8 files changed, 74 insertions, 59 deletions

diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst
index 2df8ca7c1..cbc6295c8 100644
--- a/user_guide_src/source/changelog.rst
+++ b/user_guide_src/source/changelog.rst
@@ -39,14 +39,14 @@ Release Date: Not Released
    -  Updated support for zip files in mimes.php.
    -  Updated support for csv files in mimes.php.
    -  Added some more doctypes.
-   -  Added Romanian, Greek and Vietnamese characters in *foreign_characters.php*.
+   -  Added Romanian, Greek, Vietnamese and Cyrilic characters in *application/config/foreign_characters.php*.
    -  Changed logger to only chmod when file is first created.
    -  Removed previously deprecated SHA1 Library.
-   -  Removed previously deprecated use of ``$autoload['core']`` in application/config/autoload.php.
+   -  Removed previously deprecated use of ``$autoload['core']`` in *application/config/autoload.php*.
       Only entries in ``$autoload['libraries']`` are auto-loaded now.
    -  Removed previously deprecated EXT constant.
    -  Updated all classes to be written in PHP 5 style, with visibility declarations and no ``var`` usage for properties.
-   -  Moved error templates to "application/views/errors"
+   -  Moved error templates to *application/views/errors*.
    -  Global config files are loaded first, then environment ones. Environment config keys overwrite base ones, allowing to only set the keys we want changed per environment.
    -  Changed detection of ``$view_folder`` so that if it's not found in the current path, it will now also be searched for under the application folder.
    -  Path constants BASEPATH, APPPATH and VIEWPATH are now (internally) defined as absolute paths.
@@ -77,7 +77,7 @@ Release Date: Not Released
    -  Added a work-around in ``force_download()`` for a bug Android <= 2.1, where the filename extension needs to be in uppercase.
    -  :doc:`Form Helper <helpers/form_helper>` changes include:
 	 - ``form_dropdown()`` will now also take an array for unity with other form helpers.
-	 - ``form_prep()`` is now **DEPRECATED** and only acts as an alias for :doc:`common function <general/common_functions>` ``html_escape()``.
+	 - ``form_prep()``'s second argument now only accepts a boolean value, which determines whether the value is escaped for a *textarea* or a regular *input* element.
    -  ``do_hash()`` now uses PHP's native ``hash()`` function (supporting more algorithms) and is deprecated.
    -  Removed previously deprecated helper function ``js_insert_smiley()`` from :doc:`Smiley Helper <helpers/smiley_helper>`.
    -  :doc:`File Helper <helpers/file_helper>` changes include:
@@ -182,7 +182,7 @@ Release Date: Not Released
 	 -  Added method ``remove()`` to remove a cart item, updating with quantity of 0 seemed like a hack but has remained to retain compatibility.
 	 -  Added method ``get_item()`` to enable retrieving data for a single cart item.
    -  :doc:`Image Manipulation library <libraries/image_lib>` changes include:
-	 -  The initialize() method now only sets existing class properties.
+	 -  The ``initialize()`` method now only sets existing class properties.
 	 -  Added support for 3-length hex color values for *wm_font_color* and *wm_shadow_color* properties, as well as validation for them.
 	 -  Class properties *wm_font_color*, *wm_shadow_color* and *wm_use_drop_shadow* are now protected, to avoid breaking the ``text_watermark()`` method if they are set manually after initialization.
 	 -  If property *maintain_ratio* is set to TRUE, ``image_reproportion()`` now doesn't need both width and height to be specified.
@@ -236,6 +236,7 @@ Release Date: Not Released
 	 -  Renamed internal method ``_detect_uri()`` to ``_parse_request_uri()``.
 	 -  Changed ``_parse_request_uri()`` to accept absolute URIs for compatibility with HTTP/1.1 as per `RFC2616 <http://www.ietf.org/rfc/rfc2616.txt>`.
 	 -  Added protected method ``_parse_query_string()`` to URI paths in the the **QUERY_STRING** value, like ``_parse_request_uri()`` does.
+	 -  Changed ``_fetch_uri_string()`` to try the **PATH_INFO** variable first when auto-detecting.
    -  Removed ``CI_CORE`` boolean constant from *CodeIgniter.php* (no longer Reactor and Core versions).
    -  :doc:`Loader Library <libraries/loader>` changes include:
 	 -  Added method ``get_vars()`` to the Loader to retrieve all variables loaded with ``$this->load->vars()``.
@@ -269,7 +270,9 @@ Release Date: Not Released
 	 -  Added method ``strip_image_tags()``.
 	 -  Added ``$config['csrf_regeneration']``, which makes token regeneration optional.
 	 -  Added ``$config['csrf_exclude_uris']``, which allows you list URIs which will not have the CSRF validation methods run.
-   -  Added possibility to route requests using callbacks.
+   -  :doc:`URI Routing <general/routing>` changes include:
+	 -  Added possibility to route requests using callbacks.
+	 -  Added possibility to use dashes in the controller and method URI segments (translated to underscores).
 
 Bug fixes for 3.0
 ------------------
@@ -406,7 +409,11 @@ Bug fixes for 3.0
 -  Fixed a bug (#142) - :doc:`Form Helper <helpers/form_helper>` function ``form_dropdown()`` didn't escape HTML entities in option values.
 -  Fixed a bug (#50) - :doc:`Session Library <libraries/sessions>` unnecessarily stripped slashed from serialized data, making it impossible to read objects in a namespace.
 -  Fixed a bug (#658) - :doc:`Routing <general/routing>` wildcard **:any** didn't work as advertised and matched multiple URI segments instead of all characters within a single segment.
--  Fixed a bug (#1938) - :doc:`Email <libraries/email>` where the email library removed multiple spaces inside a pre-formatted plain text message.
+-  Fixed a bug (#1938) - :doc:`Email Library <libraries/email>` removed multiple spaces inside a pre-formatted plain text message.
+-  Fixed a bug (#388, #705) - :doc:`URI Library <libraries/uri>` didn't apply URL-decoding to URI segments that it got from **REQUEST_URI** and/or **QUERY_STRING**.
+-  Fixed a bug (#122) - :doc:`URI Library <libraries/uri>` method ``ruri_string()`` didn't include a directory if one is used.
+-  Fixed a bug - :doc:`Routing Library <general/routing>` didn't properly handle *default_controller* in a subdirectory when a method is also specified.
+-  Fixed a bug (#953) - :doc:`post_controller_constructor hook <general/hooks>` wasn't called with a *404_override*.
 
 Version 2.1.3
 =============
diff --git a/user_guide_src/source/general/common_functions.rst b/user_guide_src/source/general/common_functions.rst
index f3d48ac91..7f327f00b 100644
--- a/user_guide_src/source/general/common_functions.rst
+++ b/user_guide_src/source/general/common_functions.rst
@@ -46,10 +46,14 @@ recommended on platforms where this information may be unreliable.
 config_item('item_key')
 =======================
 
-The :doc:`Config library <../libraries/config>` is the preferred way of
-accessing configuration information, however config_item() can be used
-to retrieve single keys. See Config library documentation for more
-information.
+The :doc:`Config Library <../libraries/config>` is the preferred way of
+accessing configuration information, however ``config_item()`` can be used
+to retrieve single keys. See :doc:`Config Library <../libraries/config>`
+documentation for more information.
+
+.. important:: This function only returns values set in your configuration
+	files. It does not take into account config values that are
+	dynamically set at runtime.
 
 show_error('message'), show_404('page'), log_message('level', 'message')
 ========================================================================
diff --git a/user_guide_src/source/general/routing.rst b/user_guide_src/source/general/routing.rst
index 43c181669..e6174cc0d 100644
--- a/user_guide_src/source/general/routing.rst
+++ b/user_guide_src/source/general/routing.rst
@@ -162,8 +162,8 @@ appear by default.
 This route indicates which controller class should be loaded if the
 requested controller is not found. It will override the default 404
 error page. It won't affect to the show_404() function, which will
-continue loading the default error_404.php file at
-application/errors/error_404.php.
+continue loading the default *error_404.php* file at
+*application/errors/error_404.php*.
 
 .. important:: The reserved routes must come before any wildcard or
-	regular expression routes.
+	regular expression routes.
\ No newline at end of file
diff --git a/user_guide_src/source/general/urls.rst b/user_guide_src/source/general/urls.rst
index 6b390b559..20f80632a 100644
--- a/user_guide_src/source/general/urls.rst
+++ b/user_guide_src/source/general/urls.rst
@@ -28,9 +28,28 @@ approach, usually represent::
 #. The third, and any additional segments, represent the ID and any
    variables that will be passed to the controller.
 
-The :doc:`URI Class <../libraries/uri>` and the :doc:`URL Helper <../helpers/url_helper>` contain functions that make it
-easy to work with your URI data. In addition, your URLs can be remapped
-using the :doc:`URI Routing <routing>` feature for more flexibility.
+The :doc:`URI Class <../libraries/uri>` and the :doc:`URL Helper <../helpers/url_helper>`
+contain functions that make it easy to work with your URI data. In addition,
+your URLs can be remapped using the :doc:`URI Routing <routing>` feature for
+more flexibility.
+
+Friendly URLs
+=============
+
+As you might guess, since there's a straight relationship between
+URI segments and the controller/method pair that's being called,
+those two determining segments must represent a valid class and
+method name.
+You may however also use dashes in the class/method-representing
+segments, and they will automatically be translated to underscores
+in order to be valid routed segments.
+
+For example::
+
+	example.com/my-settings/change-password/
+
+The above example will route to the ``My_settings`` controller and
+its method ``change_password()``.
 
 Removing the index.php file
 ===========================
@@ -94,4 +113,4 @@ active. Your controllers and functions will then be accessible using the
 .. note:: If you are using query strings you will have to build
 	your own URLs, rather than utilizing the URL helpers (and other helpers
 	that generate URLs, like some of the form helpers) as these are designed
-	to work with segment based URLs.
+	to work with segment based URLs.
\ No newline at end of file
diff --git a/user_guide_src/source/helpers/form_helper.rst b/user_guide_src/source/helpers/form_helper.rst
index 015bf1162..02a758694 100644
--- a/user_guide_src/source/helpers/form_helper.rst
+++ b/user_guide_src/source/helpers/form_helper.rst
@@ -463,6 +463,26 @@ the tag. For example
 	echo form_close($string);
 	// Would produce:  </form> </div></div>
 
+form_prep()
+===========
+
+Allows you to safely use HTML and characters such as quotes within form
+elements without breaking out of the form. Consider this example
+::
+
+	$string = 'Here is a string containing "quoted" text.';
+	<input type="text" name="myform" value="$string" />
+
+Since the above string contains a set of quotes it will cause the form
+to break. The ``form_prep()`` function converts HTML so that it can be used
+safely::
+
+	<input type="text" name="myform" value="<?php echo form_prep($string); ?>" />
+
+.. note:: If you use any of the form helper functions listed in this page the form
+	values will be prepped automatically, so there is no need to call this
+	function. Use it only if you are creating your own form elements.
+
 set_value()
 ===========
 
@@ -523,26 +543,4 @@ This function is identical to the **set_checkbox()** function above.
 .. note:: If you are using the Form Validation class, you must always specify a rule for your field,
 	even if empty, in order for the set_*() functions to work. This is because if a Form Validation object
 	is defined, the control for set_*() is handed over to a method of the class instead of the generic helper
-	function.
-
-Escaping field values
-=====================
-
-You may need to use HTML and characters such as quotes within form
-elements. In order to do that safely, you'll need to use
-:doc:`common function <../general/common_functions>` ``html_escape()``.
-
-Consider the following example::
-
-	$string = 'Here is a string containing "quoted" text.';
-	<input type="text" name="myform" value="$string" />
-
-Since the above string contains a set of quotes it will cause the form
-to break. The ``html_escape()`` function converts HTML so that it can be
-used safely::
-
-	<input type="text" name="myform" value="<?php echo html_escape($string); ?>" />
-
-.. note:: If you use any of the form helper functions listed in this page, the form
-	values will be prepped automatically, so there is no need to call this
-	function. Use it only if you are creating your own form elements.
\ No newline at end of file
+	function.
\ No newline at end of file
diff --git a/user_guide_src/source/installation/upgrade_300.rst b/user_guide_src/source/installation/upgrade_300.rst
index 6d99f4655..fd5eea478 100644
--- a/user_guide_src/source/installation/upgrade_300.rst
+++ b/user_guide_src/source/installation/upgrade_300.rst
@@ -166,16 +166,6 @@ CodeIgniter 3.1+.
 .. note:: This function is still available, but you're strongly encouraged to remove it's usage sooner
 	rather than later.
 
-Form helper form_prep()
-=======================
-
-:doc:`Form Helper <../helpers/form_helper>` function ``form_prep()`` is now just an alias for
-:doc:`common function <../general/common_functions>` ``html_escape()`` and it's second argument
-is ignored. It is deprecated and scheduled for removal in CodeIgniter 3.1+.
-
-.. note:: This function is still available, but you're strongly encouraged to remove it's usage sooner
-	rather than later.
-
 Date helper standard_date()
 ===========================
 
diff --git a/user_guide_src/source/libraries/form_validation.rst b/user_guide_src/source/libraries/form_validation.rst
index 4d1940212..a3a35b499 100644
--- a/user_guide_src/source/libraries/form_validation.rst
+++ b/user_guide_src/source/libraries/form_validation.rst
@@ -288,8 +288,8 @@ CodeIgniter lets you pipe multiple rules together. Let's try it. Change
 your rules in the third parameter of rule setting function, like this::
 
 	$this->form_validation->set_rules('username', 'Username', 'required|min_length[5]|max_length[12]|is_unique[users.username]');
-	$this->form_validation->set_rules('password', 'Password', 'required|matches[passconf]');
-	$this->form_validation->set_rules('passconf', 'Password Confirmation', 'required');
+	$this->form_validation->set_rules('password', 'Password', 'required');
+	$this->form_validation->set_rules('passconf', 'Password Confirmation', 'required|matches[password]');
 	$this->form_validation->set_rules('email', 'Email', 'required|valid_email|is_unique[users.email]');
 
 The above code sets the following rules:
@@ -315,8 +315,8 @@ can also prep your data in various ways. For example, you can set up
 rules like this::
 
 	$this->form_validation->set_rules('username', 'Username', 'trim|required|min_length[5]|max_length[12]|xss_clean');
-	$this->form_validation->set_rules('password', 'Password', 'trim|required|matches[passconf]|md5');
-	$this->form_validation->set_rules('passconf', 'Password Confirmation', 'trim|required');
+	$this->form_validation->set_rules('password', 'Password', 'trim|required|md5');
+	$this->form_validation->set_rules('passconf', 'Password Confirmation', 'trim|required|matches[password]');
 	$this->form_validation->set_rules('email', 'Email', 'trim|required|valid_email');
 
 In the above example, we are "trimming" the fields, converting the
@@ -910,9 +910,6 @@ Rule                      Parameter  Description
 	to two parameters, where at least one is required (to pass
 	the field data).
 
-.. note:: When using the **matches** rule, the form item specified
-	to compare against must already be defined.
-
 ******************
 Prepping Reference
 ******************
diff --git a/user_guide_src/source/libraries/sessions.rst b/user_guide_src/source/libraries/sessions.rst
index dd9e8cbb4..ee7fb0b1c 100644
--- a/user_guide_src/source/libraries/sessions.rst
+++ b/user_guide_src/source/libraries/sessions.rst
@@ -388,7 +388,7 @@ session class::
 		user_agent varchar(120) NOT NULL,
 		last_activity int(10) unsigned DEFAULT 0 NOT NULL,
 		user_data text NOT NULL,
-		PRIMARY KEY (session_id),
+		PRIMARY KEY (session_id, ip_address, user_agent),
 		KEY `last_activity_idx` (`last_activity`)
 	);