summaryrefslogtreecommitdiffstats
path: root/system
AgeCommit message (Collapse)AuthorFilesLines
2017-01-04Fix a possible file inclusion vulnerability in CI_Loader::vars()Andrey Andreev1-30/+28
2017-01-04[ci skip] Try to mitigate BREACH attacks against CSRF tokensAndrey Andreev1-6/+35
2017-01-04[ci skip] Protect CSRF verification from timing side-channel attacksAndrey Andreev1-6/+8
2017-01-04Fix an XSS vulnerabilityAndrey Andreev1-1/+1
2017-01-03Fix #4804Andrey Andreev1-1/+1
2017-01-03Merge pull request #4958 from boxsnake/developAndrey Andreev1-1/+1
Fix a bug where QB count_all_results() doesn't take into account qb_cache_orderby
2017-01-03[ci skip] Fix 4953Andrey Andreev1-1/+1
2017-01-03[ci skip] Update year number in remaining files that were recently deleted ↵Andrey Andreev10-20/+20
from develop
2017-01-03Update copyright data to 2017Master Yoda162-324/+324
2016-12-16Merge pull request #4945 from vlakoff/text_helperAndrey Andreev1-1/+1
Small code simplification in character_limiter()
2016-12-12Fix #4892 - update_batch()Andrey Andreev5-105/+27
Regression caused by 0c23e9122666a30797079bea9415da135d4f7e12 trying to fix #4871 Supersedes #4929
2016-12-12Really fix #4937Andrey Andreev1-6/+6
2016-12-12Merge pull request #4941 from aquilax/fix-pdo-sqlite-order_by-randAndrey Andreev1-1/+1
Fix order_by() random for pdo/sqlite driver
2016-12-09[ci skip] Fix #4937Andrey Andreev1-13/+6
2016-12-01[ci skip] Fix #4928Andrey Andreev1-1/+4
2016-12-01Fix #4844Andrey Andreev1-1/+1
2016-12-01Fix #4927Andrey Andreev1-3/+4
2016-11-29Fix #4923Andrey Andreev3-41/+33
2016-11-23[ci skip] Deprecate nice_date()Andrey Andreev1-0/+1
2016-11-23Fix #4917Andrey Andreev1-2/+2
2016-11-22Fix #4916Andrey Andreev1-2/+2
2016-11-14Fix #4905Andrey Andreev1-32/+8
2016-11-07Fix #4902Andrey Andreev1-1/+1
2016-11-03Fix #4679, for realAndrey Andreev1-1/+1
2016-10-31[ci skip] Fix #4887Andrey Andreev1-13/+23
2016-10-31Merge pull request #4893 from tianhe1986/develop_fix_dbdriver_quoteAndrey Andreev2-2/+2
Fix compile_binds: do not use back references inside a character class.
2016-10-31Fix #4890Andrey Andreev1-4/+4
2016-10-31Merge pull request #4886 from tianhe1986/develop_dbdriver_quoteAndrey Andreev2-2/+2
Detect double-quoted strings in DB::compile_binds()
2016-10-28[ci skip] Mark the start of 3.1.3-devAndrey Andreev1-1/+1
2016-10-28[ci skip] Prepare for 3.1.2 releaseAndrey Andreev1-1/+1
2016-10-28[ci skip] xss_clean() hardeningAndrey Andreev1-10/+11
- percent-sign tag (IE) - data: URI scheme inclinding whitespace (Chrome)
2016-10-28Improve byte-safetyAndrey Andreev4-41/+235
2016-10-28[ci skip] Clear trailing whitespace from PR #4834Andrey Andreev1-1/+1
2016-10-28Fix #4884Andrey Andreev1-1/+1
2016-10-27[ci skip] Another attempt at #4874Andrey Andreev1-2/+3
2016-10-27Fix #4871Andrey Andreev1-3/+5
2016-10-27Fix #4874Andrey Andreev1-9/+54
2016-10-27Close #4875Andrey Andreev1-1/+20
2016-10-27[ci skip] This is 3.1.2-devAndrey Andreev1-1/+1
2016-10-26Fix #4877Andrey Andreev1-5/+29
2016-10-22[ci skip] Prepare for 3.1.1 releaseAndrey Andreev1-1/+1
2016-10-22Merge branch 'security/entity_decode' into 3.1-stableAndrey Andreev1-17/+22
2016-10-22Close #4830, #3649Andrey Andreev2-6/+48
2016-10-22Allow binding 0, null out of array in query()Andrey Andreev1-1/+1
2016-10-21Fix #4865Andrey Andreev2-1/+1
2016-10-20[ci skip] Polish changes and add a changelog entry for PR #4855Andrey Andreev1-2/+2
2016-10-20Merge pull request #4855 from jim-parry/fix/xmlrpc-timeoutInstructor, Computer Systems Technology1-3/+2
Fix xmlrpc timeout, #4843
2016-10-20Merge pull request #4863 from gxgpet/develop4Andrey Andreev1-0/+1
Add missing method chaining support to CI_Table::set_caption()
2016-10-17Fix #4851Andrey Andreev6-10/+10
2016-10-11[ci skip] Add new HTTP status codesAndrey Andreev1-1/+6
https://tools.ietf.org/html/rfc2817 https://tools.ietf.org/html/rfc6585 Requested in #4835