summaryrefslogtreecommitdiffstats
path: root/system/core
AgeCommit message (Collapse)AuthorFilesLines
2017-01-16spelling fixes(1)klemens1-1/+1
2017-01-16spelling fixesklemens2-2/+2
2017-01-11Fixed regex used for loading helpersFabio Spampinato1-1/+1
We want to exactly match a dot, so we have to escape it. I found the bug because in my project I load an helper named `session_php_helper.php`, so the `_php` part gets removed and the `session_helper.php` helper gets loaded instead, this way not even an error was shown.
2017-01-10Merge branch '3.1-stable' into developAndrey Andreev2-37/+37
Conflicts resolved: system/core/CodeIgniter.php system/database/drivers/sqlite/sqlite_driver.php system/database/drivers/sqlite/sqlite_forge.php system/database/drivers/sqlite/sqlite_result.php system/database/drivers/sqlite/sqlite_utility.php system/helpers/email_helper.php system/helpers/smiley_helper.php system/libraries/Cart.php system/libraries/Email.php system/libraries/Image_lib.php system/libraries/Javascript.php system/libraries/Javascript/Jquery.php system/libraries/Session/SessionHandlerInterface.php user_guide_src/source/changelog.rst user_guide_src/source/installation/downloads.rst user_guide_src/source/installation/upgrading.rst
2017-01-10Fix Undefined variable: object errorChris Faulkner1-2/+2
Change the undefined variable $object to $vars when calling get_object_vars(). This fixes an error when passing an object to a view.
2017-01-09[ci skip] Mark the beginning of 3.1.4-devAndrey Andreev1-1/+1
2017-01-09[ci skip] Prepare 3.1.3 releaseAndrey Andreev1-1/+1
2017-01-05[ci skip] || -> ORAndrey Andreev1-1/+1
2017-01-04Close #4904Andrey Andreev1-3/+3
2017-01-04Fix a possible file inclusion vulnerability in CI_Loader::vars()Andrey Andreev1-30/+28
2017-01-04[ci skip] Protect CSRF verification from timing side-channel attacksAndrey Andreev1-6/+8
2017-01-04Fix an XSS vulnerabilityAndrey Andreev1-1/+1
2017-01-03Update copyright data to 2017Master Yoda21-42/+42
2016-12-31Update copyright data to 2017Master Yoda21-42/+42
2016-12-14Move csrf_verify() call out of CI_InputAndrey Andreev3-24/+7
2016-12-14Isolate CI_Security instantiation from CI_Input; improve testsAndrey Andreev3-11/+10
2016-12-14Drop all PHP 5.3-related codeAndrey Andreev9-153/+10
2016-12-14Finally drop CI_Input::_sanitize_globals()Andrey Andreev1-160/+8
Close #4101
2016-12-14Remove 'global_xss_filtering' config settingAndrey Andreev1-23/+9
2016-12-14Remove 'allow_get_array', 'standardize_newlines' config settingsAndrey Andreev1-22/+1
2016-12-14Merge branch '3.1-stable' into developAndrey Andreev1-1/+4
2016-12-14Move 'standardize_newlines' proc out of CI_Input::_clean_input_data()Andrey Andreev1-17/+7
Preparation for CI_Input::_sanitize_globals() removal. Also, WTF?! I'm deprecating this functionality in 3.1.next.
2016-12-01[ci skip] Fix #4928Andrey Andreev1-1/+4
2016-12-01Remove previously deprecated CI_Config::system_url()Andrey Andreev1-14/+0
2016-12-01Remove previously deprecated fetch_*() methods from CI_RouterAndrey Andreev1-43/+0
2016-12-01Remove previously deprecated CI_Input::is_cli_request()Andrey Andreev1-15/+0
2016-12-01Merge branch '3.1-stable' into developAndrey Andreev3-36/+13
2016-12-01Fix #4927Andrey Andreev1-3/+4
2016-11-14Fix #4905Andrey Andreev1-32/+8
2016-11-03Fix #4679, for realAndrey Andreev1-1/+1
2016-10-28Merge branch '3.1-stable' into developAndrey Andreev6-45/+196
Resolved conflicts: system/core/CodeIgniter.php user_guide_src/source/changelog.rst user_guide_src/source/conf.py user_guide_src/source/installation/downloads.rst user_guide_src/source/installation/upgrading.rst user_guide_src/source/libraries/form_validation.rst
2016-10-28[ci skip] Mark the start of 3.1.3-devAndrey Andreev1-1/+1
2016-10-28[ci skip] Prepare for 3.1.2 releaseAndrey Andreev1-1/+1
2016-10-28[ci skip] xss_clean() hardeningAndrey Andreev1-10/+11
- percent-sign tag (IE) - data: URI scheme inclinding whitespace (Chrome)
2016-10-28Improve byte-safetyAndrey Andreev2-9/+106
2016-10-27Close #4875Andrey Andreev1-1/+20
2016-10-27[ci skip] This is 3.1.2-devAndrey Andreev1-1/+1
2016-10-26Fix #4877Andrey Andreev1-5/+29
2016-10-22[ci skip] Prepare for 3.1.1 releaseAndrey Andreev1-1/+1
2016-10-22Merge branch 'security/entity_decode' into 3.1-stableAndrey Andreev1-17/+22
2016-10-21Fix #4865Andrey Andreev2-1/+1
2016-10-11[ci skip] Add new HTTP status codesAndrey Andreev1-1/+6
https://tools.ietf.org/html/rfc2817 https://tools.ietf.org/html/rfc6585 Requested in #4835
2016-09-27Fix entity_decode() issueAndrey Andreev1-17/+22
2016-08-29Merge pull request #4785 from guitarrist/developAndrey Andreev1-1/+1
[ci skip] Fix a comment typo
2016-08-26fix typoAntônio1-1/+1
2016-08-23Merge pull request #4781 from tianhe1986/develop_hash_pbkdf2Andrey Andreev1-1/+1
Hash: processing algorithm name case-insensitively in hash_pbkdf2()
2016-08-23Move strtolower() inside the is_array() check,tianhe19861-2/+1
Signed-off-by: tianhe1986 <w1s2j3229@163.com>
2016-08-23Hash: processing algorithm name case-insensitively in hash_pbkdf2():tianhe19861-0/+1
Signed-off-by: tianhe1986 <w1s2j3229@163.com>
2016-08-22Merge pull request #4780 from tianhe1986/develop_standard_hex2binAndrey Andreev1-1/+1
[ci skip] Trigger error for "resource" type in hex2bin() inputs
2016-08-22Standard: filtering "resource" type in hex2bin()tianhe19861-1/+1
Signed-off-by: tianhe1986 <w1s2j3229@163.com>