PsychoticNinja/Stikked
1
0
Fork 0
mirror of https://github.com/claudehohl/Stikked.git synced 2025-04-30 23:41:08 -05:00
Code Issues Projects Releases Wiki Activity

codeigniter 2.1.3

Browse Source
This commit is contained in:
Claude 2012-10-20 21:05:27 +02:00
parent 1cd3aad63a
commit 270fb37319
11 changed files with 106 additions and 117 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
htdocs/system/core/CodeIgniter.php
View File

@ -33,7 +33,7 @@
* @var string * @var string
* *
*/ */
define('CI_VERSION', '2.1.2'); define('CI_VERSION', '2.1.3');
/** /**
* CodeIgniter Branch (Core = TRUE, Reactor = FALSE) * CodeIgniter Branch (Core = TRUE, Reactor = FALSE)

2
htdocs/system/core/Common.php
View File

@ -187,7 +187,7 @@ if ( ! function_exists('load_class'))
*/ */
if ( ! function_exists('is_loaded')) if ( ! function_exists('is_loaded'))
{ {
function is_loaded($class = '') function &is_loaded($class = '')
{ {
static $_is_loaded = array(); static $_is_loaded = array();

12
htdocs/system/core/Config.php
View File

@ -99,12 +99,12 @@ class CI_Config {
$found = FALSE; $found = FALSE;
$loaded = FALSE; $loaded = FALSE;
$check_locations = defined('ENVIRONMENT')
? array(ENVIRONMENT.'/'.$file, $file)
: array($file);
foreach ($this->_config_paths as $path) foreach ($this->_config_paths as $path)
{ {
$check_locations = defined('ENVIRONMENT')
? array(ENVIRONMENT.'/'.$file, $file)
: array($file);
foreach ($check_locations as $location) foreach ($check_locations as $location)
{ {
$file_path = $path.'config/'.$location.'.php'; $file_path = $path.'config/'.$location.'.php';
@ -168,7 +168,7 @@ class CI_Config {
{ {
return FALSE; return FALSE;
} }
show_error('The configuration file '.$file.'.php'.' does not exist.'); show_error('The configuration file '.$file.'.php does not exist.');
} }
return TRUE; return TRUE;
@ -279,7 +279,7 @@ class CI_Config {
*/ */
function base_url($uri = '') function base_url($uri = '')
{ {
return $this->slash_item('base_url').ltrim($this->_uri_string($uri),'/'); return $this->slash_item('base_url').ltrim($this->_uri_string($uri), '/');
} }
// ------------------------------------------------------------- // -------------------------------------------------------------

71
htdocs/system/core/Input.php
View File

@ -73,13 +73,13 @@ class CI_Input {
*/ */
protected $headers = array(); protected $headers = array();
/** /**
* Constructor * Constructor
* *
* Sets whether to globally enable the XSS processing * Sets whether to globally enable the XSS processing
* and whether to allow the $_GET array * and whether to allow the $_GET array
* *
* @return void
*/ */
public function __construct() public function __construct()
{ {
@ -306,51 +306,50 @@ class CI_Input {
/** /**
* Fetch the IP Address * Fetch the IP Address
* *
* @access public
* @return string * @return string
*/ */
function ip_address() public function ip_address()
{ {
if ($this->ip_address !== FALSE) if ($this->ip_address !== FALSE)
{ {
return $this->ip_address; return $this->ip_address;
} }
if (config_item('proxy_ips') != '' && $this->server('HTTP_X_FORWARDED_FOR') && $this->server('REMOTE_ADDR')) $proxy_ips = config_item('proxy_ips');
if ( ! empty($proxy_ips))
{ {
$proxies = preg_split('/[\s,]/', config_item('proxy_ips'), -1, PREG_SPLIT_NO_EMPTY); $proxy_ips = explode(',', str_replace(' ', '', $proxy_ips));
$proxies = is_array($proxies) ? $proxies : array($proxies); foreach (array('HTTP_X_FORWARDED_FOR', 'HTTP_CLIENT_IP', 'HTTP_X_CLIENT_IP', 'HTTP_X_CLUSTER_CLIENT_IP') as $header)
{
if (($spoof = $this->server($header)) !== FALSE)
{
// Some proxies typically list the whole chain of IP
// addresses through which the client has reached us.
// e.g. client_ip, proxy_ip1, proxy_ip2, etc.
if (strpos($spoof, ',') !== FALSE)
{
$spoof = explode(',', $spoof, 2);
$spoof = $spoof[0];
}
$this->ip_address = in_array($_SERVER['REMOTE_ADDR'], $proxies) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR']; if ( ! $this->valid_ip($spoof))
{
$spoof = FALSE;
}
else
{
break;
}
}
}
$this->ip_address = ($spoof !== FALSE && in_array($_SERVER['REMOTE_ADDR'], $proxy_ips, TRUE))
? $spoof : $_SERVER['REMOTE_ADDR'];
} }
elseif ($this->server('REMOTE_ADDR') AND $this->server('HTTP_CLIENT_IP')) else
{
$this->ip_address = $_SERVER['HTTP_CLIENT_IP'];
}
elseif ($this->server('REMOTE_ADDR'))
{ {
$this->ip_address = $_SERVER['REMOTE_ADDR']; $this->ip_address = $_SERVER['REMOTE_ADDR'];
} }
elseif ($this->server('HTTP_CLIENT_IP'))
{
$this->ip_address = $_SERVER['HTTP_CLIENT_IP'];
}
elseif ($this->server('HTTP_X_FORWARDED_FOR'))
{
$this->ip_address = $_SERVER['HTTP_X_FORWARDED_FOR'];
}
if ($this->ip_address === FALSE)
{
$this->ip_address = '0.0.0.0';
return $this->ip_address;
}
if (strpos($this->ip_address, ',') !== FALSE)
{
$x = explode(',', $this->ip_address);
$this->ip_address = trim(end($x));
}
if ( ! $this->valid_ip($this->ip_address)) if ( ! $this->valid_ip($this->ip_address))
{ {
@ -642,8 +641,8 @@ class CI_Input {
$_SERVER['PHP_SELF'] = strip_tags($_SERVER['PHP_SELF']); $_SERVER['PHP_SELF'] = strip_tags($_SERVER['PHP_SELF']);
// CSRF Protection check // CSRF Protection check on HTTP requests
if ($this->_enable_csrf == TRUE) if ($this->_enable_csrf == TRUE && ! $this->is_cli_request())
{ {
$this->security->csrf_verify(); $this->security->csrf_verify();
} }
@ -837,11 +836,11 @@ class CI_Input {
* *
* Test to see if a request was made from the command line * Test to see if a request was made from the command line
* *
* @return boolean * @return bool
*/ */
public function is_cli_request() public function is_cli_request()
{ {
return (php_sapi_name() == 'cli') or defined('STDIN'); return (php_sapi_name() === 'cli' OR defined('STDIN'));
} }
} }

51
htdocs/system/core/Security.php
View File

@ -98,26 +98,32 @@ class CI_Security {
/** /**
* Constructor * Constructor
*
* @return void
*/ */
public function __construct() public function __construct()
{ {
// CSRF config // Is CSRF protection enabled?
foreach(array('csrf_expire', 'csrf_token_name', 'csrf_cookie_name') as $key) if (config_item('csrf_protection') === TRUE)
{ {
if (FALSE !== ($val = config_item($key))) // CSRF config
foreach (array('csrf_expire', 'csrf_token_name', 'csrf_cookie_name') as $key)
{ {
$this->{'_'.$key} = $val; if (FALSE !== ($val = config_item($key)))
{
$this->{'_'.$key} = $val;
}
} }
}
// Append application specific cookie prefix // Append application specific cookie prefix
if (config_item('cookie_prefix')) if (config_item('cookie_prefix'))
{ {
$this->_csrf_cookie_name = config_item('cookie_prefix').$this->_csrf_cookie_name; $this->_csrf_cookie_name = config_item('cookie_prefix').$this->_csrf_cookie_name;
} }
// Set the CSRF hash // Set the CSRF hash
$this->_csrf_set_hash(); $this->_csrf_set_hash();
}
log_message('debug', "Security Class Initialized"); log_message('debug', "Security Class Initialized");
} }
@ -131,15 +137,14 @@ class CI_Security {
*/ */
public function csrf_verify() public function csrf_verify()
{ {
// If no POST data exists we will set the CSRF cookie // If it's not a POST request we will set the CSRF cookie
if (count($_POST) == 0) if (strtoupper($_SERVER['REQUEST_METHOD']) !== 'POST')
{ {
return $this->csrf_set_cookie(); return $this->csrf_set_cookie();
} }
// Do the tokens exist in both the _POST and _COOKIE arrays? // Do the tokens exist in both the _POST and _COOKIE arrays?
if ( ! isset($_POST[$this->_csrf_token_name]) OR if ( ! isset($_POST[$this->_csrf_token_name], $_COOKIE[$this->_csrf_cookie_name]))
! isset($_COOKIE[$this->_csrf_cookie_name]))
{ {
$this->csrf_show_error(); $this->csrf_show_error();
} }
@ -159,7 +164,7 @@ class CI_Security {
$this->_csrf_set_hash(); $this->_csrf_set_hash();
$this->csrf_set_cookie(); $this->csrf_set_cookie();
log_message('debug', "CSRF token verified "); log_message('debug', 'CSRF token verified');
return $this; return $this;
} }
@ -176,14 +181,9 @@ class CI_Security {
$expire = time() + $this->_csrf_expire; $expire = time() + $this->_csrf_expire;
$secure_cookie = (config_item('cookie_secure') === TRUE) ? 1 : 0; $secure_cookie = (config_item('cookie_secure') === TRUE) ? 1 : 0;
if ($secure_cookie) if ($secure_cookie && (empty($_SERVER['HTTPS']) OR strtolower($_SERVER['HTTPS']) === 'off'))
{ {
$req = isset($_SERVER['HTTPS']) ? $_SERVER['HTTPS'] : FALSE; return FALSE;
if ( ! $req OR $req == 'off')
{
return FALSE;
}
} }
setcookie($this->_csrf_cookie_name, $this->_csrf_hash, $expire, config_item('cookie_path'), config_item('cookie_domain'), $secure_cookie); setcookie($this->_csrf_cookie_name, $this->_csrf_hash, $expire, config_item('cookie_path'), config_item('cookie_domain'), $secure_cookie);
@ -871,7 +871,6 @@ class CI_Security {
} }
} }
// END Security Class
/* End of file Security.php */ /* End of file Security.php */
/* Location: ./system/libraries/Security.php */ /* Location: ./system/libraries/Security.php */

10
htdocs/system/database/drivers/oci8/oci8_result.php
View File

@ -26,9 +26,9 @@
*/ */
class CI_DB_oci8_result extends CI_DB_result { class CI_DB_oci8_result extends CI_DB_result {
var $stmt_id; public $stmt_id;
var $curs_id; public $curs_id;
var $limit_used; public $limit_used;
/** /**
* Number of rows in the result set. * Number of rows in the result set.
@ -36,8 +36,6 @@ class CI_DB_oci8_result extends CI_DB_result {
* Oracle doesn't have a graceful way to retun the number of rows * Oracle doesn't have a graceful way to retun the number of rows
* so we have to use what amounts to a hack. * so we have to use what amounts to a hack.
* *
*
* @access public
* @return integer * @return integer
*/ */
public function num_rows() public function num_rows()
@ -53,7 +51,7 @@ class CI_DB_oci8_result extends CI_DB_result {
} }
} }
return $rowcount; return $this->num_rows;
} }
// -------------------------------------------------------------------- // --------------------------------------------------------------------

23
htdocs/system/database/drivers/pdo/pdo_result.php
View File

@ -26,26 +26,27 @@
*/ */
class CI_DB_pdo_result extends CI_DB_result { class CI_DB_pdo_result extends CI_DB_result {
public $num_rows;
/** /**
* Number of rows in the result set * Number of rows in the result set
* *
* @access public * @return int
* @return integer
*/ */
function num_rows() public function num_rows()
{ {
if (is_numeric(stripos($this->result_id->queryString, 'SELECT'))) if (is_int($this->num_rows))
{ {
$dbh = $this->conn_id; return $this->num_rows;
$query = $dbh->query($this->result_id->queryString);
$result = $query->fetchAll();
unset($dbh, $query);
return count($result);
} }
else elseif (($this->num_rows = $this->result_id->rowCount()) > 0)
{ {
return $this->result_id->rowCount(); return $this->num_rows;
} }
$this->num_rows = count($this->result_id->fetchAll());
$this->result_id->execute();
return $this->num_rows;
} }
// -------------------------------------------------------------------- // --------------------------------------------------------------------

11
htdocs/system/libraries/Cache/drivers/Cache_file.php
View File

@ -151,13 +151,12 @@ class CI_Cache_file extends CI_Driver {
{ {
return FALSE; return FALSE;
} }
$data = read_file($this->_cache_path.$id); $data = read_file($this->_cache_path.$id);
$data = unserialize($data); $data = unserialize($data);
if (is_array($data)) if (is_array($data))
{ {
$data = $data['data'];
$mtime = filemtime($this->_cache_path.$id); $mtime = filemtime($this->_cache_path.$id);
if ( ! isset($data['ttl'])) if ( ! isset($data['ttl']))
@ -166,11 +165,11 @@ class CI_Cache_file extends CI_Driver {
} }
return array( return array(
'expire' => $mtime + $data['ttl'], 'expire' => $mtime + $data['ttl'],
'mtime' => $mtime 'mtime' => $mtime
); );
} }
return FALSE; return FALSE;
} }

32
htdocs/system/libraries/Migration.php
View File

@ -57,7 +57,7 @@ class CI_Migration {
} }
// If not set, set it // If not set, set it
$this->_migration_path == '' OR $this->_migration_path = APPPATH . 'migrations/'; $this->_migration_path == '' AND $this->_migration_path = APPPATH . 'migrations/';
// Add trailing slash if not set // Add trailing slash if not set
$this->_migration_path = rtrim($this->_migration_path, '/').'/'; $this->_migration_path = rtrim($this->_migration_path, '/').'/';
@ -89,8 +89,7 @@ class CI_Migration {
* Calls each migration step required to get to the schema version of * Calls each migration step required to get to the schema version of
* choice * choice
* *
* @access public * @param int Target schema version
* @param $version integer Target schema version
* @return mixed TRUE if already latest, FALSE if failed, int if upgraded * @return mixed TRUE if already latest, FALSE if failed, int if upgraded
*/ */
public function version($target_version) public function version($target_version)
@ -105,14 +104,13 @@ class CI_Migration {
++$stop; ++$stop;
$step = 1; $step = 1;
} }
else else
{ {
// Moving Down // Moving Down
$step = -1; $step = -1;
} }
$method = $step === 1 ? 'up' : 'down'; $method = ($step === 1) ? 'up' : 'down';
$migrations = array(); $migrations = array();
// We now prepare to actually DO the migrations // We now prepare to actually DO the migrations
@ -216,7 +214,6 @@ class CI_Migration {
/** /**
* Set's the schema to the latest migration * Set's the schema to the latest migration
* *
* @access public
* @return mixed true if already latest, false if failed, int if upgraded * @return mixed true if already latest, false if failed, int if upgraded
*/ */
public function latest() public function latest()
@ -228,7 +225,7 @@ class CI_Migration {
} }
$last_migration = basename(end($migrations)); $last_migration = basename(end($migrations));
// Calculate the last migration step from existing migration // Calculate the last migration step from existing migration
// filenames and procceed to the standard version migration // filenames and procceed to the standard version migration
return $this->version((int) substr($last_migration, 0, 3)); return $this->version((int) substr($last_migration, 0, 3));
@ -239,7 +236,6 @@ class CI_Migration {
/** /**
* Set's the schema to the migration version set in config * Set's the schema to the migration version set in config
* *
* @access public
* @return mixed true if already current, false if failed, int if upgraded * @return mixed true if already current, false if failed, int if upgraded
*/ */
public function current() public function current()
@ -252,7 +248,6 @@ class CI_Migration {
/** /**
* Error string * Error string
* *
* @access public
* @return string Error message returned as a string * @return string Error message returned as a string
*/ */
public function error_string() public function error_string()
@ -265,7 +260,6 @@ class CI_Migration {
/** /**
* Set's the schema to the latest migration * Set's the schema to the latest migration
* *
* @access protected
* @return mixed true if already latest, false if failed, int if upgraded * @return mixed true if already latest, false if failed, int if upgraded
*/ */
protected function find_migrations() protected function find_migrations()
@ -273,7 +267,7 @@ class CI_Migration {
// Load all *_*.php files in the migrations path // Load all *_*.php files in the migrations path
$files = glob($this->_migration_path . '*_*.php'); $files = glob($this->_migration_path . '*_*.php');
$file_count = count($files); $file_count = count($files);
for ($i = 0; $i < $file_count; $i++) for ($i = 0; $i < $file_count; $i++)
{ {
// Mark wrongly formatted files as false for later filtering // Mark wrongly formatted files as false for later filtering
@ -283,9 +277,8 @@ class CI_Migration {
$files[$i] = FALSE; $files[$i] = FALSE;
} }
} }
sort($files);
sort($files);
return $files; return $files;
} }
@ -294,8 +287,7 @@ class CI_Migration {
/** /**
* Retrieves current schema version * Retrieves current schema version
* *
* @access protected * @return int Current Migration
* @return integer Current Migration
*/ */
protected function _get_version() protected function _get_version()
{ {
@ -308,9 +300,8 @@ class CI_Migration {
/** /**
* Stores the current schema version * Stores the current schema version
* *
* @access protected * @param int Migration reached
* @param $migrations integer Migration reached * @return bool
* @return void Outputs a report of the migration
*/ */
protected function _update_version($migrations) protected function _update_version($migrations)
{ {
@ -324,8 +315,7 @@ class CI_Migration {
/** /**
* Enable the use of CI super-global * Enable the use of CI super-global
* *
* @access public * @param mixed $var
* @param $var
* @return mixed * @return mixed
*/ */
public function __get($var) public function __get($var)

2
htdocs/system/libraries/Profiler.php
View File

@ -506,7 +506,7 @@ class CI_Profiler {
foreach ($this->CI->session->all_userdata() as $key => $val) foreach ($this->CI->session->all_userdata() as $key => $val)
{ {
if (is_array($val)) if (is_array($val) OR is_object($val))
{ {
$val = print_r($val, TRUE); $val = print_r($val, TRUE);
} }

7
htdocs/system/libraries/Session.php
View File

@ -97,7 +97,7 @@ class CI_Session {
{ {
$this->sess_expiration = (60*60*24*365*2); $this->sess_expiration = (60*60*24*365*2);
} }
// Set the cookie name // Set the cookie name
$this->sess_cookie_name = $this->cookie_prefix.$this->sess_cookie_name; $this->sess_cookie_name = $this->cookie_prefix.$this->sess_cookie_name;
@ -399,7 +399,7 @@ class CI_Session {
function sess_destroy() function sess_destroy()
{ {
// Kill the session DB row // Kill the session DB row
if ($this->sess_use_database === TRUE AND isset($this->userdata['session_id'])) if ($this->sess_use_database === TRUE && isset($this->userdata['session_id']))
{ {
$this->CI->db->where('session_id', $this->userdata['session_id']); $this->CI->db->where('session_id', $this->userdata['session_id']);
$this->CI->db->delete($this->sess_table_name); $this->CI->db->delete($this->sess_table_name);
@ -414,6 +414,9 @@ class CI_Session {
$this->cookie_domain, $this->cookie_domain,
0 0
); );
// Kill session data
$this->userdata = array();
} }
// -------------------------------------------------------------------- // --------------------------------------------------------------------