Skip to content

Commit 4d5ca25

Browse files
committed
Merge remote-tracking branch 'upstream/develop' into 4.3
2 parents bc48f95 + e92a5d0 commit 4d5ca25

File tree

29 files changed

+205
-74
lines changed

29 files changed

+205
-74
lines changed

composer.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -24,7 +24,7 @@
2424
"phpstan/phpstan": "^1.7.1",
2525
"phpunit/phpunit": "^9.1",
2626
"predis/predis": "^1.1 || ^2.0",
27-
"rector/rector": "0.13.8"
27+
"rector/rector": "0.13.9"
2828
},
2929
"suggest": {
3030
"ext-fileinfo": "Improves mime type detection for files"

rector.php

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -29,8 +29,10 @@
2929
use Rector\CodingStyle\Rector\FuncCall\CountArrayToEmptyArrayComparisonRector;
3030
use Rector\Config\RectorConfig;
3131
use Rector\DeadCode\Rector\ClassMethod\RemoveUnusedPrivateMethodRector;
32+
use Rector\DeadCode\Rector\If_\RemoveAlwaysTrueIfConditionRector;
3233
use Rector\DeadCode\Rector\If_\UnwrapFutureCompatibleIfPhpVersionRector;
3334
use Rector\DeadCode\Rector\MethodCall\RemoveEmptyMethodCallRector;
35+
use Rector\DeadCode\Rector\Plus\RemoveDeadZeroAndOneOperationRector;
3436
use Rector\EarlyReturn\Rector\Foreach_\ChangeNestedForeachIfsToEarlyContinueRector;
3537
use Rector\EarlyReturn\Rector\If_\ChangeIfElseValueAssignToEarlyReturnRector;
3638
use Rector\EarlyReturn\Rector\If_\RemoveAlwaysElseRector;
@@ -71,6 +73,8 @@
7173
__DIR__ . '/system/Test/bootstrap.php',
7274
]);
7375

76+
$rectorConfig->phpstanConfig(__DIR__ . '/phpstan.neon.dist');
77+
7478
// is there a file you need to skip?
7579
$rectorConfig->skip([
7680
__DIR__ . '/app/Views',
@@ -128,6 +132,12 @@
128132
GetMockBuilderGetMockToCreateMockRector::class => [
129133
__DIR__ . '/tests/system/Email/EmailTest.php',
130134
],
135+
136+
// buggy on read based on @var on property
137+
RemoveAlwaysTrueIfConditionRector::class,
138+
139+
// buggy on string * int
140+
RemoveDeadZeroAndOneOperationRector::class,
131141
]);
132142

133143
// auto import fully qualified class names

system/Files/FileCollection.php

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -178,7 +178,9 @@ public function add($paths, bool $recursive = true)
178178
// Test for a directory
179179
self::resolveDirectory($path);
180180
} catch (FileException $e) {
181-
return $this->addFile($path);
181+
$this->addFile($path);
182+
183+
continue;
182184
}
183185

184186
$this->addDirectory($path, $recursive);

system/Security/Security.php

Lines changed: 17 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -21,6 +21,8 @@
2121
use Config\Cookie as CookieConfig;
2222
use Config\Security as SecurityConfig;
2323
use Config\Services;
24+
use ErrorException;
25+
use InvalidArgumentException;
2426
use LogicException;
2527

2628
/**
@@ -278,8 +280,13 @@ public function verify(RequestInterface $request)
278280
}
279281

280282
$postedToken = $this->getPostedToken($request);
281-
$token = ($postedToken !== null && $this->tokenRandomize)
282-
? $this->derandomize($postedToken) : $postedToken;
283+
284+
try {
285+
$token = ($postedToken !== null && $this->tokenRandomize)
286+
? $this->derandomize($postedToken) : $postedToken;
287+
} catch (InvalidArgumentException $e) {
288+
$token = null;
289+
}
283290

284291
// Do the tokens match?
285292
if (! isset($token, $this->hash) || ! hash_equals($this->hash, $token)) {
@@ -359,13 +366,20 @@ protected function randomize(string $hash): string
359366

360367
/**
361368
* Derandomize the token.
369+
*
370+
* @throws InvalidArgumentException "hex2bin(): Hexadecimal input string must have an even length"
362371
*/
363372
protected function derandomize(string $token): string
364373
{
365374
$key = substr($token, -static::CSRF_HASH_BYTES * 2);
366375
$value = substr($token, 0, static::CSRF_HASH_BYTES * 2);
367376

368-
return bin2hex(hex2bin($value) ^ hex2bin($key));
377+
try {
378+
return bin2hex(hex2bin($value) ^ hex2bin($key));
379+
} catch (ErrorException $e) {
380+
// "hex2bin(): Hexadecimal input string must have an even length"
381+
throw new InvalidArgumentException($e->getMessage());
382+
}
369383
}
370384

371385
/**

tests/system/Files/FileCollectionTest.php

Lines changed: 19 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -178,7 +178,24 @@ public function testAddStringDirectoryRecursive()
178178
$this->assertSame($expected, $files->get());
179179
}
180180

181-
public function testAddArray()
181+
public function testAddArrayFiles()
182+
{
183+
$files = new FileCollection();
184+
185+
$expected = [
186+
$this->directory . 'apple.php',
187+
SUPPORTPATH . 'Files/baker/banana.php',
188+
];
189+
190+
$files->add([
191+
$this->directory . 'apple.php',
192+
SUPPORTPATH . 'Files/baker/banana.php',
193+
]);
194+
195+
$this->assertSame($expected, $files->get());
196+
}
197+
198+
public function testAddArrayDirectoryAndFile()
182199
{
183200
$files = new FileCollection();
184201

@@ -190,7 +207,7 @@ public function testAddArray()
190207
];
191208

192209
$files->add([
193-
SUPPORTPATH . 'Files/able',
210+
SUPPORTPATH . 'Files/able', // directory
194211
SUPPORTPATH . 'Files/baker/banana.php',
195212
]);
196213

tests/system/Security/SecurityCSRFSessionRandomizeTokenTest.php

Lines changed: 15 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -141,6 +141,21 @@ public function testCSRFVerifyPostThrowsExceptionOnNoMatch()
141141
$security->verify($request);
142142
}
143143

144+
public function testCSRFVerifyPostInvalidToken()
145+
{
146+
$this->expectException(SecurityException::class);
147+
$this->expectExceptionMessage('The action you requested is not allowed.');
148+
149+
$_SERVER['REQUEST_METHOD'] = 'POST';
150+
$_POST['csrf_test_name'] = '!';
151+
152+
$request = new IncomingRequest(new MockAppConfig(), new URI('http://badurl.com'), null, new UserAgent());
153+
154+
$security = new Security(new MockAppConfig());
155+
156+
$security->verify($request);
157+
}
158+
144159
public function testCSRFVerifyPostReturnsSelfOnMatch()
145160
{
146161
$_SERVER['REQUEST_METHOD'] = 'POST';

user_guide_src/source/database/metadata/001.php

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,7 @@
11
<?php
22

3+
$db = db_connect();
4+
35
$tables = $db->listTables();
46

57
foreach ($tables as $table) {
Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,7 @@
11
<?php
22

3+
$db = db_connect();
4+
35
if ($db->tableExists('table_name')) {
46
// some code...
57
}

user_guide_src/source/database/metadata/003.php

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,7 @@
11
<?php
22

3+
$db = db_connect();
4+
35
$fields = $db->getFieldNames('table_name');
46

57
foreach ($fields as $field) {

user_guide_src/source/database/metadata/004.php

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,7 @@
11
<?php
22

3+
$db = db_connect();
4+
35
$query = $db->query('SELECT * FROM some_table');
46

57
foreach ($query->getFieldNames() as $field) {
Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,7 @@
11
<?php
22

3+
$db = db_connect();
4+
35
if ($db->fieldExists('field_name', 'table_name')) {
46
// some code...
57
}

user_guide_src/source/database/metadata/006.php

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,7 @@
11
<?php
22

3+
$db = db_connect();
4+
35
$fields = $db->getFieldData('table_name');
46

57
foreach ($fields as $field) {
Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,6 @@
11
<?php
22

3+
$db = db_connect();
4+
35
$query = $db->query('YOUR QUERY');
4-
$fields = $query->fieldData();
6+
$fields = $query->getFieldData();

user_guide_src/source/database/metadata/008.php

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,7 @@
11
<?php
22

3+
$db = db_connect();
4+
35
$keys = $db->getIndexData('table_name');
46

57
foreach ($keys as $key) {

user_guide_src/source/database/metadata/009.php

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,7 @@
11
<?php
22

3+
$db = db_connect();
4+
35
$keys = $db->getForeignKeyData('table_name');
46

57
foreach ($keys as $key) {

user_guide_src/source/general/common_functions.rst

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -298,6 +298,12 @@ Miscellaneous Functions
298298
.. php:function:: redirect(string $route)
299299
300300
:param string $route: The reverse-routed or named route to redirect the user to.
301+
:rtype: RedirectResponse
302+
303+
.. important:: When you use this function, an instance of ``RedirectResponse`` must be returned
304+
in the method of the :doc:`Controller <../incoming/controllers>` or
305+
the :doc:`Controller Filter <../incoming/filters>`. If you forget to return it,
306+
no redirection will occur.
301307

302308
Returns a RedirectResponse instance allowing you to easily create redirects:
303309

user_guide_src/source/general/environments.rst

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -41,6 +41,8 @@ The simplest method to set the variable is in your :doc:`.env file </general/con
4141

4242
> php spark env production
4343

44+
.. _environment-apache:
45+
4446
Apache
4547
------
4648

@@ -51,6 +53,9 @@ config using `SetEnv <https://httpd.apache.org/docs/2.2/mod/mod_env.html#setenv>
5153
5254
SetEnv CI_ENVIRONMENT development
5355
56+
57+
.. _environment-nginx:
58+
5459
nginx
5560
-----
5661

user_guide_src/source/general/modules.rst

Lines changed: 7 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -30,11 +30,11 @@ directory in the main project root::
3030
/tests
3131
/writable
3232

33-
Open **app/Config/Autoload.php** and add the **Acme** namespace to the ``psr4`` array property:
33+
Open **app/Config/Autoload.php** and add the ``Acme\Blog`` namespace to the ``psr4`` array property:
3434

3535
.. literalinclude:: modules/001.php
3636

37-
Now that this is set up, we can access any file within the **acme** folder through the ``Acme`` namespace. This alone
37+
Now that this is set up, we can access any file within the **acme/Blog** folder through the ``Acme\Blog`` namespace. This alone
3838
takes care of 80% of what is needed for modules to work, so you should be sure to familiarize yourself with namespaces
3939
and become comfortable with their use. Several file types will be scanned for automatically through all defined namespaces - a crucial ingredient for working with modules.
4040

@@ -90,23 +90,18 @@ This is configured in the file **app/Config/Modules.php**.
9090

9191
The auto-discovery system works by scanning for particular directories and files within psr4 namespaces that have been defined in **Config/Autoload.php**.
9292

93-
To make auto-discovery work for our **Blog** namespace, we need to make one small adjustment.
94-
**Acme** needs to be changed to **Acme\\Blog** because each "module" within the namespace needs to be fully defined.
95-
96-
.. literalinclude:: modules/003.php
97-
98-
Once your module folder path is defined, the discovery process would look for discoverable items on that path and should, for example, find the routes file at **/acme/Blog/Config/Routes.php**.
93+
The discovery process would look for discoverable items on that path and should, for example, find the routes file at **/acme/Blog/Config/Routes.php**.
9994

10095
Enable/Disable Discover
10196
=======================
10297

103-
You can turn on or off all auto-discovery in the system with the **$enabled** class variable. False will disable
98+
You can turn on or off all auto-discovery in the system with the ``$enabled`` class variable. False will disable
10499
all discovery, optimizing performance, but negating the special capabilities of your modules.
105100

106101
Specify Discovery Items
107102
=======================
108103

109-
With the **$aliases** option, you can specify which items are automatically discovered. If the item is not
104+
With the ``$aliases`` option, you can specify which items are automatically discovered. If the item is not
110105
present, then no auto-discovery will happen for that item, but the others in the array will still be discovered.
111106

112107
Discovery and Composer
@@ -173,12 +168,12 @@ with the ``new`` command:
173168

174169
.. literalinclude:: modules/008.php
175170

176-
Config files are automatically discovered whenever using the **config()** function that is always available.
171+
Config files are automatically discovered whenever using the ``config()`` function that is always available.
177172

178173
.. note:: We don't recommend you use the same short classname in modules.
179174
Modules that need to override or add to known configurations in **app/Config/** should use :ref:`registrars`.
180175

181-
.. note:: **config()** finds the file in **app/Config/** when there is a class with the same shortname,
176+
.. note:: ``config()`` finds the file in **app/Config/** when there is a class with the same shortname,
182177
even if you specify a fully qualified class name like ``config(\Acme\Blog\Config\Blog::class)``.
183178
This is because ``config()`` is a wrapper for the ``Factories`` class which uses ``preferApp`` by default. See :ref:`factories-options` for more information.
184179

user_guide_src/source/general/modules/001.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -9,7 +9,7 @@ class Autoload extends AutoloadConfig
99
public $psr4 = [
1010
APP_NAMESPACE => APPPATH, // For custom namespace
1111
'Config' => APPPATH . 'Config',
12-
'Acme' => ROOTPATH . 'acme',
12+
'Acme\Blog' => ROOTPATH . 'acme/Blog',
1313
];
1414

1515
// ...

user_guide_src/source/general/modules/003.php

Lines changed: 0 additions & 16 deletions
This file was deleted.

user_guide_src/source/general/urls.rst

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -60,6 +60,8 @@ By default, the **index.php** file will be included in your URLs::
6060
If your server supports rewriting URLs you can easily remove this file with URL rewriting. This is handled differently
6161
by different servers, but we will show examples for the two most common web servers here.
6262

63+
.. _urls-remove-index-php-apache:
64+
6365
Apache Web Server
6466
-----------------
6567

@@ -81,6 +83,8 @@ request for your index.php file.
8183

8284
.. note:: Make sure to also exclude from the above rules any assets that you might need to be accessible from the outside world.
8385

86+
.. _urls-remove-index-php-nginx:
87+
8488
NGINX
8589
-----
8690

user_guide_src/source/installation/index.rst

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -26,7 +26,7 @@ However you choose to install and run CodeIgniter4, the
2626
installing_composer
2727
installing_manual
2828
running
29+
troubleshooting
2930
../changelogs/index
3031
upgrading
31-
troubleshooting
3232
repositories

0 commit comments

Comments
 (0)