From 64e98aab6ba2c692a881035245efb94a76deb428 Mon Sep 17 00:00:00 2001
From: Andrey Andreev <narf@bofh.bg>
Date: Sat, 7 Jan 2012 20:29:10 +0200
Subject: Improve code Input & Model libraries

---
 system/core/Input.php | 97 ++++++++++++++++++---------------------------------
 system/core/Model.php | 19 ++++------
 2 files changed, 39 insertions(+), 77 deletions(-)

(limited to 'system')

diff --git a/system/core/Input.php b/system/core/Input.php
index 7cfa4c63f..07bb30b15 100755
--- a/system/core/Input.php
+++ b/system/core/Input.php
@@ -1,13 +1,13 @@
-<?php  if ( ! defined('BASEPATH')) exit('No direct script access allowed');
+<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
 /**
  * CodeIgniter
  *
  * An open source application development framework for PHP 5.1.6 or newer
  *
  * NOTICE OF LICENSE
- * 
+ *
  * Licensed under the Open Software License version 3.0
- * 
+ *
  * This source file is subject to the Open Software License (OSL 3.0) that is
  * bundled with this package in the files license.txt / license.rst.  It is
  * also available through the world wide web at this URL:
@@ -45,39 +45,39 @@ class CI_Input {
 	 *
 	 * @var string
 	 */
-	var $ip_address				= FALSE;
+	public $ip_address				= FALSE;
 	/**
 	 * user agent (web browser) being used by the current user
 	 *
 	 * @var string
 	 */
-	var $user_agent				= FALSE;
+	public $user_agent				= FALSE;
 	/**
 	 * If FALSE, then $_GET will be set to an empty array
 	 *
 	 * @var bool
 	 */
-	var $_allow_get_array		= TRUE;
+	public $_allow_get_array		= TRUE;
 	/**
 	 * If TRUE, then newlines are standardized
 	 *
 	 * @var bool
 	 */
-	var $_standardize_newlines	= TRUE;
+	public $_standardize_newlines	= TRUE;
 	/**
 	 * Determines whether the XSS filter is always active when GET, POST or COOKIE data is encountered
 	 * Set automatically based on config setting
 	 *
 	 * @var bool
 	 */
-	var $_enable_xss			= FALSE;
+	public $_enable_xss			= FALSE;
 	/**
 	 * Enables a CSRF cookie token to be set.
 	 * Set automatically based on config setting
 	 *
 	 * @var bool
 	 */
-	var $_enable_csrf			= FALSE;
+	protected $_enable_csrf			= FALSE;
 	/**
 	 * List of all HTTP request headers
 	 *
@@ -98,8 +98,8 @@ class CI_Input {
 		log_message('debug', "Input Class Initialized");
 
 		$this->_allow_get_array	= (config_item('allow_get_array') === TRUE);
-		$this->_enable_xss		= (config_item('global_xss_filtering') === TRUE);
-		$this->_enable_csrf		= (config_item('csrf_protection') === TRUE);
+		$this->_enable_xss	= (config_item('global_xss_filtering') === TRUE);
+		$this->_enable_csrf	= (config_item('csrf_protection') === TRUE);
 
 		global $SEC;
 		$this->security =& $SEC;
@@ -122,7 +122,6 @@ class CI_Input {
 	 *
 	 * This is a helper function to retrieve values from global arrays
 	 *
-	 * @access	protected
 	 * @param	array
 	 * @param	string
 	 * @param	bool
@@ -148,7 +147,6 @@ class CI_Input {
 	/**
 	* Fetch an item from the GET array
 	*
-	* @access	public
 	* @param	string
 	* @param	bool
 	* @return	string
@@ -176,7 +174,6 @@ class CI_Input {
 	/**
 	* Fetch an item from the POST array
 	*
-	* @access	public
 	* @param	string
 	* @param	bool
 	* @return	string
@@ -205,21 +202,15 @@ class CI_Input {
 	/**
 	* Fetch an item from either the GET array or the POST
 	*
-	* @access	public
 	* @param	string	The index key
 	* @param	bool	XSS cleaning
 	* @return	string
 	*/
 	public function get_post($index = '', $xss_clean = FALSE)
 	{
-		if ( ! isset($_POST[$index]) )
-		{
-			return $this->get($index, $xss_clean);
-		}
-		else
-		{
-			return $this->post($index, $xss_clean);
-		}
+		return ( ! isset($_POST[$index]))
+			? $this->get($index, $xss_clean)
+			: $this->post($index, $xss_clean);
 	}
 
 	// --------------------------------------------------------------------
@@ -227,7 +218,6 @@ class CI_Input {
 	/**
 	* Fetch an item from the COOKIE array
 	*
-	* @access	public
 	* @param	string
 	* @param	bool
 	* @return	string
@@ -245,7 +235,6 @@ class CI_Input {
 	* Accepts six parameter, or you can submit an associative
 	* array in the first parameter containing all the values.
 	*
-	* @access	public
 	* @param	mixed
 	* @param	string	the value of the cookie
 	* @param	string	the number of seconds until expiration
@@ -303,7 +292,6 @@ class CI_Input {
 	/**
 	* Fetch an item from the SERVER array
 	*
-	* @access	public
 	* @param	string
 	* @param	bool
 	* @return	string
@@ -318,7 +306,6 @@ class CI_Input {
 	/**
 	* Fetch the IP Address
 	*
-	* @access	public
 	* @return	string
 	*/
 	public function ip_address()
@@ -335,7 +322,7 @@ class CI_Input {
 
 			$this->ip_address = in_array($_SERVER['REMOTE_ADDR'], $proxies) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR'];
 		}
-		elseif (! $this->server('HTTP_CLIENT_IP') AND $this->server('REMOTE_ADDR'))
+		elseif ( ! $this->server('HTTP_CLIENT_IP') AND $this->server('REMOTE_ADDR'))
 		{
 			$this->ip_address = $_SERVER['REMOTE_ADDR'];
 		}
@@ -354,8 +341,7 @@ class CI_Input {
 
 		if ($this->ip_address === FALSE)
 		{
-			$this->ip_address = '0.0.0.0';
-			return $this->ip_address;
+			return $this->ip_address = '0.0.0.0';
 		}
 
 		if (strpos($this->ip_address, ',') !== FALSE)
@@ -366,7 +352,7 @@ class CI_Input {
 
 		if ( ! $this->valid_ip($this->ip_address))
 		{
-			$this->ip_address = '0.0.0.0';
+			return $this->ip_address = '0.0.0.0';
 		}
 
 		return $this->ip_address;
@@ -379,7 +365,6 @@ class CI_Input {
 	*
 	* Updated version suggested by Geert De Deckere
 	*
-	* @access	public
 	* @param	string
 	* @return	bool
 	*/
@@ -394,7 +379,7 @@ class CI_Input {
 		$ip_segments = explode('.', $ip);
 
 		// Always 4 segments needed
-		if (count($ip_segments) != 4)
+		if (count($ip_segments) !== 4)
 		{
 			return FALSE;
 		}
@@ -422,7 +407,6 @@ class CI_Input {
 	/**
 	* User Agent
 	*
-	* @access	public
 	* @return	string
 	*/
 	public function user_agent()
@@ -432,9 +416,7 @@ class CI_Input {
 			return $this->user_agent;
 		}
 
-		$this->user_agent = ( ! isset($_SERVER['HTTP_USER_AGENT'])) ? FALSE : $_SERVER['HTTP_USER_AGENT'];
-
-		return $this->user_agent;
+		return $this->user_agent = ( ! isset($_SERVER['HTTP_USER_AGENT'])) ? FALSE : $_SERVER['HTTP_USER_AGENT'];
 	}
 
 	// --------------------------------------------------------------------
@@ -444,22 +426,20 @@ class CI_Input {
 	*
 	* This function does the following:
 	*
-	* Unsets $_GET data (if query strings are not enabled)
-	*
-	* Unsets all globals if register_globals is enabled
+	* - Unsets $_GET data (if query strings are not enabled)
+	* - Unsets all globals if register_globals is enabled
+	* - Standardizes newline characters to \n
 	*
-	* Standardizes newline characters to \n
-	*
-	* @access	private
 	* @return	void
 	*/
 	private function _sanitize_globals()
 	{
 		// It would be "wrong" to unset any of these GLOBALS.
 		$protected = array('_SERVER', '_GET', '_POST', '_FILES', '_REQUEST',
-							'_SESSION', '_ENV', 'GLOBALS', 'HTTP_RAW_POST_DATA',
-							'system_folder', 'application_folder', 'BM', 'EXT',
-							'CFG', 'URI', 'RTR', 'OUT', 'IN');
+					'_SESSION', '_ENV', 'GLOBALS', 'HTTP_RAW_POST_DATA',
+					'system_folder', 'application_folder', 'BM', 'EXT',
+					'CFG', 'URI', 'RTR', 'OUT', 'IN'
+				);
 
 		// Unset globals for securiy.
 		// This is effectively the same as register_globals = off
@@ -532,7 +512,6 @@ class CI_Input {
 		// Sanitize PHP_SELF
 		$_SERVER['PHP_SELF'] = strip_tags($_SERVER['PHP_SELF']);
 
-
 		// CSRF Protection check
 		if ($this->_enable_csrf == TRUE)
 		{
@@ -550,7 +529,6 @@ class CI_Input {
 	* This is a helper function. It escapes data and
 	* standardizes newline characters to \n
 	*
-	* @access	private
 	* @param	string
 	* @return	string
 	*/
@@ -592,12 +570,9 @@ class CI_Input {
 		}
 
 		// Standardize newlines if needed
-		if ($this->_standardize_newlines == TRUE)
+		if ($this->_standardize_newlines == TRUE AND strpos($str, "\r") !== FALSE)
 		{
-			if (strpos($str, "\r") !== FALSE)
-			{
-				$str = str_replace(array("\r\n", "\r", "\r\n\n"), PHP_EOL, $str);
-			}
+			return str_replace(array("\r\n", "\r", "\r\n\n"), PHP_EOL, $str);
 		}
 
 		return $str;
@@ -612,13 +587,12 @@ class CI_Input {
 	* from trying to exploit keys we make sure that keys are
 	* only named with alpha-numeric text and a few other items.
 	*
-	* @access	private
 	* @param	string
 	* @return	string
 	*/
 	private function _clean_input_keys($str)
 	{
-		if ( ! preg_match("/^[a-z0-9:_\/-]+$/i", $str))
+		if ( ! preg_match('/^[a-z0-9:_\/-]+$/i', $str))
 		{
 			exit('Disallowed Key Characters.');
 		}
@@ -626,7 +600,7 @@ class CI_Input {
 		// Clean UTF-8 if supported
 		if (UTF8_ENABLED === TRUE)
 		{
-			$str = $this->uni->clean_string($str);
+			return $this->uni->clean_string($str);
 		}
 
 		return $str;
@@ -640,10 +614,8 @@ class CI_Input {
 	 * In Apache, you can simply call apache_request_headers(), however for
 	 * people running other webservers the function is undefined.
 	 *
-	 * @access	public
 	 * @param	bool XSS cleaning
-	 *
-	 * @return array
+	 * @return	array
 	 */
 	public function request_headers($xss_clean = FALSE)
 	{
@@ -658,7 +630,7 @@ class CI_Input {
 
 			foreach ($_SERVER as $key => $val)
 			{
-				if (strncmp($key, 'HTTP_', 5) === 0)
+				if (strpos($key, 'HTTP_') === 0)
 				{
 					$headers[substr($key, 5)] = $this->_fetch_from_array($_SERVER, $key, $xss_clean);
 				}
@@ -684,7 +656,6 @@ class CI_Input {
 	 *
 	 * Returns the value of a single member of the headers class member
 	 *
-	 * @access	public
 	 * @param 	string		array key for $this->headers
 	 * @param	boolean		XSS Clean or not
 	 * @return 	mixed		FALSE on failure, string on success
@@ -716,7 +687,6 @@ class CI_Input {
 	 *
 	 * Test to see if a request contains the HTTP_X_REQUESTED_WITH header
 	 *
-	 * @access	public
 	 * @return 	boolean
 	 */
 	public function is_ajax_request()
@@ -731,12 +701,11 @@ class CI_Input {
 	 *
 	 * Test to see if a request was made from the command line
 	 *
-	 * @access	public
 	 * @return 	boolean
 	 */
 	public function is_cli_request()
 	{
-		return (php_sapi_name() == 'cli') or defined('STDIN');
+		return (php_sapi_name() === 'cli') or defined('STDIN');
 	}
 
 }
diff --git a/system/core/Model.php b/system/core/Model.php
index fc640139a..cd64468b8 100755
--- a/system/core/Model.php
+++ b/system/core/Model.php
@@ -1,13 +1,13 @@
-<?php  if ( ! defined('BASEPATH')) exit('No direct script access allowed');
+<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
 /**
  * CodeIgniter
  *
  * An open source application development framework for PHP 5.1.6 or newer
  *
  * NOTICE OF LICENSE
- * 
+ *
  * Licensed under the Open Software License version 3.0
- * 
+ *
  * This source file is subject to the Open Software License (OSL 3.0) that is
  * bundled with this package in the files license.txt / license.rst.  It is
  * also available through the world wide web at this URL:
@@ -38,12 +38,7 @@
  */
 class CI_Model {
 
-	/**
-	 * Constructor
-	 *
-	 * @access public
-	 */
-	function __construct()
+	public function __construct()
 	{
 		log_message('debug', "Model Class Initialized");
 	}
@@ -55,15 +50,13 @@ class CI_Model {
 	 * syntax as controllers.
 	 *
 	 * @param	string
-	 * @access private
 	 */
-	function __get($key)
+	public function __get($key)
 	{
 		$CI =& get_instance();
 		return $CI->$key;
 	}
 }
-// END Model Class
 
 /* End of file Model.php */
-/* Location: ./system/core/Model.php */
\ No newline at end of file
+/* Location: ./system/core/Model.php */
-- 
cgit v1.2.3-24-g4f1b