Gitiles
Code Review Sign In
www.giggi.me / code-igniter-v3-giggi / 62b8cae55d69775f09e3d64a6d35420c30241f98 / system / core / Input.php
  1. 773e117 Remove a few spaces by Andrey Andreev · 13 years ago
  2. 9448afb Fix CI_Input::is_ajax_request() by Andrey Andreev · 13 years ago
  3. d63e401 Adding in a few 503 status codes for common errors in response to this ExpressionEngine bug about errors getting cached by reverse proxies who cache 200 responses: http://expressionengine.com/bug_tracker/bug/17420 by Kevin Cupp · 13 years ago
  4. 90cfe14 Switch private methods to protected by Andrey Andreev · 13 years ago
  5. 1377497 Switch some public properties to protected by Andrey Andreev · 13 years ago
  6. 64e98aa Improve code Input & Model libraries by Andrey Andreev · 13 years ago
  7. 0defe5d Updating copyright date to 2012 by Greg Aker · 13 years ago
  8. c00a5a0 Merge master (2.1.0) and fixed conflicts. by Phil Sturgeon · 13 years ago
  9. 75b1f39 get_magic_quotes_gpc() to be executed only if PHP version is 5.3 or lower by Andrey Andreev · 13 years ago
  10. f4a4bd8 adding new license file (OSL 3.0) and updating readme to ReST by Derek Jones · 13 years ago
  11. af72862 get_magic_quotes_gpc() to be executed only if PHP version is 5.3 or lower by Andrey Andreev · 13 years ago
  12. 8d263b0 Suppress warnings generated by get_magic_quotes_gpc() (issue #467) by Andrey Andreev · 13 years ago
  13. 4721379 Update: change _fetch_from_array form private to protected by Bo-Yi Wu · 13 years ago
  14. 013c895 Update: modified return bool value on comment by Bo-Yi Wu · 13 years ago
  15. 4ddee14 Update: check filter_var function exist by Bo-Yi Wu · 13 years ago
  16. 4db872f Update: add public or private prefix. by Bo-Yi Wu · 13 years ago
  17. c9f84c1 Update: if php version >= 5.2, use filter_var to check validate ip. by Bo-Yi Wu · 13 years ago
  18. 38e4a77 Merge branch 'issue227' of https://github.com/johnbellone/CodeIgniter into develop by Phil Sturgeon · 13 years ago
  19. 16f27b4 Changed order by John Bellone · 13 years ago
  20. 52c10b6 Making changes to stop remote spoofing by John Bellone · 13 years ago
  21. 4fbda2a881 Merge branch 'develop' of github.com:philsturgeon/codeigniter-reactor into develop by Phil Sturgeon · 13 years ago
  22. cda768a Added some docs to CI core files by David Behler · 13 years ago
  23. 9b5df59 Added some docs to CI core files by David Behler · 13 years ago
  24. fe1d45a Fixed conflicts. by Phil Sturgeon · 13 years ago
  25. c5dccf7 Get php_sapi_name() == 'cli' involved in the 'is this the command line?' decision. by Phil Sturgeon · 13 years ago
  26. 37f4b9c backed out 648b42a75739, which was a NON-trivial whitespace commit. It broke the Typography class's string replacements, for instance by Derek Jones · 14 years ago
  27. 4b9c629 backed out 648b42a75739, which was a NON-trivial whitespace commit. It broke the Typography class's string replacements, for instance by Derek Jones · 14 years ago
  28. 114ab09 Fixed double-space typo. by Razican · 14 years ago
  29. 14a0ac6 Moving security to core. by Pascal Kriete · 14 years ago
  30. 82f9b15 Standardized newlines even more extensively in Input class. by Phil Sturgeon · 14 years ago
  31. 9aa7dc9 Bugfix in foreach-loop ('name' must be last, as it also is the array's name); consistent handling for 'cookie_secure' config item by tobiasbg · 14 years ago
  32. 33ed0f3 Merged CodeIgniter Core changes and integrated rob1's secure cookie change into my secure cookie change. by Phil Sturgeon · 14 years ago
  33. d8d1e24 Secure cookies can now be made with the set_cookie() helper and Input Class method. by Phil Sturgeon · 14 years ago
  34. 44f2105 Input post() and get() will now return a full array if the first argument is not provided. by Phil Sturgeon · 14 years ago
  35. d98325d Automated merge with https://bitbucket.org/seandowney/codeigniter-reactor by Phil Sturgeon · 14 years ago
  36. 5d5895f Whitespace cleanup in core/ by Pascal Kriete · 14 years ago
  37. ff1cfa1 Updated the post method and added the new functionality to the get method also by vascopj · 14 years ago
  38. d6d9f45 Adding config option to require 'secure' setting for all cookies- requires https. by Robin Sowell · 14 years ago
  39. 0ba58b8 A change to pass all fields back if there are no fields passed into the "post" method. by vascopj · 14 years ago
  40. 3bb336c Automated merge with https://bitbucket.org/ellislab/codeigniter by Phil Sturgeon · 14 years ago
  41. aaec1e4 Renaming the unicode class to utf8 so we don't run the risk of violating the Unicode Consortium's trademark. by Pascal Kriete · 14 years ago
  42. c382871 Reverted regex validation while we re-think the implementation, and added ->input->is_cli_request(); by Phil Sturgeon · 14 years ago
  43. 0711dc8 Hey look, it's 2011 by Greg Aker · 14 years ago
  44. c808915 Implemented GET string support from Dan Horrigan and modified it slightly. Also tweaked his regex_match changes. by Phil Sturgeon · 14 years ago
  45. 65d603e Added full Query String and $_GET array support. This is enabled by default. Added a seperate config option to enable/disable the $_GET array. by Dan Horrigan · 14 years ago
  46. fd69489 Potential PHP 5.4 issue, get_magic_quotes_gpc() is being removed. This change will check the function exists before calling it in Input. by Phil Sturgeon · 14 years ago
  47. 2fae66e Fix #260 - tightening up the is_ajax_request() method in the Input class. Thanks sophistry for the suggestion by Greg Aker · 14 years ago
  48. 081ac9d Adding is_ajax_request() method to CI_Input by Greg Aker · 14 years ago
  49. ec2f571 Adding request_headers() and get_request_header() methods to the input class. The request_headers() method is helpful in non-apache environments where apache_request_headers() isn't going to exist. by Greg Aker · 14 years ago
  50. a926328 Changing all class constructors to __construct() by Greg Aker · 14 years ago
  51. 741de1c Updating PHP requirements in files 5.1.6 by Greg Aker · 14 years ago
  52. dd67197 Cleanup of stray spaces and tabs by Barry Mieny · 14 years ago
  53. 76b369e Changed a few strstr to strpos for consistency w performance guidelines and to mirror EE2. by Robin Sowell · 15 years ago
  54. 69fc4fc significant rewrite to Input class by Derek Jones · 15 years ago
  55. c68dfbf fixed EOF code comment file locations by Derek Jones · 15 years ago
  56. b97d21f moving core library files out of libraries into new core folder by Derek Jones · 15 years ago[Renamed from system/libraries/Input.php]
  57. 7f3719f updated copyrights by Derek Jones · 15 years ago
  58. e24f61a added hyphens to allowed characters in GET keys and vals in submitted URLs in xss_clean() by Derek Jones · 15 years ago
  59. 16d40d7 Fixed a case sensitive string replacement, simplified redundant string replacement by Derek Jones · 16 years ago
  60. fc395a1 updated copyrights to 2009 by Derek Jones · 16 years ago
  61. 42b2e17 ... replaced $CFG->item() with config_item() by Derek Jones · 16 years ago
  62. 97707cc replaced $this->config-> with $CFG-> in ip_address() by Derek Jones · 16 years ago
  63. c597228 added proxy_ips config item to whitelist reverse proxy servers to use the HTTP_X_FORWARDED_FOR header safely to determine the visitor's IP address by Derek Jones · 16 years ago
  64. 9959fed improvements to xss_clean() by Derek Jones · 16 years ago
  65. ab0e31f fixed a bug where whitespace would be lost if a string was forced into a character entity e.g. by Derek Jones · 16 years ago
  66. 2067d1a Changing EOL style to LF by Derek Allard · 16 years ago
  67. 85e65f6 Propset eol-style to CRLF by Derek Jones · 16 years ago
  68. 5f02da0 whitespace by Derek Allard · 16 years ago
  69. ff5d13b syntax simplification for testing first character of string by Derek Jones · 16 years ago
  70. dc50e11 added validation of IP segments to make sure they aren't empty, e.g. 127.0..1 by Derek Jones · 16 years ago
  71. 54d3ed6 removed a global by Rick Ellis · 16 years ago
  72. bfbe735 syntax error by Derek Jones · 16 years ago
  73. 98e2532 unset $Version, $Path, and $Domain cookie keys, to prevent Disallowed Key Characters from halting app execution on environments which improperly set these as keys by Derek Jones · 16 years ago
  74. d02b5bf by Rick Ellis · 16 years ago
  75. e0fc57b removed random invisible character (ASCII 194) from HTML and PHP files by Derek Jones · 16 years ago
  76. 0c734b5 added isindex to the list of naughty never allowed tags in xss_clean() by Derek Jones · 16 years ago
  77. 9dee6ec modified regex for image tag sanitization to retain trailing space and closing slash to remain valid XHTML by Derek Jones · 16 years ago
  78. cbde3f0 changed entity standardization to require at least two characters after an ampersand before forcing a semi-colon by Derek Jones · 16 years ago
  79. dd7f4a9 re-included URL encoded characters within _remove_invisible_characters() which were mistakenly pulled out in a previous commit, not released by Derek Jones · 17 years ago
  80. 68d7bd6 changed link and image regex to be more precise in matching tags, reducing false positive matches by Derek Jones · 17 years ago
  81. e8e18fe Changed regex for onfoo event handlers to prevent unwanted matching of text such as locatiON, cONtent, etc. by Derek Jones · 17 years ago
  82. 067e5dd whitespace by Derek Jones · 17 years ago
  83. 40f38f1 simplified regex for _remove_invisible_characters() - since we rawurldecode() the string, there's no need to go looking for url encoded characters here by Derek Jones · 17 years ago
  84. d6c6998 fixed accidental removal of $converted_string in xss_clean() for image comparison by Derek Jones · 17 years ago
  85. fc18b00 added a bit of leeway for images to avoid the more common false-positives that using xss_clean() on image files might trigger by Derek Jones · 17 years ago
  86. 7aae905 Further improvements to xss_clean() by Derek Jones · 17 years ago
  87. d3ee041 Added get_post() to the Input class. Documented get() in the Input class. by Derek Allard · 17 years ago
  88. 7a3b96e picky picky Jones adjusts some syntax by Derek Jones · 17 years ago
  89. c1acb41 a few tweaks for speed by Derek Allard · 17 years ago
  90. 144cb5b simplified and refactored input filtering and retrieval by Derek Jones · 17 years ago
  91. c04f0fc emendation to on* event handler removal by Derek Jones · 17 years ago
  92. 92bb3e6 decided just to kill all on*= event handlers, rather than trying to keep up with (and require users to do the same) with a blacklist. by Derek Jones · 17 years ago
  93. 9f23e7c moved word compacting to a callback for clarity, added a few js event handlers for removal by Derek Jones · 17 years ago
  94. 908ecc6 more complete protection against malformed link tags to protect against hex entities and href=data:url exploits by Derek Jones · 17 years ago
  95. bd08d84 improved security in xss_clean(), added <audio> and <video> tags to naughty HTML tags, and the HTML5 event handlers onerror and onended by Derek Jones · 17 years ago
  96. 245038d addition xss protection against certain data urls, stripping of anything sent with utf-7 encoding by Derek Jones · 17 years ago
  97. 63fc5fe added ability to use xss_clean() to test images, and improved security for vectors particular to the Opera family of browsers by Derek Jones · 17 years ago
  98. 000ab69 Hey you! Yeah, you, that other set of hardcoded arrays in xss_clean(). You're coming with me, pal! by Derek Jones · 17 years ago
  99. e3332b0 increased security and performance of xss_clean(), added _sanitize_naughty_html() callback and removed "never allowed" items to a class property by Derek Jones · 17 years ago
  100. 0b59f27 Some sweeping syntax changes for consistency: by Derek Jones · 17 years ago