summaryrefslogtreecommitdiffstats
path: root/user_guide
diff options
context:
space:
mode:
Diffstat (limited to 'user_guide')
-rw-r--r--user_guide/changelog.html47
-rw-r--r--user_guide/database/active_record.html4
-rw-r--r--user_guide/database/configuration.html4
-rw-r--r--user_guide/helpers/string_helper.html11
-rw-r--r--user_guide/images/appflowchart.gifbin25276 -> 12363 bytes
-rw-r--r--user_guide/libraries/cart.html20
-rw-r--r--user_guide/libraries/form_validation.html30
-rw-r--r--user_guide/libraries/input.html18
-rw-r--r--user_guide/overview/appflow.html2
9 files changed, 98 insertions, 38 deletions
diff --git a/user_guide/changelog.html b/user_guide/changelog.html
index c52a33e5a..15872c1ac 100644
--- a/user_guide/changelog.html
+++ b/user_guide/changelog.html
@@ -59,6 +59,48 @@ Change Log
<p>The <img src="images/reactor-bullet.png" width="16" height="16" alt="Reactor Marker" /> indicates items that were contributed to CodeIgniter via CodeIgniter Reactor.</p>
+<h2>Version 2.1.0 (planned)</h2>
+<p>Release Date: Not Released</p>
+
+<ul>
+ <li>General Changes
+ <ul>
+ <li class="reactor">Callback validation rules can now accept parameters like any other validation rule.</li>
+ </ul>
+ </li>
+ <li>Helpers
+ <ul>
+ <li class="reactor">Added <samp>increment_string()</samp> to <a href="helpers/string_helper.html">String Helper</a> to turn "foo" into "foo-1" or "foo-1" into "foo-2".</li>
+ <li>Altered form helper - made action on form_open_multipart helper function call optional. Fixes (#65)</li>
+ </ul>
+ </li>
+ <li>Database
+ <ul>
+ <li class="reactor">Added a <a href="http://www.cubrid.org/" target="_blank">CUBRID</a> driver to the <a href="libraries/database.html">Database Driver</a>. Thanks to the CUBRID team for supplying this patch.</li>
+ <li class="reactor">Typecast limit and offset in the <a href="database/queries.html">Database Driver</a> to integers to avoid possible injection.</li>
+ </ul>
+ </li>
+ <li>Libraries
+ <ul>
+ <li class="reactor">Changed <kbd>$this->cart->insert()</kbd> in the <a href="libraries/cart.html">Cart Library</a> to return the Row ID if a single item was inserted successfully.</li>
+ <li class="reactor">Added support to set an optional parameter in your callback rules of validation using the <a href="libraries/form_validation.html">Form Validation Library</a>.</li>
+ <li class="reactor">Added a <a href="libraries/migration.html">Migration Library</a> to assist with applying incremental updates to your database schema.</li>
+ <li class="reactor">Driver children can be located in any package path.</li>
+ </ul>
+ </li>
+</ul>
+
+<h3>Bug fixes for 2.1.0</h3>
+<ul>
+ <li class="reactor">Fixed #378 Robots identified as regular browsers by the User Agent class.</li>
+ <li class="reactor">If a config class was loaded first then a library with the same name is loaded, the config would be ignored.</li>
+ <li class="reactor">Fixed a bug (Reactor #19) where 1) the 404_override route was being ignored in some cases, and 2) auto-loaded libraries were not available to the 404_override controller when a controller existed but the requested method did not.</li>
+ <li class="rector">Fixed a bug (Reactor #89) where MySQL export would fail if the table had hyphens or other non alphanumeric/underscore characters.</li>
+ <li class="reactor">Fixed a bug (#200) where MySQL queries would be malformed after calling <samp>count_all()</samp> then <samp>db->get()</samp></li>
+ <li>Fixed a bug (#181) where a mis-spelling was in the form validation language file.</li>
+ <li>Fixed a bug (#160) - Removed unneeded array copy in the file cache driver.</li>
+</ul>
+
<h2>Version 2.0.3</h2>
<p>Release Date: August 20, 2011</p>
@@ -67,6 +109,7 @@ Change Log
<ul>
<li>An improvement was made to the MySQL and MySQLi drivers to prevent exposing a potential vector for SQL injection on sites using multi-byte character sets in the database client connection. <p>An incompatibility in PHP versions &lt; 5.2.3 and MySQL &lt; 5.0.7 with <em>mysql_set_charset()</em> creates a situation where using multi-byte character sets on these environments may potentially expose a SQL injection attack vector. Latin-1, UTF-8, and other "low ASCII" character sets are unaffected on all environments.</p> <p class="critical">If you are running or considering running a multi-byte character set for your database connection, please pay close attention to the server environment you are deploying on to ensure you are not vulnerable.</p></li>
</ul>
+ </li>
<li>General Changes
<ul>
<li>Fixed a bug where there was a misspelling within a code comment in the index.php file.</li>
@@ -81,6 +124,8 @@ Change Log
<li>Helpers
<ul>
<li>Added an optional third parameter to <samp>heading()</samp> which allows adding html attributes to the rendered heading tag.</li>
+ <li class="reactor"><kbd>form_open()</kbd> now only adds a hidden (Cross-site Reference Forgery) protection field when the form's action is internal and is set to the post method. (Reactor #165)</li>
+ <li class="reactor">Re-worked <samp>plural()</samp> and <samp>singular()</samp> functions in the <a href="helpers/inflector_helper.html">Inflector helper</a> to support considerably more words.</li>
</ul>
</li>
<li>Libraries
@@ -90,7 +135,7 @@ Change Log
<li class="reactor">Added <kbd>$this->db->set_dbprefix()</kbd> to the <a href="database/queries.html">Database Driver</a>.</li>
<li class="reactor">Changed <kbd>$this->cart->insert()</kbd> in the <a href="libraries/cart.html">Cart Library</a> to return the Row ID if a single item was inserted successfully.</li>
<li class="reactor">Added <kbd>$this->load->get_var()</kbd> to the <a href="libraries/loader.html">Loader library</a> to retrieve global vars set with <kbd>$this->load->view()</kbd> and <kbd>$this->load->vars()</kbd>.</li>
- <li>Changed <kbd>$this->db->having()</kbd> to insert quotes using escape() rather than escape_str().</li>
+ <li class="reactor">Changed <kbd>$this->db->having()</kbd> to insert quotes using escape() rather than escape_str().</li>
</ul>
</li>
</ul>
diff --git a/user_guide/database/active_record.html b/user_guide/database/active_record.html
index 3f44fcd5b..6609d287e 100644
--- a/user_guide/database/active_record.html
+++ b/user_guide/database/active_record.html
@@ -525,7 +525,7 @@ $this->db->insert('mytable', $object);
<p>Generates an insert string based on the data you supply, and runs the query. You can either pass an
<strong>array</strong> or an <strong>object</strong> to the function. Here is an example using an array:</p>
-<code>
+<code>
$data = array(<br/>
&nbsp;&nbsp;&nbsp;array(<br />
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;'title' => 'My title' ,<br />
@@ -537,7 +537,7 @@ $data = array(<br/>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;'name' => 'Another Name' ,<br />
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;'date' => 'Another date'<br />
&nbsp;&nbsp;&nbsp;)<br/>
-);<br />
+);<br />
<br />
$this->db->update_batch('mytable', $data);
<br /><br />
diff --git a/user_guide/database/configuration.html b/user_guide/database/configuration.html
index bbdd0a3c0..f06b08fe8 100644
--- a/user_guide/database/configuration.html
+++ b/user_guide/database/configuration.html
@@ -132,8 +132,8 @@ for the primary connection, but it too can be renamed to something more relevant
<li><strong>cache_on</strong> - TRUE/FALSE (boolean) - Whether database query caching is enabled, see also <a href="caching.html">Database Caching Class</a>.</li>
<li><strong>cachedir</strong> - The absolute server path to your database query cache directory.</li>
<li><strong>char_set</strong> - The character set used in communicating with the database.</li>
-<li><strong>dbcollat</strong> - The character collation used in communicating with the database. <p class="important"><strong>Note:</strong> For MySQL and MySQLi databases, this setting is only used as a backup if your server is running PHP &lt; 5.2.3 or MySQL &lt; 5.0.7. There is an incompatibility in PHP with mysql_real_escape_string() which can make your site vulnerable to SQL injection if you are using a multi-byte character set and are running versions lower than these. Sites using Latin-1 or UTF-8 database character set and collation are unaffected.</p></li>
-<li><strong>swap_pre</strong> - A default table prefix that should be swapped with <var>dbprefix</var>. This is useful for distributed applications where you might run manually written queries, and need the prefix to still be customizable by the end user.</li>
+<li><strong>dbcollat</strong> - The character collation used in communicating with the database. <p class="important"><strong>Note:</strong> For MySQL and MySQLi databases, this setting is only used as a backup if your server is running PHP &lt; 5.2.3 or MySQL &lt; 5.0.7 (and in table creation queries made with DB Forge). There is an incompatibility in PHP with mysql_real_escape_string() which can make your site vulnerable to SQL injection if you are using a multi-byte character set and are running versions lower than these. Sites using Latin-1 or UTF-8 database character set and collation are unaffected.</p></li>
+<li><strong>swap_pre</strong> - A default table prefix that should be swapped with <var>dbprefix</var>. This is useful for distributed applications where you might run manually written queries, and need the prefix to still be customizable by the end user.</li>
<li><strong>autoinit</strong> - Whether or not to automatically connect to the database when the library loads. If set to false, the connection will take place prior to executing the first query.</li>
<li><strong>stricton</strong> - TRUE/FALSE (boolean) - Whether to force "Strict Mode" connections, good for ensuring strict SQL while developing an application.</li>
<li><strong>port</strong> - The database port number. To use this value you have to add a line to the database config array.<code>$db['default']['port'] = 5432;</code>
diff --git a/user_guide/helpers/string_helper.html b/user_guide/helpers/string_helper.html
index a3dc16598..314124037 100644
--- a/user_guide/helpers/string_helper.html
+++ b/user_guide/helpers/string_helper.html
@@ -90,6 +90,17 @@ String Helper
<code>echo random_string('alnum', 16);</code>
+<h2>increment_string()</h2>
+
+<p>Increments a string by appending a number to it or increasing the number. Useful for creating "copies" or a file or duplicating database content which has unique titles or slugs.</p>
+
+<p>Usage example:</p>
+
+<code>echo increment_string('file', '_'); // "file_1"<br/>
+echo increment_string('file', '-', 2); // "file-2"<br/>
+echo increment_string('file-4'); // "file-5"<br/></code>
+
+
<h2>alternator()</h2>
<p>Allows two or more items to be alternated between, when cycling through a loop. Example:</p>
diff --git a/user_guide/images/appflowchart.gif b/user_guide/images/appflowchart.gif
index 422332c9e..4328e48fe 100644
--- a/user_guide/images/appflowchart.gif
+++ b/user_guide/images/appflowchart.gif
Binary files differ
diff --git a/user_guide/libraries/cart.html b/user_guide/libraries/cart.html
index 3471eeb7e..f1e8473e7 100644
--- a/user_guide/libraries/cart.html
+++ b/user_guide/libraries/cart.html
@@ -61,7 +61,7 @@ Shopping Cart Class
<p>The Cart Class permits items to be added to a session that stays active while a user is browsing your site.
These items can be retrieved and displayed in a standard "shopping cart" format, allowing the user to update the quantity or remove items from the cart.</p>
-<p>Please note that the Cart Class ONLY provides the core "cart" functionality. It does not provide shipping, credit card authorization, or other processing components.</p>
+<p>Please note that the Cart Class ONLY provides the core "cart" functionality. It does not provide shipping, credit card authorization, or other processing components.</p>
<h2>Initializing the Shopping Cart Class</h2>
@@ -106,20 +106,20 @@ It is intended to be used in cases where your product has options associated wit
<li><strong>qty</strong> - The quantity being purchased.
<li><strong>price</strong> - The price of the item.
<li><strong>name</strong> - The name of the item.
-<li><strong>options</strong> - Any additional attributes that are needed to identify the product. These must be passed via an array.
+<li><strong>options</strong> - Any additional attributes that are needed to identify the product. These must be passed via an array.
</ul>
<p>In addition to the five indexes above, there are two reserved words: <dfn>rowid</dfn> and <dfn>subtotal</dfn>. These are used internally by the Cart class, so
please do NOT use those words as index names when inserting data into the cart.</p>
-<p>Your array may contain additional data. Anything you include in your array will be stored in the session. However, it is best to standardize your data among
-all your products in order to make displaying the information in a table easier.</p>
+<p>Your array may contain additional data. Anything you include in your array will be stored in the session. However, it is best to standardize your data among all your products in order to make displaying the information in a table easier.</p>
+
+<p>The insert() method will return the $rowid if you successfully insert a single item.</p>
<h2>Adding Multiple Items to The Cart</h2>
-<p>By using a multi-dimensional array, as shown below, it is possible to add multiple products to the cart in one action. This is useful in cases where you wish to allow
-people to select from among several items on the same page.</p>
+<p>By using a multi-dimensional array, as shown below, it is possible to add multiple products to the cart in one action. This is useful in cases where you wish to allow people to select from among several items on the same page.</p>
<code>
@@ -268,8 +268,8 @@ $this->cart->update($data);
<p><strong>What is a Row ID?</strong>&nbsp; The <kbd>row ID</kbd> is a unique identifier that is generated by the cart code when an item is added to the cart. The reason a
unique ID is created is so that identical products with different options can be managed by the cart.</p>
-<p>For example, let's say someone buys two identical t-shirts (same product ID), but in different sizes. The product ID (and other attributes) will be
-identical for both sizes because it's the same shirt. The only difference will be the size. The cart must therefore have a means of identifying this
+<p>For example, let's say someone buys two identical t-shirts (same product ID), but in different sizes. The product ID (and other attributes) will be
+identical for both sizes because it's the same shirt. The only difference will be the size. The cart must therefore have a means of identifying this
difference so that the two sizes of shirts can be managed independently. It does so by creating a unique "row ID" based on the product ID and any options associated with it.</p>
<p>In nearly all cases, updating the cart will be something the user does via the "view cart" page, so as a developer, it is unlikely that you will ever have to concern yourself
@@ -311,7 +311,7 @@ function when the update form is submitted. Please examine the construction of t
<h2>$this->cart->has_options(rowid);</h2>
-<p>Returns TRUE (boolean) if a particular row in the cart contains options. This function is designed to be used in a loop with <dfn>$this->cart->contents()</dfn>, since you must pass the <kbd>rowid</kbd> to this function, as shown in the <dfn>Displaying the Cart</dfn> example above.</p>
+<p>Returns TRUE (boolean) if a particular row in the cart contains options. This function is designed to be used in a loop with <dfn>$this->cart->contents()</dfn>, since you must pass the <kbd>rowid</kbd> to this function, as shown in the <dfn>Displaying the Cart</dfn> example above.</p>
<h2>$this->cart->product_options(rowid);</h2>
@@ -322,7 +322,7 @@ function when the update form is submitted. Please examine the construction of t
<h2>$this->cart->destroy();</h2>
-<p>Permits you to destroy the cart. This function will likely be called when you are finished processing the customer's order.</p>
+<p>Permits you to destroy the cart. This function will likely be called when you are finished processing the customer's order.</p>
diff --git a/user_guide/libraries/form_validation.html b/user_guide/libraries/form_validation.html
index 7c544b69f..d9d8a4502 100644
--- a/user_guide/libraries/form_validation.html
+++ b/user_guide/libraries/form_validation.html
@@ -390,10 +390,10 @@ $this->form_validation->set_rules($config);
<p>CodeIgniter lets you pipe multiple rules together. Let's try it. Change your rules in the third parameter of rule setting function, like this:</p>
<code>
-$this->form_validation->set_rules('username', 'Username', 'required|min_length[5]|max_length[12]');<br />
+$this->form_validation->set_rules('username', 'Username', 'required|min_length[5]|max_length[12]|is_unique[users.username]');<br />
$this->form_validation->set_rules('password', 'Password', 'required|matches[passconf]');<br />
$this->form_validation->set_rules('passconf', 'Password Confirmation', 'required');<br />
-$this->form_validation->set_rules('email', 'Email', 'required|valid_email');<br />
+$this->form_validation->set_rules('email', 'Email', 'required|valid_email|is_unique[users.email]');<br />
</code>
<p>The above code sets the following rules:</p>
@@ -508,15 +508,13 @@ create a callback function that does that. Let's create a example of this.</p>
<code>$this->form_validation->set_rules('username', 'Username', '<kbd>callback_username_check</kbd>');</code>
-
<p>Then add a new function called <dfn>username_check</dfn> to your controller. Here's how your controller should now look:</p>
-
-<textarea class="textarea" style="width:100%" cols="50" rows="44">&lt;?php
+<textarea class="textarea" style="width:100%" cols="50" rows="40">&lt;?php
class Form extends CI_Controller {
- function index()
+ public function index()
{
$this->load->helper(array('form', 'url'));
@@ -525,7 +523,7 @@ class Form extends CI_Controller {
$this->form_validation->set_rules('username', 'Username', 'callback_username_check');
$this->form_validation->set_rules('password', 'Password', 'required');
$this->form_validation->set_rules('passconf', 'Password Confirmation', 'required');
- $this->form_validation->set_rules('email', 'Email', 'required');
+ $this->form_validation->set_rules('email', 'Email', 'required|is_unique[users.email]');
if ($this->form_validation->run() == FALSE)
{
@@ -537,7 +535,7 @@ class Form extends CI_Controller {
}
}
- function username_check($str)
+ public function username_check($str)
{
if ($str == 'test')
{
@@ -556,14 +554,13 @@ class Form extends CI_Controller {
<p><dfn>Reload your form and submit it with the word "test" as the username. You can see that the form field data was passed to your
callback function for you to process.</dfn></p>
-<p><strong>To invoke a callback just put the function name in a rule, with "callback_" as the rule prefix.</strong></p>
+<p>To invoke a callback just put the function name in a rule, with "callback_" as the rule <strong>prefix</strong>. If you need
+to receive an extra parameter in your callback function, just add it normally after the function name between square brackets,
+as in: "callback_foo<strong>[bar]</strong>", then it will be passed as the second argument of your callback function.</p>
-<p>You can also process the form data that is passed to your callback and return it. If your callback returns anything other than a boolean TRUE/FALSE
+<p><strong>Note:</strong> You can also process the form data that is passed to your callback and return it. If your callback returns anything other than a boolean TRUE/FALSE
it is assumed that the data is your newly processed form data.</p>
-
-
-
<a name="settingerrors"></a>
<h2>Setting Error Messages</h2>
@@ -947,6 +944,13 @@ POST array:</p>
</tr>
<tr>
+ <td class="td"><strong>is_unique</strong></td>
+ <td class="td">Yes</td>
+ <td class="td">Returns FALSE if the form element is not unique to the table and field name in the parameter.</td>
+ <td class="td">is_unique[table.field]</td>
+ </tr>
+
+ <tr>
<td class="td"><strong>min_length</strong></td>
<td class="td">Yes</td>
<td class="td">Returns FALSE if the form element is shorter then the parameter value.</td>
diff --git a/user_guide/libraries/input.html b/user_guide/libraries/input.html
index 311f76ee9..77e28488a 100644
--- a/user_guide/libraries/input.html
+++ b/user_guide/libraries/input.html
@@ -73,11 +73,11 @@ Input Class
<p>The security filtering function is called automatically when a new <a href="../general/controllers.html">controller</a> is invoked. It does the following:</p>
<ul>
-<li>Destroys the global GET array. Since CodeIgniter does not utilize GET strings, there is no reason to allow it.</li>
+<li>If $config['allow_get_array'] is FALSE(default is TRUE), destroys the global GET array.</li>
<li>Destroys all global variables in the event register_globals is turned on.</li>
-<li>Filters the POST/COOKIE array keys, permitting only alpha-numeric (and a few other) characters.</li>
+<li>Filters the GET/POST/COOKIE array keys, permitting only alpha-numeric (and a few other) characters.</li>
<li>Provides XSS (Cross-site Scripting Hacks) filtering. This can be enabled globally, or upon request.</li>
-<li>Standardizes newline characters to \n</li>
+<li>Standardizes newline characters to \n(In Windows \r\n)</li>
</ul>
@@ -133,13 +133,13 @@ else<br />
<code>$this->input->post('some_data', TRUE);</code>
<p>To return an array of all POST items call without any parameters.</p>
-<p>To return all POST items and pass them through the XSS filter leave the first parameter blank while setting the second parameter to boolean;</p>
+<p>To return all POST items and pass them through the XSS filter set the first parameter NULL while setting the second parameter to boolean;</p>
<p>The function returns FALSE (boolean) if there are no items in the POST.</p>
<code>
- $this->input->post(); // returns all POST items with XSS filter
+ $this->input->post(NULL, TRUE); // returns all POST items with XSS filter
<br />
- $this->input->post(NULL, FALSE); // returns all POST items without XSS
+ $this->input->post(); // returns all POST items without XSS filter
</code>
<h2>$this->input->get()</h2>
@@ -149,13 +149,13 @@ else<br />
<code>$this->input->get('some_data', TRUE);</code>
<p>To return an array of all GET items call without any parameters.</p>
-<p>To return all GET items and pass them through the XSS filter leave the first parameter blank while setting the second parameter to boolean;</p>
+<p>To return all GET items and pass them through the XSS filter set the first parameter NULL while setting the second parameter to boolean;</p>
<p>The function returns FALSE (boolean) if there are no items in the GET.</p>
<code>
- $this->input->get(); // returns all GET items with XSS filter
+ $this->input->get(NULL, TRUE); // returns all GET items with XSS filter
<br />
- $this->input->get(NULL, FALSE); // returns all GET items without XSS filtering
+ $this->input->get(); // returns all GET items without XSS filtering
</code>
<h2>$this->input->get_post()</h2>
diff --git a/user_guide/overview/appflow.html b/user_guide/overview/appflow.html
index c6bf857b4..fbc68fab0 100644
--- a/user_guide/overview/appflow.html
+++ b/user_guide/overview/appflow.html
@@ -60,7 +60,7 @@ Appflow
<p>The following graphic illustrates how data flows throughout the system:</p>
-<div><img src="../images/appflowchart.gif" width="697" height="205" border="0" alt="CodeIgniter application flow" /></div>
+<div><img src="../images/appflowchart.gif" width="769" height="212" alt="CodeIgniter application flow"></div>
<ol>