Updated to Code Igniter Version 3.1.11.

splintci · Jul 22, 2020 · 414ace3 · 414ace3
1 parent 78c7a19
commit 414ace3
Show file tree

Hide file tree

Showing 23 changed files with 180 additions and 127 deletions.
diff --git a/application/config/mimes.php b/application/config/mimes.php
@@ -140,7 +140,7 @@
 	'f4v'   =>	array('video/mp4', 'video/x-f4v'),
 	'flv'	=>	'video/x-flv',
 	'webm'	=>	'video/webm',
-	'aac'   =>	'audio/x-acc',
+	'aac'   =>	array('audio/x-aac', 'audio/aac'),
 	'm4u'   =>	'application/vnd.mpegurl',
 	'm3u'   =>	'text/plain',
 	'xspf'  =>	'application/xspf+xml',

diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php
@@ -55,7 +55,7 @@
  * @var	string
  *
  */
-	const CI_VERSION = '3.1.10';
+	const CI_VERSION = '3.1.11';
 
 /*
  * ------------------------------------------------------

diff --git a/system/core/Controller.php b/system/core/Controller.php
@@ -58,6 +58,13 @@ class CI_Controller {
 	 */
 	private static $instance;
 
+	/**
+	 * CI_Loader
+	 *
+	 * @var	CI_Loader
+	 */
+	public $load;
+
 	/**
 	 * Class constructor
 	 *

diff --git a/system/core/Log.php b/system/core/Log.php
@@ -247,11 +247,11 @@ public function write_log($level, $msg)
 	 * @param	string	$level 	The error level
 	 * @param	string	$date 	Formatted date string
 	 * @param	string	$message 	The log message
-	 * @return	string	Formatted log line with a new line character '\n' at the end
+	 * @return	string	Formatted log line with a new line character at the end
 	 */
 	protected function _format_line($level, $date, $message)
 	{
-		return $level.' - '.$date.' --> '.$message."\n";
+		return $level.' - '.$date.' --> '.$message.PHP_EOL;
 	}
 
 	// --------------------------------------------------------------------

diff --git a/system/core/Security.php b/system/core/Security.php
@@ -228,6 +228,7 @@ public function csrf_verify()
 
 		// Check CSRF token validity, but don't error on mismatch just yet - we'll want to regenerate
 		$valid = isset($_POST[$this->_csrf_token_name], $_COOKIE[$this->_csrf_cookie_name])
+			&& is_string($_POST[$this->_csrf_token_name]) && is_string($_COOKIE[$this->_csrf_cookie_name])
 			&& hash_equals($_POST[$this->_csrf_token_name], $_COOKIE[$this->_csrf_cookie_name]);
 
 		// We kill this since we're done and we don't want to pollute the _POST array

diff --git a/system/database/DB_result.php b/system/database/DB_result.php
@@ -381,7 +381,7 @@ public function set_row($key, $value = NULL)
 	 */
 	public function custom_row_object($n, $type)
 	{
-		isset($this->custom_result_object[$type]) OR $this->custom_result_object($type);
+		isset($this->custom_result_object[$type]) OR $this->custom_result_object[$type] = $this->custom_result_object($type);
 
 		if (count($this->custom_result_object[$type]) === 0)
 		{

diff --git a/system/database/drivers/mysql/mysql_driver.php b/system/database/drivers/mysql/mysql_driver.php
@@ -383,7 +383,7 @@ public function insert_id()
 	 */
 	protected function _list_tables($prefix_limit = FALSE)
 	{
-		$sql = 'SHOW TABLES FROM '.$this->escape_identifiers($this->database);
+		$sql = 'SHOW TABLES FROM '.$this->_escape_char.$this->database.$this->_escape_char;
 
 		if ($prefix_limit !== FALSE && $this->dbprefix !== '')
 		{

diff --git a/system/database/drivers/mysqli/mysqli_driver.php b/system/database/drivers/mysqli/mysqli_driver.php
@@ -429,7 +429,7 @@ public function insert_id()
 	 */
 	protected function _list_tables($prefix_limit = FALSE)
 	{
-		$sql = 'SHOW TABLES FROM '.$this->escape_identifiers($this->database);
+		$sql = 'SHOW TABLES FROM '.$this->_escape_char.$this->database.$this->_escape_char;
 
 		if ($prefix_limit !== FALSE && $this->dbprefix !== '')
 		{

diff --git a/system/database/drivers/oci8/oci8_forge.php b/system/database/drivers/oci8/oci8_forge.php
@@ -81,6 +81,13 @@ class CI_DB_oci8_forge extends CI_DB_forge {
 	 */
 	protected $_unsigned		= FALSE;
 
+	/**
+	 * NULL value representation in CREATE/ALTER TABLE statements
+	 *
+	 * @var	string
+	 */
+	protected $_null		= 'NULL';
+
 	// --------------------------------------------------------------------
 
 	/**

diff --git a/system/database/drivers/pdo/pdo_result.php b/system/database/drivers/pdo/pdo_result.php
@@ -133,7 +133,7 @@ public function field_data()
 
 				$retval[$i]			= new stdClass();
 				$retval[$i]->name		= $field['name'];
-				$retval[$i]->type		= $field['native_type'];
+				$retval[$i]->type		= isset($field['native_type']) ? $field['native_type'] : null;
 				$retval[$i]->max_length		= ($field['len'] > 0) ? $field['len'] : NULL;
 				$retval[$i]->primary_key	= (int) ( ! empty($field['flags']) && in_array('primary_key', $field['flags'], TRUE));
 			}

diff --git a/system/database/drivers/pdo/subdrivers/pdo_firebird_forge.php b/system/database/drivers/pdo/subdrivers/pdo_firebird_forge.php
@@ -150,7 +150,7 @@ protected function _alter_table($alter_type, $table, $field)
 			if ( ! empty($field[$i]['default']))
 			{
 				$sqls[] = $sql.' ALTER COLUMN '.$this->db->escape_identifiers($field[$i]['name'])
-					.' SET DEFAULT '.$field[$i]['default'];
+					.' SET '.$field[$i]['default'];
 			}
 
 			if (isset($field[$i]['null']))

diff --git a/system/database/drivers/pdo/subdrivers/pdo_mysql_driver.php b/system/database/drivers/pdo/subdrivers/pdo_mysql_driver.php
@@ -279,7 +279,7 @@ protected function _trans_rollback()
 	 */
 	protected function _list_tables($prefix_limit = FALSE)
 	{
-		$sql = 'SHOW TABLES';
+		$sql = 'SHOW TABLES FROM '.$this->_escape_char.$this->database.$this->_escape_char;
 
 		if ($prefix_limit === TRUE && $this->dbprefix !== '')
 		{

diff --git a/system/database/drivers/pdo/subdrivers/pdo_oci_forge.php b/system/database/drivers/pdo/subdrivers/pdo_oci_forge.php
@@ -74,6 +74,13 @@ class CI_DB_pdo_oci_forge extends CI_DB_pdo_forge {
 	 */
 	protected $_unsigned		= FALSE;
 
+	/**
+	 * NULL value representation in CREATE/ALTER TABLE statements
+	 *
+	 * @var	string
+	 */
+	protected $_null		= 'NULL';
+
 	// --------------------------------------------------------------------
 
 	/**

diff --git a/system/database/drivers/pdo/subdrivers/pdo_pgsql_driver.php b/system/database/drivers/pdo/subdrivers/pdo_pgsql_driver.php
@@ -98,7 +98,7 @@ public function __construct($params)
 
 			if ( ! empty($this->username))
 			{
-				$this->dsn .= ';username='.$this->username;
+				$this->dsn .= ';user='.$this->username;
 				empty($this->password) OR $this->dsn .= ';password='.$this->password;
 			}
 		}

diff --git a/system/database/drivers/pdo/subdrivers/pdo_pgsql_forge.php b/system/database/drivers/pdo/subdrivers/pdo_pgsql_forge.php
@@ -130,7 +130,7 @@ protected function _alter_table($alter_type, $table, $field)
 			if ( ! empty($field[$i]['default']))
 			{
 				$sqls[] = $sql.' ALTER COLUMN '.$this->db->escape_identifiers($field[$i]['name'])
-					.' SET DEFAULT '.$field[$i]['default'];
+					.' SET '.$field[$i]['default'];
 			}
 
 			if (isset($field[$i]['null']))

diff --git a/system/database/drivers/postgre/postgre_forge.php b/system/database/drivers/postgre/postgre_forge.php
@@ -125,7 +125,7 @@ protected function _alter_table($alter_type, $table, $field)
 			if ( ! empty($field[$i]['default']))
 			{
 				$sqls[] = $sql.' ALTER COLUMN '.$this->db->escape_identifiers($field[$i]['name'])
-					.' SET DEFAULT '.$field[$i]['default'];
+					.' SET '.$field[$i]['default'];
 			}
 
 			if (isset($field[$i]['null']))

diff --git a/system/libraries/Cache/drivers/Cache_redis.php b/system/libraries/Cache/drivers/Cache_redis.php
@@ -76,6 +76,13 @@ class CI_Cache_redis extends CI_Driver
 	 */
 	protected $_serialized = array();
 
+	/**
+	 * del()/delete() method name depending on phpRedis version
+	 *
+	 * @var	string
+	 */
+	protected static $_delete_name;
+
 	// ------------------------------------------------------------------------
 
 	/**
@@ -97,6 +104,10 @@ public function __construct()
 			return;
 		}
 
+		isset(static::$_delete_name) OR static::$_delete_name = version_compare(phpversion('phpredis'), '5', '>=')
+			? 'del'
+			: 'delete';
+
 		$CI =& get_instance();
 
 		if ($CI->config->load('redis', TRUE, TRUE))
@@ -135,10 +146,6 @@ public function __construct()
 		{
 			log_message('error', 'Cache: Redis connection refused ('.$e->getMessage().')');
 		}
-
-		// Initialize the index of serialized values.
-		$serialized = $this->_redis->sMembers('_ci_redis_serialized');
-		empty($serialized) OR $this->_serialized = array_flip($serialized);
 	}
 
 	// ------------------------------------------------------------------------
@@ -153,7 +160,7 @@ public function get($key)
 	{
 		$value = $this->_redis->get($key);
 
-		if ($value !== FALSE && isset($this->_serialized[$key]))
+		if ($value !== FALSE && $this->_redis->sIsMember('_ci_redis_serialized', $key))
 		{
 			return unserialize($value);
 		}
@@ -184,9 +191,8 @@ public function save($id, $data, $ttl = 60, $raw = FALSE)
 			isset($this->_serialized[$id]) OR $this->_serialized[$id] = TRUE;
 			$data = serialize($data);
 		}
-		elseif (isset($this->_serialized[$id]))
+		else
 		{
-			$this->_serialized[$id] = NULL;
 			$this->_redis->sRemove('_ci_redis_serialized', $id);
 		}
 
@@ -203,16 +209,12 @@ public function save($id, $data, $ttl = 60, $raw = FALSE)
 	 */
 	public function delete($key)
 	{
-		if ($this->_redis->delete($key) !== 1)
+		if ($this->_redis->{static::$_delete_name}($key) !== 1)
 		{
 			return FALSE;
 		}
 
-		if (isset($this->_serialized[$key]))
-		{
-			$this->_serialized[$key] = NULL;
-			$this->_redis->sRemove('_ci_redis_serialized', $key);
-		}
+		$this->_redis->sRemove('_ci_redis_serialized', $key);
 
 		return TRUE;
 	}
@@ -228,7 +230,7 @@ public function delete($key)
 	 */
 	public function increment($id, $offset = 1)
 	{
-		return $this->_redis->incr($id, $offset);
+		return $this->_redis->incrBy($id, $offset);
 	}
 
 	// ------------------------------------------------------------------------
@@ -242,7 +244,7 @@ public function increment($id, $offset = 1)
 	 */
 	public function decrement($id, $offset = 1)
 	{
-		return $this->_redis->decr($id, $offset);
+		return $this->_redis->decrBy($id, $offset);
 	}
 
 	// ------------------------------------------------------------------------

diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php
@@ -1208,6 +1208,13 @@ public function valid_url($str)
 			$str = $matches[2];
 		}
 
+		// Apparently, FILTER_VALIDATE_URL doesn't reject digit-only names for some reason ...
+		// See https://github.com/bcit-ci/CodeIgniter/issues/5755
+		if (ctype_digit($str))
+		{
+			return FALSE;
+		}
+
 		// PHP 7 accepts IPv6 addresses within square brackets as hostnames,
 		// but it appears that the PR that came in with https://bugs.php.net/bug.php?id=68039
 		// was never merged into a PHP 5 branch ... https://3v4l.org/8PsSN

diff --git a/system/libraries/Session/Session_driver.php b/system/libraries/Session/Session_driver.php
@@ -184,25 +184,4 @@ protected function _release_lock()
 
 		return TRUE;
 	}
-
-	// ------------------------------------------------------------------------
-
-	/**
-	 * Fail
-	 *
-	 * Drivers other than the 'files' one don't (need to) use the
-	 * session.save_path INI setting, but that leads to confusing
-	 * error messages emitted by PHP when open() or write() fail,
-	 * as the message contains session.save_path ...
-	 * To work around the problem, the drivers will call this method
-	 * so that the INI is set just in time for the error message to
-	 * be properly generated.
-	 *
-	 * @return	mixed
-	 */
-	protected function _fail()
-	{
-		ini_set('session.save_path', config_item('sess_save_path'));
-		return $this->_failure;
-	}
 }