Merge remote-tracking branch 'upstream/develop' into 4.5

.github/workflows/deploy-distributables.yml

@@ -66,7 +66,7 @@ jobs:
  run: ./source/.github/scripts/deploy-framework ${GITHUB_WORKSPACE}/source ${GITHUB_WORKSPACE}/framework ${GITHUB_REF##*/}
 
  - name: Release
- uses: actions/github-script@v6
+ uses: actions/github-script@v7
  with:
  github-token: ${{secrets.ACCESS_TOKEN}}
  script: |
@@ -116,7 +116,7 @@ jobs:
  run: ./source/.github/scripts/deploy-appstarter ${GITHUB_WORKSPACE}/source ${GITHUB_WORKSPACE}/appstarter ${GITHUB_REF##*/}
 
  - name: Release
- uses: actions/github-script@v6
+ uses: actions/github-script@v7
  with:
  github-token: ${{secrets.ACCESS_TOKEN}}
  script: |
@@ -172,7 +172,7 @@ jobs:
  run: ./source/.github/scripts/deploy-userguide ${GITHUB_WORKSPACE}/source ${GITHUB_WORKSPACE}/userguide ${GITHUB_REF##*/}
 
  - name: Release
- uses: actions/github-script@v6
+ uses: actions/github-script@v7
  with:
  github-token: ${{secrets.ACCESS_TOKEN}}
  script: |

phpstan-baseline.php

@@ -3711,16 +3711,6 @@
  'count' => 1,
  'path' => __DIR__ . '/system/View/Cell.php',
 ];
-$ignoreErrors[] = [
- 'message' => '#^Construct empty\\(\\) is not allowed\\. Use more strict comparison\\.$#',
- 'count' => 8,
- 'path' => __DIR__ . '/system/View/Cell.php',
-];
-$ignoreErrors[] = [
- 'message' => '#^Property CodeIgniter\\\\View\\\\Cell\\:\\:\\$cache \\(CodeIgniter\\\\Cache\\\\CacheInterface\\) in empty\\(\\) is not falsy\\.$#',
- 'count' => 2,
- 'path' => __DIR__ . '/system/View/Cell.php',
-];
 $ignoreErrors[] = [
  'message' => '#^Construct empty\\(\\) is not allowed\\. Use more strict comparison\\.$#',
  'count' => 1,
@@ -3766,16 +3756,6 @@
  'count' => 3,
  'path' => __DIR__ . '/system/View/View.php',
 ];
-$ignoreErrors[] = [
- 'message' => '#^Parameter \\#2 \\$context \\(\'attr\'\\|\'css\'\\|\'html\'\\|\'js\'\\|\'raw\'\\|\'url\'\\|null\\) of method CodeIgniter\\\\View\\\\View\\:\\:setData\\(\\) should be contravariant with parameter \\$context \\(string\\|null\\) of method CodeIgniter\\\\View\\\\RendererInterface\\:\\:setData\\(\\)$#',
- 'count' => 1,
- 'path' => __DIR__ . '/system/View/View.php',
-];
-$ignoreErrors[] = [
- 'message' => '#^Parameter \\#3 \\$context \\(\'attr\'\\|\'css\'\\|\'html\'\\|\'js\'\\|\'raw\'\\|\'url\'\\|null\\) of method CodeIgniter\\\\View\\\\View\\:\\:setVar\\(\\) should be contravariant with parameter \\$context \\(string\\|null\\) of method CodeIgniter\\\\View\\\\RendererInterface\\:\\:setVar\\(\\)$#',
- 'count' => 1,
- 'path' => __DIR__ . '/system/View/View.php',
-];
 $ignoreErrors[] = [
  'message' => '#^Short ternary operator is not allowed\\. Use null coalesce operator if applicable or consider using long ternary\\.$#',
  'count' => 2,

system/Common.php

@@ -502,27 +502,11 @@ function force_https(
  Services::session()->regenerate(); // @codeCoverageIgnore
  }
 
- $baseURL = config(App::class)->baseURL;
-
- if (strpos($baseURL, 'https://') === 0) {
- $authority = substr($baseURL, strlen('https://'));
- } elseif (strpos($baseURL, 'http://') === 0) {
- $authority = substr($baseURL, strlen('http://'));
- } else {
- $authority = $baseURL;
- }
-
- $uri = URI::createURIString(
- 'https',
- $authority,
- $request->getUri()->getPath(), // Absolute URIs should use a "/" for an empty path
- $request->getUri()->getQuery(),
- $request->getUri()->getFragment()
- );
+ $uri = $request->getUri()->withScheme('https');
 
  // Set an HSTS header
  $response->setHeader('Strict-Transport-Security', 'max-age=' . $duration)
- ->redirect($uri)
+ ->redirect((string) $uri)
  ->setStatusCode(307)
  ->setBody('')
  ->getCookieStore()

system/View/Cell.php

@@ -84,11 +84,9 @@ public function render(string $library, $params = null, int $ttl = 0, ?string $c
  $params = $this->prepareParams($params);
 
  // Is the output cached?
- $cacheName = ! empty($cacheName)
- ? $cacheName
- : str_replace(['\\', '/'], '', $class) . $method . md5(serialize($params));
+ $cacheName ??= str_replace(['\\', '/'], '', $class) . $method . md5(serialize($params));
 
- if (! empty($this->cache) && $output = $this->cache->get($cacheName)) {
+ if ($output = $this->cache->get($cacheName)) {
  return $output;
  }
 
@@ -105,7 +103,7 @@ public function render(string $library, $params = null, int $ttl = 0, ?string $c
  : $this->renderSimpleClass($instance, $method, $params, $class);
 
  // Can we cache it?
- if (! empty($this->cache) && $ttl !== 0) {
+ if ($ttl !== 0) {
  $this->cache->save($cacheName, $output, $ttl);
  }
 
@@ -119,11 +117,14 @@ public function render(string $library, $params = null, int $ttl = 0, ?string $c
  *
  * @param array|string|null $params
  *
- * @return array|null
+ * @return array
  */
  public function prepareParams($params)
  {
- if (empty($params) || (! is_string($params) && ! is_array($params))) {
+ if (
+ ($params === null || $params === '' || $params === [])
+ || (! is_string($params) && ! is_array($params))
+ ) {
  return [];
  }
 
@@ -139,7 +140,7 @@ public function prepareParams($params)
  unset($separator);
 
  foreach ($params as $p) {
- if (! empty($p)) {
+ if ($p !== '') {
  [$key, $val] = explode('=', $p);
 
  $newParams[trim($key)] = trim($val, ', ');
@@ -175,7 +176,7 @@ protected function determineClass(string $library): array
 
  [$class, $method] = explode(':', $library);
 
- if (empty($class)) {
+ if ($class === '') {
  throw ViewException::forNoCellClass();
  }
 
@@ -187,7 +188,7 @@ protected function determineClass(string $library): array
  throw ViewException::forInvalidCellClass($class);
  }
 
- if (empty($method)) {
+ if ($method === '') {
  $method = 'index';
  }
 
@@ -274,7 +275,7 @@ final protected function renderSimpleClass($instance, string $method, array $par
  $refParams = $refMethod->getParameters();
 
  if ($paramCount === 0) {
- if (! empty($params)) {
+ if ($params !== []) {
  throw ViewException::forMissingCellParameters($class, $method);
  }
 

system/View/RendererInterface.php

@@ -46,6 +46,7 @@ public function renderString(string $view, ?array $options = null, bool $saveDat
  *
  * @param string $context The context to escape it for: html, css, js, url
  * If 'raw', no escaping will happen
+ * @phpstan-param null|'html'|'js'|'css'|'url'|'attr'|'raw' $context
  *
  * @return RendererInterface
  */
@@ -57,6 +58,7 @@ public function setData(array $data = [], ?string $context = null);
  * @param mixed $value
  * @param string $context The context to escape it for: html, css, js, url
  * If 'raw' no escaping will happen
+ * @phpstan-param null|'html'|'js'|'css'|'url'|'attr'|'raw' $context
  *
  * @return RendererInterface
  */

tests/system/CommonFunctionsTest.php

@@ -612,6 +612,7 @@ public function testViewNotSaveData(): void
  public function testForceHttpsNullRequestAndResponse(): void
  {
  $this->assertNull(Services::response()->header('Location'));
+
  Services::response()->setCookie('force', 'cookie');
  Services::response()->setHeader('Force', 'header');
  Services::response()->setBody('default body');
@@ -634,6 +635,25 @@ public function testForceHttpsNullRequestAndResponse(): void
  force_https();
  }
 
+ public function testForceHttpsWithBaseUrlSubFolder(): void
+ {
+ $config = config(App::class);
+ $config->baseURL = 'https://example.jp/codeIgniter/';
+ $uri = new SiteURI($config, 'en/home?foo=bar');
+ $request = new IncomingRequest($config, $uri, '', new UserAgent());
+ Services::injectMock('request', $request);
+
+ try {
+ force_https();
+ } catch (Exception $e) {
+ $this->assertInstanceOf(RedirectException::class, $e);
+ $this->assertSame(
+ 'https://example.jp/codeIgniter/index.php/en/home?foo=bar',
+ $e->getResponse()->header('Location')->getValue()
+ );
+ }
+ }
+
  /**
  * @dataProvider provideCleanPathActuallyCleaningThePaths
  *

user_guide_src/source/helpers/filesystem_helper/010.php

@@ -1,3 +1,3 @@
 <?php
 
-$controllers = get_filenames(APPPATH . 'controllers/');
+$controllers = get_filenames(APPPATH . 'Controllers/');

user_guide_src/source/helpers/filesystem_helper/011.php

@@ -1,3 +1,3 @@
 <?php
 
-$models_info = get_dir_file_info(APPPATH . 'models/');
+$models_info = get_dir_file_info(APPPATH . 'Models/');