diff options
author | Andrey Andreev <narf@devilix.net> | 2017-01-10 12:16:14 +0100 |
---|---|---|
committer | Andrey Andreev <narf@devilix.net> | 2017-01-10 12:16:14 +0100 |
commit | 27647c9a8b5cd5a0e1fd78123316f359fe61a672 (patch) | |
tree | e9e27e579a380ebcc449265460a47bf97013b1a4 /user_guide_src | |
parent | 79fad9b16fca72f6c15913dd5296400f19136576 (diff) | |
parent | 8f9ab65270ae033c5637f8a7d26ae834e9a71d5e (diff) |
Merge branch '3.1-stable' into develop
Conflicts resolved:
system/core/CodeIgniter.php
system/database/drivers/sqlite/sqlite_driver.php
system/database/drivers/sqlite/sqlite_forge.php
system/database/drivers/sqlite/sqlite_result.php
system/database/drivers/sqlite/sqlite_utility.php
system/helpers/email_helper.php
system/helpers/smiley_helper.php
system/libraries/Cart.php
system/libraries/Email.php
system/libraries/Image_lib.php
system/libraries/Javascript.php
system/libraries/Javascript/Jquery.php
system/libraries/Session/SessionHandlerInterface.php
user_guide_src/source/changelog.rst
user_guide_src/source/installation/downloads.rst
user_guide_src/source/installation/upgrading.rst
Diffstat (limited to 'user_guide_src')
-rw-r--r-- | user_guide_src/source/changelog.rst | 30 | ||||
-rw-r--r-- | user_guide_src/source/installation/downloads.rst | 3 | ||||
-rw-r--r-- | user_guide_src/source/installation/upgrade_314.rst | 14 | ||||
-rw-r--r-- | user_guide_src/source/installation/upgrading.rst | 3 | ||||
-rw-r--r-- | user_guide_src/source/libraries/form_validation.rst | 2 |
5 files changed, 48 insertions, 4 deletions
diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index ed814aa22..7e52a0eda 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -99,13 +99,35 @@ Release Date: Not Released - Removed the second (out of three) parameter from the :php:func:`form_upload()` function (it was never used). -Version 3.1.3 +Version 3.1.4 ============= Release Date: Not Released - General Changes + - Updated the :doc:`Image Manipulation Library <libraries/image_lib>` to work-around an issue with some JPEGs when using GD. + +Bug fixes for 3.1.4 +------------------- + +- Fixed a regression (#4975) - :doc:`Loader Library <libraries/loader>` couldn't handle objects passed as view variables. + +Version 3.1.3 +============= + +Release Date: Jan 09, 2017 + +- **Security** + + - Fixed an XSS vulnerability in :doc:`Security Library <libraries/security>` method ``xss_clean()``. + - Fixed a possible file inclusion vulnerability in :doc:`Loader Library <libraries/loader>` method ``vars()``. + - Fixed a possible remote code execution vulnerability in the :doc:`Email Library <libraries/email>` when 'mail' or 'sendmail' are used (thanks to Paul Buonopane from `NamePros <https://www.namepros.com/>`_). + - Added protection against timing side-channel attacks in :doc:`Security Library <libraries/security>` method ``csrf_verify()``. + - Added protection against BREACH attacks targeting the CSRF token field generated by :doc:`Form Helper <helpers/form_helper>` function :php:func:`form_open()`. + +- General Changes + - Deprecated ``$config['allow_get_array']``. - Deprecated ``$config['standardize_newlines']``. - Deprecated :doc:`Date Helper <helpers/date_helper>` function :php:func:`nice_date()`. @@ -128,6 +150,12 @@ Bug fixes for 3.1.3 - Fixed a bug (#4937) - :doc:`Image Manipulation Library <libraries/image_lib>` method ``initialize()`` didn't translate *new_image* inputs to absolute paths. - Fixed a bug (#4941) - :doc:`Query Builder <database/query_builder>` method ``order_by()`` didn't work with 'RANDOM' under the 'pdo/sqlite' driver. - Fixed a regression (#4892) - :doc:`Query Builder <database/query_builder>` method ``update_batch()`` didn't properly handle identifier escaping. +- Fixed a bug (#4953) - :doc:`Database Forge <database/forge>` method ``create_table()`` didn't update an internal tables list cache if it exists but is empty. +- Fixed a bug (#4958) - :doc:`Query Builder <database/query_builder>` method ``count_all_results()`` didn't take into account cached ``ORDER BY`` clauses. +- Fixed a bug (#4804) - :doc:`Query Builder <database/query_builder>` method ``insert_batch()`` could fail if the input array pointer was modified. +- Fixed a bug (#4962) - :doc:`Database Force <database/forge>` method ``alter_table()`` would fail with the 'oci8' driver. +- Fixed a bug (#4457) - :doc:`Image Manipulation Library <libraries/image_lib>` method ``get_image_properties()`` didn't detect invalid images. +- Fixed a bug (#4765) - :doc:`Email Library <libraries/email>` didn't send the ``User-Agent`` header without a prior call to ``clear()``. Version 3.1.2 ============= diff --git a/user_guide_src/source/installation/downloads.rst b/user_guide_src/source/installation/downloads.rst index ae58e796f..d36296e35 100644 --- a/user_guide_src/source/installation/downloads.rst +++ b/user_guide_src/source/installation/downloads.rst @@ -3,7 +3,8 @@ Downloading CodeIgniter ####################### - `CodeIgniter v3.2.0-dev (Current version) <https://codeload.github.com/bcit-ci/CodeIgniter/zip/develop>`_ -- `CodeIgniter v3.1.3-dev <https://codeload.github.com/bcit-ci/CodeIgniter/zip/3.1-stable>`_ +- `CodeIgniter v3.1.4-dev <https://codeload.github.com/bcit-ci/CodeIgniter/zip/3.1-stable>`_ +- `CodeIgniter v3.1.3 <https://codeload.github.com/bcit-ci/CodeIgniter/zip/3.1.3>`_ - `CodeIgniter v3.1.2 <https://codeload.github.com/bcit-ci/CodeIgniter/zip/3.1.2>`_ - `CodeIgniter v3.1.1 <https://codeload.github.com/bcit-ci/CodeIgniter/zip/3.1.1>`_ - `CodeIgniter v3.1.0 <https://codeload.github.com/bcit-ci/CodeIgniter/zip/3.1.0>`_ diff --git a/user_guide_src/source/installation/upgrade_314.rst b/user_guide_src/source/installation/upgrade_314.rst new file mode 100644 index 000000000..3f2da6564 --- /dev/null +++ b/user_guide_src/source/installation/upgrade_314.rst @@ -0,0 +1,14 @@ +############################# +Upgrading from 3.1.3 to 3.1.4 +############################# + +Before performing an update you should take your site offline by +replacing the index.php file with a static one. + +Step 1: Update your CodeIgniter files +===================================== + +Replace all files and directories in your *system/* directory. + +.. note:: If you have any custom developed files in these directories, + please make copies of them first. diff --git a/user_guide_src/source/installation/upgrading.rst b/user_guide_src/source/installation/upgrading.rst index 14127d42e..ca7677ba9 100644 --- a/user_guide_src/source/installation/upgrading.rst +++ b/user_guide_src/source/installation/upgrading.rst @@ -8,7 +8,8 @@ upgrading from. .. toctree:: :titlesonly: - Upgrading from 3.1.2+ to 3.2.x <upgrade_320> + Upgrading from 3.1.3+ to 3.2.x <upgrade_320> + Upgrading from 3.1.3 to 3.1.4 <upgrade_314> Upgrading from 3.1.2 to 3.1.3 <upgrade_313> Upgrading from 3.1.1 to 3.1.2 <upgrade_312> Upgrading from 3.1.0 to 3.1.1 <upgrade_311> diff --git a/user_guide_src/source/libraries/form_validation.rst b/user_guide_src/source/libraries/form_validation.rst index 65fd9acc8..6a92cc983 100644 --- a/user_guide_src/source/libraries/form_validation.rst +++ b/user_guide_src/source/libraries/form_validation.rst @@ -985,7 +985,7 @@ Rule Parameter Description **valid_url** No Returns FALSE if the form element does not contain a valid URL. **valid_email** No Returns FALSE if the form element does not contain a valid email address. **valid_emails** No Returns FALSE if any value provided in a comma separated list is not a valid email. -**valid_ip** No Returns FALSE if the supplied IP is not valid. +**valid_ip** Yes Returns FALSE if the supplied IP address is not valid. Accepts an optional parameter of 'ipv4' or 'ipv6' to specify an IP format. **valid_mac** No Returns FALSE if the supplied MAC address is not valid. **valid_base64** No Returns FALSE if the supplied string contains anything other than valid Base64 characters. |