summaryrefslogtreecommitdiffstats
path: root/system/libraries
AgeCommit message (Collapse)AuthorFilesLines
2008-09-04removed random invisible character (ASCII 194) from HTML and PHP filesDerek Jones1-3/+3
2008-08-31grammar changesDerek Allard2-2/+2
2008-08-27Fixed an empty string errorRick Ellis1-1/+1
2008-08-27added isindex to the list of naughty never allowed tags in xss_clean()Derek Jones1-1/+1
2008-08-27modified regex for image tag sanitization to retain trailing space and ↵Derek Jones1-1/+1
closing slash to remain valid XHTML
2008-08-27Fixed a variable that was set wrongRick Ellis1-1/+1
2008-08-26(no commit message)Rick Ellis1-0/+1220
2008-08-26Made some changes for compatibility with the new form validation classRick Ellis1-61/+32
2008-08-26(no commit message)Rick Ellis1-1/+1
2008-08-26Made a Loader changes so that the new validation class will work.Rick Ellis1-5/+9
Made some doc style changes
2008-08-22Fixed a comment typoRick Ellis1-1/+1
2008-08-21Added a bit more error trapping in the load() functionRick Ellis1-0/+5
2008-08-21Added the ability to assign a custom object name when loading a library.Rick Ellis1-9/+56
Added some code that looks to see if a library is in a subdirectory if the class is not found, and if the path was not specified
2008-08-21whitespace fixesDerek Allard6-115/+115
a minor re-ordering of the changelog
2008-08-21Fixed a bug in is_natural_no_zeroRick Ellis1-1/+11
2008-08-21Updated the Session class so that if a database is being used, any custom ↵Rick Ellis1-213/+254
data is stored to the DB rather then the cookie.
2008-08-21(no commit message)Rick Ellis1-30/+30
2008-08-21Added two new functions: is_natural and is_natural_no_zeroRick Ellis1-1/+29
2008-08-20Changed the output of the profiler to use style attribute rather then clear, ↵Derek Allard1-2/+2
and added the id "codeigniter_profiler" to the container div
2008-08-15changed entity standardization to require at least two characters after an ↵Derek Jones1-1/+1
ampersand before forcing a semi-colon
2008-08-12(no commit message)Rick Ellis1-2/+2
2008-08-12Added support for libraries in subdirectoriesRick Ellis1-2/+22
2008-08-06added killing of nulls to _prep_quoted_printable()Derek Jones1-1/+4
2008-08-06fixed bug where dechex() was being fed the wrong variable for encoding space ↵Derek Jones1-1/+1
and tab characters at the end of a line of quoted-printable encoded content
2008-07-13removed unnecessary foreach() loop for a str_replace()Derek Jones1-4/+1
2008-07-03re-included URL encoded characters within _remove_invisible_characters() ↵Derek Jones1-1/+3
which were mistakenly pulled out in a previous commit, not released
2008-07-03changed link and image regex to be more precise in matching tags, reducing ↵Derek Jones1-3/+3
false positive matches
2008-07-01Changed regex for onfoo event handlers to prevent unwanted matching of text ↵Derek Jones1-4/+4
such as locatiON, cONtent, etc.
2008-06-30whitespaceDerek Jones1-1/+0
2008-06-30simplified regex for _remove_invisible_characters() - since we ↵Derek Jones1-5/+4
rawurldecode() the string, there's no need to go looking for url encoded characters here
2008-06-27Moved the <label> output ability from the language library to a language ↵Derek Jones1-8/+1
helper (hotfix for 1.6.3)
2008-06-27Fixed a double opening &lt;p&gt; tag in the index pages of each system ↵Derek Allard1-8/+3
directory.
2008-06-26changed your-site.com to example.com doc-wideDerek Jones1-1/+1
2008-06-25fixed accidental removal of $converted_string in xss_clean() for image ↵Derek Jones1-0/+5
comparison
2008-06-25added a bit of leeway for images to avoid the more common false-positives ↵Derek Jones1-2/+11
that using xss_clean() on image files might trigger
2008-06-25Further improvements to xss_clean()Derek Jones1-47/+83
2008-06-20Added the ability to automatically output language items as form labels in ↵Derek Allard1-3/+11
the Language class.
2008-06-20Added get_post() to the Input class.Derek Allard1-0/+22
Documented get() in the Input class.
2008-06-16correcting some docblock commentsDerek Allard5-15/+15
2008-06-06added quoted-printable headers when $this->send_multipart has been manually ↵Derek Jones1-1/+2
changed to FALSE
2008-06-06Removed an unused Router reference in _display_cache().Derek Allard1-3/+1
2008-06-04picky picky Jones adjusts some syntaxDerek Jones1-2/+1
2008-06-04a few tweaks for speedDerek Allard1-3/+4
2008-06-04simplified and refactored input filtering and retrievalDerek Jones1-97/+32
2008-06-04emendation to on* event handler removalDerek Jones1-3/+2
2008-05-30decided just to kill all on*= event handlers, rather than trying to keep up ↵Derek Jones1-2/+2
with (and require users to do the same) with a blacklist.
2008-05-30moved word compacting to a callback for clarity, added a few js event ↵Derek Jones1-3/+20
handlers for removal
2008-05-22Fixed a bug (#4561) where orhaving() wasn't properly passing values.Derek Allard2-2/+0
Removed some unused variables from the code (#4563). Fixed a bug where having() was not adding an = into the statement (#4568).
2008-05-21more complete protection against malformed link tags to protect against hex ↵Derek Jones1-13/+25
entities and href=data:url exploits
2008-05-21customizable query stringDerek Allard1-6/+21