From 27f798b9d64025fecaaecbd80a8cba41d455940f Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 20 Jan 2014 18:19:13 +0200 Subject: Add support for optional table attributes to CI_DB_forge::create_table() Supersedes PRs #989, #2776 Related issue: #41 --- user_guide_src/source/changelog.rst | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'user_guide_src/source/changelog.rst') diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index c68258e1c..7dc358652 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -240,8 +240,9 @@ Release Date: Not Released - Added an optional second parameter to ``drop_table()`` that allows adding the **IF EXISTS** condition, which is no longer the default. - Added support for passing a custom database object to the loader. - - Deprecated ``add_column()``'s third method. *AFTER* clause should now be added to the field definition array instead. + - Added support for passing custom table attributes (such as ``ENGINE`` for MySQL) to ``create_table()``. - Added support for usage of the *FIRST* clause in ``add_column()`` for MySQL and CUBRID. + - Deprecated ``add_column()``'s third method. *AFTER* clause should now be added to the field definition array instead. - Overall improved support for all of the drivers. - :doc:`Database Utility ` changes include: -- cgit v1.2.3-24-g4f1b From ba8bf563095657b8b6104ecc3d3a990f3e6ceb75 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 21 Jan 2014 19:04:18 +0200 Subject: SQLSRV improvements Mainly for performance (issue #2474), but also added a 'scrollable' configuration flag and auto-detection for SQLSRV_CURSOR_CLIENT_BUFFERED (only available since SQLSRV 3). --- user_guide_src/source/changelog.rst | 3 +++ 1 file changed, 3 insertions(+) (limited to 'user_guide_src/source/changelog.rst') diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index c68258e1c..5c01d64af 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -222,6 +222,9 @@ Release Date: Not Released - Added port handling support for UNIX-based systems (MSSQL driver). - Added *OFFSET* support for SQL Server 2005 and above. - Added ``db_set_charset()`` support (MSSQL driver). + - Added a *scrollable* property to enable configuration of the cursor to use (SQLSRV driver). + - Added support and auto-detection for the ``SQLSRV_CURSOR_CLIENT_BUFFERED`` scrollable cursor flag (SQLSRV driver). + - Changed default behavior to not use ``SQLSRV_CURSOR_STATIC`` due to performance issues (SQLSRV driver). - Improved support of the Oracle (OCI8) driver, including: -- cgit v1.2.3-24-g4f1b From c67c3fbb8e16b1ffb79c72bb91db04fcb005b2b1 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 22 Jan 2014 13:26:00 +0200 Subject: CI_Security::_decode_entity() to replace dangerous HTML5 entities Related to issue #2771 --- user_guide_src/source/changelog.rst | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'user_guide_src/source/changelog.rst') diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index ae2900761..513050159 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -685,7 +685,8 @@ Bug fixes for 3.0 - Fixed a bug where :doc:`User Agent Library ` methods ``accept_charset()`` and ``accept_lang()`` didn't properly parse HTTP headers that contain spaces. - Fixed a bug where *default_controller* was called instad of triggering a 404 error if the current route is in a controller directory. - Fixed a bug (#2737) - :doc:`XML-RPC Library ` used objects as array keys, which triggered E_NOTICE messages. -- Fixed a bug (#2729) - ``CI_Securty::_validate_entities()`` used overly-intrusive ``preg_replace()`` patterns that produced false-positives. +- Fixed a bug (#2729) - ``CI_Security::_validate_entities()`` used overly-intrusive ``preg_replace()`` patterns that produced false-positives. +- Fixed a bug (#2771) - ``CI_Security::xss_clean()`` didn't take into account HTML5 entities. Version 2.1.4 ============= -- cgit v1.2.3-24-g4f1b From ecc260e0be0cdb55c4e4802b78ddd78b0d8b0ebc Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 24 Jan 2014 14:20:13 +0200 Subject: Righting a wrong in the Session library - Change userdata(), flashdata(), tempdata() to return all the respective data when no parameter is passed. - Revert the addition of all_flashdata(). - Deprecate all_userdata(). - Fix related changelog entries that were all inconsistent. --- user_guide_src/source/changelog.rst | 29 +++++++++++++---------------- 1 file changed, 13 insertions(+), 16 deletions(-) (limited to 'user_guide_src/source/changelog.rst') diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index 513050159..3124dea60 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -259,22 +259,18 @@ Release Date: Not Released - :doc:`Session Library ` changes include: - - Library changed to :doc:`Driver ` with classic Cookie driver as default. - - Added Native PHP Session driver to work with ``$_SESSION``. - - Custom drivers can be added anywhere in package paths and be loaded with the library. - - Drivers interchangeable on the fly. - - New **tempdata** feature allows setting user data items with an expiration time. - - Added default ``$config['sess_driver']`` and ``$config['sess_valid_drivers']`` items to *config.php* file. - - Cookie driver now respects php.ini's *session.gc_probability* and *session.gc_divisor* settings. - - Cookie driver now uses HMAC authentication instead of the simple md5 checksum. - - The Cookie driver now also checks authentication on encrypted session data. - - Changed the Cookie driver to select only one row when using database sessions. - - Cookie driver now only writes to database at end of request when using database. - - Cookie driver now uses PHP functions for faster array manipulation when using database. - - Added ``all_flashdata()`` method to session class. Returns an associative array of only flashdata. - - Added ``has_userdata()`` method to verify existence of userdata item. - - Added ``tempdata()``, ``set_tempdata()``, and ``unset_tempdata()`` methods for manipulating tempdata. - - ``keep_flashdata()`` now accepts an array of keys. + - Library changed to :doc:`Driver ` with classic 'cookie' driver as the default. + - Added a 'native' PHP Session driver to work with ``$_SESSION``. + - Added a new **tempdata** feature that allows setting userdata items with expiration time (``tempdata()``, ``set_tempdata()``, ``unset_tempdata()``). + - Added default ``$config['sess_driver']`` and ``$config['sess_valid_drivers']`` items to *application/config.php* file. + - Changed 'cookie' driver to respect php.ini's *session.gc_probability* and *session.gc_divisor* settings. + - Changed 'cookie' driver to use HMAC authentication instead of a simple md5 checksum. + - Changed 'cookie' driver to select only one row when using database sessions. + - Changed 'cookie' driver to write to only write to the database at end of page execution. + - Changed method ``keep_flashdata()`` to also accept an array of keys. + - Changed methods ``userdata()``, ``flashdata()`` to return an array of all userdata/flashdata when no parameter is passed. + - Deprecated method ``all_userdata()`` - it is now just an alias for ``userdata()`` with no parameters. + - Added method ``has_userdata()`` that verifies the existence of a userdata item. - Added *debug* level log messages for key events in the session validation process. - :doc:`File Uploading Library ` changes include: @@ -687,6 +683,7 @@ Bug fixes for 3.0 - Fixed a bug (#2737) - :doc:`XML-RPC Library ` used objects as array keys, which triggered E_NOTICE messages. - Fixed a bug (#2729) - ``CI_Security::_validate_entities()`` used overly-intrusive ``preg_replace()`` patterns that produced false-positives. - Fixed a bug (#2771) - ``CI_Security::xss_clean()`` didn't take into account HTML5 entities. +- Fixed a bug in the :doc:`Session Library ` 'cookie' driver where authentication was not performed for encrypted cookies. Version 2.1.4 ============= -- cgit v1.2.3-24-g4f1b