summaryrefslogtreecommitdiffstats
path: root/user_guide_src
diff options
context:
space:
mode:
Diffstat (limited to 'user_guide_src')
-rw-r--r--user_guide_src/source/changelog.rst36
-rw-r--r--user_guide_src/source/database/transactions.rst14
-rw-r--r--user_guide_src/source/installation/downloads.rst6
-rw-r--r--user_guide_src/source/installation/upgrade_312.rst40
-rw-r--r--user_guide_src/source/installation/upgrade_313.rst14
-rw-r--r--user_guide_src/source/installation/upgrading.rst4
-rw-r--r--user_guide_src/source/libraries/sessions.rst4
7 files changed, 101 insertions, 17 deletions
diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst
index 518569097..618dd604a 100644
--- a/user_guide_src/source/changelog.rst
+++ b/user_guide_src/source/changelog.rst
@@ -43,19 +43,43 @@ Release Date: Not Released
- Updated :doc:`HTML Helper <helpers/html_helper>` function :php:func:`meta()` with support for "charset" and "property" properties.
- Changed :doc:`HTML Helper <helpers/html_helper>` function :php:func:`doctype()` default document type to HTML 5.
-Bug fixes for 3.1.0
+Version 3.1.2
+=============
+
+Release Date: Oct 28, 2016
+
+- **Security**
+
+ - Fixed a number of new vulnerabilities in :doc:`Security Library <libraries/security>` method ``xss_clean()``.
+
+- General Changes
+
+ - Allowed PHP 4-style constructors (``Mathching_name::Matching_name()`` methods) to be used as routes, if there's a ``__construct()`` to override them.
+
+Bug fixes for 3.1.2
-------------------
-- Fixed a bug (#4528) - :doc:`Cache Library <libraries/caching>` stored all scalar values as strings with the 'redis' driver.
+- Fixed a regression (#4874) - :doc:`Session Library <libraries/sessions>` didn't take into account ``session.hash_bits_per_character`` when validating session IDs.
+- Fixed a bug (#4871) - :doc:`Query Builder <database/query_builder>` method ``update_batch()`` didn't properly handle identifier escaping.
+- Fixed a bug (#4884) - :doc:`Query Builder <database/query_builder>` didn't properly parse field names ending in 'is' when used inside WHERE and HAVING statements.
+- Fixed a bug where ``CI_Log``, ``CI_Output``, ``CI_Email`` and ``CI_Zip`` didn't handle strings in a byte-safe manner when ``mbstring.func_override`` is enabled.
Version 3.1.1
=============
-Release Date: Not Released
+Release Date: Oct 22, 2016
+
+- **Security**
+
+ - Fixed a flaw in :doc:`Security Library <libraries/security>` method ``entity_decode()`` (used by ``xss_clean()``) that affects HTML 5 entities when using PHP 5.3.
- General Changes
- Added ``E_PARSE`` to the list of error levels detected by the shutdown handler.
+ - Updated :doc:`Inflector Helper <helpers/inflector_helper>` :php:func:`is_countable()` with more words.
+ - Updated :doc:`common function <general/common_functions>` :php:func:`set_status_header()` with new status codes from IETF RFCs
+ `2817 <https://tools.ietf.org/html/rfc2817>`_ (426)
+ and `6585 <https://tools.ietf.org/html/rfc6585>`_ (428, 429, 431, 511).
Bug fixes for 3.1.1
-------------------
@@ -65,7 +89,7 @@ Bug fixes for 3.1.1
- Fixed a bug (#4737) - :doc:`Query Builder <database/query_builder>` didn't add an ``OFFSET`` when ``LIMIT`` is zero or unused.
- Fixed a regression (#4739) - :doc:`Email Library <libraries/email>` doesn't properly separate attachment bodies from headers.
- Fixed a bug (#4754) - :doc:`Unit Testing Library <libraries/unit_testing>` method ``result()`` didn't translate ``res_datatype``.
-- Fixed a bug (#4759) - :doc:`Form Validation <libraries/form_validation>`, :doc:`Trackback <libraries/trackback>` and `XML-RPC <libraries/xmlrpc>` libraries treated URI schemes in a case-sensitive manner.
+- Fixed a bug (#4759) - :doc:`Form Validation <libraries/form_validation>`, :doc:`Trackback <libraries/trackback>` and :doc:`XML-RPC <libraries/xmlrpc>` libraries treated URI schemes in a case-sensitive manner.
- Fixed a bug (#4762) - :doc:`Cache Library <libraries/caching>` 'file' driver method ``get_metadata()`` checked TTL time against ``mtime`` instead of the cache item's creation time.
- Fixed a bug where :doc:`File Uploading Library <libraries/file_uploading>` generated error messages on PHP 7.1.
- Fixed a bug (#4780) - :doc:`compatibility function <general/compatibility_functions>` ``hex2bin()`` didn't reject inputs of type "resource".
@@ -79,6 +103,8 @@ Bug fixes for 3.1.1
- Fixed a bug (#4851) - :doc:`Database Forge <database/forge>` didn't quote schema names passed to its ``create_database()`` method.
- Fixed a bug (#4863) - :doc:`HTML Table Library <libraries/table>` method ``set_caption()`` was missing method chaining support.
- Fixed a bug (#4843) - :doc:`XML-RPC Library <libraries/xmlrpc>` client class didn't set a read/write socket timeout.
+- Fixed a bug (#4865) - uncaught exceptions didn't set the HTTP Response status code to 500 unless ``display_errors`` was turned On.
+- Fixed a bug (#4830) - :doc:`Session Library <libraries/sessions>` didn't take into account the new session INI settings in PHP 7.1.
Version 3.1.0
=============
@@ -88,7 +114,7 @@ Release Date: July 26, 2016
- **Security**
- Fixed an SQL injection in the 'odbc' database driver.
- - Updated :php:func:`set_realpath()` :doc:`Path Helpr <helpers/path_helper>` function to filter-out ``php://`` wrapper inputs.
+ - Updated :php:func:`set_realpath()` :doc:`Path Helper <helpers/path_helper>` function to filter-out ``php://`` wrapper inputs.
- Officially dropped any kind of support for PHP 5.2.x and anything under 5.3.7.
- General Changes
diff --git a/user_guide_src/source/database/transactions.rst b/user_guide_src/source/database/transactions.rst
index 2e6d4b477..e25b8ed14 100644
--- a/user_guide_src/source/database/transactions.rst
+++ b/user_guide_src/source/database/transactions.rst
@@ -75,12 +75,11 @@ debugging is turned off, you can manage your own errors like this::
// generate an error... or use the log_message() function to log your error
}
-Enabling Transactions
-=====================
+Disabling Transactions
+======================
-Transactions are enabled automatically the moment you use
-$this->db->trans_start(). If you would like to disable transactions you
-can do so using $this->db->trans_off()::
+If you would like to disable transactions you can do so using
+``$this->db->trans_off()``::
$this->db->trans_off();
@@ -88,8 +87,9 @@ can do so using $this->db->trans_off()::
$this->db->query('AN SQL QUERY...');
$this->db->trans_complete();
-When transactions are disabled, your queries will be auto-commited, just
-as they are when running queries without transactions.
+When transactions are disabled, your queries will be auto-commited, just as
+they are when running queries without transactions, practically ignoring
+any calls to ``trans_start()``, ``trans_complete()``, etc.
Test Mode
=========
diff --git a/user_guide_src/source/installation/downloads.rst b/user_guide_src/source/installation/downloads.rst
index 1e28a5bf0..ae58e796f 100644
--- a/user_guide_src/source/installation/downloads.rst
+++ b/user_guide_src/source/installation/downloads.rst
@@ -3,7 +3,9 @@ Downloading CodeIgniter
#######################
- `CodeIgniter v3.2.0-dev (Current version) <https://codeload.github.com/bcit-ci/CodeIgniter/zip/develop>`_
-- `CodeIgniter v3.1.1-dev <https://codeload.github.com/bcit-ci/CodeIgniter/zip/3.1-stable>`_
+- `CodeIgniter v3.1.3-dev <https://codeload.github.com/bcit-ci/CodeIgniter/zip/3.1-stable>`_
+- `CodeIgniter v3.1.2 <https://codeload.github.com/bcit-ci/CodeIgniter/zip/3.1.2>`_
+- `CodeIgniter v3.1.1 <https://codeload.github.com/bcit-ci/CodeIgniter/zip/3.1.1>`_
- `CodeIgniter v3.1.0 <https://codeload.github.com/bcit-ci/CodeIgniter/zip/3.1.0>`_
- `CodeIgniter v3.0.6 <https://codeload.github.com/bcit-ci/CodeIgniter/zip/3.0.6>`_
- `CodeIgniter v3.0.5 <https://codeload.github.com/bcit-ci/CodeIgniter/zip/3.0.5>`_
@@ -33,4 +35,4 @@ Please note that while every effort is made to keep this code base
functional, we cannot guarantee the functionality of code taken from
the develop branch.
-Beginning with version 2.0.3, stable versions are also available via `GitHub Releases <https://github.com/bcit-ci/CodeIgniter/releases>`_. \ No newline at end of file
+Beginning with version 2.0.3, stable versions are also available via `GitHub Releases <https://github.com/bcit-ci/CodeIgniter/releases>`_.
diff --git a/user_guide_src/source/installation/upgrade_312.rst b/user_guide_src/source/installation/upgrade_312.rst
new file mode 100644
index 000000000..e0b2191dd
--- /dev/null
+++ b/user_guide_src/source/installation/upgrade_312.rst
@@ -0,0 +1,40 @@
+#############################
+Upgrading from 3.1.1 to 3.1.2
+#############################
+
+Before performing an update you should take your site offline by
+replacing the index.php file with a static one.
+
+Step 1: Update your CodeIgniter files
+=====================================
+
+Replace all files and directories in your *system/* directory.
+
+.. note:: If you have any custom developed files in these directories,
+ please make copies of them first.
+
+Step 2: Update your "ci_sessions" database table
+================================================
+
+If you're using the :doc:`Session Library </libraries/sessions>` with the
+'database' driver, you may have to ``ALTER`` your sessions table for your
+sessions to continue to work.
+
+.. note:: The table in question is not necessarily named "ci_sessions".
+ It is what you've set as your ``$config['sess_save_path']``.
+
+This will only affect you if you've changed your ``session.hash_function``
+*php.ini* setting to something like 'sha512'. Or if you've been running
+an older CodeIgniter version on PHP 7.1+.
+
+It is recommended that you do this anyway, just to avoid potential issues
+in the future if you do change your configuration.
+
+Just execute the one of the following SQL queries, depending on your
+database::
+
+ // MySQL:
+ ALTER TABLE ci_sessions CHANGE id id varchar(128) NOT NULL;
+
+ // PostgreSQL
+ ALTER TABLE ci_sessions ALTER COLUMN id SET DATA TYPE varchar(128);
diff --git a/user_guide_src/source/installation/upgrade_313.rst b/user_guide_src/source/installation/upgrade_313.rst
new file mode 100644
index 000000000..71afc6f6a
--- /dev/null
+++ b/user_guide_src/source/installation/upgrade_313.rst
@@ -0,0 +1,14 @@
+#############################
+Upgrading from 3.1.2 to 3.1.3
+#############################
+
+Before performing an update you should take your site offline by
+replacing the index.php file with a static one.
+
+Step 1: Update your CodeIgniter files
+=====================================
+
+Replace all files and directories in your *system/* directory.
+
+.. note:: If you have any custom developed files in these directories,
+ please make copies of them first.
diff --git a/user_guide_src/source/installation/upgrading.rst b/user_guide_src/source/installation/upgrading.rst
index 01812169b..14127d42e 100644
--- a/user_guide_src/source/installation/upgrading.rst
+++ b/user_guide_src/source/installation/upgrading.rst
@@ -8,7 +8,9 @@ upgrading from.
.. toctree::
:titlesonly:
- Upgrading from 3.1.x to 3.2.x <upgrade_320>
+ Upgrading from 3.1.2+ to 3.2.x <upgrade_320>
+ Upgrading from 3.1.2 to 3.1.3 <upgrade_313>
+ Upgrading from 3.1.1 to 3.1.2 <upgrade_312>
Upgrading from 3.1.0 to 3.1.1 <upgrade_311>
Upgrading from 3.0.6 to 3.1.0 <upgrade_310>
Upgrading from 3.0.5 to 3.0.6 <upgrade_306>
diff --git a/user_guide_src/source/libraries/sessions.rst b/user_guide_src/source/libraries/sessions.rst
index 082828c4e..a95cd5a19 100644
--- a/user_guide_src/source/libraries/sessions.rst
+++ b/user_guide_src/source/libraries/sessions.rst
@@ -594,7 +594,7 @@ And then of course, create the database table ...
For MySQL::
CREATE TABLE IF NOT EXISTS `ci_sessions` (
- `id` varchar(40) NOT NULL,
+ `id` varchar(128) NOT NULL,
`ip_address` varchar(45) NOT NULL,
`timestamp` int(10) unsigned DEFAULT 0 NOT NULL,
`data` blob NOT NULL,
@@ -604,7 +604,7 @@ For MySQL::
For PostgreSQL::
CREATE TABLE "ci_sessions" (
- "id" varchar(40) NOT NULL,
+ "id" varchar(128) NOT NULL,
"ip_address" varchar(45) NOT NULL,
"timestamp" bigint DEFAULT 0 NOT NULL,
"data" text DEFAULT '' NOT NULL