From 98c14ae881549c58298aef1d3f5ef7f88ff48d1e Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 9 Feb 2016 23:43:55 +0200 Subject: Merge pull request #4342 from jspreddy/sai/form_validation_refactor Abstract error message fetching in Form_validation --- system/libraries/Form_validation.php | 66 ++++++++++++++++++++---------------- 1 file changed, 36 insertions(+), 30 deletions(-) (limited to 'system') diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php index ea3bc6de7..24b2d1fc4 100644 --- a/system/libraries/Form_validation.php +++ b/system/libraries/Form_validation.php @@ -637,21 +637,7 @@ class CI_Form_validation { // Set the message type $type = in_array('required', $rules) ? 'required' : 'isset'; - // Check if a custom message is defined - if (isset($this->_field_data[$row['field']]['errors'][$type])) - { - $line = $this->_field_data[$row['field']]['errors'][$type]; - } - elseif (isset($this->_error_messages[$type])) - { - $line = $this->_error_messages[$type]; - } - elseif (FALSE === ($line = $this->CI->lang->line('form_validation_'.$type)) - // DEPRECATED support for non-prefixed keys - && FALSE === ($line = $this->CI->lang->line($type, FALSE))) - { - $line = 'The field was not set'; - } + $line = $this->_get_error_message($type, $row['field']); // Build the error message $message = $this->_build_error_msg($line, $this->_translate_fieldname($row['label'])); @@ -820,23 +806,9 @@ class CI_Form_validation { { $line = $this->CI->lang->line('form_validation_error_message_not_set').'(Anonymous function)'; } - // Check if a custom message is defined - elseif (isset($this->_field_data[$row['field']]['errors'][$rule])) - { - $line = $this->_field_data[$row['field']]['errors'][$rule]; - } - elseif ( ! isset($this->_error_messages[$rule])) - { - if (FALSE === ($line = $this->CI->lang->line('form_validation_'.$rule)) - // DEPRECATED support for non-prefixed keys - && FALSE === ($line = $this->CI->lang->line($rule, FALSE))) - { - $line = $this->CI->lang->line('form_validation_error_message_not_set').'('.$rule.')'; - } - } else { - $line = $this->_error_messages[$rule]; + $line = $this->_get_error_message($rule, $row['field']); } // Is the parameter we are inserting into the error message the name @@ -864,6 +836,40 @@ class CI_Form_validation { // -------------------------------------------------------------------- + /** + * Get the error message for the rule + * + * @param string $rule The rule name + * @param string $field The field name + * @return string + */ + protected function _get_error_message($rule, $field) + { + // check if a custom message is defined through validation config row. + if (isset($this->_field_data[$field]['errors'][$rule])) + { + return $this->_field_data[$field]['errors'][$rule]; + } + // check if a custom message has been set using the set_message() function + elseif (isset($this->_error_messages[$rule])) + { + return $this->_error_messages[$rule]; + } + elseif (FALSE !== ($tmp = $this->CI->lang->line('form_validation_'.$rule))) + { + return $tmp; + } + // DEPRECATED support for non-prefixed keys, lang file again + elseif (FALSE !== ($tmp = $this->CI->lang->line($rule, FALSE))) + { + return $tmp; + } + + return $this->CI->lang->line('form_validation_error_message_not_set').'('.$rule.')'; + } + + // -------------------------------------------------------------------- + /** * Translate a field name * -- cgit v1.2.3-24-g4f1b From b30a64a73057ad1253ae1f61f6cd8b125f64cc99 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 9 Feb 2016 23:46:25 +0200 Subject: Rename back a variable changed by the last PR merge Because. --- system/libraries/Form_validation.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'system') diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php index 24b2d1fc4..296ddb92a 100644 --- a/system/libraries/Form_validation.php +++ b/system/libraries/Form_validation.php @@ -855,14 +855,14 @@ class CI_Form_validation { { return $this->_error_messages[$rule]; } - elseif (FALSE !== ($tmp = $this->CI->lang->line('form_validation_'.$rule))) + elseif (FALSE !== ($line = $this->CI->lang->line('form_validation_'.$rule))) { - return $tmp; + return $line; } // DEPRECATED support for non-prefixed keys, lang file again - elseif (FALSE !== ($tmp = $this->CI->lang->line($rule, FALSE))) + elseif (FALSE !== ($line = $this->CI->lang->line($rule, FALSE))) { - return $tmp; + return $line; } return $this->CI->lang->line('form_validation_error_message_not_set').'('.$rule.')'; -- cgit v1.2.3-24-g4f1b From c4de3c2f93cb6d2af65b325ae2812fccad7e98b8 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 10 Feb 2016 07:41:43 +0200 Subject: [ci skip] Fix Memcached session lock handling and error checking around replace() usage --- .../Session/drivers/Session_memcached_driver.php | 26 ++++++++++++++-------- 1 file changed, 17 insertions(+), 9 deletions(-) (limited to 'system') diff --git a/system/libraries/Session/drivers/Session_memcached_driver.php b/system/libraries/Session/drivers/Session_memcached_driver.php index d017dfb2f..e9246443c 100644 --- a/system/libraries/Session/drivers/Session_memcached_driver.php +++ b/system/libraries/Session/drivers/Session_memcached_driver.php @@ -204,10 +204,16 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa if (isset($this->_lock_key)) { + $key = $this->_key_prefix.$session_id; + $this->_memcached->replace($this->_lock_key, time(), 300); if ($this->_fingerprint !== ($fingerprint = md5($session_data))) { - if ($this->_memcached->set($this->_key_prefix.$session_id, $session_data, $this->_config['expiration'])) + + if ( + $this->_memcached->replace($key, $session_data, $this->_config['expiration']) + OR ($this->_memcached->getResultCode() === Memcached::RES_NOTSTORED && $this->_memcached->set($key, $session_data, $this->_config['expiration'])) + ) { $this->_fingerprint = $fingerprint; return $this->_success; @@ -305,9 +311,12 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa // correct session ID. if ($this->_lock_key === $this->_key_prefix.$session_id.':lock') { - return ($this->_memcached->replace($this->_lock_key, time(), 300)) - ? $this->_success - : $this->_failure; + if ( ! $this->_memcached->replace($this->_lock_key, time(), 300)) + { + return ($this->_memcached->getResultCode() === Memcached::RES_NOTSTORED) + ? $this->_memcached->set($this->_lock_key, time(), 300) + : FALSE; + } } // 30 attempts to obtain a lock, in case another request already has it @@ -324,7 +333,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa if ( ! $this->_memcached->set($lock_key, time(), 300)) { log_message('error', 'Session: Error while trying to obtain lock for '.$this->_key_prefix.$session_id); - return $this->_failure; + return FALSE; } $this->_lock_key = $lock_key; @@ -335,11 +344,11 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa if ($attempt === 30) { log_message('error', 'Session: Unable to obtain lock for '.$this->_key_prefix.$session_id.' after 30 attempts, aborting.'); - return $this->_failure; + return FALSE; } $this->_lock = TRUE; - return $this->_success; + return TRUE; } // ------------------------------------------------------------------------ @@ -367,5 +376,4 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa return TRUE; } - -} +} \ No newline at end of file -- cgit v1.2.3-24-g4f1b From a54a2b90bf057d7883ea7506d78a1073478ea4cf Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 10 Feb 2016 19:55:39 +0200 Subject: Fix a bug where CI_Session_memcached_driver doesn't write empty sessions Related: #3919 --- system/libraries/Session/drivers/Session_memcached_driver.php | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) (limited to 'system') diff --git a/system/libraries/Session/drivers/Session_memcached_driver.php b/system/libraries/Session/drivers/Session_memcached_driver.php index e9246443c..ab3b1d97c 100644 --- a/system/libraries/Session/drivers/Session_memcached_driver.php +++ b/system/libraries/Session/drivers/Session_memcached_driver.php @@ -209,7 +209,6 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa $this->_memcached->replace($this->_lock_key, time(), 300); if ($this->_fingerprint !== ($fingerprint = md5($session_data))) { - if ( $this->_memcached->replace($key, $session_data, $this->_config['expiration']) OR ($this->_memcached->getResultCode() === Memcached::RES_NOTSTORED && $this->_memcached->set($key, $session_data, $this->_config['expiration'])) @@ -222,9 +221,13 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa return $this->_failure; } - return $this->_memcached->touch($this->_key_prefix.$session_id, $this->_config['expiration']) - ? $this->_success - : $this->_failure; + if ( + $this->_memcached->touch($key, $this->_config['expiration']) + OR ($this->_memcached->getResultCode() === Memcached::RES_NOTFOUND && $this->_memcached->set($key, $session_data, $this->_config['expiration'])) + ) + { + return $this->_success; + } } return $this->_failure; -- cgit v1.2.3-24-g4f1b From c6011941511e706c3a3d44151eccda7d0b472007 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 11 Feb 2016 23:49:37 +0200 Subject: Fix #4449 --- system/database/DB_query_builder.php | 60 ++++++++++++++++++++---------------- 1 file changed, 34 insertions(+), 26 deletions(-) (limited to 'system') diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index d6f35e0df..6bf039ead 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -531,38 +531,46 @@ abstract class CI_DB_query_builder extends CI_DB_driver { is_bool($escape) OR $escape = $this->_protect_identifiers; - // Split multiple conditions - if ($escape === TRUE && preg_match_all('/\sAND\s|\sOR\s/i', $cond, $m, PREG_OFFSET_CAPTURE)) + if ( ! $this->_has_operator($cond)) { - $newcond = ''; - $m[0][] = array('', strlen($cond)); - - for ($i = 0, $c = count($m[0]), $s = 0; - $i < $c; - $s = $m[0][$i][1] + strlen($m[0][$i][0]), $i++) - { - $temp = substr($cond, $s, ($m[0][$i][1] - $s)); - $newcond .= preg_match("/(\(*)?([\[\]\w\.'-]+)(\s*[^\"\[`'\w]+\s*)(.+)/i", $temp, $match) - ? $match[1].$this->protect_identifiers($match[2]).$match[3].$this->protect_identifiers($match[4]) - : $temp; - - $newcond .= $m[0][$i][0]; - } - - $cond = ' ON '.$newcond; - } - // Split apart the condition and protect the identifiers - elseif ($escape === TRUE && preg_match("/(\(*)?([\[\]\w\.'-]+)(\s*[^\"\[`'\w]+\s*)(.+)/i", $cond, $match)) - { - $cond = ' ON '.$match[1].$this->protect_identifiers($match[2]).$match[3].$this->protect_identifiers($match[4]); + $cond = ' USING ('.($escape ? $this->escape_identifiers($cond) : $cond).')'; } - elseif ( ! $this->_has_operator($cond)) + elseif ($escape === FALSE) { - $cond = ' USING ('.($escape ? $this->escape_identifiers($cond) : $cond).')'; + $cond = ' ON '.$cond; } else { - $cond = ' ON '.$cond; + // Split multiple conditions + if (preg_match_all('/\sAND\s|\sOR\s/i', $cond, $joints, PREG_OFFSET_CAPTURE)) + { + $conditions = array(); + $joints = $joints[0]; + array_unshift($joints, array('', 0)); + + for ($i = count($joints) - 1, $pos = strlen($cond); $i >= 0; $i--) + { + $joints[$i][1] += strlen($joints[$i][0]); // offset + $conditions[$i] = substr($cond, $joints[$i][1], $pos - $joints[$i][1]); + $pos = $joints[$i][1] - strlen($joints[$i][0]); + $joints[$i] = $joints[$i][0]; + } + } + else + { + $conditions = array($cond); + $joints = array(''); + } + + $cond = ' ON '; + for ($i = 0, $c = count($conditions); $i < $c; $i++) + { + $operator = $this->_get_operator($conditions[$i]); + $cond .= $joints[$i]; + $cond .= preg_match("/(\(*)?([\[\]\w\.'-]+)".preg_quote($operator)."(.*)/i", $conditions[$i], $match) + ? $match[1].$this->protect_identifiers($match[2]).$operator.$this->protect_identifiers($match[3]) + : $conditions[$i]; + } } // Do we want to escape the table name? -- cgit v1.2.3-24-g4f1b From 8215e2fcf828964b232e9f48befac4f08fa11187 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 11 Feb 2016 20:30:43 +0200 Subject: [ci skip] Fix Memcached replace() result code checks in CI_Session Related #3919 --- system/libraries/Session/drivers/Session_memcached_driver.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'system') diff --git a/system/libraries/Session/drivers/Session_memcached_driver.php b/system/libraries/Session/drivers/Session_memcached_driver.php index ab3b1d97c..875e72255 100644 --- a/system/libraries/Session/drivers/Session_memcached_driver.php +++ b/system/libraries/Session/drivers/Session_memcached_driver.php @@ -211,7 +211,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa { if ( $this->_memcached->replace($key, $session_data, $this->_config['expiration']) - OR ($this->_memcached->getResultCode() === Memcached::RES_NOTSTORED && $this->_memcached->set($key, $session_data, $this->_config['expiration'])) + OR ($this->_memcached->getResultCode() === Memcached::RES_NOTFOUND && $this->_memcached->set($key, $session_data, $this->_config['expiration'])) ) { $this->_fingerprint = $fingerprint; @@ -316,7 +316,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa { if ( ! $this->_memcached->replace($this->_lock_key, time(), 300)) { - return ($this->_memcached->getResultCode() === Memcached::RES_NOTSTORED) + return ($this->_memcached->getResultCode() === Memcached::RES_NOTFOUND) ? $this->_memcached->set($this->_lock_key, time(), 300) : FALSE; } -- cgit v1.2.3-24-g4f1b From 44d3b185ae7a15e50bd595440187c6c863a13415 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 15 Feb 2016 14:37:14 +0200 Subject: Merge pull request #4453 from EpicKris/feature/Autoload-Driver-Object-Name Autoload Driver Object Names --- system/core/Loader.php | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) (limited to 'system') diff --git a/system/core/Loader.php b/system/core/Loader.php index 37d1ecaf9..80de804ea 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -718,9 +718,16 @@ class CI_Loader { { if (is_array($library)) { - foreach ($library as $driver) + foreach ($library as $key => $value) { - $this->driver($driver); + if (is_int($key)) + { + $this->driver($value, $params); + } + else + { + $this->driver($key, $params, $value); + } } return $this; @@ -1334,10 +1341,7 @@ class CI_Loader { // Autoload drivers if (isset($autoload['drivers'])) { - foreach ($autoload['drivers'] as $item) - { - $this->driver($item); - } + $this->driver($autoload['drivers']); } // Load libraries -- cgit v1.2.3-24-g4f1b From 738b9e30404a56a8e2e8053f024550232b72ea09 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 24 Feb 2016 12:14:10 +0200 Subject: Merge pull request #4480 from versalle88/develop Changed class_exists() calls to ignore __autoload() --- system/core/Loader.php | 2 +- system/libraries/Session/Session.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'system') diff --git a/system/core/Loader.php b/system/core/Loader.php index 80de804ea..62781a7bf 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -321,7 +321,7 @@ class CI_Loader { } $model = ucfirst($model); - if ( ! class_exists($model)) + if ( ! class_exists($model, FALSE)) { foreach ($this->_ci_model_paths as $mod_path) { diff --git a/system/libraries/Session/Session.php b/system/libraries/Session/Session.php index b93c00c15..77c56ae70 100644 --- a/system/libraries/Session/Session.php +++ b/system/libraries/Session/Session.php @@ -231,7 +231,7 @@ class CI_Session { } } - if ( ! class_exists($prefix.$class) && file_exists($file_path = APPPATH.'libraries/Session/drivers/'.$prefix.$class.'.php')) + if ( ! class_exists($prefix.$class, FALSE) && file_exists($file_path = APPPATH.'libraries/Session/drivers/'.$prefix.$class.'.php')) { require_once($file_path); if (class_exists($prefix.$class, FALSE)) -- cgit v1.2.3-24-g4f1b From 99c17e516438843a69496046e5bc0ea627c3b0f8 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 29 Feb 2016 16:53:45 +0200 Subject: Merge pull request #4495 from galdiolo/patch-15 [ci skip] Fix a comment typo --- system/database/DB_query_builder.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system') diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php index 6bf039ead..c862d937d 100644 --- a/system/database/DB_query_builder.php +++ b/system/database/DB_query_builder.php @@ -2350,7 +2350,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver { * * Escapes identifiers in WHERE and HAVING statements at execution time. * - * Required so that aliases are tracked properly, regardless of wether + * Required so that aliases are tracked properly, regardless of whether * where(), or_where(), having(), or_having are called prior to from(), * join() and dbprefix is added only if needed. * -- cgit v1.2.3-24-g4f1b From f06858c3df09fd33c80f9fc415b6c63b3430869c Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 29 Feb 2016 17:35:12 +0200 Subject: Merge pull request #4491 from roastduck/develop [ci skip] Clean current lock key on close() in redis session driver --- system/libraries/Session/drivers/Session_redis_driver.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system') diff --git a/system/libraries/Session/drivers/Session_redis_driver.php b/system/libraries/Session/drivers/Session_redis_driver.php index ad95309da..7b7951f5d 100644 --- a/system/libraries/Session/drivers/Session_redis_driver.php +++ b/system/libraries/Session/drivers/Session_redis_driver.php @@ -254,7 +254,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle try { if ($this->_redis->ping() === '+PONG') { - isset($this->_lock_key) && $this->_redis->delete($this->_lock_key); + $this->_release_lock(); if ($this->_redis->close() === $this->_failure) { return $this->_failure; -- cgit v1.2.3-24-g4f1b From 215922144082eb4b613e2418ba552776d23ea1db Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 29 Feb 2016 17:38:51 +0200 Subject: [ci skip] Apply #4491 to Memcached driver --- system/libraries/Session/drivers/Session_memcached_driver.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system') diff --git a/system/libraries/Session/drivers/Session_memcached_driver.php b/system/libraries/Session/drivers/Session_memcached_driver.php index 875e72255..4bd63991f 100644 --- a/system/libraries/Session/drivers/Session_memcached_driver.php +++ b/system/libraries/Session/drivers/Session_memcached_driver.php @@ -246,7 +246,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa { if (isset($this->_memcached)) { - isset($this->_lock_key) && $this->_memcached->delete($this->_lock_key); + $this->_release_lock(); if ( ! $this->_memcached->quit()) { return $this->_failure; -- cgit v1.2.3-24-g4f1b From e1f36e341a4ff513f8ba1f9908326f159edca4e7 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 1 Mar 2016 13:33:37 +0200 Subject: [ci skip] Move flock() call in CI_Log::write_log() immediately after fopen() --- system/core/Log.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'system') diff --git a/system/core/Log.php b/system/core/Log.php index 7c81d358b..1abdaa00e 100644 --- a/system/core/Log.php +++ b/system/core/Log.php @@ -191,6 +191,8 @@ class CI_Log { return FALSE; } + flock($fp, LOCK_EX); + // Instantiating DateTime with microseconds appended to initial date is needed for proper support of this format if (strpos($this->_date_fmt, 'u') !== FALSE) { @@ -206,8 +208,6 @@ class CI_Log { $message .= $this->_format_line($level, $date, $msg); - flock($fp, LOCK_EX); - for ($written = 0, $length = strlen($message); $written < $length; $written += $result) { if (($result = fwrite($fp, substr($message, $written))) === FALSE) -- cgit v1.2.3-24-g4f1b From 8108b612fb80327215ae66b53c75c158d6f07e62 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 7 Mar 2016 10:10:17 +0200 Subject: [ci skip] Fix transactions for the ibase driver Reported via the forums: http://forum.codeigniter.com/thread-64559.html --- system/database/drivers/ibase/ibase_driver.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system') diff --git a/system/database/drivers/ibase/ibase_driver.php b/system/database/drivers/ibase/ibase_driver.php index cbc1022ff..c1055c1e6 100644 --- a/system/database/drivers/ibase/ibase_driver.php +++ b/system/database/drivers/ibase/ibase_driver.php @@ -126,7 +126,7 @@ class CI_DB_ibase_driver extends CI_DB { */ protected function _execute($sql) { - return ibase_query($this->conn_id, $sql); + return ibase_query(isset($this->_ibase_trans) ? $this->_ibase_trans : $this->conn_id, $sql); } // -------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From 3c0d8da56b8535bb3ab563256e221c81a4a96e4a Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 7 Mar 2016 10:52:15 +0200 Subject: Fix #4475 --- system/core/Security.php | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) (limited to 'system') diff --git a/system/core/Security.php b/system/core/Security.php index bad511dd3..d5305d1ca 100644 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -762,7 +762,14 @@ class CI_Security { */ public function strip_image_tags($str) { - return preg_replace(array('##', '##'), '\\1', $str); + return preg_replace( + array( + '##i', + '#`]+)).*?\>#i' + ), + '\\2', + $str + ); } // ---------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From e6a5f797de7381791537b736eb83b71c6fb28b39 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 7 Mar 2016 11:34:43 +0200 Subject: [ci skip] Fix Profiler not applying htmlspecialchars() to all inputs --- system/libraries/Profiler.php | 44 ++++++++++++++++++------------------------- 1 file changed, 18 insertions(+), 26 deletions(-) (limited to 'system') diff --git a/system/libraries/Profiler.php b/system/libraries/Profiler.php index cc7641436..cf455d3da 100644 --- a/system/libraries/Profiler.php +++ b/system/libraries/Profiler.php @@ -314,12 +314,14 @@ class CI_Profiler { foreach ($_GET as $key => $val) { - is_int($key) OR $key = "'".$key."'"; + is_int($key) OR $key = "'".htmlspecialchars($key, ENT_QUOTES, config_item('charset'))."'"; + $val = (is_array($val) OR is_object($val)) + ? '
'.htmlspecialchars(print_r($val, TRUE), ENT_QUOTES, config_item('charset'))
+					: htmlspecialchars($val, ENT_QUOTES, config_item('charset'));
 
 				$output .= '$_GET['
 					.$key.']   '
-					.((is_array($val) OR is_object($val)) ? '
'.htmlspecialchars(stripslashes(print_r($val, TRUE))).'
' : htmlspecialchars(stripslashes($val))) - ."\n"; + .$val."\n"; } $output .= "\n"; @@ -352,36 +354,26 @@ class CI_Profiler { foreach ($_POST as $key => $val) { - is_int($key) OR $key = "'".$key."'"; + is_int($key) OR $key = "'".htmlspecialchars($key, ENT_QUOTES, config_item('charset'))."'"; + $val = (is_array($val) OR is_object($val)) + ? '
'.htmlspecialchars(print_r($val, TRUE), ENT_QUOTES, config_item('charset'))
+					: htmlspecialchars($val, ENT_QUOTES, config_item('charset'));
 
 				$output .= '$_POST['
-					.$key.']   ';
-
-				if (is_array($val) OR is_object($val))
-				{
-					$output .= '
'.htmlspecialchars(stripslashes(print_r($val, TRUE))).'
'; - } - else - { - $output .= htmlspecialchars(stripslashes($val)); - } - - $output .= "\n"; + .$key.']   ' + .$val."\n"; } foreach ($_FILES as $key => $val) { - is_int($key) OR $key = "'".$key."'"; + is_int($key) OR $key = "'".htmlspecialchars($key, ENT_QUOTES, config_item('charset'))."'"; + $val = (is_array($val) OR is_object($val)) + ? '
'.htmlspecialchars(print_r($val, TRUE), ENT_QUOTES, config_item('charset'))
+					: htmlspecialchars($val, ENT_QUOTES, config_item('charset'));
 
 				$output .= '$_FILES['
-					.$key.']   ';
-
-				if (is_array($val) OR is_object($val))
-				{
-					$output .= '
'.htmlspecialchars(stripslashes(print_r($val, TRUE))).'
'; - } - - $output .= "\n"; + .$key.']   ' + .$val."\n"; } $output .= "\n"; @@ -465,7 +457,7 @@ class CI_Profiler { foreach (array('HTTP_ACCEPT', 'HTTP_USER_AGENT', 'HTTP_CONNECTION', 'SERVER_PORT', 'SERVER_NAME', 'REMOTE_ADDR', 'SERVER_SOFTWARE', 'HTTP_ACCEPT_LANGUAGE', 'SCRIPT_NAME', 'REQUEST_METHOD',' HTTP_HOST', 'REMOTE_HOST', 'CONTENT_TYPE', 'SERVER_PROTOCOL', 'QUERY_STRING', 'HTTP_ACCEPT_ENCODING', 'HTTP_X_FORWARDED_FOR', 'HTTP_DNT') as $header) { - $val = isset($_SERVER[$header]) ? $_SERVER[$header] : ''; + $val = isset($_SERVER[$header]) ? htmlspecialchars($_SERVER[$header], ENT_QUOTES, config_item('charset')) : ''; $output .= '' .$header.'  '.$val."\n"; } -- cgit v1.2.3-24-g4f1b From 7e0bde27c8a6669b781d87c15ea51b750c91f97c Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 7 Mar 2016 17:52:26 +0200 Subject: Merge pull request #4472 from vibbow/patch-1 [ci skip] Update get_instance() return type in docblock --- system/core/CodeIgniter.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index 52b542654..bf41ab2a2 100644 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -359,7 +359,7 @@ if ( ! is_php('5.4')) * * Returns current CI instance object * - * @return object + * @return CI_Controller */ function &get_instance() { -- cgit v1.2.3-24-g4f1b From a027a7fd0d770cec0d71e888d8b6f4aa1568ce9f Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 10 Mar 2016 13:59:20 +0200 Subject: Improve ext/session error messages --- system/libraries/Session/Session_driver.php | 20 ++++++++++++++++++++ .../Session/drivers/Session_database_driver.php | 21 ++++++++++----------- .../Session/drivers/Session_memcached_driver.php | 20 ++++++++++---------- .../Session/drivers/Session_redis_driver.php | 22 +++++++++++----------- 4 files changed, 51 insertions(+), 32 deletions(-) (limited to 'system') diff --git a/system/libraries/Session/Session_driver.php b/system/libraries/Session/Session_driver.php index 98fc897e3..55ddb25e0 100644 --- a/system/libraries/Session/Session_driver.php +++ b/system/libraries/Session/Session_driver.php @@ -168,4 +168,24 @@ abstract class CI_Session_driver implements SessionHandlerInterface { return TRUE; } + // ------------------------------------------------------------------------ + + /** + * Fail + * + * Drivers other than the 'files' one don't (need to) use the + * session.save_path INI setting, but that leads to confusing + * error messages emitted by PHP when open() or write() fail, + * as the message contains session.save_path ... + * To work around the problem, the drivers will call this method + * so that the INI is set just in time for the error message to + * be properly generated. + * + * @return mixed + */ + protected function _fail() + { + ini_set('session.save_path', config_item('sess_save_path')); + return $this->_failure; + } } diff --git a/system/libraries/Session/drivers/Session_database_driver.php b/system/libraries/Session/drivers/Session_database_driver.php index 3ba9d3d36..da0331220 100644 --- a/system/libraries/Session/drivers/Session_database_driver.php +++ b/system/libraries/Session/drivers/Session_database_driver.php @@ -127,7 +127,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan { if (empty($this->_db->conn_id) && ! $this->_db->db_connect()) { - return $this->_failure; + return $this->_fail(); } return $this->_success; @@ -163,7 +163,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan $this->_db->where('ip_address', $_SERVER['REMOTE_ADDR']); } - if (($result = $this->_db->get()->row()) === NULL) + if ( ! ($result = $this->_db->get()) OR $result->row() === NULL) { // PHP7 will reuse the same SessionHandler object after // ID regeneration, so we need to explicitly set this to @@ -210,7 +210,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan { if ( ! $this->_release_lock() OR ! $this->_get_lock($session_id)) { - return $this->_failure; + return $this->_fail(); } $this->_row_exists = FALSE; @@ -218,7 +218,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan } elseif ($this->_lock === FALSE) { - return $this->_failure; + return $this->_fail(); } if ($this->_row_exists === FALSE) @@ -237,7 +237,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan return $this->_success; } - return $this->_failure; + return $this->_fail(); } $this->_db->where('id', $session_id); @@ -260,7 +260,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan return $this->_success; } - return $this->_failure; + return $this->_fail(); } // ------------------------------------------------------------------------ @@ -275,7 +275,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan public function close() { return ($this->_lock && ! $this->_release_lock()) - ? $this->_failure + ? $this->_fail() : $this->_success; } @@ -304,7 +304,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan if ( ! $this->_db->delete($this->_config['save_path'])) { - return $this->_failure; + return $this->_fail(); } } @@ -314,7 +314,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan return $this->_success; } - return $this->_failure; + return $this->_fail(); } // ------------------------------------------------------------------------ @@ -334,7 +334,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan return ($this->_db->delete($this->_config['save_path'], 'timestamp < '.(time() - $maxlifetime))) ? $this->_success - : $this->_failure; + : $this->_fail(); } // ------------------------------------------------------------------------ @@ -414,5 +414,4 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan return parent::_release_lock(); } - } \ No newline at end of file diff --git a/system/libraries/Session/drivers/Session_memcached_driver.php b/system/libraries/Session/drivers/Session_memcached_driver.php index 4bd63991f..88eb4b3a6 100644 --- a/system/libraries/Session/drivers/Session_memcached_driver.php +++ b/system/libraries/Session/drivers/Session_memcached_driver.php @@ -117,7 +117,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa { $this->_memcached = NULL; log_message('error', 'Session: Invalid Memcached save path format: '.$this->_config['save_path']); - return $this->_failure; + return $this->_fail(); } foreach ($matches as $match) @@ -142,7 +142,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa if (empty($server_list)) { log_message('error', 'Session: Memcached server pool is empty.'); - return $this->_failure; + return $this->_fail(); } return $this->_success; @@ -170,7 +170,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa return $session_data; } - return $this->_failure; + return $this->_fail(); } // ------------------------------------------------------------------------ @@ -188,14 +188,14 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa { if ( ! isset($this->_memcached)) { - return $this->_failure; + return $this->_fail(); } // Was the ID regenerated? elseif ($session_id !== $this->_session_id) { if ( ! $this->_release_lock() OR ! $this->_get_lock($session_id)) { - return $this->_failure; + return $this->_fail(); } $this->_fingerprint = md5(''); @@ -218,7 +218,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa return $this->_success; } - return $this->_failure; + return $this->_fail(); } if ( @@ -230,7 +230,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa } } - return $this->_failure; + return $this->_fail(); } // ------------------------------------------------------------------------ @@ -249,14 +249,14 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa $this->_release_lock(); if ( ! $this->_memcached->quit()) { - return $this->_failure; + return $this->_fail(); } $this->_memcached = NULL; return $this->_success; } - return $this->_failure; + return $this->_fail(); } // ------------------------------------------------------------------------ @@ -278,7 +278,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa return $this->_success; } - return $this->_failure; + return $this->_fail(); } // ------------------------------------------------------------------------ diff --git a/system/libraries/Session/drivers/Session_redis_driver.php b/system/libraries/Session/drivers/Session_redis_driver.php index 7b7951f5d..cc242dd3d 100644 --- a/system/libraries/Session/drivers/Session_redis_driver.php +++ b/system/libraries/Session/drivers/Session_redis_driver.php @@ -131,7 +131,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle { if (empty($this->_config['save_path'])) { - return $this->_failure; + return $this->_fail(); } $redis = new Redis(); @@ -153,7 +153,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle return $this->_success; } - return $this->_failure; + return $this->_fail(); } // ------------------------------------------------------------------------ @@ -183,7 +183,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle return $session_data; } - return $this->_failure; + return $this->_fail(); } // ------------------------------------------------------------------------ @@ -201,14 +201,14 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle { if ( ! isset($this->_redis)) { - return $this->_failure; + return $this->_fail(); } // Was the ID regenerated? elseif ($session_id !== $this->_session_id) { if ( ! $this->_release_lock() OR ! $this->_get_lock($session_id)) { - return $this->_failure; + return $this->_fail(); } $this->_key_exists = FALSE; @@ -227,15 +227,15 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle return $this->_success; } - return $this->_failure; + return $this->_fail(); } return ($this->_redis->setTimeout($this->_key_prefix.$session_id, $this->_config['expiration'])) ? $this->_success - : $this->_failure; + : $this->_fail(); } - return $this->_failure; + return $this->_fail(); } // ------------------------------------------------------------------------ @@ -255,9 +255,9 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle if ($this->_redis->ping() === '+PONG') { $this->_release_lock(); - if ($this->_redis->close() === $this->_failure) + if ($this->_redis->close() === $this->_fail()) { - return $this->_failure; + return $this->_fail(); } } } @@ -296,7 +296,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle return $this->_success; } - return $this->_failure; + return $this->_fail(); } // ------------------------------------------------------------------------ -- cgit v1.2.3-24-g4f1b From 7bdd4950da2226859b00042ce9e8b2b9797129a7 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 10 Mar 2016 14:01:09 +0200 Subject: Fix a logical error from last commit --- system/libraries/Session/drivers/Session_database_driver.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system') diff --git a/system/libraries/Session/drivers/Session_database_driver.php b/system/libraries/Session/drivers/Session_database_driver.php index da0331220..317bd7d4d 100644 --- a/system/libraries/Session/drivers/Session_database_driver.php +++ b/system/libraries/Session/drivers/Session_database_driver.php @@ -163,7 +163,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan $this->_db->where('ip_address', $_SERVER['REMOTE_ADDR']); } - if ( ! ($result = $this->_db->get()) OR $result->row() === NULL) + if ( ! ($result = $this->_db->get()) OR ($result = $result->row()) === NULL) { // PHP7 will reuse the same SessionHandler object after // ID regeneration, so we need to explicitly set this to -- cgit v1.2.3-24-g4f1b From f56068bfd34e3ebc1325b049bf33901d855c7321 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 11 Mar 2016 11:11:53 +0200 Subject: Revert an unintended change from a027a7fd0d770cec0d71e888d8b6f4aa1568ce9f --- system/libraries/Session/drivers/Session_redis_driver.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system') diff --git a/system/libraries/Session/drivers/Session_redis_driver.php b/system/libraries/Session/drivers/Session_redis_driver.php index cc242dd3d..e4e09fe0d 100644 --- a/system/libraries/Session/drivers/Session_redis_driver.php +++ b/system/libraries/Session/drivers/Session_redis_driver.php @@ -255,7 +255,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle if ($this->_redis->ping() === '+PONG') { $this->_release_lock(); - if ($this->_redis->close() === $this->_fail()) + if ($this->_redis->close() === $this->_failure) { return $this->_fail(); } -- cgit v1.2.3-24-g4f1b From 1be8987176ad422ae6bc8af5c8f148eba9b5dff1 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 11 Mar 2016 18:12:57 +0200 Subject: Fix a number of CI_Cache bugs Fixes #4277 Supersedes #4474 Really fixes #4066 --- system/libraries/Cache/drivers/Cache_apc.php | 27 +++++++++++++++------- system/libraries/Cache/drivers/Cache_memcached.php | 1 + system/libraries/Cache/drivers/Cache_redis.php | 6 +++++ system/libraries/Cache/drivers/Cache_wincache.php | 27 +++++++++++++++------- 4 files changed, 45 insertions(+), 16 deletions(-) (limited to 'system') diff --git a/system/libraries/Cache/drivers/Cache_apc.php b/system/libraries/Cache/drivers/Cache_apc.php index dd18e7bc8..07ea8f474 100644 --- a/system/libraries/Cache/drivers/Cache_apc.php +++ b/system/libraries/Cache/drivers/Cache_apc.php @@ -48,6 +48,24 @@ defined('BASEPATH') OR exit('No direct script access allowed'); */ class CI_Cache_apc extends CI_Driver { + /** + * Class constructor + * + * Only present so that an error message is logged + * if APC is not available. + * + * @return void + */ + public function __construct() + { + if ( ! $this->is_supported()) + { + log_message('error', 'Cache: Failed to initialize APC; extension not loaded/enabled?'); + } + } + + // ------------------------------------------------------------------------ + /** * Get * @@ -198,13 +216,6 @@ class CI_Cache_apc extends CI_Driver { */ public function is_supported() { - if ( ! extension_loaded('apc') OR ! ini_get('apc.enabled')) - { - log_message('debug', 'The APC PHP extension must be loaded to use APC Cache.'); - return FALSE; - } - - return TRUE; + return (extension_loaded('apc') && ini_get('apc.enabled')); } - } diff --git a/system/libraries/Cache/drivers/Cache_memcached.php b/system/libraries/Cache/drivers/Cache_memcached.php index c44958b97..7e67fc40f 100644 --- a/system/libraries/Cache/drivers/Cache_memcached.php +++ b/system/libraries/Cache/drivers/Cache_memcached.php @@ -107,6 +107,7 @@ class CI_Cache_memcached extends CI_Driver { else { log_message('error', 'Cache: Failed to create Memcache(d) object; extension not loaded?'); + return; } foreach ($this->_memcache_conf as $cache_server) diff --git a/system/libraries/Cache/drivers/Cache_redis.php b/system/libraries/Cache/drivers/Cache_redis.php index 81b49e2fc..e9194a499 100644 --- a/system/libraries/Cache/drivers/Cache_redis.php +++ b/system/libraries/Cache/drivers/Cache_redis.php @@ -91,6 +91,12 @@ class CI_Cache_redis extends CI_Driver */ public function __construct() { + if ( ! $this->is_supported()) + { + log_message('error', 'Cache: Failed to create Redis object; extension not loaded?'); + return; + } + $config = array(); $CI =& get_instance(); diff --git a/system/libraries/Cache/drivers/Cache_wincache.php b/system/libraries/Cache/drivers/Cache_wincache.php index f66080514..d6a0d4fb6 100644 --- a/system/libraries/Cache/drivers/Cache_wincache.php +++ b/system/libraries/Cache/drivers/Cache_wincache.php @@ -51,6 +51,24 @@ defined('BASEPATH') OR exit('No direct script access allowed'); */ class CI_Cache_wincache extends CI_Driver { + /** + * Class constructor + * + * Only present so that an error message is logged + * if APC is not available. + * + * @return void + */ + public function __construct() + { + if ( ! $this->is_supported()) + { + log_message('error', 'Cache: Failed to initialize Wincache; extension not loaded/enabled?'); + } + } + + // ------------------------------------------------------------------------ + /** * Get * @@ -194,13 +212,6 @@ class CI_Cache_wincache extends CI_Driver { */ public function is_supported() { - if ( ! extension_loaded('wincache') OR ! ini_get('wincache.ucenabled')) - { - log_message('debug', 'The Wincache PHP extension must be loaded to use Wincache Cache.'); - return FALSE; - } - - return TRUE; + return (extension_loaded('wincache') && ini_get('wincache.ucenabled')); } - } -- cgit v1.2.3-24-g4f1b From 92d1cc05362998ceabe39c4023f41fd939c1f5b2 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 11 Mar 2016 18:19:23 +0200 Subject: Add a defensive check in CI_Loader::_ci_load() Prevents possible internal variable overwrites when loading views --- system/core/Loader.php | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'system') diff --git a/system/core/Loader.php b/system/core/Loader.php index 62781a7bf..c742ae71a 100644 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -936,6 +936,14 @@ class CI_Loader { */ if (is_array($_ci_vars)) { + foreach (array_keys($_ci_vars) as $key) + { + if (strncmp($key, '_ci_', 4) === 0) + { + unset($_ci_vars[$key]); + } + } + $this->_ci_cached_vars = array_merge($this->_ci_cached_vars, $_ci_vars); } extract($this->_ci_cached_vars); -- cgit v1.2.3-24-g4f1b From 59bcd1810f6c18e6dd4158003f122f750536d22e Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 11 Mar 2016 18:23:27 +0200 Subject: [ci skip] Prepare for 3.0.5 release --- system/core/CodeIgniter.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index bf41ab2a2..94d34c3fd 100644 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -55,7 +55,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @var string * */ - define('CI_VERSION', '3.0.5-dev'); + define('CI_VERSION', '3.0.5'); /* * ------------------------------------------------------ -- cgit v1.2.3-24-g4f1b From 4f9b20ae507dda7379d392386fb7ce5702626a91 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 11 Mar 2016 18:35:58 +0200 Subject: [ci skip] Mark the start of 3.0.6 development --- system/core/CodeIgniter.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index 94d34c3fd..f0d7c8f53 100644 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -55,7 +55,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @var string * */ - define('CI_VERSION', '3.0.5'); + define('CI_VERSION', '3.0.6-dev'); /* * ------------------------------------------------------ -- cgit v1.2.3-24-g4f1b