diff --git a/system/database/DB_utility.php b/system/database/DB_utility.php
index d7018bf..9533ec6 100644
--- a/system/database/DB_utility.php
+++ b/system/database/DB_utility.php
@@ -133,7 +133,11 @@
}
$query = $this->db->query($sql);
- return current($query->result_array());
+ $res = $query->result_array();
+
+ // Note: Due to a bug in current() that affects some versions
+ // of PHP we can not pass function call directly into it
+ return current($res);
}
// --------------------------------------------------------------------
@@ -159,7 +163,10 @@
$query = $this->db->query($sql);
// Build the result array...
- $res = current($query->result_array());
+ // Note: Due to a bug in current() that affects some versions
+ // of PHP we can not pass function call directly into it
+ $res = $query->result_array();
+ $res = current($res);
$key = str_replace($this->db->database.'.', '', current($res));
$keys = array_keys($res);
unset($res[$keys[0]]);
@@ -190,7 +197,11 @@
}
$query = $this->db->query($sql);
- return current($query->result_array());
+
+ // Note: Due to a bug in current() that affects some versions
+ // of PHP we can not pass function call directly into it
+ $res = $query->result_array();
+ return current($res);
}
// --------------------------------------------------------------------
diff --git a/system/database/drivers/mysql/mysql_driver.php b/system/database/drivers/mysql/mysql_driver.php
index be7c672..1afc206 100644
--- a/system/database/drivers/mysql/mysql_driver.php
+++ b/system/database/drivers/mysql/mysql_driver.php
@@ -45,7 +45,7 @@
*/
function db_connect()
{
- return mysql_connect($this->hostname, $this->username, $this->password, TRUE);
+ return @mysql_connect($this->hostname, $this->username, $this->password, TRUE);
}
// --------------------------------------------------------------------
@@ -58,7 +58,7 @@
*/
function db_pconnect()
{
- return mysql_pconnect($this->hostname, $this->username, $this->password);
+ return @mysql_pconnect($this->hostname, $this->username, $this->password);
}
// --------------------------------------------------------------------
diff --git a/system/database/drivers/mysqli/mysqli_driver.php b/system/database/drivers/mysqli/mysqli_driver.php
index 5942091..3a0d3b5 100644
--- a/system/database/drivers/mysqli/mysqli_driver.php
+++ b/system/database/drivers/mysqli/mysqli_driver.php
@@ -47,7 +47,7 @@
*/
function db_connect()
{
- return mysqli_connect($this->hostname, $this->username, $this->password);
+ return @mysqli_connect($this->hostname, $this->username, $this->password);
}
// --------------------------------------------------------------------
diff --git a/system/database/drivers/oci8/oci8_driver.php b/system/database/drivers/oci8/oci8_driver.php
index c091edf..551a670 100644
--- a/system/database/drivers/oci8/oci8_driver.php
+++ b/system/database/drivers/oci8/oci8_driver.php
@@ -62,7 +62,7 @@
*/
function db_connect()
{
- return ocilogon($this->username, $this->password, $this->hostname);
+ return @ocilogon($this->username, $this->password, $this->hostname);
}
// --------------------------------------------------------------------
@@ -75,7 +75,7 @@
*/
function db_pconnect()
{
- return ociplogon($this->username, $this->password, $this->hostname);
+ return @ociplogon($this->username, $this->password, $this->hostname);
}
// --------------------------------------------------------------------
diff --git a/system/database/drivers/odbc/odbc_driver.php b/system/database/drivers/odbc/odbc_driver.php
index 09ca07e..4d1fac2 100644
--- a/system/database/drivers/odbc/odbc_driver.php
+++ b/system/database/drivers/odbc/odbc_driver.php
@@ -38,7 +38,7 @@
*/
function db_connect()
{
- return odbc_connect($this->database, $this->username, $this->password);
+ return @odbc_connect($this->database, $this->username, $this->password);
}
// --------------------------------------------------------------------
@@ -51,7 +51,7 @@
*/
function db_pconnect()
{
- return odbc_pconnect($this->database, $this->username, $this->password);
+ return @odbc_pconnect($this->database, $this->username, $this->password);
}
// --------------------------------------------------------------------
diff --git a/system/database/drivers/postgre/postgre_driver.php b/system/database/drivers/postgre/postgre_driver.php
index 81aaafe..68fde01 100644
--- a/system/database/drivers/postgre/postgre_driver.php
+++ b/system/database/drivers/postgre/postgre_driver.php
@@ -40,7 +40,7 @@
{
$port = ($this->port == '') ? '' : " port=".$this->port;
- return pg_connect("host=".$this->hostname.$port." dbname=".$this->database." user=".$this->username." password=".$this->password);
+ return @pg_connect("host=".$this->hostname.$port." dbname=".$this->database." user=".$this->username." password=".$this->password);
}
// --------------------------------------------------------------------
@@ -55,7 +55,7 @@
{
$port = ($this->port == '') ? '' : " port=".$this->port;
- return pg_pconnect("host=".$this->hostname.$port." dbname=".$this->database." user=".$this->username." password=".$this->password);
+ return @pg_pconnect("host=".$this->hostname.$port." dbname=".$this->database." user=".$this->username." password=".$this->password);
}
// --------------------------------------------------------------------
diff --git a/system/database/drivers/sqlite/sqlite_driver.php b/system/database/drivers/sqlite/sqlite_driver.php
index ce3c579..3f71b35 100644
--- a/system/database/drivers/sqlite/sqlite_driver.php
+++ b/system/database/drivers/sqlite/sqlite_driver.php
@@ -40,14 +40,16 @@
*/
function db_connect()
{
- if ( ! $conn_id = sqlite_open($this->database, 0666, $error))
+ if ( ! $conn_id = @sqlite_open($this->database, 0666, $error))
{
log_message('error', $error);
if ($this->db_debug)
{
$this->display_error($error, '', TRUE);
- }
+ }
+
+ return FALSE;
}
return $conn_id;
@@ -63,14 +65,16 @@
*/
function db_pconnect()
{
- if ( ! $conn_id = sqlite_popen($this->database, 0666, $error))
+ if ( ! $conn_id = @sqlite_popen($this->database, 0666, $error))
{
log_message('error', $error);
if ($this->db_debug)
{
$this->display_error($error, '', TRUE);
- }
+ }
+
+ return FALSE;
}
return $conn_id;
diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php
index 6d10a98..7d594d7 100644
--- a/system/helpers/form_helper.php
+++ b/system/helpers/form_helper.php
@@ -335,8 +335,24 @@
{
return '';
}
+
+ $temp = '__TEMP_AMPERSANDS__';
- return str_replace(array("'", '"'), array("'", """), htmlspecialchars($str));
+ // Replace entities to temporary markers so that
+ // htmlspecialchars won't mess them up
+ $str = preg_replace("/&#(\d+);/", "$temp\\1;", $str);
+ $str = preg_replace("/&(\w+);/", "$temp\\1;", $str);
+
+ $str = htmlspecialchars($str);
+
+ // In case htmlspecialchars misses these.
+ $str = str_replace(array("'", '"'), array("'", """), $str);
+
+ // Decode the temp markers back to entities
+ $str = preg_replace("/$temp(\d+);/","&#\\1;",$str);
+ $str = preg_replace("/$temp(\w+);/","&\\1;",$str);
+
+ return $str;
}
// ------------------------------------------------------------------------
diff --git a/system/helpers/xml_helper.php b/system/helpers/xml_helper.php
index 4cc91f4..856722b 100644
--- a/system/helpers/xml_helper.php
+++ b/system/helpers/xml_helper.php
@@ -36,15 +36,18 @@
*/
function xml_convert($str)
{
- $temp = '__TEMP_AMPERSANDS';
-
+ $temp = '__TEMP_AMPERSANDS__';
+
+ // Replace entities to temporary markers so that
+ // ampersands won't get messed up
$str = preg_replace("/&#(\d+);/", "$temp\\1;", $str);
$str = preg_replace("/&(\w+);/", "$temp\\1;", $str);
$str = str_replace(array("&","<",">","\"", "'", "-"),
array("&", "<", ">", """, "'", "-"),
$str);
-
+
+ // Decode the temp markers back to entities
$str = preg_replace("/$temp(\d+);/","&#\\1;",$str);
$str = preg_replace("/$temp(\w+);/","&\\1;", $str);
diff --git a/system/libraries/Router.php b/system/libraries/Router.php
index d4d1b2f..886433f 100644
--- a/system/libraries/Router.php
+++ b/system/libraries/Router.php
@@ -295,7 +295,10 @@
// can be unreliable in some environments
if (is_array($_GET) AND count($_GET) == 1)
{
- return current(array_keys($_GET));
+ // Note: Due to a bug in current() that affects some versions
+ // of PHP we can not pass function call directly into it
+ $keys = array_keys($_GET);
+ return current($keys);
}
// Is there a PATH_INFO variable?