diff options
Diffstat (limited to 'user_guide_src')
-rw-r--r-- | user_guide_src/source/changelog.rst | 36 | ||||
-rw-r--r-- | user_guide_src/source/database/transactions.rst | 14 | ||||
-rw-r--r-- | user_guide_src/source/installation/downloads.rst | 6 | ||||
-rw-r--r-- | user_guide_src/source/installation/upgrade_312.rst | 40 | ||||
-rw-r--r-- | user_guide_src/source/installation/upgrade_313.rst | 14 | ||||
-rw-r--r-- | user_guide_src/source/installation/upgrading.rst | 4 | ||||
-rw-r--r-- | user_guide_src/source/libraries/sessions.rst | 4 |
7 files changed, 101 insertions, 17 deletions
diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index 518569097..618dd604a 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -43,19 +43,43 @@ Release Date: Not Released - Updated :doc:`HTML Helper <helpers/html_helper>` function :php:func:`meta()` with support for "charset" and "property" properties. - Changed :doc:`HTML Helper <helpers/html_helper>` function :php:func:`doctype()` default document type to HTML 5. -Bug fixes for 3.1.0 +Version 3.1.2 +============= + +Release Date: Oct 28, 2016 + +- **Security** + + - Fixed a number of new vulnerabilities in :doc:`Security Library <libraries/security>` method ``xss_clean()``. + +- General Changes + + - Allowed PHP 4-style constructors (``Mathching_name::Matching_name()`` methods) to be used as routes, if there's a ``__construct()`` to override them. + +Bug fixes for 3.1.2 ------------------- -- Fixed a bug (#4528) - :doc:`Cache Library <libraries/caching>` stored all scalar values as strings with the 'redis' driver. +- Fixed a regression (#4874) - :doc:`Session Library <libraries/sessions>` didn't take into account ``session.hash_bits_per_character`` when validating session IDs. +- Fixed a bug (#4871) - :doc:`Query Builder <database/query_builder>` method ``update_batch()`` didn't properly handle identifier escaping. +- Fixed a bug (#4884) - :doc:`Query Builder <database/query_builder>` didn't properly parse field names ending in 'is' when used inside WHERE and HAVING statements. +- Fixed a bug where ``CI_Log``, ``CI_Output``, ``CI_Email`` and ``CI_Zip`` didn't handle strings in a byte-safe manner when ``mbstring.func_override`` is enabled. Version 3.1.1 ============= -Release Date: Not Released +Release Date: Oct 22, 2016 + +- **Security** + + - Fixed a flaw in :doc:`Security Library <libraries/security>` method ``entity_decode()`` (used by ``xss_clean()``) that affects HTML 5 entities when using PHP 5.3. - General Changes - Added ``E_PARSE`` to the list of error levels detected by the shutdown handler. + - Updated :doc:`Inflector Helper <helpers/inflector_helper>` :php:func:`is_countable()` with more words. + - Updated :doc:`common function <general/common_functions>` :php:func:`set_status_header()` with new status codes from IETF RFCs + `2817 <https://tools.ietf.org/html/rfc2817>`_ (426) + and `6585 <https://tools.ietf.org/html/rfc6585>`_ (428, 429, 431, 511). Bug fixes for 3.1.1 ------------------- @@ -65,7 +89,7 @@ Bug fixes for 3.1.1 - Fixed a bug (#4737) - :doc:`Query Builder <database/query_builder>` didn't add an ``OFFSET`` when ``LIMIT`` is zero or unused. - Fixed a regression (#4739) - :doc:`Email Library <libraries/email>` doesn't properly separate attachment bodies from headers. - Fixed a bug (#4754) - :doc:`Unit Testing Library <libraries/unit_testing>` method ``result()`` didn't translate ``res_datatype``. -- Fixed a bug (#4759) - :doc:`Form Validation <libraries/form_validation>`, :doc:`Trackback <libraries/trackback>` and `XML-RPC <libraries/xmlrpc>` libraries treated URI schemes in a case-sensitive manner. +- Fixed a bug (#4759) - :doc:`Form Validation <libraries/form_validation>`, :doc:`Trackback <libraries/trackback>` and :doc:`XML-RPC <libraries/xmlrpc>` libraries treated URI schemes in a case-sensitive manner. - Fixed a bug (#4762) - :doc:`Cache Library <libraries/caching>` 'file' driver method ``get_metadata()`` checked TTL time against ``mtime`` instead of the cache item's creation time. - Fixed a bug where :doc:`File Uploading Library <libraries/file_uploading>` generated error messages on PHP 7.1. - Fixed a bug (#4780) - :doc:`compatibility function <general/compatibility_functions>` ``hex2bin()`` didn't reject inputs of type "resource". @@ -79,6 +103,8 @@ Bug fixes for 3.1.1 - Fixed a bug (#4851) - :doc:`Database Forge <database/forge>` didn't quote schema names passed to its ``create_database()`` method. - Fixed a bug (#4863) - :doc:`HTML Table Library <libraries/table>` method ``set_caption()`` was missing method chaining support. - Fixed a bug (#4843) - :doc:`XML-RPC Library <libraries/xmlrpc>` client class didn't set a read/write socket timeout. +- Fixed a bug (#4865) - uncaught exceptions didn't set the HTTP Response status code to 500 unless ``display_errors`` was turned On. +- Fixed a bug (#4830) - :doc:`Session Library <libraries/sessions>` didn't take into account the new session INI settings in PHP 7.1. Version 3.1.0 ============= @@ -88,7 +114,7 @@ Release Date: July 26, 2016 - **Security** - Fixed an SQL injection in the 'odbc' database driver. - - Updated :php:func:`set_realpath()` :doc:`Path Helpr <helpers/path_helper>` function to filter-out ``php://`` wrapper inputs. + - Updated :php:func:`set_realpath()` :doc:`Path Helper <helpers/path_helper>` function to filter-out ``php://`` wrapper inputs. - Officially dropped any kind of support for PHP 5.2.x and anything under 5.3.7. - General Changes diff --git a/user_guide_src/source/database/transactions.rst b/user_guide_src/source/database/transactions.rst index 2e6d4b477..e25b8ed14 100644 --- a/user_guide_src/source/database/transactions.rst +++ b/user_guide_src/source/database/transactions.rst @@ -75,12 +75,11 @@ debugging is turned off, you can manage your own errors like this:: // generate an error... or use the log_message() function to log your error } -Enabling Transactions -===================== +Disabling Transactions +====================== -Transactions are enabled automatically the moment you use -$this->db->trans_start(). If you would like to disable transactions you -can do so using $this->db->trans_off():: +If you would like to disable transactions you can do so using +``$this->db->trans_off()``:: $this->db->trans_off(); @@ -88,8 +87,9 @@ can do so using $this->db->trans_off():: $this->db->query('AN SQL QUERY...'); $this->db->trans_complete(); -When transactions are disabled, your queries will be auto-commited, just -as they are when running queries without transactions. +When transactions are disabled, your queries will be auto-commited, just as +they are when running queries without transactions, practically ignoring +any calls to ``trans_start()``, ``trans_complete()``, etc. Test Mode ========= diff --git a/user_guide_src/source/installation/downloads.rst b/user_guide_src/source/installation/downloads.rst index 1e28a5bf0..ae58e796f 100644 --- a/user_guide_src/source/installation/downloads.rst +++ b/user_guide_src/source/installation/downloads.rst @@ -3,7 +3,9 @@ Downloading CodeIgniter ####################### - `CodeIgniter v3.2.0-dev (Current version) <https://codeload.github.com/bcit-ci/CodeIgniter/zip/develop>`_ -- `CodeIgniter v3.1.1-dev <https://codeload.github.com/bcit-ci/CodeIgniter/zip/3.1-stable>`_ +- `CodeIgniter v3.1.3-dev <https://codeload.github.com/bcit-ci/CodeIgniter/zip/3.1-stable>`_ +- `CodeIgniter v3.1.2 <https://codeload.github.com/bcit-ci/CodeIgniter/zip/3.1.2>`_ +- `CodeIgniter v3.1.1 <https://codeload.github.com/bcit-ci/CodeIgniter/zip/3.1.1>`_ - `CodeIgniter v3.1.0 <https://codeload.github.com/bcit-ci/CodeIgniter/zip/3.1.0>`_ - `CodeIgniter v3.0.6 <https://codeload.github.com/bcit-ci/CodeIgniter/zip/3.0.6>`_ - `CodeIgniter v3.0.5 <https://codeload.github.com/bcit-ci/CodeIgniter/zip/3.0.5>`_ @@ -33,4 +35,4 @@ Please note that while every effort is made to keep this code base functional, we cannot guarantee the functionality of code taken from the develop branch. -Beginning with version 2.0.3, stable versions are also available via `GitHub Releases <https://github.com/bcit-ci/CodeIgniter/releases>`_.
\ No newline at end of file +Beginning with version 2.0.3, stable versions are also available via `GitHub Releases <https://github.com/bcit-ci/CodeIgniter/releases>`_. diff --git a/user_guide_src/source/installation/upgrade_312.rst b/user_guide_src/source/installation/upgrade_312.rst new file mode 100644 index 000000000..e0b2191dd --- /dev/null +++ b/user_guide_src/source/installation/upgrade_312.rst @@ -0,0 +1,40 @@ +############################# +Upgrading from 3.1.1 to 3.1.2 +############################# + +Before performing an update you should take your site offline by +replacing the index.php file with a static one. + +Step 1: Update your CodeIgniter files +===================================== + +Replace all files and directories in your *system/* directory. + +.. note:: If you have any custom developed files in these directories, + please make copies of them first. + +Step 2: Update your "ci_sessions" database table +================================================ + +If you're using the :doc:`Session Library </libraries/sessions>` with the +'database' driver, you may have to ``ALTER`` your sessions table for your +sessions to continue to work. + +.. note:: The table in question is not necessarily named "ci_sessions". + It is what you've set as your ``$config['sess_save_path']``. + +This will only affect you if you've changed your ``session.hash_function`` +*php.ini* setting to something like 'sha512'. Or if you've been running +an older CodeIgniter version on PHP 7.1+. + +It is recommended that you do this anyway, just to avoid potential issues +in the future if you do change your configuration. + +Just execute the one of the following SQL queries, depending on your +database:: + + // MySQL: + ALTER TABLE ci_sessions CHANGE id id varchar(128) NOT NULL; + + // PostgreSQL + ALTER TABLE ci_sessions ALTER COLUMN id SET DATA TYPE varchar(128); diff --git a/user_guide_src/source/installation/upgrade_313.rst b/user_guide_src/source/installation/upgrade_313.rst new file mode 100644 index 000000000..71afc6f6a --- /dev/null +++ b/user_guide_src/source/installation/upgrade_313.rst @@ -0,0 +1,14 @@ +############################# +Upgrading from 3.1.2 to 3.1.3 +############################# + +Before performing an update you should take your site offline by +replacing the index.php file with a static one. + +Step 1: Update your CodeIgniter files +===================================== + +Replace all files and directories in your *system/* directory. + +.. note:: If you have any custom developed files in these directories, + please make copies of them first. diff --git a/user_guide_src/source/installation/upgrading.rst b/user_guide_src/source/installation/upgrading.rst index 01812169b..14127d42e 100644 --- a/user_guide_src/source/installation/upgrading.rst +++ b/user_guide_src/source/installation/upgrading.rst @@ -8,7 +8,9 @@ upgrading from. .. toctree:: :titlesonly: - Upgrading from 3.1.x to 3.2.x <upgrade_320> + Upgrading from 3.1.2+ to 3.2.x <upgrade_320> + Upgrading from 3.1.2 to 3.1.3 <upgrade_313> + Upgrading from 3.1.1 to 3.1.2 <upgrade_312> Upgrading from 3.1.0 to 3.1.1 <upgrade_311> Upgrading from 3.0.6 to 3.1.0 <upgrade_310> Upgrading from 3.0.5 to 3.0.6 <upgrade_306> diff --git a/user_guide_src/source/libraries/sessions.rst b/user_guide_src/source/libraries/sessions.rst index 082828c4e..a95cd5a19 100644 --- a/user_guide_src/source/libraries/sessions.rst +++ b/user_guide_src/source/libraries/sessions.rst @@ -594,7 +594,7 @@ And then of course, create the database table ... For MySQL:: CREATE TABLE IF NOT EXISTS `ci_sessions` ( - `id` varchar(40) NOT NULL, + `id` varchar(128) NOT NULL, `ip_address` varchar(45) NOT NULL, `timestamp` int(10) unsigned DEFAULT 0 NOT NULL, `data` blob NOT NULL, @@ -604,7 +604,7 @@ For MySQL:: For PostgreSQL:: CREATE TABLE "ci_sessions" ( - "id" varchar(40) NOT NULL, + "id" varchar(128) NOT NULL, "ip_address" varchar(45) NOT NULL, "timestamp" bigint DEFAULT 0 NOT NULL, "data" text DEFAULT '' NOT NULL |