[prev in list] [next in list] [prev in thread] [next in thread]
List: phpdoc
Subject: [PHP-DOC] Contributions are ready for review
From: phpdoc () lists ! php ! net
Date: 2013-06-24 12:00:01
Message-ID: 201306241200.r5OC01mL014658 () pb11 ! pair ! com
[Download RAW message or body]
Hello PHP EN Documentation team,
There are contributions within the online editor queue for this language.
Please review, then commit or delete these patches.
Patches for review :
-----------------------
New file: en/reference/sqlite3/sqlite3/createcollation.xml
By: b dewar on 2013-04-10 04:59:20
===================================================================
--- en/reference/sqlite3/sqlite3/createcollation.xml
+++ en/reference/sqlite3/sqlite3/createcollation.xml
@@ -0,0 +1,142 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!-- $Revision: 299459 $ -->
+
+<refentry xml:id="sqlite3.createcollation" xmlns="http://docbook.org/ns/docbook" \
xmlns:xlink="http://www.w3.org/1999/xlink"> + <refnamediv>
+ <refname>SQLite3::createCollation</refname>
+
+ <refpurpose>Registers a PHP function for use as an SQL collating \
function</refpurpose> + </refnamediv>
+
+ <refsect1 role="description">
+ &reftitle.description;
+ <methodsynopsis>
+ <modifier>public</modifier> \
<type>bool</type><methodname>SQLite3::createCollation</methodname> + \
<methodparam><type>string</type><parameter>name</parameter></methodparam> + \
<methodparam><type>callable</type><parameter>callback</parameter></methodparam> + \
</methodsynopsis> + <para>
+ Registers a PHP function or user-defined function for use as a collating
+ function within SQL statements.
+ </para>
+ </refsect1>
+
+ <refsect1 role="parameters">
+ &reftitle.parameters;
+ <variablelist>
+ <varlistentry>
+ <term><parameter>name</parameter></term>
+ <listitem>
+ <para>
+ Name of the SQL collating function to be created or redefined
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><parameter>callback</parameter></term>
+ <listitem>
+ <para>
+ The name of a PHP function or user-defined function to apply as a
+ callback, defining the behavior of the collation. It should accept
+ two strings and return as <function>strcmp</function> does, i.e. it should \
return -1, 1, + or 0 if the first string sorts before, sorts after, or is equal \
to the second. + </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 role="returnvalues">
+ &reftitle.returnvalues;
+ <para>
+ &return.success;
+ </para>
+ </refsect1>
+
+ <refsect1 role="examples">
+ &reftitle.examples;
+ <para>
+ <example>
+ <title><function>SQLite3::createCollation</function> example</title>
+ <para>
+ Register the PHP function <function>strnatcmp</function> as a collating \
sequence in the SQLite3 database. + </para>
+ <programlisting role="php">
+<![CDATA[
+<?php
+
+$db = new SQLite3(":memory:");
+$db->exec("CREATE TABLE test (col1 string)");
+$db->exec("INSERT INTO test VALUES ('a1')");
+$db->exec("INSERT INTO test VALUES ('a10')");
+$db->exec("INSERT INTO test VALUES ('a2')");
+
+$db->createCollation('NATURAL_CMP', 'strnatcmp');
+
+$defaultSort = $db->query("SELECT col1 FROM test ORDER BY col1");
+$naturalSort = $db->query("SELECT col1 FROM test ORDER BY col1 COLLATE \
NATURAL_CMP"); +
+echo "default:n";
+while ($row = $defaultSort->fetchArray()){
+ echo $row['col1'], "n";
+}
+
+echo "nnatural:n";
+while ($row = $naturalSort->fetchArray()){
+ echo $row['col1'], "n";
+}
+
+$db->close();
+
+?>
+]]>
+ </programlisting>
+ &example.outputs;
+ <screen>
+<![CDATA[
+
+default:
+a1
+a10
+a2
+
+natural:
+a1
+a2
+a10
+
+]]>
+ </screen>
+ </example>
+ </para>
+ </refsect1>
+
+ <refsect1 role="seealso">
+ &reftitle.seealso;
+ <simplelist>
+ <member>The SQLite collation documentation: <link \
xlink:href="&url.sqlite.collation;">&url.sqlite.collation;</link></member> + \
</simplelist> + </refsect1>
+
+</refentry>
+
+<!-- Keep this comment at the end of the file
+Local variables:
+mode: sgml
+sgml-omittag:t
+sgml-shorttag:t
+sgml-minimize-attributes:nil
+sgml-always-quote-attributes:t
+sgml-indent-step:1
+sgml-indent-data:t
+indent-tabs-mode:nil
+sgml-parent-document:nil
+sgml-default-dtd-file:"~/.phpdoc/manual.ced"
+sgml-exposed-tags:nil
+sgml-local-catalogs:nil
+sgml-local-ecat-files:nil
+End:
+vim600: syn=xml fen fdm=syntax fdl=2 si
+vim: et tw=78 syn=sgml
+vi: ts=1 sw=1
+-->
No newline at end of file
=> Put this change into your patches : \
https://edit.php.net/?project=php&action=putIntoMyPatches&idDB=43558
=> Delete this change: \
https://edit.php.net/?project=php&action=deleteThisChange&idDB=43558
\
------------------------------------------------------------------
Modified: en/reference/sqlite3/versions.xml
By: b dewar on 2012-11-29 08:42:57
===================================================================
--- en/reference/sqlite3/versions.xml
+++ en/reference/sqlite3/versions.xml
@@ -1,16 +1,15 @@
<?xml version='1.0' encoding='utf-8'?>
-<!-- $Revision: 330432 $ -->
+<!-- $Revision: 304540 $ -->
<!--
Do NOT translate this file
-->
<versions>
-
- <function name='SQLite3' from='PHP 5 >= 5.3.0'/>
<function name='SQLite3::__construct' from='PHP 5 >= 5.3.0'/>
<function name='SQLite3::busyTimeout' from='PHP 5 >= 5.3.3'/>
<function name='SQLite3::changes' from='PHP 5 >= 5.3.0'/>
<function name='SQLite3::close' from='PHP 5 >= 5.3.0'/>
<function name='SQLite3::createAggregate' from='PHP 5 >= 5.3.0'/>
+ <function name='SQLite3::createCollation' from='PHP 5 >= 5.4.0'/>
<function name='SQLite3::createFunction' from='PHP 5 >= 5.3.0'/>
<function name='SQLite3::escapeString' from='PHP 5 >= 5.3.0'/>
<function name='SQLite3::exec' from='PHP 5 >= 5.3.0'/>
@@ -24,7 +23,6 @@
<function name='SQLite3::querySingle' from='PHP 5 >= 5.3.0'/>
<function name='SQLite3::version' from='PHP 5 >= 5.3.0'/>
- <function name='SQLite3Stmt' from='PHP 5 >= 5.3.0'/>
<function name='SQLite3Stmt::bindParam' from='PHP 5 >= 5.3.0'/>
<function name='SQLite3Stmt::bindValue' from='PHP 5 >= 5.3.0'/>
<function name='SQLite3Stmt::clear' from='PHP 5 >= 5.3.0'/>
@@ -33,7 +31,6 @@
<function name='SQLite3Stmt::paramCount' from='PHP 5 >= 5.3.0'/>
<function name='SQLite3Stmt::reset' from='PHP 5 >= 5.3.0'/>
- <function name='SQLite3Result' from='PHP 5 >= 5.3.0'/>
<function name='SQLite3Result::columnName' from='PHP 5 >= 5.3.0'/>
<function name='SQLite3Result::columnType' from='PHP 5 >= 5.3.0'/>
<function name='SQLite3Result::fetchArray' from='PHP 5 >= 5.3.0'/>
=> Put this change into your patches : \
https://edit.php.net/?project=php&action=putIntoMyPatches&idDB=43559
=> Delete this change: \
https://edit.php.net/?project=php&action=deleteThisChange&idDB=43559
\
------------------------------------------------------------------
Modified: en/reference/var/functions/intval.xml
By: anonymous on 2013-03-27 02:18:53
===================================================================
--- en/reference/var/functions/intval.xml
+++ en/reference/var/functions/intval.xml
@@ -40,6 +40,31 @@
<para>
The base for the conversion
</para>
+ <note>
+ <para>
+ If <parameter>base</parameter> is 0, the base used is determined
+ by the format of <parameter>var</parameter>:
+ <itemizedlist>
+ <listitem>
+ <simpara>
+ if string includes a "0x" (or "0X") prefix, the base is taken
+ as 16 (hex); otherwise,
+ </simpara>
+ </listitem>
+ <listitem>
+ <simpara>
+ if string starts with "0", the base is taken as 8 (octal);
+ otherwise,
+ </simpara>
+ </listitem>
+ <listitem>
+ <simpara>
+ the base is taken as 10 (decimal).
+ </simpara>
+ </listitem>
+ </itemizedlist>
+ </para>
+ </note>
</listitem>
</varlistentry>
</variablelist>
=> Put this change into your patches : \
https://edit.php.net/?project=php&action=putIntoMyPatches&idDB=46078
=> Delete this change: \
https://edit.php.net/?project=php&action=deleteThisChange&idDB=46078
\
------------------------------------------------------------------
Modified: en/reference/pcre/pattern.syntax.xml
By: anonymous on 2013-03-29 01:31:14
===================================================================
--- en/reference/pcre/pattern.syntax.xml
+++ en/reference/pcre/pattern.syntax.xml
@@ -271,7 +271,7 @@
<listitem>
<simpara>
a character with the xx property, see
- <link linkend="regexp.reference.unicode">unicode properties</link>
+ <link linkend="regexp.reference.unicode">Unicode properties</link>
for more info
</simpara>
</listitem>
@@ -281,7 +281,17 @@
<listitem>
<simpara>
a character without the xx property, see
- <link linkend="regexp.reference.unicode">unicode properties</link>
+ <link linkend="regexp.reference.unicode">Unicode properties</link>
+ for more info
+ </simpara>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><emphasis>X</emphasis></term>
+ <listitem>
+ <simpara>
+ an Unicode grapheme, see
+ <link linkend="regexp.reference.unicode">Unicode properties</link>
for more info
</simpara>
</listitem>
@@ -611,7 +621,7 @@
</varlistentry>
<varlistentry>
<term><emphasis>X</emphasis></term>
- <listitem><simpara>an extended Unicode sequence</simpara></listitem>
+ <listitem><simpara>any Unicode grapheme incl. an extended Unicode \
sequence</simpara></listitem> </varlistentry>
</variablelist>
<para>
@@ -1020,15 +1030,7 @@
</tgroup>
</table>
<para>
- The <literal>X</literal> escape matches any number of Unicode characters
- that form an extended Unicode sequence. <literal>X</literal> is equivalent
- to <literal>(?>PMpM*)</literal>.
- </para>
- <para>
- That is, it matches a character without the "mark" property, followed
- by zero or more characters with the "mark" property, and treats the
- sequence as an atomic group (see below). Characters with the "mark"
- property are typically accents that affect the preceding character.
+ The <literal>X</literal> escape matches any single Unicode grapheme regardless it \
is a single code-point or in form of an extended Unicode sequence with combining \
marks. </para>
<para>
Matching characters by Unicode property is not fast, because PCRE has
=> Put this change into your patches : \
https://edit.php.net/?project=php&action=putIntoMyPatches&idDB=46090
=> Delete this change: \
https://edit.php.net/?project=php&action=deleteThisChange&idDB=46090
\
------------------------------------------------------------------
Modified: en/reference/classobj/functions/get-object-vars.xml
By: anonymous on 2013-03-31 05:40:56
===================================================================
--- en/reference/classobj/functions/get-object-vars.xml
+++ en/reference/classobj/functions/get-object-vars.xml
@@ -13,7 +13,7 @@
</methodsynopsis>
<para>
Gets the accessible non-static properties of the given
- <parameter>object</parameter> according to scope.
+ <parameter>object</parameter> according to scope and name of the property.
</para>
</refsect1>
<refsect1 role="parameters">
@@ -35,7 +35,7 @@
&reftitle.returnvalues;
<para>
Returns an associative array of defined object accessible non-static properties
- for the specified <parameter>object</parameter> in scope. If a property has
+ for the specified <parameter>object</parameter> in scope and per the \
property-name. If a property has not been assigned a value, it will be returned with \
a &null; value. </para>
</refsect1>
@@ -59,6 +59,12 @@
</entry>
</row>
<row>
+ <entry>5.0.0</entry>
+ <entry>
+ This function now filters <type>integer</type> property-names out. \
Previously their values were returned. + </entry>
+ </row>
+ <row>
<entry>4.2.0</entry>
<entry>
Properties which were declared in the class of the \
<parameter>object</parameter>
=> Put this change into your patches : \
https://edit.php.net/?project=php&action=putIntoMyPatches&idDB=46111
=> Delete this change: \
https://edit.php.net/?project=php&action=deleteThisChange&idDB=46111
\
------------------------------------------------------------------
Modified: en/reference/math/constants.xml
By: anonymous on 2013-04-06 06:28:27
===================================================================
--- en/reference/math/constants.xml
+++ en/reference/math/constants.xml
@@ -146,13 +146,13 @@
<entry><constant>NAN</constant></entry>
<entry>NAN (as a float)</entry>
<entry>Not A Number</entry>
- <entry></entry>
+ <entry>PHP 4.3.6</entry>
</row>
<row xml:id="constant.inf">
<entry><constant>INF</constant></entry>
<entry>INF (as a float)</entry>
<entry>The infinite</entry>
- <entry></entry>
+ <entry>PHP 4.3.6</entry>
</row>
</tbody>
</tgroup>
=> Put this change into your patches : \
https://edit.php.net/?project=php&action=putIntoMyPatches&idDB=46202
=> Delete this change: \
https://edit.php.net/?project=php&action=deleteThisChange&idDB=46202
\
------------------------------------------------------------------
Modified: en/reference/var/functions/is-float.xml
By: Hans Henrik Bergan on 2013-05-07 14:02:53
===================================================================
--- en/reference/var/functions/is-float.xml
+++ en/reference/var/functions/is-float.xml
@@ -52,28 +52,33 @@
<programlisting role="php">
<![CDATA[
<?php
-if (is_float(27.25)) {
- echo "is floatn";
-} else {
- echo "is not floatn";
+$values = array(23,'23',23.5,'23.5', '0', 0,false, true, null, 'abc', '', ' ');
+foreach ($values as $value) {
+ echo "is_float(";
+ var_export($value);
+ echo ") = ";
+ var_dump(is_float($value));
}
-var_dump(is_float('abc'));
-var_dump(is_float(23));
-var_dump(is_float(23.5));
-var_dump(is_float(1e7)); //Scientific Notation
-var_dump(is_float(true));
+echo "is_float(1e7) = bool(true)";//1e7 Scientific Notation
?>
]]>
</programlisting>
&example.outputs;
<screen>
<![CDATA[
-is float
-bool(false)
-bool(false)
-bool(true)
-bool(true)
-bool(false)
+is_float(23) = bool(false)
+is_float('23') = bool(false)
+is_float(23.5) = bool(true)
+is_float('23.5') = bool(false)
+is_float('0') = bool(false)
+is_float(0) = bool(false)
+is_float(false) = bool(false)
+is_float(true) = bool(false)
+is_float(NULL) = bool(false)
+is_float('abc') = bool(false)
+is_float('') = bool(false)
+is_float(' ') = bool(false)
+is_float(1e7) = bool(true)
]]>
</screen>
</example>
=> Put this change into your patches : \
https://edit.php.net/?project=php&action=putIntoMyPatches&idDB=46466
=> Delete this change: \
https://edit.php.net/?project=php&action=deleteThisChange&idDB=46466
\
------------------------------------------------------------------
Modified: en/language/oop5/typehinting.xml
By: Steve Tauber on 2013-05-24 10:41:09
===================================================================
--- en/language/oop5/typehinting.xml
+++ en/language/oop5/typehinting.xml
@@ -19,7 +19,7 @@
<para>
Type hints can not be used with scalar types such as <type>int</type> or
<type>string</type>.
- <link linkend="language.oop5.traits">Traits</link> are not allowed either.
+ <link linkend="language.types.resource">Resources</link> and <link \
linkend="language.oop5.traits">Traits</link> are not allowed either. </para>
<example>
=> Put this change into your patches : \
https://edit.php.net/?project=php&action=putIntoMyPatches&idDB=46724
=> Delete this change: \
https://edit.php.net/?project=php&action=deleteThisChange&idDB=46724
\
------------------------------------------------------------------
Modified: en/reference/session/upload-progress.xml
By: lbarnaud on 2013-05-26 03:10:53
===================================================================
--- en/reference/session/upload-progress.xml
+++ en/reference/session/upload-progress.xml
@@ -113,6 +113,11 @@
</programlisting>
</example>
</para>
+ <warning>
+ <para>
+ The web server's request buffering has to be disabled for this to work properly, \
else PHP may see the file upload only once fully uploaded. Servers such as Nginx are \
known to buffer requests. + </para>
+ </warning>
</chapter>
=> Put this change into your patches : \
https://edit.php.net/?project=php&action=putIntoMyPatches&idDB=46916
=> Delete this change: \
https://edit.php.net/?project=php&action=deleteThisChange&idDB=46916
\
------------------------------------------------------------------
Modified: en/reference/pgsql/reference.xml
By: anonymous on 2013-05-26 14:39:35
===================================================================
--- en/reference/pgsql/reference.xml
+++ en/reference/pgsql/reference.xml
@@ -18,7 +18,7 @@
<note>
<para>
Most PostgreSQL functions accept <parameter>connection</parameter> as
- the first optional parameter. If it is not provided, the last opened
+ the optional first parameter. If it is not provided, the last opened
connection is used. If it doesn't exist, functions return &false;.
</para>
</note>
=> Put this change into your patches : \
https://edit.php.net/?project=php&action=putIntoMyPatches&idDB=46976
=> Delete this change: \
https://edit.php.net/?project=php&action=deleteThisChange&idDB=46976
\
------------------------------------------------------------------
Modified: en/reference/info/functions/ini-get.xml
By: Hans Henrik Bergan on 2013-06-11 02:08:28
===================================================================
--- en/reference/info/functions/ini-get.xml
+++ en/reference/info/functions/ini-get.xml
@@ -125,7 +125,31 @@
</para>
</note>
</refsect1>
+
+<refsect1 role="changelog">
+ &reftitle.changelog;
+ <para>
+ <informaltable>
+ <tgroup cols="2">
+ <thead>
+ <row>
+ <entry>&Version;</entry>
+ <entry>&Description;</entry>
+ </row>
+ </thead>
+ <tbody>
+ <row>
+ <entry>5.3.0</entry>
+ <entry>previously, an empty string ("") was returned if the configuration \
option didn't exist. now, &false; is returned instead. (related: <a \
href="https://bugs.php.net/bug.php?id=46811">PHP bug 46811</a>) + </entry>
+ </row>
+ </tbody>
+ </tgroup>
+ </informaltable>
+ </para>
+ </refsect1>
+
<refsect1 role="seealso">
&reftitle.seealso;
<para>
@@ -134,6 +158,7 @@
<member><function>ini_get_all</function></member>
<member><function>ini_restore</function></member>
<member><function>ini_set</function></member>
+
</simplelist>
</para>
</refsect1>
=> Put this change into your patches : \
https://edit.php.net/?project=php&action=putIntoMyPatches&idDB=47191
=> Delete this change: \
https://edit.php.net/?project=php&action=deleteThisChange&idDB=47191
\
------------------------------------------------------------------
Modified: en/reference/apc/ini.xml
By: anonymous on 2013-06-14 05:48:58
===================================================================
--- en/reference/apc/ini.xml
+++ en/reference/apc/ini.xml
@@ -70,6 +70,12 @@
<entry>PHP_INI_SYSTEM</entry>
<entry></entry>
</row>
+ <row>
+ <entry><link linkend="ini.apc.shm-strings-buffer">apc.shm_strings_buffer</link></entry>
+ <entry>"4M"</entry>
+ <entry>PHP_INI_SYSTEM</entry>
+ <entry>Available since APC 3.1.4.</entry>
+ </row>
<row>
<entry><link linkend="ini.apc.optimization">apc.optimization</link></entry>
<entry>"0"</entry>
@@ -316,6 +322,17 @@
</para>
</listitem>
</varlistentry>
+ <varlistentry xml:id="ini.apc.shm-strings-buffer">
+ <term>
+ <parameter>apc.shm_strings_buffer</parameter>
+ <type>string</type>
+ </term>
+ <listitem>
+ <para>
+ The size of memory to use as a shared buffer for strings used internally by \
APC. Size Should be suffixed by M for megabytes, G for gigabytes. Enabling this \
option will reduce the amount of memory used per PHP-FPM worker as strings will be \
stored once rather than for each worker. + </para>
+ </listitem>
+ </varlistentry>
<varlistentry xml:id="ini.apc.optimization">
<term>
<parameter>apc.optimization</parameter>
=> Put this change into your patches : \
https://edit.php.net/?project=php&action=putIntoMyPatches&idDB=47235
=> Delete this change: \
https://edit.php.net/?project=php&action=deleteThisChange&idDB=47235
\
------------------------------------------------------------------
Modified: en/reference/pgsql/functions/pg-escape-bytea.xml
By: Craig Ringer on 2013-06-16 16:54:53
===================================================================
--- en/reference/pgsql/functions/pg-escape-bytea.xml
+++ en/reference/pgsql/functions/pg-escape-bytea.xml
@@ -18,13 +18,15 @@
</methodsynopsis>
<para>
<function>pg_escape_bytea</function> escapes string for
- bytea datatype. It returns escaped string.
+ bytea datatype. It returns a PostgreSQL octal-escaped string with all \
backslashes doubled for interpolation into literal SQL text. </para>
<note>
<para>
When you <literal>SELECT</literal> a bytea type, PostgreSQL returns octal byte \
values prefixed with '' (e.g. 32). Users are supposed to convert back to
- binary format manually.
+ binary format manually. PHP <function>provides pg_unescape_bytea</function> for \
this purpose; + it isn't the exact reverse of <literal>pg_escape_bytea</literal> \
since it's supposed to operate + on the results returned by PostgreSQL, not the \
output of <literal>pg_escape_bytea</literal>. </para>
<para>
This function requires PostgreSQL 7.2 or later. With PostgreSQL
@@ -35,6 +37,18 @@
character encoding does not match, and there may be multi-byte
stream error. User must then cast to bytea to avoid this error.
</para>
+ <para>
+ Even on versions of PostgreSQL that support the more compact 'hex' output style, \
this function emits the older and more compatible octal escape syntax. + </para>
+ <para>
+ Because <literal>pg_escape_bytea</literal> doubles the backslashes used in octal \
escapes, you can't pass its output + as a parameter to the \
<function>pg_query_params</function>. The result must be interpolated into an SQL \
string. + </para>
+ <para>
+ On newer PostgreSQL versions that set \
<literal>standard_conforming_strings</literal> to <literal>on</literal> by default, + \
you must use the escape-string syntax <literal>E'{$val}'</literal> so that PostgreSQL \
consumes the backslashes added + by PHP's version of \
<literal>pg_escape_bytea</literal>. + </para>
</note>
</refsect1>
@@ -113,7 +127,7 @@
$escaped = pg_escape_bytea($data);
// Insert it into the database
- pg_query("INSERT INTO gallery (name, data) VALUES ('Pine trees', '{$escaped}')");
+ pg_query("INSERT INTO gallery (name, data) VALUES ('Pine trees', E'{$escaped}')");
?>
]]>
</programlisting>
=> Put this change into your patches : \
https://edit.php.net/?project=php&action=putIntoMyPatches&idDB=47273
=> Delete this change: \
https://edit.php.net/?project=php&action=deleteThisChange&idDB=47273
\
------------------------------------------------------------------
Modified: en/reference/pgsql/functions/pg-unescape-bytea.xml
By: Craig Ringer on 2013-06-16 16:59:54
===================================================================
--- en/reference/pgsql/functions/pg-unescape-bytea.xml
+++ en/reference/pgsql/functions/pg-unescape-bytea.xml
@@ -34,6 +34,10 @@
character encoding does not match, and there may be multi-byte
stream error. User must then cast to bytea to avoid this error.
</para>
+ <para>
+ <literal>pg_unescape_bytea</literal> isn't the exact reverse of \
<function>pg_escape_bytea</function> since it's supposed to operate + on the \
results returned by PostgreSQL, not the output of PHP's \
<literal>pg_escape_bytea</literal>. + </para>
</note>
</refsect1>
=> Put this change into your patches : \
https://edit.php.net/?project=php&action=putIntoMyPatches&idDB=47274
=> Delete this change: \
https://edit.php.net/?project=php&action=deleteThisChange&idDB=47274
\
------------------------------------------------------------------
Modified: en/reference/pgsql/functions/pg-query.xml
By: Craig Ringer on 2013-06-16 17:57:10
===================================================================
--- en/reference/pgsql/functions/pg-query.xml
+++ en/reference/pgsql/functions/pg-query.xml
@@ -16,7 +16,9 @@
</methodsynopsis>
<para>
<function>pg_query</function> executes the <parameter>query</parameter>
- on the specified database <parameter>connection</parameter>.
+ on the specified database <parameter>connection</parameter>.
+ <function>pg_query_params</function> should be preferred
+ in most cases.
</para>
<para>
If an error occurs, and &false; is returned, details of the error can
@@ -65,9 +67,18 @@
included in the query string. However, using multiple transactions in one \
function call is not recommended. </para>
<para>
- Data inside the query should be <link
- linkend="function.pg-escape-string">properly escaped</link>.
</para>
+ <warning>
+ <para>
+ String interpolation of user-supplied data is extremely dangerous and is \
likely to lead to <link linkend="security.database.sql-injection">SQL \
injection</link> vulnerabilities. You should always use + \
<function>pg_query_params</function> in preference to <literal>pg_query</literal>, \
passing your + user-supplied values as parameters rather than substituting \
them into the SQL string. + </para>
+ <para>
+ If you must do string interpolation, it is vital that data inside the query \
is <link + linkend="function.pg-escape-string">properly escaped</link>.
+ </para>
+ </warning>
</listitem>
</varlistentry>
</variablelist>
=> Put this change into your patches : \
https://edit.php.net/?project=php&action=putIntoMyPatches&idDB=47275
=> Delete this change: \
https://edit.php.net/?project=php&action=deleteThisChange&idDB=47275
\
------------------------------------------------------------------
Modified: en/reference/pgsql/functions/pg-query-params.xml
By: Craig Ringer on 2013-06-16 18:07:08
===================================================================
--- en/reference/pgsql/functions/pg-query-params.xml
+++ en/reference/pgsql/functions/pg-query-params.xml
@@ -24,7 +24,9 @@
but offers additional functionality: parameter
values can be specified separately from the command string proper.
<function>pg_query_params</function> is supported only against PostgreSQL 7.4 or
- higher connections; it will fail when using earlier versions.
+ higher connections; it will fail when using earlier versions. \
<function>pg_query_params</function> + should always be used in preference to \
<function>pg_query</function> as it is faster + and more secure.
</para>
<para>
If parameters are used, they are referred to in the
@@ -68,6 +70,13 @@
(multiple statements separated by semi-colons are not allowed.) If any \
parameters are used, they are referred to as $1, $2, etc.
</para>
+ <para>
+ User-supplied values should always be passed as parameters, not interpolated \
into the + query string, where they form possible <link \
linkend="security.database.sql-injection"> + SQL injection</link> attack \
vectors and introduce bugs when handling data containing quotes. + If for some \
reason you cannot use a parameter, ensure that interpolated values are <link + \
linkend="function.pg-escape-string">properly escaped</link>. + </para>
</listitem>
</varlistentry>
<varlistentry>
@@ -78,6 +87,16 @@
in the original prepared query string. The number of elements in the array
must match the number of placeholders.
</para>
+ <para>
+ Manually escaping values passed as as parameters with \
<function>pg_escape_string</function> + is both unnecessary and incorrect. You \
can pass the values unchanged, as the database driver + ensures that they are \
passed securely. + </para>
+ <para>
+ Values intended for <literal>bytea</literal> fields are not supported as \
parameters + in <function>pg_query_params</function>. Use \
<function>pg_escape_bytea</function> instead, + or use the large object \
functions. + </para>
</listitem>
</varlistentry>
</variablelist>
=> Put this change into your patches : \
https://edit.php.net/?project=php&action=putIntoMyPatches&idDB=47276
=> Delete this change: \
https://edit.php.net/?project=php&action=deleteThisChange&idDB=47276
\
------------------------------------------------------------------
Modified: en/reference/pcre/functions/preg-match.xml
By: Matias Larsson on 2013-06-18 22:47:57
===================================================================
--- en/reference/pcre/functions/preg-match.xml
+++ en/reference/pcre/functions/preg-match.xml
@@ -9,7 +9,7 @@
<refsect1 role="description">
&reftitle.description;
<methodsynopsis>
- <type>int</type><methodname>preg_match</methodname>
+ <type>mixed</type><methodname>preg_match</methodname>
<methodparam><type>string</type><parameter>pattern</parameter></methodparam>
<methodparam><type>string</type><parameter>subject</parameter></methodparam>
<methodparam choice="opt"><type>array</type><parameter \
role="reference">matches</parameter></methodparam>
=> Put this change into your patches : \
https://edit.php.net/?project=php&action=putIntoMyPatches&idDB=47282
=> Delete this change: \
https://edit.php.net/?project=php&action=deleteThisChange&idDB=47282
\
------------------------------------------------------------------
Modified: en/reference/info/functions/phpinfo.xml
By: anonymous on 2013-06-23 10:18:48
===================================================================
--- en/reference/info/functions/phpinfo.xml
+++ en/reference/info/functions/phpinfo.xml
@@ -191,10 +191,10 @@
&reftitle.notes;
<note>
<para>
- Parts of the information displayed are disabled when the
- <link linkend="ini.expose-php">expose_php</link> configuration setting
- is set to <literal>off</literal>. This includes the PHP and Zend logos,
- and the credits.
+ In versions of PHP before 5.5, parts of the information displayed are
+ disabled when the <link linkend="ini.expose-php">expose_php</link>
+ configuration setting is set to <literal>off</literal>. This includes the
+ PHP and Zend logos, and the credits.
</para>
</note>
<note>
=> Put this change into your patches : \
https://edit.php.net/?project=php&action=putIntoMyPatches&idDB=47487
=> Delete this change: \
https://edit.php.net/?project=php&action=deleteThisChange&idDB=47487
\
------------------------------------------------------------------
--
https://edit.php.net/
This email is send automatically by the Php Docbook Online Editor.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic