From 95311be467faa2e744bbd9e932900a7cf96b081f Mon Sep 17 00:00:00 2001
From: Alex Bilbie <alex.bilbie@gmail.com>
Date: Sat, 20 Aug 2011 17:35:22 +0100
Subject: Renamed some Session library functions to make them shorter. Includes
 backwards compatibility.

---
 system/libraries/Cart.php    | 10 ++++----
 system/libraries/Session.php | 59 +++++++++++++++++++++++++++++++++-----------
 2 files changed, 50 insertions(+), 19 deletions(-)

diff --git a/system/libraries/Cart.php b/system/libraries/Cart.php
index b2eaa9ad7..1caef49cd 100644
--- a/system/libraries/Cart.php
+++ b/system/libraries/Cart.php
@@ -59,9 +59,9 @@ class CI_Cart {
 		$this->CI->load->library('session', $config);
 
 		// Grab the shopping cart array from the session table, if it exists
-		if ($this->CI->session->userdata('cart_contents') !== FALSE)
+		if ($this->CI->session->get('cart_contents') !== FALSE)
 		{
-			$this->_cart_contents = $this->CI->session->userdata('cart_contents');
+			$this->_cart_contents = $this->CI->session->get('cart_contents');
 		}
 		else
 		{
@@ -397,7 +397,7 @@ class CI_Cart {
 		// Is our cart empty?  If so we delete it from the session
 		if (count($this->_cart_contents) <= 2)
 		{
-			$this->CI->session->unset_userdata('cart_contents');
+			$this->CI->session->rm('cart_contents');
 
 			// Nothing more to do... coffee time!
 			return FALSE;
@@ -405,7 +405,7 @@ class CI_Cart {
 
 		// If we made it this far it means that our cart has data.
 		// Let's pass it to the Session class so it can be stored
-		$this->CI->session->set_userdata(array('cart_contents' => $this->_cart_contents));
+		$this->CI->session->set(array('cart_contents' => $this->_cart_contents));
 
 		// Woot!
 		return TRUE;
@@ -541,7 +541,7 @@ class CI_Cart {
 		$this->_cart_contents['cart_total'] = 0;
 		$this->_cart_contents['total_items'] = 0;
 
-		$this->CI->session->unset_userdata('cart_contents');
+		$this->CI->session->rm('cart_contents');
 	}
 
 
diff --git a/system/libraries/Session.php b/system/libraries/Session.php
index 2c8a80163..3203468b2 100644
--- a/system/libraries/Session.php
+++ b/system/libraries/Session.php
@@ -395,7 +395,7 @@ class CI_Session {
 	 * @access	public
 	 * @return	void
 	 */
-	function sess_destroy()
+	function destroy()
 	{
 		// Kill the session DB row
 		if ($this->sess_use_database === TRUE AND isset($this->userdata['session_id']))
@@ -424,7 +424,7 @@ class CI_Session {
 	 * @param	string
 	 * @return	string
 	 */
-	function userdata($item)
+	function get($item)
 	{
 		return ( ! isset($this->userdata[$item])) ? FALSE : $this->userdata[$item];
 	}
@@ -437,7 +437,7 @@ class CI_Session {
 	 * @access	public
 	 * @return	array
 	 */
-	function all_userdata()
+	function get_all()
 	{
 		return $this->userdata;
 	}
@@ -452,7 +452,7 @@ class CI_Session {
 	 * @param	string
 	 * @return	void
 	 */
-	function set_userdata($newdata = array(), $newval = '')
+	function set($newdata = array(), $newval = '')
 	{
 		if (is_string($newdata))
 		{
@@ -478,7 +478,7 @@ class CI_Session {
 	 * @access	array
 	 * @return	void
 	 */
-	function unset_userdata($newdata = array())
+	function rm($newdata = array())
 	{
 		if (is_string($newdata))
 		{
@@ -519,7 +519,7 @@ class CI_Session {
 			foreach ($newdata as $key => $val)
 			{
 				$flashdata_key = $this->flashdata_key.':new:'.$key;
-				$this->set_userdata($flashdata_key, $val);
+				$this->set($flashdata_key, $val);
 			}
 		}
 	}
@@ -540,10 +540,10 @@ class CI_Session {
 		// Note the function will return FALSE if the $key
 		// provided cannot be found
 		$old_flashdata_key = $this->flashdata_key.':old:'.$key;
-		$value = $this->userdata($old_flashdata_key);
+		$value = $this->get($old_flashdata_key);
 
 		$new_flashdata_key = $this->flashdata_key.':new:'.$key;
-		$this->set_userdata($new_flashdata_key, $value);
+		$this->set($new_flashdata_key, $value);
 	}
 
 	// ------------------------------------------------------------------------
@@ -558,7 +558,7 @@ class CI_Session {
 	function flashdata($key)
 	{
 		$flashdata_key = $this->flashdata_key.':old:'.$key;
-		return $this->userdata($flashdata_key);
+		return $this->get($flashdata_key);
 	}
 
 	// ------------------------------------------------------------------------
@@ -572,15 +572,15 @@ class CI_Session {
 	 */
 	function _flashdata_mark()
 	{
-		$userdata = $this->all_userdata();
+		$userdata = $this->get_all();
 		foreach ($userdata as $name => $value)
 		{
 			$parts = explode(':new:', $name);
 			if (is_array($parts) && count($parts) === 2)
 			{
 				$new_name = $this->flashdata_key.':old:'.$parts[1];
-				$this->set_userdata($new_name, $value);
-				$this->unset_userdata($name);
+				$this->set($new_name, $value);
+				$this->unset($name);
 			}
 		}
 	}
@@ -596,12 +596,12 @@ class CI_Session {
 
 	function _flashdata_sweep()
 	{
-		$userdata = $this->all_userdata();
+		$userdata = $this->get_all();
 		foreach ($userdata as $key => $value)
 		{
 			if (strpos($key, ':old:'))
 			{
-				$this->unset_userdata($key);
+				$this->unset($key);
 			}
 		}
 
@@ -767,6 +767,37 @@ class CI_Session {
 			log_message('debug', 'Session garbage collection performed.');
 		}
 	}
+	
+	// --------------------------------------------------------------------
+	
+	/**
+	 * Backwards compatible functions
+	 */
+	 
+	 function userdata($item)
+	 {
+	 	return $this->get($item);
+	 }
+	 
+	 function all_userdata()
+	 {
+	 	return $this->get_all();
+	 }
+	 
+	 function set_userdata($newdata)
+	 {
+	 	$this->set($newdata);
+	 }
+	 
+	 function unset_userdata($newdata)
+	 {
+	 	$this->rm($newdata);
+	 }
+	 
+	 function sess_destroy()
+	 {
+	 	$this->destroy(); 
+	 }
 
 
 }
-- 
cgit v1.2.3-24-g4f1b


From 75bc58b05cf16a0f8c5e7ed1545033a5d8b8feba Mon Sep 17 00:00:00 2001
From: David Behler <mail@davidbehler.de>
Date: Sun, 21 Aug 2011 15:03:47 +0200
Subject: Fixed problem with needless seperator at begin/end of string

---
 system/helpers/url_helper.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 mode change 100644 => 100755 system/helpers/url_helper.php

diff --git a/system/helpers/url_helper.php b/system/helpers/url_helper.php
old mode 100644
new mode 100755
index d0516cee6..0431e0b4b
--- a/system/helpers/url_helper.php
+++ b/system/helpers/url_helper.php
@@ -509,7 +509,7 @@ if ( ! function_exists('url_title'))
 			$str = strtolower($str);
 		}
 
-		return trim(stripslashes($str));
+		return trim(trim(stripslashes($str)), $replace);
 	}
 }
 
-- 
cgit v1.2.3-24-g4f1b


From a1a8ef711ec179a183a32f6cf4502ddc48782a84 Mon Sep 17 00:00:00 2001
From: Alex Bilbie <alex.bilbie@gmail.com>
Date: Sun, 21 Aug 2011 15:44:10 +0100
Subject: Revert 43194ea1af658914a89ca49aed4dca4617b9c4ff^..HEAD

---
 system/libraries/Cart.php    | 10 ++++----
 system/libraries/Session.php | 59 +++++++++++---------------------------------
 2 files changed, 19 insertions(+), 50 deletions(-)

diff --git a/system/libraries/Cart.php b/system/libraries/Cart.php
index 1caef49cd..b2eaa9ad7 100644
--- a/system/libraries/Cart.php
+++ b/system/libraries/Cart.php
@@ -59,9 +59,9 @@ class CI_Cart {
 		$this->CI->load->library('session', $config);
 
 		// Grab the shopping cart array from the session table, if it exists
-		if ($this->CI->session->get('cart_contents') !== FALSE)
+		if ($this->CI->session->userdata('cart_contents') !== FALSE)
 		{
-			$this->_cart_contents = $this->CI->session->get('cart_contents');
+			$this->_cart_contents = $this->CI->session->userdata('cart_contents');
 		}
 		else
 		{
@@ -397,7 +397,7 @@ class CI_Cart {
 		// Is our cart empty?  If so we delete it from the session
 		if (count($this->_cart_contents) <= 2)
 		{
-			$this->CI->session->rm('cart_contents');
+			$this->CI->session->unset_userdata('cart_contents');
 
 			// Nothing more to do... coffee time!
 			return FALSE;
@@ -405,7 +405,7 @@ class CI_Cart {
 
 		// If we made it this far it means that our cart has data.
 		// Let's pass it to the Session class so it can be stored
-		$this->CI->session->set(array('cart_contents' => $this->_cart_contents));
+		$this->CI->session->set_userdata(array('cart_contents' => $this->_cart_contents));
 
 		// Woot!
 		return TRUE;
@@ -541,7 +541,7 @@ class CI_Cart {
 		$this->_cart_contents['cart_total'] = 0;
 		$this->_cart_contents['total_items'] = 0;
 
-		$this->CI->session->rm('cart_contents');
+		$this->CI->session->unset_userdata('cart_contents');
 	}
 
 
diff --git a/system/libraries/Session.php b/system/libraries/Session.php
index 3203468b2..2c8a80163 100644
--- a/system/libraries/Session.php
+++ b/system/libraries/Session.php
@@ -395,7 +395,7 @@ class CI_Session {
 	 * @access	public
 	 * @return	void
 	 */
-	function destroy()
+	function sess_destroy()
 	{
 		// Kill the session DB row
 		if ($this->sess_use_database === TRUE AND isset($this->userdata['session_id']))
@@ -424,7 +424,7 @@ class CI_Session {
 	 * @param	string
 	 * @return	string
 	 */
-	function get($item)
+	function userdata($item)
 	{
 		return ( ! isset($this->userdata[$item])) ? FALSE : $this->userdata[$item];
 	}
@@ -437,7 +437,7 @@ class CI_Session {
 	 * @access	public
 	 * @return	array
 	 */
-	function get_all()
+	function all_userdata()
 	{
 		return $this->userdata;
 	}
@@ -452,7 +452,7 @@ class CI_Session {
 	 * @param	string
 	 * @return	void
 	 */
-	function set($newdata = array(), $newval = '')
+	function set_userdata($newdata = array(), $newval = '')
 	{
 		if (is_string($newdata))
 		{
@@ -478,7 +478,7 @@ class CI_Session {
 	 * @access	array
 	 * @return	void
 	 */
-	function rm($newdata = array())
+	function unset_userdata($newdata = array())
 	{
 		if (is_string($newdata))
 		{
@@ -519,7 +519,7 @@ class CI_Session {
 			foreach ($newdata as $key => $val)
 			{
 				$flashdata_key = $this->flashdata_key.':new:'.$key;
-				$this->set($flashdata_key, $val);
+				$this->set_userdata($flashdata_key, $val);
 			}
 		}
 	}
@@ -540,10 +540,10 @@ class CI_Session {
 		// Note the function will return FALSE if the $key
 		// provided cannot be found
 		$old_flashdata_key = $this->flashdata_key.':old:'.$key;
-		$value = $this->get($old_flashdata_key);
+		$value = $this->userdata($old_flashdata_key);
 
 		$new_flashdata_key = $this->flashdata_key.':new:'.$key;
-		$this->set($new_flashdata_key, $value);
+		$this->set_userdata($new_flashdata_key, $value);
 	}
 
 	// ------------------------------------------------------------------------
@@ -558,7 +558,7 @@ class CI_Session {
 	function flashdata($key)
 	{
 		$flashdata_key = $this->flashdata_key.':old:'.$key;
-		return $this->get($flashdata_key);
+		return $this->userdata($flashdata_key);
 	}
 
 	// ------------------------------------------------------------------------
@@ -572,15 +572,15 @@ class CI_Session {
 	 */
 	function _flashdata_mark()
 	{
-		$userdata = $this->get_all();
+		$userdata = $this->all_userdata();
 		foreach ($userdata as $name => $value)
 		{
 			$parts = explode(':new:', $name);
 			if (is_array($parts) && count($parts) === 2)
 			{
 				$new_name = $this->flashdata_key.':old:'.$parts[1];
-				$this->set($new_name, $value);
-				$this->unset($name);
+				$this->set_userdata($new_name, $value);
+				$this->unset_userdata($name);
 			}
 		}
 	}
@@ -596,12 +596,12 @@ class CI_Session {
 
 	function _flashdata_sweep()
 	{
-		$userdata = $this->get_all();
+		$userdata = $this->all_userdata();
 		foreach ($userdata as $key => $value)
 		{
 			if (strpos($key, ':old:'))
 			{
-				$this->unset($key);
+				$this->unset_userdata($key);
 			}
 		}
 
@@ -767,37 +767,6 @@ class CI_Session {
 			log_message('debug', 'Session garbage collection performed.');
 		}
 	}
-	
-	// --------------------------------------------------------------------
-	
-	/**
-	 * Backwards compatible functions
-	 */
-	 
-	 function userdata($item)
-	 {
-	 	return $this->get($item);
-	 }
-	 
-	 function all_userdata()
-	 {
-	 	return $this->get_all();
-	 }
-	 
-	 function set_userdata($newdata)
-	 {
-	 	$this->set($newdata);
-	 }
-	 
-	 function unset_userdata($newdata)
-	 {
-	 	$this->rm($newdata);
-	 }
-	 
-	 function sess_destroy()
-	 {
-	 	$this->destroy(); 
-	 }
 
 
 }
-- 
cgit v1.2.3-24-g4f1b


From aeb2c3e532e78be9ac78ba6fd4a305b7be31d2ab Mon Sep 17 00:00:00 2001
From: Alex Bilbie <alex.bilbie@gmail.com>
Date: Sun, 21 Aug 2011 16:14:54 +0100
Subject: Added new config parameter "csrf_exclude_uris" which allows for URIs
 to be whitelisted from CSRF verification. Fixes #149

---
 application/config/config.php |  2 ++
 system/core/Security.php      | 12 +++++++++++-
 2 files changed, 13 insertions(+), 1 deletion(-)

diff --git a/application/config/config.php b/application/config/config.php
index 1ec65435e..b64b11669 100644
--- a/application/config/config.php
+++ b/application/config/config.php
@@ -292,11 +292,13 @@ $config['global_xss_filtering'] = FALSE;
 | 'csrf_token_name' = The token name
 | 'csrf_cookie_name' = The cookie name
 | 'csrf_expire' = The number in seconds the token should expire.
+| 'csrf_exclude_uris' = Array of URIs which ignore CSRF checks
 */
 $config['csrf_protection'] = FALSE;
 $config['csrf_token_name'] = 'csrf_test_name';
 $config['csrf_cookie_name'] = 'csrf_cookie_name';
 $config['csrf_expire'] = 7200;
+$config['csrf_exclude_uris'] = array();
 
 /*
 |--------------------------------------------------------------------------
diff --git a/system/core/Security.php b/system/core/Security.php
index 3617cadcc..efd30eb14 100644
--- a/system/core/Security.php
+++ b/system/core/Security.php
@@ -93,6 +93,16 @@ class CI_Security {
 		{
 			return $this->csrf_set_cookie();
 		}
+		
+		// Check if URI has been whitelisted from CSRF checks
+		if ($exclude_uris = config_item('csrf_exclude_uris'))
+		{
+			$uri = load_class('URI', 'core');
+			if (in_array($uri->uri_string(), $exclude_uris))
+			{
+				return $this;
+			}
+		}
 
 		// Do the tokens exist in both the _POST and _COOKIE arrays?
 		if ( ! isset($_POST[$this->_csrf_token_name]) OR 
@@ -116,7 +126,7 @@ class CI_Security {
 		$this->_csrf_set_hash();
 		$this->csrf_set_cookie();
 
-		log_message('debug', "CSRF token verified ");
+		log_message('debug', "CSRF token verified");
 		
 		return $this;
 	}
-- 
cgit v1.2.3-24-g4f1b


From 87c74c885991075cf42e9e78d7843290e2b0c3a7 Mon Sep 17 00:00:00 2001
From: Alex Bilbie <alex.bilbie@gmail.com>
Date: Sun, 21 Aug 2011 16:28:43 +0100
Subject: Updated Security library documentation with details on how to
 whitelist URIs from CSRF protection

---
 user_guide/libraries/security.html | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/user_guide/libraries/security.html b/user_guide/libraries/security.html
index dd62a4386..cbe12d852 100644
--- a/user_guide/libraries/security.html
+++ b/user_guide/libraries/security.html
@@ -116,6 +116,9 @@ Note: This function should only be used to deal with data upon submission. It's
 
 <p>If you use the <a href="../helpers/form_helper.html">form helper</a> the <var>form_open()</var> function will automatically insert a hidden csrf field in your forms.</p>
 
+<p>Select URIs can be whitelisted from csrf protection (for example API endpoints expecting externally POSTed content). You can add these URIs by editing the 'csrf_exclude_uris' config parameter:</p>
+<code>$config['csrf_exclude_uris'] = array('api/person/add');</code>
+
 </div>
 <!-- END CONTENT -->
 
-- 
cgit v1.2.3-24-g4f1b


From 52c10b68c275248eb7e12ec1d039876cd5f81f11 Mon Sep 17 00:00:00 2001
From: John Bellone <jb@thunkbrightly.com>
Date: Sun, 21 Aug 2011 11:41:32 -0400
Subject: Making changes to stop remote spoofing

---
 system/core/Input.php | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/system/core/Input.php b/system/core/Input.php
index cfbef942d..365f779de 100644
--- a/system/core/Input.php
+++ b/system/core/Input.php
@@ -287,13 +287,13 @@ class CI_Input {
 
 			$this->ip_address = in_array($_SERVER['REMOTE_ADDR'], $proxies) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR'];
 		}
-		elseif ($this->server('REMOTE_ADDR') AND $this->server('HTTP_CLIENT_IP'))
+		elseif ($this->server('REMOTE_ADDR') AND ! $this->server('HTTP_CLIENT_IP'))
 		{
-			$this->ip_address = $_SERVER['HTTP_CLIENT_IP'];
+			$this->ip_address = $_SERVER['REMOTE_ADDR'];
 		}
-		elseif ($this->server('REMOTE_ADDR'))
+		elseif ($this->server('REMOTE_ADDR') AND $this->server('HTTP_CLIENT_IP'))
 		{
-			$this->ip_address = $_SERVER['REMOTE_ADDR'];
+			$this->ip_address = $_SERVER['HTTP_CLIENT_IP'];
 		}
 		elseif ($this->server('HTTP_CLIENT_IP'))
 		{
-- 
cgit v1.2.3-24-g4f1b


From 16f27b402049dc2ff0cc09faf4885aee944ba639 Mon Sep 17 00:00:00 2001
From: John Bellone <jb@thunkbrightly.com>
Date: Sun, 21 Aug 2011 11:45:11 -0400
Subject: Changed order

---
 system/core/Input.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/system/core/Input.php b/system/core/Input.php
index 365f779de..df9d2a5b7 100644
--- a/system/core/Input.php
+++ b/system/core/Input.php
@@ -287,7 +287,7 @@ class CI_Input {
 
 			$this->ip_address = in_array($_SERVER['REMOTE_ADDR'], $proxies) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR'];
 		}
-		elseif ($this->server('REMOTE_ADDR') AND ! $this->server('HTTP_CLIENT_IP'))
+		elseif (! $this->server('HTTP_CLIENT_IP') AND $this->server('REMOTE_ADDR'))
 		{
 			$this->ip_address = $_SERVER['REMOTE_ADDR'];
 		}
-- 
cgit v1.2.3-24-g4f1b


From 1e4276da338741e63de4701e5cdba611953fe024 Mon Sep 17 00:00:00 2001
From: Phil Sturgeon <email@philsturgeon.co.uk>
Date: Sun, 21 Aug 2011 15:46:24 -0400
Subject: Added changelog to last commit.

---
 user_guide/changelog.html | 1 +
 1 file changed, 1 insertion(+)

diff --git a/user_guide/changelog.html b/user_guide/changelog.html
index 15872c1ac..e2df11b86 100644
--- a/user_guide/changelog.html
+++ b/user_guide/changelog.html
@@ -72,6 +72,7 @@ Change Log
 		<ul>
 			<li class="reactor">Added <samp>increment_string()</samp> to <a href="helpers/string_helper.html">String Helper</a> to turn "foo" into "foo-1" or "foo-1" into "foo-2".</li>
         	<li>Altered form helper - made action on form_open_multipart helper function call optional.  Fixes (#65)</li>
+			<li><samp>url_title()</samp> will now trim extra dashes from beginning and end.</li>
 		</ul>
 	</li>
 	<li>Database
-- 
cgit v1.2.3-24-g4f1b


From ab57a3520eafacaf2f130b3f4778a57a632fac1c Mon Sep 17 00:00:00 2001
From: Shane Pearson <bubbafoley@gmail.com>
Date: Mon, 22 Aug 2011 16:11:20 -0500
Subject: Fix #8 - Load core classes from the application folder first.

---
 system/core/Common.php    | 6 +++---
 user_guide/changelog.html | 1 +
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/system/core/Common.php b/system/core/Common.php
index db9fbeb9f..3c62403ac 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -132,9 +132,9 @@ if ( ! function_exists('load_class'))
 
 		$name = FALSE;
 
-		// Look for the class first in the native system/libraries folder
-		// thenin the local application/libraries folder
-		foreach (array(BASEPATH, APPPATH) as $path)
+		// Look for the class first in the local application/libraries folder
+		// then in the native system/libraries folder
+		foreach (array(APPPATH, BASEPATH) as $path)
 		{
 			if (file_exists($path.$directory.'/'.$class.'.php'))
 			{
diff --git a/user_guide/changelog.html b/user_guide/changelog.html
index 9d8fd2b54..e5501abbc 100644
--- a/user_guide/changelog.html
+++ b/user_guide/changelog.html
@@ -105,6 +105,7 @@ Change Log
     <li>Fixed a bug (#181) where a mis-spelling was in the form validation language file.</li>
 	<li>Fixed a bug (#160) - Removed unneeded array copy in the file cache driver.</li>
 	<li>Fixed a bug (#150) - <samp>field_data()</samp> now correctly returns column length.</li>
+	<li>Fixed a bug (#8) - Look for core classes in <samp>APPPATH</samp> first.</li>
 </ul>
 
 <h2>Version 2.0.3</h2>
-- 
cgit v1.2.3-24-g4f1b


From 48705c3345cf115910dbaa798f60288ea7b9ca36 Mon Sep 17 00:00:00 2001
From: Shane Pearson <bubbafoley@gmail.com>
Date: Mon, 22 Aug 2011 16:17:32 -0500
Subject: updated changelog message

---
 user_guide/changelog.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/user_guide/changelog.html b/user_guide/changelog.html
index e5501abbc..4c207d6bc 100644
--- a/user_guide/changelog.html
+++ b/user_guide/changelog.html
@@ -105,7 +105,7 @@ Change Log
     <li>Fixed a bug (#181) where a mis-spelling was in the form validation language file.</li>
 	<li>Fixed a bug (#160) - Removed unneeded array copy in the file cache driver.</li>
 	<li>Fixed a bug (#150) - <samp>field_data()</samp> now correctly returns column length.</li>
-	<li>Fixed a bug (#8) - Look for core classes in <samp>APPPATH</samp> first.</li>
+	<li>Fixed a bug (#8) - <samp>load_class()</samp> now looks for core classes in <samp>APPPATH</samp> first, allowing them to be replaced.</li>
 </ul>
 
 <h2>Version 2.0.3</h2>
-- 
cgit v1.2.3-24-g4f1b


From 665baec264c04fb3284e313d59e102b2bf041e37 Mon Sep 17 00:00:00 2001
From: Shane Pearson <bubbafoley@gmail.com>
Date: Mon, 22 Aug 2011 18:52:19 -0500
Subject: make _ci_autoloader() protected so it can be properly extended.

---
 system/core/Loader.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/system/core/Loader.php b/system/core/Loader.php
index 452dc0b4c..de0fc06d2 100755
--- a/system/core/Loader.php
+++ b/system/core/Loader.php
@@ -1106,7 +1106,7 @@ class CI_Loader {
 	 * @param	array
 	 * @return	void
 	 */
-	private function _ci_autoloader()
+	protected function _ci_autoloader()
 	{
 		if (defined('ENVIRONMENT') AND file_exists(APPPATH.'config/'.ENVIRONMENT.'/autoload.php'))
 		{
-- 
cgit v1.2.3-24-g4f1b


From e77c6117e473900ca35ec7993f4159179d5b5f9c Mon Sep 17 00:00:00 2001
From: Shane Pearson <bubbafoley@gmail.com>
Date: Mon, 22 Aug 2011 19:01:28 -0500
Subject: add a note to the changelog about _ci_autloader()

---
 user_guide/changelog.html | 1 +
 1 file changed, 1 insertion(+)

diff --git a/user_guide/changelog.html b/user_guide/changelog.html
index 9d8fd2b54..ac936a68c 100644
--- a/user_guide/changelog.html
+++ b/user_guide/changelog.html
@@ -91,6 +91,7 @@ Change Log
 			<li class="reactor">Added a <a href="libraries/migration.html">Migration Library</a> to assist with applying incremental updates to your database schema.</li>
 			<li class="reactor">Driver children can be located in any package path.</li>
 			<li class="reactor">Added max_filename_increment config setting for Upload library.</li>
+			<li><samp>CI_Loader::_ci_autoloader()</samp> is now a protected method.</li>
 		</ul>
 	</li>
 </ul>
-- 
cgit v1.2.3-24-g4f1b


From c51a435968eda164dc5d055ff9ec15918a6f56ab Mon Sep 17 00:00:00 2001
From: Bo-Yi Wu <appleboy.tw@gmail.com>
Date: Tue, 23 Aug 2011 10:40:39 +0800
Subject: Update: User Guide error on upgrade_203.html file

---
 user_guide/installation/upgrade_203.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/user_guide/installation/upgrade_203.html b/user_guide/installation/upgrade_203.html
index 1d37a055d..04899832d 100644
--- a/user_guide/installation/upgrade_203.html
+++ b/user_guide/installation/upgrade_203.html
@@ -81,7 +81,7 @@ Upgrading from 2.0.2 to 2.0.3
 
 <h2>Step 5: Remove APPPATH.'third_party' from autoload.php</h2>
 
-<p>Open application/autoload.php, and look for the following:</p>
+<p>Open application/config/autoload.php, and look for the following:</p>
 
 <code>$autoload['packages'] = array(APPPATH.'third_party');</code>
 
-- 
cgit v1.2.3-24-g4f1b


From f31895096e821c694670b62180b7a5c309b62a9b Mon Sep 17 00:00:00 2001
From: Eric Barnes <eric@ericlbarnes.com>
Date: Tue, 23 Aug 2011 21:40:59 -0400
Subject: Changed  doc block options. Fixes #100

---
 system/helpers/url_helper.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/system/helpers/url_helper.php b/system/helpers/url_helper.php
index 9f4b85248..09d975621 100644
--- a/system/helpers/url_helper.php
+++ b/system/helpers/url_helper.php
@@ -527,7 +527,7 @@ if ( ! function_exists('url_title'))
  *
  * @access	public
  * @param	string	the URL
- * @param	string	the method: location or redirect
+ * @param	string	the method: location or refresh
  * @return	string
  */
 if ( ! function_exists('redirect'))
-- 
cgit v1.2.3-24-g4f1b


From 45c887bb99b537a2b191a1fe476752dc5a8527d7 Mon Sep 17 00:00:00 2001
From: Eric Barnes <eric@ericlbarnes.com>
Date: Tue, 23 Aug 2011 21:53:35 -0400
Subject: Added readme for github project page

---
 readme.md | 10 ++++++++++
 1 file changed, 10 insertions(+)
 create mode 100644 readme.md

diff --git a/readme.md b/readme.md
new file mode 100644
index 000000000..599fdb3cf
--- /dev/null
+++ b/readme.md
@@ -0,0 +1,10 @@
+# What is CodeIgniter
+
+CodeIgniter is an Application Development Framework - a toolkit - for people who build web sites using PHP. Its goal is to enable you to develop projects much faster than you could if you were writing code from scratch, by providing a rich set of libraries for commonly needed tasks, as well as a simple interface and logical structure to access these libraries. CodeIgniter lets you creatively focus on your project by minimizing the amount of code needed for a given task.
+
+# Resources
+
+ * [User Guide](http://codeigniter.com/user_guide/)
+ * [Community Forums](http://codeigniter.com/forums/)
+ * [Community Wiki](http://codeigniter.com/wiki/)
+ * [Community IRC](http://webchat.freenode.net/?channels=codeigniter&uio=d4)]
\ No newline at end of file
-- 
cgit v1.2.3-24-g4f1b


From 17e7b44e4b67e8d36ef6a0f8f08c2751fce3b55b Mon Sep 17 00:00:00 2001
From: Kevin Hoogheem <kevin@hoogheem.net>
Date: Tue, 23 Aug 2011 22:48:48 -0500
Subject: MIME Type Adds/Changes

Updated MIME Types with certs and new audio/video files as well as added
extra types for some existing files.
---
 application/config/mimes.php | 50 +++++++++++++++++++++++++++++++++++++-------
 user_guide/changelog.html    |  5 +++++
 2 files changed, 47 insertions(+), 8 deletions(-)

diff --git a/application/config/mimes.php b/application/config/mimes.php
index 82767d7c8..be9a67842 100644
--- a/application/config/mimes.php
+++ b/application/config/mimes.php
@@ -8,10 +8,10 @@
 |
 */
 
-$mimes = array(	'hqx'	=>	'application/mac-binhex40',
+$mimes = array( 'hqx'   =>      array('application/mac-binhex40', 'application/mac-binhex', 'application/x-binhex40', 'application/x-mac-binhex40'),
 				'cpt'	=>	'application/mac-compactpro',
 				'csv'	=>	array('text/x-comma-separated-values', 'text/comma-separated-values', 'application/octet-stream', 'application/vnd.ms-excel', 'application/x-csv', 'text/x-csv', 'text/csv', 'application/csv', 'application/excel', 'application/vnd.msexcel'),
-				'bin'	=>	'application/macbinary',
+				'bin'	=>	array('application/macbinary', 'application/mac-binary', 'application/octet-stream', 'application/x-binary', 'application/x-macbinary'),
 				'dms'	=>	'application/octet-stream',
 				'lha'	=>	'application/octet-stream',
 				'lzh'	=>	'application/octet-stream',
@@ -39,6 +39,7 @@ $mimes = array(	'hqx'	=>	'application/mac-binhex40',
 				'dvi'	=>	'application/x-dvi',
 				'gtar'	=>	'application/x-gtar',
 				'gz'	=>	'application/x-gzip',
+                                'gzip'  =>  	'application/x-gzip',
 				'php'	=>	'application/x-httpd-php',
 				'php4'	=>	'application/x-httpd-php',
 				'php3'	=>	'application/x-httpd-php',
@@ -51,14 +52,14 @@ $mimes = array(	'hqx'	=>	'application/mac-binhex40',
 				'tgz'	=>	array('application/x-tar', 'application/x-gzip-compressed'),
 				'xhtml'	=>	'application/xhtml+xml',
 				'xht'	=>	'application/xhtml+xml',
-				'zip'	=>  array('application/x-zip', 'application/zip', 'application/x-zip-compressed'),
+				'zip'	=>  	array('application/x-zip', 'application/zip', 'application/x-zip-compressed'),
 				'mid'	=>	'audio/midi',
 				'midi'	=>	'audio/midi',
 				'mpga'	=>	'audio/mpeg',
 				'mp2'	=>	'audio/mpeg',
 				'mp3'	=>	array('audio/mpeg', 'audio/mpg', 'audio/mpeg3', 'audio/mp3'),
-				'aif'	=>	'audio/x-aiff',
-				'aiff'	=>	'audio/x-aiff',
+				'aif'	=>	array('audio/x-aiff', 'audio/aiff'),
+				'aiff'	=>	array('audio/x-aiff', 'audio/aiff'),
 				'aifc'	=>	'audio/x-aiff',
 				'ram'	=>	'audio/x-pn-realaudio',
 				'rm'	=>	'audio/x-pn-realaudio',
@@ -66,7 +67,7 @@ $mimes = array(	'hqx'	=>	'application/mac-binhex40',
 				'ra'	=>	'audio/x-realaudio',
 				'rv'	=>	'video/vnd.rn-realvideo',
 				'wav'	=>	'audio/x-wav',
-				'bmp'	=>	'image/bmp',
+				'bmp'	=>	array('image/bmp', 'image/x-windows-bmp'),
 				'gif'	=>	'image/gif',
 				'jpeg'	=>	array('image/jpeg', 'image/pjpeg'),
 				'jpg'	=>	array('image/jpeg', 'image/pjpeg'),
@@ -90,7 +91,7 @@ $mimes = array(	'hqx'	=>	'application/mac-binhex40',
 				'mpe'	=>	'video/mpeg',
 				'qt'	=>	'video/quicktime',
 				'mov'	=>	'video/quicktime',
-				'avi'	=>	'video/x-msvideo',
+				'avi'	=>	array('video/x-msvideo', 'video/msvideo', 'video/avi', 'application/x-troff-msvideo'),
 				'movie'	=>	'video/x-sgi-movie',
 				'doc'	=>	'application/msword',
 				'docx'	=>	'application/vnd.openxmlformats-officedocument.wordprocessingml.document',
@@ -98,7 +99,40 @@ $mimes = array(	'hqx'	=>	'application/mac-binhex40',
 				'word'	=>	array('application/msword', 'application/octet-stream'),
 				'xl'	=>	'application/excel',
 				'eml'	=>	'message/rfc822',
-				'json' => array('application/json', 'text/json')
+				'json'  => 	array('application/json', 'text/json'),
+				'pem'   =>  	array('application/x-x509-user-cert', 'application/x-pem-file', 'application/octet-stream'),
+				'p10'   =>	array('application/x-pkcs10', 'application/pkcs10'),
+				'p12'   =>	'application/x-pkcs12',
+				'p7a'   =>	'application/x-pkcs7-signature',
+				'p7c'   =>	array('application/pkcs7-mime', 'application/x-pkcs7-mime'),
+				'p7m'   =>	array('application/pkcs7-mime', 'application/x-pkcs7-mime'),
+				'p7r'   =>	'application/x-pkcs7-certreqresp',
+				'p7s'   =>	'application/pkcs7-signature',
+				'crt'   =>	array('application/x-x509-ca-cert', 'application/x-x509-user-cert', 'application/pkix-cert'),
+				'crl'   =>	array('application/pkix-crl', 'application/pkcs-crl'),
+				'der'   =>	'application/x-x509-ca-cert',
+				'kdb'   =>	'application/octet-stream',
+				'pgp'   =>	'application/pgp',
+				'gpg'   =>	'application/gpg-keys',
+				'sst'   =>	'application/octet-stream',
+				'csr'   =>	'application/octet-stream',
+				'rsa'   =>	'application/x-pkcs7',
+				'cer'   =>	array('application/pkix-cert', 'application/x-x509-ca-cert'),
+				'3g2'   =>	'video/3gpp2',
+				'3gp'   =>	'video/3gp',
+				'mp4'   =>	'video/mp4',
+				'm4a'   =>	'audio/x-m4a',
+				'f4v'   =>	'video/mp4',
+				'aac'   =>	'audio/x-acc',
+				'm4u'   =>	'application/vnd.mpegurl',
+				'm3u'   =>	'text/plain',
+				'xspf'  =>	'application/xspf+xml',
+				'vlc'   =>	'application/videolan',
+				'wmv'   =>	'video/x-ms-wmv',
+				'au'    =>	'audio/x-au',
+				'ac3'   =>	'audio/ac3',
+				'flac'  =>	'audio/x-flac',
+				'ogg'   =>	'audio/ogg',
 			);
 
 
diff --git a/user_guide/changelog.html b/user_guide/changelog.html
index 9d8fd2b54..2c6cb5ab5 100644
--- a/user_guide/changelog.html
+++ b/user_guide/changelog.html
@@ -125,6 +125,11 @@ Change Log
 			<li class="reactor">Added <samp>insert_batch()</samp> function to the PostgreSQL database driver.  Thanks to epallerols for the patch.</li>
 			<li class="reactor">Added "application/x-csv" to mimes.php.</li>
 			<li>Fixed a bug where <a href="libraries/email.html">Email library</a> attachments with a "." in the name would using invalid MIME-types.</li>
+            <li>Added support for pem,p10,p12,p7a,p7c,p7m,p7r,p7s,crt,crl,der,kdb,rsa,cer,sst,csr Certs to mimes.php.</li>
+            <li>Added support pgp,gpg to mimes.php.</li>
+            <li>Added support 3gp, 3g2, mp4, wmv, f4v, vlc Video files to mimes.php.</li>
+            <li>Added support m4a, aac, m4u, xspf, au, ac3, flac, ogg Audio files to mimes.php.</li>
+
 		</ul>
 	</li>
 	<li>Helpers
-- 
cgit v1.2.3-24-g4f1b


From aadf15d2b5337b7c66dc974d0b7a872030ed02c1 Mon Sep 17 00:00:00 2001
From: Eric Barnes <eric@ericlbarnes.com>
Date: Wed, 24 Aug 2011 03:55:41 -0300
Subject: Removed bracket from last link.

---
 readme.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/readme.md b/readme.md
index 599fdb3cf..dfcf856f2 100644
--- a/readme.md
+++ b/readme.md
@@ -7,4 +7,4 @@ CodeIgniter is an Application Development Framework - a toolkit - for people who
  * [User Guide](http://codeigniter.com/user_guide/)
  * [Community Forums](http://codeigniter.com/forums/)
  * [Community Wiki](http://codeigniter.com/wiki/)
- * [Community IRC](http://webchat.freenode.net/?channels=codeigniter&uio=d4)]
\ No newline at end of file
+ * [Community IRC](http://webchat.freenode.net/?channels=codeigniter&uio=d4)
\ No newline at end of file
-- 
cgit v1.2.3-24-g4f1b


From 6a93995f2a24c0ac8d636ecac5f3eb0d0243e23d Mon Sep 17 00:00:00 2001
From: Alex Bilbie <alex@alexbilbie.com>
Date: Wed, 24 Aug 2011 09:20:36 +0100
Subject: Added note in changelog

---
 user_guide/changelog.html | 1 +
 1 file changed, 1 insertion(+)

diff --git a/user_guide/changelog.html b/user_guide/changelog.html
index c52a33e5a..5e412ca44 100644
--- a/user_guide/changelog.html
+++ b/user_guide/changelog.html
@@ -75,6 +75,7 @@ Change Log
 			<li>Visual updates to the welcome_message view file and default error templates. Thanks to <a href="https://bitbucket.org/danijelb">danijelb</a> for the pull request.</li>
 			<li class="reactor">Added <samp>insert_batch()</samp> function to the PostgreSQL database driver.  Thanks to epallerols for the patch.</li>
 			<li class="reactor">Added "application/x-csv" to mimes.php.</li>
+			<li class="reactor">Added CSRF protection URI whitelisting.</li>
 			<li>Fixed a bug where <a href="libraries/email.html">Email library</a> attachments with a "." in the name would using invalid MIME-types.</li>
 		</ul>
 	</li>
-- 
cgit v1.2.3-24-g4f1b


From 2653e05752d865b921fd4f92d2b9b3eafeae2ac0 Mon Sep 17 00:00:00 2001
From: purandi <free6300@gmail.com>
Date: Wed, 24 Aug 2011 18:31:39 +0700
Subject: Fix link database driver on changelog

---
 user_guide/changelog.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/user_guide/changelog.html b/user_guide/changelog.html
index 4c207d6bc..d095c2f5f 100644
--- a/user_guide/changelog.html
+++ b/user_guide/changelog.html
@@ -77,7 +77,7 @@ Change Log
 	</li>
 	<li>Database
 		<ul>
-			<li class="reactor">Added a <a href="http://www.cubrid.org/" target="_blank">CUBRID</a> driver to the <a href="libraries/database.html">Database Driver</a>. Thanks to the CUBRID team for supplying this patch.</li>
+			<li class="reactor">Added a <a href="http://www.cubrid.org/" target="_blank">CUBRID</a> driver to the <a href="database/index.html">Database Driver</a>. Thanks to the CUBRID team for supplying this patch.</li>
 			<li class="reactor">Typecast limit and offset in the <a href="database/queries.html">Database Driver</a> to integers to avoid possible injection.</li>
 			<li class="reactor">
 				Added additional option 'none' for the optional third argument for  <kbd>$this->db->like()</kbd> in the <a href="database/active_record.html">Database Driver</a>.
-- 
cgit v1.2.3-24-g4f1b


From eddd10786c2777e5601f4c9dcfbd9e5d089bbe42 Mon Sep 17 00:00:00 2001
From: Kevin Hoogheem <kevin@hoogheem.net>
Date: Wed, 24 Aug 2011 07:59:36 -0500
Subject: whitespace updates

per Phil updating some whitespace issues
---
 application/config/mimes.php | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/application/config/mimes.php b/application/config/mimes.php
index be9a67842..90a1d18bb 100644
--- a/application/config/mimes.php
+++ b/application/config/mimes.php
@@ -8,7 +8,7 @@
 |
 */
 
-$mimes = array( 'hqx'   =>      array('application/mac-binhex40', 'application/mac-binhex', 'application/x-binhex40', 'application/x-mac-binhex40'),
+$mimes = array('hqx'   =>      array('application/mac-binhex40', 'application/mac-binhex', 'application/x-binhex40', 'application/x-mac-binhex40'),
 				'cpt'	=>	'application/mac-compactpro',
 				'csv'	=>	array('text/x-comma-separated-values', 'text/comma-separated-values', 'application/octet-stream', 'application/vnd.ms-excel', 'application/x-csv', 'text/x-csv', 'text/csv', 'application/csv', 'application/excel', 'application/vnd.msexcel'),
 				'bin'	=>	array('application/macbinary', 'application/mac-binary', 'application/octet-stream', 'application/x-binary', 'application/x-macbinary'),
@@ -39,7 +39,7 @@ $mimes = array( 'hqx'   =>      array('application/mac-binhex40', 'application/m
 				'dvi'	=>	'application/x-dvi',
 				'gtar'	=>	'application/x-gtar',
 				'gz'	=>	'application/x-gzip',
-                                'gzip'  =>  	'application/x-gzip',
+				'gzip'  =>	'application/x-gzip',
 				'php'	=>	'application/x-httpd-php',
 				'php4'	=>	'application/x-httpd-php',
 				'php3'	=>	'application/x-httpd-php',
@@ -52,7 +52,7 @@ $mimes = array( 'hqx'   =>      array('application/mac-binhex40', 'application/m
 				'tgz'	=>	array('application/x-tar', 'application/x-gzip-compressed'),
 				'xhtml'	=>	'application/xhtml+xml',
 				'xht'	=>	'application/xhtml+xml',
-				'zip'	=>  	array('application/x-zip', 'application/zip', 'application/x-zip-compressed'),
+				'zip'	=>	array('application/x-zip', 'application/zip', 'application/x-zip-compressed'),
 				'mid'	=>	'audio/midi',
 				'midi'	=>	'audio/midi',
 				'mpga'	=>	'audio/mpeg',
@@ -99,8 +99,8 @@ $mimes = array( 'hqx'   =>      array('application/mac-binhex40', 'application/m
 				'word'	=>	array('application/msword', 'application/octet-stream'),
 				'xl'	=>	'application/excel',
 				'eml'	=>	'message/rfc822',
-				'json'  => 	array('application/json', 'text/json'),
-				'pem'   =>  	array('application/x-x509-user-cert', 'application/x-pem-file', 'application/octet-stream'),
+				'json'  =>	array('application/json', 'text/json'),
+				'pem'   =>	array('application/x-x509-user-cert', 'application/x-pem-file', 'application/octet-stream'),
 				'p10'   =>	array('application/x-pkcs10', 'application/pkcs10'),
 				'p12'   =>	'application/x-pkcs12',
 				'p7a'   =>	'application/x-pkcs7-signature',
-- 
cgit v1.2.3-24-g4f1b


From fbac8b4553942db4be52e872d9fd68717e5006e4 Mon Sep 17 00:00:00 2001
From: kenjis <kenji@codeigniter.jp>
Date: Thu, 25 Aug 2011 10:51:44 +0900
Subject: add html_escape() function to escape HTML.

---
 system/core/Common.php                   | 24 ++++++++++++++++++++++++
 user_guide/changelog.html                |  1 +
 user_guide/general/common_functions.html |  2 ++
 3 files changed, 27 insertions(+)

diff --git a/system/core/Common.php b/system/core/Common.php
index 3c62403ac..d79375475 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -536,5 +536,29 @@ if ( ! function_exists('remove_invisible_characters'))
 	}
 }
 
+// ------------------------------------------------------------------------
+
+/**
+* Returns HTML escaped variable
+*
+* @access	public
+* @param	mixed
+* @return	mixed
+*/
+if ( ! function_exists('html_escape'))
+{
+	function html_escape($var)
+	{
+		if (is_array($var))
+		{
+			return array_map('html_escape', $var);
+		}
+		else
+		{
+			return htmlspecialchars($var, ENT_QUOTES, config_item('charset'));
+		}
+	}
+}
+
 /* End of file Common.php */
 /* Location: ./system/core/Common.php */
\ No newline at end of file
diff --git a/user_guide/changelog.html b/user_guide/changelog.html
index 91312e46b..c22bebda6 100644
--- a/user_guide/changelog.html
+++ b/user_guide/changelog.html
@@ -67,6 +67,7 @@ Change Log
 		<ul>
 			<li class="reactor">Callback validation rules can now accept parameters like any other validation rule.</li>
 			<li class="reactor">Ability to log certain error types, not all under a threshold.</li>
+			<li class="reactor">Added html_escape() to the <a href="general/common_functions.html">Common functions<a> to escape HTML output for preventing XSS easliy.</li>
 		</ul>
 	</li>
 	<li>Helpers
diff --git a/user_guide/general/common_functions.html b/user_guide/general/common_functions.html
index 65457759d..7cff6321c 100644
--- a/user_guide/general/common_functions.html
+++ b/user_guide/general/common_functions.html
@@ -104,6 +104,8 @@ else<br />
 <p>This function prevents inserting null characters between ascii characters, like Java\0script.</p>
 
 
+<h2>html_escape(<var>$mixed</var>)</h2>
+<p>This function provides short cut for htmlspecialchars() function. It accepts string and array. To prevent Cross Site Scripting (XSS), it is very useful.</p>
 
 </div>
 
-- 
cgit v1.2.3-24-g4f1b


From 7addbc4c528199b533aa69afdf2187990d69484a Mon Sep 17 00:00:00 2001
From: Eric Barnes <eric@ericlbarnes.com>
Date: Wed, 24 Aug 2011 23:46:20 -0400
Subject: Added user voice link to readme

---
 readme.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/readme.md b/readme.md
index dfcf856f2..be807dbea 100644
--- a/readme.md
+++ b/readme.md
@@ -6,5 +6,6 @@ CodeIgniter is an Application Development Framework - a toolkit - for people who
 
  * [User Guide](http://codeigniter.com/user_guide/)
  * [Community Forums](http://codeigniter.com/forums/)
+ * [User Voice](http://codeigniter.uservoice.com/forums/40508-codeigniter-reactor)
  * [Community Wiki](http://codeigniter.com/wiki/)
  * [Community IRC](http://webchat.freenode.net/?channels=codeigniter&uio=d4)
\ No newline at end of file
-- 
cgit v1.2.3-24-g4f1b


From 373043fef2723d7cbdd768d1930363ac6fecba68 Mon Sep 17 00:00:00 2001
From: Frank Michel <office@frankmichel.com>
Date: Thu, 25 Aug 2011 00:11:00 -0400
Subject: fix for issue #292 with multiple language files

---
 system/core/Lang.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/system/core/Lang.php b/system/core/Lang.php
index 5ac671838..e140a6a60 100755
--- a/system/core/Lang.php
+++ b/system/core/Lang.php
@@ -112,7 +112,7 @@ class CI_Lang {
 		}
 
 
-		if ( ! isset($lang))
+		if ( ! isset($lang) || ! is_array($lang))
 		{
 			log_message('error', 'Language file contains no data: language/'.$idiom.'/'.$langfile);
 			return;
@@ -124,7 +124,7 @@ class CI_Lang {
 		}
 
 		$this->is_loaded[] = $langfile;
-		$this->language = array_merge($this->language, $lang);
+		$this->language = $this->language + $lang;
 		unset($lang);
 
 		log_message('debug', 'Language file loaded: language/'.$idiom.'/'.$langfile);
-- 
cgit v1.2.3-24-g4f1b


From cb272b60e55882246677db929bc2e0a58f31397d Mon Sep 17 00:00:00 2001
From: Frank Michel <office@frankmichel.com>
Date: Thu, 25 Aug 2011 10:59:55 -0400
Subject: fixed logical operator OR in core/lang

---
 system/core/Lang.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/system/core/Lang.php b/system/core/Lang.php
index e140a6a60..d61d1029a 100755
--- a/system/core/Lang.php
+++ b/system/core/Lang.php
@@ -112,7 +112,7 @@ class CI_Lang {
 		}
 
 
-		if ( ! isset($lang) || ! is_array($lang))
+		if ( ! isset($lang) OR ! is_array($lang))
 		{
 			log_message('error', 'Language file contains no data: language/'.$idiom.'/'.$langfile);
 			return;
-- 
cgit v1.2.3-24-g4f1b


From e716f585d5ffb5ef65279734672a39c1ecddac1e Mon Sep 17 00:00:00 2001
From: purandi <free6300@gmail.com>
Date: Thu, 25 Aug 2011 22:32:01 +0700
Subject: Fix hiperlink Added html_escape() on changelog

---
 user_guide/changelog.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/user_guide/changelog.html b/user_guide/changelog.html
index e1a134def..d7a6c7e05 100644
--- a/user_guide/changelog.html
+++ b/user_guide/changelog.html
@@ -67,7 +67,7 @@ Change Log
 		<ul>
 			<li class="reactor">Callback validation rules can now accept parameters like any other validation rule.</li>
 			<li class="reactor">Ability to log certain error types, not all under a threshold.</li>
-			<li class="reactor">Added html_escape() to the <a href="general/common_functions.html">Common functions<a> to escape HTML output for preventing XSS easliy.</li>
+			<li class="reactor">Added html_escape() to the <a href="general/common_functions.html">Common functions</a> to escape HTML output for preventing XSS easliy.</li>
 		</ul>
 	</li>
 	<li>Helpers
-- 
cgit v1.2.3-24-g4f1b


From eaa5541deb9409d936f77d24d696cf977ef505df Mon Sep 17 00:00:00 2001
From: Michiel Vugteveen <info@mvug.nl>
Date: Thu, 25 Aug 2011 21:22:49 +0200
Subject: oci8 driver escape string quotes fix

---
 system/database/drivers/oci8/oci8_driver.php | 1 +
 user_guide/changelog.html                    | 1 +
 2 files changed, 2 insertions(+)

diff --git a/system/database/drivers/oci8/oci8_driver.php b/system/database/drivers/oci8/oci8_driver.php
index 42cfaaefb..d4adfd528 100644
--- a/system/database/drivers/oci8/oci8_driver.php
+++ b/system/database/drivers/oci8/oci8_driver.php
@@ -404,6 +404,7 @@ class CI_DB_oci8_driver extends CI_DB {
 		}
 
 		$str = remove_invisible_characters($str);
+		$str = str_replace("'", "''", $str);
 
 		// escape LIKE condition wildcards
 		if ($like === TRUE)
diff --git a/user_guide/changelog.html b/user_guide/changelog.html
index 865bdd8ac..3ada17e07 100644
--- a/user_guide/changelog.html
+++ b/user_guide/changelog.html
@@ -108,6 +108,7 @@ Change Log
 	<li>Fixed a bug (#160) - Removed unneeded array copy in the file cache driver.</li>
 	<li>Fixed a bug (#150) - <samp>field_data()</samp> now correctly returns column length.</li>
 	<li>Fixed a bug (#8) - <samp>load_class()</samp> now looks for core classes in <samp>APPPATH</samp> first, allowing them to be replaced.</li>
+	<li>Fixed a bug (#85) - OCI8 (Oracle) database escape_str() function did not escape correct.</li>
 </ul>
 
 <h2>Version 2.0.3</h2>
-- 
cgit v1.2.3-24-g4f1b


From 84d76ea2559ddd72b5d1ddbe6fa38e88d9b20c16 Mon Sep 17 00:00:00 2001
From: Michiel Vugteveen <info@mvug.nl>
Date: Thu, 25 Aug 2011 21:25:12 +0200
Subject: odbc called incorrect parent in construct

---
 system/database/drivers/odbc/odbc_driver.php | 2 +-
 user_guide/changelog.html                    | 1 +
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/system/database/drivers/odbc/odbc_driver.php b/system/database/drivers/odbc/odbc_driver.php
index 5e764e071..08cd27b6c 100644
--- a/system/database/drivers/odbc/odbc_driver.php
+++ b/system/database/drivers/odbc/odbc_driver.php
@@ -50,7 +50,7 @@ class CI_DB_odbc_driver extends CI_DB {
 
 	function CI_DB_odbc_driver($params)
 	{
-		parent::CI_DB($params);
+		parent::CI_DB_driver($params);
 
 		$this->_random_keyword = ' RND('.time().')'; // database specific random keyword
 	}
diff --git a/user_guide/changelog.html b/user_guide/changelog.html
index 865bdd8ac..62f6b4f33 100644
--- a/user_guide/changelog.html
+++ b/user_guide/changelog.html
@@ -108,6 +108,7 @@ Change Log
 	<li>Fixed a bug (#160) - Removed unneeded array copy in the file cache driver.</li>
 	<li>Fixed a bug (#150) - <samp>field_data()</samp> now correctly returns column length.</li>
 	<li>Fixed a bug (#8) - <samp>load_class()</samp> now looks for core classes in <samp>APPPATH</samp> first, allowing them to be replaced.</li>
+	<li>Fixed a bug (#24) - ODBC database driver called incorrect parent in __construct().</li>
 </ul>
 
 <h2>Version 2.0.3</h2>
-- 
cgit v1.2.3-24-g4f1b


From 6935931e0165aed0ef2d5bc9c0f51bf845969c35 Mon Sep 17 00:00:00 2001
From: Eric Barnes <eric@ericlbarnes.com>
Date: Thu, 25 Aug 2011 18:20:02 -0300
Subject: Fixed spelling mistake.

---
 user_guide/changelog.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/user_guide/changelog.html b/user_guide/changelog.html
index d7a6c7e05..865bdd8ac 100644
--- a/user_guide/changelog.html
+++ b/user_guide/changelog.html
@@ -67,7 +67,7 @@ Change Log
 		<ul>
 			<li class="reactor">Callback validation rules can now accept parameters like any other validation rule.</li>
 			<li class="reactor">Ability to log certain error types, not all under a threshold.</li>
-			<li class="reactor">Added html_escape() to the <a href="general/common_functions.html">Common functions</a> to escape HTML output for preventing XSS easliy.</li>
+			<li class="reactor">Added html_escape() to <a href="general/common_functions.html">Common functions</a> to escape HTML output for preventing XSS.</li>
 		</ul>
 	</li>
 	<li>Helpers
-- 
cgit v1.2.3-24-g4f1b


From f7345e4f5f6e44886eac337d8da064f541df8b9a Mon Sep 17 00:00:00 2001
From: Paul <p4ul.sincl4ir@gmail.com>
Date: Sat, 27 Aug 2011 06:51:16 +1200
Subject: changed private functions to protected so MY_URI can override them.

---
 system/core/URI.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/system/core/URI.php b/system/core/URI.php
index a3ae20cc3..8946bc76b 100755
--- a/system/core/URI.php
+++ b/system/core/URI.php
@@ -175,7 +175,7 @@ class CI_URI {
 	 * @access	private
 	 * @return	string
 	 */
-	private function _detect_uri()
+	protected function _detect_uri()
 	{
 		if ( ! isset($_SERVER['REQUEST_URI']) OR ! isset($_SERVER['SCRIPT_NAME']))
 		{
@@ -232,7 +232,7 @@ class CI_URI {
 	 * @access	private
 	 * @return	string
 	 */
-	private function _parse_cli_args()
+	protected function _parse_cli_args()
 	{
 		$args = array_slice($_SERVER['argv'], 1);
 
-- 
cgit v1.2.3-24-g4f1b


From eb630f32810c5d3eaa5e5c4df7183034f181e07c Mon Sep 17 00:00:00 2001
From: Paul <p4ul.sincl4ir@gmail.com>
Date: Sat, 27 Aug 2011 10:22:41 +1200
Subject: added core heading and note about protected functions in URI

---
 user_guide/changelog.html | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/user_guide/changelog.html b/user_guide/changelog.html
index 865bdd8ac..f82dac9fa 100644
--- a/user_guide/changelog.html
+++ b/user_guide/changelog.html
@@ -95,6 +95,12 @@ Change Log
 			<li><samp>CI_Loader::_ci_autoloader()</samp> is now a protected method.</li>
 		</ul>
 	</li>
+	<li>Core
+		<ul>
+
+	                <li class="reactor">Changed private functions in CI_URI to protected so MY_URI can override them.</li>
+		</ul>
+	</li>
 </ul>
 
 <h3>Bug fixes for 2.1.0</h3>
-- 
cgit v1.2.3-24-g4f1b


From 1c342ebc83b2d303ba68415ce2ec6b5b173a1b66 Mon Sep 17 00:00:00 2001
From: Paul <p4ul.sincl4ir@gmail.com>
Date: Sat, 27 Aug 2011 10:23:38 +1200
Subject: spacing removed

---
 user_guide/changelog.html | 1 -
 1 file changed, 1 deletion(-)

diff --git a/user_guide/changelog.html b/user_guide/changelog.html
index f82dac9fa..bb80ab8b8 100644
--- a/user_guide/changelog.html
+++ b/user_guide/changelog.html
@@ -97,7 +97,6 @@ Change Log
 	</li>
 	<li>Core
 		<ul>
-
 	                <li class="reactor">Changed private functions in CI_URI to protected so MY_URI can override them.</li>
 		</ul>
 	</li>
-- 
cgit v1.2.3-24-g4f1b


From 901998a9a517d96faff5c24fb40f98961f83c3cd Mon Sep 17 00:00:00 2001
From: Phil Sturgeon <email@philsturgeon.co.uk>
Date: Fri, 26 Aug 2011 10:03:33 +0100
Subject: Removed some error suppression, which would hide a Notice if the path
 cannot be read. I discovered this by foolishly passing the file_path, not the
 full_path but took forever for me to realise this as the error returned
 (thanks to this error suppression) was "GD is not installed" instead of "File
 cannot be read". Seeing that notice would have made much more sense.

---
 system/libraries/Image_lib.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/system/libraries/Image_lib.php b/system/libraries/Image_lib.php
index 8902f524d..a8a0387d8 100644
--- a/system/libraries/Image_lib.php
+++ b/system/libraries/Image_lib.php
@@ -1334,7 +1334,7 @@ class CI_Image_lib {
 			return FALSE;
 		}
 
-		$vals = @getimagesize($path);
+		$vals = getimagesize($path);
 
 		$types = array(1 => 'gif', 2 => 'jpeg', 3 => 'png');
 
-- 
cgit v1.2.3-24-g4f1b


From ddae533eee59e356ed6f40a4f4976162c592965e Mon Sep 17 00:00:00 2001
From: Phil Sturgeon <email@philsturgeon.co.uk>
Date: Fri, 26 Aug 2011 10:12:10 +0100
Subject: Moved the "is_unique" change log to 2.1.0-dev where it should have
 been first time. Sorry about that one, had to manually separate 2.0.3 changes
 from 2.1.0 based mainly on memory.

---
 user_guide/changelog.html | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/user_guide/changelog.html b/user_guide/changelog.html
index ff04787cf..c030ce77c 100644
--- a/user_guide/changelog.html
+++ b/user_guide/changelog.html
@@ -94,11 +94,12 @@ Change Log
 			<li class="reactor">Driver children can be located in any package path.</li>
 			<li class="reactor">Added max_filename_increment config setting for Upload library.</li>
 			<li><samp>CI_Loader::_ci_autoloader()</samp> is now a protected method.</li>
+			<li class="reactor">Added <kbd>is_unique</kbd> to the <a href="libraries/form_validation.html">Form Validation library</a>.</li>
 		</ul>
 	</li>
 	<li>Core
 		<ul>
-	                <li class="reactor">Changed private functions in CI_URI to protected so MY_URI can override them.</li>
+			<li class="reactor">Changed private functions in CI_URI to protected so MY_URI can override them.</li>
 		</ul>
 	</li>
 </ul>
@@ -153,7 +154,6 @@ Change Log
 	<li>Libraries
 		<ul>
 			<li>Altered Session to use a longer match against the user_agent string. See upgrade notes if using database sessions.</li>
-			<li class="reactor">Added <kbd>is_unique</kbd> to the <a href="libraries/form_validation.html">Form Validation library</a>.</li>
 			<li class="reactor">Added <kbd>$this->db->set_dbprefix()</kbd> to the <a href="database/queries.html">Database Driver</a>.</li>
 			<li class="reactor">Changed <kbd>$this->cart->insert()</kbd> in the <a href="libraries/cart.html">Cart Library</a> to return the Row ID if a single item was inserted successfully.</li>
 			<li class="reactor">Added <kbd>$this->load->get_var()</kbd> to the <a href="libraries/loader.html">Loader library</a> to retrieve global vars set with <kbd>$this->load->view()</kbd> and <kbd>$this->load->vars()</kbd>.</li>
-- 
cgit v1.2.3-24-g4f1b


From 44cdece942c310f5520497dbde4febc26e96c27e Mon Sep 17 00:00:00 2001
From: Phil Sturgeon <email@philsturgeon.co.uk>
Date: Fri, 26 Aug 2011 12:23:18 +0100
Subject: Bumped URL Helper version number.

---
 user_guide/helpers/url_helper.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/user_guide/helpers/url_helper.html b/user_guide/helpers/url_helper.html
index de28a6f56..e60e96bf0 100644
--- a/user_guide/helpers/url_helper.html
+++ b/user_guide/helpers/url_helper.html
@@ -27,7 +27,7 @@
 <div id="masthead">
 <table cellpadding="0" cellspacing="0" border="0" style="width:100%">
 <tr>
-<td><h1>CodeIgniter User Guide Version 2.0.0</h1></td>
+<td><h1>CodeIgniter User Guide Version 2.0.3</h1></td>
 <td id="breadcrumb_right"><a href="../toc.html">Table of Contents Page</a></td>
 </tr>
 </table>
-- 
cgit v1.2.3-24-g4f1b


From d8f002c6c92ed8395331b69ea77c4e5a83bfd83c Mon Sep 17 00:00:00 2001
From: Iban Eguia <admin@razican.com>
Date: Fri, 26 Aug 2011 14:34:38 +0200
Subject: Removed some documentation for PHP 4 users in the active record
 documentation.

---
 user_guide/database/active_record.html | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

diff --git a/user_guide/database/active_record.html b/user_guide/database/active_record.html
index 92d9614d5..0f09e78c3 100644
--- a/user_guide/database/active_record.html
+++ b/user_guide/database/active_record.html
@@ -79,9 +79,6 @@ is generated by each database adapter.  It also allows for safer queries, since
 
 <p>The following functions allow you to build SQL <strong>SELECT</strong> statements.</p>
 
-<p><strong>Note: If you are using PHP 5 you can use method chaining for more compact syntax. This is described at the end of the page.</strong></p>
-
-
 <h2>$this->db->get();</h2>
 
 <p>Runs the selection query and returns the result.  Can be used by itself to retrieve all records from a table:</p>
@@ -532,7 +529,7 @@ $this->db->insert('mytable', $object);
 <p>Generates an insert string based on the data you supply, and runs the query. You can either pass an
 <strong>array</strong> or an <strong>object</strong> to the function.  Here is an example using an array:</p>
 
-<code> 
+<code>
 $data = array(<br/>
 &nbsp;&nbsp;&nbsp;array(<br />
 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;'title' => 'My title' ,<br />
@@ -544,7 +541,7 @@ $data = array(<br/>
 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;'name' => 'Another Name' ,<br />
 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;'date' => 'Another date'<br />
 &nbsp;&nbsp;&nbsp;)<br/>
-);<br /> 
+);<br />
 <br />
 $this->db->update_batch('mytable', $data);
 <br /><br />
-- 
cgit v1.2.3-24-g4f1b


From b183ece10dcde599c04af412f0f5c1c776ed29d8 Mon Sep 17 00:00:00 2001
From: Eric Barnes <eric@ericlbarnes.com>
Date: Fri, 26 Aug 2011 14:42:52 -0400
Subject: Changed CI_VERSION to represent develop branch

---
 system/core/CodeIgniter.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/system/core/CodeIgniter.php b/system/core/CodeIgniter.php
index 0a1391d18..aca4fb23c 100755
--- a/system/core/CodeIgniter.php
+++ b/system/core/CodeIgniter.php
@@ -39,7 +39,7 @@
 	 * @var string
 	 *
 	 */
-	define('CI_VERSION', '2.0.2');
+	define('CI_VERSION', '2.1.0-dev');
 
 /**
  * CodeIgniter Branch (Core = TRUE, Reactor = FALSE)
-- 
cgit v1.2.3-24-g4f1b


From d720af7ce5539c0c5f1a604358a96bcf54af80fd Mon Sep 17 00:00:00 2001
From: Bruno Bierbaumer <bruno.bierbaumer@symvaro.com>
Date: Sat, 27 Aug 2011 16:13:14 +0200
Subject: add Android user agent

---
 application/config/user_agents.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/application/config/user_agents.php b/application/config/user_agents.php
index e2d3c3af0..4746f2fcd 100644
--- a/application/config/user_agents.php
+++ b/application/config/user_agents.php
@@ -126,6 +126,7 @@ $mobiles = array(
 					'sendo'				=> "Sendo",
 
 					// Operating Systems
+					'android'				=> "Android",
 					'symbian'				=> "Symbian",
 					'SymbianOS'				=> "SymbianOS",
 					'elaine'				=> "Palm",
-- 
cgit v1.2.3-24-g4f1b


From 95b7994a298a7c57118c59e03a1aa43bd804bce4 Mon Sep 17 00:00:00 2001
From: Bruno Bierbaumer <bruno.bierbaumer@symvaro.com>
Date: Sat, 27 Aug 2011 16:52:24 +0200
Subject: add Android user agent

---
 user_guide/changelog.html | 1 +
 1 file changed, 1 insertion(+)

diff --git a/user_guide/changelog.html b/user_guide/changelog.html
index 33e0a62c1..978b710be 100644
--- a/user_guide/changelog.html
+++ b/user_guide/changelog.html
@@ -65,6 +65,7 @@ Change Log
 <ul>
 	<li>General Changes
 		<ul>
+			<li class="reactor">Added Android to the list of user agents.</li>
 			<li class="reactor">Callback validation rules can now accept parameters like any other validation rule.</li>
 			<li class="reactor">Ability to log certain error types, not all under a threshold.</li>
 			<li class="reactor">Added html_escape() to <a href="general/common_functions.html">Common functions</a> to escape HTML output for preventing XSS.</li>
-- 
cgit v1.2.3-24-g4f1b


From 8cc0cfe1ab1e10aad71d14e0b43e05444c00693d Mon Sep 17 00:00:00 2001
From: freewil <sean@eternalrise.com>
Date: Sat, 27 Aug 2011 21:53:00 -0400
Subject: always use charset config item

---
 application/config/config.php        | 2 ++
 system/core/Security.php             | 3 ++-
 system/helpers/form_helper.php       | 7 ++-----
 system/helpers/typography_helper.php | 5 ++++-
 4 files changed, 10 insertions(+), 7 deletions(-)

diff --git a/application/config/config.php b/application/config/config.php
index 880393c29..a6d10d8dc 100644
--- a/application/config/config.php
+++ b/application/config/config.php
@@ -79,6 +79,8 @@ $config['language']	= 'english';
 | This determines which character set is used by default in various methods
 | that require a character set to be provided.
 |
+| See http://php.net/htmlspecialchars for a list of supported charsets.
+|
 */
 $config['charset'] = 'UTF-8';
 
diff --git a/system/core/Security.php b/system/core/Security.php
index 342455f27..cc21ddc91 100755
--- a/system/core/Security.php
+++ b/system/core/Security.php
@@ -525,9 +525,10 @@ class CI_Security {
 	 * @param	string
 	 * @return	string
 	 */
-	public function entity_decode($str, $charset='UTF-8')
+	public function entity_decode($str, $charset = NULL)
 	{
 		if (stristr($str, '&') === FALSE) return $str;
+		if (empty($charset)) $charset = config_item('charset');
 
 		// The reason we are not using html_entity_decode() by itself is because
 		// while it is not technically correct to leave out the semicolon
diff --git a/system/helpers/form_helper.php b/system/helpers/form_helper.php
index d9305c00b..130daee6a 100644
--- a/system/helpers/form_helper.php
+++ b/system/helpers/form_helper.php
@@ -642,11 +642,8 @@ if ( ! function_exists('form_prep'))
 		{
 			return $str;
 		}
-
-		$str = htmlspecialchars($str);
-
-		// In case htmlspecialchars misses these.
-		$str = str_replace(array("'", '"'), array("&#39;", "&quot;"), $str);
+		
+		$str = html_escape($str);
 
 		if ($field_name != '')
 		{
diff --git a/system/helpers/typography_helper.php b/system/helpers/typography_helper.php
index 19b4eec03..0bb0938a4 100644
--- a/system/helpers/typography_helper.php
+++ b/system/helpers/typography_helper.php
@@ -82,9 +82,12 @@ if ( ! function_exists('auto_typography'))
  */
 if ( ! function_exists('entity_decode'))
 {
-	function entity_decode($str, $charset='UTF-8')
+	function entity_decode($str, $charset = NULL)
 	{
 		global $SEC;
+		
+		if (empty($charset)) $charset = config_item('charset');
+		
 		return $SEC->entity_decode($str, $charset);
 	}
 }
-- 
cgit v1.2.3-24-g4f1b


From dae42fa65fc65e43d704f1a6c139e985e93486f4 Mon Sep 17 00:00:00 2001
From: bubbafoley <bubbafoley@gmail.com>
Date: Sun, 28 Aug 2011 00:54:24 -0500
Subject: Fix the default migration path.

---
 system/libraries/Migration.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/system/libraries/Migration.php b/system/libraries/Migration.php
index 3943ec130..3734e18f5 100644
--- a/system/libraries/Migration.php
+++ b/system/libraries/Migration.php
@@ -57,7 +57,7 @@ class CI_Migration {
 		}
 
 		// If not set, set it
-		$this->_migration_path == '' OR $this->_migration_path = APPPATH . 'migrations/';
+		$this->_migration_path == '' AND $this->_migration_path = APPPATH . 'migrations/';
 
 		// Add trailing slash if not set
 		$this->_migration_path = rtrim($this->_migration_path, '/').'/';
-- 
cgit v1.2.3-24-g4f1b


From 4c907236af3b6dc11a7b4989ece1c84a26483c46 Mon Sep 17 00:00:00 2001
From: Phil Sturgeon <email@philsturgeon.co.uk>
Date: Sun, 28 Aug 2011 17:11:03 +0100
Subject: Fixed recent change to $this->db->field_data() which errored for
 field types without constraints. It now uses a less expecting regex and
 defaults to NULL.

---
 system/database/drivers/mysql/mysql_result.php   | 4 ++--
 system/database/drivers/mysqli/mysqli_result.php | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/system/database/drivers/mysql/mysql_result.php b/system/database/drivers/mysql/mysql_result.php
index 2d2905c98..6ceaf4b9b 100644
--- a/system/database/drivers/mysql/mysql_result.php
+++ b/system/database/drivers/mysql/mysql_result.php
@@ -86,10 +86,10 @@ class CI_DB_mysql_result extends CI_DB_result {
 		$retval = array();
 		while ($field = mysql_fetch_object($this->result_id))
 		{
-			preg_match('/([a-zA-Z]+)\((\d+)\)/', $field->Type, $matches);
+			preg_match('/([a-zA-Z]+)(\((\d+)\))?/i', $field->Type, $matches);
 
 			$type = $matches[1];
-			$length = (int)$matches[2];
+			$length = isset($matches[3]) ? (int) $matches[3] : NULL;
 
 			$F				= new stdClass();
 			$F->name		= $field->Field;
diff --git a/system/database/drivers/mysqli/mysqli_result.php b/system/database/drivers/mysqli/mysqli_result.php
index ac863056a..bbfb8481a 100644
--- a/system/database/drivers/mysqli/mysqli_result.php
+++ b/system/database/drivers/mysqli/mysqli_result.php
@@ -86,10 +86,10 @@ class CI_DB_mysqli_result extends CI_DB_result {
 		$retval = array();
 		while ($field = mysqli_fetch_object($this->result_id))
 		{
-			preg_match('/([a-zA-Z]+)\((\d+)\)/', $field->Type, $matches);
+			preg_match('/([a-zA-Z]+)(\((\d+)\))?/i', $field->Type, $matches);
 
 			$type = $matches[1];
-			$length = (int)$matches[2];
+			$length = isset($matches[3]) ? (int) $matches[3] : NULL;
 
 			$F				= new stdClass();
 			$F->name		= $field->Field;
-- 
cgit v1.2.3-24-g4f1b


From 5c9b0d1b5618ade5c6aa70475b08b3066f14ff3e Mon Sep 17 00:00:00 2001
From: freewil <sean@eternalrise.com>
Date: Sun, 28 Aug 2011 12:15:23 -0400
Subject: always use charset config item

---
 system/core/Security.php             | 11 +++++++++--
 system/helpers/typography_helper.php |  7 ++++---
 2 files changed, 13 insertions(+), 5 deletions(-)

diff --git a/system/core/Security.php b/system/core/Security.php
index cc21ddc91..e99418bdd 100755
--- a/system/core/Security.php
+++ b/system/core/Security.php
@@ -527,8 +527,15 @@ class CI_Security {
 	 */
 	public function entity_decode($str, $charset = NULL)
 	{
-		if (stristr($str, '&') === FALSE) return $str;
-		if (empty($charset)) $charset = config_item('charset');
+		if (stristr($str, '&') === FALSE)
+		{
+			return $str;
+		}
+		
+		if (empty($charset))
+		{
+			$charset = config_item('charset');
+		}
 
 		// The reason we are not using html_entity_decode() by itself is because
 		// while it is not technically correct to leave out the semicolon
diff --git a/system/helpers/typography_helper.php b/system/helpers/typography_helper.php
index 0bb0938a4..82e686e53 100644
--- a/system/helpers/typography_helper.php
+++ b/system/helpers/typography_helper.php
@@ -39,9 +39,7 @@ if ( ! function_exists('nl2br_except_pre'))
 	function nl2br_except_pre($str)
 	{
 		$CI =& get_instance();
-
 		$CI->load->library('typography');
-
 		return $CI->typography->nl2br_except_pre($str);
 	}
 }
@@ -86,7 +84,10 @@ if ( ! function_exists('entity_decode'))
 	{
 		global $SEC;
 		
-		if (empty($charset)) $charset = config_item('charset');
+		if (empty($charset))
+		{
+			$charset = config_item('charset');
+		}
 		
 		return $SEC->entity_decode($str, $charset);
 	}
-- 
cgit v1.2.3-24-g4f1b