summaryrefslogtreecommitdiffstats
path: root/system
AgeCommit message (Expand)AuthorFilesLines
2015-12-14Close #4313Andrey Andreev1-0/+12
2015-12-14Fix #4312Andrey Andreev1-6/+3
2015-12-12[ci skip] Proper error handling for Sessions on PHP 5Andrey Andreev5-78/+133
2015-12-11Fix #4039Andrey Andreev1-0/+6
2015-12-11Fix #4306Andrey Andreev1-1/+1
2015-12-07Merge pull request #4291 from b-kaxa/fix-phpdocAndrey Andreev2-1/+2
2015-12-03Fix #4283Andrey Andreev1-1/+2
2015-11-24Use PHP7's random_bytes() when possibleAndrey Andreev2-0/+21
2015-11-24[ci skip] Remove some redundant code from DB_forgeAndrey Andreev1-4/+0
2015-11-16[ci skip] Fix #4245Andrey Andreev1-1/+1
2015-11-16Fix #4244Andrey Andreev1-3/+28
2015-11-09Merge pull request #4223 from j0inty/developAndrey Andreev1-1/+4
2015-11-09[ci skip] Fix an infinite loop in captcha helperAndrey Andreev1-1/+2
2015-11-09Merge pull request #4217 from natesilva/fix-ipv6-base_urlAndrey Andreev1-1/+10
2015-11-04[ci skip] Fix a false default-fallback bug in set_checkbox(), set_radio()Andrey Andreev1-8/+33
2015-11-04Fix #4212Andrey Andreev1-1/+1
2015-11-04[ci skip] Start of 3.0.4 developmentAndrey Andreev1-1/+1
2015-10-31[ci skip] Update changelog, version & upgrade instructionsAndrey Andreev1-1/+1
2015-10-31Use proper randomness when generating CAPTCHAsAndrey Andreev1-2/+87
2015-10-31Prevent Host header injectionsAndrey Andreev1-4/+2
2015-10-31Harden xss_clean()Andrey Andreev1-27/+39
2015-10-30Fix #4192Andrey Andreev1-5/+8
2015-10-30Fix #3201Andrey Andreev1-1/+6
2015-10-19Fix #4171 and a number of other transaction bugsAndrey Andreev13-354/+162
2015-10-19Fix #4173Andrey Andreev1-1/+7
2015-10-18Fix #4179Andrey Andreev1-0/+4
2015-10-13[ci skip] Fix #4170Andrey Andreev1-3/+1
2015-10-12[ci skip] This is 3.0.3-devAndrey Andreev1-1/+1
2015-10-12Optimize csv_from_result speed.Ahmad Anbar1-2/+3
2015-10-08[ci skip] Prepare 3.0.2 releaseAndrey Andreev1-1/+1
2015-10-05Some more intrusive XSS cleaningAndrey Andreev1-5/+11
2015-10-05Close #4155Andrey Andreev1-1/+1
2015-10-02More XSS stuffAndrey Andreev1-1/+1
2015-09-29Merge pull request #4126 from zoaked/patch-1Andrey Andreev1-1/+0
2015-09-24Fix #4137Andrey Andreev1-1/+1
2015-09-21More XSS stuffAndrey Andreev1-3/+3
2015-09-17Don't allow open-ended tags to pass through xss_clean()Andrey Andreev1-4/+9
2015-09-17Refactor 'evil attributes' sanitization logicAndrey Andreev1-92/+66
2015-09-16Fix #4116Andrey Andreev1-6/+6
2015-09-16Fix #4120Andrey Andreev1-3/+13
2015-09-15Missing character in the evil attributes patternAndrey Andreev1-1/+1
2015-09-14Another addition to tag detection patterns in xss_clean()Andrey Andreev1-1/+4
2015-09-14Close #4098Andrey Andreev1-2/+18
2015-09-14Fix #4032Andrey Andreev1-5/+8
2015-09-14Fix #4044Andrey Andreev1-5/+5
2015-09-14Fix #4109Andrey Andreev1-20/+22
2015-09-14Add 'eval' to a JS blacklist in xss_clean()Andrey Andreev1-7/+10
2015-09-14Move _remove_evil_attributes() callAndrey Andreev1-4/+3
2015-09-11Harden xss_clean() moreAndrey Andreev1-5/+37
2015-09-11Improve on previous commitAndrey Andreev1-1/+1