From 181ad4d67a20c1af2fd5bcd6e732e662bde0a38f Mon Sep 17 00:00:00 2001 From: Alex Tselegidis Date: Sun, 10 May 2015 22:01:35 +0200 Subject: [PATCH] Updated CodeIgniter 2.2.2 system dir. --- src/system/core/CodeIgniter.php | 2 +- src/system/core/Config.php | 6 ++++-- src/system/core/Security.php | 12 ++++++------ src/system/libraries/Cache/Cache.php | 3 ++- 4 files changed, 13 insertions(+), 10 deletions(-) diff --git a/src/system/core/CodeIgniter.php b/src/system/core/CodeIgniter.php index b49c1458..9c9930bc 100644 --- a/src/system/core/CodeIgniter.php +++ b/src/system/core/CodeIgniter.php @@ -34,7 +34,7 @@ * @var string * */ - define('CI_VERSION', '2.2.1'); + define('CI_VERSION', '2.2.2'); /** * CodeIgniter Branch (Core = TRUE, Reactor = FALSE) diff --git a/src/system/core/Config.php b/src/system/core/Config.php index 50a0d8ee..45641faa 100644 --- a/src/system/core/Config.php +++ b/src/system/core/Config.php @@ -67,11 +67,13 @@ class CI_Config { // Set the base_url automatically if none was provided if ($this->config['base_url'] == '') { - if (isset($_SERVER['HTTP_HOST'])) + // The regular expression is only a basic validation for a valid "Host" header. + // It's not exhaustive, only checks for valid characters. + if (isset($_SERVER['HTTP_HOST']) && preg_match('/^((\[[0-9a-f:]+\])|(\d{1,3}(\.\d{1,3}){3})|[a-z0-9\-\.]+)(:\d+)?$/i', $_SERVER['HTTP_HOST'])) { $base_url = (empty($_SERVER['HTTPS']) OR strtolower($_SERVER['HTTPS']) === 'off') ? 'http' : 'https'; $base_url .= '://'. $_SERVER['HTTP_HOST']; - $base_url .= str_replace(basename($_SERVER['SCRIPT_NAME']), '', $_SERVER['SCRIPT_NAME']); + $base_url .= substr($_SERVER['SCRIPT_NAME'], 0, strpos($_SERVER['SCRIPT_NAME'], basename($_SERVER['SCRIPT_FILENAME']))); } else diff --git a/src/system/core/Security.php b/src/system/core/Security.php index 710d9755..4c265d4d 100644 --- a/src/system/core/Security.php +++ b/src/system/core/Security.php @@ -513,7 +513,7 @@ class CI_Security { $str_compare = $str; // Decode standard entities, avoiding false positives - if ($c = preg_match_all('/&[a-z]{2,}(?![a-z;])/i', $str, $matches)) + if (preg_match_all('/\&[a-z]{2,}(?![a-z;])/i', $str, $matches)) { if ( ! isset($_entities)) { @@ -530,7 +530,7 @@ class CI_Security { { $_entities[':'] = ':'; $_entities['('] = '('; - $_entities[')'] = '&rpar'; + $_entities[')'] = ')'; $_entities["\n"] = '&newline;'; $_entities["\t"] = '&tab;'; } @@ -538,11 +538,11 @@ class CI_Security { $replace = array(); $matches = array_unique(array_map('strtolower', $matches[0])); - for ($i = 0; $i < $c; $i++) + foreach ($matches as &$match) { - if (($char = array_search($matches[$i].';', $_entities, TRUE)) !== FALSE) + if (($char = array_search($match.';', $_entities, TRUE)) !== FALSE) { - $replace[$matches[$i]] = $char; + $replace[$match] = $char; } } @@ -644,7 +644,7 @@ class CI_Security { protected function _remove_evil_attributes($str, $is_image) { // All javascript event handlers (e.g. onload, onclick, onmouseover), style, and xmlns - $evil_attributes = array('on\w*', 'style', 'xmlns', 'formaction', 'form', 'xlink:href'); + $evil_attributes = array('on\w*', 'style', 'xmlns', 'formaction', 'form', 'xlink:href', 'FSCommand', 'seekSegmentTime'); if ($is_image === TRUE) { diff --git a/src/system/libraries/Cache/Cache.php b/src/system/libraries/Cache/Cache.php index 63c74324..b1453e70 100644 --- a/src/system/libraries/Cache/Cache.php +++ b/src/system/libraries/Cache/Cache.php @@ -204,6 +204,7 @@ class CI_Cache extends CI_Driver_Library { if ( ! $this->is_supported($child)) { $this->_adapter = $this->_backup_driver; + $obj = parent::__get($this->_adapter); } return $obj; @@ -212,4 +213,4 @@ class CI_Cache extends CI_Driver_Library { } /* End of file Cache.php */ -/* Location: ./system/libraries/Cache/Cache.php */ \ No newline at end of file +/* Location: ./system/libraries/Cache/Cache.php */