summaryrefslogtreecommitdiffstats
path: root/user_guide_src/source
diff options
context:
space:
mode:
Diffstat (limited to 'user_guide_src/source')
-rw-r--r--user_guide_src/source/changelog.rst27
-rw-r--r--user_guide_src/source/database/queries.rst30
-rw-r--r--user_guide_src/source/database/query_builder.rst18
-rw-r--r--user_guide_src/source/general/models.rst6
-rw-r--r--user_guide_src/source/helpers/date_helper.rst12
-rw-r--r--user_guide_src/source/helpers/url_helper.rst26
-rw-r--r--user_guide_src/source/libraries/config.rst2
-rw-r--r--user_guide_src/source/libraries/encryption.rst2
-rw-r--r--user_guide_src/source/libraries/file_uploading.rst3
9 files changed, 86 insertions, 40 deletions
diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst
index 7748f9b37..dd6fa4603 100644
--- a/user_guide_src/source/changelog.rst
+++ b/user_guide_src/source/changelog.rst
@@ -30,9 +30,12 @@ Release Date: Not Released
- Added support for 3gp, 3g2, mp4, wmv, f4v, vlc Video files to mimes.php.
- Added support for m4a, aac, m4u, xspf, au, ac3, flac, ogg Audio files to mimes.php.
- Added support for kmz and kml (Google Earth) files to mimes.php.
- - Added support for ics Calendar files to mimes.php
+ - Added support for ics Calendar files to mimes.php.
+ - Added support for rar archives to mimes.php.
- Updated support for xml ('application/xml') and xsl ('application/xml', 'text/xsl') files in mimes.php.
- Updated support for doc files in mimes.php.
+ - Updated support for php files in mimes.php.
+ - Updated support for zip files in mimes.php.
- Added some more doctypes.
- Added Romanian and Greek characters in foreign_characters.php.
- Changed logger to only chmod when file is first created.
@@ -50,7 +53,10 @@ Release Date: Not Released
- :doc:`Date Helper <helpers/date_helper>` function now() now works with all timezone strings supported by PHP.
- ``create_captcha()`` accepts additional colors parameter, allowing for color customization.
- - ``url_title()`` will now trim extra dashes from beginning and end.
+ - :doc:`URL Helper <helpers/url_helper>` changes include:
+ - ``url_title()`` will now trim extra dashes from beginning and end.
+ - ``anchor_popup()`` will now fill the "href" attribute with the URL and its JS code will return false instead.
+ - Added JS window name support to ``anchor_popup()`` function.
- Added XHTML Basic 1.1 doctype to :doc:`HTML Helper <helpers/html_helper>`.
- Changed ``humanize()`` to include a second param for the separator.
- Refactored ``plural()`` and ``singular()`` to avoid double pluralization and support more words.
@@ -71,8 +77,7 @@ Release Date: Not Released
- Renamed the Active Record class to Query Builder to remove confusion with the Active Record design pattern.
- Added the ability to insert objects with insert_batch().
- Added new methods that return the SQL string of queries without executing them: get_compiled_select(), get_compiled_insert(), get_compiled_update(), get_compiled_delete().
- - Added an optional order_by() parameter that allows to disable escaping (useful for custom fields).
- - Added an optional join() parameter that allows to disable escaping.
+ - Added an optional parameter that allows to disable escaping (useful for custom fields) for methods join(), order_by(), where_in(), or_where_in(), where_not_in(), or_where_not_in().
- Added support for join() with multiple conditions.
- Improved support for the MySQLi driver, including:
- OOP style of the PHP extension is now used, instead of the procedural aliases.
@@ -161,12 +166,12 @@ Release Date: Not Released
- Core
- - Changed private functions in CI_URI to protected so MY_URI can override them.
+ - Changed private methods in the :doc:`URI Library <libraries/uri>` to protected so MY_URI can override them.
- Removed CI_CORE boolean constant from CodeIgniter.php (no longer Reactor and Core versions).
- - Added method get_vars() to CI_Loader to retrieve all variables loaded with $this->load->vars().
+ - Added method get_vars() to the :doc:`Loader Library <libraries/loader>` to retrieve all variables loaded with $this->load->vars().
- is_loaded() function from system/core/Commons.php now returns a reference.
- $config['rewrite_short_tags'] now has no effect when using PHP 5.4 as *<?=* will always be available.
- - Added method() to CI_Input to retrieve $_SERVER['REQUEST_METHOD'].
+ - Added method() to the :doc:`Input Library <libraries/input>` to retrieve $_SERVER['REQUEST_METHOD'].
- Modified valid_ip() to use PHP's filter_var() in the :doc:`Input Library <libraries/input>`.
- Added support for HTTP-Only cookies with new config option ``cookie_httponly`` (default FALSE).
- Renamed method _call_hook() to call_hook() in the :doc:`Hooks Library <general/hooks>`.
@@ -174,6 +179,8 @@ Release Date: Not Released
- Added get_mimes() function to system/core/Commons.php to return the config/mimes.php array.
- Added a second argument to set_content_type() in the :doc:`Output Library <libraries/output>` that allows setting the document charset as well.
- $config['time_reference'] now supports all timezone strings supported by PHP.
+ - Added support for HTTP code 303 ("See Other") in set_status_header().
+ - Changed :doc:`Config Library <libraries/config>` method site_url() to accept an array as well.
Bug fixes for 3.0
------------------
@@ -270,6 +277,12 @@ Bug fixes for 3.0
- Fixed a bug in protect_identifiers() where if passed along with the field names, operators got escaped as well.
- Fixed a bug (#10) - :doc:`URI Library <libraries/uri>` internal method _detect_uri() failed with paths containing a colon.
- Fixed a bug (#1387) - :doc:`Query Builder <database/query_builder>`'s from() method didn't escape table aliases.
+- Fixed a bug (#520) - :doc:`Date Helper <helpers/date_helper>` function nice_date() failed when the optional second parameter is not passed.
+- Fixed a bug (#167) - ``$config['permitted_uri_chars']`` didn't affect URL-encoded characters.
+- Fixed a bug (#318) - :doc:`Profiling <general/profiling>` setting *query_toggle_count* was not settable as described in the manual.
+- Fixed a bug (#938) - :doc:`Config Library <libraries/config>` method site_url() added a question mark to the URL string when query strings are enabled even if it already existed.
+- Fixed a bug (#999) - :doc:`Config Library <libraries/config>` method site_url() always appended ``$config['url_suffix']`` to the end of the URL string, regardless of wether a query string exists in it.
+- Fixed a bug where :doc:`URL Helper <helpers/url_helper>` function anchor_popup() ignored the attributes argument if it is not an array.
Version 2.1.1
=============
diff --git a/user_guide_src/source/database/queries.rst b/user_guide_src/source/database/queries.rst
index d23efecb3..11dd78392 100644
--- a/user_guide_src/source/database/queries.rst
+++ b/user_guide_src/source/database/queries.rst
@@ -21,11 +21,31 @@ this::
$this->db->simple_query();
===========================
-This is a simplified version of the $this->db->query() function. It ONLY
-returns TRUE/FALSE on success or failure. It DOES NOT return a database
-result set, nor does it set the query timer, or compile bind data, or
-store your query for debugging. It simply lets you submit a query. Most
-users will rarely use this function.
+This is a simplified version of the $this->db->query() method. It DOES
+NOT return a database result set, nor does it set the query timer, or
+compile bind data, or store your query for debugging. It simply lets you
+submit a query. Most users will rarely use this function.
+
+It returns whatever the database drivers' "execute" function returns.
+That typically is TRUE/FALSE on success or failure for write type queries
+such as INSERT, DELETE or UPDATE statements (which is what it really
+should be used for) and a resource/object on success for queries with
+fetchable results.
+
+::
+
+ if ($this->db->simple_query('YOUR QUERY'))
+ {
+ echo "Success!";
+ }
+ else
+ {
+ echo "Query failed!";
+ }
+
+.. note:: PostgreSQL's pg_exec() function always returns a resource on
+ success, even for write type queries. So take that in mind if
+ you're looking for a boolean value.
***************************************
Working with Database prefixes manually
diff --git a/user_guide_src/source/database/query_builder.rst b/user_guide_src/source/database/query_builder.rst
index 54e8df6b5..b86a0c8db 100644
--- a/user_guide_src/source/database/query_builder.rst
+++ b/user_guide_src/source/database/query_builder.rst
@@ -603,9 +603,9 @@ Here is an example using an object::
/*
class Myclass {
- var $title = 'My Title';
- var $content = 'My Content';
- var $date = 'My Date';
+ public $title = 'My Title';
+ public $content = 'My Content';
+ public $date = 'My Date';
}
*/
@@ -730,9 +730,9 @@ Or an object::
/*
class Myclass {
- var $title = 'My Title';
- var $content = 'My Content';
- var $date = 'My Date';
+ public $title = 'My Title';
+ public $content = 'My Content';
+ public $date = 'My Date';
}
*/
@@ -766,9 +766,9 @@ Or you can supply an object::
/*
class Myclass {
- var $title = 'My Title';
- var $content = 'My Content';
- var $date = 'My Date';
+ public $title = 'My Title';
+ public $content = 'My Content';
+ public $date = 'My Date';
}
*/
diff --git a/user_guide_src/source/general/models.rst b/user_guide_src/source/general/models.rst
index 87f63e416..2e1e025ee 100644
--- a/user_guide_src/source/general/models.rst
+++ b/user_guide_src/source/general/models.rst
@@ -18,9 +18,9 @@ model class might look like::
class Blog_model extends CI_Model {
- var $title = '';
- var $content = '';
- var $date = '';
+ public $title = '';
+ public $content = '';
+ public $date = '';
function __construct()
{
diff --git a/user_guide_src/source/helpers/date_helper.rst b/user_guide_src/source/helpers/date_helper.rst
index 1b7177fc2..b6dc2e934 100644
--- a/user_guide_src/source/helpers/date_helper.rst
+++ b/user_guide_src/source/helpers/date_helper.rst
@@ -247,16 +247,18 @@ Example
::
- $bad_time = 199605 // Should Produce: 1996-05-01
- $better_time = nice_date($bad_time,'Y-m-d');
- $bad_time = 9-11-2001 // Should Produce: 2001-09-11
- $better_time = nice_date($human,'Y-m-d');
+ $bad_date = '199605';
+ // Should Produce: 1996-05-01
+ $better_date = nice_date($bad_date, 'Y-m-d');
+
+ $bad_date = '9-11-2001';
+ // Should Produce: 2001-09-11
+ $better_date = nice_date($bad_date, 'Y-m-d');
timespan()
==========
Formats a unix timestamp so that is appears similar to this
-
::
1 Year, 10 Months, 2 Weeks, 5 Days, 10 Hours, 16 Minutes
diff --git a/user_guide_src/source/helpers/url_helper.rst b/user_guide_src/source/helpers/url_helper.rst
index e6d51b22b..3c91fd5dd 100644
--- a/user_guide_src/source/helpers/url_helper.rst
+++ b/user_guide_src/source/helpers/url_helper.rst
@@ -168,19 +168,20 @@ browser settings. Here is an example with attributes
::
- $atts = array(               
- 'width'      => '800',               
- 'height'     => '600',               
- 'scrollbars' => 'yes',               
- 'status'     => 'yes',               
- 'resizable'  => 'yes',               
- 'screenx'    => '0',               
- 'screeny'    => '0'             
+ $atts = array(
+ 'width' => '800',
+ 'height' => '600',
+ 'scrollbars' => 'yes',
+ 'status'      => 'yes',
+ 'resizable'   => 'yes',
+ 'screenx'     => '0',
+ 'screeny'     => '0',
+ 'window_name' => '_blank'
);
echo anchor_popup('news/local/123', 'Click Me!', $atts);
-Note: The above attributes are the function defaults so you only need to
+.. note:: The above attributes are the function defaults so you only need to
set the ones that are different from what you need. If you want the
function to use all of its defaults simply pass an empty array in the
third parameter
@@ -189,6 +190,13 @@ third parameter
echo anchor_popup('news/local/123', 'Click Me!', array());
+.. note:: The 'window_name' is not really an attribute, but an argument to
+ the JavaScript `window.open() <http://www.w3schools.com/jsref/met_win_open.asp>`
+ method, which accepts either a window name or a window target.
+
+.. note:: Any other attribute than the listed above will be parsed as an
+ HTML attribute to the anchor tag.
+
mailto()
========
diff --git a/user_guide_src/source/libraries/config.rst b/user_guide_src/source/libraries/config.rst
index 08d9c2905..694896353 100644
--- a/user_guide_src/source/libraries/config.rst
+++ b/user_guide_src/source/libraries/config.rst
@@ -175,7 +175,7 @@ This function retrieves the URL to your site, plus an optional path such
as to a stylesheet or image.
The two functions above are normally accessed via the corresponding
-functions in the :doc:`URL Helper </helpers/url_helper>`.
+functions in the :doc:`URL Helper <helpers/url_helper>`.
$this->config->system_url();
*****************************
diff --git a/user_guide_src/source/libraries/encryption.rst b/user_guide_src/source/libraries/encryption.rst
index 28bdca203..a38122203 100644
--- a/user_guide_src/source/libraries/encryption.rst
+++ b/user_guide_src/source/libraries/encryption.rst
@@ -26,7 +26,7 @@ key security so you may want to think carefully before using it for
anything that requires high security, like storing credit card numbers.
To take maximum advantage of the encryption algorithm, your key should
-be 32 characters in length (128 bits). The key should be as random a
+be 32 characters in length (256 bits). The key should be as random a
string as you can concoct, with numbers and uppercase and lowercase
letters. Your key should **not** be a simple text string. In order to be
cryptographically secure it needs to be as random as possible.
diff --git a/user_guide_src/source/libraries/file_uploading.rst b/user_guide_src/source/libraries/file_uploading.rst
index 414d84f0b..65cd5c722 100644
--- a/user_guide_src/source/libraries/file_uploading.rst
+++ b/user_guide_src/source/libraries/file_uploading.rst
@@ -215,6 +215,9 @@ Preference Default Value Options Descripti
that can not be discerned by the person uploading it.
**remove_spaces** TRUE TRUE/FALSE (boolean) If set to TRUE, any spaces in the file name will be converted to
underscores. This is recommended.
+**detect_mime** TRUE TRUE/FALSE (boolean) If set to TRUE, a server side detection of the file type will be
+ performed to avoid code injection attacks. DO NOT disable this option
+ unless you have no other option as that would cause a security risk.
============================ ================= ======================= ======================================================================
Setting preferences in a config file