diff options
Diffstat (limited to 'user_guide_src')
-rw-r--r-- | user_guide_src/source/changelog.rst | 24 | ||||
-rw-r--r-- | user_guide_src/source/libraries/encrypt.rst | 9 |
2 files changed, 23 insertions, 10 deletions
diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index db8f7d277..40c24a696 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -347,6 +347,7 @@ Release Date: Not Released - Added rule **alpha_numeric_spaces**. - Added support for custom error messages per field rule. - Added support for callable rules when they are passed as an array. + - Added support for non-ASCII domains in **valid_email** rule, depending on the Intl extension. - :doc:`Caching Library <libraries/caching>` changes include: @@ -375,6 +376,7 @@ Release Date: Not Released - Added an optional parameter to ``print_debugger()`` to allow specifying which parts of the message should be printed ('headers', 'subject', 'body'). - Added SMTP keepalive option to avoid opening the connection for each ``send()`` call. Accessible as ``$smtp_keepalive``. - Public method ``set_header()`` now filters the input by removing all "\\r" and "\\n" characters. + - Added support for non-ASCII domains in ``valid_email()``, depending on the Intl extension. - :doc:`Pagination Library <libraries/pagination>` changes include: @@ -551,7 +553,6 @@ Bug fixes for 3.0 - Fixed a bug (#795) - :doc:`Form Helper <helpers/form_helper>` :func:`form_open()` didn't add the default form *method* and *accept-charset* when an empty array is passed to it. - Fixed a bug (#797) - :doc:`Date Helper <helpers/date_helper>` :func:`timespan()` was using incorrect seconds for year and month. - Fixed a bug in :doc:`Cart Library <libraries/cart>` method ``contents()`` where if called without a TRUE (or equal) parameter, it would fail due to a typo. -- Fixed a bug (#696) - make ``oci_execute()`` calls inside ``num_rows()`` non-committing, since they are only there to reset which row is next in line for oci_fetch calls and thus don't need to be committed. - Fixed a bug (#406) - SQLSRV DB driver not returning resource on ``db_pconnect()``. - Fixed a bug in :doc:`Image Manipulation Library <libraries/image_lib>` method ``gd_loaded()`` where it was possible for the script execution to end or a PHP E_WARNING message to be emitted. - Fixed a bug in the :doc:`Pagination library <libraries/pagination>` where when use_page_numbers=TRUE previous link and page 1 link did not have the same url. @@ -703,7 +704,6 @@ Bug fixes for 3.0 - Fixed a bug (#2551) - :doc:`Loader Library <libraries/loader>` method ``library()`` didn't properly check if a class that is being loaded already exists. - Fixed a bug (#2560) - :doc:`Form Helper <helpers/form_helper>` function :func:`form_open()` set the 'method="post"' attribute only if the passed attributes equaled an empty string. - Fixed a bug (#2585) - :doc:`Query Builder <database/query_builder>` methods ``min()``, ``max()``, ``avg()``, ``sum()`` didn't escape field names. -- Fixed an edge case (#2583) in the :doc:`Email Library <libraries/email>` where `Suhosin <http://www.hardened-php.net/suhosin/>` blocked messages sent via ``mail()`` due to trailing newspaces in headers. - Fixed a bug (#2590) - :doc:`Common function <general/common_functions>` :func:`log_message()` didn't actually cache the ``CI_Log`` class instance. - Fixed a bug (#2609) - :doc:`Common function <general/common_functions>` :func:`get_config()` optional argument was only effective on first function call. Also, it can now add items, in addition to updating existing items. - Fixed a bug in the 'postgre' :doc:`database <database/index>` driver where the connection ID wasn't passed to ``pg_escape_string()``. @@ -728,7 +728,6 @@ Bug fixes for 3.0 - Fixed a bug (#2737) - :doc:`XML-RPC Library <libraries/xmlrpc>` used objects as array keys, which triggered E_NOTICE messages. - Fixed a bug (#2729) - :doc:`Security Library <libraries/security>` internal method ``_validate_entities()`` used overly-intrusive ``preg_replace()`` patterns that produced false-positives. - Fixed a bug (#2771) - :doc:`Security Library <libraries/security>` method ``xss_clean()`` didn't take into account HTML5 entities. -- Fixed a bug in the :doc:`Session Library <libraries/sessions>` 'cookie' driver where authentication was not performed for encrypted cookies. - Fixed a bug (#2856) - ODBC method ``affected_rows()`` passed an incorrect value to ``odbc_num_rows()``. - Fixed a bug (#43) :doc:`Image Manipulation Library <libraries/image_lib>` method ``text_watermark()`` didn't properly determine watermark placement. - Fixed a bug where :doc:`HTML Table Library <libraries/table>` ignored its *auto_heading* setting if headings were not already set. @@ -737,6 +736,25 @@ Bug fixes for 3.0 - Fixed a bug where ``CI_Xmlrpcs::parseRequest()`` could fail if ``$HTTP_RAW_POST_DATA`` is not populated. - Fixed a bug in :doc:`Zip Library <libraries/zip>` internal method ``_get_mod_time()`` where it was not parsing result returned by ``filemtime()``. +Version 2.2.0 +============= + +Release Date: June 2, 2014 + +- General Changes + + - Security: :doc:`Encrypt Library <libraries/encrypt>` method ``xor_encode()`` has been removed. The Encrypt Class now requires the Mcrypt extension to be installed. + - Security: The :doc:`Session Library <libraries/sessions>` now uses HMAC authentication instead of a simple MD5 checksum. + +Bug fixes for 2.2.0 +------------------- + +- Fixed an edge case (#2583) in the :doc:`Email Library <libraries/email>` where `Suhosin <http://www.hardened-php.net/suhosin/>` blocked messages sent via ``mail()`` due to trailing newspaces in headers. +- Fixed a bug (#696) - make ``oci_execute()`` calls inside ``num_rows()`` non-committing, since they are only there to reset which row is next in line for oci_fetch calls and thus don't need to be committed. +- Fixed a bug (#2689) - :doc:`Database Force <database/forge>` methods ``create_table()``, ``drop_table()`` and ``rename_table()`` produced broken SQL for tge 'sqlsrv' driver. +- Fixed a bug (#2427) - PDO :doc:`Database driver <database/index>` didn't properly check for query failures. +- Fixed a bug in the :doc:`Session Library <libraries/sessions>` where authentication was not performed for encrypted cookies. + Version 2.1.4 ============= diff --git a/user_guide_src/source/libraries/encrypt.rst b/user_guide_src/source/libraries/encrypt.rst index faff39975..6b65099a6 100644 --- a/user_guide_src/source/libraries/encrypt.rst +++ b/user_guide_src/source/libraries/encrypt.rst @@ -2,13 +2,8 @@ Encrypt Class ############# -The Encrypt Class provides two-way data encryption. It uses a scheme -that either compiles the message using a randomly hashed bitwise XOR -encoding scheme, or is encrypted using the Mcrypt library. If Mcrypt is -not available on your server the encoded message will still provide a -reasonable degree of security for encrypted sessions or other such -"light" purposes. If Mcrypt is available, you'll be provided with a high -degree of security appropriate for storage. +The Encrypt Class provides two-way data encryption. It encrypted using +the Mcrypt PHP extension, which is required for the Encrypt Class to run. .. important:: This library has been DEPRECATED and is only kept for backwards compatibility. Please use the new :doc:`Encryption Library |