summaryrefslogtreecommitdiffstats
path: root/system/core
AgeCommit message (Expand)AuthorFilesLines
2014-08-27Fix #2963Andrey Andreev2-10/+22
2014-08-27Add CI_Security::get_random_bytes() for CSRF & XSS token generationAndrey Andreev1-7/+54
2014-08-26Upgraded html_escape() - The simplest version.Ivan Tcholakov1-8/+1
2014-08-25Upgrading the function html_escape() - Readability Improvement 2.Ivan Tcholakov1-5/+11
2014-08-25Upgrading the function html_escape() - readability improvement.Ivan Tcholakov1-1/+3
2014-08-25Upgrading the function html_escape() - documentation corrections.Ivan Tcholakov1-4/+3
2014-08-25Upgrading the function html_escape(), escaping twice can be prevented by sett...Ivan Tcholakov1-4/+8
2014-08-18[ci skip] Polish changes from PR #3176Andrey Andreev1-6/+6
2014-08-18Alter Pull #3176 to follow discussioncaseyh1-4/+4
2014-08-11CSRF whitelist supports regexCasey Hancock1-4/+7
2014-08-05Fix #3123Andrey Andreev1-1/+1
2014-07-14Merge pull request #3134 from kdazzle/patch-1Andrey Andreev1-1/+1
2014-07-14Add changelog entry for CSRF status code; remove line at EOFKyle Valade1-1/+1
2014-07-11Add setting ['composer_autoload']Andrey Andreev1-0/+17
2014-07-07Fix potential bugs in password_hash(), CI_EncryptionAndrey Andreev1-3/+6
2014-07-07Add a backport (compat) for quoted_printable_encode()Andrey Andreev1-2/+90
2014-07-07Fix a few typos and add a backport (compat) for hex2bin()Andrey Andreev2-3/+50
2014-07-06Return 403 instead of 500 if no CSRF token givenKyle Valade1-2/+2
2014-06-29Fixed eofGraham Campbell1-1/+1
2014-06-29Fixed typoGraham Campbell1-2/+2
2014-06-21Fix a _potential_ flaw in password_hash()Andrey Andreev1-1/+4
2014-06-12remove the empty line at the end of fileFu Xu1-1/+1
2014-06-12style changeFu Xu1-1/+1
2014-06-12config load bug fixFu Xu1-2/+3
2014-06-12Fix #3101Andrey Andreev1-1/+1
2014-05-31A fix about loading language files - ensuring suffix '_lang' presence properly.Ivan Tcholakov1-1/+1
2014-05-27fix callable hooksMax1-1/+1
2014-05-27fix callable hooksMax1-1/+1
2014-05-23Fix #3057Andrey Andreev1-66/+62
2014-05-19Fix caching of MIME configvlakoff1-7/+14
2014-05-19Merge pull request #3053 from vlakoff/get_configAndrey Andreev1-7/+4
2014-05-19Simplify code in get_config()vlakoff1-7/+4
2014-05-18[ci skip] Add a note to CI_Model::__get() (issue #3046)Andrey Andreev1-0/+4
2014-05-18Adjust docblock of load_class()vlakoff1-1/+1
2014-05-09Suppress PHP 5.6 E_DEPRECATED warnings for mbstring.internal_encoding as wellAndrey Andreev1-1/+3
2014-05-09Add hash_equals() to ext/hash compat layerAndrey Andreev1-0/+46
2014-05-08[ci skip] Update a comment for CI_Input::input_stream()Andrey Andreev1-2/+2
2014-05-06Account for PHP 5.6 changes related to charsetsAndrey Andreev1-2/+10
2014-05-06xss_clean is not protecting GET requests that &item=/startwithslashDocumentopia.com1-1/+1
2014-05-01Fix a typoAndrey Andreev1-1/+1
2014-05-01Optimization in CI_URI::_set_uri_string()Andrey Andreev1-1/+1
2014-05-01Fix docblock of URI->rsegments propertyvlakoff1-1/+3
2014-04-29Merge branch 'develop' of github.com:EllisLab/CodeIgniter into developAndrey Andreev2-2/+2
2014-04-29Small fixes (PR #3022)Andrey Andreev2-3/+3
2014-04-25Minor fixesvlakoff2-2/+2
2014-04-15Merge pull request #3006 from vlakoff/securityAndrey Andreev1-1/+1
2014-04-15#3005Andrey Andreev1-2/+1
2014-04-15Fix in $_protected array of register_globals security procedurevlakoff1-1/+1
2014-04-15Fix #3004Andrey Andreev2-53/+52
2014-04-15Follow-up to aeed15eb8556ab671507f17ef9a8cf28903999aaAndrey Andreev1-1/+1