Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2012-05-19 | Fix issue #726 | Andrey Andreev | 1 | -8/+8 | |
2012-05-17 | Merge pull request #1366 from aphofstede/2.1-stable | Andrey Andreev | 1 | -1/+1 | |
Check cookie against md5 regex. 2.1 stable CSRF injection security fix | |||||
2012-05-17 | Check cookie against md5 regex. | Alexander Hofstede | 1 | -1/+1 | |
Otherwise, cookie can contain arbitrary injected code that gets sent back directly to the browser. | |||||
2012-05-07 | Added a return false if an image doesn't pass XSS cleaning to prevent ↵ | Wes Baker | 1 | -0/+4 | |
file_get_contents from returning a NULL and passing through unscathed. | |||||
2012-04-23 | Corrected the migration_missing_down_method language string | Repox | 1 | -1/+1 | |
2012-03-04 | Merge pull request #1116 from tubalmartin/helpers|url|2.1-stable | Phil Sturgeon | 1 | -20/+16 | |
2.1 stable - An improved url_title helper function | |||||
2012-03-04 | Allow developers to use any string as a separator, not just dashes or ↵ | tubalmartin | 1 | -10/+19 | |
underscores. Backwards compatible when using 'dash' or 'underscore' as string separator. Tests: http://codepad.org/DWcxVH5r | |||||
2012-03-03 | Fixed a bug - CI_Upload::_file_mime_type() could've failed if popen() is ↵ | tubalmartin | 1 | -1/+1 | |
used for the detection. | |||||
2012-03-03 | An even better url_title helper. Tests: http://codepad.org/tuJgvkyN | tubalmartin | 1 | -20/+7 | |
Changelog entry added for 2.1.1 | |||||
2012-03-01 | compile binds before caching the query, otherwise the cached query will ↵ | Ryan Dial | 1 | -6/+6 | |
never match the unbound query. updated changlog to mention bug fix. | |||||
2012-02-12 | Merge pull request #757 from narfbg/2.1-stable | Phil Sturgeon | 1 | -24/+78 | |
Improve CI_Upload::_file_mime_type() realiability (2.1-stable) | |||||
2011-12-26 | Merge pull request #709 from tubalmartin/2.1-stable | Phil Sturgeon | 1 | -0/+14 | |
2.1.0 - Fatal error: Call to undefined method CI_DB_Driver::_reset_select() | |||||
2011-12-15 | Merge remote-tracking branch 'upstream/2.1-stable' into 2.1-stable | Andrey Andreev | 1 | -1/+1 | |
2011-12-13 | Tweak MIME regular expression check again | Andrey Andreev | 1 | -1/+1 | |
2011-12-11 | Fix regular expression for validating MIME type string | Andrey Andreev | 1 | -1/+1 | |
2011-12-11 | Fix for Issue #538. | Andrew Mackrodt | 1 | -1/+1 | |
2011-12-09 | Improve CI_Upload::_file_mime_type() | Andrey Andreev | 1 | -24/+78 | |
2011-12-02 | Update a comment, just to be clearer | Andrey Andreev | 1 | -1/+1 | |
2011-12-02 | Hotfix for a file type detection bug in the Upload library | Andrey Andreev | 1 | -2/+5 | |
2011-12-01 | This fixes issue #725 | Repox | 1 | -2/+8 | |
2011-11-24 | Changed form_open() to compare $action against base_url() | John Nicely | 1 | -1/+1 | |
Checking for strpos($action, $CI->config->site_url()) === FALSE causes CSRF token to not be added in form_open() output. When site_url()'s first parameter ($uri) is empty, site_url's return value is the base URL plus the $CI->config->item('index_page') value. form_open() and CodeIgniter's URI routing do not require index.php to be in the URL, so any call to form_open() in which the $action parameter does not have index.php will always return false for the strpos() call. | |||||
2011-11-24 | Added dummy _reset_select() method to CI_DB_Driver class to allow Active ↵ | Túbal Martín | 1 | -0/+14 | |
Record class to be disabled. Otherwise a fatal error is triggered. | |||||
2011-11-23 | tmp_path does not exists, should be tmp_name | Michiel Vugteveen | 1 | -1/+1 | |
2011-11-22 | Readded PDO drivers. | Phil Sturgeon | 5 | -15/+565 | |
2011-11-14 | Tweaking the xss filter for IE <comment> tags, parameter injection, and ↵ | Pascal Kriete | 1 | -50/+41 | |
weird html5 attributes. | |||||
2011-11-14 | Removing stray docblocks | Pascal Kriete | 1 | -12/+0 | |
2011-11-13 | Added TLS and SSL support to Email library. Fixes issue #171 | Radu Potop | 1 | -1/+19 | |
2011-11-13 | Resolved issue 65 - made action on form_open_multipart helper function call ↵ | Ben Edmunds | 1 | -1/+1 | |
optional | |||||
2011-11-13 | Fix invalid datetime format | Syahril Zulkefli | 1 | -3/+3 | |
2011-11-13 | Fix invalid date format | Syahril Zulkefli | 1 | -1/+1 | |
2011-11-13 | Fix invalid date format | Syahril Zulkefli | 1 | -1/+1 | |
2011-11-08 | Added ->db->replace() for MySQLi. | Phil Sturgeon | 1 | -0/+19 | |
2011-11-08 | Enables real page numbers for URI segment in Pagination library | Aaron Kuzemchak | 1 | -12/+73 | |
2011-11-02 | Fix #8 - Load core classes from the application folder first. | Shane Pearson | 1 | -3/+3 | |
2011-10-31 | Misc formatting fixes | Timothy Warren | 1 | -7/+8 | |
2011-10-31 | Set charset in DSN if PHP >= 5.3.6 | Timothy Warren | 1 | -1/+7 | |
2011-10-31 | Changed mysql charset to PDO option | Timothy Warren | 1 | -4/+7 | |
2011-10-28 | add html_escape() function to escape HTML. | kenjis | 1 | -0/+24 | |
2011-10-27 | Added the 'user_data' key to the userdata property so that sessions using a ↵ | Kyle Farris | 1 | -1/+2 | |
database can be deleted properly when using the table schema found in the "Saving Session Data to a Database" section of the Session Class in the user guide. | |||||
2011-10-27 | Fixed issue #150 correctly. | Phil Sturgeon | 2 | -6/+6 | |
2011-10-27 | Fixed issue #150 (for mysql and mysqli), now returns the actual column length. | danmontgomery | 4 | -15/+25 | |
2011-10-27 | Fixed a bug (#200) where MySQL queries would be malformed after calling ↵ | Greg Aker | 9 | -0/+9 | |
db->count_all() then db->get() | |||||
2011-10-27 | Fixed LIKE statement escaping issues | Timothy Warren | 1 | -12/+13 | |
2011-10-27 | Bumped CodeIgniter version to 2.1.0. | Phil Sturgeon | 1 | -1/+1 | |
2011-10-27 | Some public and protected method declarations | Andrey Andreev | 3 | -59/+59 | |
2011-10-27 | Remove another 2 old comments | Andrey Andreev | 1 | -3/+1 | |
2011-10-27 | Cleanup and migrate oci8_driver and oci8_result from deprecated PHP4 to PHP5 ↵ | Andrey Andreev | 2 | -118/+120 | |
style functions | |||||
2011-10-27 | get_magic_quotes_gpc() to be executed only if PHP version is 5.3 or lower | Andrey Andreev | 2 | -7/+14 | |
2011-10-27 | I wasn't following the CI code style guide. | diegorivera | 1 | -3/+3 | |
2011-10-27 | Update system/libraries/Email.php | diegorivera | 1 | -1/+9 | |