summaryrefslogtreecommitdiff
AgeCommit message (Expand)Author
2014-08-18extra null checksBen Fuhrmannek
2014-08-01fixed potential segfault/hashtable inconsistency for disable_display_errors=failBen Fuhrmannek
2014-07-27reintroduced loop-free check for invalid varnames in suhosin_register_server_...Ben Fuhrmannek
2014-07-24re-introduced suhosin_is_protected_varname as extra varname checkBen Fuhrmannek
2014-07-17suhosin_get_raw_cookies() parses cookies in reverse order to give first occur...Ben Fuhrmannek
2014-07-17minor changes / no more compiler warningsBen Fuhrmannek
2014-07-17some php_varname_check()s may be silent as we produce custom errorsBen Fuhrmannek
2014-07-17more redundancy removed / varname checksBen Fuhrmannek
2014-07-17import_request_variables() will only be replaced with PHP < 5.4.0Ben Fuhrmannek
2014-07-17removed redundant implementations of protected varname checkBen Fuhrmannek
2014-07-16rewrite of register_server_variables - less redundancy (may be slower though)Ben Fuhrmannek
2014-07-16updated suhosin versionBen Fuhrmannek
2014-07-16fixed duplicate char* declaration. (closes #51)Ben Fuhrmannek
2014-07-15replaced suhosin_register_cookie_variable + suhosin_register_cookie_variable_...Ben Fuhrmannek
2014-07-15simplified else/breakBen Fuhrmannek
2014-07-14updated changelog after mergeBen Fuhrmannek
2014-07-14Merge branch 'filter'Ben Fuhrmannek
2014-07-14Merge branch 'sql'Ben Fuhrmannek
2014-07-14updated changelogBen Fuhrmannek
2014-07-14*ignore*Ben Fuhrmannek
2014-07-12introduced suhosin.upload.allow_utf8Ben Fuhrmannek
2014-07-11remove_binary and disallow_binary allow utf-8. +testcasesBen Fuhrmannek
2014-07-11disallow_ws now matches all single-byte whitespace charactersBen Fuhrmannek
2014-07-09untested features must be enabled: configure --enable-suhosin-experimentalBen Fuhrmannek
2014-07-09experimental PDO supportBen Fuhrmannek
2014-07-09test cases for user_prefix + user_postfixBen Fuhrmannek
2014-07-09SQL username check in sim. mode checks only for the first occ. of inv. charsBen Fuhrmannek
2014-07-09enforce SQL username check + return FALSE instead of bailoutBen Fuhrmannek
2014-07-09more files to be ignored by gitBen Fuhrmannek
2014-07-09added sql.user_match + username character checkBen Fuhrmannek
2014-07-07brand new default suhosin.ini with documentation and correct default valuesBen Fuhrmannek
2014-06-24Added SQL injection protection for Mysqli and several test casesBen Fuhrmannek
2014-06-10Prepare release of suhosin-0.9.36suhosin-0.9.36Stefan Esser
2014-06-09Improve SessionHandler() recursion protectionStefan Esser
2014-06-09Fixed problem with SessionHandler() class and endless recursionStefan Esser
2014-06-09Document new rand/mt_rand featuresStefan Esser
2014-06-09Add suhosin.rand.seedingkey to protectkey testStefan Esser
2014-06-09Added various improvements to rand()/mt_rand() protectionStefan Esser
2014-06-09Whitespace fixStefan Esser
2014-06-09Fix variable logging statistics outputting on every includeStefan Esser
2014-06-09Add protection against injection attacks (like XSS/SQL/other) through HTTP Us...Stefan Esser
2014-05-15List changesStefan Esser
2014-05-15Adding some tests for logging shellscriptsStefan Esser
2014-05-15Better handling of non existing/non executable fileupload verification scriptsStefan Esser
2014-05-15Better tracking of non existing/non executable logging scriptsStefan Esser
2014-05-13Add new Changelog and fix version numberStefan Esser
2014-05-13Add LICENSE file so that linux distributions are magically happyStefan Esser
2014-02-24Prepare release of suhosin extension 0.9.35suhosin-0.9.35Stefan Esser
2014-02-18Some tests for the cookie encryption feature from BenStefan Esser
2014-02-18For test compatibility with PHP 5.3Stefan Esser