Merge remote-tracking branch 'upstream/develop' into 4.3

Conflicts:
	user_guide_src/source/tutorial/news_section.rst

Author: kenjis

user_guide_src/source/changelogs/v4.2.0.rst

@@ -118,6 +118,7 @@ Commands
 Others
 ======
 
+- Added ``$this->validateData()`` in Controller. See :ref:`controller-validatedata`.
 - Content Security Policy (CSP) enhancements
     - Added the configs ``$scriptNonceTag`` and ``$styleNonceTag`` in  ``Config\ContentSecurityPolicy`` to customize the CSP placeholders (``{csp-script-nonce}`` and ``{csp-style-nonce}``)
     - Added the config ``$autoNonce`` in ``Config\ContentSecurityPolicy`` to disable the CSP placeholder replacement

user_guide_src/source/concepts/mvc.rst

@@ -51,7 +51,7 @@ Views are generally stored in **app/Views**, but can quickly become unwieldy if
 CodeIgniter does not enforce any type of organization, but a good rule of thumb would be to create a new directory in
 the **Views** directory for each controller. Then, name views by the method name. This makes them very easy to find later
 on. For example, a user's profile might be displayed in a controller named ``User``, and a method named ``profile``.
-You might store the view file for this method in **app/Views/User/Profile.php**.
+You might store the view file for this method in **app/Views/user/profile.php**.
 
 That type of organization works great as a base habit to get into. At times you might need to organize it differently.
 That's not a problem. As long as CodeIgniter can find the file, it can display it.

user_guide_src/source/database/configuration.rst

@@ -6,6 +6,9 @@ Database Configuration
     :local:
     :depth: 2
 
+.. note::
+    See :ref:`requirements-supported-databases` for currently supported database drivers.
+
 ***********
 Config File
 ***********

user_guide_src/source/general/helpers.rst

@@ -32,6 +32,8 @@ global **system/Helpers** directory.
 Loading a Helper
 ================
 
+.. note:: The URL helper is always loaded so you do not need to load it yourself.
+
 Loading a helper file is quite simple using the following method:
 
 .. literalinclude:: helpers/001.php
@@ -44,22 +46,31 @@ For example, to load the **Cookie Helper** file, which is named
 
 .. literalinclude:: helpers/002.php
 
+.. note:: The Helper loading method above does not return a value, so
+    don't try to assign it to a variable. Just use it as shown.
+
+Loading Multiple Helpers
+------------------------
+
 If you need to load more than one helper at a time, you can pass
 an array of file names in and all of them will be loaded:
 
 .. literalinclude:: helpers/003.php
 
+Loading in a Controller
+-----------------------
+
 A helper can be loaded anywhere within your controller methods (or
 even within your View files, although that's not a good practice), as
-long as you load it before you use it. You can load your helpers in your
+long as you load it before you use it.
+
+You can load your helpers in your
 controller constructor so that they become available automatically in
-any function, or you can load a helper in a specific function that needs
+any method, or you can load a helper in a specific method that needs
 it.
 
-.. note:: The Helper loading method above does not return a value, so
-    don't try to assign it to a variable. Just use it as shown.
-
-.. note:: The URL helper is always loaded so you do not need to load it yourself.
+However if you want to load in your controller constructor, you can use the ``$helpers``
+property in Controller instead. See :ref:`Controllers <controllers-helpers>`.
 
 Loading from Non-standard Locations
 -----------------------------------
@@ -73,9 +84,9 @@ sub-directory named **Helpers**. An example will help understand this.
 
 For this example, assume that we have grouped together all of our Blog-related
 code into its own namespace, ``Example\Blog``. The files exist on our server at
-**/Modules/Blog/**. So, we would put our Helper files for the blog module in
-**/Modules/Blog/Helpers/**. A **blog_helper** file would be at
-**/Modules/Blog/Helpers/blog_helper.php**. Within our controller we could
+**Modules/Blog/**. So, we would put our Helper files for the blog module in
+**Modules/Blog/Helpers/**. A **blog_helper** file would be at
+**Modules/Blog/Helpers/blog_helper.php**. Within our controller we could
 use the following command to load the helper for us:
 
 .. literalinclude:: helpers/004.php
@@ -101,7 +112,7 @@ Using a Helper
 Once you've loaded the Helper File containing the function you intend to
 use, you'll call it the way you would a standard PHP function.
 
-For example, to create a link using the ``anchor()`` function in one of
+For example, to create a link using the :php:func:`anchor()` function in one of
 your view files you would do this:
 
 .. literalinclude:: helpers/005.php
@@ -131,7 +142,7 @@ functions:
 
 .. literalinclude:: helpers/006.php
 
-The ``helper()`` method will scan through all PSR-4 namespaces defined in **app/Config/Autoload.php**
+The ``helper()`` function will scan through all PSR-4 namespaces defined in **app/Config/Autoload.php**
 and load in ALL matching helpers of the same name. This allows any module's helpers
 to be loaded, as well as any helpers you've created specifically for this application. The load order
 is as follows:

user_guide_src/source/incoming/controllers.rst

@@ -35,21 +35,26 @@ Included Properties
 
 The CodeIgniter's Controller provides these properties.
 
-**Request Object**
+Request Object
+==============
 
 The application's main :doc:`Request Instance </incoming/incomingrequest>` is always available
 as a class property, ``$this->request``.
 
-**Response Object**
+Response Object
+===============
 
 The application's main :doc:`Response Instance </outgoing/response>` is always available
 as a class property, ``$this->response``.
 
-**Logger Object**
+Logger Object
+=============
 
 An instance of the :doc:`Logger <../general/logging>` class is available as a class property,
 ``$this->logger``.
 
+.. _controllers-helpers:
+
 Helpers
 =======
 
@@ -79,7 +84,7 @@ modify this by passing the duration (in seconds) as the first parameter:
 
 .. _controller-validate:
 
-Validating data
+Validating Data
 ***************
 
 $this->validate()
@@ -90,6 +95,15 @@ The method accepts an array of rules in the first parameter,
 and in the optional second parameter, an array of custom error messages to display
 if the items are not valid. Internally, this uses the controller's
 ``$this->request`` instance to get the data to be validated.
+
+.. warning::
+    The ``validate()`` method uses :ref:`Validation::withRequest() <validation-withrequest>` method.
+    It validates data from :ref:`$request->getJSON() <incomingrequest-getting-json-data>`
+    or :ref:`$request->getRawInput() <incomingrequest-retrieving-raw-data>`
+    or :ref:`$request->getVar() <incomingrequest-getting-data>`.
+    Which data is used depends on the request. Remember that an attacker is free to send any request to
+    the server.
+
 The :doc:`Validation Library docs </libraries/validation>` have details on
 rule and message array formats, as well as available rules:
 
@@ -107,6 +121,8 @@ the ``$rules`` array with the name of the group as defined in **app/Config/Valid
 $this->validateData()
 =====================
 
+.. versionadded:: 4.2.0
+
 Sometimes you may want to check the controller method parameters or other custom data.
 In that case, you can use the ``$this->validateData()`` method.
 The method accepts an array of data to validate in the first parameter:

user_guide_src/source/incoming/controllers/006.php

@@ -17,7 +17,9 @@ public function product(int $id)
         ];
 
         if (! $this->validateData($data, $rule)) {
-            // ...
+            return view('store/product', [
+                'errors' => $this->validator->getErrors(),
+            ]);
         }
 
         // ...

user_guide_src/source/incoming/incomingrequest.rst

@@ -80,12 +80,14 @@ With CodeIgniter's built-in methods you can simply do this:
 
 .. literalinclude:: incomingrequest/008.php
 
+.. _incomingrequest-getting-data:
+
 Getting Data
 ============
 
 The ``getVar()`` method will pull from ``$_REQUEST``, so will return any data from ``$_GET``, ``$POST``, or ``$_COOKIE`` (depending on php.ini `request-order <https://www.php.net/manual/en/ini.core.php#ini.request-order>`_).
 
-.. note:: If the incoming request has a ``CONTENT_TYPE`` header set to ``application/json``,
+.. note:: If the incoming request has a ``Content-Type`` header set to ``application/json``,
     the ``getVar()`` method returns the JSON data instead of ``$_REQUEST`` data.
 
 While this
@@ -103,6 +105,8 @@ maintaining the ability to control the order you look for it:
 * ``$request->getPostGet()`` - checks ``$_POST`` first, then ``$_GET``
 * ``$request->getGetPost()`` - checks ``$_GET`` first, then ``$_POST``
 
+.. _incomingrequest-getting-json-data:
+
 Getting JSON Data
 =================
 
@@ -119,7 +123,7 @@ arrays, pass in ``true`` as the first parameter.
 The second and third parameters match up to the ``depth`` and ``options`` arguments of the
 `json_decode <https://www.php.net/manual/en/function.json-decode.php>`_ PHP function.
 
-If the incoming request has a ``CONTENT_TYPE`` header set to ``application/json``, you can also use ``getVar()`` to get
+If the incoming request has a ``Content-Type`` header set to ``application/json``, you can also use ``getVar()`` to get
 the JSON stream. Using ``getVar()`` in this way will always return an object.
 
 Getting Specific Data from JSON
@@ -132,12 +136,14 @@ data that you want or you can use "dot" notation to dig into the JSON to get dat
 
 If you want the result to be an associative array instead of an object, you can use ``getJsonVar()`` instead and pass
 true in the second parameter. This function can also be used if you can't guarantee that the incoming request will have the
-correct ``CONTENT_TYPE`` header.
+correct ``Content-Type`` header.
 
 .. literalinclude:: incomingrequest/011.php
 
 .. note:: See the documentation for :php:func:`dot_array_search()` in the ``Array`` helper for more information on "dot" notation.
 
+.. _incomingrequest-retrieving-raw-data:
+
 Retrieving Raw Data (PUT, PATCH, DELETE)
 ========================================
 

user_guide_src/source/installation/installing_composer.rst

@@ -72,12 +72,13 @@ Read the :doc:`upgrade instructions <upgrading>`, and check Breaking Changes and
 Pros
 ----
 
-Simple installation; easy to update
+Simple installation; easy to update.
 
 Cons
 ----
 
-You still need to check for ``app/Config`` changes after updating
+You still need to check for file changes in the **project space**
+(root, app, public, writable) after updating.
 
 Structure
 ---------
@@ -155,12 +156,13 @@ Read the :doc:`upgrade instructions <upgrading>`, and check Breaking Changes and
 Pros
 ----
 
-Relatively simple installation; easy to update
+Relatively simple installation; easy to update.
 
 Cons
 ----
 
-You still need to check for ``app/Config`` changes after updating
+You still need to check for file changes in the **project space**
+(root, app, public, writable) after updating.
 
 Structure
 ---------

user_guide_src/source/installation/installing_manual.rst

@@ -44,12 +44,12 @@ Read the :doc:`upgrade instructions <upgrading>`, and check Breaking Changes and
 Pros
 ====
 
-Download and run
+Download and run.
 
 Cons
 ====
 
-You are responsible for merge conflicts when updating
+You are responsible for merge conflicts when updating.
 
 Structure
 =========

user_guide_src/source/intro/requirements.rst

@@ -2,12 +2,24 @@
 Server Requirements
 ###################
 
+.. contents::
+    :local:
+    :depth: 2
+
+***************************
+PHP and Required Extensions
+***************************
+
 `PHP <https://www.php.net/>`_ version 7.4 or newer is required, with the following PHP extensions are enabled:
 
   - `intl <https://www.php.net/manual/en/intl.requirements.php>`_
   - `mbstring <https://www.php.net/manual/en/mbstring.requirements.php>`_
   - `json <https://www.php.net/manual/en/json.requirements.php>`_
 
+***********************
+Optional PHP Extensions
+***********************
+
 The following PHP extensions should be enabled on your server:
 
   - `mysqlnd <https://www.php.net/manual/en/mysqlnd.install.php>`_ (if you use MySQL)
@@ -28,6 +40,12 @@ The following PHP extensions are required when you use PHPUnit:
    - `libxml <https://www.php.net/manual/en/libxml.requirements.php>`_ (if you use :doc:`TestResponse </testing/response>` class)
    - `xdebug <https://xdebug.org/docs/install>`_ (if you use ``CIUnitTestCase::assertHeaderEmitted()``)
 
+.. _requirements-supported-databases:
+
+*******************
+Supported Databases
+*******************
+
 A database is required for most web application programming.
 Currently supported databases are: