summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2011-04-20Automated merge with http://hg.ellislab.com/CodeIgniter-ReactorDerek Jones5-3/+43
2011-04-20Altering the loader to be able to load views from packages when adding the ↵Greg Aker2-53/+59
package path with add_package_path().
2011-04-19modified MySQL and MySQLi drivers to address a potential SQL injection ↵Derek Jones5-3/+43
attack vector when multi-byte character set connections are employed. (Does not impact Latin-1, UTF-8, etc. encodings)
2011-04-19Removed APPPATH.'third_party' from the packages autoloader to negate ↵Greg Aker3-1/+14
needless file stats if no packages exist or if the developer does not load any other packages by default.
2011-04-191/2 reverting a previous change to the form_helper. Wrapping hidden form ↵Greg Aker1-1/+1
elements in <div style="display:none"></div> instead of an empty div. If a user is styling form div {} they can run into display issues, so something is needed.
2011-04-19Removing internal references to the EXT constant. Additionally, marked the ↵Greg Aker26-113/+218
constant as deprecated. Use ".php" instead. Also adding upgrade notes from 2.0.2 to 2.0.3.
2011-04-18changeset: 2204:37301a84c8beGreg Aker2-55/+83
tag: tip user: Greg Aker <greg.aker@ellislab.com> date: Mon Apr 18 15:51:28 2011 -0500 summary: Adding toggle show/hide on database queries in the output profiler. Added a profiler config item to set a threshold of when to hide the queries by default. Additionally, fixed a bug I created earlier today by marking the $CI class var in CI_Profiler as private.
2011-04-18changeset: 2202:06a75a1bd622Greg Aker2-2/+19
tag: tip user: Greg Aker <greg.aker@ellislab.com> date: Mon Apr 18 11:10:37 2011 -0500 summary: Tweak to session class all_userdata() to just return the userdata array. Also documented previously undocumented all_userdata() method.
2011-04-18Added Session Class userdata to the output profiler. Additionally, added a ↵Greg Aker3-7/+43
show/hide toggle on HTTP Headers, Session Data and Config Variables.
2011-04-18Added an optional third parameter to heading() which allows adding html ↵Greg Aker3-2/+13
attributes to the rendered heading tag.
2011-04-18Changed path in footer comment of cache dummy.Eric Barnes1-12/+12
2011-04-18Added ENVIRONMENT to reserved constants. Fixes #196Eric Barnes2-0/+18
2011-04-18Changed server check to ensure SCRIPT_NAME is defined. Fixes #57Eric Barnes1-5/+5
2011-04-11Fix: codeigniter-reactor/199 cookie name was overwritten with token namepatwork1-2/+4
2011-04-11Fix: codeigniter-reactor/32 unicorns are no longer mutepatwork1-4/+4
2011-04-09Fix: codeigniter-reactor/199 CSRF config in Security class is no longer ignoredpatwork1-1/+10
2011-04-08Fix: codeigniter-reactor/127 Form_validation rule error loggingpatwork1-1/+5
2011-04-08There is absolutely no need to specify class name (it will validate anyway).patwork1-2/+2
2011-04-08Deals with language errors after codeigniter-reactor commit r2307:c43c6dea56fbpatwork1-22/+22
2011-04-08merge with codeigniter-reactorpatwork1-2/+2
2011-04-08Fix: codeigniter-reactor/193 incorrect driver filepathspatwork1-2/+2
2011-04-08Automated merge with http://hg.ellislab.com/CodeIgniter-ReactorPhil Sturgeon1-0/+1
2011-04-08Fixed bug with form_helper calling now protected variables.Phil Sturgeon1-1/+1
2011-04-08Updated Changelog to reflect "CLI usage" documentation being added.Phil Sturgeon1-0/+1
2011-04-08Fix: #192 CI version constant incorrect in core/CodeIgniterGreg Aker1-1/+1
2011-04-08Fixing a bug in the form_helper where csrf_token_name and csrf_hash were ↵Greg Aker2-1/+3
referencing class properties in the Security class that were moved.
2011-04-07Added tag v2.0.2 for changeset 521076012037Pascal Kriete0-0/+0
2011-04-07And now properly prepped for 2.0.2, sighPascal Kriete4-12/+99
2011-04-07Putting the v2.0.1 tag back to where it belongsPascal Kriete0-0/+0
2011-04-07Removed tag v2.0.1, should've been 2.0.2Pascal Kriete0-0/+0
2011-04-07Wow, I screwed that up, Reactor is going to 2.0.2 not 2.0.1Pascal Kriete130-133/+133
2011-04-07Added CLI documentation.Phil Sturgeon3-0/+153
2011-04-07Made in Output protected again, it was only ever made public by Eric to fix ↵Phil Sturgeon1-1/+1
an issue with the Dwoo MY_Parser, which is no reason to change core files. That Parser doesn't really even need the acess.
2011-04-07Changed the 'plural' function so that it doesn't ruin the captalization of ↵Phil Sturgeon2-13/+16
your string. It also take into consideration acronyms which are all caps.
2011-04-06Made Environment Support optional. Comment out or delete the constant to ↵Phil Sturgeon15-379/+441
stop environment checks.
2011-04-06Made Environment Support optional. Comment out or delete the constant to ↵Phil Sturgeon18-57/+82
stop environment checks.
2011-04-06Added tag v2.0.1 for changeset 52cd3ed4a9eaPascal Kriete0-0/+0
2011-04-06Removed tag v2.0.1Pascal Kriete0-0/+0
2011-04-06Hat tip to the reactor team in the creditsPascal Kriete1-1/+2
2011-04-06Adding a note about security to the upgrade docsPascal Kriete1-1/+13
2011-04-05Added tag v2.0.1 for changeset f97a33039a37Pascal Kriete0-0/+0
2011-04-05Removed tag v2.0.1Pascal Kriete0-0/+0
2011-04-05ChangeloggingPascal Kriete1-0/+7
2011-04-05Fixed a bug in the Javascript Library where improperly escaped characters ↵Pascal Kriete1-1/+1
could result in arbitrary javascript execution.
2011-04-05Removing dohash and deprecating CI_SHAPascal Kriete1-33/+1
2011-04-05Tightening up control character handling in urlsPascal Kriete1-23/+34
2011-04-05Removing security loading calls.Pascal Kriete4-26/+4
2011-04-05Moving security to core.Pascal Kriete4-10/+15
2011-04-05tweaking remove_invisible_characters to make urlencoded character stripping ↵Pascal Kriete1-15/+13
optional
2011-04-05Improving parameter security in xss cleanPascal Kriete1-269/+351