From 74ffd17ab06327ca62ddfe28a186cae7ba6bd459 Mon Sep 17 00:00:00 2001
From: Andrey Andreev <narf@bofh.bg>
Date: Sat, 27 Oct 2012 00:41:03 +0300
Subject: Deprecated form helper function form_prep().

This function has been broken for YEARS and it's value-caching
logic has only introduced various problems. We have html_escape()
since CI 2.1.0 which is a perfect replacement, so it should be
used instead.

Fixes #228 & #1630
---
 user_guide_src/source/helpers/form_helper.rst | 47 +++++++++++++--------------
 1 file changed, 23 insertions(+), 24 deletions(-)

(limited to 'user_guide_src/source/helpers/form_helper.rst')

diff --git a/user_guide_src/source/helpers/form_helper.rst b/user_guide_src/source/helpers/form_helper.rst
index fa7b3dbf9..015bf1162 100644
--- a/user_guide_src/source/helpers/form_helper.rst
+++ b/user_guide_src/source/helpers/form_helper.rst
@@ -463,29 +463,6 @@ the tag. For example
 	echo form_close($string);
 	// Would produce:  </form> </div></div>
 
-form_prep()
-===========
-
-Allows you to safely use HTML and characters such as quotes within form
-elements without breaking out of the form. Consider this example
-
-::
-
-	$string = 'Here is a string containing "quoted" text.';
-	<input type="text" name="myform" value="$string" />
-
-Since the above string contains a set of quotes it will cause the form
-to break. The `form_prep()` function converts HTML so that it can be used
-safely
-
-::
-
-	<input type="text" name="myform" value="<?php echo form_prep($string); ?>" />
-
-.. note:: If you use any of the form helper functions listed in this page the form
-	values will be prepped automatically, so there is no need to call this
-	function. Use it only if you are creating your own form elements.
-
 set_value()
 ===========
 
@@ -546,4 +523,26 @@ This function is identical to the **set_checkbox()** function above.
 .. note:: If you are using the Form Validation class, you must always specify a rule for your field,
 	even if empty, in order for the set_*() functions to work. This is because if a Form Validation object
 	is defined, the control for set_*() is handed over to a method of the class instead of the generic helper
-	function.
\ No newline at end of file
+	function.
+
+Escaping field values
+=====================
+
+You may need to use HTML and characters such as quotes within form
+elements. In order to do that safely, you'll need to use
+:doc:`common function <../general/common_functions>` ``html_escape()``.
+
+Consider the following example::
+
+	$string = 'Here is a string containing "quoted" text.';
+	<input type="text" name="myform" value="$string" />
+
+Since the above string contains a set of quotes it will cause the form
+to break. The ``html_escape()`` function converts HTML so that it can be
+used safely::
+
+	<input type="text" name="myform" value="<?php echo html_escape($string); ?>" />
+
+.. note:: If you use any of the form helper functions listed in this page, the form
+	values will be prepped automatically, so there is no need to call this
+	function. Use it only if you are creating your own form elements.
\ No newline at end of file
-- 
cgit v1.2.3-24-g4f1b