Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2007-07-22 | (no commit message) | Rick Ellis | 1 | -1/+1 | |
2007-07-21 | (no commit message) | Rick Ellis | 1 | -2/+7 | |
2007-07-20 | (no commit message) | Rick Ellis | 4 | -234/+262 | |
2007-07-16 | Switched from CI super object to $CFG to fetch charset | Derek Jones | 1 | -2/+2 | |
2007-07-16 | comment clean up | Derek Allard | 1 | -3/+2 | |
2007-07-16 | further scaffolding language fixes | Derek Allard | 1 | -0/+13 | |
2007-07-16 | fix for scaffolding | Derek Allard | 1 | -1/+7 | |
2007-07-12 | added attribute and html entity decode callbacks to xss_clean() | Derek Jones | 1 | -11/+69 | |
2007-07-12 | removed $return argument from load() | Derek Jones | 1 | -2/+1 | |
2007-07-12 | further xss_clean() enhancements | Derek Jones | 1 | -30/+67 | |
2007-07-12 | added language files to autoload | Derek Allard | 2 | -12/+18 | |
2007-07-12 | fixed quoted-printable in HTML emails, and added htmlspecialchars() to email ↵ | Derek Jones | 1 | -4/+100 | |
debugging output | |||||
2007-07-11 | bugfix for profiler output: POST keys were not being displayed properly, and ↵ | Derek Jones | 1 | -2/+2 | |
queries needed htmlspecialchars() | |||||
2007-07-11 | fixed log message typo | Derek Allard | 1 | -1/+1 | |
2007-06-28 | Instead of doing file name security for Enable Query Strings, I am using the ↵ | paulburdick | 1 | -6/+5 | |
already existin _filter_uri() | |||||
2007-06-28 | (no commit message) | paulburdick | 1 | -1/+0 | |
2007-06-28 | *Added filename_security() method to Input library | paulburdick | 1 | -0/+50 | |
*Modified the Router so that when Query Strings are Enabled, the controller trigger and function trigger values are sanitized for filename include security. | |||||
2007-06-28 | *Modified the Router so that when Query Strings are Enabled, the controller ↵ | paulburdick | 1 | -3/+4 | |
trigger and function trigger values are sanitized for filename include security. | |||||
2007-06-28 | (no commit message) | paulburdick | 1 | -4/+13 | |
2007-06-28 | Improved XSS clean to not allowing this: | paulburdick | 1 | -4/+12 | |
xss_clean("<x<xss>ss <scr<xss>ipt a='>'>alert/**/('!');//*/</script</script >>"); | |||||
2007-06-26 | (no commit message) | paulburdick | 1 | -1/+1 | |
2007-06-26 | *Updated the XSS Filtering to take into account the IE expression() ability | paulburdick | 1 | -1/+7 | |
2007-06-24 | Modified the is_image() method in the Upload library to take into account ↵ | paulburdick | 1 | -5/+16 | |
Windows IE 6/7 eccentricities when dealing with MIMEs | |||||
2007-06-24 | Fixed the do_xss_clean() method so that if file_get_contents returns FALSE, ↵ | paulburdick | 1 | -1/+1 | |
then we return FALSE... Previously, if it did NOT return FALSE we returned FALSE and that is simply idiotic. | |||||
2007-06-18 | typo in comments | Derek Allard | 1 | -1/+1 | |
2007-06-14 | (no commit message) | Rick Ellis | 1 | -3/+3 | |
2007-06-12 | (no commit message) | Rick Ellis | 1 | -1/+1 | |
2007-06-12 | (no commit message) | Rick Ellis | 1 | -1/+1 | |
2007-06-12 | (no commit message) | Rick Ellis | 1 | -1/+1 | |
2007-06-11 | (no commit message) | Rick Ellis | 1 | -1/+1 | |
2007-06-11 | (no commit message) | Rick Ellis | 1 | -19/+17 | |
2007-06-11 | (no commit message) | Rick Ellis | 1 | -1/+1 | |
2007-06-11 | (no commit message) | Rick Ellis | 1 | -1/+1 | |
2007-06-11 | (no commit message) | Rick Ellis | 1 | -2/+2 | |
2007-06-11 | (no commit message) | Rick Ellis | 1 | -1/+1 | |
2007-06-11 | (no commit message) | Rick Ellis | 1 | -6/+8 | |
2007-06-11 | (no commit message) | Rick Ellis | 1 | -1/+1 | |
2007-06-09 | (no commit message) | Rick Ellis | 1 | -1/+1 | |
2007-06-09 | (no commit message) | Rick Ellis | 1 | -10/+23 | |
2007-06-09 | (no commit message) | Rick Ellis | 1 | -7/+10 | |
2007-05-24 | typo fix | Derek Allard | 1 | -1/+1 | |
2007-05-04 | Modified XSS Cleaning routine to be more performance friendly and compatible ↵ | Derek Jones | 1 | -8/+47 | |
with PHP 5.2's new PCRE backtrack and recursion limits. - replaced link and image tag javascript sanitization preg_replace()'s with callback functions to avoid excessive backtracks on strings with many links / image tags. | |||||
2007-05-02 | $this->base_url = preg_replace("/(.+?)\/*$/", "\\1/", $this->base_url); | Derek Allard | 1 | -2/+2 | |
changed to $this->base_url = rtrim($this->base_url, '/') .'/'; | |||||
2007-05-02 | // Prep the current page - no funny business! | Derek Allard | 1 | -1/+1 | |
$this->cur_page = preg_replace("/[a-z\-]/", "", $this->cur_page); became // Prep the current page - no funny business! $this->cur_page = (int) $this->cur_page; | |||||
2007-05-01 | fixed a bug in the calendar library | Derek Allard | 1 | -1/+1 | |
2007-04-30 | fixed bug in output | Derek Allard | 1 | -1/+1 | |
2007-04-30 | fixed a typo in rpcs.php library | Derek Allard | 1 | -1/+1 | |
2007-04-27 | (no commit message) | Rick Ellis | 1 | -1/+1 | |
2007-04-27 | modified _add_data() to be compatible with OS X | Derek Jones | 1 | -5/+2 | |
(removed CRC and length from end of file stream) | |||||
2007-04-24 | fixed router but that was ignoring the scaffolding route for optimization | Derek Allard | 1 | -2/+3 | |