13 +484,19 @@ class CI_Profiler { foreach ($this->CI->config->config as $config => $val) { + $pre = ''; + $pre_close = ''; + if (is_array($val) OR is_object($val)) { $val = print_r($val, TRUE); + + $pre = '
' ;
+ 				$pre_close = '
'; } $output .= '' - .$config.'  '.htmlspecialchars($val, ENT_QUOTES, config_item('charset'))."\n"; + .$config.'  '.$pre.htmlspecialchars($val, ENT_QUOTES, config_item('charset')).$pre_close."\n"; } return $output."\n"; @@ -516,13 +522,19 @@ class CI_Profiler { foreach ($this->CI->session->userdata() as $key => $val) { + $pre = ''; + $pre_close = ''; + if (is_array($val) OR is_object($val)) { $val = print_r($val, TRUE); + + $pre = '
' ;
+ 				$pre_close = '
'; } $output .= '' - .$key.'  '.htmlspecialchars($val, ENT_QUOTES, config_item('charset'))."\n"; + .$key.'  '.$pre.htmlspecialchars($val, ENT_QUOTES, config_item('charset')).$pre_close."\n"; } return $output."\n"; -- cgit v1.2.3-24-g4f1b From 6cab78970f212a30ea923835510ffd1fb77a6ad0 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 17 Jul 2017 13:14:00 +0300 Subject: [ci skip] escapeshellarg on the image src path passed to NetPBM by Image_lib --- system/libraries/Image_lib.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries') diff --git a/system/libraries/Image_lib.php b/system/libraries/Image_lib.php index 88c9e7ede..8786d9d02 100644 --- a/system/libraries/Image_lib.php +++ b/system/libraries/Image_lib.php @@ -972,7 +972,7 @@ class CI_Image_lib { $cmd_inner = 'pnmscale -xysize '.$this->width.' '.$this->height; } - $cmd = $this->library_path.$cmd_in.' '.$this->full_src_path.' | '.$cmd_inner.' | '.$cmd_out.' > '.$this->dest_folder.'netpbm.tmp'; + $cmd = $this->library_path.$cmd_in.' '.escapeshellarg($this->full_src_path).' | '.$cmd_inner.' | '.$cmd_out.' > '.$this->dest_folder.'netpbm.tmp'; $retval = 1; // exec() might be disabled -- cgit v1.2.3-24-g4f1b From de3ac40bf40d21a994d170788792557e4e431f37 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 26 Jul 2017 17:46:51 +0300 Subject: [ci skip] Close #5206 --- system/libraries/Upload.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries') diff --git a/system/libraries/Upload.php b/system/libraries/Upload.php index b37cc2f59..0ad8dd375 100644 --- a/system/libraries/Upload.php +++ b/system/libraries/Upload.php @@ -1312,7 +1312,7 @@ class CI_Upload { } } - // Fall back to the deprecated mime_content_type(), if available (still better than $_FILES[$field]['type']) + // Fall back to mime_content_type(), if available (still better than $_FILES[$field]['type']) if (function_exists('mime_content_type')) { $this->file_type = @mime_content_type($file['tmp_name']); -- cgit v1.2.3-24-g4f1b From 88c1a597360f5b63371c119b64e913c9238c75b8 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 25 Sep 2017 14:39:34 +0300 Subject: [ci skip] Fix potential object injection in apc cache driver; deprecate the apc driver --- system/libraries/Cache/drivers/Cache_apc.php | 48 +++++++++++++--------------- 1 file changed, 22 insertions(+), 26 deletions(-) (limited to 'system/libraries') diff --git a/system/libraries/Cache/drivers/Cache_apc.php b/system/libraries/Cache/drivers/Cache_apc.php index f2b61adb1..c873eb640 100644 --- a/system/libraries/Cache/drivers/Cache_apc.php +++ b/system/libraries/Cache/drivers/Cache_apc.php @@ -80,14 +80,7 @@ class CI_Cache_apc extends CI_Driver { $success = FALSE; $data = apc_fetch($id, $success); - if ($success === TRUE) - { - return is_array($data) - ? unserialize($data[0]) - : $data; - } - - return FALSE; + return ($success === TRUE) ? $data : FALSE; } // ------------------------------------------------------------------------ @@ -98,18 +91,12 @@ class CI_Cache_apc extends CI_Driver { * @param string $id Cache ID * @param mixed $data Data to store * @param int $ttl Length of time (in seconds) to cache the data - * @param bool $raw Whether to store the raw value + * @param bool $raw Whether to store the raw value (unused) * @return bool TRUE on success, FALSE on failure */ public function save($id, $data, $ttl = 60, $raw = FALSE) { - $ttl = (int) $ttl; - - return apc_store( - $id, - ($raw === TRUE ? $data : array(serialize($data), time(), $ttl)), - $ttl - ); + return apc_store($id, $data, (int) $ttl); } // ------------------------------------------------------------------------ @@ -188,21 +175,30 @@ class CI_Cache_apc extends CI_Driver { */ public function get_metadata($id) { - $success = FALSE; - $stored = apc_fetch($id, $success); - - if ($success === FALSE OR count($stored) !== 3) + $cache_info = apc_cache_info('user', FALSE); + if (empty($cache_info) OR empty($cache_info['cache_list'])) { return FALSE; } - list($data, $time, $ttl) = $stored; + foreach ($cache_info['cache_list'] as &$entry) + { + if ($entry['info'] !== $id) + { + continue; + } + + $success = FALSE; + $metadata = array( + 'expire' => ($entry['ttl'] ? $entry['mtime'] + $entry['ttl'] : 0), + 'mtime' => $entry['ttl'], + 'data' => apc_fetch($id, $success) + ); + + return ($success === TRUE) ? $metadata : FALSE; + } - return array( - 'expire' => $time + $ttl, - 'mtime' => $time, - 'data' => unserialize($data) - ); + return FALSE; } // ------------------------------------------------------------------------ -- cgit v1.2.3-24-g4f1b