summaryrefslogtreecommitdiffstats
path: root/user_guide_src
diff options
context:
space:
mode:
Diffstat (limited to 'user_guide_src')
-rw-r--r--user_guide_src/source/changelog.rst2
-rw-r--r--user_guide_src/source/conf.py4
-rw-r--r--user_guide_src/source/general/security.rst12
-rw-r--r--user_guide_src/source/installation/upgrade_300.rst2
-rw-r--r--user_guide_src/source/tutorial/static_pages.rst2
5 files changed, 12 insertions, 10 deletions
diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst
index a1b15105f..45780ddb3 100644
--- a/user_guide_src/source/changelog.rst
+++ b/user_guide_src/source/changelog.rst
@@ -565,7 +565,7 @@ Release Date: Not Released
- Changed the library constructor to try to create the **log_path** directory if it doesn't exist.
- Added support for microseconds ("u" date format character) in ``$config['log_date_format']``.
- - Added `compatibility layers <general/compatibility_functions>` for:
+ - Added :doc:`compatibility layers <general/compatibility_functions>` for:
- `Multibyte String <http://php.net/mbstring>`_ (limited support).
- `Hash <http://php.net/hash>`_ (``hash_equals()``, ``hash_pbkdf2()``).
diff --git a/user_guide_src/source/conf.py b/user_guide_src/source/conf.py
index d65fe0dfd..93d70b2e4 100644
--- a/user_guide_src/source/conf.py
+++ b/user_guide_src/source/conf.py
@@ -48,9 +48,9 @@ copyright = u'2014 - 2015, British Columbia Institute of Technology'
# built documents.
#
# The short X.Y version.
-version = '3.0'
+version = '3.0.0'
# The full version, including alpha/beta/rc tags.
-release = '3.0-dev'
+release = '3.0.0'
# The language for content autogenerated by Sphinx. Refer to documentation
# for a list of supported languages.
diff --git a/user_guide_src/source/general/security.rst b/user_guide_src/source/general/security.rst
index efc821f2b..fcfe4c24b 100644
--- a/user_guide_src/source/general/security.rst
+++ b/user_guide_src/source/general/security.rst
@@ -143,11 +143,15 @@ with that. Please read below.
feature, just randomly generate a new, one-time (this is also important)
password and send that instead.
-- DO NOT put artificial limits on your users' passwords.
+- DO NOT put unnecessary limits on your users' passwords.
- There's no point in forcing a rule that a password can only be up to
- a number of characters, or that it can't contain a certain set of
- special characters.
+ If you're using a hashing algorithm other than BCrypt (which has a limit
+ of 72 characters), you should set a relatively high limit on password
+ lengths in order to mitigate DoS attacks - say, 1024 characters.
+
+ Other than that however, there's no point in forcing a rule that a
+ password can only be up to a number of characters, or that it can't
+ contain a certain set of special characters.
Not only does this **reduce** security instead of improving it, but
there's literally no reason to do it. No technical limitations and
diff --git a/user_guide_src/source/installation/upgrade_300.rst b/user_guide_src/source/installation/upgrade_300.rst
index 7e3479740..a3d712482 100644
--- a/user_guide_src/source/installation/upgrade_300.rst
+++ b/user_guide_src/source/installation/upgrade_300.rst
@@ -2,8 +2,6 @@
Upgrading from 2.2.x to 3.0.0
#############################
-.. note:: These upgrade notes are for a version that is yet to be released.
-
Before performing an update you should take your site offline by replacing the index.php file with a static one.
*************************************
diff --git a/user_guide_src/source/tutorial/static_pages.rst b/user_guide_src/source/tutorial/static_pages.rst
index 210d9f8d6..0c75d5a34 100644
--- a/user_guide_src/source/tutorial/static_pages.rst
+++ b/user_guide_src/source/tutorial/static_pages.rst
@@ -64,7 +64,7 @@ following code.
</head>
<body>
- <h1>CodeIgniter Tutorial</h1>
+ <h1><?php echo $title ?></h1>
The header contains the basic HTML code that you'll want to display
before loading the main view, together with a heading. It will also