summaryrefslogtreecommitdiffstats
path: root/system
AgeCommit message (Collapse)AuthorFilesLines
2014-02-09updates per narfbg's commentsAndrew1-5/+6
2014-02-09template as array instead of stringAndrew1-39/+91
library accepts `$config['template']` as array and string, to perform template replacements. updated `$this->temp` var to `$this->replacements` to be less ambiguous about what it does
2014-02-08simplify calendar libraryAndrew1-68/+35
it seemed quite strange that we ask users to pass in a template string the we parse with REGEX, to extract key/value pairs, when we can simply ask users for an array. the class still contains default variables for each part of the template. Users can simply pass in an array (instead of a string) when they initialize, $config['template'], which overwrites default values. this cuts down a little on file size by removing parse_template() function. I think arrays are much more straightforward and easy to read than 'encoded' strings. don't have to keep a running list of all template keys like in previous parse_template() function. gets rid of $this->temp[] property and changes it to $this->template[] which is more descriptive when generating output
2014-02-07Use is_really_writable() in captcha helperAndrey Andreev1-1/+1
2014-02-07Use is_really_writable() in get_file_info()Andrey Andreev1-2/+1
2014-02-06Typo FixVivek Dinesh1-1/+1
Signed-off-by: Vivek Dinesh <vivekdinesh5@gmail.com>
2014-02-06Make CI_Session's HMAC comparison time-attack-safeAndrey Andreev1-1/+9
2014-02-05Fix #2856Andrey Andreev1-1/+1
2014-02-03[ci skip] Update info on function_usableAndrey Andreev1-0/+5
2014-01-30Previous 2 commits were just dumbAndrey Andreev2-3/+3
2014-01-30Fix a syntax error from last commitAndrey Andreev1-1/+1
2014-01-30Some fail-safe pdo_pgsql adjustmentsAndrey Andreev2-2/+7
2014-01-28Fix #2845Andrey Andreev1-1/+1
2014-01-28Fix #2844Andrey Andreev1-1/+1
2014-01-25Add <math> to 'naughty' HTML elementsAndrey Andreev1-1/+1
2014-01-25Previous commit caused side effects ...Andrey Andreev1-2/+2
2014-01-25Fix CI_Security::_remove_evil_attributes() being way too aggressiveAndrey Andreev1-2/+2
2014-01-25Re-add 'on\w*' to evil attributes (rel #2667)Andrey Andreev1-2/+1
2014-01-25Partially fix #2667Andrey Andreev1-2/+8
2014-01-24[ci skip] Add a link to PHP bug 54709 in is_really_writable()'s docblockAndrey Andreev1-0/+1
2014-01-24CI_Security: Also add <svg> to 'naughty' HTML elementsAndrey Andreev1-1/+1
2014-01-24CI_Security: Add <select> and <keygen> tags to the list of 'naughty' HTML ↵Andrey Andreev1-1/+1
elements
2014-01-24Fix syntax errorsAndrey Andreev1-2/+2
2014-01-24CI_Security: Add 'form' and 'xlink:href' to evil attributesAndrey Andreev1-1/+1
2014-01-24Add &newline; and &tab; to CI_Security::Andrey Andreev1-1/+3
2014-01-24Righting a wrong in the Session libraryAndrey Andreev2-41/+50
- Change userdata(), flashdata(), tempdata() to return all the respective data when no parameter is passed. - Revert the addition of all_flashdata(). - Deprecate all_userdata(). - Fix related changelog entries that were all inconsistent.
2014-01-24[ci skip] AND -> &&Andrey Andreev1-1/+1
2014-01-23Fix #2836Andrey Andreev1-1/+1
2014-01-22CI_Security::_decode_entity() to replace dangerous HTML5 entitiesAndrey Andreev1-1/+19
Related to issue #2771
2014-01-21Add <button> to the list of 'naugthy' html elements in CI_Security::xss_clean()Andrey Andreev1-2/+2
2014-01-21Merge branch 'feature/dbforge_table_attributes' into developAndrey Andreev4-23/+103
2014-01-21SQLSRV improvementsAndrey Andreev2-3/+66
Mainly for performance (issue #2474), but also added a 'scrollable' configuration flag and auto-detection for SQLSRV_CURSOR_CLIENT_BUFFERED (only available since SQLSRV 3).
2014-01-20Add support for optional table attributes to CI_DB_forge::create_table()Andrey Andreev4-23/+103
Supersedes PRs #989, #2776 Related issue: #41
2014-01-20Fix #2729Andrey Andreev1-2/+3
2014-01-20Fix #2737Andrey Andreev1-21/+27
2014-01-20Merge branch 'develop' into feature/output_compressed_cacheAndrey Andreev1-4/+4
2014-01-18Fix #2829Andrey Andreev1-4/+4
2014-01-18Merge branch 'develop' into feature/output_compressed_cacheAndrey Andreev1-1/+1
2014-01-18Fix 2 Router-related errorsAndrey Andreev1-1/+1
2014-01-18Merge branch 'develop' into feature/output_compressed_cacheAndrey Andreev1-0/+3
2014-01-18Fix CI_URI:: not being properly indexedAndrey Andreev1-0/+3
2014-01-18Merge branch 'develop' into feature/output_compressed_cacheAndrey Andreev7-364/+309
2014-01-18Fix #2825Andrey Andreev1-1/+1
2014-01-18Fix #2827Andrey Andreev1-1/+1
2014-01-17Merge branch 'feature/uri_routing_overhaul' into 'develop'Andrey Andreev3-352/+283
2014-01-17Add autoloading library aliasing support (supersedes PR #2824)Andrey Andreev1-2/+9
2014-01-17Minor changes related to CI_User_agentAndrey Andreev1-8/+15
Fixed a bug where both accept_charset() and accept_lang() improperly parsed headers if they contained spaces between data separators (which is valid). Also made is_referral() testable by replacing its static cache var with a class property and added some more unit tests for the library as a whole.
2014-01-16URI Routing overhaulAndrey Andreev3-352/+283
- Allow multiple levels of controller directories (supersedes PRs #390, #2439) - Add support for per-directory 'defaul_controller' and '404_override' (resolves issue #2611; supersedes PR #939) - Fixed a bug where default_controller was called instead of triggering 404 if the current route is inside a directory - Removed a few calls from CI_Router to CI_URI that made a necessity for otherwise internal CI_URI methods to be public: - Removed CI_URI::_fetch_uri_string() and moved its logic into CI_URI::__construct() - Removed CI_URI::_remove_url_suffix, CI_URI::_explode_segments() and moved their logic into CI_URI::_set_uri_string() - Removed CI_URI::_reindex_segments() altogether ( doesn't need further manipulation, while is public anyway and can be properly (and more effectively) replaced on the spot)
2014-01-15Fix #2799 by adding conditional PCRE UTF-8 support to CI_URI::filter_uri()Andrey Andreev2-2/+2
Also did a tiny micro-optimization in the Utf8 class.
2014-01-15Merge changes from developAndrey Andreev9-101/+183