From 95311be467faa2e744bbd9e932900a7cf96b081f Mon Sep 17 00:00:00 2001 From: Alex Bilbie Date: Sat, 20 Aug 2011 17:35:22 +0100 Subject: Renamed some Session library functions to make them shorter. Includes backwards compatibility. --- system/libraries/Cart.php | 10 ++++---- system/libraries/Session.php | 59 +++++++++++++++++++++++++++++++++----------- 2 files changed, 50 insertions(+), 19 deletions(-) (limited to 'system') diff --git a/system/libraries/Cart.php b/system/libraries/Cart.php index b2eaa9ad7..1caef49cd 100644 --- a/system/libraries/Cart.php +++ b/system/libraries/Cart.php @@ -59,9 +59,9 @@ class CI_Cart { $this->CI->load->library('session', $config); // Grab the shopping cart array from the session table, if it exists - if ($this->CI->session->userdata('cart_contents') !== FALSE) + if ($this->CI->session->get('cart_contents') !== FALSE) { - $this->_cart_contents = $this->CI->session->userdata('cart_contents'); + $this->_cart_contents = $this->CI->session->get('cart_contents'); } else { @@ -397,7 +397,7 @@ class CI_Cart { // Is our cart empty? If so we delete it from the session if (count($this->_cart_contents) <= 2) { - $this->CI->session->unset_userdata('cart_contents'); + $this->CI->session->rm('cart_contents'); // Nothing more to do... coffee time! return FALSE; @@ -405,7 +405,7 @@ class CI_Cart { // If we made it this far it means that our cart has data. // Let's pass it to the Session class so it can be stored - $this->CI->session->set_userdata(array('cart_contents' => $this->_cart_contents)); + $this->CI->session->set(array('cart_contents' => $this->_cart_contents)); // Woot! return TRUE; @@ -541,7 +541,7 @@ class CI_Cart { $this->_cart_contents['cart_total'] = 0; $this->_cart_contents['total_items'] = 0; - $this->CI->session->unset_userdata('cart_contents'); + $this->CI->session->rm('cart_contents'); } diff --git a/system/libraries/Session.php b/system/libraries/Session.php index 2c8a80163..3203468b2 100644 --- a/system/libraries/Session.php +++ b/system/libraries/Session.php @@ -395,7 +395,7 @@ class CI_Session { * @access public * @return void */ - function sess_destroy() + function destroy() { // Kill the session DB row if ($this->sess_use_database === TRUE AND isset($this->userdata['session_id'])) @@ -424,7 +424,7 @@ class CI_Session { * @param string * @return string */ - function userdata($item) + function get($item) { return ( ! isset($this->userdata[$item])) ? FALSE : $this->userdata[$item]; } @@ -437,7 +437,7 @@ class CI_Session { * @access public * @return array */ - function all_userdata() + function get_all() { return $this->userdata; } @@ -452,7 +452,7 @@ class CI_Session { * @param string * @return void */ - function set_userdata($newdata = array(), $newval = '') + function set($newdata = array(), $newval = '') { if (is_string($newdata)) { @@ -478,7 +478,7 @@ class CI_Session { * @access array * @return void */ - function unset_userdata($newdata = array()) + function rm($newdata = array()) { if (is_string($newdata)) { @@ -519,7 +519,7 @@ class CI_Session { foreach ($newdata as $key => $val) { $flashdata_key = $this->flashdata_key.':new:'.$key; - $this->set_userdata($flashdata_key, $val); + $this->set($flashdata_key, $val); } } } @@ -540,10 +540,10 @@ class CI_Session { // Note the function will return FALSE if the $key // provided cannot be found $old_flashdata_key = $this->flashdata_key.':old:'.$key; - $value = $this->userdata($old_flashdata_key); + $value = $this->get($old_flashdata_key); $new_flashdata_key = $this->flashdata_key.':new:'.$key; - $this->set_userdata($new_flashdata_key, $value); + $this->set($new_flashdata_key, $value); } // ------------------------------------------------------------------------ @@ -558,7 +558,7 @@ class CI_Session { function flashdata($key) { $flashdata_key = $this->flashdata_key.':old:'.$key; - return $this->userdata($flashdata_key); + return $this->get($flashdata_key); } // ------------------------------------------------------------------------ @@ -572,15 +572,15 @@ class CI_Session { */ function _flashdata_mark() { - $userdata = $this->all_userdata(); + $userdata = $this->get_all(); foreach ($userdata as $name => $value) { $parts = explode(':new:', $name); if (is_array($parts) && count($parts) === 2) { $new_name = $this->flashdata_key.':old:'.$parts[1]; - $this->set_userdata($new_name, $value); - $this->unset_userdata($name); + $this->set($new_name, $value); + $this->unset($name); } } } @@ -596,12 +596,12 @@ class CI_Session { function _flashdata_sweep() { - $userdata = $this->all_userdata(); + $userdata = $this->get_all(); foreach ($userdata as $key => $value) { if (strpos($key, ':old:')) { - $this->unset_userdata($key); + $this->unset($key); } } @@ -767,6 +767,37 @@ class CI_Session { log_message('debug', 'Session garbage collection performed.'); } } + + // -------------------------------------------------------------------- + + /** + * Backwards compatible functions + */ + + function userdata($item) + { + return $this->get($item); + } + + function all_userdata() + { + return $this->get_all(); + } + + function set_userdata($newdata) + { + $this->set($newdata); + } + + function unset_userdata($newdata) + { + $this->rm($newdata); + } + + function sess_destroy() + { + $this->destroy(); + } } -- cgit v1.2.3-24-g4f1b From 75bc58b05cf16a0f8c5e7ed1545033a5d8b8feba Mon Sep 17 00:00:00 2001 From: David Behler Date: Sun, 21 Aug 2011 15:03:47 +0200 Subject: Fixed problem with needless seperator at begin/end of string --- system/helpers/url_helper.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) mode change 100644 => 100755 system/helpers/url_helper.php (limited to 'system') diff --git a/system/helpers/url_helper.php b/system/helpers/url_helper.php old mode 100644 new mode 100755 index d0516cee6..0431e0b4b --- a/system/helpers/url_helper.php +++ b/system/helpers/url_helper.php @@ -509,7 +509,7 @@ if ( ! function_exists('url_title')) $str = strtolower($str); } - return trim(stripslashes($str)); + return trim(trim(stripslashes($str)), $replace); } } -- cgit v1.2.3-24-g4f1b From a1a8ef711ec179a183a32f6cf4502ddc48782a84 Mon Sep 17 00:00:00 2001 From: Alex Bilbie Date: Sun, 21 Aug 2011 15:44:10 +0100 Subject: Revert 43194ea1af658914a89ca49aed4dca4617b9c4ff^..HEAD --- system/libraries/Cart.php | 10 ++++---- system/libraries/Session.php | 59 +++++++++++--------------------------------- 2 files changed, 19 insertions(+), 50 deletions(-) (limited to 'system') diff --git a/system/libraries/Cart.php b/system/libraries/Cart.php index 1caef49cd..b2eaa9ad7 100644 --- a/system/libraries/Cart.php +++ b/system/libraries/Cart.php @@ -59,9 +59,9 @@ class CI_Cart { $this->CI->load->library('session', $config); // Grab the shopping cart array from the session table, if it exists - if ($this->CI->session->get('cart_contents') !== FALSE) + if ($this->CI->session->userdata('cart_contents') !== FALSE) { - $this->_cart_contents = $this->CI->session->get('cart_contents'); + $this->_cart_contents = $this->CI->session->userdata('cart_contents'); } else { @@ -397,7 +397,7 @@ class CI_Cart { // Is our cart empty? If so we delete it from the session if (count($this->_cart_contents) <= 2) { - $this->CI->session->rm('cart_contents'); + $this->CI->session->unset_userdata('cart_contents'); // Nothing more to do... coffee time! return FALSE; @@ -405,7 +405,7 @@ class CI_Cart { // If we made it this far it means that our cart has data. // Let's pass it to the Session class so it can be stored - $this->CI->session->set(array('cart_contents' => $this->_cart_contents)); + $this->CI->session->set_userdata(array('cart_contents' => $this->_cart_contents)); // Woot! return TRUE; @@ -541,7 +541,7 @@ class CI_Cart { $this->_cart_contents['cart_total'] = 0; $this->_cart_contents['total_items'] = 0; - $this->CI->session->rm('cart_contents'); + $this->CI->session->unset_userdata('cart_contents'); } diff --git a/system/libraries/Session.php b/system/libraries/Session.php index 3203468b2..2c8a80163 100644 --- a/system/libraries/Session.php +++ b/system/libraries/Session.php @@ -395,7 +395,7 @@ class CI_Session { * @access public * @return void */ - function destroy() + function sess_destroy() { // Kill the session DB row if ($this->sess_use_database === TRUE AND isset($this->userdata['session_id'])) @@ -424,7 +424,7 @@ class CI_Session { * @param string * @return string */ - function get($item) + function userdata($item) { return ( ! isset($this->userdata[$item])) ? FALSE : $this->userdata[$item]; } @@ -437,7 +437,7 @@ class CI_Session { * @access public * @return array */ - function get_all() + function all_userdata() { return $this->userdata; } @@ -452,7 +452,7 @@ class CI_Session { * @param string * @return void */ - function set($newdata = array(), $newval = '') + function set_userdata($newdata = array(), $newval = '') { if (is_string($newdata)) { @@ -478,7 +478,7 @@ class CI_Session { * @access array * @return void */ - function rm($newdata = array()) + function unset_userdata($newdata = array()) { if (is_string($newdata)) { @@ -519,7 +519,7 @@ class CI_Session { foreach ($newdata as $key => $val) { $flashdata_key = $this->flashdata_key.':new:'.$key; - $this->set($flashdata_key, $val); + $this->set_userdata($flashdata_key, $val); } } } @@ -540,10 +540,10 @@ class CI_Session { // Note the function will return FALSE if the $key // provided cannot be found $old_flashdata_key = $this->flashdata_key.':old:'.$key; - $value = $this->get($old_flashdata_key); + $value = $this->userdata($old_flashdata_key); $new_flashdata_key = $this->flashdata_key.':new:'.$key; - $this->set($new_flashdata_key, $value); + $this->set_userdata($new_flashdata_key, $value); } // ------------------------------------------------------------------------ @@ -558,7 +558,7 @@ class CI_Session { function flashdata($key) { $flashdata_key = $this->flashdata_key.':old:'.$key; - return $this->get($flashdata_key); + return $this->userdata($flashdata_key); } // ------------------------------------------------------------------------ @@ -572,15 +572,15 @@ class CI_Session { */ function _flashdata_mark() { - $userdata = $this->get_all(); + $userdata = $this->all_userdata(); foreach ($userdata as $name => $value) { $parts = explode(':new:', $name); if (is_array($parts) && count($parts) === 2) { $new_name = $this->flashdata_key.':old:'.$parts[1]; - $this->set($new_name, $value); - $this->unset($name); + $this->set_userdata($new_name, $value); + $this->unset_userdata($name); } } } @@ -596,12 +596,12 @@ class CI_Session { function _flashdata_sweep() { - $userdata = $this->get_all(); + $userdata = $this->all_userdata(); foreach ($userdata as $key => $value) { if (strpos($key, ':old:')) { - $this->unset($key); + $this->unset_userdata($key); } } @@ -767,37 +767,6 @@ class CI_Session { log_message('debug', 'Session garbage collection performed.'); } } - - // -------------------------------------------------------------------- - - /** - * Backwards compatible functions - */ - - function userdata($item) - { - return $this->get($item); - } - - function all_userdata() - { - return $this->get_all(); - } - - function set_userdata($newdata) - { - $this->set($newdata); - } - - function unset_userdata($newdata) - { - $this->rm($newdata); - } - - function sess_destroy() - { - $this->destroy(); - } } -- cgit v1.2.3-24-g4f1b From aeb2c3e532e78be9ac78ba6fd4a305b7be31d2ab Mon Sep 17 00:00:00 2001 From: Alex Bilbie Date: Sun, 21 Aug 2011 16:14:54 +0100 Subject: Added new config parameter "csrf_exclude_uris" which allows for URIs to be whitelisted from CSRF verification. Fixes #149 --- system/core/Security.php | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) (limited to 'system') diff --git a/system/core/Security.php b/system/core/Security.php index 3617cadcc..efd30eb14 100644 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -93,6 +93,16 @@ class CI_Security { { return $this->csrf_set_cookie(); } + + // Check if URI has been whitelisted from CSRF checks + if ($exclude_uris = config_item('csrf_exclude_uris')) + { + $uri = load_class('URI', 'core'); + if (in_array($uri->uri_string(), $exclude_uris)) + { + return $this; + } + } // Do the tokens exist in both the _POST and _COOKIE arrays? if ( ! isset($_POST[$this->_csrf_token_name]) OR @@ -116,7 +126,7 @@ class CI_Security { $this->_csrf_set_hash(); $this->csrf_set_cookie(); - log_message('debug', "CSRF token verified "); + log_message('debug', "CSRF token verified"); return $this; } -- cgit v1.2.3-24-g4f1b From 52c10b68c275248eb7e12ec1d039876cd5f81f11 Mon Sep 17 00:00:00 2001 From: John Bellone Date: Sun, 21 Aug 2011 11:41:32 -0400 Subject: Making changes to stop remote spoofing --- system/core/Input.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'system') diff --git a/system/core/Input.php b/system/core/Input.php index cfbef942d..365f779de 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -287,13 +287,13 @@ class CI_Input { $this->ip_address = in_array($_SERVER['REMOTE_ADDR'], $proxies) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR']; } - elseif ($this->server('REMOTE_ADDR') AND $this->server('HTTP_CLIENT_IP')) + elseif ($this->server('REMOTE_ADDR') AND ! $this->server('HTTP_CLIENT_IP')) { - $this->ip_address = $_SERVER['HTTP_CLIENT_IP']; + $this->ip_address = $_SERVER['REMOTE_ADDR']; } - elseif ($this->server('REMOTE_ADDR')) + elseif ($this->server('REMOTE_ADDR') AND $this->server('HTTP_CLIENT_IP')) { - $this->ip_address = $_SERVER['REMOTE_ADDR']; + $this->ip_address = $_SERVER['HTTP_CLIENT_IP']; } elseif ($this->server('HTTP_CLIENT_IP')) { -- cgit v1.2.3-24-g4f1b From 16f27b402049dc2ff0cc09faf4885aee944ba639 Mon Sep 17 00:00:00 2001 From: John Bellone Date: Sun, 21 Aug 2011 11:45:11 -0400 Subject: Changed order --- system/core/Input.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system') diff --git a/system/core/Input.php b/system/core/Input.php index 365f779de..df9d2a5b7 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -287,7 +287,7 @@ class CI_Input { $this->ip_address = in_array($_SERVER['REMOTE_ADDR'], $proxies) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR']; } - elseif ($this->server('REMOTE_ADDR') AND ! $this->server('HTTP_CLIENT_IP')) + elseif (! $this->server('HTTP_CLIENT_IP') AND $this->server('REMOTE_ADDR')) { $this->ip_address = $_SERVER['REMOTE_ADDR']; } -- cgit v1.2.3-24-g4f1b From ab57a3520eafacaf2f130b3f4778a57a632fac1c Mon Sep 17 00:00:00 2001 From: Shane Pearson Date: Mon, 22 Aug 2011 16:11:20 -0500 Subject: Fix #8 - Load core classes from the application folder first. --- system/core/Common.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'system') diff --git a/system/core/Common.php b/system/core/Common.php index db9fbeb9f..3c62403ac 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -132,9 +132,9 @@ if ( ! function_exists('load_class')) $name = FALSE; - // Look for the class first in the native system/libraries folder - // thenin the local application/libraries folder - foreach (array(BASEPATH, APPPATH) as $path) + // Look for the class first in the local application/libraries folder + // then in the native system/libraries folder + foreach (array(APPPATH, BASEPATH) as $path) { if (file_exists($path.$directory.'/'.$class.'.php')) { -- cgit v1.2.3-24-g4f1b From 665baec264c04fb3284e313d59e102b2bf041e37 Mon Sep 17 00:00:00 2001 From: Shane Pearson Date: Mon, 22 Aug 2011 18:52:19 -0500 Subject: make _ci_autoloader() protected so it can be properly extended. --- system/core/Loader.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system') diff --git a/system/core/Loader.php b/system/core/Loader.php index 452dc0b4c..de0fc06d2 100755 --- a/system/core/Loader.php +++ b/system/core/Loader.php @@ -1106,7 +1106,7 @@ class CI_Loader { * @param array * @return void */ - private function _ci_autoloader() + protected function _ci_autoloader() { if (defined('ENVIRONMENT') AND file_exists(APPPATH.'config/'.ENVIRONMENT.'/autoload.php')) { -- cgit v1.2.3-24-g4f1b From f31895096e821c694670b62180b7a5c309b62a9b Mon Sep 17 00:00:00 2001 From: Eric Barnes Date: Tue, 23 Aug 2011 21:40:59 -0400 Subject: Changed doc block options. Fixes #100 --- system/helpers/url_helper.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system') diff --git a/system/helpers/url_helper.php b/system/helpers/url_helper.php index 9f4b85248..09d975621 100644 --- a/system/helpers/url_helper.php +++ b/system/helpers/url_helper.php @@ -527,7 +527,7 @@ if ( ! function_exists('url_title')) * * @access public * @param string the URL - * @param string the method: location or redirect + * @param string the method: location or refresh * @return string */ if ( ! function_exists('redirect')) -- cgit v1.2.3-24-g4f1b From fbac8b4553942db4be52e872d9fd68717e5006e4 Mon Sep 17 00:00:00 2001 From: kenjis Date: Thu, 25 Aug 2011 10:51:44 +0900 Subject: add html_escape() function to escape HTML. --- system/core/Common.php | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) (limited to 'system') diff --git a/system/core/Common.php b/system/core/Common.php index 3c62403ac..d79375475 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -536,5 +536,29 @@ if ( ! function_exists('remove_invisible_characters')) } } +// ------------------------------------------------------------------------ + +/** +* Returns HTML escaped variable +* +* @access public +* @param mixed +* @return mixed +*/ +if ( ! function_exists('html_escape')) +{ + function html_escape($var) + { + if (is_array($var)) + { + return array_map('html_escape', $var); + } + else + { + return htmlspecialchars($var, ENT_QUOTES, config_item('charset')); + } + } +} + /* End of file Common.php */ /* Location: ./system/core/Common.php */ \ No newline at end of file -- cgit v1.2.3-24-g4f1b From 373043fef2723d7cbdd768d1930363ac6fecba68 Mon Sep 17 00:00:00 2001 From: Frank Michel Date: Thu, 25 Aug 2011 00:11:00 -0400 Subject: fix for issue #292 with multiple language files --- system/core/Lang.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'system') diff --git a/system/core/Lang.php b/system/core/Lang.php index 5ac671838..e140a6a60 100755 --- a/system/core/Lang.php +++ b/system/core/Lang.php @@ -112,7 +112,7 @@ class CI_Lang { } - if ( ! isset($lang)) + if ( ! isset($lang) || ! is_array($lang)) { log_message('error', 'Language file contains no data: language/'.$idiom.'/'.$langfile); return; @@ -124,7 +124,7 @@ class CI_Lang { } $this->is_loaded[] = $langfile; - $this->language = array_merge($this->language, $lang); + $this->language = $this->language + $lang; unset($lang); log_message('debug', 'Language file loaded: language/'.$idiom.'/'.$langfile); -- cgit v1.2.3-24-g4f1b From cb272b60e55882246677db929bc2e0a58f31397d Mon Sep 17 00:00:00 2001 From: Frank Michel Date: Thu, 25 Aug 2011 10:59:55 -0400 Subject: fixed logical operator OR in core/lang --- system/core/Lang.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system') diff --git a/system/core/Lang.php b/system/core/Lang.php index e140a6a60..d61d1029a 100755 --- a/system/core/Lang.php +++ b/system/core/Lang.php @@ -112,7 +112,7 @@ class CI_Lang { } - if ( ! isset($lang) || ! is_array($lang)) + if ( ! isset($lang) OR ! is_array($lang)) { log_message('error', 'Language file contains no data: language/'.$idiom.'/'.$langfile); return; -- cgit v1.2.3-24-g4f1b From eaa5541deb9409d936f77d24d696cf977ef505df Mon Sep 17 00:00:00 2001 From: Michiel Vugteveen Date: Thu, 25 Aug 2011 21:22:49 +0200 Subject: oci8 driver escape string quotes fix --- system/database/drivers/oci8/oci8_driver.php | 1 + 1 file changed, 1 insertion(+) (limited to 'system') diff --git a/system/database/drivers/oci8/oci8_driver.php b/system/database/drivers/oci8/oci8_driver.php index 42cfaaefb..d4adfd528 100644 --- a/system/database/drivers/oci8/oci8_driver.php +++ b/system/database/drivers/oci8/oci8_driver.php @@ -404,6 +404,7 @@ class CI_DB_oci8_driver extends CI_DB { } $str = remove_invisible_characters($str); + $str = str_replace("'", "''", $str); // escape LIKE condition wildcards if ($like === TRUE) -- cgit v1.2.3-24-g4f1b From 84d76ea2559ddd72b5d1ddbe6fa38e88d9b20c16 Mon Sep 17 00:00:00 2001 From: Michiel Vugteveen Date: Thu, 25 Aug 2011 21:25:12 +0200 Subject: odbc called incorrect parent in construct --- system/database/drivers/odbc/odbc_driver.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system') diff --git a/system/database/drivers/odbc/odbc_driver.php b/system/database/drivers/odbc/odbc_driver.php index 5e764e071..08cd27b6c 100644 --- a/system/database/drivers/odbc/odbc_driver.php +++ b/system/database/drivers/odbc/odbc_driver.php @@ -50,7 +50,7 @@ class CI_DB_odbc_driver extends CI_DB { function CI_DB_odbc_driver($params) { - parent::CI_DB($params); + parent::CI_DB_driver($params); $this->_random_keyword = ' RND('.time().')'; // database specific random keyword } -- cgit v1.2.3-24-g4f1b From f7345e4f5f6e44886eac337d8da064f541df8b9a Mon Sep 17 00:00:00 2001 From: Paul Date: Sat, 27 Aug 2011 06:51:16 +1200 Subject: changed private functions to protected so MY_URI can override them. --- system/core/URI.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'system') diff --git a/system/core/URI.php b/system/core/URI.php index a3ae20cc3..8946bc76b 100755 --- a/system/core/URI.php +++ b/system/core/URI.php @@ -175,7 +175,7 @@ class CI_URI { * @access private * @return string */ - private function _detect_uri() + protected function _detect_uri() { if ( ! isset($_SERVER['REQUEST_URI']) OR ! isset($_SERVER['SCRIPT_NAME'])) { @@ -232,7 +232,7 @@ class CI_URI { * @access private * @return string */ - private function _parse_cli_args() + protected function _parse_cli_args() { $args = array_slice($_SERVER['argv'], 1); -- cgit v1.2.3-24-g4f1b From 901998a9a517d96faff5c24fb40f98961f83c3cd Mon Sep 17 00:00:00 2001 From: Phil Sturgeon Date: Fri, 26 Aug 2011 10:03:33 +0100 Subject: Removed some error suppression, which would hide a Notice if the path cannot be read. I discovered this by foolishly passing the file_path, not the full_path but took forever for me to realise this as the error returned (thanks to this error suppression) was "GD is not installed" instead of "File cannot be read". Seeing that notice would have made much more sense. --- system/libraries/Image_lib.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system') diff --git a/system/libraries/Image_lib.php b/system/libraries/Image_lib.php index 8902f524d..a8a0387d8 100644 --- a/system/libraries/Image_lib.php +++ b/system/libraries/Image_lib.php @@ -1334,7 +1334,7 @@ class CI_Image_lib { return FALSE; } - $vals = @getimagesize($path); + $vals = getimagesize($path); $types = array(1 => 'gif', 2 => 'jpeg', 3 => 'png'); -- cgit v1.2.3-24-g4f1b From b183ece10dcde599c04af412f0f5c1c776ed29d8 Mon Sep 17 00:00:00 2001 From: Eric Barnes Date: Fri, 26 Aug 2011 14:42:52 -0400 Subject: Changed CI_VERSION to represent develop branch --- system/core/CodeIgniter.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system') diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php index 0a1391d18..aca4fb23c 100755 --- a/system/core/CodeIgniter.php +++ b/system/core/CodeIgniter.php @@ -39,7 +39,7 @@ * @var string * */ - define('CI_VERSION', '2.0.2'); + define('CI_VERSION', '2.1.0-dev'); /** * CodeIgniter Branch (Core = TRUE, Reactor = FALSE) -- cgit v1.2.3-24-g4f1b From 8cc0cfe1ab1e10aad71d14e0b43e05444c00693d Mon Sep 17 00:00:00 2001 From: freewil Date: Sat, 27 Aug 2011 21:53:00 -0400 Subject: always use charset config item --- system/core/Security.php | 3 ++- system/helpers/form_helper.php | 7 ++----- system/helpers/typography_helper.php | 5 ++++- 3 files changed, 8 insertions(+), 7 deletions(-) (limited to 'system') diff --git a/system/core/Security.php b/system/core/Security.php index 342455f27..cc21ddc91 100755 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -525,9 +525,10 @@ class CI_Security { * @param string * @return string */ - public function entity_decode($str, $charset='UTF-8') + public function entity_decode($str, $charset = NULL) { if (stristr($str, '&') === FALSE) return $str; + if (empty($charset)) $charset = config_item('charset'); // The reason we are not using html_entity_decode() by itself is because // while it is not technically correct to leave out the semicolon diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php index d9305c00b..130daee6a 100644 --- a/system/helpers/form_helper.php +++ b/system/helpers/form_helper.php @@ -642,11 +642,8 @@ if ( ! function_exists('form_prep')) { return $str; } - - $str = htmlspecialchars($str); - - // In case htmlspecialchars misses these. - $str = str_replace(array("'", '"'), array("'", """), $str); + + $str = html_escape($str); if ($field_name != '') { diff --git a/system/helpers/typography_helper.php b/system/helpers/typography_helper.php index 19b4eec03..0bb0938a4 100644 --- a/system/helpers/typography_helper.php +++ b/system/helpers/typography_helper.php @@ -82,9 +82,12 @@ if ( ! function_exists('auto_typography')) */ if ( ! function_exists('entity_decode')) { - function entity_decode($str, $charset='UTF-8') + function entity_decode($str, $charset = NULL) { global $SEC; + + if (empty($charset)) $charset = config_item('charset'); + return $SEC->entity_decode($str, $charset); } } -- cgit v1.2.3-24-g4f1b From dae42fa65fc65e43d704f1a6c139e985e93486f4 Mon Sep 17 00:00:00 2001 From: bubbafoley Date: Sun, 28 Aug 2011 00:54:24 -0500 Subject: Fix the default migration path. --- system/libraries/Migration.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system') diff --git a/system/libraries/Migration.php b/system/libraries/Migration.php index 3943ec130..3734e18f5 100644 --- a/system/libraries/Migration.php +++ b/system/libraries/Migration.php @@ -57,7 +57,7 @@ class CI_Migration { } // If not set, set it - $this->_migration_path == '' OR $this->_migration_path = APPPATH . 'migrations/'; + $this->_migration_path == '' AND $this->_migration_path = APPPATH . 'migrations/'; // Add trailing slash if not set $this->_migration_path = rtrim($this->_migration_path, '/').'/'; -- cgit v1.2.3-24-g4f1b From 4c907236af3b6dc11a7b4989ece1c84a26483c46 Mon Sep 17 00:00:00 2001 From: Phil Sturgeon Date: Sun, 28 Aug 2011 17:11:03 +0100 Subject: Fixed recent change to $this->db->field_data() which errored for field types without constraints. It now uses a less expecting regex and defaults to NULL. --- system/database/drivers/mysql/mysql_result.php | 4 ++-- system/database/drivers/mysqli/mysqli_result.php | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) (limited to 'system') diff --git a/system/database/drivers/mysql/mysql_result.php b/system/database/drivers/mysql/mysql_result.php index 2d2905c98..6ceaf4b9b 100644 --- a/system/database/drivers/mysql/mysql_result.php +++ b/system/database/drivers/mysql/mysql_result.php @@ -86,10 +86,10 @@ class CI_DB_mysql_result extends CI_DB_result { $retval = array(); while ($field = mysql_fetch_object($this->result_id)) { - preg_match('/([a-zA-Z]+)\((\d+)\)/', $field->Type, $matches); + preg_match('/([a-zA-Z]+)(\((\d+)\))?/i', $field->Type, $matches); $type = $matches[1]; - $length = (int)$matches[2]; + $length = isset($matches[3]) ? (int) $matches[3] : NULL; $F = new stdClass(); $F->name = $field->Field; diff --git a/system/database/drivers/mysqli/mysqli_result.php b/system/database/drivers/mysqli/mysqli_result.php index ac863056a..bbfb8481a 100644 --- a/system/database/drivers/mysqli/mysqli_result.php +++ b/system/database/drivers/mysqli/mysqli_result.php @@ -86,10 +86,10 @@ class CI_DB_mysqli_result extends CI_DB_result { $retval = array(); while ($field = mysqli_fetch_object($this->result_id)) { - preg_match('/([a-zA-Z]+)\((\d+)\)/', $field->Type, $matches); + preg_match('/([a-zA-Z]+)(\((\d+)\))?/i', $field->Type, $matches); $type = $matches[1]; - $length = (int)$matches[2]; + $length = isset($matches[3]) ? (int) $matches[3] : NULL; $F = new stdClass(); $F->name = $field->Field; -- cgit v1.2.3-24-g4f1b From 5c9b0d1b5618ade5c6aa70475b08b3066f14ff3e Mon Sep 17 00:00:00 2001 From: freewil Date: Sun, 28 Aug 2011 12:15:23 -0400 Subject: always use charset config item --- system/core/Security.php | 11 +++++++++-- system/helpers/typography_helper.php | 7 ++++--- 2 files changed, 13 insertions(+), 5 deletions(-) (limited to 'system') diff --git a/system/core/Security.php b/system/core/Security.php index cc21ddc91..e99418bdd 100755 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -527,8 +527,15 @@ class CI_Security { */ public function entity_decode($str, $charset = NULL) { - if (stristr($str, '&') === FALSE) return $str; - if (empty($charset)) $charset = config_item('charset'); + if (stristr($str, '&') === FALSE) + { + return $str; + } + + if (empty($charset)) + { + $charset = config_item('charset'); + } // The reason we are not using html_entity_decode() by itself is because // while it is not technically correct to leave out the semicolon diff --git a/system/helpers/typography_helper.php b/system/helpers/typography_helper.php index 0bb0938a4..82e686e53 100644 --- a/system/helpers/typography_helper.php +++ b/system/helpers/typography_helper.php @@ -39,9 +39,7 @@ if ( ! function_exists('nl2br_except_pre')) function nl2br_except_pre($str) { $CI =& get_instance(); - $CI->load->library('typography'); - return $CI->typography->nl2br_except_pre($str); } } @@ -86,7 +84,10 @@ if ( ! function_exists('entity_decode')) { global $SEC; - if (empty($charset)) $charset = config_item('charset'); + if (empty($charset)) + { + $charset = config_item('charset'); + } return $SEC->entity_decode($str, $charset); } -- cgit v1.2.3-24-g4f1b