summaryrefslogtreecommitdiffstats
path: root/system/libraries
AgeCommit message (Collapse)AuthorFilesLines
2007-06-28(no commit message)paulburdick1-1/+0
2007-06-28*Added filename_security() method to Input librarypaulburdick1-0/+50
*Modified the Router so that when Query Strings are Enabled, the controller trigger and function trigger values are sanitized for filename include security.
2007-06-28*Modified the Router so that when Query Strings are Enabled, the controller ↵paulburdick1-3/+4
trigger and function trigger values are sanitized for filename include security.
2007-06-28(no commit message)paulburdick1-4/+13
2007-06-28Improved XSS clean to not allowing this:paulburdick1-4/+12
xss_clean("<x<xss>ss <scr<xss>ipt a='>'>alert/**/('!');//*/</script</script >>");
2007-06-26(no commit message)paulburdick1-1/+1
2007-06-26*Updated the XSS Filtering to take into account the IE expression() abilitypaulburdick1-1/+7
2007-06-24Modified the is_image() method in the Upload library to take into account ↵paulburdick1-5/+16
Windows IE 6/7 eccentricities when dealing with MIMEs
2007-06-24Fixed the do_xss_clean() method so that if file_get_contents returns FALSE, ↵paulburdick1-1/+1
then we return FALSE... Previously, if it did NOT return FALSE we returned FALSE and that is simply idiotic.
2007-06-18typo in commentsDerek Allard1-1/+1
2007-06-14(no commit message)Rick Ellis1-3/+3
2007-06-12(no commit message)Rick Ellis1-1/+1
2007-06-12(no commit message)Rick Ellis1-1/+1
2007-06-12(no commit message)Rick Ellis1-1/+1
2007-06-11(no commit message)Rick Ellis1-1/+1
2007-06-11(no commit message)Rick Ellis1-19/+17
2007-06-11(no commit message)Rick Ellis1-1/+1
2007-06-11(no commit message)Rick Ellis1-1/+1
2007-06-11(no commit message)Rick Ellis1-2/+2
2007-06-11(no commit message)Rick Ellis1-1/+1
2007-06-11(no commit message)Rick Ellis1-6/+8
2007-06-11(no commit message)Rick Ellis1-1/+1
2007-06-09(no commit message)Rick Ellis1-1/+1
2007-06-09(no commit message)Rick Ellis1-10/+23
2007-06-09(no commit message)Rick Ellis1-7/+10
2007-05-24typo fixDerek Allard1-1/+1
2007-05-04Modified XSS Cleaning routine to be more performance friendly and compatible ↵Derek Jones1-8/+47
with PHP 5.2's new PCRE backtrack and recursion limits. - replaced link and image tag javascript sanitization preg_replace()'s with callback functions to avoid excessive backtracks on strings with many links / image tags.
2007-05-02$this->base_url = preg_replace("/(.+?)\/*$/", "\\1/", $this->base_url);Derek Allard1-2/+2
changed to $this->base_url = rtrim($this->base_url, '/') .'/';
2007-05-02// Prep the current page - no funny business!Derek Allard1-1/+1
$this->cur_page = preg_replace("/[a-z\-]/", "", $this->cur_page); became // Prep the current page - no funny business! $this->cur_page = (int) $this->cur_page;
2007-05-01fixed a bug in the calendar libraryDerek Allard1-1/+1
2007-04-30fixed bug in outputDerek Allard1-1/+1
2007-04-30fixed a typo in rpcs.php libraryDerek Allard1-1/+1
2007-04-27(no commit message)Rick Ellis1-1/+1
2007-04-27modified _add_data() to be compatible with OS XDerek Jones1-5/+2
(removed CRC and length from end of file stream)
2007-04-24fixed router but that was ignoring the scaffolding route for optimizationDerek Allard1-2/+3
2007-04-15update pMachine to EllisLabDerek Allard32-10784/+10784
update copyright year update Code Igniter to CodeIgniter
2007-04-10typo fixDerek Allard1-1/+1
2007-04-03array to string additionDerek Allard1-202/+212
http://codeigniter.com/forums/viewthread/46994/
2007-03-01function post() duplicated, changed the second to function get()Derek Allard1-1/+1
2007-02-26(no commit message)Rick Ellis1-1/+73
2007-02-15reverted a change user testing revealed a flaw.Derek Allard1-1/+4
2007-02-15allow for extending modelsDerek Allard1-4/+1
2007-02-14fixed an undefined varDerek Allard1-0/+2
2007-02-07fixed grammer error in show_error messageDerek Allard1-1/+1
2007-02-06Fixed a typo in error messageDerek Allard1-930/+930
2007-02-05(no commit message)Rick Ellis1-3/+2
2007-02-05(no commit message)Rick Ellis1-3/+3
2007-02-01fixed resize bug that was comparing height to width instead of height to ↵Derek Allard1-1526/+1526
original height
2007-02-01removed unescaped variable that could be used in XSSDerek Allard2-1199/+1199
2007-01-28log_exception() printed severity twice... fixed.Derek Allard1-169/+169