summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2014-01-25Re-add 'on\w*' to evil attributes (rel #2667)Andrey Andreev1-2/+1
2014-01-25Partially fix #2667Andrey Andreev1-2/+8
2014-01-24[ci skip] Add a link to PHP bug 54709 in is_really_writable()'s docblockAndrey Andreev1-0/+1
2014-01-24CI_Security: Also add <svg> to 'naughty' HTML elementsAndrey Andreev1-1/+1
2014-01-24CI_Security: Add <select> and <keygen> tags to the list of 'naughty' HTML ↵Andrey Andreev1-1/+1
elements
2014-01-24Fix syntax errorsAndrey Andreev1-2/+2
2014-01-24CI_Security: Add 'form' and 'xlink:href' to evil attributesAndrey Andreev1-1/+1
2014-01-24Add &newline; and &tab; to CI_Security::Andrey Andreev1-1/+3
2014-01-24Righting a wrong in the Session libraryAndrey Andreev6-69/+90
- Change userdata(), flashdata(), tempdata() to return all the respective data when no parameter is passed. - Revert the addition of all_flashdata(). - Deprecate all_userdata(). - Fix related changelog entries that were all inconsistent.
2014-01-24[ci skip] AND -> &&Andrey Andreev1-1/+1
2014-01-23Fix #2836Andrey Andreev1-1/+1
2014-01-22CI_Security::_decode_entity() to replace dangerous HTML5 entitiesAndrey Andreev2-2/+21
Related to issue #2771
2014-01-21Add <button> to the list of 'naugthy' html elements in CI_Security::xss_clean()Andrey Andreev1-2/+2
2014-01-21Merge branch 'feature/dbforge_table_attributes' into developAndrey Andreev6-24/+114
2014-01-21SQLSRV improvementsAndrey Andreev3-3/+69
Mainly for performance (issue #2474), but also added a 'scrollable' configuration flag and auto-detection for SQLSRV_CURSOR_CLIENT_BUFFERED (only available since SQLSRV 3).
2014-01-20Add support for optional table attributes to CI_DB_forge::create_table()Andrey Andreev6-24/+114
Supersedes PRs #989, #2776 Related issue: #41
2014-01-20Fix #2729Andrey Andreev2-2/+4
2014-01-20Fix #2737Andrey Andreev2-21/+28
2014-01-20Merge branch 'develop' into feature/output_compressed_cacheAndrey Andreev5-19/+33
2014-01-20Polish changes from PR #2830Andrey Andreev4-24/+29
2014-01-20Merge pull request #2830 from abdmaster/fix/config/database_save_queriesAndrey Andreev2-0/+9
Added [save_queries] config in config/database.php
2014-01-19Fix whitespaces to tabs.Ahmedul Haque Abid1-1/+1
2014-01-19Added save_queries config setting in config/database.phpAhmedul Haque Abid2-0/+9
2014-01-18Fix #2829Andrey Andreev1-4/+4
2014-01-18Merge branch 'develop' into feature/output_compressed_cacheAndrey Andreev1-1/+1
2014-01-18Fix 2 Router-related errorsAndrey Andreev1-1/+1
2014-01-18Merge branch 'develop' into feature/output_compressed_cacheAndrey Andreev1-0/+3
2014-01-18Fix CI_URI:: not being properly indexedAndrey Andreev1-0/+3
2014-01-18Merge branch 'develop' into feature/output_compressed_cacheAndrey Andreev18-419/+519
2014-01-18Fix #2825Andrey Andreev1-1/+1
2014-01-18Fix #2827Andrey Andreev1-1/+1
2014-01-17Merge branch 'feature/uri_routing_overhaul' into 'develop'Andrey Andreev5-378/+307
2014-01-17Add autoloading library aliasing support (supersedes PR #2824)Andrey Andreev3-3/+15
2014-01-17Minor changes related to CI_User_agentAndrey Andreev4-27/+68
Fixed a bug where both accept_charset() and accept_lang() improperly parsed headers if they contained spaces between data separators (which is valid). Also made is_referral() testable by replacing its static cache var with a class property and added some more unit tests for the library as a whole.
2014-01-17Unit tests: Full code coverage of Benchmark classAndrey Andreev1-1/+25
2014-01-17Add CI_Model unit testAndrey Andreev1-0/+37
2014-01-16Merge pull request #2823 from fredemmott/hhvm-travisAndrey Andreev1-0/+5
Disable HHVM mysqli and pgsql tests
2014-01-16Disable HHVM mysqli and pgsql testsFred Emmott1-0/+5
mysqli and PostGre support isn't going to be in a good state for a while.
2014-01-16Add a unit test for CI_Utf8::_is_ascii()Andrey Andreev2-4/+14
2014-01-16Add some unit tests for CI_InputAndrey Andreev1-3/+44
2014-01-16URI Routing overhaulAndrey Andreev5-378/+307
- Allow multiple levels of controller directories (supersedes PRs #390, #2439) - Add support for per-directory 'defaul_controller' and '404_override' (resolves issue #2611; supersedes PR #939) - Fixed a bug where default_controller was called instead of triggering 404 if the current route is inside a directory - Removed a few calls from CI_Router to CI_URI that made a necessity for otherwise internal CI_URI methods to be public: - Removed CI_URI::_fetch_uri_string() and moved its logic into CI_URI::__construct() - Removed CI_URI::_remove_url_suffix, CI_URI::_explode_segments() and moved their logic into CI_URI::_set_uri_string() - Removed CI_URI::_reindex_segments() altogether ( doesn't need further manipulation, while is public anyway and can be properly (and more effectively) replaced on the spot)
2014-01-15Fix #2799 by adding conditional PCRE UTF-8 support to CI_URI::filter_uri()Andrey Andreev3-3/+4
Also did a tiny micro-optimization in the Utf8 class.
2014-01-15Merge changes from developAndrey Andreev17-136/+250
2014-01-15Fix #2822: Incorrect usage of fwrite()Andrey Andreev7-21/+81
We only used to check (and not always) if the return value of fwrite() is boolean FALSE, while it is possible that the otherwise returned bytecount is less than the length of data that we're trying to write. This allowed incomplete writes over network streams and possibly a few other edge cases.
2014-01-15Merge pull request #2811 from dionysiosarvanitis/fix/ie11_user_agentAndrey Andreev1-0/+1
IE11 User Agent support added
2014-01-15Trident prefix added to avoid potential false positives.Dionysis Arvanitis1-1/+1
2014-01-15CI_URI changes related to the 'permitted_uri_chars' settingAndrey Andreev6-29/+52
- Initialize and cache the value in the class constructor instead of searching for it every time - Removed the preg_quote() call from _filter_uri() to allow more fine-tuning from configuration - Renamed _filter_uri() to filter_uri() - it was public anyway and using it cannot break anything Related: issue #2799
2014-01-15Fix incorrect checks for the fwrite() return valueAndrey Andreev3-3/+3
! fwrite() could trigger false-positives as it is possible for it to return 0 instead of boolean FALSE. (issue #2822) Also removed an unnecessary log level check that caused an extra space to be inserted for the INFO level. (proposed in PR #2821)
2014-01-14Merge pull request #2819 from fredemmott/hhvm-travisAndrey Andreev1-0/+5
Enable HHVM on travis-ci
2014-01-14Dont break the build if tests only fail on HHVMFred Emmott1-0/+4