Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2008-05-21 | more complete protection against malformed link tags to protect against hex ↵ | Derek Jones | 1 | -13/+25 | |
entities and href=data:url exploits | |||||
2008-05-21 | customizable query string | Derek Allard | 2 | -7/+22 | |
2008-05-21 | Added support for query strings to the Pagination class, automatically ↵ | Derek Allard | 3 | -5/+20 | |
detected or explicitly declared. | |||||
2008-05-20 | improved security in xss_clean(), added <audio> and <video> tags to naughty ↵ | Derek Jones | 2 | -23/+15 | |
HTML tags, and the HTML5 event handlers onerror and onended | |||||
2008-05-20 | Fixed an example in Model docs | Derek Allard | 2 | -1/+2 | |
2008-05-18 | Moved the _has_operators() function into DB_driver from DB_active_rec. | Derek Allard | 3 | -21/+24 | |
2008-05-18 | documented load->model in the Loader docs | Derek Allard | 2 | -2/+10 | |
2008-05-18 | path fix | Derek Allard | 1 | -1/+1 | |
2008-05-17 | example touch up | Derek Allard | 1 | -1/+1 | |
2008-05-17 | reduced $mobiles to single array | Derek Jones | 1 | -14/+13 | |
2008-05-16 | Considerably expanded list of mobile user-agents in config/user_agents.php. | Derek Allard | 2 | -14/+74 | |
2008-05-16 | fixed syntax error in code sample | Derek Jones | 1 | -2/+2 | |
2008-05-16 | changed foreach() reindexing of segment arrays to array_unshift() - teensy ↵ | Derek Jones | 1 | -15/+2 | |
tiny memory and speed improvement. | |||||
2008-05-16 | fixed regular expression in Image lib, CI bug #4542 | Derek Jones | 2 | -1/+2 | |
2008-05-15 | addition xss protection against certain data urls, stripping of anything ↵ | Derek Jones | 1 | -2/+12 | |
sent with utf-7 encoding | |||||
2008-05-15 | added ability to use xss_clean() to test images, and improved security for ↵ | Derek Jones | 3 | -37/+60 | |
vectors particular to the Opera family of browsers | |||||
2008-05-15 | date examples | Derek Allard | 1 | -15/+57 | |
2008-05-14 | Set the mime type check in the Upload class to reference the global mimes ↵ | Derek Allard | 2 | -1/+8 | |
variable. | |||||
2008-05-14 | Added missing semicolon in upload_lang.php | Derek Jones | 2 | -3/+4 | |
2008-05-14 | set $DB->char_set and $DB->dbcollat defaults to utf8 and utf8_general_ci ↵ | Derek Jones | 1 | -2/+2 | |
respectively | |||||
2008-05-14 | fixed bug #3419 where the 'database' setting for DSN connections was using ↵ | Derek Jones | 4 | -3/+42 | |
the host portion of the URL instead of the path. Added ability to set other db config values in DSN connections via query string | |||||
2008-05-14 | force closing tag on eval() for servers not running short_open_tags | Derek Jones | 1 | -1/+1 | |
2008-05-13 | fixed svn revision number in changelog for 1.6.2 release | Derek Jones | 1 | -1/+1 | |
2008-05-13 | hotfix for a bug in database error display introduced by 1.6.2 fix for bugs ↵ | Derek Jones | 2 | -4/+9 | |
#4451, #4299, and #4339 | |||||
2008-05-13 | prepping changelog for the real 1.6.2 release | Derek Jones | 1 | -1/+1 | |
2008-05-13 | Hey you! Yeah, you, that other set of hardcoded arrays in xss_clean(). ↵ | Derek Jones | 1 | -21/+3 | |
You're coming with me, pal! | |||||
2008-05-13 | increased security and performance of xss_clean(), added ↵ | Derek Jones | 2 | -25/+58 | |
_sanitize_naughty_html() callback and removed "never allowed" items to a class property | |||||
2008-05-13 | The Zip class has undergone a substantial re-write for speed and clarity | Derek Allard | 2 | -120/+102 | |
2008-05-13 | removed some stray testing code | Derek Allard | 2 | -23/+17 | |
2008-05-13 | prep changelog for release | Derek Jones | 1 | -3/+8 | |
2008-05-13 | added upgrade page for 1.6.2 to links in upgrading.html instructions | Derek Jones | 1 | -0/+1 | |
2008-05-13 | prep download page in user guide for new version | Derek Jones | 1 | -2/+4 | |
2008-05-13 | reshuffling of bug fixes in changelog | Derek Jones | 1 | -9/+9 | |
2008-05-13 | reverted OR back to || for js_calendar_pi.php javascript | Derek Jones | 1 | -6/+6 | |
2008-05-13 | Some sweeping syntax changes for consistency: | Derek Jones | 114 | -894/+930 | |
(! foo) changed to ( ! foo) || changed to OR changed newline standardization code in various places from preg_replace to str_replace | |||||
2008-05-13 | adjusted eval() statement in Loader to accommodate servers with ↵ | Derek Jones | 1 | -1/+1 | |
short_open_tag disabled with the new change of removing closing PHP tags from files | |||||
2008-05-13 | minor source formatting | Derek Allard | 4 | -36/+35 | |
2008-05-13 | added a note about replacing the mimes.php file | Derek Allard | 1 | -2/+3 | |
2008-05-13 | preg_split changed to explode | Derek Allard | 1 | -165/+165 | |
2008-05-13 | substr checks swapped out with strncmp | Derek Allard | 1 | -16/+72 | |
{ braces } added around if and for statements | |||||
2008-05-12 | fixed a misspelling in the Input library of CDATA | Derek Allard | 1 | -1/+1 | |
2008-05-12 | removed an ereg from config | Derek Allard | 7 | -130/+133 | |
added a qualifier to a str_replace for \t in Input changed substr to strncmp in Codeigniter.php and directory_map function added braces in an if statement of unit test Removed "scripts" from the auto-load search path. Scripts were deprecated in Version 1.4.1 (September 21, 2006). If you still need to use them for legacy reasons, they must now be manually loaded in each Controller. | |||||
2008-05-12 | Escape behaviour in where() clauses has changed; values in those with the ↵ | Derek Allard | 2 | -20/+24 | |
"FALSE" argument are no longer escaped (ie: quoted). | |||||
2008-05-12 | added bugfix note for db transactions in debug mode | Derek Jones | 1 | -0/+1 | |
2008-05-12 | (no commit message) | Rick Ellis | 1 | -22/+57 | |
2008-05-12 | (no commit message) | Rick Ellis | 1 | -0/+5 | |
2008-05-12 | (no commit message) | Rick Ellis | 1 | -4/+11 | |
2008-05-12 | Added protection in xss_clean() for GET variables in URLs | Derek Jones | 2 | -3/+57 | |
http://codeigniter.com/bug_tracker/bug/4167/ | |||||
2008-05-12 | Fixed a bug in AR compiling, where select statements with arguments got ↵ | Derek Allard | 2 | -6/+14 | |
incorrectly escaped (#3478). | |||||
2008-05-12 | changed $xmlrpcDateTime property to all lowercase 'datetime.iso8601' so it ↵ | Derek Jones | 2 | -3/+4 | |
can be recognized as a valid XML-RPC type http://codeigniter.com/bug_tracker/bug/4153/ |