Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2014-02-07 | Use is_really_writable() in get_file_info() | Andrey Andreev | 1 | -2/+1 | |
2014-02-06 | Typo Fix | Vivek Dinesh | 1 | -1/+1 | |
Signed-off-by: Vivek Dinesh <vivekdinesh5@gmail.com> | |||||
2014-02-06 | Make CI_Session's HMAC comparison time-attack-safe | Andrey Andreev | 1 | -1/+9 | |
2014-02-05 | Fix #2856 | Andrey Andreev | 1 | -1/+1 | |
2014-02-03 | [ci skip] Update info on function_usable | Andrey Andreev | 1 | -0/+5 | |
2014-01-30 | Previous 2 commits were just dumb | Andrey Andreev | 2 | -3/+3 | |
2014-01-30 | Fix a syntax error from last commit | Andrey Andreev | 1 | -1/+1 | |
2014-01-30 | Some fail-safe pdo_pgsql adjustments | Andrey Andreev | 2 | -2/+7 | |
2014-01-28 | Fix #2845 | Andrey Andreev | 1 | -1/+1 | |
2014-01-28 | Fix #2844 | Andrey Andreev | 1 | -1/+1 | |
2014-01-25 | Add <math> to 'naughty' HTML elements | Andrey Andreev | 1 | -1/+1 | |
2014-01-25 | Previous commit caused side effects ... | Andrey Andreev | 1 | -2/+2 | |
2014-01-25 | Fix CI_Security::_remove_evil_attributes() being way too aggressive | Andrey Andreev | 1 | -2/+2 | |
2014-01-25 | Re-add 'on\w*' to evil attributes (rel #2667) | Andrey Andreev | 1 | -2/+1 | |
2014-01-25 | Partially fix #2667 | Andrey Andreev | 1 | -2/+8 | |
2014-01-24 | [ci skip] Add a link to PHP bug 54709 in is_really_writable()'s docblock | Andrey Andreev | 1 | -0/+1 | |
2014-01-24 | CI_Security: Also add <svg> to 'naughty' HTML elements | Andrey Andreev | 1 | -1/+1 | |
2014-01-24 | CI_Security: Add <select> and <keygen> tags to the list of 'naughty' HTML ↵ | Andrey Andreev | 1 | -1/+1 | |
elements | |||||
2014-01-24 | Fix syntax errors | Andrey Andreev | 1 | -2/+2 | |
2014-01-24 | CI_Security: Add 'form' and 'xlink:href' to evil attributes | Andrey Andreev | 1 | -1/+1 | |
2014-01-24 | Add &newline; and &tab; to CI_Security:: | Andrey Andreev | 1 | -1/+3 | |
2014-01-24 | Righting a wrong in the Session library | Andrey Andreev | 2 | -41/+50 | |
- Change userdata(), flashdata(), tempdata() to return all the respective data when no parameter is passed. - Revert the addition of all_flashdata(). - Deprecate all_userdata(). - Fix related changelog entries that were all inconsistent. | |||||
2014-01-24 | [ci skip] AND -> && | Andrey Andreev | 1 | -1/+1 | |
2014-01-23 | Fix #2836 | Andrey Andreev | 1 | -1/+1 | |
2014-01-22 | CI_Security::_decode_entity() to replace dangerous HTML5 entities | Andrey Andreev | 1 | -1/+19 | |
Related to issue #2771 | |||||
2014-01-21 | Add <button> to the list of 'naugthy' html elements in CI_Security::xss_clean() | Andrey Andreev | 1 | -2/+2 | |
2014-01-21 | Merge branch 'feature/dbforge_table_attributes' into develop | Andrey Andreev | 4 | -23/+103 | |
2014-01-21 | SQLSRV improvements | Andrey Andreev | 2 | -3/+66 | |
Mainly for performance (issue #2474), but also added a 'scrollable' configuration flag and auto-detection for SQLSRV_CURSOR_CLIENT_BUFFERED (only available since SQLSRV 3). | |||||
2014-01-20 | Add support for optional table attributes to CI_DB_forge::create_table() | Andrey Andreev | 4 | -23/+103 | |
Supersedes PRs #989, #2776 Related issue: #41 | |||||
2014-01-20 | Fix #2729 | Andrey Andreev | 1 | -2/+3 | |
2014-01-20 | Fix #2737 | Andrey Andreev | 1 | -21/+27 | |
2014-01-20 | Merge branch 'develop' into feature/output_compressed_cache | Andrey Andreev | 1 | -4/+4 | |
2014-01-18 | Fix #2829 | Andrey Andreev | 1 | -4/+4 | |
2014-01-18 | Merge branch 'develop' into feature/output_compressed_cache | Andrey Andreev | 1 | -1/+1 | |
2014-01-18 | Fix 2 Router-related errors | Andrey Andreev | 1 | -1/+1 | |
2014-01-18 | Merge branch 'develop' into feature/output_compressed_cache | Andrey Andreev | 1 | -0/+3 | |
2014-01-18 | Fix CI_URI:: not being properly indexed | Andrey Andreev | 1 | -0/+3 | |
2014-01-18 | Merge branch 'develop' into feature/output_compressed_cache | Andrey Andreev | 7 | -364/+309 | |
2014-01-18 | Fix #2825 | Andrey Andreev | 1 | -1/+1 | |
2014-01-18 | Fix #2827 | Andrey Andreev | 1 | -1/+1 | |
2014-01-17 | Merge branch 'feature/uri_routing_overhaul' into 'develop' | Andrey Andreev | 3 | -352/+283 | |
2014-01-17 | Add autoloading library aliasing support (supersedes PR #2824) | Andrey Andreev | 1 | -2/+9 | |
2014-01-17 | Minor changes related to CI_User_agent | Andrey Andreev | 1 | -8/+15 | |
Fixed a bug where both accept_charset() and accept_lang() improperly parsed headers if they contained spaces between data separators (which is valid). Also made is_referral() testable by replacing its static cache var with a class property and added some more unit tests for the library as a whole. | |||||
2014-01-16 | URI Routing overhaul | Andrey Andreev | 3 | -352/+283 | |
- Allow multiple levels of controller directories (supersedes PRs #390, #2439) - Add support for per-directory 'defaul_controller' and '404_override' (resolves issue #2611; supersedes PR #939) - Fixed a bug where default_controller was called instead of triggering 404 if the current route is inside a directory - Removed a few calls from CI_Router to CI_URI that made a necessity for otherwise internal CI_URI methods to be public: - Removed CI_URI::_fetch_uri_string() and moved its logic into CI_URI::__construct() - Removed CI_URI::_remove_url_suffix, CI_URI::_explode_segments() and moved their logic into CI_URI::_set_uri_string() - Removed CI_URI::_reindex_segments() altogether ( doesn't need further manipulation, while is public anyway and can be properly (and more effectively) replaced on the spot) | |||||
2014-01-15 | Fix #2799 by adding conditional PCRE UTF-8 support to CI_URI::filter_uri() | Andrey Andreev | 2 | -2/+2 | |
Also did a tiny micro-optimization in the Utf8 class. | |||||
2014-01-15 | Merge changes from develop | Andrey Andreev | 9 | -101/+183 | |
2014-01-15 | Fix #2822: Incorrect usage of fwrite() | Andrey Andreev | 6 | -21/+80 | |
We only used to check (and not always) if the return value of fwrite() is boolean FALSE, while it is possible that the otherwise returned bytecount is less than the length of data that we're trying to write. This allowed incomplete writes over network streams and possibly a few other edge cases. | |||||
2014-01-15 | CI_URI changes related to the 'permitted_uri_chars' setting | Andrey Andreev | 2 | -15/+26 | |
- Initialize and cache the value in the class constructor instead of searching for it every time - Removed the preg_quote() call from _filter_uri() to allow more fine-tuning from configuration - Renamed _filter_uri() to filter_uri() - it was public anyway and using it cannot break anything Related: issue #2799 | |||||
2014-01-15 | Fix incorrect checks for the fwrite() return value | Andrey Andreev | 3 | -3/+3 | |
! fwrite() could trigger false-positives as it is possible for it to return 0 instead of boolean FALSE. (issue #2822) Also removed an unnecessary log level check that caused an extra space to be inserted for the INFO level. (proposed in PR #2821) | |||||
2014-01-12 | Merge pull request #2808 from melounek/filename_as_url | Andrey Andreev | 1 | -9/+9 | |
attach files by absolute url |