diff options
author | ftwbzhao <b.zhao1@gmail.com> | 2015-04-09 16:32:41 +0200 |
---|---|---|
committer | ftwbzhao <b.zhao1@gmail.com> | 2015-04-09 16:32:41 +0200 |
commit | b587698dd45396b91106bd7c894a79747b1fb7a9 (patch) | |
tree | 76a1d614976dd0b695e513a40f9235e3b9f7f82c /user_guide_src | |
parent | 9b9a06c9635cd3b4fce0aebe4d2eead4809999a5 (diff) | |
parent | fd363f224d7886eb686434d7a835eaa49183d8e6 (diff) |
Merge branch 'develop' of https://github.com/bcit-ci/CodeIgniter into develop
Diffstat (limited to 'user_guide_src')
-rw-r--r-- | user_guide_src/source/changelog.rst | 22 | ||||
-rw-r--r-- | user_guide_src/source/conf.py | 4 | ||||
-rw-r--r-- | user_guide_src/source/database/forge.rst | 4 | ||||
-rw-r--r-- | user_guide_src/source/general/security.rst | 12 | ||||
-rw-r--r-- | user_guide_src/source/installation/upgrade_300.rst | 2 | ||||
-rw-r--r-- | user_guide_src/source/tutorial/static_pages.rst | 6 |
6 files changed, 33 insertions, 17 deletions
diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index a1b15105f..8fa4d1ef1 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -2,11 +2,25 @@ Change Log ########## -Version 3.0 (planned) -======================= +Version 3.0.1 +============= Release Date: Not Released +- Core + + - Added DoS mitigation to :php:func:`hash_pbkdf2()` :doc:`compatibility function <general/compatibility_functions>`. + +Bug fixes for 3.0.1 +------------------- + +- Fixed a bug (#3733) - Autoloading of libraries with aliases didn't work, although it was advertised to. + +Version 3.0.0 +============= + +Release Date: March 30, 2015 + - License - CodeIgniter has been relicensed with the `MIT License <http://opensource.org/licenses/MIT>`_, eliminating its old proprietary licensing. @@ -565,7 +579,7 @@ Release Date: Not Released - Changed the library constructor to try to create the **log_path** directory if it doesn't exist. - Added support for microseconds ("u" date format character) in ``$config['log_date_format']``. - - Added `compatibility layers <general/compatibility_functions>` for: + - Added :doc:`compatibility layers <general/compatibility_functions>` for: - `Multibyte String <http://php.net/mbstring>`_ (limited support). - `Hash <http://php.net/hash>`_ (``hash_equals()``, ``hash_pbkdf2()``). @@ -579,7 +593,7 @@ Release Date: Not Released Bug fixes for 3.0 ------------------- +----------------- - Fixed a bug where ``unlink()`` raised an error if cache file did not exist when you try to delete it. - Fixed a bug (#181) - a typo in the form validation language file. diff --git a/user_guide_src/source/conf.py b/user_guide_src/source/conf.py index d65fe0dfd..1704654b6 100644 --- a/user_guide_src/source/conf.py +++ b/user_guide_src/source/conf.py @@ -48,9 +48,9 @@ copyright = u'2014 - 2015, British Columbia Institute of Technology' # built documents. # # The short X.Y version. -version = '3.0' +version = '3.0.1' # The full version, including alpha/beta/rc tags. -release = '3.0-dev' +release = '3.0.0-dev' # The language for content autogenerated by Sphinx. Refer to documentation # for a list of supported languages. diff --git a/user_guide_src/source/database/forge.rst b/user_guide_src/source/database/forge.rst index 89fac023e..a4edada5c 100644 --- a/user_guide_src/source/database/forge.rst +++ b/user_guide_src/source/database/forge.rst @@ -227,7 +227,7 @@ Execute a DROP TABLE statement and optionally add an IF EXISTS clause. $this->dbforge->drop_table('table_name'); // Produces: DROP TABLE IF EXISTS table_name - $this->dbforge->drop_table('table_name'); + $this->dbforge->drop_table('table_name',TRUE); Renaming a table @@ -405,4 +405,4 @@ Class Reference :returns: TRUE on success, FALSE on failure :rtype: bool - Renames a table. Usage: See `Renaming a table`_.
\ No newline at end of file + Renames a table. Usage: See `Renaming a table`_. diff --git a/user_guide_src/source/general/security.rst b/user_guide_src/source/general/security.rst index efc821f2b..fcfe4c24b 100644 --- a/user_guide_src/source/general/security.rst +++ b/user_guide_src/source/general/security.rst @@ -143,11 +143,15 @@ with that. Please read below. feature, just randomly generate a new, one-time (this is also important) password and send that instead. -- DO NOT put artificial limits on your users' passwords. +- DO NOT put unnecessary limits on your users' passwords. - There's no point in forcing a rule that a password can only be up to - a number of characters, or that it can't contain a certain set of - special characters. + If you're using a hashing algorithm other than BCrypt (which has a limit + of 72 characters), you should set a relatively high limit on password + lengths in order to mitigate DoS attacks - say, 1024 characters. + + Other than that however, there's no point in forcing a rule that a + password can only be up to a number of characters, or that it can't + contain a certain set of special characters. Not only does this **reduce** security instead of improving it, but there's literally no reason to do it. No technical limitations and diff --git a/user_guide_src/source/installation/upgrade_300.rst b/user_guide_src/source/installation/upgrade_300.rst index 7e3479740..a3d712482 100644 --- a/user_guide_src/source/installation/upgrade_300.rst +++ b/user_guide_src/source/installation/upgrade_300.rst @@ -2,8 +2,6 @@ Upgrading from 2.2.x to 3.0.0 ############################# -.. note:: These upgrade notes are for a version that is yet to be released. - Before performing an update you should take your site offline by replacing the index.php file with a static one. ************************************* diff --git a/user_guide_src/source/tutorial/static_pages.rst b/user_guide_src/source/tutorial/static_pages.rst index 210d9f8d6..62b3469ad 100644 --- a/user_guide_src/source/tutorial/static_pages.rst +++ b/user_guide_src/source/tutorial/static_pages.rst @@ -12,14 +12,14 @@ It is the glue of your web application. For example, when a call is made to: - http://example.com/news/latest/10 + http://example.com/news/latest/10 We might imagine that there is a controller named "news". The method being called on news would be "latest". The news method's job could be to grab 10 news items, and render them on the page. Very often in MVC, you'll see URL patterns that match: - http://example.com/[controller-class]/[controller-method]/[arguments] + http://example.com/[controller-class]/[controller-method]/[arguments] As URL schemes become more complex, this may change. But for now, this is all we will need to know. @@ -64,7 +64,7 @@ following code. </head> <body> - <h1>CodeIgniter Tutorial</h1> + <h1><?php echo $title ?></h1> The header contains the basic HTML code that you'll want to display before loading the main view, together with a heading. It will also |