summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2010-04-28corrected references to Input class since the Security methods are now their ↵Derek Jones4-4/+4
own library. Fixes #31
2010-04-26fixed errant syntax in changeset 53ace78c4b45, fixes #37Derek Jones1-1/+1
2010-04-26fixed errant syntax in changeset 53ace78c4b45, fixes #37Derek Jones3-8/+8
2010-04-25Simple change to comment line 21: the=>that.Roger Simms1-1/+1
2010-04-23ensured the security lib was loaded in a few calls to xss_clean() in other ↵Derek Jones3-2/+22
libraries. Fixes #35
2010-04-23clarifying a changelog itemDerek Jones1-1/+1
2010-04-22reapplied strtolower() to ->file_type from philsturgeon's changeset ↵Derek Jones2-1/+2
5fe3b04bdf44 to standardize input
2010-04-22Some mime types are wrapped with " which breaks file type checking. This ↵Phil Sturgeon1-1/+1
will remove any wrapping \ and "
2010-04-22added changelog note for changesets 4ce5f465478a and 20a016307847Derek Jones1-0/+1
2010-04-22tiny modification to whitespace from philsturgeon's bugfix to match CI style ↵Derek Jones1-1/+1
guidelines
2010-04-22Fixed Upload bug that would break when files and images were both included ↵Phil Sturgeon1-1/+1
on an allowed filetype list in the wrong order: http://codeigniter.com/bug_tracker/bug/11552/
2010-04-20Modifying smiley_js() in the smiley helper to add optional third parameter ↵Greg Aker2-2/+10
to return only the javascript with no script tags.
2010-04-16Added class var xss_clean to the XML_RPC_Response class to prevent php ↵Robin Sowell1-0/+1
error. Not noted in changelog, as I figure it's covered by the original note about adding xss clean at all.
2010-04-15Update to File Upload library to return boolean on do_xss_clean().Greg Aker3-13/+55
2010-04-15Fixing a bug where odbc/mssql/oci8 db drivers would encounter a PHP error ↵Greg Aker7-53/+50
due to a function being moved from the input to security class. Moving remove_invisible_characters() to Common.php so the entire class does not need to be instantiated in those database drivers.
2010-04-15Automated merge with http://hg.ellislab.com/CodeIgniter2/Greg Aker3-1620/+6
2010-04-15Removing deprecated Validation class.Greg Aker3-1620/+6
Form_validation going forward! Removed references to the validation classes documentation page in the changelog as well.
2010-04-09Adding output library exceptions for servers with zlib.output_compression ↵Pascal Kriete2-1/+15
enabled.
2010-04-09Modified get_file_info in the file helper, changing filectime() to ↵Robin Sowell2-1/+2
filemtime() for dates.
2010-04-08Update to realpath() check of SYSDIR in index.phpGreg Aker1-1/+1
2010-04-08Fix #15 - Strict Standards Error in index.phpGreg Aker2-1/+2
2010-04-07Fixing typo in XMLRpc error message:Greg Aker1-1/+1
http://codeigniter.com/bug_tracker/bug/11556/
2010-04-01Fixing Validation error in output profilerGreg Aker1-4/+0
2010-03-30moved entity_decode() to the Security library to handle an issue with HTML ↵Derek Jones2-38/+55
in input when the global XSS filter is enabled
2010-03-30fixed a fatal PHP error in SQLite Forge _create_table()Derek Jones1-1/+1
2010-03-30fixed syntax error in documentation example for XML-RPC send_response() methodDerek Jones1-1/+1
2010-03-29fixed a bug where a PHP error would result when passing objects as values to ↵Derek Jones2-4/+14
the Session class
2010-03-29fixed casing of EllisLabDerek Jones130-132/+132
2010-03-28Change in the loader and driver docs to force ucfirst() on driver directory ↵Greg Aker2-1/+22
names to ensure compatibility on case sensitive file systems.
2010-03-25code comment typoDerek Jones1-1/+1
2010-03-25updated docs to encourage installation of application and system folders ↵Derek Jones2-3/+9
above web root
2010-03-25added .htaccess to application and system folder to help prevent public ↵Derek Jones2-0/+2
access if installed in web root
2010-03-25moved application folder outside of the system folderDerek Jones41-50/+50
2010-03-22Updating changelogGreg Aker1-0/+1
2010-03-22Updating docs for extending core libraries to reference the application/core ↵Greg Aker1-3/+3
directory
2010-03-22Fix #10 , extending the CodeIgniter controller with MY_Controller will lead ↵Greg Aker2-0/+15
to a fatal PHP error.
2010-03-22added documentation for philsturgeon's submission of download() for the FTP ↵Derek Jones2-1/+15
library
2010-03-12Added FTP::download() and the accompanying lang line. This was first ↵Phil Sturgeon2-0/+43
proposed in 2007, can we add it now pleeeeease?
2010-03-22expanded philsturgeon's bugfix to parse_url() and updated docs and changelogDerek Jones3-3/+4
2010-03-12prep_url() will now not append http:// to string if a protocol is already ↵Phil Sturgeon1-1/+1
used. That would really mess up itunes://, spotify://, telnet://, etc.
2010-03-12Will check for sub-classes in core or libraries (which the original file is ↵Phil Sturgeon1-2/+2
in) instead of always looking in libraries. Makes more sense to have them in the same folder wether in system or application.
2010-03-22fixed spelling in code commentDerek Jones1-1/+1
2010-03-12Fixed constant SELF undefined issue when a bad system folder is set.Phil Sturgeon1-1/+1
2010-03-20reordered logic in _display_cache() to eliminate a call to ↵Derek Jones2-11/+10
is_really_writable() on each page request unless it is_really_needed()
2010-03-19Fixed a bug where files created with the Zip Library would result in file ↵Greg Aker2-11/+50
creation dates of 1980. Hat tip to JMous for a suggested fix on the forums.
2010-03-19Changed a few strstr to strpos for consistency w performance guidelines and ↵Robin Sowell4-4/+4
to mirror EE2.
2010-03-18Added a $xss_clean class variable to the XMLRPC library, enabling control ↵Robin Sowell4-4/+18
over the use of the Security library's xss_clean() method.
2010-03-15code comment typo fixDerek Allard1-1/+1
2010-03-12Fix #2 -- extra </a> on docs pageGreg Aker1-1/+1
2010-03-12switching svn info on download page to hgDerek Jones1-4/+8