summaryrefslogtreecommitdiffstats
path: root/system/core
AgeCommit message (Collapse)AuthorFilesLines
2017-08-05Minor change in _display() method in CI_Output class allowing us to override ↵Erik Nord1-2/+2
output data with an empty string. Without this change CI chooses to use the default "final_output" var; even though we passed an empty string to the method.
2017-07-06Add array identifier for library loaderSyafiqq1-1/+1
2017-06-21Always check whether a model be a subclass of CI_Model when loaded.tianhe19861-2/+3
Signed-off-by: tianhe1986 <w1s2j3229@163.com>
2017-06-19Merge branch '3.1-stable' into developAndrey Andreev2-52/+45
Conflicts resolved: system/core/CodeIgniter.php tests/codeigniter/libraries/Form_validation_test.php user_guide_src/source/changelog.rst user_guide_src/source/conf.py user_guide_src/source/installation/downloads.rst user_guide_src/source/installation/upgrading.rst
2017-06-19[ci skip] Starting 3.1.6-devAndrey Andreev1-1/+1
2017-06-19[ci skip] Prepare 3.1.5 releaseAndrey Andreev1-1/+1
2017-06-05[ci skip] Merge pull request #5143 from TysonAndre/misc-phpdoc-nitsAndrey Andreev3-3/+3
Fix misc inconsistencies between code and doc comments
2017-06-05Fix misc type inconsistencies between code and doc commentsTyson Andre3-3/+3
2017-05-25[ci skip] Fix #5131Andrey Andreev1-1/+1
2017-04-18[ci skip] Reduce nesting levels in CI_OutputAndrey Andreev1-51/+44
2017-03-24Merge branch '3.1-stable' into developAndrey Andreev7-40/+44
Conflicts resolved: system/core/CodeIgniter.php system/core/Common.php system/core/Input.php system/helpers/cookie_helper.php tests/codeigniter/helpers/html_helper_test.php user_guide_src/source/changelog.rst user_guide_src/source/conf.py user_guide_src/source/installation/downloads.rst user_guide_src/source/installation/upgrading.rst user_guide_src/source/libraries/input.rst
2017-03-20[ci skip] Mark the start of 3.1.5-devAndrey Andreev1-1/+1
2017-03-20[ci skip] Prepare 3.1.4 releaseAndrey Andreev1-1/+1
2017-03-20Fix Apache header injection vulnerability in set_status_header()Andrey Andreev1-5/+5
2017-02-07Allow to omit trailing slash in config pathsvlakoff3-2/+16
2017-02-06[ci skip] Eliminate a needless array_merge() call from PR #5006 patchAndrey Andreev1-6/+3
2017-02-06Merge pull request #5006 from tianhe1986/develop_commonAndrey Andreev1-8/+8
Fix two bugs with Common Functions
2017-02-04Removing url encoded 127.tianhe19861-0/+1
Signed-off-by: tianhe1986 <w1s2j3229@163.com>
2017-02-04Loading global mimes config file first, and then environment file.tianhe19861-8/+7
Signed-off-by: tianhe1986 <w1s2j3229@163.com>
2017-02-01Fix a CI_Input::set_cookie() bugAndrey Andreev1-9/+7
Found on StackOverflow: https://stackoverflow.com/questions/41925028/codeigniter-config-overrides-set-cookie-parameters
2017-01-23Merge pull request #4991 from verkhoumov/developAndrey Andreev1-5/+0
Removed dead code from show_error()
2017-01-21Fixed show_error() for check $exit_statusDmitriy Verkhoumov1-5/+0
At the beginning of the function it checks whether a parameter $status_code is less than 100. Then the parameter $exit_status is formed by summing the $status_code + 9. In this case, the parameter $exit_status can not be more than 108, but somehow it is checked whether the value of the parameter $exit_status over 125. Such a situation can not occur under any circumstances.
2017-01-20Don't use each()Andrey Andreev1-2/+2
Will be deprecated in PHP 7.2
2017-01-19hash_pbkdf2() byte-safety again ... actually tell mbstring to use 8bitAndrey Andreev1-2/+2
2017-01-19hash_pbkdf2() byte-safetyAndrey Andreev1-4/+13
2017-01-19More byte-safetyAndrey Andreev3-14/+14
2017-01-17[ci skip] Merge pull request #4986 from ka7/feature/spellingAndrey Andreev2-2/+2
Spelling fixes in comment blocks and docs
2017-01-16spelling fixes(1)klemens1-1/+1
2017-01-16spelling fixesklemens2-2/+2
2017-01-11[ci skip] Merge pull request #4977 from ↵Andrey Andreev1-1/+1
fabiospampinato/fabiospampinato-loader-helper-regex-fix Fixed regex used for loading helpers
2017-01-11Fixed regex used for loading helpersFabio Spampinato1-1/+1
We want to exactly match a dot, so we have to escape it. I found the bug because in my project I load an helper named `session_php_helper.php`, so the `_php` part gets removed and the `session_helper.php` helper gets loaded instead, this way not even an error was shown.
2017-01-10Merge branch '3.1-stable' into developAndrey Andreev2-37/+37
Conflicts resolved: system/core/CodeIgniter.php system/database/drivers/sqlite/sqlite_driver.php system/database/drivers/sqlite/sqlite_forge.php system/database/drivers/sqlite/sqlite_result.php system/database/drivers/sqlite/sqlite_utility.php system/helpers/email_helper.php system/helpers/smiley_helper.php system/libraries/Cart.php system/libraries/Email.php system/libraries/Image_lib.php system/libraries/Javascript.php system/libraries/Javascript/Jquery.php system/libraries/Session/SessionHandlerInterface.php user_guide_src/source/changelog.rst user_guide_src/source/installation/downloads.rst user_guide_src/source/installation/upgrading.rst
2017-01-10Fix Undefined variable: object errorChris Faulkner1-2/+2
Change the undefined variable $object to $vars when calling get_object_vars(). This fixes an error when passing an object to a view.
2017-01-09[ci skip] Mark the beginning of 3.1.4-devAndrey Andreev1-1/+1
2017-01-09[ci skip] Prepare 3.1.3 releaseAndrey Andreev1-1/+1
2017-01-05[ci skip] || -> ORAndrey Andreev1-1/+1
2017-01-04Close #4904Andrey Andreev1-3/+3
2017-01-04Fix a possible file inclusion vulnerability in CI_Loader::vars()Andrey Andreev1-30/+28
2017-01-04[ci skip] Protect CSRF verification from timing side-channel attacksAndrey Andreev1-6/+8
2017-01-04Fix an XSS vulnerabilityAndrey Andreev1-1/+1
2017-01-03Update copyright data to 2017Master Yoda21-42/+42
2016-12-31Update copyright data to 2017Master Yoda21-42/+42
2016-12-14Move csrf_verify() call out of CI_InputAndrey Andreev3-24/+7
2016-12-14Isolate CI_Security instantiation from CI_Input; improve testsAndrey Andreev3-11/+10
2016-12-14Drop all PHP 5.3-related codeAndrey Andreev9-153/+10
2016-12-14Finally drop CI_Input::_sanitize_globals()Andrey Andreev1-160/+8
Close #4101
2016-12-14Remove 'global_xss_filtering' config settingAndrey Andreev1-23/+9
2016-12-14Remove 'allow_get_array', 'standardize_newlines' config settingsAndrey Andreev1-22/+1
2016-12-14Merge branch '3.1-stable' into developAndrey Andreev1-1/+4
2016-12-14Move 'standardize_newlines' proc out of CI_Input::_clean_input_data()Andrey Andreev1-17/+7
Preparation for CI_Input::_sanitize_globals() removal. Also, WTF?! I'm deprecating this functionality in 3.1.next.