From 68b0e088a25dee720642f42d76ea395c209be855 Mon Sep 17 00:00:00 2001
From: Andrey Andreev <narf@devilix.net>
Date: Fri, 13 Apr 2018 13:08:52 +0300
Subject: Fix #5448

---
 system/database/DB_query_builder.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'system')

diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php
index 8f477e3a1..8bc6328b4 100644
--- a/system/database/DB_query_builder.php
+++ b/system/database/DB_query_builder.php
@@ -987,7 +987,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
 				$v .= sprintf($this->_like_escape_str, $this->_like_escape_chr);
 			}
 
-			$qb_where = array('condition' => "{$prefix} {$k} {$not} LIKE", 'value' => $v, 'escape' => $escape);
+			$qb_where = array('condition' => "{$prefix} {$k} {$not} LIKE {$v}", 'value' => NULL, 'escape' => $escape);
 			$this->qb_where[] = $qb_where;
 			if ($this->qb_caching === TRUE)
 			{
-- 
cgit v1.2.3-24-g4f1b


From 9341189a529e28007c7ff566aa5db91488ea7439 Mon Sep 17 00:00:00 2001
From: Andrey Andreev <narf@devilix.net>
Date: Sat, 14 Apr 2018 16:45:56 +0300
Subject: Merge pull request #5464 from ytetsuro/fix/#5462/like-before-bug

Fixed issue #5462 Query Builder LIKE BEFORE doesnt work
---
 system/database/DB_query_builder.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'system')

diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php
index 8bc6328b4..5c0528a3f 100644
--- a/system/database/DB_query_builder.php
+++ b/system/database/DB_query_builder.php
@@ -970,7 +970,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
 					$v = "'{$v}'";
 					break;
 				case 'before':
-					$v = "%'{$v}'";
+					$v = "'%{$v}'";
 					break;
 				case 'after':
 					$v = "'{$v}%'";
-- 
cgit v1.2.3-24-g4f1b


From b070d923fee349b36c16010da3ff3c0222dddec3 Mon Sep 17 00:00:00 2001
From: Andrey Andreev <narf@devilix.net>
Date: Mon, 23 Apr 2018 14:26:49 +0300
Subject: [ci skip] Merge pull request #5471 from toonitw/patch-1

The value of limit can be zero
---
 system/database/DB_driver.php        | 2 +-
 system/database/DB_query_builder.php | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

(limited to 'system')

diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php
index 059849771..f8956f069 100644
--- a/system/database/DB_driver.php
+++ b/system/database/DB_driver.php
@@ -1528,7 +1528,7 @@ abstract class CI_DB_driver {
 		return 'UPDATE '.$table.' SET '.implode(', ', $valstr)
 			.$this->_compile_wh('qb_where')
 			.$this->_compile_order_by()
-			.($this->qb_limit ? ' LIMIT '.$this->qb_limit : '');
+			.($this->qb_limit !== FALSE ? ' LIMIT '.$this->qb_limit : '');
 	}
 
 	// --------------------------------------------------------------------
diff --git a/system/database/DB_query_builder.php b/system/database/DB_query_builder.php
index 5c0528a3f..3d0c329b0 100644
--- a/system/database/DB_query_builder.php
+++ b/system/database/DB_query_builder.php
@@ -2215,7 +2215,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
 	protected function _delete($table)
 	{
 		return 'DELETE FROM '.$table.$this->_compile_wh('qb_where')
-			.($this->qb_limit ? ' LIMIT '.$this->qb_limit : '');
+			.($this->qb_limit !== FALSE ? ' LIMIT '.$this->qb_limit : '');
 	}
 
 	// --------------------------------------------------------------------
@@ -2365,7 +2365,7 @@ abstract class CI_DB_query_builder extends CI_DB_driver {
 			.$this->_compile_order_by(); // ORDER BY
 
 		// LIMIT
-		if ($this->qb_limit OR $this->qb_offset)
+		if ($this->qb_limit !== FALSE OR $this->qb_offset)
 		{
 			return $this->_limit($sql."\n");
 		}
-- 
cgit v1.2.3-24-g4f1b


From 4dab9f8db84d5286ef1da9217af9e44771433b2f Mon Sep 17 00:00:00 2001
From: Andrey Andreev <narf@devilix.net>
Date: Wed, 31 Jan 2018 23:56:21 +0200
Subject: Merge pull request #5391 from mehdibo/fix/url-helper

Prevent tab hijacking when using the URL helper
---
 system/helpers/url_helper.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'system')

diff --git a/system/helpers/url_helper.php b/system/helpers/url_helper.php
index 0359ac92c..a22c4c215 100644
--- a/system/helpers/url_helper.php
+++ b/system/helpers/url_helper.php
@@ -396,7 +396,7 @@ if ( ! function_exists('auto_link'))
 		if ($type !== 'email' && preg_match_all('#(\w*://|www\.)[a-z0-9]+(-+[a-z0-9]+)*(\.[a-z0-9]+(-+[a-z0-9]+)*)+(/([^\s()<>;]+\w)?/?)?#i', $str, $matches, PREG_OFFSET_CAPTURE | PREG_SET_ORDER))
 		{
 			// Set our target HTML if using popup links.
-			$target = ($popup) ? ' target="_blank"' : '';
+			$target = ($popup) ? ' target="_blank" rel="noopener"' : '';
 
 			// We process the links in reverse order (last -> first) so that
 			// the returned string offsets from preg_match_all() are not
-- 
cgit v1.2.3-24-g4f1b