Merge branch 'develop' of github.com:bcit-ci/CodeIgniter4 into develop

.gitignore

@@ -126,6 +126,4 @@ nb-configuration.xml
 .vscode/
 
 /results/
-/phpunit.xml
-/phpunit-db.xml
-/phpunit-nodb.xml
+/phpunit*.xml

application/Config/App.php

@@ -215,7 +215,7 @@ class App extends BaseConfig
 	| Reverse Proxy IPs
 	|--------------------------------------------------------------------------
 	|
-	| If your getServer is behind a reverse proxy, you must whitelist the proxy
+	| If your server is behind a reverse proxy, you must whitelist the proxy
 	| IP addresses from which CodeIgniter should trust headers such as
 	| HTTP_X_FORWARDED_FOR and HTTP_CLIENT_IP in order to properly identify
 	| the visitor's IP address.

system/Commands/Server/rewrite.php

@@ -6,7 +6,7 @@
  * development server based around PHP's built-in development
  * server. This file simply tries to mimic Apache's mod_rewrite
  * functionality so the site will operate as normal.
- * 
+ *
  */
 // @codeCoverageIgnoreStart
 // Avoid this file run when listing commands
@@ -22,7 +22,7 @@
 $uri = urldecode(parse_url($_SERVER['REQUEST_URI'], PHP_URL_PATH));
 
 // Front Controller path - expected to be in the default folder
-$fcpath = realpath(__DIR__ . '/../../../public') . DIRECTORY_SEPARATOR;
+$fcpath = $_SERVER['DOCUMENT_ROOT'] . DIRECTORY_SEPARATOR;
 
 // Full path
 $path = $fcpath . ltrim($uri, '/');

system/Common.php

@@ -270,8 +270,16 @@ function esc($data, $context = 'html', $encoding = null)
 				$method = 'escape' . ucfirst($context);
 			}
 
-			// @todo Optimize this to only load a single instance during page request.
-			$escaper = new \Zend\Escaper\Escaper($encoding);
+                       static $escaper;
+                       if (! $escaper)
+                       {
+			        $escaper = new \Zend\Escaper\Escaper($encoding);
+                       }
+
+                       if ($encoding && $escaper->getEncoding() !== $encoding)
+                       {
+                               $escaper = new \Zend\Escaper\Escaper($encoding);
+                       }
 
 			$data = $escaper->$method($data);
 		}

system/Config/DotEnv.php

@@ -109,6 +109,7 @@ public function load()
 			}
 		}
 
+		return true; // for success
 	}
 
 	//--------------------------------------------------------------------

system/HTTP/IncomingRequest.php

@@ -1,4 +1,6 @@
-<?php namespace CodeIgniter\HTTP;
+<?php
+
+namespace CodeIgniter\HTTP;
 
 /**
  * CodeIgniter
@@ -80,7 +82,7 @@ class IncomingRequest extends Request
 	protected $enableCSRF = false;
 
 	/**
-	 * A \CodeIgniter\HTTPLite\URI instance.
+	 * A \CodeIgniter\HTTP\URI instance.
 	 *
 	 * @var URI
 	 */
@@ -98,7 +100,7 @@ class IncomingRequest extends Request
 	 *
 	 * @var \CodeIgniter\HTTP\Negotiate
 	 */
-	protected $negotiate;
+	protected $negotiator;
 
 	/**
 	 * The default Locale this request
@@ -242,6 +244,8 @@ public function setLocale(string $locale)
 		// If the intl extension is loaded, make sure
 		// that we set the locale for it... if not, though,
 		// don't worry about it.
+		// this should not block code coverage thru unit testing
+		// @codeCoverageIgnoreStart
 		try
 		{
 			if (class_exists('\Locale', false))
@@ -250,8 +254,9 @@ public function setLocale(string $locale)
 			}
 		} catch (\Exception $e)
 		{
-
+			
 		}
+		// @codeCoverageIgnoreEnd
 
 		return $this;
 	}
@@ -294,12 +299,10 @@ public function isSecure(): bool
 		if ( ! empty($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) !== 'off')
 		{
 			return true;
-		}
-		elseif (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https')
+		} elseif (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https')
 		{
 			return true;
-		}
-		elseif ( ! empty($_SERVER['HTTP_FRONT_END_HTTPS']) && strtolower($_SERVER['HTTP_FRONT_END_HTTPS']) !== 'off')
+		} elseif ( ! empty($_SERVER['HTTP_FRONT_END_HTTPS']) && strtolower($_SERVER['HTTP_FRONT_END_HTTPS']) !== 'off')
 		{
 			return true;
 		}
@@ -533,7 +536,6 @@ public function getFiles()
 		return $this->files->all(); // return all files
 	}
 
-
 	//--------------------------------------------------------------------
 
 	/**
@@ -584,13 +586,14 @@ protected function detectURI($protocol, $baseURL)
 			$this->uri->setHost(parse_url($baseURL, PHP_URL_HOST));
 			$this->uri->setPort(parse_url($baseURL, PHP_URL_PORT));
 			$this->uri->resolveRelativeURI(parse_url($baseURL, PHP_URL_PATH));
-		}
-		else
+		} else
 		{
-			if(! is_cli())
+			// @codeCoverageIgnoreStart
+			if ( ! is_cli())
 			{
 				throw FrameworkException::forEmptyBaseURL();
 			}
+			// @codeCoverageIgnoreEnd
 		}
 	}
 
@@ -604,7 +607,7 @@ protected function detectURI($protocol, $baseURL)
 	 *
 	 * @return string
 	 */
-	public function detectPath($protocol)
+	public function detectPath($protocol = '')
 	{
 		if (empty($protocol))
 		{
@@ -642,25 +645,21 @@ public function detectPath($protocol)
 	 */
 	public function negotiate(string $type, array $supported, bool $strictMatch = false)
 	{
-		if (is_null($this->negotiate))
+		if (is_null($this->negotiator))
 		{
-			$this->negotiate = Services::negotiator($this, true);
+			$this->negotiator = Services::negotiator($this, true);
 		}
 
 		switch (strtolower($type))
 		{
 			case 'media':
-				return $this->negotiate->media($supported, $strictMatch);
-				break;
+				return $this->negotiator->media($supported, $strictMatch);
 			case 'charset':
-				return $this->negotiate->charset($supported);
-				break;
+				return $this->negotiator->charset($supported);
 			case 'encoding':
-				return $this->negotiate->encoding($supported);
-				break;
+				return $this->negotiator->encoding($supported);
 			case 'language':
-				return $this->negotiate->language($supported);
-				break;
+				return $this->negotiator->language($supported);
 		}
 
 		throw HTTPException::forInvalidNegotiationType($type);
@@ -689,25 +688,26 @@ protected function parseRequestURI(): string
 
 		if (isset($_SERVER['SCRIPT_NAME'][0]))
 		{
+			// strip the script name from the beginning of the URI
 			if (strpos($uri, $_SERVER['SCRIPT_NAME']) === 0)
 			{
 				$uri = (string) substr($uri, strlen($_SERVER['SCRIPT_NAME']));
-			}
-			elseif (strpos($uri, dirname($_SERVER['SCRIPT_NAME'])) === 0)
-			{
-				$uri = (string) substr($uri, strlen(dirname($_SERVER['SCRIPT_NAME'])));
-			}
+			} elseif (strpos($uri, dirname($_SERVER['SCRIPT_NAME'])) === 0)
+			// if the script is nested, strip the parent folder & script from the URI
+				if (strpos($uri, $_SERVER['SCRIPT_NAME']) > 0)
+					$uri = (string) substr($uri, strpos($uri, $_SERVER['SCRIPT_NAME']) + strlen($_SERVER['SCRIPT_NAME']));
+				elseif (strpos($uri, dirname($_SERVER['SCRIPT_NAME'])) > 0)
+					$uri = (string) substr($uri, strpos($uri, dirname($_SERVER['SCRIPT_NAME'])));
 		}
 
-		// This section ensures that even on servers that require the URI to be in the query string (Nginx) a correct
+		// This section ensures that even on servers that require the URI to contain the query string (Nginx) a correct
 		// URI is found, and also fixes the QUERY_STRING getServer var and $_GET array.
 		if (trim($uri, '/') === '' && strncmp($query, '/', 1) === 0)
 		{
 			$query = explode('?', $query, 2);
 			$uri = $query[0];
 			$_SERVER['QUERY_STRING'] = $query[1] ?? '';
-		}
-		else
+		} else
 		{
 			$_SERVER['QUERY_STRING'] = $query;
 		}
@@ -738,8 +738,7 @@ protected function parseQueryString(): string
 		if (trim($uri, '/') === '')
 		{
 			return '';
-		}
-		elseif (strncmp($uri, '/', 1) === 0)
+		} elseif (strncmp($uri, '/', 1) === 0)
 		{
 			$uri = explode('?', $uri, 2);
 			$_SERVER['QUERY_STRING'] = $uri[1] ?? '';

system/HTTP/Message.php

@@ -1,4 +1,5 @@
-<?php namespace CodeIgniter\HTTP;
+<?php
+namespace CodeIgniter\HTTP;
 
 use CodeIgniter\HTTP\Exceptions\HTTPException;
 
@@ -147,14 +148,7 @@ public function populateHeaders()
 				$header = str_replace('_', ' ', strtolower($header));
 				$header = str_replace(' ', '-', ucwords($header));
 
-				if (array_key_exists($key, $_SERVER))
-				{
-					$this->setHeader($header, $_SERVER[$key]);
-				}
-				else
-				{
-					$this->setHeader($header, '');
-				}
+				$this->setHeader($header, $_SERVER[$key]);
 
 				// Add us to the header map so we can find them case-insensitively
 				$this->headerMap[strtolower($header)] = $header;
@@ -246,13 +240,6 @@ public function getHeaderLine(string $name): string
 			return '';
 		}
 
-		// If there are more than 1 headers with this name,
-		// then return the value of the first.
-		if (is_array($this->headers[$orig_name]))
-		{
-			return $this->headers[$orig_name][0]->getValueLine();
-		}
-
 		return $this->headers[$orig_name]->getValueLine();
 	}
 
@@ -286,10 +273,6 @@ public function setHeader(string $name, $value)
 		{
 			$this->headers[$name] = new Header($name, $value);
 		}
-		else
-		{
-			$this->headers[$name][] = new Header($name, $value);
-		}
 
 		return $this;
 	}

system/HTTP/Negotiate.php

@@ -213,7 +213,7 @@ protected function getBestMatch(array $supported, string $header = null, bool $e
 
 		// If no acceptable values exist, return the
 		// first that we support.
-		if (empty($acceptable))
+		if (count($acceptable) === 0)
 		{
 			return $supported[0];
 		}

system/HTTP/Request.php

@@ -131,7 +131,7 @@ public function getIPAddress(): string
 
 			if ($spoof)
 			{
-				for ($i = 0, $c = count($this->proxyIPs); $i < $c; $i ++ )
+				for ($i = 0, $c = count($proxy_ips); $i < $c; $i ++ )
 				{
 					// Check if we have an IP address or a subnet
 					if (strpos($proxy_ips[$i], '/') === FALSE)

system/HTTP/URI.php

@@ -1,4 +1,5 @@
-<?php namespace CodeIgniter\HTTP;
+<?php
+namespace CodeIgniter\HTTP;
 
 use CodeIgniter\HTTP\Exceptions\HTTPException;
 
@@ -493,7 +494,7 @@ public function __toString()
 	{
 		return self::createURIString(
 						$this->getScheme(), $this->getAuthority(), $this->getPath(), // Absolute URIs should use a "/" for an empty path
-	  $this->getQuery(), $this->getFragment()
+						$this->getQuery(), $this->getFragment()
 		);
 	}
 
@@ -737,9 +738,7 @@ protected function decode(string $value)
 		// This won't catch all cases, specifically
 		// changing ' ' to '+' has the same length
 		// but doesn't really matter for our cases here.
-		return strlen($decoded) < strlen($value)
-			? $decoded
-			: $value;
+		return strlen($decoded) < strlen($value) ? $decoded : $value;
 	}
 
 	/**
@@ -898,7 +897,8 @@ protected function filterPath(string $path = null)
 
 		// Encode characters
 		$path = preg_replace_callback(
-				'/(?:[^' . self::CHAR_UNRESERVED . ':@&=\+\$,\/;%]+|%(?![A-Fa-f0-9]{2}))/', function(array $matches) {
+				'/(?:[^' . self::CHAR_UNRESERVED . ':@&=\+\$,\/;%]+|%(?![A-Fa-f0-9]{2}))/', function(array $matches)
+		{
 			return rawurlencode($matches[0]);
 		}, $path
 		);
@@ -951,13 +951,8 @@ protected function applyParts($parts)
 		{
 			if ( ! is_null($parts['port']))
 			{
+				// Valid port numbers are enforced by earlier parse_url or setPort()
 				$port = (int) $parts['port'];
-
-				if (1 > $port || 0xffff < $port)
-				{
-					throw HTTPException::forInvalidPort($port);
-				}
-
 				$this->port = $port;
 			}
 		}

tests/_support/HTTP/MockIncomingRequest.php

@@ -4,10 +4,10 @@
 
 class MockIncomingRequest extends IncomingRequest
 {
-    public function populateHeaders()
-    {
-        // Don't do anything... force the tester to manually set the headers they want.
-    }
+//    public function populateHeaders()
+//    {
+//        // Don't do anything... force the tester to manually set the headers they want.
+//    }
 
     public function detectURI($protocol, $baseURL)
     {