summaryrefslogtreecommitdiffstats
path: root/system/core
AgeCommit message (Collapse)AuthorFilesLines
2014-01-15Merge changes from developAndrey Andreev5-61/+82
2014-01-15Fix #2822: Incorrect usage of fwrite()Andrey Andreev2-15/+41
We only used to check (and not always) if the return value of fwrite() is boolean FALSE, while it is possible that the otherwise returned bytecount is less than the length of data that we're trying to write. This allowed incomplete writes over network streams and possibly a few other edge cases.
2014-01-15CI_URI changes related to the 'permitted_uri_chars' settingAndrey Andreev2-15/+26
- Initialize and cache the value in the class constructor instead of searching for it every time - Removed the preg_quote() call from _filter_uri() to allow more fine-tuning from configuration - Renamed _filter_uri() to filter_uri() - it was public anyway and using it cannot break anything Related: issue #2799
2014-01-15Fix incorrect checks for the fwrite() return valueAndrey Andreev1-1/+1
! fwrite() could trigger false-positives as it is possible for it to return 0 instead of boolean FALSE. (issue #2822) Also removed an unnecessary log level check that caused an extra space to be inserted for the INFO level. (proposed in PR #2821)
2014-01-10Finally get rid of the CI_Router::_set_overrides() callsAndrey Andreev2-38/+23
2014-01-10Use config_item() in CI_Output::__construct()Andrey Andreev1-3/+1
2014-01-10Compress output before storing it to cache, if output compression is enabledAndrey Andreev1-20/+62
Based on PR #964
2014-01-08Make newline standardization configurableAndrey Andreev1-4/+5
Added ['standardize_newlines'] Also altered the Session cookie driver, which experienced issues with this feature due to it's HMAC verification failing after the Input class alters newlines in non-encrypted session cookies. Supersedes PR #2470
2014-01-08Fix #346Andrey Andreev1-14/+24
When ['global_xss_filtering'] was turned on, the , , & superglobals were automatically overwritten. This resulted in one of the following problems: - xss_clean() being called twice - Inability to retrieve the original (not filtered) value XSS filtering is now only applied on demand by the Input class, and the default value for the parameter in CI_Input methods is changed to NULL. Unless a boolean value is passed to them, whether XSS filtering is applied depends on the ['global_xss_filtering'] value.
2014-01-08Fix #148Andrey Andreev1-4/+6
CI_Input::_clean_input_data() assumed that all input data is URL-encoded while sanitizing it. However, PHP already performs URL-decoding on it, so this is either redudant or overly intrusive as it resulted in many, many reports of data containing '%' followed by 1 numeric characters being essentially destroyed. Supersedes PR #1229
2014-01-08Optimize get_instance() calls/assignmentsAndrey Andreev2-4/+2
2014-01-08Update the CI_Hooks classMarcos SF Filho1-18/+16
2014-01-07Class for execute Hooks can be stored for reuseMarcos SF Filho1-8/+33
2014-01-07Fix a few bugs in CI_Hook (based on PR #2762)Andrey Andreev1-4/+8
2014-01-07Implement Loader method chainingAndrey Andreev1-29/+46
Requested in issue #2165 Supersedes PR #2319
2014-01-07Fix #2268 (manually implementing PR #2269)Andrey Andreev1-3/+3
2014-01-06Make CI_Loader methods library(), driver(), vars() and language()'s first ↵Andrey Andreev1-6/+6
parameters mandatory and fix a docblock
2014-01-06Make CI_Input::set_cookie() and cookie helpers set_cookie(), get_cookie(), ↵Andrey Andreev1-1/+1
delete_cookie()'s first (name) parameter mandatory
2014-01-03Make CI_Lang::line()'s first parameter mandatory (optional doesn't make sense)Andrey Andreev1-1/+1
2014-01-03[ci skip] Remove a few spacesAndrey Andreev1-3/+3
2014-01-03A tiny improvement in ruri_string()Andrey Andreev1-6/+1
2013-11-27[ci skip] Remove a few more spacesAndrey Andreev1-1/+1
2013-11-17Always load application/config/constants.phpAndrey Andreev1-6/+4
2013-11-16Update CodeIgniter.phpjosephok1-9/+9
require(APPPATH.'config/constants.php') should be in front of require(BASEPATH.'core/Common.php') because Common.php uses some constants defined in constants.php.
2013-11-14Remove a function_exists() check for error_get_last()Andrey Andreev1-1/+1
It was only relevant until we dropped support for PHP < 5.2
2013-11-12Add CLI error templates and only send HTTP status headers for non-CLI ↵Andrey Andreev1-14/+39
requests (issue #1743)
2013-11-12Deprecate CI_Input::is_cli_request() and add common function is_cli() to ↵Andrey Andreev3-21/+23
replace it Calls to this function are often needed before the Input library is available
2013-11-11Polish changes from PR #2712Andrey Andreev1-4/+2
2013-11-11Merge pull request #2712 from pveyes/developAndrey Andreev1-2/+29
Enable HTTP Verb in Routing
2013-11-05Fix HTTP Verb Routing RulesFatih Kalifa1-18/+14
Fix code style, removed (:any) rule in http verb to avoid confusion, and add proposed documentation and changelog
2013-10-31Enable HTTP Verb in RoutingFatih Kalifa1-1/+32
Using array for HTTP Verb e.g: $route['(:any)']['POST'] = "controller/post_method"; $route['path']['GET'] = "controller/path_get_method"; $route['path']['(:any)'] = "controller/path_any_method"; Using (:any) or not will make same result e.g: $route['path']['(:any)'] == $route['path'] So it won't break existing route
2013-10-31Fix #2710Andrey Andreev1-2/+1
2013-10-31Apply trim() on the splitted code elementsAndrey Andreev1-164/+11
2013-10-30Escape PCRE delimitersAndrey Andreev1-2/+2
2013-10-28An alternative to CI_Output::_minify_script_style() using more efficient ↵Andrey Andreev1-5/+97
regexp patterns
2013-10-25Implement $protocol parameter in Config base_url() and site_url() methodsvlakoff1-6/+22
Let's keep the implementation logic in one place. Improves 2023c3d05b042cf1322286d69557c2b8bf3bd8d5.
2013-10-22Fix CSS minifierAndrey Andreev1-4/+4
2013-10-21Fix #2515 (manually merge PR #2516)Andrey Andreev1-4/+25
2013-10-18Eh ... preg_replace() needs a replacementAndrey Andreev1-2/+2
2013-10-18Fix issue #2681 (alternative to PR #2690)Andrey Andreev1-2/+2
2013-10-17Replace the last rand() with mt_rand()vlakoff1-2/+2
Better entropy, faster. Also fixed a few "it's" typos.
2013-10-16Fixed empty line at EOF and added changelog entryTomaz Lovrec1-1/+1
2013-10-16Added possibility clear out the cached variables from the Loader.Tomaz Lovrec1-1/+15
2013-10-14Fix #2682Andrey Andreev1-1/+1
2013-10-14Merge pull request #2668 from garthkerr/patch-1Andrey Andreev1-2/+2
Add return type for view loader.
2013-10-03partial fix #2667David Cox Jr1-1/+1
this fixes the ability to replace a space with a / and skip the XSS filtering
2013-10-03re-fixes #2637David Cox Jr1-1/+1
delimiter used for regex bounds found in neg. lookahead causes error using @ delimiter now for this expression
2013-10-02Add return type for view loader.garthkerr1-2/+2
When _ci_return is TRUE.
2013-09-27Script is killed with the proper exit code.Jesse van Assen1-1/+1
2013-09-24Merge pull request #2657 from DaveMC08/feature/fixes_2637Andrey Andreev1-1/+1
Fixes Issue #2637
generated by cgit v1.2.3-24-g4f1b (git 2.32.0) at 2024-07-08 19:18:39 +0200