diff options
Diffstat (limited to 'user_guide_src')
-rw-r--r-- | user_guide_src/source/changelog.rst | 16 | ||||
-rw-r--r-- | user_guide_src/source/database/db_driver_reference.rst | 2 | ||||
-rw-r--r-- | user_guide_src/source/installation/upgrade_150.rst | 4 | ||||
-rw-r--r-- | user_guide_src/source/installation/upgrade_3112.rst | 6 | ||||
-rw-r--r-- | user_guide_src/source/libraries/input.rst | 21 | ||||
-rw-r--r-- | user_guide_src/source/libraries/sessions.rst | 2 |
6 files changed, 38 insertions, 13 deletions
diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index 87fd6b9a8..b4278b1cd 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -37,7 +37,7 @@ Release Date: Not Released - Removed previously deprecated *Cart Library*. - Removed previously deprecated *Javascript Library* (it was always experimental in the first place). - - Added UNIX socket connection support to :doc:`Session Library <libraries/sessions>` 'redis' driver. + - Added TLS and UNIX socket connection support to :doc:`Session Library <libraries/sessions>` 'redis' driver. - Updated :doc:`ZIP Library <libraries/zip>` method ``read_dir()`` to include hidden (dot-prefixed) files. - :doc:`Cache Library <libraries/caching>` changes include: @@ -127,6 +127,7 @@ Release Date: Not Released - :doc:`CAPTCHA Helper <helpers/captcha_helper>` changes include: - Added 'img_alt' option with a default value of 'captcha'. + - Added 'img_class' option. - Added ability to generate ``data:image/png;base64`` URIs instead of writing image files to disk. - Updated to always create PNG images instead of JPEG. @@ -140,6 +141,14 @@ Release Date: Not Released - Improved logging of error conditions in :doc:`CAPTCHA Helper <helpers/captcha_helper>` function :php:func:`create_captcha()`. - Added ``AUTO_INCREMENT`` support for Oracle 12.1+ to :doc:`Database Forge <database/forge>`. - Added ``FULL [OUTER] JOIN`` support to :doc:`Query Builder <database/query_builder>`. + - Added support for detecting WebP image type to :doc:`File Uploading Library <libraries/file_uploading>`. + - Added method :doc:`Database Library <database/index>` method ``trans_active()`` to expose transaction state. + - Updated :doc:`Database Library <database/index>` 'pdo' driver to attempt to free resources in order to allow connections to be closed. + - Added ``SameSite=Strict`` attribute to the CSRF cookie sent by the :doc:`Security Class <libraries/security>`. + - Added ``$config['cookie_samesite']`` option and ``$samesite`` parameter to :doc:`Input Library <libraries/input>` method ``set_cookie()``. + - Added ``SameSite`` support through ``$config['sess_samesite']`` option to the :doc:`Session Library <libraries/sessions>`. + - Added a wrapper class around :doc:`Session <libraries/sessions>` drivers to deal with compatibility between PHP 8.1 and older versions. + - Updated a lot of code for PHP 8.0 and 8.1 compatibility. Bug fixes for 3.1.12 ==================== @@ -149,6 +158,11 @@ Bug fixes for 3.1.12 - Fixed a bug (#5857) - :doc:`Session <libraries/sessions>` data could be corrupted after a concurrent request write with the 'files' driver due to a filesize cache being incorrect. - Fixed a bug (#5861) - :doc:`Cache Library <libraries/caching>` 'redis' driver would always use phpRedis 5 ``del()`` due to an incorrect version check. - Fixed a bug (#5879) - :doc:`Profiler Library <general/profiling>` triggered an ``E_DEPRECATED`` warning on PHP 7.4+. +- Fixed a bug (#5901) - :doc:`Database Library <database/index>` methods ``list_fields()`` and ``field_data()`` ignored the configured table schema on PostgreSQL. +- Fixed a bug (#5906) - :doc:`Database Library <database/index>` 'postgre' driver couldn't use the failover feature without a ``$config['dsn']``. +- Fixed a bug (#5903) - :doc:`common function <general/common_functions>` :php:func:`set_status_header()` didn't recognize 'HTTP/2.0' as a valid ``$_SERVER['SERVER_PROTOCOL']``. +- Fixed a bug (#6013) - :doc:`Session <libraries/sessions>` flashdata didn't work on PHP 8. +- Fixed a bug (#6006) - ``is_callable()`` change in PHP 8 broke :doc:`Migrations <libraries/migration>`, a part of :doc:`XML-RPC <libraries/xmlrpc>` and an edge case in 404 detection logic. Version 3.1.11 ============== diff --git a/user_guide_src/source/database/db_driver_reference.rst b/user_guide_src/source/database/db_driver_reference.rst index ad53c2bfc..8a4f56784 100644 --- a/user_guide_src/source/database/db_driver_reference.rst +++ b/user_guide_src/source/database/db_driver_reference.rst @@ -156,7 +156,7 @@ This article is intended to be a reference for them. .. php:method:: trans_status() - :returns: TRUE if the transaction succeeded, FALSE if it failed + :returns: TRUE if the transaction succeeded, FALSE if it failed :rtype: bool Lets you retrieve the transaction status flag to diff --git a/user_guide_src/source/installation/upgrade_150.rst b/user_guide_src/source/installation/upgrade_150.rst index 50eb5eae5..527e4548d 100644 --- a/user_guide_src/source/installation/upgrade_150.rst +++ b/user_guide_src/source/installation/upgrade_150.rst @@ -49,8 +49,8 @@ Open your application/config/config.php file and ADD these new items:: | This item allows you to set the filename/classname prefix when extending | native libraries. For more information please see the user guide: | - | https://codeigniter.com/user_guide/general/core_classes.html - | https://codeigniter.com/user_guide/general/creating_libraries.html + | https://codeigniter.com/userguide3/general/core_classes.html + | https://codeigniter.com/userguide3/general/creating_libraries.html | */ $config['subclass_prefix'] = 'MY_'; diff --git a/user_guide_src/source/installation/upgrade_3112.rst b/user_guide_src/source/installation/upgrade_3112.rst index 1000010ab..93bcc43d3 100644 --- a/user_guide_src/source/installation/upgrade_3112.rst +++ b/user_guide_src/source/installation/upgrade_3112.rst @@ -18,3 +18,9 @@ Step 2: Replace config/user_agents.php This config file has received some updates. Please copy it to *application/config/user_agents.php*. + +Step 3: Replace config/mimes.php +================================ + +This config file has received some updates. Please copy it to +*application/config/mimes.php*. diff --git a/user_guide_src/source/libraries/input.rst b/user_guide_src/source/libraries/input.rst index 730b3a9b0..e0f3d8417 100644 --- a/user_guide_src/source/libraries/input.rst +++ b/user_guide_src/source/libraries/input.rst @@ -242,7 +242,7 @@ Class Reference This method is identical to ``get()``, ``post()`` and ``cookie()``, only it fetches the *php://input* stream data. - .. php:method:: set_cookie($name = ''[, $value = ''[, $expire = 0[, $domain = ''[, $path = '/'[, $prefix = ''[, $secure = NULL[, $httponly = NULL]]]]]]]) + .. php:method:: set_cookie($name = ''[, $value = ''[, $expire = 0[, $domain = ''[, $path = '/'[, $prefix = ''[, $secure = NULL[, $httponly = NULL[, $samesite = NULL]]]]]]]]) :param mixed $name: Cookie name or an array of parameters :param string $value: Cookie value @@ -252,6 +252,7 @@ Class Reference :param string $prefix: Cookie name prefix :param bool $secure: Whether to only transfer the cookie through HTTPS :param bool $httponly: Whether to only make the cookie accessible for HTTP requests (no JavaScript) + :param string $samesite: SameSite attribute ('Lax', 'Strict', 'None') :rtype: void @@ -265,13 +266,14 @@ Class Reference parameter:: $cookie = array( - 'name' => 'The Cookie Name', - 'value' => 'The Value', - 'expire' => 86500, - 'domain' => '.some-domain.com', - 'path' => '/', - 'prefix' => 'myprefix_', - 'secure' => TRUE + 'name' => 'The Cookie Name', + 'value' => 'The Value', + 'expire' => 86500, + 'domain' => '.some-domain.com', + 'path' => '/', + 'prefix' => 'myprefix_', + 'secure' => TRUE, + 'samesite' => 'Strict' ); $this->input->set_cookie($cookie); @@ -297,13 +299,14 @@ Class Reference The *httponly* and *secure* flags, when omitted, will default to your ``$config['cookie_httponly']`` and ``$config['cookie_secure']`` settings. + The *samesite* parameter can be ``'Lax'``, ``'Strict'`` or ``'None'``. If not set, the same-site cookie attribute will default to ``'Lax'``. **Discrete Parameters** If you prefer, you can set the cookie by passing data using individual parameters:: - $this->input->set_cookie($name, $value, $expire, $domain, $path, $prefix, $secure); + $this->input->set_cookie($name, $value, $expire, $domain, $path, $prefix, $secure, $samesite); .. php:method:: ip_address() diff --git a/user_guide_src/source/libraries/sessions.rst b/user_guide_src/source/libraries/sessions.rst index f2236c633..b87508aba 100644 --- a/user_guide_src/source/libraries/sessions.rst +++ b/user_guide_src/source/libraries/sessions.rst @@ -438,6 +438,8 @@ Preference Default Options ============================ =============== ======================================== ============================================================================================ **sess_driver** files files/database/redis/memcached/*custom* The session storage driver to use. **sess_cookie_name** ci_session [A-Za-z\_-] characters only The name used for the session cookie. +**sess_samesite** ci_session 'Lax', 'Strict' or 'None' SameSite attribute value for session cookies. + Defaults to ``session.cookie_samesite`` on PHP 7.3+ or 'Lax' if not present at all. **sess_expiration** 7200 (2 hours) Time in seconds (integer) The number of seconds you would like the session to last. If you would like a non-expiring session (until browser is closed) set the value to zero: 0 **sess_save_path** NULL None Specifies the storage location, depends on the driver being used. |