Merge upstream branch

8 files changed, 72 insertions, 22 deletions

diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst
index aacad7e7c..0c67c3ab2 100644
--- a/user_guide_src/source/changelog.rst
+++ b/user_guide_src/source/changelog.rst
@@ -43,8 +43,11 @@ Release Date: Not Released
    -  Changed humanize to include a second param for the separator.
    -  Refactored ``plural()`` and ``singular()`` to avoid double pluralization and support more words.
    -  Added an optional third parameter to ``force_download()`` that enables/disables sending the actual file MIME type in the Content-Type header (disabled by default).
+   -  Added an optional third parameter to ``timespan()`` that constrains the number of time units displayed.
    -  Added a work-around in force_download() for a bug Android <= 2.1, where the filename extension needs to be in uppercase.
    -  form_dropdown() will now also take an array for unity with other form helpers.
+   -  set_realpath() can now also handle file paths as opposed to just directories.
+   -  do_hash() now uses PHP's native hash() function, supporting more algorithms.
 
 -  Database
 
@@ -96,6 +99,7 @@ Release Date: Not Released
    -  Minor speed optimizations and method & property visibility declarations in the Calendar Library.
    -  Removed SHA1 function in the :doc:`Encryption Library <libraries/encryption>`.
    -  Added $config['csrf_regeneration'] to the CSRF protection in the :doc:`Security library <libraries/security>`, which makes token regeneration optional.
+   -  Added all_flashdata() method to session class. Returns an associative array of only flashdata.
    -  Allowed for setting table class defaults in a config file.
    -  Form Validation library now allows setting of error delimiters in the config file via $config['error_prefix'] and $config['error_suffix'].
    -  Added function error_array() to return all error messages as an array in the Form_validation class.
@@ -113,6 +117,7 @@ Release Date: Not Released
    -  $config['rewrite_short_tags'] now has no effect when using PHP 5.4 as *<?=* will always be available.
    -  Added method() to CI_Input to retrieve $_SERVER['REQUEST_METHOD'].
    -  Modified valid_ip() to use PHP's filter_var() in the :doc:`Input Library <libraries/input>`.
+   -  Added support for HTTP-Only cookies with new config option ``cookie_httponly`` (default FALSE).
 
 Bug fixes for 3.0
 ------------------
@@ -164,6 +169,7 @@ Bug fixes for 3.0
 -  Fixed a bug in the :doc:`Session Library <libraries/sessions>` where a PHP E_NOTICE error was triggered by _unserialize() due to results from databases such as MSSQL and Oracle being space-padded on the right.
 -  Fixed a bug (#501) - set_rules() to check if the request method is not 'POST' before aborting, instead of depending on count($_POST) in the :doc:`Form Validation Library <libraries/form_validation>`.
 -  Fixed a bug (#940) - csrf_verify() used to set the CSRF cookie while processing a POST request with no actual POST data, which resulted in validating a request that should be considered invalid.
+-  Fixed a bug in PostgreSQL's escape_str() where it didn't properly escape LIKE wild characters.
 
 Version 2.1.1
 =============
diff --git a/user_guide_src/source/database/active_record.rst b/user_guide_src/source/database/active_record.rst
index c04e67d2a..e328c11e2 100644
--- a/user_guide_src/source/database/active_record.rst
+++ b/user_guide_src/source/database/active_record.rst
@@ -68,7 +68,7 @@ Example::
 	// Produces string: SELECT * FROM mytable
 
 The second parameter enables you to set whether or not the active record query
-will be reset (by default it will be&mdash;just like `$this->db->get()`)::
+will be reset (by default it will be just like `$this->db->get()`)::
 
 	echo $this->db->limit(10,20)->get_compiled_select('mytable', FALSE);
 	// Produces string: SELECT * FROM mytable LIMIT 20, 10
@@ -533,7 +533,7 @@ Query grouping
 **************
 
 Query grouping allows you to create groups of WHERE clauses by enclosing them in parentheses. This will allow
-you to create queries with complex WHERE clauses. Nested groups are supported. Example:
+you to create queries with complex WHERE clauses. Nested groups are supported. Example::
 
 	$this->db->select('*')->from('my_table')
 		->group_start()
@@ -921,9 +921,9 @@ Method chaining allows you to simplify your syntax by connecting
 multiple functions. Consider this example::
 
 	$query = $this->db->select('title')
-				->where('id', $id)
-				->limit(10, 20)
-				->get('mytable');
+			->where('id', $id)
+			->limit(10, 20)
+			->get('mytable');
 
 .. _ar-caching:
 
diff --git a/user_guide_src/source/helpers/date_helper.rst b/user_guide_src/source/helpers/date_helper.rst
index ad06dd628..b21d147bd 100644
--- a/user_guide_src/source/helpers/date_helper.rst
+++ b/user_guide_src/source/helpers/date_helper.rst
@@ -255,14 +255,16 @@ Formats a unix timestamp so that is appears similar to this
 
 The first parameter must contain a Unix timestamp. The second parameter
 must contain a timestamp that is greater that the first timestamp. If
-the second parameter empty, the current time will be used. The most
-common purpose for this function is to show how much time has elapsed
-from some point in time in the past to now. 
+the second parameter empty, the current time will be used. The third 
+parameter is optional and limits the number of time units to display. 
+The most common purpose for this function is to show how much time has 
+elapsed from some point in time in the past to now. 
 
-.. php:method:: timespan($seconds = 1, $time = '')
+.. php:method:: timespan($seconds = 1, $time = '', $units = '')
 
 	:param integer 	$seconds: a number of seconds
 	:param string 	$time: Unix timestamp
+	:param integer 	$units: a number of time units to display
 	:returns: string
 
 Example
@@ -271,7 +273,8 @@ Example
 
 	$post_date = '1079621429';
 	$now = time();
-	echo timespan($post_date, $now);
+	$units = 2;
+	echo timespan($post_date, $now, $units);
 
 .. note:: The text generated by this function is found in the following language
 	file: language/<your_lang>/date_lang.php
diff --git a/user_guide_src/source/helpers/form_helper.rst b/user_guide_src/source/helpers/form_helper.rst
index 4cb0cfd38..a110f3c14 100644
--- a/user_guide_src/source/helpers/form_helper.rst
+++ b/user_guide_src/source/helpers/form_helper.rst
@@ -177,7 +177,7 @@ form to contain
 	/*
 		Would produce:
 
-		<input type="text" name="username" id="username" value="johndoe" maxlength="100" size="50" style="width:50%" />
+		<input type="text" name="username" value="johndoe" id="username" maxlength="100" size="50" style="width:50%"  />
 	*/
 
 If you would like your form to contain some additional data, like
@@ -325,7 +325,7 @@ the tag. For example
 
 	$string = "</div></div>";
 	echo form_fieldset_close($string);
-	// Would produce: </fieldset> </div></div>
+	// Would produce: </fieldset></div></div>
 
 form_checkbox()
 ===============
diff --git a/user_guide_src/source/helpers/path_helper.rst b/user_guide_src/source/helpers/path_helper.rst
index 1a70af458..847f5a08b 100644
--- a/user_guide_src/source/helpers/path_helper.rst
+++ b/user_guide_src/source/helpers/path_helper.rst
@@ -28,10 +28,16 @@ cannot be resolved.
 
 ::
 
-	$directory = '/etc/passwd'; 
-	echo set_realpath($directory); // returns "/etc/passwd"  
-	$non_existent_directory = '/path/to/nowhere'; 
-	echo set_realpath($non_existent_directory, TRUE); // returns an error, as the path could not be resolved  
-	echo set_realpath($non_existent_directory, FALSE); // returns "/path/to/nowhere"   
-
-
+	$file = '/etc/php5/apache2/php.ini';
+	echo set_realpath($file); // returns "/etc/php5/apache2/php.ini"
+
+	$non_existent_file = '/path/to/non-exist-file.txt';
+	echo set_realpath($non_existent_file, TRUE);	// shows an error, as the path cannot be resolved
+	echo set_realpath($non_existent_file, FALSE);	// returns "/path/to/non-exist-file.txt"
+
+	$directory = '/etc/php5';
+	echo set_realpath($directory);	// returns "/etc/php5/"
+	
+	$non_existent_directory = '/path/to/nowhere';
+	echo set_realpath($non_existent_directory, TRUE);	// shows an error, as the path cannot be resolved
+	echo set_realpath($non_existent_directory, FALSE);	// returns "/path/to/nowhere"
diff --git a/user_guide_src/source/helpers/security_helper.rst b/user_guide_src/source/helpers/security_helper.rst
index 01018c61a..b1bcf2b4a 100644
--- a/user_guide_src/source/helpers/security_helper.rst
+++ b/user_guide_src/source/helpers/security_helper.rst
@@ -34,8 +34,9 @@ More info can be found there.
 do_hash()
 =========
 
-Permits you to create SHA1 or MD5 one way hashes suitable for encrypting
-passwords. Will create SHA1 by default. Examples
+Permits you to create one way hashes suitable for encrypting
+passwords. Will create SHA1 by default. See `hash_algos() <http://php.net/function.hash_algos>`_
+for a full list of supported algorithms.
 
 ::
 
@@ -43,7 +44,7 @@ passwords. Will create SHA1 by default. Examples
 	$str = do_hash($str, 'md5'); // MD5
 
 .. note:: This function was formerly named dohash(), which has been
-	deprecated in favor of `do_hash()`.
+	removed in favor of `do_hash()`.
 
 strip_image_tags()
 ==================
diff --git a/user_guide_src/source/helpers/string_helper.rst b/user_guide_src/source/helpers/string_helper.rst
index dc70e461a..2d23fb00c 100644
--- a/user_guide_src/source/helpers/string_helper.rst
+++ b/user_guide_src/source/helpers/string_helper.rst
@@ -108,6 +108,36 @@ found in http://. Example
 	$string = "http://example.com//index.php";
 	echo reduce_double_slashes($string); // results in "http://example.com/index.php"
 
+strip_slashes()
+===============
+
+Removes any slashes from a string. Example
+
+::
+
+	$str = "Is your name O\'reilly?";
+	echo strip_slashes($str); // results in Is your name O'reilly?
+
+You can also use an array. Example
+
+::
+	
+	$str = array(
+		'question'  => 'Is your name O\'reilly?',
+		'answer' => 'No, my name is O\'connor.'
+	);
+	
+	$str = strip_slashes($str);
+	
+The above will return the following array:
+
+::
+
+	array(
+		'question'  => "Is your name O'reilly?",
+		'answer' => "No, my name is O'connor."
+	);
+
 trim_slashes()
 ==============
 
diff --git a/user_guide_src/source/libraries/sessions.rst b/user_guide_src/source/libraries/sessions.rst
index ef32f5d71..e8332ee97 100644
--- a/user_guide_src/source/libraries/sessions.rst
+++ b/user_guide_src/source/libraries/sessions.rst
@@ -209,6 +209,10 @@ set_userdata().
 To read a flashdata variable::
 
 	$this->session->flashdata('item');
+	
+An array of all flashdata can be retrieved as follows::
+
+	$this->session->all_flashdata();
 
 
 If you find that you need to preserve a flashdata variable through an