Age | Commit message (Collapse) | Author | Files | Lines |
|
- Removed double-encoding with XOR scheme when Mcrypt is available. Additional obfuscation was not significantly aiding security, and came at a very high performance cost.
- Changed the default encryption mode from ECB to CBC for much improved security
- Added an encode_from_legacy() method to allow re-encoding of permanent data that was originally encoded with the older methods.
|
|
when an empty string is attempted to be used as an encryption key
|
|
|
|
and line number of the failed query.
|
|
operations when using the GD lib.
|
|
utility drivers.
|
|
groupby, orhaving, orderby, getwhere.
|
|
documentation to the user guide.
|
|
|
|
|
|
Adding CSRF token into form open()
|
|
|
|
setting their values to FALSE in the pagination library.
|
|
provided.
|
|
|
|
a Zip archive.
|
|
|
|
5fe3b04bdf44 to standardize input
|
|
|
|
to return only the javascript with no script tags.
|
|
|
|
due to a function being moved from the input to security class.
Moving remove_invisible_characters() to Common.php so the entire class does not need to be instantiated in those database drivers.
|
|
|
|
Form_validation going forward!
Removed references to the validation classes documentation page in the changelog as well.
|
|
enabled.
|
|
filemtime() for dates.
|
|
|
|
the Session class
|
|
|
|
above web root
|
|
|
|
library
|
|
|
|
is_really_writable() on each page request unless it is_really_needed()
|
|
creation dates of 1980. Hat tip to JMous for a suggested fix on the forums.
|
|
over the use of the Security library's xss_clean() method.
|
|
thinking "grammar" I'm trolling you).
|
|
application folder
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|