summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2008-05-16fixed regular expression in Image lib, CI bug #4542Derek Jones2-1/+2
2008-05-15addition xss protection against certain data urls, stripping of anything ↵Derek Jones1-2/+12
sent with utf-7 encoding
2008-05-15added ability to use xss_clean() to test images, and improved security for ↵Derek Jones3-37/+60
vectors particular to the Opera family of browsers
2008-05-15date examplesDerek Allard1-15/+57
2008-05-14Set the mime type check in the Upload class to reference the global mimes ↵Derek Allard2-1/+8
variable.
2008-05-14Added missing semicolon in upload_lang.phpDerek Jones2-3/+4
2008-05-14set $DB->char_set and $DB->dbcollat defaults to utf8 and utf8_general_ci ↵Derek Jones1-2/+2
respectively
2008-05-14fixed bug #3419 where the 'database' setting for DSN connections was using ↵Derek Jones4-3/+42
the host portion of the URL instead of the path. Added ability to set other db config values in DSN connections via query string
2008-05-14force closing tag on eval() for servers not running short_open_tagsDerek Jones1-1/+1
2008-05-13fixed svn revision number in changelog for 1.6.2 releaseDerek Jones1-1/+1
2008-05-13hotfix for a bug in database error display introduced by 1.6.2 fix for bugs ↵Derek Jones2-4/+9
#4451, #4299, and #4339
2008-05-13prepping changelog for the real 1.6.2 releaseDerek Jones1-1/+1
2008-05-13Hey you! Yeah, you, that other set of hardcoded arrays in xss_clean(). ↵Derek Jones1-21/+3
You're coming with me, pal!
2008-05-13increased security and performance of xss_clean(), added ↵Derek Jones2-25/+58
_sanitize_naughty_html() callback and removed "never allowed" items to a class property
2008-05-13The Zip class has undergone a substantial re-write for speed and clarityDerek Allard2-120/+102
2008-05-13removed some stray testing codeDerek Allard2-23/+17
2008-05-13prep changelog for releaseDerek Jones1-3/+8
2008-05-13added upgrade page for 1.6.2 to links in upgrading.html instructionsDerek Jones1-0/+1
2008-05-13prep download page in user guide for new versionDerek Jones1-2/+4
2008-05-13reshuffling of bug fixes in changelogDerek Jones1-9/+9
2008-05-13reverted OR back to || for js_calendar_pi.php javascriptDerek Jones1-6/+6
2008-05-13Some sweeping syntax changes for consistency:Derek Jones114-894/+930
(! foo) changed to ( ! foo) || changed to OR changed newline standardization code in various places from preg_replace to str_replace
2008-05-13adjusted eval() statement in Loader to accommodate servers with ↵Derek Jones1-1/+1
short_open_tag disabled with the new change of removing closing PHP tags from files
2008-05-13minor source formattingDerek Allard4-36/+35
2008-05-13added a note about replacing the mimes.php fileDerek Allard1-2/+3
2008-05-13preg_split changed to explodeDerek Allard1-165/+165
2008-05-13substr checks swapped out with strncmpDerek Allard1-16/+72
{ braces } added around if and for statements
2008-05-12fixed a misspelling in the Input library of CDATADerek Allard1-1/+1
2008-05-12removed an ereg from configDerek Allard7-130/+133
added a qualifier to a str_replace for \t in Input changed substr to strncmp in Codeigniter.php and directory_map function added braces in an if statement of unit test Removed "scripts" from the auto-load search path. Scripts were deprecated in Version 1.4.1 (September 21, 2006). If you still need to use them for legacy reasons, they must now be manually loaded in each Controller.
2008-05-12Escape behaviour in where() clauses has changed; values in those with the ↵Derek Allard2-20/+24
"FALSE" argument are no longer escaped (ie: quoted).
2008-05-12added bugfix note for db transactions in debug modeDerek Jones1-0/+1
2008-05-12(no commit message)Rick Ellis1-22/+57
2008-05-12(no commit message)Rick Ellis1-0/+5
2008-05-12(no commit message)Rick Ellis1-4/+11
2008-05-12Added protection in xss_clean() for GET variables in URLsDerek Jones2-3/+57
http://codeigniter.com/bug_tracker/bug/4167/
2008-05-12Fixed a bug in AR compiling, where select statements with arguments got ↵Derek Allard2-6/+14
incorrectly escaped (#3478).
2008-05-12changed $xmlrpcDateTime property to all lowercase 'datetime.iso8601' so it ↵Derek Jones2-3/+4
can be recognized as a valid XML-RPC type http://codeigniter.com/bug_tracker/bug/4153/
2008-05-12fixed a bug that would lead to a PHP notice error of array to string ↵Derek Jones2-2/+5
conversion in prep_for_form() http://codeigniter.com/bug_tracker/bug/4425/
2008-05-12passed db object by reference to DB Cache class, and changed the cache class ↵Derek Jones3-15/+18
to use that db object instead of $CI->db, to support returned db objects and multiple db connections http://codeigniter.com/bug_tracker/bug/4223/
2008-05-12changed overlay_watermark() to check for an alpha value before applying the ↵Derek Jones2-7/+21
image to help support PNG-24s with alpha transparency http://codeigniter.com/bug_tracker/bug/4506/
2008-05-12added cropping to the list of items "maintain_ratio" can be used on.Derek Allard1-1/+1
2008-05-12changed class instantiations to reference global $LANG and fetch existing ↵Derek Jones3-16/+10
Exceptions class, and added language variable for database error heading http://codeigniter.com/bug_tracker/bug/4421/
2008-05-11clarified instructions for using display_override hookDerek Jones1-1/+1
http://codeigniter.com/bug_tracker/bug/4512/
2008-05-11changelog note for removal of closing php tagsDerek Jones1-0/+1
2008-05-11Removed closing PHP tags, replaced with a comment block identifying the end ↵Derek Jones121-122/+364
of the file
2008-05-11Undoing change committed in r1115Derek Jones116-1/+115
2008-05-11removed closing PHP tag from all framework filesDerek Jones116-115/+1
2008-05-10fixed a link in the changelogDerek Allard1-1/+1
2008-05-10fixed revision number for 1.6.1 changelogDerek Jones1-1/+1
2008-05-09reordered a bullet... seriously, that's all.Derek Allard1-1/+1