summaryrefslogtreecommitdiffstats
path: root/system
AgeCommit message (Collapse)AuthorFilesLines
2015-07-23Update path_helper.phprajatsharma941-1/+1
2015-07-23Security check updated.rajatsharma941-1/+1
All security check conditions are modified according to CI styleguide.
2015-07-23Update path_helper.phprajatsharma941-1/+1
2015-07-23IP checking false positives and no ipv6 checkrajatsharma941-1/+1
The currently implemented method marks all IPs between 0.0.0.0 - 999.999.999.999 as valid IP Address. Which generates false positives as any IP after 255.255.255.255 is not a valid IP address. Also, there is no check for IPv6 IP addresses. filter_var() solves both the issues.
2015-07-23IP Address checking generates false positives.medhavini1-1/+1
IP Address checking marks all IPs between 0.0.0.0 - 999.999.999.999 as valid IP Address. Which is not true.
2015-07-20Failed security checkrajatsharma941-2/+1
The implemented security check to make sure the path is NOT a URL can easily be bypassed (gives false negative) for all subdomains. Eg "subdomain.domain.com" should ideally show an error but it does not. The new security check tries to make a fsockopen connection to validate whether the URL is external or not.
2015-07-20Security check failmedhavini1-0/+1
Security check condition to check that the path is NOT a URL may give false negative in case of subdomains. Where URLs don't start with http or www.
2015-07-20Fix #3279Andrey Andreev1-4/+4
2015-07-20Fix an internal bug in QB where() escapingAndrey Andreev1-4/+1
This is not a supported use case, but if QB escaping is force-disabled, string values passed to where() or having() aren't escaped. That's wrong because escape-disabling should only be possible for identifiers and not values. Reported via the forums: http://forum.codeigniter.com/thread-62478.html
2015-07-17Fix #3752Andrey Andreev1-21/+22
2015-07-17[ci skip] Fix #3778Andrey Andreev1-15/+6
2015-07-17[ci skip] Fix a bug reported via PR #3704Andrey Andreev1-23/+20
2015-07-16Add 'ssl_verify' option for mysqli driverAndrey Andreev1-0/+5
MYSQLI_OPT_SSL_VERIFY_SERVER_CERT is an undocumented option that may not always be available. Reference: http://svn.php.net/viewvc/php/php-src/trunk/ext/mysqli/tests/mysqli_constants.phpt?view=markup&pathrev=302897
2015-07-16Add SSL support for PDO_MYSQL tooAndrey Andreev1-2/+29
Related: #3896
2015-07-16Improve the ssl_cipher check for MySQLiAndrey Andreev1-9/+9
Related: #3896
2015-07-16Refactor proposed changes from PR #3896Andrey Andreev1-44/+28
2015-07-16Merge branch 'feature/mysqli-ssl' of github.com:ndigitals/CodeIgniter into ↵Andrey Andreev1-2/+56
feature/mysqli_ssl
2015-07-15[ci skip] Revert styleguide violations from PR #3828Andrey Andreev1-3/+3
2015-07-15Merge branch 'patch-1' of github.com:w0den/CodeIgniter into feature/output_cacheAndrey Andreev1-7/+28
2015-07-15Merge pull request #3715 from infinit89/patch-1Andrey Andreev1-1/+1
[ci skip] Fix pagination links with protocol-relative URLs
2015-07-15Merge pull request #3977 from MSDehghan/developAndrey Andreev1-1/+1
[ci skip] Fix a log message typo
2015-07-15Polish changes from PR #3893Andrey Andreev1-24/+13
2015-07-15Fix a TypoMohammad Sadegh Dehghan Niri1-1/+1
2015-07-15Merge branch 'feature/form_helper' of github.com:darkhouse/CodeIgniter into ↵Andrey Andreev1-10/+28
feature/form_helpers_extra_array Manually fixed conflicts in: user_guide_src/source/changelog.rst
2015-07-15allow add of keys with arrayAdrian Voicu1-1/+1
This will allow adding multiple keys using array (http://www.codeigniter.com/user_guide/database/forge.html#adding-keys). Only if user wants, he can use the table columns to set a primary key by setting second parameter as TRUE.
2015-07-13Add check for PCRE UTF-8 supportdimonneon1-1/+1
2015-07-10Add unicode support in url_title functiondimonneon1-2/+2
2015-07-09Fix #3965Andrey Andreev1-9/+3
2015-07-08[ci skip] Cleanup some whitespace in CI_Unit_testAndrey Andreev1-23/+23
2015-07-08Fix #3963Andrey Andreev1-3/+5
2015-07-06Merge pull request #3958 from ftwbzhao/feature/routerAndrey Andreev1-1/+1
[ci skip] Fix a comment typo
2015-07-06fix typo in router classftwbzhao1-1/+1
2015-07-06Merge branch 'develop' of github.com:bcit-ci/CodeIgniter into developftwbzhao2-3/+3
Conflicts: user_guide_src/source/changelog.rst
2015-07-06Merge pull request #3955 from ftwbzhao/ci3.0Andrey Andreev1-2/+2
key_prefix support for Cache increment() and decrement()
2015-07-06Added "is_resource" into the list of unit tests capable of being run.ftwbzhao1-1/+1
2015-07-05supported key_prefix on `increment` and `decrement`ftwbzhao1-2/+2
2015-07-05fix pdo/sqlite & update changelogftwbzhao1-1/+1
2015-07-04fix SQlite3 list_fieldsftwbzhao1-1/+1
2015-07-02Fix QB delete() for multiple tables with where()Andrey Andreev1-0/+3
Reported via the forums: http://forum.codeigniter.com/thread-61774.html
2015-07-02Close #3941Andrey Andreev1-6/+1
2015-07-02Apply PR #3940 to sqlite3 driver and fix a wrong var nameAndrey Andreev1-1/+2
2015-07-02sqlite < 3.3 unsuported `_drop_table_if`ftwbzhao1-0/+1
2015-06-29Close #3934Andrey Andreev1-1/+1
2015-06-29Fix regression caused by 59d1ffd927ef3b63dbadf42e1caf14957201fd2dAndrey Andreev1-1/+1
2015-06-29Fix #3932Andrey Andreev1-1/+1
2015-06-22A small optimization in CI_Cache::is_supported()Andrey Andreev1-3/+2
As it was, the static variable was always re-set to an empty array
2015-06-22Fix #3913Andrey Andreev2-139/+128
2015-06-22Work-around for https://bugs.php.net/bug.php?id=39598Andrey Andreev2-2/+42
Fixes #3922
2015-06-22Alter CI_Upload logging levelsAndrey Andreev1-23/+22
Close #3920
2015-06-18Removed db_options configuration item for implementation later. Changed 5 ↵Tim Nolte1-60/+16
new MySQLi SSL configuration options to a single ssl_options config item that is an array that will be read to set the individual SSL options. Signed-off-by: Tim Nolte <noltet@sekisui-spi.com>