summaryrefslogtreecommitdiffstats
path: root/system
AgeCommit message (Collapse)AuthorFilesLines
2014-07-14Add changelog entry for CSRF status code; remove line at EOFKyle Valade1-1/+1
2014-07-06Return 403 instead of 500 if no CSRF token givenKyle Valade1-2/+2
Not supplying a CSRF token shouldn't return a 500 response because it isn't a server error. The response status code should definitely be in the 400's, because it's the client's fault. And it should be a 403 because the client is forbidden from making that request without the appropriate credential (the CSRF token), though the request may be otherwise valid. http://en.wikipedia.org/wiki/List_of_HTTP_status_codes
2014-07-06Merge branch 'develop' of github.com:EllisLab/CodeIgniter into developAndrey Andreev1-1/+1
2014-07-06Fix #3131Andrey Andreev1-0/+4
2014-07-05Missing looping index added. Without index empty rows returned for csv ↵Dionysis Arvanitis1-1/+1
column headers.
2014-07-02Remove GCM mode from CI_Encryption (OpenSSL)Andrey Andreev1-3/+2
While openssl_get_cipher_methods() lists 'aes-<keysize>-gcm' as supported, it appears that this is only half of the story. To be more specific, only the encryption operation of GCM is performed, and the authentication message is completely missing, rendering the whole thing useles.
2014-07-01Merge branch 'develop' of github.com:EllisLab/CodeIgniter into developAndrey Andreev1-1/+1
2014-07-01Fix #3124Andrey Andreev1-2/+2
2014-06-29Fixed eofGraham Campbell1-1/+1
2014-06-29Fixed typoGraham Campbell1-2/+2
2014-06-21Add CI_Encryption::create_key()Andrey Andreev1-0/+15
This was planned, we somehow forgot about it. :)
2014-06-21Fix a _potential_ flaw in password_hash()Andrey Andreev1-1/+4
2014-06-19Remove the custom IV option from CI_EncryptionAndrey Andreev1-51/+36
It serves for no practical purpose and can only do harm.
2014-06-19Fix #3112Andrey Andreev4-15/+4
2014-06-13Make 'num_links=0' configuration available in Pagination libraryTakayuki Sakai1-4/+4
Changed conditions when making 'first' and 'last' links
2014-06-13Revert "Make num_links=0 in pagination library possible to configure"Takayuki Sakai1-15/+9
This reverts commit a01924d2cc2d63d2bddbee85a18b423b88a9b19e.
2014-06-13Make num_links=0 in pagination library possible to configureTakayuki Sakai1-9/+15
2014-06-12remove the empty line at the end of fileFu Xu1-1/+1
2014-06-12style changeFu Xu1-1/+1
2014-06-12config load bug fixFu Xu1-2/+3
2014-06-12Fix #3101Andrey Andreev1-1/+1
2014-06-07Fix #3085Andrey Andreev1-17/+19
2014-06-03Fix a potential undefined variable errorAndrey Andreev2-2/+2
2014-06-01Fix wrong variable nameAndrey Andreev1-2/+2
2014-05-31Add support for non-ASCII domain names in FV & Email classes' valid_email()Andrey Andreev2-0/+10
Depends on the Intl extension
2014-05-31Remove CI_Encrypt::_xor_encode()Andrey Andreev1-47/+12
2014-05-31A fix about loading language files - ensuring suffix '_lang' presence properly.Ivan Tcholakov1-1/+1
2014-05-27fix callable hooksMax1-1/+1
2014-05-27fix callable hooksMax1-1/+1
2014-05-23Fix #3057Andrey Andreev1-66/+62
2014-05-20Merge pull request #3058 from vlakoff/word_wrapAndrey Andreev2-13/+12
Fixes in word_wrap() functions
2014-05-20Pick up some changes from text helpervlakoff1-5/+5
refs 6ce4746474ddf050f7f4df61b7a22b7f5854d533
2014-05-20Fix handling of {unwrap} tags in word_wrap() functionsvlakoff2-6/+5
* in Email library: these tags were not removed * in text helper: simplified code
2014-05-20Regex fixesvlakoff2-2/+2
* Replace wrong "wwww." with "www." * Escape dot
2014-05-20[ci skip] Fix error notices in FV when trying to lookup error msgs for closuresAndrey Andreev1-14/+18
2014-05-19Remove static cache in Email->_mimes_types()vlakoff1-9/+1
Saving one function call isn't worth the code overhead.
2014-05-19Fix caching of MIME configvlakoff2-10/+20
* in get_mimes(): was missing isset() test * in Email->_mimes_types(): static cache of reference was noneffective refs 6ef498b49946ba74d610b3805fb908b163a7f03a
2014-05-19Merge pull request #3053 from vlakoff/get_configAndrey Andreev1-7/+4
Simplify code in get_config()
2014-05-19Simplify code in get_config()vlakoff1-7/+4
Exact same behavior. The reference was just redundant.
2014-05-18[ci skip] Add a note to CI_Model::__get() (issue #3046)Andrey Andreev1-0/+4
2014-05-18Adjust docblock of load_class()vlakoff1-1/+1
refs c26b9ebb00e29be2e972fece3bcf73d33249a64b
2014-05-16fix wrong if expression in link_tagEmmanuel Grognet1-1/+1
2014-05-09Suppress PHP 5.6 E_DEPRECATED warnings for mbstring.internal_encoding as wellAndrey Andreev1-1/+3
2014-05-09Add hash_equals() to ext/hash compat layerAndrey Andreev1-0/+46
Introduced in PHP 5.6 Beta 1 (unfortunately, still undocumented). RFC: https://wiki.php.net/rfc/timing_attack (Yes, I am aware that the RFC talks about hash_compare(), the function was later renamed in the implementation.)
2014-05-09Call data_seek(0) only if we've used DB_result::*row*() methodsAndrey Andreev1-3/+3
This should fix HHVM where it throws 'Unable to jump to row 0 on MySQL result index X' error messages for ext/mysqli
2014-05-09Remove (most of) error suppression from database drivers (issue #3036)Andrey Andreev17-56/+61
2014-05-08Merge pull request #3039 from mdunisch/developAndrey Andreev1-2/+2
Remove error-masking '@' in mysqli_driver (See: #3036)
2014-05-08Merge pull request #3041 from egig/developAndrey Andreev1-0/+1
Prepare image url.
2014-05-08Removed empty lineegig1-1/+1
2014-05-08[ci skip] Update a comment for CI_Input::input_stream()Andrey Andreev1-2/+2