summaryrefslogtreecommitdiffstats
path: root/system/libraries/Session
AgeCommit message (Collapse)AuthorFilesLines
2014-02-06Make CI_Session's HMAC comparison time-attack-safeAndrey Andreev1-1/+9
2014-01-24Righting a wrong in the Session libraryAndrey Andreev1-40/+49
- Change userdata(), flashdata(), tempdata() to return all the respective data when no parameter is passed. - Revert the addition of all_flashdata(). - Deprecate all_userdata(). - Fix related changelog entries that were all inconsistent.
2014-01-08Fix 2 errors caused by recent commitsAndrey Andreev1-1/+1
2014-01-08Make newline standardization configurableAndrey Andreev1-1/+24
Added ['standardize_newlines'] Also altered the Session cookie driver, which experienced issues with this feature due to it's HMAC verification failing after the Input class alters newlines in non-encrypted session cookies. Supersedes PR #2470
2014-01-06Make CI_Session's set_userdata(), set_flashdata(), set_tempdata(), ↵Andrey Andreev1-5/+5
unset_userdata() and unset_flashdata()'s first parameter mandatory
2013-12-23Remove _serialize() and _unserialize() methodsJordan Eldredge1-34/+4
Since removing the unneeded manual escaping code, there is no-longer any reason to have the serialization functions abstracted. This also allows us to only suppress errors when unserializing cookie data, and only trim when we are unserializing database data (see commit 6b8312).
2013-12-21Remove unneeded manual escaping of session dataJordan Eldredge1-60/+3
2013-12-13Merge pull request #2764 from refringe/feature/cookie_sessionAndrey Andreev1-1/+1
Issue #2763 - Fixes Session GC Probability Calculation
2013-12-13Issue #2763 - Fixes Session GC Probability CalculationTyler Brownell1-1/+1
This should resolve issue #2763 where the cookie session garbage collection was running every request.
2013-11-12Deprecate CI_Input::is_cli_request() and add common function is_cli() to ↵Andrey Andreev1-4/+4
replace it Calls to this function are often needed before the Input library is available
2013-07-31Optimize CI_Session::__construct() routines and make driver validity check ↵Andrey Andreev1-21/+18
stricter
2013-07-17Cherry-picking some changes from PR #2425:Andrey Andreev2-1/+14
- Session events logging (debug) - Bug fix for OCI8 method stored_procedure()
2013-03-30Some cleanup related to mt_rand()vlakoff1-2/+1
- min and max values are 0 and mt_getrandmax() by default - remove useless mt_srand() seed calls
2013-03-02Fix Session cookie driver storing untrimmed user agent string in the ↵Daniel Robbins1-1/+1
database causing set_userdata() calls to fail when $config['sess_match_useragent'] = TRUE Signed-off-by: Daniel Robbins <github@danieljrobbins.com>
2013-02-19Issue #2086 Session_cookie's _update_db not guaranteed to updateDionysis Arvanitis1-0/+3
2013-02-08[ci skip] Add a missing spaceAndrey Andreev1-1/+1
2013-01-01[ci skip] Happy new yearAndrey Andreev3-3/+3
2012-12-17Fix #2074Andrey Andreev1-1/+1
2012-11-26Manually implement PR #2033Andrey Andreev1-1/+1
Check for an empty encryption_key shouldn't use strict comparison.
2012-11-25Merge pull request #2026 from johnathancroom/keep_flash_data_arrayAndrey Andreev1-1/+12
keep_flashdata accepts array
2012-11-25Improved array keey_flashdata + ChangelogJohnathan Croom1-13/+15
2012-11-25Added support for extending individual driver classes and driver unit testsdchill421-11/+9
Signed-off-by: dchill42 <dchill42@gmail.com>
2012-11-24Requested changed to keep_flashdataJohnathan Croom1-4/+3
2012-11-24keep_flashdata accepts arrayJohnathan Croom1-8/+18
2012-11-21Change fs permissions and add some missing index.html files (#2017)Andrey Andreev5-0/+20
2012-11-02Some micro-optimizationsAndrey Andreev1-1/+1
2012-11-01[ci skip] DocBlocks for Pagination, Session, Trackback, Jquery librariesAndrey Andreev1-0/+29
Partially fixes issue #1295
2012-11-01Manually apply PR #1594 (fixing phpdoc page-level generation/warnings)Andrey Andreev3-6/+9
Also partially fixes issue #1295, fixes inconsistencies in some page-level docblocks and adds include checks in language files.
2012-11-01Session cookie driver changesAndrey Andreev1-5/+31
- Changed docs CREATE TABLE ci_sessions example to have the PRIMARY KEY of session_id, ip_address and user_agent combined. - Changed DB updates to add WHERE clauses for the ip_address and/or user_agent strings if sess_match_ip and/or sess_match_useragent are set to TRUE.
2012-10-27Remove extra spaces...vkeranov1-3/+3
2012-10-27Remove extra space...vkeranov1-1/+1
2012-10-27Fix #50Andrey Andreev1-4/+1
2012-10-18Fix Session cookies not being encrypted on creation and sess_destroy() not ↵Andrey Andreev1-2/+2
actually deleting cookies
2012-10-17Merge pull request #1896 from pkriete/developPascal Kriete1-19/+26
Updating the cookie driver to use HMAC authentication on all cookie data
2012-10-17Changing session error logging verbiage to be a little less unsettling.Pascal Kriete1-1/+1
Signed-off-by: Pascal Kriete <pascal@pascalkriete.com>
2012-10-16session native, fix cookie settingsGDmac1-14/+2
Signed-off-by: GDmac <grdalenoort@gmail.com>
2012-10-16Updating the cookie driver to use HMAC authentication on all cookie data.Pascal Kriete1-19/+26
Signed-off-by: Pascal Kriete <pascal@pascalkriete.com>
2012-10-16Native PHP Session, don't regenerate session_id during ajaxGDmac1-2/+6
Signed-off-by: GDmac <grdalenoort@gmail.com>
2012-10-16Session Native, respect cookie settingsGDmac1-3/+21
Respect config settings for cookie_secure and cookie_httponly Signed-off-by: GDmac <grdalenoort@gmail.com>
2012-10-15Partially fix #1702Andrey Andreev2-2/+2
2012-10-09Disable Session library under CLI and create a CI singleton to be used by ↵Andrey Andreev3-17/+31
its drivers
2012-09-05Misc. style changesAndrey Andreev1-1/+1
2012-09-05Cleanup and optimize new Session classesAndrey Andreev3-128/+221
2012-09-04That doesn't go there. Put cache fix around correct query.dchill421-11/+11
Signed-off-by: dchill42 <dchill42@gmail.com>
2012-09-04Fixed issues #1756 and #1711dchill421-0/+12
Signed-off-by: dchill42 <dchill42@gmail.com>
2012-08-29Fixed defaults and database check, reverted redundant shutdown featuredchill422-51/+5
Signed-off-by: dchill42 <dchill42@gmail.com>
2012-08-29Extracted cookie database saves to shutdown and cleaned up codedchill422-135/+169
Signed-off-by: dchill42 <dchill42@gmail.com>
2012-08-27Fixed select_driver(), cookie sess_destroy(), and native cookie name conflictdchill423-6/+10
2012-08-12Updated comments about default driverdchill421-2/+2
2012-08-08Added session_id to userdata and applied sess_time_to_updatedchill421-0/+13