Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2014-01-08 | Make newline standardization configurable | Andrey Andreev | 1 | -0/+14 | |
Added ['standardize_newlines'] Also altered the Session cookie driver, which experienced issues with this feature due to it's HMAC verification failing after the Input class alters newlines in non-encrypted session cookies. Supersedes PR #2470 | |||||
2013-09-14 | [ci skip] Remove empty line at application/config/config.php EOF | Andrey Andreev | 1 | -1/+1 | |
2013-09-14 | Updated config to include list of valid characters to `sess_cookie_name` | brenjt | 1 | -2/+2 | |
Added list of valid characters to sess_cookie_name | |||||
2013-02-15 | Fix some stuff from recent pull requests | Andrey Andreev | 1 | -2/+5 | |
2013-02-13 | Added support for changing the default log file extension from .php to ↵ | Chris Passas | 1 | -0/+11 | |
whatever is preferred. example (.log) This is a follow up to this pull request. https://github.com/EllisLab/CodeIgniter/pull/2243 | |||||
2013-01-24 | Move db_select() call from CI_DB_driver::initialize() to db_connect() | Andrey Andreev | 1 | -1/+1 | |
so that it's only called by drivers that need it ('mysql', 'mssql'). As proposed in issue #2187. | |||||
2013-01-23 | Update application/config/config.php | OsamaAbbas | 1 | -2/+2 | |
2013-01-01 | [ci skip] Happy new year | Andrey Andreev | 1 | -1/+1 | |
2012-10-31 | Changed URI auto-detection to try PATH_INFO first | Andrey Andreev | 1 | -2/+1 | |
(thanks to @sourcejedi, PR #1326) Up until PHP 5.2.4 (which is our new lowest requirement), there was a bug related to PATH_INFO which made REQUEST_URI a more reliable choice. This is now no longer the case, see https://bugs.php.net/bug.php?id=31892 for more details. Also removed ORIG_PATH_INFO from the suggested alternatives for uri_protocol in application/config/config.php as it will not exist in most of PHP's recent versions and is pointless when you can use PATH_INFO anyway. | |||||
2012-10-31 | Multiple improvements to the URI class | Andrey Andreev | 1 | -5/+6 | |
(thanks to @sourcejedi, PR #1326 for most of the ideas) - Renamed _detect_uri() and _parse_cli_args() to _parse_request_uri() and _parse_argv() respectively. - Added _parse_query_string() which allows us to detect the URI path from QUERY_STRING much like it is done in _parse_request_uri(). (the above changes also allow for a simpler logic in the case where the *uri_protocol* setting is not set to 'AUTO') - Updated application/config/config.php with a better list of the *uri_protocol* options. - Added _reset_query_string() to aid in re-processing from the QUERY_STRING (utilized in _parse_request_uri() and _parse_query_string()). | |||||
2012-10-06 | Add IPv6 and array() support for *proxy_ips* configuration | Andrey Andreev | 1 | -6/+10 | |
2012-08-30 | Added session driver config items | dchill42 | 1 | -0/+5 | |
Signed-off-by: dchill42 <dchill42@gmail.com> | |||||
2012-07-03 | replaced double quotes with single in $config['cookie_... string values | Dumk0 | 1 | -3/+3 | |
2012-06-15 | Merge branch 'develop' of github.com:EllisLab/CodeIgniter into develop | Phil Sturgeon | 1 | -7/+7 | |
2012-06-15 | Merge branch 'feature/minify_output' of ↵ | Phil Sturgeon | 1 | -0/+13 | |
https://github.com/atiredmachine/CodeIgniter into develop | |||||
2012-06-14 | Polish changes from pull #1233 - Session class already has the ↵ | Andrey Andreev | 1 | -3/+3 | |
time_reference setting - 'GMT' is a valid timezone, so nothing needs to be changed in order to work properly (upgrade notes) - Altered some description text | |||||
2012-06-13 | Fixed some stuff in documentation. | Iban Eguia | 1 | -3/+4 | |
2012-06-12 | Changed the config parameter. The session's _get_time() function has also ↵ | Iban Eguia | 1 | -2/+2 | |
changed. | |||||
2012-06-10 | Changed the default timezone to local and explained in the config file. | Iban Eguia | 1 | -2/+3 | |
2012-03-27 | Fixed typo. | Iban Eguia | 1 | -1/+1 | |
2012-03-27 | Changed Date helper to return time() based on the timezone parameter. | Iban Eguia | 1 | -9/+7 | |
2012-03-26 | Clear some spaces and fix some inconsistencies in application/ php files | Andrey Andreev | 1 | -3/+3 | |
2012-03-18 | add support for httponly cookies | freewil | 1 | -0/+2 | |
2012-03-09 | Bumped CodeIgniter's PHP requirement to 5.2.4. | Phil Sturgeon | 1 | -1/+1 | |
Yes I know PHP 5.4 just came out, and yes I know PHP 5.3 has lovely features, but there are plenty of corporate systems running on CodeIgniter and PHP 5.3 still is not widely supported enough. CodeIgniter is great for distributed applications, and this is the highest we can reasonably go without breaking support. PHP 5.3 will most likely happen in another year or so. Fingers crossed on that one anyway... | |||||
2012-01-25 | Rudimentary minifying of output. | Thor (atiredmachine) | 1 | -0/+13 | |
2012-01-08 | Merge pull request #850 from RS71/develop | Phil Sturgeon | 1 | -0/+2 | |
CSRF optional token regeneration | |||||
2012-01-02 | Updating copyright date to 2012 | Greg Aker | 1 | -1/+1 | |
2011-12-31 | Update application/config/config.php | RS71 | 1 | -0/+2 | |
2011-10-27 | Added links to the user guide for Encryption class and Session class. | Kyle Ridolfo | 1 | -0/+3 | |
2011-10-21 | fixing typo in attribution block | Derek Jones | 1 | -1/+1 | |
2011-10-20 | adding new license file (OSL 3.0) and updating readme to ReST | Derek Jones | 1 | -0/+25 | |
added notice of license to all source files. OSL to all except the few files we ship inside of the application folder, those are AFL. Updated license in user guide. incrementing next dev version to 3.0 due to licensing change | |||||
2011-08-28 | always use charset config item | freewil | 1 | -0/+2 | |
2011-08-25 | Merge remote-tracking branch 'alexbilbie/csrf-override' into feature/csrf-verify | Eric Barnes | 1 | -0/+2 | |
Conflicts: system/core/Security.php | |||||
2011-08-21 | added ability to log certain error types, not all under a threshold | Nithin | 1 | -0/+4 | |
2011-08-21 | Added new config parameter "csrf_exclude_uris" which allows for URIs to be ↵ | Alex Bilbie | 1 | -0/+2 | |
whitelisted from CSRF verification. Fixes #149 | |||||
2011-07-02 | backed out 648b42a75739, which was a NON-trivial whitespace commit. It ↵ | Derek Jones | 1 | -20/+20 | |
broke the Typography class's string replacements, for instance | |||||
2011-04-25 | Fixed double-space typo. | Razican | 1 | -20/+20 | |
2011-02-16 | Merged CodeIgniter Core changes and integrated rob1's secure cookie change ↵ | Phil Sturgeon | 1 | -17/+30 | |
into my secure cookie change. | |||||
2011-02-11 | Adding config option to require 'secure' setting for all cookies- requires ↵ | Robin Sowell | 1 | -0/+2 | |
https. | |||||
2011-01-17 | Accidentally left csrf to turned on in last commit | Eric Barnes | 1 | -1/+1 | |
2011-01-17 | Added access scope to security library and added config options for csrf ↵ | Eric Barnes | 1 | -2/+8 | |
protection | |||||
2011-01-12 | Changed instructions for location of log path. Fixes #305 | Eric Barnes | 1 | -1/+1 | |
2010-12-27 | Implemented GET string support from Dan Horrigan and modified it slightly. ↵ | Phil Sturgeon | 1 | -18/+21 | |
Also tweaked his regex_match changes. | |||||
2010-12-15 | <kbd>['base_url']</kbd> is now empty by default and will guess what it ↵ | Phil Sturgeon | 1 | -17/+20 | |
should be. | |||||
2010-12-15 | Added full Query String and $_GET array support. This is enabled by ↵ | Dan Horrigan | 1 | -0/+4 | |
default. Added a seperate config option to enable/disable the $_GET array. | |||||
2010-10-07 | Automated merge with https://bitbucket.org/barrymieny/codeigniter | Derek Jones | 1 | -2/+2 | |
2010-10-07 | Fixed CSRF comments to avoid confusion. | Shane Pearson | 1 | -2/+2 | |
2010-10-04 | Cleanup of stray spaces and tabs | Barry Mieny | 1 | -6/+6 | |
2010-09-27 | added sess_expire_on_close to config file, corrected comment block for ↵ | Derek Jones | 1 | -5/+12 | |
session config vars. Fixes #149 | |||||
2010-08-31 | Added fatal error to Session class when no encryption key is set in the ↵ | Derek Jones | 1 | -2/+2 | |
config file, for additional assurance that session manipulation can be prevented |