summaryrefslogtreecommitdiffstats
path: root/system
AgeCommit message (Collapse)AuthorFilesLines
2014-01-08Fix #346Andrey Andreev2-15/+26
When ['global_xss_filtering'] was turned on, the , , & superglobals were automatically overwritten. This resulted in one of the following problems: - xss_clean() being called twice - Inability to retrieve the original (not filtered) value XSS filtering is now only applied on demand by the Input class, and the default value for the parameter in CI_Input methods is changed to NULL. Unless a boolean value is passed to them, whether XSS filtering is applied depends on the ['global_xss_filtering'] value.
2014-01-08Fix #148Andrey Andreev1-4/+6
CI_Input::_clean_input_data() assumed that all input data is URL-encoded while sanitizing it. However, PHP already performs URL-decoding on it, so this is either redudant or overly intrusive as it resulted in many, many reports of data containing '%' followed by 1 numeric characters being essentially destroyed. Supersedes PR #1229
2014-01-08Optimize get_instance() calls/assignmentsAndrey Andreev12-51/+35
2014-01-08A tiny improvement in CI_Upload::do_xss_clean()Andrey Andreev1-2/+1
2014-01-08Some small improvements to the Xmlrpc classAndrey Andreev1-11/+11
2014-01-08Update the CI_Hooks classMarcos SF Filho1-18/+16
2014-01-07Class for execute Hooks can be stored for reuseMarcos SF Filho1-8/+33
2014-01-07Fix a few bugs in CI_Hook (based on PR #2762)Andrey Andreev1-4/+8
2014-01-07A tiny regexp improvement for CI_DB_driver::is_write_type()Andrey Andreev3-3/+3
2014-01-07Change Text helper default tag from <strong> to <mark>Andrey Andreev1-16/+8
Supersedes PR #1497
2014-01-07Add ability for changing the original file path/name in CI_Zip::read_file()Andrey Andreev1-11/+14
Supersedes PR #884
2014-01-07Fix #2143Andrey Andreev1-9/+6
When trying to load rules from a configuration file, the Form validation library matched against ruri_string() as opposed to 'controller/method' like described in the manual. Since ruri_string() also makes sense, now both are being checked with ruri_string() having a higher precedence. Supersedes PR #2224
2014-01-07Implement Loader method chainingAndrey Andreev1-29/+46
Requested in issue #2165 Supersedes PR #2319
2014-01-07Fix #2268 (manually implementing PR #2269)Andrey Andreev1-3/+3
2014-01-07Add Basic HTTP authentication support to the XML-RPC libraryAndrey Andreev1-1/+30
(based on PR #1716)
2014-01-06Fix #2237: Parser library failed if the same tag pair is used more than once ↵Andrey Andreev1-11/+19
within a template (manually applying PR #2238 + updated unit tests)
2014-01-06Remove a redudant value checkAndrey Andreev1-1/+1
2014-01-06Fix #2579: Query Builder's "no escape" functionality didn't work properly ↵Andrey Andreev1-4/+17
with query cache
2014-01-06Make CI_Session's set_userdata(), set_flashdata(), set_tempdata(), ↵Andrey Andreev1-5/+5
unset_userdata() and unset_flashdata()'s first parameter mandatory
2014-01-06Make CI_Loader methods library(), driver(), vars() and language()'s first ↵Andrey Andreev1-6/+6
parameters mandatory and fix a docblock
2014-01-06[ci skip] Fix a docblock typoAndrey Andreev1-1/+1
2014-01-06Make CI_Form_validation::error()'s first parameter mandatory and add a ↵Andrey Andreev1-6/+6
typehint for CI_Form_validation::error()
2014-01-06Make CI_Input::set_cookie() and cookie helpers set_cookie(), get_cookie(), ↵Andrey Andreev2-4/+4
delete_cookie()'s first (name) parameter mandatory
2014-01-03Make CI_Unit_test::set_test_items()'s parameter mandatory (optional doesn't ↵Andrey Andreev1-2/+2
make sense)
2014-01-03[ci skip] Some spaces & docblock fixesAndrey Andreev2-15/+13
2014-01-03Merge pull request #2768 from porquero/patch-1Andrey Andreev1-1/+2
Added post-increment for $count
2014-01-03Make CI_Lang::line()'s first parameter mandatory (optional doesn't make sense)Andrey Andreev1-1/+1
2014-01-03FTP class improvementsAndrey Andreev2-9/+9
- Make changedir()'s first parameter mandatory (optional doesn't make sense) - Fix a few typos (langfile included)
2014-01-03Make CI_FTP::mkdir()'s first parameter mandatory (optional doesn't make sense)Andrey Andreev1-1/+1
2014-01-03[ci skip] Remove a few spacesAndrey Andreev1-3/+3
2014-01-03A tiny improvement in ruri_string()Andrey Andreev1-6/+1
2013-12-23Remove _serialize() and _unserialize() methodsJordan Eldredge1-34/+4
Since removing the unneeded manual escaping code, there is no-longer any reason to have the serialization functions abstracted. This also allows us to only suppress errors when unserializing cookie data, and only trim when we are unserializing database data (see commit 6b8312).
2013-12-21Remove unneeded manual escaping of session dataJordan Eldredge1-60/+3
2013-12-20Polishing changes from #PR #2781Andrey Andreev1-3/+3
Looks like an unnecessary commit was made by the author just as I was clicking the Merge button. :)
2013-12-19so we need \sNOT EXISTSTufan Barış YILDIRIM1-1/+1
2013-12-19changed EXISTS / NOT EXISTS patternTufan Barış YILDIRIM1-3/+3
@narfbg "It has parenthesis, so use the IN / NOT IN pattern as a base."
2013-12-19EXISTS / NOT EXISTS clause support for DB_driverTufan Barış YILDIRIM1-3/+3
2013-12-19EXISTS / NOT EXISTS clause support for DB_driverTufan Barış YILDIRIM1-2/+4
2013-12-19EXISTS / NOT EXISTS clause support for DB_query_builder.Tufan Barış YILDIRIM1-2/+4
2013-12-18Use table name as a prefix for index namesmjnaderi1-3/+2
2013-12-18Cleanup DB_forge _process_indexesmjnaderi1-1/+2
2013-12-18Cleanup DB_forge _process_indexesmjnaderi1-1/+0
2013-12-14DB call_function() bug : funny typo -or- smart autocomplete?Kakysha1-1/+1
2013-12-14Added post-increment for $countCristian Riffo Huez1-1/+2
It has been added the missing post-increment for variable $count.
2013-12-13Merge pull request #2764 from refringe/feature/cookie_sessionAndrey Andreev1-1/+1
Issue #2763 - Fixes Session GC Probability Calculation
2013-12-13Issue #2763 - Fixes Session GC Probability CalculationTyler Brownell1-1/+1
This should resolve issue #2763 where the cookie session garbage collection was running every request.
2013-12-10Fix a bug where DB() tried to set the MySQL-specific 'sql_mode' on all driversAndrey Andreev4-5/+49
Supersedes PR #2756
2013-11-27[ci skip] Remove a few more spacesAndrey Andreev4-5/+5
2013-11-17Always load application/config/constants.phpAndrey Andreev1-6/+4
2013-11-17Merge pull request #2731 from josephok/developAndrey Andreev1-9/+9
Update CodeIgniter.php