From 256192f3caddbdf723d61e59d2b8fc705b740f72 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 26 Feb 2019 11:21:45 +0200 Subject: [ci skip] Fix #5701 --- system/database/drivers/pdo/subdrivers/pdo_pgsql_driver.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system') diff --git a/system/database/drivers/pdo/subdrivers/pdo_pgsql_driver.php b/system/database/drivers/pdo/subdrivers/pdo_pgsql_driver.php index b05d473ee..2d0c74b2e 100644 --- a/system/database/drivers/pdo/subdrivers/pdo_pgsql_driver.php +++ b/system/database/drivers/pdo/subdrivers/pdo_pgsql_driver.php @@ -98,7 +98,7 @@ class CI_DB_pdo_pgsql_driver extends CI_DB_pdo_driver { if ( ! empty($this->username)) { - $this->dsn .= ';username='.$this->username; + $this->dsn .= ';user='.$this->username; empty($this->password) OR $this->dsn .= ';password='.$this->password; } } -- cgit v1.2.3-24-g4f1b From 48c5af1ac56c6b4bf7f4c12dc585561285fad83f Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 16 Mar 2019 02:02:39 +0200 Subject: [ci skip] Merge pull request #5708 from mchobbylong/develop Resolve race condition in redis driven session key get_lock --- system/libraries/Session/drivers/Session_redis_driver.php | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) (limited to 'system') diff --git a/system/libraries/Session/drivers/Session_redis_driver.php b/system/libraries/Session/drivers/Session_redis_driver.php index 434b11e58..25bf80706 100644 --- a/system/libraries/Session/drivers/Session_redis_driver.php +++ b/system/libraries/Session/drivers/Session_redis_driver.php @@ -359,11 +359,13 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle continue; } - $result = ($ttl === -2) - ? $this->_redis->set($lock_key, time(), array('nx', 'ex' => 300)) - : $this->_redis->setex($lock_key, 300, time()); - - if ( ! $result) + if ($ttl === -2 && ! $this->_redis->set($lock_key, time(), array('nx', 'ex' => 300))) + { + // Sleep for 1s to wait for lock releases. + sleep(1); + continue; + } + elseif ( ! $this->_redis->setex($lock_key, 300, time())) { log_message('error', 'Session: Error while trying to obtain lock for '.$this->_key_prefix.$session_id); return FALSE; -- cgit v1.2.3-24-g4f1b From 3c6787881fa7aa854155cc5820b799b4a80cbb57 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 23 Apr 2019 14:16:40 +0300 Subject: [ci skip] Fix #5703 --- system/libraries/Session/Session_driver.php | 21 ------ .../Session/drivers/Session_database_driver.php | 85 +++++++++++----------- .../Session/drivers/Session_memcached_driver.php | 20 ++--- .../Session/drivers/Session_redis_driver.php | 18 ++--- 4 files changed, 61 insertions(+), 83 deletions(-) (limited to 'system') diff --git a/system/libraries/Session/Session_driver.php b/system/libraries/Session/Session_driver.php index 14ebdb09f..dbc833739 100644 --- a/system/libraries/Session/Session_driver.php +++ b/system/libraries/Session/Session_driver.php @@ -184,25 +184,4 @@ abstract class CI_Session_driver implements SessionHandlerInterface { return TRUE; } - - // ------------------------------------------------------------------------ - - /** - * Fail - * - * Drivers other than the 'files' one don't (need to) use the - * session.save_path INI setting, but that leads to confusing - * error messages emitted by PHP when open() or write() fail, - * as the message contains session.save_path ... - * To work around the problem, the drivers will call this method - * so that the INI is set just in time for the error message to - * be properly generated. - * - * @return mixed - */ - protected function _fail() - { - ini_set('session.save_path', config_item('sess_save_path')); - return $this->_failure; - } } diff --git a/system/libraries/Session/drivers/Session_database_driver.php b/system/libraries/Session/drivers/Session_database_driver.php index 734fe624f..89afe3455 100644 --- a/system/libraries/Session/drivers/Session_database_driver.php +++ b/system/libraries/Session/drivers/Session_database_driver.php @@ -130,7 +130,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan { if (empty($this->_db->conn_id) && ! $this->_db->db_connect()) { - return $this->_fail(); + return $this->_failure; } $this->php5_validate_id(); @@ -150,48 +150,47 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan */ public function read($session_id) { - if ($this->_get_lock($session_id) !== FALSE) + if ($this->_get_lock($session_id) === FALSE) { - // Prevent previous QB calls from messing with our queries - $this->_db->reset_query(); - - // Needed by write() to detect session_regenerate_id() calls - $this->_session_id = $session_id; + return $this->_failure; + } - $this->_db - ->select('data') - ->from($this->_config['save_path']) - ->where('id', $session_id); + // Prevent previous QB calls from messing with our queries + $this->_db->reset_query(); - if ($this->_config['match_ip']) - { - $this->_db->where('ip_address', $_SERVER['REMOTE_ADDR']); - } + // Needed by write() to detect session_regenerate_id() calls + $this->_session_id = $session_id; - if ( ! ($result = $this->_db->get()) OR ($result = $result->row()) === NULL) - { - // PHP7 will reuse the same SessionHandler object after - // ID regeneration, so we need to explicitly set this to - // FALSE instead of relying on the default ... - $this->_row_exists = FALSE; - $this->_fingerprint = md5(''); - return ''; - } + $this->_db + ->select('data') + ->from($this->_config['save_path']) + ->where('id', $session_id); - // PostgreSQL's variant of a BLOB datatype is Bytea, which is a - // PITA to work with, so we use base64-encoded data in a TEXT - // field instead. - $result = ($this->_platform === 'postgre') - ? base64_decode(rtrim($result->data)) - : $result->data; + if ($this->_config['match_ip']) + { + $this->_db->where('ip_address', $_SERVER['REMOTE_ADDR']); + } - $this->_fingerprint = md5($result); - $this->_row_exists = TRUE; - return $result; + if ( ! ($result = $this->_db->get()) OR ($result = $result->row()) === NULL) + { + // PHP7 will reuse the same SessionHandler object after + // ID regeneration, so we need to explicitly set this to + // FALSE instead of relying on the default ... + $this->_row_exists = FALSE; + $this->_fingerprint = md5(''); + return ''; } - $this->_fingerprint = md5(''); - return ''; + // PostgreSQL's variant of a BLOB datatype is Bytea, which is a + // PITA to work with, so we use base64-encoded data in a TEXT + // field instead. + $result = ($this->_platform === 'postgre') + ? base64_decode(rtrim($result->data)) + : $result->data; + + $this->_fingerprint = md5($result); + $this->_row_exists = TRUE; + return $result; } // ------------------------------------------------------------------------ @@ -215,7 +214,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan { if ( ! $this->_release_lock() OR ! $this->_get_lock($session_id)) { - return $this->_fail(); + return $this->_failure; } $this->_row_exists = FALSE; @@ -223,7 +222,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan } elseif ($this->_lock === FALSE) { - return $this->_fail(); + return $this->_failure; } if ($this->_row_exists === FALSE) @@ -242,7 +241,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan return $this->_success; } - return $this->_fail(); + return $this->_failure; } $this->_db->where('id', $session_id); @@ -265,7 +264,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan return $this->_success; } - return $this->_fail(); + return $this->_failure; } // ------------------------------------------------------------------------ @@ -280,7 +279,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan public function close() { return ($this->_lock && ! $this->_release_lock()) - ? $this->_fail() + ? $this->_failure : $this->_success; } @@ -309,7 +308,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan if ( ! $this->_db->delete($this->_config['save_path'])) { - return $this->_fail(); + return $this->_failure; } } @@ -319,7 +318,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan return $this->_success; } - return $this->_fail(); + return $this->_failure; } // ------------------------------------------------------------------------ @@ -339,7 +338,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan return ($this->_db->delete($this->_config['save_path'], 'timestamp < '.(time() - $maxlifetime))) ? $this->_success - : $this->_fail(); + : $this->_failure; } // -------------------------------------------------------------------- diff --git a/system/libraries/Session/drivers/Session_memcached_driver.php b/system/libraries/Session/drivers/Session_memcached_driver.php index ab54f029f..854adf821 100644 --- a/system/libraries/Session/drivers/Session_memcached_driver.php +++ b/system/libraries/Session/drivers/Session_memcached_driver.php @@ -117,7 +117,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa { $this->_memcached = NULL; log_message('error', 'Session: Invalid Memcached save path format: '.$this->_config['save_path']); - return $this->_fail(); + return $this->_failure; } foreach ($matches as $match) @@ -142,7 +142,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa if (empty($server_list)) { log_message('error', 'Session: Memcached server pool is empty.'); - return $this->_fail(); + return $this->_failure; } $this->php5_validate_id(); @@ -172,7 +172,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa return $session_data; } - return $this->_fail(); + return $this->_failure; } // ------------------------------------------------------------------------ @@ -190,14 +190,14 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa { if ( ! isset($this->_memcached, $this->_lock_key)) { - return $this->_fail(); + return $this->_failure; } // Was the ID regenerated? elseif ($session_id !== $this->_session_id) { if ( ! $this->_release_lock() OR ! $this->_get_lock($session_id)) { - return $this->_fail(); + return $this->_failure; } $this->_fingerprint = md5(''); @@ -215,7 +215,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa return $this->_success; } - return $this->_fail(); + return $this->_failure; } elseif ( $this->_memcached->touch($key, $this->_config['expiration']) @@ -225,7 +225,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa return $this->_success; } - return $this->_fail(); + return $this->_failure; } // ------------------------------------------------------------------------ @@ -244,14 +244,14 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa $this->_release_lock(); if ( ! $this->_memcached->quit()) { - return $this->_fail(); + return $this->_failure; } $this->_memcached = NULL; return $this->_success; } - return $this->_fail(); + return $this->_failure; } // ------------------------------------------------------------------------ @@ -273,7 +273,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa return $this->_success; } - return $this->_fail(); + return $this->_failure; } // ------------------------------------------------------------------------ diff --git a/system/libraries/Session/drivers/Session_redis_driver.php b/system/libraries/Session/drivers/Session_redis_driver.php index 25bf80706..d7777cdb3 100644 --- a/system/libraries/Session/drivers/Session_redis_driver.php +++ b/system/libraries/Session/drivers/Session_redis_driver.php @@ -131,7 +131,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle { if (empty($this->_config['save_path'])) { - return $this->_fail(); + return $this->_failure; } $redis = new Redis(); @@ -155,7 +155,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle $this->php5_validate_id(); - return $this->_fail(); + return $this->_failure; } // ------------------------------------------------------------------------ @@ -185,7 +185,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle return $session_data; } - return $this->_fail(); + return $this->_failure; } // ------------------------------------------------------------------------ @@ -203,14 +203,14 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle { if ( ! isset($this->_redis, $this->_lock_key)) { - return $this->_fail(); + return $this->_failure; } // Was the ID regenerated? elseif ($session_id !== $this->_session_id) { if ( ! $this->_release_lock() OR ! $this->_get_lock($session_id)) { - return $this->_fail(); + return $this->_failure; } $this->_key_exists = FALSE; @@ -227,12 +227,12 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle return $this->_success; } - return $this->_fail(); + return $this->_failure; } return ($this->_redis->setTimeout($this->_key_prefix.$session_id, $this->_config['expiration'])) ? $this->_success - : $this->_fail(); + : $this->_failure; } // ------------------------------------------------------------------------ @@ -254,7 +254,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle $this->_release_lock(); if ($this->_redis->close() === FALSE) { - return $this->_fail(); + return $this->_failure; } } } @@ -293,7 +293,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle return $this->_success; } - return $this->_fail(); + return $this->_failure; } // ------------------------------------------------------------------------ -- cgit v1.2.3-24-g4f1b From c7c8673517cf4bde03bf68badd4cbf6770ea66d5 Mon Sep 17 00:00:00 2001 From: Scott Dutton Date: Wed, 8 May 2019 08:27:22 +0100 Subject: Alterntive redis fix --- system/libraries/Cache/drivers/Cache_redis.php | 15 +++------------ 1 file changed, 3 insertions(+), 12 deletions(-) (limited to 'system') diff --git a/system/libraries/Cache/drivers/Cache_redis.php b/system/libraries/Cache/drivers/Cache_redis.php index 37596189a..8a7df7abd 100644 --- a/system/libraries/Cache/drivers/Cache_redis.php +++ b/system/libraries/Cache/drivers/Cache_redis.php @@ -135,10 +135,6 @@ class CI_Cache_redis extends CI_Driver { log_message('error', 'Cache: Redis connection refused ('.$e->getMessage().')'); } - - // Initialize the index of serialized values. - $serialized = $this->_redis->sMembers('_ci_redis_serialized'); - empty($serialized) OR $this->_serialized = array_flip($serialized); } // ------------------------------------------------------------------------ @@ -153,7 +149,7 @@ class CI_Cache_redis extends CI_Driver { $value = $this->_redis->get($key); - if ($value !== FALSE && isset($this->_serialized[$key])) + if ($value !== FALSE && $this->_redis->sIsMember('_ci_redis_serialized', $key)) { return unserialize($value); } @@ -184,9 +180,8 @@ class CI_Cache_redis extends CI_Driver isset($this->_serialized[$id]) OR $this->_serialized[$id] = TRUE; $data = serialize($data); } - elseif (isset($this->_serialized[$id])) + else { - $this->_serialized[$id] = NULL; $this->_redis->sRemove('_ci_redis_serialized', $id); } @@ -208,11 +203,7 @@ class CI_Cache_redis extends CI_Driver return FALSE; } - if (isset($this->_serialized[$key])) - { - $this->_serialized[$key] = NULL; - $this->_redis->sRemove('_ci_redis_serialized', $key); - } + $this->_redis->sRemove('_ci_redis_serialized', $key); return TRUE; } -- cgit v1.2.3-24-g4f1b From 7f9865217889ef7fd6efdd5340fa8c76feb1a741 Mon Sep 17 00:00:00 2001 From: Scott Dutton Date: Wed, 8 May 2019 20:13:03 +0100 Subject: Fix increment / decrement also fixed a value incorrectly returned docblock says array but bool returned --- system/libraries/Cache/drivers/Cache_redis.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'system') diff --git a/system/libraries/Cache/drivers/Cache_redis.php b/system/libraries/Cache/drivers/Cache_redis.php index 37596189a..96d27edf9 100644 --- a/system/libraries/Cache/drivers/Cache_redis.php +++ b/system/libraries/Cache/drivers/Cache_redis.php @@ -228,7 +228,7 @@ class CI_Cache_redis extends CI_Driver */ public function increment($id, $offset = 1) { - return $this->_redis->incr($id, $offset); + return $this->_redis->incrBy($id, $offset); } // ------------------------------------------------------------------------ @@ -242,7 +242,7 @@ class CI_Cache_redis extends CI_Driver */ public function decrement($id, $offset = 1) { - return $this->_redis->decr($id, $offset); + return $this->_redis->decrBy($id, $offset); } // ------------------------------------------------------------------------ @@ -294,7 +294,7 @@ class CI_Cache_redis extends CI_Driver ); } - return FALSE; + return array(); } // ------------------------------------------------------------------------ -- cgit v1.2.3-24-g4f1b From b0f43e29e43228366390de7e0aa80d2134d1f224 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 10 May 2019 20:04:57 +0300 Subject: Merge pull request #5744 from sharadrsoni/patch-1 Adding support for proper CRLF --- system/core/Log.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'system') diff --git a/system/core/Log.php b/system/core/Log.php index 4338aa939..f37726e02 100644 --- a/system/core/Log.php +++ b/system/core/Log.php @@ -247,11 +247,11 @@ class CI_Log { * @param string $level The error level * @param string $date Formatted date string * @param string $message The log message - * @return string Formatted log line with a new line character '\n' at the end + * @return string Formatted log line with a new line character at the end */ protected function _format_line($level, $date, $message) { - return $level.' - '.$date.' --> '.$message."\n"; + return $level.' - '.$date.' --> '.$message.PHP_EOL; } // -------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From 80c20dcfded0df95457acf5cd9b437d2a268bc85 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 10 May 2019 20:29:48 +0300 Subject: [ci skip] Fix #5755 --- system/libraries/Form_validation.php | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'system') diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php index 1bd55499a..fdf202010 100644 --- a/system/libraries/Form_validation.php +++ b/system/libraries/Form_validation.php @@ -1208,6 +1208,13 @@ class CI_Form_validation { $str = $matches[2]; } + // Apparently, FILTER_VALIDATE_URL doesn't reject digit-only names for some reason ... + // See https://github.com/bcit-ci/CodeIgniter/issues/5755 + if (ctype_digit($str)) + { + return FALSE; + } + // PHP 7 accepts IPv6 addresses within square brackets as hostnames, // but it appears that the PR that came in with https://bugs.php.net/bug.php?id=68039 // was never merged into a PHP 5 branch ... https://3v4l.org/8PsSN -- cgit v1.2.3-24-g4f1b From 0177f4d1551cc6b058ba9fdd277253dd66c82cca Mon Sep 17 00:00:00 2001 From: Scott Dutton Date: Fri, 10 May 2019 19:08:22 +0100 Subject: Update Cache_redis.php --- system/libraries/Cache/drivers/Cache_redis.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system') diff --git a/system/libraries/Cache/drivers/Cache_redis.php b/system/libraries/Cache/drivers/Cache_redis.php index 96d27edf9..9cb5bb095 100644 --- a/system/libraries/Cache/drivers/Cache_redis.php +++ b/system/libraries/Cache/drivers/Cache_redis.php @@ -294,7 +294,7 @@ class CI_Cache_redis extends CI_Driver ); } - return array(); + return FALSE; } // ------------------------------------------------------------------------ -- cgit v1.2.3-24-g4f1b From 0f6841fbf1aa9e10a55f3aa3bae966f3bed46c2f Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sun, 2 Jun 2019 05:15:01 +0300 Subject: Close #5763 --- system/core/Controller.php | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'system') diff --git a/system/core/Controller.php b/system/core/Controller.php index 2bb157802..e25b8472c 100644 --- a/system/core/Controller.php +++ b/system/core/Controller.php @@ -58,6 +58,13 @@ class CI_Controller { */ private static $instance; + /** + * CI_Loader + * + * @var CI_Loader + */ + public $load; + /** * Class constructor * -- cgit v1.2.3-24-g4f1b From 24bf8cc6833435e5243942e29314496bb4d997ef Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 19 Jun 2019 16:10:51 +0300 Subject: [ci skip] Merge pull request #5781 from gxgpet/develop Fixes php5_validate_id() method calling from Redis session driver --- system/libraries/Session/drivers/Session_redis_driver.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'system') diff --git a/system/libraries/Session/drivers/Session_redis_driver.php b/system/libraries/Session/drivers/Session_redis_driver.php index d7777cdb3..0a715748d 100644 --- a/system/libraries/Session/drivers/Session_redis_driver.php +++ b/system/libraries/Session/drivers/Session_redis_driver.php @@ -149,12 +149,11 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle } else { + $this->php5_validate_id(); $this->_redis = $redis; return $this->_success; } - $this->php5_validate_id(); - return $this->_failure; } -- cgit v1.2.3-24-g4f1b From 10e70f02a5b0e3beb371e64374c0008d7bfdec49 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 19 Jun 2019 16:27:50 +0300 Subject: Fix #5774 --- system/database/DB_result.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system') diff --git a/system/database/DB_result.php b/system/database/DB_result.php index 0dbac1633..ed5252d49 100644 --- a/system/database/DB_result.php +++ b/system/database/DB_result.php @@ -381,7 +381,7 @@ class CI_DB_result { */ public function custom_row_object($n, $type) { - isset($this->custom_result_object[$type]) OR $this->custom_result_object($type); + isset($this->custom_result_object[$type]) OR $this->custom_result_object[$type] = $this->custom_result_object($type); if (count($this->custom_result_object[$type]) === 0) { -- cgit v1.2.3-24-g4f1b From a4d83093d4084785ada1f816a3aef455f82c9f73 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sun, 23 Jun 2019 06:12:54 +0300 Subject: [ci skip] Merge pull request #5783 from gxgpet/develop Session files driver to return the failure status code instead of Exception throwing --- system/libraries/Session/drivers/Session_files_driver.php | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'system') diff --git a/system/libraries/Session/drivers/Session_files_driver.php b/system/libraries/Session/drivers/Session_files_driver.php index 467059434..2899b7dec 100644 --- a/system/libraries/Session/drivers/Session_files_driver.php +++ b/system/libraries/Session/drivers/Session_files_driver.php @@ -135,12 +135,14 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle { if ( ! mkdir($save_path, 0700, TRUE)) { - throw new Exception("Session: Configured save path '".$this->_config['save_path']."' is not a directory, doesn't exist or cannot be created."); + log_message('error', "Session: Configured save path '".$this->_config['save_path']."' is not a directory, doesn't exist or cannot be created."); + return $this->_failure; } } elseif ( ! is_writable($save_path)) { - throw new Exception("Session: Configured save path '".$this->_config['save_path']."' is not writable by the PHP process."); + log_message('error', "Session: Configured save path '".$this->_config['save_path']."' is not writable by the PHP process."); + return $this->_failure; } $this->_config['save_path'] = $save_path; -- cgit v1.2.3-24-g4f1b From a8b0bda83857784b203954ef366a76c3a50569b6 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 15 Jul 2019 23:08:59 +0300 Subject: [ci skip] Fix #5788 --- system/database/drivers/pdo/pdo_result.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system') diff --git a/system/database/drivers/pdo/pdo_result.php b/system/database/drivers/pdo/pdo_result.php index 03c0f9f9d..b3973da46 100644 --- a/system/database/drivers/pdo/pdo_result.php +++ b/system/database/drivers/pdo/pdo_result.php @@ -133,7 +133,7 @@ class CI_DB_pdo_result extends CI_DB_result { $retval[$i] = new stdClass(); $retval[$i]->name = $field['name']; - $retval[$i]->type = $field['native_type']; + $retval[$i]->type = isset($field['native_type']) ? $field['native_type'] : null; $retval[$i]->max_length = ($field['len'] > 0) ? $field['len'] : NULL; $retval[$i]->primary_key = (int) ( ! empty($field['flags']) && in_array('primary_key', $field['flags'], TRUE)); } -- cgit v1.2.3-24-g4f1b From 3a42dcd943ee6dff5551b4da96c4102bdca63083 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 16 Jul 2019 14:48:34 +0300 Subject: Fix #5796 --- system/database/drivers/mysql/mysql_driver.php | 2 +- system/database/drivers/mysqli/mysqli_driver.php | 2 +- system/database/drivers/pdo/subdrivers/pdo_mysql_driver.php | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) (limited to 'system') diff --git a/system/database/drivers/mysql/mysql_driver.php b/system/database/drivers/mysql/mysql_driver.php index 78e77bc18..440715ae1 100644 --- a/system/database/drivers/mysql/mysql_driver.php +++ b/system/database/drivers/mysql/mysql_driver.php @@ -383,7 +383,7 @@ class CI_DB_mysql_driver extends CI_DB { */ protected function _list_tables($prefix_limit = FALSE) { - $sql = 'SHOW TABLES FROM '.$this->escape_identifiers($this->database); + $sql = 'SHOW TABLES FROM '.$this->_escape_char.$this->database.$this->_escape_char; if ($prefix_limit !== FALSE && $this->dbprefix !== '') { diff --git a/system/database/drivers/mysqli/mysqli_driver.php b/system/database/drivers/mysqli/mysqli_driver.php index d374e0174..0ca0f48fc 100644 --- a/system/database/drivers/mysqli/mysqli_driver.php +++ b/system/database/drivers/mysqli/mysqli_driver.php @@ -429,7 +429,7 @@ class CI_DB_mysqli_driver extends CI_DB { */ protected function _list_tables($prefix_limit = FALSE) { - $sql = 'SHOW TABLES FROM '.$this->escape_identifiers($this->database); + $sql = 'SHOW TABLES FROM '.$this->_escape_char.$this->database.$this->_escape_char; if ($prefix_limit !== FALSE && $this->dbprefix !== '') { diff --git a/system/database/drivers/pdo/subdrivers/pdo_mysql_driver.php b/system/database/drivers/pdo/subdrivers/pdo_mysql_driver.php index 26bc30e14..73b88bcfd 100644 --- a/system/database/drivers/pdo/subdrivers/pdo_mysql_driver.php +++ b/system/database/drivers/pdo/subdrivers/pdo_mysql_driver.php @@ -279,7 +279,7 @@ class CI_DB_pdo_mysql_driver extends CI_DB_pdo_driver { */ protected function _list_tables($prefix_limit = FALSE) { - $sql = 'SHOW TABLES'; + $sql = 'SHOW TABLES FROM '.$this->_escape_char.$this->database.$this->_escape_char; if ($prefix_limit === TRUE && $this->dbprefix !== '') { -- cgit v1.2.3-24-g4f1b From ba67b297d1e2baa281eed2cc7bf1fb16742cde87 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 2 Aug 2019 15:53:03 +0300 Subject: [ci skip] Fix a CSRF-related bug --- system/core/Security.php | 1 + 1 file changed, 1 insertion(+) (limited to 'system') diff --git a/system/core/Security.php b/system/core/Security.php index 883968e26..6a81faff1 100644 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -228,6 +228,7 @@ class CI_Security { // Check CSRF token validity, but don't error on mismatch just yet - we'll want to regenerate $valid = isset($_POST[$this->_csrf_token_name], $_COOKIE[$this->_csrf_cookie_name]) + && is_string($_POST[$this->_csrf_token_name]) && is_string($_COOKIE[$this->_csrf_cookie_name]) && hash_equals($_POST[$this->_csrf_token_name], $_COOKIE[$this->_csrf_cookie_name]); // We kill this since we're done and we don't want to pollute the _POST array -- cgit v1.2.3-24-g4f1b From 51834f2894b2e42539e11dd52620dd2ec1abd3c6 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 5 Sep 2019 15:27:55 +0300 Subject: [ci skip] Merge pull request #5828 from mchobbylong/alter-php5-validate-id Alter php5_validate_id() --- system/libraries/Session/drivers/Session_redis_driver.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system') diff --git a/system/libraries/Session/drivers/Session_redis_driver.php b/system/libraries/Session/drivers/Session_redis_driver.php index 0a715748d..0609fda95 100644 --- a/system/libraries/Session/drivers/Session_redis_driver.php +++ b/system/libraries/Session/drivers/Session_redis_driver.php @@ -149,8 +149,8 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle } else { - $this->php5_validate_id(); $this->_redis = $redis; + $this->php5_validate_id(); return $this->_success; } -- cgit v1.2.3-24-g4f1b From 29684763878a008f31187190389b394a76f80d95 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 5 Sep 2019 15:35:11 +0300 Subject: [ci skip] Merge pull request #5816 from mchobbylong/adapt-php-redis Adapt to new version of php-redis --- .../Session/drivers/Session_redis_driver.php | 55 +++++++++++++++++++--- 1 file changed, 48 insertions(+), 7 deletions(-) (limited to 'system') diff --git a/system/libraries/Session/drivers/Session_redis_driver.php b/system/libraries/Session/drivers/Session_redis_driver.php index 0609fda95..930e00d53 100644 --- a/system/libraries/Session/drivers/Session_redis_driver.php +++ b/system/libraries/Session/drivers/Session_redis_driver.php @@ -76,6 +76,33 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle */ protected $_key_exists = FALSE; + /** + * Name of setTimeout() method in phpRedis + * + * Due to some deprecated methods in phpRedis, we need to call the + * specific methods depending on the version of phpRedis. + * + * @var string + */ + protected $_setTimeout_name; + + /** + * Name of delete() method in phpRedis + * + * Due to some deprecated methods in phpRedis, we need to call the + * specific methods depending on the version of phpRedis. + * + * @var string + */ + protected $_delete_name; + + /** + * Success return value of ping() method in phpRedis + * + * @var mixed + */ + protected $_ping_success; + // ------------------------------------------------------------------------ /** @@ -88,6 +115,20 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle { parent::__construct($params); + // Detect the names of some methods in phpRedis instance + if (version_compare(phpversion('redis'), '5', '>=')) + { + $this->_setTimeout_name = 'expire'; + $this->_delete_name = 'del'; + $this->_ping_success = TRUE; + } + else + { + $this->_setTimeout_name = 'setTimeout'; + $this->_delete_name = 'delete'; + $this->_ping_success = '+PONG'; + } + if (empty($this->_config['save_path'])) { log_message('error', 'Session: No Redis save path configured.'); @@ -216,7 +257,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle $this->_session_id = $session_id; } - $this->_redis->setTimeout($this->_lock_key, 300); + $this->_redis->{$this->_setTimeout_name}($this->_lock_key, 300); if ($this->_fingerprint !== ($fingerprint = md5($session_data)) OR $this->_key_exists === FALSE) { if ($this->_redis->set($this->_key_prefix.$session_id, $session_data, $this->_config['expiration'])) @@ -229,7 +270,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle return $this->_failure; } - return ($this->_redis->setTimeout($this->_key_prefix.$session_id, $this->_config['expiration'])) + return ($this->_redis->{$this->_setTimeout_name}($this->_key_prefix.$session_id, $this->_config['expiration'])) ? $this->_success : $this->_failure; } @@ -248,7 +289,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle if (isset($this->_redis)) { try { - if ($this->_redis->ping() === '+PONG') + if ($this->_redis->ping() === $this->_ping_success) { $this->_release_lock(); if ($this->_redis->close() === FALSE) @@ -283,9 +324,9 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle { if (isset($this->_redis, $this->_lock_key)) { - if (($result = $this->_redis->delete($this->_key_prefix.$session_id)) !== 1) + if (($result = $this->_redis->{$this->_delete_name}($this->_key_prefix.$session_id)) !== 1) { - log_message('debug', 'Session: Redis::delete() expected to return 1, got '.var_export($result, TRUE).' instead.'); + log_message('debug', 'Session: Redis::'.$this->_delete_name.'() expected to return 1, got '.var_export($result, TRUE).' instead.'); } $this->_cookie_destroy(); @@ -344,7 +385,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle // correct session ID. if ($this->_lock_key === $this->_key_prefix.$session_id.':lock') { - return $this->_redis->setTimeout($this->_lock_key, 300); + return $this->_redis->{$this->_setTimeout_name}($this->_lock_key, 300); } // 30 attempts to obtain a lock, in case another request already has it @@ -402,7 +443,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle { if (isset($this->_redis, $this->_lock_key) && $this->_lock) { - if ( ! $this->_redis->delete($this->_lock_key)) + if ( ! $this->_redis->{$this->_delete_name}($this->_lock_key)) { log_message('error', 'Session: Error while trying to free lock for '.$this->_lock_key); return FALSE; -- cgit v1.2.3-24-g4f1b From 2e7788b754393d2f6835c947783bd497ee3a043c Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 5 Sep 2019 15:48:28 +0300 Subject: [ci skip] Remove a few leftover trailing spaces from PR #5816 --- system/libraries/Session/drivers/Session_redis_driver.php | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'system') diff --git a/system/libraries/Session/drivers/Session_redis_driver.php b/system/libraries/Session/drivers/Session_redis_driver.php index 930e00d53..df38174b4 100644 --- a/system/libraries/Session/drivers/Session_redis_driver.php +++ b/system/libraries/Session/drivers/Session_redis_driver.php @@ -78,27 +78,27 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle /** * Name of setTimeout() method in phpRedis - * + * * Due to some deprecated methods in phpRedis, we need to call the * specific methods depending on the version of phpRedis. - * + * * @var string */ protected $_setTimeout_name; /** * Name of delete() method in phpRedis - * + * * Due to some deprecated methods in phpRedis, we need to call the * specific methods depending on the version of phpRedis. - * + * * @var string */ protected $_delete_name; /** * Success return value of ping() method in phpRedis - * + * * @var mixed */ protected $_ping_success; -- cgit v1.2.3-24-g4f1b From e276754f3819447bfa59b2106aed104aba612bdb Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 18 Sep 2019 14:53:27 +0300 Subject: [ci skip] Update Cache library Redis driver to work with phpRedis 5, similarly to PR #5816 (also add changelog entry) --- system/libraries/Cache/drivers/Cache_redis.php | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) (limited to 'system') diff --git a/system/libraries/Cache/drivers/Cache_redis.php b/system/libraries/Cache/drivers/Cache_redis.php index e10a5b344..bff96fbfb 100644 --- a/system/libraries/Cache/drivers/Cache_redis.php +++ b/system/libraries/Cache/drivers/Cache_redis.php @@ -76,6 +76,13 @@ class CI_Cache_redis extends CI_Driver */ protected $_serialized = array(); + /** + * del()/delete() method name depending on phpRedis version + * + * @var string + */ + protected static $_delete_name; + // ------------------------------------------------------------------------ /** @@ -97,6 +104,10 @@ class CI_Cache_redis extends CI_Driver return; } + isset(static::$_delete_name) OR static::$_delete_name = version_compare(phpversion('phpredis'), '5', '>=') + ? 'del' + : 'delete'; + $CI =& get_instance(); if ($CI->config->load('redis', TRUE, TRUE)) @@ -198,7 +209,7 @@ class CI_Cache_redis extends CI_Driver */ public function delete($key) { - if ($this->_redis->delete($key) !== 1) + if ($this->_redis->{static::$_delete_name}($key) !== 1) { return FALSE; } -- cgit v1.2.3-24-g4f1b From f4502e4ad6d8a595e472b85a5e0bc3f552b63306 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 19 Sep 2019 15:12:46 +0300 Subject: [ci skip] Begin 3.1.12-dev --- system/core/CodeIgniter.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index a053777c1..bd0c4c5d8 100644 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -55,7 +55,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @var string * */ - const CI_VERSION = '3.1.11-dev'; + const CI_VERSION = '3.1.12-dev'; /* * ------------------------------------------------------ -- cgit v1.2.3-24-g4f1b