Merge pull request #16 from kenjis/update-to-4.2.10

Update to 4.2.10
kenjis · Nov 21, 2022 · a69a607 · a69a607
2 parents 105e4b9 + 5991b98
commit a69a607
Show file tree

Hide file tree

Showing 17 changed files with 818 additions and 914 deletions.
diff --git a/README.md b/README.md
@@ -4,10 +4,10 @@ This template changes the default configuration of CI4 more secure.
 
 This repository includes:
 
-- [CodeIgniter](https://github.com/codeigniter4/CodeIgniter4) 4.2.0
+- [CodeIgniter](https://github.com/codeigniter4/CodeIgniter4) 4.2.10
   - [Translations for CodeIgniter 4 System Messages](https://github.com/codeigniter4/translations) dev-develop
-  - [CodeIgniter DevKit](https://github.com/codeigniter4/devkit) 1.0.0
-- [PHPUnit](https://github.com/sebastianbergmann/phpunit) 9.5.20
+  - [CodeIgniter DevKit](https://github.com/codeigniter4/devkit) 1.1.0
+- [PHPUnit](https://github.com/sebastianbergmann/phpunit) 9.5.26
 - [Liaison Revision](https://github.com/paulbalandan/liaison-revision) 1.1.0
 - [bear/qatools](https://github.com/bearsunday/BEAR.QATools) 1.10.0
 

diff --git a/app/Common.php b/app/Common.php
@@ -4,7 +4,7 @@
  * The goal of this file is to allow developers a location
  * where they can overwrite core procedural functions and
  * replace them with their own. This file is loaded during
- * the bootstrap process and is called during the frameworks
+ * the bootstrap process and is called during the framework's
  * execution.
  *
  * This can be looked at as a `master helper` file that is

diff --git a/app/Config/App.php b/app/Config/App.php
@@ -44,7 +44,7 @@ class App extends BaseConfig
      * URI PROTOCOL
      * --------------------------------------------------------------------------
      *
-     * This item determines which getServer global should be used to retrieve the
+     * This item determines which server global should be used to retrieve the
      * URI string.  The default setting of 'REQUEST_URI' works for most servers.
      * If your links do not seem to work, try one of the other delicious flavors:
      *
@@ -437,6 +437,7 @@ class App extends BaseConfig
      * Defaults to `Lax` as recommended in this link:
      *
      * @see https://portswigger.net/web-security/csrf/samesite-cookies
+     *
      * @deprecated `Config\Cookie` $samesite property is used.
      *
      * @var string

diff --git a/app/Config/Constants.php b/app/Config/Constants.php
@@ -67,16 +67,16 @@
  |       http://tldp.org/LDP/abs/html/exitcodes.html
  |
  */
-defined('EXIT_SUCCESS')        || define('EXIT_SUCCESS', 0); // no errors
-defined('EXIT_ERROR')          || define('EXIT_ERROR', 1); // generic error
-defined('EXIT_CONFIG')         || define('EXIT_CONFIG', 3); // configuration error
-defined('EXIT_UNKNOWN_FILE')   || define('EXIT_UNKNOWN_FILE', 4); // file not found
-defined('EXIT_UNKNOWN_CLASS')  || define('EXIT_UNKNOWN_CLASS', 5); // unknown class
+defined('EXIT_SUCCESS')        || define('EXIT_SUCCESS', 0);        // no errors
+defined('EXIT_ERROR')          || define('EXIT_ERROR', 1);          // generic error
+defined('EXIT_CONFIG')         || define('EXIT_CONFIG', 3);         // configuration error
+defined('EXIT_UNKNOWN_FILE')   || define('EXIT_UNKNOWN_FILE', 4);   // file not found
+defined('EXIT_UNKNOWN_CLASS')  || define('EXIT_UNKNOWN_CLASS', 5);  // unknown class
 defined('EXIT_UNKNOWN_METHOD') || define('EXIT_UNKNOWN_METHOD', 6); // unknown class member
-defined('EXIT_USER_INPUT')     || define('EXIT_USER_INPUT', 7); // invalid user input
-defined('EXIT_DATABASE')       || define('EXIT_DATABASE', 8); // database error
-defined('EXIT__AUTO_MIN')      || define('EXIT__AUTO_MIN', 9); // lowest automatically-assigned error code
-defined('EXIT__AUTO_MAX')      || define('EXIT__AUTO_MAX', 125); // highest automatically-assigned error code
+defined('EXIT_USER_INPUT')     || define('EXIT_USER_INPUT', 7);     // invalid user input
+defined('EXIT_DATABASE')       || define('EXIT_DATABASE', 8);       // database error
+defined('EXIT__AUTO_MIN')      || define('EXIT__AUTO_MIN', 9);      // lowest automatically-assigned error code
+defined('EXIT__AUTO_MAX')      || define('EXIT__AUTO_MAX', 125);    // highest automatically-assigned error code
 
 /**
  * @deprecated Use \CodeIgniter\Events\Events::PRIORITY_LOW instead.

diff --git a/app/Config/ContentSecurityPolicy.php b/app/Config/ContentSecurityPolicy.php
@@ -15,9 +15,9 @@
  */
 class ContentSecurityPolicy extends BaseConfig
 {
-    //-------------------------------------------------------------------------
+    // -------------------------------------------------------------------------
     // Broadbrush CSP management
-    //-------------------------------------------------------------------------
+    // -------------------------------------------------------------------------
 
     /**
      * Default CSP report context
@@ -43,10 +43,10 @@ class ContentSecurityPolicy extends BaseConfig
      */
     public $upgradeInsecureRequests = false;
 
-    //-------------------------------------------------------------------------
+    // -------------------------------------------------------------------------
     // Sources allowed
     // Note: once you set a policy to 'none', it cannot be further restricted
-    //-------------------------------------------------------------------------
+    // -------------------------------------------------------------------------
 
     /**
      * Will default to self if not overridden

diff --git a/app/Config/Logger.php b/app/Config/Logger.php
@@ -2,8 +2,8 @@
 
 namespace Config;
 
-use CodeIgniter\Log\Handlers\FileHandler;
 use CodeIgniter\Config\BaseConfig;
+use CodeIgniter\Log\Handlers\FileHandler;
 
 class Logger extends BaseConfig
 {
@@ -60,7 +60,7 @@ class Logger extends BaseConfig
      * The logging system supports multiple actions to be taken when something
      * is logged. This is done by allowing for multiple Handlers, special classes
      * designed to write the log to their chosen destinations, whether that is
-     * a file on the getServer, a cloud-based service, or even taking actions such
+     * a file on the server, a cloud-based service, or even taking actions such
      * as emailing the dev team.
      *
      * Each handler is defined by the class name used for that handler, and it

diff --git a/app/Config/Mimes.php b/app/Config/Mimes.php
@@ -102,8 +102,6 @@ class Mimes
         ],
         'pptx' => [
             'application/vnd.openxmlformats-officedocument.presentationml.presentation',
-            'application/x-zip',
-            'application/zip',
         ],
         'wbxml' => 'application/wbxml',
         'wmlc'  => 'application/wmlc',
@@ -512,20 +510,19 @@ public static function guessExtensionFromType(string $type, ?string $proposedExt
 
         $proposedExtension = trim(strtolower($proposedExtension ?? ''));
 
-        if ($proposedExtension !== '') {
-            if (array_key_exists($proposedExtension, static::$mimes) && in_array($type, is_string(static::$mimes[$proposedExtension]) ? [static::$mimes[$proposedExtension]] : static::$mimes[$proposedExtension], true)) {
-                // The detected mime type matches with the proposed extension.
-                return $proposedExtension;
-            }
-
-            // An extension was proposed, but the media type does not match the mime type list.
-            return null;
+        if (
+            $proposedExtension !== ''
+            && array_key_exists($proposedExtension, static::$mimes)
+            && in_array($type, (array) static::$mimes[$proposedExtension], true)
+        ) {
+            // The detected mime type matches with the proposed extension.
+            return $proposedExtension;
         }
 
         // Reverse check the mime type list if no extension was proposed.
         // This search is order sensitive!
         foreach (static::$mimes as $ext => $types) {
-            if ((is_string($types) && $types === $type) || (is_array($types) && in_array($type, $types, true))) {
+            if (in_array($type, (array) $types, true)) {
                 return $ext;
             }
         }

diff --git a/app/Config/Paths.php b/app/Config/Paths.php
@@ -34,8 +34,8 @@ class Paths
      *
      * If you want this front controller to use a different "app"
      * folder than the default one you can set its name here. The folder
-     * can also be renamed or relocated anywhere on your getServer. If
-     * you do, use a full getServer path.
+     * can also be renamed or relocated anywhere on your server. If
+     * you do, use a full server path.
      *
      * @see http://codeigniter.com/user_guide/general/managing_apps.html
      *

diff --git a/app/Config/Validation.php b/app/Config/Validation.php
@@ -3,12 +3,16 @@
 namespace Config;
 
 use CodeIgniter\Config\BaseConfig;
+use CodeIgniter\Validation\CreditCardRules;
+use CodeIgniter\Validation\FileRules;
+use CodeIgniter\Validation\FormatRules;
+use CodeIgniter\Validation\Rules;
 
 class Validation extends BaseConfig
 {
-    //--------------------------------------------------------------------
+    // --------------------------------------------------------------------
     // Setup
-    //--------------------------------------------------------------------
+    // --------------------------------------------------------------------
 
     /**
      * Stores the classes that contain the
@@ -17,10 +21,10 @@ class Validation extends BaseConfig
      * @var string[]
      */
     public $ruleSets = [
-        \CodeIgniter\Validation\StrictRules\CreditCardRules::class,
-        \CodeIgniter\Validation\StrictRules\FileRules::class,
-        \CodeIgniter\Validation\StrictRules\FormatRules::class,
-        \CodeIgniter\Validation\StrictRules\Rules::class,
+        Rules::class,
+        FormatRules::class,
+        FileRules::class,
+        CreditCardRules::class,
     ];
 
     /**
@@ -34,7 +38,7 @@ class Validation extends BaseConfig
         'single' => 'CodeIgniter\Validation\Views\single',
     ];
 
-    //--------------------------------------------------------------------
+    // --------------------------------------------------------------------
     // Rules
-    //--------------------------------------------------------------------
+    // --------------------------------------------------------------------
 }
diff --git a/app/Views/errors/html/error_404.php b/app/Views/errors/html/error_404.php
@@ -73,7 +73,7 @@
         <h1>404 - File Not Found</h1>
 
         <p>
-            <?php if (! empty($message) && $message !== '(null)') : ?>
+            <?php if (ENVIRONMENT !== 'production') : ?>
                 <?= nl2br(esc($message)) ?>
             <?php else : ?>
                 Sorry! Cannot seem to find the page you were looking for.

diff --git a/app/Views/errors/html/error_exception.php b/app/Views/errors/html/error_exception.php
@@ -270,7 +270,7 @@
 
                 <?php endif; ?>
 
-                <?php $headers = $request->getHeaders(); ?>
+                <?php $headers = $request->headers(); ?>
                 <?php if (! empty($headers)) : ?>
 
                     <h3>Headers</h3>
@@ -318,7 +318,7 @@
                     </tr>
                 </table>
 
-                <?php $headers = $response->getHeaders(); ?>
+                <?php $headers = $response->headers(); ?>
                 <?php if (! empty($headers)) : ?>
                     <?php natsort($headers) ?>