Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2015-08-07 | Fix ReDoS-bug in string_helper.php | Kevin Morssink | 1 | -1/+1 | |
Fix for ReDoS (Regular Expression Denial of Service) / Code Injection Risk | |||||
2015-08-05 | Fix #4026 | Andrey Andreev | 1 | -1/+4 | |
2015-08-05 | Reduce once $config['query_toggle_count'] checking | bjjay | 1 | -6/+0 | |
This checking can be done by calling set_sections method when initialize profiler . | |||||
2015-08-05 | Fix #4027 | Andrey Andreev | 1 | -8/+12 | |
2015-08-03 | Fix #4015 | Andrey Andreev | 1 | -1/+2 | |
2015-08-03 | [ci skip] Normalize tabs/spaces | Andrey Andreev | 9 | -18/+18 | |
Partial changes from PR #4016 | |||||
2015-07-31 | Fix #4012 | Andrey Andreev | 1 | -1/+4 | |
2015-07-29 | Fix a 'counter-#3989' bug | Andrey Andreev | 1 | -5/+15 | |
The issue described in #3989 is actually the opposite of what has beent the intended behavior for the parameter in all Query Builder methods. Unfortunately, there's been a huge misunderstanding about that and half the methods worked properly, while the other half did not ... fixing that here. Also related: #4001 | |||||
2015-07-28 | Fix #4005 | Andrey Andreev | 1 | -1/+1 | |
2015-07-27 | Close #4004 | Andrey Andreev | 1 | -1/+3 | |
2015-07-27 | Revert "Fix an internal bug in QB where() escaping" | Andrey Andreev | 1 | -1/+4 | |
This reverts commit 43afc71b777b00cfc2638add6fa3c47d333c5e04. | |||||
2015-07-27 | Revert "Fix #3989" | Andrey Andreev | 1 | -4/+11 | |
This reverts commit e1a94d30e2f30cee36f71c246136fb2db34d25df. | |||||
2015-07-26 | Fix #4000 | Andrey Andreev | 1 | -1/+2 | |
2015-07-24 | Fixed typos | Calvin Tam | 9 | -9/+9 | |
2015-07-23 | Merge pull request #3995 from rajatsharma94/develop | Andrey Andreev | 1 | -1/+1 | |
set_realpath IP check | |||||
2015-07-23 | Update path_helper.php | rajatsharma94 | 1 | -1/+1 | |
2015-07-23 | Security check updated. | rajatsharma94 | 1 | -1/+1 | |
All security check conditions are modified according to CI styleguide. | |||||
2015-07-23 | Update path_helper.php | rajatsharma94 | 1 | -1/+1 | |
2015-07-23 | IP checking false positives and no ipv6 check | rajatsharma94 | 1 | -1/+1 | |
The currently implemented method marks all IPs between 0.0.0.0 - 999.999.999.999 as valid IP Address. Which generates false positives as any IP after 255.255.255.255 is not a valid IP address. Also, there is no check for IPv6 IP addresses. filter_var() solves both the issues. | |||||
2015-07-23 | IP Address checking generates false positives. | medhavini | 1 | -1/+1 | |
IP Address checking marks all IPs between 0.0.0.0 - 999.999.999.999 as valid IP Address. Which is not true. | |||||
2015-07-23 | Fix an issue with CI_Upload max filesize | Andrey Andreev | 1 | -0/+16 | |
Reported via the forums: http://forum.codeigniter.com/thread-62510.html | |||||
2015-07-22 | Remove eval()-related logic from function_exists() | Andrey Andreev | 1 | -13/+3 | |
#3991 shows that all such checks are useless as function_exists('eval') will always return FALSE. | |||||
2015-07-22 | Add class_exists() checks to CI_Loader::model() | Andrey Andreev | 1 | -12/+26 | |
Helps debugging in case of controller/model/library class name collision. | |||||
2015-07-22 | Fix #3991 | Andrey Andreev | 1 | -1/+1 | |
2015-07-21 | Fix #3989 | Andrey Andreev | 1 | -11/+4 | |
More instances of the bug that was fixed with 43afc71b777b00cfc2638add6fa3c47d333c5e04 | |||||
2015-07-20 | Failed security check | rajatsharma94 | 1 | -2/+1 | |
The implemented security check to make sure the path is NOT a URL can easily be bypassed (gives false negative) for all subdomains. Eg "subdomain.domain.com" should ideally show an error but it does not. The new security check tries to make a fsockopen connection to validate whether the URL is external or not. | |||||
2015-07-20 | Security check fail | medhavini | 1 | -0/+1 | |
Security check condition to check that the path is NOT a URL may give false negative in case of subdomains. Where URLs don't start with http or www. | |||||
2015-07-20 | Fix #3279 | Andrey Andreev | 1 | -4/+4 | |
2015-07-20 | Fix an internal bug in QB where() escaping | Andrey Andreev | 1 | -4/+1 | |
This is not a supported use case, but if QB escaping is force-disabled, string values passed to where() or having() aren't escaped. That's wrong because escape-disabling should only be possible for identifiers and not values. Reported via the forums: http://forum.codeigniter.com/thread-62478.html | |||||
2015-07-17 | Fix #3752 | Andrey Andreev | 1 | -21/+22 | |
2015-07-17 | [ci skip] Fix #3778 | Andrey Andreev | 1 | -15/+6 | |
2015-07-17 | [ci skip] Fix a bug reported via PR #3704 | Andrey Andreev | 1 | -23/+20 | |
2015-07-16 | Add 'ssl_verify' option for mysqli driver | Andrey Andreev | 1 | -0/+5 | |
MYSQLI_OPT_SSL_VERIFY_SERVER_CERT is an undocumented option that may not always be available. Reference: http://svn.php.net/viewvc/php/php-src/trunk/ext/mysqli/tests/mysqli_constants.phpt?view=markup&pathrev=302897 | |||||
2015-07-16 | Add SSL support for PDO_MYSQL too | Andrey Andreev | 1 | -2/+29 | |
Related: #3896 | |||||
2015-07-16 | Improve the ssl_cipher check for MySQLi | Andrey Andreev | 1 | -9/+9 | |
Related: #3896 | |||||
2015-07-16 | Refactor proposed changes from PR #3896 | Andrey Andreev | 1 | -44/+28 | |
2015-07-16 | Merge branch 'feature/mysqli-ssl' of github.com:ndigitals/CodeIgniter into ↵ | Andrey Andreev | 1 | -2/+56 | |
feature/mysqli_ssl | |||||
2015-07-15 | [ci skip] Revert styleguide violations from PR #3828 | Andrey Andreev | 1 | -3/+3 | |
2015-07-15 | Merge branch 'patch-1' of github.com:w0den/CodeIgniter into feature/output_cache | Andrey Andreev | 1 | -7/+28 | |
2015-07-15 | Merge pull request #3715 from infinit89/patch-1 | Andrey Andreev | 1 | -1/+1 | |
[ci skip] Fix pagination links with protocol-relative URLs | |||||
2015-07-15 | Merge pull request #3977 from MSDehghan/develop | Andrey Andreev | 1 | -1/+1 | |
[ci skip] Fix a log message typo | |||||
2015-07-15 | Polish changes from PR #3893 | Andrey Andreev | 1 | -24/+13 | |
2015-07-15 | Fix a Typo | Mohammad Sadegh Dehghan Niri | 1 | -1/+1 | |
2015-07-15 | Merge branch 'feature/form_helper' of github.com:darkhouse/CodeIgniter into ↵ | Andrey Andreev | 1 | -10/+28 | |
feature/form_helpers_extra_array Manually fixed conflicts in: user_guide_src/source/changelog.rst | |||||
2015-07-15 | allow add of keys with array | Adrian Voicu | 1 | -1/+1 | |
This will allow adding multiple keys using array (http://www.codeigniter.com/user_guide/database/forge.html#adding-keys). Only if user wants, he can use the table columns to set a primary key by setting second parameter as TRUE. | |||||
2015-07-13 | Add check for PCRE UTF-8 support | dimonneon | 1 | -1/+1 | |
2015-07-10 | Add unicode support in url_title function | dimonneon | 1 | -2/+2 | |
2015-07-09 | Fix #3965 | Andrey Andreev | 1 | -9/+3 | |
2015-07-08 | [ci skip] Cleanup some whitespace in CI_Unit_test | Andrey Andreev | 1 | -23/+23 | |
2015-07-08 | Fix #3963 | Andrey Andreev | 1 | -3/+5 | |