Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2014-01-15 | Fix #2799 by adding conditional PCRE UTF-8 support to CI_URI::filter_uri() | Andrey Andreev | 2 | -2/+2 | |
Also did a tiny micro-optimization in the Utf8 class. | |||||
2014-01-15 | Fix #2822: Incorrect usage of fwrite() | Andrey Andreev | 2 | -15/+41 | |
We only used to check (and not always) if the return value of fwrite() is boolean FALSE, while it is possible that the otherwise returned bytecount is less than the length of data that we're trying to write. This allowed incomplete writes over network streams and possibly a few other edge cases. | |||||
2014-01-15 | CI_URI changes related to the 'permitted_uri_chars' setting | Andrey Andreev | 2 | -15/+26 | |
- Initialize and cache the value in the class constructor instead of searching for it every time - Removed the preg_quote() call from _filter_uri() to allow more fine-tuning from configuration - Renamed _filter_uri() to filter_uri() - it was public anyway and using it cannot break anything Related: issue #2799 | |||||
2014-01-15 | Fix incorrect checks for the fwrite() return value | Andrey Andreev | 1 | -1/+1 | |
! fwrite() could trigger false-positives as it is possible for it to return 0 instead of boolean FALSE. (issue #2822) Also removed an unnecessary log level check that caused an extra space to be inserted for the INFO level. (proposed in PR #2821) | |||||
2014-01-10 | Finally get rid of the CI_Router::_set_overrides() calls | Andrey Andreev | 2 | -38/+23 | |
2014-01-08 | Make newline standardization configurable | Andrey Andreev | 1 | -4/+5 | |
Added ['standardize_newlines'] Also altered the Session cookie driver, which experienced issues with this feature due to it's HMAC verification failing after the Input class alters newlines in non-encrypted session cookies. Supersedes PR #2470 | |||||
2014-01-08 | Fix #346 | Andrey Andreev | 1 | -14/+24 | |
When ['global_xss_filtering'] was turned on, the , , & superglobals were automatically overwritten. This resulted in one of the following problems: - xss_clean() being called twice - Inability to retrieve the original (not filtered) value XSS filtering is now only applied on demand by the Input class, and the default value for the parameter in CI_Input methods is changed to NULL. Unless a boolean value is passed to them, whether XSS filtering is applied depends on the ['global_xss_filtering'] value. | |||||
2014-01-08 | Fix #148 | Andrey Andreev | 1 | -4/+6 | |
CI_Input::_clean_input_data() assumed that all input data is URL-encoded while sanitizing it. However, PHP already performs URL-decoding on it, so this is either redudant or overly intrusive as it resulted in many, many reports of data containing '%' followed by 1 numeric characters being essentially destroyed. Supersedes PR #1229 | |||||
2014-01-08 | Optimize get_instance() calls/assignments | Andrey Andreev | 2 | -4/+2 | |
2014-01-08 | Update the CI_Hooks class | Marcos SF Filho | 1 | -18/+16 | |
2014-01-07 | Class for execute Hooks can be stored for reuse | Marcos SF Filho | 1 | -8/+33 | |
2014-01-07 | Fix a few bugs in CI_Hook (based on PR #2762) | Andrey Andreev | 1 | -4/+8 | |
2014-01-07 | Implement Loader method chaining | Andrey Andreev | 1 | -29/+46 | |
Requested in issue #2165 Supersedes PR #2319 | |||||
2014-01-07 | Fix #2268 (manually implementing PR #2269) | Andrey Andreev | 1 | -3/+3 | |
2014-01-06 | Make CI_Loader methods library(), driver(), vars() and language()'s first ↵ | Andrey Andreev | 1 | -6/+6 | |
parameters mandatory and fix a docblock | |||||
2014-01-06 | Make CI_Input::set_cookie() and cookie helpers set_cookie(), get_cookie(), ↵ | Andrey Andreev | 1 | -1/+1 | |
delete_cookie()'s first (name) parameter mandatory | |||||
2014-01-03 | Make CI_Lang::line()'s first parameter mandatory (optional doesn't make sense) | Andrey Andreev | 1 | -1/+1 | |
2014-01-03 | [ci skip] Remove a few spaces | Andrey Andreev | 1 | -3/+3 | |
2014-01-03 | A tiny improvement in ruri_string() | Andrey Andreev | 1 | -6/+1 | |
2013-11-27 | [ci skip] Remove a few more spaces | Andrey Andreev | 1 | -1/+1 | |
2013-11-17 | Always load application/config/constants.php | Andrey Andreev | 1 | -6/+4 | |
2013-11-16 | Update CodeIgniter.php | josephok | 1 | -9/+9 | |
require(APPPATH.'config/constants.php') should be in front of require(BASEPATH.'core/Common.php') because Common.php uses some constants defined in constants.php. | |||||
2013-11-14 | Remove a function_exists() check for error_get_last() | Andrey Andreev | 1 | -1/+1 | |
It was only relevant until we dropped support for PHP < 5.2 | |||||
2013-11-12 | Add CLI error templates and only send HTTP status headers for non-CLI ↵ | Andrey Andreev | 1 | -14/+39 | |
requests (issue #1743) | |||||
2013-11-12 | Deprecate CI_Input::is_cli_request() and add common function is_cli() to ↵ | Andrey Andreev | 3 | -21/+23 | |
replace it Calls to this function are often needed before the Input library is available | |||||
2013-11-11 | Polish changes from PR #2712 | Andrey Andreev | 1 | -4/+2 | |
2013-11-11 | Merge pull request #2712 from pveyes/develop | Andrey Andreev | 1 | -2/+29 | |
Enable HTTP Verb in Routing | |||||
2013-11-05 | Fix HTTP Verb Routing Rules | Fatih Kalifa | 1 | -18/+14 | |
Fix code style, removed (:any) rule in http verb to avoid confusion, and add proposed documentation and changelog | |||||
2013-10-31 | Enable HTTP Verb in Routing | Fatih Kalifa | 1 | -1/+32 | |
Using array for HTTP Verb e.g: $route['(:any)']['POST'] = "controller/post_method"; $route['path']['GET'] = "controller/path_get_method"; $route['path']['(:any)'] = "controller/path_any_method"; Using (:any) or not will make same result e.g: $route['path']['(:any)'] == $route['path'] So it won't break existing route | |||||
2013-10-31 | Fix #2710 | Andrey Andreev | 1 | -2/+1 | |
2013-10-31 | Apply trim() on the splitted code elements | Andrey Andreev | 1 | -164/+11 | |
2013-10-30 | Escape PCRE delimiters | Andrey Andreev | 1 | -2/+2 | |
2013-10-28 | An alternative to CI_Output::_minify_script_style() using more efficient ↵ | Andrey Andreev | 1 | -5/+97 | |
regexp patterns | |||||
2013-10-25 | Implement $protocol parameter in Config base_url() and site_url() methods | vlakoff | 1 | -6/+22 | |
Let's keep the implementation logic in one place. Improves 2023c3d05b042cf1322286d69557c2b8bf3bd8d5. | |||||
2013-10-22 | Fix CSS minifier | Andrey Andreev | 1 | -4/+4 | |
2013-10-21 | Fix #2515 (manually merge PR #2516) | Andrey Andreev | 1 | -4/+25 | |
2013-10-18 | Eh ... preg_replace() needs a replacement | Andrey Andreev | 1 | -2/+2 | |
2013-10-18 | Fix issue #2681 (alternative to PR #2690) | Andrey Andreev | 1 | -2/+2 | |
2013-10-17 | Replace the last rand() with mt_rand() | vlakoff | 1 | -2/+2 | |
Better entropy, faster. Also fixed a few "it's" typos. | |||||
2013-10-16 | Fixed empty line at EOF and added changelog entry | Tomaz Lovrec | 1 | -1/+1 | |
2013-10-16 | Added possibility clear out the cached variables from the Loader. | Tomaz Lovrec | 1 | -1/+15 | |
2013-10-14 | Fix #2682 | Andrey Andreev | 1 | -1/+1 | |
2013-10-14 | Merge pull request #2668 from garthkerr/patch-1 | Andrey Andreev | 1 | -2/+2 | |
Add return type for view loader. | |||||
2013-10-03 | partial fix #2667 | David Cox Jr | 1 | -1/+1 | |
this fixes the ability to replace a space with a / and skip the XSS filtering | |||||
2013-10-03 | re-fixes #2637 | David Cox Jr | 1 | -1/+1 | |
delimiter used for regex bounds found in neg. lookahead causes error using @ delimiter now for this expression | |||||
2013-10-02 | Add return type for view loader. | garthkerr | 1 | -2/+2 | |
When _ci_return is TRUE. | |||||
2013-09-27 | Script is killed with the proper exit code. | Jesse van Assen | 1 | -1/+1 | |
2013-09-24 | Merge pull request #2657 from DaveMC08/feature/fixes_2637 | Andrey Andreev | 1 | -1/+1 | |
Fixes Issue #2637 | |||||
2013-09-24 | fix #2637 | David Cox Jr | 1 | -1/+1 | |
cleaned up the regex to remove extra qualifiers used character sets where possible for clarity main expression optimized | |||||
2013-09-23 | Fix issue #33 | Andrey Andreev | 1 | -7/+24 | |