| <?php |
| /** |
| * CodeIgniter |
| * |
| * An open source application development framework for PHP |
| * |
| * This content is released under the MIT License (MIT) |
| * |
| * Copyright (c) 2014 - 2019, British Columbia Institute of Technology |
| * |
| * Permission is hereby granted, free of charge, to any person obtaining a copy |
| * of this software and associated documentation files (the "Software"), to deal |
| * in the Software without restriction, including without limitation the rights |
| * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell |
| * copies of the Software, and to permit persons to whom the Software is |
| * furnished to do so, subject to the following conditions: |
| * |
| * The above copyright notice and this permission notice shall be included in |
| * all copies or substantial portions of the Software. |
| * |
| * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR |
| * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, |
| * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE |
| * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER |
| * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, |
| * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN |
| * THE SOFTWARE. |
| * |
| * @package CodeIgniter |
| * @author EllisLab Dev Team |
| * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) |
| * @copyright Copyright (c) 2014 - 2019, British Columbia Institute of Technology (https://bcit.ca/) |
| * @license https://opensource.org/licenses/MIT MIT License |
| * @link https://codeigniter.com |
| * @since Version 1.0.0 |
| * @filesource |
| */ |
| defined('BASEPATH') OR exit('No direct script access allowed'); |
| |
| /** |
| * System Initialization File |
| * |
| * Loads the base classes and executes the request. |
| * |
| * @package CodeIgniter |
| * @subpackage CodeIgniter |
| * @category Front-controller |
| * @author EllisLab Dev Team |
| * @link https://codeigniter.com/user_guide/ |
| */ |
| |
| /** |
| * CodeIgniter Version |
| * |
| * @var string |
| * |
| */ |
| const CI_VERSION = '3.1.10'; |
| |
| /* |
| * ------------------------------------------------------ |
| * Load the framework constants |
| * ------------------------------------------------------ |
| */ |
| if (file_exists(APPPATH.'config/'.ENVIRONMENT.'/constants.php')) |
| { |
| require_once(APPPATH.'config/'.ENVIRONMENT.'/constants.php'); |
| } |
| |
| if (file_exists(APPPATH.'config/constants.php')) |
| { |
| require_once(APPPATH.'config/constants.php'); |
| } |
| |
| /* |
| * ------------------------------------------------------ |
| * Load the global functions |
| * ------------------------------------------------------ |
| */ |
| require_once(BASEPATH.'core/Common.php'); |
| |
| |
| /* |
| * ------------------------------------------------------ |
| * Security procedures |
| * ------------------------------------------------------ |
| */ |
| |
| if ( ! is_php('5.4')) |
| { |
| ini_set('magic_quotes_runtime', 0); |
| |
| if ((bool) ini_get('register_globals')) |
| { |
| $_protected = array( |
| '_SERVER', |
| '_GET', |
| '_POST', |
| '_FILES', |
| '_REQUEST', |
| '_SESSION', |
| '_ENV', |
| '_COOKIE', |
| 'GLOBALS', |
| 'HTTP_RAW_POST_DATA', |
| 'system_path', |
| 'application_folder', |
| 'view_folder', |
| '_protected', |
| '_registered' |
| ); |
| |
| $_registered = ini_get('variables_order'); |
| foreach (array('E' => '_ENV', 'G' => '_GET', 'P' => '_POST', 'C' => '_COOKIE', 'S' => '_SERVER') as $key => $superglobal) |
| { |
| if (strpos($_registered, $key) === FALSE) |
| { |
| continue; |
| } |
| |
| foreach (array_keys($$superglobal) as $var) |
| { |
| if (isset($GLOBALS[$var]) && ! in_array($var, $_protected, TRUE)) |
| { |
| $GLOBALS[$var] = NULL; |
| } |
| } |
| } |
| } |
| } |
| |
| |
| /* |
| * ------------------------------------------------------ |
| * Define a custom error handler so we can log PHP errors |
| * ------------------------------------------------------ |
| */ |
| set_error_handler('_error_handler'); |
| set_exception_handler('_exception_handler'); |
| register_shutdown_function('_shutdown_handler'); |
| |
| /* |
| * ------------------------------------------------------ |
| * Set the subclass_prefix |
| * ------------------------------------------------------ |
| * |
| * Normally the "subclass_prefix" is set in the config file. |
| * The subclass prefix allows CI to know if a core class is |
| * being extended via a library in the local application |
| * "libraries" folder. Since CI allows config items to be |
| * overridden via data set in the main index.php file, |
| * before proceeding we need to know if a subclass_prefix |
| * override exists. If so, we will set this value now, |
| * before any classes are loaded |
| * Note: Since the config file data is cached it doesn't |
| * hurt to load it here. |
| */ |
| if ( ! empty($assign_to_config['subclass_prefix'])) |
| { |
| get_config(array('subclass_prefix' => $assign_to_config['subclass_prefix'])); |
| } |
| |
| /* |
| * ------------------------------------------------------ |
| * Should we use a Composer autoloader? |
| * ------------------------------------------------------ |
| */ |
| if ($composer_autoload = config_item('composer_autoload')) |
| { |
| if ($composer_autoload === TRUE) |
| { |
| file_exists(APPPATH.'vendor/autoload.php') |
| ? require_once(APPPATH.'vendor/autoload.php') |
| : log_message('error', '$config[\'composer_autoload\'] is set to TRUE but '.APPPATH.'vendor/autoload.php was not found.'); |
| } |
| elseif (file_exists($composer_autoload)) |
| { |
| require_once($composer_autoload); |
| } |
| else |
| { |
| log_message('error', 'Could not find the specified $config[\'composer_autoload\'] path: '.$composer_autoload); |
| } |
| } |
| |
| /* |
| * ------------------------------------------------------ |
| * Start the timer... tick tock tick tock... |
| * ------------------------------------------------------ |
| */ |
| $BM =& load_class('Benchmark', 'core'); |
| $BM->mark('total_execution_time_start'); |
| $BM->mark('loading_time:_base_classes_start'); |
| |
| /* |
| * ------------------------------------------------------ |
| * Instantiate the hooks class |
| * ------------------------------------------------------ |
| */ |
| $EXT =& load_class('Hooks', 'core'); |
| |
| /* |
| * ------------------------------------------------------ |
| * Is there a "pre_system" hook? |
| * ------------------------------------------------------ |
| */ |
| $EXT->call_hook('pre_system'); |
| |
| /* |
| * ------------------------------------------------------ |
| * Instantiate the config class |
| * ------------------------------------------------------ |
| * |
| * Note: It is important that Config is loaded first as |
| * most other classes depend on it either directly or by |
| * depending on another class that uses it. |
| * |
| */ |
| $CFG =& load_class('Config', 'core'); |
| |
| // Do we have any manually set config items in the index.php file? |
| if (isset($assign_to_config) && is_array($assign_to_config)) |
| { |
| foreach ($assign_to_config as $key => $value) |
| { |
| $CFG->set_item($key, $value); |
| } |
| } |
| |
| /* |
| * ------------------------------------------------------ |
| * Important charset-related stuff |
| * ------------------------------------------------------ |
| * |
| * Configure mbstring and/or iconv if they are enabled |
| * and set MB_ENABLED and ICONV_ENABLED constants, so |
| * that we don't repeatedly do extension_loaded() or |
| * function_exists() calls. |
| * |
| * Note: UTF-8 class depends on this. It used to be done |
| * in it's constructor, but it's _not_ class-specific. |
| * |
| */ |
| $charset = strtoupper(config_item('charset')); |
| ini_set('default_charset', $charset); |
| |
| if (extension_loaded('mbstring')) |
| { |
| define('MB_ENABLED', TRUE); |
| // mbstring.internal_encoding is deprecated starting with PHP 5.6 |
| // and it's usage triggers E_DEPRECATED messages. |
| @ini_set('mbstring.internal_encoding', $charset); |
| // This is required for mb_convert_encoding() to strip invalid characters. |
| // That's utilized by CI_Utf8, but it's also done for consistency with iconv. |
| mb_substitute_character('none'); |
| } |
| else |
| { |
| define('MB_ENABLED', FALSE); |
| } |
| |
| // There's an ICONV_IMPL constant, but the PHP manual says that using |
| // iconv's predefined constants is "strongly discouraged". |
| if (extension_loaded('iconv')) |
| { |
| define('ICONV_ENABLED', TRUE); |
| // iconv.internal_encoding is deprecated starting with PHP 5.6 |
| // and it's usage triggers E_DEPRECATED messages. |
| @ini_set('iconv.internal_encoding', $charset); |
| } |
| else |
| { |
| define('ICONV_ENABLED', FALSE); |
| } |
| |
| if (is_php('5.6')) |
| { |
| ini_set('php.internal_encoding', $charset); |
| } |
| |
| /* |
| * ------------------------------------------------------ |
| * Load compatibility features |
| * ------------------------------------------------------ |
| */ |
| |
| require_once(BASEPATH.'core/compat/mbstring.php'); |
| require_once(BASEPATH.'core/compat/hash.php'); |
| require_once(BASEPATH.'core/compat/password.php'); |
| require_once(BASEPATH.'core/compat/standard.php'); |
| |
| /* |
| * ------------------------------------------------------ |
| * Instantiate the UTF-8 class |
| * ------------------------------------------------------ |
| */ |
| $UNI =& load_class('Utf8', 'core'); |
| |
| /* |
| * ------------------------------------------------------ |
| * Instantiate the URI class |
| * ------------------------------------------------------ |
| */ |
| $URI =& load_class('URI', 'core'); |
| |
| /* |
| * ------------------------------------------------------ |
| * Instantiate the routing class and set the routing |
| * ------------------------------------------------------ |
| */ |
| $RTR =& load_class('Router', 'core', isset($routing) ? $routing : NULL); |
| |
| /* |
| * ------------------------------------------------------ |
| * Instantiate the output class |
| * ------------------------------------------------------ |
| */ |
| $OUT =& load_class('Output', 'core'); |
| |
| /* |
| * ------------------------------------------------------ |
| * Is there a valid cache file? If so, we're done... |
| * ------------------------------------------------------ |
| */ |
| if ($EXT->call_hook('cache_override') === FALSE && $OUT->_display_cache($CFG, $URI) === TRUE) |
| { |
| exit; |
| } |
| |
| /* |
| * ----------------------------------------------------- |
| * Load the security class for xss and csrf support |
| * ----------------------------------------------------- |
| */ |
| $SEC =& load_class('Security', 'core'); |
| |
| /* |
| * ------------------------------------------------------ |
| * Load the Input class and sanitize globals |
| * ------------------------------------------------------ |
| */ |
| $IN =& load_class('Input', 'core'); |
| |
| /* |
| * ------------------------------------------------------ |
| * Load the Language class |
| * ------------------------------------------------------ |
| */ |
| $LANG =& load_class('Lang', 'core'); |
| |
| /* |
| * ------------------------------------------------------ |
| * Load the app controller and local controller |
| * ------------------------------------------------------ |
| * |
| */ |
| // Load the base controller class |
| require_once BASEPATH.'core/Controller.php'; |
| |
| /** |
| * Reference to the CI_Controller method. |
| * |
| * Returns current CI instance object |
| * |
| * @return CI_Controller |
| */ |
| function &get_instance() |
| { |
| return CI_Controller::get_instance(); |
| } |
| |
| if (file_exists(APPPATH.'core/'.$CFG->config['subclass_prefix'].'Controller.php')) |
| { |
| require_once APPPATH.'core/'.$CFG->config['subclass_prefix'].'Controller.php'; |
| } |
| |
| // Set a mark point for benchmarking |
| $BM->mark('loading_time:_base_classes_end'); |
| |
| /* |
| * ------------------------------------------------------ |
| * Sanity checks |
| * ------------------------------------------------------ |
| * |
| * The Router class has already validated the request, |
| * leaving us with 3 options here: |
| * |
| * 1) an empty class name, if we reached the default |
| * controller, but it didn't exist; |
| * 2) a query string which doesn't go through a |
| * file_exists() check |
| * 3) a regular request for a non-existing page |
| * |
| * We handle all of these as a 404 error. |
| * |
| * Furthermore, none of the methods in the app controller |
| * or the loader class can be called via the URI, nor can |
| * controller methods that begin with an underscore. |
| */ |
| |
| $e404 = FALSE; |
| $class = ucfirst($RTR->class); |
| $method = $RTR->method; |
| |
| if (empty($class) OR ! file_exists(APPPATH.'controllers/'.$RTR->directory.$class.'.php')) |
| { |
| $e404 = TRUE; |
| } |
| else |
| { |
| require_once(APPPATH.'controllers/'.$RTR->directory.$class.'.php'); |
| |
| if ( ! class_exists($class, FALSE) OR $method[0] === '_' OR method_exists('CI_Controller', $method)) |
| { |
| $e404 = TRUE; |
| } |
| elseif (method_exists($class, '_remap')) |
| { |
| $params = array($method, array_slice($URI->rsegments, 2)); |
| $method = '_remap'; |
| } |
| elseif ( ! method_exists($class, $method)) |
| { |
| $e404 = TRUE; |
| } |
| /** |
| * DO NOT CHANGE THIS, NOTHING ELSE WORKS! |
| * |
| * - method_exists() returns true for non-public methods, which passes the previous elseif |
| * - is_callable() returns false for PHP 4-style constructors, even if there's a __construct() |
| * - method_exists($class, '__construct') won't work because CI_Controller::__construct() is inherited |
| * - People will only complain if this doesn't work, even though it is documented that it shouldn't. |
| * |
| * ReflectionMethod::isConstructor() is the ONLY reliable check, |
| * knowing which method will be executed as a constructor. |
| */ |
| elseif ( ! is_callable(array($class, $method))) |
| { |
| $reflection = new ReflectionMethod($class, $method); |
| if ( ! $reflection->isPublic() OR $reflection->isConstructor()) |
| { |
| $e404 = TRUE; |
| } |
| } |
| } |
| |
| if ($e404) |
| { |
| if ( ! empty($RTR->routes['404_override'])) |
| { |
| if (sscanf($RTR->routes['404_override'], '%[^/]/%s', $error_class, $error_method) !== 2) |
| { |
| $error_method = 'index'; |
| } |
| |
| $error_class = ucfirst($error_class); |
| |
| if ( ! class_exists($error_class, FALSE)) |
| { |
| if (file_exists(APPPATH.'controllers/'.$RTR->directory.$error_class.'.php')) |
| { |
| require_once(APPPATH.'controllers/'.$RTR->directory.$error_class.'.php'); |
| $e404 = ! class_exists($error_class, FALSE); |
| } |
| // Were we in a directory? If so, check for a global override |
| elseif ( ! empty($RTR->directory) && file_exists(APPPATH.'controllers/'.$error_class.'.php')) |
| { |
| require_once(APPPATH.'controllers/'.$error_class.'.php'); |
| if (($e404 = ! class_exists($error_class, FALSE)) === FALSE) |
| { |
| $RTR->directory = ''; |
| } |
| } |
| } |
| else |
| { |
| $e404 = FALSE; |
| } |
| } |
| |
| // Did we reset the $e404 flag? If so, set the rsegments, starting from index 1 |
| if ( ! $e404) |
| { |
| $class = $error_class; |
| $method = $error_method; |
| |
| $URI->rsegments = array( |
| 1 => $class, |
| 2 => $method |
| ); |
| } |
| else |
| { |
| show_404($RTR->directory.$class.'/'.$method); |
| } |
| } |
| |
| if ($method !== '_remap') |
| { |
| $params = array_slice($URI->rsegments, 2); |
| } |
| |
| /* |
| * ------------------------------------------------------ |
| * Is there a "pre_controller" hook? |
| * ------------------------------------------------------ |
| */ |
| $EXT->call_hook('pre_controller'); |
| |
| /* |
| * ------------------------------------------------------ |
| * Instantiate the requested controller |
| * ------------------------------------------------------ |
| */ |
| // Mark a start point so we can benchmark the controller |
| $BM->mark('controller_execution_time_( '.$class.' / '.$method.' )_start'); |
| |
| $CI = new $class(); |
| |
| /* |
| * ------------------------------------------------------ |
| * Is there a "post_controller_constructor" hook? |
| * ------------------------------------------------------ |
| */ |
| $EXT->call_hook('post_controller_constructor'); |
| |
| /* |
| * ------------------------------------------------------ |
| * Call the requested method |
| * ------------------------------------------------------ |
| */ |
| call_user_func_array(array(&$CI, $method), $params); |
| |
| // Mark a benchmark end point |
| $BM->mark('controller_execution_time_( '.$class.' / '.$method.' )_end'); |
| |
| /* |
| * ------------------------------------------------------ |
| * Is there a "post_controller" hook? |
| * ------------------------------------------------------ |
| */ |
| $EXT->call_hook('post_controller'); |
| |
| /* |
| * ------------------------------------------------------ |
| * Send the final rendered output to the browser |
| * ------------------------------------------------------ |
| */ |
| if ($EXT->call_hook('display_override') === FALSE) |
| { |
| $OUT->_display(); |
| } |
| |
| /* |
| * ------------------------------------------------------ |
| * Is there a "post_system" hook? |
| * ------------------------------------------------------ |
| */ |
| $EXT->call_hook('post_system'); |