Merge branch 'security' into 3.1-stable
diff --git a/.editorconfig b/.editorconfig
new file mode 100644
index 0000000..39f48d9
--- /dev/null
+++ b/.editorconfig
@@ -0,0 +1,15 @@
+# top-most EditorConfig file
+root = true
+
+# Unix-style newlines with a newline ending every file
+[*]
+end_of_line = lf
+insert_final_newline = true
+
+# Matches multiple files with brace expansion notation
+# Set default charset
+[*]
+charset = utf-8
+
+# Tab indentation (no size specified)
+indent_style = tab
diff --git a/system/database/drivers/oci8/oci8_forge.php b/system/database/drivers/oci8/oci8_forge.php
index ac33cde..867a943 100644
--- a/system/database/drivers/oci8/oci8_forge.php
+++ b/system/database/drivers/oci8/oci8_forge.php
@@ -126,6 +126,8 @@
$sqls[] = $sql.' RENAME COLUMN '.$this->db->escape_identifiers($field[$i]['name'])
.' '.$this->db->escape_identifiers($field[$i]['new_name']);
}
+
+ $field[$i] = "\n\t".$field[$i]['_literal'];
}
}
@@ -136,7 +138,7 @@
// RENAME COLUMN must be executed after MODIFY
array_unshift($sqls, $sql);
- return $sql;
+ return $sqls;
}
// --------------------------------------------------------------------
diff --git a/system/language/english/imglib_lang.php b/system/language/english/imglib_lang.php
index 363b900..218874c 100644
--- a/system/language/english/imglib_lang.php
+++ b/system/language/english/imglib_lang.php
@@ -51,6 +51,7 @@
$lang['imglib_image_process_failed'] = 'Image processing failed. Please verify that your server supports the chosen protocol and that the path to your image library is correct.';
$lang['imglib_rotation_angle_required'] = 'An angle of rotation is required to rotate the image.';
$lang['imglib_invalid_path'] = 'The path to the image is not correct.';
+$lang['imglib_invalid_image'] = 'The provided image is not valid.';
$lang['imglib_copy_failed'] = 'The image copy routine failed.';
$lang['imglib_missing_font'] = 'Unable to find a font to use.';
$lang['imglib_save_failed'] = 'Unable to save the image. Please make sure the image and file directory are writable.';
diff --git a/system/libraries/Email.php b/system/libraries/Email.php
index e250154..117c484 100644
--- a/system/libraries/Email.php
+++ b/system/libraries/Email.php
@@ -458,7 +458,6 @@
$this->_headers = array();
$this->_debug_msg = array();
- $this->set_header('User-Agent', $this->useragent);
$this->set_header('Date', $this->_set_date());
if ($clear_attachments !== FALSE)
@@ -1215,6 +1214,7 @@
*/
protected function _build_headers()
{
+ $this->set_header('User-Agent', $this->useragent);
$this->set_header('X-Sender', $this->clean_email($this->_headers['From']));
$this->set_header('X-Mailer', $this->useragent);
$this->set_header('X-Priority', $this->_priorities[$this->priority]);
diff --git a/system/libraries/Image_lib.php b/system/libraries/Image_lib.php
index 3e45cb8..9ec44da 100644
--- a/system/libraries/Image_lib.php
+++ b/system/libraries/Image_lib.php
@@ -1639,25 +1639,31 @@
}
$vals = getimagesize($path);
+ if ($vals === FALSE)
+ {
+ $this->set_error('imglib_invalid_image');
+ return FALSE;
+ }
+
$types = array(1 => 'gif', 2 => 'jpeg', 3 => 'png');
- $mime = (isset($types[$vals[2]])) ? 'image/'.$types[$vals[2]] : 'image/jpg';
+ $mime = isset($types[$vals[2]]) ? 'image/'.$types[$vals[2]] : 'image/jpg';
if ($return === TRUE)
{
return array(
- 'width' => $vals[0],
- 'height' => $vals[1],
- 'image_type' => $vals[2],
- 'size_str' => $vals[3],
- 'mime_type' => $mime
- );
+ 'width' => $vals[0],
+ 'height' => $vals[1],
+ 'image_type' => $vals[2],
+ 'size_str' => $vals[3],
+ 'mime_type' => $mime
+ );
}
- $this->orig_width = $vals[0];
- $this->orig_height = $vals[1];
- $this->image_type = $vals[2];
- $this->size_str = $vals[3];
- $this->mime_type = $mime;
+ $this->orig_width = $vals[0];
+ $this->orig_height = $vals[1];
+ $this->image_type = $vals[2];
+ $this->size_str = $vals[3];
+ $this->mime_type = $mime;
return TRUE;
}
diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst
index b60a909..ca1696c 100644
--- a/user_guide_src/source/changelog.rst
+++ b/user_guide_src/source/changelog.rst
@@ -42,6 +42,9 @@
- Fixed a bug (#4953) - :doc:`Database Forge <database/forge>` method ``create_table()`` didn't update an internal tables list cache if it exists but is empty.
- Fixed a bug (#4958) - :doc:`Query Builder <database/query_builder>` method ``count_all_results()`` didn't take into account cached ``ORDER BY`` clauses.
- Fixed a bug (#4804) - :doc:`Query Builder <database/query_builder>` method ``insert_batch()`` could fail if the input array pointer was modified.
+- Fixed a bug (#4962) - :doc:`Database Force <database/forge>` method ``alter_table()`` would fail with the 'oci8' driver.
+- Fixed a bug (#4457) - :doc:`Image Manipulation Library <libraries/image_lib>` method ``get_image_properties()`` didn't detect invalid images.
+- Fixed a bug (#4765) - :doc:`Email Library <libraries/email>` didn't send the ``User-Agent`` header without a prior call to ``clear()``.
Version 3.1.2
=============
diff --git a/user_guide_src/source/libraries/form_validation.rst b/user_guide_src/source/libraries/form_validation.rst
index 7792369..88cda16 100644
--- a/user_guide_src/source/libraries/form_validation.rst
+++ b/user_guide_src/source/libraries/form_validation.rst
@@ -985,7 +985,7 @@
**valid_url** No Returns FALSE if the form element does not contain a valid URL.
**valid_email** No Returns FALSE if the form element does not contain a valid email address.
**valid_emails** No Returns FALSE if any value provided in a comma separated list is not a valid email.
-**valid_ip** No Returns FALSE if the supplied IP is not valid.
+**valid_ip** Yes Returns FALSE if the supplied IP address is not valid.
Accepts an optional parameter of 'ipv4' or 'ipv6' to specify an IP format.
**valid_base64** No Returns FALSE if the supplied string contains anything other than valid Base64 characters.
========================= ========== ============================================================================================= =======================