Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2014-02-20 | Don't use error suppression on ini_get() either | Andrey Andreev | 1 | -1/+1 | |
2014-02-11 | 2013 > 2014 | darwinel | 1 | -1/+1 | |
Update copyright notices from 2013 to 2014. And update one calendar example in user_guide from year 2013/2014 to 2014/2015. | |||||
2014-01-08 | Optimize get_instance() calls/assignments | Andrey Andreev | 1 | -10/+13 | |
2014-01-08 | A tiny improvement in CI_Upload::do_xss_clean() | Andrey Andreev | 1 | -2/+1 | |
2013-10-21 | Add CI_Upload:: option | Andrey Andreev | 1 | -1/+9 | |
2013-09-13 | Improvements to safe_mode detection (it doesn't exist in PHP 5.4) | Andrey Andreev | 1 | -1/+1 | |
2013-08-06 | Various typos and tabs adjustments | vlakoff | 1 | -1/+1 | |
2013-07-17 | Merge pull request #2417 from thefuzzy0ne/fix/upload_dry | Andrey Andreev | 1 | -9/+5 | |
Fix/upload dry | |||||
2013-06-25 | New var name to make it more comprehensive | Adrian | 1 | -7/+10 | |
Changes to follow the styleguide, proposed by narfbg (thanks to him) | |||||
2013-06-24 | Add a config var to let the choice of having the lower case on the ↵ | Adrian | 1 | -1/+13 | |
extensions when uploading. The default value is set to FALSE. | |||||
2013-06-24 | Force the file extension to lower case | Adrian | 1 | -2/+2 | |
2013-04-01 | Merge pull request #2369 from vlakoff/develop-2 | Andrey Andreev | 1 | -1/+0 | |
Some cleanup related to mt_rand() | |||||
2013-03-30 | Reverted indenting spaces back to tabs. | Darren Benney | 1 | -9/+9 | |
(My fault - Sorry!) | |||||
2013-03-30 | Made set_error() method DRY. | Darren Benney | 1 | -14/+10 | |
2013-03-30 | Modified do_upload() to use UPLOAD_ERR constants. | Darren Benney | 1 | -7/+7 | |
Modified switchcase in the do_upload() use the UPLOAD_ERR_* constants, instead of just using an integer, and then commenting out the constant beside it. | |||||
2013-03-30 | Some cleanup related to mt_rand() | vlakoff | 1 | -1/+0 | |
- min and max values are 0 and mt_getrandmax() by default - remove useless mt_srand() seed calls | |||||
2013-02-19 | Fix a code comment in Upload->_file_mime_type() | vlakoff | 1 | -2/+2 | |
Availability of dangerous functions is now tested using function_usable(). | |||||
2013-02-15 | Various cosmetic fixes | vlakoff | 1 | -2/+2 | |
2013-01-29 | Replace CI_Upload::clean_file_name() usage with CI_Security::sanitize_filename() | Andrey Andreev | 1 | -48/+2 | |
Also applied @xeptor's fix (a big thanks) to the sanitize_filename() method and added a changelog entry for it - fixes issue #73. | |||||
2013-01-28 | Remove str_replace in return | gommarah | 1 | -1/+1 | |
2013-01-28 | Upload library, clean_file_name function: Fix xss bug. | gommarah | 1 | -0/+7 | |
For example: If you clear this string "%%3f3f" according to the $bad array will fail. The result will be "%3f" Because str_replace() replaces left to right. Signed-off-by: xeptor <servetozkan@live.com> | |||||
2013-01-01 | [ci skip] Happy new year | Andrey Andreev | 1 | -1/+1 | |
2012-12-03 | Add min_width and min_height options to the Upload class | Andrey Andreev | 1 | -0/+52 | |
(manually implementing outdated PR #636) | |||||
2012-12-03 | [ci skip] Cleaned some spaces | Andrey Andreev | 1 | -1/+0 | |
2012-11-07 | Added function_usable() to common functions | Andrey Andreev | 1 | -3/+3 | |
It is now used to check whether dangerous functions like eval() and exec() are available. It appears that the Suhosin extension (which is becoming popular) terminates script execution instead of returning e.g. FALSE when it has a function blacklisted. function_exists() checks are insufficient and our only option is to check the ini settings here. Filed an issue here: https://github.com/stefanesser/suhosin/issues/18 ... hopefully we'll be able to deal with this in a more elegant way in the future. (this commit supersedes PR #1809) | |||||
2012-11-01 | [ci skip] DocBlocks for Upload and Xmlrpc libraries | Andrey Andreev | 1 | -31/+203 | |
Partially fixes issue #1295 | |||||
2012-11-01 | Manually apply PR #1594 (fixing phpdoc page-level generation/warnings) | Andrey Andreev | 1 | -1/+2 | |
Also partially fixes issue #1295, fixes inconsistencies in some page-level docblocks and adds include checks in language files. | |||||
2012-10-24 | [ci skip] style and phpdoc-related changes (rel #1295) | Andrey Andreev | 1 | -1/+3 | |
2012-06-16 | Add an option to disable MIME detection in the Upload library (issue #1494) | Andrey Andreev | 1 | -3/+13 | |
2012-06-11 | fixes | Michiel Vugteveen | 1 | -1/+1 | |
2012-06-11 | fixes | Michiel Vugteveen | 1 | -3/+3 | |
2012-06-11 | tab fixes | Michiel Vugteveen | 1 | -9/+9 | |
2012-06-11 | get upload data with index key | Michiel Vugteveen | 1 | -11/+19 | |
2012-06-07 | Remove some unnecessary function_exists() checks and some minor improvements | Andrey Andreev | 1 | -13/+7 | |
2012-06-05 | Added get_mimes() function to system/core/Commons.php.The MIMEs array from ↵ | Andrey Andreev | 1 | -19/+2 | |
config/mimes.php is used by multiple core classes, libraries and helpers and each of them has implemented an own way of getting it, which is not needed and is hard to maintain. This also fixes issue #1411 | |||||
2012-06-04 | Direct return from mimes config, instead of using global $mimes; | Phil Sturgeon | 1 | -4/+2 | |
Global variables are generally a terrible idea, especially for something as simple as this. The mimes.php now returns an array instead of just injecting a variable name into the global namespace. | |||||
2012-06-04 | Revert/optimize some changes from 773ccc318f2769c9b7579630569b5d8ba47b114b ↵ | Andrey Andreev | 1 | -2/+2 | |
and d261b1e89c3d4d5191036d5a5660ef6764e593a0 | |||||
2012-06-02 | Replaced `==` with `===` and `!=` with `!==` in /system/libraries | Alex Bilbie | 1 | -14/+14 | |
2012-05-24 | Fix issues #44 & #110 | Andrey Andreev | 1 | -0/+2 | |
2012-05-17 | Clean up the libraries | Andrey Andreev | 1 | -2/+2 | |
2012-05-11 | Fix issue #1349 | Andrey Andreev | 1 | -1/+1 | |
2012-05-05 | Added a return false if an image doesn't pass XSS cleaning to prevent ↵ | Wes Baker | 1 | -1/+5 | |
file_get_contents from returning a NULL and passing through unscathed. | |||||
2012-03-26 | Remove access description lines and cleanup the Upload library | Andrey Andreev | 1 | -182/+146 | |
2012-03-09 | Bumped CodeIgniter's PHP requirement to 5.2.4. | Phil Sturgeon | 1 | -1/+1 | |
Yes I know PHP 5.4 just came out, and yes I know PHP 5.3 has lovely features, but there are plenty of corporate systems running on CodeIgniter and PHP 5.3 still is not widely supported enough. CodeIgniter is great for distributed applications, and this is the highest we can reasonably go without breaking support. PHP 5.3 will most likely happen in another year or so. Fingers crossed on that one anyway... | |||||
2012-03-04 | Merge branch 'develop' of github.com:EllisLab/CodeIgniter into develop | Phil Sturgeon | 1 | -10/+8 | |
2012-03-04 | Merged conflicts. | Phil Sturgeon | 1 | -1/+1 | |
2012-03-03 | Fixed a bug - CI_Upload::_file_mime_type() could've failed if popen() is ↵ | tubalmartin | 1 | -1/+1 | |
used for the detection. | |||||
2012-03-01 | Fix issue #153 (E_NOTICE generated by getimagesize()) | Andrey Andreev | 1 | -9/+7 | |
2012-02-29 | removed double slash | Michiel Vugteveen | 1 | -1/+1 | |
2012-02-29 | Merged in 2.1-stable changes. | Phil Sturgeon | 1 | -23/+80 | |