KingOfDog.de/old
Archived
1
0
Fork 0
Code Releases Activity

Update to CodeIgniter 3.19

Browse Source
This commit is contained in:
Marcel
2018-12-29 16:16:49 +01:00
parent b036b4d36e
commit d09ee2788d
159 changed files with 2508 additions and 1910 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
system/libraries/Cache/Cache.php
View File

@@ -6,7 +6,7 @@
*
* This content is released under the MIT License (MIT)
*
* Copyright (c) 2014 - 2016, British Columbia Institute of Technology
* Copyright (c) 2014 - 2018, British Columbia Institute of Technology
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
@@ -29,7 +29,7 @@
* @package CodeIgniter
* @author EllisLab Dev Team
* @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/)
* @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/)
* @copyright Copyright (c) 2014 - 2018, British Columbia Institute of Technology (http://bcit.ca/)
* @license http://opensource.org/licenses/MIT MIT License
* @link https://codeigniter.com
* @since Version 2.0.0

54
system/libraries/Cache/drivers/Cache_apc.php
View File

@@ -6,7 +6,7 @@
*
* This content is released under the MIT License (MIT)
*
* Copyright (c) 2014 - 2016, British Columbia Institute of Technology
* Copyright (c) 2014 - 2018, British Columbia Institute of Technology
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
@@ -29,7 +29,7 @@
* @package CodeIgniter
* @author EllisLab Dev Team
* @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/)
* @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/)
* @copyright Copyright (c) 2014 - 2018, British Columbia Institute of Technology (http://bcit.ca/)
* @license http://opensource.org/licenses/MIT MIT License
* @link https://codeigniter.com
* @since Version 2.0.0
@@ -80,14 +80,7 @@ class CI_Cache_apc extends CI_Driver {
$success = FALSE;
$data = apc_fetch($id, $success);
if ($success === TRUE)
{
return is_array($data)
? unserialize($data[0])
: $data;
}
return FALSE;
return ($success === TRUE) ? $data : FALSE;
}
// ------------------------------------------------------------------------
@@ -97,19 +90,13 @@ class CI_Cache_apc extends CI_Driver {
*
* @param string $id Cache ID
* @param mixed $data Data to store
* @param int $ttol Length of time (in seconds) to cache the data
* @param bool $raw Whether to store the raw value
* @param int $ttl Length of time (in seconds) to cache the data
* @param bool $raw Whether to store the raw value (unused)
* @return bool TRUE on success, FALSE on failure
*/
public function save($id, $data, $ttl = 60, $raw = FALSE)
{
$ttl = (int) $ttl;
return apc_store(
$id,
($raw === TRUE ? $data : array(serialize($data), time(), $ttl)),
$ttl
);
return apc_store($id, $data, (int) $ttl);
}
// ------------------------------------------------------------------------
@@ -188,21 +175,30 @@ class CI_Cache_apc extends CI_Driver {
*/
public function get_metadata($id)
{
$success = FALSE;
$stored = apc_fetch($id, $success);
if ($success === FALSE OR count($stored) !== 3)
$cache_info = apc_cache_info('user', FALSE);
if (empty($cache_info) OR empty($cache_info['cache_list']))
{
return FALSE;
}
list($data, $time, $ttl) = $stored;
foreach ($cache_info['cache_list'] as &$entry)
{
if ($entry['info'] !== $id)
{
continue;
}
return array(
'expire' => $time + $ttl,
'mtime' => $time,
'data' => unserialize($data)
);
$success = FALSE;
$metadata = array(
'expire' => ($entry['ttl'] ? $entry['mtime'] + $entry['ttl'] : 0),
'mtime' => $entry['ttl'],
'data' => apc_fetch($id, $success)
);
return ($success === TRUE) ? $metadata : FALSE;
}
return FALSE;
}
// ------------------------------------------------------------------------

4
system/libraries/Cache/drivers/Cache_dummy.php
View File

@@ -6,7 +6,7 @@
*
* This content is released under the MIT License (MIT)
*
* Copyright (c) 2014 - 2016, British Columbia Institute of Technology
* Copyright (c) 2014 - 2018, British Columbia Institute of Technology
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
@@ -29,7 +29,7 @@
* @package CodeIgniter
* @author EllisLab Dev Team
* @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/)
* @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/)
* @copyright Copyright (c) 2014 - 2018, British Columbia Institute of Technology (http://bcit.ca/)
* @license http://opensource.org/licenses/MIT MIT License
* @link https://codeigniter.com
* @since Version 2.0

12
system/libraries/Cache/drivers/Cache_file.php
View File

@@ -6,7 +6,7 @@
*
* This content is released under the MIT License (MIT)
*
* Copyright (c) 2014 - 2016, British Columbia Institute of Technology
* Copyright (c) 2014 - 2018, British Columbia Institute of Technology
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
@@ -29,7 +29,7 @@
* @package CodeIgniter
* @author EllisLab Dev Team
* @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/)
* @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/)
* @copyright Copyright (c) 2014 - 2018, British Columbia Institute of Technology (http://bcit.ca/)
* @license http://opensource.org/licenses/MIT MIT License
* @link https://codeigniter.com
* @since Version 2.0
@@ -120,7 +120,7 @@ class CI_Cache_file extends CI_Driver {
*/
public function delete($id)
{
return file_exists($this->_cache_path.$id) ? unlink($this->_cache_path.$id) : FALSE;
return is_file($this->_cache_path.$id) ? unlink($this->_cache_path.$id) : FALSE;
}
// ------------------------------------------------------------------------
@@ -216,7 +216,7 @@ class CI_Cache_file extends CI_Driver {
*/
public function get_metadata($id)
{
if ( ! file_exists($this->_cache_path.$id))
if ( ! is_file($this->_cache_path.$id))
{
return FALSE;
}
@@ -227,13 +227,13 @@ class CI_Cache_file extends CI_Driver {
{
$mtime = filemtime($this->_cache_path.$id);
if ( ! isset($data['ttl']))
if ( ! isset($data['ttl'], $data['time']))
{
return FALSE;
}
return array(
'expire' => $mtime + $data['ttl'],
'expire' => $data['time'] + $data['ttl'],
'mtime' => $mtime
);
}

22
system/libraries/Cache/drivers/Cache_memcached.php
View File

@@ -6,7 +6,7 @@
*
* This content is released under the MIT License (MIT)
*
* Copyright (c) 2014 - 2016, British Columbia Institute of Technology
* Copyright (c) 2014 - 2018, British Columbia Institute of Technology
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
@@ -29,7 +29,7 @@
* @package CodeIgniter
* @author EllisLab Dev Team
* @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/)
* @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/)
* @copyright Copyright (c) 2014 - 2018, British Columbia Institute of Technology (http://bcit.ca/)
* @license http://opensource.org/licenses/MIT MIT License
* @link https://codeigniter.com
* @since Version 2.0
@@ -110,7 +110,7 @@ class CI_Cache_memcached extends CI_Driver {
if ($this->_memcached instanceof Memcache)
{
// Third parameter is persistance and defaults to TRUE.
// Third parameter is persistence and defaults to TRUE.
$this->_memcached->addServer(
$cache_server['hostname'],
$cache_server['port'],
@@ -198,7 +198,12 @@ class CI_Cache_memcached extends CI_Driver {
*/
public function increment($id, $offset = 1)
{
return $this->_memcached->increment($id, $offset);
if (($result = $this->_memcached->increment($id, $offset)) === FALSE)
{
return $this->_memcached->add($id, $offset) ? $offset : FALSE;
}
return $result;
}
// ------------------------------------------------------------------------
@@ -212,7 +217,12 @@ class CI_Cache_memcached extends CI_Driver {
*/
public function decrement($id, $offset = 1)
{
return $this->_memcached->decrement($id, $offset);
if (($result = $this->_memcached->decrement($id, $offset)) === FALSE)
{
return $this->_memcached->add($id, 0) ? 0 : FALSE;
}
return $result;
}
// ------------------------------------------------------------------------
@@ -295,7 +305,7 @@ class CI_Cache_memcached extends CI_Driver {
{
$this->_memcached->close();
}
elseif ($this->_memcached instanceof Memcached)
elseif ($this->_memcached instanceof Memcached && method_exists($this->_memcached, 'quit'))
{
$this->_memcached->quit();
}

4
system/libraries/Cache/drivers/Cache_redis.php
View File

@@ -6,7 +6,7 @@
*
* This content is released under the MIT License (MIT)
*
* Copyright (c) 2014 - 2016, British Columbia Institute of Technology
* Copyright (c) 2014 - 2018, British Columbia Institute of Technology
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
@@ -29,7 +29,7 @@
* @package CodeIgniter
* @author EllisLab Dev Team
* @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/)
* @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/)
* @copyright Copyright (c) 2014 - 2018, British Columbia Institute of Technology (http://bcit.ca/)
* @license http://opensource.org/licenses/MIT MIT License
* @link https://codeigniter.com
* @since Version 3.0.0

4
system/libraries/Cache/drivers/Cache_wincache.php
View File

@@ -6,7 +6,7 @@
*
* This content is released under the MIT License (MIT)
*
* Copyright (c) 2014 - 2016, British Columbia Institute of Technology
* Copyright (c) 2014 - 2018, British Columbia Institute of Technology
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
@@ -29,7 +29,7 @@
* @package CodeIgniter
* @author EllisLab Dev Team
* @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/)
* @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/)
* @copyright Copyright (c) 2014 - 2018, British Columbia Institute of Technology (http://bcit.ca/)
* @license http://opensource.org/licenses/MIT MIT License
* @link https://codeigniter.com
* @since Version 3.0.0

4
system/libraries/Calendar.php
View File

@@ -6,7 +6,7 @@
*
* This content is released under the MIT License (MIT)
*
* Copyright (c) 2014 - 2016, British Columbia Institute of Technology
* Copyright (c) 2014 - 2018, British Columbia Institute of Technology
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
@@ -29,7 +29,7 @@
* @package CodeIgniter
* @author EllisLab Dev Team
* @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/)
* @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/)
* @copyright Copyright (c) 2014 - 2018, British Columbia Institute of Technology (http://bcit.ca/)
* @license http://opensource.org/licenses/MIT MIT License
* @link https://codeigniter.com
* @since Version 1.0.0

4
system/libraries/Cart.php
View File

@@ -6,7 +6,7 @@
*
* This content is released under the MIT License (MIT)
*
* Copyright (c) 2014 - 2016, British Columbia Institute of Technology
* Copyright (c) 2014 - 2018, British Columbia Institute of Technology
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
@@ -29,7 +29,7 @@
* @package CodeIgniter
* @author EllisLab Dev Team
* @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/)
* @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/)
* @copyright Copyright (c) 2014 - 2018, British Columbia Institute of Technology (http://bcit.ca/)
* @license http://opensource.org/licenses/MIT MIT License
* @link https://codeigniter.com
* @since Version 1.0.0

4
system/libraries/Driver.php
View File

@@ -6,7 +6,7 @@
*
* This content is released under the MIT License (MIT)
*
* Copyright (c) 2014 - 2016, British Columbia Institute of Technology
* Copyright (c) 2014 - 2018, British Columbia Institute of Technology
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
@@ -29,7 +29,7 @@
* @package CodeIgniter
* @author EllisLab Dev Team
* @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/)
* @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/)
* @copyright Copyright (c) 2014 - 2018, British Columbia Institute of Technology (http://bcit.ca/)
* @license http://opensource.org/licenses/MIT MIT License
* @link https://codeigniter.com
* @since Version 1.0.0

517
system/libraries/Email.php
View File

@@ -6,7 +6,7 @@
*
* This content is released under the MIT License (MIT)
*
* Copyright (c) 2014 - 2016, British Columbia Institute of Technology
* Copyright (c) 2014 - 2018, British Columbia Institute of Technology
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
@@ -29,7 +29,7 @@
* @package CodeIgniter
* @author EllisLab Dev Team
* @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/)
* @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/)
* @copyright Copyright (c) 2014 - 2018, British Columbia Institute of Technology (http://bcit.ca/)
* @license http://opensource.org/licenses/MIT MIT License
* @link https://codeigniter.com
* @since Version 1.0.0
@@ -147,14 +147,7 @@ class CI_Email {
*
* @var string
*/
public $charset = 'utf-8';
/**
* Multipart message
*
* @var string 'mixed' (in the body) or 'related' (separate)
*/
public $multipart = 'mixed'; // "mixed" (in the body) or "related" (separate)
public $charset = 'UTF-8';
/**
* Alternative message (for HTML messages only)
@@ -260,20 +253,6 @@ class CI_Email {
*/
protected $_finalbody = '';
/**
* multipart/alternative boundary
*
* @var string
*/
protected $_alt_boundary = '';
/**
* Attachment boundary
*
* @var string
*/
protected $_atc_boundary = '';
/**
* Final headers to send
*
@@ -395,6 +374,13 @@ class CI_Email {
5 => '5 (Lowest)'
);
/**
* mbstring.func_overload flag
*
* @var bool
*/
protected static $func_overload;
// --------------------------------------------------------------------
/**
@@ -408,47 +394,26 @@ class CI_Email {
public function __construct(array $config = array())
{
$this->charset = config_item('charset');
if (count($config) > 0)
{
$this->initialize($config);
}
else
{
$this->_smtp_auth = ! ($this->smtp_user === '' && $this->smtp_pass === '');
}
$this->initialize($config);
$this->_safe_mode = ( ! is_php('5.4') && ini_get('safe_mode'));
$this->charset = strtoupper($this->charset);
isset(self::$func_overload) OR self::$func_overload = (extension_loaded('mbstring') && ini_get('mbstring.func_overload'));
log_message('info', 'Email Class Initialized');
}
// --------------------------------------------------------------------
/**
* Destructor - Releases Resources
*
* @return void
*/
public function __destruct()
{
if (is_resource($this->_smtp_connect))
{
$this->_send_command('quit');
}
}
// --------------------------------------------------------------------
/**
* Initialize preferences
*
* @param array
* @param array $config
* @return CI_Email
*/
public function initialize($config = array())
public function initialize(array $config = array())
{
$this->clear();
foreach ($config as $key => $val)
{
if (isset($this->$key))
@@ -465,9 +430,9 @@ class CI_Email {
}
}
}
$this->clear();
$this->_smtp_auth = ! ($this->smtp_user === '' && $this->smtp_pass === '');
$this->charset = strtoupper($this->charset);
$this->_smtp_auth = isset($this->smtp_user[0], $this->smtp_pass[0]);
return $this;
}
@@ -493,7 +458,6 @@ class CI_Email {
$this->_headers = array();
$this->_debug_msg = array();
$this->set_header('User-Agent', $this->useragent);
$this->set_header('Date', $this->_set_date());
if ($clear_attachments !== FALSE)
@@ -766,7 +730,8 @@ class CI_Email {
'name' => array($file, $newname),
'disposition' => empty($disposition) ? 'attachment' : $disposition, // Can also be 'inline' Not sure if it matters
'type' => $mime,
'content' => chunk_split(base64_encode($file_content))
'content' => chunk_split(base64_encode($file_content)),
'multipart' => 'mixed'
);
return $this;
@@ -784,15 +749,11 @@ class CI_Email {
*/
public function attachment_cid($filename)
{
if ($this->multipart !== 'related')
{
$this->multipart = 'related'; // Thunderbird need this for inline images
}
for ($i = 0, $c = count($this->_attachments); $i < $c; $i++)
{
if ($this->_attachments[$i]['name'][0] === $filename)
{
$this->_attachments[$i]['multipart'] = 'related';
$this->_attachments[$i]['cid'] = uniqid(basename($this->_attachments[$i]['name'][0]).'@');
return $this->_attachments[$i]['cid'];
}
@@ -936,19 +897,6 @@ class CI_Email {
// --------------------------------------------------------------------
/**
* Set Message Boundary
*
* @return void
*/
protected function _set_boundaries()
{
$this->_alt_boundary = 'B_ALT_'.uniqid(''); // multipart/alternative
$this->_atc_boundary = 'B_ATC_'.uniqid(''); // attachment boundary
}
// --------------------------------------------------------------------
/**
* Get the Message ID
*
@@ -965,18 +913,13 @@ class CI_Email {
/**
* Get Mail Protocol
*
* @param bool
* @return mixed
*/
protected function _get_protocol($return = TRUE)
protected function _get_protocol()
{
$this->protocol = strtolower($this->protocol);
in_array($this->protocol, $this->_protocols, TRUE) OR $this->protocol = 'mail';
if ($return === TRUE)
{
return $this->protocol;
}
return $this->protocol;
}
// --------------------------------------------------------------------
@@ -984,25 +927,21 @@ class CI_Email {
/**
* Get Mail Encoding
*
* @param bool
* @return string
*/
protected function _get_encoding($return = TRUE)
protected function _get_encoding()
{
in_array($this->_encoding, $this->_bit_depths) OR $this->_encoding = '8bit';
foreach ($this->_base_charsets as $charset)
{
if (strpos($charset, $this->charset) === 0)
if (strpos($this->charset, $charset) === 0)
{
$this->_encoding = '7bit';
}
}
if ($return === TRUE)
{
return $this->_encoding;
}
return $this->_encoding;
}
// --------------------------------------------------------------------
@@ -1016,16 +955,14 @@ class CI_Email {
{
if ($this->mailtype === 'html')
{
return (count($this->_attachments) === 0) ? 'html' : 'html-attach';
return empty($this->_attachments) ? 'html' : 'html-attach';
}
elseif ($this->mailtype === 'text' && count($this->_attachments) > 0)
elseif ($this->mailtype === 'text' && ! empty($this->_attachments))
{
return 'plain-attach';
}
else
{
return 'plain';
}
return 'plain';
}
// --------------------------------------------------------------------
@@ -1095,9 +1032,17 @@ class CI_Email {
*/
public function valid_email($email)
{
if (function_exists('idn_to_ascii') && $atpos = strpos($email, '@'))
if (function_exists('idn_to_ascii') && strpos($email, '@'))
{
$email = substr($email, 0, ++$atpos).idn_to_ascii(substr($email, $atpos));
list($account, $domain) = explode('@', $email, 2);
$domain = defined('INTL_IDNA_VARIANT_UTS46')
? idn_to_ascii($domain, 0, INTL_IDNA_VARIANT_UTS46)
: idn_to_ascii($domain);
if ($domain !== FALSE)
{
$email = $account.'@'.$domain;
}
}
return (bool) filter_var($email, FILTER_VALIDATE_EMAIL);
@@ -1214,7 +1159,7 @@ class CI_Email {
{
// Is the line within the allowed character count?
// If so we'll join it to the output and continue
if (mb_strlen($line) <= $charlim)
if (self::strlen($line) <= $charlim)
{
$output .= $line.$this->newline;
continue;
@@ -1230,10 +1175,10 @@ class CI_Email {
}
// Trim the word down
$temp .= mb_substr($line, 0, $charlim - 1);
$line = mb_substr($line, $charlim - 1);
$temp .= self::substr($line, 0, $charlim - 1);
$line = self::substr($line, $charlim - 1);
}
while (mb_strlen($line) > $charlim);
while (self::strlen($line) > $charlim);
// If $temp contains data it means we had to split up an over-length
// word into smaller chunks so we'll add it back to our current line
@@ -1262,10 +1207,11 @@ class CI_Email {
/**
* Build final headers
*
* @return string
* @return void
*/
protected function _build_headers()
{
$this->set_header('User-Agent', $this->useragent);
$this->set_header('X-Sender', $this->clean_email($this->_headers['From']));
$this->set_header('X-Mailer', $this->useragent);
$this->set_header('X-Priority', $this->_priorities[$this->priority]);
@@ -1324,7 +1270,6 @@ class CI_Email {
$this->_body = $this->word_wrap($this->_body);
}
$this->_set_boundaries();
$this->_write_headers();
$hdr = ($this->_get_protocol() === 'mail') ? $this->newline : '';
@@ -1332,7 +1277,7 @@ class CI_Email {
switch ($this->_get_content_type())
{
case 'plain' :
case 'plain':
$hdr .= 'Content-Type: text/plain; charset='.$this->charset.$this->newline
.'Content-Transfer-Encoding: '.$this->_get_encoding();
@@ -1349,7 +1294,7 @@ class CI_Email {
return;
case 'html' :
case 'html':
if ($this->send_multipart === FALSE)
{
@@ -1358,14 +1303,16 @@ class CI_Email {
}
else
{
$hdr .= 'Content-Type: multipart/alternative; boundary="'.$this->_alt_boundary.'"';
$boundary = uniqid('B_ALT_');
$hdr .= 'Content-Type: multipart/alternative; boundary="'.$boundary.'"';
$body .= $this->_get_mime_message().$this->newline.$this->newline
.'--'.$this->_alt_boundary.$this->newline
.'--'.$boundary.$this->newline
.'Content-Type: text/plain; charset='.$this->charset.$this->newline
.'Content-Transfer-Encoding: '.$this->_get_encoding().$this->newline.$this->newline
.$this->_get_alt_message().$this->newline.$this->newline.'--'.$this->_alt_boundary.$this->newline
.$this->_get_alt_message().$this->newline.$this->newline
.'--'.$boundary.$this->newline
.'Content-Type: text/html; charset='.$this->charset.$this->newline
.'Content-Transfer-Encoding: quoted-printable'.$this->newline.$this->newline;
@@ -1384,14 +1331,15 @@ class CI_Email {
if ($this->send_multipart !== FALSE)
{
$this->_finalbody .= '--'.$this->_alt_boundary.'--';
$this->_finalbody .= '--'.$boundary.'--';
}
return;
case 'plain-attach' :
case 'plain-attach':
$hdr .= 'Content-Type: multipart/'.$this->multipart.'; boundary="'.$this->_atc_boundary.'"';
$boundary = uniqid('B_ATC_');
$hdr .= 'Content-Type: multipart/mixed; boundary="'.$boundary.'"';
if ($this->_get_protocol() === 'mail')
{
@@ -1400,59 +1348,83 @@ class CI_Email {
$body .= $this->_get_mime_message().$this->newline
.$this->newline
.'--'.$this->_atc_boundary.$this->newline
.'--'.$boundary.$this->newline
.'Content-Type: text/plain; charset='.$this->charset.$this->newline
.'Content-Transfer-Encoding: '.$this->_get_encoding().$this->newline
.$this->newline
.$this->_body.$this->newline.$this->newline;
break;
case 'html-attach' :
$this->_append_attachments($body, $boundary);
$hdr .= 'Content-Type: multipart/'.$this->multipart.'; boundary="'.$this->_atc_boundary.'"';
break;
case 'html-attach':
$alt_boundary = uniqid('B_ALT_');
$last_boundary = NULL;
if ($this->_attachments_have_multipart('mixed'))
{
$atc_boundary = uniqid('B_ATC_');
$hdr .= 'Content-Type: multipart/mixed; boundary="'.$atc_boundary.'"';
$last_boundary = $atc_boundary;
}
if ($this->_attachments_have_multipart('related'))
{
$rel_boundary = uniqid('B_REL_');
$rel_boundary_header = 'Content-Type: multipart/related; boundary="'.$rel_boundary.'"';
if (isset($last_boundary))
{
$body .= '--'.$last_boundary.$this->newline.$rel_boundary_header;
}
else
{
$hdr .= $rel_boundary_header;
}
$last_boundary = $rel_boundary;
}
if ($this->_get_protocol() === 'mail')
{
$this->_header_str .= $hdr;
}
self::strlen($body) && $body .= $this->newline.$this->newline;
$body .= $this->_get_mime_message().$this->newline.$this->newline
.'--'.$this->_atc_boundary.$this->newline
.'--'.$last_boundary.$this->newline
.'Content-Type: multipart/alternative; boundary="'.$this->_alt_boundary.'"'.$this->newline.$this->newline
.'--'.$this->_alt_boundary.$this->newline
.'Content-Type: multipart/alternative; boundary="'.$alt_boundary.'"'.$this->newline.$this->newline
.'--'.$alt_boundary.$this->newline
.'Content-Type: text/plain; charset='.$this->charset.$this->newline
.'Content-Transfer-Encoding: '.$this->_get_encoding().$this->newline.$this->newline
.$this->_get_alt_message().$this->newline.$this->newline.'--'.$this->_alt_boundary.$this->newline
.$this->_get_alt_message().$this->newline.$this->newline
.'--'.$alt_boundary.$this->newline
.'Content-Type: text/html; charset='.$this->charset.$this->newline
.'Content-Transfer-Encoding: quoted-printable'.$this->newline.$this->newline
.$this->_prep_quoted_printable($this->_body).$this->newline.$this->newline
.'--'.$this->_alt_boundary.'--'.$this->newline.$this->newline;
.'--'.$alt_boundary.'--'.$this->newline.$this->newline;
break;
if ( ! empty($rel_boundary))
{
$body .= $this->newline.$this->newline;
$this->_append_attachments($body, $rel_boundary, 'related');
}
// multipart/mixed attachments
if ( ! empty($atc_boundary))
{
$body .= $this->newline.$this->newline;
$this->_append_attachments($body, $atc_boundary, 'mixed');
}
break;
}
$attachment = array();
for ($i = 0, $c = count($this->_attachments), $z = 0; $i < $c; $i++)
{
$filename = $this->_attachments[$i]['name'][0];
$basename = ($this->_attachments[$i]['name'][1] === NULL)
? basename($filename) : $this->_attachments[$i]['name'][1];
$attachment[$z++] = '--'.$this->_atc_boundary.$this->newline
.'Content-type: '.$this->_attachments[$i]['type'].'; '
.'name="'.$basename.'"'.$this->newline
.'Content-Disposition: '.$this->_attachments[$i]['disposition'].';'.$this->newline
.'Content-Transfer-Encoding: base64'.$this->newline
.(empty($this->_attachments[$i]['cid']) ? '' : 'Content-ID: <'.$this->_attachments[$i]['cid'].'>'.$this->newline);
$attachment[$z++] = $this->_attachments[$i]['content'];
}
$body .= implode($this->newline, $attachment).$this->newline.'--'.$this->_atc_boundary.'--';
$this->_finalbody = ($this->_get_protocol() === 'mail')
? $body
: $hdr.$this->newline.$this->newline.$body;
@@ -1462,6 +1434,58 @@ class CI_Email {
// --------------------------------------------------------------------
protected function _attachments_have_multipart($type)
{
foreach ($this->_attachments as &$attachment)
{
if ($attachment['multipart'] === $type)
{
return TRUE;
}
}
return FALSE;
}
// --------------------------------------------------------------------
/**
* Prepares attachment string
*
* @param string $body Message body to append to
* @param string $boundary Multipart boundary
* @param string $multipart When provided, only attachments of this type will be processed
* @return string
*/
protected function _append_attachments(&$body, $boundary, $multipart = null)
{
for ($i = 0, $c = count($this->_attachments); $i < $c; $i++)
{
if (isset($multipart) && $this->_attachments[$i]['multipart'] !== $multipart)
{
continue;
}
$name = isset($this->_attachments[$i]['name'][1])
? $this->_attachments[$i]['name'][1]
: basename($this->_attachments[$i]['name'][0]);
$body .= '--'.$boundary.$this->newline
.'Content-Type: '.$this->_attachments[$i]['type'].'; name="'.$name.'"'.$this->newline
.'Content-Disposition: '.$this->_attachments[$i]['disposition'].';'.$this->newline
.'Content-Transfer-Encoding: base64'.$this->newline
.(empty($this->_attachments[$i]['cid']) ? '' : 'Content-ID: <'.$this->_attachments[$i]['cid'].'>'.$this->newline)
.$this->newline
.$this->_attachments[$i]['content'].$this->newline;
}
// $name won't be set if no attachments were appended,
// and therefore a boundary wouldn't be necessary
empty($name) OR $body .= '--'.$boundary.'--';
}
// --------------------------------------------------------------------
/**
* Prep Quoted Printable
*
@@ -1497,14 +1521,7 @@ class CI_Email {
// which only works with "\n".
if ($this->crlf === "\r\n")
{
if (is_php('5.3'))
{
return quoted_printable_encode($str);
}
elseif (function_exists('imap_8bit'))
{
return imap_8bit($str);
}
return quoted_printable_encode($str);
}
// Reduce multiple spaces & remove nulls
@@ -1521,7 +1538,7 @@ class CI_Email {
foreach (explode("\n", $str) as $line)
{
$length = strlen($line);
$length = self::strlen($line);
$temp = '';
// Loop through each character in the line to add soft-wrap
@@ -1556,7 +1573,7 @@ class CI_Email {
// If we're at the character limit, add the line to the output,
// reset our temp variable, and keep on chuggin'
if ((strlen($temp) + strlen($char)) >= 76)
if ((self::strlen($temp) + self::strlen($char)) >= 76)
{
$output .= $temp.$escape.$this->crlf;
$temp = '';
@@ -1571,7 +1588,7 @@ class CI_Email {
}
// get rid of extra CRLF tacked onto the end
return substr($output, 0, strlen($this->crlf) * -1);
return self::substr($output, 0, self::strlen($this->crlf) * -1);
}
// --------------------------------------------------------------------
@@ -1613,7 +1630,7 @@ class CI_Email {
// iconv_mime_encode() will always put a header field name.
// We've passed it an empty one, but it still prepends our
// encoded string with ': ', so we need to strip it.
return substr($output, 2);
return self::substr($output, 2);
}
$chars = iconv_strlen($str, 'UTF-8');
@@ -1625,10 +1642,10 @@ class CI_Email {
}
// We might already have this set for UTF-8
isset($chars) OR $chars = strlen($str);
isset($chars) OR $chars = self::strlen($str);
$output = '=?'.$this->charset.'?Q?';
for ($i = 0, $length = strlen($output); $i < $chars; $i++)
for ($i = 0, $length = self::strlen($output); $i < $chars; $i++)
{
$chr = ($this->charset === 'UTF-8' && ICONV_ENABLED === TRUE)
? '='.implode('=', str_split(strtoupper(bin2hex(iconv_substr($str, $i, 1, $this->charset))), 2))
@@ -1636,11 +1653,11 @@ class CI_Email {
// RFC 2045 sets a limit of 76 characters per line.
// We'll append ?= to the end of each line though.
if ($length + ($l = strlen($chr)) > 74)
if ($length + ($l = self::strlen($chr)) > 74)
{
$output .= '?='.$this->crlf // EOL
.' =?'.$this->charset.'?Q?'.$chr; // New line
$length = 6 + strlen($this->charset) + $l; // Reset the length for the new line
$length = 6 + self::strlen($this->charset) + $l; // Reset the length for the new line
}
else
{
@@ -1733,14 +1750,14 @@ class CI_Email {
if ($i === $float)
{
$chunk[] = substr($set, 1);
$chunk[] = self::substr($set, 1);
$float += $this->bcc_batch_size;
$set = '';
}
if ($i === $c-1)
{
$chunk[] = substr($set, 1);
$chunk[] = self::substr($set, 1);
}
}
@@ -1809,19 +1826,55 @@ class CI_Email {
{
$this->_unwrap_specials();
$method = '_send_with_'.$this->_get_protocol();
$protocol = $this->_get_protocol();
$method = '_send_with_'.$protocol;
if ( ! $this->$method())
{
$this->_set_error_message('lang:email_send_failure_'.($this->_get_protocol() === 'mail' ? 'phpmail' : $this->_get_protocol()));
$this->_set_error_message('lang:email_send_failure_'.($protocol === 'mail' ? 'phpmail' : $protocol));
return FALSE;
}
$this->_set_error_message('lang:email_sent', $this->_get_protocol());
$this->_set_error_message('lang:email_sent', $protocol);
return TRUE;
}
// --------------------------------------------------------------------
/**
* Validate email for shell
*
* Applies stricter, shell-safe validation to email addresses.
* Introduced to prevent RCE via sendmail's -f option.
*
* @see https://github.com/bcit-ci/CodeIgniter/issues/4963
* @see https://gist.github.com/Zenexer/40d02da5e07f151adeaeeaa11af9ab36
* @license https://creativecommons.org/publicdomain/zero/1.0/ CC0 1.0, Public Domain
*
* Credits for the base concept go to Paul Buonopane <paul@namepros.com>
*
* @param string $email
* @return bool
*/
protected function _validate_email_for_shell(&$email)
{
if (function_exists('idn_to_ascii') && strpos($email, '@'))
{
list($account, $domain) = explode('@', $email, 2);
$domain = defined('INTL_IDNA_VARIANT_UTS46')
? idn_to_ascii($domain, 0, INTL_IDNA_VARIANT_UTS46)
: idn_to_ascii($domain);
if ($domain !== FALSE)
{
$email = $account.'@'.$domain;
}
}
return (filter_var($email, FILTER_VALIDATE_EMAIL) === $email && preg_match('#\A[a-z0-9._+-]+@[a-z0-9.-]{1,253}\z#i', $email));
}
// --------------------------------------------------------------------
/**
* Send using mail()
*
@@ -1834,7 +1887,11 @@ class CI_Email {
$this->_recipients = implode(', ', $this->_recipients);
}
if ($this->_safe_mode === TRUE)
// _validate_email_for_shell() below accepts by reference,
// so this needs to be assigned to a variable
$from = $this->clean_email($this->_headers['Return-Path']);
if ($this->_safe_mode === TRUE || ! $this->_validate_email_for_shell($from))
{
return mail($this->_recipients, $this->_subject, $this->_finalbody, $this->_header_str);
}
@@ -1842,7 +1899,7 @@ class CI_Email {
{
// most documentation of sendmail using the "-f" flag lacks a space after it, however
// we've encountered servers that seem to require it to be in place.
return mail($this->_recipients, $this->_subject, $this->_finalbody, $this->_header_str, '-f '.$this->clean_email($this->_headers['Return-Path']));
return mail($this->_recipients, $this->_subject, $this->_finalbody, $this->_header_str, '-f '.$from);
}
}
@@ -1855,13 +1912,22 @@ class CI_Email {
*/
protected function _send_with_sendmail()
{
// is popen() enabled?
if ( ! function_usable('popen')
OR FALSE === ($fp = @popen(
$this->mailpath.' -oi -f '.$this->clean_email($this->_headers['From']).' -t'
, 'w'))
) // server probably has popen disabled, so nothing we can do to get a verbose error.
// _validate_email_for_shell() below accepts by reference,
// so this needs to be assigned to a variable
$from = $this->clean_email($this->_headers['From']);
if ($this->_validate_email_for_shell($from))
{
$from = '-f '.$from;
}
else
{
$from = '';
}
// is popen() enabled?
if ( ! function_usable('popen') OR FALSE === ($fp = @popen($this->mailpath.' -oi '.$from.' -t', 'w')))
{
// server probably has popen disabled, so nothing we can do to get a verbose error.
return FALSE;
}
@@ -1902,6 +1968,7 @@ class CI_Email {
if ( ! $this->_send_command('from', $this->clean_email($this->_headers['From'])))
{
$this->_smtp_end();
return FALSE;
}
@@ -1909,6 +1976,7 @@ class CI_Email {
{
if ( ! $this->_send_command('to', $val))
{
$this->_smtp_end();
return FALSE;
}
}
@@ -1919,6 +1987,7 @@ class CI_Email {
{
if ($val !== '' && ! $this->_send_command('to', $val))
{
$this->_smtp_end();
return FALSE;
}
}
@@ -1930,6 +1999,7 @@ class CI_Email {
{
if ($val !== '' && ! $this->_send_command('to', $val))
{
$this->_smtp_end();
return FALSE;
}
}
@@ -1937,6 +2007,7 @@ class CI_Email {
if ( ! $this->_send_command('data'))
{
$this->_smtp_end();
return FALSE;
}
@@ -1946,29 +2017,37 @@ class CI_Email {
$this->_send_data('.');
$reply = $this->_get_smtp_data();
$this->_set_error_message($reply);
$this->_smtp_end();
if (strpos($reply, '250') !== 0)
{
$this->_set_error_message('lang:email_smtp_error', $reply);
return FALSE;
}
if ($this->smtp_keepalive)
{
$this->_send_command('reset');
}
else
{
$this->_send_command('quit');
}
return TRUE;
}
// --------------------------------------------------------------------
/**
* SMTP End
*
* Shortcut to send RSET or QUIT depending on keep-alive
*
* @return void
*/
protected function _smtp_end()
{
($this->smtp_keepalive)
? $this->_send_command('reset')
: $this->_send_command('quit');
}
// --------------------------------------------------------------------
/**
* SMTP Connect
*
@@ -2003,7 +2082,19 @@ class CI_Email {
$this->_send_command('hello');
$this->_send_command('starttls');
$crypto = stream_socket_enable_crypto($this->_smtp_connect, TRUE, STREAM_CRYPTO_METHOD_TLS_CLIENT);
/**
* STREAM_CRYPTO_METHOD_TLS_CLIENT is quite the mess ...
*
* - On PHP <5.6 it doesn't even mean TLS, but SSL 2.0, and there's no option to use actual TLS
* - On PHP 5.6.0-5.6.6, >=7.2 it means negotiation with any of TLS 1.0, 1.1, 1.2
* - On PHP 5.6.7-7.1.* it means only TLS 1.0
*
* We want the negotiation, so we'll force it below ...
*/
$method = is_php('5.6')
? STREAM_CRYPTO_METHOD_TLSv1_0_CLIENT | STREAM_CRYPTO_METHOD_TLSv1_1_CLIENT | STREAM_CRYPTO_METHOD_TLSv1_2_CLIENT
: STREAM_CRYPTO_METHOD_TLS_CLIENT;
$crypto = stream_socket_enable_crypto($this->_smtp_connect, TRUE, $method);
if ($crypto !== TRUE)
{
@@ -2022,7 +2113,7 @@ class CI_Email {
*
* @param string
* @param string
* @return string
* @return bool
*/
protected function _send_command($cmd, $data = '')
{
@@ -2085,7 +2176,7 @@ class CI_Email {
$this->_debug_msg[] = '<pre>'.$cmd.': '.$reply.'</pre>';
if ((int) substr($reply, 0, 3) !== $resp)
if ((int) self::substr($reply, 0, 3) !== $resp)
{
$this->_set_error_message('lang:email_smtp_error', $reply);
return FALSE;
@@ -2153,6 +2244,11 @@ class CI_Email {
return FALSE;
}
if ($this->smtp_keepalive)
{
$this->_smtp_auth = FALSE;
}
return TRUE;
}
@@ -2167,9 +2263,9 @@ class CI_Email {
protected function _send_data($data)
{
$data .= $this->newline;
for ($written = $timestamp = 0, $length = strlen($data); $written < $length; $written += $result)
for ($written = $timestamp = 0, $length = self::strlen($data); $written < $length; $written += $result)
{
if (($result = fwrite($this->_smtp_connect, substr($data, $written))) === FALSE)
if (($result = fwrite($this->_smtp_connect, self::substr($data, $written))) === FALSE)
{
break;
}
@@ -2189,10 +2285,8 @@ class CI_Email {
usleep(250000);
continue;
}
else
{
$timestamp = 0;
}
$timestamp = 0;
}
if ($result === FALSE)
@@ -2342,4 +2436,55 @@ class CI_Email {
return 'application/x-unknown-content-type';
}
// --------------------------------------------------------------------
/**
* Destructor
*
* @return void
*/
public function __destruct()
{
is_resource($this->_smtp_connect) && $this->_send_command('quit');
}
// --------------------------------------------------------------------
/**
* Byte-safe strlen()
*
* @param string $str
* @return int
*/
protected static function strlen($str)
{
return (self::$func_overload)
? mb_strlen($str, '8bit')
: strlen($str);
}
// --------------------------------------------------------------------
/**
* Byte-safe substr()
*
* @param string $str
* @param int $start
* @param int $length
* @return string
*/
protected static function substr($str, $start, $length = NULL)
{
if (self::$func_overload)
{
// mb_substr($str, $start, null, '8bit') returns an empty
// string on PHP 5.3
isset($length) OR $length = ($start >= 0 ? self::strlen($str) - $start : -$start);
return mb_substr($str, $start, $length, '8bit');
}
return isset($length)
? substr($str, $start, $length)
: substr($str, $start);
}
}

63
system/libraries/Encrypt.php
View File

@@ -6,7 +6,7 @@
*
* This content is released under the MIT License (MIT)
*
* Copyright (c) 2014 - 2016, British Columbia Institute of Technology
* Copyright (c) 2014 - 2018, British Columbia Institute of Technology
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
@@ -29,7 +29,7 @@
* @package CodeIgniter
* @author EllisLab Dev Team
* @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/)
* @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/)
* @copyright Copyright (c) 2014 - 2018, British Columbia Institute of Technology (http://bcit.ca/)
* @license http://opensource.org/licenses/MIT MIT License
* @link https://codeigniter.com
* @since Version 1.0.0
@@ -122,7 +122,7 @@ class CI_Encrypt {
$key = config_item('encryption_key');
if ( ! strlen($key))
if ( ! self::strlen($key))
{
show_error('In order to use the encryption class requires that you set an encryption key in your config file.');
}
@@ -252,7 +252,7 @@ class CI_Encrypt {
$string = $this->_xor_merge($string, $key);
$dec = '';
for ($i = 0, $l = strlen($string); $i < $l; $i++)
for ($i = 0, $l = self::strlen($string); $i < $l; $i++)
{
$dec .= ($string[$i++] ^ $string[$i]);
}
@@ -275,7 +275,8 @@ class CI_Encrypt {
{
$hash = $this->hash($key);
$str = '';
for ($i = 0, $ls = strlen($string), $lh = strlen($hash); $i < $ls; $i++)
for ($i = 0, $ls = self::strlen($string), $lh = self::strlen($hash); $i < $ls; $i++)
{
$str .= $string[$i] ^ $hash[($i % $lh)];
}
@@ -295,7 +296,7 @@ class CI_Encrypt {
public function mcrypt_encode($data, $key)
{
$init_size = mcrypt_get_iv_size($this->_get_cipher(), $this->_get_mode());
$init_vect = mcrypt_create_iv($init_size, MCRYPT_RAND);
$init_vect = mcrypt_create_iv($init_size, MCRYPT_DEV_URANDOM);
return $this->_add_cipher_noise($init_vect.mcrypt_encrypt($this->_get_cipher(), $key, $data, $this->_get_mode(), $init_vect), $key);
}
@@ -313,13 +314,14 @@ class CI_Encrypt {
$data = $this->_remove_cipher_noise($data, $key);
$init_size = mcrypt_get_iv_size($this->_get_cipher(), $this->_get_mode());
if ($init_size > strlen($data))
if ($init_size > self::strlen($data))
{
return FALSE;
}
$init_vect = substr($data, 0, $init_size);
$data = substr($data, $init_size);
$init_vect = self::substr($data, 0, $init_size);
$data = self::substr($data, $init_size);
return rtrim(mcrypt_decrypt($this->_get_cipher(), $key, $data, $this->_get_mode(), $init_vect), "\0");
}
@@ -339,7 +341,7 @@ class CI_Encrypt {
$key = $this->hash($key);
$str = '';
for ($i = 0, $j = 0, $ld = strlen($data), $lk = strlen($key); $i < $ld; ++$i, ++$j)
for ($i = 0, $j = 0, $ld = self::strlen($data), $lk = self::strlen($key); $i < $ld; ++$i, ++$j)
{
if ($j >= $lk)
{
@@ -369,7 +371,7 @@ class CI_Encrypt {
$key = $this->hash($key);
$str = '';
for ($i = 0, $j = 0, $ld = strlen($data), $lk = strlen($key); $i < $ld; ++$i, ++$j)
for ($i = 0, $j = 0, $ld = self::strlen($data), $lk = self::strlen($key); $i < $ld; ++$i, ++$j)
{
if ($j >= $lk)
{
@@ -477,4 +479,43 @@ class CI_Encrypt {
return hash($this->_hash_type, $str);
}
// --------------------------------------------------------------------
/**
* Byte-safe strlen()
*
* @param string $str
* @return int
*/
protected static function strlen($str)
{
return defined('MB_OVERLOAD_STRING')
? mb_strlen($str, '8bit')
: strlen($str);
}
// --------------------------------------------------------------------
/**
* Byte-safe substr()
*
* @param string $str
* @param int $start
* @param int $length
* @return string
*/
protected static function substr($str, $start, $length = NULL)
{
if (defined('MB_OVERLOAD_STRING'))
{
// mb_substr($str, $start, null, '8bit') returns an empty
// string on PHP 5.3
isset($length) OR $length = ($start >= 0 ? self::strlen($str) - $start : -$start);
return mb_substr($str, $start, $length, '8bit');
}
return isset($length)
? substr($str, $start, $length)
: substr($str, $start);
}
}

54
system/libraries/Encryption.php
View File

@@ -6,7 +6,7 @@
*
* This content is released under the MIT License (MIT)
*
* Copyright (c) 2014 - 2016, British Columbia Institute of Technology
* Copyright (c) 2014 - 2018, British Columbia Institute of Technology
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
@@ -29,7 +29,7 @@
* @package CodeIgniter
* @author EllisLab Dev Team
* @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/)
* @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/)
* @copyright Copyright (c) 2014 - 2018, British Columbia Institute of Technology (http://bcit.ca/)
* @license http://opensource.org/licenses/MIT MIT License
* @link https://codeigniter.com
* @since Version 3.0.0
@@ -135,11 +135,11 @@ class CI_Encryption {
);
/**
* mbstring.func_override flag
* mbstring.func_overload flag
*
* @var bool
*/
protected static $func_override;
protected static $func_overload;
// --------------------------------------------------------------------
@@ -152,10 +152,8 @@ class CI_Encryption {
public function __construct(array $params = array())
{
$this->_drivers = array(
'mcrypt' => defined('MCRYPT_DEV_URANDOM'),
// While OpenSSL is available for PHP 5.3.0, an IV parameter
// for the encrypt/decrypt functions is only available since 5.3.3
'openssl' => (is_php('5.3.3') && extension_loaded('openssl'))
'mcrypt' => defined('MCRYPT_DEV_URANDOM'),
'openssl' => extension_loaded('openssl')
);
if ( ! $this->_drivers['mcrypt'] && ! $this->_drivers['openssl'])
@@ -163,7 +161,7 @@ class CI_Encryption {
show_error('Encryption: Unable to find an available encryption driver.');
}
isset(self::$func_override) OR self::$func_override = (extension_loaded('mbstring') && ini_get('mbstring.func_override'));
isset(self::$func_overload) OR self::$func_overload = (extension_loaded('mbstring') && ini_get('mbstring.func_overload'));
$this->initialize($params);
if ( ! isset($this->_key) && self::strlen($key = config_item('encryption_key')) > 0)
@@ -339,12 +337,26 @@ class CI_Encryption {
{
if (function_exists('random_bytes'))
{
return random_bytes((int) $length);
try
{
return random_bytes((int) $length);
}
catch (Exception $e)
{
log_message('error', $e->getMessage());
return FALSE;
}
}
elseif (defined('MCRYPT_DEV_URANDOM'))
{
return mcrypt_create_iv($length, MCRYPT_DEV_URANDOM);
}
return ($this->_driver === 'mcrypt')
? mcrypt_create_iv($length, MCRYPT_DEV_URANDOM)
: openssl_random_pseudo_bytes($length);
$is_secure = NULL;
$key = openssl_random_pseudo_bytes($length, $is_secure);
return ($is_secure === TRUE)
? $key
: FALSE;
}
// --------------------------------------------------------------------
@@ -400,7 +412,7 @@ class CI_Encryption {
// The greater-than-1 comparison is mostly a work-around for a bug,
// where 1 is returned for ARCFour instead of 0.
$iv = (($iv_size = mcrypt_enc_get_iv_size($params['handle'])) > 1)
? mcrypt_create_iv($iv_size, MCRYPT_DEV_URANDOM)
? $this->create_key($iv_size)
: NULL;
if (mcrypt_generic_init($params['handle'], $params['key'], $iv) < 0)
@@ -463,7 +475,7 @@ class CI_Encryption {
}
$iv = ($iv_size = openssl_cipher_iv_length($params['handle']))
? openssl_random_pseudo_bytes($iv_size)
? $this->create_key($iv_size)
: NULL;
$data = openssl_encrypt(
@@ -670,10 +682,8 @@ class CI_Encryption {
{
return FALSE;
}
else
{
$params['mode'] = $this->_modes[$this->_driver][$params['mode']];
}
$params['mode'] = $this->_modes[$this->_driver][$params['mode']];
}
if (isset($params['hmac']) && $params['hmac'] === FALSE)
@@ -895,11 +905,11 @@ class CI_Encryption {
* Byte-safe strlen()
*
* @param string $str
* @return integer
* @return int
*/
protected static function strlen($str)
{
return (self::$func_override)
return (self::$func_overload)
? mb_strlen($str, '8bit')
: strlen($str);
}
@@ -916,7 +926,7 @@ class CI_Encryption {
*/
protected static function substr($str, $start, $length = NULL)
{
if (self::$func_override)
if (self::$func_overload)
{
// mb_substr($str, $start, null, '8bit') returns an empty
// string on PHP 5.3

173
system/libraries/Form_validation.php
View File

@@ -6,7 +6,7 @@
*
* This content is released under the MIT License (MIT)
*
* Copyright (c) 2014 - 2016, British Columbia Institute of Technology
* Copyright (c) 2014 - 2018, British Columbia Institute of Technology
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
@@ -29,7 +29,7 @@
* @package CodeIgniter
* @author EllisLab Dev Team
* @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/)
* @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/)
* @copyright Copyright (c) 2014 - 2018, British Columbia Institute of Technology (http://bcit.ca/)
* @license http://opensource.org/licenses/MIT MIT License
* @link https://codeigniter.com
* @since Version 1.0.0
@@ -493,6 +493,63 @@ class CI_Form_validation {
// --------------------------------------------------------------------
/**
* Prepare rules
*
* Re-orders the provided rules in order of importance, so that
* they can easily be executed later without weird checks ...
*
* "Callbacks" are given the highest priority (always called),
* followed by 'required' (called if callbacks didn't fail),
* and then every next rule depends on the previous one passing.
*
* @param array $rules
* @return array
*/
protected function _prepare_rules($rules)
{
$new_rules = array();
$callbacks = array();
foreach ($rules as &$rule)
{
// Let 'required' always be the first (non-callback) rule
if ($rule === 'required')
{
array_unshift($new_rules, 'required');
}
// 'isset' is a kind of a weird alias for 'required' ...
elseif ($rule === 'isset' && (empty($new_rules) OR $new_rules[0] !== 'required'))
{
array_unshift($new_rules, 'isset');
}
// The old/classic 'callback_'-prefixed rules
elseif (is_string($rule) && strncmp('callback_', $rule, 9) === 0)
{
$callbacks[] = $rule;
}
// Proper callables
elseif (is_callable($rule))
{
$callbacks[] = $rule;
}
// "Named" callables; i.e. array('name' => $callable)
elseif (is_array($rule) && isset($rule[0], $rule[1]) && is_callable($rule[1]))
{
$callbacks[] = $rule;
}
// Everything else goes at the end of the queue
else
{
$new_rules[] = $rule;
}
}
return array_merge($callbacks, $new_rules);
}
// --------------------------------------------------------------------
/**
* Traverse a multidimensional $_POST array index until the data is found
*
@@ -580,70 +637,7 @@ class CI_Form_validation {
return;
}
// If the field is blank, but NOT required, no further tests are necessary
$callback = FALSE;
if ( ! in_array('required', $rules) && ($postdata === NULL OR $postdata === ''))
{
// Before we bail out, does the rule contain a callback?
foreach ($rules as &$rule)
{
if (is_string($rule))
{
if (strncmp($rule, 'callback_', 9) === 0)
{
$callback = TRUE;
$rules = array(1 => $rule);
break;
}
}
elseif (is_callable($rule))
{
$callback = TRUE;
$rules = array(1 => $rule);
break;
}
elseif (is_array($rule) && isset($rule[0], $rule[1]) && is_callable($rule[1]))
{
$callback = TRUE;
$rules = array(array($rule[0], $rule[1]));
break;
}
}
if ( ! $callback)
{
return;
}
}
// Isset Test. Typically this rule will only apply to checkboxes.
if (($postdata === NULL OR $postdata === '') && ! $callback)
{
if (in_array('isset', $rules, TRUE) OR in_array('required', $rules))
{
// Set the message type
$type = in_array('required', $rules) ? 'required' : 'isset';
$line = $this->_get_error_message($type, $row['field']);
// Build the error message
$message = $this->_build_error_msg($line, $this->_translate_fieldname($row['label']));
// Save the error message
$this->_field_data[$row['field']]['error'] = $message;
if ( ! isset($this->_error_array[$row['field']]))
{
$this->_error_array[$row['field']] = $message;
}
}
return;
}
// --------------------------------------------------------------------
// Cycle through each rule and run it
$rules = $this->_prepare_rules($rules);
foreach ($rules as $rule)
{
$_in_array = FALSE;
@@ -702,6 +696,17 @@ class CI_Form_validation {
$param = $match[2];
}
// Ignore empty, non-required inputs with a few exceptions ...
if (
($postdata === NULL OR $postdata === '')
&& $callback === FALSE
&& $callable === FALSE
&& ! in_array($rule, array('required', 'isset', 'matches'), TRUE)
)
{
continue;
}
// Call the function that corresponds to the rule
if ($callback OR $callable !== FALSE)
{
@@ -740,12 +745,6 @@ class CI_Form_validation {
{
$this->_field_data[$row['field']]['postdata'] = is_bool($result) ? $postdata : $result;
}
// If the field isn't required and we just processed a callback we'll move on...
if ( ! in_array('required', $rules, TRUE) && $result !== FALSE)
{
continue;
}
}
elseif ( ! method_exists($this, $rule))
{
@@ -1055,7 +1054,9 @@ class CI_Form_validation {
*/
public function required($str)
{
return is_array($str) ? (bool) count($str) : (trim($str) !== '');
return is_array($str)
? (empty($str) === FALSE)
: (trim($str) !== '');
}
// --------------------------------------------------------------------
@@ -1199,7 +1200,7 @@ class CI_Form_validation {
{
return FALSE;
}
elseif ( ! in_array($matches[1], array('http', 'https'), TRUE))
elseif ( ! in_array(strtolower($matches[1]), array('http', 'https'), TRUE))
{
return FALSE;
}
@@ -1215,18 +1216,7 @@ class CI_Form_validation {
$str = 'ipv6.host'.substr($str, strlen($matches[1]) + 2);
}
$str = 'http://'.$str;
// There's a bug affecting PHP 5.2.13, 5.3.2 that considers the
// underscore to be a valid hostname character instead of a dash.
// Reference: https://bugs.php.net/bug.php?id=51192
if (version_compare(PHP_VERSION, '5.2.13', '==') OR version_compare(PHP_VERSION, '5.3.2', '=='))
{
sscanf($str, 'http://%[^/]', $host);
$str = substr_replace($str, strtr($host, array('_' => '-', '-' => '_')), 7, strlen($host));
}
return (filter_var($str, FILTER_VALIDATE_URL) !== FALSE);
return (filter_var('http://'.$str, FILTER_VALIDATE_URL) !== FALSE);
}
// --------------------------------------------------------------------
@@ -1239,9 +1229,16 @@ class CI_Form_validation {
*/
public function valid_email($str)
{
if (function_exists('idn_to_ascii') && $atpos = strpos($str, '@'))
if (function_exists('idn_to_ascii') && preg_match('#\A([^@]+)@(.+)\z#', $str, $matches))
{
$str = substr($str, 0, ++$atpos).idn_to_ascii(substr($str, $atpos));
$domain = defined('INTL_IDNA_VARIANT_UTS46')
? idn_to_ascii($matches[2], 0, INTL_IDNA_VARIANT_UTS46)
: idn_to_ascii($matches[2]);
if ($domain !== FALSE)
{
$str = $matches[1].'@'.$domain;
}
}
return (bool) filter_var($str, FILTER_VALIDATE_EMAIL);

6
system/libraries/Ftp.php
View File

@@ -6,7 +6,7 @@
*
* This content is released under the MIT License (MIT)
*
* Copyright (c) 2014 - 2016, British Columbia Institute of Technology
* Copyright (c) 2014 - 2018, British Columbia Institute of Technology
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
@@ -29,7 +29,7 @@
* @package CodeIgniter
* @author EllisLab Dev Team
* @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/)
* @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/)
* @copyright Copyright (c) 2014 - 2018, British Columbia Institute of Technology (http://bcit.ca/)
* @license http://opensource.org/licenses/MIT MIT License
* @link https://codeigniter.com
* @since Version 1.0.0
@@ -486,7 +486,7 @@ class CI_FTP {
{
for ($i = 0, $c = count($list); $i < $c; $i++)
{
// If we can't delete the item it's probaly a directory,
// If we can't delete the item it's probably a directory,
// so we'll recursively call delete_dir()
if ( ! preg_match('#/\.\.?$#', $list[$i]) && ! @ftp_delete($this->conn_id, $list[$i]))
{

101
system/libraries/Image_lib.php
View File

@@ -6,7 +6,7 @@
*
* This content is released under the MIT License (MIT)
*
* Copyright (c) 2014 - 2016, British Columbia Institute of Technology
* Copyright (c) 2014 - 2018, British Columbia Institute of Technology
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
@@ -29,7 +29,7 @@
* @package CodeIgniter
* @author EllisLab Dev Team
* @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/)
* @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/)
* @copyright Copyright (c) 2014 - 2018, British Columbia Institute of Technology (http://bcit.ca/)
* @license http://opensource.org/licenses/MIT MIT License
* @link https://codeigniter.com
* @since Version 1.0.0
@@ -392,6 +392,16 @@ class CI_Image_lib {
$this->initialize($props);
}
/**
* A work-around for some improperly formatted, but
* usable JPEGs; known to be produced by Samsung
* smartphones' front-facing cameras.
*
* @see https://github.com/bcit-ci/CodeIgniter/issues/4967
* @see https://bugs.php.net/bug.php?id=72404
*/
ini_set('gd.jpeg_ignore_warning', 1);
log_message('info', 'Image Lib Class Initialized');
}
@@ -456,7 +466,7 @@ class CI_Image_lib {
{
if (property_exists($this, $key))
{
if (in_array($key, array('wm_font_color', 'wm_shadow_color')))
if (in_array($key, array('wm_font_color', 'wm_shadow_color'), TRUE))
{
if (preg_match('/^#?([0-9a-f]{3}|[0-9a-f]{6})$/i', $val, $matches))
{
@@ -478,6 +488,10 @@ class CI_Image_lib {
continue;
}
}
elseif (in_array($key, array('width', 'height'), TRUE) && ! ctype_digit((string) $val))
{
continue;
}
$this->$key = $val;
}
@@ -540,37 +554,30 @@ class CI_Image_lib {
*/
if ($this->new_image === '')
{
$this->dest_image = $this->source_image;
$this->dest_image = $this->source_image;
$this->dest_folder = $this->source_folder;
}
elseif (strpos($this->new_image, '/') === FALSE)
elseif (strpos($this->new_image, '/') === FALSE && strpos($this->new_image, '\\') === FALSE)
{
$this->dest_image = $this->new_image;
$this->dest_folder = $this->source_folder;
$this->dest_image = $this->new_image;
}
else
{
if (strpos($this->new_image, '/') === FALSE && strpos($this->new_image, '\\') === FALSE)
// Is there a file name?
if ( ! preg_match('#\.(jpg|jpeg|gif|png)$#i', $this->new_image))
{
$full_dest_path = str_replace('\\', '/', realpath($this->new_image));
$this->dest_image = $this->source_image;
$this->dest_folder = $this->new_image;
}
else
{
$full_dest_path = $this->new_image;
$x = explode('/', str_replace('\\', '/', $this->new_image));
$this->dest_image = end($x);
$this->dest_folder = str_replace($this->dest_image, '', $this->new_image);
}
// Is there a file name?
if ( ! preg_match('#\.(jpg|jpeg|gif|png)$#i', $full_dest_path))
{
$this->dest_folder = $full_dest_path.'/';
$this->dest_image = $this->source_image;
}
else
{
$x = explode('/', $full_dest_path);
$this->dest_image = end($x);
$this->dest_folder = str_replace($this->dest_image, '', $full_dest_path);
}
$this->dest_folder = realpath($this->dest_folder).'/';
}
/* Compile the finalized filenames/paths
@@ -828,7 +835,10 @@ class CI_Image_lib {
imagedestroy($dst_img);
imagedestroy($src_img);
chmod($this->full_dst_path, $this->file_permissions);
if ($this->dynamic_output !== TRUE)
{
chmod($this->full_dst_path, $this->file_permissions);
}
return TRUE;
}
@@ -862,27 +872,28 @@ class CI_Image_lib {
if ($action === 'crop')
{
$cmd .= ' -crop '.$this->width.'x'.$this->height.'+'.$this->x_axis.'+'.$this->y_axis.' "'.$this->full_src_path.'" "'.$this->full_dst_path .'" 2>&1';
$cmd .= ' -crop '.$this->width.'x'.$this->height.'+'.$this->x_axis.'+'.$this->y_axis;
}
elseif ($action === 'rotate')
{
$angle = ($this->rotation_angle === 'hor' OR $this->rotation_angle === 'vrt')
? '-flop' : '-rotate '.$this->rotation_angle;
$cmd .= ' '.$angle.' "'.$this->full_src_path.'" "'.$this->full_dst_path.'" 2>&1';
$cmd .= ($this->rotation_angle === 'hor' OR $this->rotation_angle === 'vrt')
? ' -flop'
: ' -rotate '.$this->rotation_angle;
}
else // Resize
{
if($this->maintain_ratio === TRUE)
{
$cmd .= ' -resize '.$this->width.'x'.$this->height.' "'.$this->full_src_path.'" "'.$this->full_dst_path.'" 2>&1';
$cmd .= ' -resize '.$this->width.'x'.$this->height;
}
else
{
$cmd .= ' -resize '.$this->width.'x'.$this->height.'\! "'.$this->full_src_path.'" "'.$this->full_dst_path.'" 2>&1';
$cmd .= ' -resize '.$this->width.'x'.$this->height.'\!';
}
}
$cmd .= ' '.escapeshellarg($this->full_src_path).' '.escapeshellarg($this->full_dst_path).' 2>&1';
$retval = 1;
// exec() might be disabled
if (function_usable('exec'))
@@ -964,7 +975,7 @@ class CI_Image_lib {
$cmd_inner = 'pnmscale -xysize '.$this->width.' '.$this->height;
}
$cmd = $this->library_path.$cmd_in.' '.$this->full_src_path.' | '.$cmd_inner.' | '.$cmd_out.' > '.$this->dest_folder.'netpbm.tmp';
$cmd = $this->library_path.$cmd_in.' '.escapeshellarg($this->full_src_path).' | '.$cmd_inner.' | '.$cmd_out.' > '.$this->dest_folder.'netpbm.tmp';
$retval = 1;
// exec() might be disabled
@@ -1641,25 +1652,31 @@ class CI_Image_lib {
}
$vals = getimagesize($path);
if ($vals === FALSE)
{
$this->set_error('imglib_invalid_image');
return FALSE;
}
$types = array(1 => 'gif', 2 => 'jpeg', 3 => 'png');
$mime = (isset($types[$vals[2]])) ? 'image/'.$types[$vals[2]] : 'image/jpg';
$mime = isset($types[$vals[2]]) ? 'image/'.$types[$vals[2]] : 'image/jpg';
if ($return === TRUE)
{
return array(
'width' => $vals[0],
'height' => $vals[1],
'image_type' => $vals[2],
'size_str' => $vals[3],
'mime_type' => $mime
);
'width' => $vals[0],
'height' => $vals[1],
'image_type' => $vals[2],
'size_str' => $vals[3],
'mime_type' => $mime
);
}
$this->orig_width = $vals[0];
$this->orig_height = $vals[1];
$this->image_type = $vals[2];
$this->size_str = $vals[3];
$this->mime_type = $mime;
$this->orig_width = $vals[0];
$this->orig_height = $vals[1];
$this->image_type = $vals[2];
$this->size_str = $vals[3];
$this->mime_type = $mime;
return TRUE;
}

4
system/libraries/Javascript.php
View File

@@ -6,7 +6,7 @@
*
* This content is released under the MIT License (MIT)
*
* Copyright (c) 2014 - 2016, British Columbia Institute of Technology
* Copyright (c) 2014 - 2018, British Columbia Institute of Technology
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
@@ -29,7 +29,7 @@
* @package CodeIgniter
* @author EllisLab Dev Team
* @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/)
* @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/)
* @copyright Copyright (c) 2014 - 2018, British Columbia Institute of Technology (http://bcit.ca/)
* @license http://opensource.org/licenses/MIT MIT License
* @link https://codeigniter.com
* @since Version 1.0.0

4
system/libraries/Javascript/Jquery.php
View File

@@ -6,7 +6,7 @@
*
* This content is released under the MIT License (MIT)
*
* Copyright (c) 2014 - 2016, British Columbia Institute of Technology
* Copyright (c) 2014 - 2018, British Columbia Institute of Technology
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
@@ -29,7 +29,7 @@
* @package CodeIgniter
* @author EllisLab Dev Team
* @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/)
* @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/)
* @copyright Copyright (c) 2014 - 2018, British Columbia Institute of Technology (http://bcit.ca/)
* @license http://opensource.org/licenses/MIT MIT License
* @link https://codeigniter.com
* @since Version 1.0.0

21
system/libraries/Migration.php
View File

@@ -6,7 +6,7 @@
*
* This content is released under the MIT License (MIT)
*
* Copyright (c) 2014 - 2016, British Columbia Institute of Technology
* Copyright (c) 2014 - 2018, British Columbia Institute of Technology
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
@@ -29,7 +29,7 @@
* @package CodeIgniter
* @author EllisLab Dev Team
* @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/)
* @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/)
* @copyright Copyright (c) 2014 - 2018, British Columbia Institute of Technology (http://bcit.ca/)
* @license http://opensource.org/licenses/MIT MIT License
* @link https://codeigniter.com
* @since Version 3.0.0
@@ -211,7 +211,7 @@ class CI_Migration {
if ($target_version > 0 && ! isset($migrations[$target_version]))
{
$this->_error_string = sprintf(lang('migration_not_found'), $target_version);
$this->_error_string = sprintf($this->lang->line('migration_not_found'), $target_version);
return FALSE;
}
@@ -272,7 +272,7 @@ class CI_Migration {
{
if (isset($previous) && abs($number - $previous) > 1)
{
$this->_error_string = sprintf(lang('migration_sequence_gap'), $number);
$this->_error_string = sprintf($this->lang->line('migration_sequence_gap'), $number);
return FALSE;
}
@@ -285,15 +285,12 @@ class CI_Migration {
// Validate the migration file structure
if ( ! class_exists($class, FALSE))
{
$this->_error_string = sprintf(lang('migration_class_doesnt_exist'), $class);
$this->_error_string = sprintf($this->lang->line('migration_class_doesnt_exist'), $class);
return FALSE;
}
// method_exists() returns true for non-public methods,
// while is_callable() can't be used without instantiating.
// Only get_class_methods() satisfies both conditions.
elseif ( ! in_array($method, array_map('strtolower', get_class_methods($class))))
elseif ( ! is_callable(array($class, $method)))
{
$this->_error_string = sprintf(lang('migration_missing_'.$method.'_method'), $class);
$this->_error_string = sprintf($this->lang->line('migration_missing_'.$method.'_method'), $class);
return FALSE;
}
@@ -336,7 +333,7 @@ class CI_Migration {
if (empty($migrations))
{
$this->_error_string = lang('migration_none_found');
$this->_error_string = $this->lang->line('migration_none_found');
return FALSE;
}
@@ -395,7 +392,7 @@ class CI_Migration {
// There cannot be duplicate migration numbers
if (isset($migrations[$number]))
{
$this->_error_string = sprintf(lang('migration_multiple_version'), $number);
$this->_error_string = sprintf($this->lang->line('migration_multiple_version'), $number);
show_error($this->_error_string);
}

13
system/libraries/Pagination.php
View File

@@ -6,7 +6,7 @@
*
* This content is released under the MIT License (MIT)
*
* Copyright (c) 2014 - 2016, British Columbia Institute of Technology
* Copyright (c) 2014 - 2018, British Columbia Institute of Technology
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
@@ -29,7 +29,7 @@
* @package CodeIgniter
* @author EllisLab Dev Team
* @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/)
* @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/)
* @copyright Copyright (c) 2014 - 2018, British Columbia Institute of Technology (http://bcit.ca/)
* @license http://opensource.org/licenses/MIT MIT License
* @link https://codeigniter.com
* @since Version 1.0.0
@@ -339,6 +339,10 @@ class CI_Pagination {
}
}
// _parse_attributes(), called by initialize(), needs to run at least once
// in order to enable "rel" attributes, and this triggers it.
isset($params['attributes']) OR $params['attributes'] = array();
$this->initialize($params);
log_message('info', 'Pagination Class Initialized');
}
@@ -353,8 +357,7 @@ class CI_Pagination {
*/
public function initialize(array $params = array())
{
isset($params['attributes']) OR $params['attributes'] = array();
if (is_array($params['attributes']))
if (isset($params['attributes']) && is_array($params['attributes']))
{
$this->_parse_attributes($params['attributes']);
unset($params['attributes']);
@@ -428,7 +431,7 @@ class CI_Pagination {
{
$get = $this->CI->input->get();
// Unset the controll, method, old-school routing options
// Unset the control, method, old-school routing options
unset($get['c'], $get['m'], $get[$this->query_string_segment]);
}
else

4
system/libraries/Parser.php
View File

@@ -6,7 +6,7 @@
*
* This content is released under the MIT License (MIT)
*
* Copyright (c) 2014 - 2016, British Columbia Institute of Technology
* Copyright (c) 2014 - 2018, British Columbia Institute of Technology
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
@@ -29,7 +29,7 @@
* @package CodeIgniter
* @author EllisLab Dev Team
* @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/)
* @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/)
* @copyright Copyright (c) 2014 - 2018, British Columbia Institute of Technology (http://bcit.ca/)
* @license http://opensource.org/licenses/MIT MIT License
* @link https://codeigniter.com
* @since Version 1.0.0

26
system/libraries/Profiler.php
View File

@@ -6,7 +6,7 @@
*
* This content is released under the MIT License (MIT)
*
* Copyright (c) 2014 - 2016, British Columbia Institute of Technology
* Copyright (c) 2014 - 2018, British Columbia Institute of Technology
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
@@ -29,7 +29,7 @@
* @package CodeIgniter
* @author EllisLab Dev Team
* @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/)
* @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/)
* @copyright Copyright (c) 2014 - 2018, British Columbia Institute of Technology (http://bcit.ca/)
* @license http://opensource.org/licenses/MIT MIT License
* @link https://codeigniter.com
* @since Version 1.0.0
@@ -316,7 +316,7 @@ class CI_Profiler {
{
is_int($key) OR $key = "'".htmlspecialchars($key, ENT_QUOTES, config_item('charset'))."'";
$val = (is_array($val) OR is_object($val))
? '<pre>'.htmlspecialchars(print_r($val, TRUE), ENT_QUOTES, config_item('charset'))
? '<pre>'.htmlspecialchars(print_r($val, TRUE), ENT_QUOTES, config_item('charset')).'</pre>'
: htmlspecialchars($val, ENT_QUOTES, config_item('charset'));
$output .= '<tr><td style="width:50%;color:#000;background-color:#ddd;padding:5px;">&#36;_GET['
@@ -356,7 +356,7 @@ class CI_Profiler {
{
is_int($key) OR $key = "'".htmlspecialchars($key, ENT_QUOTES, config_item('charset'))."'";
$val = (is_array($val) OR is_object($val))
? '<pre>'.htmlspecialchars(print_r($val, TRUE), ENT_QUOTES, config_item('charset'))
? '<pre>'.htmlspecialchars(print_r($val, TRUE), ENT_QUOTES, config_item('charset')).'</pre>'
: htmlspecialchars($val, ENT_QUOTES, config_item('charset'));
$output .= '<tr><td style="width:50%;padding:5px;color:#000;background-color:#ddd;">&#36;_POST['
@@ -368,7 +368,7 @@ class CI_Profiler {
{
is_int($key) OR $key = "'".htmlspecialchars($key, ENT_QUOTES, config_item('charset'))."'";
$val = (is_array($val) OR is_object($val))
? '<pre>'.htmlspecialchars(print_r($val, TRUE), ENT_QUOTES, config_item('charset'))
? '<pre>'.htmlspecialchars(print_r($val, TRUE), ENT_QUOTES, config_item('charset')).'</pre>'
: htmlspecialchars($val, ENT_QUOTES, config_item('charset'));
$output .= '<tr><td style="width:50%;padding:5px;color:#000;background-color:#ddd;">&#36;_FILES['
@@ -484,13 +484,19 @@ class CI_Profiler {
foreach ($this->CI->config->config as $config => $val)
{
$pre = '';
$pre_close = '';
if (is_array($val) OR is_object($val))
{
$val = print_r($val, TRUE);
$pre = '<pre>' ;
$pre_close = '</pre>';
}
$output .= '<tr><td style="padding:5px;vertical-align:top;color:#900;background-color:#ddd;">'
.$config.'&nbsp;&nbsp;</td><td style="padding:5px;color:#000;background-color:#ddd;">'.htmlspecialchars($val)."</td></tr>\n";
.$config.'&nbsp;&nbsp;</td><td style="padding:5px;color:#000;background-color:#ddd;">'.$pre.htmlspecialchars($val, ENT_QUOTES, config_item('charset')).$pre_close."</td></tr>\n";
}
return $output."</table>\n</fieldset>";
@@ -516,13 +522,19 @@ class CI_Profiler {
foreach ($this->CI->session->userdata() as $key => $val)
{
$pre = '';
$pre_close = '';
if (is_array($val) OR is_object($val))
{
$val = print_r($val, TRUE);
$pre = '<pre>' ;
$pre_close = '</pre>';
}
$output .= '<tr><td style="padding:5px;vertical-align:top;color:#900;background-color:#ddd;">'
.$key.'&nbsp;&nbsp;</td><td style="padding:5px;color:#000;background-color:#ddd;">'.htmlspecialchars($val)."</td></tr>\n";
.$key.'&nbsp;&nbsp;</td><td style="padding:5px;color:#000;background-color:#ddd;">'.$pre.htmlspecialchars($val, ENT_QUOTES, config_item('charset')).$pre_close."</td></tr>\n";
}
return $output."</table>\n</fieldset>";

97
system/libraries/Session/Session.php
View File

@@ -6,7 +6,7 @@
*
* This content is released under the MIT License (MIT)
*
* Copyright (c) 2014 - 2016, British Columbia Institute of Technology
* Copyright (c) 2014 - 2018, British Columbia Institute of Technology
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
@@ -29,7 +29,7 @@
* @package CodeIgniter
* @author EllisLab Dev Team
* @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/)
* @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/)
* @copyright Copyright (c) 2014 - 2018, British Columbia Institute of Technology (http://bcit.ca/)
* @license http://opensource.org/licenses/MIT MIT License
* @link https://codeigniter.com
* @since Version 2.0.0
@@ -57,6 +57,7 @@ class CI_Session {
protected $_driver = 'files';
protected $_config;
protected $_sid_regexp;
// ------------------------------------------------------------------------
@@ -91,6 +92,7 @@ class CI_Session {
// Note: BC workaround
elseif (config_item('sess_use_database'))
{
log_message('debug', 'Session: "sess_driver" is empty; using BC fallback to "sess_use_database".');
$this->_driver = 'database';
}
@@ -98,6 +100,7 @@ class CI_Session {
// Configuration ...
$this->_configure($params);
$this->_config['_sid_regexp'] = $this->_sid_regexp;
$class = new $class($this->_config);
if ($class instanceof SessionHandlerInterface)
@@ -130,7 +133,7 @@ class CI_Session {
if (isset($_COOKIE[$this->_config['cookie_name']])
&& (
! is_string($_COOKIE[$this->_config['cookie_name']])
OR ! preg_match('/^[0-9a-f]{40}$/', $_COOKIE[$this->_config['cookie_name']])
OR ! preg_match('#\A'.$this->_sid_regexp.'\z#', $_COOKIE[$this->_config['cookie_name']])
)
)
{
@@ -238,10 +241,8 @@ class CI_Session {
{
return $prefix.$class;
}
else
{
log_message('debug', 'Session: '.$prefix.$class.".php found but it doesn't declare class ".$prefix.$class.'.');
}
log_message('debug', 'Session: '.$prefix.$class.".php found but it doesn't declare class ".$prefix.$class.'.');
}
return 'CI_'.$class;
@@ -314,8 +315,82 @@ class CI_Session {
ini_set('session.use_strict_mode', 1);
ini_set('session.use_cookies', 1);
ini_set('session.use_only_cookies', 1);
ini_set('session.hash_function', 1);
ini_set('session.hash_bits_per_character', 4);
$this->_configure_sid_length();
}
// ------------------------------------------------------------------------
/**
* Configure session ID length
*
* To make life easier, we used to force SHA-1 and 4 bits per
* character on everyone. And of course, someone was unhappy.
*
* Then PHP 7.1 broke backwards-compatibility because ext/session
* is such a mess that nobody wants to touch it with a pole stick,
* and the one guy who does, nobody has the energy to argue with.
*
* So we were forced to make changes, and OF COURSE something was
* going to break and now we have this pile of shit. -- Narf
*
* @return void
*/
protected function _configure_sid_length()
{
if (PHP_VERSION_ID < 70100)
{
$hash_function = ini_get('session.hash_function');
if (ctype_digit($hash_function))
{
if ($hash_function !== '1')
{
ini_set('session.hash_function', 1);
}
$bits = 160;
}
elseif ( ! in_array($hash_function, hash_algos(), TRUE))
{
ini_set('session.hash_function', 1);
$bits = 160;
}
elseif (($bits = strlen(hash($hash_function, 'dummy', false)) * 4) < 160)
{
ini_set('session.hash_function', 1);
$bits = 160;
}
$bits_per_character = (int) ini_get('session.hash_bits_per_character');
$sid_length = (int) ceil($bits / $bits_per_character);
}
else
{
$bits_per_character = (int) ini_get('session.sid_bits_per_character');
$sid_length = (int) ini_get('session.sid_length');
if (($bits = $sid_length * $bits_per_character) < 160)
{
// Add as many more characters as necessary to reach at least 160 bits
$sid_length += (int) ceil((160 % $bits) / $bits_per_character);
ini_set('session.sid_length', $sid_length);
}
}
// Yes, 4,5,6 are the only known possible values as of 2016-10-27
switch ($bits_per_character)
{
case 4:
$this->_sid_regexp = '[0-9a-f]';
break;
case 5:
$this->_sid_regexp = '[0-9a-v]';
break;
case 6:
$this->_sid_regexp = '[0-9a-zA-Z,-]';
break;
}
$this->_sid_regexp .= '{'.$sid_length.'}';
}
// ------------------------------------------------------------------------
@@ -529,7 +604,7 @@ class CI_Session {
// ------------------------------------------------------------------------
/**
* Unmark flash
* Unmark temp
*
* @param mixed $key Session data key(s)
* @return void
@@ -729,7 +804,7 @@ class CI_Session {
*
* Legacy CI_Session compatibility method
*
* @param mixed $data Session data key(s)
* @param mixed $key Session data key(s)
* @return void
*/
public function unset_userdata($key)

4
system/libraries/Session/SessionHandlerInterface.php
View File

@@ -6,7 +6,7 @@
*
* This content is released under the MIT License (MIT)
*
* Copyright (c) 2014 - 2016, British Columbia Institute of Technology
* Copyright (c) 2014 - 2018, British Columbia Institute of Technology
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
@@ -29,7 +29,7 @@
* @package CodeIgniter
* @author EllisLab Dev Team
* @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/)
* @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/)
* @copyright Copyright (c) 2014 - 2018, British Columbia Institute of Technology (http://bcit.ca/)
* @license http://opensource.org/licenses/MIT MIT License
* @link https://codeigniter.com
* @since Version 3.0.0

21
system/libraries/Session/Session_driver.php
View File

@@ -6,7 +6,7 @@
*
* This content is released under the MIT License (MIT)
*
* Copyright (c) 2014 - 2016, British Columbia Institute of Technology
* Copyright (c) 2014 - 2018, British Columbia Institute of Technology
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
@@ -29,7 +29,7 @@
* @package CodeIgniter
* @author EllisLab Dev Team
* @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/)
* @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/)
* @copyright Copyright (c) 2014 - 2018, British Columbia Institute of Technology (http://bcit.ca/)
* @license http://opensource.org/licenses/MIT MIT License
* @link https://codeigniter.com
* @since Version 3.0.0
@@ -112,6 +112,23 @@ abstract class CI_Session_driver implements SessionHandlerInterface {
// ------------------------------------------------------------------------
/**
* PHP 5.x validate ID
*
* Enforces session.use_strict_mode on PHP 5.x (7+ does it by itself)
*
* @return void
*/
public function php5_validate_id()
{
if (PHP_VERSION_ID < 70000 && isset($_COOKIE[$this->_config['cookie_name']]) && ! $this->validateId($_COOKIE[$this->_config['cookie_name']]))
{
unset($_COOKIE[$this->_config['cookie_name']]);
}
}
// ------------------------------------------------------------------------
/**
* Cookie destroy
*

41
system/libraries/Session/drivers/Session_database_driver.php
View File

@@ -6,7 +6,7 @@
*
* This content is released under the MIT License (MIT)
*
* Copyright (c) 2014 - 2016, British Columbia Institute of Technology
* Copyright (c) 2014 - 2018, British Columbia Institute of Technology
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
@@ -29,7 +29,7 @@
* @package CodeIgniter
* @author EllisLab Dev Team
* @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/)
* @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/)
* @copyright Copyright (c) 2014 - 2018, British Columbia Institute of Technology (http://bcit.ca/)
* @license http://opensource.org/licenses/MIT MIT License
* @link https://codeigniter.com
* @since Version 3.0.0
@@ -109,7 +109,10 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan
}
// Note: BC work-around for the old 'sess_table_name' setting, should be removed in the future.
isset($this->_config['save_path']) OR $this->_config['save_path'] = config_item('sess_table_name');
if ( ! isset($this->_config['save_path']) && ($this->_config['save_path'] = config_item('sess_table_name')))
{
log_message('debug', 'Session: "sess_save_path" is empty; using BC fallback to "sess_table_name".');
}
}
// ------------------------------------------------------------------------
@@ -130,6 +133,8 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan
return $this->_fail();
}
$this->php5_validate_id();
return $this->_success;
}
@@ -206,7 +211,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan
$this->_db->reset_query();
// Was the ID regenerated?
if ($session_id !== $this->_session_id)
if (isset($this->_session_id) && $session_id !== $this->_session_id)
{
if ( ! $this->_release_lock() OR ! $this->_get_lock($session_id))
{
@@ -337,6 +342,30 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan
: $this->_fail();
}
// --------------------------------------------------------------------
/**
* Validate ID
*
* Checks whether a session ID record exists server-side,
* to enforce session.use_strict_mode.
*
* @param string $id
* @return bool
*/
public function validateId($id)
{
// Prevent previous QB calls from messing with our queries
$this->_db->reset_query();
$this->_db->select('1')->from($this->_config['save_path'])->where('id', $id);
empty($this->_config['match_ip']) OR $this->_db->where('ip_address', $_SERVER['REMOTE_ADDR']);
$result = $this->_db->get();
empty($result) OR $result = $result->row();
return ! empty($result);
}
// ------------------------------------------------------------------------
/**
@@ -351,7 +380,7 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan
{
if ($this->_platform === 'mysql')
{
$arg = $session_id.($this->_config['match_ip'] ? '_'.$_SERVER['REMOTE_ADDR'] : '');
$arg = md5($session_id.($this->_config['match_ip'] ? '_'.$_SERVER['REMOTE_ADDR'] : ''));
if ($this->_db->query("SELECT GET_LOCK('".$arg."', 300) AS ci_session_lock")->row()->ci_session_lock)
{
$this->_lock = $arg;
@@ -414,4 +443,4 @@ class CI_Session_database_driver extends CI_Session_driver implements SessionHan
return parent::_release_lock();
}
}
}

83
system/libraries/Session/drivers/Session_files_driver.php
View File

@@ -6,7 +6,7 @@
*
* This content is released under the MIT License (MIT)
*
* Copyright (c) 2014 - 2016, British Columbia Institute of Technology
* Copyright (c) 2014 - 2018, British Columbia Institute of Technology
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
@@ -29,7 +29,7 @@
* @package CodeIgniter
* @author EllisLab Dev Team
* @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/)
* @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/)
* @copyright Copyright (c) 2014 - 2018, British Columbia Institute of Technology (http://bcit.ca/)
* @license http://opensource.org/licenses/MIT MIT License
* @link https://codeigniter.com
* @since Version 3.0.0
@@ -76,6 +76,20 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle
*/
protected $_file_new;
/**
* Validate SID regular expression
*
* @var string
*/
protected $_sid_regexp;
/**
* mbstring.func_overload flag
*
* @var bool
*/
protected static $func_overload;
// ------------------------------------------------------------------------
/**
@@ -95,8 +109,13 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle
}
else
{
log_message('debug', 'Session: "sess_save_path" is empty; using "session.save_path" value from php.ini.');
$this->_config['save_path'] = rtrim(ini_get('session.save_path'), '/\\');
}
$this->_sid_regexp = $this->_config['_sid_regexp'];
isset(self::$func_overload) OR self::$func_overload = (extension_loaded('mbstring') && ini_get('mbstring.func_overload'));
}
// ------------------------------------------------------------------------
@@ -129,6 +148,8 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle
.$name // we'll use the session cookie name as a prefix to avoid collisions
.($this->_config['match_ip'] ? md5($_SERVER['REMOTE_ADDR']) : '');
$this->php5_validate_id();
return $this->_success;
}
@@ -148,18 +169,9 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle
// which re-reads session data
if ($this->_file_handle === NULL)
{
// Just using fopen() with 'c+b' mode would be perfect, but it is only
// available since PHP 5.2.6 and we have to set permissions for new files,
// so we'd have to hack around this ...
if (($this->_file_new = ! file_exists($this->_file_path.$session_id)) === TRUE)
{
if (($this->_file_handle = fopen($this->_file_path.$session_id, 'w+b')) === FALSE)
{
log_message('error', "Session: File '".$this->_file_path.$session_id."' doesn't exist and cannot be created.");
return $this->_failure;
}
}
elseif (($this->_file_handle = fopen($this->_file_path.$session_id, 'r+b')) === FALSE)
$this->_file_new = ! file_exists($this->_file_path.$session_id);
if (($this->_file_handle = fopen($this->_file_path.$session_id, 'c+b')) === FALSE)
{
log_message('error', "Session: Unable to open file '".$this->_file_path.$session_id."'.");
return $this->_failure;
@@ -195,7 +207,7 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle
}
$session_data = '';
for ($read = 0, $length = filesize($this->_file_path.$session_id); $read < $length; $read += strlen($buffer))
for ($read = 0, $length = filesize($this->_file_path.$session_id); $read < $length; $read += self::strlen($buffer))
{
if (($buffer = fread($this->_file_handle, $length - $read)) === FALSE)
{
@@ -351,10 +363,13 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle
$ts = time() - $maxlifetime;
$pattern = ($this->_config['match_ip'] === TRUE)
? '[0-9a-f]{32}'
: '';
$pattern = sprintf(
'/^%s[0-9a-f]{%d}$/',
preg_quote($this->_config['cookie_name'], '/'),
($this->_config['match_ip'] === TRUE ? 72 : 40)
'#\A%s'.$pattern.$this->_sid_regexp.'\z#',
preg_quote($this->_config['cookie_name'])
);
while (($file = readdir($directory)) !== FALSE)
@@ -376,4 +391,34 @@ class CI_Session_files_driver extends CI_Session_driver implements SessionHandle
return $this->_success;
}
}
// --------------------------------------------------------------------
/**
* Validate ID
*
* Checks whether a session ID record exists server-side,
* to enforce session.use_strict_mode.
*
* @param string $id
* @return bool
*/
public function validateId($id)
{
return is_file($this->_file_path.$id);
}
// --------------------------------------------------------------------
/**
* Byte-safe strlen()
*
* @param string $str
* @return int
*/
protected static function strlen($str)
{
return (self::$func_overload)
? mb_strlen($str, '8bit')
: strlen($str);
}
}

71
system/libraries/Session/drivers/Session_memcached_driver.php
View File

@@ -6,7 +6,7 @@
*
* This content is released under the MIT License (MIT)
*
* Copyright (c) 2014 - 2016, British Columbia Institute of Technology
* Copyright (c) 2014 - 2018, British Columbia Institute of Technology
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
@@ -29,7 +29,7 @@
* @package CodeIgniter
* @author EllisLab Dev Team
* @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/)
* @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/)
* @copyright Copyright (c) 2014 - 2018, British Columbia Institute of Technology (http://bcit.ca/)
* @license http://opensource.org/licenses/MIT MIT License
* @link https://codeigniter.com
* @since Version 3.0.0
@@ -145,6 +145,8 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa
return $this->_fail();
}
$this->php5_validate_id();
return $this->_success;
}
@@ -186,7 +188,7 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa
*/
public function write($session_id, $session_data)
{
if ( ! isset($this->_memcached))
if ( ! isset($this->_memcached, $this->_lock_key))
{
return $this->_fail();
}
@@ -202,32 +204,25 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa
$this->_session_id = $session_id;
}
if (isset($this->_lock_key))
$key = $this->_key_prefix.$session_id;
$this->_memcached->replace($this->_lock_key, time(), 300);
if ($this->_fingerprint !== ($fingerprint = md5($session_data)))
{
$key = $this->_key_prefix.$session_id;
$this->_memcached->replace($this->_lock_key, time(), 300);
if ($this->_fingerprint !== ($fingerprint = md5($session_data)))
{
if (
$this->_memcached->replace($key, $session_data, $this->_config['expiration'])
OR ($this->_memcached->getResultCode() === Memcached::RES_NOTFOUND && $this->_memcached->set($key, $session_data, $this->_config['expiration']))
)
{
$this->_fingerprint = $fingerprint;
return $this->_success;
}
return $this->_fail();
}
if (
$this->_memcached->touch($key, $this->_config['expiration'])
OR ($this->_memcached->getResultCode() === Memcached::RES_NOTFOUND && $this->_memcached->set($key, $session_data, $this->_config['expiration']))
)
if ($this->_memcached->set($key, $session_data, $this->_config['expiration']))
{
$this->_fingerprint = $fingerprint;
return $this->_success;
}
return $this->_fail();
}
elseif (
$this->_memcached->touch($key, $this->_config['expiration'])
OR ($this->_memcached->getResultCode() === Memcached::RES_NOTFOUND && $this->_memcached->set($key, $session_data, $this->_config['expiration']))
)
{
return $this->_success;
}
return $this->_fail();
@@ -297,6 +292,23 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa
return $this->_success;
}
// --------------------------------------------------------------------
/**
* Validate ID
*
* Checks whether a session ID record exists server-side,
* to enforce session.use_strict_mode.
*
* @param string $id
* @return bool
*/
public function validateId($id)
{
$this->_memcached-get($this->_key_prefix.$id);
return ($this->_memcached->getResultCode() === Memcached::RES_SUCCESS);
}
// ------------------------------------------------------------------------
/**
@@ -317,9 +329,11 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa
if ( ! $this->_memcached->replace($this->_lock_key, time(), 300))
{
return ($this->_memcached->getResultCode() === Memcached::RES_NOTFOUND)
? $this->_memcached->set($this->_lock_key, time(), 300)
? $this->_memcached->add($this->_lock_key, time(), 300)
: FALSE;
}
return TRUE;
}
// 30 attempts to obtain a lock, in case another request already has it
@@ -333,7 +347,8 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa
continue;
}
if ( ! $this->_memcached->set($lock_key, time(), 300))
$method = ($this->_memcached->getResultCode() === Memcached::RES_NOTFOUND) ? 'add' : 'set';
if ( ! $this->_memcached->$method($lock_key, time(), 300))
{
log_message('error', 'Session: Error while trying to obtain lock for '.$this->_key_prefix.$session_id);
return FALSE;
@@ -379,4 +394,4 @@ class CI_Session_memcached_driver extends CI_Session_driver implements SessionHa
return TRUE;
}
}
}

59
system/libraries/Session/drivers/Session_redis_driver.php
View File

@@ -6,7 +6,7 @@
*
* This content is released under the MIT License (MIT)
*
* Copyright (c) 2014 - 2016, British Columbia Institute of Technology
* Copyright (c) 2014 - 2018, British Columbia Institute of Technology
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
@@ -29,7 +29,7 @@
* @package CodeIgniter
* @author EllisLab Dev Team
* @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/)
* @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/)
* @copyright Copyright (c) 2014 - 2018, British Columbia Institute of Technology (http://bcit.ca/)
* @license http://opensource.org/licenses/MIT MIT License
* @link https://codeigniter.com
* @since Version 3.0.0
@@ -51,7 +51,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle
/**
* phpRedis instance
*
* @var resource
* @var Redis
*/
protected $_redis;
@@ -153,6 +153,8 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle
return $this->_success;
}
$this->php5_validate_id();
return $this->_fail();
}
@@ -199,7 +201,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle
*/
public function write($session_id, $session_data)
{
if ( ! isset($this->_redis))
if ( ! isset($this->_redis, $this->_lock_key))
{
return $this->_fail();
}
@@ -215,27 +217,22 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle
$this->_session_id = $session_id;
}
if (isset($this->_lock_key))
$this->_redis->setTimeout($this->_lock_key, 300);
if ($this->_fingerprint !== ($fingerprint = md5($session_data)) OR $this->_key_exists === FALSE)
{
$this->_redis->setTimeout($this->_lock_key, 300);
if ($this->_fingerprint !== ($fingerprint = md5($session_data)) OR $this->_key_exists === FALSE)
if ($this->_redis->set($this->_key_prefix.$session_id, $session_data, $this->_config['expiration']))
{
if ($this->_redis->set($this->_key_prefix.$session_id, $session_data, $this->_config['expiration']))
{
$this->_fingerprint = $fingerprint;
$this->_key_exists = TRUE;
return $this->_success;
}
return $this->_fail();
$this->_fingerprint = $fingerprint;
$this->_key_exists = TRUE;
return $this->_success;
}
return ($this->_redis->setTimeout($this->_key_prefix.$session_id, $this->_config['expiration']))
? $this->_success
: $this->_fail();
return $this->_fail();
}
return $this->_fail();
return ($this->_redis->setTimeout($this->_key_prefix.$session_id, $this->_config['expiration']))
? $this->_success
: $this->_fail();
}
// ------------------------------------------------------------------------
@@ -255,7 +252,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle
if ($this->_redis->ping() === '+PONG')
{
$this->_release_lock();
if ($this->_redis->close() === $this->_failure)
if ($this->_redis->close() === FALSE)
{
return $this->_fail();
}
@@ -315,6 +312,22 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle
return $this->_success;
}
// --------------------------------------------------------------------
/**
* Validate ID
*
* Checks whether a session ID record exists server-side,
* to enforce session.use_strict_mode.
*
* @param string $id
* @return bool
*/
public function validateId($id)
{
return (bool) $this->_redis->exists($this->_key_prefix.$id);
}
// ------------------------------------------------------------------------
/**
@@ -346,7 +359,11 @@ class CI_Session_redis_driver extends CI_Session_driver implements SessionHandle
continue;
}
if ( ! $this->_redis->setex($lock_key, 300, time()))
$result = ($ttl === -2)
? $this->_redis->set($lock_key, time(), array('nx', 'ex' => 300))
: $this->_redis->setex($lock_key, 300, time());
if ( ! $result)
{
log_message('error', 'Session: Error while trying to obtain lock for '.$this->_key_prefix.$session_id);
return FALSE;

7
system/libraries/Table.php
View File

@@ -6,7 +6,7 @@
*
* This content is released under the MIT License (MIT)
*
* Copyright (c) 2014 - 2016, British Columbia Institute of Technology
* Copyright (c) 2014 - 2018, British Columbia Institute of Technology
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
@@ -29,7 +29,7 @@
* @package CodeIgniter
* @author EllisLab Dev Team
* @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/)
* @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/)
* @copyright Copyright (c) 2014 - 2018, British Columbia Institute of Technology (http://bcit.ca/)
* @license http://opensource.org/licenses/MIT MIT License
* @link https://codeigniter.com
* @since Version 1.3.1
@@ -277,6 +277,7 @@ class CI_Table {
public function set_caption($caption)
{
$this->caption = $caption;
return $this;
}
// --------------------------------------------------------------------
@@ -434,7 +435,7 @@ class CI_Table {
/**
* Set table data from a database result object
*
* @param CI_DB_result $db_result Database result object
* @param CI_DB_result $object Database result object
* @return void
*/
protected function _set_from_db_result($object)

6
system/libraries/Trackback.php
View File

@@ -6,7 +6,7 @@
*
* This content is released under the MIT License (MIT)
*
* Copyright (c) 2014 - 2016, British Columbia Institute of Technology
* Copyright (c) 2014 - 2018, British Columbia Institute of Technology
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
@@ -29,7 +29,7 @@
* @package CodeIgniter
* @author EllisLab Dev Team
* @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/)
* @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/)
* @copyright Copyright (c) 2014 - 2018, British Columbia Institute of Technology (http://bcit.ca/)
* @license http://opensource.org/licenses/MIT MIT License
* @link https://codeigniter.com
* @since Version 1.0.0
@@ -370,7 +370,7 @@ class CI_Trackback {
{
$url = trim($url);
if (strpos($url, 'http') !== 0)
if (stripos($url, 'http') !== 0)
{
$url = 'http://'.$url;
}

6
system/libraries/Typography.php
View File

@@ -6,7 +6,7 @@
*
* This content is released under the MIT License (MIT)
*
* Copyright (c) 2014 - 2016, British Columbia Institute of Technology
* Copyright (c) 2014 - 2018, British Columbia Institute of Technology
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
@@ -29,7 +29,7 @@
* @package CodeIgniter
* @author EllisLab Dev Team
* @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/)
* @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/)
* @copyright Copyright (c) 2014 - 2018, British Columbia Institute of Technology (http://bcit.ca/)
* @license http://opensource.org/licenses/MIT MIT License
* @link https://codeigniter.com
* @since Version 1.0.0
@@ -241,7 +241,7 @@ class CI_Typography {
// Clean up stray paragraph tags that appear before block level elements
'#<p></p><('.$this->block_elements.')#' => '<$1',
// Clean up stray non-breaking spaces preceeding block elements
// Clean up stray non-breaking spaces preceding block elements
'#(&nbsp;\s*)+<('.$this->block_elements.')#' => ' <$2',
// Replace the temporary markers we added earlier

7
system/libraries/Unit_test.php
View File

@@ -6,7 +6,7 @@
*
* This content is released under the MIT License (MIT)
*
* Copyright (c) 2014 - 2016, British Columbia Institute of Technology
* Copyright (c) 2014 - 2018, British Columbia Institute of Technology
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
@@ -29,7 +29,7 @@
* @package CodeIgniter
* @author EllisLab Dev Team
* @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/)
* @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/)
* @copyright Copyright (c) 2014 - 2018, British Columbia Institute of Technology (http://bcit.ca/)
* @license http://opensource.org/licenses/MIT MIT License
* @link https://codeigniter.com
* @since Version 1.3.1
@@ -154,7 +154,6 @@ class CI_Unit_test {
if (in_array($expected, array('is_object', 'is_string', 'is_bool', 'is_true', 'is_false', 'is_int', 'is_numeric', 'is_float', 'is_double', 'is_array', 'is_null', 'is_resource'), TRUE))
{
$expected = str_replace('is_double', 'is_float', $expected);
$result = $expected($test);
$extype = str_replace(array('true', 'false'), 'bool', str_replace('is_', '', $expected));
}
@@ -291,7 +290,7 @@ class CI_Unit_test {
{
continue;
}
elseif (in_array($key, array('test_name', 'test_datatype', 'test_res_datatype', 'result'), TRUE))
elseif (in_array($key, array('test_name', 'test_datatype', 'res_datatype', 'result'), TRUE))
{
if (FALSE !== ($line = $CI->lang->line(strtolower('ut_'.$val), FALSE)))
{

52
system/libraries/Upload.php
View File

@@ -6,7 +6,7 @@
*
* This content is released under the MIT License (MIT)
*
* Copyright (c) 2014 - 2016, British Columbia Institute of Technology
* Copyright (c) 2014 - 2018, British Columbia Institute of Technology
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
@@ -29,7 +29,7 @@
* @package CodeIgniter
* @author EllisLab Dev Team
* @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/)
* @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/)
* @copyright Copyright (c) 2014 - 2018, British Columbia Institute of Technology (http://bcit.ca/)
* @license http://opensource.org/licenses/MIT MIT License
* @link https://codeigniter.com
* @since Version 1.0.0
@@ -286,7 +286,7 @@ class CI_Upload {
/**
* Constructor
*
* @param array $props
* @param array $config
* @return void
*/
public function __construct($config = array())
@@ -601,7 +601,7 @@ class CI_Upload {
'file_type' => $this->file_type,
'file_path' => $this->upload_path,
'full_path' => $this->upload_path.$this->file_name,
'raw_name' => str_replace($this->file_ext, '', $this->file_name),
'raw_name' => substr($this->file_name, 0, -strlen($this->file_ext)),
'orig_name' => $this->orig_name,
'client_name' => $this->client_name,
'file_ext' => $this->file_ext,
@@ -678,10 +678,8 @@ class CI_Upload {
$this->set_error('upload_bad_filename', 'debug');
return FALSE;
}
else
{
return $new_filename;
}
return $new_filename;
}
// --------------------------------------------------------------------
@@ -1083,16 +1081,27 @@ class CI_Upload {
return FALSE;
}
if (memory_get_usage() && ($memory_limit = ini_get('memory_limit')))
if (memory_get_usage() && ($memory_limit = ini_get('memory_limit')) > 0)
{
$memory_limit *= 1024 * 1024;
// There was a bug/behavioural change in PHP 5.2, where numbers over one million get output
// into scientific notation. number_format() ensures this number is an integer
// http://bugs.php.net/bug.php?id=43053
$memory_limit = number_format(ceil(filesize($file) + $memory_limit), 0, '.', '');
$memory_limit = str_split($memory_limit, strspn($memory_limit, '1234567890'));
if ( ! empty($memory_limit[1]))
{
switch ($memory_limit[1][0])
{
case 'g':
case 'G':
$memory_limit[0] *= 1024 * 1024 * 1024;
break;
case 'm':
case 'M':
$memory_limit[0] *= 1024 * 1024;
break;
default:
break;
}
}
$memory_limit = (int) ceil(filesize($file) + $memory_limit[0]);
ini_set('memory_limit', $memory_limit); // When an integer is used, the value is measured in bytes. - PHP.net
}
@@ -1207,10 +1216,13 @@ class CI_Upload {
// We'll need this to validate the MIME info string (e.g. text/plain; charset=us-ascii)
$regexp = '/^([a-z\-]+\/[a-z0-9\-\.\+]+)(;\s.+)?$/';
/* Fileinfo extension - most reliable method
/**
* Fileinfo extension - most reliable method
*
* Unfortunately, prior to PHP 5.3 - it's only available as a PECL extension and the
* more convenient FILEINFO_MIME_TYPE flag doesn't exist.
* Apparently XAMPP, CentOS, cPanel and who knows what
* other PHP distribution channels EXPLICITLY DISABLE
* ext/fileinfo, which is otherwise enabled by default
* since PHP 5.3 ...
*/
if (function_exists('finfo_file'))
{
@@ -1298,7 +1310,7 @@ class CI_Upload {
}
}
// Fall back to the deprecated mime_content_type(), if available (still better than $_FILES[$field]['type'])
// Fall back to mime_content_type(), if available (still better than $_FILES[$field]['type'])
if (function_exists('mime_content_type'))
{
$this->file_type = @mime_content_type($file['tmp_name']);

10
system/libraries/User_agent.php
View File

@@ -6,7 +6,7 @@
*
* This content is released under the MIT License (MIT)
*
* Copyright (c) 2014 - 2016, British Columbia Institute of Technology
* Copyright (c) 2014 - 2018, British Columbia Institute of Technology
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
@@ -29,7 +29,7 @@
* @package CodeIgniter
* @author EllisLab Dev Team
* @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/)
* @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/)
* @copyright Copyright (c) 2014 - 2018, British Columbia Institute of Technology (http://bcit.ca/)
* @license http://opensource.org/licenses/MIT MIT License
* @link https://codeigniter.com
* @since Version 1.0.0
@@ -173,13 +173,11 @@ class CI_User_agent {
*/
public function __construct()
{
$this->_load_agent_file();
if (isset($_SERVER['HTTP_USER_AGENT']))
{
$this->agent = trim($_SERVER['HTTP_USER_AGENT']);
}
if ($this->agent !== NULL && $this->_load_agent_file())
{
$this->_compile_data();
}

51
system/libraries/Xmlrpc.php
View File

@@ -6,7 +6,7 @@
*
* This content is released under the MIT License (MIT)
*
* Copyright (c) 2014 - 2016, British Columbia Institute of Technology
* Copyright (c) 2014 - 2018, British Columbia Institute of Technology
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
@@ -29,7 +29,7 @@
* @package CodeIgniter
* @author EllisLab Dev Team
* @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/)
* @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/)
* @copyright Copyright (c) 2014 - 2018, British Columbia Institute of Technology (http://bcit.ca/)
* @license http://opensource.org/licenses/MIT MIT License
* @link https://codeigniter.com
* @since Version 1.0.0
@@ -238,7 +238,7 @@ class CI_Xmlrpc {
public $result;
/**
* XML-RPC Reponse
* XML-RPC Response
*
* @var array
*/
@@ -352,7 +352,7 @@ class CI_Xmlrpc {
*/
public function server($url, $port = 80, $proxy = FALSE, $proxy_port = 8080)
{
if (strpos($url, 'http') !== 0)
if (stripos($url, 'http') !== 0)
{
$url = 'http://'.$url;
}
@@ -460,7 +460,7 @@ class CI_Xmlrpc {
{
if (is_array($value[0]) && ($value[1] === 'struct' OR $value[1] === 'array'))
{
while (list($k) = each($value[0]))
foreach (array_keys($value[0]) as $k)
{
$value[0][$k] = $this->values_parsing($value[0][$k]);
}
@@ -735,6 +735,8 @@ class XML_RPC_Client extends CI_Xmlrpc
.'Content-Length: '.strlen($msg->payload).$r.$r
.$msg->payload;
stream_set_timeout($fp, $this->timeout); // set timeout for subsequent operations
for ($written = $timestamp = 0, $length = strlen($op); $written < $length; $written += $result)
{
if (($result = fwrite($fp, substr($op, $written))) === FALSE)
@@ -753,9 +755,6 @@ class XML_RPC_Client extends CI_Xmlrpc
$result = FALSE;
break;
}
usleep(250000);
continue;
}
else
{
@@ -932,15 +931,15 @@ class XML_RPC_Response
if (is_array($array))
{
while (list($key) = each($array))
foreach ($array as $key => &$value)
{
if (is_array($array[$key]))
if (is_array($value))
{
$array[$key] = $this->decode($array[$key]);
$array[$key] = $this->decode($value);
}
elseif ($this->xss_clean)
{
$array[$key] = $CI->security->xss_clean($array[$key]);
$array[$key] = $CI->security->xss_clean($value);
}
}
@@ -994,10 +993,11 @@ class XML_RPC_Response
reset($xmlrpc_val->me['struct']);
$arr = array();
while (list($key,$value) = each($xmlrpc_val->me['struct']))
foreach ($xmlrpc_val->me['struct'] as $key => &$value)
{
$arr[$key] = $this->xmlrpc_decoder($value);
}
return $arr;
}
}
@@ -1181,7 +1181,7 @@ class XML_RPC_Message extends CI_Xmlrpc
$data = implode("\r\n", $lines);
// Parse XML data
if ( ! xml_parse($parser, $data, count($data)))
if ( ! xml_parse($parser, $data, TRUE))
{
$errstr = sprintf('XML error: %s at line %d',
xml_error_string(xml_get_error_code($parser)),
@@ -1563,17 +1563,17 @@ class XML_RPC_Message extends CI_Xmlrpc
if ( ! empty($array))
{
while (list($key) = each($array))
foreach ($array as $key => &$value)
{
if (is_array($array[$key]))
if (is_array($value))
{
$array[$key] = $this->output_parameters($array[$key]);
$array[$key] = $this->output_parameters($value);
}
elseif ($key !== 'bits' && $this->xss_clean)
{
// 'bits' is for the MetaWeblog API image bits
// @todo - this needs to be made more general purpose
$array[$key] = $CI->security->xss_clean($array[$key]);
$array[$key] = $CI->security->xss_clean($value);
}
}
@@ -1633,7 +1633,7 @@ class XML_RPC_Message extends CI_Xmlrpc
reset($param->me['struct']);
$arr = array();
while (list($key,$value) = each($param->me['struct']))
foreach ($param->me['struct'] as $key => &$value)
{
$arr[$key] = $this->decode_message($value);
}
@@ -1824,7 +1824,7 @@ class XML_RPC_Values extends CI_Xmlrpc
// struct
$rs .= "<struct>\n";
reset($val);
while (list($key2, $val2) = each($val))
foreach ($val as $key2 => &$val2)
{
$rs .= "<member>\n<name>{$key2}</name>\n".$this->serializeval($val2)."</member>\n";
}
@@ -1885,11 +1885,9 @@ class XML_RPC_Values extends CI_Xmlrpc
*/
public function serializeval($o)
{
$ar = $o->me;
reset($ar);
list($typ, $val) = each($ar);
return "<value>\n".$this->serializedata($typ, $val)."</value>\n";
$array = $o->me;
list($value, $type) = array(reset($array), key($array));
return "<value>\n".$this->serializedata($type, $value)."</value>\n";
}
// --------------------------------------------------------------------
@@ -1901,8 +1899,7 @@ class XML_RPC_Values extends CI_Xmlrpc
*/
public function scalarval()
{
reset($this->me);
return current($this->me);
return reset($this->me);
}
// --------------------------------------------------------------------

32
system/libraries/Xmlrpcs.php
View File

@@ -6,7 +6,7 @@
*
* This content is released under the MIT License (MIT)
*
* Copyright (c) 2014 - 2016, British Columbia Institute of Technology
* Copyright (c) 2014 - 2018, British Columbia Institute of Technology
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
@@ -29,7 +29,7 @@
* @package CodeIgniter
* @author EllisLab Dev Team
* @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/)
* @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/)
* @copyright Copyright (c) 2014 - 2018, British Columbia Institute of Technology (http://bcit.ca/)
* @license http://opensource.org/licenses/MIT MIT License
* @link https://codeigniter.com
* @since Version 1.0.0
@@ -339,11 +339,11 @@ class CI_Xmlrpcs extends CI_Xmlrpc {
//-------------------------------------
$method_parts = explode('.', $this->methods[$methName]['function']);
$objectCall = (isset($method_parts[1]) && $method_parts[1] !== '');
$objectCall = ! empty($method_parts[1]);
if ($system_call === TRUE)
{
if ( ! is_callable(array($this,$method_parts[1])))
if ( ! is_callable(array($this, $method_parts[1])))
{
return new XML_RPC_Response(0, $this->xmlrpcerr['unknown_method'], $this->xmlrpcstr['unknown_method']);
}
@@ -400,17 +400,13 @@ class CI_Xmlrpcs extends CI_Xmlrpc {
}
elseif ($this->object === FALSE)
{
return get_instance()->$method_parts[1]($m);
}
else
{
return $this->object->$method_parts[1]($m);
return get_instance()->{$method_parts[1]}($m);
}
return $this->object->{$method_parts[1]}($m);
}
else
{
return call_user_func($this->methods[$methName]['function'], $m);
}
return call_user_func($this->methods[$methName]['function'], $m);
}
// --------------------------------------------------------------------
@@ -499,10 +495,8 @@ class CI_Xmlrpcs extends CI_Xmlrpc {
return new XML_RPC_Response(new XML_RPC_Values($docstring, 'string'));
}
else
{
return new XML_RPC_Response(0, $this->xmlrpcerr['introspect_unknown'], $this->xmlrpcstr['introspect_unknown']);
}
return new XML_RPC_Response(0, $this->xmlrpcerr['introspect_unknown'], $this->xmlrpcstr['introspect_unknown']);
}
// --------------------------------------------------------------------
@@ -584,7 +578,7 @@ class CI_Xmlrpcs extends CI_Xmlrpc {
return $this->multicall_error('nomethod');
}
list($scalar_type, $scalar_value) = each($methName->me);
list($scalar_value, $scalar_type) = array(reset($methName->me), key($methName->me));
$scalar_type = $scalar_type === $this->xmlrpcI4 ? $this->xmlrpcInt : $scalar_type;
if ($methName->kindOf() !== 'scalar' OR $scalar_type !== 'string')
@@ -604,7 +598,7 @@ class CI_Xmlrpcs extends CI_Xmlrpc {
return $this->multicall_error('notarray');
}
list($a, $b) = each($params->me);
list($b, $a) = array(reset($params->me), key($params->me));
$msg = new XML_RPC_Message($scalar_value);
for ($i = 0, $numParams = count($b); $i < $numParams; $i++)

78
system/libraries/Zip.php
View File

@@ -6,7 +6,7 @@
*
* This content is released under the MIT License (MIT)
*
* Copyright (c) 2014 - 2016, British Columbia Institute of Technology
* Copyright (c) 2014 - 2018, British Columbia Institute of Technology
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
@@ -29,7 +29,7 @@
* @package CodeIgniter
* @author EllisLab Dev Team
* @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/)
* @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/)
* @copyright Copyright (c) 2014 - 2018, British Columbia Institute of Technology (http://bcit.ca/)
* @license http://opensource.org/licenses/MIT MIT License
* @link https://codeigniter.com
* @since Version 1.0.0
@@ -105,6 +105,13 @@ class CI_Zip {
*/
public $compression_level = 2;
/**
* mbstring.func_overload flag
*
* @var bool
*/
protected static $func_overload;
/**
* Initialize zip compression class
*
@@ -112,6 +119,8 @@ class CI_Zip {
*/
public function __construct()
{
isset(self::$func_overload) OR self::$func_overload = (extension_loaded('mbstring') && ini_get('mbstring.func_overload'));
$this->now = time();
log_message('info', 'Zip Compression Class Initialized');
}
@@ -182,7 +191,7 @@ class CI_Zip {
.pack('V', 0) // crc32
.pack('V', 0) // compressed filesize
.pack('V', 0) // uncompressed filesize
.pack('v', strlen($dir)) // length of pathname
.pack('v', self::strlen($dir)) // length of pathname
.pack('v', 0) // extra field length
.$dir
// below is "data descriptor" segment
@@ -197,7 +206,7 @@ class CI_Zip {
.pack('V',0) // crc32
.pack('V',0) // compressed filesize
.pack('V',0) // uncompressed filesize
.pack('v', strlen($dir)) // length of pathname
.pack('v', self::strlen($dir)) // length of pathname
.pack('v', 0) // extra field length
.pack('v', 0) // file comment length
.pack('v', 0) // disk number start
@@ -206,7 +215,7 @@ class CI_Zip {
.pack('V', $this->offset) // relative offset of local header
.$dir;
$this->offset = strlen($this->zipdata);
$this->offset = self::strlen($this->zipdata);
$this->entries++;
}
@@ -255,10 +264,10 @@ class CI_Zip {
{
$filepath = str_replace('\\', '/', $filepath);
$uncompressed_size = strlen($data);
$uncompressed_size = self::strlen($data);
$crc32 = crc32($data);
$gzdata = substr(gzcompress($data, $this->compression_level), 2, -4);
$compressed_size = strlen($gzdata);
$gzdata = self::substr(gzcompress($data, $this->compression_level), 2, -4);
$compressed_size = self::strlen($gzdata);
$this->zipdata .=
"\x50\x4b\x03\x04\x14\x00\x00\x00\x08\x00"
@@ -267,7 +276,7 @@ class CI_Zip {
.pack('V', $crc32)
.pack('V', $compressed_size)
.pack('V', $uncompressed_size)
.pack('v', strlen($filepath)) // length of filename
.pack('v', self::strlen($filepath)) // length of filename
.pack('v', 0) // extra field length
.$filepath
.$gzdata; // "file data" segment
@@ -279,7 +288,7 @@ class CI_Zip {
.pack('V', $crc32)
.pack('V', $compressed_size)
.pack('V', $uncompressed_size)
.pack('v', strlen($filepath)) // length of filename
.pack('v', self::strlen($filepath)) // length of filename
.pack('v', 0) // extra field length
.pack('v', 0) // file comment length
.pack('v', 0) // disk number start
@@ -288,7 +297,7 @@ class CI_Zip {
.pack('V', $this->offset) // relative offset of local header
.$filepath;
$this->offset = strlen($this->zipdata);
$this->offset = self::strlen($this->zipdata);
$this->entries++;
$this->file_num++;
}
@@ -401,8 +410,8 @@ class CI_Zip {
.$this->directory."\x50\x4b\x05\x06\x00\x00\x00\x00"
.pack('v', $this->entries) // total # of entries "on this disk"
.pack('v', $this->entries) // total # of entries overall
.pack('V', strlen($this->directory)) // size of central dir
.pack('V', strlen($this->zipdata)) // offset to start of central dir
.pack('V', self::strlen($this->directory)) // size of central dir
.pack('V', self::strlen($this->zipdata)) // offset to start of central dir
."\x00\x00"; // .zip file comment length
}
@@ -425,9 +434,9 @@ class CI_Zip {
flock($fp, LOCK_EX);
for ($result = $written = 0, $data = $this->get_zip(), $length = strlen($data); $written < $length; $written += $result)
for ($result = $written = 0, $data = $this->get_zip(), $length = self::strlen($data); $written < $length; $written += $result)
{
if (($result = fwrite($fp, substr($data, $written))) === FALSE)
if (($result = fwrite($fp, self::substr($data, $written))) === FALSE)
{
break;
}
@@ -481,4 +490,43 @@ class CI_Zip {
return $this;
}
// --------------------------------------------------------------------
/**
* Byte-safe strlen()
*
* @param string $str
* @return int
*/
protected static function strlen($str)
{
return (self::$func_overload)
? mb_strlen($str, '8bit')
: strlen($str);
}
// --------------------------------------------------------------------
/**
* Byte-safe substr()
*
* @param string $str
* @param int $start
* @param int $length
* @return string
*/
protected static function substr($str, $start, $length = NULL)
{
if (self::$func_overload)
{
// mb_substr($str, $start, null, '8bit') returns an empty
// string on PHP 5.3
isset($length) OR $length = ($start >= 0 ? self::strlen($str) - $start : -$start);
return mb_substr($str, $start, $length, '8bit');
}
return isset($length)
? substr($str, $start, $length)
: substr($str, $start);
}
}