codeigniter 3.1.0 change log
Change Log
Version 3.1.0
Release Date: July 26, 2016
Security
Fixed an SQL injection in the ‘odbc’ database driver.
Updated set_realpath() Path Helpr function to filter-out php:// wrapper inputs.
Officially dropped any kind of support for PHP 5.2.x and anything under 5.3.7.
General Changes
Updated Image Manipulation Library to validate width and height configuration values.
Updated Encryption Library to always prefer random_bytes() when it is available.
Updated Session Library to log ‘debug’ messages when using fallbacks to session.save_path (php.ini) or ‘sess_use_database’, ‘sess_table_name’ settings.
Added a ‘LONGTEXT’ to ‘STRING’ alias to Database Forge for the ‘cubrid’, ‘pdo/cubrid’ drivers.
Added ‘TINYINT’, ‘MEDIUMINT’, ‘INT’ and ‘BIGINT’ aliases to ‘NUMBER’ to Database Forge for the ‘oci8’, ‘pdo/oci’ drivers.
password_hash() compatibility function changes:
Changed salt-generation logic to prefer random_bytes() when it is available.
Changed salt-generation logic to prefer direct access to /dev/urandom over openssl_random_pseudo_bytes().
Changed salt-generation logic to error if openssl_random_pseudo_bytes() sets its $crypto_strong flag to FALSE.
Bug fixes for 3.1.0
Fixed a bug where Image Manipulation Library didn’t escape image source paths passed to ImageMagick as shell arguments.
Fixed a bug (#861) - Database Forge method create_table() incorrectly accepts field width constraints for MSSQL/SQLSRV integer-type columns.
Fixed a bug (#4562) - Cache Library didn’t check if Memcached::quit() is available before calling it.
Fixed a bug (#4563) - Input Library method request_headers() ignores $xss_clean parameter value after first call.
Fixed a bug (#4605) - Config Library method site_url() stripped trailing slashes from relative URIs passed to it.
Fixed a bug (#4613) - Email Library failed to send multiple emails via SMTP due to “already authenticated” errors when keep-alive is enabled.
Fixed a bug (#4633) - Form Validation Library ignored multiple “callback” rules for empty, non-required fields.
Fixed a bug (#4637) - Database method error() returned FALSE with the ‘oci8’ driver if there was no error.
Fixed a bug (#4647) - Query Builder method count_all_results() doesn’t take into account GROUP BY clauses while deciding whether to do a subquery or not.
Fixed a bug where Session Library ‘redis’ driver didn’t properly detect if a connection is properly closed on PHP 5.x.
Fixed a bug (#4583) - Email Library didn’t properly handle inline attachments in HTML emails.
Fixed a bug where Database method db_select() didn’t clear metadata cached for the previously used database.
Fixed a bug (#4675) - File Helper function delete_files() treated symbolic links as regular directories.
Fixed a bug (#4674) - Database driver ‘dblib’ triggered E_WARNING messages while connecting.
Fixed a bug (#4678) - Database Forge tried to use unsupported IF NOT EXISTS clause when creating tables on Oracle.
Fixed a bug (#4691) - File Uploading Library method data() returns wrong ‘raw_name’ when the filename extension is also contained in the raw filename.
Fixed a bug (#4679) - Input Library method ip_address() errors with a matching $config['proxy_ips'] IPv6 address.
Fixed a bug (#4695) - User Agent Library didn’t load the config/user_agents.php file when there’s no User-Agent HTTP request header.
Fixed a bug (#4713) - Query Builder methods insert_batch(), update_batch() could return wrong affected rows count.
Fixed a bug (#4712) - Email Library doesn’t sent RSET to SMTP servers after a failure and while using keep-alive.
Fixed a bug (#4724) - Common function is_https() compared the X-Forwarded-Proto HTTP header case-sensitively.
Fixed a bug (#4725) - Common function remove_invisible_characters() searched case-sensitively for URL-encoded characters.
Version 3.1.0
Release Date: July 26, 2016
Security
Fixed an SQL injection in the ‘odbc’ database driver.
Updated set_realpath() Path Helpr function to filter-out php:// wrapper inputs.
Officially dropped any kind of support for PHP 5.2.x and anything under 5.3.7.
General Changes
Updated Image Manipulation Library to validate width and height configuration values.
Updated Encryption Library to always prefer random_bytes() when it is available.
Updated Session Library to log ‘debug’ messages when using fallbacks to session.save_path (php.ini) or ‘sess_use_database’, ‘sess_table_name’ settings.
Added a ‘LONGTEXT’ to ‘STRING’ alias to Database Forge for the ‘cubrid’, ‘pdo/cubrid’ drivers.
Added ‘TINYINT’, ‘MEDIUMINT’, ‘INT’ and ‘BIGINT’ aliases to ‘NUMBER’ to Database Forge for the ‘oci8’, ‘pdo/oci’ drivers.
password_hash() compatibility function changes:
Changed salt-generation logic to prefer random_bytes() when it is available.
Changed salt-generation logic to prefer direct access to /dev/urandom over openssl_random_pseudo_bytes().
Changed salt-generation logic to error if openssl_random_pseudo_bytes() sets its $crypto_strong flag to FALSE.
Bug fixes for 3.1.0
Fixed a bug where Image Manipulation Library didn’t escape image source paths passed to ImageMagick as shell arguments.
Fixed a bug (#861) - Database Forge method create_table() incorrectly accepts field width constraints for MSSQL/SQLSRV integer-type columns.
Fixed a bug (#4562) - Cache Library didn’t check if Memcached::quit() is available before calling it.
Fixed a bug (#4563) - Input Library method request_headers() ignores $xss_clean parameter value after first call.
Fixed a bug (#4605) - Config Library method site_url() stripped trailing slashes from relative URIs passed to it.
Fixed a bug (#4613) - Email Library failed to send multiple emails via SMTP due to “already authenticated” errors when keep-alive is enabled.
Fixed a bug (#4633) - Form Validation Library ignored multiple “callback” rules for empty, non-required fields.
Fixed a bug (#4637) - Database method error() returned FALSE with the ‘oci8’ driver if there was no error.
Fixed a bug (#4647) - Query Builder method count_all_results() doesn’t take into account GROUP BY clauses while deciding whether to do a subquery or not.
Fixed a bug where Session Library ‘redis’ driver didn’t properly detect if a connection is properly closed on PHP 5.x.
Fixed a bug (#4583) - Email Library didn’t properly handle inline attachments in HTML emails.
Fixed a bug where Database method db_select() didn’t clear metadata cached for the previously used database.
Fixed a bug (#4675) - File Helper function delete_files() treated symbolic links as regular directories.
Fixed a bug (#4674) - Database driver ‘dblib’ triggered E_WARNING messages while connecting.
Fixed a bug (#4678) - Database Forge tried to use unsupported IF NOT EXISTS clause when creating tables on Oracle.
Fixed a bug (#4691) - File Uploading Library method data() returns wrong ‘raw_name’ when the filename extension is also contained in the raw filename.
Fixed a bug (#4679) - Input Library method ip_address() errors with a matching $config['proxy_ips'] IPv6 address.
Fixed a bug (#4695) - User Agent Library didn’t load the config/user_agents.php file when there’s no User-Agent HTTP request header.
Fixed a bug (#4713) - Query Builder methods insert_batch(), update_batch() could return wrong affected rows count.
Fixed a bug (#4712) - Email Library doesn’t sent RSET to SMTP servers after a failure and while using keep-alive.
Fixed a bug (#4724) - Common function is_https() compared the X-Forwarded-Proto HTTP header case-sensitively.
Fixed a bug (#4725) - Common function remove_invisible_characters() searched case-sensitively for URL-encoded characters.
Comments
Post a Comment