From 6ef498b49946ba74d610b3805fb908b163a7f03a Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 5 Jun 2012 22:01:58 +0300 Subject: Added get_mimes() function to system/core/Commons.php.The MIMEs array from config/mimes.php is used by multiple core classes, libraries and helpers and each of them has implemented an own way of getting it, which is not needed and is hard to maintain. This also fixes issue #1411 --- user_guide_src/source/general/common_functions.rst | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'user_guide_src/source/general/common_functions.rst') diff --git a/user_guide_src/source/general/common_functions.rst b/user_guide_src/source/general/common_functions.rst index 70563b8d2..99126f900 100644 --- a/user_guide_src/source/general/common_functions.rst +++ b/user_guide_src/source/general/common_functions.rst @@ -79,3 +79,8 @@ html_escape($mixed) This function provides short cut for htmlspecialchars() function. It accepts string and array. To prevent Cross Site Scripting (XSS), it is very useful. + +get_mimes() +============= + +This function returns the MIMEs array from config/mimes.php. \ No newline at end of file -- cgit v1.2.3-24-g4f1b From 3fb026713013b60845c4cfe633a8a59a30b9c7dd Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 22 Oct 2012 16:48:01 +0300 Subject: Add is_https() as a common function --- user_guide_src/source/general/common_functions.rst | 26 +++++++++++++--------- 1 file changed, 16 insertions(+), 10 deletions(-) (limited to 'user_guide_src/source/general/common_functions.rst') diff --git a/user_guide_src/source/general/common_functions.rst b/user_guide_src/source/general/common_functions.rst index 99126f900..f3d48ac91 100644 --- a/user_guide_src/source/general/common_functions.rst +++ b/user_guide_src/source/general/common_functions.rst @@ -7,7 +7,7 @@ defined, and are available to you at any point. These do not require loading any libraries or helpers. is_php('version_number') -========================== +======================== is_php() determines of the PHP version being used is greater than the supplied version_number. @@ -24,7 +24,7 @@ greater than the supplied version number. Returns FALSE if the installed version of PHP is lower than the supplied version number. is_really_writable('path/to/file') -==================================== +================================== is_writable() returns TRUE on Windows servers when you really can't write to the file as the OS reports to PHP as FALSE only if the @@ -44,7 +44,7 @@ recommended on platforms where this information may be unreliable. } config_item('item_key') -========================= +======================= The :doc:`Config library <../libraries/config>` is the preferred way of accessing configuration information, however config_item() can be used @@ -56,8 +56,8 @@ show_error('message'), show_404('page'), log_message('level', 'message') These are each outlined on the :doc:`Error Handling ` page. -set_status_header(code, 'text'); -================================ +set_status_header(code, 'text') +=============================== Permits you to manually set a server status header. Example:: @@ -68,19 +68,25 @@ Permits you to manually set a server status header. Example:: a full list of headers. remove_invisible_characters($str) -=================================== +================================= This function prevents inserting null characters between ascii characters, like Java\\0script. html_escape($mixed) -==================== +=================== -This function provides short cut for htmlspecialchars() function. It +This function provides short cut for ``htmlspecialchars()`` function. It accepts string and array. To prevent Cross Site Scripting (XSS), it is very useful. get_mimes() -============= +=========== -This function returns the MIMEs array from config/mimes.php. \ No newline at end of file +This function returns the MIMEs array *from config/mimes.php*. + +is_https() +========== + +Returns TRUE if a secure (HTTPS) connection is used and FALSE +in any other case (including non-HTTP requests). \ No newline at end of file -- cgit v1.2.3-24-g4f1b From 7b18a3f268ba622cf938ac460d07bd58cb1eea06 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sun, 4 Nov 2012 20:27:35 +0200 Subject: Fix #708 --- user_guide_src/source/general/common_functions.rst | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) (limited to 'user_guide_src/source/general/common_functions.rst') diff --git a/user_guide_src/source/general/common_functions.rst b/user_guide_src/source/general/common_functions.rst index f3d48ac91..7f327f00b 100644 --- a/user_guide_src/source/general/common_functions.rst +++ b/user_guide_src/source/general/common_functions.rst @@ -46,10 +46,14 @@ recommended on platforms where this information may be unreliable. config_item('item_key') ======================= -The :doc:`Config library <../libraries/config>` is the preferred way of -accessing configuration information, however config_item() can be used -to retrieve single keys. See Config library documentation for more -information. +The :doc:`Config Library <../libraries/config>` is the preferred way of +accessing configuration information, however ``config_item()`` can be used +to retrieve single keys. See :doc:`Config Library <../libraries/config>` +documentation for more information. + +.. important:: This function only returns values set in your configuration + files. It does not take into account config values that are + dynamically set at runtime. show_error('message'), show_404('page'), log_message('level', 'message') ======================================================================== -- cgit v1.2.3-24-g4f1b From e9d2dc85b9cb255aae235635576972e4b7dbd5a8 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 7 Nov 2012 14:23:29 +0200 Subject: Added function_usable() to common functions It is now used to check whether dangerous functions like eval() and exec() are available. It appears that the Suhosin extension (which is becoming popular) terminates script execution instead of returning e.g. FALSE when it has a function blacklisted. function_exists() checks are insufficient and our only option is to check the ini settings here. Filed an issue here: https://github.com/stefanesser/suhosin/issues/18 ... hopefully we'll be able to deal with this in a more elegant way in the future. (this commit supersedes PR #1809) --- user_guide_src/source/general/common_functions.rst | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) (limited to 'user_guide_src/source/general/common_functions.rst') diff --git a/user_guide_src/source/general/common_functions.rst b/user_guide_src/source/general/common_functions.rst index 7f327f00b..22f8d1942 100644 --- a/user_guide_src/source/general/common_functions.rst +++ b/user_guide_src/source/general/common_functions.rst @@ -93,4 +93,17 @@ is_https() ========== Returns TRUE if a secure (HTTPS) connection is used and FALSE -in any other case (including non-HTTP requests). \ No newline at end of file +in any other case (including non-HTTP requests). + +function_usable($function_name) +=============================== + +Returns TRUE if a function exists and is usable, FALSE otherwise. + +This function runs a ``function_exists()`` check and if the +`Suhosin extension ` is loaded, +checks if it doesn't disable the function being checked. + +It is useful if you want to check for the availability of functions +such as ``eval()`` and ``exec()``, which are dangerous and might be +disabled on servers with highly restrictive security policies. \ No newline at end of file -- cgit v1.2.3-24-g4f1b From 1bc30260d8bd35a958f3d7b899f68c95d69c9e75 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 9 Nov 2012 11:30:51 +0200 Subject: Polish the Common functions documentation --- user_guide_src/source/general/common_functions.rst | 150 ++++++++++++++++----- 1 file changed, 119 insertions(+), 31 deletions(-) (limited to 'user_guide_src/source/general/common_functions.rst') diff --git a/user_guide_src/source/general/common_functions.rst b/user_guide_src/source/general/common_functions.rst index 22f8d1942..66dabd95e 100644 --- a/user_guide_src/source/general/common_functions.rst +++ b/user_guide_src/source/general/common_functions.rst @@ -6,45 +6,62 @@ CodeIgniter uses a few functions for its operation that are globally defined, and are available to you at any point. These do not require loading any libraries or helpers. -is_php('version_number') -======================== +is_php() +======== -is_php() determines of the PHP version being used is greater than the -supplied version_number. +.. php:function:: is_php($version = '5.3.0') -:: + :param string $version: Version number + :returns: bool - if (is_php('5.3.0')) +Determines of the PHP version being used is greater than the +supplied version number. + +Example:: + + if (is_php('5.3')) { - $str = quoted_printable_encode($str); + $str = quoted_printable_encode($str); } Returns boolean TRUE if the installed version of PHP is equal to or greater than the supplied version number. Returns FALSE if the installed version of PHP is lower than the supplied version number. -is_really_writable('path/to/file') -================================== +is_really_writable() +==================== + +.. php:function:: is_really_writeable($file) -is_writable() returns TRUE on Windows servers when you really can't + :param string $file: File path + :returns: bool + +``is_writable()`` returns TRUE on Windows servers when you really can't write to the file as the OS reports to PHP as FALSE only if the -read-only attribute is marked. This function determines if a file is -actually writable by attempting to write to it first. Generally only -recommended on platforms where this information may be unreliable. +read-only attribute is marked. + +This function determines if a file is actually writable by attempting +to write to it first. Generally only recommended on platforms where +this information may be unreliable. -:: +Example:: if (is_really_writable('file.txt')) { - echo "I could write to this if I wanted to"; + echo "I could write to this if I wanted to"; } else { - echo "File is not writable"; + echo "File is not writable"; } -config_item('item_key') -======================= +config_item() +============= + +.. php:function:: config_item($key) + + :param string $key: Config item key + :returns: mixed The :doc:`Config Library <../libraries/config>` is the preferred way of accessing configuration information, however ``config_item()`` can be used @@ -55,14 +72,53 @@ documentation for more information. files. It does not take into account config values that are dynamically set at runtime. -show_error('message'), show_404('page'), log_message('level', 'message') -======================================================================== +show_error() +============ + +.. php:function:: show_error($message, $status_code, $heading = 'An Error Was Encountered') + + :param mixed $message: Error message + :param int $status_code: HTTP Response status code + :param string $heading: Error page heading + :returns: void + +This function calls ``CI_Exception::show_error()``. For more info, +please see the :doc:`Error Handling ` documentation. + +show_404() +========== + +.. php:function:: show_404($page = '', $log_error = TRUE) + + :param string $page: URI string + :param bool $log_error: Whether to log the error + :returns: void + +This function calls ``CI_Exception::show_404()``. For more info, +please see the :doc:`Error Handling ` documentation. + +log_message() +============= + +.. php:function:: log_message($level = 'error', $message, $php_error = FALSE) -These are each outlined on the :doc:`Error Handling ` page. + :param string $level: Log level + :param string $message: Message to log + :param bool $php_error: Whether we're loggin a native PHP error message + :returns: void -set_status_header(code, 'text') +This function is an alias for ``CI_Log::write_log()``. For more info, +please see the :doc:`Error Handling ` documentation. + +set_status_header() =============================== +.. php:function:: set_status_header($code, $text = '') + + :param int $code: HTTP Reponse status code + :param string $text: A custom message to set with the status code + :returns: void + Permits you to manually set a server status header. Example:: set_status_header(401); @@ -71,33 +127,65 @@ Permits you to manually set a server status header. Example:: `See here `_ for a full list of headers. -remove_invisible_characters($str) -================================= +remove_invisible_characters() +============================= + +.. php:function:: remove_invisible_characters($str, $url_encoded = TRUE) -This function prevents inserting null characters between ascii + :param string $str: Input string + :param bool $url_encoded: Whether to remove URL-encoded characters as well + :returns: string + +This function prevents inserting NULL characters between ASCII characters, like Java\\0script. -html_escape($mixed) -=================== +Example:: + + remove_invisible_characters('Java\\0script'); + // Returns: 'Javascript' + +html_escape() +============= + +.. php:function:: html_escape($var) -This function provides short cut for ``htmlspecialchars()`` function. It -accepts string and array. To prevent Cross Site Scripting (XSS), it is -very useful. + :param mixed $var: Variable to escape + (string or array) + :returns: mixed + +This function acts as an alias for PHP's native ``htmlspecialchars()`` +function, with the advantage of being able to accept an array of strings. + +It is useful in preventing Cross Site Scripting (XSS). get_mimes() =========== -This function returns the MIMEs array *from config/mimes.php*. +.. php:function:: get_mimes() + + :returns: array + +This function returns a *reference* to the MIMEs array from +*application/config/mimes.php*. is_https() ========== +.. php:function:: is_https() + + :returns: bool + Returns TRUE if a secure (HTTPS) connection is used and FALSE in any other case (including non-HTTP requests). function_usable($function_name) =============================== +.. php:function:: function_usable($function_name) + + :param string $function_name: Function name + :returns: bool + Returns TRUE if a function exists and is usable, FALSE otherwise. This function runs a ``function_exists()`` check and if the -- cgit v1.2.3-24-g4f1b From 838a9d69a9139b6bcd6f8765fdd2d58b929e70ad Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 3 Dec 2012 14:37:47 +0200 Subject: [ci skip] Cleaned some spaces --- user_guide_src/source/general/common_functions.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'user_guide_src/source/general/common_functions.rst') diff --git a/user_guide_src/source/general/common_functions.rst b/user_guide_src/source/general/common_functions.rst index 66dabd95e..7917d3239 100644 --- a/user_guide_src/source/general/common_functions.rst +++ b/user_guide_src/source/general/common_functions.rst @@ -178,8 +178,8 @@ is_https() Returns TRUE if a secure (HTTPS) connection is used and FALSE in any other case (including non-HTTP requests). -function_usable($function_name) -=============================== +function_usable() +================= .. php:function:: function_usable($function_name) -- cgit v1.2.3-24-g4f1b