summaryrefslogtreecommitdiffstats
path: root/user_guide/general/security.html
diff options
context:
space:
mode:
Diffstat (limited to 'user_guide/general/security.html')
-rw-r--r--user_guide/general/security.html19
1 files changed, 18 insertions, 1 deletions
diff --git a/user_guide/general/security.html b/user_guide/general/security.html
index 8a41dff9d..c47b5b25e 100644
--- a/user_guide/general/security.html
+++ b/user_guide/general/security.html
@@ -28,7 +28,7 @@
<div id="masthead">
<table cellpadding="0" cellspacing="0" border="0" style="width:100%">
<tr>
-<td><h1>CodeIgniter User Guide Version 2.0.0</h1></td>
+<td><h1>CodeIgniter User Guide Version 2.0.1</h1></td>
<td id="breadcrumb_right"><a href="../toc.html">Table of Contents Page</a></td>
</tr>
</table>
@@ -87,6 +87,23 @@ array is <strong>unset</strong> by the Input class during system initialization.
<p>During system initialization all global variables are unset, except those found in the $_POST and $_COOKIE arrays. The unsetting
routine is effectively the same as register_globals = off.</p>
+<a name="error_reporting"></a>
+<h2>error_reporting</h2>
+
+<p>
+ In production environments, it is typically desirable to disable PHP's
+ error reporting by setting the internal error_reporting flag to a value of 0. This disables native PHP
+ errors from being rendered as output, which may potentially contain
+ sensitive information.
+</p>
+
+<p>
+ Setting CodeIgniter's <kbd>ENVIRONMENT</kbd> constant in index.php to a
+ value of '<kbd>production</kbd>' will turn off these errors. In development
+ mode, it is recommended that a value of '<kbd>development</kbd>' is used.
+ More information about differentiating between environments can be found
+ on the <a href="environments.html">Handling Environments</a> page.
+</p>
<h2>magic_quotes_runtime</h2>