summaryrefslogtreecommitdiffstats
path: root/user_guide/changelog.html
diff options
context:
space:
mode:
Diffstat (limited to 'user_guide/changelog.html')
-rw-r--r--user_guide/changelog.html15
1 files changed, 9 insertions, 6 deletions
diff --git a/user_guide/changelog.html b/user_guide/changelog.html
index b9cd59394..32afd51a6 100644
--- a/user_guide/changelog.html
+++ b/user_guide/changelog.html
@@ -66,6 +66,9 @@ Change Log
<p>Release Date: -- Still under development</p>
<ul>
<li>Added stripslashes() to the _clean_input_data() function in the Input class when magic quotes is on so that data will always be un-slashed within the framework.</li>
+ <li>Added array to string into the profiler </li>
+ <li>Added some additional mime types in application/config/mimes.php</li>
+ <li>Added filename_security() method to Input library</li>
<li>Fixed MSSQL insert_id().</li>
<li>Fixed a logic error in the DB trans_status() function. It was incorrectly returning TRUE on failure and FALSE on success.</li>
<li>Fixed a bug that was allowing multiple load attempts on extended classes.</li>
@@ -74,16 +77,16 @@ Change Log
<li>Fixed a typo in the <a href="./libraries/calendar.html">Calendar library </a> </li>
<li>Fixed a typo in rpcs.php library</li>
<li>Fixed a bug in the <a href="./libraries/zip.html">Zip library</a>, providing PC Zip file compatibility with Mac OS X</li>
- <li>Updated the XSS Filtering to take into account the IE expression() ability</li>
- <li>Modified the is_image() method in the Upload library to take into account Windows IE 6/7 eccentricities when dealing with MIMEs</li>
- <li>Added array to string into the profiler </li>
- <li>Added some additional mime types in application/config/mimes.php</li>
- <li>Modified XSS Cleaning routine to be more performance friendly and compatible with PHP 5.2's new PCRE backtrack and recursion limits.</li>
<li>Fixed a bug in router that was ignoring the scaffolding route for optimization </li>
<li>Fixed an IP validation bug.</li>
+ <li>Fixed various doc typos. </li>
+ <li>Fixed a bug where one could unset certain PHP superglobals by setting them via GET or POST data</li>
+ <li>Updated the XSS Filtering to take into account the IE expression() ability and improved certain deletions to prevent possible exploits</li>
+ <li>Modified the Router so that when Query Strings are Enabled, the controller trigger and function trigger values are sanitized for filename include security.</li>
+ <li>Modified the is_image() method in the Upload library to take into account Windows IE 6/7 eccentricities when dealing with MIMEs</li>
+ <li>Modified XSS Cleaning routine to be more performance friendly and compatible with PHP 5.2's new PCRE backtrack and recursion limits.</li>
<li>Deprecated the use if <kbd>is_numeric()</kbd> in various places since it allows periods. Due to compatibility problems with <kbd>ctype_digit()</kbd>, making it unreliable in some installations, the following regular expression was used instead: <kbd>preg_match("/[^0-9]/", $n)</kbd></li>
<li>Deprecated: APPVER has been deprecated and replaced with CI_VERSION for clarity. </li>
- <li>Fixed various doc typos. </li>
</ul>