From 8ff2da1c7457cfd04a28776705cea64cbb96716a Mon Sep 17 00:00:00 2001 From: Michiel Vugteveen Date: Wed, 23 Nov 2011 10:09:57 +0100 Subject: tmp_path does not exists, should be tmp_name --- system/libraries/Upload.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system') diff --git a/system/libraries/Upload.php b/system/libraries/Upload.php index 05511b5d3..fe5907ab2 100644 --- a/system/libraries/Upload.php +++ b/system/libraries/Upload.php @@ -1055,7 +1055,7 @@ class CI_Upload { if (DIRECTORY_SEPARATOR !== '\\' && function_exists('exec')) { $output = array(); - @exec('file --brief --mime-type ' . escapeshellarg($file['tmp_path']), $output, $return_code); + @exec('file --brief --mime-type ' . escapeshellarg($file['tmp_name']), $output, $return_code); if ($return_code === 0 && strlen($output[0]) > 0) // A return status code != 0 would mean failed execution { $this->file_type = rtrim($output[0]); -- cgit v1.2.3-24-g4f1b From 511f225d855919b78df42ff802a513d84afa0693 Mon Sep 17 00:00:00 2001 From: Túbal Martín Date: Thu, 24 Nov 2011 14:43:45 +0100 Subject: Added dummy _reset_select() method to CI_DB_Driver class to allow Active Record class to be disabled. Otherwise a fatal error is triggered. --- system/database/DB_driver.php | 14 ++++++++++++++ 1 file changed, 14 insertions(+) (limited to 'system') diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php index 3680b85c2..8f530b482 100644 --- a/system/database/DB_driver.php +++ b/system/database/DB_driver.php @@ -1381,7 +1381,21 @@ class CI_DB_driver { return $item.$alias; } + + // -------------------------------------------------------------------- + /** + * Dummy method that allows Active Record class to be disabled + * + * This function is used extensively by every db driver. + * + * @access private + * @return void + */ + protected function _reset_select() + { + + } } -- cgit v1.2.3-24-g4f1b From 9a05d2b0d838bb000a89ab9ea78a307b557768e7 Mon Sep 17 00:00:00 2001 From: John Nicely Date: Thu, 24 Nov 2011 10:50:39 -0800 Subject: Changed form_open() to compare $action against base_url() Checking for strpos($action, $CI->config->site_url()) === FALSE causes CSRF token to not be added in form_open() output. When site_url()'s first parameter ($uri) is empty, site_url's return value is the base URL plus the $CI->config->item('index_page') value. form_open() and CodeIgniter's URI routing do not require index.php to be in the URL, so any call to form_open() in which the $action parameter does not have index.php will always return false for the strpos() call. --- system/helpers/form_helper.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system') diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index d9305c00b..8733ae053 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -65,7 +65,7 @@ if ( ! function_exists('form_open')) $form .= '>'; // Add CSRF field if enabled, but leave it out for GET requests and requests to external websites - if ($CI->config->item('csrf_protection') === TRUE AND ! (strpos($action, $CI->config->site_url()) === FALSE OR strpos($form, 'method="get"'))) + if ($CI->config->item('csrf_protection') === TRUE AND ! (strpos($action, $CI->config->base_url()) === FALSE OR strpos($form, 'method="get"'))) { $hidden[$CI->security->get_csrf_token_name()] = $CI->security->get_csrf_hash(); } -- cgit v1.2.3-24-g4f1b From d92bd57f007e9561a37be8a8ccaf93a4f8948343 Mon Sep 17 00:00:00 2001 From: Repox Date: Thu, 1 Dec 2011 10:08:52 +0100 Subject: This fixes issue #725 --- system/database/DB_driver.php | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) (limited to 'system') diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php index 3680b85c2..3952d7276 100644 --- a/system/database/DB_driver.php +++ b/system/database/DB_driver.php @@ -1015,8 +1015,14 @@ class CI_DB_driver { else { $args = (func_num_args() > 1) ? array_splice(func_get_args(), 1) : null; - - return call_user_func_array($function, $args); + if (is_null($args)) + { + return call_user_func($function); + } + else + { + return call_user_func_array($function, $args); + } } } -- cgit v1.2.3-24-g4f1b From 59654319d20a7ec406e7d6f15cf6804e94897d14 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 2 Dec 2011 14:28:54 +0200 Subject: Hotfix for a file type detection bug in the Upload library --- system/libraries/Upload.php | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) (limited to 'system') diff --git a/system/libraries/Upload.php b/system/libraries/Upload.php index fe5907ab2..ff3461586 100644 --- a/system/libraries/Upload.php +++ b/system/libraries/Upload.php @@ -1042,14 +1042,17 @@ class CI_Upload { if (function_exists('mime_content_type')) { $this->file_type = @mime_content_type($file['tmp_name']); - return; + if (strlen($this->file_type) > 0) // Turned out it's possible ... + { + return; + } } /* This is an ugly hack, but UNIX-type systems provide a native way to detect the file type, * which is still more secure than depending on the value of $_FILES[$field]['type']. * * Notes: - * - a 'W' in the substr() expression bellow, would mean that we're using Windows + * - the DIRECTORY_SEPARATOR comparison ensures that we're not on a Windows system * - many system admins would disable the exec() function due to security concerns, hence the function_exists() check */ if (DIRECTORY_SEPARATOR !== '\\' && function_exists('exec')) -- cgit v1.2.3-24-g4f1b From f796655d37163e7fd046395ddfe765baf752ec77 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 2 Dec 2011 15:00:36 +0200 Subject: Update a comment, just to be clearer --- system/libraries/Upload.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system') diff --git a/system/libraries/Upload.php b/system/libraries/Upload.php index ff3461586..506d15897 100644 --- a/system/libraries/Upload.php +++ b/system/libraries/Upload.php @@ -1042,7 +1042,7 @@ class CI_Upload { if (function_exists('mime_content_type')) { $this->file_type = @mime_content_type($file['tmp_name']); - if (strlen($this->file_type) > 0) // Turned out it's possible ... + if (strlen($this->file_type) > 0) // Turns out it's possible that mime_content_type() returns FALSE or an empty string { return; } -- cgit v1.2.3-24-g4f1b From a49e381fde010a7a83845910c0f772fb139f0b1e Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 9 Dec 2011 13:05:22 +0200 Subject: Improve CI_Upload::_file_mime_type() --- system/libraries/Upload.php | 102 +++++++++++++++++++++++++++++++++----------- 1 file changed, 78 insertions(+), 24 deletions(-) (limited to 'system') diff --git a/system/libraries/Upload.php b/system/libraries/Upload.php index 506d15897..564d6000e 100644 --- a/system/libraries/Upload.php +++ b/system/libraries/Upload.php @@ -1018,50 +1018,104 @@ class CI_Upload { */ protected function _file_mime_type($file) { - // Use if the Fileinfo extension, if available (only versions above 5.3 support the FILEINFO_MIME_TYPE flag) - if ( (float) substr(phpversion(), 0, 3) >= 5.3 && function_exists('finfo_file')) + // We'll need this to validate the MIME info string (e.g. text/plain; charset=us-ascii) + $regexp = '/^([a-z\-]+\/[a-z0-9\-]+);\s.+$/'; + + /* Fileinfo extension - most reliable method + * + * Unfortunately, prior to PHP 5.3 - it's only available as a PECL extension and the + * more convenient FILEINFO_MIME_TYPE flag doesn't exist. + */ + if (function_exists('finfo_file')) { - $finfo = new finfo(FILEINFO_MIME_TYPE); - if ($finfo !== FALSE) // This is possible, if there is no magic MIME database file found on the system + $finfo = finfo_open(FILEINFO_MIME); + if (is_resource($finfo)) // It is possible that a FALSE value is returned, if there is no magic MIME database file found on the system { - $file_type = $finfo->file($file['tmp_name']); + $mime = @finfo_file($finfo, $file['tmp_name']); + finfo_close($finfo); /* According to the comments section of the PHP manual page, * it is possible that this function returns an empty string * for some files (e.g. if they don't exist in the magic MIME database) */ - if (strlen($file_type) > 1) + if (is_string($mime) && preg_match($regexp, $mime, $matches)) { - $this->file_type = $file_type; + $this->file_type = $matches[1]; return; } } } - // Fall back to the deprecated mime_content_type(), if available - if (function_exists('mime_content_type')) + /* This is an ugly hack, but UNIX-type systems provide a "native" way to detect the file type, + * which is still more secure than depending on the value of $_FILES[$field]['type'], and as it + * was reported in issue #750 (https://github.com/EllisLab/CodeIgniter/issues/750) - it's better + * than mime_content_type() as well, hence the attempts to try calling the command line with + * three different functions. + * + * Notes: + * - the DIRECTORY_SEPARATOR comparison ensures that we're not on a Windows system + * - many system admins would disable the exec(), shell_exec(), popen() and similar functions + * due to security concerns, hence the function_exists() checks + */ + if (DIRECTORY_SEPARATOR !== '\\') { - $this->file_type = @mime_content_type($file['tmp_name']); - if (strlen($this->file_type) > 0) // Turns out it's possible that mime_content_type() returns FALSE or an empty string + $cmd = 'file --brief --mime ' . escapeshellarg($file['tmp_name']) . ' 2>&1'; + + if (function_exists('exec')) { - return; + /* This might look confusing, as $mime is being populated with all of the output when set in the second parameter. + * However, we only neeed the last line, which is the actual return value of exec(), and as such - it overwrites + * anything that could already be set for $mime previously. This effectively makes the second parameter a dummy + * value, which is only put to allow us to get the return status code. + */ + $mime = @exec($cmd, $mime, $return_status); + if ($return_status === 0 && is_string($mime) && preg_match($regexp, $mime, $matches)) + { + $this->file_type = $matches[1]; + return; + } + } + + if ( (bool) @ini_get('safe_mode') === FALSE && function_exists('shell_exec')) + { + $mime = @shell_exec($cmd); + if (strlen($mime) > 0) + { + $mime = explode("\n", trim($mime)); + if (preg_match($regexp, $mime[(count($mime) - 1)], $matches)) + { + $this->file_type = $matches[1]; + return; + } + } + } + + if (function_exists('popen')) + { + $proc = @popen($cmd, 'r'); + if (is_resource($proc)) + { + $mime = @fread($test, 512); + @pclose($proc); + if ($mime !== FALSE) + { + $mime = explode("\n", trim($mime)); + if (preg_match($regexp, $mime[(count($mime) - 1)], $matches)) + { + $this->file_type = $matches[1]; + return; + } + } + } } } - /* This is an ugly hack, but UNIX-type systems provide a native way to detect the file type, - * which is still more secure than depending on the value of $_FILES[$field]['type']. - * - * Notes: - * - the DIRECTORY_SEPARATOR comparison ensures that we're not on a Windows system - * - many system admins would disable the exec() function due to security concerns, hence the function_exists() check - */ - if (DIRECTORY_SEPARATOR !== '\\' && function_exists('exec')) + // Fall back to the deprecated mime_content_type(), if available (still better than $_FILES[$field]['type']) + if (function_exists('mime_content_type')) { - $output = array(); - @exec('file --brief --mime-type ' . escapeshellarg($file['tmp_name']), $output, $return_code); - if ($return_code === 0 && strlen($output[0]) > 0) // A return status code != 0 would mean failed execution + $this->file_type = @mime_content_type($file['tmp_name']); + if (strlen($this->file_type) > 0) // It's possible that mime_content_type() returns FALSE or an empty string { - $this->file_type = rtrim($output[0]); return; } } -- cgit v1.2.3-24-g4f1b From 750ffb9f6d545772c7139b5ee0c1402241c6ceb2 Mon Sep 17 00:00:00 2001 From: Andrew Mackrodt Date: Sat, 10 Dec 2011 23:42:07 +0000 Subject: Fix for Issue #538. --- system/libraries/Image_lib.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system') diff --git a/system/libraries/Image_lib.php b/system/libraries/Image_lib.php index 8902f524d..7f905128b 100644 --- a/system/libraries/Image_lib.php +++ b/system/libraries/Image_lib.php @@ -208,7 +208,7 @@ class CI_Image_lib { } else { - if (strpos($this->new_image, '/') === FALSE) + if (strpos($this->new_image, '/') === FALSE AND strpos($this->new_image, '\\') === FALSE) { $this->dest_folder = $this->source_folder; $this->dest_image = $this->new_image; -- cgit v1.2.3-24-g4f1b From 3b6ff4ddc5ca433ba7b68a51a617c00b93511889 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sun, 11 Dec 2011 14:57:36 +0200 Subject: Fix regular expression for validating MIME type string --- system/libraries/Upload.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system') diff --git a/system/libraries/Upload.php b/system/libraries/Upload.php index 564d6000e..c72fa3c6d 100644 --- a/system/libraries/Upload.php +++ b/system/libraries/Upload.php @@ -1019,7 +1019,7 @@ class CI_Upload { protected function _file_mime_type($file) { // We'll need this to validate the MIME info string (e.g. text/plain; charset=us-ascii) - $regexp = '/^([a-z\-]+\/[a-z0-9\-]+);\s.+$/'; + $regexp = '/^([a-z\-]+\/[a-z0-9\-\.\+]+);\s.+$/'; /* Fileinfo extension - most reliable method * -- cgit v1.2.3-24-g4f1b From f7aed129051475b4baeeb549a764464560c9dd34 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 13 Dec 2011 11:01:06 +0200 Subject: Tweak MIME regular expression check again --- system/libraries/Upload.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system') diff --git a/system/libraries/Upload.php b/system/libraries/Upload.php index c72fa3c6d..91fbf66ca 100644 --- a/system/libraries/Upload.php +++ b/system/libraries/Upload.php @@ -1019,7 +1019,7 @@ class CI_Upload { protected function _file_mime_type($file) { // We'll need this to validate the MIME info string (e.g. text/plain; charset=us-ascii) - $regexp = '/^([a-z\-]+\/[a-z0-9\-\.\+]+);\s.+$/'; + $regexp = '/^([a-z\-]+\/[a-z0-9\-\.\+]+)(;\s.+)?$/'; /* Fileinfo extension - most reliable method * -- cgit v1.2.3-24-g4f1b From ef7474c6ca9887283c964e17c450ca09559643c4 Mon Sep 17 00:00:00 2001 From: Ryan Dial Date: Thu, 1 Mar 2012 16:11:36 -0500 Subject: compile binds before caching the query, otherwise the cached query will never match the unbound query. updated changlog to mention bug fix. --- system/database/DB_driver.php | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) (limited to 'system') diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php index 4dfb584f2..6161f149b 100644 --- a/system/database/DB_driver.php +++ b/system/database/DB_driver.php @@ -265,6 +265,12 @@ class CI_DB_driver { $sql = preg_replace("/(\W)".$this->swap_pre."(\S+?)/", "\\1".$this->dbprefix."\\2", $sql); } + // Compile binds if needed + if ($binds !== FALSE) + { + $sql = $this->compile_binds($sql, $binds); + } + // Is query caching enabled? If the query is a "read type" // we will load the caching class and return the previously // cached query if it exists @@ -280,12 +286,6 @@ class CI_DB_driver { } } - // Compile binds if needed - if ($binds !== FALSE) - { - $sql = $this->compile_binds($sql, $binds); - } - // Save the query for debugging if ($this->save_queries == TRUE) { -- cgit v1.2.3-24-g4f1b From 3edd88eee84886fc6ba3e1fc25beda3c424370bc Mon Sep 17 00:00:00 2001 From: tubalmartin Date: Sat, 3 Mar 2012 22:10:34 +0100 Subject: An even better url_title helper. Tests: http://codepad.org/tuJgvkyN Changelog entry added for 2.1.1 --- system/helpers/url_helper.php | 27 +++++++-------------------- 1 file changed, 7 insertions(+), 20 deletions(-) (limited to 'system') diff --git a/system/helpers/url_helper.php b/system/helpers/url_helper.php index 9f4b85248..cdb6dae9c 100644 --- a/system/helpers/url_helper.php +++ b/system/helpers/url_helper.php @@ -478,27 +478,14 @@ if ( ! function_exists('url_title')) { function url_title($str, $separator = 'dash', $lowercase = FALSE) { - if ($separator == 'dash') - { - $search = '_'; - $replace = '-'; - } - else - { - $search = '-'; - $replace = '_'; - } + $replace = $separator == 'dash' ? '-' : '_'; $trans = array( - '&\#\d+?;' => '', - '&\S+?;' => '', - '\s+' => $replace, - '[^a-z0-9\-\._]' => '', - $replace.'+' => $replace, - $replace.'$' => $replace, - '^'.$replace => $replace, - '\.+$' => '' - ); + '&.+?;' => '', + '[^a-z0-9 _-]' => '', + '\s+' => $replace, + $replace.'+' => $replace + ); $str = strip_tags($str); @@ -512,7 +499,7 @@ if ( ! function_exists('url_title')) $str = strtolower($str); } - return trim(stripslashes($str)); + return trim($str, $replace); } } -- cgit v1.2.3-24-g4f1b From 010f1f4b315c8f5aef2e0b4c6571e4c4752f56c6 Mon Sep 17 00:00:00 2001 From: tubalmartin Date: Sat, 3 Mar 2012 22:24:31 +0100 Subject: Fixed a bug - CI_Upload::_file_mime_type() could've failed if popen() is used for the detection. --- system/libraries/Upload.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system') diff --git a/system/libraries/Upload.php b/system/libraries/Upload.php index 91fbf66ca..b0490de30 100644 --- a/system/libraries/Upload.php +++ b/system/libraries/Upload.php @@ -1095,7 +1095,7 @@ class CI_Upload { $proc = @popen($cmd, 'r'); if (is_resource($proc)) { - $mime = @fread($test, 512); + $mime = @fread($proc, 512); @pclose($proc); if ($mime !== FALSE) { -- cgit v1.2.3-24-g4f1b From 1a6971030718e2e92e6fc80750f7a14faf035257 Mon Sep 17 00:00:00 2001 From: tubalmartin Date: Sun, 4 Mar 2012 16:01:11 +0100 Subject: Allow developers to use any string as a separator, not just dashes or underscores. Backwards compatible when using 'dash' or 'underscore' as string separator. Tests: http://codepad.org/DWcxVH5r --- system/helpers/url_helper.php | 29 +++++++++++++++++++---------- 1 file changed, 19 insertions(+), 10 deletions(-) (limited to 'system') diff --git a/system/helpers/url_helper.php b/system/helpers/url_helper.php index cdb6dae9c..f1e8c6ac6 100644 --- a/system/helpers/url_helper.php +++ b/system/helpers/url_helper.php @@ -466,25 +466,34 @@ if ( ! function_exists('prep_url')) * Create URL Title * * Takes a "title" string as input and creates a - * human-friendly URL string with either a dash - * or an underscore as the word separator. + * human-friendly URL string with a "separator" string + * as the word separator. * * @access public * @param string the string - * @param string the separator: dash, or underscore + * @param string the separator * @return string */ if ( ! function_exists('url_title')) { - function url_title($str, $separator = 'dash', $lowercase = FALSE) + function url_title($str, $separator = '-', $lowercase = FALSE) { - $replace = $separator == 'dash' ? '-' : '_'; + if ($separator == 'dash') + { + $separator = '-'; + } + else if ($separator == 'underscore') + { + $separator = '_'; + } + + $q_separator = preg_quote($separator); $trans = array( - '&.+?;' => '', - '[^a-z0-9 _-]' => '', - '\s+' => $replace, - $replace.'+' => $replace + '&.+?;' => '', + '[^a-z0-9 _-]' => '', + '\s+' => $separator, + '('.$q_separator.')+' => $separator ); $str = strip_tags($str); @@ -499,7 +508,7 @@ if ( ! function_exists('url_title')) $str = strtolower($str); } - return trim($str, $replace); + return trim($str, $separator); } } -- cgit v1.2.3-24-g4f1b From c1a66512eacc76968cbf01e2ee37c3c65584b1f0 Mon Sep 17 00:00:00 2001 From: Repox Date: Mon, 23 Apr 2012 13:14:27 +0200 Subject: Corrected the migration_missing_down_method language string --- system/language/english/migration_lang.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system') diff --git a/system/language/english/migration_lang.php b/system/language/english/migration_lang.php index 4763ca243..f17530f00 100644 --- a/system/language/english/migration_lang.php +++ b/system/language/english/migration_lang.php @@ -5,7 +5,7 @@ $lang['migration_not_found'] = "This migration could not be found."; $lang['migration_multiple_version'] = "This are multiple migrations with the same version number: %d."; $lang['migration_class_doesnt_exist'] = "The migration class \"%s\" could not be found."; $lang['migration_missing_up_method'] = "The migration class \"%s\" is missing an 'up' method."; -$lang['migration_missing_down_method'] = "The migration class \"%s\" is missing an 'up' method."; +$lang['migration_missing_down_method'] = "The migration class \"%s\" is missing an 'down' method."; $lang['migration_invalid_filename'] = "Migration \"%s\" has an invalid filename."; -- cgit v1.2.3-24-g4f1b From e463c4d71c2fdcc224e70f7576582220ae64e3d7 Mon Sep 17 00:00:00 2001 From: Wes Baker Date: Fri, 4 May 2012 18:44:24 -0400 Subject: Added a return false if an image doesn't pass XSS cleaning to prevent file_get_contents from returning a NULL and passing through unscathed. --- system/libraries/Upload.php | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'system') diff --git a/system/libraries/Upload.php b/system/libraries/Upload.php index b0490de30..0e5d73b19 100644 --- a/system/libraries/Upload.php +++ b/system/libraries/Upload.php @@ -868,6 +868,10 @@ class CI_Upload { { return TRUE; // its an image, no "triggers" detected in the first 256 bytes, we're good } + else + { + return FALSE; + } } if (($data = @file_get_contents($file)) === FALSE) -- cgit v1.2.3-24-g4f1b From e2c374fc474f91cc1c04aaae68e15cef6984f494 Mon Sep 17 00:00:00 2001 From: Alexander Hofstede Date: Thu, 17 May 2012 00:28:08 +0200 Subject: Check cookie against md5 regex. Otherwise, cookie can contain arbitrary injected code that gets sent back directly to the browser. --- system/core/Security.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system') diff --git a/system/core/Security.php b/system/core/Security.php index a3e227437..6f5ac1ed8 100755 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -848,7 +848,7 @@ class CI_Security { // each page load since a page could contain embedded // sub-pages causing this feature to fail if (isset($_COOKIE[$this->_csrf_cookie_name]) && - $_COOKIE[$this->_csrf_cookie_name] != '') + preg_match('#^[0-9a-f]{32}$#iS', $_COOKIE[$this->_csrf_cookie_name]) === 1) { return $this->_csrf_hash = $_COOKIE[$this->_csrf_cookie_name]; } -- cgit v1.2.3-24-g4f1b From fbd31c8d98bd7e5eac5c8e8c2f102b05350db93e Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 19 May 2012 13:19:43 +0300 Subject: Fix issue #726 --- system/database/drivers/pdo/pdo_driver.php | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) (limited to 'system') diff --git a/system/database/drivers/pdo/pdo_driver.php b/system/database/drivers/pdo/pdo_driver.php index 5de2079bb..c38b79c5a 100644 --- a/system/database/drivers/pdo/pdo_driver.php +++ b/system/database/drivers/pdo/pdo_driver.php @@ -51,23 +51,23 @@ class CI_DB_pdo_driver extends CI_DB { function __construct($params) { parent::__construct($params); - + // clause and character used for LIKE escape sequences if (strpos($this->hostname, 'mysql') !== FALSE) { $this->_like_escape_str = ''; $this->_like_escape_chr = ''; - + //Prior to this version, the charset can't be set in the dsn if(is_php('5.3.6')) { $this->hostname .= ";charset={$this->char_set}"; } - + //Set the charset with the connection options $this->options['PDO::MYSQL_ATTR_INIT_COMMAND'] = "SET NAMES {$this->char_set}"; } - else if (strpos($this->hostname, 'odbc') !== FALSE) + elseif (strpos($this->hostname, 'odbc') !== FALSE) { $this->_like_escape_str = " {escape '%s'} "; $this->_like_escape_chr = '!'; @@ -77,9 +77,9 @@ class CI_DB_pdo_driver extends CI_DB { $this->_like_escape_str = " ESCAPE '%s' "; $this->_like_escape_chr = '!'; } - - $this->hostname .= ";dbname=".$this->database; - + + empty($this->database) OR $this->hostname .= ';dbname='.$this->database; + $this->trans_enabled = FALSE; $this->_random_keyword = ' RND('.time().')'; // database specific random keyword @@ -94,7 +94,7 @@ class CI_DB_pdo_driver extends CI_DB { function db_connect() { $this->options['PDO::ATTR_ERRMODE'] = PDO::ERRMODE_SILENT; - + return new PDO($this->hostname, $this->username, $this->password, $this->options); } -- cgit v1.2.3-24-g4f1b From 9fa8d404790833a098a8bbd855f1452897d6ff88 Mon Sep 17 00:00:00 2001 From: Rogerio Prado de Jesus Date: Sat, 19 May 2012 13:38:26 -0300 Subject: Fix a issue with affect_rows in CI_DB_pdo_driver::_execute() In case of SELECT queries PDOStatement::rowCount doesn't work as expected. This commit makes affect_rows be initialized properly. Signed-off-by: Rogerio Prado de Jesus --- system/database/drivers/pdo/pdo_driver.php | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) (limited to 'system') diff --git a/system/database/drivers/pdo/pdo_driver.php b/system/database/drivers/pdo/pdo_driver.php index c38b79c5a..952016848 100644 --- a/system/database/drivers/pdo/pdo_driver.php +++ b/system/database/drivers/pdo/pdo_driver.php @@ -189,11 +189,20 @@ class CI_DB_pdo_driver extends CI_DB { function _execute($sql) { $sql = $this->_prep_query($sql); - $result_id = $this->conn_id->query($sql); + $result_id = $this->conn_id->prepare($sql); + $result_id->execute(); if (is_object($result_id)) { - $this->affect_rows = $result_id->rowCount(); + if (is_numeric(stripos($sql, 'SELECT'))) + { + $this->affect_rows = count($result_id->fetchAll()); + $result_id->execute(); + } + else + { + $this->affect_rows = $result_id->rowCount(); + } } else { -- cgit v1.2.3-24-g4f1b From 27738491fc11d0b9ce5670b2f6a7957fc421ee4b Mon Sep 17 00:00:00 2001 From: Rogerio Prado de Jesus Date: Sat, 19 May 2012 13:45:44 -0300 Subject: Fix a issue with CI_DB_pdo_result::num_rows() In case of SELECT queries PDOStatement::rowCount doesn't work as expected. This commit makes it returns the expected value. --- system/database/drivers/pdo/pdo_result.php | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) (limited to 'system') diff --git a/system/database/drivers/pdo/pdo_result.php b/system/database/drivers/pdo/pdo_result.php index 7f3058ff0..c05fbc908 100644 --- a/system/database/drivers/pdo/pdo_result.php +++ b/system/database/drivers/pdo/pdo_result.php @@ -34,7 +34,18 @@ class CI_DB_pdo_result extends CI_DB_result { */ function num_rows() { - return $this->result_id->rowCount(); + if (is_numeric(stripos($this->result_id->queryString, 'SELECT'))) + { + $dbh = $this->conn_id; + $query = $dbh->query($this->result_id->queryString); + $result = $query->fetchAll(); + unset($dbh, $query); + return count($result); + } + else + { + return $this->result_id->rowCount(); + } } // -------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From 74b648c2da3ee5d92920cea2355ccf36d5e0519e Mon Sep 17 00:00:00 2001 From: Nithin Date: Sun, 21 Aug 2011 01:23:47 -0300 Subject: Added ability to _like paramater side to use 'none', in case one wants to query like instead of where without case being sensitive --- system/database/DB_active_rec.php | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) (limited to 'system') diff --git a/system/database/DB_active_rec.php b/system/database/DB_active_rec.php index 7bab729f5..841ede28e 100644 --- a/system/database/DB_active_rec.php +++ b/system/database/DB_active_rec.php @@ -660,8 +660,12 @@ class CI_DB_active_record extends CI_DB_driver { $prefix = (count($this->ar_like) == 0) ? '' : $type; $v = $this->escape_like_str($v); - - if ($side == 'before') + + if ($side == 'none') + { + $like_statement = $prefix." $k $not LIKE '{$v}'"; + } + elseif ($side == 'before') { $like_statement = $prefix." $k $not LIKE '%{$v}'"; } -- cgit v1.2.3-24-g4f1b From da981e4383c12ef182a95ee5aa88a8f8b5ee7632 Mon Sep 17 00:00:00 2001 From: Jamie Hurst Date: Thu, 24 May 2012 10:02:56 +0100 Subject: Adding width and height to list of clear variables to fix #1059 --- system/libraries/Image_lib.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system') diff --git a/system/libraries/Image_lib.php b/system/libraries/Image_lib.php index 7f905128b..21ec2cb4b 100644 --- a/system/libraries/Image_lib.php +++ b/system/libraries/Image_lib.php @@ -104,7 +104,7 @@ class CI_Image_lib { */ function clear() { - $props = array('source_folder', 'dest_folder', 'source_image', 'full_src_path', 'full_dst_path', 'new_image', 'image_type', 'size_str', 'quality', 'orig_width', 'orig_height', 'rotation_angle', 'x_axis', 'y_axis', 'create_fnc', 'copy_fnc', 'wm_overlay_path', 'wm_use_truetype', 'dynamic_output', 'wm_font_size', 'wm_text', 'wm_vrt_alignment', 'wm_hor_alignment', 'wm_padding', 'wm_hor_offset', 'wm_vrt_offset', 'wm_font_color', 'wm_use_drop_shadow', 'wm_shadow_color', 'wm_shadow_distance', 'wm_opacity'); + $props = array('source_folder', 'dest_folder', 'source_image', 'full_src_path', 'full_dst_path', 'new_image', 'image_type', 'size_str', 'quality', 'orig_width', 'orig_height', 'width', 'height', 'rotation_angle', 'x_axis', 'y_axis', 'create_fnc', 'copy_fnc', 'wm_overlay_path', 'wm_use_truetype', 'dynamic_output', 'wm_font_size', 'wm_text', 'wm_vrt_alignment', 'wm_hor_alignment', 'wm_padding', 'wm_hor_offset', 'wm_vrt_offset', 'wm_font_color', 'wm_use_drop_shadow', 'wm_shadow_color', 'wm_shadow_distance', 'wm_opacity'); foreach ($props as $val) { -- cgit v1.2.3-24-g4f1b From bc602d8b8e125597bfd557949e846ff5a258b858 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 24 May 2012 19:42:16 +0300 Subject: Fix issue #1387 --- system/database/DB_active_rec.php | 4 ++-- system/database/DB_driver.php | 22 ++++++++++++---------- 2 files changed, 14 insertions(+), 12 deletions(-) (limited to 'system') diff --git a/system/database/DB_active_rec.php b/system/database/DB_active_rec.php index 841ede28e..10febb1fc 100644 --- a/system/database/DB_active_rec.php +++ b/system/database/DB_active_rec.php @@ -255,7 +255,7 @@ class CI_DB_active_record extends CI_DB_driver { */ public function from($from) { - foreach ((array)$from as $val) + foreach ((array) $from as $val) { if (strpos($val, ',') !== FALSE) { @@ -1647,7 +1647,7 @@ class CI_DB_active_record extends CI_DB_driver { if (strpos($table, " ") !== FALSE) { // if the alias is written with the AS keyword, remove it - $table = preg_replace('/ AS /i', ' ', $table); + $table = preg_replace('/\s+AS\s+/i', ' ', $table); // Grab the alias $table = trim(strrchr($table, " ")); diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php index 6161f149b..c25752824 100644 --- a/system/database/DB_driver.php +++ b/system/database/DB_driver.php @@ -1263,15 +1263,20 @@ class CI_DB_driver { } // Convert tabs or multiple spaces into single spaces - $item = preg_replace('/[\t ]+/', ' ', $item); + $item = preg_replace('/\s+/', ' ', $item); // If the item has an alias declaration we remove it and set it aside. // Basically we remove everything to the right of the first space - $alias = ''; - if (strpos($item, ' ') !== FALSE) + if (preg_match('/^([^\s]+) (AS )*(.+)$/i', $item, $matches)) { - $alias = strstr($item, " "); - $item = substr($item, 0, - strlen($alias)); + $item = $matches[1]; + + // Escape the alias + $alias = ' '.$matches[2].$this->escape_identifiers($matches[3]); + } + else + { + $alias = ''; } // This is basically a bug fix for queries that use MAX, MIN, etc. @@ -1387,7 +1392,7 @@ class CI_DB_driver { return $item.$alias; } - + // -------------------------------------------------------------------- /** @@ -1395,16 +1400,13 @@ class CI_DB_driver { * * This function is used extensively by every db driver. * - * @access private * @return void */ protected function _reset_select() { - } } - /* End of file DB_driver.php */ -/* Location: ./system/database/DB_driver.php */ +/* Location: ./system/database/DB_driver.php */ \ No newline at end of file -- cgit v1.2.3-24-g4f1b From 9b655400c9519407d1d33a75323b9f4fdac42766 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sun, 27 May 2012 16:07:57 +0300 Subject: Fix an erroneus method name --- system/database/DB_driver.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system') diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php index c25752824..858ec356d 100644 --- a/system/database/DB_driver.php +++ b/system/database/DB_driver.php @@ -1272,7 +1272,7 @@ class CI_DB_driver { $item = $matches[1]; // Escape the alias - $alias = ' '.$matches[2].$this->escape_identifiers($matches[3]); + $alias = ' '.$matches[2].$this->_escape_identifiers($matches[3]); } else { -- cgit v1.2.3-24-g4f1b From da33cb5df443c41dce75cdf756ea4c3234b510fb Mon Sep 17 00:00:00 2001 From: Phil Sturgeon Date: Sun, 27 May 2012 20:28:18 +0100 Subject: Driver_Library had $lib_name set as static, and used non-static --- system/libraries/Driver.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system') diff --git a/system/libraries/Driver.php b/system/libraries/Driver.php index 9881c1eec..a199d45f0 100644 --- a/system/libraries/Driver.php +++ b/system/libraries/Driver.php @@ -30,7 +30,7 @@ class CI_Driver_Library { protected $valid_drivers = array(); - protected static $lib_name; + protected $lib_name; // The first time a child is used it won't exist, so we instantiate it // subsequents calls will go straight to the proper child. -- cgit v1.2.3-24-g4f1b From 0a14913fe54e269e535c1f66f715823fa731c843 Mon Sep 17 00:00:00 2001 From: Pascal Kriete Date: Thu, 7 Jun 2012 16:15:51 -0400 Subject: Adding IPv6 support to the Input and Form_validation libraries. --- system/core/Input.php | 134 ++++++++++++++++++++++++++++++++++- system/libraries/Form_validation.php | 5 +- 2 files changed, 134 insertions(+), 5 deletions(-) (limited to 'system') diff --git a/system/core/Input.php b/system/core/Input.php index 9bfb5f1fb..4b7622cbe 100755 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -365,13 +365,66 @@ class CI_Input { /** * Validate IP Address * + * @access public + * @param string + * @param string ipv4 or ipv6 + * @return bool + */ + public function valid_ip($ip, $which = '') + { + $which = strtolower($which); + + // First check if filter_var is available + if (is_callable('filter_var')) + { + switch ($which) { + case 'ipv4': + $flag = FILTER_FLAG_IPV4; + break; + case 'ipv6': + $flag = FILTER_FLAG_IPV6; + break; + default: + $flag = ''; + break; + } + + return filter_var($ip, FILTER_VALIDATE_IP, $flag) !== FALSE; + } + + // If it's not we'll do it manually + if ($which != 'ipv6' OR $which != 'ipv4') + { + if (strpos($ip, ':') !== FALSE) + { + $which = 'ipv6'; + } + elseif (strpos($ip, '.') !== FALSE) + { + $which = 'ipv4'; + } + else + { + return FALSE; + } + } + + $func = '_valid_'.$which; + return $this->$func($ip); + } + + // -------------------------------------------------------------------- + + /** + * Validate IPv4 Address + * * Updated version suggested by Geert De Deckere * - * @access public + * @access protected * @param string - * @return string + * @return bool */ - function valid_ip($ip) + protected function _valid_ipv4($ip) { $ip_segments = explode('.', $ip); @@ -385,6 +438,7 @@ class CI_Input { { return FALSE; } + // Check each segment foreach ($ip_segments as $segment) { @@ -398,6 +452,80 @@ class CI_Input { return TRUE; } + + // -------------------------------------------------------------------- + + /** + * Validate IPv6 Address + * + * @access protected + * @param string + * @return bool + */ + protected function _valid_ipv6($str) + { + // 8 groups, separated by : + // 0-ffff per group + // one set of consecutive 0 groups can be collapsed to :: + + $groups = 8; + $collapsed = FALSE; + + $chunks = array_filter( + preg_split('/(:{1,2})/', $str, NULL, PREG_SPLIT_DELIM_CAPTURE) + ); + + // Rule out easy nonsense + if (current($chunks) == ':' OR end($chunks) == ':') + { + return FALSE; + } + + // PHP supports IPv4-mapped IPv6 addresses, so we'll expect those as well + if (strpos(end($chunks), '.') !== FALSE) + { + $ipv4 = array_pop($chunks); + + if ( ! $this->_valid_ipv4($ipv4)) + { + return FALSE; + } + + $groups--; + } + + while ($seg = array_pop($chunks)) + { + if ($seg[0] == ':') + { + if (--$groups == 0) + { + return FALSE; // too many groups + } + + if (strlen($seg) > 2) + { + return FALSE; // long separator + } + + if ($seg == '::') + { + if ($collapsed) + { + return FALSE; // multiple collapsed + } + + $collapsed = TRUE; + } + } + elseif (preg_match("/[^0-9a-f]/i", $seg) OR strlen($seg) > 4) + { + return FALSE; // invalid segment + } + } + + return $collapsed OR $groups == 1; + } // -------------------------------------------------------------------- diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php index a34809e05..9aab5da4b 100644 --- a/system/libraries/Form_validation.php +++ b/system/libraries/Form_validation.php @@ -1079,11 +1079,12 @@ class CI_Form_validation { * * @access public * @param string + * @param string "ipv4" or "ipv6" to validate a specific ip format * @return string */ - public function valid_ip($ip) + public function valid_ip($ip, $which = '') { - return $this->CI->input->valid_ip($ip); + return $this->CI->input->valid_ip($ip, $which); } // -------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From 728115901ff93183f8f2f695417621cfc799a865 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 8 Jun 2012 00:01:10 +0300 Subject: Fixed valid_ip() for PHP < 5.2 --- system/core/Input.php | 43 +++++++++++++++++++++---------------------- 1 file changed, 21 insertions(+), 22 deletions(-) (limited to 'system') diff --git a/system/core/Input.php b/system/core/Input.php index 4b7622cbe..47fc0f887 100755 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -389,11 +389,10 @@ class CI_Input { break; } - return filter_var($ip, FILTER_VALIDATE_IP, $flag) !== FALSE; + return (bool) filter_var($ip, FILTER_VALIDATE_IP, $flag); } - - // If it's not we'll do it manually - if ($which != 'ipv6' OR $which != 'ipv4') + + if ($which !== 'ipv6' && $which !== 'ipv4') { if (strpos($ip, ':') !== FALSE) { @@ -405,16 +404,16 @@ class CI_Input { } else { - return FALSE; + return $this->_valid_ipv4($ip) OR $this->_valid_ipv6($ip); } } - + $func = '_valid_'.$which; return $this->$func($ip); } - + // -------------------------------------------------------------------- - + /** * Validate IPv4 Address * @@ -429,7 +428,7 @@ class CI_Input { $ip_segments = explode('.', $ip); // Always 4 segments needed - if (count($ip_segments) != 4) + if (count($ip_segments) !== 4) { return FALSE; } @@ -438,7 +437,7 @@ class CI_Input { { return FALSE; } - + // Check each segment foreach ($ip_segments as $segment) { @@ -452,9 +451,9 @@ class CI_Input { return TRUE; } - + // -------------------------------------------------------------------- - + /** * Validate IPv6 Address * @@ -467,33 +466,33 @@ class CI_Input { // 8 groups, separated by : // 0-ffff per group // one set of consecutive 0 groups can be collapsed to :: - + $groups = 8; $collapsed = FALSE; - + $chunks = array_filter( preg_split('/(:{1,2})/', $str, NULL, PREG_SPLIT_DELIM_CAPTURE) ); - + // Rule out easy nonsense if (current($chunks) == ':' OR end($chunks) == ':') { return FALSE; } - + // PHP supports IPv4-mapped IPv6 addresses, so we'll expect those as well if (strpos(end($chunks), '.') !== FALSE) { $ipv4 = array_pop($chunks); - + if ( ! $this->_valid_ipv4($ipv4)) { return FALSE; } - + $groups--; } - + while ($seg = array_pop($chunks)) { if ($seg[0] == ':') @@ -502,19 +501,19 @@ class CI_Input { { return FALSE; // too many groups } - + if (strlen($seg) > 2) { return FALSE; // long separator } - + if ($seg == '::') { if ($collapsed) { return FALSE; // multiple collapsed } - + $collapsed = TRUE; } } -- cgit v1.2.3-24-g4f1b From cef5bda9765080b818898811023d9ab427b0faf2 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 8 Jun 2012 00:04:46 +0300 Subject: Revert a change --- system/core/Input.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system') diff --git a/system/core/Input.php b/system/core/Input.php index 47fc0f887..3559d8607 100755 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -404,7 +404,7 @@ class CI_Input { } else { - return $this->_valid_ipv4($ip) OR $this->_valid_ipv6($ip); + return FALSE; } } -- cgit v1.2.3-24-g4f1b