summaryrefslogtreecommitdiffstats
path: root/system
AgeCommit message (Collapse)AuthorFilesLines
2012-06-29Updating XSS cleaning to better handle base64 encoded attributes.Wes Baker1-70/+81
Conflicts: system/core/Security.php
2012-06-13Revert a preg_replace()Andrey Andreev1-1/+1
2012-06-13Revert "Fix issue #1387"Florian Pritz2-14/+12
This reverts commit bc602d8b8e125597bfd557949e846ff5a258b858. This break the session cleanup. References: https://github.com/EllisLab/CodeIgniter/issues/1387#issuecomment-6307876 Conflicts: user_guide/changelog.html Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-06-13Revert "Fix an erroneus method name"Florian Pritz1-1/+1
This reverts commit 9b655400c9519407d1d33a75323b9f4fdac42766.
2012-06-13Switch strstr() argumentsAndrey Andreev1-1/+1
2012-06-13Fixed conflicts between git flow 2.1.1 and non-flow 2.1.1Phil Sturgeon13-13/+13
2012-06-13Revert from() alias escaping fix - it was breaking more stuffAndrey Andreev1-5/+3
2012-06-13Merge tag '2.1.1'Florian Pritz13-85/+316
Retagging 2.1.1 for final release Conflicts: user_guide/changelog.html user_guide/database/active_record.html user_guide/database/caching.html user_guide/database/call_function.html user_guide/database/configuration.html user_guide/database/connecting.html user_guide/database/examples.html user_guide/database/fields.html user_guide/database/forge.html user_guide/database/helpers.html user_guide/database/index.html user_guide/database/queries.html user_guide/database/results.html user_guide/database/table_data.html user_guide/database/transactions.html user_guide/database/utilities.html user_guide/doc_style/index.html user_guide/general/alternative_php.html user_guide/general/ancillary_classes.html user_guide/general/autoloader.html user_guide/general/caching.html user_guide/general/cli.html user_guide/general/common_functions.html user_guide/general/controllers.html user_guide/general/core_classes.html user_guide/general/creating_drivers.html user_guide/general/creating_libraries.html user_guide/general/credits.html user_guide/general/drivers.html user_guide/general/environments.html user_guide/general/errors.html user_guide/general/helpers.html user_guide/general/hooks.html user_guide/general/libraries.html user_guide/general/managing_apps.html user_guide/general/models.html user_guide/general/profiling.html user_guide/general/quick_reference.html user_guide/general/requirements.html user_guide/general/reserved_names.html user_guide/general/routing.html user_guide/general/security.html user_guide/general/styleguide.html user_guide/general/urls.html user_guide/general/views.html user_guide/helpers/array_helper.html user_guide/helpers/captcha_helper.html user_guide/helpers/cookie_helper.html user_guide/helpers/date_helper.html user_guide/helpers/directory_helper.html user_guide/helpers/download_helper.html user_guide/helpers/email_helper.html user_guide/helpers/file_helper.html user_guide/helpers/form_helper.html user_guide/helpers/html_helper.html user_guide/helpers/inflector_helper.html user_guide/helpers/language_helper.html user_guide/helpers/number_helper.html user_guide/helpers/path_helper.html user_guide/helpers/security_helper.html user_guide/helpers/smiley_helper.html user_guide/helpers/string_helper.html user_guide/helpers/text_helper.html user_guide/helpers/typography_helper.html user_guide/helpers/url_helper.html user_guide/helpers/xml_helper.html user_guide/index.html user_guide/installation/downloads.html user_guide/installation/index.html user_guide/installation/troubleshooting.html user_guide/installation/upgrade_120.html user_guide/installation/upgrade_130.html user_guide/installation/upgrade_131.html user_guide/installation/upgrade_132.html user_guide/installation/upgrade_133.html user_guide/installation/upgrade_140.html user_guide/installation/upgrade_141.html user_guide/installation/upgrade_150.html user_guide/installation/upgrade_152.html user_guide/installation/upgrade_153.html user_guide/installation/upgrade_154.html user_guide/installation/upgrade_160.html user_guide/installation/upgrade_161.html user_guide/installation/upgrade_162.html user_guide/installation/upgrade_163.html user_guide/installation/upgrade_170.html user_guide/installation/upgrade_171.html user_guide/installation/upgrade_172.html user_guide/installation/upgrade_200.html user_guide/installation/upgrade_201.html user_guide/installation/upgrade_202.html user_guide/installation/upgrade_203.html user_guide/installation/upgrade_210.html user_guide/installation/upgrade_b11.html user_guide/installation/upgrading.html user_guide/libraries/benchmark.html user_guide/libraries/caching.html user_guide/libraries/calendar.html user_guide/libraries/cart.html user_guide/libraries/config.html user_guide/libraries/email.html user_guide/libraries/encryption.html user_guide/libraries/file_uploading.html user_guide/libraries/form_validation.html user_guide/libraries/ftp.html user_guide/libraries/image_lib.html user_guide/libraries/input.html user_guide/libraries/javascript.html user_guide/libraries/language.html user_guide/libraries/loader.html user_guide/libraries/migration.html user_guide/libraries/output.html user_guide/libraries/pagination.html user_guide/libraries/parser.html user_guide/libraries/security.html user_guide/libraries/sessions.html user_guide/libraries/table.html user_guide/libraries/trackback.html user_guide/libraries/typography.html user_guide/libraries/unit_testing.html user_guide/libraries/uri.html user_guide/libraries/user_agent.html user_guide/libraries/xmlrpc.html user_guide/libraries/zip.html user_guide/license.html user_guide/overview/appflow.html user_guide/overview/at_a_glance.html user_guide/overview/cheatsheets.html user_guide/overview/features.html user_guide/overview/getting_started.html user_guide/overview/goals.html user_guide/overview/index.html user_guide/overview/mvc.html user_guide/toc.html user_guide/tutorial/conclusion.html user_guide/tutorial/create_news_items.html user_guide/tutorial/hard_coded_pages.html user_guide/tutorial/index.html user_guide/tutorial/news_section.html user_guide/tutorial/static_pages.html Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-06-11Fixed conflictsPhil Sturgeon8-33/+187
Why were there conflicts merging into master?
2012-06-07Revert a changeAndrey Andreev1-1/+1
2012-06-07Fixed valid_ip() for PHP < 5.2Andrey Andreev1-22/+21
2012-06-07Adding IPv6 support to the Input and Form_validation libraries.Pascal Kriete2-5/+134
2012-05-27Merge branch '2.1-stable' of github.com:EllisLab/CodeIgniter into 2.1-stablePhil Sturgeon1-1/+1
2012-05-27Driver_Library had $lib_name set as static, and used non-staticPhil Sturgeon1-1/+1
2012-05-27Fix an erroneus method nameAndrey Andreev1-1/+1
2012-05-24Fix issue #1387Andrey Andreev2-12/+14
2012-05-24Adding width and height to list of clear variables to fix #1059Jamie Hurst1-1/+1
2012-05-23Added ability to _like paramater side to use 'none', in case one wants to ↵Nithin1-2/+6
query like instead of where without case being sensitive
2012-05-19Fix a issue with CI_DB_pdo_result::num_rows()Rogerio Prado de Jesus1-1/+12
In case of SELECT queries PDOStatement::rowCount doesn't work as expected. This commit makes it returns the expected value.
2012-05-19Fix a issue with affect_rows in CI_DB_pdo_driver::_execute()Rogerio Prado de Jesus1-2/+11
In case of SELECT queries PDOStatement::rowCount doesn't work as expected. This commit makes affect_rows be initialized properly. Signed-off-by: Rogerio Prado de Jesus <rogeriopradoj@gmail.com>
2012-05-19Fix issue #726Andrey Andreev1-8/+8
2012-05-17Added upgrade for 2.1.1 and updated version.Phil Sturgeon13-13/+13
2012-05-17Merge pull request #1366 from aphofstede/2.1-stableAndrey Andreev1-1/+1
Check cookie against md5 regex. 2.1 stable CSRF injection security fix
2012-05-17Check cookie against md5 regex.Alexander Hofstede1-1/+1
Otherwise, cookie can contain arbitrary injected code that gets sent back directly to the browser.
2012-05-07Added a return false if an image doesn't pass XSS cleaning to prevent ↵Wes Baker1-0/+4
file_get_contents from returning a NULL and passing through unscathed.
2012-04-23Corrected the migration_missing_down_method language stringRepox1-1/+1
2012-03-04Merge pull request #1116 from tubalmartin/helpers|url|2.1-stablePhil Sturgeon1-20/+16
2.1 stable - An improved url_title helper function
2012-03-04Allow developers to use any string as a separator, not just dashes or ↵tubalmartin1-10/+19
underscores. Backwards compatible when using 'dash' or 'underscore' as string separator. Tests: http://codepad.org/DWcxVH5r
2012-03-03Fixed a bug - CI_Upload::_file_mime_type() could've failed if popen() is ↵tubalmartin1-1/+1
used for the detection.
2012-03-03An even better url_title helper. Tests: http://codepad.org/tuJgvkyNtubalmartin1-20/+7
Changelog entry added for 2.1.1
2012-03-01compile binds before caching the query, otherwise the cached query will ↵Ryan Dial1-6/+6
never match the unbound query. updated changlog to mention bug fix.
2012-02-12Merge pull request #757 from narfbg/2.1-stablePhil Sturgeon1-24/+78
Improve CI_Upload::_file_mime_type() realiability (2.1-stable)
2011-12-26Merge pull request #709 from tubalmartin/2.1-stablePhil Sturgeon1-0/+14
2.1.0 - Fatal error: Call to undefined method CI_DB_Driver::_reset_select()
2011-12-15Merge remote-tracking branch 'upstream/2.1-stable' into 2.1-stableAndrey Andreev1-1/+1
2011-12-13Tweak MIME regular expression check againAndrey Andreev1-1/+1
2011-12-11Fix regular expression for validating MIME type stringAndrey Andreev1-1/+1
2011-12-11Fix for Issue #538.Andrew Mackrodt1-1/+1
2011-12-09Improve CI_Upload::_file_mime_type()Andrey Andreev1-24/+78
2011-12-02Update a comment, just to be clearerAndrey Andreev1-1/+1
2011-12-02Hotfix for a file type detection bug in the Upload libraryAndrey Andreev1-2/+5
2011-12-01This fixes issue #725Repox1-2/+8
2011-11-28Merge commit 'v2.1.0'Florian Pritz61-492/+4247
Conflicts: user_guide/changelog.html user_guide/database/active_record.html user_guide/database/caching.html user_guide/database/call_function.html user_guide/database/configuration.html user_guide/database/connecting.html user_guide/database/examples.html user_guide/database/fields.html user_guide/database/forge.html user_guide/database/helpers.html user_guide/database/index.html user_guide/database/queries.html user_guide/database/results.html user_guide/database/table_data.html user_guide/database/transactions.html user_guide/database/utilities.html user_guide/doc_style/index.html user_guide/general/alternative_php.html user_guide/general/ancillary_classes.html user_guide/general/autoloader.html user_guide/general/caching.html user_guide/general/cli.html user_guide/general/common_functions.html user_guide/general/controllers.html user_guide/general/core_classes.html user_guide/general/creating_drivers.html user_guide/general/creating_libraries.html user_guide/general/credits.html user_guide/general/drivers.html user_guide/general/environments.html user_guide/general/errors.html user_guide/general/helpers.html user_guide/general/hooks.html user_guide/general/libraries.html user_guide/general/managing_apps.html user_guide/general/models.html user_guide/general/profiling.html user_guide/general/quick_reference.html user_guide/general/requirements.html user_guide/general/reserved_names.html user_guide/general/routing.html user_guide/general/security.html user_guide/general/styleguide.html user_guide/general/urls.html user_guide/general/views.html user_guide/helpers/array_helper.html user_guide/helpers/captcha_helper.html user_guide/helpers/cookie_helper.html user_guide/helpers/date_helper.html user_guide/helpers/directory_helper.html user_guide/helpers/download_helper.html user_guide/helpers/email_helper.html user_guide/helpers/file_helper.html user_guide/helpers/form_helper.html user_guide/helpers/html_helper.html user_guide/helpers/inflector_helper.html user_guide/helpers/language_helper.html user_guide/helpers/number_helper.html user_guide/helpers/path_helper.html user_guide/helpers/security_helper.html user_guide/helpers/smiley_helper.html user_guide/helpers/string_helper.html user_guide/helpers/text_helper.html user_guide/helpers/typography_helper.html user_guide/helpers/url_helper.html user_guide/helpers/xml_helper.html user_guide/images/appflowchart.gif user_guide/index.html user_guide/installation/downloads.html user_guide/installation/index.html user_guide/installation/troubleshooting.html user_guide/installation/upgrade_120.html user_guide/installation/upgrade_130.html user_guide/installation/upgrade_131.html user_guide/installation/upgrade_132.html user_guide/installation/upgrade_133.html user_guide/installation/upgrade_140.html user_guide/installation/upgrade_141.html user_guide/installation/upgrade_150.html user_guide/installation/upgrade_152.html user_guide/installation/upgrade_153.html user_guide/installation/upgrade_154.html user_guide/installation/upgrade_160.html user_guide/installation/upgrade_161.html user_guide/installation/upgrade_162.html user_guide/installation/upgrade_163.html user_guide/installation/upgrade_170.html user_guide/installation/upgrade_171.html user_guide/installation/upgrade_172.html user_guide/installation/upgrade_200.html user_guide/installation/upgrade_201.html user_guide/installation/upgrade_202.html user_guide/installation/upgrade_203.html user_guide/installation/upgrade_b11.html user_guide/installation/upgrading.html user_guide/libraries/benchmark.html user_guide/libraries/caching.html user_guide/libraries/calendar.html user_guide/libraries/cart.html user_guide/libraries/config.html user_guide/libraries/email.html user_guide/libraries/encryption.html user_guide/libraries/file_uploading.html user_guide/libraries/form_validation.html user_guide/libraries/ftp.html user_guide/libraries/image_lib.html user_guide/libraries/input.html user_guide/libraries/javascript.html user_guide/libraries/language.html user_guide/libraries/loader.html user_guide/libraries/output.html user_guide/libraries/pagination.html user_guide/libraries/parser.html user_guide/libraries/security.html user_guide/libraries/sessions.html user_guide/libraries/table.html user_guide/libraries/trackback.html user_guide/libraries/typography.html user_guide/libraries/unit_testing.html user_guide/libraries/uri.html user_guide/libraries/user_agent.html user_guide/libraries/xmlrpc.html user_guide/libraries/zip.html user_guide/license.html user_guide/nav/nav.js user_guide/overview/appflow.html user_guide/overview/at_a_glance.html user_guide/overview/cheatsheets.html user_guide/overview/features.html user_guide/overview/getting_started.html user_guide/overview/goals.html user_guide/overview/index.html user_guide/overview/mvc.html user_guide/toc.html Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-11-24Changed form_open() to compare $action against base_url()John Nicely1-1/+1
Checking for strpos($action, $CI->config->site_url()) === FALSE causes CSRF token to not be added in form_open() output. When site_url()'s first parameter ($uri) is empty, site_url's return value is the base URL plus the $CI->config->item('index_page') value. form_open() and CodeIgniter's URI routing do not require index.php to be in the URL, so any call to form_open() in which the $action parameter does not have index.php will always return false for the strpos() call.
2011-11-24Added dummy _reset_select() method to CI_DB_Driver class to allow Active ↵Túbal Martín1-0/+14
Record class to be disabled. Otherwise a fatal error is triggered.
2011-11-23tmp_path does not exists, should be tmp_nameMichiel Vugteveen1-1/+1
2011-11-22Readded PDO drivers.Phil Sturgeon5-15/+565
2011-11-14Tweaking the xss filter for IE <comment> tags, parameter injection, and ↵Pascal Kriete1-50/+41
weird html5 attributes.
2011-11-14Removing stray docblocksPascal Kriete1-12/+0
2011-11-13Added TLS and SSL support to Email library. Fixes issue #171Radu Potop1-1/+19
2011-11-13Resolved issue 65 - made action on form_open_multipart helper function call ↵Ben Edmunds1-1/+1
optional
generated by cgit v1.2.3-24-g4f1b (git 2.32.0) at 2024-06-03 08:00:21 +0200