Fixes bcit-ci#6201 ctype_digit() should act only on string values.
backported bcit-ci#6164, Fix FLOAT error when TIMEOUT is null on Redis 6.x * this addressed additionally, the default value in Cache_redis.php * backported https://github.com/pocketarc/codeigniter/commit/9612185eabf29f3f7638bf763eacde13959fd19e * backported https://github.com/bcit-ci/CodeIgniter/pull/6164/commits/6028e8a8cd2ac36bc9259c0112afefa0c9da2a2f
Fixes bcit-ci#6159 and bcit-ci/CodeIgniter#6134 due samesetting config * Fixed set_cookie: foreach not consistent with preceding comment cos the samesite setting will be ignored, and defaults to $config['cookie_samesite'] from applicati3on/config/config.php backported https://github.com/pocketarc/codeigniter/commit/c707e65028d1d010c432c8ce453ffb99d126e978 * Fixed codeigniter 3.1.13 Not Declaring CSRF Cookies introduced with the samesite setting commit as strict, backported https://github.com/FusionWowCMS/FusionCMS/commit/46773ee66cba3d97d0d7a20a6b525614911eaa33
... | ... | @@ -366,7 +366,7 @@ class CI_Input { |
366 | 366 | if (is_array($name))
|
367 | 367 | {
|
368 | 368 | // always leave 'name' in last place, as the loop will break otherwise, due to $$item
|
369 | - foreach (array('value', 'expire', 'domain', 'path', 'prefix', 'secure', 'httponly', 'name', 'samesite') as $item)
|
|
369 | + foreach (array('value', 'expire', 'domain', 'path', 'prefix', 'secure', 'httponly', 'samesite', 'name') as $item)
|
|
370 | 370 | {
|
371 | 371 | if (isset($name[$item]))
|
372 | 372 | {
|
... | ... | @@ -294,7 +294,7 @@ class CI_Security { |
294 | 294 | header('Set-Cookie: '.$this->_csrf_cookie_name.'='.$this->_csrf_hash
|
295 | 295 | .'; Expires='.gmdate('D, d-M-Y H:i:s T', $expire)
|
296 | 296 | .'; Max-Age='.$this->_csrf_expire
|
297 | - .'; Path='.rawurlencode(config_item('cookie_path'))
|
|
297 | + .'; Path='.implode('/', array_map('rawurlencode', explode('/', config_item('cookie_path'))))
|
|
298 | 298 | .($domain === '' ? '' : '; Domain='.$domain)
|
299 | 299 | .($secure_cookie ? '; Secure' : '')
|
300 | 300 | .(config_item('cookie_httponly') ? '; HttpOnly' : '')
|
... | ... | @@ -60,7 +60,7 @@ class CI_Cache_redis extends CI_Driver |
60 | 60 | 'host' => '127.0.0.1',
|
61 | 61 | 'password' => NULL,
|
62 | 62 | 'port' => 6379,
|
63 | - 'timeout' => 0
|
|
63 | + 'timeout' => 0.0
|
|
64 | 64 | );
|
65 | 65 | |
66 | 66 | /**
|
... | ... | @@ -523,7 +523,7 @@ class CI_Pagination { |
523 | 523 | }
|
524 | 524 | |
525 | 525 | // If something isn't quite right, back to the default base page.
|
526 | - if ( ! ctype_digit($this->cur_page) OR ($this->use_page_numbers && (int) $this->cur_page === 0))
|
|
526 | + if ( ! ctype_digit((string) $this->cur_page) OR ($this->use_page_numbers && (int) $this->cur_page === 0))
|
|
527 | 527 | {
|
528 | 528 | $this->cur_page = $base_page;
|
529 | 529 | }
|
... | ... | @@ -142,7 +142,7 @@ class CI_Session_redis_driver extends CI_Session_driver implements CI_Session_dr |
142 | 142 | 'port' => empty($matches[2]) ? NULL : $matches[2],
|
143 | 143 | 'password' => preg_match('#auth=([^\s&]+)#', $matches[3], $match) ? $match[1] : NULL,
|
144 | 144 | 'database' => preg_match('#database=(\d+)#', $matches[3], $match) ? (int) $match[1] : NULL,
|
145 | - 'timeout' => preg_match('#timeout=(\d+\.\d+)#', $matches[3], $match) ? (float) $match[1] : NULL
|
|
145 | + 'timeout' => preg_match('#timeout=(\d+\.\d+)#', $matches[3], $match) ? (float) $match[1] : 0.0
|
|
146 | 146 | );
|
147 | 147 | |
148 | 148 | preg_match('#prefix=([^\s&]+)#', $matches[3], $match) && $this->_key_prefix = $match[1];
|
—
View it on GitLab.
You're receiving this email because of your account on gitlab.com. Manage all notifications · Help