summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2014-08-18Alter Pull #3176 - CSRF Whitelistcaseyh1-4/+3
2014-08-18Alter Pull #3176 to follow discussioncaseyh1-4/+4
2014-08-18Cache_redis, delete() method: Try to remove a key from Redis auxilary set ↵Ivan Tcholakov1-3/+6
only when the corresponding value is really deleted.
2014-08-18Cache_redis, delete() method: Bringing back a line of code.Ivan Tcholakov1-0/+3
2014-08-18Cache_redis, Hardcoded name for the auxilary Redis set - '_ci_redis_serialized'.Ivan Tcholakov1-8/+3
2014-08-18Cache_redis, delete() method: Removing code for updating the internal cache, ↵Ivan Tcholakov1-7/+0
it is useless.
2014-08-18Cache_redis: Strinct array_search() for now.Ivan Tcholakov1-3/+3
2014-08-18Cache_redis: AND -> && correction, srrict in_array() check.Ivan Tcholakov1-1/+1
2014-08-15Fix #3187Andrey Andreev1-1/+1
2014-08-14Skip CI_Encrypt tests if MCrypt is not availableAndrey Andreev1-26/+8
Rel: #3185
2014-08-14Cache_redis: Adding serialization support.Ivan Tcholakov1-2/+57
2014-08-11CSRF whitelist supports regexCasey Hancock3-5/+14
Signed-off-by: Casey Hancock <crh431@gmail.com>
2014-08-10Polish changes following PR #3173Andrey Andreev2-5/+5
2014-08-10Merge pull request #3173 from ET-NiK/developAndrey Andreev2-2/+17
Using ImagePNG in CAPTCHA helper
2014-08-08Using ImagePNG in CAPTCHA helperET-NiK2-2/+17
Using ImagePNG function, if ImageJPG not exists
2014-08-06Merge pull request #3169 from Patroklo/developAndrey Andreev1-11/+14
Change name didn't work if reset initialization it's true
2014-08-06Change name didn't work if reset initialization it's trueJoseba Juániz1-11/+14
If user initializes the upload library with the reset flag as true, the uploaded file doesn't change it's name, it's neccesary to initialize or change the $_file_name_override every time.
2014-08-05Fix #3123Andrey Andreev1-1/+1
2014-08-01Make CI_Pagination properties per_page, cur_page publicAndrey Andreev1-38/+38
Useful if you want to make calculations based on them.
2014-07-31Merge pull request #3162 from MianSaleem/patch-1Andrey Andreev2-1/+2
anchor popup's menubar attribute is missing
2014-07-31Last empty line removeMian Saleem1-1/+1
2014-07-31Update url_helper.phpMian Saleem0-0/+0
2014-07-31Update url_helper.phpMian Saleem0-0/+0
2014-07-31Support for menubar attribute to the :func:`anchor_popup()` Mian Saleem1-0/+1
Now the menubar can be set to yes with anchor_popup() by adding new attribute array element 'menubar' => 'yes' The list of all available attribute for anchor_popup() function will be $atts = array('width' => '800', 'height' => '600', 'scrollbars' => 'yes', 'menubar' => 'no', 'status' => 'yes', 'resizable' => 'yes', 'screenx' => '0', 'screeny' => '0');
2014-07-31Update url_helper.phpMian Saleem1-1/+1
2014-07-31Fix #3160Andrey Andreev1-2/+2
2014-07-31Fix #3161Andrey Andreev3-8/+13
2014-07-31anchor popup attribute missingMian Saleem1-2/+2
Please add the menubar attribute to anchor popup
2014-07-14Merge pull request #3134 from kdazzle/patch-1Andrey Andreev2-1/+2
Return 403 instead of 500 if no CSRF token given
2014-07-14Add changelog entry for CSRF status code; remove line at EOFKyle Valade2-1/+2
2014-07-12Fix CI_Encryption::substr() for PHP 5.3Andrey Andreev1-1/+4
Nothing critical, just an edge case that isn't currently used
2014-07-12Fix CI_Encryption::substr() usage of mb_substr()Andrey Andreev1-1/+1
The whole point was to use 8bit encoding
2014-07-12[ci skip] Add a note about CI_Driver (issue #3140)Andrey Andreev1-1/+5
2014-07-11Add setting ['composer_autoload']Andrey Andreev4-2/+44
Supersedes PR #3132
2014-07-07Continuing from previous commit ... use CI_Encryption::substr()Andrey Andreev1-8/+8
2014-07-07Fix potential bugs in password_hash(), CI_EncryptionAndrey Andreev2-11/+59
strlen(), substr() are not byte-safe when mbstring.func_overload is enabled
2014-07-07Add a backport (compat) for quoted_printable_encode()Andrey Andreev4-4/+216
2014-07-07Fix a few typos and add a backport (compat) for hex2bin()Andrey Andreev7-28/+115
2014-07-06Return 403 instead of 500 if no CSRF token givenKyle Valade1-2/+2
Not supplying a CSRF token shouldn't return a 500 response because it isn't a server error. The response status code should definitely be in the 400's, because it's the client's fault. And it should be a 403 because the client is forbidden from making that request without the appropriate credential (the CSRF token), though the request may be otherwise valid. http://en.wikipedia.org/wiki/List_of_HTTP_status_codes
2014-07-06Merge branch 'develop' of github.com:EllisLab/CodeIgniter into developAndrey Andreev1-1/+1
2014-07-06Fix #3131Andrey Andreev1-0/+4
2014-07-05Merge pull request #3130 from dionysiosarvanitis/fix/pdo_result__list_fieldsAndrey Andreev1-1/+1
Missing looping index added.
2014-07-05Missing looping index added. Without index empty rows returned for csv ↵Dionysis Arvanitis1-1/+1
column headers.
2014-07-02Remove GCM mode from CI_Encryption (OpenSSL)Andrey Andreev2-14/+8
While openssl_get_cipher_methods() lists 'aes-<keysize>-gcm' as supported, it appears that this is only half of the story. To be more specific, only the encryption operation of GCM is performed, and the authentication message is completely missing, rendering the whole thing useles.
2014-07-01Merge branch 'develop' of github.com:EllisLab/CodeIgniter into developAndrey Andreev1-1/+1
2014-07-01Fix #3124Andrey Andreev1-2/+2
2014-06-29Merge pull request #3121 from GrahamCampbell/patch-1Andrey Andreev1-1/+1
Fixed Typo In Security.php
2014-06-29Fixed eofGraham Campbell1-1/+1
2014-06-29Fixed typoGraham Campbell1-2/+2
2014-06-21Add CI_Encryption::create_key()Andrey Andreev2-5/+25
This was planned, we somehow forgot about it. :)