Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2010-10-07 | modified the security helper to assist in preventing directory traversal ↵ | Derek Jones | 2 | -3/+12 | |
when using sanitize_filename() for user input | |||||
2010-10-07 | fixed a security issue which in certain cases could result in directory ↵ | Derek Jones | 1 | -2/+2 | |
traversal | |||||
2010-10-06 | added suggested value to index.php for error_reporting() when a site goes ↵ | Derek Jones | 1 | -1/+1 | |
live, closes #177 | |||||
2010-10-05 | fixed bug where sess_expire_on_close was not being set from a config file, ↵ | Derek Jones | 1 | -1/+1 | |
fixes #173 | |||||
2010-10-01 | fixed code sample | Derek Jones | 1 | -1/+1 | |
2010-10-01 | tweak to typography. Better aesthetic to placement of paragraph tags | Derek Jones | 1 | -3/+15 | |
2010-09-28 | fixed a bug where the Output class would send incorrect cached data for ↵ | Derek Jones | 3 | -9/+24 | |
controllers implementing their own _output() methods | |||||
2010-09-27 | fixed some grammar errors in the Views documentation. Fixes #154 | Derek Jones | 1 | -2/+2 | |
2010-09-27 | Automated merge with http://hg.ellislab.com/CodeIgniter2 | Derek Jones | 1 | -5/+12 | |
2010-09-27 | added sess_expire_on_close to config file, corrected comment block for ↵ | Derek Jones | 1 | -5/+12 | |
session config vars. Fixes #149 | |||||
2010-09-16 | branch merge | Robin Sowell | 1 | -2/+4 | |
2010-09-16 | Added $ar_keys clearing out to _reset_write(). | Robin Sowell | 1 | -2/+4 | |
2010-09-15 | Update to form_open() in form helper to drop hidden elements passed to the ↵ | Greg Aker | 1 | -8/+5 | |
function into div class="hidden" (thanks Dan) | |||||
2010-09-15 | Fix #96 html validation failure on csrf hidden input on form_open() in the ↵ | Greg Aker | 1 | -1/+4 | |
form helper. Added <div class="hidden"> around the hidden form input. | |||||
2010-09-15 | Fixed ↵ | Greg Aker | 1 | -1/+1 | |
http://bitbucket.org/ellislab/codeigniter/issue/38/slight-bug-with-profilerphp Slight tweak to SQL query display in output profiler. | |||||
2010-09-15 | Updates to output profiler html validation. ↵ | Greg Aker | 1 | -6/+6 | |
http://bitbucket.org/ellislab/codeigniter/issue/111/profiler-output-does-not-validate | |||||
2010-09-15 | Added a log message in core/output if the cache directory config value was ↵ | Greg Aker | 2 | -0/+2 | |
not found. | |||||
2010-09-14 | Fixed a bug in the URL Helper where prep_url() could cause a PHP error on ↵ | Robin Sowell | 2 | -1/+4 | |
PHP versions < 5.1.2. | |||||
2010-09-14 | Fixed a bug #129 where Model documentation referenced parent::Model instead ↵ | Greg Aker | 1 | -6/+6 | |
of parent::CI_Model. | |||||
2010-09-07 | typo fix | Derek Allard | 1 | -1/+1 | |
2010-09-03 | user guide typo fixes #128 | Derek Jones | 1 | -1/+1 | |
2010-09-02 | fixed a spot where the encryption mode was still a hard coded constant ↵ | Derek Jones | 1 | -1/+1 | |
instead of the fetched variable | |||||
2010-09-02 | Added a new config item to the Session class (sess_expire_on_close) to allow ↵ | Derek Jones | 3 | -2/+12 | |
sessions to auto-expire when the browser window is closed. | |||||
2010-09-02 | added a teeny bit stronger wording to encourage use of database for sessions ↵ | Derek Jones | 1 | -1/+3 | |
where validation is necessary or undesirable actions could occur by a user manipulating their cookies | |||||
2010-09-01 | fixes issue #109 where cc and bcc recipients were not reset when using the ↵ | Derek Jones | 2 | -0/+3 | |
clear() method in the Email lib | |||||
2010-08-31 | Significant changes to the Encryption library | Derek Jones | 4 | -12/+126 | |
- Removed double-encoding with XOR scheme when Mcrypt is available. Additional obfuscation was not significantly aiding security, and came at a very high performance cost. - Changed the default encryption mode from ECB to CBC for much improved security - Added an encode_from_legacy() method to allow re-encoding of permanent data that was originally encoded with the older methods. | |||||
2010-08-31 | Automated merge with http://hg.ellislab.com/CodeIgniter2 | Derek Jones | 6 | -4/+33 | |
2010-08-31 | fixed spelling error in Security class property for the CSRF cookie | Derek Jones | 1 | -8/+8 | |
2010-08-31 | changed key comparison to be loosely typed, so an error would be triggered ↵ | Derek Jones | 2 | -1/+2 | |
when an empty string is attempted to be used as an encryption key | |||||
2010-08-31 | changelog note for Session class change in rev f2660eeaab8d | Derek Jones | 1 | -1/+2 | |
2010-08-31 | added link for encryption key in Session class to the explanation in the ↵ | Derek Jones | 1 | -1/+1 | |
Encryption lib | |||||
2010-08-31 | Added fatal error to Session class when no encryption key is set in the ↵ | Derek Jones | 3 | -2/+10 | |
config file, for additional assurance that session manipulation can be prevented | |||||
2010-08-25 | Modified the database driver's display_error() method to show the filename ↵ | Pascal Kriete | 2 | -0/+19 | |
and line number of the failed query. | |||||
2010-08-20 | Added ability in the Image Library to handle PNG transparency for resize ↵ | Derek Jones | 2 | -0/+8 | |
operations when using the GD lib. | |||||
2010-08-19 | Adding CAPTCHA helper to toc | Derek Allard | 2 | -16/+14 | |
2010-08-16 | guide typo | Derek Allard | 1 | -1/+1 | |
2010-08-12 | single quotes instead of double quotes by default to prevent PHP from trying ↵ | Derek Allard | 1 | -14/+14 | |
to parse a $ in a password as a variable. | |||||
2010-08-11 | undoing mistaken changes in rev 8c54b3b0402f | Derek Jones | 1 | -3/+0 | |
2010-08-11 | removed redundant upload lang file, after lang name changs, it was blocking ↵ | Derek Jones | 1 | -0/+3 | |
the CI lang file from loading. Fixes #473 | |||||
2010-08-06 | Removed deprecated _drop_database() and _create_database() functions from db ↵ | Greg Aker | 8 | -267/+1 | |
utility drivers. | |||||
2010-08-06 | Removing the following deprecated database methods: orwhere, orlike, ↵ | Greg Aker | 3 | -78/+7 | |
groupby, orhaving, orderby, getwhere. | |||||
2010-08-05 | moving code comment in text helper | Greg Aker | 1 | -11/+11 | |
2010-08-05 | Adding an ellipsize function to the text helper, and associated ↵ | Greg Aker | 3 | -0/+55 | |
documentation to the user guide. | |||||
2010-08-05 | Added an optional second parameter to <kbd>show_404()</kbd> to disable logging. | Derek Allard | 4 | -5/+13 | |
2010-07-26 | Automated merge with http://hg.ellislab.com/CodeIgniter2 | Derek Allard | 1 | -1/+1 | |
2010-07-26 | guide typo | Derek Allard | 1 | -1/+1 | |
2010-07-26 | separated the CSRF cookie name from the token, forced new token on ↵ | Derek Jones | 1 | -14/+15 | |
successful POST | |||||
2010-07-23 | adding sanitize_filename() into the security helper | Derek Allard | 3 | -0/+25 | |
2010-07-22 | Adding CSRF into config | Derek Allard | 4 | -5/+29 | |
Adding CSRF token into form open() | |||||
2010-07-22 | Fixed a bug in the Upload class where a PHP error could occur when wildcards ↵ | Greg Aker | 1 | -2/+2 | |
were used as the allowed_types. |