Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
the input class
|
|
post() and get() changes.
|
|
into my secure cookie change.
|
|
method.
|
|
|
|
|
|
Updated the documentation
|
|
Elaborated on its functionality in the user guide.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
in the navigation.
|
|
|
|
|
|
|
|
|
|
can optionally check for a specific browser or mobile device.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
class. The request_headers() method is helpful in non-apache environments where apache_request_headers() isn't going to exist.
|
|
|
|
|
|
|
|
|
|
for 2.0.
|
|
|
|
when using sanitize_filename() for user input
|
|
|
|
|
|
|
|
sessions to auto-expire when the browser window is closed.
|
|
where validation is necessary or undesirable actions could occur by a user manipulating their cookies
|
|
- Removed double-encoding with XOR scheme when Mcrypt is available. Additional obfuscation was not significantly aiding security, and came at a very high performance cost.
- Changed the default encryption mode from ECB to CBC for much improved security
- Added an encode_from_legacy() method to allow re-encoding of permanent data that was originally encoded with the older methods.
|
|
Encryption lib
|
|
config file, for additional assurance that session manipulation can be prevented
|
|
|