Gitiles
Code Review Sign In
www.giggi.me / code-igniter-v3-giggi / 8a1607772c5e9221884d9f0a39a514536f1fe21d^! / .
commit8a1607772c5e9221884d9f0a39a514536f1fe21d[log] [tgz]
authorDerek Jones <derek.jones@ellislab.com>Wed Feb 27 05:19:50 2008 +0000
committerDerek Jones <derek.jones@ellislab.com>Wed Feb 27 05:19:50 2008 +0000
tree7a2033dc494d5656427ec16656374d6acfd7bab0
parent2c6dda41c8207ffa704934a1fbde65769ce86992 [diff]
added improved check for controller method access so that CI does not attempt to load private or protected controller methods

added controller/method details to framework initiated 404 pages for logging

diff --git a/system/codeigniter/CodeIgniter.php b/system/codeigniter/CodeIgniter.php
index 8f9dbdf..d1ef965 100644
--- a/system/codeigniter/CodeIgniter.php
+++ b/system/codeigniter/CodeIgniter.php

@@ -169,7 +169,7 @@
 	OR in_array($method, get_class_methods('Controller'), TRUE)

 	)

 {

-	show_404();

+	show_404("{$class}/{$method}");

 }

 

 /*

@@ -214,9 +214,11 @@
 	}

 	else

 	{

-		if ( ! method_exists($CI, $method))

+		// is_callable() returns TRUE on some versions of PHP 5 for private and protected

+		// methods, so we'll use this workaround for consistent behavior

+		if (! in_array($method, get_class_methods($CI)))

 		{

-			show_404();

+			show_404("{$class}/{$method}");

 		}

 

 		// Call the requested method.


diff --git a/system/libraries/Router.php b/system/libraries/Router.php
index f6464a3..d9dd6dd 100644
--- a/system/libraries/Router.php
+++ b/system/libraries/Router.php

@@ -204,7 +204,7 @@
 				// Does the requested controller exist in the sub-folder?

 				if ( ! file_exists(APPPATH.'controllers/'.$this->fetch_directory().$segments[0].EXT))

 				{

-					show_404();	

+					show_404($this->fetch_directory().$segments[0]);	

 				}

 			}

 			else

@@ -225,7 +225,7 @@
 		}

 	

 		// Can't find the requested controller...

-		show_404();	

+		show_404($segments[0]);	

 	}

 		

 	// --------------------------------------------------------------------


diff --git a/user_guide/changelog.html b/user_guide/changelog.html
index 80615aa..c8c74f1 100644
--- a/user_guide/changelog.html
+++ b/user_guide/changelog.html

@@ -95,6 +95,8 @@
 		    <li>Added a <a href="./helpers/path_helper.html">Path Helper</a>.</li>

 			<li>Simplified _reindex_segments() in the URI class</li>

 			<li>Escaped the '-' in the default 'permitted_uri_chars' config item, to prevent errors if developers just try to add additional characters to the end of the default expression.</li>

+			<li>Modified method calling to controllers to show a 404 when a private or protected method is accessed via a URL</li>

+			<li>Modified framework initiated 404s to log the controller and method for invalid requests</li>

 		</ul>

 	</li>

 	<li>Helpers