summaryrefslogtreecommitdiffstats
path: root/system
AgeCommit message (Collapse)AuthorFilesLines
2014-01-15CI_URI changes related to the 'permitted_uri_chars' settingAndrey Andreev2-15/+26
- Initialize and cache the value in the class constructor instead of searching for it every time - Removed the preg_quote() call from _filter_uri() to allow more fine-tuning from configuration - Renamed _filter_uri() to filter_uri() - it was public anyway and using it cannot break anything Related: issue #2799
2014-01-15Fix incorrect checks for the fwrite() return valueAndrey Andreev3-3/+3
! fwrite() could trigger false-positives as it is possible for it to return 0 instead of boolean FALSE. (issue #2822) Also removed an unnecessary log level check that caused an extra space to be inserted for the INFO level. (proposed in PR #2821)
2014-01-12Merge pull request #2808 from melounek/filename_as_urlAndrey Andreev1-9/+9
attach files by absolute url
2014-01-10Finally get rid of the CI_Router::_set_overrides() callsAndrey Andreev2-38/+23
2014-01-10condition repair and commentsPetr Heralecky1-3/+3
2014-01-10rename src to filePetr Heralecky1-9/+9
2014-01-10attach files by absolute urlPetr Heralecky1-10/+10
2014-01-10Further changes related to PR #2807Andrey Andreev1-11/+12
2014-01-10variable repairPetr Heralecky1-2/+2
2014-01-10styleguided 2Petr Heralecky1-3/+1
2014-01-10styleguidedPetr Heralecky1-10/+16
2014-01-10Added Email::attach_cid() returning CIDPetr Heralecky1-32/+55
2014-01-09Add HTTP response code 307 support in URL helper redirect()Andrey Andreev1-5/+10
2014-01-09Implement atomic increment/decrement in Cache libraryAndrey Andreev7-61/+324
Requested via issue #109 Supersedes PR #241
2014-01-09Fix #133Andrey Andreev1-1/+6
2014-01-09Merge pull request #2802 from marcossffilho/developAndrey Andreev1-5/+41
Calendar Updates
2014-01-09Updates for the Calendar Pull RequestMarcos SF Filho1-1/+1
2014-01-09Fixed the comment and array alignment.Ahmedul Haque Abid1-2/+2
2014-01-09Added space after 'if' conditionAhmedul Haque Abid1-1/+1
2014-01-09Changed the rest of 'error_msg' to 'errors'Ahmedul Haque Abid1-6/+6
2014-01-09Added the missing "is" in the commentAhmedul Haque Abid1-1/+1
2014-01-09Merge branch 'develop' into feature/form_validation/custom_error_per_fieldAhmedul Haque Abid3-3/+32
2014-01-09Updated comment messages.Ahmedul Haque Abid1-2/+2
2014-01-09Removed extra space between closing parenthesis.Ahmedul Haque Abid1-1/+1
2014-01-09Fixed a missed variable $errors in set_rules().Ahmedul Haque Abid1-1/+1
2014-01-09Changed $error_msg to $errorsAhmedul Haque Abid1-4/+4
2014-01-09Add CI_User_agent::parse() to allow parsing a custom user-agent stringAndrey Andreev1-0/+28
Based on PR #970
2014-01-08Remove preg_quote() call from CI_User_agent::_set_browser() and add another ↵Andrey Andreev1-1/+1
pattern for Opera Input comes from a configuration file that is barely touched by anyone and the default values only contain letters, so it is safe to not quote them. This enables us to add a more advanced pattern in config/user_agents.php for Opera 10+, which ... quote: Opera/9.80 is hard coded at the beginning of the user agent string because of broken browser sniffing scripts which detect 'Opera/10' and above as Opera 1. (reference: http://my.opera.com/community/openweb/idopera/) Instead, latests versions of Opera append ' Version/<version number>' to the end of the user agent string. Fixes issue #555 (incorrect browser detection for Opera)
2014-01-08Unnecessary rtrim and update docs for Calendar classMarcos SF Filho1-1/+1
2014-01-08Join two if statement into oneMarcos SF Filho1-5/+2
2014-01-08Code Corrections for the Calendar Pull RequestMarcos SF Filho1-21/+18
2014-01-08Fix 2 errors caused by recent commitsAndrey Andreev2-2/+3
2014-01-08Added custom error messages functionality for individual fields.Ahmedul Haque Abid1-4/+20
2014-01-08Update the Calendar ClassMarcos SF Filho1-6/+48
2014-01-08Make newline standardization configurableAndrey Andreev2-5/+29
Added ['standardize_newlines'] Also altered the Session cookie driver, which experienced issues with this feature due to it's HMAC verification failing after the Input class alters newlines in non-encrypted session cookies. Supersedes PR #2470
2014-01-08Fix #346Andrey Andreev2-15/+26
When ['global_xss_filtering'] was turned on, the , , & superglobals were automatically overwritten. This resulted in one of the following problems: - xss_clean() being called twice - Inability to retrieve the original (not filtered) value XSS filtering is now only applied on demand by the Input class, and the default value for the parameter in CI_Input methods is changed to NULL. Unless a boolean value is passed to them, whether XSS filtering is applied depends on the ['global_xss_filtering'] value.
2014-01-08Fix #148Andrey Andreev1-4/+6
CI_Input::_clean_input_data() assumed that all input data is URL-encoded while sanitizing it. However, PHP already performs URL-decoding on it, so this is either redudant or overly intrusive as it resulted in many, many reports of data containing '%' followed by 1 numeric characters being essentially destroyed. Supersedes PR #1229
2014-01-08Optimize get_instance() calls/assignmentsAndrey Andreev12-51/+35
2014-01-08A tiny improvement in CI_Upload::do_xss_clean()Andrey Andreev1-2/+1
2014-01-08Some small improvements to the Xmlrpc classAndrey Andreev1-11/+11
2014-01-08Update the CI_Hooks classMarcos SF Filho1-18/+16
2014-01-07Class for execute Hooks can be stored for reuseMarcos SF Filho1-8/+33
2014-01-07Fix a few bugs in CI_Hook (based on PR #2762)Andrey Andreev1-4/+8
2014-01-07A tiny regexp improvement for CI_DB_driver::is_write_type()Andrey Andreev3-3/+3
2014-01-07Change Text helper default tag from <strong> to <mark>Andrey Andreev1-16/+8
Supersedes PR #1497
2014-01-07Add ability for changing the original file path/name in CI_Zip::read_file()Andrey Andreev1-11/+14
Supersedes PR #884
2014-01-07Fix #2143Andrey Andreev1-9/+6
When trying to load rules from a configuration file, the Form validation library matched against ruri_string() as opposed to 'controller/method' like described in the manual. Since ruri_string() also makes sense, now both are being checked with ruri_string() having a higher precedence. Supersedes PR #2224
2014-01-07Implement Loader method chainingAndrey Andreev1-29/+46
Requested in issue #2165 Supersedes PR #2319
2014-01-07Fix #2268 (manually implementing PR #2269)Andrey Andreev1-3/+3
2014-01-07Add Basic HTTP authentication support to the XML-RPC libraryAndrey Andreev1-1/+30
(based on PR #1716)