diff options
Diffstat (limited to 'user_guide_src/source/installation')
-rw-r--r-- | user_guide_src/source/installation/downloads.rst | 5 | ||||
-rw-r--r-- | user_guide_src/source/installation/upgrade_210.rst | 6 | ||||
-rw-r--r-- | user_guide_src/source/installation/upgrade_300.rst | 20 | ||||
-rw-r--r-- | user_guide_src/source/installation/upgrade_310.rst | 110 | ||||
-rw-r--r-- | user_guide_src/source/installation/upgrade_311.rst (renamed from user_guide_src/source/installation/upgrade_307.rst) | 2 | ||||
-rw-r--r-- | user_guide_src/source/installation/upgrade_320.rst | 112 | ||||
-rw-r--r-- | user_guide_src/source/installation/upgrading.rst | 5 |
7 files changed, 159 insertions, 101 deletions
diff --git a/user_guide_src/source/installation/downloads.rst b/user_guide_src/source/installation/downloads.rst index 29f1a6d87..1e28a5bf0 100644 --- a/user_guide_src/source/installation/downloads.rst +++ b/user_guide_src/source/installation/downloads.rst @@ -2,8 +2,9 @@ Downloading CodeIgniter ####################### -- `CodeIgniter v3.1.0-dev (Current version) <https://codeload.github.com/bcit-ci/CodeIgniter/zip/develop>`_ -- `CodeIgniter v3.0.7-dev <https://codeload.github.com/bcit-ci/CodeIgniter/zip/3.0-stable>`_ +- `CodeIgniter v3.2.0-dev (Current version) <https://codeload.github.com/bcit-ci/CodeIgniter/zip/develop>`_ +- `CodeIgniter v3.1.1-dev <https://codeload.github.com/bcit-ci/CodeIgniter/zip/3.1-stable>`_ +- `CodeIgniter v3.1.0 <https://codeload.github.com/bcit-ci/CodeIgniter/zip/3.1.0>`_ - `CodeIgniter v3.0.6 <https://codeload.github.com/bcit-ci/CodeIgniter/zip/3.0.6>`_ - `CodeIgniter v3.0.5 <https://codeload.github.com/bcit-ci/CodeIgniter/zip/3.0.5>`_ - `CodeIgniter v3.0.4 <https://codeload.github.com/bcit-ci/CodeIgniter/zip/3.0.4>`_ diff --git a/user_guide_src/source/installation/upgrade_210.rst b/user_guide_src/source/installation/upgrade_210.rst index 5874bfc86..866dcf4ae 100644 --- a/user_guide_src/source/installation/upgrade_210.rst +++ b/user_guide_src/source/installation/upgrade_210.rst @@ -13,11 +13,11 @@ Replace all files and directories in your "system" folder. .. note:: If you have any custom developed files in these folders please make copies of them first. -Step 2: Replace config/user_agents.php -====================================== +Step 2: Replace config/mimes.php +================================ This config file has been updated to contain more user agent types, -please copy it to _application/config/user_agents.php*. +please copy it to _application/config/mimes.php*. Step 3: Update your user guide ============================== diff --git a/user_guide_src/source/installation/upgrade_300.rst b/user_guide_src/source/installation/upgrade_300.rst index 9a40f2b60..0fc211f89 100644 --- a/user_guide_src/source/installation/upgrade_300.rst +++ b/user_guide_src/source/installation/upgrade_300.rst @@ -842,7 +842,6 @@ CodeIgniter 3.1+. .. note:: This method is still available, but you're strongly encouraged to remove its usage sooner rather than later. -====================== The Javascript library ====================== @@ -854,6 +853,25 @@ It is now deprecated and scheduled for removal in CodeIgniter 3.1+. .. note:: This library is still available, but you're strongly encouraged to remove its usage sooner rather than later. +Form Validation method prep_for_form() +====================================== + +The :doc:`Form Validation Library <../libraries/form_validation>` has a +``prep_for_form()`` method, which is/can also be used as a rule in +``set_rules()`` to automatically perform HTML encoding on input data. + +Automatically encoding input (instead of output) data is a bad practice in +the first place, and CodeIgniter and PHP itself offer other alternatives +to this method anyway. +For example, :doc:`Form Helper <../helpers/form_helper>` functions will +automatically perform HTML escaping when necessary. + +Therefore, the *prep_for_form* method/rule is pretty much useless and is now +deprecated and scheduled for removal in 3.1+. + +.. note:: The method is still available, but you're strongly encouraged to + remove its usage sooner rather than later. + *********************************************************** Step 21: Check your usage of Text helper highlight_phrase() *********************************************************** diff --git a/user_guide_src/source/installation/upgrade_310.rst b/user_guide_src/source/installation/upgrade_310.rst index 36f69d01b..cae814327 100644 --- a/user_guide_src/source/installation/upgrade_310.rst +++ b/user_guide_src/source/installation/upgrade_310.rst @@ -1,5 +1,5 @@ ############################# -Upgrading from 3.0.x to 3.1.x +Upgrading from 3.0.6 to 3.1.0 ############################# Before performing an update you should take your site offline by @@ -13,100 +13,26 @@ Replace all files and directories in your *system/* directory. .. note:: If you have any custom developed files in these directories, please make copies of them first. -Step 2: Change database connection handling -=========================================== +Step 2: Check your PHP version +============================== -"Loading" a database, whether by using the *config/autoload.php* settings -or manually via calling ``$this->load->database()`` or the less-known -``DB()`` function, will now throw a ``RuntimeException`` in case of a -failure. +We recommend always running versions that are `currently supported +<https://secure.php.net/supported-versions.php>`_, which right now is at least PHP 5.6. -In addition, being unable to set the configured character set is now also -considered a connection failure. +PHP 5.2.x versions are now officially not supported by CodeIgniter, and while 5.3.7+ +may be at least runnable, we strongly discourage you from using any PHP versions below +the ones listed on the `PHP.net Supported Versions <https://secure.php.net/supported-versions.php>`_ +page. -.. note:: This has been the case for most database drivers in the in the - past as well (i.e. all but the 'mysql', 'mysqli' and 'postgre' - drivers). +Step 3: If you're using the 'odbc' database driver, check for usage of Query Builder +==================================================================================== -What this means is that if you're unable to connect to a database, or -have an erroneous character set configured, CodeIgniter will no longer -fail silently, but will throw an exception instead. +:doc:`Query Builder <../database/query_builder>` functionality and ``escape()`` can +no longer be used with the 'odbc' database driver. -You may choose to explicitly catch it (and for that purpose you can't use -*config/autoload.php* to load the :doc:`Database Class <../database/index>`) -:: +This is because, due to its nature, the `ODBC extension for PHP <https://secure.php.net/odbc>`_ +does not provide a function that allows to safely escape user-supplied strings for usage +inside an SQL query (which our :doc:`Query Builder <../database/query_builder>` relies on). - try - { - $this->load->database(); - } - catch (RuntimeException $e) - { - // Handle the failure - } - -Or you may leave it to CodeIgniter's default exception handler, which would -log the error message and display an error screen if you're running in -development mode. - -Remove db_set_charset() calls ------------------------------ - -With the above-mentioned changes, the purpose of the ``db_set_charset()`` -method would now only be to change the connection character set at runtime. -That doesn't make sense and that's the reason why most database drivers -don't support it at all. -Thus, ``db_set_charset()`` is no longer necessary and is removed. - -Step 3: Check logic related to URI parsing of CLI requests -========================================================== - -When running a CodeIgniter application from the CLI, the -:doc:`URI Library <../libraries/uri>` will now ignore the -``$config['url_suffix']`` and ``$config['permitted_uri_chars']`` -configuration settings. - -These two options don't make sense under the command line (which is why -this change was made) and therefore you shouldn't be affected by this, but -if you've relied on them for some reason, you'd probably have to make some -changes to your code. - -Step 4: Check Cache Library configurations for Redis, Memcache(d) -================================================================= - -The new improvements for the 'redis' and 'memcached' drivers of the -:doc:`Cache Library <../libraries/caching>` may require some small -adjustments to your configuration values ... - -Redis ------ - -If you're using the 'redis' driver with a UNIX socket connection, you'll -have to move the socket path from ``$config['socket']`` to -``$config['host']`` instead. - -The ``$config['socket_type']`` option is also removed, although that won't -affect your application - it will be ignored and the connection type will -be determined by the format used for ``$config['host']`` instead. - -Memcache(d) ------------ - -The 'memcached' will now ignore configurations that don't specify a ``host`` -value (previously, it just set the host to the default '127.0.0.1'). - -Therefore, if you've added a configuration that only sets e.g. a ``port``, -you will now have to explicitly set the ``host`` to '127.0.0.1' as well. - -Step 5: Check usage of doctype() HTML helper -============================================ - -The :doc:`HTML Helper <../helpers/html_helper>` function -:php:func:`doctype()` used to default to 'xhtml1-strict' (XHTML 1.0 Strict) -when no document type was specified. That default value is now changed to -'html5', which obviously stands for the modern HTML 5 standard. - -Nothing should be really broken by this change, but if your application -relies on the default value, you should double-check it and either -explicitly set the desired format, or adapt your front-end to use proper -HTML 5 formatting.
\ No newline at end of file +Thus, user inputs MUST be bound, as shown in :doc:`Running Queries <../database/queries>`, +under the "Query Bindings" section. diff --git a/user_guide_src/source/installation/upgrade_307.rst b/user_guide_src/source/installation/upgrade_311.rst index ee957aabf..a36e72323 100644 --- a/user_guide_src/source/installation/upgrade_307.rst +++ b/user_guide_src/source/installation/upgrade_311.rst @@ -1,5 +1,5 @@ ############################# -Upgrading from 3.0.6 to 3.0.7 +Upgrading from 3.1.0 to 3.1.1 ############################# Before performing an update you should take your site offline by diff --git a/user_guide_src/source/installation/upgrade_320.rst b/user_guide_src/source/installation/upgrade_320.rst new file mode 100644 index 000000000..942a8a3b5 --- /dev/null +++ b/user_guide_src/source/installation/upgrade_320.rst @@ -0,0 +1,112 @@ +############################# +Upgrading from 3.1.x to 3.2.x +############################# + +Before performing an update you should take your site offline by +replacing the index.php file with a static one. + +Step 1: Update your CodeIgniter files +===================================== + +Replace all files and directories in your *system/* directory. + +.. note:: If you have any custom developed files in these directories, + please make copies of them first. + +Step 2: Change database connection handling +=========================================== + +"Loading" a database, whether by using the *config/autoload.php* settings +or manually via calling ``$this->load->database()`` or the less-known +``DB()`` function, will now throw a ``RuntimeException`` in case of a +failure. + +In addition, being unable to set the configured character set is now also +considered a connection failure. + +.. note:: This has been the case for most database drivers in the in the + past as well (i.e. all but the 'mysql', 'mysqli' and 'postgre' + drivers). + +What this means is that if you're unable to connect to a database, or +have an erroneous character set configured, CodeIgniter will no longer +fail silently, but will throw an exception instead. + +You may choose to explicitly catch it (and for that purpose you can't use +*config/autoload.php* to load the :doc:`Database Class <../database/index>`) +:: + + try + { + $this->load->database(); + } + catch (RuntimeException $e) + { + // Handle the failure + } + +Or you may leave it to CodeIgniter's default exception handler, which would +log the error message and display an error screen if you're running in +development mode. + +Remove db_set_charset() calls +----------------------------- + +With the above-mentioned changes, the purpose of the ``db_set_charset()`` +method would now only be to change the connection character set at runtime. +That doesn't make sense and that's the reason why most database drivers +don't support it at all. +Thus, ``db_set_charset()`` is no longer necessary and is removed. + +Step 3: Check logic related to URI parsing of CLI requests +========================================================== + +When running a CodeIgniter application from the CLI, the +:doc:`URI Library <../libraries/uri>` will now ignore the +``$config['url_suffix']`` and ``$config['permitted_uri_chars']`` +configuration settings. + +These two options don't make sense under the command line (which is why +this change was made) and therefore you shouldn't be affected by this, but +if you've relied on them for some reason, you'd probably have to make some +changes to your code. + +Step 4: Check Cache Library configurations for Redis, Memcache(d) +================================================================= + +The new improvements for the 'redis' and 'memcached' drivers of the +:doc:`Cache Library <../libraries/caching>` may require some small +adjustments to your configuration values ... + +Redis +----- + +If you're using the 'redis' driver with a UNIX socket connection, you'll +have to move the socket path from ``$config['socket']`` to +``$config['host']`` instead. + +The ``$config['socket_type']`` option is also removed, although that won't +affect your application - it will be ignored and the connection type will +be determined by the format used for ``$config['host']`` instead. + +Memcache(d) +----------- + +The 'memcached' will now ignore configurations that don't specify a ``host`` +value (previously, it just set the host to the default '127.0.0.1'). + +Therefore, if you've added a configuration that only sets e.g. a ``port``, +you will now have to explicitly set the ``host`` to '127.0.0.1' as well. + +Step 5: Check usage of doctype() HTML helper +============================================ + +The :doc:`HTML Helper <../helpers/html_helper>` function +:php:func:`doctype()` used to default to 'xhtml1-strict' (XHTML 1.0 Strict) +when no document type was specified. That default value is now changed to +'html5', which obviously stands for the modern HTML 5 standard. + +Nothing should be really broken by this change, but if your application +relies on the default value, you should double-check it and either +explicitly set the desired format, or adapt your front-end to use proper +HTML 5 formatting. diff --git a/user_guide_src/source/installation/upgrading.rst b/user_guide_src/source/installation/upgrading.rst index f42db7be5..01812169b 100644 --- a/user_guide_src/source/installation/upgrading.rst +++ b/user_guide_src/source/installation/upgrading.rst @@ -8,8 +8,9 @@ upgrading from. .. toctree:: :titlesonly: - Upgrading from 3.0.x to 3.1.x <upgrade_310> - Upgrading from 3.0.6 to 3.0.7 <upgrade_307> + Upgrading from 3.1.x to 3.2.x <upgrade_320> + Upgrading from 3.1.0 to 3.1.1 <upgrade_311> + Upgrading from 3.0.6 to 3.1.0 <upgrade_310> Upgrading from 3.0.5 to 3.0.6 <upgrade_306> Upgrading from 3.0.4 to 3.0.5 <upgrade_305> Upgrading from 3.0.3 to 3.0.4 <upgrade_304> |