summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2008-06-04picky picky Jones adjusts some syntaxDerek Jones1-2/+1
2008-06-04a few tweaks for speedDerek Allard1-3/+4
2008-06-04simplified and refactored input filtering and retrievalDerek Jones1-97/+32
2008-06-04emendation to on* event handler removalDerek Jones1-3/+2
2008-06-04whitespace, whitespace, schmeitespaceDerek Jones1-1/+1
2008-06-04compacting some whitespaceDerek Jones1-5/+1
2008-06-04bit of a code cleanupDerek Allard1-6/+5
2008-06-04change AR behaviour so that blank values result in empty quotesDerek Allard1-6/+4
2008-06-02added a missing wordDerek Allard1-1/+1
2008-05-31Charset information in the userguide has been moved above title for ↵Derek Allard114-354/+355
internationalization purposes (#4614)
2008-05-30decided just to kill all on*= event handlers, rather than trying to keep up ↵Derek Jones1-2/+2
with (and require users to do the same) with a blacklist.
2008-05-30moved word compacting to a callback for clarity, added a few js event ↵Derek Jones1-3/+20
handlers for removal
2008-05-29made MySQL/MySQLi forge use explicitly named KEYs, added ability to specify ↵Derek Jones11-31/+109
multi-column non-primary keys in table creation
2008-05-29added error suppression to fopen() in write_file()Derek Jones1-1/+1
2008-05-27added routing exampleDerek Allard1-2/+3
2008-05-26grammar, typo and example correctionsDerek Allard2-8/+8
2008-05-25fix curly quotes in form_button exampleDerek Allard1-8/+8
2008-05-25fixed a missing semi colon in pagination exampleDerek Allard1-2/+2
2008-05-22Fixed a bug (#4561) where orhaving() wasn't properly passing values.Derek Allard4-7/+12
Removed some unused variables from the code (#4563). Fixed a bug where having() was not adding an = into the statement (#4568).
2008-05-21more complete protection against malformed link tags to protect against hex ↵Derek Jones1-13/+25
entities and href=data:url exploits
2008-05-21customizable query stringDerek Allard2-7/+22
2008-05-21Added support for query strings to the Pagination class, automatically ↵Derek Allard3-5/+20
detected or explicitly declared.
2008-05-20improved security in xss_clean(), added <audio> and <video> tags to naughty ↵Derek Jones2-23/+15
HTML tags, and the HTML5 event handlers onerror and onended
2008-05-20Fixed an example in Model docsDerek Allard2-1/+2
2008-05-18Moved the _has_operators() function into DB_driver from DB_active_rec.Derek Allard3-21/+24
2008-05-18documented load->model in the Loader docsDerek Allard2-2/+10
2008-05-18path fixDerek Allard1-1/+1
2008-05-17example touch upDerek Allard1-1/+1
2008-05-17reduced $mobiles to single arrayDerek Jones1-14/+13
2008-05-16Considerably expanded list of mobile user-agents in config/user_agents.php.Derek Allard2-14/+74
2008-05-16fixed syntax error in code sampleDerek Jones1-2/+2
2008-05-16changed foreach() reindexing of segment arrays to array_unshift() - teensy ↵Derek Jones1-15/+2
tiny memory and speed improvement.
2008-05-16fixed regular expression in Image lib, CI bug #4542Derek Jones2-1/+2
2008-05-15addition xss protection against certain data urls, stripping of anything ↵Derek Jones1-2/+12
sent with utf-7 encoding
2008-05-15added ability to use xss_clean() to test images, and improved security for ↵Derek Jones3-37/+60
vectors particular to the Opera family of browsers
2008-05-15date examplesDerek Allard1-15/+57
2008-05-14Set the mime type check in the Upload class to reference the global mimes ↵Derek Allard2-1/+8
variable.
2008-05-14Added missing semicolon in upload_lang.phpDerek Jones2-3/+4
2008-05-14set $DB->char_set and $DB->dbcollat defaults to utf8 and utf8_general_ci ↵Derek Jones1-2/+2
respectively
2008-05-14fixed bug #3419 where the 'database' setting for DSN connections was using ↵Derek Jones4-3/+42
the host portion of the URL instead of the path. Added ability to set other db config values in DSN connections via query string
2008-05-14force closing tag on eval() for servers not running short_open_tagsDerek Jones1-1/+1
2008-05-13fixed svn revision number in changelog for 1.6.2 releaseDerek Jones1-1/+1
2008-05-13hotfix for a bug in database error display introduced by 1.6.2 fix for bugs ↵Derek Jones2-4/+9
#4451, #4299, and #4339
2008-05-13prepping changelog for the real 1.6.2 releaseDerek Jones1-1/+1
2008-05-13Hey you! Yeah, you, that other set of hardcoded arrays in xss_clean(). ↵Derek Jones1-21/+3
You're coming with me, pal!
2008-05-13increased security and performance of xss_clean(), added ↵Derek Jones2-25/+58
_sanitize_naughty_html() callback and removed "never allowed" items to a class property
2008-05-13The Zip class has undergone a substantial re-write for speed and clarityDerek Allard2-120/+102
2008-05-13removed some stray testing codeDerek Allard2-23/+17
2008-05-13prep changelog for releaseDerek Jones1-3/+8
2008-05-13added upgrade page for 1.6.2 to links in upgrading.html instructionsDerek Jones1-0/+1