Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
update times to the Session class
|
|
|
|
of being hard-coded.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
debugging output
|
|
handling of setting options as 'selected'
|
|
|
|
A numeric 0 sent to these functions would evaluate if ($title == '') as TRUE, and type casting seems the more appropriate fix than simply using $title === '', since we're expecting and treating $title as a string.
|
|
queries needed htmlspecialchars()
|
|
|
|
|
|
already existin _filter_uri()
|
|
|
|
|
|
*Modified the Router so that when Query Strings are Enabled, the controller trigger and function trigger values are sanitized for filename include security.
|
|
trigger and function trigger values are sanitized for filename include security.
|
|
|
|
xss_clean("<x<xss>ss <scr<xss>ipt a='>'>alert/**/('!');//*/</script</script >>");
|
|
|
|
|