summaryrefslogtreecommitdiffstats
path: root/system
AgeCommit message (Collapse)AuthorFilesLines
2011-04-19modified MySQL and MySQLi drivers to address a potential SQL injection ↵Derek Jones2-2/+32
attack vector when multi-byte character set connections are employed. (Does not impact Latin-1, UTF-8, etc. encodings)
2011-04-191/2 reverting a previous change to the form_helper. Wrapping hidden form ↵Greg Aker1-1/+1
elements in <div style="display:none"></div> instead of an empty div. If a user is styling form div {} they can run into display issues, so something is needed.
2011-04-19Removing internal references to the EXT constant. Additionally, marked the ↵Greg Aker22-112/+112
constant as deprecated. Use ".php" instead. Also adding upgrade notes from 2.0.2 to 2.0.3.
2011-04-18changeset: 2204:37301a84c8beGreg Aker1-6/+29
tag: tip user: Greg Aker <greg.aker@ellislab.com> date: Mon Apr 18 15:51:28 2011 -0500 summary: Adding toggle show/hide on database queries in the output profiler. Added a profiler config item to set a threshold of when to hide the queries by default. Additionally, fixed a bug I created earlier today by marking the $CI class var in CI_Profiler as private.
2011-04-18changeset: 2202:06a75a1bd622Greg Aker1-2/+2
tag: tip user: Greg Aker <greg.aker@ellislab.com> date: Mon Apr 18 11:10:37 2011 -0500 summary: Tweak to session class all_userdata() to just return the userdata array. Also documented previously undocumented all_userdata() method.
2011-04-18Added Session Class userdata to the output profiler. Additionally, added a ↵Greg Aker2-6/+42
show/hide toggle on HTTP Headers, Session Data and Config Variables.
2011-04-18Added an optional third parameter to heading() which allows adding html ↵Greg Aker1-2/+3
attributes to the rendered heading tag.
2011-04-18Changed path in footer comment of cache dummy.Eric Barnes1-12/+12
2011-04-18Changed server check to ensure SCRIPT_NAME is defined. Fixes #57Eric Barnes1-5/+5
2011-04-11Fix: codeigniter-reactor/199 cookie name was overwritten with token namepatwork1-2/+4
2011-04-11Fix: codeigniter-reactor/32 unicorns are no longer mutepatwork1-4/+4
2011-04-09Fix: codeigniter-reactor/199 CSRF config in Security class is no longer ignoredpatwork1-1/+10
2011-04-08Fix: codeigniter-reactor/127 Form_validation rule error loggingpatwork1-1/+5
2011-04-08There is absolutely no need to specify class name (it will validate anyway).patwork1-2/+2
2011-04-08Deals with language errors after codeigniter-reactor commit r2307:c43c6dea56fbpatwork1-22/+22
2011-04-08Fix: codeigniter-reactor/193 incorrect driver filepathspatwork1-2/+2
2011-04-08Fix: #192 CI version constant incorrect in core/CodeIgniterGreg Aker1-1/+1
2011-04-08Fixing a bug in the form_helper where csrf_token_name and csrf_hash were ↵Greg Aker1-1/+1
referencing class properties in the Security class that were moved.
2011-04-07Made in Output protected again, it was only ever made public by Eric to fix ↵Phil Sturgeon1-1/+1
an issue with the Dwoo MY_Parser, which is no reason to change core files. That Parser doesn't really even need the acess.
2011-04-07Changed the 'plural' function so that it doesn't ruin the captalization of ↵Phil Sturgeon1-13/+15
your string. It also take into consideration acronyms which are all caps.
2011-04-06Made Environment Support optional. Comment out or delete the constant to ↵Phil Sturgeon12-377/+419
stop environment checks.
2011-04-06Made Environment Support optional. Comment out or delete the constant to ↵Phil Sturgeon15-57/+54
stop environment checks.
2011-04-05Fixed a bug in the Javascript Library where improperly escaped characters ↵Pascal Kriete1-1/+1
could result in arbitrary javascript execution.
2011-04-05Removing dohash and deprecating CI_SHAPascal Kriete1-33/+1
2011-04-05Tightening up control character handling in urlsPascal Kriete1-23/+34
2011-04-05Removing security loading calls.Pascal Kriete4-26/+4
2011-04-05Moving security to core.Pascal Kriete4-10/+15
2011-04-05tweaking remove_invisible_characters to make urlencoded character stripping ↵Pascal Kriete1-15/+13
optional
2011-04-05Improving parameter security in xss cleanPascal Kriete1-269/+351
2011-04-03Fixed loading an array of libraries.Phil Sturgeon1-1/+1
2011-04-02Added CI_ Prefix to the Cache driver.Phil Sturgeon6-19/+19
2011-04-02Added is_cli_request() method to documentation for Input class.Phil Sturgeon1-0/+4
2011-04-02Removed double-spacing from ftp_lang.php sentances.Phil Sturgeon1-7/+7
2011-04-02Fixed issue #153 Escape Str Bug in MSSQL driverPhil Sturgeon1-3/+5
2011-04-01Merged changes.Phil Sturgeon1-13/+3
2011-03-25Fixed merge.Phil Sturgeon1-3/+3
2011-03-22->db->count_all_results() will now return an integer instead of a string.Phil Sturgeon1-2/+2
2011-03-22If you do is_really_writable() on a file that does not exist on a Windows ↵Eric Barnes1-1/+1
server or on a Unix box with safe_mode enabled, it will create the file and leave it there. Fixes #80
2011-03-22Added error logging to language. Fixes #32Eric Barnes1-0/+7
2011-03-22Fixed logic and removed the error supressingEric Barnes8-39/+34
2011-03-18Changed scope on parse_exec_vars. Fixes #145Eric Barnes1-7/+6
2011-03-18Fixed coding to match standards from previous releasesEric Barnes8-14/+14
2011-03-17load config files from environment specific locations in core classes, ↵bubbafoley11-14/+104
helpers and libraries
2011-03-17Added form_validation_lang entries for decimal, greater_than, less_than.Phil Sturgeon1-0/+3
2011-03-16Standardized newlines even more extensively in Input class.Phil Sturgeon1-1/+1
2011-03-15constants.php will be loaded from the environment specific config folder if ↵Phil Sturgeon1-2/+9
available.
2011-03-15Fixed upload issue reported by Valhallen and fixed by bubbafoley.Phil Sturgeon1-1/+1
2011-03-12Fixed the capitalization "bug" in the singular function as well.Kyle Farris1-6/+8
2011-03-11Forgot to trim the string first.Kyle Farris1-1/+2
2011-03-11Changed the 'plural' function so that it doesn't ruin the captalization of ↵Kyle Farris1-6/+5
your string. It also take into consideration acronyms which are all caps.