From 1f622294b92c095fd91e8ca44912d405c1605ded Mon Sep 17 00:00:00 2001 From: Pascal Kriete Date: Thu, 7 Apr 2011 12:06:51 -0400 Subject: Wow, I screwed that up, Reactor is going to 2.0.2 not 2.0.1 --- user_guide/database/configuration.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'user_guide/database/configuration.html') diff --git a/user_guide/database/configuration.html b/user_guide/database/configuration.html index 60e7065dd..fdeae0ee2 100644 --- a/user_guide/database/configuration.html +++ b/user_guide/database/configuration.html @@ -28,7 +28,7 @@
- +

CodeIgniter User Guide Version 2.0.1

CodeIgniter User Guide Version 2.0.2
-- cgit v1.2.3-24-g4f1b From 6ae70cc8499499b5d77d77ec8974f95873edb861 Mon Sep 17 00:00:00 2001 From: Derek Jones Date: Tue, 19 Apr 2011 16:13:48 -0500 Subject: modified MySQL and MySQLi drivers to address a potential SQL injection attack vector when multi-byte character set connections are employed. (Does not impact Latin-1, UTF-8, etc. encodings) --- user_guide/database/configuration.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'user_guide/database/configuration.html') diff --git a/user_guide/database/configuration.html b/user_guide/database/configuration.html index fdeae0ee2..51d11c9f2 100644 --- a/user_guide/database/configuration.html +++ b/user_guide/database/configuration.html @@ -132,7 +132,7 @@ for the primary connection, but it too can be renamed to something more relevant
  • cache_on - TRUE/FALSE (boolean) - Whether database query caching is enabled, see also Database Caching Class.
  • cachedir - The absolute server path to your database query cache directory.
  • char_set - The character set used in communicating with the database.
    • -
  • dbcollat - The character collation used in communicating with the database.
    • +
  • dbcollat - The character collation used in communicating with the database.

    Note: For MySQL and MySQLi databases, this setting is only used as a backup if your server is running PHP < 5.2.3 or MySQL < 5.0.7. There is an incompatibility in PHP with mysql_real_escape_string() which can make your site vulnerable to SQL injection if you are using a multi-byte character set and are running versions lower than these. Sites using Latin-1 or UTF-8 database character set and collation are unaffected.

  • swap_pre - A default table prefix that should be swapped with dbprefix. This is useful for distributed applications where you might run manually written queries, and need the prefix to still be customizable by the end user.
  • autoinit - Whether or not to automatically connect to the database when the library loads. If set to false, the connection will take place prior to executing the first query.
  • stricton - TRUE/FALSE (boolean) - Whether to force "Strict Mode" connections, good for ensuring strict SQL while developing an application.
    • -- cgit v1.2.3-24-g4f1b From 114ab0988e20ac6be39ad363ff897a1a3b85e565 Mon Sep 17 00:00:00 2001 From: Razican Date: Mon, 25 Apr 2011 17:26:45 +0200 Subject: Fixed double-space typo. --- user_guide/database/configuration.html | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) (limited to 'user_guide/database/configuration.html') diff --git a/user_guide/database/configuration.html b/user_guide/database/configuration.html index 51d11c9f2..b34705410 100644 --- a/user_guide/database/configuration.html +++ b/user_guide/database/configuration.html @@ -74,7 +74,7 @@ $db['default']['dbprefix'] = "";
    $db['default']['pconnect'] = TRUE;
    $db['default']['db_debug'] = FALSE;
    $db['default']['cache_on'] = FALSE;
    -$db['default']['cachedir'] = "";
    +$db['default']['cachedir'] = "";
    $db['default']['char_set'] = "utf8";
    $db['default']['dbcollat'] = "utf8_general_ci";
    $db['default']['swap_pre'] = "";
    @@ -82,7 +82,7 @@ $db['default']['autoinit'] = TRUE;
    $db['default']['stricton'] = FALSE;

    The reason we use a multi-dimensional array rather than a more simple one is to permit you to optionally store -multiple sets of connection values. If, for example, you run multiple environments (development, production, test, etc.) +multiple sets of connection values. If, for example, you run multiple environments (development, production, test, etc.) under a single installation, you can set up a connection group for each, then switch between groups as needed. For example, to set up a "test" environment you would do this:

    @@ -95,7 +95,7 @@ $db['test']['dbprefix'] = "";
    $db['test']['pconnect'] = TRUE;
    $db['test']['db_debug'] = FALSE;
    $db['test']['cache_on'] = FALSE;
    -$db['test']['cachedir'] = "";
    +$db['test']['cachedir'] = "";
    $db['test']['char_set'] = "utf8";
    $db['test']['dbcollat'] = "utf8_general_ci";
    $db['test']['swap_pre'] = "";
    @@ -107,7 +107,7 @@ $db['test']['stricton'] = FALSE; $active_group = "test"; -

    Note: The name "test" is arbitrary. It can be anything you want. By default we've used the word "default" +

    Note: The name "test" is arbitrary. It can be anything you want. By default we've used the word "default" for the primary connection, but it too can be renamed to something more relevant to your project.

    Active Record

    @@ -126,21 +126,21 @@ for the primary connection, but it too can be renamed to something more relevant
  • password - The password used to connect to the database.
  • database - The name of the database you want to connect to.
  • dbdriver - The database type. ie: mysql, postgres, odbc, etc. Must be specified in lower case.
    • -
  • dbprefix - An optional table prefix which will added to the table name when running Active Record queries. This permits multiple CodeIgniter installations to share one database.
    • +
  • dbprefix - An optional table prefix which will added to the table name when running Active Record queries. This permits multiple CodeIgniter installations to share one database.
  • pconnect - TRUE/FALSE (boolean) - Whether to use a persistent connection.
  • db_debug - TRUE/FALSE (boolean) - Whether database errors should be displayed.
  • cache_on - TRUE/FALSE (boolean) - Whether database query caching is enabled, see also Database Caching Class.
  • cachedir - The absolute server path to your database query cache directory.
  • char_set - The character set used in communicating with the database.
    • -
  • dbcollat - The character collation used in communicating with the database.

    Note: For MySQL and MySQLi databases, this setting is only used as a backup if your server is running PHP < 5.2.3 or MySQL < 5.0.7. There is an incompatibility in PHP with mysql_real_escape_string() which can make your site vulnerable to SQL injection if you are using a multi-byte character set and are running versions lower than these. Sites using Latin-1 or UTF-8 database character set and collation are unaffected.

    • -
  • swap_pre - A default table prefix that should be swapped with dbprefix. This is useful for distributed applications where you might run manually written queries, and need the prefix to still be customizable by the end user.
    • +
  • dbcollat - The character collation used in communicating with the database.

    Note: For MySQL and MySQLi databases, this setting is only used as a backup if your server is running PHP < 5.2.3 or MySQL < 5.0.7. There is an incompatibility in PHP with mysql_real_escape_string() which can make your site vulnerable to SQL injection if you are using a multi-byte character set and are running versions lower than these. Sites using Latin-1 or UTF-8 database character set and collation are unaffected.

    • +
  • swap_pre - A default table prefix that should be swapped with dbprefix. This is useful for distributed applications where you might run manually written queries, and need the prefix to still be customizable by the end user.
  • autoinit - Whether or not to automatically connect to the database when the library loads. If set to false, the connection will take place prior to executing the first query.
  • stricton - TRUE/FALSE (boolean) - Whether to force "Strict Mode" connections, good for ensuring strict SQL while developing an application.
    • -
  • port - The database port number. To use this value you have to add a line to the database config array.$db['default']['port'] = 5432; +
  • port - The database port number. To use this value you have to add a line to the database config array.$db['default']['port'] = 5432;

    Note: Depending on what database platform you are using (MySQL, Postgres, etc.) -not all values will be needed. For example, when using SQLite you will not need to supply a username or password, and +not all values will be needed. For example, when using SQLite you will not need to supply a username or password, and the database name will be the path to your database file. The information above assumes you are using MySQL.

    -- cgit v1.2.3-24-g4f1b