Merge branch 'ci-issue-60' of github.com:narfbg/CodeIgniter into ci-issue-60
diff --git a/application/config/doctypes.php b/application/config/doctypes.php
index f7e1d19..c9f16ee 100644
--- a/application/config/doctypes.php
+++ b/application/config/doctypes.php
@@ -5,6 +5,7 @@
'xhtml1-strict' => '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">',
'xhtml1-trans' => '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">',
'xhtml1-frame' => '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Frameset//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-frameset.dtd">',
+ 'xhtml-basic11' => '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML Basic 1.1//EN" "http://www.w3.org/TR/xhtml-basic/xhtml-basic11.dtd">',
'html5' => '<!DOCTYPE html>',
'html4-strict' => '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">',
'html4-trans' => '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">',
diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php
index aca4fb2..9f88384 100755
--- a/system/core/CodeIgniter.php
+++ b/system/core/CodeIgniter.php
@@ -33,28 +33,8 @@
* @var string
*
*/
- /**
- * CodeIgniter Version
- *
- * @var string
- *
- */
define('CI_VERSION', '2.1.0-dev');
-/**
- * CodeIgniter Branch (Core = TRUE, Reactor = FALSE)
- *
- * @var boolean
- *
- */
- /**
- * CodeIgniter Branch (Core = TRUE, Reactor = FALSE)
- *
- * @var string
- *
- */
- define('CI_CORE', FALSE);
-
/*
* ------------------------------------------------------
* Load the global functions
diff --git a/system/core/Input.php b/system/core/Input.php
index f39371f..6f84421 100755
--- a/system/core/Input.php
+++ b/system/core/Input.php
@@ -555,7 +555,7 @@
}
// We strip slashes if magic quotes is on to keep things consistent
- if (function_exists('get_magic_quotes_gpc') AND get_magic_quotes_gpc())
+ if (function_exists('get_magic_quotes_gpc') AND @get_magic_quotes_gpc())
{
$str = stripslashes($str);
}
diff --git a/system/core/Security.php b/system/core/Security.php
index 6c4c590..84ecb06 100755
--- a/system/core/Security.php
+++ b/system/core/Security.php
@@ -886,7 +886,8 @@
return $this->_csrf_hash = $_COOKIE[$this->_csrf_cookie_name];
}
- return $this->_csrf_hash = md5(uniqid(rand(), TRUE));
+ $this->_csrf_hash = md5(uniqid(rand(), TRUE));
+ $this->csrf_set_cookie();
}
return $this->_csrf_hash;
diff --git a/system/database/DB_active_rec.php b/system/database/DB_active_rec.php
index 7162e2a..8351823 100644
--- a/system/database/DB_active_rec.php
+++ b/system/database/DB_active_rec.php
@@ -196,7 +196,7 @@
$alias = $this->_create_alias_from_table(trim($select));
}
- $sql = $type.'('.$this->_protect_identifiers(trim($select)).') AS '.$this->_protect_identifiers(trim($alias));
+ $sql = $this->_protect_identifiers($type.'('.trim($select).')').' AS '.$this->_protect_identifiers(trim($alias));
$this->ar_select[] = $sql;
diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php
index 300ca29..17649f7 100644
--- a/system/database/DB_driver.php
+++ b/system/database/DB_driver.php
@@ -950,6 +950,7 @@
foreach ($where as $key => $val)
{
$prefix = (count($dest) == 0) ? '' : ' AND ';
+ $key = $this->_protect_identifiers($key);
if ($val !== '')
{
@@ -1165,7 +1166,7 @@
if ($native == TRUE)
{
- $message = $error;
+ $message = (array) $error;
}
else
{
@@ -1390,4 +1391,4 @@
/* End of file DB_driver.php */
-/* Location: ./system/database/DB_driver.php */
\ No newline at end of file
+/* Location: ./system/database/DB_driver.php */
diff --git a/system/database/drivers/mysql/mysql_driver.php b/system/database/drivers/mysql/mysql_driver.php
index f87cfea..dc020c6 100644
--- a/system/database/drivers/mysql/mysql_driver.php
+++ b/system/database/drivers/mysql/mysql_driver.php
@@ -56,7 +56,7 @@
// whether SET NAMES must be used to set the character set
var $use_set_names;
-
+
/**
* Non-persistent database connection
*
@@ -135,20 +135,9 @@
*/
function db_set_charset($charset, $collation)
{
- if ( ! isset($this->use_set_names))
- {
- // mysql_set_charset() requires PHP >= 5.2.3 and MySQL >= 5.0.7, use SET NAMES as fallback
- $this->use_set_names = (version_compare(PHP_VERSION, '5.2.3', '>=') && version_compare(mysql_get_server_info(), '5.0.7', '>=')) ? FALSE : TRUE;
- }
-
- if ($this->use_set_names === TRUE)
- {
- return @mysql_query("SET NAMES '".$this->escape_str($charset)."' COLLATE '".$this->escape_str($collation)."'", $this->conn_id);
- }
- else
- {
- return @mysql_set_charset($charset, $this->conn_id);
- }
+ return function_exists('mysql_set_charset')
+ ? @mysql_set_charset($charset, $this->conn_id)
+ : @mysql_query("SET NAMES '".$this->escape_str($charset)."' COLLATE '".$this->escape_str($collation)."'", $this->conn_id);
}
// --------------------------------------------------------------------
diff --git a/system/database/drivers/mysqli/mysqli_driver.php b/system/database/drivers/mysqli/mysqli_driver.php
index ccd110f..abef80f 100644
--- a/system/database/drivers/mysqli/mysqli_driver.php
+++ b/system/database/drivers/mysqli/mysqli_driver.php
@@ -56,7 +56,7 @@
// whether SET NAMES must be used to set the character set
var $use_set_names;
-
+
// --------------------------------------------------------------------
/**
@@ -135,20 +135,9 @@
*/
function _db_set_charset($charset, $collation)
{
- if ( ! isset($this->use_set_names))
- {
- // mysqli_set_charset() requires MySQL >= 5.0.7, use SET NAMES as fallback
- $this->use_set_names = (version_compare(mysqli_get_server_info($this->conn_id), '5.0.7', '>=')) ? FALSE : TRUE;
- }
-
- if ($this->use_set_names === TRUE)
- {
- return @mysqli_query($this->conn_id, "SET NAMES '".$this->escape_str($charset)."' COLLATE '".$this->escape_str($collation)."'");
- }
- else
- {
- return @mysqli_set_charset($this->conn_id, $charset);
- }
+ return function_exists('mysqli_set_charset')
+ ? @mysqli_set_charset($this->conn_id, $charset)
+ : @mysqli_query($this->conn_id, "SET NAMES '".$this->escape_str($charset)."' COLLATE '".$this->escape_str($collation)."'");
}
// --------------------------------------------------------------------
@@ -570,7 +559,7 @@
{
return "INSERT INTO ".$table." (".implode(', ', $keys).") VALUES ".implode(', ', $values);
}
-
+
// --------------------------------------------------------------------
/**
diff --git a/system/libraries/Email.php b/system/libraries/Email.php
index c8cb854..ef20e19 100644
--- a/system/libraries/Email.php
+++ b/system/libraries/Email.php
@@ -36,6 +36,7 @@
var $smtp_pass = ""; // SMTP Password
var $smtp_port = "25"; // SMTP Port
var $smtp_timeout = 5; // SMTP Timeout in seconds
+ var $smtp_crypto = ""; // SMTP Encryption. Can be null, tls or ssl.
var $wordwrap = TRUE; // TRUE/FALSE Turns word-wrap on/off
var $wrapchars = "76"; // Number of characters to wrap at.
var $mailtype = "text"; // text/html Defines email formatting
@@ -1667,7 +1668,14 @@
*/
protected function _smtp_connect()
{
- $this->_smtp_connect = fsockopen($this->smtp_host,
+ $ssl = NULL;
+
+ if ($this->smtp_crypto == 'ssl')
+ {
+ $ssl = 'ssl://';
+ }
+
+ $this->_smtp_connect = fsockopen($ssl.$this->smtp_host,
$this->smtp_port,
$errno,
$errstr,
@@ -1680,6 +1688,20 @@
}
$this->_set_error_message($this->_get_smtp_data());
+
+ if ($this->smtp_crypto == 'tls')
+ {
+ $this->_send_command('hello');
+ $this->_send_command('starttls');
+ $crypto = stream_socket_enable_crypto($this->_smtp_connect, TRUE, STREAM_CRYPTO_METHOD_TLS_CLIENT);
+ }
+
+ if ($crypto !== TRUE)
+ {
+ $this->_set_error_message('lang:email_smtp_error', $this->_get_smtp_data());
+ return FALSE;
+ }
+
return $this->_send_command('hello');
}
@@ -1706,6 +1728,12 @@
$resp = 250;
break;
+ case 'starttls' :
+
+ $this->_send_data('STARTTLS');
+
+ $resp = 220;
+ break;
case 'from' :
$this->_send_data('MAIL FROM:<'.$data.'>');
diff --git a/system/libraries/Sha1.php b/system/libraries/Sha1.php
index 1a65757..8e991f5 100644
--- a/system/libraries/Sha1.php
+++ b/system/libraries/Sha1.php
@@ -40,7 +40,7 @@
* @subpackage Libraries
* @category Encryption
* @author ExpressionEngine Dev Team
- * @link http://codeigniter.com/user_guide/general/encryption.html
+ * @link http://codeigniter.com/user_guide/libraries/encryption.html
*/
class CI_SHA1 {
@@ -248,4 +248,4 @@
// END CI_SHA
/* End of file Sha1.php */
-/* Location: ./system/libraries/Sha1.php */
\ No newline at end of file
+/* Location: ./system/libraries/Sha1.php */
diff --git a/system/libraries/Table.php b/system/libraries/Table.php
index def6967..c14da72 100644
--- a/system/libraries/Table.php
+++ b/system/libraries/Table.php
@@ -24,7 +24,7 @@
* @subpackage Libraries
* @category HTML Tables
* @author ExpressionEngine Dev Team
- * @link http://codeigniter.com/user_guide/libraries/uri.html
+ * @link http://codeigniter.com/user_guide/libraries/table.html
*/
class CI_Table {
@@ -528,4 +528,4 @@
/* End of file Table.php */
-/* Location: ./system/libraries/Table.php */
\ No newline at end of file
+/* Location: ./system/libraries/Table.php */
diff --git a/system/libraries/Typography.php b/system/libraries/Typography.php
index 734cec1..f061311 100644
--- a/system/libraries/Typography.php
+++ b/system/libraries/Typography.php
@@ -22,7 +22,7 @@
* @access private
* @category Helpers
* @author ExpressionEngine Dev Team
- * @link http://codeigniter.com/user_guide/helpers/
+ * @link http://codeigniter.com/user_guide/libraries/typography.html
*/
class CI_Typography {
@@ -407,4 +407,4 @@
// END Typography Class
/* End of file Typography.php */
-/* Location: ./system/libraries/Typography.php */
\ No newline at end of file
+/* Location: ./system/libraries/Typography.php */
diff --git a/system/libraries/Unit_test.php b/system/libraries/Unit_test.php
index 5bd7e80..d9bc8ef 100644
--- a/system/libraries/Unit_test.php
+++ b/system/libraries/Unit_test.php
@@ -24,7 +24,7 @@
* @subpackage Libraries
* @category UnitTesting
* @author ExpressionEngine Dev Team
- * @link http://codeigniter.com/user_guide/libraries/uri.html
+ * @link http://codeigniter.com/user_guide/libraries/unit_testing.html
*/
class CI_Unit_test {
@@ -380,4 +380,4 @@
/* End of file Unit_test.php */
-/* Location: ./system/libraries/Unit_test.php */
\ No newline at end of file
+/* Location: ./system/libraries/Unit_test.php */
diff --git a/user_guide/changelog.html b/user_guide/changelog.html
index fdf7227..db728f5 100644
--- a/user_guide/changelog.html
+++ b/user_guide/changelog.html
@@ -82,6 +82,7 @@
<li>Altered form helper - made action on form_open_multipart helper function call optional. Fixes (#65)</li>
<li><samp>url_title()</samp> will now trim extra dashes from beginning and end.</li>
<li>Improved speed of <a href="helpers/string_helper.html">String Helper</a>'s <b>random_string()</b> method</li>
+ <li>Added XHTML Basic 1.1 doctype to <a href="helpers/html_helper.html">HTML Helper</a>.</li>
</ul>
</li>
<li>Database
@@ -105,11 +106,13 @@
<li>Added <kbd>is_unique</kbd> to the <a href="libraries/form_validation.html">Form Validation library</a>.</li>
<li>Modified valid_ip() to use PHP's filter_var() when possible (>= PHP 5.2) in the <a href="libraries/form_validation.html">Form Validation</a> library.</li>
<li>Added <kbd>$config['use_page_numbers']</kbd> to the <a href="libraries/pagination.html">Pagination library</a>, which enables real page numbers in the URI.</li>
+ <li>Added TLS and SSL Encryption for SMTP.</li>
</ul>
</li>
<li>Core
<ul>
<li>Changed private functions in CI_URI to protected so MY_URI can override them.</li>
+ <li>Removed CI_CORE boolean constant from CodeIgniter.php (no longer Reactor and Core versions).</li>
</ul>
</li>
</ul>
@@ -132,7 +135,11 @@
<li>Fixed a bug (#344) - Using schema found in <a href="libraries/sessions.html">Saving Session Data to a Database</a>, system would throw error "user_data does not have a default value" when deleting then creating a session.</li>
<li>Fixed a bug (#112) - OCI8 (Oracle) driver didn't pass the configured database character set when connecting.</li>
<li>Fixed a bug (#182) - OCI8 (Oracle) driver used to re-execute the statement whenever num_rows() is called.</li>
- <li>Fixed a bug (#60) - Added _file_mime_type() method to the <a href="libraries/file_uploading.html">File Uploading Library</a> in order to fix a possible MIME-type injection.</li>
+ <li>Fixed a bug (#82) - WHERE clause field names in the DB <samp>update_string()</samp> method were not escaped, resulting in failed queries in some cases.</li>
+ <li>Fixed a bug (#89) - Fix a variable type mismatch in DB <samp>display_error()</samp> where an array is expected, but a string could be set instead.</li>
+ <li>Fixed a bug (#467) - Suppress warnings generated from get_magic_quotes_gpc() (deprecated in PHP 5.4)</li>
+ <li>Fixed a bug (#484) - First time _csrf_set_hash() is called, hash is never set to the cookie (in Security.php).</li>
+ <li>Fixed a bug (#60) - Added _file_mime_type() method to the <a href="libraries/file_uploading.html">File Uploading Library</a> in order to fix a possible MIME-type injection (also fixes bug #394).</li>
</ul>
<h2>Version 2.0.3</h2>
diff --git a/user_guide/general/cli.html b/user_guide/general/cli.html
index 4e9bf87..9091e93 100644
--- a/user_guide/general/cli.html
+++ b/user_guide/general/cli.html
@@ -138,11 +138,11 @@
<div id="footer">
<p>
-Previous Topic: <a href="urls.html">CodeIgniter URLs</a>
+Previous Topic: <a href="profiling.html">Profiling Your Application</a>
·
<a href="#top">Top of Page</a> ·
<a href="../index.html">User Guide Home</a> ·
-Next Topic: <a href="reserved_names.html">Reserved Names</a></p>
+Next Topic: <a href="managing_apps.html">Managing Applications</a></p>
<p><a href="http://codeigniter.com">CodeIgniter</a> · Copyright © 2006 - 2011 · <a href="http://ellislab.com/">EllisLab, Inc.</a></p>
</div>
diff --git a/user_guide/general/managing_apps.html b/user_guide/general/managing_apps.html
index e716d10..93585e2 100644
--- a/user_guide/general/managing_apps.html
+++ b/user_guide/general/managing_apps.html
@@ -120,14 +120,14 @@
<div id="footer">
<p>
-Previous Topic: <a href="profiling.html">Profiling Your Application</a>
+Previous Topic: <a href="cli.html">Running via the CLI</a>
·
<a href="#top">Top of Page</a> ·
<a href="../index.html">User Guide Home</a> ·
-Next Topic: <a href="alternative_php.html">Alternative PHP Syntax</a>
+Next Topic: <a href="environments.html">Handling Multiple Environments</a>
</p>
<p><a href="http://codeigniter.com">CodeIgniter</a> · Copyright © 2006 - 2011 · <a href="http://ellislab.com/">EllisLab, Inc.</a></p>
</div>
</body>
-</html>
\ No newline at end of file
+</html>
diff --git a/user_guide/general/profiling.html b/user_guide/general/profiling.html
index 0993da5..c7c4ed3 100644
--- a/user_guide/general/profiling.html
+++ b/user_guide/general/profiling.html
@@ -177,10 +177,10 @@
·
<a href="#top">Top of Page</a> ·
<a href="../index.html">User Guide Home</a> ·
-Next Topic: <a href="managing_apps.html">Managing Applications</a>
+Next Topic: <a href="cli.html">Running via the CLI</a>
</p>
<p><a href="http://codeigniter.com">CodeIgniter</a> · Copyright © 2006 - 2011 · <a href="http://ellislab.com/">EllisLab, Inc.</a></p>
</div>
</body>
-</html>
\ No newline at end of file
+</html>
diff --git a/user_guide/helpers/html_helper.html b/user_guide/helpers/html_helper.html
index 92bfdfb..4b13427 100644
--- a/user_guide/helpers/html_helper.html
+++ b/user_guide/helpers/html_helper.html
@@ -348,6 +348,11 @@
<td class="td"><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Frameset//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-frameset.dtd"></td>
</tr>
<tr>
+ <td class="td">XHTML Basic 1.1</td>
+ <td class="td">doctype('xhtml-basic11')</td>
+ <td class="td"><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML Basic 1.1//EN" "http://www.w3.org/TR/xhtml-basic/xhtml-basic11.dtd"></td>
+ </tr>
+ <tr>
<td class="td">HTML 5</td>
<td class="td">doctype('html5')</td>
<td class="td"><!DOCTYPE html></td>
diff --git a/user_guide/libraries/email.html b/user_guide/libraries/email.html
index d246254..de2f1c0 100644
--- a/user_guide/libraries/email.html
+++ b/user_guide/libraries/email.html
@@ -63,6 +63,7 @@
<ul>
<li>Multiple Protocols: Mail, Sendmail, and SMTP</li>
+<li>TLS and SSL Encryption for SMTP</li>
<li>Multiple recipients</li>
<li>CC and BCCs</li>
<li>HTML or Plaintext email</li>
@@ -152,6 +153,8 @@
</tr><tr>
<td class="td"><strong>smtp_timeout</strong></td><td class="td">5</td><td class="td">None</td><td class="td">SMTP Timeout (in seconds).</td>
</tr><tr>
+<td class="td"><strong>smtp_crypto</strong></td><td class="td">No Default</td><td class="td">tls or ssl</td><td class="td">SMTP Encryption.</td>
+</tr><tr>
<td class="td"><strong>wordwrap</strong></td><td class="td">TRUE</td><td class="td">TRUE or FALSE (boolean)</td><td class="td">Enable word-wrap.</td>
</tr><tr>
<td class="td"><strong>wrapchars</strong></td><td class="td">76</td><td class="td"> </td><td class="td">Character count to wrap at.</td>
@@ -304,4 +307,4 @@
</div>
</body>
-</html>
\ No newline at end of file
+</html>