summaryrefslogtreecommitdiffstats
path: root/system/libraries/Input.php
AgeCommit message (Collapse)AuthorFilesLines
2008-05-05Added get_dir_file_info(), get_file_info(), and get_mime_by_extension() to ↵Derek Allard1-11/+11
the File Helper. Changed ( ! condition) into (! condition) within the code
2008-02-05* Fixed a bug (#3396) where certain POST variables would cause a PHP warning.Derek Jones1-6/+15
* Added $_SERVER, $_FILES, $_ENV, and $_SESSION to sanitization of globals.
2008-02-04changed URL decoding implementation of xss_clean() to use rawurldecode() to ↵Derek Jones1-6/+3
discontinue misconversion of characters to bad entities, and to continue avoidance of unwanted removal of + signs
2008-01-24added CI's global variables to the protected array in_sanitize_globals()Derek Jones1-3/+4
2008-01-21replaced www.codeigniter.com with codeigniter.comDerek Jones1-3/+3
2008-01-18ExpressionEngine Dev Team in creditDerek Allard1-2/+2
2007-10-04Fixed a typo in the docblock comments that had CodeIgniter spelled CodeIgnitor.Derek Allard1-1/+1
2007-07-16Switched from CI super object to $CFG to fetch charsetDerek Jones1-2/+2
2007-07-12added attribute and html entity decode callbacks to xss_clean()Derek Jones1-11/+69
2007-07-12further xss_clean() enhancementsDerek Jones1-30/+67
2007-06-28(no commit message)paulburdick1-1/+0
2007-06-28*Added filename_security() method to Input librarypaulburdick1-0/+50
*Modified the Router so that when Query Strings are Enabled, the controller trigger and function trigger values are sanitized for filename include security.
2007-06-28(no commit message)paulburdick1-4/+13
2007-06-28Improved XSS clean to not allowing this:paulburdick1-4/+12
xss_clean("<x<xss>ss <scr<xss>ipt a='>'>alert/**/('!');//*/</script</script >>");
2007-06-26(no commit message)paulburdick1-1/+1
2007-06-26*Updated the XSS Filtering to take into account the IE expression() abilitypaulburdick1-1/+7
2007-06-12(no commit message)Rick Ellis1-1/+1
2007-06-12(no commit message)Rick Ellis1-1/+1
2007-06-12(no commit message)Rick Ellis1-1/+1
2007-06-11(no commit message)Rick Ellis1-19/+17
2007-06-09(no commit message)Rick Ellis1-7/+10
2007-05-04Modified XSS Cleaning routine to be more performance friendly and compatible ↵Derek Jones1-8/+47
with PHP 5.2's new PCRE backtrack and recursion limits. - replaced link and image tag javascript sanitization preg_replace()'s with callback functions to avoid excessive backtracks on strings with many links / image tags.
2007-04-15update pMachine to EllisLabDerek Allard1-2/+2
update copyright year update Code Igniter to CodeIgniter
2007-03-01function post() duplicated, changed the second to function get()Derek Allard1-1/+1
2007-02-26(no commit message)Rick Ellis1-1/+73
2007-02-01removed unescaped variable that could be used in XSSDerek Allard1-639/+639
2007-01-13(no commit message)paulburdick1-8/+26
2006-11-20(no commit message)Rick Ellis1-2/+4
2006-11-01(no commit message)admin1-1/+0
2006-10-21(no commit message)admin1-19/+19
2006-10-21(no commit message)admin1-6/+6
2006-10-10(no commit message)admin1-2/+3
2006-10-08(no commit message)admin1-14/+50
2006-10-03(no commit message)admin1-65/+51
2006-10-03(no commit message)admin1-2/+15
2006-09-28(no commit message)admin1-1/+1
2006-09-21(no commit message)admin1-1/+1
2006-08-25Initial Importadmin1-0/+585