diff options
Diffstat (limited to 'user_guide_src/source')
| -rw-r--r-- | user_guide_src/source/changelog.rst | 17 | ||||
| -rw-r--r-- | user_guide_src/source/database/results.rst | 9 | ||||
| -rw-r--r-- | user_guide_src/source/general/creating_libraries.rst | 16 | ||||
| -rw-r--r-- | user_guide_src/source/libraries/form_validation.rst | 106 | ||||
| -rw-r--r-- | user_guide_src/source/libraries/input.rst | 16 | ||||
| -rw-r--r-- | user_guide_src/source/overview/at_a_glance.rst | 2 |
6 files changed, 125 insertions, 41 deletions
diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index a1aa47cf2..d71fc8b3f 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -62,6 +62,9 @@ Release Date: Not Released - pg_version() is now used to get the database version number, when possible. - Added db_set_charset() support. - Added _optimize_table() support for the :doc:`Database Utility Class <database/utilities>` (rebuilds table indexes). + - Added a constructor to the DB_result class and moved all driver-specific properties and logic out of the base DB_driver class to allow better abstraction. + - Removed limit() and order_by() support for UPDATE and DELETE queries in PostgreSQL driver. Postgres does not support those features. + - Removed protect_identifiers() and renamed _protect_identifiers() to it instead - it was just an alias. - Libraries @@ -85,6 +88,8 @@ Release Date: Not Released - Added $config['csrf_regeneration'] to the CSRF protection in the :doc:`Security library <libraries/security>`, which makes token regeneration optional. - :doc:`Form Validation library <libraries/form_validation>` changes include: - Added method error_array() to return all error messages as an array. + - Added method set_data() to set an alternative data array to be validated instead of the default $_POST. + - Added method reset_validation(), which resets internal validation variables in case of multiple validation routines. - _execute() now considers input data to be invalid if a specified rule is not found. - Removed method is_numeric() as it exists as a native PHP function and _execute() will find and use that (the 'is_numeric' rule itself is deprecated since 1.6.1). - Native PHP functions used as rules can now accept an additional parameter, other than the data itself. @@ -96,6 +101,8 @@ Release Date: Not Released - Removed CI_CORE boolean constant from CodeIgniter.php (no longer Reactor and Core versions). - Added method get_vars() to CI_Loader to retrieve all variables loaded with $this->load->vars(). - is_loaded() function from system/core/Commons.php now returns a reference. + - $config['rewrite_short_tags'] now has no effect when using PHP 5.4 as *<?=* will always be available. + - Added method() to CI_Input to retrieve $_SERVER['REQUEST_METHOD']. Bug fixes for 3.0 ------------------ @@ -140,6 +147,13 @@ Bug fixes for 3.0 - Fixed a bug (#1101) - MySQL/MySQLi result method field_data() was implemented as if it was handling a DESCRIBE result instead of the actual result set. - Fixed a bug in Oracle's :doc:`Database Forge Class <database/forge>` method _create_table() where it failed with AUTO_INCREMENT as it's not supported. - Fixed a bug (#1080) - When using the SMTP protocol, the :doc:`Email Library <libraries/email>` send() method was returning TRUE even if the connection/authentication against the server failed. +- Fixed a bug (#499) - a CSRF cookie was created even with CSRF protection being disabled. +- Fixed a bug (#306) - ODBC's insert_id() method was calling non-existent function odbc_insert_id(), which resulted in a fatal error. +- Fixed a bug in Oracle's DB_result class where the cursor id passed to it was always NULL. +- Fixed a bug (#64) - Regular expression in DB_active_rec.php failed to handle queries containing SQL bracket delimiters in the join condition. +- Fixed a bug in the :doc:`Session Library <libraries/sessions>` where a PHP E_NOTICE error was triggered by _unserialize() due to results from databases such as MSSQL and Oracle being space-padded on the right. +- Fixed a bug (#501) - set_rules() to check if the request method is not 'POST' before aborting, instead of depending on count($_POST) in the :doc:`Form Validation Library <libraries/form_validation>`. +- Fixed a bug (#940) - csrf_verify() used to set the CSRF cookie while processing a POST request with no actual POST data, which resulted in validating a request that should be considered invalid. - Fixed a bug (#11, #183, #863) - CI_Form_validation::_execute() silently continued to the next rule, if a rule method/function is not found. Version 2.1.1 @@ -153,6 +167,8 @@ Release Date: November 14, 2011 - Libraries - Further improved MIME type detection in the :doc:`File Uploading Library <libraries/file_uploading>`. +- Helpers + - url_title() performance and output improved. You can now use any string as the word delimiter, but 'dash' and 'underscore' are still supported. Bug fixes for 2.1.1 ------------------- @@ -161,6 +177,7 @@ Bug fixes for 2.1.1 - Fixed a bug - form_open() compared $action against site_url() instead of base_url(). - Fixed a bug - CI_Upload::_file_mime_type() could've failed if mime_content_type() is used for the detection and returns FALSE. - Fixed a bug (#538) - Windows paths were ignored when using the :doc:`Image Manipulation Library <libraries/image_lib>` to create a new file. +- Fixed a bug - When database caching was enabled, $this->db->query() checked the cache before binding variables which resulted in cached queries never being found Version 2.1.0 ============= diff --git a/user_guide_src/source/database/results.rst b/user_guide_src/source/database/results.rst index 4f93c794d..865345762 100644 --- a/user_guide_src/source/database/results.rst +++ b/user_guide_src/source/database/results.rst @@ -150,6 +150,12 @@ is the variable that the query result object is assigned to:: echo $query->num_rows(); +.. note:: + Not all database drivers have a native way of getting the total + number of rows for a result set. When this is the case, all of + the data is prefetched and count() is manually called on the + resulting array in order to achieve the same functionality. + $query->num_fields() ===================== @@ -182,5 +188,4 @@ Example:: $row = $query2->row(); echo $row->name; - $query2->free_result();// The $query2 result object will no longer be available - + $query2->free_result(); // The $query2 result object will no longer be available diff --git a/user_guide_src/source/general/creating_libraries.rst b/user_guide_src/source/general/creating_libraries.rst index bc545b483..673fbd4bb 100644 --- a/user_guide_src/source/general/creating_libraries.rst +++ b/user_guide_src/source/general/creating_libraries.rst @@ -188,17 +188,23 @@ application/libraries/MY_Email.php, and declare your class with:: } -Note: If you need to use a constructor in your class make sure you +If you need to use a constructor in your class make sure you extend the parent constructor:: class MY_Email extends CI_Email { - public function __construct() - { - parent::__construct(); - } + public function __construct($config = array()) + { + parent::__construct($config); + } + } +.. note:: + Not all of the libraries have the same (or any) parameters + in their constructor. Take a look at the library that you're + extending first to see how it should be implemented. + Loading Your Sub-class ---------------------- diff --git a/user_guide_src/source/libraries/form_validation.rst b/user_guide_src/source/libraries/form_validation.rst index c429e5c14..438e4c1fb 100644 --- a/user_guide_src/source/libraries/form_validation.rst +++ b/user_guide_src/source/libraries/form_validation.rst @@ -579,7 +579,30 @@ must supply it as an array to the function. Example:: For more info please see the :ref:`using-arrays-as-field-names` section below. -.. _saving-groups: +Validating an Array (other than $_POST) +======================================= + +Sometimes you may want to validate an array that does not originate from $_POST data. + +In this case, you can specify the array to be validated:: + + $data = array( + 'username' => 'johndoe', + 'password' => 'mypassword', + 'passconf' => 'mypassword' + ); + + $this->form_validation->set_data($data); + +Creating validation rules, running the validation and retrieving error messages works the same whether you are +validating $_POST data or an array. + +**Important Note:** If you want to validate more than one array during a single execution, then you should +call the reset_validation() function before setting up rules and validating the new array. + +For more info please see the :ref:`function-reference` section below. + +-.. _saving-groups: ************************************************ Saving Sets of Validation Rules to a Config File @@ -823,34 +846,40 @@ Rule Reference The following is a list of all the native rules that are available to use: -======================= ========== ============================================================================================= ======================= -Rule Parameter Description Example -======================= ========== ============================================================================================= ======================= -**required** No Returns FALSE if the form element is empty. -**matches** Yes Returns FALSE if the form element does not match the one in the parameter. matches[form_item] -**is_unique** Yes Returns FALSE if the form element is not unique to the is_unique[table.field] - table and field name in the parameter. is_unique[table.field] -**max_length** Yes Returns FALSE if the form element is longer then the parameter value. max_length[12] -**exact_length** Yes Returns FALSE if the form element is not exactly the parameter value. exact_length[8] -**greater_than** Yes Returns FALSE if the form element is less than the parameter value or not numeric. greater_than[8] -**less_than** Yes Returns FALSE if the form element is greater than the parameter value or not numeric. less_than[8] -**alpha** No Returns FALSE if the form element contains anything other than alphabetical characters. -**alpha_numeric** No Returns FALSE if the form element contains anything other than alpha-numeric characters. -**alpha_dash** No Returns FALSE if the form element contains anything other than alpha-numeric characters, - underscores or dashes. -**numeric** No Returns FALSE if the form element contains anything other than numeric characters. -**integer** No Returns FALSE if the form element contains anything other than an integer. -**decimal** Yes Returns FALSE if the form element is not exactly the parameter value. -**is_natural** No Returns FALSE if the form element contains anything other than a natural number: - 0, 1, 2, 3, etc. -**is_natural_no_zero** No Returns FALSE if the form element contains anything other than a natural - number, but not zero: 1, 2, 3, etc. -**is_unique** Yes Returns FALSE if the form element is not unique in a database table. is_unique[table.field] -**valid_email** No Returns FALSE if the form element does not contain a valid email address. -**valid_emails** No Returns FALSE if any value provided in a comma separated list is not a valid email. -**valid_ip** No Returns FALSE if the supplied IP is not valid. -**valid_base64** No Returns FALSE if the supplied string contains anything other than valid Base64 characters. -======================= ========== ============================================================================================= ======================= +========================= ========== ============================================================================================= ======================= +Rule Parameter Description Example +========================= ========== ============================================================================================= ======================= +**required** No Returns FALSE if the form element is empty. +**matches** Yes Returns FALSE if the form element does not match the one in the parameter. matches[form_item] +**is_unique** Yes Returns FALSE if the form element is not unique to the is_unique[table.field] + table and field name in the parameter. is_unique[table.field] +**max_length** Yes Returns FALSE if the form element is longer then the parameter value. max_length[12] +**exact_length** Yes Returns FALSE if the form element is not exactly the parameter value. exact_length[8] +**greater_than** Yes Returns FALSE if the form element is less than or equal to the parameter value or not greater_than[8] + numeric. +**greater_than_equal_to** Yes Returns FALSE if the form element is less than the parameter value, greater_than_equal_to[8] + or not numeric. +**less_than** Yes Returns FALSE if the form element is greater than or equal to the parameter value or less_than[8] + not numeric. +**less_than_equal_to** Yes Returns FALSE if the form element is greater than the parameter value, less_than_equal_to[8] + or not numeric. +**alpha** No Returns FALSE if the form element contains anything other than alphabetical characters. +**alpha_numeric** No Returns FALSE if the form element contains anything other than alpha-numeric characters. +**alpha_dash** No Returns FALSE if the form element contains anything other than alpha-numeric characters, + underscores or dashes. +**numeric** No Returns FALSE if the form element contains anything other than numeric characters. +**integer** No Returns FALSE if the form element contains anything other than an integer. +**decimal** No Returns FALSE if the form element contains anything other than a decimal number. +**is_natural** No Returns FALSE if the form element contains anything other than a natural number: + 0, 1, 2, 3, etc. +**is_natural_no_zero** No Returns FALSE if the form element contains anything other than a natural + number, but not zero: 1, 2, 3, etc. +**is_unique** Yes Returns FALSE if the form element is not unique in a database table. is_unique[table.field] +**valid_email** No Returns FALSE if the form element does not contain a valid email address. +**valid_emails** No Returns FALSE if any value provided in a comma separated list is not a valid email. +**valid_ip** No Returns FALSE if the supplied IP is not valid. +**valid_base64** No Returns FALSE if the supplied string contains anything other than valid Base64 characters. +========================= ========== ============================================================================================= ======================= .. note:: These rules can also be called as discrete functions. For example:: @@ -931,6 +960,24 @@ $this->form_validation->set_message(); Permits you to set custom error messages. See :ref:`setting-error-messages` +$this->form_validation->set_data(); +======================================== + + .. php:method:: set_data ($data = '') + + :param array $data: The data to validate + + Permits you to set an array for validation, instead of using the default + $_POST array. + +$this->form_validation->reset_validation(); +======================================== + + .. php:method:: reset_validation () + + Permits you to reset the validation when you validate more than one array. + This function should be called before validating each new array. + $this->form_validation->error_array(); ======================================== @@ -1021,4 +1068,3 @@ This function is identical to the **set_checkbox()** function above. <input type="radio" name="myradio" value="1" <?php echo set_radio('myradio', '1', TRUE); ?> /> <input type="radio" name="myradio" value="2" <?php echo set_radio('myradio', '2'); ?> /> - diff --git a/user_guide_src/source/libraries/input.rst b/user_guide_src/source/libraries/input.rst index bcf117358..1f2ea650a 100644 --- a/user_guide_src/source/libraries/input.rst +++ b/user_guide_src/source/libraries/input.rst @@ -99,7 +99,7 @@ The function returns FALSE (boolean) if there are no items in the POST. :: - $this->input->post(NULL, TRUE); // returns all POST items with XSS filter + $this->input->post(NULL, TRUE); // returns all POST items with XSS filter $this->input->post(); // returns all POST items without XSS filter $this->input->get() @@ -119,9 +119,9 @@ The function returns FALSE (boolean) if there are no items in the GET. :: - $this->input->get(NULL, TRUE); // returns all GET items with XSS filter + $this->input->get(NULL, TRUE); // returns all GET items with XSS filter $this->input->get(); // returns all GET items without XSS filtering - + $this->input->get_post() ========================= @@ -298,3 +298,13 @@ see if PHP is being run on the command line. $this->input->is_cli_request() +$this->input->method(); +===================================== + +Returns the $_SERVER['REQUEST_METHOD'], optional set uppercase or lowercase (default lowercase). + +:: + + echo $this->input->method(TRUE); // Outputs: POST + echo $this->input->method(FALSE); // Outputs: post + echo $this->input->method(); // Outputs: post diff --git a/user_guide_src/source/overview/at_a_glance.rst b/user_guide_src/source/overview/at_a_glance.rst index 31f0b4dd9..6dcfdbb14 100644 --- a/user_guide_src/source/overview/at_a_glance.rst +++ b/user_guide_src/source/overview/at_a_glance.rst @@ -41,7 +41,7 @@ CodeIgniter Uses M-V-C CodeIgniter uses the Model-View-Controller approach, which allows great separation between logic and presentation. This is particularly good for projects in which designers are working with your template files, as the -code these file contain will be minimized. We describe MVC in more +code these files contain will be minimized. We describe MVC in more detail on its own page. CodeIgniter Generates Clean URLs |