From 99e2f8e2397ec4bf3ce5637d5a660a122aaa7b1b Mon Sep 17 00:00:00 2001
From: Andrey Andreev <narf@devilix.net>
Date: Sun, 19 Jan 2014 00:04:44 +0200
Subject: Fix #2829

---
 system/core/Security.php | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/system/core/Security.php b/system/core/Security.php
index 0944fef92..4c01da2b8 100644
--- a/system/core/Security.php
+++ b/system/core/Security.php
@@ -551,13 +551,13 @@ class CI_Security {
 
 		do
 		{
-			$matches = $matches1 = 0;
+			$m1 = $m2 = 0;
 
-			$str = preg_replace('~(&#x0*[0-9a-f]{2,5});?~iS', '$1;', $str, -1, $matches);
-			$str = preg_replace('~(&#\d{2,4});?~S', '$1;', $str, -1, $matches1);
+			$str = preg_replace('/(&#x0*[0-9a-f]{2,5})(?![0-9a-f;])/iS', '$1;', $str, -1, $m1);
+			$str = preg_replace('/(&#\d{2,4})(?![0-9;])/S', '$1;', $str, -1, $m2);
 			$str = html_entity_decode($str, ENT_COMPAT, $charset);
 		}
-		while ($matches OR $matches1);
+		while ($m1 OR $m2);
 
 		return $str;
 	}
-- 
cgit v1.2.3-24-g4f1b


From 4b9b5074c5f4ecc4cc0494acfe26379f9a6d4317 Mon Sep 17 00:00:00 2001
From: Ahmedul Haque Abid <a_h_abid@hotmail.com>
Date: Sun, 19 Jan 2014 13:23:16 +0600
Subject: Added save_queries config setting in config/database.php

---
 application/config/database.php     | 8 ++++++++
 user_guide_src/source/changelog.rst | 1 +
 2 files changed, 9 insertions(+)

diff --git a/application/config/database.php b/application/config/database.php
index f0b839757..361df9032 100644
--- a/application/config/database.php
+++ b/application/config/database.php
@@ -65,6 +65,13 @@
 |	['autoinit'] Whether or not to automatically initialize the database.
 |	['encrypt']  Whether or not to use an encrypted connection.
 |	['compress'] Whether or not to use client compression (MySQL only)
+|	['save_queries'] TRUE/FALSE	- save all executed queries.
+|				Note: Useful for development when using with profiler. However,
+|				when too many queries run, it leads to memory exhaust. So for production
+|               mode it is better to set it FALSE. Also, if set to FALSE, the
+|				$this->db->last_query() will return FALSE. This setting can
+|				also be changed during runtime by using 
+|				$this->db->save_queries = TRUE|FALSE;
 |	['stricton'] TRUE/FALSE - forces 'Strict Mode' connections
 |							- good for ensuring strict SQL while developing
 |	['failover'] array - A array with 0 or more data for connections if the main should fail.
@@ -97,6 +104,7 @@ $db['default'] = array(
 	'autoinit' => TRUE,
 	'encrypt' => FALSE,
 	'compress' => FALSE,
+	'save_queries' => TRUE,
 	'stricton' => FALSE,
 	'failover' => array()
 );
diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst
index 237e237e2..2662b451d 100644
--- a/user_guide_src/source/changelog.rst
+++ b/user_guide_src/source/changelog.rst
@@ -160,6 +160,7 @@ Release Date: Not Released
    -  Added support for SQLite3 database driver.
    -  Added Interbase/Firebird database support via the *ibase* driver.
    -  Added ODBC support for ``create_database()``, ``drop_database()`` and ``drop_table()`` in :doc:`Database Forge <database/forge>`.
+   -  Added **save_queries** config setting in *config/database.php*. Default is ``TRUE``.
 
    -  :doc:`Query Builder <database/query_builder>` changes include:
 
-- 
cgit v1.2.3-24-g4f1b


From 5cf7effebcd8f1abe823c6bc8e66e08a6a50c7dd Mon Sep 17 00:00:00 2001
From: Ahmedul Haque Abid <a_h_abid@hotmail.com>
Date: Sun, 19 Jan 2014 13:25:18 +0600
Subject: Fix whitespaces to tabs.

---
 application/config/database.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/application/config/database.php b/application/config/database.php
index 361df9032..62ff3e0a5 100644
--- a/application/config/database.php
+++ b/application/config/database.php
@@ -68,7 +68,7 @@
 |	['save_queries'] TRUE/FALSE	- save all executed queries.
 |				Note: Useful for development when using with profiler. However,
 |				when too many queries run, it leads to memory exhaust. So for production
-|               mode it is better to set it FALSE. Also, if set to FALSE, the
+|				mode it is better to set it FALSE. Also, if set to FALSE, the
 |				$this->db->last_query() will return FALSE. This setting can
 |				also be changed during runtime by using 
 |				$this->db->save_queries = TRUE|FALSE;
-- 
cgit v1.2.3-24-g4f1b


From 1c8245a22874051f5342824d5299d6ad55f4995c Mon Sep 17 00:00:00 2001
From: Andrey Andreev <narf@devilix.net>
Date: Mon, 20 Jan 2014 10:28:20 +0200
Subject: Polish changes from PR #2830

---
 application/config/database.php             | 18 +++++++++---------
 user_guide_src/source/changelog.rst         |  2 +-
 user_guide_src/source/database/helpers.rst  | 27 ++++++++++++++-------------
 user_guide_src/source/general/profiling.rst |  6 +++++-
 4 files changed, 29 insertions(+), 24 deletions(-)

diff --git a/application/config/database.php b/application/config/database.php
index 62ff3e0a5..44fe307d6 100644
--- a/application/config/database.php
+++ b/application/config/database.php
@@ -65,16 +65,16 @@
 |	['autoinit'] Whether or not to automatically initialize the database.
 |	['encrypt']  Whether or not to use an encrypted connection.
 |	['compress'] Whether or not to use client compression (MySQL only)
-|	['save_queries'] TRUE/FALSE	- save all executed queries.
-|				Note: Useful for development when using with profiler. However,
-|				when too many queries run, it leads to memory exhaust. So for production
-|				mode it is better to set it FALSE. Also, if set to FALSE, the
-|				$this->db->last_query() will return FALSE. This setting can
-|				also be changed during runtime by using 
-|				$this->db->save_queries = TRUE|FALSE;
 |	['stricton'] TRUE/FALSE - forces 'Strict Mode' connections
 |							- good for ensuring strict SQL while developing
 |	['failover'] array - A array with 0 or more data for connections if the main should fail.
+|	['save_queries'] TRUE/FALSE - Whether to "save" all executed queries.
+| 				NOTE: Disabling this will also effectively disable both
+| 				$this->db->last_query() and profiling of DB queries.
+| 				When you run a query, with this setting set to TRUE (default),
+| 				CodeIgniter will store the SQL statement for debugging purposes.
+| 				However, this may cause high memory usage, especially if you run
+| 				a lot of SQL queries ... disable this to avoid that problem.
 |
 | The $active_group variable lets you choose which connection group to
 | make active.  By default there is only one group (the 'default' group).
@@ -104,9 +104,9 @@ $db['default'] = array(
 	'autoinit' => TRUE,
 	'encrypt' => FALSE,
 	'compress' => FALSE,
-	'save_queries' => TRUE,
 	'stricton' => FALSE,
-	'failover' => array()
+	'failover' => array(),
+	'save_queries' => TRUE
 );
 
 /* End of file database.php */
diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst
index 2662b451d..7cc98f40c 100644
--- a/user_guide_src/source/changelog.rst
+++ b/user_guide_src/source/changelog.rst
@@ -160,7 +160,7 @@ Release Date: Not Released
    -  Added support for SQLite3 database driver.
    -  Added Interbase/Firebird database support via the *ibase* driver.
    -  Added ODBC support for ``create_database()``, ``drop_database()`` and ``drop_table()`` in :doc:`Database Forge <database/forge>`.
-   -  Added **save_queries** config setting in *config/database.php*. Default is ``TRUE``.
+   -  Added **save_queries** configuration setting to *application/config/database.php* (defaults to ``TRUE``).
 
    -  :doc:`Query Builder <database/query_builder>` changes include:
 
diff --git a/user_guide_src/source/database/helpers.rst b/user_guide_src/source/database/helpers.rst
index e8a5ac801..77bf1b5d2 100644
--- a/user_guide_src/source/database/helpers.rst
+++ b/user_guide_src/source/database/helpers.rst
@@ -3,7 +3,7 @@ Query Helper Functions
 ######################
 
 $this->db->insert_id()
-=======================
+======================
 
 The insert ID number when performing database inserts.
 
@@ -12,7 +12,7 @@ The insert ID number when performing database inserts.
 	appropriate sequence to check for the insert id.
 
 $this->db->affected_rows()
-===========================
+==========================
 
 Displays the number of affected rows, when doing "write" type queries
 (insert, update, etc.).
@@ -22,8 +22,8 @@ Displays the number of affected rows, when doing "write" type queries
 	affected rows. By default this hack is enabled but it can be turned off
 	in the database driver file.
 
-$this->db->count_all();
-========================
+$this->db->count_all()
+======================
 
 Permits you to determine the number of rows in a particular table.
 Submit the table name in the first parameter. Example::
@@ -47,8 +47,8 @@ Outputs the database version you are running::
 
 	echo $this->db->version();
 
-$this->db->last_query();
-=========================
+$this->db->last_query()
+=======================
 
 Returns the last query that was run (the query string, not the result).
 Example::
@@ -57,11 +57,12 @@ Example::
 	
 	// Produces:  SELECT * FROM sometable....
 
-The following two functions help simplify the process of writing
-database INSERTs and UPDATEs.
 
-$this->db->insert_string();
-============================
+.. note:: Disabling the **save_queries** setting in your database
+	configuration will render this function useless.
+
+$this->db->insert_string()
+==========================
 
 This function simplifies the process of writing database inserts. It
 returns a correctly formatted SQL insert string. Example::
@@ -77,8 +78,8 @@ array with the data to be inserted. The above example produces::
 
 .. note:: Values are automatically escaped, producing safer queries.
 
-$this->db->update_string();
-============================
+$this->db->update_string()
+==========================
 
 This function simplifies the process of writing database updates. It
 returns a correctly formatted SQL update string. Example::
@@ -95,4 +96,4 @@ array with the data to be updated, and the third parameter is the
 
 	 UPDATE table_name SET name = 'Rick', email = 'rick@example.com', url = 'example.com' WHERE author_id = 1 AND status = 'active'
 
-.. note:: Values are automatically escaped, producing safer queries.
+.. note:: Values are automatically escaped, producing safer queries.
\ No newline at end of file
diff --git a/user_guide_src/source/general/profiling.rst b/user_guide_src/source/general/profiling.rst
index 6dbd0be16..f29af8102 100644
--- a/user_guide_src/source/general/profiling.rst
+++ b/user_guide_src/source/general/profiling.rst
@@ -80,4 +80,8 @@ Key                     Description
 **session_data**        Data stored in the current session                                  TRUE
 **query_toggle_count**  The number of queries after which the query block will default to   25
                         hidden.
-======================= =================================================================== ========
\ No newline at end of file
+======================= =================================================================== ========
+
+.. note:: Disabling the **save_queries** setting in your database configuration
+	will also effectively disable profiling for database queries and render
+	the 'queries' setting above useless.
\ No newline at end of file
-- 
cgit v1.2.3-24-g4f1b