Hello PHP EN Documentation team, There are contributions within the online editor queue for this language. Please review, then commit or delete these patches.
Patches for review : ----------------------- New file: en/reference/sqlite3/sqlite3/createcollation.xml By: b dewar on 2013-04-10 04:59:20 =================================================================== --- en/reference/sqlite3/sqlite3/createcollation.xml +++ en/reference/sqlite3/sqlite3/createcollation.xml @@ -0,0 +1,142 @@ +<?xml version="1.0" encoding="utf-8"?> +<!-- $Revision: 299459 $ --> + +<refentry xml:id="sqlite3.createcollation" xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink"> + <refnamediv> + <refname>SQLite3::createCollation</refname> + + <refpurpose>Registers a PHP function for use as an SQL collating function</refpurpose> + </refnamediv> + + <refsect1 role="description"> + &reftitle.description; + <methodsynopsis> + <modifier>public</modifier> <type>bool</type><methodname>SQLite3::createCollation</methodname> + <methodparam><type>string</type><parameter>name</parameter></methodparam> + <methodparam><type>callable</type><parameter>callback</parameter></methodparam> + </methodsynopsis> + <para> + Registers a PHP function or user-defined function for use as a collating + function within SQL statements. + </para> + </refsect1> + + <refsect1 role="parameters"> + &reftitle.parameters; + <variablelist> + <varlistentry> + <term><parameter>name</parameter></term> + <listitem> + <para> + Name of the SQL collating function to be created or redefined + </para> + </listitem> + </varlistentry> + <varlistentry> + <term><parameter>callback</parameter></term> + <listitem> + <para> + The name of a PHP function or user-defined function to apply as a + callback, defining the behavior of the collation. It should accept + two strings and return as <function>strcmp</function> does, i.e. it should return -1, 1, + or 0 if the first string sorts before, sorts after, or is equal to the second. + </para> + </listitem> + </varlistentry> + </variablelist> + </refsect1> + + <refsect1 role="returnvalues"> + &reftitle.returnvalues; + <para> + &return.success; + </para> + </refsect1> + + <refsect1 role="examples"> + &reftitle.examples; + <para> + <example> + <title><function>SQLite3::createCollation</function> example</title> + <para> + Register the PHP function <function>strnatcmp</function> as a collating sequence in the SQLite3 database. + </para> + <programlisting role="php"> +<![CDATA[ +<?php + +$db = new SQLite3(":memory:"); +$db->exec("CREATE TABLE test (col1 string)"); +$db->exec("INSERT INTO test VALUES ('a1')"); +$db->exec("INSERT INTO test VALUES ('a10')"); +$db->exec("INSERT INTO test VALUES ('a2')"); + +$db->createCollation('NATURAL_CMP', 'strnatcmp'); + +$defaultSort = $db->query("SELECT col1 FROM test ORDER BY col1"); +$naturalSort = $db->query("SELECT col1 FROM test ORDER BY col1 COLLATE NATURAL_CMP"); + +echo "default:n"; +while ($row = $defaultSort->fetchArray()){ + echo $row['col1'], "n"; +} + +echo "nnatural:n"; +while ($row = $naturalSort->fetchArray()){ + echo $row['col1'], "n"; +} + +$db->close(); + +?> +]]> + </programlisting> + &example.outputs; + <screen> +<![CDATA[ + +default: +a1 +a10 +a2 + +natural: +a1 +a2 +a10 + +]]> + </screen> + </example> + </para> + </refsect1> + + <refsect1 role="seealso"> + &reftitle.seealso; + <simplelist> + <member>The SQLite collation documentation: <link xlink:href="&url.sqlite.collation;">&url.sqlite.collation;</link></member> + </simplelist> + </refsect1> + +</refentry> + +<!-- Keep this comment at the end of the file +Local variables: +mode: sgml +sgml-omittag:t +sgml-shorttag:t +sgml-minimize-attributes:nil +sgml-always-quote-attributes:t +sgml-indent-step:1 +sgml-indent-data:t +indent-tabs-mode:nil +sgml-parent-document:nil +sgml-default-dtd-file:"~/.phpdoc/manual.ced" +sgml-exposed-tags:nil +sgml-local-catalogs:nil +sgml-local-ecat-files:nil +End: +vim600: syn=xml fen fdm=syntax fdl=2 si +vim: et tw=78 syn=sgml +vi: ts=1 sw=1 +--> No newline at end of file => Put this change into your patches : https://edit.php.net/?project=php&action=putIntoMyPatches&idDB=43558 => Delete this change: https://edit.php.net/?project=php&action=deleteThisChange&idDB=43558 ------------------------------------------------------------------ Modified: en/reference/sqlite3/versions.xml By: b dewar on 2012-11-29 08:42:57 =================================================================== --- en/reference/sqlite3/versions.xml +++ en/reference/sqlite3/versions.xml @@ -1,16 +1,15 @@ <?xml version='1.0' encoding='utf-8'?> -<!-- $Revision: 330432 $ --> +<!-- $Revision: 304540 $ --> <!-- Do NOT translate this file --> <versions> - - <function name='SQLite3' from='PHP 5 >= 5.3.0'/> <function name='SQLite3::__construct' from='PHP 5 >= 5.3.0'/> <function name='SQLite3::busyTimeout' from='PHP 5 >= 5.3.3'/> <function name='SQLite3::changes' from='PHP 5 >= 5.3.0'/> <function name='SQLite3::close' from='PHP 5 >= 5.3.0'/> <function name='SQLite3::createAggregate' from='PHP 5 >= 5.3.0'/> + <function name='SQLite3::createCollation' from='PHP 5 >= 5.4.0'/> <function name='SQLite3::createFunction' from='PHP 5 >= 5.3.0'/> <function name='SQLite3::escapeString' from='PHP 5 >= 5.3.0'/> <function name='SQLite3::exec' from='PHP 5 >= 5.3.0'/> @@ -24,7 +23,6 @@ <function name='SQLite3::querySingle' from='PHP 5 >= 5.3.0'/> <function name='SQLite3::version' from='PHP 5 >= 5.3.0'/> - <function name='SQLite3Stmt' from='PHP 5 >= 5.3.0'/> <function name='SQLite3Stmt::bindParam' from='PHP 5 >= 5.3.0'/> <function name='SQLite3Stmt::bindValue' from='PHP 5 >= 5.3.0'/> <function name='SQLite3Stmt::clear' from='PHP 5 >= 5.3.0'/> @@ -33,7 +31,6 @@ <function name='SQLite3Stmt::paramCount' from='PHP 5 >= 5.3.0'/> <function name='SQLite3Stmt::reset' from='PHP 5 >= 5.3.0'/> - <function name='SQLite3Result' from='PHP 5 >= 5.3.0'/> <function name='SQLite3Result::columnName' from='PHP 5 >= 5.3.0'/> <function name='SQLite3Result::columnType' from='PHP 5 >= 5.3.0'/> <function name='SQLite3Result::fetchArray' from='PHP 5 >= 5.3.0'/> => Put this change into your patches : https://edit.php.net/?project=php&action=putIntoMyPatches&idDB=43559 => Delete this change: https://edit.php.net/?project=php&action=deleteThisChange&idDB=43559 ------------------------------------------------------------------ Modified: en/reference/pcre/pattern.syntax.xml By: anonymous on 2013-03-29 01:31:14 =================================================================== --- en/reference/pcre/pattern.syntax.xml +++ en/reference/pcre/pattern.syntax.xml @@ -271,7 +271,7 @@ <listitem> <simpara> a character with the xx property, see - <link linkend="regexp.reference.unicode">unicode properties</link> + <link linkend="regexp.reference.unicode">Unicode properties</link> for more info </simpara> </listitem> @@ -281,7 +281,17 @@ <listitem> <simpara> a character without the xx property, see - <link linkend="regexp.reference.unicode">unicode properties</link> + <link linkend="regexp.reference.unicode">Unicode properties</link> + for more info + </simpara> + </listitem> + </varlistentry> + <varlistentry> + <term><emphasis>X</emphasis></term> + <listitem> + <simpara> + an Unicode grapheme, see + <link linkend="regexp.reference.unicode">Unicode properties</link> for more info </simpara> </listitem> @@ -611,7 +621,7 @@ </varlistentry> <varlistentry> <term><emphasis>X</emphasis></term> - <listitem><simpara>an extended Unicode sequence</simpara></listitem> + <listitem><simpara>any Unicode grapheme incl. an extended Unicode sequence</simpara></listitem> </varlistentry> </variablelist> <para> @@ -1020,15 +1030,7 @@ </tgroup> </table> <para> - The <literal>X</literal> escape matches any number of Unicode characters - that form an extended Unicode sequence. <literal>X</literal> is equivalent - to <literal>(?>PMpM*)</literal>. - </para> - <para> - That is, it matches a character without the "mark" property, followed - by zero or more characters with the "mark" property, and treats the - sequence as an atomic group (see below). Characters with the "mark" - property are typically accents that affect the preceding character. + The <literal>X</literal> escape matches any single Unicode grapheme regardless it is a single code-point or in form of an extended Unicode sequence with combining marks. </para> <para> Matching characters by Unicode property is not fast, because PCRE has => Put this change into your patches : https://edit.php.net/?project=php&action=putIntoMyPatches&idDB=46090 => Delete this change: https://edit.php.net/?project=php&action=deleteThisChange&idDB=46090 ------------------------------------------------------------------ Modified: en/reference/classobj/functions/get-object-vars.xml By: anonymous on 2013-03-31 05:40:56 =================================================================== --- en/reference/classobj/functions/get-object-vars.xml +++ en/reference/classobj/functions/get-object-vars.xml @@ -13,7 +13,7 @@ </methodsynopsis> <para> Gets the accessible non-static properties of the given - <parameter>object</parameter> according to scope. + <parameter>object</parameter> according to scope and name of the property. </para> </refsect1> <refsect1 role="parameters"> @@ -35,7 +35,7 @@ &reftitle.returnvalues; <para> Returns an associative array of defined object accessible non-static properties - for the specified <parameter>object</parameter> in scope. If a property has + for the specified <parameter>object</parameter> in scope and per the property-name. If a property has not been assigned a value, it will be returned with a &null; value. </para> </refsect1> @@ -59,6 +59,12 @@ </entry> </row> <row> + <entry>5.0.0</entry> + <entry> + This function now filters <type>integer</type> property-names out. Previously their values were returned. + </entry> + </row> + <row> <entry>4.2.0</entry> <entry> Properties which were declared in the class of the <parameter>object</parameter> => Put this change into your patches : https://edit.php.net/?project=php&action=putIntoMyPatches&idDB=46111 => Delete this change: https://edit.php.net/?project=php&action=deleteThisChange&idDB=46111 ------------------------------------------------------------------ Modified: en/reference/math/constants.xml By: anonymous on 2013-04-06 06:28:27 =================================================================== --- en/reference/math/constants.xml +++ en/reference/math/constants.xml @@ -146,13 +146,13 @@ <entry><constant>NAN</constant></entry> <entry>NAN (as a float)</entry> <entry>Not A Number</entry> - <entry></entry> + <entry>PHP 4.3.6</entry> </row> <row xml:id="constant.inf"> <entry><constant>INF</constant></entry> <entry>INF (as a float)</entry> <entry>The infinite</entry> - <entry></entry> + <entry>PHP 4.3.6</entry> </row> </tbody> </tgroup> => Put this change into your patches : https://edit.php.net/?project=php&action=putIntoMyPatches&idDB=46202 => Delete this change: https://edit.php.net/?project=php&action=deleteThisChange&idDB=46202 ------------------------------------------------------------------ Modified: en/reference/session/upload-progress.xml By: lbarnaud on 2013-05-26 03:10:53 =================================================================== --- en/reference/session/upload-progress.xml +++ en/reference/session/upload-progress.xml @@ -113,6 +113,11 @@ </programlisting> </example> </para> + <warning> + <para> + The web server's request buffering has to be disabled for this to work properly, else PHP may see the file upload only once fully uploaded. Servers such as Nginx are known to buffer requests. + </para> + </warning> </chapter> => Put this change into your patches : https://edit.php.net/?project=php&action=putIntoMyPatches&idDB=46916 => Delete this change: https://edit.php.net/?project=php&action=deleteThisChange&idDB=46916 ------------------------------------------------------------------ Modified: en/reference/info/functions/ini-get.xml By: Hans Henrik Bergan on 2013-06-11 02:08:28 =================================================================== --- en/reference/info/functions/ini-get.xml +++ en/reference/info/functions/ini-get.xml @@ -125,7 +125,31 @@ </para> </note> </refsect1> + +<refsect1 role="changelog"> + &reftitle.changelog; + <para> + <informaltable> + <tgroup cols="2"> + <thead> + <row> + <entry>&Version;</entry> + <entry>&Description;</entry> + </row> + </thead> + <tbody> + <row> + <entry>5.3.0</entry> + <entry>previously, an empty string ("") was returned if the configuration option didn't exist. now, &false; is returned instead. (related: <a href="https://bugs.php.net/bug.php?id=46811">PHP bug 46811</a>) + </entry> + </row> + </tbody> + </tgroup> + </informaltable> + </para> + </refsect1> + <refsect1 role="seealso"> &reftitle.seealso; <para> @@ -134,6 +158,7 @@ <member><function>ini_get_all</function></member> <member><function>ini_restore</function></member> <member><function>ini_set</function></member> + </simplelist> </para> </refsect1> => Put this change into your patches : https://edit.php.net/?project=php&action=putIntoMyPatches&idDB=47191 => Delete this change: https://edit.php.net/?project=php&action=deleteThisChange&idDB=47191 ------------------------------------------------------------------ Modified: en/reference/apc/ini.xml By: anonymous on 2013-06-14 05:48:58 =================================================================== --- en/reference/apc/ini.xml +++ en/reference/apc/ini.xml @@ -1,5 +1,5 @@ <?xml version="1.0" encoding="utf-8"?> -<!-- $Revision: 330641 $ --> +<!-- $Revision: 328094 $ --> <section xml:id="apc.configuration" xmlns="http://docbook.org/ns/docbook"> &reftitle.runtime; &extension.runtime; @@ -70,11 +70,11 @@ <entry>PHP_INI_SYSTEM</entry> <entry></entry> </row> - <row> + <row> <entry><link linkend="ini.apc.shm-strings-buffer">apc.shm_strings_buffer</link></entry> <entry>"4M"</entry> <entry>PHP_INI_SYSTEM</entry> - <entry></entry> + <entry>Available since APC 3.1.4.</entry> </row> <row> <entry><link linkend="ini.apc.optimization">apc.optimization</link></entry> @@ -325,15 +325,14 @@ <varlistentry xml:id="ini.apc.shm-strings-buffer"> <term> <parameter>apc.shm_strings_buffer</parameter> - <type>integer</type> + <type>string</type> </term> <listitem> <para> - The shared memory size reserved for strings, and - defined with the M or G suffix. + The size of memory to use as a shared buffer for strings used internally by APC. Size Should be suffixed by M for megabytes, G for gigabytes. Enabling this option will reduce the amount of memory used per PHP-FPM worker as strings will be stored once rather than for each worker. </para> </listitem> - </varlistentry> + </varlistentry> <varlistentry xml:id="ini.apc.optimization"> <term> <parameter>apc.optimization</parameter> @@ -860,8 +859,6 @@ </term> <listitem> <para> - Optionally, set a path to the directory that APC will load - cache data at startup. </para> </listitem> </varlistentry> => Put this change into your patches : https://edit.php.net/?project=php&action=putIntoMyPatches&idDB=47235 => Delete this change: https://edit.php.net/?project=php&action=deleteThisChange&idDB=47235 ------------------------------------------------------------------ Modified: en/reference/pgsql/functions/pg-escape-bytea.xml By: Craig Ringer on 2013-06-16 16:54:53 =================================================================== --- en/reference/pgsql/functions/pg-escape-bytea.xml +++ en/reference/pgsql/functions/pg-escape-bytea.xml @@ -18,13 +18,15 @@ </methodsynopsis> <para> <function>pg_escape_bytea</function> escapes string for - bytea datatype. It returns escaped string. + bytea datatype. It returns a PostgreSQL octal-escaped string with all backslashes doubled for interpolation into literal SQL text. </para> <note> <para> When you <literal>SELECT</literal> a bytea type, PostgreSQL returns octal byte values prefixed with '' (e.g. 32). Users are supposed to convert back to - binary format manually. + binary format manually. PHP <function>provides pg_unescape_bytea</function> for this purpose; + it isn't the exact reverse of <literal>pg_escape_bytea</literal> since it's supposed to operate + on the results returned by PostgreSQL, not the output of <literal>pg_escape_bytea</literal>. </para> <para> This function requires PostgreSQL 7.2 or later. With PostgreSQL @@ -35,6 +37,18 @@ character encoding does not match, and there may be multi-byte stream error. User must then cast to bytea to avoid this error. </para> + <para> + Even on versions of PostgreSQL that support the more compact 'hex' output style, this function emits the older and more compatible octal escape syntax. + </para> + <para> + Because <literal>pg_escape_bytea</literal> doubles the backslashes used in octal escapes, you can't pass its output + as a parameter to the <function>pg_query_params</function>. The result must be interpolated into an SQL string. + </para> + <para> + On newer PostgreSQL versions that set <literal>standard_conforming_strings</literal> to <literal>on</literal> by default, + you must use the escape-string syntax <literal>E'{$val}'</literal> so that PostgreSQL consumes the backslashes added + by PHP's version of <literal>pg_escape_bytea</literal>. + </para> </note> </refsect1> @@ -113,7 +127,7 @@ $escaped = pg_escape_bytea($data); // Insert it into the database - pg_query("INSERT INTO gallery (name, data) VALUES ('Pine trees', '{$escaped}')"); + pg_query("INSERT INTO gallery (name, data) VALUES ('Pine trees', E'{$escaped}')"); ?> ]]> </programlisting> => Put this change into your patches : https://edit.php.net/?project=php&action=putIntoMyPatches&idDB=47273 => Delete this change: https://edit.php.net/?project=php&action=deleteThisChange&idDB=47273 ------------------------------------------------------------------ Modified: en/reference/pgsql/functions/pg-unescape-bytea.xml By: Craig Ringer on 2013-06-16 16:59:54 =================================================================== --- en/reference/pgsql/functions/pg-unescape-bytea.xml +++ en/reference/pgsql/functions/pg-unescape-bytea.xml @@ -1,5 +1,5 @@ <?xml version="1.0" encoding="utf-8"?> -<!-- $Revision: 330981 $ --> +<!-- $Revision: 297028 $ --> <!-- splitted from ./en/functions/pgsql.xml, last change in rev 1.61 --> <refentry xml:id='function.pg-unescape-bytea' xmlns="http://docbook.org/ns/docbook"> <refnamediv> @@ -34,6 +34,10 @@ character encoding does not match, and there may be multi-byte stream error. User must then cast to bytea to avoid this error. </para> + <para> + <literal>pg_unescape_bytea</literal> isn't the exact reverse of <function>pg_escape_bytea</function> since it's supposed to operate + on the results returned by PostgreSQL, not the output of PHP's <literal>pg_escape_bytea</literal>. + </para> </note> </refsect1> @@ -85,31 +89,7 @@ </example> </para> </refsect1> - - <refsect1 role="changelog"> - &reftitle.changelog; - <para> - <informaltable> - <tgroup cols="2"> - <thead> - <row> - <entry>&Version;</entry> - <entry>&Description;</entry> - </row> - </thead> - <tbody> - <row> - <entry>5.5.1</entry> - <entry> - A warning is thrown if the input string is invalid. - </entry> - </row> - </tbody> - </tgroup> - </informaltable> - </para> - </refsect1> - + <refsect1 role="seealso"> &reftitle.seealso; <para> => Put this change into your patches : https://edit.php.net/?project=php&action=putIntoMyPatches&idDB=47274 => Delete this change: https://edit.php.net/?project=php&action=deleteThisChange&idDB=47274 ------------------------------------------------------------------ Modified: en/reference/pgsql/functions/pg-query.xml By: Craig Ringer on 2013-06-16 17:57:10 =================================================================== --- en/reference/pgsql/functions/pg-query.xml +++ en/reference/pgsql/functions/pg-query.xml @@ -16,7 +16,9 @@ </methodsynopsis> <para> <function>pg_query</function> executes the <parameter>query</parameter> - on the specified database <parameter>connection</parameter>. + on the specified database <parameter>connection</parameter>. + <function>pg_query_params</function> should be preferred + in most cases. </para> <para> If an error occurs, and &false; is returned, details of the error can @@ -65,9 +67,18 @@ included in the query string. However, using multiple transactions in one function call is not recommended. </para> <para> - Data inside the query should be <link - linkend="function.pg-escape-string">properly escaped</link>. </para> + <warning> + <para> + String interpolation of user-supplied data is extremely dangerous and is likely to lead to <link linkend="security.database.sql-injection">SQL injection</link> vulnerabilities. You should always use + <function>pg_query_params</function> in preference to <literal>pg_query</literal>, passing your + user-supplied values as parameters rather than substituting them into the SQL string. + </para> + <para> + If you must do string interpolation, it is vital that data inside the query is <link + linkend="function.pg-escape-string">properly escaped</link>. + </para> + </warning> </listitem> </varlistentry> </variablelist> => Put this change into your patches : https://edit.php.net/?project=php&action=putIntoMyPatches&idDB=47275 => Delete this change: https://edit.php.net/?project=php&action=deleteThisChange&idDB=47275 ------------------------------------------------------------------ Modified: en/reference/pgsql/functions/pg-query-params.xml By: Craig Ringer on 2013-06-16 18:07:08 =================================================================== --- en/reference/pgsql/functions/pg-query-params.xml +++ en/reference/pgsql/functions/pg-query-params.xml @@ -24,7 +24,9 @@ but offers additional functionality: parameter values can be specified separately from the command string proper. <function>pg_query_params</function> is supported only against PostgreSQL 7.4 or - higher connections; it will fail when using earlier versions. + higher connections; it will fail when using earlier versions. <function>pg_query_params</function> + should always be used in preference to <function>pg_query</function> as it is faster + and more secure. </para> <para> If parameters are used, they are referred to in the @@ -68,6 +70,13 @@ (multiple statements separated by semi-colons are not allowed.) If any parameters are used, they are referred to as $1, $2, etc. </para> + <para> + User-supplied values should always be passed as parameters, not interpolated into the + query string, where they form possible <link linkend="security.database.sql-injection"> + SQL injection</link> attack vectors and introduce bugs when handling data containing quotes. + If for some reason you cannot use a parameter, ensure that interpolated values are <link + linkend="function.pg-escape-string">properly escaped</link>. + </para> </listitem> </varlistentry> <varlistentry> @@ -78,6 +87,16 @@ in the original prepared query string. The number of elements in the array must match the number of placeholders. </para> + <para> + Manually escaping values passed as as parameters with <function>pg_escape_string</function> + is both unnecessary and incorrect. You can pass the values unchanged, as the database driver + ensures that they are passed securely. + </para> + <para> + Values intended for <literal>bytea</literal> fields are not supported as parameters + in <function>pg_query_params</function>. Use <function>pg_escape_bytea</function> instead, + or use the large object functions. + </para> </listitem> </varlistentry> </variablelist> => Put this change into your patches : https://edit.php.net/?project=php&action=putIntoMyPatches&idDB=47276 => Delete this change: https://edit.php.net/?project=php&action=deleteThisChange&idDB=47276 ------------------------------------------------------------------ Modified: en/reference/info/functions/phpinfo.xml By: anonymous on 2013-06-23 10:18:48 =================================================================== --- en/reference/info/functions/phpinfo.xml +++ en/reference/info/functions/phpinfo.xml @@ -191,10 +191,10 @@ &reftitle.notes; <note> <para> - Parts of the information displayed are disabled when the - <link linkend="ini.expose-php">expose_php</link> configuration setting - is set to <literal>off</literal>. This includes the PHP and Zend logos, - and the credits. + In versions of PHP before 5.5, parts of the information displayed are + disabled when the <link linkend="ini.expose-php">expose_php</link> + configuration setting is set to <literal>off</literal>. This includes the + PHP and Zend logos, and the credits. </para> </note> <note> => Put this change into your patches : https://edit.php.net/?project=php&action=putIntoMyPatches&idDB=47487 => Delete this change: https://edit.php.net/?project=php&action=deleteThisChange&idDB=47487 ------------------------------------------------------------------ Modified: en/reference/intl/collator/get-locale.xml By: toto toto on 2013-06-28 07:40:11 =================================================================== --- en/reference/intl/collator/get-locale.xml +++ en/reference/intl/collator/get-locale.xml @@ -1,5 +1,5 @@ <?xml version="1.0" encoding="utf-8"?> -<!-- $Revision: 330543 $ --> +<!-- $Revision: 322055 $ --> <refentry xml:id="collator.getlocale" xmlns="http://docbook.org/ns/docbook"> <refnamediv> <refname>Collator::getLocale</refname> @@ -13,10 +13,9 @@ &style.oop; </para> <methodsynopsis> - <modifier>public</modifier> <type>string</type> <methodname>Collator::getLocale</methodname> - <methodparam choice="opt"><type>int</type><parameter>type</parameter></methodparam> + <methodparam><type>int</type><parameter>type</parameter></methodparam> </methodsynopsis> <para> &style.procedural; @@ -51,7 +50,7 @@ You can choose between valid and actual locale ( <constant>Locale::VALID_LOCALE</constant> and <constant>Locale::ACTUAL_LOCALE</constant>, - respectively). The default is the actual locale. + respectively). </para> </listitem> </varlistentry> @@ -77,7 +76,8 @@ <programlisting role="php"> <![CDATA[ <?php -$coll = collator_create( 'en_US_California' ); +$res_req = 'en_US_California'; +$coll = collator_create( $res_req ); $res_val = collator_get_locale( $coll, Locale::VALID_LOCALE ); $res_act = collator_get_locale( $coll, Locale::ACTUAL_LOCALE ); printf( "Valid locale name: %snActual locale name: %sn", => Put this change into your patches : https://edit.php.net/?project=php&action=putIntoMyPatches&idDB=47553 => Delete this change: https://edit.php.net/?project=php&action=deleteThisChange&idDB=47553 ------------------------------------------------------------------ Modified: en/reference/openssl/functions/openssl-csr-new.xml By: lynch on 2013-07-02 10:00:05 =================================================================== --- en/reference/openssl/functions/openssl-csr-new.xml +++ en/reference/openssl/functions/openssl-csr-new.xml @@ -39,11 +39,14 @@ <term><parameter>privkey</parameter></term> <listitem> <para> - <parameter>privkey</parameter> should be set to a private key that was - previously generated by <function>openssl_pkey_new</function> (or - otherwise obtained from the other openssl_pkey family of functions). - The corresponding public portion of the key will be used to sign the - CSR. + <parameter>privkey</parameter> can be one of the following: + <orderedlist> + <listitem> + <simpara>a private PKEY resource generated by <function>openssl_key_new</function> or other function that provides a private PKEY resource.</simpara> + <simpara>The corresponding public key will be used to create the CSR</simpara> + </listitem> + <listitem><simpara>a CSR in text format, such as the contents of a .csr file. Use an empty array for the <parameter>dn</parameter></simpara></listitem> + </orderedlist> </para> </listitem> </varlistentry> => Put this change into your patches : https://edit.php.net/?project=php&action=putIntoMyPatches&idDB=47818 => Delete this change: https://edit.php.net/?project=php&action=deleteThisChange&idDB=47818 ------------------------------------------------------------------ Modified: en/reference/openssl/setup.xml By: lynch on 2013-07-05 04:03:01 =================================================================== --- en/reference/openssl/setup.xml +++ en/reference/openssl/setup.xml @@ -30,7 +30,14 @@ <!-- {{{ Configuration --> <section xml:id="openssl.configuration"> &reftitle.runtime; - &no.config; + <para> + There are at least three resource types used in the OpenSSL module: + <unorderedlist> + <listitem><simpara>(OpenSSL key) Private and Public keys</simpara></listitem> + <listitem><simpara>(OpenSSL X.509 CSR) X.509 Certificate Signing Request</simpara></listitem> + <listitem><simpara>(OpenSSL X.509) X.509 Certificate</simpara></listitem> + </unorderedlist> + </para> </section> <!-- }}} --> => Put this change into your patches : https://edit.php.net/?project=php&action=putIntoMyPatches&idDB=48173 => Delete this change: https://edit.php.net/?project=php&action=deleteThisChange&idDB=48173 ------------------------------------------------------------------ Modified: en/reference/mysqli/quickstart.xml By: Niel Archer on 2013-08-01 18:51:30 =================================================================== --- en/reference/mysqli/quickstart.xml +++ en/reference/mysqli/quickstart.xml @@ -1,5 +1,5 @@ <?xml version="1.0" encoding="utf-8"?> -<!-- $Revision: 331046 $ --> +<!-- $Revision: 329924 $ --> <chapter xml:id="mysqli.quickstart" xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink"> <title>Quick start guide</title> <para> @@ -601,7 +601,7 @@ </para> <para> The prepared statement execution consists of two stages: - prepare and execute. At the prepare stage a statement template is sent + prepare and execute. At the prepare stage a statement template is send to the database server. The server performs a syntax check and initializes server internal resources for later use. </para> @@ -665,7 +665,7 @@ </para> <para> A prepared statement can be executed repeatedly. Upon every execution - the current value of the bound variable is evaluated and sent to the server. + the current value of the bound variable is evaluated and send to the server. The statement is not parsed again. The statement template is not transferred to the server again. </para> @@ -1028,17 +1028,15 @@ <emphasis role="bold">Escaping and SQL injection</emphasis> </para> <para> - Bound variables will be escaped automatically by the server. The server - inserts their escaped values at the appropriate places into the statement - template before execution. A hint must be provided to the server for the type of - bound variable, to create an appropriate conversion. - See the <function>mysqli_stmt_bind_param</function> function for more information. + Bound variables are sent to the server, separately from the query, as parameters + and thus cannot interfere with it. The server uses these parameters directly at + the execution of the query, after having the statement template parsed. There is + no need to escape the parameters as they are not passed as an SQL string. </para> <para> - The automatic escaping of values within the server is sometimes considered - a security feature to prevent SQL injection. The same degree of security - can be achieved with non-prepared statements, if input values are - escaped correctly. + A hint must be provided to the server for the type of bound variable, to create an + appropriate conversion. See the <function>mysqli_stmt_bind_param</function> function + for more information. </para> <para> <emphasis role="bold">Client-side prepared statement emulation</emphasis> @@ -1678,7 +1676,7 @@ <title>Metadata</title> <para> A MySQL result set contains metadata. The metadata describes the columns - found in the result set. All metadata sent by MySQL is accessible + found in the result set. All metadata send by MySQL is accessible through the <literal>mysqli</literal> interface. The extension performs no or negligible changes to the information it receives. @@ -1803,4 +1801,4 @@ </simplelist> </para> </section> -</chapter> +</chapter> No newline at end of file => Put this change into your patches : https://edit.php.net/?project=php&action=putIntoMyPatches&idDB=48971 => Delete this change: https://edit.php.net/?project=php&action=deleteThisChange&idDB=48971 ------------------------------------------------------------------ -- https://edit.php.net/ This email is send automatically by the Php Docbook Online Editor.