summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2010-09-27added sess_expire_on_close to config file, corrected comment block for ↵Derek Jones1-5/+12
session config vars. Fixes #149
2010-09-03user guide typo fixes #128Derek Jones1-1/+1
2010-09-02fixed a spot where the encryption mode was still a hard coded constant ↵Derek Jones1-1/+1
instead of the fetched variable
2010-09-02Added a new config item to the Session class (sess_expire_on_close) to allow ↵Derek Jones3-2/+12
sessions to auto-expire when the browser window is closed.
2010-09-02added a teeny bit stronger wording to encourage use of database for sessions ↵Derek Jones1-1/+3
where validation is necessary or undesirable actions could occur by a user manipulating their cookies
2010-09-01fixes issue #109 where cc and bcc recipients were not reset when using the ↵Derek Jones2-0/+3
clear() method in the Email lib
2010-08-31Significant changes to the Encryption libraryDerek Jones4-12/+126
- Removed double-encoding with XOR scheme when Mcrypt is available. Additional obfuscation was not significantly aiding security, and came at a very high performance cost. - Changed the default encryption mode from ECB to CBC for much improved security - Added an encode_from_legacy() method to allow re-encoding of permanent data that was originally encoded with the older methods.
2010-08-31Automated merge with http://hg.ellislab.com/CodeIgniter2Derek Jones6-4/+33
2010-08-31fixed spelling error in Security class property for the CSRF cookieDerek Jones1-8/+8
2010-08-31changed key comparison to be loosely typed, so an error would be triggered ↵Derek Jones2-1/+2
when an empty string is attempted to be used as an encryption key
2010-08-31changelog note for Session class change in rev f2660eeaab8dDerek Jones1-1/+2
2010-08-31added link for encryption key in Session class to the explanation in the ↵Derek Jones1-1/+1
Encryption lib
2010-08-31Added fatal error to Session class when no encryption key is set in the ↵Derek Jones3-2/+10
config file, for additional assurance that session manipulation can be prevented
2010-08-25Modified the database driver's display_error() method to show the filename ↵Pascal Kriete2-0/+19
and line number of the failed query.
2010-08-20Added ability in the Image Library to handle PNG transparency for resize ↵Derek Jones2-0/+8
operations when using the GD lib.
2010-08-19Adding CAPTCHA helper to tocDerek Allard2-16/+14
2010-08-16guide typoDerek Allard1-1/+1
2010-08-12single quotes instead of double quotes by default to prevent PHP from trying ↵Derek Allard1-14/+14
to parse a $ in a password as a variable.
2010-08-11undoing mistaken changes in rev 8c54b3b0402fDerek Jones1-3/+0
2010-08-11removed redundant upload lang file, after lang name changs, it was blocking ↵Derek Jones1-0/+3
the CI lang file from loading. Fixes #473
2010-08-06Removed deprecated _drop_database() and _create_database() functions from db ↵Greg Aker8-267/+1
utility drivers.
2010-08-06Removing the following deprecated database methods: orwhere, orlike, ↵Greg Aker3-78/+7
groupby, orhaving, orderby, getwhere.
2010-08-05moving code comment in text helperGreg Aker1-11/+11
2010-08-05Adding an ellipsize function to the text helper, and associated ↵Greg Aker3-0/+55
documentation to the user guide.
2010-08-05Added an optional second parameter to <kbd>show_404()</kbd> to disable logging.Derek Allard4-5/+13
2010-07-26Automated merge with http://hg.ellislab.com/CodeIgniter2Derek Allard1-1/+1
2010-07-26guide typoDerek Allard1-1/+1
2010-07-26separated the CSRF cookie name from the token, forced new token on ↵Derek Jones1-14/+15
successful POST
2010-07-23adding sanitize_filename() into the security helperDerek Allard3-0/+25
2010-07-22Adding CSRF into configDerek Allard4-5/+29
Adding CSRF token into form open()
2010-07-22Fixed a bug in the Upload class where a PHP error could occur when wildcards ↵Greg Aker1-2/+2
were used as the allowed_types.
2010-07-16Removing validation_lang.php file that was missed when removing the ↵Greg Aker1-21/+0
Validation library.
2010-07-16example fixDerek Allard1-1/+1
2010-07-13Automated merge with http://hg.ellislab.com/CodeIgniter2Derek Allard2-97/+118
2010-07-13example fixDerek Allard1-1/+1
2010-07-12201007 file upload bug fixDerek Jones2-97/+118
2010-07-12Removed tag v1.7.2Derek Jones0-0/+0
2010-07-08fixed a file location in an EOF commentDerek Jones1-1/+1
2010-07-05suppress page listDerek Allard3-17/+31
2010-07-05Added the ability to suppress first, previous, next and last links by ↵Derek Allard3-17/+26
setting their values to FALSE in the pagination library.
2010-07-05img() will now generate an empty string as an alt attribute if one is not ↵Derek Allard3-3/+10
provided.
2010-07-05typo fixDerek Allard1-1/+1
2010-07-05example clarificationDerek Allard1-1/+1
2010-07-05userguide linksDerek Allard2-1/+2
2010-07-05minor capitalizationDerek Allard1-1/+1
2010-07-05fixed missing </p> in guideDerek Allard3-4/+4
2010-07-05fixed a missing </li> in guideDerek Allard1-1/+1
2010-07-05altering a few examples to be more CI driven then EE driven in styleguideDerek Allard1-11/+4
2010-07-05added a file to be replaced when updating from 1.71 to 1.72Derek Allard1-1/+5
2010-07-05guide clarificationDerek Allard1-1/+1