summaryrefslogtreecommitdiffstats
path: root/system
AgeCommit message (Expand)AuthorFilesLines
2017-03-20Fix Apache header injection vulnerability in set_status_header()Andrey Andreev1-5/+5
2017-03-20Fix #5057Andrey Andreev1-2/+2
2017-03-14Fix #5050Andrey Andreev10-11/+11
2017-03-06Fix #5044; add unit tests for img() HTML helperAndrey Andreev1-1/+1
2017-03-01[ci skip] Remove a misleading comment from the docblock for random_string()Andrey Andreev1-3/+1
2017-02-20Do not strip substrings looking like URL encode sequencesvlakoff1-1/+1
2017-02-06[ci skip] Eliminate a needless array_merge() call from PR #5006 patchAndrey Andreev1-6/+3
2017-02-06Merge pull request #5006 from tianhe1986/develop_commonAndrey Andreev1-8/+8
2017-02-01Fix a CI_Input::set_cookie() bugAndrey Andreev2-10/+8
2017-01-23Merge pull request #4990 from tianhe1986/develop_profilerAndrey Andreev1-5/+5
2017-01-23Merge pull request #4991 from verkhoumov/developAndrey Andreev1-5/+0
2017-01-20Don't use each()Andrey Andreev3-23/+21
2017-01-19hash_pbkdf2() byte-safety again ... actually tell mbstring to use 8bitAndrey Andreev1-2/+2
2017-01-19hash_pbkdf2() byte-safetyAndrey Andreev1-4/+13
2017-01-19More byte-safetyAndrey Andreev6-28/+28
2017-01-19Fix byte-safety issues & actually test for themAndrey Andreev3-16/+60
2017-01-17Merge pull request #4987 from tianhe1986/develop_qb_alias_table_cacheAndrey Andreev1-9/+15
2017-01-17[ci skip] Merge pull request #4986 from ka7/feature/spellingAndrey Andreev23-30/+30
2017-01-17Address #4980Andrey Andreev1-13/+14
2017-01-11Merge branch 'feature/sess_db_destroy' into 3.1-stableAndrey Andreev1-5/+5
2017-01-11[ci skip] Merge pull request #4977 from fabiospampinato/fabiospampinato-loade...Andrey Andreev1-1/+1
2017-01-11[ci skip] Fix an error with DB sessions triggered with regenerate + destroyAndrey Andreev1-5/+5
2017-01-10[ci skip] CI_Image_lib to set gd.jpeg_ignore_warning = 1Andrey Andreev1-0/+10
2017-01-10Fix Undefined variable: object errorChris Faulkner1-2/+2
2017-01-09[ci skip] Mark the beginning of 3.1.4-devAndrey Andreev1-1/+1
2017-01-09[ci skip] Prepare 3.1.3 releaseAndrey Andreev1-1/+1
2017-01-09Merge branch 'security' into 3.1-stableAndrey Andreev3-43/+72
2017-01-06[ci skip] Don't set User-Agent header in CI_Email::clear()Andrey Andreev1-1/+0
2017-01-06Merge pull request #4765 from viitols/developAndrey Andreev1-0/+1
2017-01-06[ci skip] Cosmetich changes to CI_Image_lib::get_image_properties()Andrey Andreev1-14/+15
2017-01-06Merge pull request #4457 from KN4CK3R/developAndrey Andreev2-0/+6
2017-01-06[ci skip] Add an empty line to PR #4962 patchAndrey Andreev1-0/+1
2017-01-06[ci skip] Merge pull request #4962 from ytetsuro/patch-2Andrey Andreev1-1/+2
2017-01-05Address #4963Andrey Andreev1-7/+47
2017-01-05Address #4963Andrey Andreev1-7/+47
2017-01-04Fix a possible file inclusion vulnerability in CI_Loader::vars()Andrey Andreev1-30/+28
2017-01-04[ci skip] Try to mitigate BREACH attacks against CSRF tokensAndrey Andreev1-6/+35
2017-01-04[ci skip] Protect CSRF verification from timing side-channel attacksAndrey Andreev1-6/+8
2017-01-04Fix an XSS vulnerabilityAndrey Andreev1-1/+1
2017-01-03Fix #4804Andrey Andreev1-1/+1
2017-01-03Merge pull request #4958 from boxsnake/developAndrey Andreev1-1/+1
2017-01-03[ci skip] Fix 4953Andrey Andreev1-1/+1
2017-01-03[ci skip] Update year number in remaining files that were recently deleted fr...Andrey Andreev10-20/+20
2017-01-03Update copyright data to 2017Master Yoda162-324/+324
2016-12-16Merge pull request #4945 from vlakoff/text_helperAndrey Andreev1-1/+1
2016-12-12Fix #4892 - update_batch()Andrey Andreev5-105/+27
2016-12-12Really fix #4937Andrey Andreev1-6/+6
2016-12-12Merge pull request #4941 from aquilax/fix-pdo-sqlite-order_by-randAndrey Andreev1-1/+1
2016-12-09[ci skip] Fix #4937Andrey Andreev1-13/+6
2016-12-01[ci skip] Fix #4928Andrey Andreev1-1/+4