From e8f5890e4b7eb52ed4d905a225c3bf985f397439 Mon Sep 17 00:00:00 2001
From: katzgrau <devnull@localhost>
Date: Thu, 10 Mar 2011 10:24:29 -0500
Subject: Added full docs for new ENVIRONMENT constant.

---
 user_guide/general/security.html | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

(limited to 'user_guide/general/security.html')

diff --git a/user_guide/general/security.html b/user_guide/general/security.html
index 8a41dff9d..5ecfcf18a 100644
--- a/user_guide/general/security.html
+++ b/user_guide/general/security.html
@@ -87,6 +87,23 @@ array is <strong>unset</strong> by the Input class during system initialization.
 <p>During system initialization all global variables are unset, except those found in the $_POST and $_COOKIE arrays. The unsetting
 routine is effectively the same as register_globals = off.</p>
 
+<a name="error_reporting"></a>
+<h2>error_reporting</h2>
+
+<p>
+    In production environments, it is typically desirable to disable PHP's 
+    error reporting by setting the internal error_reporting flag to a value of 0. This disables native PHP
+    errors from being rendered as output, which may potentially contain
+    sensitive information.
+</p>
+
+<p>
+    Setting CodeIgniter's <kbd>ENVIRONMENT</kbd> constant in index.php to a
+    value of '<kbd>production</kbd>' will turn off these errors. In development
+    mode, it is recommended that a value of '<kbd>development</kbd>' is used.
+    More information about differentiating between environments can be found
+    on the <a href="environments.html">Handling Environments</a> page.
+</p>
 
 <h2>magic_quotes_runtime</h2>
 
-- 
cgit v1.2.3-24-g4f1b