diff options
Diffstat (limited to 'user_guide_src/source/changelog.rst')
| -rw-r--r-- | user_guide_src/source/changelog.rst | 82 |
1 files changed, 68 insertions, 14 deletions
diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index b42b21722..7fcd72e8a 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -31,6 +31,7 @@ Release Date: Not Released - Removed previously deprecated method ``is_cli_request()`` (use :php:func:`is_cli()` instead). - Changed the ``set_cookie()`` method's default expiry time to 0 (expires when browser is closed). - Changed the ``set_cookie()`` method to delete the cookie if a negative expiry time is passed to it. + - Allowed usage of nested array keys in ``get_post()``, ``post_get()`` methods. - Libraries @@ -86,6 +87,7 @@ Release Date: Not Released - :doc:`Query Builder <database/query_builder>`: - Added methods ``having_in()``, ``or_having_in()``, ``not_having_in()``, ``or_not_having_in()``. + - Updated methods ``where_in()``, ``or_where_in()``, ``not_where_in()``, ``or_not_where_in()`` to reject non-array inputs for the second parameter. - Updated method ``join()`` to allow accepting ``NATURAL`` clauses in its third parameter. - Updated logic to allow dots in alias names. @@ -127,12 +129,65 @@ Release Date: Not Released - Added ability to generate ``data:image/png;base64`` URIs instead of writing image files to disk. - Updated to always create PNG images instead of JPEG. +Version 3.1.11 +============== + +Release Date: Not Released + + +Bug fixes for 3.1.11 +==================== + +- Fixed a bug (#5681) - :doc:`Database Forge <database/forge>` method ``modify_column()`` produced erroneous SQL for ``DEFAULT`` attribute changes under PostgreSQL, Firebird. +- Fixed a bug (#5692) - :doc:`Database Forge <database/forge>` didn't handle column nullability with the 'oci8', 'pdo/oci' drivers. + +Version 3.1.10 +============== + +Release Date: Jan 16, 2019 + +- General Changes + + - Added 'ssl_verify' support to the 'pdo/mysql' :doc:`Database <database/index>` driver. + - Renamed :doc:`Inflector Helper <helpers/inflector_helper>` function ``is_countable()`` to :php:func:`word_is_countable()` due to the former colliding with one introduced in PHP 7.3.0. + +Bug fixes for 3.1.10 +-------------------- + +- Fixed a bug (#5526) - :doc:`Session Library <libraries/sessions>` had a syntax error in its 'memcached' driver. +- Fixed a bug (#5542) - :doc:`Database Forge <database/forge>` method ``modify_column()`` always made fields ``NOT NULL`` when attempting to modify their nullable property under PostgreSQL. +- Fixed a bug (#5561) - :doc:`Database Library <database/index>` didn't allow SSL connection configuration with only the 'ssl_verify' option when using the 'mysqli' driver. +- Fixed a bug (#5545) - :doc:`Session Library <libraries/sessions>` crashed due to a caching-related error with the 'files' driver. +- Fixed a bug (#5571) - :doc:`XML-RPC Library <libraries/xmlrpc>` had a typo that triggered an ``E_WARNING`` message on PHP 7.2. +- Fixed a bug (#5587) - :doc:`Database Forge <database/forge>` method ``create_table()`` generated an ``E_WARNING`` message. +- Fixed a bug (#5590) - :doc:`Form Validation Library <libraries/form_validation>` rule **valid_base64** didn't have a default error message. +- Fixed a bug (#5624) - :doc:`Database Library <database/index>` methods ``list_fields()``, ``field_exists()`` returned incorrect results after tables are modified. +- Fixed a bug (#5627) - :doc:`Database <database/index>` driver 'mysqli' triggered an ``E_WARNING`` message if there's no ``'port'`` specified in the database configuration. +- Fixed a bug (#5651) - :doc:`Database Caching <database/caching>` could try to delete non-existent cache files due to a race condition. +- Fixed a bug (#5652) - :doc:`CAPTCHA Helper <helpers/captcha_helper>` function :php:func:`create_captcha()` didn't comply with CSS standards. +- Fixed a bug (#5605) - :doc:`Form Validation Library <libraries/form_validation>` didn't nullify array inputs that are expected to be strings. Version 3.1.9 ============= -Release Date: Not Released +Release Date: Jun 12, 2018 +- **Security** + + - Updated :doc:`URL Helper <helpers/url_helper>` function :php:func:`auto_link()` to add ``rel="noopener"`` to generated links in order to prevent tab hijacking. + - Fixed a possible session fixation vulnerability where the :doc:`Session Library <libraries/sessions>` enabled ``session.use_strict_mode`` but it didn't actually do anything (thanks to Aamer Shah, Prasanna Kumar). + +- General Changes + + - Updated :doc:`Query Builder <database/query_builder>` method ``limit()`` to allow ``0`` values. + - Updated :doc:`Email Library <libraries/email>` and :doc:`Form Validation Library <libraries/form_validation>` to discard the results of failed ``idn_to_ascii()`` calls while validating e-mail addresses. + +Bug fixes for 3.1.9 +------------------- + +- Fixed a regression (#5448) - :doc:`Query Builder <database/query_builder>` methods ``like()``, ``or_like()`` (and siblings) didn't apply *dbprefix* or identifier escaping. +- Fixed a regression (#5462) - :doc:`Query Builder <database/query_builder>` methods ``like()``, ``or_like()`` (and siblings) produced incorrect SQL syntax when used with ``'before'`` as the third parameter. +- Fixed a bug (#5516) - :doc:`HTML Helper <helpers/html_helper>` functions :php:func:`img()`, :php:func:`link_tag()` would output results with double slashes if a prefix slash was included in their path inputs. Version 3.1.8 ============= @@ -141,7 +196,6 @@ Release Date: Mar 22, 2018 - **Security** - - Updated :doc:`URL Helper <helpers/url_helper>` function :php:func:`auto_link()` to add ``rel="noopener"`` to generated links in order to prevent tab hijacking. - Updated :doc:`Security Library <libraries/security>` method ``xss_clean()`` to also filter JavaScript tag functions. - Fixed a bug where :doc:`Security Library <libraries/security>` method ``xss_clean()`` didn't check for parentheses around JavaScript's ``document``. @@ -352,7 +406,7 @@ Release Date: Oct 22, 2016 - General Changes - Added ``E_PARSE`` to the list of error levels detected by the shutdown handler. - - Updated :doc:`Inflector Helper <helpers/inflector_helper>` :php:func:`is_countable()` with more words. + - Updated :doc:`Inflector Helper <helpers/inflector_helper>` ``is_countable()`` with more words. - Updated :doc:`common function <general/common_functions>` :php:func:`set_status_header()` with new status codes from IETF RFCs `2817 <https://tools.ietf.org/html/rfc2817>`_ (426) and `6585 <https://tools.ietf.org/html/rfc6585>`_ (428, 429, 431, 511). @@ -415,7 +469,7 @@ Bug fixes for 3.1.0 - Fixed a bug (#4562) - :doc:`Cache Library <libraries/caching>` didn't check if ``Memcached::quit()`` is available before calling it. - Fixed a bug (#4563) - :doc:`Input Library <libraries/input>` method ``request_headers()`` ignores ``$xss_clean`` parameter value after first call. - Fixed a bug (#4605) - :doc:`Config Library <libraries/config>` method ``site_url()`` stripped trailing slashes from relative URIs passed to it. -- Fixed a bug (#4613) - :doc:`Email Library <libraries/config>` failed to send multiple emails via SMTP due to "already authenticated" errors when keep-alive is enabled. +- Fixed a bug (#4613) - :doc:`Email Library <libraries/email>` failed to send multiple emails via SMTP due to "already authenticated" errors when keep-alive is enabled. - Fixed a bug (#4633) - :doc:`Form Validation Library <libraries/form_validation>` ignored multiple "callback" rules for empty, non-required fields. - Fixed a bug (#4637) - :doc:`Database <database/index>` method ``error()`` returned ``FALSE`` with the 'oci8' driver if there was no error. - Fixed a bug (#4647) - :doc:`Query Builder <database/query_builder>` method ``count_all_results()`` doesn't take into account ``GROUP BY`` clauses while deciding whether to do a subquery or not. @@ -689,7 +743,7 @@ Release Date: March 30, 2015 - License - - CodeIgniter has been relicensed with the `MIT License <http://opensource.org/licenses/MIT>`_, eliminating its old proprietary licensing. + - CodeIgniter has been relicensed with the `MIT License <https://opensource.org/licenses/MIT>`_, eliminating its old proprietary licensing. - General Changes @@ -747,7 +801,7 @@ Release Date: March 30, 2015 - Added an optional third parameter to :php:func:`timespan()` that constrains the number of time units displayed. - Added an optional parameter to :php:func:`timezone_menu()` that allows more attributes to be added to the generated select tag. - Added function :php:func:`date_range()` that generates a list of dates between a specified period. - - Deprecated ``standard_date()``, which now just uses the native ``date()`` with `DateTime constants <http://php.net/manual/en/class.datetime.php#datetime.constants.types>`_. + - Deprecated ``standard_date()``, which now just uses the native ``date()`` with `DateTime constants <https://secure.php.net/manual/en/class.datetime.php#datetime.constants.types>`_. - Changed :php:func:`now()` to work with all timezone strings supported by PHP. - Changed :php:func:`days_in_month()` to use the native ``cal_days_in_month()`` PHP function, if available. @@ -772,7 +826,7 @@ Release Date: March 30, 2015 - :doc:`Inflector Helper <helpers/inflector_helper>` changes include: - Changed :php:func:`humanize()` to allow passing an input separator as its second parameter. - - Changed :php:func:`humanize()` and :php:func:`underscore()` to utilize `mbstring <http://php.net/mbstring>`_, if available. + - Changed :php:func:`humanize()` and :php:func:`underscore()` to utilize `mbstring <https://secure.php.net/mbstring>`_, if available. - Changed :php:func:`plural()` and :php:func:`singular()` to avoid double pluralization and support more words. - :doc:`Download Helper <helpers/download_helper>` changes include: @@ -823,7 +877,7 @@ Release Date: March 30, 2015 - :doc:`Text Helper <helpers/text_helper>` changes include: - Changed the default tag for use in :php:func:`highlight_phrase()` to ``<mark>`` (formerly ``<strong>``). - - Changed :php:func:`character_limiter()`, :php:func:`word_wrap()` and :php:func:`ellipsize()` to utilize `mbstring <http://php.net/mbstring>`_ or `iconv <http://php.net/iconv>`_, if available. + - Changed :php:func:`character_limiter()`, :php:func:`word_wrap()` and :php:func:`ellipsize()` to utilize `mbstring <https://secure.php.net/mbstring>`_ or `iconv <https://secure.php.net/iconv>`_, if available. - :doc:`Directory Helper <helpers/directory_helper>` :php:func:`directory_map()` will now append ``DIRECTORY_SEPARATOR`` to directory names in the returned array. - :doc:`Array Helper <helpers/array_helper>` :php:func:`element()` and :php:func:`elements()` now return NULL instead of FALSE when the required elements don't exist. @@ -1140,7 +1194,7 @@ Release Date: March 30, 2015 - Changed private methods to protected so that MY_URI can override them. - Renamed internal method ``_parse_cli_args()`` to ``_parse_argv()``. - Renamed internal method ``_detect_uri()`` to ``_parse_request_uri()``. - - Changed ``_parse_request_uri()`` to accept absolute URIs for compatibility with HTTP/1.1 as per `RFC2616 <http://www.ietf.org/rfc/rfc2616.txt>`. + - Changed ``_parse_request_uri()`` to accept absolute URIs for compatibility with HTTP/1.1 as per `RFC2616 <https://www.ietf.org/rfc/rfc2616.txt>`. - Added protected method ``_parse_query_string()`` to URI paths in the the **QUERY_STRING** value, like ``_parse_request_uri()`` does. - Changed URI string detection logic to always default to **REQUEST_URI** unless configured otherwise or under CLI. - Removed methods ``_remove_url_suffix()``, ``_explode_segments()`` and moved their logic into ``_set_uri_string()``. @@ -1235,7 +1289,7 @@ Release Date: March 30, 2015 - UTF-8 Library changes include: - - ``UTF8_ENABLED`` now requires only one of `Multibyte String <http://php.net/mbstring>`_ or `iconv <http://php.net/iconv>`_ to be available instead of both. + - ``UTF8_ENABLED`` now requires only one of `Multibyte String <https://secure.php.net/mbstring>`_ or `iconv <https://secure.php.net/iconv>`_ to be available instead of both. - Changed method ``clean_string()`` to utilize ``mb_convert_encoding()`` if it is available. - Renamed method ``_is_ascii()`` to ``is_ascii()`` and made it public. @@ -1247,9 +1301,9 @@ Release Date: March 30, 2015 - Added :doc:`compatibility layers <general/compatibility_functions>` for: - - `Multibyte String <http://php.net/mbstring>`_ (limited support). - - `Hash <http://php.net/hash>`_ (``hash_equals()``, ``hash_pbkdf2()``). - - `Password Hashing <http://php.net/password>`_. + - `Multibyte String <https://secure.php.net/mbstring>`_ (limited support). + - `Hash <https://secure.php.net/hash>`_ (``hash_equals()``, ``hash_pbkdf2()``). + - `Password Hashing <https://secure.php.net/password>`_. - `Standard Functions ``array_column()``, ``array_replace()``, ``array_replace_recursive()``, ``hex2bin()``, ``quoted_printable_encode()``. - Removed ``CI_CORE`` boolean constant from *CodeIgniter.php* (no longer Reactor and Core versions). @@ -1629,7 +1683,7 @@ Release Date: November 14, 2011 - Database - - Added a `CUBRID <http://www.cubrid.org/>`_ driver to the :doc:`Database + - Added a `CUBRID <https://www.cubrid.org/>`_ driver to the :doc:`Database Driver <database/index>`. Thanks to the CUBRID team for supplying this patch. - Added a PDO driver to the :doc:`Database Driver <database/index>`. |