summaryrefslogtreecommitdiffstats
path: root/user_guide_src
diff options
context:
space:
mode:
Diffstat (limited to 'user_guide_src')
-rw-r--r--user_guide_src/source/changelog.rst29
-rw-r--r--user_guide_src/source/installation/upgrade_300.rst15
-rw-r--r--user_guide_src/source/libraries/sessions.rst4
3 files changed, 30 insertions, 18 deletions
diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst
index 513050159..3124dea60 100644
--- a/user_guide_src/source/changelog.rst
+++ b/user_guide_src/source/changelog.rst
@@ -259,22 +259,18 @@ Release Date: Not Released
- :doc:`Session Library <libraries/sessions>` changes include:
- - Library changed to :doc:`Driver <general/drivers>` with classic Cookie driver as default.
- - Added Native PHP Session driver to work with ``$_SESSION``.
- - Custom drivers can be added anywhere in package paths and be loaded with the library.
- - Drivers interchangeable on the fly.
- - New **tempdata** feature allows setting user data items with an expiration time.
- - Added default ``$config['sess_driver']`` and ``$config['sess_valid_drivers']`` items to *config.php* file.
- - Cookie driver now respects php.ini's *session.gc_probability* and *session.gc_divisor* settings.
- - Cookie driver now uses HMAC authentication instead of the simple md5 checksum.
- - The Cookie driver now also checks authentication on encrypted session data.
- - Changed the Cookie driver to select only one row when using database sessions.
- - Cookie driver now only writes to database at end of request when using database.
- - Cookie driver now uses PHP functions for faster array manipulation when using database.
- - Added ``all_flashdata()`` method to session class. Returns an associative array of only flashdata.
- - Added ``has_userdata()`` method to verify existence of userdata item.
- - Added ``tempdata()``, ``set_tempdata()``, and ``unset_tempdata()`` methods for manipulating tempdata.
- - ``keep_flashdata()`` now accepts an array of keys.
+ - Library changed to :doc:`Driver <general/drivers>` with classic 'cookie' driver as the default.
+ - Added a 'native' PHP Session driver to work with ``$_SESSION``.
+ - Added a new **tempdata** feature that allows setting userdata items with expiration time (``tempdata()``, ``set_tempdata()``, ``unset_tempdata()``).
+ - Added default ``$config['sess_driver']`` and ``$config['sess_valid_drivers']`` items to *application/config.php* file.
+ - Changed 'cookie' driver to respect php.ini's *session.gc_probability* and *session.gc_divisor* settings.
+ - Changed 'cookie' driver to use HMAC authentication instead of a simple md5 checksum.
+ - Changed 'cookie' driver to select only one row when using database sessions.
+ - Changed 'cookie' driver to write to only write to the database at end of page execution.
+ - Changed method ``keep_flashdata()`` to also accept an array of keys.
+ - Changed methods ``userdata()``, ``flashdata()`` to return an array of all userdata/flashdata when no parameter is passed.
+ - Deprecated method ``all_userdata()`` - it is now just an alias for ``userdata()`` with no parameters.
+ - Added method ``has_userdata()`` that verifies the existence of a userdata item.
- Added *debug* level log messages for key events in the session validation process.
- :doc:`File Uploading Library <libraries/file_uploading>` changes include:
@@ -687,6 +683,7 @@ Bug fixes for 3.0
- Fixed a bug (#2737) - :doc:`XML-RPC Library <libraries/xmlrpc>` used objects as array keys, which triggered E_NOTICE messages.
- Fixed a bug (#2729) - ``CI_Security::_validate_entities()`` used overly-intrusive ``preg_replace()`` patterns that produced false-positives.
- Fixed a bug (#2771) - ``CI_Security::xss_clean()`` didn't take into account HTML5 entities.
+- Fixed a bug in the :doc:`Session Library <libraries/sessions>` 'cookie' driver where authentication was not performed for encrypted cookies.
Version 2.1.4
=============
diff --git a/user_guide_src/source/installation/upgrade_300.rst b/user_guide_src/source/installation/upgrade_300.rst
index ca7569b57..88bb11178 100644
--- a/user_guide_src/source/installation/upgrade_300.rst
+++ b/user_guide_src/source/installation/upgrade_300.rst
@@ -469,6 +469,21 @@ in CodeIgniter 3.1+.
.. note:: These options are still available, but you're strongly encouraged to remove their usage
sooner rather than later.
+Session Library method all_userdata()
+=====================================
+
+As seen in the :doc:`Change Log <../changelog>`, :doc:`Session Library <libraries/sessions>`
+method ``userdata()`` now allows you to fetch all userdata by simply omitting its parameter::
+
+ $this->session->userdata();
+
+This makes the ``all_userdata()`` method redudant and therefore it is now just an alias for
+``userdata()`` with the above shown usage and is being deprecated and scheduled for removal
+in CodeIgniter 3.1+.
+
+.. note:: This method is still available, but you're strongly encouraged to remove its usage
+ sooner rather than later.
+
Database Forge method add_column() with an AFTER clause
=======================================================
diff --git a/user_guide_src/source/libraries/sessions.rst b/user_guide_src/source/libraries/sessions.rst
index 2f8bea0b6..3368a9f5d 100644
--- a/user_guide_src/source/libraries/sessions.rst
+++ b/user_guide_src/source/libraries/sessions.rst
@@ -137,7 +137,7 @@ Retrieving All Session Data
An array of all userdata can be retrieved as follows::
- $this->session->all_userdata()
+ $this->session->userdata()
And returns an associative array like the following::
@@ -194,7 +194,7 @@ To read a flashdata variable::
An array of all flashdata can be retrieved as follows::
- $this->session->all_flashdata();
+ $this->session->flashdata();
If you find that you need to preserve a flashdata variable through an