summaryrefslogtreecommitdiffstats
path: root/system/libraries
AgeCommit message (Collapse)AuthorFilesLines
2007-07-16further scaffolding language fixesDerek Allard1-0/+13
2007-07-16fix for scaffoldingDerek Allard1-1/+7
2007-07-12added attribute and html entity decode callbacks to xss_clean()Derek Jones1-11/+69
2007-07-12removed $return argument from load()Derek Jones1-2/+1
2007-07-12further xss_clean() enhancementsDerek Jones1-30/+67
2007-07-12added language files to autoloadDerek Allard2-12/+18
2007-07-12fixed quoted-printable in HTML emails, and added htmlspecialchars() to email ↵Derek Jones1-4/+100
debugging output
2007-07-11bugfix for profiler output: POST keys were not being displayed properly, and ↵Derek Jones1-2/+2
queries needed htmlspecialchars()
2007-07-11fixed log message typoDerek Allard1-1/+1
2007-06-28Instead of doing file name security for Enable Query Strings, I am using the ↵paulburdick1-6/+5
already existin _filter_uri()
2007-06-28(no commit message)paulburdick1-1/+0
2007-06-28*Added filename_security() method to Input librarypaulburdick1-0/+50
*Modified the Router so that when Query Strings are Enabled, the controller trigger and function trigger values are sanitized for filename include security.
2007-06-28*Modified the Router so that when Query Strings are Enabled, the controller ↵paulburdick1-3/+4
trigger and function trigger values are sanitized for filename include security.
2007-06-28(no commit message)paulburdick1-4/+13
2007-06-28Improved XSS clean to not allowing this:paulburdick1-4/+12
xss_clean("<x<xss>ss <scr<xss>ipt a='>'>alert/**/('!');//*/</script</script >>");
2007-06-26(no commit message)paulburdick1-1/+1
2007-06-26*Updated the XSS Filtering to take into account the IE expression() abilitypaulburdick1-1/+7
2007-06-24Modified the is_image() method in the Upload library to take into account ↵paulburdick1-5/+16
Windows IE 6/7 eccentricities when dealing with MIMEs
2007-06-24Fixed the do_xss_clean() method so that if file_get_contents returns FALSE, ↵paulburdick1-1/+1
then we return FALSE... Previously, if it did NOT return FALSE we returned FALSE and that is simply idiotic.
2007-06-18typo in commentsDerek Allard1-1/+1
2007-06-14(no commit message)Rick Ellis1-3/+3
2007-06-12(no commit message)Rick Ellis1-1/+1
2007-06-12(no commit message)Rick Ellis1-1/+1
2007-06-12(no commit message)Rick Ellis1-1/+1
2007-06-11(no commit message)Rick Ellis1-1/+1
2007-06-11(no commit message)Rick Ellis1-19/+17
2007-06-11(no commit message)Rick Ellis1-1/+1
2007-06-11(no commit message)Rick Ellis1-1/+1
2007-06-11(no commit message)Rick Ellis1-2/+2
2007-06-11(no commit message)Rick Ellis1-1/+1
2007-06-11(no commit message)Rick Ellis1-6/+8
2007-06-11(no commit message)Rick Ellis1-1/+1
2007-06-09(no commit message)Rick Ellis1-1/+1
2007-06-09(no commit message)Rick Ellis1-10/+23
2007-06-09(no commit message)Rick Ellis1-7/+10
2007-05-24typo fixDerek Allard1-1/+1
2007-05-04Modified XSS Cleaning routine to be more performance friendly and compatible ↵Derek Jones1-8/+47
with PHP 5.2's new PCRE backtrack and recursion limits. - replaced link and image tag javascript sanitization preg_replace()'s with callback functions to avoid excessive backtracks on strings with many links / image tags.
2007-05-02$this->base_url = preg_replace("/(.+?)\/*$/", "\\1/", $this->base_url);Derek Allard1-2/+2
changed to $this->base_url = rtrim($this->base_url, '/') .'/';
2007-05-02// Prep the current page - no funny business!Derek Allard1-1/+1
$this->cur_page = preg_replace("/[a-z\-]/", "", $this->cur_page); became // Prep the current page - no funny business! $this->cur_page = (int) $this->cur_page;
2007-05-01fixed a bug in the calendar libraryDerek Allard1-1/+1
2007-04-30fixed bug in outputDerek Allard1-1/+1
2007-04-30fixed a typo in rpcs.php libraryDerek Allard1-1/+1
2007-04-27(no commit message)Rick Ellis1-1/+1
2007-04-27modified _add_data() to be compatible with OS XDerek Jones1-5/+2
(removed CRC and length from end of file stream)
2007-04-24fixed router but that was ignoring the scaffolding route for optimizationDerek Allard1-2/+3
2007-04-15update pMachine to EllisLabDerek Allard32-10784/+10784
update copyright year update Code Igniter to CodeIgniter
2007-04-10typo fixDerek Allard1-1/+1
2007-04-03array to string additionDerek Allard1-202/+212
http://codeigniter.com/forums/viewthread/46994/
2007-03-01function post() duplicated, changed the second to function get()Derek Allard1-1/+1
2007-02-26(no commit message)Rick Ellis1-1/+73