From 58f677f764aa9e632635ee4810c25b1d7eacd485 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 16 Jul 2013 11:01:37 +0300 Subject: 2.1.4 release related stuff --- system/libraries/Email.php | 2 +- user_guide_src/source/changelog.rst | 25 +++++++++++++++++----- user_guide_src/source/helpers/date_helper.rst | 2 +- user_guide_src/source/installation/upgrade_300.rst | 2 +- user_guide_src/source/installation/upgrading.rst | 3 ++- 5 files changed, 25 insertions(+), 9 deletions(-) diff --git a/system/libraries/Email.php b/system/libraries/Email.php index 11ee29041..46ffaa1d4 100644 --- a/system/libraries/Email.php +++ b/system/libraries/Email.php @@ -2140,7 +2140,7 @@ class CI_Email { if (in_array('headers', $include, TRUE)) { - $raw_data = $this->_header_str."\n"; + $raw_data = htmlspecialchars($this->_header_str)."\n"; } if (in_array('subject', $include, TRUE)) diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index 2adbca19d..97feb484a 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -380,7 +380,7 @@ Bug fixes for 3.0 - Fixed a bug (#413) - Oracle's error handling methods used to only return connection-related errors. - Fixed a bug (#1101) - MySQL/MySQLi result method field_data() was implemented as if it was handling a DESCRIBE result instead of the actual result set. - Fixed a bug in Oracle's :doc:`Database Forge Class ` method _create_table() where it failed with AUTO_INCREMENT as it's not supported. -- Fixed a bug (#1080) - When using the SMTP protocol, the :doc:`Email Library ` send() method was returning TRUE even if the connection/authentication against the server failed. +- Fixed a bug (#1080) - When using the SMTP protocol, the :doc:`Email Library ` ``send()`` method was returning TRUE even if the connection/authentication against the server failed. - Fixed a bug (#306) - ODBC's insert_id() method was calling non-existent function odbc_insert_id(), which resulted in a fatal error. - Fixed a bug in Oracle's DB_result class where the cursor id passed to it was always NULL. - Fixed a bug (#64) - Regular expression in DB_query_builder.php failed to handle queries containing SQL bracket delimiters in the join condition. @@ -405,14 +405,13 @@ Bug fixes for 3.0 - Fixed a bug (#128) - :doc:`Language Library ` did not correctly keep track of loaded language files. - Fixed a bug (#1242) - Added Windows path compatibility to function read_dir of ZIP library. - Fixed a bug (#1349) - get_extension() in the :doc:`File Uploading Library ` returned the original filename when it didn't have an actual extension. -- Fixed a bug (#1273) - E_NOTICE being generated by :doc:`Query Builder `'s set_update_batch() method. - Fixed a bug (#44, #110) - :doc:`Upload library `'s clean_file_name() method didn't clear '!' and '#' characters. - Fixed a bug (#121) - ``CI_DB_result::row()`` returned an array when there's no actual result to be returned. - Fixed a bug (#319) - SQLSRV's affected_rows() method failed due to a scrollable cursor being created for write-type queries. -- Fixed a bug (#356) - PostgreSQL driver didn't have an _update_batch() method, which resulted in fatal error being triggered when update_batch() is used with it. +- Fixed a bug (#356) - PostgreSQL driver didn't have an ``_update_batch()`` method, which resulted in fatal error being triggered when ``update_batch()`` is used with it. - Fixed a bug (#784, #862) - :doc:`Database Forge ` method ``create_table()`` failed on SQLSRV/MSSQL when used with 'IF NOT EXISTS'. - Fixed a bug (#1419) - libraries/Driver.php had a static variable that was causing an error. -- Fixed a bug (#1411) - the :doc:`Email library ` used its own short list of MIMEs instead the one from config/mimes.php. +- Fixed a bug (#1411) - the :doc:`Email Library ` used its own short list of MIMEs instead the one from config/mimes.php. - Fixed a bug where the magic_quotes_runtime setting wasn't turned off for PHP 5.3 (where it is indeed deprecated, but not non-existent). - Fixed a bug (#666) - :doc:`Output library `'s set_content_type() method didn't set the document charset. - Fixed a bug (#784, #861) - :doc:`Database Forge ` method ``create_table()`` used to accept constraints for MSSQL/SQLSRV integer-type columns. @@ -453,7 +452,7 @@ Bug fixes for 3.0 - Fixed a bug (#1745) - ``is_write_type()`` method in the :doc:`Database Library ` didn't return TRUE for LOAD queries. - Fixed a bug (#1765) - :doc:`Database Library ` didn't properly detect connection errors for MySQLi. - Fixed a bug (#1257) - :doc:`Query Builder ` used to (unnecessarily) group FROM clause contents, which breaks certain queries and is invalid for some databases. -- Fixed a bug (#1709) - :doc:`Email ` headers were broken when using long email subjects and \r\n as CRLF. +- Fixed a bug (#1709) - :doc:`Email Library ` headers were broken when using long email subjects and \r\n as CRLF. - Fixed a bug where ``MB_ENABLED`` was only declared if ``UTF8_ENABLED`` was set to TRUE. - Fixed a bug where the :doc:`Session Library ` accepted cookies with *last_activity* values being in the future. - Fixed a bug (#1897) - :doc:`Email Library ` triggered PHP E_WARNING errors when *mail* protocol used and ``to()`` is never called. @@ -502,6 +501,22 @@ Bug fixes for 3.0 - Fixed a bug (#2388) - :doc:`Email Library ` used to ignore attachment errors, resulting in broken emails being sent. - Fixed a bug (#2498) - :doc:`Form Validation Library ` rule **valid_base64** only checked characters instead of actual validity. +Version 2.1.4 +============= + +Release Date: July 8, 2013 + +- General Changes + - Improved security in ``xss_clean()``. + +Bug fixes for 2.1.4 +------------------- + +- Fixed a bug (#1936) - :doc:`Migration Library ` method ``latest()`` had a typo when retrieving language values. +- Fixed a bug (#2021) - :doc:`Migration Library ` configuration file was mistakenly using Windows style line feeds. +- Fixed a bug (#1273) - E_NOTICE being generated by :doc:`Query Builder `'s ``set_update_batch()`` method. +- Fixed a bug (#2337) - :doc:`Email Library ` method ``print_debugger()`` didn't apply ``htmlspecialchars()`` to headers. + Version 2.1.3 ============= diff --git a/user_guide_src/source/helpers/date_helper.rst b/user_guide_src/source/helpers/date_helper.rst index 0a1f7ac8f..5dfee8b48 100644 --- a/user_guide_src/source/helpers/date_helper.rst +++ b/user_guide_src/source/helpers/date_helper.rst @@ -454,4 +454,4 @@ UP12 (UTC +12:00) Fiji, Gilbert Islands, Kamchatka, New Zealand UP1275 (UTC +12:45) Chatham Islands Standard Time UP13 (UTC +13:00) Phoenix Islands Time, Tonga UP14 (UTC +14:00) Line Islands -=========== ===================================================================== +=========== ===================================================================== \ No newline at end of file diff --git a/user_guide_src/source/installation/upgrade_300.rst b/user_guide_src/source/installation/upgrade_300.rst index 926af312d..b396d9acb 100644 --- a/user_guide_src/source/installation/upgrade_300.rst +++ b/user_guide_src/source/installation/upgrade_300.rst @@ -1,5 +1,5 @@ ############################# -Upgrading from 2.1.3 to 3.0.0 +Upgrading from 2.1.4 to 3.0.0 ############################# .. note:: These upgrade notes are for a version that is yet to be released. diff --git a/user_guide_src/source/installation/upgrading.rst b/user_guide_src/source/installation/upgrading.rst index 4f276207c..230c3b113 100644 --- a/user_guide_src/source/installation/upgrading.rst +++ b/user_guide_src/source/installation/upgrading.rst @@ -5,7 +5,8 @@ Upgrading From a Previous Version Please read the upgrade notes corresponding to the version you are upgrading from. -- :doc:`Upgrading from 2.1.3 to 3.0.0 ` +- :doc:`Upgrading from 2.1.4 to 3.0.0 ` +- :doc:`Upgrading from 2.1.3 to 2.1.4 ` - :doc:`Upgrading from 2.1.2 to 2.1.3 ` - :doc:`Upgrading from 2.1.1 to 2.1.2 ` - :doc:`Upgrading from 2.1.0 to 2.1.1 ` -- cgit v1.2.3-24-g4f1b