summaryrefslogtreecommitdiffstats
path: root/user_guide_src
diff options
context:
space:
mode:
Diffstat (limited to 'user_guide_src')
-rw-r--r--user_guide_src/cilexer/cilexer/cilexer.py2
-rw-r--r--user_guide_src/source/_themes/eldocs/static/asset/css/common.css2
-rw-r--r--user_guide_src/source/changelog.rst26
-rw-r--r--user_guide_src/source/conf.py4
-rw-r--r--user_guide_src/source/database/active_record.rst170
-rw-r--r--user_guide_src/source/general/urls.rst2
-rw-r--r--user_guide_src/source/installation/upgrade_300.rst9
-rw-r--r--user_guide_src/source/libraries/image_lib.rst10
-rw-r--r--user_guide_src/source/libraries/security.rst4
-rw-r--r--user_guide_src/source/tutorial/news_section.rst2
-rw-r--r--user_guide_src/source/tutorial/static_pages.rst2
11 files changed, 151 insertions, 82 deletions
diff --git a/user_guide_src/cilexer/cilexer/cilexer.py b/user_guide_src/cilexer/cilexer/cilexer.py
index e571ce627..713268e9c 100644
--- a/user_guide_src/cilexer/cilexer/cilexer.py
+++ b/user_guide_src/cilexer/cilexer/cilexer.py
@@ -15,7 +15,7 @@
# through the world wide web, please send an email to
# licensing@ellislab.com so we can send you a copy immediately.
#
-# Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/)
+# Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/)
# http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0)
diff --git a/user_guide_src/source/_themes/eldocs/static/asset/css/common.css b/user_guide_src/source/_themes/eldocs/static/asset/css/common.css
index 45b1fe724..b9e28aec0 100644
--- a/user_guide_src/source/_themes/eldocs/static/asset/css/common.css
+++ b/user_guide_src/source/_themes/eldocs/static/asset/css/common.css
@@ -16,7 +16,7 @@ If you did not receive a copy of the license and are unable to obtain it
through the world wide web, please send an email to
licensing@ellislab.com so we can send you a copy immediately.
-Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/)
+Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/)
http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0)
*/
diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst
index be83f09e4..48011f208 100644
--- a/user_guide_src/source/changelog.rst
+++ b/user_guide_src/source/changelog.rst
@@ -24,11 +24,15 @@ Release Date: Not Released
- Added Windows 7 to the list of user platforms.
- Ability to log certain error types, not all under a threshold.
- Added support for pem, p10, p12, p7a, p7c, p7m, p7r, p7s, crt, crl, der, kdb, rsa, cer, sst, csr Certs to mimes.php.
- - Added support pgp and gpg to mimes.php.
- - Added support 3gp, 3g2, mp4, wmv, f4v, vlc Video files to mimes.php.
- - Added support m4a, aac, m4u, xspf, au, ac3, flac, ogg Audio files to mimes.php.
+ - Added support for pgp and gpg to mimes.php.
+ - Added support for 3gp, 3g2, mp4, wmv, f4v, vlc Video files to mimes.php.
+ - Added support for m4a, aac, m4u, xspf, au, ac3, flac, ogg Audio files to mimes.php.
+ - Added support for kmz and kml (Google Earth) files to mimes.php.
+ - Added application/xml for xml and application/xml, text/xsl for xsl in mimes.php.
- Changed logger to only chmod when file is first created.
- Removed previously deprecated SHA1 Library.
+ - Removed previously deprecated use of ``$autoload['core']`` in application/config/autoload.php.
+ Only entries in ``$autoload['libraries']`` are auto-loaded now.
- Helpers
@@ -54,15 +58,21 @@ Release Date: Not Released
- It now auto-increments quantity's instead of just resetting it, this is the default behaviour of large e-commerce sites.
- Product Name strictness can be disabled via the Cart Library by switching "$product_name_safe"
- Added function remove() to remove a cart item, updating with quantity of 0 seemed like a hack but has remained to retain compatability
+ - Image manipulation library changes include:
+ - The initialize() method now only sets existing class properties.
+ - Added support for 3-length hex color values for wm_font_color and wm_shadow_color properties, as well as validation for them.
+ - Class properties wm_font_color, wm_shadow_color and wm_use_drop_shadow are now protected, to avoid breaking the text_watermark() method
+ if they are set manually after initialization.
- Minor speed optimizations and method & property visibility declarations in the Calendar Library.
- Removed SHA1 function in the :doc:`Encryption Library <libraries/encryption>`.
+ - Added $config['csrf_regeneration'] to the CSRF protection in the :doc:`Security library <libraries/security>`, which makes token regeneration optional.
- Core
- - Changed private functions in CI_URI to protected so MY_URI can
- override them.
+ - Changed private functions in CI_URI to protected so MY_URI can override them.
- Removed CI_CORE boolean constant from CodeIgniter.php (no longer Reactor and Core versions).
- - Added method get_vars() to CI_Loader to retrieve all variables loaded with $this->load->vars()
+ - Added method get_vars() to CI_Loader to retrieve all variables loaded with $this->load->vars().
+ - is_loaded() function from system/core/Commons.php now returns a reference.
Bug fixes for 3.0
------------------
@@ -83,6 +93,10 @@ Bug fixes for 3.0
- Fixed a bug in CI_Cart::contents() where if called without a TRUE (or equal) parameter, it would fail due to a typo.
- Fixed a bug (#696) - make oci_execute calls inside num_rows non-committing, since they are only there to reset which row is next in line for oci_fetch calls and thus don't need to be committed.
- Fixed a bug (#406) - sqlsrv DB driver not reuturning resource on <samp>db_pconnect()</samp>.
+- Fixed a bug in CI_Image_lib::gd_loaded() where it was possible for the script execution to end or a PHP E_WARNING message to be emitted.
+- In Pagination library, when use_page_numbers=TRUE previous link and page 1 link do not have the same url
+- Fixed a bug (#561) - Errors in :doc:`XML-RPC Library <libraries/xmlrpc>` were not properly escaped.
+- Fixed a bug (#904) - ``CI_Loader::initialize()`` caused a PHP Fatal error to be triggered if error level E_STRICT is used.
Version 2.1.0
=============
diff --git a/user_guide_src/source/conf.py b/user_guide_src/source/conf.py
index bb10d06e4..593ceaf1c 100644
--- a/user_guide_src/source/conf.py
+++ b/user_guide_src/source/conf.py
@@ -41,7 +41,7 @@ master_doc = 'index'
# General information about the project.
project = u'CodeIgniter'
-copyright = u'2011, EllisLab, Inc.'
+copyright = u'2012, EllisLab, Inc.'
# The version info for the project you're documenting, acts as replacement for
# |version| and |release|, also used in various other places throughout the
@@ -223,7 +223,7 @@ man_pages = [
epub_title = u'CodeIgniter'
epub_author = u'EllisLab, Inc.'
epub_publisher = u'EllisLab, Inc.'
-epub_copyright = u'2011, EllisLab, Inc.'
+epub_copyright = u'2012, EllisLab, Inc.'
# The language of the text. It defaults to the language option
# or en if the language is not set.
diff --git a/user_guide_src/source/database/active_record.rst b/user_guide_src/source/database/active_record.rst
index 1600f0bd9..c04e67d2a 100644
--- a/user_guide_src/source/database/active_record.rst
+++ b/user_guide_src/source/database/active_record.rst
@@ -45,7 +45,7 @@ You'll notice that the above function is assigned to a variable named
$query, which can be used to show the results::
$query = $this->db->get('mytable');
-
+
foreach ($query->result() as $row)
{
echo $row->title;
@@ -57,31 +57,31 @@ discussion regarding result generation.
$this->db->get_compiled_select()
================================
-Compiles the selection query just like `$this->db->get()`_ but does not *run*
+Compiles the selection query just like `$this->db->get()`_ but does not *run*
the query. This method simply returns the SQL query as a string.
Example::
$sql = $this->db->get_compiled_select('mytable');
echo $sql;
-
+
// Produces string: SELECT * FROM mytable
-
-The second parameter enables you to set whether or not the active record query
+
+The second parameter enables you to set whether or not the active record query
will be reset (by default it will be&mdash;just like `$this->db->get()`)::
echo $this->db->limit(10,20)->get_compiled_select('mytable', FALSE);
- // Produces string: SELECT * FROM mytable LIMIT 20, 10
+ // Produces string: SELECT * FROM mytable LIMIT 20, 10
// (in MySQL. Other databases have slightly different syntax)
-
+
echo $this->db->select('title, content, date')->get_compiled_select();
// Produces string: SELECT title, content, date FROM mytable
-
-The key thing to notice in the above example is that the second query did not
-utilize `$this->db->from()`_ and did not pass a table name into the first
-parameter. The reason for this outcome is because the query has not been
-executed using `$this->db->get()`_ which resets values or reset directly
+
+The key thing to notice in the above example is that the second query did not
+utilize `$this->db->from()`_ and did not pass a table name into the first
+parameter. The reason for this outcome is because the query has not been
+executed using `$this->db->get()`_ which resets values or reset directly
using `$this->db->reset_query()`_.
@@ -116,7 +116,7 @@ with backticks. This is useful if you need a compound select statement.
::
- $this->db->select('(SELECT SUM(payments.amount) FROM payments WHERE payments.invoice_id=4') AS amount_paid', FALSE);
+ $this->db->select('(SELECT SUM(payments.amount) FROM payments WHERE payments.invoice_id=4') AS amount_paid', FALSE);
$query = $this->db->get('mytable');
@@ -130,7 +130,7 @@ include a second parameter to rename the resulting field.
$this->db->select_max('age');
$query = $this->db->get('members'); // Produces: SELECT MAX(age) as age FROM members
-
+
$this->db->select_max('age', 'member_age');
$query = $this->db->get('members'); // Produces: SELECT MAX(age) as member_age FROM members
@@ -195,7 +195,7 @@ Permits you to write the JOIN portion of your query::
$this->db->from('blogs');
$this->db->join('comments', 'comments.id = blogs.id');
$query = $this->db->get();
-
+
// Produces:
// SELECT * FROM blogs JOIN comments ON comments.id = blogs.id
@@ -224,7 +224,7 @@ methods:
::
- $this->db->where('name', $name); // Produces: WHERE name = 'Joe'
+ $this->db->where('name', $name); // Produces: WHERE name = 'Joe'
Notice that the equal sign is added for you.
@@ -236,7 +236,7 @@ methods:
$this->db->where('name', $name);
$this->db->where('title', $title);
$this->db->where('status', $status);
- // WHERE name = 'Joe' AND title = 'boss' AND status = 'active'
+ // WHERE name = 'Joe' AND title = 'boss' AND status = 'active'
#. **Custom key/value method:**
You can include an operator in the first parameter in order to
@@ -245,7 +245,7 @@ methods:
::
$this->db->where('name !=', $name);
- $this->db->where('id <', $id); // Produces: WHERE name != 'Joe' AND id < 45
+ $this->db->where('id <', $id); // Produces: WHERE name != 'Joe' AND id < 45
#. **Associative array method:**
@@ -253,7 +253,7 @@ methods:
$array = array('name' => $name, 'title' => $title, 'status' => $status);
$this->db->where($array);
- // Produces: WHERE name = 'Joe' AND title = 'boss' AND status = 'active'
+ // Produces: WHERE name = 'Joe' AND title = 'boss' AND status = 'active'
You can include your own operators using this method as well:
@@ -354,7 +354,7 @@ searches.
::
- $this->db->like('title', 'match'); // Produces: WHERE title LIKE '%match%'
+ $this->db->like('title', 'match'); // Produces: WHERE title LIKE '%match%'
If you use multiple function calls they will be chained together with
AND between them::
@@ -371,7 +371,7 @@ searches.
$this->db->like('title', 'match', 'before'); // Produces: WHERE title LIKE '%match'
$this->db->like('title', 'match', 'after'); // Produces: WHERE title LIKE 'match%'
- $this->db->like('title', 'match', 'both'); // Produces: WHERE title LIKE '%match%'
+ $this->db->like('title', 'match', 'both'); // Produces: WHERE title LIKE '%match%'
#. **Associative array method:**
@@ -443,7 +443,7 @@ Permits you to write the HAVING portion of your query. There are 2
possible syntaxes, 1 argument or 2::
$this->db->having('user_id = 45'); // Produces: HAVING user_id = 45
- $this->db->having('user_id', 45); // Produces: HAVING user_id = 45
+ $this->db->having('user_id', 45); // Produces: HAVING user_id = 45
You can also pass an array of multiple values as well::
@@ -486,7 +486,7 @@ Or multiple function calls can be made if you need multiple fields.
::
$this->db->order_by("title", "desc");
- $this->db->order_by("name", "asc"); // Produces: ORDER BY title DESC, name ASC
+ $this->db->order_by("name", "asc"); // Produces: ORDER BY title DESC, name ASC
.. note:: order_by() was formerly known as orderby(), which has been
@@ -518,7 +518,7 @@ where(), or_where(), like(), or_like(), etc. Example::
echo $this->db->count_all_results('my_table'); // Produces an integer, like 25
$this->db->like('title', 'match');
$this->db->from('my_table');
- echo $this->db->count_all_results(); // Produces an integer, like 17
+ echo $this->db->count_all_results(); // Produces an integer, like 17
$this->db->count_all()
======================
@@ -529,6 +529,54 @@ Submit the table name in the first parameter. Example::
echo $this->db->count_all('my_table'); // Produces an integer, like 25
**************
+Query grouping
+**************
+
+Query grouping allows you to create groups of WHERE clauses by enclosing them in parentheses. This will allow
+you to create queries with complex WHERE clauses. Nested groups are supported. Example:
+
+ $this->db->select('*')->from('my_table')
+ ->group_start()
+ ->where('a', 'a')
+ ->or_group_start()
+ ->where('b', 'b')
+ ->where('c', 'c')
+ ->group_end()
+ ->group_end()
+ ->where('d', 'd')
+ ->get();
+
+ // Generates:
+ // SELECT * FROM (`my_table`) WHERE ( `a` = 'a' OR ( `b` = 'b' AND `c` = 'c' ) ) AND `d` = 'd'
+
+.. note:: groups need to be balanced, make sure every group_start() is matched by a group_end().
+
+$this->db->group_start()
+========================
+
+Starts a new group by adding an opening parenthesis to the WHERE clause of the query.
+
+$this->db->or_group_start()
+===========================
+
+Starts a new group by adding an opening parenthesis to the WHERE clause of the query, prefixing it with 'OR'.
+
+$this->db->not_group_start()
+============================
+
+Starts a new group by adding an opening parenthesis to the WHERE clause of the query, prefixing it with 'NOT'.
+
+$this->db->or_not_group_start()
+===============================
+
+Starts a new group by adding an opening parenthesis to the WHERE clause of the query, prefixing it with 'OR NOT'.
+
+$this->db->group_end()
+======================
+
+Ends the current group by adding an closing parenthesis to the WHERE clause of the query.
+
+**************
Inserting Data
**************
@@ -544,7 +592,7 @@ function. Here is an example using an array::
'name' => 'My Name',
'date' => 'My date'
);
-
+
$this->db->insert('mytable', $data);
// Produces: INSERT INTO mytable (title, name, date) VALUES ('My title', 'My name', 'My date')
@@ -560,7 +608,7 @@ Here is an example using an object::
var $date = 'My Date';
}
*/
-
+
$object = new Myclass;
$this->db->insert('mytable', $object);
// Produces: INSERT INTO mytable (title, content, date) VALUES ('My Title', 'My Content', 'My Date')
@@ -572,7 +620,7 @@ object.
$this->db->get_compiled_insert()
================================
-Compiles the insertion query just like `$this->db->insert()`_ but does not
+Compiles the insertion query just like `$this->db->insert()`_ but does not
*run* the query. This method simply returns the SQL query as a string.
Example::
@@ -582,27 +630,27 @@ Example::
'name' => 'My Name',
'date' => 'My date'
);
-
+
$sql = $this->db->set($data)->get_compiled_insert('mytable');
echo $sql;
-
+
// Produces string: INSERT INTO mytable (title, name, date) VALUES ('My title', 'My name', 'My date')
-The second parameter enables you to set whether or not the active record query
+The second parameter enables you to set whether or not the active record query
will be reset (by default it will be--just like `$this->db->insert()`_)::
-
+
echo $this->db->set('title', 'My Title')->get_compiled_insert('mytable', FALSE);
-
+
// Produces string: INSERT INTO mytable (title) VALUES ('My Title')
-
+
echo $this->db->set('content', 'My Content')->get_compiled_insert();
// Produces string: INSERT INTO mytable (title, content) VALUES ('My Title', 'My Content')
-
-The key thing to notice in the above example is that the second query did not
-utlize `$this->db->from()`_ nor did it pass a table name into the first
-parameter. The reason this worked is because the query has not been executed
-using `$this->db->insert()`_ which resets values or reset directly using
+
+The key thing to notice in the above example is that the second query did not
+utlize `$this->db->from()`_ nor did it pass a table name into the first
+parameter. The reason this worked is because the query has not been executed
+using `$this->db->insert()`_ which resets values or reset directly using
`$this->db->reset_query()`_.
$this->db->insert_batch()
@@ -624,7 +672,7 @@ function. Here is an example using an array::
'date' => 'Another date'
)
);
-
+
$this->db->insert_batch('mytable', $data);
// Produces: INSERT INTO mytable (title, name, date) VALUES ('My title', 'My name', 'My date'), ('Another title', 'Another name', 'Another date')
@@ -652,7 +700,7 @@ based on whether you are doing an insert or an update::
$this->db->set('name', $name);
$this->db->set('title', $title);
$this->db->set('status', $status);
- $this->db->insert('mytable');
+ $this->db->insert('mytable');
**set()** will also accept an optional third parameter ($escape), that
will prevent data from being escaped if set to FALSE. To illustrate the
@@ -674,7 +722,7 @@ You can also pass an associative array to this function::
'title' => $title,
'status' => $status
);
-
+
$this->db->set($array);
$this->db->insert('mytable');
@@ -687,7 +735,7 @@ Or an object::
var $date = 'My Date';
}
*/
-
+
$object = new Myclass;
$this->db->set($object);
$this->db->insert('mytable');
@@ -709,7 +757,7 @@ is an example using an array::
'name' => $name,
'date' => $date
);
-
+
$this->db->where('id', $id);
$this->db->update('mytable', $data);
// Produces: // UPDATE mytable // SET title = '{$title}', name = '{$name}', date = '{$date}' // WHERE id = $id
@@ -723,7 +771,7 @@ Or you can supply an object::
var $date = 'My Date';
}
*/
-
+
$object = new Myclass;
$this->db->where('id', $id);
$this->db->update('mytable', $object);
@@ -764,14 +812,14 @@ Here is an example using an array::
)
);
- $this->db->update_batch('mytable', $data, 'title');
+ $this->db->update_batch('mytable', $data, 'title');
- // Produces:
+ // Produces:
// UPDATE `mytable` SET `name` = CASE
// WHEN `title` = 'My title' THEN 'My Name 2'
// WHEN `title` = 'Another title' THEN 'Another Name 2'
// ELSE `name` END,
- // `date` = CASE
+ // `date` = CASE
// WHEN `title` = 'My title' THEN 'My date 2'
// WHEN `title` = 'Another title' THEN 'Another date 2'
// ELSE `date` END
@@ -810,7 +858,7 @@ the data to the second parameter of the function::
$this->db->where('id', $id);
$this->db->delete('mytable');
-
+
// Produces:
// DELETE FROM mytable
// WHERE id = $id
@@ -847,17 +895,17 @@ Generates a truncate SQL string and runs the query.
$this->db->from('mytable');
$this->db->truncate();
-
- // or
-
+
+ // or
+
$this->db->truncate('mytable');
-
+
// Produce:
- // TRUNCATE mytable
+ // TRUNCATE mytable
.. note:: If the TRUNCATE command isn't available, truncate() will
execute as "DELETE FROM table".
-
+
$this->db->get_compiled_delete()
================================
This works exactly the same way as ``$this->db->get_compiled_insert()`` except
@@ -917,11 +965,11 @@ Here's a usage example::
$this->db->stop_cache();
$this->db->get('tablename');
//Generates: SELECT `field1` FROM (`tablename`)
-
+
$this->db->select('field2');
$this->db->get('tablename');
//Generates: SELECT `field1`, `field2` FROM (`tablename`)
-
+
$this->db->flush_cache();
$this->db->select('field2');
$this->db->get('tablename');
@@ -935,13 +983,13 @@ Here's a usage example::
$this->db->reset_query()
========================
-Resetting Active Record allows you to start fresh with your query without
-executing it first using a method like $this->db->get() or $this->db->insert().
-Just like the methods that execute a query, this will *not* reset items you've
+Resetting Active Record allows you to start fresh with your query without
+executing it first using a method like $this->db->get() or $this->db->insert().
+Just like the methods that execute a query, this will *not* reset items you've
cached using `Active Record Caching`_.
-This is useful in situations where you are using Active Record to generate SQL
-(ex. ``$this->db->get_compiled_select()``) but then choose to, for instance,
+This is useful in situations where you are using Active Record to generate SQL
+(ex. ``$this->db->get_compiled_select()``) but then choose to, for instance,
run the query::
// Note that the second parameter of the get_compiled_select method is FALSE
diff --git a/user_guide_src/source/general/urls.rst b/user_guide_src/source/general/urls.rst
index 3126fcf36..857078b1c 100644
--- a/user_guide_src/source/general/urls.rst
+++ b/user_guide_src/source/general/urls.rst
@@ -48,7 +48,7 @@ method in which everything is redirected except the specified items:
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
- RewriteRule ^(.*)$ /index.php/$1 [L]
+ RewriteRule ^(.*)$ index.php/$1 [L]
In the above example, any HTTP request other than those for existing
directories and existing files is treated as a request for your index.php file.
diff --git a/user_guide_src/source/installation/upgrade_300.rst b/user_guide_src/source/installation/upgrade_300.rst
index 960485ae3..4c594ab17 100644
--- a/user_guide_src/source/installation/upgrade_300.rst
+++ b/user_guide_src/source/installation/upgrade_300.rst
@@ -15,6 +15,9 @@ Replace all files and directories in your "system" folder and replace
your index.php file. If any modifications were made to your index.php
they will need to be made fresh in this new one.
+.. note:: If you have any custom developed files in these folders please
+ make copies of them first.
+
Step 2: Change References to the SHA Library
============================================
@@ -23,6 +26,8 @@ Alter your code to use the native `sha1()` PHP function to generate a sha1 hash.
Additionally, the `sha1()` method in the :doc:`Encryption Library <../libraries/encryption>` has been removed.
+Step 3: Remove $autoload['core'] from your config/autoload.php
+==============================================================
-.. note:: If you have any custom developed files in these folders please
- make copies of them first.
+Use of the `$autoload['core']` config array has been deprecated as of CodeIgniter 1.4.1 and is now removed.
+Move any entries that you might have listed there to `$autoload['libraries']` instead.
diff --git a/user_guide_src/source/libraries/image_lib.rst b/user_guide_src/source/libraries/image_lib.rst
index 14bd128a6..ed6575c62 100644
--- a/user_guide_src/source/libraries/image_lib.rst
+++ b/user_guide_src/source/libraries/image_lib.rst
@@ -390,13 +390,11 @@ Preference Default Value Options Description
**wm_font_size** 16 None The size of the text. Note: If you are not using the True Type option
above, the number is set using a range of 1 - 5. Otherwise, you can use
any valid pixel size for the font you're using.
-**wm_font_color** ffffff None The font color, specified in hex. Note, you must use the full 6
- character hex value (ie, 993300), rather than the three character
- abbreviated version (ie fff).
+**wm_font_color** ffffff None The font color, specified in hex. Both the full 6-length (ie, 993300) and
+ the short three character abbreviated version (ie, fff) are supported.
**wm_shadow_color** None None The color of the drop shadow, specified in hex. If you leave this blank
- a drop shadow will not be used. Note, you must use the full 6 character
- hex value (ie, 993300), rather than the three character abbreviated
- version (ie fff).
+ a drop shadow will not be used. Both the full 6-length (ie, 993300) and
+ the short three character abbreviated version (ie, fff) are supported.
**wm_shadow_distance** 3 None The distance (in pixels) from the font that the drop shadow should
appear.
======================= =================== =================== ==========================================================================
diff --git a/user_guide_src/source/libraries/security.rst b/user_guide_src/source/libraries/security.rst
index 8ee0c6e77..e7d25555f 100644
--- a/user_guide_src/source/libraries/security.rst
+++ b/user_guide_src/source/libraries/security.rst
@@ -85,6 +85,10 @@ If you use the :doc:`form helper <../helpers/form_helper>` the
form_open() function will automatically insert a hidden csrf field in
your forms.
+Tokens may be either regenerated on every submission (default) or kept the same throughout the life of the CSRF cookie. The default regeneration of tokens provides stricter security but may result in usability concerns as other tokens become invalid (back/forward navigation, multiple tabs/windows, asynchronous actions, etc). You may alter this behavior by editing the following config parameter::
+
+ $config['csrf_regeneration'] = TRUE;
+
Select URIs can be whitelisted from csrf protection (for example API
endpoints expecting externally POSTed content). You can add these URIs
by editing the 'csrf_exclude_uris' config parameter::
diff --git a/user_guide_src/source/tutorial/news_section.rst b/user_guide_src/source/tutorial/news_section.rst
index fe8e41607..38e4214ca 100644
--- a/user_guide_src/source/tutorial/news_section.rst
+++ b/user_guide_src/source/tutorial/news_section.rst
@@ -149,7 +149,7 @@ and add the next piece of code.
<div id="main">
<?php echo $news_item['text'] ?>
</div>
- <p><a href="news/<?php echo $news_item['slug'] ?>">View article</a></p>
+ <p><a href="<?php echo $news_item['slug'] ?>">View article</a></p>
<?php endforeach ?>
diff --git a/user_guide_src/source/tutorial/static_pages.rst b/user_guide_src/source/tutorial/static_pages.rst
index 82de2a8cb..c7f737951 100644
--- a/user_guide_src/source/tutorial/static_pages.rst
+++ b/user_guide_src/source/tutorial/static_pages.rst
@@ -72,7 +72,7 @@ includes the following code:
::
- <em>&copy; 2011</em>
+ <em>&copy; 2012</em>
</body>
<html>