summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2012-05-24Fix issue #1387Andrey Andreev3-14/+16
2012-05-24Merge pull request #1389 from jamiefdhurst/2.1-stablePhil Sturgeon2-1/+2
Adding width and height to list of clear variables to fix #1059
2012-05-24Updating change log relating to #1059.Jamie Hurst1-0/+1
2012-05-24Adding width and height to list of clear variables to fix #1059Jamie Hurst1-1/+1
2012-05-23Removed the starting slash from uri_string() documentation.Phil Sturgeon1-1/+1
2012-05-23Added ability to _like paramater side to use 'none', in case one wants to ↵Nithin1-2/+6
query like instead of where without case being sensitive
2012-05-20Merge pull request #1331 from rogeriopradoj/patch-1Phil Sturgeon3-3/+25
Workaround for PDO Driver in 2.1-stable: num_rows doesn't work for SELECT queries
2012-05-19Fix a issue with CI_DB_pdo_result::num_rows()Rogerio Prado de Jesus2-1/+13
In case of SELECT queries PDOStatement::rowCount doesn't work as expected. This commit makes it returns the expected value.
2012-05-19Fix a issue with affect_rows in CI_DB_pdo_driver::_execute()Rogerio Prado de Jesus2-2/+12
In case of SELECT queries PDOStatement::rowCount doesn't work as expected. This commit makes affect_rows be initialized properly. Signed-off-by: Rogerio Prado de Jesus <rogeriopradoj@gmail.com>
2012-05-19Fix issue #726Andrey Andreev2-8/+9
2012-05-17Merge pull request #1366 from aphofstede/2.1-stableAndrey Andreev2-1/+2
Check cookie against md5 regex. 2.1 stable CSRF injection security fix
2012-05-17Use tabs for indentingAlexander Hofstede1-1/+1
2012-05-17Revert "Use tab for indent"Alexander Hofstede3-16/+1
This reverts commit c3eb672ed01c57a543dd8cdf1b90eb4001498c19.
2012-05-17Use tab for indentAlexander Hofstede3-1/+16
2012-05-17Check cookie against md5 regex.Alexander Hofstede2-1/+2
Otherwise, cookie can contain arbitrary injected code that gets sent back directly to the browser.
2012-05-07Added a return false if an image doesn't pass XSS cleaning to prevent ↵Wes Baker1-0/+4
file_get_contents from returning a NULL and passing through unscathed.
2012-04-23Merge pull request #1274 from Repox/2.1-stablePhil Sturgeon1-1/+1
Corrected the migration_missing_down_method language string
2012-04-23Corrected the migration_missing_down_method language stringRepox1-1/+1
2012-03-04Merge pull request #1116 from tubalmartin/helpers|url|2.1-stablePhil Sturgeon3-23/+24
2.1 stable - An improved url_title helper function
2012-03-04Changelog updatedtubalmartin1-1/+1
2012-03-04User guide updatedtubalmartin1-3/+3
2012-03-04Allow developers to use any string as a separator, not just dashes or ↵tubalmartin1-10/+19
underscores. Backwards compatible when using 'dash' or 'underscore' as string separator. Tests: http://codepad.org/DWcxVH5r
2012-03-04Merge pull request #1117 from tubalmartin/Upload|library|2.1-stablePhil Sturgeon1-1/+1
2.1 stable - CI_Upload::_file_mime_type() could've failed if popen() is used for the detection.
2012-03-04Removed changelog entrytubalmartin1-1/+0
2012-03-03Fixed a bug - CI_Upload::_file_mime_type() could've failed if popen() is ↵tubalmartin2-1/+2
used for the detection.
2012-03-03An even better url_title helper. Tests: http://codepad.org/tuJgvkyNtubalmartin2-20/+12
Changelog entry added for 2.1.1
2012-03-02Merge pull request #1100 from rrdial/2.1-stableAndrey Andreev2-6/+7
2.1-stable: bug fix: compile binds before caching the query…
2012-03-01compile binds before caching the query, otherwise the cached query will ↵Ryan Dial2-6/+7
never match the unbound query. updated changlog to mention bug fix.
2012-02-12Merge pull request #757 from narfbg/2.1-stablePhil Sturgeon2-24/+83
Improve CI_Upload::_file_mime_type() realiability (2.1-stable)
2011-12-26Merge pull request #709 from tubalmartin/2.1-stablePhil Sturgeon1-0/+14
2.1.0 - Fatal error: Call to undefined method CI_DB_Driver::_reset_select()
2011-12-15Merge remote-tracking branch 'upstream/2.1-stable' into 2.1-stableAndrey Andreev2-1/+2
2011-12-14Merge pull request #766 from andrewmackrodt/2.1-stablePhil Sturgeon2-1/+2
Fixed issue #538: CI_Image_lib->new_image doesn't recognise backslashes
2011-12-13Tweak MIME regular expression check againAndrey Andreev1-1/+1
2011-12-11Updated changelog with fix for bug #538.Andrew Mackrodt1-0/+1
2011-12-11Fix regular expression for validating MIME type stringAndrey Andreev1-1/+1
2011-12-11Fix for Issue #538.Andrew Mackrodt1-1/+1
2011-12-09Update the ChangeLogAndrey Andreev1-0/+5
2011-12-09Improve CI_Upload::_file_mime_type()Andrey Andreev1-24/+78
2011-12-02Merge pull request #733 from narfbg/2.1-stable-upload-hotfixPhil Sturgeon2-3/+7
Hotfix for a bug in the Upload library
2011-12-02Update the change logAndrey Andreev1-1/+2
2011-12-02Update a comment, just to be clearerAndrey Andreev1-1/+1
2011-12-02Hotfix for a file type detection bug in the Upload libraryAndrey Andreev1-2/+5
2011-12-01Merge pull request #729 from Repox/2.1-stablePhil Sturgeon1-2/+8
This fixes issue #725
2011-12-01This fixes issue #725Repox1-2/+8
2011-11-27Merge pull request #710 from johnnicely/2.1-stablePhil Sturgeon2-1/+2
Changed form_open() to compare $action against base_url().
2011-11-24Changed form_open() to compare $action against base_url()John Nicely2-1/+2
Checking for strpos($action, $CI->config->site_url()) === FALSE causes CSRF token to not be added in form_open() output. When site_url()'s first parameter ($uri) is empty, site_url's return value is the base URL plus the $CI->config->item('index_page') value. form_open() and CodeIgniter's URI routing do not require index.php to be in the URL, so any call to form_open() in which the $action parameter does not have index.php will always return false for the strpos() call.
2011-11-24Added dummy _reset_select() method to CI_DB_Driver class to allow Active ↵Túbal Martín1-0/+14
Record class to be disabled. Otherwise a fatal error is triggered.
2011-11-23Merge pull request #697 from MVUG/upload-fixes-2.1Phil Sturgeon3-3/+20
Fixed bug in Upload library tmp_path does not exists, should be tmp_name.
2011-11-23dutch typoMichiel Vugteveen1-1/+1
2011-11-23changelog updatedMichiel Vugteveen1-0/+17