summaryrefslogtreecommitdiffstats
path: root/system
AgeCommit message (Collapse)AuthorFilesLines
2014-08-18[ci skip] Polish changes from PR #3176Andrey Andreev1-6/+6
2014-08-18Merge pull request #3176 from caseyh/developAndrey Andreev1-4/+7
CSRF whitelist supports regex
2014-08-18Alter Pull #3176 to follow discussioncaseyh1-4/+4
2014-08-15Fix #3187Andrey Andreev1-1/+1
2014-08-11CSRF whitelist supports regexCasey Hancock1-4/+7
Signed-off-by: Casey Hancock <crh431@gmail.com>
2014-08-10Polish changes following PR #3173Andrey Andreev1-4/+4
2014-08-08Using ImagePNG in CAPTCHA helperET-NiK1-2/+16
Using ImagePNG function, if ImageJPG not exists
2014-08-06Change name didn't work if reset initialization it's trueJoseba Juániz1-11/+14
If user initializes the upload library with the reset flag as true, the uploaded file doesn't change it's name, it's neccesary to initialize or change the $_file_name_override every time.
2014-08-05Fix #3123Andrey Andreev1-1/+1
2014-08-01Make CI_Pagination properties per_page, cur_page publicAndrey Andreev1-38/+38
Useful if you want to make calculations based on them.
2014-07-31Merge pull request #3162 from MianSaleem/patch-1Andrey Andreev1-1/+1
anchor popup's menubar attribute is missing
2014-07-31Last empty line removeMian Saleem1-1/+1
2014-07-31Update url_helper.phpMian Saleem1-1/+1
2014-07-31Fix #3160Andrey Andreev1-2/+2
2014-07-31Fix #3161Andrey Andreev2-8/+12
2014-07-31anchor popup attribute missingMian Saleem1-2/+2
Please add the menubar attribute to anchor popup
2014-07-14Merge pull request #3134 from kdazzle/patch-1Andrey Andreev1-1/+1
Return 403 instead of 500 if no CSRF token given
2014-07-14Add changelog entry for CSRF status code; remove line at EOFKyle Valade1-1/+1
2014-07-12Fix CI_Encryption::substr() for PHP 5.3Andrey Andreev1-1/+4
Nothing critical, just an edge case that isn't currently used
2014-07-12Fix CI_Encryption::substr() usage of mb_substr()Andrey Andreev1-1/+1
The whole point was to use 8bit encoding
2014-07-11Add setting ['composer_autoload']Andrey Andreev1-0/+17
Supersedes PR #3132
2014-07-07Continuing from previous commit ... use CI_Encryption::substr()Andrey Andreev1-8/+8
2014-07-07Fix potential bugs in password_hash(), CI_EncryptionAndrey Andreev2-11/+59
strlen(), substr() are not byte-safe when mbstring.func_overload is enabled
2014-07-07Add a backport (compat) for quoted_printable_encode()Andrey Andreev1-2/+90
2014-07-07Fix a few typos and add a backport (compat) for hex2bin()Andrey Andreev2-3/+50
2014-07-06Return 403 instead of 500 if no CSRF token givenKyle Valade1-2/+2
Not supplying a CSRF token shouldn't return a 500 response because it isn't a server error. The response status code should definitely be in the 400's, because it's the client's fault. And it should be a 403 because the client is forbidden from making that request without the appropriate credential (the CSRF token), though the request may be otherwise valid. http://en.wikipedia.org/wiki/List_of_HTTP_status_codes
2014-07-06Merge branch 'develop' of github.com:EllisLab/CodeIgniter into developAndrey Andreev1-1/+1
2014-07-06Fix #3131Andrey Andreev1-0/+4
2014-07-05Missing looping index added. Without index empty rows returned for csv ↵Dionysis Arvanitis1-1/+1
column headers.
2014-07-02Remove GCM mode from CI_Encryption (OpenSSL)Andrey Andreev1-3/+2
While openssl_get_cipher_methods() lists 'aes-<keysize>-gcm' as supported, it appears that this is only half of the story. To be more specific, only the encryption operation of GCM is performed, and the authentication message is completely missing, rendering the whole thing useles.
2014-07-01Merge branch 'develop' of github.com:EllisLab/CodeIgniter into developAndrey Andreev1-1/+1
2014-07-01Fix #3124Andrey Andreev1-2/+2
2014-06-29Fixed eofGraham Campbell1-1/+1
2014-06-29Fixed typoGraham Campbell1-2/+2
2014-06-21Add CI_Encryption::create_key()Andrey Andreev1-0/+15
This was planned, we somehow forgot about it. :)
2014-06-21Fix a _potential_ flaw in password_hash()Andrey Andreev1-1/+4
2014-06-19Remove the custom IV option from CI_EncryptionAndrey Andreev1-51/+36
It serves for no practical purpose and can only do harm.
2014-06-19Fix #3112Andrey Andreev4-15/+4
2014-06-13Make 'num_links=0' configuration available in Pagination libraryTakayuki Sakai1-4/+4
Changed conditions when making 'first' and 'last' links
2014-06-13Revert "Make num_links=0 in pagination library possible to configure"Takayuki Sakai1-15/+9
This reverts commit a01924d2cc2d63d2bddbee85a18b423b88a9b19e.
2014-06-13Make num_links=0 in pagination library possible to configureTakayuki Sakai1-9/+15
2014-06-12remove the empty line at the end of fileFu Xu1-1/+1
2014-06-12style changeFu Xu1-1/+1
2014-06-12config load bug fixFu Xu1-2/+3
2014-06-12Fix #3101Andrey Andreev1-1/+1
2014-06-07Fix #3085Andrey Andreev1-17/+19
2014-06-03Fix a potential undefined variable errorAndrey Andreev2-2/+2
2014-06-01Fix wrong variable nameAndrey Andreev1-2/+2
2014-05-31Add support for non-ASCII domain names in FV & Email classes' valid_email()Andrey Andreev2-0/+10
Depends on the Intl extension
2014-05-31Remove CI_Encrypt::_xor_encode()Andrey Andreev1-47/+12