summaryrefslogtreecommitdiffstats
path: root/system
AgeCommit message (Expand)AuthorFilesLines
2008-05-20improved security in xss_clean(), added <audio> and <video> tags to naughty H...Derek Jones1-22/+14
2008-05-18Moved the _has_operators() function into DB_driver from DB_active_rec.Derek Allard2-20/+22
2008-05-17reduced $mobiles to single arrayDerek Jones1-14/+13
2008-05-16Considerably expanded list of mobile user-agents in config/user_agents.php.Derek Allard1-12/+71
2008-05-16changed foreach() reindexing of segment arrays to array_unshift() - teensy ti...Derek Jones1-15/+2
2008-05-16fixed regular expression in Image lib, CI bug #4542Derek Jones1-1/+1
2008-05-15addition xss protection against certain data urls, stripping of anything sent...Derek Jones1-2/+12
2008-05-15added ability to use xss_clean() to test images, and improved security for ve...Derek Jones1-37/+49
2008-05-14Set the mime type check in the Upload class to reference the global mimes var...Derek Allard1-1/+3
2008-05-14Added missing semicolon in upload_lang.phpDerek Jones1-3/+3
2008-05-14set $DB->char_set and $DB->dbcollat defaults to utf8 and utf8_general_ci resp...Derek Jones1-2/+2
2008-05-14fixed bug #3419 where the 'database' setting for DSN connections was using th...Derek Jones2-2/+25
2008-05-14force closing tag on eval() for servers not running short_open_tagsDerek Jones1-1/+1
2008-05-13hotfix for a bug in database error display introduced by 1.6.2 fix for bugs #...Derek Jones1-3/+8
2008-05-13Hey you! Yeah, you, that other set of hardcoded arrays in xss_clean(). You'...Derek Jones1-21/+3
2008-05-13increased security and performance of xss_clean(), added _sanitize_naughty_ht...Derek Jones1-24/+56
2008-05-13The Zip class has undergone a substantial re-write for speed and clarityDerek Allard1-120/+101
2008-05-13removed some stray testing codeDerek Allard2-23/+17
2008-05-13reverted OR back to || for js_calendar_pi.php javascriptDerek Jones1-6/+6
2008-05-13Some sweeping syntax changes for consistency:Derek Jones105-879/+915
2008-05-13adjusted eval() statement in Loader to accommodate servers with short_open_ta...Derek Jones1-1/+1
2008-05-13minor source formattingDerek Allard4-36/+35
2008-05-13preg_split changed to explodeDerek Allard1-165/+165
2008-05-13substr checks swapped out with strncmpDerek Allard1-16/+72
2008-05-12fixed a misspelling in the Input library of CDATADerek Allard1-1/+1
2008-05-12removed an ereg from configDerek Allard6-130/+131
2008-05-12Escape behaviour in where() clauses has changed; values in those with the "FA...Derek Allard1-19/+22
2008-05-12(no commit message)Rick Ellis1-22/+57
2008-05-12Added protection in xss_clean() for GET variables in URLsDerek Jones1-3/+55
2008-05-12Fixed a bug in AR compiling, where select statements with arguments got incor...Derek Allard1-3/+10
2008-05-12changed $xmlrpcDateTime property to all lowercase 'datetime.iso8601' so it ca...Derek Jones1-3/+3
2008-05-12fixed a bug that would lead to a PHP notice error of array to string conversi...Derek Jones1-2/+4
2008-05-12passed db object by reference to DB Cache class, and changed the cache class ...Derek Jones2-15/+17
2008-05-12changed overlay_watermark() to check for an alpha value before applying the i...Derek Jones1-6/+19
2008-05-12changed class instantiations to reference global $LANG and fetch existing Exc...Derek Jones2-16/+9
2008-05-11Removed closing PHP tags, replaced with a comment block identifying the end o...Derek Jones120-121/+361
2008-05-11Undoing change committed in r1115Derek Jones114-0/+114
2008-05-11removed closing PHP tag from all framework filesDerek Jones114-114/+0
2008-05-09added dot transformation to body of email when sending via SMTPDerek Jones1-2/+3
2008-05-08removed extraneous error message from Upload lib on failure of validate_uploa...Derek Jones1-1/+1
2008-05-08added 'object' key to the XML-RPCS config allowing the passing of a class obj...Derek Jones1-6/+18
2008-05-08added SET to the list of write type queriesDerek Jones1-1/+1
2008-05-08added symbolic_permissions() and octal_permissions() to the File helperDerek Jones1-0/+88
2008-05-08Fixed a bug where $data was not being converted to an array properly in set_r...Derek Jones1-1/+1
2008-05-08Fixed bug with recursive deletes in delete_dir()Derek Jones1-3/+3
2008-05-08flipped the $not flag for or_where_not_in()Derek Jones1-5/+1
2008-05-07added code comment for 'directory_trigger' config value which is not yet impl...Derek Jones1-1/+1
2008-05-07Added checks for objects in DB driver instead of just resources to accommodat...Derek Jones2-3/+3
2008-05-07removed default title= attribute from anchor() in URL HelperDerek Jones1-5/+1
2008-05-07removed SCRIPT_NAME from path provided by ORIG_PATH_INFO to remove the path a...Derek Jones1-1/+2