From dc46d99fe8ab2058df15c6a7608e5ae41ffffb2b Mon Sep 17 00:00:00 2001
From: Andrey Andreev <narf@bofh.bg>
Date: Sat, 24 Sep 2011 16:25:23 +0300
Subject: Escape WHERE clause field names in the DB update_string() method

---
 user_guide/changelog.html | 1 +
 1 file changed, 1 insertion(+)

(limited to 'user_guide')

diff --git a/user_guide/changelog.html b/user_guide/changelog.html
index 7ff2af2f5..50875abf1 100644
--- a/user_guide/changelog.html
+++ b/user_guide/changelog.html
@@ -132,6 +132,7 @@ Change Log
 	<li>Fixed a bug (#344) - Using schema found in <a href="libraries/sessions.html">Saving Session Data to a Database</a>, system would throw error "user_data does not have a default value" when deleting then creating a session.</li>
 	<li>Fixed a bug (#112) - OCI8 (Oracle) driver didn't pass the configured database character set when connecting.</li>
 	<li>Fixed a bug (#182) - OCI8 (Oracle) driver used to re-execute the statement whenever num_rows() is called.</li>
+	<li>Fixed a bug (#82) - WHERE clause field names in the DB <samp>update_string()</samp> method were not escaped, resulting in failed queries in some cases.</li>
 </ul>
 
 <h2>Version 2.0.3</h2>
-- 
cgit v1.2.3-24-g4f1b


From 89e1780f16ea91e913d4231ec07b90391622c8cb Mon Sep 17 00:00:00 2001
From: Andrey Andreev <narf@bofh.bg>
Date: Sat, 24 Sep 2011 17:09:44 +0300
Subject: Fix a variable type mismatch (issue #89) in
 system/database/DB_driver.php

---
 user_guide/changelog.html | 1 +
 1 file changed, 1 insertion(+)

(limited to 'user_guide')

diff --git a/user_guide/changelog.html b/user_guide/changelog.html
index 50875abf1..0afdbe4a1 100644
--- a/user_guide/changelog.html
+++ b/user_guide/changelog.html
@@ -133,6 +133,7 @@ Change Log
 	<li>Fixed a bug (#112) - OCI8 (Oracle) driver didn't pass the configured database character set when connecting.</li>
 	<li>Fixed a bug (#182) - OCI8 (Oracle) driver used to re-execute the statement whenever num_rows() is called.</li>
 	<li>Fixed a bug (#82) - WHERE clause field names in the DB <samp>update_string()</samp> method were not escaped, resulting in failed queries in some cases.</li>
+	<li>Fixed a bug (#89) - Fix a variable type mismatch in DB <samp>display_error()</samp> where an array is expected, but a string could be set instead.</li>
 </ul>
 
 <h2>Version 2.0.3</h2>
-- 
cgit v1.2.3-24-g4f1b


From 4f27b5b93090e483d73a8be0dbb4587309ed3686 Mon Sep 17 00:00:00 2001
From: Andrey Andreev <narf@bofh.bg>
Date: Sat, 24 Sep 2011 18:49:44 +0300
Subject: Update the ChangeLog

---
 user_guide/changelog.html | 1 +
 1 file changed, 1 insertion(+)

(limited to 'user_guide')

diff --git a/user_guide/changelog.html b/user_guide/changelog.html
index 0afdbe4a1..6b4e83c2f 100644
--- a/user_guide/changelog.html
+++ b/user_guide/changelog.html
@@ -134,6 +134,7 @@ Change Log
 	<li>Fixed a bug (#182) - OCI8 (Oracle) driver used to re-execute the statement whenever num_rows() is called.</li>
 	<li>Fixed a bug (#82) - WHERE clause field names in the DB <samp>update_string()</samp> method were not escaped, resulting in failed queries in some cases.</li>
 	<li>Fixed a bug (#89) - Fix a variable type mismatch in DB <samp>display_error()</samp> where an array is expected, but a string could be set instead.</li>
+	<li>Fixed a bug (#467) - Suppress warnings generated from get_magic_quotes_gpc() (deprecated in PHP 5.4)</li>
 </ul>
 
 <h2>Version 2.0.3</h2>
-- 
cgit v1.2.3-24-g4f1b


From d93e6f3890fd50b9aaf1e116fa8ceb7e3f0caa05 Mon Sep 17 00:00:00 2001
From: Chris Berthe <chrisberthe@gmail.com>
Date: Sun, 25 Sep 2011 10:33:25 -0400
Subject: Fix #484 - Hash is never set to the cookie

---
 user_guide/changelog.html | 1 +
 1 file changed, 1 insertion(+)

(limited to 'user_guide')

diff --git a/user_guide/changelog.html b/user_guide/changelog.html
index 6b4e83c2f..fc1eb46b3 100644
--- a/user_guide/changelog.html
+++ b/user_guide/changelog.html
@@ -135,6 +135,7 @@ Change Log
 	<li>Fixed a bug (#82) - WHERE clause field names in the DB <samp>update_string()</samp> method were not escaped, resulting in failed queries in some cases.</li>
 	<li>Fixed a bug (#89) - Fix a variable type mismatch in DB <samp>display_error()</samp> where an array is expected, but a string could be set instead.</li>
 	<li>Fixed a bug (#467) - Suppress warnings generated from get_magic_quotes_gpc() (deprecated in PHP 5.4)</li>
+	<li>Fixed a bug (#484) - First time _csrf_set_hash() is called, hash is never set to the cookie (in Security.php).</li>
 </ul>
 
 <h2>Version 2.0.3</h2>
-- 
cgit v1.2.3-24-g4f1b